1 /* 2 * libata-scsi.c - helper library for ATA 3 * 4 * Maintained by: Tejun Heo <tj@kernel.org> 5 * Please ALWAYS copy linux-ide@vger.kernel.org 6 * on emails. 7 * 8 * Copyright 2003-2004 Red Hat, Inc. All rights reserved. 9 * Copyright 2003-2004 Jeff Garzik 10 * 11 * 12 * This program is free software; you can redistribute it and/or modify 13 * it under the terms of the GNU General Public License as published by 14 * the Free Software Foundation; either version 2, or (at your option) 15 * any later version. 16 * 17 * This program is distributed in the hope that it will be useful, 18 * but WITHOUT ANY WARRANTY; without even the implied warranty of 19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20 * GNU General Public License for more details. 21 * 22 * You should have received a copy of the GNU General Public License 23 * along with this program; see the file COPYING. If not, write to 24 * the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. 25 * 26 * 27 * libata documentation is available via 'make {ps|pdf}docs', 28 * as Documentation/driver-api/libata.rst 29 * 30 * Hardware documentation available from 31 * - http://www.t10.org/ 32 * - http://www.t13.org/ 33 * 34 */ 35 36 #include <linux/slab.h> 37 #include <linux/kernel.h> 38 #include <linux/blkdev.h> 39 #include <linux/spinlock.h> 40 #include <linux/export.h> 41 #include <scsi/scsi.h> 42 #include <scsi/scsi_host.h> 43 #include <scsi/scsi_cmnd.h> 44 #include <scsi/scsi_eh.h> 45 #include <scsi/scsi_device.h> 46 #include <scsi/scsi_tcq.h> 47 #include <scsi/scsi_transport.h> 48 #include <linux/libata.h> 49 #include <linux/hdreg.h> 50 #include <linux/uaccess.h> 51 #include <linux/suspend.h> 52 #include <asm/unaligned.h> 53 #include <linux/ioprio.h> 54 55 #include "libata.h" 56 #include "libata-transport.h" 57 58 #define ATA_SCSI_RBUF_SIZE 4096 59 60 static DEFINE_SPINLOCK(ata_scsi_rbuf_lock); 61 static u8 ata_scsi_rbuf[ATA_SCSI_RBUF_SIZE]; 62 63 typedef unsigned int (*ata_xlat_func_t)(struct ata_queued_cmd *qc); 64 65 static struct ata_device *__ata_scsi_find_dev(struct ata_port *ap, 66 const struct scsi_device *scsidev); 67 static struct ata_device *ata_scsi_find_dev(struct ata_port *ap, 68 const struct scsi_device *scsidev); 69 70 #define RW_RECOVERY_MPAGE 0x1 71 #define RW_RECOVERY_MPAGE_LEN 12 72 #define CACHE_MPAGE 0x8 73 #define CACHE_MPAGE_LEN 20 74 #define CONTROL_MPAGE 0xa 75 #define CONTROL_MPAGE_LEN 12 76 #define ALL_MPAGES 0x3f 77 #define ALL_SUB_MPAGES 0xff 78 79 80 static const u8 def_rw_recovery_mpage[RW_RECOVERY_MPAGE_LEN] = { 81 RW_RECOVERY_MPAGE, 82 RW_RECOVERY_MPAGE_LEN - 2, 83 (1 << 7), /* AWRE */ 84 0, /* read retry count */ 85 0, 0, 0, 0, 86 0, /* write retry count */ 87 0, 0, 0 88 }; 89 90 static const u8 def_cache_mpage[CACHE_MPAGE_LEN] = { 91 CACHE_MPAGE, 92 CACHE_MPAGE_LEN - 2, 93 0, /* contains WCE, needs to be 0 for logic */ 94 0, 0, 0, 0, 0, 0, 0, 0, 0, 95 0, /* contains DRA, needs to be 0 for logic */ 96 0, 0, 0, 0, 0, 0, 0 97 }; 98 99 static const u8 def_control_mpage[CONTROL_MPAGE_LEN] = { 100 CONTROL_MPAGE, 101 CONTROL_MPAGE_LEN - 2, 102 2, /* DSENSE=0, GLTSD=1 */ 103 0, /* [QAM+QERR may be 1, see 05-359r1] */ 104 0, 0, 0, 0, 0xff, 0xff, 105 0, 30 /* extended self test time, see 05-359r1 */ 106 }; 107 108 static const char *ata_lpm_policy_names[] = { 109 [ATA_LPM_UNKNOWN] = "max_performance", 110 [ATA_LPM_MAX_POWER] = "max_performance", 111 [ATA_LPM_MED_POWER] = "medium_power", 112 [ATA_LPM_MIN_POWER] = "min_power", 113 }; 114 115 static ssize_t ata_scsi_lpm_store(struct device *device, 116 struct device_attribute *attr, 117 const char *buf, size_t count) 118 { 119 struct Scsi_Host *shost = class_to_shost(device); 120 struct ata_port *ap = ata_shost_to_port(shost); 121 struct ata_link *link; 122 struct ata_device *dev; 123 enum ata_lpm_policy policy; 124 unsigned long flags; 125 126 /* UNKNOWN is internal state, iterate from MAX_POWER */ 127 for (policy = ATA_LPM_MAX_POWER; 128 policy < ARRAY_SIZE(ata_lpm_policy_names); policy++) { 129 const char *name = ata_lpm_policy_names[policy]; 130 131 if (strncmp(name, buf, strlen(name)) == 0) 132 break; 133 } 134 if (policy == ARRAY_SIZE(ata_lpm_policy_names)) 135 return -EINVAL; 136 137 spin_lock_irqsave(ap->lock, flags); 138 139 ata_for_each_link(link, ap, EDGE) { 140 ata_for_each_dev(dev, &ap->link, ENABLED) { 141 if (dev->horkage & ATA_HORKAGE_NOLPM) { 142 count = -EOPNOTSUPP; 143 goto out_unlock; 144 } 145 } 146 } 147 148 ap->target_lpm_policy = policy; 149 ata_port_schedule_eh(ap); 150 out_unlock: 151 spin_unlock_irqrestore(ap->lock, flags); 152 return count; 153 } 154 155 static ssize_t ata_scsi_lpm_show(struct device *dev, 156 struct device_attribute *attr, char *buf) 157 { 158 struct Scsi_Host *shost = class_to_shost(dev); 159 struct ata_port *ap = ata_shost_to_port(shost); 160 161 if (ap->target_lpm_policy >= ARRAY_SIZE(ata_lpm_policy_names)) 162 return -EINVAL; 163 164 return snprintf(buf, PAGE_SIZE, "%s\n", 165 ata_lpm_policy_names[ap->target_lpm_policy]); 166 } 167 DEVICE_ATTR(link_power_management_policy, S_IRUGO | S_IWUSR, 168 ata_scsi_lpm_show, ata_scsi_lpm_store); 169 EXPORT_SYMBOL_GPL(dev_attr_link_power_management_policy); 170 171 static ssize_t ata_scsi_park_show(struct device *device, 172 struct device_attribute *attr, char *buf) 173 { 174 struct scsi_device *sdev = to_scsi_device(device); 175 struct ata_port *ap; 176 struct ata_link *link; 177 struct ata_device *dev; 178 unsigned long now; 179 unsigned int uninitialized_var(msecs); 180 int rc = 0; 181 182 ap = ata_shost_to_port(sdev->host); 183 184 spin_lock_irq(ap->lock); 185 dev = ata_scsi_find_dev(ap, sdev); 186 if (!dev) { 187 rc = -ENODEV; 188 goto unlock; 189 } 190 if (dev->flags & ATA_DFLAG_NO_UNLOAD) { 191 rc = -EOPNOTSUPP; 192 goto unlock; 193 } 194 195 link = dev->link; 196 now = jiffies; 197 if (ap->pflags & ATA_PFLAG_EH_IN_PROGRESS && 198 link->eh_context.unloaded_mask & (1 << dev->devno) && 199 time_after(dev->unpark_deadline, now)) 200 msecs = jiffies_to_msecs(dev->unpark_deadline - now); 201 else 202 msecs = 0; 203 204 unlock: 205 spin_unlock_irq(ap->lock); 206 207 return rc ? rc : snprintf(buf, 20, "%u\n", msecs); 208 } 209 210 static ssize_t ata_scsi_park_store(struct device *device, 211 struct device_attribute *attr, 212 const char *buf, size_t len) 213 { 214 struct scsi_device *sdev = to_scsi_device(device); 215 struct ata_port *ap; 216 struct ata_device *dev; 217 long int input; 218 unsigned long flags; 219 int rc; 220 221 rc = kstrtol(buf, 10, &input); 222 if (rc) 223 return rc; 224 if (input < -2) 225 return -EINVAL; 226 if (input > ATA_TMOUT_MAX_PARK) { 227 rc = -EOVERFLOW; 228 input = ATA_TMOUT_MAX_PARK; 229 } 230 231 ap = ata_shost_to_port(sdev->host); 232 233 spin_lock_irqsave(ap->lock, flags); 234 dev = ata_scsi_find_dev(ap, sdev); 235 if (unlikely(!dev)) { 236 rc = -ENODEV; 237 goto unlock; 238 } 239 if (dev->class != ATA_DEV_ATA && 240 dev->class != ATA_DEV_ZAC) { 241 rc = -EOPNOTSUPP; 242 goto unlock; 243 } 244 245 if (input >= 0) { 246 if (dev->flags & ATA_DFLAG_NO_UNLOAD) { 247 rc = -EOPNOTSUPP; 248 goto unlock; 249 } 250 251 dev->unpark_deadline = ata_deadline(jiffies, input); 252 dev->link->eh_info.dev_action[dev->devno] |= ATA_EH_PARK; 253 ata_port_schedule_eh(ap); 254 complete(&ap->park_req_pending); 255 } else { 256 switch (input) { 257 case -1: 258 dev->flags &= ~ATA_DFLAG_NO_UNLOAD; 259 break; 260 case -2: 261 dev->flags |= ATA_DFLAG_NO_UNLOAD; 262 break; 263 } 264 } 265 unlock: 266 spin_unlock_irqrestore(ap->lock, flags); 267 268 return rc ? rc : len; 269 } 270 DEVICE_ATTR(unload_heads, S_IRUGO | S_IWUSR, 271 ata_scsi_park_show, ata_scsi_park_store); 272 EXPORT_SYMBOL_GPL(dev_attr_unload_heads); 273 274 static ssize_t ata_ncq_prio_enable_show(struct device *device, 275 struct device_attribute *attr, 276 char *buf) 277 { 278 struct scsi_device *sdev = to_scsi_device(device); 279 struct ata_port *ap; 280 struct ata_device *dev; 281 bool ncq_prio_enable; 282 int rc = 0; 283 284 ap = ata_shost_to_port(sdev->host); 285 286 spin_lock_irq(ap->lock); 287 dev = ata_scsi_find_dev(ap, sdev); 288 if (!dev) { 289 rc = -ENODEV; 290 goto unlock; 291 } 292 293 ncq_prio_enable = dev->flags & ATA_DFLAG_NCQ_PRIO_ENABLE; 294 295 unlock: 296 spin_unlock_irq(ap->lock); 297 298 return rc ? rc : snprintf(buf, 20, "%u\n", ncq_prio_enable); 299 } 300 301 static ssize_t ata_ncq_prio_enable_store(struct device *device, 302 struct device_attribute *attr, 303 const char *buf, size_t len) 304 { 305 struct scsi_device *sdev = to_scsi_device(device); 306 struct ata_port *ap; 307 struct ata_device *dev; 308 long int input; 309 int rc; 310 311 rc = kstrtol(buf, 10, &input); 312 if (rc) 313 return rc; 314 if ((input < 0) || (input > 1)) 315 return -EINVAL; 316 317 ap = ata_shost_to_port(sdev->host); 318 dev = ata_scsi_find_dev(ap, sdev); 319 if (unlikely(!dev)) 320 return -ENODEV; 321 322 spin_lock_irq(ap->lock); 323 if (input) 324 dev->flags |= ATA_DFLAG_NCQ_PRIO_ENABLE; 325 else 326 dev->flags &= ~ATA_DFLAG_NCQ_PRIO_ENABLE; 327 328 dev->link->eh_info.action |= ATA_EH_REVALIDATE; 329 dev->link->eh_info.flags |= ATA_EHI_QUIET; 330 ata_port_schedule_eh(ap); 331 spin_unlock_irq(ap->lock); 332 333 ata_port_wait_eh(ap); 334 335 if (input) { 336 spin_lock_irq(ap->lock); 337 if (!(dev->flags & ATA_DFLAG_NCQ_PRIO)) { 338 dev->flags &= ~ATA_DFLAG_NCQ_PRIO_ENABLE; 339 rc = -EIO; 340 } 341 spin_unlock_irq(ap->lock); 342 } 343 344 return rc ? rc : len; 345 } 346 347 DEVICE_ATTR(ncq_prio_enable, S_IRUGO | S_IWUSR, 348 ata_ncq_prio_enable_show, ata_ncq_prio_enable_store); 349 EXPORT_SYMBOL_GPL(dev_attr_ncq_prio_enable); 350 351 void ata_scsi_set_sense(struct ata_device *dev, struct scsi_cmnd *cmd, 352 u8 sk, u8 asc, u8 ascq) 353 { 354 bool d_sense = (dev->flags & ATA_DFLAG_D_SENSE); 355 356 if (!cmd) 357 return; 358 359 cmd->result = (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION; 360 361 scsi_build_sense_buffer(d_sense, cmd->sense_buffer, sk, asc, ascq); 362 } 363 364 void ata_scsi_set_sense_information(struct ata_device *dev, 365 struct scsi_cmnd *cmd, 366 const struct ata_taskfile *tf) 367 { 368 u64 information; 369 370 if (!cmd) 371 return; 372 373 information = ata_tf_read_block(tf, dev); 374 if (information == U64_MAX) 375 return; 376 377 scsi_set_sense_information(cmd->sense_buffer, 378 SCSI_SENSE_BUFFERSIZE, information); 379 } 380 381 static void ata_scsi_set_invalid_field(struct ata_device *dev, 382 struct scsi_cmnd *cmd, u16 field, u8 bit) 383 { 384 ata_scsi_set_sense(dev, cmd, ILLEGAL_REQUEST, 0x24, 0x0); 385 /* "Invalid field in CDB" */ 386 scsi_set_sense_field_pointer(cmd->sense_buffer, SCSI_SENSE_BUFFERSIZE, 387 field, bit, 1); 388 } 389 390 static void ata_scsi_set_invalid_parameter(struct ata_device *dev, 391 struct scsi_cmnd *cmd, u16 field) 392 { 393 /* "Invalid field in parameter list" */ 394 ata_scsi_set_sense(dev, cmd, ILLEGAL_REQUEST, 0x26, 0x0); 395 scsi_set_sense_field_pointer(cmd->sense_buffer, SCSI_SENSE_BUFFERSIZE, 396 field, 0xff, 0); 397 } 398 399 static ssize_t 400 ata_scsi_em_message_store(struct device *dev, struct device_attribute *attr, 401 const char *buf, size_t count) 402 { 403 struct Scsi_Host *shost = class_to_shost(dev); 404 struct ata_port *ap = ata_shost_to_port(shost); 405 if (ap->ops->em_store && (ap->flags & ATA_FLAG_EM)) 406 return ap->ops->em_store(ap, buf, count); 407 return -EINVAL; 408 } 409 410 static ssize_t 411 ata_scsi_em_message_show(struct device *dev, struct device_attribute *attr, 412 char *buf) 413 { 414 struct Scsi_Host *shost = class_to_shost(dev); 415 struct ata_port *ap = ata_shost_to_port(shost); 416 417 if (ap->ops->em_show && (ap->flags & ATA_FLAG_EM)) 418 return ap->ops->em_show(ap, buf); 419 return -EINVAL; 420 } 421 DEVICE_ATTR(em_message, S_IRUGO | S_IWUSR, 422 ata_scsi_em_message_show, ata_scsi_em_message_store); 423 EXPORT_SYMBOL_GPL(dev_attr_em_message); 424 425 static ssize_t 426 ata_scsi_em_message_type_show(struct device *dev, struct device_attribute *attr, 427 char *buf) 428 { 429 struct Scsi_Host *shost = class_to_shost(dev); 430 struct ata_port *ap = ata_shost_to_port(shost); 431 432 return snprintf(buf, 23, "%d\n", ap->em_message_type); 433 } 434 DEVICE_ATTR(em_message_type, S_IRUGO, 435 ata_scsi_em_message_type_show, NULL); 436 EXPORT_SYMBOL_GPL(dev_attr_em_message_type); 437 438 static ssize_t 439 ata_scsi_activity_show(struct device *dev, struct device_attribute *attr, 440 char *buf) 441 { 442 struct scsi_device *sdev = to_scsi_device(dev); 443 struct ata_port *ap = ata_shost_to_port(sdev->host); 444 struct ata_device *atadev = ata_scsi_find_dev(ap, sdev); 445 446 if (atadev && ap->ops->sw_activity_show && 447 (ap->flags & ATA_FLAG_SW_ACTIVITY)) 448 return ap->ops->sw_activity_show(atadev, buf); 449 return -EINVAL; 450 } 451 452 static ssize_t 453 ata_scsi_activity_store(struct device *dev, struct device_attribute *attr, 454 const char *buf, size_t count) 455 { 456 struct scsi_device *sdev = to_scsi_device(dev); 457 struct ata_port *ap = ata_shost_to_port(sdev->host); 458 struct ata_device *atadev = ata_scsi_find_dev(ap, sdev); 459 enum sw_activity val; 460 int rc; 461 462 if (atadev && ap->ops->sw_activity_store && 463 (ap->flags & ATA_FLAG_SW_ACTIVITY)) { 464 val = simple_strtoul(buf, NULL, 0); 465 switch (val) { 466 case OFF: case BLINK_ON: case BLINK_OFF: 467 rc = ap->ops->sw_activity_store(atadev, val); 468 if (!rc) 469 return count; 470 else 471 return rc; 472 } 473 } 474 return -EINVAL; 475 } 476 DEVICE_ATTR(sw_activity, S_IWUSR | S_IRUGO, ata_scsi_activity_show, 477 ata_scsi_activity_store); 478 EXPORT_SYMBOL_GPL(dev_attr_sw_activity); 479 480 struct device_attribute *ata_common_sdev_attrs[] = { 481 &dev_attr_unload_heads, 482 &dev_attr_ncq_prio_enable, 483 NULL 484 }; 485 EXPORT_SYMBOL_GPL(ata_common_sdev_attrs); 486 487 /** 488 * ata_std_bios_param - generic bios head/sector/cylinder calculator used by sd. 489 * @sdev: SCSI device for which BIOS geometry is to be determined 490 * @bdev: block device associated with @sdev 491 * @capacity: capacity of SCSI device 492 * @geom: location to which geometry will be output 493 * 494 * Generic bios head/sector/cylinder calculator 495 * used by sd. Most BIOSes nowadays expect a XXX/255/16 (CHS) 496 * mapping. Some situations may arise where the disk is not 497 * bootable if this is not used. 498 * 499 * LOCKING: 500 * Defined by the SCSI layer. We don't really care. 501 * 502 * RETURNS: 503 * Zero. 504 */ 505 int ata_std_bios_param(struct scsi_device *sdev, struct block_device *bdev, 506 sector_t capacity, int geom[]) 507 { 508 geom[0] = 255; 509 geom[1] = 63; 510 sector_div(capacity, 255*63); 511 geom[2] = capacity; 512 513 return 0; 514 } 515 516 /** 517 * ata_scsi_unlock_native_capacity - unlock native capacity 518 * @sdev: SCSI device to adjust device capacity for 519 * 520 * This function is called if a partition on @sdev extends beyond 521 * the end of the device. It requests EH to unlock HPA. 522 * 523 * LOCKING: 524 * Defined by the SCSI layer. Might sleep. 525 */ 526 void ata_scsi_unlock_native_capacity(struct scsi_device *sdev) 527 { 528 struct ata_port *ap = ata_shost_to_port(sdev->host); 529 struct ata_device *dev; 530 unsigned long flags; 531 532 spin_lock_irqsave(ap->lock, flags); 533 534 dev = ata_scsi_find_dev(ap, sdev); 535 if (dev && dev->n_sectors < dev->n_native_sectors) { 536 dev->flags |= ATA_DFLAG_UNLOCK_HPA; 537 dev->link->eh_info.action |= ATA_EH_RESET; 538 ata_port_schedule_eh(ap); 539 } 540 541 spin_unlock_irqrestore(ap->lock, flags); 542 ata_port_wait_eh(ap); 543 } 544 545 /** 546 * ata_get_identity - Handler for HDIO_GET_IDENTITY ioctl 547 * @ap: target port 548 * @sdev: SCSI device to get identify data for 549 * @arg: User buffer area for identify data 550 * 551 * LOCKING: 552 * Defined by the SCSI layer. We don't really care. 553 * 554 * RETURNS: 555 * Zero on success, negative errno on error. 556 */ 557 static int ata_get_identity(struct ata_port *ap, struct scsi_device *sdev, 558 void __user *arg) 559 { 560 struct ata_device *dev = ata_scsi_find_dev(ap, sdev); 561 u16 __user *dst = arg; 562 char buf[40]; 563 564 if (!dev) 565 return -ENOMSG; 566 567 if (copy_to_user(dst, dev->id, ATA_ID_WORDS * sizeof(u16))) 568 return -EFAULT; 569 570 ata_id_string(dev->id, buf, ATA_ID_PROD, ATA_ID_PROD_LEN); 571 if (copy_to_user(dst + ATA_ID_PROD, buf, ATA_ID_PROD_LEN)) 572 return -EFAULT; 573 574 ata_id_string(dev->id, buf, ATA_ID_FW_REV, ATA_ID_FW_REV_LEN); 575 if (copy_to_user(dst + ATA_ID_FW_REV, buf, ATA_ID_FW_REV_LEN)) 576 return -EFAULT; 577 578 ata_id_string(dev->id, buf, ATA_ID_SERNO, ATA_ID_SERNO_LEN); 579 if (copy_to_user(dst + ATA_ID_SERNO, buf, ATA_ID_SERNO_LEN)) 580 return -EFAULT; 581 582 return 0; 583 } 584 585 /** 586 * ata_cmd_ioctl - Handler for HDIO_DRIVE_CMD ioctl 587 * @scsidev: Device to which we are issuing command 588 * @arg: User provided data for issuing command 589 * 590 * LOCKING: 591 * Defined by the SCSI layer. We don't really care. 592 * 593 * RETURNS: 594 * Zero on success, negative errno on error. 595 */ 596 int ata_cmd_ioctl(struct scsi_device *scsidev, void __user *arg) 597 { 598 int rc = 0; 599 u8 scsi_cmd[MAX_COMMAND_SIZE]; 600 u8 args[4], *argbuf = NULL, *sensebuf = NULL; 601 int argsize = 0; 602 enum dma_data_direction data_dir; 603 struct scsi_sense_hdr sshdr; 604 int cmd_result; 605 606 if (arg == NULL) 607 return -EINVAL; 608 609 if (copy_from_user(args, arg, sizeof(args))) 610 return -EFAULT; 611 612 sensebuf = kzalloc(SCSI_SENSE_BUFFERSIZE, GFP_NOIO); 613 if (!sensebuf) 614 return -ENOMEM; 615 616 memset(scsi_cmd, 0, sizeof(scsi_cmd)); 617 618 if (args[3]) { 619 argsize = ATA_SECT_SIZE * args[3]; 620 argbuf = kmalloc(argsize, GFP_KERNEL); 621 if (argbuf == NULL) { 622 rc = -ENOMEM; 623 goto error; 624 } 625 626 scsi_cmd[1] = (4 << 1); /* PIO Data-in */ 627 scsi_cmd[2] = 0x0e; /* no off.line or cc, read from dev, 628 block count in sector count field */ 629 data_dir = DMA_FROM_DEVICE; 630 } else { 631 scsi_cmd[1] = (3 << 1); /* Non-data */ 632 scsi_cmd[2] = 0x20; /* cc but no off.line or data xfer */ 633 data_dir = DMA_NONE; 634 } 635 636 scsi_cmd[0] = ATA_16; 637 638 scsi_cmd[4] = args[2]; 639 if (args[0] == ATA_CMD_SMART) { /* hack -- ide driver does this too */ 640 scsi_cmd[6] = args[3]; 641 scsi_cmd[8] = args[1]; 642 scsi_cmd[10] = 0x4f; 643 scsi_cmd[12] = 0xc2; 644 } else { 645 scsi_cmd[6] = args[1]; 646 } 647 scsi_cmd[14] = args[0]; 648 649 /* Good values for timeout and retries? Values below 650 from scsi_ioctl_send_command() for default case... */ 651 cmd_result = scsi_execute(scsidev, scsi_cmd, data_dir, argbuf, argsize, 652 sensebuf, &sshdr, (10*HZ), 5, 0, 0, NULL); 653 654 if (driver_byte(cmd_result) == DRIVER_SENSE) {/* sense data available */ 655 u8 *desc = sensebuf + 8; 656 cmd_result &= ~(0xFF<<24); /* DRIVER_SENSE is not an error */ 657 658 /* If we set cc then ATA pass-through will cause a 659 * check condition even if no error. Filter that. */ 660 if (cmd_result & SAM_STAT_CHECK_CONDITION) { 661 if (sshdr.sense_key == RECOVERED_ERROR && 662 sshdr.asc == 0 && sshdr.ascq == 0x1d) 663 cmd_result &= ~SAM_STAT_CHECK_CONDITION; 664 } 665 666 /* Send userspace a few ATA registers (same as drivers/ide) */ 667 if (sensebuf[0] == 0x72 && /* format is "descriptor" */ 668 desc[0] == 0x09) { /* code is "ATA Descriptor" */ 669 args[0] = desc[13]; /* status */ 670 args[1] = desc[3]; /* error */ 671 args[2] = desc[5]; /* sector count (0:7) */ 672 if (copy_to_user(arg, args, sizeof(args))) 673 rc = -EFAULT; 674 } 675 } 676 677 678 if (cmd_result) { 679 rc = -EIO; 680 goto error; 681 } 682 683 if ((argbuf) 684 && copy_to_user(arg + sizeof(args), argbuf, argsize)) 685 rc = -EFAULT; 686 error: 687 kfree(sensebuf); 688 kfree(argbuf); 689 return rc; 690 } 691 692 /** 693 * ata_task_ioctl - Handler for HDIO_DRIVE_TASK ioctl 694 * @scsidev: Device to which we are issuing command 695 * @arg: User provided data for issuing command 696 * 697 * LOCKING: 698 * Defined by the SCSI layer. We don't really care. 699 * 700 * RETURNS: 701 * Zero on success, negative errno on error. 702 */ 703 int ata_task_ioctl(struct scsi_device *scsidev, void __user *arg) 704 { 705 int rc = 0; 706 u8 scsi_cmd[MAX_COMMAND_SIZE]; 707 u8 args[7], *sensebuf = NULL; 708 struct scsi_sense_hdr sshdr; 709 int cmd_result; 710 711 if (arg == NULL) 712 return -EINVAL; 713 714 if (copy_from_user(args, arg, sizeof(args))) 715 return -EFAULT; 716 717 sensebuf = kzalloc(SCSI_SENSE_BUFFERSIZE, GFP_NOIO); 718 if (!sensebuf) 719 return -ENOMEM; 720 721 memset(scsi_cmd, 0, sizeof(scsi_cmd)); 722 scsi_cmd[0] = ATA_16; 723 scsi_cmd[1] = (3 << 1); /* Non-data */ 724 scsi_cmd[2] = 0x20; /* cc but no off.line or data xfer */ 725 scsi_cmd[4] = args[1]; 726 scsi_cmd[6] = args[2]; 727 scsi_cmd[8] = args[3]; 728 scsi_cmd[10] = args[4]; 729 scsi_cmd[12] = args[5]; 730 scsi_cmd[13] = args[6] & 0x4f; 731 scsi_cmd[14] = args[0]; 732 733 /* Good values for timeout and retries? Values below 734 from scsi_ioctl_send_command() for default case... */ 735 cmd_result = scsi_execute(scsidev, scsi_cmd, DMA_NONE, NULL, 0, 736 sensebuf, &sshdr, (10*HZ), 5, 0, 0, NULL); 737 738 if (driver_byte(cmd_result) == DRIVER_SENSE) {/* sense data available */ 739 u8 *desc = sensebuf + 8; 740 cmd_result &= ~(0xFF<<24); /* DRIVER_SENSE is not an error */ 741 742 /* If we set cc then ATA pass-through will cause a 743 * check condition even if no error. Filter that. */ 744 if (cmd_result & SAM_STAT_CHECK_CONDITION) { 745 if (sshdr.sense_key == RECOVERED_ERROR && 746 sshdr.asc == 0 && sshdr.ascq == 0x1d) 747 cmd_result &= ~SAM_STAT_CHECK_CONDITION; 748 } 749 750 /* Send userspace ATA registers */ 751 if (sensebuf[0] == 0x72 && /* format is "descriptor" */ 752 desc[0] == 0x09) {/* code is "ATA Descriptor" */ 753 args[0] = desc[13]; /* status */ 754 args[1] = desc[3]; /* error */ 755 args[2] = desc[5]; /* sector count (0:7) */ 756 args[3] = desc[7]; /* lbal */ 757 args[4] = desc[9]; /* lbam */ 758 args[5] = desc[11]; /* lbah */ 759 args[6] = desc[12]; /* select */ 760 if (copy_to_user(arg, args, sizeof(args))) 761 rc = -EFAULT; 762 } 763 } 764 765 if (cmd_result) { 766 rc = -EIO; 767 goto error; 768 } 769 770 error: 771 kfree(sensebuf); 772 return rc; 773 } 774 775 static int ata_ioc32(struct ata_port *ap) 776 { 777 if (ap->flags & ATA_FLAG_PIO_DMA) 778 return 1; 779 if (ap->pflags & ATA_PFLAG_PIO32) 780 return 1; 781 return 0; 782 } 783 784 int ata_sas_scsi_ioctl(struct ata_port *ap, struct scsi_device *scsidev, 785 int cmd, void __user *arg) 786 { 787 unsigned long val; 788 int rc = -EINVAL; 789 unsigned long flags; 790 791 switch (cmd) { 792 case HDIO_GET_32BIT: 793 spin_lock_irqsave(ap->lock, flags); 794 val = ata_ioc32(ap); 795 spin_unlock_irqrestore(ap->lock, flags); 796 return put_user(val, (unsigned long __user *)arg); 797 798 case HDIO_SET_32BIT: 799 val = (unsigned long) arg; 800 rc = 0; 801 spin_lock_irqsave(ap->lock, flags); 802 if (ap->pflags & ATA_PFLAG_PIO32CHANGE) { 803 if (val) 804 ap->pflags |= ATA_PFLAG_PIO32; 805 else 806 ap->pflags &= ~ATA_PFLAG_PIO32; 807 } else { 808 if (val != ata_ioc32(ap)) 809 rc = -EINVAL; 810 } 811 spin_unlock_irqrestore(ap->lock, flags); 812 return rc; 813 814 case HDIO_GET_IDENTITY: 815 return ata_get_identity(ap, scsidev, arg); 816 817 case HDIO_DRIVE_CMD: 818 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) 819 return -EACCES; 820 return ata_cmd_ioctl(scsidev, arg); 821 822 case HDIO_DRIVE_TASK: 823 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) 824 return -EACCES; 825 return ata_task_ioctl(scsidev, arg); 826 827 default: 828 rc = -ENOTTY; 829 break; 830 } 831 832 return rc; 833 } 834 EXPORT_SYMBOL_GPL(ata_sas_scsi_ioctl); 835 836 int ata_scsi_ioctl(struct scsi_device *scsidev, int cmd, void __user *arg) 837 { 838 return ata_sas_scsi_ioctl(ata_shost_to_port(scsidev->host), 839 scsidev, cmd, arg); 840 } 841 EXPORT_SYMBOL_GPL(ata_scsi_ioctl); 842 843 /** 844 * ata_scsi_qc_new - acquire new ata_queued_cmd reference 845 * @dev: ATA device to which the new command is attached 846 * @cmd: SCSI command that originated this ATA command 847 * 848 * Obtain a reference to an unused ata_queued_cmd structure, 849 * which is the basic libata structure representing a single 850 * ATA command sent to the hardware. 851 * 852 * If a command was available, fill in the SCSI-specific 853 * portions of the structure with information on the 854 * current command. 855 * 856 * LOCKING: 857 * spin_lock_irqsave(host lock) 858 * 859 * RETURNS: 860 * Command allocated, or %NULL if none available. 861 */ 862 static struct ata_queued_cmd *ata_scsi_qc_new(struct ata_device *dev, 863 struct scsi_cmnd *cmd) 864 { 865 struct ata_queued_cmd *qc; 866 867 qc = ata_qc_new_init(dev, cmd->request->tag); 868 if (qc) { 869 qc->scsicmd = cmd; 870 qc->scsidone = cmd->scsi_done; 871 872 qc->sg = scsi_sglist(cmd); 873 qc->n_elem = scsi_sg_count(cmd); 874 } else { 875 cmd->result = (DID_OK << 16) | (QUEUE_FULL << 1); 876 cmd->scsi_done(cmd); 877 } 878 879 return qc; 880 } 881 882 static void ata_qc_set_pc_nbytes(struct ata_queued_cmd *qc) 883 { 884 struct scsi_cmnd *scmd = qc->scsicmd; 885 886 qc->extrabytes = scmd->request->extra_len; 887 qc->nbytes = scsi_bufflen(scmd) + qc->extrabytes; 888 } 889 890 /** 891 * ata_dump_status - user friendly display of error info 892 * @id: id of the port in question 893 * @tf: ptr to filled out taskfile 894 * 895 * Decode and dump the ATA error/status registers for the user so 896 * that they have some idea what really happened at the non 897 * make-believe layer. 898 * 899 * LOCKING: 900 * inherited from caller 901 */ 902 static void ata_dump_status(unsigned id, struct ata_taskfile *tf) 903 { 904 u8 stat = tf->command, err = tf->feature; 905 906 pr_warn("ata%u: status=0x%02x { ", id, stat); 907 if (stat & ATA_BUSY) { 908 pr_cont("Busy }\n"); /* Data is not valid in this case */ 909 } else { 910 if (stat & ATA_DRDY) pr_cont("DriveReady "); 911 if (stat & ATA_DF) pr_cont("DeviceFault "); 912 if (stat & ATA_DSC) pr_cont("SeekComplete "); 913 if (stat & ATA_DRQ) pr_cont("DataRequest "); 914 if (stat & ATA_CORR) pr_cont("CorrectedError "); 915 if (stat & ATA_SENSE) pr_cont("Sense "); 916 if (stat & ATA_ERR) pr_cont("Error "); 917 pr_cont("}\n"); 918 919 if (err) { 920 pr_warn("ata%u: error=0x%02x { ", id, err); 921 if (err & ATA_ABORTED) pr_cont("DriveStatusError "); 922 if (err & ATA_ICRC) { 923 if (err & ATA_ABORTED) 924 pr_cont("BadCRC "); 925 else pr_cont("Sector "); 926 } 927 if (err & ATA_UNC) pr_cont("UncorrectableError "); 928 if (err & ATA_IDNF) pr_cont("SectorIdNotFound "); 929 if (err & ATA_TRK0NF) pr_cont("TrackZeroNotFound "); 930 if (err & ATA_AMNF) pr_cont("AddrMarkNotFound "); 931 pr_cont("}\n"); 932 } 933 } 934 } 935 936 /** 937 * ata_to_sense_error - convert ATA error to SCSI error 938 * @id: ATA device number 939 * @drv_stat: value contained in ATA status register 940 * @drv_err: value contained in ATA error register 941 * @sk: the sense key we'll fill out 942 * @asc: the additional sense code we'll fill out 943 * @ascq: the additional sense code qualifier we'll fill out 944 * @verbose: be verbose 945 * 946 * Converts an ATA error into a SCSI error. Fill out pointers to 947 * SK, ASC, and ASCQ bytes for later use in fixed or descriptor 948 * format sense blocks. 949 * 950 * LOCKING: 951 * spin_lock_irqsave(host lock) 952 */ 953 static void ata_to_sense_error(unsigned id, u8 drv_stat, u8 drv_err, u8 *sk, 954 u8 *asc, u8 *ascq, int verbose) 955 { 956 int i; 957 958 /* Based on the 3ware driver translation table */ 959 static const unsigned char sense_table[][4] = { 960 /* BBD|ECC|ID|MAR */ 961 {0xd1, ABORTED_COMMAND, 0x00, 0x00}, 962 // Device busy Aborted command 963 /* BBD|ECC|ID */ 964 {0xd0, ABORTED_COMMAND, 0x00, 0x00}, 965 // Device busy Aborted command 966 /* ECC|MC|MARK */ 967 {0x61, HARDWARE_ERROR, 0x00, 0x00}, 968 // Device fault Hardware error 969 /* ICRC|ABRT */ /* NB: ICRC & !ABRT is BBD */ 970 {0x84, ABORTED_COMMAND, 0x47, 0x00}, 971 // Data CRC error SCSI parity error 972 /* MC|ID|ABRT|TRK0|MARK */ 973 {0x37, NOT_READY, 0x04, 0x00}, 974 // Unit offline Not ready 975 /* MCR|MARK */ 976 {0x09, NOT_READY, 0x04, 0x00}, 977 // Unrecovered disk error Not ready 978 /* Bad address mark */ 979 {0x01, MEDIUM_ERROR, 0x13, 0x00}, 980 // Address mark not found for data field 981 /* TRK0 - Track 0 not found */ 982 {0x02, HARDWARE_ERROR, 0x00, 0x00}, 983 // Hardware error 984 /* Abort: 0x04 is not translated here, see below */ 985 /* Media change request */ 986 {0x08, NOT_READY, 0x04, 0x00}, 987 // FIXME: faking offline 988 /* SRV/IDNF - ID not found */ 989 {0x10, ILLEGAL_REQUEST, 0x21, 0x00}, 990 // Logical address out of range 991 /* MC - Media Changed */ 992 {0x20, UNIT_ATTENTION, 0x28, 0x00}, 993 // Not ready to ready change, medium may have changed 994 /* ECC - Uncorrectable ECC error */ 995 {0x40, MEDIUM_ERROR, 0x11, 0x04}, 996 // Unrecovered read error 997 /* BBD - block marked bad */ 998 {0x80, MEDIUM_ERROR, 0x11, 0x04}, 999 // Block marked bad Medium error, unrecovered read error 1000 {0xFF, 0xFF, 0xFF, 0xFF}, // END mark 1001 }; 1002 static const unsigned char stat_table[][4] = { 1003 /* Must be first because BUSY means no other bits valid */ 1004 {0x80, ABORTED_COMMAND, 0x47, 0x00}, 1005 // Busy, fake parity for now 1006 {0x40, ILLEGAL_REQUEST, 0x21, 0x04}, 1007 // Device ready, unaligned write command 1008 {0x20, HARDWARE_ERROR, 0x44, 0x00}, 1009 // Device fault, internal target failure 1010 {0x08, ABORTED_COMMAND, 0x47, 0x00}, 1011 // Timed out in xfer, fake parity for now 1012 {0x04, RECOVERED_ERROR, 0x11, 0x00}, 1013 // Recovered ECC error Medium error, recovered 1014 {0xFF, 0xFF, 0xFF, 0xFF}, // END mark 1015 }; 1016 1017 /* 1018 * Is this an error we can process/parse 1019 */ 1020 if (drv_stat & ATA_BUSY) { 1021 drv_err = 0; /* Ignore the err bits, they're invalid */ 1022 } 1023 1024 if (drv_err) { 1025 /* Look for drv_err */ 1026 for (i = 0; sense_table[i][0] != 0xFF; i++) { 1027 /* Look for best matches first */ 1028 if ((sense_table[i][0] & drv_err) == 1029 sense_table[i][0]) { 1030 *sk = sense_table[i][1]; 1031 *asc = sense_table[i][2]; 1032 *ascq = sense_table[i][3]; 1033 goto translate_done; 1034 } 1035 } 1036 } 1037 1038 /* 1039 * Fall back to interpreting status bits. Note that if the drv_err 1040 * has only the ABRT bit set, we decode drv_stat. ABRT by itself 1041 * is not descriptive enough. 1042 */ 1043 for (i = 0; stat_table[i][0] != 0xFF; i++) { 1044 if (stat_table[i][0] & drv_stat) { 1045 *sk = stat_table[i][1]; 1046 *asc = stat_table[i][2]; 1047 *ascq = stat_table[i][3]; 1048 goto translate_done; 1049 } 1050 } 1051 1052 /* 1053 * We need a sensible error return here, which is tricky, and one 1054 * that won't cause people to do things like return a disk wrongly. 1055 */ 1056 *sk = ABORTED_COMMAND; 1057 *asc = 0x00; 1058 *ascq = 0x00; 1059 1060 translate_done: 1061 if (verbose) 1062 pr_err("ata%u: translated ATA stat/err 0x%02x/%02x to SCSI SK/ASC/ASCQ 0x%x/%02x/%02x\n", 1063 id, drv_stat, drv_err, *sk, *asc, *ascq); 1064 return; 1065 } 1066 1067 /* 1068 * ata_gen_passthru_sense - Generate check condition sense block. 1069 * @qc: Command that completed. 1070 * 1071 * This function is specific to the ATA descriptor format sense 1072 * block specified for the ATA pass through commands. Regardless 1073 * of whether the command errored or not, return a sense 1074 * block. Copy all controller registers into the sense 1075 * block. If there was no error, we get the request from an ATA 1076 * passthrough command, so we use the following sense data: 1077 * sk = RECOVERED ERROR 1078 * asc,ascq = ATA PASS-THROUGH INFORMATION AVAILABLE 1079 * 1080 * 1081 * LOCKING: 1082 * None. 1083 */ 1084 static void ata_gen_passthru_sense(struct ata_queued_cmd *qc) 1085 { 1086 struct scsi_cmnd *cmd = qc->scsicmd; 1087 struct ata_taskfile *tf = &qc->result_tf; 1088 unsigned char *sb = cmd->sense_buffer; 1089 unsigned char *desc = sb + 8; 1090 int verbose = qc->ap->ops->error_handler == NULL; 1091 u8 sense_key, asc, ascq; 1092 1093 memset(sb, 0, SCSI_SENSE_BUFFERSIZE); 1094 1095 cmd->result = (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION; 1096 1097 /* 1098 * Use ata_to_sense_error() to map status register bits 1099 * onto sense key, asc & ascq. 1100 */ 1101 if (qc->err_mask || 1102 tf->command & (ATA_BUSY | ATA_DF | ATA_ERR | ATA_DRQ)) { 1103 ata_to_sense_error(qc->ap->print_id, tf->command, tf->feature, 1104 &sense_key, &asc, &ascq, verbose); 1105 ata_scsi_set_sense(qc->dev, cmd, sense_key, asc, ascq); 1106 } else { 1107 /* 1108 * ATA PASS-THROUGH INFORMATION AVAILABLE 1109 * Always in descriptor format sense. 1110 */ 1111 scsi_build_sense_buffer(1, cmd->sense_buffer, 1112 RECOVERED_ERROR, 0, 0x1D); 1113 } 1114 1115 if ((cmd->sense_buffer[0] & 0x7f) >= 0x72) { 1116 u8 len; 1117 1118 /* descriptor format */ 1119 len = sb[7]; 1120 desc = (char *)scsi_sense_desc_find(sb, len + 8, 9); 1121 if (!desc) { 1122 if (SCSI_SENSE_BUFFERSIZE < len + 14) 1123 return; 1124 sb[7] = len + 14; 1125 desc = sb + 8 + len; 1126 } 1127 desc[0] = 9; 1128 desc[1] = 12; 1129 /* 1130 * Copy registers into sense buffer. 1131 */ 1132 desc[2] = 0x00; 1133 desc[3] = tf->feature; /* == error reg */ 1134 desc[5] = tf->nsect; 1135 desc[7] = tf->lbal; 1136 desc[9] = tf->lbam; 1137 desc[11] = tf->lbah; 1138 desc[12] = tf->device; 1139 desc[13] = tf->command; /* == status reg */ 1140 1141 /* 1142 * Fill in Extend bit, and the high order bytes 1143 * if applicable. 1144 */ 1145 if (tf->flags & ATA_TFLAG_LBA48) { 1146 desc[2] |= 0x01; 1147 desc[4] = tf->hob_nsect; 1148 desc[6] = tf->hob_lbal; 1149 desc[8] = tf->hob_lbam; 1150 desc[10] = tf->hob_lbah; 1151 } 1152 } else { 1153 /* Fixed sense format */ 1154 desc[0] = tf->feature; 1155 desc[1] = tf->command; /* status */ 1156 desc[2] = tf->device; 1157 desc[3] = tf->nsect; 1158 desc[7] = 0; 1159 if (tf->flags & ATA_TFLAG_LBA48) { 1160 desc[8] |= 0x80; 1161 if (tf->hob_nsect) 1162 desc[8] |= 0x40; 1163 if (tf->hob_lbal || tf->hob_lbam || tf->hob_lbah) 1164 desc[8] |= 0x20; 1165 } 1166 desc[9] = tf->lbal; 1167 desc[10] = tf->lbam; 1168 desc[11] = tf->lbah; 1169 } 1170 } 1171 1172 /** 1173 * ata_gen_ata_sense - generate a SCSI fixed sense block 1174 * @qc: Command that we are erroring out 1175 * 1176 * Generate sense block for a failed ATA command @qc. Descriptor 1177 * format is used to accommodate LBA48 block address. 1178 * 1179 * LOCKING: 1180 * None. 1181 */ 1182 static void ata_gen_ata_sense(struct ata_queued_cmd *qc) 1183 { 1184 struct ata_device *dev = qc->dev; 1185 struct scsi_cmnd *cmd = qc->scsicmd; 1186 struct ata_taskfile *tf = &qc->result_tf; 1187 unsigned char *sb = cmd->sense_buffer; 1188 int verbose = qc->ap->ops->error_handler == NULL; 1189 u64 block; 1190 u8 sense_key, asc, ascq; 1191 1192 memset(sb, 0, SCSI_SENSE_BUFFERSIZE); 1193 1194 cmd->result = (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION; 1195 1196 if (ata_dev_disabled(dev)) { 1197 /* Device disabled after error recovery */ 1198 /* LOGICAL UNIT NOT READY, HARD RESET REQUIRED */ 1199 ata_scsi_set_sense(dev, cmd, NOT_READY, 0x04, 0x21); 1200 return; 1201 } 1202 /* Use ata_to_sense_error() to map status register bits 1203 * onto sense key, asc & ascq. 1204 */ 1205 if (qc->err_mask || 1206 tf->command & (ATA_BUSY | ATA_DF | ATA_ERR | ATA_DRQ)) { 1207 ata_to_sense_error(qc->ap->print_id, tf->command, tf->feature, 1208 &sense_key, &asc, &ascq, verbose); 1209 ata_scsi_set_sense(dev, cmd, sense_key, asc, ascq); 1210 } else { 1211 /* Could not decode error */ 1212 ata_dev_warn(dev, "could not decode error status 0x%x err_mask 0x%x\n", 1213 tf->command, qc->err_mask); 1214 ata_scsi_set_sense(dev, cmd, ABORTED_COMMAND, 0, 0); 1215 return; 1216 } 1217 1218 block = ata_tf_read_block(&qc->result_tf, dev); 1219 if (block == U64_MAX) 1220 return; 1221 1222 scsi_set_sense_information(sb, SCSI_SENSE_BUFFERSIZE, block); 1223 } 1224 1225 static void ata_scsi_sdev_config(struct scsi_device *sdev) 1226 { 1227 sdev->use_10_for_rw = 1; 1228 sdev->use_10_for_ms = 1; 1229 sdev->no_write_same = 1; 1230 1231 /* Schedule policy is determined by ->qc_defer() callback and 1232 * it needs to see every deferred qc. Set dev_blocked to 1 to 1233 * prevent SCSI midlayer from automatically deferring 1234 * requests. 1235 */ 1236 sdev->max_device_blocked = 1; 1237 } 1238 1239 /** 1240 * atapi_drain_needed - Check whether data transfer may overflow 1241 * @rq: request to be checked 1242 * 1243 * ATAPI commands which transfer variable length data to host 1244 * might overflow due to application error or hardware bug. This 1245 * function checks whether overflow should be drained and ignored 1246 * for @request. 1247 * 1248 * LOCKING: 1249 * None. 1250 * 1251 * RETURNS: 1252 * 1 if ; otherwise, 0. 1253 */ 1254 static int atapi_drain_needed(struct request *rq) 1255 { 1256 if (likely(!blk_rq_is_passthrough(rq))) 1257 return 0; 1258 1259 if (!blk_rq_bytes(rq) || op_is_write(req_op(rq))) 1260 return 0; 1261 1262 return atapi_cmd_type(scsi_req(rq)->cmd[0]) == ATAPI_MISC; 1263 } 1264 1265 static int ata_scsi_dev_config(struct scsi_device *sdev, 1266 struct ata_device *dev) 1267 { 1268 struct request_queue *q = sdev->request_queue; 1269 1270 if (!ata_id_has_unload(dev->id)) 1271 dev->flags |= ATA_DFLAG_NO_UNLOAD; 1272 1273 /* configure max sectors */ 1274 blk_queue_max_hw_sectors(q, dev->max_sectors); 1275 1276 if (dev->class == ATA_DEV_ATAPI) { 1277 void *buf; 1278 1279 sdev->sector_size = ATA_SECT_SIZE; 1280 1281 /* set DMA padding */ 1282 blk_queue_update_dma_pad(q, ATA_DMA_PAD_SZ - 1); 1283 1284 /* configure draining */ 1285 buf = kmalloc(ATAPI_MAX_DRAIN, q->bounce_gfp | GFP_KERNEL); 1286 if (!buf) { 1287 ata_dev_err(dev, "drain buffer allocation failed\n"); 1288 return -ENOMEM; 1289 } 1290 1291 blk_queue_dma_drain(q, atapi_drain_needed, buf, ATAPI_MAX_DRAIN); 1292 } else { 1293 sdev->sector_size = ata_id_logical_sector_size(dev->id); 1294 sdev->manage_start_stop = 1; 1295 } 1296 1297 /* 1298 * ata_pio_sectors() expects buffer for each sector to not cross 1299 * page boundary. Enforce it by requiring buffers to be sector 1300 * aligned, which works iff sector_size is not larger than 1301 * PAGE_SIZE. ATAPI devices also need the alignment as 1302 * IDENTIFY_PACKET is executed as ATA_PROT_PIO. 1303 */ 1304 if (sdev->sector_size > PAGE_SIZE) 1305 ata_dev_warn(dev, 1306 "sector_size=%u > PAGE_SIZE, PIO may malfunction\n", 1307 sdev->sector_size); 1308 1309 blk_queue_update_dma_alignment(q, sdev->sector_size - 1); 1310 1311 if (dev->flags & ATA_DFLAG_AN) 1312 set_bit(SDEV_EVT_MEDIA_CHANGE, sdev->supported_events); 1313 1314 if (dev->flags & ATA_DFLAG_NCQ) { 1315 int depth; 1316 1317 depth = min(sdev->host->can_queue, ata_id_queue_depth(dev->id)); 1318 depth = min(ATA_MAX_QUEUE - 1, depth); 1319 scsi_change_queue_depth(sdev, depth); 1320 } 1321 1322 blk_queue_flush_queueable(q, false); 1323 1324 if (dev->flags & ATA_DFLAG_TRUSTED) 1325 sdev->security_supported = 1; 1326 1327 dev->sdev = sdev; 1328 return 0; 1329 } 1330 1331 /** 1332 * ata_scsi_slave_config - Set SCSI device attributes 1333 * @sdev: SCSI device to examine 1334 * 1335 * This is called before we actually start reading 1336 * and writing to the device, to configure certain 1337 * SCSI mid-layer behaviors. 1338 * 1339 * LOCKING: 1340 * Defined by SCSI layer. We don't really care. 1341 */ 1342 1343 int ata_scsi_slave_config(struct scsi_device *sdev) 1344 { 1345 struct ata_port *ap = ata_shost_to_port(sdev->host); 1346 struct ata_device *dev = __ata_scsi_find_dev(ap, sdev); 1347 int rc = 0; 1348 1349 ata_scsi_sdev_config(sdev); 1350 1351 if (dev) 1352 rc = ata_scsi_dev_config(sdev, dev); 1353 1354 return rc; 1355 } 1356 1357 /** 1358 * ata_scsi_slave_destroy - SCSI device is about to be destroyed 1359 * @sdev: SCSI device to be destroyed 1360 * 1361 * @sdev is about to be destroyed for hot/warm unplugging. If 1362 * this unplugging was initiated by libata as indicated by NULL 1363 * dev->sdev, this function doesn't have to do anything. 1364 * Otherwise, SCSI layer initiated warm-unplug is in progress. 1365 * Clear dev->sdev, schedule the device for ATA detach and invoke 1366 * EH. 1367 * 1368 * LOCKING: 1369 * Defined by SCSI layer. We don't really care. 1370 */ 1371 void ata_scsi_slave_destroy(struct scsi_device *sdev) 1372 { 1373 struct ata_port *ap = ata_shost_to_port(sdev->host); 1374 struct request_queue *q = sdev->request_queue; 1375 unsigned long flags; 1376 struct ata_device *dev; 1377 1378 if (!ap->ops->error_handler) 1379 return; 1380 1381 spin_lock_irqsave(ap->lock, flags); 1382 dev = __ata_scsi_find_dev(ap, sdev); 1383 if (dev && dev->sdev) { 1384 /* SCSI device already in CANCEL state, no need to offline it */ 1385 dev->sdev = NULL; 1386 dev->flags |= ATA_DFLAG_DETACH; 1387 ata_port_schedule_eh(ap); 1388 } 1389 spin_unlock_irqrestore(ap->lock, flags); 1390 1391 kfree(q->dma_drain_buffer); 1392 q->dma_drain_buffer = NULL; 1393 q->dma_drain_size = 0; 1394 } 1395 1396 /** 1397 * __ata_change_queue_depth - helper for ata_scsi_change_queue_depth 1398 * @ap: ATA port to which the device change the queue depth 1399 * @sdev: SCSI device to configure queue depth for 1400 * @queue_depth: new queue depth 1401 * 1402 * libsas and libata have different approaches for associating a sdev to 1403 * its ata_port. 1404 * 1405 */ 1406 int __ata_change_queue_depth(struct ata_port *ap, struct scsi_device *sdev, 1407 int queue_depth) 1408 { 1409 struct ata_device *dev; 1410 unsigned long flags; 1411 1412 if (queue_depth < 1 || queue_depth == sdev->queue_depth) 1413 return sdev->queue_depth; 1414 1415 dev = ata_scsi_find_dev(ap, sdev); 1416 if (!dev || !ata_dev_enabled(dev)) 1417 return sdev->queue_depth; 1418 1419 /* NCQ enabled? */ 1420 spin_lock_irqsave(ap->lock, flags); 1421 dev->flags &= ~ATA_DFLAG_NCQ_OFF; 1422 if (queue_depth == 1 || !ata_ncq_enabled(dev)) { 1423 dev->flags |= ATA_DFLAG_NCQ_OFF; 1424 queue_depth = 1; 1425 } 1426 spin_unlock_irqrestore(ap->lock, flags); 1427 1428 /* limit and apply queue depth */ 1429 queue_depth = min(queue_depth, sdev->host->can_queue); 1430 queue_depth = min(queue_depth, ata_id_queue_depth(dev->id)); 1431 queue_depth = min(queue_depth, ATA_MAX_QUEUE - 1); 1432 1433 if (sdev->queue_depth == queue_depth) 1434 return -EINVAL; 1435 1436 return scsi_change_queue_depth(sdev, queue_depth); 1437 } 1438 1439 /** 1440 * ata_scsi_change_queue_depth - SCSI callback for queue depth config 1441 * @sdev: SCSI device to configure queue depth for 1442 * @queue_depth: new queue depth 1443 * 1444 * This is libata standard hostt->change_queue_depth callback. 1445 * SCSI will call into this callback when user tries to set queue 1446 * depth via sysfs. 1447 * 1448 * LOCKING: 1449 * SCSI layer (we don't care) 1450 * 1451 * RETURNS: 1452 * Newly configured queue depth. 1453 */ 1454 int ata_scsi_change_queue_depth(struct scsi_device *sdev, int queue_depth) 1455 { 1456 struct ata_port *ap = ata_shost_to_port(sdev->host); 1457 1458 return __ata_change_queue_depth(ap, sdev, queue_depth); 1459 } 1460 1461 /** 1462 * ata_scsi_start_stop_xlat - Translate SCSI START STOP UNIT command 1463 * @qc: Storage for translated ATA taskfile 1464 * 1465 * Sets up an ATA taskfile to issue STANDBY (to stop) or READ VERIFY 1466 * (to start). Perhaps these commands should be preceded by 1467 * CHECK POWER MODE to see what power mode the device is already in. 1468 * [See SAT revision 5 at www.t10.org] 1469 * 1470 * LOCKING: 1471 * spin_lock_irqsave(host lock) 1472 * 1473 * RETURNS: 1474 * Zero on success, non-zero on error. 1475 */ 1476 static unsigned int ata_scsi_start_stop_xlat(struct ata_queued_cmd *qc) 1477 { 1478 struct scsi_cmnd *scmd = qc->scsicmd; 1479 struct ata_taskfile *tf = &qc->tf; 1480 const u8 *cdb = scmd->cmnd; 1481 u16 fp; 1482 u8 bp = 0xff; 1483 1484 if (scmd->cmd_len < 5) { 1485 fp = 4; 1486 goto invalid_fld; 1487 } 1488 1489 tf->flags |= ATA_TFLAG_DEVICE | ATA_TFLAG_ISADDR; 1490 tf->protocol = ATA_PROT_NODATA; 1491 if (cdb[1] & 0x1) { 1492 ; /* ignore IMMED bit, violates sat-r05 */ 1493 } 1494 if (cdb[4] & 0x2) { 1495 fp = 4; 1496 bp = 1; 1497 goto invalid_fld; /* LOEJ bit set not supported */ 1498 } 1499 if (((cdb[4] >> 4) & 0xf) != 0) { 1500 fp = 4; 1501 bp = 3; 1502 goto invalid_fld; /* power conditions not supported */ 1503 } 1504 1505 if (cdb[4] & 0x1) { 1506 tf->nsect = 1; /* 1 sector, lba=0 */ 1507 1508 if (qc->dev->flags & ATA_DFLAG_LBA) { 1509 tf->flags |= ATA_TFLAG_LBA; 1510 1511 tf->lbah = 0x0; 1512 tf->lbam = 0x0; 1513 tf->lbal = 0x0; 1514 tf->device |= ATA_LBA; 1515 } else { 1516 /* CHS */ 1517 tf->lbal = 0x1; /* sect */ 1518 tf->lbam = 0x0; /* cyl low */ 1519 tf->lbah = 0x0; /* cyl high */ 1520 } 1521 1522 tf->command = ATA_CMD_VERIFY; /* READ VERIFY */ 1523 } else { 1524 /* Some odd clown BIOSen issue spindown on power off (ACPI S4 1525 * or S5) causing some drives to spin up and down again. 1526 */ 1527 if ((qc->ap->flags & ATA_FLAG_NO_POWEROFF_SPINDOWN) && 1528 system_state == SYSTEM_POWER_OFF) 1529 goto skip; 1530 1531 if ((qc->ap->flags & ATA_FLAG_NO_HIBERNATE_SPINDOWN) && 1532 system_entering_hibernation()) 1533 goto skip; 1534 1535 /* Issue ATA STANDBY IMMEDIATE command */ 1536 tf->command = ATA_CMD_STANDBYNOW1; 1537 } 1538 1539 /* 1540 * Standby and Idle condition timers could be implemented but that 1541 * would require libata to implement the Power condition mode page 1542 * and allow the user to change it. Changing mode pages requires 1543 * MODE SELECT to be implemented. 1544 */ 1545 1546 return 0; 1547 1548 invalid_fld: 1549 ata_scsi_set_invalid_field(qc->dev, scmd, fp, bp); 1550 return 1; 1551 skip: 1552 scmd->result = SAM_STAT_GOOD; 1553 return 1; 1554 } 1555 1556 1557 /** 1558 * ata_scsi_flush_xlat - Translate SCSI SYNCHRONIZE CACHE command 1559 * @qc: Storage for translated ATA taskfile 1560 * 1561 * Sets up an ATA taskfile to issue FLUSH CACHE or 1562 * FLUSH CACHE EXT. 1563 * 1564 * LOCKING: 1565 * spin_lock_irqsave(host lock) 1566 * 1567 * RETURNS: 1568 * Zero on success, non-zero on error. 1569 */ 1570 static unsigned int ata_scsi_flush_xlat(struct ata_queued_cmd *qc) 1571 { 1572 struct ata_taskfile *tf = &qc->tf; 1573 1574 tf->flags |= ATA_TFLAG_DEVICE; 1575 tf->protocol = ATA_PROT_NODATA; 1576 1577 if (qc->dev->flags & ATA_DFLAG_FLUSH_EXT) 1578 tf->command = ATA_CMD_FLUSH_EXT; 1579 else 1580 tf->command = ATA_CMD_FLUSH; 1581 1582 /* flush is critical for IO integrity, consider it an IO command */ 1583 qc->flags |= ATA_QCFLAG_IO; 1584 1585 return 0; 1586 } 1587 1588 /** 1589 * scsi_6_lba_len - Get LBA and transfer length 1590 * @cdb: SCSI command to translate 1591 * 1592 * Calculate LBA and transfer length for 6-byte commands. 1593 * 1594 * RETURNS: 1595 * @plba: the LBA 1596 * @plen: the transfer length 1597 */ 1598 static void scsi_6_lba_len(const u8 *cdb, u64 *plba, u32 *plen) 1599 { 1600 u64 lba = 0; 1601 u32 len; 1602 1603 VPRINTK("six-byte command\n"); 1604 1605 lba |= ((u64)(cdb[1] & 0x1f)) << 16; 1606 lba |= ((u64)cdb[2]) << 8; 1607 lba |= ((u64)cdb[3]); 1608 1609 len = cdb[4]; 1610 1611 *plba = lba; 1612 *plen = len; 1613 } 1614 1615 /** 1616 * scsi_10_lba_len - Get LBA and transfer length 1617 * @cdb: SCSI command to translate 1618 * 1619 * Calculate LBA and transfer length for 10-byte commands. 1620 * 1621 * RETURNS: 1622 * @plba: the LBA 1623 * @plen: the transfer length 1624 */ 1625 static void scsi_10_lba_len(const u8 *cdb, u64 *plba, u32 *plen) 1626 { 1627 u64 lba = 0; 1628 u32 len = 0; 1629 1630 VPRINTK("ten-byte command\n"); 1631 1632 lba |= ((u64)cdb[2]) << 24; 1633 lba |= ((u64)cdb[3]) << 16; 1634 lba |= ((u64)cdb[4]) << 8; 1635 lba |= ((u64)cdb[5]); 1636 1637 len |= ((u32)cdb[7]) << 8; 1638 len |= ((u32)cdb[8]); 1639 1640 *plba = lba; 1641 *plen = len; 1642 } 1643 1644 /** 1645 * scsi_16_lba_len - Get LBA and transfer length 1646 * @cdb: SCSI command to translate 1647 * 1648 * Calculate LBA and transfer length for 16-byte commands. 1649 * 1650 * RETURNS: 1651 * @plba: the LBA 1652 * @plen: the transfer length 1653 */ 1654 static void scsi_16_lba_len(const u8 *cdb, u64 *plba, u32 *plen) 1655 { 1656 u64 lba = 0; 1657 u32 len = 0; 1658 1659 VPRINTK("sixteen-byte command\n"); 1660 1661 lba |= ((u64)cdb[2]) << 56; 1662 lba |= ((u64)cdb[3]) << 48; 1663 lba |= ((u64)cdb[4]) << 40; 1664 lba |= ((u64)cdb[5]) << 32; 1665 lba |= ((u64)cdb[6]) << 24; 1666 lba |= ((u64)cdb[7]) << 16; 1667 lba |= ((u64)cdb[8]) << 8; 1668 lba |= ((u64)cdb[9]); 1669 1670 len |= ((u32)cdb[10]) << 24; 1671 len |= ((u32)cdb[11]) << 16; 1672 len |= ((u32)cdb[12]) << 8; 1673 len |= ((u32)cdb[13]); 1674 1675 *plba = lba; 1676 *plen = len; 1677 } 1678 1679 /** 1680 * ata_scsi_verify_xlat - Translate SCSI VERIFY command into an ATA one 1681 * @qc: Storage for translated ATA taskfile 1682 * 1683 * Converts SCSI VERIFY command to an ATA READ VERIFY command. 1684 * 1685 * LOCKING: 1686 * spin_lock_irqsave(host lock) 1687 * 1688 * RETURNS: 1689 * Zero on success, non-zero on error. 1690 */ 1691 static unsigned int ata_scsi_verify_xlat(struct ata_queued_cmd *qc) 1692 { 1693 struct scsi_cmnd *scmd = qc->scsicmd; 1694 struct ata_taskfile *tf = &qc->tf; 1695 struct ata_device *dev = qc->dev; 1696 u64 dev_sectors = qc->dev->n_sectors; 1697 const u8 *cdb = scmd->cmnd; 1698 u64 block; 1699 u32 n_block; 1700 u16 fp; 1701 1702 tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE; 1703 tf->protocol = ATA_PROT_NODATA; 1704 1705 if (cdb[0] == VERIFY) { 1706 if (scmd->cmd_len < 10) { 1707 fp = 9; 1708 goto invalid_fld; 1709 } 1710 scsi_10_lba_len(cdb, &block, &n_block); 1711 } else if (cdb[0] == VERIFY_16) { 1712 if (scmd->cmd_len < 16) { 1713 fp = 15; 1714 goto invalid_fld; 1715 } 1716 scsi_16_lba_len(cdb, &block, &n_block); 1717 } else { 1718 fp = 0; 1719 goto invalid_fld; 1720 } 1721 1722 if (!n_block) 1723 goto nothing_to_do; 1724 if (block >= dev_sectors) 1725 goto out_of_range; 1726 if ((block + n_block) > dev_sectors) 1727 goto out_of_range; 1728 1729 if (dev->flags & ATA_DFLAG_LBA) { 1730 tf->flags |= ATA_TFLAG_LBA; 1731 1732 if (lba_28_ok(block, n_block)) { 1733 /* use LBA28 */ 1734 tf->command = ATA_CMD_VERIFY; 1735 tf->device |= (block >> 24) & 0xf; 1736 } else if (lba_48_ok(block, n_block)) { 1737 if (!(dev->flags & ATA_DFLAG_LBA48)) 1738 goto out_of_range; 1739 1740 /* use LBA48 */ 1741 tf->flags |= ATA_TFLAG_LBA48; 1742 tf->command = ATA_CMD_VERIFY_EXT; 1743 1744 tf->hob_nsect = (n_block >> 8) & 0xff; 1745 1746 tf->hob_lbah = (block >> 40) & 0xff; 1747 tf->hob_lbam = (block >> 32) & 0xff; 1748 tf->hob_lbal = (block >> 24) & 0xff; 1749 } else 1750 /* request too large even for LBA48 */ 1751 goto out_of_range; 1752 1753 tf->nsect = n_block & 0xff; 1754 1755 tf->lbah = (block >> 16) & 0xff; 1756 tf->lbam = (block >> 8) & 0xff; 1757 tf->lbal = block & 0xff; 1758 1759 tf->device |= ATA_LBA; 1760 } else { 1761 /* CHS */ 1762 u32 sect, head, cyl, track; 1763 1764 if (!lba_28_ok(block, n_block)) 1765 goto out_of_range; 1766 1767 /* Convert LBA to CHS */ 1768 track = (u32)block / dev->sectors; 1769 cyl = track / dev->heads; 1770 head = track % dev->heads; 1771 sect = (u32)block % dev->sectors + 1; 1772 1773 DPRINTK("block %u track %u cyl %u head %u sect %u\n", 1774 (u32)block, track, cyl, head, sect); 1775 1776 /* Check whether the converted CHS can fit. 1777 Cylinder: 0-65535 1778 Head: 0-15 1779 Sector: 1-255*/ 1780 if ((cyl >> 16) || (head >> 4) || (sect >> 8) || (!sect)) 1781 goto out_of_range; 1782 1783 tf->command = ATA_CMD_VERIFY; 1784 tf->nsect = n_block & 0xff; /* Sector count 0 means 256 sectors */ 1785 tf->lbal = sect; 1786 tf->lbam = cyl; 1787 tf->lbah = cyl >> 8; 1788 tf->device |= head; 1789 } 1790 1791 return 0; 1792 1793 invalid_fld: 1794 ata_scsi_set_invalid_field(qc->dev, scmd, fp, 0xff); 1795 return 1; 1796 1797 out_of_range: 1798 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x21, 0x0); 1799 /* "Logical Block Address out of range" */ 1800 return 1; 1801 1802 nothing_to_do: 1803 scmd->result = SAM_STAT_GOOD; 1804 return 1; 1805 } 1806 1807 /** 1808 * ata_scsi_rw_xlat - Translate SCSI r/w command into an ATA one 1809 * @qc: Storage for translated ATA taskfile 1810 * 1811 * Converts any of six SCSI read/write commands into the 1812 * ATA counterpart, including starting sector (LBA), 1813 * sector count, and taking into account the device's LBA48 1814 * support. 1815 * 1816 * Commands %READ_6, %READ_10, %READ_16, %WRITE_6, %WRITE_10, and 1817 * %WRITE_16 are currently supported. 1818 * 1819 * LOCKING: 1820 * spin_lock_irqsave(host lock) 1821 * 1822 * RETURNS: 1823 * Zero on success, non-zero on error. 1824 */ 1825 static unsigned int ata_scsi_rw_xlat(struct ata_queued_cmd *qc) 1826 { 1827 struct scsi_cmnd *scmd = qc->scsicmd; 1828 const u8 *cdb = scmd->cmnd; 1829 struct request *rq = scmd->request; 1830 int class = IOPRIO_PRIO_CLASS(req_get_ioprio(rq)); 1831 unsigned int tf_flags = 0; 1832 u64 block; 1833 u32 n_block; 1834 int rc; 1835 u16 fp = 0; 1836 1837 if (cdb[0] == WRITE_10 || cdb[0] == WRITE_6 || cdb[0] == WRITE_16) 1838 tf_flags |= ATA_TFLAG_WRITE; 1839 1840 /* Calculate the SCSI LBA, transfer length and FUA. */ 1841 switch (cdb[0]) { 1842 case READ_10: 1843 case WRITE_10: 1844 if (unlikely(scmd->cmd_len < 10)) { 1845 fp = 9; 1846 goto invalid_fld; 1847 } 1848 scsi_10_lba_len(cdb, &block, &n_block); 1849 if (cdb[1] & (1 << 3)) 1850 tf_flags |= ATA_TFLAG_FUA; 1851 break; 1852 case READ_6: 1853 case WRITE_6: 1854 if (unlikely(scmd->cmd_len < 6)) { 1855 fp = 5; 1856 goto invalid_fld; 1857 } 1858 scsi_6_lba_len(cdb, &block, &n_block); 1859 1860 /* for 6-byte r/w commands, transfer length 0 1861 * means 256 blocks of data, not 0 block. 1862 */ 1863 if (!n_block) 1864 n_block = 256; 1865 break; 1866 case READ_16: 1867 case WRITE_16: 1868 if (unlikely(scmd->cmd_len < 16)) { 1869 fp = 15; 1870 goto invalid_fld; 1871 } 1872 scsi_16_lba_len(cdb, &block, &n_block); 1873 if (cdb[1] & (1 << 3)) 1874 tf_flags |= ATA_TFLAG_FUA; 1875 break; 1876 default: 1877 DPRINTK("no-byte command\n"); 1878 fp = 0; 1879 goto invalid_fld; 1880 } 1881 1882 /* Check and compose ATA command */ 1883 if (!n_block) 1884 /* For 10-byte and 16-byte SCSI R/W commands, transfer 1885 * length 0 means transfer 0 block of data. 1886 * However, for ATA R/W commands, sector count 0 means 1887 * 256 or 65536 sectors, not 0 sectors as in SCSI. 1888 * 1889 * WARNING: one or two older ATA drives treat 0 as 0... 1890 */ 1891 goto nothing_to_do; 1892 1893 qc->flags |= ATA_QCFLAG_IO; 1894 qc->nbytes = n_block * scmd->device->sector_size; 1895 1896 rc = ata_build_rw_tf(&qc->tf, qc->dev, block, n_block, tf_flags, 1897 qc->tag, class); 1898 1899 if (likely(rc == 0)) 1900 return 0; 1901 1902 if (rc == -ERANGE) 1903 goto out_of_range; 1904 /* treat all other errors as -EINVAL, fall through */ 1905 invalid_fld: 1906 ata_scsi_set_invalid_field(qc->dev, scmd, fp, 0xff); 1907 return 1; 1908 1909 out_of_range: 1910 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x21, 0x0); 1911 /* "Logical Block Address out of range" */ 1912 return 1; 1913 1914 nothing_to_do: 1915 scmd->result = SAM_STAT_GOOD; 1916 return 1; 1917 } 1918 1919 static void ata_qc_done(struct ata_queued_cmd *qc) 1920 { 1921 struct scsi_cmnd *cmd = qc->scsicmd; 1922 void (*done)(struct scsi_cmnd *) = qc->scsidone; 1923 1924 ata_qc_free(qc); 1925 done(cmd); 1926 } 1927 1928 static void ata_scsi_qc_complete(struct ata_queued_cmd *qc) 1929 { 1930 struct ata_port *ap = qc->ap; 1931 struct scsi_cmnd *cmd = qc->scsicmd; 1932 u8 *cdb = cmd->cmnd; 1933 int need_sense = (qc->err_mask != 0); 1934 1935 /* For ATA pass thru (SAT) commands, generate a sense block if 1936 * user mandated it or if there's an error. Note that if we 1937 * generate because the user forced us to [CK_COND =1], a check 1938 * condition is generated and the ATA register values are returned 1939 * whether the command completed successfully or not. If there 1940 * was no error, we use the following sense data: 1941 * sk = RECOVERED ERROR 1942 * asc,ascq = ATA PASS-THROUGH INFORMATION AVAILABLE 1943 */ 1944 if (((cdb[0] == ATA_16) || (cdb[0] == ATA_12)) && 1945 ((cdb[2] & 0x20) || need_sense)) 1946 ata_gen_passthru_sense(qc); 1947 else if (qc->flags & ATA_QCFLAG_SENSE_VALID) 1948 cmd->result = SAM_STAT_CHECK_CONDITION; 1949 else if (need_sense) 1950 ata_gen_ata_sense(qc); 1951 else 1952 cmd->result = SAM_STAT_GOOD; 1953 1954 if (need_sense && !ap->ops->error_handler) 1955 ata_dump_status(ap->print_id, &qc->result_tf); 1956 1957 ata_qc_done(qc); 1958 } 1959 1960 /** 1961 * ata_scsi_translate - Translate then issue SCSI command to ATA device 1962 * @dev: ATA device to which the command is addressed 1963 * @cmd: SCSI command to execute 1964 * @xlat_func: Actor which translates @cmd to an ATA taskfile 1965 * 1966 * Our ->queuecommand() function has decided that the SCSI 1967 * command issued can be directly translated into an ATA 1968 * command, rather than handled internally. 1969 * 1970 * This function sets up an ata_queued_cmd structure for the 1971 * SCSI command, and sends that ata_queued_cmd to the hardware. 1972 * 1973 * The xlat_func argument (actor) returns 0 if ready to execute 1974 * ATA command, else 1 to finish translation. If 1 is returned 1975 * then cmd->result (and possibly cmd->sense_buffer) are assumed 1976 * to be set reflecting an error condition or clean (early) 1977 * termination. 1978 * 1979 * LOCKING: 1980 * spin_lock_irqsave(host lock) 1981 * 1982 * RETURNS: 1983 * 0 on success, SCSI_ML_QUEUE_DEVICE_BUSY if the command 1984 * needs to be deferred. 1985 */ 1986 static int ata_scsi_translate(struct ata_device *dev, struct scsi_cmnd *cmd, 1987 ata_xlat_func_t xlat_func) 1988 { 1989 struct ata_port *ap = dev->link->ap; 1990 struct ata_queued_cmd *qc; 1991 int rc; 1992 1993 VPRINTK("ENTER\n"); 1994 1995 qc = ata_scsi_qc_new(dev, cmd); 1996 if (!qc) 1997 goto err_mem; 1998 1999 /* data is present; dma-map it */ 2000 if (cmd->sc_data_direction == DMA_FROM_DEVICE || 2001 cmd->sc_data_direction == DMA_TO_DEVICE) { 2002 if (unlikely(scsi_bufflen(cmd) < 1)) { 2003 ata_dev_warn(dev, "WARNING: zero len r/w req\n"); 2004 goto err_did; 2005 } 2006 2007 ata_sg_init(qc, scsi_sglist(cmd), scsi_sg_count(cmd)); 2008 2009 qc->dma_dir = cmd->sc_data_direction; 2010 } 2011 2012 qc->complete_fn = ata_scsi_qc_complete; 2013 2014 if (xlat_func(qc)) 2015 goto early_finish; 2016 2017 if (ap->ops->qc_defer) { 2018 if ((rc = ap->ops->qc_defer(qc))) 2019 goto defer; 2020 } 2021 2022 /* select device, send command to hardware */ 2023 ata_qc_issue(qc); 2024 2025 VPRINTK("EXIT\n"); 2026 return 0; 2027 2028 early_finish: 2029 ata_qc_free(qc); 2030 cmd->scsi_done(cmd); 2031 DPRINTK("EXIT - early finish (good or error)\n"); 2032 return 0; 2033 2034 err_did: 2035 ata_qc_free(qc); 2036 cmd->result = (DID_ERROR << 16); 2037 cmd->scsi_done(cmd); 2038 err_mem: 2039 DPRINTK("EXIT - internal\n"); 2040 return 0; 2041 2042 defer: 2043 ata_qc_free(qc); 2044 DPRINTK("EXIT - defer\n"); 2045 if (rc == ATA_DEFER_LINK) 2046 return SCSI_MLQUEUE_DEVICE_BUSY; 2047 else 2048 return SCSI_MLQUEUE_HOST_BUSY; 2049 } 2050 2051 struct ata_scsi_args { 2052 struct ata_device *dev; 2053 u16 *id; 2054 struct scsi_cmnd *cmd; 2055 }; 2056 2057 /** 2058 * ata_scsi_rbuf_get - Map response buffer. 2059 * @cmd: SCSI command containing buffer to be mapped. 2060 * @flags: unsigned long variable to store irq enable status 2061 * @copy_in: copy in from user buffer 2062 * 2063 * Prepare buffer for simulated SCSI commands. 2064 * 2065 * LOCKING: 2066 * spin_lock_irqsave(ata_scsi_rbuf_lock) on success 2067 * 2068 * RETURNS: 2069 * Pointer to response buffer. 2070 */ 2071 static void *ata_scsi_rbuf_get(struct scsi_cmnd *cmd, bool copy_in, 2072 unsigned long *flags) 2073 { 2074 spin_lock_irqsave(&ata_scsi_rbuf_lock, *flags); 2075 2076 memset(ata_scsi_rbuf, 0, ATA_SCSI_RBUF_SIZE); 2077 if (copy_in) 2078 sg_copy_to_buffer(scsi_sglist(cmd), scsi_sg_count(cmd), 2079 ata_scsi_rbuf, ATA_SCSI_RBUF_SIZE); 2080 return ata_scsi_rbuf; 2081 } 2082 2083 /** 2084 * ata_scsi_rbuf_put - Unmap response buffer. 2085 * @cmd: SCSI command containing buffer to be unmapped. 2086 * @copy_out: copy out result 2087 * @flags: @flags passed to ata_scsi_rbuf_get() 2088 * 2089 * Returns rbuf buffer. The result is copied to @cmd's buffer if 2090 * @copy_back is true. 2091 * 2092 * LOCKING: 2093 * Unlocks ata_scsi_rbuf_lock. 2094 */ 2095 static inline void ata_scsi_rbuf_put(struct scsi_cmnd *cmd, bool copy_out, 2096 unsigned long *flags) 2097 { 2098 if (copy_out) 2099 sg_copy_from_buffer(scsi_sglist(cmd), scsi_sg_count(cmd), 2100 ata_scsi_rbuf, ATA_SCSI_RBUF_SIZE); 2101 spin_unlock_irqrestore(&ata_scsi_rbuf_lock, *flags); 2102 } 2103 2104 /** 2105 * ata_scsi_rbuf_fill - wrapper for SCSI command simulators 2106 * @args: device IDENTIFY data / SCSI command of interest. 2107 * @actor: Callback hook for desired SCSI command simulator 2108 * 2109 * Takes care of the hard work of simulating a SCSI command... 2110 * Mapping the response buffer, calling the command's handler, 2111 * and handling the handler's return value. This return value 2112 * indicates whether the handler wishes the SCSI command to be 2113 * completed successfully (0), or not (in which case cmd->result 2114 * and sense buffer are assumed to be set). 2115 * 2116 * LOCKING: 2117 * spin_lock_irqsave(host lock) 2118 */ 2119 static void ata_scsi_rbuf_fill(struct ata_scsi_args *args, 2120 unsigned int (*actor)(struct ata_scsi_args *args, u8 *rbuf)) 2121 { 2122 u8 *rbuf; 2123 unsigned int rc; 2124 struct scsi_cmnd *cmd = args->cmd; 2125 unsigned long flags; 2126 2127 rbuf = ata_scsi_rbuf_get(cmd, false, &flags); 2128 rc = actor(args, rbuf); 2129 ata_scsi_rbuf_put(cmd, rc == 0, &flags); 2130 2131 if (rc == 0) 2132 cmd->result = SAM_STAT_GOOD; 2133 } 2134 2135 /** 2136 * ata_scsiop_inq_std - Simulate INQUIRY command 2137 * @args: device IDENTIFY data / SCSI command of interest. 2138 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2139 * 2140 * Returns standard device identification data associated 2141 * with non-VPD INQUIRY command output. 2142 * 2143 * LOCKING: 2144 * spin_lock_irqsave(host lock) 2145 */ 2146 static unsigned int ata_scsiop_inq_std(struct ata_scsi_args *args, u8 *rbuf) 2147 { 2148 const u8 versions[] = { 2149 0x00, 2150 0x60, /* SAM-3 (no version claimed) */ 2151 2152 0x03, 2153 0x20, /* SBC-2 (no version claimed) */ 2154 2155 0x03, 2156 0x00 /* SPC-3 (no version claimed) */ 2157 }; 2158 const u8 versions_zbc[] = { 2159 0x00, 2160 0xA0, /* SAM-5 (no version claimed) */ 2161 2162 0x06, 2163 0x00, /* SBC-4 (no version claimed) */ 2164 2165 0x05, 2166 0xC0, /* SPC-5 (no version claimed) */ 2167 2168 0x60, 2169 0x24, /* ZBC r05 */ 2170 }; 2171 2172 u8 hdr[] = { 2173 TYPE_DISK, 2174 0, 2175 0x5, /* claim SPC-3 version compatibility */ 2176 2, 2177 95 - 4, 2178 0, 2179 0, 2180 2 2181 }; 2182 2183 VPRINTK("ENTER\n"); 2184 2185 /* set scsi removable (RMB) bit per ata bit, or if the 2186 * AHCI port says it's external (Hotplug-capable, eSATA). 2187 */ 2188 if (ata_id_removable(args->id) || 2189 (args->dev->link->ap->pflags & ATA_PFLAG_EXTERNAL)) 2190 hdr[1] |= (1 << 7); 2191 2192 if (args->dev->class == ATA_DEV_ZAC) { 2193 hdr[0] = TYPE_ZBC; 2194 hdr[2] = 0x7; /* claim SPC-5 version compatibility */ 2195 } 2196 2197 memcpy(rbuf, hdr, sizeof(hdr)); 2198 memcpy(&rbuf[8], "ATA ", 8); 2199 ata_id_string(args->id, &rbuf[16], ATA_ID_PROD, 16); 2200 2201 /* From SAT, use last 2 words from fw rev unless they are spaces */ 2202 ata_id_string(args->id, &rbuf[32], ATA_ID_FW_REV + 2, 4); 2203 if (strncmp(&rbuf[32], " ", 4) == 0) 2204 ata_id_string(args->id, &rbuf[32], ATA_ID_FW_REV, 4); 2205 2206 if (rbuf[32] == 0 || rbuf[32] == ' ') 2207 memcpy(&rbuf[32], "n/a ", 4); 2208 2209 if (ata_id_zoned_cap(args->id) || args->dev->class == ATA_DEV_ZAC) 2210 memcpy(rbuf + 58, versions_zbc, sizeof(versions_zbc)); 2211 else 2212 memcpy(rbuf + 58, versions, sizeof(versions)); 2213 2214 return 0; 2215 } 2216 2217 /** 2218 * ata_scsiop_inq_00 - Simulate INQUIRY VPD page 0, list of pages 2219 * @args: device IDENTIFY data / SCSI command of interest. 2220 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2221 * 2222 * Returns list of inquiry VPD pages available. 2223 * 2224 * LOCKING: 2225 * spin_lock_irqsave(host lock) 2226 */ 2227 static unsigned int ata_scsiop_inq_00(struct ata_scsi_args *args, u8 *rbuf) 2228 { 2229 int num_pages; 2230 const u8 pages[] = { 2231 0x00, /* page 0x00, this page */ 2232 0x80, /* page 0x80, unit serial no page */ 2233 0x83, /* page 0x83, device ident page */ 2234 0x89, /* page 0x89, ata info page */ 2235 0xb0, /* page 0xb0, block limits page */ 2236 0xb1, /* page 0xb1, block device characteristics page */ 2237 0xb2, /* page 0xb2, thin provisioning page */ 2238 0xb6, /* page 0xb6, zoned block device characteristics */ 2239 }; 2240 2241 num_pages = sizeof(pages); 2242 if (!(args->dev->flags & ATA_DFLAG_ZAC)) 2243 num_pages--; 2244 rbuf[3] = num_pages; /* number of supported VPD pages */ 2245 memcpy(rbuf + 4, pages, num_pages); 2246 return 0; 2247 } 2248 2249 /** 2250 * ata_scsiop_inq_80 - Simulate INQUIRY VPD page 80, device serial number 2251 * @args: device IDENTIFY data / SCSI command of interest. 2252 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2253 * 2254 * Returns ATA device serial number. 2255 * 2256 * LOCKING: 2257 * spin_lock_irqsave(host lock) 2258 */ 2259 static unsigned int ata_scsiop_inq_80(struct ata_scsi_args *args, u8 *rbuf) 2260 { 2261 const u8 hdr[] = { 2262 0, 2263 0x80, /* this page code */ 2264 0, 2265 ATA_ID_SERNO_LEN, /* page len */ 2266 }; 2267 2268 memcpy(rbuf, hdr, sizeof(hdr)); 2269 ata_id_string(args->id, (unsigned char *) &rbuf[4], 2270 ATA_ID_SERNO, ATA_ID_SERNO_LEN); 2271 return 0; 2272 } 2273 2274 /** 2275 * ata_scsiop_inq_83 - Simulate INQUIRY VPD page 83, device identity 2276 * @args: device IDENTIFY data / SCSI command of interest. 2277 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2278 * 2279 * Yields two logical unit device identification designators: 2280 * - vendor specific ASCII containing the ATA serial number 2281 * - SAT defined "t10 vendor id based" containing ASCII vendor 2282 * name ("ATA "), model and serial numbers. 2283 * 2284 * LOCKING: 2285 * spin_lock_irqsave(host lock) 2286 */ 2287 static unsigned int ata_scsiop_inq_83(struct ata_scsi_args *args, u8 *rbuf) 2288 { 2289 const int sat_model_serial_desc_len = 68; 2290 int num; 2291 2292 rbuf[1] = 0x83; /* this page code */ 2293 num = 4; 2294 2295 /* piv=0, assoc=lu, code_set=ACSII, designator=vendor */ 2296 rbuf[num + 0] = 2; 2297 rbuf[num + 3] = ATA_ID_SERNO_LEN; 2298 num += 4; 2299 ata_id_string(args->id, (unsigned char *) rbuf + num, 2300 ATA_ID_SERNO, ATA_ID_SERNO_LEN); 2301 num += ATA_ID_SERNO_LEN; 2302 2303 /* SAT defined lu model and serial numbers descriptor */ 2304 /* piv=0, assoc=lu, code_set=ACSII, designator=t10 vendor id */ 2305 rbuf[num + 0] = 2; 2306 rbuf[num + 1] = 1; 2307 rbuf[num + 3] = sat_model_serial_desc_len; 2308 num += 4; 2309 memcpy(rbuf + num, "ATA ", 8); 2310 num += 8; 2311 ata_id_string(args->id, (unsigned char *) rbuf + num, ATA_ID_PROD, 2312 ATA_ID_PROD_LEN); 2313 num += ATA_ID_PROD_LEN; 2314 ata_id_string(args->id, (unsigned char *) rbuf + num, ATA_ID_SERNO, 2315 ATA_ID_SERNO_LEN); 2316 num += ATA_ID_SERNO_LEN; 2317 2318 if (ata_id_has_wwn(args->id)) { 2319 /* SAT defined lu world wide name */ 2320 /* piv=0, assoc=lu, code_set=binary, designator=NAA */ 2321 rbuf[num + 0] = 1; 2322 rbuf[num + 1] = 3; 2323 rbuf[num + 3] = ATA_ID_WWN_LEN; 2324 num += 4; 2325 ata_id_string(args->id, (unsigned char *) rbuf + num, 2326 ATA_ID_WWN, ATA_ID_WWN_LEN); 2327 num += ATA_ID_WWN_LEN; 2328 } 2329 rbuf[3] = num - 4; /* page len (assume less than 256 bytes) */ 2330 return 0; 2331 } 2332 2333 /** 2334 * ata_scsiop_inq_89 - Simulate INQUIRY VPD page 89, ATA info 2335 * @args: device IDENTIFY data / SCSI command of interest. 2336 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2337 * 2338 * Yields SAT-specified ATA VPD page. 2339 * 2340 * LOCKING: 2341 * spin_lock_irqsave(host lock) 2342 */ 2343 static unsigned int ata_scsiop_inq_89(struct ata_scsi_args *args, u8 *rbuf) 2344 { 2345 struct ata_taskfile tf; 2346 2347 memset(&tf, 0, sizeof(tf)); 2348 2349 rbuf[1] = 0x89; /* our page code */ 2350 rbuf[2] = (0x238 >> 8); /* page size fixed at 238h */ 2351 rbuf[3] = (0x238 & 0xff); 2352 2353 memcpy(&rbuf[8], "linux ", 8); 2354 memcpy(&rbuf[16], "libata ", 16); 2355 memcpy(&rbuf[32], DRV_VERSION, 4); 2356 2357 /* we don't store the ATA device signature, so we fake it */ 2358 2359 tf.command = ATA_DRDY; /* really, this is Status reg */ 2360 tf.lbal = 0x1; 2361 tf.nsect = 0x1; 2362 2363 ata_tf_to_fis(&tf, 0, 1, &rbuf[36]); /* TODO: PMP? */ 2364 rbuf[36] = 0x34; /* force D2H Reg FIS (34h) */ 2365 2366 rbuf[56] = ATA_CMD_ID_ATA; 2367 2368 memcpy(&rbuf[60], &args->id[0], 512); 2369 return 0; 2370 } 2371 2372 static unsigned int ata_scsiop_inq_b0(struct ata_scsi_args *args, u8 *rbuf) 2373 { 2374 u16 min_io_sectors; 2375 2376 rbuf[1] = 0xb0; 2377 rbuf[3] = 0x3c; /* required VPD size with unmap support */ 2378 2379 /* 2380 * Optimal transfer length granularity. 2381 * 2382 * This is always one physical block, but for disks with a smaller 2383 * logical than physical sector size we need to figure out what the 2384 * latter is. 2385 */ 2386 min_io_sectors = 1 << ata_id_log2_per_physical_sector(args->id); 2387 put_unaligned_be16(min_io_sectors, &rbuf[6]); 2388 2389 /* 2390 * Optimal unmap granularity. 2391 * 2392 * The ATA spec doesn't even know about a granularity or alignment 2393 * for the TRIM command. We can leave away most of the unmap related 2394 * VPD page entries, but we have specifify a granularity to signal 2395 * that we support some form of unmap - in thise case via WRITE SAME 2396 * with the unmap bit set. 2397 */ 2398 if (ata_id_has_trim(args->id)) { 2399 put_unaligned_be64(65535 * ATA_MAX_TRIM_RNUM, &rbuf[36]); 2400 put_unaligned_be32(1, &rbuf[28]); 2401 } 2402 2403 return 0; 2404 } 2405 2406 static unsigned int ata_scsiop_inq_b1(struct ata_scsi_args *args, u8 *rbuf) 2407 { 2408 int form_factor = ata_id_form_factor(args->id); 2409 int media_rotation_rate = ata_id_rotation_rate(args->id); 2410 u8 zoned = ata_id_zoned_cap(args->id); 2411 2412 rbuf[1] = 0xb1; 2413 rbuf[3] = 0x3c; 2414 rbuf[4] = media_rotation_rate >> 8; 2415 rbuf[5] = media_rotation_rate; 2416 rbuf[7] = form_factor; 2417 if (zoned) 2418 rbuf[8] = (zoned << 4); 2419 2420 return 0; 2421 } 2422 2423 static unsigned int ata_scsiop_inq_b2(struct ata_scsi_args *args, u8 *rbuf) 2424 { 2425 /* SCSI Thin Provisioning VPD page: SBC-3 rev 22 or later */ 2426 rbuf[1] = 0xb2; 2427 rbuf[3] = 0x4; 2428 rbuf[5] = 1 << 6; /* TPWS */ 2429 2430 return 0; 2431 } 2432 2433 static unsigned int ata_scsiop_inq_b6(struct ata_scsi_args *args, u8 *rbuf) 2434 { 2435 /* 2436 * zbc-r05 SCSI Zoned Block device characteristics VPD page 2437 */ 2438 rbuf[1] = 0xb6; 2439 rbuf[3] = 0x3C; 2440 2441 /* 2442 * URSWRZ bit is only meaningful for host-managed ZAC drives 2443 */ 2444 if (args->dev->zac_zoned_cap & 1) 2445 rbuf[4] |= 1; 2446 put_unaligned_be32(args->dev->zac_zones_optimal_open, &rbuf[8]); 2447 put_unaligned_be32(args->dev->zac_zones_optimal_nonseq, &rbuf[12]); 2448 put_unaligned_be32(args->dev->zac_zones_max_open, &rbuf[16]); 2449 2450 return 0; 2451 } 2452 2453 /** 2454 * modecpy - Prepare response for MODE SENSE 2455 * @dest: output buffer 2456 * @src: data being copied 2457 * @n: length of mode page 2458 * @changeable: whether changeable parameters are requested 2459 * 2460 * Generate a generic MODE SENSE page for either current or changeable 2461 * parameters. 2462 * 2463 * LOCKING: 2464 * None. 2465 */ 2466 static void modecpy(u8 *dest, const u8 *src, int n, bool changeable) 2467 { 2468 if (changeable) { 2469 memcpy(dest, src, 2); 2470 memset(dest + 2, 0, n - 2); 2471 } else { 2472 memcpy(dest, src, n); 2473 } 2474 } 2475 2476 /** 2477 * ata_msense_caching - Simulate MODE SENSE caching info page 2478 * @id: device IDENTIFY data 2479 * @buf: output buffer 2480 * @changeable: whether changeable parameters are requested 2481 * 2482 * Generate a caching info page, which conditionally indicates 2483 * write caching to the SCSI layer, depending on device 2484 * capabilities. 2485 * 2486 * LOCKING: 2487 * None. 2488 */ 2489 static unsigned int ata_msense_caching(u16 *id, u8 *buf, bool changeable) 2490 { 2491 modecpy(buf, def_cache_mpage, sizeof(def_cache_mpage), changeable); 2492 if (changeable) { 2493 buf[2] |= (1 << 2); /* ata_mselect_caching() */ 2494 } else { 2495 buf[2] |= (ata_id_wcache_enabled(id) << 2); /* write cache enable */ 2496 buf[12] |= (!ata_id_rahead_enabled(id) << 5); /* disable read ahead */ 2497 } 2498 return sizeof(def_cache_mpage); 2499 } 2500 2501 /** 2502 * ata_msense_control - Simulate MODE SENSE control mode page 2503 * @dev: ATA device of interest 2504 * @buf: output buffer 2505 * @changeable: whether changeable parameters are requested 2506 * 2507 * Generate a generic MODE SENSE control mode page. 2508 * 2509 * LOCKING: 2510 * None. 2511 */ 2512 static unsigned int ata_msense_control(struct ata_device *dev, u8 *buf, 2513 bool changeable) 2514 { 2515 modecpy(buf, def_control_mpage, sizeof(def_control_mpage), changeable); 2516 if (changeable) { 2517 buf[2] |= (1 << 2); /* ata_mselect_control() */ 2518 } else { 2519 bool d_sense = (dev->flags & ATA_DFLAG_D_SENSE); 2520 2521 buf[2] |= (d_sense << 2); /* descriptor format sense data */ 2522 } 2523 return sizeof(def_control_mpage); 2524 } 2525 2526 /** 2527 * ata_msense_rw_recovery - Simulate MODE SENSE r/w error recovery page 2528 * @buf: output buffer 2529 * @changeable: whether changeable parameters are requested 2530 * 2531 * Generate a generic MODE SENSE r/w error recovery page. 2532 * 2533 * LOCKING: 2534 * None. 2535 */ 2536 static unsigned int ata_msense_rw_recovery(u8 *buf, bool changeable) 2537 { 2538 modecpy(buf, def_rw_recovery_mpage, sizeof(def_rw_recovery_mpage), 2539 changeable); 2540 return sizeof(def_rw_recovery_mpage); 2541 } 2542 2543 /* 2544 * We can turn this into a real blacklist if it's needed, for now just 2545 * blacklist any Maxtor BANC1G10 revision firmware 2546 */ 2547 static int ata_dev_supports_fua(u16 *id) 2548 { 2549 unsigned char model[ATA_ID_PROD_LEN + 1], fw[ATA_ID_FW_REV_LEN + 1]; 2550 2551 if (!libata_fua) 2552 return 0; 2553 if (!ata_id_has_fua(id)) 2554 return 0; 2555 2556 ata_id_c_string(id, model, ATA_ID_PROD, sizeof(model)); 2557 ata_id_c_string(id, fw, ATA_ID_FW_REV, sizeof(fw)); 2558 2559 if (strcmp(model, "Maxtor")) 2560 return 1; 2561 if (strcmp(fw, "BANC1G10")) 2562 return 1; 2563 2564 return 0; /* blacklisted */ 2565 } 2566 2567 /** 2568 * ata_scsiop_mode_sense - Simulate MODE SENSE 6, 10 commands 2569 * @args: device IDENTIFY data / SCSI command of interest. 2570 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2571 * 2572 * Simulate MODE SENSE commands. Assume this is invoked for direct 2573 * access devices (e.g. disks) only. There should be no block 2574 * descriptor for other device types. 2575 * 2576 * LOCKING: 2577 * spin_lock_irqsave(host lock) 2578 */ 2579 static unsigned int ata_scsiop_mode_sense(struct ata_scsi_args *args, u8 *rbuf) 2580 { 2581 struct ata_device *dev = args->dev; 2582 u8 *scsicmd = args->cmd->cmnd, *p = rbuf; 2583 const u8 sat_blk_desc[] = { 2584 0, 0, 0, 0, /* number of blocks: sat unspecified */ 2585 0, 2586 0, 0x2, 0x0 /* block length: 512 bytes */ 2587 }; 2588 u8 pg, spg; 2589 unsigned int ebd, page_control, six_byte; 2590 u8 dpofua, bp = 0xff; 2591 u16 fp; 2592 2593 VPRINTK("ENTER\n"); 2594 2595 six_byte = (scsicmd[0] == MODE_SENSE); 2596 ebd = !(scsicmd[1] & 0x8); /* dbd bit inverted == edb */ 2597 /* 2598 * LLBA bit in msense(10) ignored (compliant) 2599 */ 2600 2601 page_control = scsicmd[2] >> 6; 2602 switch (page_control) { 2603 case 0: /* current */ 2604 case 1: /* changeable */ 2605 case 2: /* defaults */ 2606 break; /* supported */ 2607 case 3: /* saved */ 2608 goto saving_not_supp; 2609 default: 2610 fp = 2; 2611 bp = 6; 2612 goto invalid_fld; 2613 } 2614 2615 if (six_byte) 2616 p += 4 + (ebd ? 8 : 0); 2617 else 2618 p += 8 + (ebd ? 8 : 0); 2619 2620 pg = scsicmd[2] & 0x3f; 2621 spg = scsicmd[3]; 2622 /* 2623 * No mode subpages supported (yet) but asking for _all_ 2624 * subpages may be valid 2625 */ 2626 if (spg && (spg != ALL_SUB_MPAGES)) { 2627 fp = 3; 2628 goto invalid_fld; 2629 } 2630 2631 switch(pg) { 2632 case RW_RECOVERY_MPAGE: 2633 p += ata_msense_rw_recovery(p, page_control == 1); 2634 break; 2635 2636 case CACHE_MPAGE: 2637 p += ata_msense_caching(args->id, p, page_control == 1); 2638 break; 2639 2640 case CONTROL_MPAGE: 2641 p += ata_msense_control(args->dev, p, page_control == 1); 2642 break; 2643 2644 case ALL_MPAGES: 2645 p += ata_msense_rw_recovery(p, page_control == 1); 2646 p += ata_msense_caching(args->id, p, page_control == 1); 2647 p += ata_msense_control(args->dev, p, page_control == 1); 2648 break; 2649 2650 default: /* invalid page code */ 2651 fp = 2; 2652 goto invalid_fld; 2653 } 2654 2655 dpofua = 0; 2656 if (ata_dev_supports_fua(args->id) && (dev->flags & ATA_DFLAG_LBA48) && 2657 (!(dev->flags & ATA_DFLAG_PIO) || dev->multi_count)) 2658 dpofua = 1 << 4; 2659 2660 if (six_byte) { 2661 rbuf[0] = p - rbuf - 1; 2662 rbuf[2] |= dpofua; 2663 if (ebd) { 2664 rbuf[3] = sizeof(sat_blk_desc); 2665 memcpy(rbuf + 4, sat_blk_desc, sizeof(sat_blk_desc)); 2666 } 2667 } else { 2668 unsigned int output_len = p - rbuf - 2; 2669 2670 rbuf[0] = output_len >> 8; 2671 rbuf[1] = output_len; 2672 rbuf[3] |= dpofua; 2673 if (ebd) { 2674 rbuf[7] = sizeof(sat_blk_desc); 2675 memcpy(rbuf + 8, sat_blk_desc, sizeof(sat_blk_desc)); 2676 } 2677 } 2678 return 0; 2679 2680 invalid_fld: 2681 ata_scsi_set_invalid_field(dev, args->cmd, fp, bp); 2682 return 1; 2683 2684 saving_not_supp: 2685 ata_scsi_set_sense(dev, args->cmd, ILLEGAL_REQUEST, 0x39, 0x0); 2686 /* "Saving parameters not supported" */ 2687 return 1; 2688 } 2689 2690 /** 2691 * ata_scsiop_read_cap - Simulate READ CAPACITY[ 16] commands 2692 * @args: device IDENTIFY data / SCSI command of interest. 2693 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2694 * 2695 * Simulate READ CAPACITY commands. 2696 * 2697 * LOCKING: 2698 * None. 2699 */ 2700 static unsigned int ata_scsiop_read_cap(struct ata_scsi_args *args, u8 *rbuf) 2701 { 2702 struct ata_device *dev = args->dev; 2703 u64 last_lba = dev->n_sectors - 1; /* LBA of the last block */ 2704 u32 sector_size; /* physical sector size in bytes */ 2705 u8 log2_per_phys; 2706 u16 lowest_aligned; 2707 2708 sector_size = ata_id_logical_sector_size(dev->id); 2709 log2_per_phys = ata_id_log2_per_physical_sector(dev->id); 2710 lowest_aligned = ata_id_logical_sector_offset(dev->id, log2_per_phys); 2711 2712 VPRINTK("ENTER\n"); 2713 2714 if (args->cmd->cmnd[0] == READ_CAPACITY) { 2715 if (last_lba >= 0xffffffffULL) 2716 last_lba = 0xffffffff; 2717 2718 /* sector count, 32-bit */ 2719 rbuf[0] = last_lba >> (8 * 3); 2720 rbuf[1] = last_lba >> (8 * 2); 2721 rbuf[2] = last_lba >> (8 * 1); 2722 rbuf[3] = last_lba; 2723 2724 /* sector size */ 2725 rbuf[4] = sector_size >> (8 * 3); 2726 rbuf[5] = sector_size >> (8 * 2); 2727 rbuf[6] = sector_size >> (8 * 1); 2728 rbuf[7] = sector_size; 2729 } else { 2730 /* sector count, 64-bit */ 2731 rbuf[0] = last_lba >> (8 * 7); 2732 rbuf[1] = last_lba >> (8 * 6); 2733 rbuf[2] = last_lba >> (8 * 5); 2734 rbuf[3] = last_lba >> (8 * 4); 2735 rbuf[4] = last_lba >> (8 * 3); 2736 rbuf[5] = last_lba >> (8 * 2); 2737 rbuf[6] = last_lba >> (8 * 1); 2738 rbuf[7] = last_lba; 2739 2740 /* sector size */ 2741 rbuf[ 8] = sector_size >> (8 * 3); 2742 rbuf[ 9] = sector_size >> (8 * 2); 2743 rbuf[10] = sector_size >> (8 * 1); 2744 rbuf[11] = sector_size; 2745 2746 rbuf[12] = 0; 2747 rbuf[13] = log2_per_phys; 2748 rbuf[14] = (lowest_aligned >> 8) & 0x3f; 2749 rbuf[15] = lowest_aligned; 2750 2751 if (ata_id_has_trim(args->id) && 2752 !(dev->horkage & ATA_HORKAGE_NOTRIM)) { 2753 rbuf[14] |= 0x80; /* LBPME */ 2754 2755 if (ata_id_has_zero_after_trim(args->id) && 2756 dev->horkage & ATA_HORKAGE_ZERO_AFTER_TRIM) { 2757 ata_dev_info(dev, "Enabling discard_zeroes_data\n"); 2758 rbuf[14] |= 0x40; /* LBPRZ */ 2759 } 2760 } 2761 if (ata_id_zoned_cap(args->id) || 2762 args->dev->class == ATA_DEV_ZAC) 2763 rbuf[12] = (1 << 4); /* RC_BASIS */ 2764 } 2765 return 0; 2766 } 2767 2768 /** 2769 * ata_scsiop_report_luns - Simulate REPORT LUNS command 2770 * @args: device IDENTIFY data / SCSI command of interest. 2771 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2772 * 2773 * Simulate REPORT LUNS command. 2774 * 2775 * LOCKING: 2776 * spin_lock_irqsave(host lock) 2777 */ 2778 static unsigned int ata_scsiop_report_luns(struct ata_scsi_args *args, u8 *rbuf) 2779 { 2780 VPRINTK("ENTER\n"); 2781 rbuf[3] = 8; /* just one lun, LUN 0, size 8 bytes */ 2782 2783 return 0; 2784 } 2785 2786 static void atapi_sense_complete(struct ata_queued_cmd *qc) 2787 { 2788 if (qc->err_mask && ((qc->err_mask & AC_ERR_DEV) == 0)) { 2789 /* FIXME: not quite right; we don't want the 2790 * translation of taskfile registers into 2791 * a sense descriptors, since that's only 2792 * correct for ATA, not ATAPI 2793 */ 2794 ata_gen_passthru_sense(qc); 2795 } 2796 2797 ata_qc_done(qc); 2798 } 2799 2800 /* is it pointless to prefer PIO for "safety reasons"? */ 2801 static inline int ata_pio_use_silly(struct ata_port *ap) 2802 { 2803 return (ap->flags & ATA_FLAG_PIO_DMA); 2804 } 2805 2806 static void atapi_request_sense(struct ata_queued_cmd *qc) 2807 { 2808 struct ata_port *ap = qc->ap; 2809 struct scsi_cmnd *cmd = qc->scsicmd; 2810 2811 DPRINTK("ATAPI request sense\n"); 2812 2813 memset(cmd->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE); 2814 2815 #ifdef CONFIG_ATA_SFF 2816 if (ap->ops->sff_tf_read) 2817 ap->ops->sff_tf_read(ap, &qc->tf); 2818 #endif 2819 2820 /* fill these in, for the case where they are -not- overwritten */ 2821 cmd->sense_buffer[0] = 0x70; 2822 cmd->sense_buffer[2] = qc->tf.feature >> 4; 2823 2824 ata_qc_reinit(qc); 2825 2826 /* setup sg table and init transfer direction */ 2827 sg_init_one(&qc->sgent, cmd->sense_buffer, SCSI_SENSE_BUFFERSIZE); 2828 ata_sg_init(qc, &qc->sgent, 1); 2829 qc->dma_dir = DMA_FROM_DEVICE; 2830 2831 memset(&qc->cdb, 0, qc->dev->cdb_len); 2832 qc->cdb[0] = REQUEST_SENSE; 2833 qc->cdb[4] = SCSI_SENSE_BUFFERSIZE; 2834 2835 qc->tf.flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE; 2836 qc->tf.command = ATA_CMD_PACKET; 2837 2838 if (ata_pio_use_silly(ap)) { 2839 qc->tf.protocol = ATAPI_PROT_DMA; 2840 qc->tf.feature |= ATAPI_PKT_DMA; 2841 } else { 2842 qc->tf.protocol = ATAPI_PROT_PIO; 2843 qc->tf.lbam = SCSI_SENSE_BUFFERSIZE; 2844 qc->tf.lbah = 0; 2845 } 2846 qc->nbytes = SCSI_SENSE_BUFFERSIZE; 2847 2848 qc->complete_fn = atapi_sense_complete; 2849 2850 ata_qc_issue(qc); 2851 2852 DPRINTK("EXIT\n"); 2853 } 2854 2855 /* 2856 * ATAPI devices typically report zero for their SCSI version, and sometimes 2857 * deviate from the spec WRT response data format. If SCSI version is 2858 * reported as zero like normal, then we make the following fixups: 2859 * 1) Fake MMC-5 version, to indicate to the Linux scsi midlayer this is a 2860 * modern device. 2861 * 2) Ensure response data format / ATAPI information are always correct. 2862 */ 2863 static void atapi_fixup_inquiry(struct scsi_cmnd *cmd) 2864 { 2865 u8 buf[4]; 2866 2867 sg_copy_to_buffer(scsi_sglist(cmd), scsi_sg_count(cmd), buf, 4); 2868 if (buf[2] == 0) { 2869 buf[2] = 0x5; 2870 buf[3] = 0x32; 2871 } 2872 sg_copy_from_buffer(scsi_sglist(cmd), scsi_sg_count(cmd), buf, 4); 2873 } 2874 2875 static void atapi_qc_complete(struct ata_queued_cmd *qc) 2876 { 2877 struct scsi_cmnd *cmd = qc->scsicmd; 2878 unsigned int err_mask = qc->err_mask; 2879 2880 VPRINTK("ENTER, err_mask 0x%X\n", err_mask); 2881 2882 /* handle completion from new EH */ 2883 if (unlikely(qc->ap->ops->error_handler && 2884 (err_mask || qc->flags & ATA_QCFLAG_SENSE_VALID))) { 2885 2886 if (!(qc->flags & ATA_QCFLAG_SENSE_VALID)) { 2887 /* FIXME: not quite right; we don't want the 2888 * translation of taskfile registers into a 2889 * sense descriptors, since that's only 2890 * correct for ATA, not ATAPI 2891 */ 2892 ata_gen_passthru_sense(qc); 2893 } 2894 2895 /* SCSI EH automatically locks door if sdev->locked is 2896 * set. Sometimes door lock request continues to 2897 * fail, for example, when no media is present. This 2898 * creates a loop - SCSI EH issues door lock which 2899 * fails and gets invoked again to acquire sense data 2900 * for the failed command. 2901 * 2902 * If door lock fails, always clear sdev->locked to 2903 * avoid this infinite loop. 2904 * 2905 * This may happen before SCSI scan is complete. Make 2906 * sure qc->dev->sdev isn't NULL before dereferencing. 2907 */ 2908 if (qc->cdb[0] == ALLOW_MEDIUM_REMOVAL && qc->dev->sdev) 2909 qc->dev->sdev->locked = 0; 2910 2911 qc->scsicmd->result = SAM_STAT_CHECK_CONDITION; 2912 ata_qc_done(qc); 2913 return; 2914 } 2915 2916 /* successful completion or old EH failure path */ 2917 if (unlikely(err_mask & AC_ERR_DEV)) { 2918 cmd->result = SAM_STAT_CHECK_CONDITION; 2919 atapi_request_sense(qc); 2920 return; 2921 } else if (unlikely(err_mask)) { 2922 /* FIXME: not quite right; we don't want the 2923 * translation of taskfile registers into 2924 * a sense descriptors, since that's only 2925 * correct for ATA, not ATAPI 2926 */ 2927 ata_gen_passthru_sense(qc); 2928 } else { 2929 if (cmd->cmnd[0] == INQUIRY && (cmd->cmnd[1] & 0x03) == 0) 2930 atapi_fixup_inquiry(cmd); 2931 cmd->result = SAM_STAT_GOOD; 2932 } 2933 2934 ata_qc_done(qc); 2935 } 2936 /** 2937 * atapi_xlat - Initialize PACKET taskfile 2938 * @qc: command structure to be initialized 2939 * 2940 * LOCKING: 2941 * spin_lock_irqsave(host lock) 2942 * 2943 * RETURNS: 2944 * Zero on success, non-zero on failure. 2945 */ 2946 static unsigned int atapi_xlat(struct ata_queued_cmd *qc) 2947 { 2948 struct scsi_cmnd *scmd = qc->scsicmd; 2949 struct ata_device *dev = qc->dev; 2950 int nodata = (scmd->sc_data_direction == DMA_NONE); 2951 int using_pio = !nodata && (dev->flags & ATA_DFLAG_PIO); 2952 unsigned int nbytes; 2953 2954 memset(qc->cdb, 0, dev->cdb_len); 2955 memcpy(qc->cdb, scmd->cmnd, scmd->cmd_len); 2956 2957 qc->complete_fn = atapi_qc_complete; 2958 2959 qc->tf.flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE; 2960 if (scmd->sc_data_direction == DMA_TO_DEVICE) { 2961 qc->tf.flags |= ATA_TFLAG_WRITE; 2962 DPRINTK("direction: write\n"); 2963 } 2964 2965 qc->tf.command = ATA_CMD_PACKET; 2966 ata_qc_set_pc_nbytes(qc); 2967 2968 /* check whether ATAPI DMA is safe */ 2969 if (!nodata && !using_pio && atapi_check_dma(qc)) 2970 using_pio = 1; 2971 2972 /* Some controller variants snoop this value for Packet 2973 * transfers to do state machine and FIFO management. Thus we 2974 * want to set it properly, and for DMA where it is 2975 * effectively meaningless. 2976 */ 2977 nbytes = min(ata_qc_raw_nbytes(qc), (unsigned int)63 * 1024); 2978 2979 /* Most ATAPI devices which honor transfer chunk size don't 2980 * behave according to the spec when odd chunk size which 2981 * matches the transfer length is specified. If the number of 2982 * bytes to transfer is 2n+1. According to the spec, what 2983 * should happen is to indicate that 2n+1 is going to be 2984 * transferred and transfer 2n+2 bytes where the last byte is 2985 * padding. 2986 * 2987 * In practice, this doesn't happen. ATAPI devices first 2988 * indicate and transfer 2n bytes and then indicate and 2989 * transfer 2 bytes where the last byte is padding. 2990 * 2991 * This inconsistency confuses several controllers which 2992 * perform PIO using DMA such as Intel AHCIs and sil3124/32. 2993 * These controllers use actual number of transferred bytes to 2994 * update DMA poitner and transfer of 4n+2 bytes make those 2995 * controller push DMA pointer by 4n+4 bytes because SATA data 2996 * FISes are aligned to 4 bytes. This causes data corruption 2997 * and buffer overrun. 2998 * 2999 * Always setting nbytes to even number solves this problem 3000 * because then ATAPI devices don't have to split data at 2n 3001 * boundaries. 3002 */ 3003 if (nbytes & 0x1) 3004 nbytes++; 3005 3006 qc->tf.lbam = (nbytes & 0xFF); 3007 qc->tf.lbah = (nbytes >> 8); 3008 3009 if (nodata) 3010 qc->tf.protocol = ATAPI_PROT_NODATA; 3011 else if (using_pio) 3012 qc->tf.protocol = ATAPI_PROT_PIO; 3013 else { 3014 /* DMA data xfer */ 3015 qc->tf.protocol = ATAPI_PROT_DMA; 3016 qc->tf.feature |= ATAPI_PKT_DMA; 3017 3018 if ((dev->flags & ATA_DFLAG_DMADIR) && 3019 (scmd->sc_data_direction != DMA_TO_DEVICE)) 3020 /* some SATA bridges need us to indicate data xfer direction */ 3021 qc->tf.feature |= ATAPI_DMADIR; 3022 } 3023 3024 3025 /* FIXME: We need to translate 0x05 READ_BLOCK_LIMITS to a MODE_SENSE 3026 as ATAPI tape drives don't get this right otherwise */ 3027 return 0; 3028 } 3029 3030 static struct ata_device *ata_find_dev(struct ata_port *ap, int devno) 3031 { 3032 if (!sata_pmp_attached(ap)) { 3033 if (likely(devno < ata_link_max_devices(&ap->link))) 3034 return &ap->link.device[devno]; 3035 } else { 3036 if (likely(devno < ap->nr_pmp_links)) 3037 return &ap->pmp_link[devno].device[0]; 3038 } 3039 3040 return NULL; 3041 } 3042 3043 static struct ata_device *__ata_scsi_find_dev(struct ata_port *ap, 3044 const struct scsi_device *scsidev) 3045 { 3046 int devno; 3047 3048 /* skip commands not addressed to targets we simulate */ 3049 if (!sata_pmp_attached(ap)) { 3050 if (unlikely(scsidev->channel || scsidev->lun)) 3051 return NULL; 3052 devno = scsidev->id; 3053 } else { 3054 if (unlikely(scsidev->id || scsidev->lun)) 3055 return NULL; 3056 devno = scsidev->channel; 3057 } 3058 3059 return ata_find_dev(ap, devno); 3060 } 3061 3062 /** 3063 * ata_scsi_find_dev - lookup ata_device from scsi_cmnd 3064 * @ap: ATA port to which the device is attached 3065 * @scsidev: SCSI device from which we derive the ATA device 3066 * 3067 * Given various information provided in struct scsi_cmnd, 3068 * map that onto an ATA bus, and using that mapping 3069 * determine which ata_device is associated with the 3070 * SCSI command to be sent. 3071 * 3072 * LOCKING: 3073 * spin_lock_irqsave(host lock) 3074 * 3075 * RETURNS: 3076 * Associated ATA device, or %NULL if not found. 3077 */ 3078 static struct ata_device * 3079 ata_scsi_find_dev(struct ata_port *ap, const struct scsi_device *scsidev) 3080 { 3081 struct ata_device *dev = __ata_scsi_find_dev(ap, scsidev); 3082 3083 if (unlikely(!dev || !ata_dev_enabled(dev))) 3084 return NULL; 3085 3086 return dev; 3087 } 3088 3089 /* 3090 * ata_scsi_map_proto - Map pass-thru protocol value to taskfile value. 3091 * @byte1: Byte 1 from pass-thru CDB. 3092 * 3093 * RETURNS: 3094 * ATA_PROT_UNKNOWN if mapping failed/unimplemented, protocol otherwise. 3095 */ 3096 static u8 3097 ata_scsi_map_proto(u8 byte1) 3098 { 3099 switch((byte1 & 0x1e) >> 1) { 3100 case 3: /* Non-data */ 3101 return ATA_PROT_NODATA; 3102 3103 case 6: /* DMA */ 3104 case 10: /* UDMA Data-in */ 3105 case 11: /* UDMA Data-Out */ 3106 return ATA_PROT_DMA; 3107 3108 case 4: /* PIO Data-in */ 3109 case 5: /* PIO Data-out */ 3110 return ATA_PROT_PIO; 3111 3112 case 12: /* FPDMA */ 3113 return ATA_PROT_NCQ; 3114 3115 case 0: /* Hard Reset */ 3116 case 1: /* SRST */ 3117 case 8: /* Device Diagnostic */ 3118 case 9: /* Device Reset */ 3119 case 7: /* DMA Queued */ 3120 case 15: /* Return Response Info */ 3121 default: /* Reserved */ 3122 break; 3123 } 3124 3125 return ATA_PROT_UNKNOWN; 3126 } 3127 3128 /** 3129 * ata_scsi_pass_thru - convert ATA pass-thru CDB to taskfile 3130 * @qc: command structure to be initialized 3131 * 3132 * Handles either 12, 16, or 32-byte versions of the CDB. 3133 * 3134 * RETURNS: 3135 * Zero on success, non-zero on failure. 3136 */ 3137 static unsigned int ata_scsi_pass_thru(struct ata_queued_cmd *qc) 3138 { 3139 struct ata_taskfile *tf = &(qc->tf); 3140 struct scsi_cmnd *scmd = qc->scsicmd; 3141 struct ata_device *dev = qc->dev; 3142 const u8 *cdb = scmd->cmnd; 3143 u16 fp; 3144 u16 cdb_offset = 0; 3145 3146 /* 7Fh variable length cmd means a ata pass-thru(32) */ 3147 if (cdb[0] == VARIABLE_LENGTH_CMD) 3148 cdb_offset = 9; 3149 3150 tf->protocol = ata_scsi_map_proto(cdb[1 + cdb_offset]); 3151 if (tf->protocol == ATA_PROT_UNKNOWN) { 3152 fp = 1; 3153 goto invalid_fld; 3154 } 3155 3156 if (ata_is_ncq(tf->protocol) && (cdb[2 + cdb_offset] & 0x3) == 0) 3157 tf->protocol = ATA_PROT_NCQ_NODATA; 3158 3159 /* enable LBA */ 3160 tf->flags |= ATA_TFLAG_LBA; 3161 3162 /* 3163 * 12 and 16 byte CDBs use different offsets to 3164 * provide the various register values. 3165 */ 3166 if (cdb[0] == ATA_16) { 3167 /* 3168 * 16-byte CDB - may contain extended commands. 3169 * 3170 * If that is the case, copy the upper byte register values. 3171 */ 3172 if (cdb[1] & 0x01) { 3173 tf->hob_feature = cdb[3]; 3174 tf->hob_nsect = cdb[5]; 3175 tf->hob_lbal = cdb[7]; 3176 tf->hob_lbam = cdb[9]; 3177 tf->hob_lbah = cdb[11]; 3178 tf->flags |= ATA_TFLAG_LBA48; 3179 } else 3180 tf->flags &= ~ATA_TFLAG_LBA48; 3181 3182 /* 3183 * Always copy low byte, device and command registers. 3184 */ 3185 tf->feature = cdb[4]; 3186 tf->nsect = cdb[6]; 3187 tf->lbal = cdb[8]; 3188 tf->lbam = cdb[10]; 3189 tf->lbah = cdb[12]; 3190 tf->device = cdb[13]; 3191 tf->command = cdb[14]; 3192 } else if (cdb[0] == ATA_12) { 3193 /* 3194 * 12-byte CDB - incapable of extended commands. 3195 */ 3196 tf->flags &= ~ATA_TFLAG_LBA48; 3197 3198 tf->feature = cdb[3]; 3199 tf->nsect = cdb[4]; 3200 tf->lbal = cdb[5]; 3201 tf->lbam = cdb[6]; 3202 tf->lbah = cdb[7]; 3203 tf->device = cdb[8]; 3204 tf->command = cdb[9]; 3205 } else { 3206 /* 3207 * 32-byte CDB - may contain extended command fields. 3208 * 3209 * If that is the case, copy the upper byte register values. 3210 */ 3211 if (cdb[10] & 0x01) { 3212 tf->hob_feature = cdb[20]; 3213 tf->hob_nsect = cdb[22]; 3214 tf->hob_lbal = cdb[16]; 3215 tf->hob_lbam = cdb[15]; 3216 tf->hob_lbah = cdb[14]; 3217 tf->flags |= ATA_TFLAG_LBA48; 3218 } else 3219 tf->flags &= ~ATA_TFLAG_LBA48; 3220 3221 tf->feature = cdb[21]; 3222 tf->nsect = cdb[23]; 3223 tf->lbal = cdb[19]; 3224 tf->lbam = cdb[18]; 3225 tf->lbah = cdb[17]; 3226 tf->device = cdb[24]; 3227 tf->command = cdb[25]; 3228 tf->auxiliary = get_unaligned_be32(&cdb[28]); 3229 } 3230 3231 /* For NCQ commands copy the tag value */ 3232 if (ata_is_ncq(tf->protocol)) 3233 tf->nsect = qc->tag << 3; 3234 3235 /* enforce correct master/slave bit */ 3236 tf->device = dev->devno ? 3237 tf->device | ATA_DEV1 : tf->device & ~ATA_DEV1; 3238 3239 switch (tf->command) { 3240 /* READ/WRITE LONG use a non-standard sect_size */ 3241 case ATA_CMD_READ_LONG: 3242 case ATA_CMD_READ_LONG_ONCE: 3243 case ATA_CMD_WRITE_LONG: 3244 case ATA_CMD_WRITE_LONG_ONCE: 3245 if (tf->protocol != ATA_PROT_PIO || tf->nsect != 1) { 3246 fp = 1; 3247 goto invalid_fld; 3248 } 3249 qc->sect_size = scsi_bufflen(scmd); 3250 break; 3251 3252 /* commands using reported Logical Block size (e.g. 512 or 4K) */ 3253 case ATA_CMD_CFA_WRITE_NE: 3254 case ATA_CMD_CFA_TRANS_SECT: 3255 case ATA_CMD_CFA_WRITE_MULT_NE: 3256 /* XXX: case ATA_CMD_CFA_WRITE_SECTORS_WITHOUT_ERASE: */ 3257 case ATA_CMD_READ: 3258 case ATA_CMD_READ_EXT: 3259 case ATA_CMD_READ_QUEUED: 3260 /* XXX: case ATA_CMD_READ_QUEUED_EXT: */ 3261 case ATA_CMD_FPDMA_READ: 3262 case ATA_CMD_READ_MULTI: 3263 case ATA_CMD_READ_MULTI_EXT: 3264 case ATA_CMD_PIO_READ: 3265 case ATA_CMD_PIO_READ_EXT: 3266 case ATA_CMD_READ_STREAM_DMA_EXT: 3267 case ATA_CMD_READ_STREAM_EXT: 3268 case ATA_CMD_VERIFY: 3269 case ATA_CMD_VERIFY_EXT: 3270 case ATA_CMD_WRITE: 3271 case ATA_CMD_WRITE_EXT: 3272 case ATA_CMD_WRITE_FUA_EXT: 3273 case ATA_CMD_WRITE_QUEUED: 3274 case ATA_CMD_WRITE_QUEUED_FUA_EXT: 3275 case ATA_CMD_FPDMA_WRITE: 3276 case ATA_CMD_WRITE_MULTI: 3277 case ATA_CMD_WRITE_MULTI_EXT: 3278 case ATA_CMD_WRITE_MULTI_FUA_EXT: 3279 case ATA_CMD_PIO_WRITE: 3280 case ATA_CMD_PIO_WRITE_EXT: 3281 case ATA_CMD_WRITE_STREAM_DMA_EXT: 3282 case ATA_CMD_WRITE_STREAM_EXT: 3283 qc->sect_size = scmd->device->sector_size; 3284 break; 3285 3286 /* Everything else uses 512 byte "sectors" */ 3287 default: 3288 qc->sect_size = ATA_SECT_SIZE; 3289 } 3290 3291 /* 3292 * Set flags so that all registers will be written, pass on 3293 * write indication (used for PIO/DMA setup), result TF is 3294 * copied back and we don't whine too much about its failure. 3295 */ 3296 tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE; 3297 if (scmd->sc_data_direction == DMA_TO_DEVICE) 3298 tf->flags |= ATA_TFLAG_WRITE; 3299 3300 qc->flags |= ATA_QCFLAG_RESULT_TF | ATA_QCFLAG_QUIET; 3301 3302 /* 3303 * Set transfer length. 3304 * 3305 * TODO: find out if we need to do more here to 3306 * cover scatter/gather case. 3307 */ 3308 ata_qc_set_pc_nbytes(qc); 3309 3310 /* We may not issue DMA commands if no DMA mode is set */ 3311 if (tf->protocol == ATA_PROT_DMA && dev->dma_mode == 0) { 3312 fp = 1; 3313 goto invalid_fld; 3314 } 3315 3316 /* sanity check for pio multi commands */ 3317 if ((cdb[1] & 0xe0) && !is_multi_taskfile(tf)) { 3318 fp = 1; 3319 goto invalid_fld; 3320 } 3321 3322 if (is_multi_taskfile(tf)) { 3323 unsigned int multi_count = 1 << (cdb[1] >> 5); 3324 3325 /* compare the passed through multi_count 3326 * with the cached multi_count of libata 3327 */ 3328 if (multi_count != dev->multi_count) 3329 ata_dev_warn(dev, "invalid multi_count %u ignored\n", 3330 multi_count); 3331 } 3332 3333 /* 3334 * Filter SET_FEATURES - XFER MODE command -- otherwise, 3335 * SET_FEATURES - XFER MODE must be preceded/succeeded 3336 * by an update to hardware-specific registers for each 3337 * controller (i.e. the reason for ->set_piomode(), 3338 * ->set_dmamode(), and ->post_set_mode() hooks). 3339 */ 3340 if (tf->command == ATA_CMD_SET_FEATURES && 3341 tf->feature == SETFEATURES_XFER) { 3342 fp = (cdb[0] == ATA_16) ? 4 : 3; 3343 goto invalid_fld; 3344 } 3345 3346 /* 3347 * Filter TPM commands by default. These provide an 3348 * essentially uncontrolled encrypted "back door" between 3349 * applications and the disk. Set libata.allow_tpm=1 if you 3350 * have a real reason for wanting to use them. This ensures 3351 * that installed software cannot easily mess stuff up without 3352 * user intent. DVR type users will probably ship with this enabled 3353 * for movie content management. 3354 * 3355 * Note that for ATA8 we can issue a DCS change and DCS freeze lock 3356 * for this and should do in future but that it is not sufficient as 3357 * DCS is an optional feature set. Thus we also do the software filter 3358 * so that we comply with the TC consortium stated goal that the user 3359 * can turn off TC features of their system. 3360 */ 3361 if (tf->command >= 0x5C && tf->command <= 0x5F && !libata_allow_tpm) { 3362 fp = (cdb[0] == ATA_16) ? 14 : 9; 3363 goto invalid_fld; 3364 } 3365 3366 return 0; 3367 3368 invalid_fld: 3369 ata_scsi_set_invalid_field(dev, scmd, fp, 0xff); 3370 return 1; 3371 } 3372 3373 /** 3374 * ata_format_dsm_trim_descr() - SATL Write Same to DSM Trim 3375 * @cmd: SCSI command being translated 3376 * @trmax: Maximum number of entries that will fit in sector_size bytes. 3377 * @sector: Starting sector 3378 * @count: Total Range of request in logical sectors 3379 * 3380 * Rewrite the WRITE SAME descriptor to be a DSM TRIM little-endian formatted 3381 * descriptor. 3382 * 3383 * Upto 64 entries of the format: 3384 * 63:48 Range Length 3385 * 47:0 LBA 3386 * 3387 * Range Length of 0 is ignored. 3388 * LBA's should be sorted order and not overlap. 3389 * 3390 * NOTE: this is the same format as ADD LBA(S) TO NV CACHE PINNED SET 3391 * 3392 * Return: Number of bytes copied into sglist. 3393 */ 3394 static size_t ata_format_dsm_trim_descr(struct scsi_cmnd *cmd, u32 trmax, 3395 u64 sector, u32 count) 3396 { 3397 struct scsi_device *sdp = cmd->device; 3398 size_t len = sdp->sector_size; 3399 size_t r; 3400 __le64 *buf; 3401 u32 i = 0; 3402 unsigned long flags; 3403 3404 WARN_ON(len > ATA_SCSI_RBUF_SIZE); 3405 3406 if (len > ATA_SCSI_RBUF_SIZE) 3407 len = ATA_SCSI_RBUF_SIZE; 3408 3409 spin_lock_irqsave(&ata_scsi_rbuf_lock, flags); 3410 buf = ((void *)ata_scsi_rbuf); 3411 memset(buf, 0, len); 3412 while (i < trmax) { 3413 u64 entry = sector | 3414 ((u64)(count > 0xffff ? 0xffff : count) << 48); 3415 buf[i++] = __cpu_to_le64(entry); 3416 if (count <= 0xffff) 3417 break; 3418 count -= 0xffff; 3419 sector += 0xffff; 3420 } 3421 r = sg_copy_from_buffer(scsi_sglist(cmd), scsi_sg_count(cmd), buf, len); 3422 spin_unlock_irqrestore(&ata_scsi_rbuf_lock, flags); 3423 3424 return r; 3425 } 3426 3427 /** 3428 * ata_scsi_write_same_xlat() - SATL Write Same to ATA SCT Write Same 3429 * @qc: Command to be translated 3430 * 3431 * Translate a SCSI WRITE SAME command to be either a DSM TRIM command or 3432 * an SCT Write Same command. 3433 * Based on WRITE SAME has the UNMAP flag: 3434 * 3435 * - When set translate to DSM TRIM 3436 * - When clear translate to SCT Write Same 3437 */ 3438 static unsigned int ata_scsi_write_same_xlat(struct ata_queued_cmd *qc) 3439 { 3440 struct ata_taskfile *tf = &qc->tf; 3441 struct scsi_cmnd *scmd = qc->scsicmd; 3442 struct scsi_device *sdp = scmd->device; 3443 size_t len = sdp->sector_size; 3444 struct ata_device *dev = qc->dev; 3445 const u8 *cdb = scmd->cmnd; 3446 u64 block; 3447 u32 n_block; 3448 const u32 trmax = len >> 3; 3449 u32 size; 3450 u16 fp; 3451 u8 bp = 0xff; 3452 u8 unmap = cdb[1] & 0x8; 3453 3454 /* we may not issue DMA commands if no DMA mode is set */ 3455 if (unlikely(!dev->dma_mode)) 3456 goto invalid_opcode; 3457 3458 /* 3459 * We only allow sending this command through the block layer, 3460 * as it modifies the DATA OUT buffer, which would corrupt user 3461 * memory for SG_IO commands. 3462 */ 3463 if (unlikely(blk_rq_is_passthrough(scmd->request))) 3464 goto invalid_opcode; 3465 3466 if (unlikely(scmd->cmd_len < 16)) { 3467 fp = 15; 3468 goto invalid_fld; 3469 } 3470 scsi_16_lba_len(cdb, &block, &n_block); 3471 3472 if (!unmap || 3473 (dev->horkage & ATA_HORKAGE_NOTRIM) || 3474 !ata_id_has_trim(dev->id)) { 3475 fp = 1; 3476 bp = 3; 3477 goto invalid_fld; 3478 } 3479 /* If the request is too large the cmd is invalid */ 3480 if (n_block > 0xffff * trmax) { 3481 fp = 2; 3482 goto invalid_fld; 3483 } 3484 3485 /* 3486 * WRITE SAME always has a sector sized buffer as payload, this 3487 * should never be a multiple entry S/G list. 3488 */ 3489 if (!scsi_sg_count(scmd)) 3490 goto invalid_param_len; 3491 3492 /* 3493 * size must match sector size in bytes 3494 * For DATA SET MANAGEMENT TRIM in ACS-2 nsect (aka count) 3495 * is defined as number of 512 byte blocks to be transferred. 3496 */ 3497 3498 size = ata_format_dsm_trim_descr(scmd, trmax, block, n_block); 3499 if (size != len) 3500 goto invalid_param_len; 3501 3502 if (ata_ncq_enabled(dev) && ata_fpdma_dsm_supported(dev)) { 3503 /* Newer devices support queued TRIM commands */ 3504 tf->protocol = ATA_PROT_NCQ; 3505 tf->command = ATA_CMD_FPDMA_SEND; 3506 tf->hob_nsect = ATA_SUBCMD_FPDMA_SEND_DSM & 0x1f; 3507 tf->nsect = qc->tag << 3; 3508 tf->hob_feature = (size / 512) >> 8; 3509 tf->feature = size / 512; 3510 3511 tf->auxiliary = 1; 3512 } else { 3513 tf->protocol = ATA_PROT_DMA; 3514 tf->hob_feature = 0; 3515 tf->feature = ATA_DSM_TRIM; 3516 tf->hob_nsect = (size / 512) >> 8; 3517 tf->nsect = size / 512; 3518 tf->command = ATA_CMD_DSM; 3519 } 3520 3521 tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE | ATA_TFLAG_LBA48 | 3522 ATA_TFLAG_WRITE; 3523 3524 ata_qc_set_pc_nbytes(qc); 3525 3526 return 0; 3527 3528 invalid_fld: 3529 ata_scsi_set_invalid_field(dev, scmd, fp, bp); 3530 return 1; 3531 invalid_param_len: 3532 /* "Parameter list length error" */ 3533 ata_scsi_set_sense(dev, scmd, ILLEGAL_REQUEST, 0x1a, 0x0); 3534 return 1; 3535 invalid_opcode: 3536 /* "Invalid command operation code" */ 3537 ata_scsi_set_sense(dev, scmd, ILLEGAL_REQUEST, 0x20, 0x0); 3538 return 1; 3539 } 3540 3541 /** 3542 * ata_scsiop_maint_in - Simulate a subset of MAINTENANCE_IN 3543 * @args: device MAINTENANCE_IN data / SCSI command of interest. 3544 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 3545 * 3546 * Yields a subset to satisfy scsi_report_opcode() 3547 * 3548 * LOCKING: 3549 * spin_lock_irqsave(host lock) 3550 */ 3551 static unsigned int ata_scsiop_maint_in(struct ata_scsi_args *args, u8 *rbuf) 3552 { 3553 struct ata_device *dev = args->dev; 3554 u8 *cdb = args->cmd->cmnd; 3555 u8 supported = 0; 3556 unsigned int err = 0; 3557 3558 if (cdb[2] != 1) { 3559 ata_dev_warn(dev, "invalid command format %d\n", cdb[2]); 3560 err = 2; 3561 goto out; 3562 } 3563 switch (cdb[3]) { 3564 case INQUIRY: 3565 case MODE_SENSE: 3566 case MODE_SENSE_10: 3567 case READ_CAPACITY: 3568 case SERVICE_ACTION_IN_16: 3569 case REPORT_LUNS: 3570 case REQUEST_SENSE: 3571 case SYNCHRONIZE_CACHE: 3572 case REZERO_UNIT: 3573 case SEEK_6: 3574 case SEEK_10: 3575 case TEST_UNIT_READY: 3576 case SEND_DIAGNOSTIC: 3577 case MAINTENANCE_IN: 3578 case READ_6: 3579 case READ_10: 3580 case READ_16: 3581 case WRITE_6: 3582 case WRITE_10: 3583 case WRITE_16: 3584 case ATA_12: 3585 case ATA_16: 3586 case VERIFY: 3587 case VERIFY_16: 3588 case MODE_SELECT: 3589 case MODE_SELECT_10: 3590 case START_STOP: 3591 supported = 3; 3592 break; 3593 case ZBC_IN: 3594 case ZBC_OUT: 3595 if (ata_id_zoned_cap(dev->id) || 3596 dev->class == ATA_DEV_ZAC) 3597 supported = 3; 3598 break; 3599 case SECURITY_PROTOCOL_IN: 3600 case SECURITY_PROTOCOL_OUT: 3601 if (dev->flags & ATA_DFLAG_TRUSTED) 3602 supported = 3; 3603 break; 3604 default: 3605 break; 3606 } 3607 out: 3608 rbuf[1] = supported; /* supported */ 3609 return err; 3610 } 3611 3612 /** 3613 * ata_scsi_report_zones_complete - convert ATA output 3614 * @qc: command structure returning the data 3615 * 3616 * Convert T-13 little-endian field representation into 3617 * T-10 big-endian field representation. 3618 * What a mess. 3619 */ 3620 static void ata_scsi_report_zones_complete(struct ata_queued_cmd *qc) 3621 { 3622 struct scsi_cmnd *scmd = qc->scsicmd; 3623 struct sg_mapping_iter miter; 3624 unsigned long flags; 3625 unsigned int bytes = 0; 3626 3627 sg_miter_start(&miter, scsi_sglist(scmd), scsi_sg_count(scmd), 3628 SG_MITER_TO_SG | SG_MITER_ATOMIC); 3629 3630 local_irq_save(flags); 3631 while (sg_miter_next(&miter)) { 3632 unsigned int offset = 0; 3633 3634 if (bytes == 0) { 3635 char *hdr; 3636 u32 list_length; 3637 u64 max_lba, opt_lba; 3638 u16 same; 3639 3640 /* Swizzle header */ 3641 hdr = miter.addr; 3642 list_length = get_unaligned_le32(&hdr[0]); 3643 same = get_unaligned_le16(&hdr[4]); 3644 max_lba = get_unaligned_le64(&hdr[8]); 3645 opt_lba = get_unaligned_le64(&hdr[16]); 3646 put_unaligned_be32(list_length, &hdr[0]); 3647 hdr[4] = same & 0xf; 3648 put_unaligned_be64(max_lba, &hdr[8]); 3649 put_unaligned_be64(opt_lba, &hdr[16]); 3650 offset += 64; 3651 bytes += 64; 3652 } 3653 while (offset < miter.length) { 3654 char *rec; 3655 u8 cond, type, non_seq, reset; 3656 u64 size, start, wp; 3657 3658 /* Swizzle zone descriptor */ 3659 rec = miter.addr + offset; 3660 type = rec[0] & 0xf; 3661 cond = (rec[1] >> 4) & 0xf; 3662 non_seq = (rec[1] & 2); 3663 reset = (rec[1] & 1); 3664 size = get_unaligned_le64(&rec[8]); 3665 start = get_unaligned_le64(&rec[16]); 3666 wp = get_unaligned_le64(&rec[24]); 3667 rec[0] = type; 3668 rec[1] = (cond << 4) | non_seq | reset; 3669 put_unaligned_be64(size, &rec[8]); 3670 put_unaligned_be64(start, &rec[16]); 3671 put_unaligned_be64(wp, &rec[24]); 3672 WARN_ON(offset + 64 > miter.length); 3673 offset += 64; 3674 bytes += 64; 3675 } 3676 } 3677 sg_miter_stop(&miter); 3678 local_irq_restore(flags); 3679 3680 ata_scsi_qc_complete(qc); 3681 } 3682 3683 static unsigned int ata_scsi_zbc_in_xlat(struct ata_queued_cmd *qc) 3684 { 3685 struct ata_taskfile *tf = &qc->tf; 3686 struct scsi_cmnd *scmd = qc->scsicmd; 3687 const u8 *cdb = scmd->cmnd; 3688 u16 sect, fp = (u16)-1; 3689 u8 sa, options, bp = 0xff; 3690 u64 block; 3691 u32 n_block; 3692 3693 if (unlikely(scmd->cmd_len < 16)) { 3694 ata_dev_warn(qc->dev, "invalid cdb length %d\n", 3695 scmd->cmd_len); 3696 fp = 15; 3697 goto invalid_fld; 3698 } 3699 scsi_16_lba_len(cdb, &block, &n_block); 3700 if (n_block != scsi_bufflen(scmd)) { 3701 ata_dev_warn(qc->dev, "non-matching transfer count (%d/%d)\n", 3702 n_block, scsi_bufflen(scmd)); 3703 goto invalid_param_len; 3704 } 3705 sa = cdb[1] & 0x1f; 3706 if (sa != ZI_REPORT_ZONES) { 3707 ata_dev_warn(qc->dev, "invalid service action %d\n", sa); 3708 fp = 1; 3709 goto invalid_fld; 3710 } 3711 /* 3712 * ZAC allows only for transfers in 512 byte blocks, 3713 * and uses a 16 bit value for the transfer count. 3714 */ 3715 if ((n_block / 512) > 0xffff || n_block < 512 || (n_block % 512)) { 3716 ata_dev_warn(qc->dev, "invalid transfer count %d\n", n_block); 3717 goto invalid_param_len; 3718 } 3719 sect = n_block / 512; 3720 options = cdb[14] & 0xbf; 3721 3722 if (ata_ncq_enabled(qc->dev) && 3723 ata_fpdma_zac_mgmt_in_supported(qc->dev)) { 3724 tf->protocol = ATA_PROT_NCQ; 3725 tf->command = ATA_CMD_FPDMA_RECV; 3726 tf->hob_nsect = ATA_SUBCMD_FPDMA_RECV_ZAC_MGMT_IN & 0x1f; 3727 tf->nsect = qc->tag << 3; 3728 tf->feature = sect & 0xff; 3729 tf->hob_feature = (sect >> 8) & 0xff; 3730 tf->auxiliary = ATA_SUBCMD_ZAC_MGMT_IN_REPORT_ZONES | (options << 8); 3731 } else { 3732 tf->command = ATA_CMD_ZAC_MGMT_IN; 3733 tf->feature = ATA_SUBCMD_ZAC_MGMT_IN_REPORT_ZONES; 3734 tf->protocol = ATA_PROT_DMA; 3735 tf->hob_feature = options; 3736 tf->hob_nsect = (sect >> 8) & 0xff; 3737 tf->nsect = sect & 0xff; 3738 } 3739 tf->device = ATA_LBA; 3740 tf->lbah = (block >> 16) & 0xff; 3741 tf->lbam = (block >> 8) & 0xff; 3742 tf->lbal = block & 0xff; 3743 tf->hob_lbah = (block >> 40) & 0xff; 3744 tf->hob_lbam = (block >> 32) & 0xff; 3745 tf->hob_lbal = (block >> 24) & 0xff; 3746 3747 tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE | ATA_TFLAG_LBA48; 3748 qc->flags |= ATA_QCFLAG_RESULT_TF; 3749 3750 ata_qc_set_pc_nbytes(qc); 3751 3752 qc->complete_fn = ata_scsi_report_zones_complete; 3753 3754 return 0; 3755 3756 invalid_fld: 3757 ata_scsi_set_invalid_field(qc->dev, scmd, fp, bp); 3758 return 1; 3759 3760 invalid_param_len: 3761 /* "Parameter list length error" */ 3762 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x1a, 0x0); 3763 return 1; 3764 } 3765 3766 static unsigned int ata_scsi_zbc_out_xlat(struct ata_queued_cmd *qc) 3767 { 3768 struct ata_taskfile *tf = &qc->tf; 3769 struct scsi_cmnd *scmd = qc->scsicmd; 3770 struct ata_device *dev = qc->dev; 3771 const u8 *cdb = scmd->cmnd; 3772 u8 all, sa; 3773 u64 block; 3774 u32 n_block; 3775 u16 fp = (u16)-1; 3776 3777 if (unlikely(scmd->cmd_len < 16)) { 3778 fp = 15; 3779 goto invalid_fld; 3780 } 3781 3782 sa = cdb[1] & 0x1f; 3783 if ((sa != ZO_CLOSE_ZONE) && (sa != ZO_FINISH_ZONE) && 3784 (sa != ZO_OPEN_ZONE) && (sa != ZO_RESET_WRITE_POINTER)) { 3785 fp = 1; 3786 goto invalid_fld; 3787 } 3788 3789 scsi_16_lba_len(cdb, &block, &n_block); 3790 if (n_block) { 3791 /* 3792 * ZAC MANAGEMENT OUT doesn't define any length 3793 */ 3794 goto invalid_param_len; 3795 } 3796 if (block > dev->n_sectors) 3797 goto out_of_range; 3798 3799 all = cdb[14] & 0x1; 3800 3801 if (ata_ncq_enabled(qc->dev) && 3802 ata_fpdma_zac_mgmt_out_supported(qc->dev)) { 3803 tf->protocol = ATA_PROT_NCQ_NODATA; 3804 tf->command = ATA_CMD_NCQ_NON_DATA; 3805 tf->feature = ATA_SUBCMD_NCQ_NON_DATA_ZAC_MGMT_OUT; 3806 tf->nsect = qc->tag << 3; 3807 tf->auxiliary = sa | ((u16)all << 8); 3808 } else { 3809 tf->protocol = ATA_PROT_NODATA; 3810 tf->command = ATA_CMD_ZAC_MGMT_OUT; 3811 tf->feature = sa; 3812 tf->hob_feature = all; 3813 } 3814 tf->lbah = (block >> 16) & 0xff; 3815 tf->lbam = (block >> 8) & 0xff; 3816 tf->lbal = block & 0xff; 3817 tf->hob_lbah = (block >> 40) & 0xff; 3818 tf->hob_lbam = (block >> 32) & 0xff; 3819 tf->hob_lbal = (block >> 24) & 0xff; 3820 tf->device = ATA_LBA; 3821 tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE | ATA_TFLAG_LBA48; 3822 3823 return 0; 3824 3825 invalid_fld: 3826 ata_scsi_set_invalid_field(qc->dev, scmd, fp, 0xff); 3827 return 1; 3828 out_of_range: 3829 /* "Logical Block Address out of range" */ 3830 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x21, 0x00); 3831 return 1; 3832 invalid_param_len: 3833 /* "Parameter list length error" */ 3834 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x1a, 0x0); 3835 return 1; 3836 } 3837 3838 /** 3839 * ata_mselect_caching - Simulate MODE SELECT for caching info page 3840 * @qc: Storage for translated ATA taskfile 3841 * @buf: input buffer 3842 * @len: number of valid bytes in the input buffer 3843 * @fp: out parameter for the failed field on error 3844 * 3845 * Prepare a taskfile to modify caching information for the device. 3846 * 3847 * LOCKING: 3848 * None. 3849 */ 3850 static int ata_mselect_caching(struct ata_queued_cmd *qc, 3851 const u8 *buf, int len, u16 *fp) 3852 { 3853 struct ata_taskfile *tf = &qc->tf; 3854 struct ata_device *dev = qc->dev; 3855 u8 mpage[CACHE_MPAGE_LEN]; 3856 u8 wce; 3857 int i; 3858 3859 /* 3860 * The first two bytes of def_cache_mpage are a header, so offsets 3861 * in mpage are off by 2 compared to buf. Same for len. 3862 */ 3863 3864 if (len != CACHE_MPAGE_LEN - 2) { 3865 if (len < CACHE_MPAGE_LEN - 2) 3866 *fp = len; 3867 else 3868 *fp = CACHE_MPAGE_LEN - 2; 3869 return -EINVAL; 3870 } 3871 3872 wce = buf[0] & (1 << 2); 3873 3874 /* 3875 * Check that read-only bits are not modified. 3876 */ 3877 ata_msense_caching(dev->id, mpage, false); 3878 for (i = 0; i < CACHE_MPAGE_LEN - 2; i++) { 3879 if (i == 0) 3880 continue; 3881 if (mpage[i + 2] != buf[i]) { 3882 *fp = i; 3883 return -EINVAL; 3884 } 3885 } 3886 3887 tf->flags |= ATA_TFLAG_DEVICE | ATA_TFLAG_ISADDR; 3888 tf->protocol = ATA_PROT_NODATA; 3889 tf->nsect = 0; 3890 tf->command = ATA_CMD_SET_FEATURES; 3891 tf->feature = wce ? SETFEATURES_WC_ON : SETFEATURES_WC_OFF; 3892 return 0; 3893 } 3894 3895 /** 3896 * ata_mselect_control - Simulate MODE SELECT for control page 3897 * @qc: Storage for translated ATA taskfile 3898 * @buf: input buffer 3899 * @len: number of valid bytes in the input buffer 3900 * @fp: out parameter for the failed field on error 3901 * 3902 * Prepare a taskfile to modify caching information for the device. 3903 * 3904 * LOCKING: 3905 * None. 3906 */ 3907 static int ata_mselect_control(struct ata_queued_cmd *qc, 3908 const u8 *buf, int len, u16 *fp) 3909 { 3910 struct ata_device *dev = qc->dev; 3911 u8 mpage[CONTROL_MPAGE_LEN]; 3912 u8 d_sense; 3913 int i; 3914 3915 /* 3916 * The first two bytes of def_control_mpage are a header, so offsets 3917 * in mpage are off by 2 compared to buf. Same for len. 3918 */ 3919 3920 if (len != CONTROL_MPAGE_LEN - 2) { 3921 if (len < CONTROL_MPAGE_LEN - 2) 3922 *fp = len; 3923 else 3924 *fp = CONTROL_MPAGE_LEN - 2; 3925 return -EINVAL; 3926 } 3927 3928 d_sense = buf[0] & (1 << 2); 3929 3930 /* 3931 * Check that read-only bits are not modified. 3932 */ 3933 ata_msense_control(dev, mpage, false); 3934 for (i = 0; i < CONTROL_MPAGE_LEN - 2; i++) { 3935 if (i == 0) 3936 continue; 3937 if (mpage[2 + i] != buf[i]) { 3938 *fp = i; 3939 return -EINVAL; 3940 } 3941 } 3942 if (d_sense & (1 << 2)) 3943 dev->flags |= ATA_DFLAG_D_SENSE; 3944 else 3945 dev->flags &= ~ATA_DFLAG_D_SENSE; 3946 return 0; 3947 } 3948 3949 /** 3950 * ata_scsi_mode_select_xlat - Simulate MODE SELECT 6, 10 commands 3951 * @qc: Storage for translated ATA taskfile 3952 * 3953 * Converts a MODE SELECT command to an ATA SET FEATURES taskfile. 3954 * Assume this is invoked for direct access devices (e.g. disks) only. 3955 * There should be no block descriptor for other device types. 3956 * 3957 * LOCKING: 3958 * spin_lock_irqsave(host lock) 3959 */ 3960 static unsigned int ata_scsi_mode_select_xlat(struct ata_queued_cmd *qc) 3961 { 3962 struct scsi_cmnd *scmd = qc->scsicmd; 3963 const u8 *cdb = scmd->cmnd; 3964 const u8 *p; 3965 u8 pg, spg; 3966 unsigned six_byte, pg_len, hdr_len, bd_len; 3967 int len; 3968 u16 fp = (u16)-1; 3969 u8 bp = 0xff; 3970 3971 VPRINTK("ENTER\n"); 3972 3973 six_byte = (cdb[0] == MODE_SELECT); 3974 if (six_byte) { 3975 if (scmd->cmd_len < 5) { 3976 fp = 4; 3977 goto invalid_fld; 3978 } 3979 3980 len = cdb[4]; 3981 hdr_len = 4; 3982 } else { 3983 if (scmd->cmd_len < 9) { 3984 fp = 8; 3985 goto invalid_fld; 3986 } 3987 3988 len = (cdb[7] << 8) + cdb[8]; 3989 hdr_len = 8; 3990 } 3991 3992 /* We only support PF=1, SP=0. */ 3993 if ((cdb[1] & 0x11) != 0x10) { 3994 fp = 1; 3995 bp = (cdb[1] & 0x01) ? 1 : 5; 3996 goto invalid_fld; 3997 } 3998 3999 /* Test early for possible overrun. */ 4000 if (!scsi_sg_count(scmd) || scsi_sglist(scmd)->length < len) 4001 goto invalid_param_len; 4002 4003 p = page_address(sg_page(scsi_sglist(scmd))); 4004 4005 /* Move past header and block descriptors. */ 4006 if (len < hdr_len) 4007 goto invalid_param_len; 4008 4009 if (six_byte) 4010 bd_len = p[3]; 4011 else 4012 bd_len = (p[6] << 8) + p[7]; 4013 4014 len -= hdr_len; 4015 p += hdr_len; 4016 if (len < bd_len) 4017 goto invalid_param_len; 4018 if (bd_len != 0 && bd_len != 8) { 4019 fp = (six_byte) ? 3 : 6; 4020 fp += bd_len + hdr_len; 4021 goto invalid_param; 4022 } 4023 4024 len -= bd_len; 4025 p += bd_len; 4026 if (len == 0) 4027 goto skip; 4028 4029 /* Parse both possible formats for the mode page headers. */ 4030 pg = p[0] & 0x3f; 4031 if (p[0] & 0x40) { 4032 if (len < 4) 4033 goto invalid_param_len; 4034 4035 spg = p[1]; 4036 pg_len = (p[2] << 8) | p[3]; 4037 p += 4; 4038 len -= 4; 4039 } else { 4040 if (len < 2) 4041 goto invalid_param_len; 4042 4043 spg = 0; 4044 pg_len = p[1]; 4045 p += 2; 4046 len -= 2; 4047 } 4048 4049 /* 4050 * No mode subpages supported (yet) but asking for _all_ 4051 * subpages may be valid 4052 */ 4053 if (spg && (spg != ALL_SUB_MPAGES)) { 4054 fp = (p[0] & 0x40) ? 1 : 0; 4055 fp += hdr_len + bd_len; 4056 goto invalid_param; 4057 } 4058 if (pg_len > len) 4059 goto invalid_param_len; 4060 4061 switch (pg) { 4062 case CACHE_MPAGE: 4063 if (ata_mselect_caching(qc, p, pg_len, &fp) < 0) { 4064 fp += hdr_len + bd_len; 4065 goto invalid_param; 4066 } 4067 break; 4068 case CONTROL_MPAGE: 4069 if (ata_mselect_control(qc, p, pg_len, &fp) < 0) { 4070 fp += hdr_len + bd_len; 4071 goto invalid_param; 4072 } else { 4073 goto skip; /* No ATA command to send */ 4074 } 4075 break; 4076 default: /* invalid page code */ 4077 fp = bd_len + hdr_len; 4078 goto invalid_param; 4079 } 4080 4081 /* 4082 * Only one page has changeable data, so we only support setting one 4083 * page at a time. 4084 */ 4085 if (len > pg_len) 4086 goto invalid_param; 4087 4088 return 0; 4089 4090 invalid_fld: 4091 ata_scsi_set_invalid_field(qc->dev, scmd, fp, bp); 4092 return 1; 4093 4094 invalid_param: 4095 ata_scsi_set_invalid_parameter(qc->dev, scmd, fp); 4096 return 1; 4097 4098 invalid_param_len: 4099 /* "Parameter list length error" */ 4100 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x1a, 0x0); 4101 return 1; 4102 4103 skip: 4104 scmd->result = SAM_STAT_GOOD; 4105 return 1; 4106 } 4107 4108 static u8 ata_scsi_trusted_op(u32 len, bool send, bool dma) 4109 { 4110 if (len == 0) 4111 return ATA_CMD_TRUSTED_NONDATA; 4112 else if (send) 4113 return dma ? ATA_CMD_TRUSTED_SND_DMA : ATA_CMD_TRUSTED_SND; 4114 else 4115 return dma ? ATA_CMD_TRUSTED_RCV_DMA : ATA_CMD_TRUSTED_RCV; 4116 } 4117 4118 static unsigned int ata_scsi_security_inout_xlat(struct ata_queued_cmd *qc) 4119 { 4120 struct scsi_cmnd *scmd = qc->scsicmd; 4121 const u8 *cdb = scmd->cmnd; 4122 struct ata_taskfile *tf = &qc->tf; 4123 u8 secp = cdb[1]; 4124 bool send = (cdb[0] == SECURITY_PROTOCOL_OUT); 4125 u16 spsp = get_unaligned_be16(&cdb[2]); 4126 u32 len = get_unaligned_be32(&cdb[6]); 4127 bool dma = !(qc->dev->flags & ATA_DFLAG_PIO); 4128 4129 /* 4130 * We don't support the ATA "security" protocol. 4131 */ 4132 if (secp == 0xef) { 4133 ata_scsi_set_invalid_field(qc->dev, scmd, 1, 0); 4134 return 1; 4135 } 4136 4137 if (cdb[4] & 7) { /* INC_512 */ 4138 if (len > 0xffff) { 4139 ata_scsi_set_invalid_field(qc->dev, scmd, 6, 0); 4140 return 1; 4141 } 4142 } else { 4143 if (len > 0x01fffe00) { 4144 ata_scsi_set_invalid_field(qc->dev, scmd, 6, 0); 4145 return 1; 4146 } 4147 4148 /* convert to the sector-based ATA addressing */ 4149 len = (len + 511) / 512; 4150 } 4151 4152 tf->protocol = dma ? ATA_PROT_DMA : ATA_PROT_PIO; 4153 tf->flags |= ATA_TFLAG_DEVICE | ATA_TFLAG_ISADDR | ATA_TFLAG_LBA; 4154 if (send) 4155 tf->flags |= ATA_TFLAG_WRITE; 4156 tf->command = ata_scsi_trusted_op(len, send, dma); 4157 tf->feature = secp; 4158 tf->lbam = spsp & 0xff; 4159 tf->lbah = spsp >> 8; 4160 4161 if (len) { 4162 tf->nsect = len & 0xff; 4163 tf->lbal = len >> 8; 4164 } else { 4165 if (!send) 4166 tf->lbah = (1 << 7); 4167 } 4168 4169 ata_qc_set_pc_nbytes(qc); 4170 return 0; 4171 } 4172 4173 /** 4174 * ata_scsi_var_len_cdb_xlat - SATL variable length CDB to Handler 4175 * @qc: Command to be translated 4176 * 4177 * Translate a SCSI variable length CDB to specified commands. 4178 * It checks a service action value in CDB to call corresponding handler. 4179 * 4180 * RETURNS: 4181 * Zero on success, non-zero on failure 4182 * 4183 */ 4184 static unsigned int ata_scsi_var_len_cdb_xlat(struct ata_queued_cmd *qc) 4185 { 4186 struct scsi_cmnd *scmd = qc->scsicmd; 4187 const u8 *cdb = scmd->cmnd; 4188 const u16 sa = get_unaligned_be16(&cdb[8]); 4189 4190 /* 4191 * if service action represents a ata pass-thru(32) command, 4192 * then pass it to ata_scsi_pass_thru handler. 4193 */ 4194 if (sa == ATA_32) 4195 return ata_scsi_pass_thru(qc); 4196 4197 /* unsupported service action */ 4198 return 1; 4199 } 4200 4201 /** 4202 * ata_get_xlat_func - check if SCSI to ATA translation is possible 4203 * @dev: ATA device 4204 * @cmd: SCSI command opcode to consider 4205 * 4206 * Look up the SCSI command given, and determine whether the 4207 * SCSI command is to be translated or simulated. 4208 * 4209 * RETURNS: 4210 * Pointer to translation function if possible, %NULL if not. 4211 */ 4212 4213 static inline ata_xlat_func_t ata_get_xlat_func(struct ata_device *dev, u8 cmd) 4214 { 4215 switch (cmd) { 4216 case READ_6: 4217 case READ_10: 4218 case READ_16: 4219 4220 case WRITE_6: 4221 case WRITE_10: 4222 case WRITE_16: 4223 return ata_scsi_rw_xlat; 4224 4225 case WRITE_SAME_16: 4226 return ata_scsi_write_same_xlat; 4227 4228 case SYNCHRONIZE_CACHE: 4229 if (ata_try_flush_cache(dev)) 4230 return ata_scsi_flush_xlat; 4231 break; 4232 4233 case VERIFY: 4234 case VERIFY_16: 4235 return ata_scsi_verify_xlat; 4236 4237 case ATA_12: 4238 case ATA_16: 4239 return ata_scsi_pass_thru; 4240 4241 case VARIABLE_LENGTH_CMD: 4242 return ata_scsi_var_len_cdb_xlat; 4243 4244 case MODE_SELECT: 4245 case MODE_SELECT_10: 4246 return ata_scsi_mode_select_xlat; 4247 break; 4248 4249 case ZBC_IN: 4250 return ata_scsi_zbc_in_xlat; 4251 4252 case ZBC_OUT: 4253 return ata_scsi_zbc_out_xlat; 4254 4255 case SECURITY_PROTOCOL_IN: 4256 case SECURITY_PROTOCOL_OUT: 4257 if (!(dev->flags & ATA_DFLAG_TRUSTED)) 4258 break; 4259 return ata_scsi_security_inout_xlat; 4260 4261 case START_STOP: 4262 return ata_scsi_start_stop_xlat; 4263 } 4264 4265 return NULL; 4266 } 4267 4268 /** 4269 * ata_scsi_dump_cdb - dump SCSI command contents to dmesg 4270 * @ap: ATA port to which the command was being sent 4271 * @cmd: SCSI command to dump 4272 * 4273 * Prints the contents of a SCSI command via printk(). 4274 */ 4275 4276 static inline void ata_scsi_dump_cdb(struct ata_port *ap, 4277 struct scsi_cmnd *cmd) 4278 { 4279 #ifdef ATA_DEBUG 4280 struct scsi_device *scsidev = cmd->device; 4281 4282 DPRINTK("CDB (%u:%d,%d,%d) %9ph\n", 4283 ap->print_id, 4284 scsidev->channel, scsidev->id, scsidev->lun, 4285 cmd->cmnd); 4286 #endif 4287 } 4288 4289 static inline int __ata_scsi_queuecmd(struct scsi_cmnd *scmd, 4290 struct ata_device *dev) 4291 { 4292 u8 scsi_op = scmd->cmnd[0]; 4293 ata_xlat_func_t xlat_func; 4294 int rc = 0; 4295 4296 if (dev->class == ATA_DEV_ATA || dev->class == ATA_DEV_ZAC) { 4297 if (unlikely(!scmd->cmd_len || scmd->cmd_len > dev->cdb_len)) 4298 goto bad_cdb_len; 4299 4300 xlat_func = ata_get_xlat_func(dev, scsi_op); 4301 } else { 4302 if (unlikely(!scmd->cmd_len)) 4303 goto bad_cdb_len; 4304 4305 xlat_func = NULL; 4306 if (likely((scsi_op != ATA_16) || !atapi_passthru16)) { 4307 /* relay SCSI command to ATAPI device */ 4308 int len = COMMAND_SIZE(scsi_op); 4309 if (unlikely(len > scmd->cmd_len || len > dev->cdb_len)) 4310 goto bad_cdb_len; 4311 4312 xlat_func = atapi_xlat; 4313 } else { 4314 /* ATA_16 passthru, treat as an ATA command */ 4315 if (unlikely(scmd->cmd_len > 16)) 4316 goto bad_cdb_len; 4317 4318 xlat_func = ata_get_xlat_func(dev, scsi_op); 4319 } 4320 } 4321 4322 if (xlat_func) 4323 rc = ata_scsi_translate(dev, scmd, xlat_func); 4324 else 4325 ata_scsi_simulate(dev, scmd); 4326 4327 return rc; 4328 4329 bad_cdb_len: 4330 DPRINTK("bad CDB len=%u, scsi_op=0x%02x, max=%u\n", 4331 scmd->cmd_len, scsi_op, dev->cdb_len); 4332 scmd->result = DID_ERROR << 16; 4333 scmd->scsi_done(scmd); 4334 return 0; 4335 } 4336 4337 /** 4338 * ata_scsi_queuecmd - Issue SCSI cdb to libata-managed device 4339 * @shost: SCSI host of command to be sent 4340 * @cmd: SCSI command to be sent 4341 * 4342 * In some cases, this function translates SCSI commands into 4343 * ATA taskfiles, and queues the taskfiles to be sent to 4344 * hardware. In other cases, this function simulates a 4345 * SCSI device by evaluating and responding to certain 4346 * SCSI commands. This creates the overall effect of 4347 * ATA and ATAPI devices appearing as SCSI devices. 4348 * 4349 * LOCKING: 4350 * ATA host lock 4351 * 4352 * RETURNS: 4353 * Return value from __ata_scsi_queuecmd() if @cmd can be queued, 4354 * 0 otherwise. 4355 */ 4356 int ata_scsi_queuecmd(struct Scsi_Host *shost, struct scsi_cmnd *cmd) 4357 { 4358 struct ata_port *ap; 4359 struct ata_device *dev; 4360 struct scsi_device *scsidev = cmd->device; 4361 int rc = 0; 4362 unsigned long irq_flags; 4363 4364 ap = ata_shost_to_port(shost); 4365 4366 spin_lock_irqsave(ap->lock, irq_flags); 4367 4368 ata_scsi_dump_cdb(ap, cmd); 4369 4370 dev = ata_scsi_find_dev(ap, scsidev); 4371 if (likely(dev)) 4372 rc = __ata_scsi_queuecmd(cmd, dev); 4373 else { 4374 cmd->result = (DID_BAD_TARGET << 16); 4375 cmd->scsi_done(cmd); 4376 } 4377 4378 spin_unlock_irqrestore(ap->lock, irq_flags); 4379 4380 return rc; 4381 } 4382 4383 /** 4384 * ata_scsi_simulate - simulate SCSI command on ATA device 4385 * @dev: the target device 4386 * @cmd: SCSI command being sent to device. 4387 * 4388 * Interprets and directly executes a select list of SCSI commands 4389 * that can be handled internally. 4390 * 4391 * LOCKING: 4392 * spin_lock_irqsave(host lock) 4393 */ 4394 4395 void ata_scsi_simulate(struct ata_device *dev, struct scsi_cmnd *cmd) 4396 { 4397 struct ata_scsi_args args; 4398 const u8 *scsicmd = cmd->cmnd; 4399 u8 tmp8; 4400 4401 args.dev = dev; 4402 args.id = dev->id; 4403 args.cmd = cmd; 4404 4405 switch(scsicmd[0]) { 4406 case INQUIRY: 4407 if (scsicmd[1] & 2) /* is CmdDt set? */ 4408 ata_scsi_set_invalid_field(dev, cmd, 1, 0xff); 4409 else if ((scsicmd[1] & 1) == 0) /* is EVPD clear? */ 4410 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_std); 4411 else switch (scsicmd[2]) { 4412 case 0x00: 4413 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_00); 4414 break; 4415 case 0x80: 4416 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_80); 4417 break; 4418 case 0x83: 4419 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_83); 4420 break; 4421 case 0x89: 4422 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_89); 4423 break; 4424 case 0xb0: 4425 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_b0); 4426 break; 4427 case 0xb1: 4428 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_b1); 4429 break; 4430 case 0xb2: 4431 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_b2); 4432 break; 4433 case 0xb6: 4434 if (dev->flags & ATA_DFLAG_ZAC) { 4435 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_b6); 4436 break; 4437 } 4438 /* Fallthrough */ 4439 default: 4440 ata_scsi_set_invalid_field(dev, cmd, 2, 0xff); 4441 break; 4442 } 4443 break; 4444 4445 case MODE_SENSE: 4446 case MODE_SENSE_10: 4447 ata_scsi_rbuf_fill(&args, ata_scsiop_mode_sense); 4448 break; 4449 4450 case READ_CAPACITY: 4451 ata_scsi_rbuf_fill(&args, ata_scsiop_read_cap); 4452 break; 4453 4454 case SERVICE_ACTION_IN_16: 4455 if ((scsicmd[1] & 0x1f) == SAI_READ_CAPACITY_16) 4456 ata_scsi_rbuf_fill(&args, ata_scsiop_read_cap); 4457 else 4458 ata_scsi_set_invalid_field(dev, cmd, 1, 0xff); 4459 break; 4460 4461 case REPORT_LUNS: 4462 ata_scsi_rbuf_fill(&args, ata_scsiop_report_luns); 4463 break; 4464 4465 case REQUEST_SENSE: 4466 ata_scsi_set_sense(dev, cmd, 0, 0, 0); 4467 cmd->result = (DRIVER_SENSE << 24); 4468 break; 4469 4470 /* if we reach this, then writeback caching is disabled, 4471 * turning this into a no-op. 4472 */ 4473 case SYNCHRONIZE_CACHE: 4474 /* fall through */ 4475 4476 /* no-op's, complete with success */ 4477 case REZERO_UNIT: 4478 case SEEK_6: 4479 case SEEK_10: 4480 case TEST_UNIT_READY: 4481 break; 4482 4483 case SEND_DIAGNOSTIC: 4484 tmp8 = scsicmd[1] & ~(1 << 3); 4485 if (tmp8 != 0x4 || scsicmd[3] || scsicmd[4]) 4486 ata_scsi_set_invalid_field(dev, cmd, 1, 0xff); 4487 break; 4488 4489 case MAINTENANCE_IN: 4490 if (scsicmd[1] == MI_REPORT_SUPPORTED_OPERATION_CODES) 4491 ata_scsi_rbuf_fill(&args, ata_scsiop_maint_in); 4492 else 4493 ata_scsi_set_invalid_field(dev, cmd, 1, 0xff); 4494 break; 4495 4496 /* all other commands */ 4497 default: 4498 ata_scsi_set_sense(dev, cmd, ILLEGAL_REQUEST, 0x20, 0x0); 4499 /* "Invalid command operation code" */ 4500 break; 4501 } 4502 4503 cmd->scsi_done(cmd); 4504 } 4505 4506 int ata_scsi_add_hosts(struct ata_host *host, struct scsi_host_template *sht) 4507 { 4508 int i, rc; 4509 4510 for (i = 0; i < host->n_ports; i++) { 4511 struct ata_port *ap = host->ports[i]; 4512 struct Scsi_Host *shost; 4513 4514 rc = -ENOMEM; 4515 shost = scsi_host_alloc(sht, sizeof(struct ata_port *)); 4516 if (!shost) 4517 goto err_alloc; 4518 4519 shost->eh_noresume = 1; 4520 *(struct ata_port **)&shost->hostdata[0] = ap; 4521 ap->scsi_host = shost; 4522 4523 shost->transportt = ata_scsi_transport_template; 4524 shost->unique_id = ap->print_id; 4525 shost->max_id = 16; 4526 shost->max_lun = 1; 4527 shost->max_channel = 1; 4528 shost->max_cmd_len = 32; 4529 4530 /* Schedule policy is determined by ->qc_defer() 4531 * callback and it needs to see every deferred qc. 4532 * Set host_blocked to 1 to prevent SCSI midlayer from 4533 * automatically deferring requests. 4534 */ 4535 shost->max_host_blocked = 1; 4536 4537 rc = scsi_add_host_with_dma(ap->scsi_host, 4538 &ap->tdev, ap->host->dev); 4539 if (rc) 4540 goto err_add; 4541 } 4542 4543 return 0; 4544 4545 err_add: 4546 scsi_host_put(host->ports[i]->scsi_host); 4547 err_alloc: 4548 while (--i >= 0) { 4549 struct Scsi_Host *shost = host->ports[i]->scsi_host; 4550 4551 scsi_remove_host(shost); 4552 scsi_host_put(shost); 4553 } 4554 return rc; 4555 } 4556 4557 void ata_scsi_scan_host(struct ata_port *ap, int sync) 4558 { 4559 int tries = 5; 4560 struct ata_device *last_failed_dev = NULL; 4561 struct ata_link *link; 4562 struct ata_device *dev; 4563 4564 repeat: 4565 ata_for_each_link(link, ap, EDGE) { 4566 ata_for_each_dev(dev, link, ENABLED) { 4567 struct scsi_device *sdev; 4568 int channel = 0, id = 0; 4569 4570 if (dev->sdev) 4571 continue; 4572 4573 if (ata_is_host_link(link)) 4574 id = dev->devno; 4575 else 4576 channel = link->pmp; 4577 4578 sdev = __scsi_add_device(ap->scsi_host, channel, id, 0, 4579 NULL); 4580 if (!IS_ERR(sdev)) { 4581 dev->sdev = sdev; 4582 scsi_device_put(sdev); 4583 } else { 4584 dev->sdev = NULL; 4585 } 4586 } 4587 } 4588 4589 /* If we scanned while EH was in progress or allocation 4590 * failure occurred, scan would have failed silently. Check 4591 * whether all devices are attached. 4592 */ 4593 ata_for_each_link(link, ap, EDGE) { 4594 ata_for_each_dev(dev, link, ENABLED) { 4595 if (!dev->sdev) 4596 goto exit_loop; 4597 } 4598 } 4599 exit_loop: 4600 if (!link) 4601 return; 4602 4603 /* we're missing some SCSI devices */ 4604 if (sync) { 4605 /* If caller requested synchrnous scan && we've made 4606 * any progress, sleep briefly and repeat. 4607 */ 4608 if (dev != last_failed_dev) { 4609 msleep(100); 4610 last_failed_dev = dev; 4611 goto repeat; 4612 } 4613 4614 /* We might be failing to detect boot device, give it 4615 * a few more chances. 4616 */ 4617 if (--tries) { 4618 msleep(100); 4619 goto repeat; 4620 } 4621 4622 ata_port_err(ap, 4623 "WARNING: synchronous SCSI scan failed without making any progress, switching to async\n"); 4624 } 4625 4626 queue_delayed_work(system_long_wq, &ap->hotplug_task, 4627 round_jiffies_relative(HZ)); 4628 } 4629 4630 /** 4631 * ata_scsi_offline_dev - offline attached SCSI device 4632 * @dev: ATA device to offline attached SCSI device for 4633 * 4634 * This function is called from ata_eh_hotplug() and responsible 4635 * for taking the SCSI device attached to @dev offline. This 4636 * function is called with host lock which protects dev->sdev 4637 * against clearing. 4638 * 4639 * LOCKING: 4640 * spin_lock_irqsave(host lock) 4641 * 4642 * RETURNS: 4643 * 1 if attached SCSI device exists, 0 otherwise. 4644 */ 4645 int ata_scsi_offline_dev(struct ata_device *dev) 4646 { 4647 if (dev->sdev) { 4648 scsi_device_set_state(dev->sdev, SDEV_OFFLINE); 4649 return 1; 4650 } 4651 return 0; 4652 } 4653 4654 /** 4655 * ata_scsi_remove_dev - remove attached SCSI device 4656 * @dev: ATA device to remove attached SCSI device for 4657 * 4658 * This function is called from ata_eh_scsi_hotplug() and 4659 * responsible for removing the SCSI device attached to @dev. 4660 * 4661 * LOCKING: 4662 * Kernel thread context (may sleep). 4663 */ 4664 static void ata_scsi_remove_dev(struct ata_device *dev) 4665 { 4666 struct ata_port *ap = dev->link->ap; 4667 struct scsi_device *sdev; 4668 unsigned long flags; 4669 4670 /* Alas, we need to grab scan_mutex to ensure SCSI device 4671 * state doesn't change underneath us and thus 4672 * scsi_device_get() always succeeds. The mutex locking can 4673 * be removed if there is __scsi_device_get() interface which 4674 * increments reference counts regardless of device state. 4675 */ 4676 mutex_lock(&ap->scsi_host->scan_mutex); 4677 spin_lock_irqsave(ap->lock, flags); 4678 4679 /* clearing dev->sdev is protected by host lock */ 4680 sdev = dev->sdev; 4681 dev->sdev = NULL; 4682 4683 if (sdev) { 4684 /* If user initiated unplug races with us, sdev can go 4685 * away underneath us after the host lock and 4686 * scan_mutex are released. Hold onto it. 4687 */ 4688 if (scsi_device_get(sdev) == 0) { 4689 /* The following ensures the attached sdev is 4690 * offline on return from ata_scsi_offline_dev() 4691 * regardless it wins or loses the race 4692 * against this function. 4693 */ 4694 scsi_device_set_state(sdev, SDEV_OFFLINE); 4695 } else { 4696 WARN_ON(1); 4697 sdev = NULL; 4698 } 4699 } 4700 4701 spin_unlock_irqrestore(ap->lock, flags); 4702 mutex_unlock(&ap->scsi_host->scan_mutex); 4703 4704 if (sdev) { 4705 ata_dev_info(dev, "detaching (SCSI %s)\n", 4706 dev_name(&sdev->sdev_gendev)); 4707 4708 scsi_remove_device(sdev); 4709 scsi_device_put(sdev); 4710 } 4711 } 4712 4713 static void ata_scsi_handle_link_detach(struct ata_link *link) 4714 { 4715 struct ata_port *ap = link->ap; 4716 struct ata_device *dev; 4717 4718 ata_for_each_dev(dev, link, ALL) { 4719 unsigned long flags; 4720 4721 if (!(dev->flags & ATA_DFLAG_DETACHED)) 4722 continue; 4723 4724 spin_lock_irqsave(ap->lock, flags); 4725 dev->flags &= ~ATA_DFLAG_DETACHED; 4726 spin_unlock_irqrestore(ap->lock, flags); 4727 4728 if (zpodd_dev_enabled(dev)) 4729 zpodd_exit(dev); 4730 4731 ata_scsi_remove_dev(dev); 4732 } 4733 } 4734 4735 /** 4736 * ata_scsi_media_change_notify - send media change event 4737 * @dev: Pointer to the disk device with media change event 4738 * 4739 * Tell the block layer to send a media change notification 4740 * event. 4741 * 4742 * LOCKING: 4743 * spin_lock_irqsave(host lock) 4744 */ 4745 void ata_scsi_media_change_notify(struct ata_device *dev) 4746 { 4747 if (dev->sdev) 4748 sdev_evt_send_simple(dev->sdev, SDEV_EVT_MEDIA_CHANGE, 4749 GFP_ATOMIC); 4750 } 4751 4752 /** 4753 * ata_scsi_hotplug - SCSI part of hotplug 4754 * @work: Pointer to ATA port to perform SCSI hotplug on 4755 * 4756 * Perform SCSI part of hotplug. It's executed from a separate 4757 * workqueue after EH completes. This is necessary because SCSI 4758 * hot plugging requires working EH and hot unplugging is 4759 * synchronized with hot plugging with a mutex. 4760 * 4761 * LOCKING: 4762 * Kernel thread context (may sleep). 4763 */ 4764 void ata_scsi_hotplug(struct work_struct *work) 4765 { 4766 struct ata_port *ap = 4767 container_of(work, struct ata_port, hotplug_task.work); 4768 int i; 4769 4770 if (ap->pflags & ATA_PFLAG_UNLOADING) { 4771 DPRINTK("ENTER/EXIT - unloading\n"); 4772 return; 4773 } 4774 4775 /* 4776 * XXX - UGLY HACK 4777 * 4778 * The block layer suspend/resume path is fundamentally broken due 4779 * to freezable kthreads and workqueue and may deadlock if a block 4780 * device gets removed while resume is in progress. I don't know 4781 * what the solution is short of removing freezable kthreads and 4782 * workqueues altogether. 4783 * 4784 * The following is an ugly hack to avoid kicking off device 4785 * removal while freezer is active. This is a joke but does avoid 4786 * this particular deadlock scenario. 4787 * 4788 * https://bugzilla.kernel.org/show_bug.cgi?id=62801 4789 * http://marc.info/?l=linux-kernel&m=138695698516487 4790 */ 4791 #ifdef CONFIG_FREEZER 4792 while (pm_freezing) 4793 msleep(10); 4794 #endif 4795 4796 DPRINTK("ENTER\n"); 4797 mutex_lock(&ap->scsi_scan_mutex); 4798 4799 /* Unplug detached devices. We cannot use link iterator here 4800 * because PMP links have to be scanned even if PMP is 4801 * currently not attached. Iterate manually. 4802 */ 4803 ata_scsi_handle_link_detach(&ap->link); 4804 if (ap->pmp_link) 4805 for (i = 0; i < SATA_PMP_MAX_PORTS; i++) 4806 ata_scsi_handle_link_detach(&ap->pmp_link[i]); 4807 4808 /* scan for new ones */ 4809 ata_scsi_scan_host(ap, 0); 4810 4811 mutex_unlock(&ap->scsi_scan_mutex); 4812 DPRINTK("EXIT\n"); 4813 } 4814 4815 /** 4816 * ata_scsi_user_scan - indication for user-initiated bus scan 4817 * @shost: SCSI host to scan 4818 * @channel: Channel to scan 4819 * @id: ID to scan 4820 * @lun: LUN to scan 4821 * 4822 * This function is called when user explicitly requests bus 4823 * scan. Set probe pending flag and invoke EH. 4824 * 4825 * LOCKING: 4826 * SCSI layer (we don't care) 4827 * 4828 * RETURNS: 4829 * Zero. 4830 */ 4831 int ata_scsi_user_scan(struct Scsi_Host *shost, unsigned int channel, 4832 unsigned int id, u64 lun) 4833 { 4834 struct ata_port *ap = ata_shost_to_port(shost); 4835 unsigned long flags; 4836 int devno, rc = 0; 4837 4838 if (!ap->ops->error_handler) 4839 return -EOPNOTSUPP; 4840 4841 if (lun != SCAN_WILD_CARD && lun) 4842 return -EINVAL; 4843 4844 if (!sata_pmp_attached(ap)) { 4845 if (channel != SCAN_WILD_CARD && channel) 4846 return -EINVAL; 4847 devno = id; 4848 } else { 4849 if (id != SCAN_WILD_CARD && id) 4850 return -EINVAL; 4851 devno = channel; 4852 } 4853 4854 spin_lock_irqsave(ap->lock, flags); 4855 4856 if (devno == SCAN_WILD_CARD) { 4857 struct ata_link *link; 4858 4859 ata_for_each_link(link, ap, EDGE) { 4860 struct ata_eh_info *ehi = &link->eh_info; 4861 ehi->probe_mask |= ATA_ALL_DEVICES; 4862 ehi->action |= ATA_EH_RESET; 4863 } 4864 } else { 4865 struct ata_device *dev = ata_find_dev(ap, devno); 4866 4867 if (dev) { 4868 struct ata_eh_info *ehi = &dev->link->eh_info; 4869 ehi->probe_mask |= 1 << dev->devno; 4870 ehi->action |= ATA_EH_RESET; 4871 } else 4872 rc = -EINVAL; 4873 } 4874 4875 if (rc == 0) { 4876 ata_port_schedule_eh(ap); 4877 spin_unlock_irqrestore(ap->lock, flags); 4878 ata_port_wait_eh(ap); 4879 } else 4880 spin_unlock_irqrestore(ap->lock, flags); 4881 4882 return rc; 4883 } 4884 4885 /** 4886 * ata_scsi_dev_rescan - initiate scsi_rescan_device() 4887 * @work: Pointer to ATA port to perform scsi_rescan_device() 4888 * 4889 * After ATA pass thru (SAT) commands are executed successfully, 4890 * libata need to propagate the changes to SCSI layer. 4891 * 4892 * LOCKING: 4893 * Kernel thread context (may sleep). 4894 */ 4895 void ata_scsi_dev_rescan(struct work_struct *work) 4896 { 4897 struct ata_port *ap = 4898 container_of(work, struct ata_port, scsi_rescan_task); 4899 struct ata_link *link; 4900 struct ata_device *dev; 4901 unsigned long flags; 4902 4903 mutex_lock(&ap->scsi_scan_mutex); 4904 spin_lock_irqsave(ap->lock, flags); 4905 4906 ata_for_each_link(link, ap, EDGE) { 4907 ata_for_each_dev(dev, link, ENABLED) { 4908 struct scsi_device *sdev = dev->sdev; 4909 4910 if (!sdev) 4911 continue; 4912 if (scsi_device_get(sdev)) 4913 continue; 4914 4915 spin_unlock_irqrestore(ap->lock, flags); 4916 scsi_rescan_device(&(sdev->sdev_gendev)); 4917 scsi_device_put(sdev); 4918 spin_lock_irqsave(ap->lock, flags); 4919 } 4920 } 4921 4922 spin_unlock_irqrestore(ap->lock, flags); 4923 mutex_unlock(&ap->scsi_scan_mutex); 4924 } 4925 4926 /** 4927 * ata_sas_port_alloc - Allocate port for a SAS attached SATA device 4928 * @host: ATA host container for all SAS ports 4929 * @port_info: Information from low-level host driver 4930 * @shost: SCSI host that the scsi device is attached to 4931 * 4932 * LOCKING: 4933 * PCI/etc. bus probe sem. 4934 * 4935 * RETURNS: 4936 * ata_port pointer on success / NULL on failure. 4937 */ 4938 4939 struct ata_port *ata_sas_port_alloc(struct ata_host *host, 4940 struct ata_port_info *port_info, 4941 struct Scsi_Host *shost) 4942 { 4943 struct ata_port *ap; 4944 4945 ap = ata_port_alloc(host); 4946 if (!ap) 4947 return NULL; 4948 4949 ap->port_no = 0; 4950 ap->lock = &host->lock; 4951 ap->pio_mask = port_info->pio_mask; 4952 ap->mwdma_mask = port_info->mwdma_mask; 4953 ap->udma_mask = port_info->udma_mask; 4954 ap->flags |= port_info->flags; 4955 ap->ops = port_info->port_ops; 4956 ap->cbl = ATA_CBL_SATA; 4957 4958 return ap; 4959 } 4960 EXPORT_SYMBOL_GPL(ata_sas_port_alloc); 4961 4962 /** 4963 * ata_sas_port_start - Set port up for dma. 4964 * @ap: Port to initialize 4965 * 4966 * Called just after data structures for each port are 4967 * initialized. 4968 * 4969 * May be used as the port_start() entry in ata_port_operations. 4970 * 4971 * LOCKING: 4972 * Inherited from caller. 4973 */ 4974 int ata_sas_port_start(struct ata_port *ap) 4975 { 4976 /* 4977 * the port is marked as frozen at allocation time, but if we don't 4978 * have new eh, we won't thaw it 4979 */ 4980 if (!ap->ops->error_handler) 4981 ap->pflags &= ~ATA_PFLAG_FROZEN; 4982 return 0; 4983 } 4984 EXPORT_SYMBOL_GPL(ata_sas_port_start); 4985 4986 /** 4987 * ata_port_stop - Undo ata_sas_port_start() 4988 * @ap: Port to shut down 4989 * 4990 * May be used as the port_stop() entry in ata_port_operations. 4991 * 4992 * LOCKING: 4993 * Inherited from caller. 4994 */ 4995 4996 void ata_sas_port_stop(struct ata_port *ap) 4997 { 4998 } 4999 EXPORT_SYMBOL_GPL(ata_sas_port_stop); 5000 5001 /** 5002 * ata_sas_async_probe - simply schedule probing and return 5003 * @ap: Port to probe 5004 * 5005 * For batch scheduling of probe for sas attached ata devices, assumes 5006 * the port has already been through ata_sas_port_init() 5007 */ 5008 void ata_sas_async_probe(struct ata_port *ap) 5009 { 5010 __ata_port_probe(ap); 5011 } 5012 EXPORT_SYMBOL_GPL(ata_sas_async_probe); 5013 5014 int ata_sas_sync_probe(struct ata_port *ap) 5015 { 5016 return ata_port_probe(ap); 5017 } 5018 EXPORT_SYMBOL_GPL(ata_sas_sync_probe); 5019 5020 5021 /** 5022 * ata_sas_port_init - Initialize a SATA device 5023 * @ap: SATA port to initialize 5024 * 5025 * LOCKING: 5026 * PCI/etc. bus probe sem. 5027 * 5028 * RETURNS: 5029 * Zero on success, non-zero on error. 5030 */ 5031 5032 int ata_sas_port_init(struct ata_port *ap) 5033 { 5034 int rc = ap->ops->port_start(ap); 5035 5036 if (rc) 5037 return rc; 5038 ap->print_id = atomic_inc_return(&ata_print_id); 5039 return 0; 5040 } 5041 EXPORT_SYMBOL_GPL(ata_sas_port_init); 5042 5043 /** 5044 * ata_sas_port_destroy - Destroy a SATA port allocated by ata_sas_port_alloc 5045 * @ap: SATA port to destroy 5046 * 5047 */ 5048 5049 void ata_sas_port_destroy(struct ata_port *ap) 5050 { 5051 if (ap->ops->port_stop) 5052 ap->ops->port_stop(ap); 5053 kfree(ap); 5054 } 5055 EXPORT_SYMBOL_GPL(ata_sas_port_destroy); 5056 5057 /** 5058 * ata_sas_slave_configure - Default slave_config routine for libata devices 5059 * @sdev: SCSI device to configure 5060 * @ap: ATA port to which SCSI device is attached 5061 * 5062 * RETURNS: 5063 * Zero. 5064 */ 5065 5066 int ata_sas_slave_configure(struct scsi_device *sdev, struct ata_port *ap) 5067 { 5068 ata_scsi_sdev_config(sdev); 5069 ata_scsi_dev_config(sdev, ap->link.device); 5070 return 0; 5071 } 5072 EXPORT_SYMBOL_GPL(ata_sas_slave_configure); 5073 5074 /** 5075 * ata_sas_queuecmd - Issue SCSI cdb to libata-managed device 5076 * @cmd: SCSI command to be sent 5077 * @ap: ATA port to which the command is being sent 5078 * 5079 * RETURNS: 5080 * Return value from __ata_scsi_queuecmd() if @cmd can be queued, 5081 * 0 otherwise. 5082 */ 5083 5084 int ata_sas_queuecmd(struct scsi_cmnd *cmd, struct ata_port *ap) 5085 { 5086 int rc = 0; 5087 5088 ata_scsi_dump_cdb(ap, cmd); 5089 5090 if (likely(ata_dev_enabled(ap->link.device))) 5091 rc = __ata_scsi_queuecmd(cmd, ap->link.device); 5092 else { 5093 cmd->result = (DID_BAD_TARGET << 16); 5094 cmd->scsi_done(cmd); 5095 } 5096 return rc; 5097 } 5098 EXPORT_SYMBOL_GPL(ata_sas_queuecmd); 5099 5100 int ata_sas_allocate_tag(struct ata_port *ap) 5101 { 5102 unsigned int max_queue = ap->host->n_tags; 5103 unsigned int i, tag; 5104 5105 for (i = 0, tag = ap->sas_last_tag + 1; i < max_queue; i++, tag++) { 5106 tag = tag < max_queue ? tag : 0; 5107 5108 /* the last tag is reserved for internal command. */ 5109 if (tag == ATA_TAG_INTERNAL) 5110 continue; 5111 5112 if (!test_and_set_bit(tag, &ap->sas_tag_allocated)) { 5113 ap->sas_last_tag = tag; 5114 return tag; 5115 } 5116 } 5117 return -1; 5118 } 5119 5120 void ata_sas_free_tag(unsigned int tag, struct ata_port *ap) 5121 { 5122 clear_bit(tag, &ap->sas_tag_allocated); 5123 } 5124