1 /*
2  * Management Module Support for MPT (Message Passing Technology) based
3  * controllers
4  *
5  * This code is based on drivers/scsi/mpt3sas/mpt3sas_ctl.c
6  * Copyright (C) 2012-2014  LSI Corporation
7  * Copyright (C) 2013-2014 Avago Technologies
8  *  (mailto: MPT-FusionLinux.pdl@avagotech.com)
9  *
10  * This program is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU General Public License
12  * as published by the Free Software Foundation; either version 2
13  * of the License, or (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  * GNU General Public License for more details.
19  *
20  * NO WARRANTY
21  * THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR
22  * CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT
23  * LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT,
24  * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is
25  * solely responsible for determining the appropriateness of using and
26  * distributing the Program and assumes all risks associated with its
27  * exercise of rights under this Agreement, including but not limited to
28  * the risks and costs of program errors, damage to or loss of data,
29  * programs or equipment, and unavailability or interruption of operations.
30 
31  * DISCLAIMER OF LIABILITY
32  * NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY
33  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
34  * DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND
35  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
36  * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
37  * USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED
38  * HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES
39 
40  * You should have received a copy of the GNU General Public License
41  * along with this program; if not, write to the Free Software
42  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301,
43  * USA.
44  */
45 
46 #include <linux/kernel.h>
47 #include <linux/module.h>
48 #include <linux/errno.h>
49 #include <linux/init.h>
50 #include <linux/slab.h>
51 #include <linux/types.h>
52 #include <linux/pci.h>
53 #include <linux/delay.h>
54 #include <linux/compat.h>
55 #include <linux/poll.h>
56 
57 #include <linux/io.h>
58 #include <linux/uaccess.h>
59 
60 #include "mpt3sas_base.h"
61 #include "mpt3sas_ctl.h"
62 
63 
64 static struct fasync_struct *async_queue;
65 static DECLARE_WAIT_QUEUE_HEAD(ctl_poll_wait);
66 
67 
68 /**
69  * enum block_state - blocking state
70  * @NON_BLOCKING: non blocking
71  * @BLOCKING: blocking
72  *
73  * These states are for ioctls that need to wait for a response
74  * from firmware, so they probably require sleep.
75  */
76 enum block_state {
77 	NON_BLOCKING,
78 	BLOCKING,
79 };
80 
81 /**
82  * _ctl_display_some_debug - debug routine
83  * @ioc: per adapter object
84  * @smid: system request message index
85  * @calling_function_name: string pass from calling function
86  * @mpi_reply: reply message frame
87  * Context: none.
88  *
89  * Function for displaying debug info helpful when debugging issues
90  * in this module.
91  */
92 static void
93 _ctl_display_some_debug(struct MPT3SAS_ADAPTER *ioc, u16 smid,
94 	char *calling_function_name, MPI2DefaultReply_t *mpi_reply)
95 {
96 	Mpi2ConfigRequest_t *mpi_request;
97 	char *desc = NULL;
98 
99 	if (!(ioc->logging_level & MPT_DEBUG_IOCTL))
100 		return;
101 
102 	mpi_request = mpt3sas_base_get_msg_frame(ioc, smid);
103 	switch (mpi_request->Function) {
104 	case MPI2_FUNCTION_SCSI_IO_REQUEST:
105 	{
106 		Mpi2SCSIIORequest_t *scsi_request =
107 		    (Mpi2SCSIIORequest_t *)mpi_request;
108 
109 		snprintf(ioc->tmp_string, MPT_STRING_LENGTH,
110 		    "scsi_io, cmd(0x%02x), cdb_len(%d)",
111 		    scsi_request->CDB.CDB32[0],
112 		    le16_to_cpu(scsi_request->IoFlags) & 0xF);
113 		desc = ioc->tmp_string;
114 		break;
115 	}
116 	case MPI2_FUNCTION_SCSI_TASK_MGMT:
117 		desc = "task_mgmt";
118 		break;
119 	case MPI2_FUNCTION_IOC_INIT:
120 		desc = "ioc_init";
121 		break;
122 	case MPI2_FUNCTION_IOC_FACTS:
123 		desc = "ioc_facts";
124 		break;
125 	case MPI2_FUNCTION_CONFIG:
126 	{
127 		Mpi2ConfigRequest_t *config_request =
128 		    (Mpi2ConfigRequest_t *)mpi_request;
129 
130 		snprintf(ioc->tmp_string, MPT_STRING_LENGTH,
131 		    "config, type(0x%02x), ext_type(0x%02x), number(%d)",
132 		    (config_request->Header.PageType &
133 		     MPI2_CONFIG_PAGETYPE_MASK), config_request->ExtPageType,
134 		    config_request->Header.PageNumber);
135 		desc = ioc->tmp_string;
136 		break;
137 	}
138 	case MPI2_FUNCTION_PORT_FACTS:
139 		desc = "port_facts";
140 		break;
141 	case MPI2_FUNCTION_PORT_ENABLE:
142 		desc = "port_enable";
143 		break;
144 	case MPI2_FUNCTION_EVENT_NOTIFICATION:
145 		desc = "event_notification";
146 		break;
147 	case MPI2_FUNCTION_FW_DOWNLOAD:
148 		desc = "fw_download";
149 		break;
150 	case MPI2_FUNCTION_FW_UPLOAD:
151 		desc = "fw_upload";
152 		break;
153 	case MPI2_FUNCTION_RAID_ACTION:
154 		desc = "raid_action";
155 		break;
156 	case MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
157 	{
158 		Mpi2SCSIIORequest_t *scsi_request =
159 		    (Mpi2SCSIIORequest_t *)mpi_request;
160 
161 		snprintf(ioc->tmp_string, MPT_STRING_LENGTH,
162 		    "raid_pass, cmd(0x%02x), cdb_len(%d)",
163 		    scsi_request->CDB.CDB32[0],
164 		    le16_to_cpu(scsi_request->IoFlags) & 0xF);
165 		desc = ioc->tmp_string;
166 		break;
167 	}
168 	case MPI2_FUNCTION_SAS_IO_UNIT_CONTROL:
169 		desc = "sas_iounit_cntl";
170 		break;
171 	case MPI2_FUNCTION_SATA_PASSTHROUGH:
172 		desc = "sata_pass";
173 		break;
174 	case MPI2_FUNCTION_DIAG_BUFFER_POST:
175 		desc = "diag_buffer_post";
176 		break;
177 	case MPI2_FUNCTION_DIAG_RELEASE:
178 		desc = "diag_release";
179 		break;
180 	case MPI2_FUNCTION_SMP_PASSTHROUGH:
181 		desc = "smp_passthrough";
182 		break;
183 	}
184 
185 	if (!desc)
186 		return;
187 
188 	ioc_info(ioc, "%s: %s, smid(%d)\n", calling_function_name, desc, smid);
189 
190 	if (!mpi_reply)
191 		return;
192 
193 	if (mpi_reply->IOCStatus || mpi_reply->IOCLogInfo)
194 		ioc_info(ioc, "\tiocstatus(0x%04x), loginfo(0x%08x)\n",
195 			 le16_to_cpu(mpi_reply->IOCStatus),
196 			 le32_to_cpu(mpi_reply->IOCLogInfo));
197 
198 	if (mpi_request->Function == MPI2_FUNCTION_SCSI_IO_REQUEST ||
199 	    mpi_request->Function ==
200 	    MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH) {
201 		Mpi2SCSIIOReply_t *scsi_reply =
202 		    (Mpi2SCSIIOReply_t *)mpi_reply;
203 		struct _sas_device *sas_device = NULL;
204 		struct _pcie_device *pcie_device = NULL;
205 
206 		sas_device = mpt3sas_get_sdev_by_handle(ioc,
207 		    le16_to_cpu(scsi_reply->DevHandle));
208 		if (sas_device) {
209 			ioc_warn(ioc, "\tsas_address(0x%016llx), phy(%d)\n",
210 				 (u64)sas_device->sas_address,
211 				 sas_device->phy);
212 			ioc_warn(ioc, "\tenclosure_logical_id(0x%016llx), slot(%d)\n",
213 				 (u64)sas_device->enclosure_logical_id,
214 				 sas_device->slot);
215 			sas_device_put(sas_device);
216 		}
217 		if (!sas_device) {
218 			pcie_device = mpt3sas_get_pdev_by_handle(ioc,
219 				le16_to_cpu(scsi_reply->DevHandle));
220 			if (pcie_device) {
221 				ioc_warn(ioc, "\tWWID(0x%016llx), port(%d)\n",
222 					 (unsigned long long)pcie_device->wwid,
223 					 pcie_device->port_num);
224 				if (pcie_device->enclosure_handle != 0)
225 					ioc_warn(ioc, "\tenclosure_logical_id(0x%016llx), slot(%d)\n",
226 						 (u64)pcie_device->enclosure_logical_id,
227 						 pcie_device->slot);
228 				pcie_device_put(pcie_device);
229 			}
230 		}
231 		if (scsi_reply->SCSIState || scsi_reply->SCSIStatus)
232 			ioc_info(ioc, "\tscsi_state(0x%02x), scsi_status(0x%02x)\n",
233 				 scsi_reply->SCSIState,
234 				 scsi_reply->SCSIStatus);
235 	}
236 }
237 
238 /**
239  * mpt3sas_ctl_done - ctl module completion routine
240  * @ioc: per adapter object
241  * @smid: system request message index
242  * @msix_index: MSIX table index supplied by the OS
243  * @reply: reply message frame(lower 32bit addr)
244  * Context: none.
245  *
246  * The callback handler when using ioc->ctl_cb_idx.
247  *
248  * Return: 1 meaning mf should be freed from _base_interrupt
249  *         0 means the mf is freed from this function.
250  */
251 u8
252 mpt3sas_ctl_done(struct MPT3SAS_ADAPTER *ioc, u16 smid, u8 msix_index,
253 	u32 reply)
254 {
255 	MPI2DefaultReply_t *mpi_reply;
256 	Mpi2SCSIIOReply_t *scsiio_reply;
257 	Mpi26NVMeEncapsulatedErrorReply_t *nvme_error_reply;
258 	const void *sense_data;
259 	u32 sz;
260 
261 	if (ioc->ctl_cmds.status == MPT3_CMD_NOT_USED)
262 		return 1;
263 	if (ioc->ctl_cmds.smid != smid)
264 		return 1;
265 	ioc->ctl_cmds.status |= MPT3_CMD_COMPLETE;
266 	mpi_reply = mpt3sas_base_get_reply_virt_addr(ioc, reply);
267 	if (mpi_reply) {
268 		memcpy(ioc->ctl_cmds.reply, mpi_reply, mpi_reply->MsgLength*4);
269 		ioc->ctl_cmds.status |= MPT3_CMD_REPLY_VALID;
270 		/* get sense data */
271 		if (mpi_reply->Function == MPI2_FUNCTION_SCSI_IO_REQUEST ||
272 		    mpi_reply->Function ==
273 		    MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH) {
274 			scsiio_reply = (Mpi2SCSIIOReply_t *)mpi_reply;
275 			if (scsiio_reply->SCSIState &
276 			    MPI2_SCSI_STATE_AUTOSENSE_VALID) {
277 				sz = min_t(u32, SCSI_SENSE_BUFFERSIZE,
278 				    le32_to_cpu(scsiio_reply->SenseCount));
279 				sense_data = mpt3sas_base_get_sense_buffer(ioc,
280 				    smid);
281 				memcpy(ioc->ctl_cmds.sense, sense_data, sz);
282 			}
283 		}
284 		/*
285 		 * Get Error Response data for NVMe device. The ctl_cmds.sense
286 		 * buffer is used to store the Error Response data.
287 		 */
288 		if (mpi_reply->Function == MPI2_FUNCTION_NVME_ENCAPSULATED) {
289 			nvme_error_reply =
290 			    (Mpi26NVMeEncapsulatedErrorReply_t *)mpi_reply;
291 			sz = min_t(u32, NVME_ERROR_RESPONSE_SIZE,
292 			    le16_to_cpu(nvme_error_reply->ErrorResponseCount));
293 			sense_data = mpt3sas_base_get_sense_buffer(ioc, smid);
294 			memcpy(ioc->ctl_cmds.sense, sense_data, sz);
295 		}
296 	}
297 
298 	_ctl_display_some_debug(ioc, smid, "ctl_done", mpi_reply);
299 	ioc->ctl_cmds.status &= ~MPT3_CMD_PENDING;
300 	complete(&ioc->ctl_cmds.done);
301 	return 1;
302 }
303 
304 /**
305  * _ctl_check_event_type - determines when an event needs logging
306  * @ioc: per adapter object
307  * @event: firmware event
308  *
309  * The bitmask in ioc->event_type[] indicates which events should be
310  * be saved in the driver event_log.  This bitmask is set by application.
311  *
312  * Return: 1 when event should be captured, or zero means no match.
313  */
314 static int
315 _ctl_check_event_type(struct MPT3SAS_ADAPTER *ioc, u16 event)
316 {
317 	u16 i;
318 	u32 desired_event;
319 
320 	if (event >= 128 || !event || !ioc->event_log)
321 		return 0;
322 
323 	desired_event = (1 << (event % 32));
324 	if (!desired_event)
325 		desired_event = 1;
326 	i = event / 32;
327 	return desired_event & ioc->event_type[i];
328 }
329 
330 /**
331  * mpt3sas_ctl_add_to_event_log - add event
332  * @ioc: per adapter object
333  * @mpi_reply: reply message frame
334  */
335 void
336 mpt3sas_ctl_add_to_event_log(struct MPT3SAS_ADAPTER *ioc,
337 	Mpi2EventNotificationReply_t *mpi_reply)
338 {
339 	struct MPT3_IOCTL_EVENTS *event_log;
340 	u16 event;
341 	int i;
342 	u32 sz, event_data_sz;
343 	u8 send_aen = 0;
344 
345 	if (!ioc->event_log)
346 		return;
347 
348 	event = le16_to_cpu(mpi_reply->Event);
349 
350 	if (_ctl_check_event_type(ioc, event)) {
351 
352 		/* insert entry into circular event_log */
353 		i = ioc->event_context % MPT3SAS_CTL_EVENT_LOG_SIZE;
354 		event_log = ioc->event_log;
355 		event_log[i].event = event;
356 		event_log[i].context = ioc->event_context++;
357 
358 		event_data_sz = le16_to_cpu(mpi_reply->EventDataLength)*4;
359 		sz = min_t(u32, event_data_sz, MPT3_EVENT_DATA_SIZE);
360 		memset(event_log[i].data, 0, MPT3_EVENT_DATA_SIZE);
361 		memcpy(event_log[i].data, mpi_reply->EventData, sz);
362 		send_aen = 1;
363 	}
364 
365 	/* This aen_event_read_flag flag is set until the
366 	 * application has read the event log.
367 	 * For MPI2_EVENT_LOG_ENTRY_ADDED, we always notify.
368 	 */
369 	if (event == MPI2_EVENT_LOG_ENTRY_ADDED ||
370 	    (send_aen && !ioc->aen_event_read_flag)) {
371 		ioc->aen_event_read_flag = 1;
372 		wake_up_interruptible(&ctl_poll_wait);
373 		if (async_queue)
374 			kill_fasync(&async_queue, SIGIO, POLL_IN);
375 	}
376 }
377 
378 /**
379  * mpt3sas_ctl_event_callback - firmware event handler (called at ISR time)
380  * @ioc: per adapter object
381  * @msix_index: MSIX table index supplied by the OS
382  * @reply: reply message frame(lower 32bit addr)
383  * Context: interrupt.
384  *
385  * This function merely adds a new work task into ioc->firmware_event_thread.
386  * The tasks are worked from _firmware_event_work in user context.
387  *
388  * Return: 1 meaning mf should be freed from _base_interrupt
389  *         0 means the mf is freed from this function.
390  */
391 u8
392 mpt3sas_ctl_event_callback(struct MPT3SAS_ADAPTER *ioc, u8 msix_index,
393 	u32 reply)
394 {
395 	Mpi2EventNotificationReply_t *mpi_reply;
396 
397 	mpi_reply = mpt3sas_base_get_reply_virt_addr(ioc, reply);
398 	if (mpi_reply)
399 		mpt3sas_ctl_add_to_event_log(ioc, mpi_reply);
400 	return 1;
401 }
402 
403 /**
404  * _ctl_verify_adapter - validates ioc_number passed from application
405  * @ioc_number: ?
406  * @iocpp: The ioc pointer is returned in this.
407  * @mpi_version: will be MPI2_VERSION for mpt2ctl ioctl device &
408  * MPI25_VERSION | MPI26_VERSION for mpt3ctl ioctl device.
409  *
410  * Return: (-1) means error, else ioc_number.
411  */
412 static int
413 _ctl_verify_adapter(int ioc_number, struct MPT3SAS_ADAPTER **iocpp,
414 							int mpi_version)
415 {
416 	struct MPT3SAS_ADAPTER *ioc;
417 	int version = 0;
418 	/* global ioc lock to protect controller on list operations */
419 	spin_lock(&gioc_lock);
420 	list_for_each_entry(ioc, &mpt3sas_ioc_list, list) {
421 		if (ioc->id != ioc_number)
422 			continue;
423 		/* Check whether this ioctl command is from right
424 		 * ioctl device or not, if not continue the search.
425 		 */
426 		version = ioc->hba_mpi_version_belonged;
427 		/* MPI25_VERSION and MPI26_VERSION uses same ioctl
428 		 * device.
429 		 */
430 		if (mpi_version == (MPI25_VERSION | MPI26_VERSION)) {
431 			if ((version == MPI25_VERSION) ||
432 				(version == MPI26_VERSION))
433 				goto out;
434 			else
435 				continue;
436 		} else {
437 			if (version != mpi_version)
438 				continue;
439 		}
440 out:
441 		spin_unlock(&gioc_lock);
442 		*iocpp = ioc;
443 		return ioc_number;
444 	}
445 	spin_unlock(&gioc_lock);
446 	*iocpp = NULL;
447 	return -1;
448 }
449 
450 /**
451  * mpt3sas_ctl_reset_handler - reset callback handler (for ctl)
452  * @ioc: per adapter object
453  *
454  * The handler for doing any required cleanup or initialization.
455  */
456 void mpt3sas_ctl_pre_reset_handler(struct MPT3SAS_ADAPTER *ioc)
457 {
458 	int i;
459 	u8 issue_reset;
460 
461 	dtmprintk(ioc, ioc_info(ioc, "%s: MPT3_IOC_PRE_RESET\n", __func__));
462 	for (i = 0; i < MPI2_DIAG_BUF_TYPE_COUNT; i++) {
463 		if (!(ioc->diag_buffer_status[i] &
464 		      MPT3_DIAG_BUFFER_IS_REGISTERED))
465 			continue;
466 		if ((ioc->diag_buffer_status[i] &
467 		     MPT3_DIAG_BUFFER_IS_RELEASED))
468 			continue;
469 		mpt3sas_send_diag_release(ioc, i, &issue_reset);
470 	}
471 }
472 
473 /**
474  * mpt3sas_ctl_reset_handler - reset callback handler (for ctl)
475  * @ioc: per adapter object
476  *
477  * The handler for doing any required cleanup or initialization.
478  */
479 void mpt3sas_ctl_after_reset_handler(struct MPT3SAS_ADAPTER *ioc)
480 {
481 	dtmprintk(ioc, ioc_info(ioc, "%s: MPT3_IOC_AFTER_RESET\n", __func__));
482 	if (ioc->ctl_cmds.status & MPT3_CMD_PENDING) {
483 		ioc->ctl_cmds.status |= MPT3_CMD_RESET;
484 		mpt3sas_base_free_smid(ioc, ioc->ctl_cmds.smid);
485 		complete(&ioc->ctl_cmds.done);
486 	}
487 }
488 
489 /**
490  * mpt3sas_ctl_reset_handler - reset callback handler (for ctl)
491  * @ioc: per adapter object
492  *
493  * The handler for doing any required cleanup or initialization.
494  */
495 void mpt3sas_ctl_reset_done_handler(struct MPT3SAS_ADAPTER *ioc)
496 {
497 	int i;
498 
499 	dtmprintk(ioc, ioc_info(ioc, "%s: MPT3_IOC_DONE_RESET\n", __func__));
500 
501 	for (i = 0; i < MPI2_DIAG_BUF_TYPE_COUNT; i++) {
502 		if (!(ioc->diag_buffer_status[i] &
503 		      MPT3_DIAG_BUFFER_IS_REGISTERED))
504 			continue;
505 		if ((ioc->diag_buffer_status[i] &
506 		     MPT3_DIAG_BUFFER_IS_RELEASED))
507 			continue;
508 		ioc->diag_buffer_status[i] |=
509 			MPT3_DIAG_BUFFER_IS_DIAG_RESET;
510 	}
511 }
512 
513 /**
514  * _ctl_fasync -
515  * @fd: ?
516  * @filep: ?
517  * @mode: ?
518  *
519  * Called when application request fasyn callback handler.
520  */
521 static int
522 _ctl_fasync(int fd, struct file *filep, int mode)
523 {
524 	return fasync_helper(fd, filep, mode, &async_queue);
525 }
526 
527 /**
528  * _ctl_poll -
529  * @filep: ?
530  * @wait: ?
531  *
532  */
533 static __poll_t
534 _ctl_poll(struct file *filep, poll_table *wait)
535 {
536 	struct MPT3SAS_ADAPTER *ioc;
537 
538 	poll_wait(filep, &ctl_poll_wait, wait);
539 
540 	/* global ioc lock to protect controller on list operations */
541 	spin_lock(&gioc_lock);
542 	list_for_each_entry(ioc, &mpt3sas_ioc_list, list) {
543 		if (ioc->aen_event_read_flag) {
544 			spin_unlock(&gioc_lock);
545 			return EPOLLIN | EPOLLRDNORM;
546 		}
547 	}
548 	spin_unlock(&gioc_lock);
549 	return 0;
550 }
551 
552 /**
553  * _ctl_set_task_mid - assign an active smid to tm request
554  * @ioc: per adapter object
555  * @karg: (struct mpt3_ioctl_command)
556  * @tm_request: pointer to mf from user space
557  *
558  * Return: 0 when an smid if found, else fail.
559  * during failure, the reply frame is filled.
560  */
561 static int
562 _ctl_set_task_mid(struct MPT3SAS_ADAPTER *ioc, struct mpt3_ioctl_command *karg,
563 	Mpi2SCSITaskManagementRequest_t *tm_request)
564 {
565 	u8 found = 0;
566 	u16 smid;
567 	u16 handle;
568 	struct scsi_cmnd *scmd;
569 	struct MPT3SAS_DEVICE *priv_data;
570 	Mpi2SCSITaskManagementReply_t *tm_reply;
571 	u32 sz;
572 	u32 lun;
573 	char *desc = NULL;
574 
575 	if (tm_request->TaskType == MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK)
576 		desc = "abort_task";
577 	else if (tm_request->TaskType == MPI2_SCSITASKMGMT_TASKTYPE_QUERY_TASK)
578 		desc = "query_task";
579 	else
580 		return 0;
581 
582 	lun = scsilun_to_int((struct scsi_lun *)tm_request->LUN);
583 
584 	handle = le16_to_cpu(tm_request->DevHandle);
585 	for (smid = ioc->scsiio_depth; smid && !found; smid--) {
586 		struct scsiio_tracker *st;
587 
588 		scmd = mpt3sas_scsih_scsi_lookup_get(ioc, smid);
589 		if (!scmd)
590 			continue;
591 		if (lun != scmd->device->lun)
592 			continue;
593 		priv_data = scmd->device->hostdata;
594 		if (priv_data->sas_target == NULL)
595 			continue;
596 		if (priv_data->sas_target->handle != handle)
597 			continue;
598 		st = scsi_cmd_priv(scmd);
599 
600 		/*
601 		 * If the given TaskMID from the user space is zero, then the
602 		 * first outstanding smid will be picked up.  Otherwise,
603 		 * targeted smid will be the one.
604 		 */
605 		if (!tm_request->TaskMID || tm_request->TaskMID == st->smid) {
606 			tm_request->TaskMID = cpu_to_le16(st->smid);
607 			found = 1;
608 		}
609 	}
610 
611 	if (!found) {
612 		dctlprintk(ioc,
613 			   ioc_info(ioc, "%s: handle(0x%04x), lun(%d), no active mid!!\n",
614 				    desc, le16_to_cpu(tm_request->DevHandle),
615 				    lun));
616 		tm_reply = ioc->ctl_cmds.reply;
617 		tm_reply->DevHandle = tm_request->DevHandle;
618 		tm_reply->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
619 		tm_reply->TaskType = tm_request->TaskType;
620 		tm_reply->MsgLength = sizeof(Mpi2SCSITaskManagementReply_t)/4;
621 		tm_reply->VP_ID = tm_request->VP_ID;
622 		tm_reply->VF_ID = tm_request->VF_ID;
623 		sz = min_t(u32, karg->max_reply_bytes, ioc->reply_sz);
624 		if (copy_to_user(karg->reply_frame_buf_ptr, ioc->ctl_cmds.reply,
625 		    sz))
626 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
627 			    __LINE__, __func__);
628 		return 1;
629 	}
630 
631 	dctlprintk(ioc,
632 		   ioc_info(ioc, "%s: handle(0x%04x), lun(%d), task_mid(%d)\n",
633 			    desc, le16_to_cpu(tm_request->DevHandle), lun,
634 			    le16_to_cpu(tm_request->TaskMID)));
635 	return 0;
636 }
637 
638 /**
639  * _ctl_do_mpt_command - main handler for MPT3COMMAND opcode
640  * @ioc: per adapter object
641  * @karg: (struct mpt3_ioctl_command)
642  * @mf: pointer to mf in user space
643  */
644 static long
645 _ctl_do_mpt_command(struct MPT3SAS_ADAPTER *ioc, struct mpt3_ioctl_command karg,
646 	void __user *mf)
647 {
648 	MPI2RequestHeader_t *mpi_request = NULL, *request;
649 	MPI2DefaultReply_t *mpi_reply;
650 	Mpi26NVMeEncapsulatedRequest_t *nvme_encap_request = NULL;
651 	struct _pcie_device *pcie_device = NULL;
652 	u16 smid;
653 	u8 timeout;
654 	u8 issue_reset;
655 	u32 sz, sz_arg;
656 	void *psge;
657 	void *data_out = NULL;
658 	dma_addr_t data_out_dma = 0;
659 	size_t data_out_sz = 0;
660 	void *data_in = NULL;
661 	dma_addr_t data_in_dma = 0;
662 	size_t data_in_sz = 0;
663 	long ret;
664 	u16 device_handle = MPT3SAS_INVALID_DEVICE_HANDLE;
665 
666 	issue_reset = 0;
667 
668 	if (ioc->ctl_cmds.status != MPT3_CMD_NOT_USED) {
669 		ioc_err(ioc, "%s: ctl_cmd in use\n", __func__);
670 		ret = -EAGAIN;
671 		goto out;
672 	}
673 
674 	ret = mpt3sas_wait_for_ioc(ioc,	IOC_OPERATIONAL_WAIT_COUNT);
675 	if (ret)
676 		goto out;
677 
678 	mpi_request = kzalloc(ioc->request_sz, GFP_KERNEL);
679 	if (!mpi_request) {
680 		ioc_err(ioc, "%s: failed obtaining a memory for mpi_request\n",
681 			__func__);
682 		ret = -ENOMEM;
683 		goto out;
684 	}
685 
686 	/* Check for overflow and wraparound */
687 	if (karg.data_sge_offset * 4 > ioc->request_sz ||
688 	    karg.data_sge_offset > (UINT_MAX / 4)) {
689 		ret = -EINVAL;
690 		goto out;
691 	}
692 
693 	/* copy in request message frame from user */
694 	if (copy_from_user(mpi_request, mf, karg.data_sge_offset*4)) {
695 		pr_err("failure at %s:%d/%s()!\n", __FILE__, __LINE__,
696 		    __func__);
697 		ret = -EFAULT;
698 		goto out;
699 	}
700 
701 	if (mpi_request->Function == MPI2_FUNCTION_SCSI_TASK_MGMT) {
702 		smid = mpt3sas_base_get_smid_hpr(ioc, ioc->ctl_cb_idx);
703 		if (!smid) {
704 			ioc_err(ioc, "%s: failed obtaining a smid\n", __func__);
705 			ret = -EAGAIN;
706 			goto out;
707 		}
708 	} else {
709 		/* Use first reserved smid for passthrough ioctls */
710 		smid = ioc->scsiio_depth - INTERNAL_SCSIIO_CMDS_COUNT + 1;
711 	}
712 
713 	ret = 0;
714 	ioc->ctl_cmds.status = MPT3_CMD_PENDING;
715 	memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
716 	request = mpt3sas_base_get_msg_frame(ioc, smid);
717 	memset(request, 0, ioc->request_sz);
718 	memcpy(request, mpi_request, karg.data_sge_offset*4);
719 	ioc->ctl_cmds.smid = smid;
720 	data_out_sz = karg.data_out_size;
721 	data_in_sz = karg.data_in_size;
722 
723 	if (mpi_request->Function == MPI2_FUNCTION_SCSI_IO_REQUEST ||
724 	    mpi_request->Function == MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH ||
725 	    mpi_request->Function == MPI2_FUNCTION_SCSI_TASK_MGMT ||
726 	    mpi_request->Function == MPI2_FUNCTION_SATA_PASSTHROUGH ||
727 	    mpi_request->Function == MPI2_FUNCTION_NVME_ENCAPSULATED) {
728 
729 		device_handle = le16_to_cpu(mpi_request->FunctionDependent1);
730 		if (!device_handle || (device_handle >
731 		    ioc->facts.MaxDevHandle)) {
732 			ret = -EINVAL;
733 			mpt3sas_base_free_smid(ioc, smid);
734 			goto out;
735 		}
736 	}
737 
738 	/* obtain dma-able memory for data transfer */
739 	if (data_out_sz) /* WRITE */ {
740 		data_out = dma_alloc_coherent(&ioc->pdev->dev, data_out_sz,
741 				&data_out_dma, GFP_KERNEL);
742 		if (!data_out) {
743 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
744 			    __LINE__, __func__);
745 			ret = -ENOMEM;
746 			mpt3sas_base_free_smid(ioc, smid);
747 			goto out;
748 		}
749 		if (copy_from_user(data_out, karg.data_out_buf_ptr,
750 			data_out_sz)) {
751 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
752 			    __LINE__, __func__);
753 			ret =  -EFAULT;
754 			mpt3sas_base_free_smid(ioc, smid);
755 			goto out;
756 		}
757 	}
758 
759 	if (data_in_sz) /* READ */ {
760 		data_in = dma_alloc_coherent(&ioc->pdev->dev, data_in_sz,
761 				&data_in_dma, GFP_KERNEL);
762 		if (!data_in) {
763 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
764 			    __LINE__, __func__);
765 			ret = -ENOMEM;
766 			mpt3sas_base_free_smid(ioc, smid);
767 			goto out;
768 		}
769 	}
770 
771 	psge = (void *)request + (karg.data_sge_offset*4);
772 
773 	/* send command to firmware */
774 	_ctl_display_some_debug(ioc, smid, "ctl_request", NULL);
775 
776 	init_completion(&ioc->ctl_cmds.done);
777 	switch (mpi_request->Function) {
778 	case MPI2_FUNCTION_NVME_ENCAPSULATED:
779 	{
780 		nvme_encap_request = (Mpi26NVMeEncapsulatedRequest_t *)request;
781 		/*
782 		 * Get the Physical Address of the sense buffer.
783 		 * Use Error Response buffer address field to hold the sense
784 		 * buffer address.
785 		 * Clear the internal sense buffer, which will potentially hold
786 		 * the Completion Queue Entry on return, or 0 if no Entry.
787 		 * Build the PRPs and set direction bits.
788 		 * Send the request.
789 		 */
790 		nvme_encap_request->ErrorResponseBaseAddress =
791 		    cpu_to_le64(ioc->sense_dma & 0xFFFFFFFF00000000UL);
792 		nvme_encap_request->ErrorResponseBaseAddress |=
793 		   cpu_to_le64(le32_to_cpu(
794 		   mpt3sas_base_get_sense_buffer_dma(ioc, smid)));
795 		nvme_encap_request->ErrorResponseAllocationLength =
796 					cpu_to_le16(NVME_ERROR_RESPONSE_SIZE);
797 		memset(ioc->ctl_cmds.sense, 0, NVME_ERROR_RESPONSE_SIZE);
798 		ioc->build_nvme_prp(ioc, smid, nvme_encap_request,
799 		    data_out_dma, data_out_sz, data_in_dma, data_in_sz);
800 		if (test_bit(device_handle, ioc->device_remove_in_progress)) {
801 			dtmprintk(ioc,
802 				  ioc_info(ioc, "handle(0x%04x): ioctl failed due to device removal in progress\n",
803 					   device_handle));
804 			mpt3sas_base_free_smid(ioc, smid);
805 			ret = -EINVAL;
806 			goto out;
807 		}
808 		mpt3sas_base_put_smid_nvme_encap(ioc, smid);
809 		break;
810 	}
811 	case MPI2_FUNCTION_SCSI_IO_REQUEST:
812 	case MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
813 	{
814 		Mpi2SCSIIORequest_t *scsiio_request =
815 		    (Mpi2SCSIIORequest_t *)request;
816 		scsiio_request->SenseBufferLength = SCSI_SENSE_BUFFERSIZE;
817 		scsiio_request->SenseBufferLowAddress =
818 		    mpt3sas_base_get_sense_buffer_dma(ioc, smid);
819 		memset(ioc->ctl_cmds.sense, 0, SCSI_SENSE_BUFFERSIZE);
820 		if (test_bit(device_handle, ioc->device_remove_in_progress)) {
821 			dtmprintk(ioc,
822 				  ioc_info(ioc, "handle(0x%04x) :ioctl failed due to device removal in progress\n",
823 					   device_handle));
824 			mpt3sas_base_free_smid(ioc, smid);
825 			ret = -EINVAL;
826 			goto out;
827 		}
828 		ioc->build_sg(ioc, psge, data_out_dma, data_out_sz,
829 		    data_in_dma, data_in_sz);
830 		if (mpi_request->Function == MPI2_FUNCTION_SCSI_IO_REQUEST)
831 			ioc->put_smid_scsi_io(ioc, smid, device_handle);
832 		else
833 			ioc->put_smid_default(ioc, smid);
834 		break;
835 	}
836 	case MPI2_FUNCTION_SCSI_TASK_MGMT:
837 	{
838 		Mpi2SCSITaskManagementRequest_t *tm_request =
839 		    (Mpi2SCSITaskManagementRequest_t *)request;
840 
841 		dtmprintk(ioc,
842 			  ioc_info(ioc, "TASK_MGMT: handle(0x%04x), task_type(0x%02x)\n",
843 				   le16_to_cpu(tm_request->DevHandle),
844 				   tm_request->TaskType));
845 		ioc->got_task_abort_from_ioctl = 1;
846 		if (tm_request->TaskType ==
847 		    MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK ||
848 		    tm_request->TaskType ==
849 		    MPI2_SCSITASKMGMT_TASKTYPE_QUERY_TASK) {
850 			if (_ctl_set_task_mid(ioc, &karg, tm_request)) {
851 				mpt3sas_base_free_smid(ioc, smid);
852 				ioc->got_task_abort_from_ioctl = 0;
853 				goto out;
854 			}
855 		}
856 		ioc->got_task_abort_from_ioctl = 0;
857 
858 		if (test_bit(device_handle, ioc->device_remove_in_progress)) {
859 			dtmprintk(ioc,
860 				  ioc_info(ioc, "handle(0x%04x) :ioctl failed due to device removal in progress\n",
861 					   device_handle));
862 			mpt3sas_base_free_smid(ioc, smid);
863 			ret = -EINVAL;
864 			goto out;
865 		}
866 		mpt3sas_scsih_set_tm_flag(ioc, le16_to_cpu(
867 		    tm_request->DevHandle));
868 		ioc->build_sg_mpi(ioc, psge, data_out_dma, data_out_sz,
869 		    data_in_dma, data_in_sz);
870 		ioc->put_smid_hi_priority(ioc, smid, 0);
871 		break;
872 	}
873 	case MPI2_FUNCTION_SMP_PASSTHROUGH:
874 	{
875 		Mpi2SmpPassthroughRequest_t *smp_request =
876 		    (Mpi2SmpPassthroughRequest_t *)mpi_request;
877 		u8 *data;
878 
879 		/* ioc determines which port to use */
880 		smp_request->PhysicalPort = 0xFF;
881 		if (smp_request->PassthroughFlags &
882 		    MPI2_SMP_PT_REQ_PT_FLAGS_IMMEDIATE)
883 			data = (u8 *)&smp_request->SGL;
884 		else {
885 			if (unlikely(data_out == NULL)) {
886 				pr_err("failure at %s:%d/%s()!\n",
887 				    __FILE__, __LINE__, __func__);
888 				mpt3sas_base_free_smid(ioc, smid);
889 				ret = -EINVAL;
890 				goto out;
891 			}
892 			data = data_out;
893 		}
894 
895 		if (data[1] == 0x91 && (data[10] == 1 || data[10] == 2)) {
896 			ioc->ioc_link_reset_in_progress = 1;
897 			ioc->ignore_loginfos = 1;
898 		}
899 		ioc->build_sg(ioc, psge, data_out_dma, data_out_sz, data_in_dma,
900 		    data_in_sz);
901 		ioc->put_smid_default(ioc, smid);
902 		break;
903 	}
904 	case MPI2_FUNCTION_SATA_PASSTHROUGH:
905 	{
906 		if (test_bit(device_handle, ioc->device_remove_in_progress)) {
907 			dtmprintk(ioc,
908 				  ioc_info(ioc, "handle(0x%04x) :ioctl failed due to device removal in progress\n",
909 					   device_handle));
910 			mpt3sas_base_free_smid(ioc, smid);
911 			ret = -EINVAL;
912 			goto out;
913 		}
914 		ioc->build_sg(ioc, psge, data_out_dma, data_out_sz, data_in_dma,
915 		    data_in_sz);
916 		ioc->put_smid_default(ioc, smid);
917 		break;
918 	}
919 	case MPI2_FUNCTION_FW_DOWNLOAD:
920 	case MPI2_FUNCTION_FW_UPLOAD:
921 	{
922 		ioc->build_sg(ioc, psge, data_out_dma, data_out_sz, data_in_dma,
923 		    data_in_sz);
924 		ioc->put_smid_default(ioc, smid);
925 		break;
926 	}
927 	case MPI2_FUNCTION_TOOLBOX:
928 	{
929 		Mpi2ToolboxCleanRequest_t *toolbox_request =
930 			(Mpi2ToolboxCleanRequest_t *)mpi_request;
931 
932 		if ((toolbox_request->Tool == MPI2_TOOLBOX_DIAGNOSTIC_CLI_TOOL)
933 		    || (toolbox_request->Tool ==
934 		    MPI26_TOOLBOX_BACKEND_PCIE_LANE_MARGIN))
935 			ioc->build_sg(ioc, psge, data_out_dma, data_out_sz,
936 				data_in_dma, data_in_sz);
937 		else if (toolbox_request->Tool ==
938 				MPI2_TOOLBOX_MEMORY_MOVE_TOOL) {
939 			Mpi2ToolboxMemMoveRequest_t *mem_move_request =
940 					(Mpi2ToolboxMemMoveRequest_t *)request;
941 			Mpi2SGESimple64_t tmp, *src = NULL, *dst = NULL;
942 
943 			ioc->build_sg_mpi(ioc, psge, data_out_dma,
944 					data_out_sz, data_in_dma, data_in_sz);
945 			if (data_out_sz && !data_in_sz) {
946 				dst =
947 				    (Mpi2SGESimple64_t *)&mem_move_request->SGL;
948 				src = (void *)dst + ioc->sge_size;
949 
950 				memcpy(&tmp, src, ioc->sge_size);
951 				memcpy(src, dst, ioc->sge_size);
952 				memcpy(dst, &tmp, ioc->sge_size);
953 			}
954 			if (ioc->logging_level & MPT_DEBUG_TM) {
955 				ioc_info(ioc,
956 				  "Mpi2ToolboxMemMoveRequest_t request msg\n");
957 				_debug_dump_mf(mem_move_request,
958 							ioc->request_sz/4);
959 			}
960 		} else
961 			ioc->build_sg_mpi(ioc, psge, data_out_dma, data_out_sz,
962 			    data_in_dma, data_in_sz);
963 		ioc->put_smid_default(ioc, smid);
964 		break;
965 	}
966 	case MPI2_FUNCTION_SAS_IO_UNIT_CONTROL:
967 	{
968 		Mpi2SasIoUnitControlRequest_t *sasiounit_request =
969 		    (Mpi2SasIoUnitControlRequest_t *)mpi_request;
970 
971 		if (sasiounit_request->Operation == MPI2_SAS_OP_PHY_HARD_RESET
972 		    || sasiounit_request->Operation ==
973 		    MPI2_SAS_OP_PHY_LINK_RESET) {
974 			ioc->ioc_link_reset_in_progress = 1;
975 			ioc->ignore_loginfos = 1;
976 		}
977 		/* drop to default case for posting the request */
978 	}
979 		/* fall through */
980 	default:
981 		ioc->build_sg_mpi(ioc, psge, data_out_dma, data_out_sz,
982 		    data_in_dma, data_in_sz);
983 		ioc->put_smid_default(ioc, smid);
984 		break;
985 	}
986 
987 	if (karg.timeout < MPT3_IOCTL_DEFAULT_TIMEOUT)
988 		timeout = MPT3_IOCTL_DEFAULT_TIMEOUT;
989 	else
990 		timeout = karg.timeout;
991 	wait_for_completion_timeout(&ioc->ctl_cmds.done, timeout*HZ);
992 	if (mpi_request->Function == MPI2_FUNCTION_SCSI_TASK_MGMT) {
993 		Mpi2SCSITaskManagementRequest_t *tm_request =
994 		    (Mpi2SCSITaskManagementRequest_t *)mpi_request;
995 		mpt3sas_scsih_clear_tm_flag(ioc, le16_to_cpu(
996 		    tm_request->DevHandle));
997 		mpt3sas_trigger_master(ioc, MASTER_TRIGGER_TASK_MANAGMENT);
998 	} else if ((mpi_request->Function == MPI2_FUNCTION_SMP_PASSTHROUGH ||
999 	    mpi_request->Function == MPI2_FUNCTION_SAS_IO_UNIT_CONTROL) &&
1000 		ioc->ioc_link_reset_in_progress) {
1001 		ioc->ioc_link_reset_in_progress = 0;
1002 		ioc->ignore_loginfos = 0;
1003 	}
1004 	if (!(ioc->ctl_cmds.status & MPT3_CMD_COMPLETE)) {
1005 		issue_reset =
1006 			mpt3sas_base_check_cmd_timeout(ioc,
1007 				ioc->ctl_cmds.status, mpi_request,
1008 				karg.data_sge_offset);
1009 		goto issue_host_reset;
1010 	}
1011 
1012 	mpi_reply = ioc->ctl_cmds.reply;
1013 
1014 	if (mpi_reply->Function == MPI2_FUNCTION_SCSI_TASK_MGMT &&
1015 	    (ioc->logging_level & MPT_DEBUG_TM)) {
1016 		Mpi2SCSITaskManagementReply_t *tm_reply =
1017 		    (Mpi2SCSITaskManagementReply_t *)mpi_reply;
1018 
1019 		ioc_info(ioc, "TASK_MGMT: IOCStatus(0x%04x), IOCLogInfo(0x%08x), TerminationCount(0x%08x)\n",
1020 			 le16_to_cpu(tm_reply->IOCStatus),
1021 			 le32_to_cpu(tm_reply->IOCLogInfo),
1022 			 le32_to_cpu(tm_reply->TerminationCount));
1023 	}
1024 
1025 	/* copy out xdata to user */
1026 	if (data_in_sz) {
1027 		if (copy_to_user(karg.data_in_buf_ptr, data_in,
1028 		    data_in_sz)) {
1029 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
1030 			    __LINE__, __func__);
1031 			ret = -ENODATA;
1032 			goto out;
1033 		}
1034 	}
1035 
1036 	/* copy out reply message frame to user */
1037 	if (karg.max_reply_bytes) {
1038 		sz = min_t(u32, karg.max_reply_bytes, ioc->reply_sz);
1039 		if (copy_to_user(karg.reply_frame_buf_ptr, ioc->ctl_cmds.reply,
1040 		    sz)) {
1041 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
1042 			    __LINE__, __func__);
1043 			ret = -ENODATA;
1044 			goto out;
1045 		}
1046 	}
1047 
1048 	/* copy out sense/NVMe Error Response to user */
1049 	if (karg.max_sense_bytes && (mpi_request->Function ==
1050 	    MPI2_FUNCTION_SCSI_IO_REQUEST || mpi_request->Function ==
1051 	    MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH || mpi_request->Function ==
1052 	    MPI2_FUNCTION_NVME_ENCAPSULATED)) {
1053 		if (karg.sense_data_ptr == NULL) {
1054 			ioc_info(ioc, "Response buffer provided by application is NULL; Response data will not be returned\n");
1055 			goto out;
1056 		}
1057 		sz_arg = (mpi_request->Function ==
1058 		MPI2_FUNCTION_NVME_ENCAPSULATED) ? NVME_ERROR_RESPONSE_SIZE :
1059 							SCSI_SENSE_BUFFERSIZE;
1060 		sz = min_t(u32, karg.max_sense_bytes, sz_arg);
1061 		if (copy_to_user(karg.sense_data_ptr, ioc->ctl_cmds.sense,
1062 		    sz)) {
1063 			pr_err("failure at %s:%d/%s()!\n", __FILE__,
1064 				__LINE__, __func__);
1065 			ret = -ENODATA;
1066 			goto out;
1067 		}
1068 	}
1069 
1070  issue_host_reset:
1071 	if (issue_reset) {
1072 		ret = -ENODATA;
1073 		if ((mpi_request->Function == MPI2_FUNCTION_SCSI_IO_REQUEST ||
1074 		    mpi_request->Function ==
1075 		    MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH ||
1076 		    mpi_request->Function == MPI2_FUNCTION_SATA_PASSTHROUGH)) {
1077 			ioc_info(ioc, "issue target reset: handle = (0x%04x)\n",
1078 				 le16_to_cpu(mpi_request->FunctionDependent1));
1079 			mpt3sas_halt_firmware(ioc);
1080 			pcie_device = mpt3sas_get_pdev_by_handle(ioc,
1081 				le16_to_cpu(mpi_request->FunctionDependent1));
1082 			if (pcie_device && (!ioc->tm_custom_handling) &&
1083 			    (!(mpt3sas_scsih_is_pcie_scsi_device(
1084 			    pcie_device->device_info))))
1085 				mpt3sas_scsih_issue_locked_tm(ioc,
1086 				  le16_to_cpu(mpi_request->FunctionDependent1),
1087 				  0, MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET, 0,
1088 				  0, pcie_device->reset_timeout,
1089 			MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE);
1090 			else
1091 				mpt3sas_scsih_issue_locked_tm(ioc,
1092 				  le16_to_cpu(mpi_request->FunctionDependent1),
1093 				  0, MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET, 0,
1094 				  0, 30, MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET);
1095 		} else
1096 			mpt3sas_base_hard_reset_handler(ioc, FORCE_BIG_HAMMER);
1097 	}
1098 
1099  out:
1100 	if (pcie_device)
1101 		pcie_device_put(pcie_device);
1102 
1103 	/* free memory associated with sg buffers */
1104 	if (data_in)
1105 		dma_free_coherent(&ioc->pdev->dev, data_in_sz, data_in,
1106 		    data_in_dma);
1107 
1108 	if (data_out)
1109 		dma_free_coherent(&ioc->pdev->dev, data_out_sz, data_out,
1110 		    data_out_dma);
1111 
1112 	kfree(mpi_request);
1113 	ioc->ctl_cmds.status = MPT3_CMD_NOT_USED;
1114 	return ret;
1115 }
1116 
1117 /**
1118  * _ctl_getiocinfo - main handler for MPT3IOCINFO opcode
1119  * @ioc: per adapter object
1120  * @arg: user space buffer containing ioctl content
1121  */
1122 static long
1123 _ctl_getiocinfo(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1124 {
1125 	struct mpt3_ioctl_iocinfo karg;
1126 
1127 	dctlprintk(ioc, ioc_info(ioc, "%s: enter\n",
1128 				 __func__));
1129 
1130 	memset(&karg, 0 , sizeof(karg));
1131 	if (ioc->pfacts)
1132 		karg.port_number = ioc->pfacts[0].PortNumber;
1133 	karg.hw_rev = ioc->pdev->revision;
1134 	karg.pci_id = ioc->pdev->device;
1135 	karg.subsystem_device = ioc->pdev->subsystem_device;
1136 	karg.subsystem_vendor = ioc->pdev->subsystem_vendor;
1137 	karg.pci_information.u.bits.bus = ioc->pdev->bus->number;
1138 	karg.pci_information.u.bits.device = PCI_SLOT(ioc->pdev->devfn);
1139 	karg.pci_information.u.bits.function = PCI_FUNC(ioc->pdev->devfn);
1140 	karg.pci_information.segment_id = pci_domain_nr(ioc->pdev->bus);
1141 	karg.firmware_version = ioc->facts.FWVersion.Word;
1142 	strcpy(karg.driver_version, ioc->driver_name);
1143 	strcat(karg.driver_version, "-");
1144 	switch  (ioc->hba_mpi_version_belonged) {
1145 	case MPI2_VERSION:
1146 		if (ioc->is_warpdrive)
1147 			karg.adapter_type = MPT2_IOCTL_INTERFACE_SAS2_SSS6200;
1148 		else
1149 			karg.adapter_type = MPT2_IOCTL_INTERFACE_SAS2;
1150 		strcat(karg.driver_version, MPT2SAS_DRIVER_VERSION);
1151 		break;
1152 	case MPI25_VERSION:
1153 	case MPI26_VERSION:
1154 		if (ioc->is_gen35_ioc)
1155 			karg.adapter_type = MPT3_IOCTL_INTERFACE_SAS35;
1156 		else
1157 			karg.adapter_type = MPT3_IOCTL_INTERFACE_SAS3;
1158 		strcat(karg.driver_version, MPT3SAS_DRIVER_VERSION);
1159 		break;
1160 	}
1161 	karg.bios_version = le32_to_cpu(ioc->bios_pg3.BiosVersion);
1162 
1163 	if (copy_to_user(arg, &karg, sizeof(karg))) {
1164 		pr_err("failure at %s:%d/%s()!\n",
1165 		    __FILE__, __LINE__, __func__);
1166 		return -EFAULT;
1167 	}
1168 	return 0;
1169 }
1170 
1171 /**
1172  * _ctl_eventquery - main handler for MPT3EVENTQUERY opcode
1173  * @ioc: per adapter object
1174  * @arg: user space buffer containing ioctl content
1175  */
1176 static long
1177 _ctl_eventquery(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1178 {
1179 	struct mpt3_ioctl_eventquery karg;
1180 
1181 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1182 		pr_err("failure at %s:%d/%s()!\n",
1183 		    __FILE__, __LINE__, __func__);
1184 		return -EFAULT;
1185 	}
1186 
1187 	dctlprintk(ioc, ioc_info(ioc, "%s: enter\n",
1188 				 __func__));
1189 
1190 	karg.event_entries = MPT3SAS_CTL_EVENT_LOG_SIZE;
1191 	memcpy(karg.event_types, ioc->event_type,
1192 	    MPI2_EVENT_NOTIFY_EVENTMASK_WORDS * sizeof(u32));
1193 
1194 	if (copy_to_user(arg, &karg, sizeof(karg))) {
1195 		pr_err("failure at %s:%d/%s()!\n",
1196 		    __FILE__, __LINE__, __func__);
1197 		return -EFAULT;
1198 	}
1199 	return 0;
1200 }
1201 
1202 /**
1203  * _ctl_eventenable - main handler for MPT3EVENTENABLE opcode
1204  * @ioc: per adapter object
1205  * @arg: user space buffer containing ioctl content
1206  */
1207 static long
1208 _ctl_eventenable(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1209 {
1210 	struct mpt3_ioctl_eventenable karg;
1211 
1212 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1213 		pr_err("failure at %s:%d/%s()!\n",
1214 		    __FILE__, __LINE__, __func__);
1215 		return -EFAULT;
1216 	}
1217 
1218 	dctlprintk(ioc, ioc_info(ioc, "%s: enter\n",
1219 				 __func__));
1220 
1221 	memcpy(ioc->event_type, karg.event_types,
1222 	    MPI2_EVENT_NOTIFY_EVENTMASK_WORDS * sizeof(u32));
1223 	mpt3sas_base_validate_event_type(ioc, ioc->event_type);
1224 
1225 	if (ioc->event_log)
1226 		return 0;
1227 	/* initialize event_log */
1228 	ioc->event_context = 0;
1229 	ioc->aen_event_read_flag = 0;
1230 	ioc->event_log = kcalloc(MPT3SAS_CTL_EVENT_LOG_SIZE,
1231 	    sizeof(struct MPT3_IOCTL_EVENTS), GFP_KERNEL);
1232 	if (!ioc->event_log) {
1233 		pr_err("failure at %s:%d/%s()!\n",
1234 		    __FILE__, __LINE__, __func__);
1235 		return -ENOMEM;
1236 	}
1237 	return 0;
1238 }
1239 
1240 /**
1241  * _ctl_eventreport - main handler for MPT3EVENTREPORT opcode
1242  * @ioc: per adapter object
1243  * @arg: user space buffer containing ioctl content
1244  */
1245 static long
1246 _ctl_eventreport(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1247 {
1248 	struct mpt3_ioctl_eventreport karg;
1249 	u32 number_bytes, max_events, max;
1250 	struct mpt3_ioctl_eventreport __user *uarg = arg;
1251 
1252 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1253 		pr_err("failure at %s:%d/%s()!\n",
1254 		    __FILE__, __LINE__, __func__);
1255 		return -EFAULT;
1256 	}
1257 
1258 	dctlprintk(ioc, ioc_info(ioc, "%s: enter\n",
1259 				 __func__));
1260 
1261 	number_bytes = karg.hdr.max_data_size -
1262 	    sizeof(struct mpt3_ioctl_header);
1263 	max_events = number_bytes/sizeof(struct MPT3_IOCTL_EVENTS);
1264 	max = min_t(u32, MPT3SAS_CTL_EVENT_LOG_SIZE, max_events);
1265 
1266 	/* If fewer than 1 event is requested, there must have
1267 	 * been some type of error.
1268 	 */
1269 	if (!max || !ioc->event_log)
1270 		return -ENODATA;
1271 
1272 	number_bytes = max * sizeof(struct MPT3_IOCTL_EVENTS);
1273 	if (copy_to_user(uarg->event_data, ioc->event_log, number_bytes)) {
1274 		pr_err("failure at %s:%d/%s()!\n",
1275 		    __FILE__, __LINE__, __func__);
1276 		return -EFAULT;
1277 	}
1278 
1279 	/* reset flag so SIGIO can restart */
1280 	ioc->aen_event_read_flag = 0;
1281 	return 0;
1282 }
1283 
1284 /**
1285  * _ctl_do_reset - main handler for MPT3HARDRESET opcode
1286  * @ioc: per adapter object
1287  * @arg: user space buffer containing ioctl content
1288  */
1289 static long
1290 _ctl_do_reset(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1291 {
1292 	struct mpt3_ioctl_diag_reset karg;
1293 	int retval;
1294 
1295 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1296 		pr_err("failure at %s:%d/%s()!\n",
1297 		    __FILE__, __LINE__, __func__);
1298 		return -EFAULT;
1299 	}
1300 
1301 	if (ioc->shost_recovery || ioc->pci_error_recovery ||
1302 	    ioc->is_driver_loading)
1303 		return -EAGAIN;
1304 
1305 	dctlprintk(ioc, ioc_info(ioc, "%s: enter\n",
1306 				 __func__));
1307 
1308 	retval = mpt3sas_base_hard_reset_handler(ioc, FORCE_BIG_HAMMER);
1309 	ioc_info(ioc, "host reset: %s\n", ((!retval) ? "SUCCESS" : "FAILED"));
1310 	return 0;
1311 }
1312 
1313 /**
1314  * _ctl_btdh_search_sas_device - searching for sas device
1315  * @ioc: per adapter object
1316  * @btdh: btdh ioctl payload
1317  */
1318 static int
1319 _ctl_btdh_search_sas_device(struct MPT3SAS_ADAPTER *ioc,
1320 	struct mpt3_ioctl_btdh_mapping *btdh)
1321 {
1322 	struct _sas_device *sas_device;
1323 	unsigned long flags;
1324 	int rc = 0;
1325 
1326 	if (list_empty(&ioc->sas_device_list))
1327 		return rc;
1328 
1329 	spin_lock_irqsave(&ioc->sas_device_lock, flags);
1330 	list_for_each_entry(sas_device, &ioc->sas_device_list, list) {
1331 		if (btdh->bus == 0xFFFFFFFF && btdh->id == 0xFFFFFFFF &&
1332 		    btdh->handle == sas_device->handle) {
1333 			btdh->bus = sas_device->channel;
1334 			btdh->id = sas_device->id;
1335 			rc = 1;
1336 			goto out;
1337 		} else if (btdh->bus == sas_device->channel && btdh->id ==
1338 		    sas_device->id && btdh->handle == 0xFFFF) {
1339 			btdh->handle = sas_device->handle;
1340 			rc = 1;
1341 			goto out;
1342 		}
1343 	}
1344  out:
1345 	spin_unlock_irqrestore(&ioc->sas_device_lock, flags);
1346 	return rc;
1347 }
1348 
1349 /**
1350  * _ctl_btdh_search_pcie_device - searching for pcie device
1351  * @ioc: per adapter object
1352  * @btdh: btdh ioctl payload
1353  */
1354 static int
1355 _ctl_btdh_search_pcie_device(struct MPT3SAS_ADAPTER *ioc,
1356 	struct mpt3_ioctl_btdh_mapping *btdh)
1357 {
1358 	struct _pcie_device *pcie_device;
1359 	unsigned long flags;
1360 	int rc = 0;
1361 
1362 	if (list_empty(&ioc->pcie_device_list))
1363 		return rc;
1364 
1365 	spin_lock_irqsave(&ioc->pcie_device_lock, flags);
1366 	list_for_each_entry(pcie_device, &ioc->pcie_device_list, list) {
1367 		if (btdh->bus == 0xFFFFFFFF && btdh->id == 0xFFFFFFFF &&
1368 			   btdh->handle == pcie_device->handle) {
1369 			btdh->bus = pcie_device->channel;
1370 			btdh->id = pcie_device->id;
1371 			rc = 1;
1372 			goto out;
1373 		} else if (btdh->bus == pcie_device->channel && btdh->id ==
1374 			   pcie_device->id && btdh->handle == 0xFFFF) {
1375 			btdh->handle = pcie_device->handle;
1376 			rc = 1;
1377 			goto out;
1378 		}
1379 	}
1380  out:
1381 	spin_unlock_irqrestore(&ioc->pcie_device_lock, flags);
1382 	return rc;
1383 }
1384 
1385 /**
1386  * _ctl_btdh_search_raid_device - searching for raid device
1387  * @ioc: per adapter object
1388  * @btdh: btdh ioctl payload
1389  */
1390 static int
1391 _ctl_btdh_search_raid_device(struct MPT3SAS_ADAPTER *ioc,
1392 	struct mpt3_ioctl_btdh_mapping *btdh)
1393 {
1394 	struct _raid_device *raid_device;
1395 	unsigned long flags;
1396 	int rc = 0;
1397 
1398 	if (list_empty(&ioc->raid_device_list))
1399 		return rc;
1400 
1401 	spin_lock_irqsave(&ioc->raid_device_lock, flags);
1402 	list_for_each_entry(raid_device, &ioc->raid_device_list, list) {
1403 		if (btdh->bus == 0xFFFFFFFF && btdh->id == 0xFFFFFFFF &&
1404 		    btdh->handle == raid_device->handle) {
1405 			btdh->bus = raid_device->channel;
1406 			btdh->id = raid_device->id;
1407 			rc = 1;
1408 			goto out;
1409 		} else if (btdh->bus == raid_device->channel && btdh->id ==
1410 		    raid_device->id && btdh->handle == 0xFFFF) {
1411 			btdh->handle = raid_device->handle;
1412 			rc = 1;
1413 			goto out;
1414 		}
1415 	}
1416  out:
1417 	spin_unlock_irqrestore(&ioc->raid_device_lock, flags);
1418 	return rc;
1419 }
1420 
1421 /**
1422  * _ctl_btdh_mapping - main handler for MPT3BTDHMAPPING opcode
1423  * @ioc: per adapter object
1424  * @arg: user space buffer containing ioctl content
1425  */
1426 static long
1427 _ctl_btdh_mapping(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1428 {
1429 	struct mpt3_ioctl_btdh_mapping karg;
1430 	int rc;
1431 
1432 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1433 		pr_err("failure at %s:%d/%s()!\n",
1434 		    __FILE__, __LINE__, __func__);
1435 		return -EFAULT;
1436 	}
1437 
1438 	dctlprintk(ioc, ioc_info(ioc, "%s\n",
1439 				 __func__));
1440 
1441 	rc = _ctl_btdh_search_sas_device(ioc, &karg);
1442 	if (!rc)
1443 		rc = _ctl_btdh_search_pcie_device(ioc, &karg);
1444 	if (!rc)
1445 		_ctl_btdh_search_raid_device(ioc, &karg);
1446 
1447 	if (copy_to_user(arg, &karg, sizeof(karg))) {
1448 		pr_err("failure at %s:%d/%s()!\n",
1449 		    __FILE__, __LINE__, __func__);
1450 		return -EFAULT;
1451 	}
1452 	return 0;
1453 }
1454 
1455 /**
1456  * _ctl_diag_capability - return diag buffer capability
1457  * @ioc: per adapter object
1458  * @buffer_type: specifies either TRACE, SNAPSHOT, or EXTENDED
1459  *
1460  * returns 1 when diag buffer support is enabled in firmware
1461  */
1462 static u8
1463 _ctl_diag_capability(struct MPT3SAS_ADAPTER *ioc, u8 buffer_type)
1464 {
1465 	u8 rc = 0;
1466 
1467 	switch (buffer_type) {
1468 	case MPI2_DIAG_BUF_TYPE_TRACE:
1469 		if (ioc->facts.IOCCapabilities &
1470 		    MPI2_IOCFACTS_CAPABILITY_DIAG_TRACE_BUFFER)
1471 			rc = 1;
1472 		break;
1473 	case MPI2_DIAG_BUF_TYPE_SNAPSHOT:
1474 		if (ioc->facts.IOCCapabilities &
1475 		    MPI2_IOCFACTS_CAPABILITY_SNAPSHOT_BUFFER)
1476 			rc = 1;
1477 		break;
1478 	case MPI2_DIAG_BUF_TYPE_EXTENDED:
1479 		if (ioc->facts.IOCCapabilities &
1480 		    MPI2_IOCFACTS_CAPABILITY_EXTENDED_BUFFER)
1481 			rc = 1;
1482 	}
1483 
1484 	return rc;
1485 }
1486 
1487 
1488 /**
1489  * _ctl_diag_register_2 - wrapper for registering diag buffer support
1490  * @ioc: per adapter object
1491  * @diag_register: the diag_register struct passed in from user space
1492  *
1493  */
1494 static long
1495 _ctl_diag_register_2(struct MPT3SAS_ADAPTER *ioc,
1496 	struct mpt3_diag_register *diag_register)
1497 {
1498 	int rc, i;
1499 	void *request_data = NULL;
1500 	dma_addr_t request_data_dma;
1501 	u32 request_data_sz = 0;
1502 	Mpi2DiagBufferPostRequest_t *mpi_request;
1503 	Mpi2DiagBufferPostReply_t *mpi_reply;
1504 	u8 buffer_type;
1505 	u16 smid;
1506 	u16 ioc_status;
1507 	u32 ioc_state;
1508 	u8 issue_reset = 0;
1509 
1510 	dctlprintk(ioc, ioc_info(ioc, "%s\n",
1511 				 __func__));
1512 
1513 	ioc_state = mpt3sas_base_get_iocstate(ioc, 1);
1514 	if (ioc_state != MPI2_IOC_STATE_OPERATIONAL) {
1515 		ioc_err(ioc, "%s: failed due to ioc not operational\n",
1516 			__func__);
1517 		rc = -EAGAIN;
1518 		goto out;
1519 	}
1520 
1521 	if (ioc->ctl_cmds.status != MPT3_CMD_NOT_USED) {
1522 		ioc_err(ioc, "%s: ctl_cmd in use\n", __func__);
1523 		rc = -EAGAIN;
1524 		goto out;
1525 	}
1526 
1527 	buffer_type = diag_register->buffer_type;
1528 	if (!_ctl_diag_capability(ioc, buffer_type)) {
1529 		ioc_err(ioc, "%s: doesn't have capability for buffer_type(0x%02x)\n",
1530 			__func__, buffer_type);
1531 		return -EPERM;
1532 	}
1533 
1534 	if (ioc->diag_buffer_status[buffer_type] &
1535 	    MPT3_DIAG_BUFFER_IS_REGISTERED) {
1536 		ioc_err(ioc, "%s: already has a registered buffer for buffer_type(0x%02x)\n",
1537 			__func__, buffer_type);
1538 		return -EINVAL;
1539 	}
1540 
1541 	if (diag_register->requested_buffer_size % 4)  {
1542 		ioc_err(ioc, "%s: the requested_buffer_size is not 4 byte aligned\n",
1543 			__func__);
1544 		return -EINVAL;
1545 	}
1546 
1547 	smid = mpt3sas_base_get_smid(ioc, ioc->ctl_cb_idx);
1548 	if (!smid) {
1549 		ioc_err(ioc, "%s: failed obtaining a smid\n", __func__);
1550 		rc = -EAGAIN;
1551 		goto out;
1552 	}
1553 
1554 	rc = 0;
1555 	ioc->ctl_cmds.status = MPT3_CMD_PENDING;
1556 	memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
1557 	mpi_request = mpt3sas_base_get_msg_frame(ioc, smid);
1558 	ioc->ctl_cmds.smid = smid;
1559 
1560 	request_data = ioc->diag_buffer[buffer_type];
1561 	request_data_sz = diag_register->requested_buffer_size;
1562 	ioc->unique_id[buffer_type] = diag_register->unique_id;
1563 	ioc->diag_buffer_status[buffer_type] = 0;
1564 	memcpy(ioc->product_specific[buffer_type],
1565 	    diag_register->product_specific, MPT3_PRODUCT_SPECIFIC_DWORDS);
1566 	ioc->diagnostic_flags[buffer_type] = diag_register->diagnostic_flags;
1567 
1568 	if (request_data) {
1569 		request_data_dma = ioc->diag_buffer_dma[buffer_type];
1570 		if (request_data_sz != ioc->diag_buffer_sz[buffer_type]) {
1571 			dma_free_coherent(&ioc->pdev->dev,
1572 					ioc->diag_buffer_sz[buffer_type],
1573 					request_data, request_data_dma);
1574 			request_data = NULL;
1575 		}
1576 	}
1577 
1578 	if (request_data == NULL) {
1579 		ioc->diag_buffer_sz[buffer_type] = 0;
1580 		ioc->diag_buffer_dma[buffer_type] = 0;
1581 		request_data = dma_alloc_coherent(&ioc->pdev->dev,
1582 				request_data_sz, &request_data_dma, GFP_KERNEL);
1583 		if (request_data == NULL) {
1584 			ioc_err(ioc, "%s: failed allocating memory for diag buffers, requested size(%d)\n",
1585 				__func__, request_data_sz);
1586 			mpt3sas_base_free_smid(ioc, smid);
1587 			return -ENOMEM;
1588 		}
1589 		ioc->diag_buffer[buffer_type] = request_data;
1590 		ioc->diag_buffer_sz[buffer_type] = request_data_sz;
1591 		ioc->diag_buffer_dma[buffer_type] = request_data_dma;
1592 	}
1593 
1594 	mpi_request->Function = MPI2_FUNCTION_DIAG_BUFFER_POST;
1595 	mpi_request->BufferType = diag_register->buffer_type;
1596 	mpi_request->Flags = cpu_to_le32(diag_register->diagnostic_flags);
1597 	mpi_request->BufferAddress = cpu_to_le64(request_data_dma);
1598 	mpi_request->BufferLength = cpu_to_le32(request_data_sz);
1599 	mpi_request->VF_ID = 0; /* TODO */
1600 	mpi_request->VP_ID = 0;
1601 
1602 	dctlprintk(ioc,
1603 		   ioc_info(ioc, "%s: diag_buffer(0x%p), dma(0x%llx), sz(%d)\n",
1604 			    __func__, request_data,
1605 			    (unsigned long long)request_data_dma,
1606 			    le32_to_cpu(mpi_request->BufferLength)));
1607 
1608 	for (i = 0; i < MPT3_PRODUCT_SPECIFIC_DWORDS; i++)
1609 		mpi_request->ProductSpecific[i] =
1610 			cpu_to_le32(ioc->product_specific[buffer_type][i]);
1611 
1612 	init_completion(&ioc->ctl_cmds.done);
1613 	ioc->put_smid_default(ioc, smid);
1614 	wait_for_completion_timeout(&ioc->ctl_cmds.done,
1615 	    MPT3_IOCTL_DEFAULT_TIMEOUT*HZ);
1616 
1617 	if (!(ioc->ctl_cmds.status & MPT3_CMD_COMPLETE)) {
1618 		issue_reset =
1619 			mpt3sas_base_check_cmd_timeout(ioc,
1620 				ioc->ctl_cmds.status, mpi_request,
1621 				sizeof(Mpi2DiagBufferPostRequest_t)/4);
1622 		goto issue_host_reset;
1623 	}
1624 
1625 	/* process the completed Reply Message Frame */
1626 	if ((ioc->ctl_cmds.status & MPT3_CMD_REPLY_VALID) == 0) {
1627 		ioc_err(ioc, "%s: no reply message\n", __func__);
1628 		rc = -EFAULT;
1629 		goto out;
1630 	}
1631 
1632 	mpi_reply = ioc->ctl_cmds.reply;
1633 	ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
1634 
1635 	if (ioc_status == MPI2_IOCSTATUS_SUCCESS) {
1636 		ioc->diag_buffer_status[buffer_type] |=
1637 			MPT3_DIAG_BUFFER_IS_REGISTERED;
1638 		dctlprintk(ioc, ioc_info(ioc, "%s: success\n", __func__));
1639 	} else {
1640 		ioc_info(ioc, "%s: ioc_status(0x%04x) log_info(0x%08x)\n",
1641 			 __func__,
1642 			 ioc_status, le32_to_cpu(mpi_reply->IOCLogInfo));
1643 		rc = -EFAULT;
1644 	}
1645 
1646  issue_host_reset:
1647 	if (issue_reset)
1648 		mpt3sas_base_hard_reset_handler(ioc, FORCE_BIG_HAMMER);
1649 
1650  out:
1651 
1652 	if (rc && request_data)
1653 		dma_free_coherent(&ioc->pdev->dev, request_data_sz,
1654 		    request_data, request_data_dma);
1655 
1656 	ioc->ctl_cmds.status = MPT3_CMD_NOT_USED;
1657 	return rc;
1658 }
1659 
1660 /**
1661  * mpt3sas_enable_diag_buffer - enabling diag_buffers support driver load time
1662  * @ioc: per adapter object
1663  * @bits_to_register: bitwise field where trace is bit 0, and snapshot is bit 1
1664  *
1665  * This is called when command line option diag_buffer_enable is enabled
1666  * at driver load time.
1667  */
1668 void
1669 mpt3sas_enable_diag_buffer(struct MPT3SAS_ADAPTER *ioc, u8 bits_to_register)
1670 {
1671 	struct mpt3_diag_register diag_register;
1672 
1673 	memset(&diag_register, 0, sizeof(struct mpt3_diag_register));
1674 
1675 	if (bits_to_register & 1) {
1676 		ioc_info(ioc, "registering trace buffer support\n");
1677 		ioc->diag_trigger_master.MasterData =
1678 		    (MASTER_TRIGGER_FW_FAULT + MASTER_TRIGGER_ADAPTER_RESET);
1679 		diag_register.buffer_type = MPI2_DIAG_BUF_TYPE_TRACE;
1680 		/* register for 2MB buffers  */
1681 		diag_register.requested_buffer_size = 2 * (1024 * 1024);
1682 		diag_register.unique_id = 0x7075900;
1683 		_ctl_diag_register_2(ioc,  &diag_register);
1684 	}
1685 
1686 	if (bits_to_register & 2) {
1687 		ioc_info(ioc, "registering snapshot buffer support\n");
1688 		diag_register.buffer_type = MPI2_DIAG_BUF_TYPE_SNAPSHOT;
1689 		/* register for 2MB buffers  */
1690 		diag_register.requested_buffer_size = 2 * (1024 * 1024);
1691 		diag_register.unique_id = 0x7075901;
1692 		_ctl_diag_register_2(ioc,  &diag_register);
1693 	}
1694 
1695 	if (bits_to_register & 4) {
1696 		ioc_info(ioc, "registering extended buffer support\n");
1697 		diag_register.buffer_type = MPI2_DIAG_BUF_TYPE_EXTENDED;
1698 		/* register for 2MB buffers  */
1699 		diag_register.requested_buffer_size = 2 * (1024 * 1024);
1700 		diag_register.unique_id = 0x7075901;
1701 		_ctl_diag_register_2(ioc,  &diag_register);
1702 	}
1703 }
1704 
1705 /**
1706  * _ctl_diag_register - application register with driver
1707  * @ioc: per adapter object
1708  * @arg: user space buffer containing ioctl content
1709  *
1710  * This will allow the driver to setup any required buffers that will be
1711  * needed by firmware to communicate with the driver.
1712  */
1713 static long
1714 _ctl_diag_register(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1715 {
1716 	struct mpt3_diag_register karg;
1717 	long rc;
1718 
1719 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1720 		pr_err("failure at %s:%d/%s()!\n",
1721 		    __FILE__, __LINE__, __func__);
1722 		return -EFAULT;
1723 	}
1724 
1725 	rc = _ctl_diag_register_2(ioc, &karg);
1726 	return rc;
1727 }
1728 
1729 /**
1730  * _ctl_diag_unregister - application unregister with driver
1731  * @ioc: per adapter object
1732  * @arg: user space buffer containing ioctl content
1733  *
1734  * This will allow the driver to cleanup any memory allocated for diag
1735  * messages and to free up any resources.
1736  */
1737 static long
1738 _ctl_diag_unregister(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1739 {
1740 	struct mpt3_diag_unregister karg;
1741 	void *request_data;
1742 	dma_addr_t request_data_dma;
1743 	u32 request_data_sz;
1744 	u8 buffer_type;
1745 
1746 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1747 		pr_err("failure at %s:%d/%s()!\n",
1748 		    __FILE__, __LINE__, __func__);
1749 		return -EFAULT;
1750 	}
1751 
1752 	dctlprintk(ioc, ioc_info(ioc, "%s\n",
1753 				 __func__));
1754 
1755 	buffer_type = karg.unique_id & 0x000000ff;
1756 	if (!_ctl_diag_capability(ioc, buffer_type)) {
1757 		ioc_err(ioc, "%s: doesn't have capability for buffer_type(0x%02x)\n",
1758 			__func__, buffer_type);
1759 		return -EPERM;
1760 	}
1761 
1762 	if ((ioc->diag_buffer_status[buffer_type] &
1763 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0) {
1764 		ioc_err(ioc, "%s: buffer_type(0x%02x) is not registered\n",
1765 			__func__, buffer_type);
1766 		return -EINVAL;
1767 	}
1768 	if ((ioc->diag_buffer_status[buffer_type] &
1769 	    MPT3_DIAG_BUFFER_IS_RELEASED) == 0) {
1770 		ioc_err(ioc, "%s: buffer_type(0x%02x) has not been released\n",
1771 			__func__, buffer_type);
1772 		return -EINVAL;
1773 	}
1774 
1775 	if (karg.unique_id != ioc->unique_id[buffer_type]) {
1776 		ioc_err(ioc, "%s: unique_id(0x%08x) is not registered\n",
1777 			__func__, karg.unique_id);
1778 		return -EINVAL;
1779 	}
1780 
1781 	request_data = ioc->diag_buffer[buffer_type];
1782 	if (!request_data) {
1783 		ioc_err(ioc, "%s: doesn't have memory allocated for buffer_type(0x%02x)\n",
1784 			__func__, buffer_type);
1785 		return -ENOMEM;
1786 	}
1787 
1788 	request_data_sz = ioc->diag_buffer_sz[buffer_type];
1789 	request_data_dma = ioc->diag_buffer_dma[buffer_type];
1790 	dma_free_coherent(&ioc->pdev->dev, request_data_sz,
1791 			request_data, request_data_dma);
1792 	ioc->diag_buffer[buffer_type] = NULL;
1793 	ioc->diag_buffer_status[buffer_type] = 0;
1794 	return 0;
1795 }
1796 
1797 /**
1798  * _ctl_diag_query - query relevant info associated with diag buffers
1799  * @ioc: per adapter object
1800  * @arg: user space buffer containing ioctl content
1801  *
1802  * The application will send only buffer_type and unique_id.  Driver will
1803  * inspect unique_id first, if valid, fill in all the info.  If unique_id is
1804  * 0x00, the driver will return info specified by Buffer Type.
1805  */
1806 static long
1807 _ctl_diag_query(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1808 {
1809 	struct mpt3_diag_query karg;
1810 	void *request_data;
1811 	int i;
1812 	u8 buffer_type;
1813 
1814 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1815 		pr_err("failure at %s:%d/%s()!\n",
1816 		    __FILE__, __LINE__, __func__);
1817 		return -EFAULT;
1818 	}
1819 
1820 	dctlprintk(ioc, ioc_info(ioc, "%s\n",
1821 				 __func__));
1822 
1823 	karg.application_flags = 0;
1824 	buffer_type = karg.buffer_type;
1825 
1826 	if (!_ctl_diag_capability(ioc, buffer_type)) {
1827 		ioc_err(ioc, "%s: doesn't have capability for buffer_type(0x%02x)\n",
1828 			__func__, buffer_type);
1829 		return -EPERM;
1830 	}
1831 
1832 	if ((ioc->diag_buffer_status[buffer_type] &
1833 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0) {
1834 		ioc_err(ioc, "%s: buffer_type(0x%02x) is not registered\n",
1835 			__func__, buffer_type);
1836 		return -EINVAL;
1837 	}
1838 
1839 	if (karg.unique_id & 0xffffff00) {
1840 		if (karg.unique_id != ioc->unique_id[buffer_type]) {
1841 			ioc_err(ioc, "%s: unique_id(0x%08x) is not registered\n",
1842 				__func__, karg.unique_id);
1843 			return -EINVAL;
1844 		}
1845 	}
1846 
1847 	request_data = ioc->diag_buffer[buffer_type];
1848 	if (!request_data) {
1849 		ioc_err(ioc, "%s: doesn't have buffer for buffer_type(0x%02x)\n",
1850 			__func__, buffer_type);
1851 		return -ENOMEM;
1852 	}
1853 
1854 	if (ioc->diag_buffer_status[buffer_type] & MPT3_DIAG_BUFFER_IS_RELEASED)
1855 		karg.application_flags = (MPT3_APP_FLAGS_APP_OWNED |
1856 		    MPT3_APP_FLAGS_BUFFER_VALID);
1857 	else
1858 		karg.application_flags = (MPT3_APP_FLAGS_APP_OWNED |
1859 		    MPT3_APP_FLAGS_BUFFER_VALID |
1860 		    MPT3_APP_FLAGS_FW_BUFFER_ACCESS);
1861 
1862 	for (i = 0; i < MPT3_PRODUCT_SPECIFIC_DWORDS; i++)
1863 		karg.product_specific[i] =
1864 		    ioc->product_specific[buffer_type][i];
1865 
1866 	karg.total_buffer_size = ioc->diag_buffer_sz[buffer_type];
1867 	karg.driver_added_buffer_size = 0;
1868 	karg.unique_id = ioc->unique_id[buffer_type];
1869 	karg.diagnostic_flags = ioc->diagnostic_flags[buffer_type];
1870 
1871 	if (copy_to_user(arg, &karg, sizeof(struct mpt3_diag_query))) {
1872 		ioc_err(ioc, "%s: unable to write mpt3_diag_query data @ %p\n",
1873 			__func__, arg);
1874 		return -EFAULT;
1875 	}
1876 	return 0;
1877 }
1878 
1879 /**
1880  * mpt3sas_send_diag_release - Diag Release Message
1881  * @ioc: per adapter object
1882  * @buffer_type: specifies either TRACE, SNAPSHOT, or EXTENDED
1883  * @issue_reset: specifies whether host reset is required.
1884  *
1885  */
1886 int
1887 mpt3sas_send_diag_release(struct MPT3SAS_ADAPTER *ioc, u8 buffer_type,
1888 	u8 *issue_reset)
1889 {
1890 	Mpi2DiagReleaseRequest_t *mpi_request;
1891 	Mpi2DiagReleaseReply_t *mpi_reply;
1892 	u16 smid;
1893 	u16 ioc_status;
1894 	u32 ioc_state;
1895 	int rc;
1896 
1897 	dctlprintk(ioc, ioc_info(ioc, "%s\n",
1898 				 __func__));
1899 
1900 	rc = 0;
1901 	*issue_reset = 0;
1902 
1903 	ioc_state = mpt3sas_base_get_iocstate(ioc, 1);
1904 	if (ioc_state != MPI2_IOC_STATE_OPERATIONAL) {
1905 		if (ioc->diag_buffer_status[buffer_type] &
1906 		    MPT3_DIAG_BUFFER_IS_REGISTERED)
1907 			ioc->diag_buffer_status[buffer_type] |=
1908 			    MPT3_DIAG_BUFFER_IS_RELEASED;
1909 		dctlprintk(ioc,
1910 			   ioc_info(ioc, "%s: skipping due to FAULT state\n",
1911 				    __func__));
1912 		rc = -EAGAIN;
1913 		goto out;
1914 	}
1915 
1916 	if (ioc->ctl_cmds.status != MPT3_CMD_NOT_USED) {
1917 		ioc_err(ioc, "%s: ctl_cmd in use\n", __func__);
1918 		rc = -EAGAIN;
1919 		goto out;
1920 	}
1921 
1922 	smid = mpt3sas_base_get_smid(ioc, ioc->ctl_cb_idx);
1923 	if (!smid) {
1924 		ioc_err(ioc, "%s: failed obtaining a smid\n", __func__);
1925 		rc = -EAGAIN;
1926 		goto out;
1927 	}
1928 
1929 	ioc->ctl_cmds.status = MPT3_CMD_PENDING;
1930 	memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
1931 	mpi_request = mpt3sas_base_get_msg_frame(ioc, smid);
1932 	ioc->ctl_cmds.smid = smid;
1933 
1934 	mpi_request->Function = MPI2_FUNCTION_DIAG_RELEASE;
1935 	mpi_request->BufferType = buffer_type;
1936 	mpi_request->VF_ID = 0; /* TODO */
1937 	mpi_request->VP_ID = 0;
1938 
1939 	init_completion(&ioc->ctl_cmds.done);
1940 	ioc->put_smid_default(ioc, smid);
1941 	wait_for_completion_timeout(&ioc->ctl_cmds.done,
1942 	    MPT3_IOCTL_DEFAULT_TIMEOUT*HZ);
1943 
1944 	if (!(ioc->ctl_cmds.status & MPT3_CMD_COMPLETE)) {
1945 		*issue_reset = mpt3sas_base_check_cmd_timeout(ioc,
1946 				ioc->ctl_cmds.status, mpi_request,
1947 				sizeof(Mpi2DiagReleaseRequest_t)/4);
1948 		rc = -EFAULT;
1949 		goto out;
1950 	}
1951 
1952 	/* process the completed Reply Message Frame */
1953 	if ((ioc->ctl_cmds.status & MPT3_CMD_REPLY_VALID) == 0) {
1954 		ioc_err(ioc, "%s: no reply message\n", __func__);
1955 		rc = -EFAULT;
1956 		goto out;
1957 	}
1958 
1959 	mpi_reply = ioc->ctl_cmds.reply;
1960 	ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
1961 
1962 	if (ioc_status == MPI2_IOCSTATUS_SUCCESS) {
1963 		ioc->diag_buffer_status[buffer_type] |=
1964 		    MPT3_DIAG_BUFFER_IS_RELEASED;
1965 		dctlprintk(ioc, ioc_info(ioc, "%s: success\n", __func__));
1966 	} else {
1967 		ioc_info(ioc, "%s: ioc_status(0x%04x) log_info(0x%08x)\n",
1968 			 __func__,
1969 			 ioc_status, le32_to_cpu(mpi_reply->IOCLogInfo));
1970 		rc = -EFAULT;
1971 	}
1972 
1973  out:
1974 	ioc->ctl_cmds.status = MPT3_CMD_NOT_USED;
1975 	return rc;
1976 }
1977 
1978 /**
1979  * _ctl_diag_release - request to send Diag Release Message to firmware
1980  * @ioc: ?
1981  * @arg: user space buffer containing ioctl content
1982  *
1983  * This allows ownership of the specified buffer to returned to the driver,
1984  * allowing an application to read the buffer without fear that firmware is
1985  * overwriting information in the buffer.
1986  */
1987 static long
1988 _ctl_diag_release(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
1989 {
1990 	struct mpt3_diag_release karg;
1991 	void *request_data;
1992 	int rc;
1993 	u8 buffer_type;
1994 	u8 issue_reset = 0;
1995 
1996 	if (copy_from_user(&karg, arg, sizeof(karg))) {
1997 		pr_err("failure at %s:%d/%s()!\n",
1998 		    __FILE__, __LINE__, __func__);
1999 		return -EFAULT;
2000 	}
2001 
2002 	dctlprintk(ioc, ioc_info(ioc, "%s\n",
2003 				 __func__));
2004 
2005 	buffer_type = karg.unique_id & 0x000000ff;
2006 	if (!_ctl_diag_capability(ioc, buffer_type)) {
2007 		ioc_err(ioc, "%s: doesn't have capability for buffer_type(0x%02x)\n",
2008 			__func__, buffer_type);
2009 		return -EPERM;
2010 	}
2011 
2012 	if ((ioc->diag_buffer_status[buffer_type] &
2013 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0) {
2014 		ioc_err(ioc, "%s: buffer_type(0x%02x) is not registered\n",
2015 			__func__, buffer_type);
2016 		return -EINVAL;
2017 	}
2018 
2019 	if (karg.unique_id != ioc->unique_id[buffer_type]) {
2020 		ioc_err(ioc, "%s: unique_id(0x%08x) is not registered\n",
2021 			__func__, karg.unique_id);
2022 		return -EINVAL;
2023 	}
2024 
2025 	if (ioc->diag_buffer_status[buffer_type] &
2026 	    MPT3_DIAG_BUFFER_IS_RELEASED) {
2027 		ioc_err(ioc, "%s: buffer_type(0x%02x) is already released\n",
2028 			__func__, buffer_type);
2029 		return 0;
2030 	}
2031 
2032 	request_data = ioc->diag_buffer[buffer_type];
2033 
2034 	if (!request_data) {
2035 		ioc_err(ioc, "%s: doesn't have memory allocated for buffer_type(0x%02x)\n",
2036 			__func__, buffer_type);
2037 		return -ENOMEM;
2038 	}
2039 
2040 	/* buffers were released by due to host reset */
2041 	if ((ioc->diag_buffer_status[buffer_type] &
2042 	    MPT3_DIAG_BUFFER_IS_DIAG_RESET)) {
2043 		ioc->diag_buffer_status[buffer_type] |=
2044 		    MPT3_DIAG_BUFFER_IS_RELEASED;
2045 		ioc->diag_buffer_status[buffer_type] &=
2046 		    ~MPT3_DIAG_BUFFER_IS_DIAG_RESET;
2047 		ioc_err(ioc, "%s: buffer_type(0x%02x) was released due to host reset\n",
2048 			__func__, buffer_type);
2049 		return 0;
2050 	}
2051 
2052 	rc = mpt3sas_send_diag_release(ioc, buffer_type, &issue_reset);
2053 
2054 	if (issue_reset)
2055 		mpt3sas_base_hard_reset_handler(ioc, FORCE_BIG_HAMMER);
2056 
2057 	return rc;
2058 }
2059 
2060 /**
2061  * _ctl_diag_read_buffer - request for copy of the diag buffer
2062  * @ioc: per adapter object
2063  * @arg: user space buffer containing ioctl content
2064  */
2065 static long
2066 _ctl_diag_read_buffer(struct MPT3SAS_ADAPTER *ioc, void __user *arg)
2067 {
2068 	struct mpt3_diag_read_buffer karg;
2069 	struct mpt3_diag_read_buffer __user *uarg = arg;
2070 	void *request_data, *diag_data;
2071 	Mpi2DiagBufferPostRequest_t *mpi_request;
2072 	Mpi2DiagBufferPostReply_t *mpi_reply;
2073 	int rc, i;
2074 	u8 buffer_type;
2075 	unsigned long request_size, copy_size;
2076 	u16 smid;
2077 	u16 ioc_status;
2078 	u8 issue_reset = 0;
2079 
2080 	if (copy_from_user(&karg, arg, sizeof(karg))) {
2081 		pr_err("failure at %s:%d/%s()!\n",
2082 		    __FILE__, __LINE__, __func__);
2083 		return -EFAULT;
2084 	}
2085 
2086 	dctlprintk(ioc, ioc_info(ioc, "%s\n",
2087 				 __func__));
2088 
2089 	buffer_type = karg.unique_id & 0x000000ff;
2090 	if (!_ctl_diag_capability(ioc, buffer_type)) {
2091 		ioc_err(ioc, "%s: doesn't have capability for buffer_type(0x%02x)\n",
2092 			__func__, buffer_type);
2093 		return -EPERM;
2094 	}
2095 
2096 	if (karg.unique_id != ioc->unique_id[buffer_type]) {
2097 		ioc_err(ioc, "%s: unique_id(0x%08x) is not registered\n",
2098 			__func__, karg.unique_id);
2099 		return -EINVAL;
2100 	}
2101 
2102 	request_data = ioc->diag_buffer[buffer_type];
2103 	if (!request_data) {
2104 		ioc_err(ioc, "%s: doesn't have buffer for buffer_type(0x%02x)\n",
2105 			__func__, buffer_type);
2106 		return -ENOMEM;
2107 	}
2108 
2109 	request_size = ioc->diag_buffer_sz[buffer_type];
2110 
2111 	if ((karg.starting_offset % 4) || (karg.bytes_to_read % 4)) {
2112 		ioc_err(ioc, "%s: either the starting_offset or bytes_to_read are not 4 byte aligned\n",
2113 			__func__);
2114 		return -EINVAL;
2115 	}
2116 
2117 	if (karg.starting_offset > request_size)
2118 		return -EINVAL;
2119 
2120 	diag_data = (void *)(request_data + karg.starting_offset);
2121 	dctlprintk(ioc,
2122 		   ioc_info(ioc, "%s: diag_buffer(%p), offset(%d), sz(%d)\n",
2123 			    __func__, diag_data, karg.starting_offset,
2124 			    karg.bytes_to_read));
2125 
2126 	/* Truncate data on requests that are too large */
2127 	if ((diag_data + karg.bytes_to_read < diag_data) ||
2128 	    (diag_data + karg.bytes_to_read > request_data + request_size))
2129 		copy_size = request_size - karg.starting_offset;
2130 	else
2131 		copy_size = karg.bytes_to_read;
2132 
2133 	if (copy_to_user((void __user *)uarg->diagnostic_data,
2134 	    diag_data, copy_size)) {
2135 		ioc_err(ioc, "%s: Unable to write mpt_diag_read_buffer_t data @ %p\n",
2136 			__func__, diag_data);
2137 		return -EFAULT;
2138 	}
2139 
2140 	if ((karg.flags & MPT3_FLAGS_REREGISTER) == 0)
2141 		return 0;
2142 
2143 	dctlprintk(ioc,
2144 		   ioc_info(ioc, "%s: Reregister buffer_type(0x%02x)\n",
2145 			    __func__, buffer_type));
2146 	if ((ioc->diag_buffer_status[buffer_type] &
2147 	    MPT3_DIAG_BUFFER_IS_RELEASED) == 0) {
2148 		dctlprintk(ioc,
2149 			   ioc_info(ioc, "%s: buffer_type(0x%02x) is still registered\n",
2150 				    __func__, buffer_type));
2151 		return 0;
2152 	}
2153 	/* Get a free request frame and save the message context.
2154 	*/
2155 
2156 	if (ioc->ctl_cmds.status != MPT3_CMD_NOT_USED) {
2157 		ioc_err(ioc, "%s: ctl_cmd in use\n", __func__);
2158 		rc = -EAGAIN;
2159 		goto out;
2160 	}
2161 
2162 	smid = mpt3sas_base_get_smid(ioc, ioc->ctl_cb_idx);
2163 	if (!smid) {
2164 		ioc_err(ioc, "%s: failed obtaining a smid\n", __func__);
2165 		rc = -EAGAIN;
2166 		goto out;
2167 	}
2168 
2169 	rc = 0;
2170 	ioc->ctl_cmds.status = MPT3_CMD_PENDING;
2171 	memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
2172 	mpi_request = mpt3sas_base_get_msg_frame(ioc, smid);
2173 	ioc->ctl_cmds.smid = smid;
2174 
2175 	mpi_request->Function = MPI2_FUNCTION_DIAG_BUFFER_POST;
2176 	mpi_request->BufferType = buffer_type;
2177 	mpi_request->BufferLength =
2178 	    cpu_to_le32(ioc->diag_buffer_sz[buffer_type]);
2179 	mpi_request->BufferAddress =
2180 	    cpu_to_le64(ioc->diag_buffer_dma[buffer_type]);
2181 	for (i = 0; i < MPT3_PRODUCT_SPECIFIC_DWORDS; i++)
2182 		mpi_request->ProductSpecific[i] =
2183 			cpu_to_le32(ioc->product_specific[buffer_type][i]);
2184 	mpi_request->VF_ID = 0; /* TODO */
2185 	mpi_request->VP_ID = 0;
2186 
2187 	init_completion(&ioc->ctl_cmds.done);
2188 	ioc->put_smid_default(ioc, smid);
2189 	wait_for_completion_timeout(&ioc->ctl_cmds.done,
2190 	    MPT3_IOCTL_DEFAULT_TIMEOUT*HZ);
2191 
2192 	if (!(ioc->ctl_cmds.status & MPT3_CMD_COMPLETE)) {
2193 		issue_reset =
2194 			mpt3sas_base_check_cmd_timeout(ioc,
2195 				ioc->ctl_cmds.status, mpi_request,
2196 				sizeof(Mpi2DiagBufferPostRequest_t)/4);
2197 		goto issue_host_reset;
2198 	}
2199 
2200 	/* process the completed Reply Message Frame */
2201 	if ((ioc->ctl_cmds.status & MPT3_CMD_REPLY_VALID) == 0) {
2202 		ioc_err(ioc, "%s: no reply message\n", __func__);
2203 		rc = -EFAULT;
2204 		goto out;
2205 	}
2206 
2207 	mpi_reply = ioc->ctl_cmds.reply;
2208 	ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
2209 
2210 	if (ioc_status == MPI2_IOCSTATUS_SUCCESS) {
2211 		ioc->diag_buffer_status[buffer_type] |=
2212 		    MPT3_DIAG_BUFFER_IS_REGISTERED;
2213 		dctlprintk(ioc, ioc_info(ioc, "%s: success\n", __func__));
2214 	} else {
2215 		ioc_info(ioc, "%s: ioc_status(0x%04x) log_info(0x%08x)\n",
2216 			 __func__, ioc_status,
2217 			 le32_to_cpu(mpi_reply->IOCLogInfo));
2218 		rc = -EFAULT;
2219 	}
2220 
2221  issue_host_reset:
2222 	if (issue_reset)
2223 		mpt3sas_base_hard_reset_handler(ioc, FORCE_BIG_HAMMER);
2224 
2225  out:
2226 
2227 	ioc->ctl_cmds.status = MPT3_CMD_NOT_USED;
2228 	return rc;
2229 }
2230 
2231 
2232 
2233 #ifdef CONFIG_COMPAT
2234 /**
2235  * _ctl_compat_mpt_command - convert 32bit pointers to 64bit.
2236  * @ioc: per adapter object
2237  * @cmd: ioctl opcode
2238  * @arg: (struct mpt3_ioctl_command32)
2239  *
2240  * MPT3COMMAND32 - Handle 32bit applications running on 64bit os.
2241  */
2242 static long
2243 _ctl_compat_mpt_command(struct MPT3SAS_ADAPTER *ioc, unsigned cmd,
2244 	void __user *arg)
2245 {
2246 	struct mpt3_ioctl_command32 karg32;
2247 	struct mpt3_ioctl_command32 __user *uarg;
2248 	struct mpt3_ioctl_command karg;
2249 
2250 	if (_IOC_SIZE(cmd) != sizeof(struct mpt3_ioctl_command32))
2251 		return -EINVAL;
2252 
2253 	uarg = (struct mpt3_ioctl_command32 __user *) arg;
2254 
2255 	if (copy_from_user(&karg32, (char __user *)arg, sizeof(karg32))) {
2256 		pr_err("failure at %s:%d/%s()!\n",
2257 		    __FILE__, __LINE__, __func__);
2258 		return -EFAULT;
2259 	}
2260 
2261 	memset(&karg, 0, sizeof(struct mpt3_ioctl_command));
2262 	karg.hdr.ioc_number = karg32.hdr.ioc_number;
2263 	karg.hdr.port_number = karg32.hdr.port_number;
2264 	karg.hdr.max_data_size = karg32.hdr.max_data_size;
2265 	karg.timeout = karg32.timeout;
2266 	karg.max_reply_bytes = karg32.max_reply_bytes;
2267 	karg.data_in_size = karg32.data_in_size;
2268 	karg.data_out_size = karg32.data_out_size;
2269 	karg.max_sense_bytes = karg32.max_sense_bytes;
2270 	karg.data_sge_offset = karg32.data_sge_offset;
2271 	karg.reply_frame_buf_ptr = compat_ptr(karg32.reply_frame_buf_ptr);
2272 	karg.data_in_buf_ptr = compat_ptr(karg32.data_in_buf_ptr);
2273 	karg.data_out_buf_ptr = compat_ptr(karg32.data_out_buf_ptr);
2274 	karg.sense_data_ptr = compat_ptr(karg32.sense_data_ptr);
2275 	return _ctl_do_mpt_command(ioc, karg, &uarg->mf);
2276 }
2277 #endif
2278 
2279 /**
2280  * _ctl_ioctl_main - main ioctl entry point
2281  * @file:  (struct file)
2282  * @cmd:  ioctl opcode
2283  * @arg:  user space data buffer
2284  * @compat:  handles 32 bit applications in 64bit os
2285  * @mpi_version: will be MPI2_VERSION for mpt2ctl ioctl device &
2286  * MPI25_VERSION | MPI26_VERSION for mpt3ctl ioctl device.
2287  */
2288 static long
2289 _ctl_ioctl_main(struct file *file, unsigned int cmd, void __user *arg,
2290 	u8 compat, u16 mpi_version)
2291 {
2292 	struct MPT3SAS_ADAPTER *ioc;
2293 	struct mpt3_ioctl_header ioctl_header;
2294 	enum block_state state;
2295 	long ret = -EINVAL;
2296 
2297 	/* get IOCTL header */
2298 	if (copy_from_user(&ioctl_header, (char __user *)arg,
2299 	    sizeof(struct mpt3_ioctl_header))) {
2300 		pr_err("failure at %s:%d/%s()!\n",
2301 		    __FILE__, __LINE__, __func__);
2302 		return -EFAULT;
2303 	}
2304 
2305 	if (_ctl_verify_adapter(ioctl_header.ioc_number,
2306 				&ioc, mpi_version) == -1 || !ioc)
2307 		return -ENODEV;
2308 
2309 	/* pci_access_mutex lock acquired by ioctl path */
2310 	mutex_lock(&ioc->pci_access_mutex);
2311 
2312 	if (ioc->shost_recovery || ioc->pci_error_recovery ||
2313 	    ioc->is_driver_loading || ioc->remove_host) {
2314 		ret = -EAGAIN;
2315 		goto out_unlock_pciaccess;
2316 	}
2317 
2318 	state = (file->f_flags & O_NONBLOCK) ? NON_BLOCKING : BLOCKING;
2319 	if (state == NON_BLOCKING) {
2320 		if (!mutex_trylock(&ioc->ctl_cmds.mutex)) {
2321 			ret = -EAGAIN;
2322 			goto out_unlock_pciaccess;
2323 		}
2324 	} else if (mutex_lock_interruptible(&ioc->ctl_cmds.mutex)) {
2325 		ret = -ERESTARTSYS;
2326 		goto out_unlock_pciaccess;
2327 	}
2328 
2329 
2330 	switch (cmd) {
2331 	case MPT3IOCINFO:
2332 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_iocinfo))
2333 			ret = _ctl_getiocinfo(ioc, arg);
2334 		break;
2335 #ifdef CONFIG_COMPAT
2336 	case MPT3COMMAND32:
2337 #endif
2338 	case MPT3COMMAND:
2339 	{
2340 		struct mpt3_ioctl_command __user *uarg;
2341 		struct mpt3_ioctl_command karg;
2342 
2343 #ifdef CONFIG_COMPAT
2344 		if (compat) {
2345 			ret = _ctl_compat_mpt_command(ioc, cmd, arg);
2346 			break;
2347 		}
2348 #endif
2349 		if (copy_from_user(&karg, arg, sizeof(karg))) {
2350 			pr_err("failure at %s:%d/%s()!\n",
2351 			    __FILE__, __LINE__, __func__);
2352 			ret = -EFAULT;
2353 			break;
2354 		}
2355 
2356 		if (karg.hdr.ioc_number != ioctl_header.ioc_number) {
2357 			ret = -EINVAL;
2358 			break;
2359 		}
2360 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_command)) {
2361 			uarg = arg;
2362 			ret = _ctl_do_mpt_command(ioc, karg, &uarg->mf);
2363 		}
2364 		break;
2365 	}
2366 	case MPT3EVENTQUERY:
2367 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_eventquery))
2368 			ret = _ctl_eventquery(ioc, arg);
2369 		break;
2370 	case MPT3EVENTENABLE:
2371 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_eventenable))
2372 			ret = _ctl_eventenable(ioc, arg);
2373 		break;
2374 	case MPT3EVENTREPORT:
2375 		ret = _ctl_eventreport(ioc, arg);
2376 		break;
2377 	case MPT3HARDRESET:
2378 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_diag_reset))
2379 			ret = _ctl_do_reset(ioc, arg);
2380 		break;
2381 	case MPT3BTDHMAPPING:
2382 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_ioctl_btdh_mapping))
2383 			ret = _ctl_btdh_mapping(ioc, arg);
2384 		break;
2385 	case MPT3DIAGREGISTER:
2386 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_diag_register))
2387 			ret = _ctl_diag_register(ioc, arg);
2388 		break;
2389 	case MPT3DIAGUNREGISTER:
2390 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_diag_unregister))
2391 			ret = _ctl_diag_unregister(ioc, arg);
2392 		break;
2393 	case MPT3DIAGQUERY:
2394 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_diag_query))
2395 			ret = _ctl_diag_query(ioc, arg);
2396 		break;
2397 	case MPT3DIAGRELEASE:
2398 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_diag_release))
2399 			ret = _ctl_diag_release(ioc, arg);
2400 		break;
2401 	case MPT3DIAGREADBUFFER:
2402 		if (_IOC_SIZE(cmd) == sizeof(struct mpt3_diag_read_buffer))
2403 			ret = _ctl_diag_read_buffer(ioc, arg);
2404 		break;
2405 	default:
2406 		dctlprintk(ioc,
2407 			   ioc_info(ioc, "unsupported ioctl opcode(0x%08x)\n",
2408 				    cmd));
2409 		break;
2410 	}
2411 
2412 	mutex_unlock(&ioc->ctl_cmds.mutex);
2413 out_unlock_pciaccess:
2414 	mutex_unlock(&ioc->pci_access_mutex);
2415 	return ret;
2416 }
2417 
2418 /**
2419  * _ctl_ioctl - mpt3ctl main ioctl entry point (unlocked)
2420  * @file: (struct file)
2421  * @cmd: ioctl opcode
2422  * @arg: ?
2423  */
2424 static long
2425 _ctl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2426 {
2427 	long ret;
2428 
2429 	/* pass MPI25_VERSION | MPI26_VERSION value,
2430 	 * to indicate that this ioctl cmd
2431 	 * came from mpt3ctl ioctl device.
2432 	 */
2433 	ret = _ctl_ioctl_main(file, cmd, (void __user *)arg, 0,
2434 		MPI25_VERSION | MPI26_VERSION);
2435 	return ret;
2436 }
2437 
2438 /**
2439  * _ctl_mpt2_ioctl - mpt2ctl main ioctl entry point (unlocked)
2440  * @file: (struct file)
2441  * @cmd: ioctl opcode
2442  * @arg: ?
2443  */
2444 static long
2445 _ctl_mpt2_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2446 {
2447 	long ret;
2448 
2449 	/* pass MPI2_VERSION value, to indicate that this ioctl cmd
2450 	 * came from mpt2ctl ioctl device.
2451 	 */
2452 	ret = _ctl_ioctl_main(file, cmd, (void __user *)arg, 0, MPI2_VERSION);
2453 	return ret;
2454 }
2455 #ifdef CONFIG_COMPAT
2456 /**
2457  *_ ctl_ioctl_compat - main ioctl entry point (compat)
2458  * @file: ?
2459  * @cmd: ?
2460  * @arg: ?
2461  *
2462  * This routine handles 32 bit applications in 64bit os.
2463  */
2464 static long
2465 _ctl_ioctl_compat(struct file *file, unsigned cmd, unsigned long arg)
2466 {
2467 	long ret;
2468 
2469 	ret = _ctl_ioctl_main(file, cmd, (void __user *)arg, 1,
2470 		MPI25_VERSION | MPI26_VERSION);
2471 	return ret;
2472 }
2473 
2474 /**
2475  *_ ctl_mpt2_ioctl_compat - main ioctl entry point (compat)
2476  * @file: ?
2477  * @cmd: ?
2478  * @arg: ?
2479  *
2480  * This routine handles 32 bit applications in 64bit os.
2481  */
2482 static long
2483 _ctl_mpt2_ioctl_compat(struct file *file, unsigned cmd, unsigned long arg)
2484 {
2485 	long ret;
2486 
2487 	ret = _ctl_ioctl_main(file, cmd, (void __user *)arg, 1, MPI2_VERSION);
2488 	return ret;
2489 }
2490 #endif
2491 
2492 /* scsi host attributes */
2493 /**
2494  * version_fw_show - firmware version
2495  * @cdev: pointer to embedded class device
2496  * @attr: ?
2497  * @buf: the buffer returned
2498  *
2499  * A sysfs 'read-only' shost attribute.
2500  */
2501 static ssize_t
2502 version_fw_show(struct device *cdev, struct device_attribute *attr,
2503 	char *buf)
2504 {
2505 	struct Scsi_Host *shost = class_to_shost(cdev);
2506 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2507 
2508 	return snprintf(buf, PAGE_SIZE, "%02d.%02d.%02d.%02d\n",
2509 	    (ioc->facts.FWVersion.Word & 0xFF000000) >> 24,
2510 	    (ioc->facts.FWVersion.Word & 0x00FF0000) >> 16,
2511 	    (ioc->facts.FWVersion.Word & 0x0000FF00) >> 8,
2512 	    ioc->facts.FWVersion.Word & 0x000000FF);
2513 }
2514 static DEVICE_ATTR_RO(version_fw);
2515 
2516 /**
2517  * version_bios_show - bios version
2518  * @cdev: pointer to embedded class device
2519  * @attr: ?
2520  * @buf: the buffer returned
2521  *
2522  * A sysfs 'read-only' shost attribute.
2523  */
2524 static ssize_t
2525 version_bios_show(struct device *cdev, struct device_attribute *attr,
2526 	char *buf)
2527 {
2528 	struct Scsi_Host *shost = class_to_shost(cdev);
2529 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2530 
2531 	u32 version = le32_to_cpu(ioc->bios_pg3.BiosVersion);
2532 
2533 	return snprintf(buf, PAGE_SIZE, "%02d.%02d.%02d.%02d\n",
2534 	    (version & 0xFF000000) >> 24,
2535 	    (version & 0x00FF0000) >> 16,
2536 	    (version & 0x0000FF00) >> 8,
2537 	    version & 0x000000FF);
2538 }
2539 static DEVICE_ATTR_RO(version_bios);
2540 
2541 /**
2542  * version_mpi_show - MPI (message passing interface) version
2543  * @cdev: pointer to embedded class device
2544  * @attr: ?
2545  * @buf: the buffer returned
2546  *
2547  * A sysfs 'read-only' shost attribute.
2548  */
2549 static ssize_t
2550 version_mpi_show(struct device *cdev, struct device_attribute *attr,
2551 	char *buf)
2552 {
2553 	struct Scsi_Host *shost = class_to_shost(cdev);
2554 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2555 
2556 	return snprintf(buf, PAGE_SIZE, "%03x.%02x\n",
2557 	    ioc->facts.MsgVersion, ioc->facts.HeaderVersion >> 8);
2558 }
2559 static DEVICE_ATTR_RO(version_mpi);
2560 
2561 /**
2562  * version_product_show - product name
2563  * @cdev: pointer to embedded class device
2564  * @attr: ?
2565  * @buf: the buffer returned
2566  *
2567  * A sysfs 'read-only' shost attribute.
2568  */
2569 static ssize_t
2570 version_product_show(struct device *cdev, struct device_attribute *attr,
2571 	char *buf)
2572 {
2573 	struct Scsi_Host *shost = class_to_shost(cdev);
2574 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2575 
2576 	return snprintf(buf, 16, "%s\n", ioc->manu_pg0.ChipName);
2577 }
2578 static DEVICE_ATTR_RO(version_product);
2579 
2580 /**
2581  * version_nvdata_persistent_show - ndvata persistent version
2582  * @cdev: pointer to embedded class device
2583  * @attr: ?
2584  * @buf: the buffer returned
2585  *
2586  * A sysfs 'read-only' shost attribute.
2587  */
2588 static ssize_t
2589 version_nvdata_persistent_show(struct device *cdev,
2590 	struct device_attribute *attr, char *buf)
2591 {
2592 	struct Scsi_Host *shost = class_to_shost(cdev);
2593 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2594 
2595 	return snprintf(buf, PAGE_SIZE, "%08xh\n",
2596 	    le32_to_cpu(ioc->iounit_pg0.NvdataVersionPersistent.Word));
2597 }
2598 static DEVICE_ATTR_RO(version_nvdata_persistent);
2599 
2600 /**
2601  * version_nvdata_default_show - nvdata default version
2602  * @cdev: pointer to embedded class device
2603  * @attr: ?
2604  * @buf: the buffer returned
2605  *
2606  * A sysfs 'read-only' shost attribute.
2607  */
2608 static ssize_t
2609 version_nvdata_default_show(struct device *cdev, struct device_attribute
2610 	*attr, char *buf)
2611 {
2612 	struct Scsi_Host *shost = class_to_shost(cdev);
2613 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2614 
2615 	return snprintf(buf, PAGE_SIZE, "%08xh\n",
2616 	    le32_to_cpu(ioc->iounit_pg0.NvdataVersionDefault.Word));
2617 }
2618 static DEVICE_ATTR_RO(version_nvdata_default);
2619 
2620 /**
2621  * board_name_show - board name
2622  * @cdev: pointer to embedded class device
2623  * @attr: ?
2624  * @buf: the buffer returned
2625  *
2626  * A sysfs 'read-only' shost attribute.
2627  */
2628 static ssize_t
2629 board_name_show(struct device *cdev, struct device_attribute *attr,
2630 	char *buf)
2631 {
2632 	struct Scsi_Host *shost = class_to_shost(cdev);
2633 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2634 
2635 	return snprintf(buf, 16, "%s\n", ioc->manu_pg0.BoardName);
2636 }
2637 static DEVICE_ATTR_RO(board_name);
2638 
2639 /**
2640  * board_assembly_show - board assembly name
2641  * @cdev: pointer to embedded class device
2642  * @attr: ?
2643  * @buf: the buffer returned
2644  *
2645  * A sysfs 'read-only' shost attribute.
2646  */
2647 static ssize_t
2648 board_assembly_show(struct device *cdev, struct device_attribute *attr,
2649 	char *buf)
2650 {
2651 	struct Scsi_Host *shost = class_to_shost(cdev);
2652 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2653 
2654 	return snprintf(buf, 16, "%s\n", ioc->manu_pg0.BoardAssembly);
2655 }
2656 static DEVICE_ATTR_RO(board_assembly);
2657 
2658 /**
2659  * board_tracer_show - board tracer number
2660  * @cdev: pointer to embedded class device
2661  * @attr: ?
2662  * @buf: the buffer returned
2663  *
2664  * A sysfs 'read-only' shost attribute.
2665  */
2666 static ssize_t
2667 board_tracer_show(struct device *cdev, struct device_attribute *attr,
2668 	char *buf)
2669 {
2670 	struct Scsi_Host *shost = class_to_shost(cdev);
2671 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2672 
2673 	return snprintf(buf, 16, "%s\n", ioc->manu_pg0.BoardTracerNumber);
2674 }
2675 static DEVICE_ATTR_RO(board_tracer);
2676 
2677 /**
2678  * io_delay_show - io missing delay
2679  * @cdev: pointer to embedded class device
2680  * @attr: ?
2681  * @buf: the buffer returned
2682  *
2683  * This is for firmware implemention for deboucing device
2684  * removal events.
2685  *
2686  * A sysfs 'read-only' shost attribute.
2687  */
2688 static ssize_t
2689 io_delay_show(struct device *cdev, struct device_attribute *attr,
2690 	char *buf)
2691 {
2692 	struct Scsi_Host *shost = class_to_shost(cdev);
2693 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2694 
2695 	return snprintf(buf, PAGE_SIZE, "%02d\n", ioc->io_missing_delay);
2696 }
2697 static DEVICE_ATTR_RO(io_delay);
2698 
2699 /**
2700  * device_delay_show - device missing delay
2701  * @cdev: pointer to embedded class device
2702  * @attr: ?
2703  * @buf: the buffer returned
2704  *
2705  * This is for firmware implemention for deboucing device
2706  * removal events.
2707  *
2708  * A sysfs 'read-only' shost attribute.
2709  */
2710 static ssize_t
2711 device_delay_show(struct device *cdev, struct device_attribute *attr,
2712 	char *buf)
2713 {
2714 	struct Scsi_Host *shost = class_to_shost(cdev);
2715 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2716 
2717 	return snprintf(buf, PAGE_SIZE, "%02d\n", ioc->device_missing_delay);
2718 }
2719 static DEVICE_ATTR_RO(device_delay);
2720 
2721 /**
2722  * fw_queue_depth_show - global credits
2723  * @cdev: pointer to embedded class device
2724  * @attr: ?
2725  * @buf: the buffer returned
2726  *
2727  * This is firmware queue depth limit
2728  *
2729  * A sysfs 'read-only' shost attribute.
2730  */
2731 static ssize_t
2732 fw_queue_depth_show(struct device *cdev, struct device_attribute *attr,
2733 	char *buf)
2734 {
2735 	struct Scsi_Host *shost = class_to_shost(cdev);
2736 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2737 
2738 	return snprintf(buf, PAGE_SIZE, "%02d\n", ioc->facts.RequestCredit);
2739 }
2740 static DEVICE_ATTR_RO(fw_queue_depth);
2741 
2742 /**
2743  * sas_address_show - sas address
2744  * @cdev: pointer to embedded class device
2745  * @attr: ?
2746  * @buf: the buffer returned
2747  *
2748  * This is the controller sas address
2749  *
2750  * A sysfs 'read-only' shost attribute.
2751  */
2752 static ssize_t
2753 host_sas_address_show(struct device *cdev, struct device_attribute *attr,
2754 	char *buf)
2755 
2756 {
2757 	struct Scsi_Host *shost = class_to_shost(cdev);
2758 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2759 
2760 	return snprintf(buf, PAGE_SIZE, "0x%016llx\n",
2761 	    (unsigned long long)ioc->sas_hba.sas_address);
2762 }
2763 static DEVICE_ATTR_RO(host_sas_address);
2764 
2765 /**
2766  * logging_level_show - logging level
2767  * @cdev: pointer to embedded class device
2768  * @attr: ?
2769  * @buf: the buffer returned
2770  *
2771  * A sysfs 'read/write' shost attribute.
2772  */
2773 static ssize_t
2774 logging_level_show(struct device *cdev, struct device_attribute *attr,
2775 	char *buf)
2776 {
2777 	struct Scsi_Host *shost = class_to_shost(cdev);
2778 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2779 
2780 	return snprintf(buf, PAGE_SIZE, "%08xh\n", ioc->logging_level);
2781 }
2782 static ssize_t
2783 logging_level_store(struct device *cdev, struct device_attribute *attr,
2784 	const char *buf, size_t count)
2785 {
2786 	struct Scsi_Host *shost = class_to_shost(cdev);
2787 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2788 	int val = 0;
2789 
2790 	if (sscanf(buf, "%x", &val) != 1)
2791 		return -EINVAL;
2792 
2793 	ioc->logging_level = val;
2794 	ioc_info(ioc, "logging_level=%08xh\n",
2795 		 ioc->logging_level);
2796 	return strlen(buf);
2797 }
2798 static DEVICE_ATTR_RW(logging_level);
2799 
2800 /**
2801  * fwfault_debug_show - show/store fwfault_debug
2802  * @cdev: pointer to embedded class device
2803  * @attr: ?
2804  * @buf: the buffer returned
2805  *
2806  * mpt3sas_fwfault_debug is command line option
2807  * A sysfs 'read/write' shost attribute.
2808  */
2809 static ssize_t
2810 fwfault_debug_show(struct device *cdev, struct device_attribute *attr,
2811 	char *buf)
2812 {
2813 	struct Scsi_Host *shost = class_to_shost(cdev);
2814 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2815 
2816 	return snprintf(buf, PAGE_SIZE, "%d\n", ioc->fwfault_debug);
2817 }
2818 static ssize_t
2819 fwfault_debug_store(struct device *cdev, struct device_attribute *attr,
2820 	const char *buf, size_t count)
2821 {
2822 	struct Scsi_Host *shost = class_to_shost(cdev);
2823 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2824 	int val = 0;
2825 
2826 	if (sscanf(buf, "%d", &val) != 1)
2827 		return -EINVAL;
2828 
2829 	ioc->fwfault_debug = val;
2830 	ioc_info(ioc, "fwfault_debug=%d\n",
2831 		 ioc->fwfault_debug);
2832 	return strlen(buf);
2833 }
2834 static DEVICE_ATTR_RW(fwfault_debug);
2835 
2836 /**
2837  * ioc_reset_count_show - ioc reset count
2838  * @cdev: pointer to embedded class device
2839  * @attr: ?
2840  * @buf: the buffer returned
2841  *
2842  * This is firmware queue depth limit
2843  *
2844  * A sysfs 'read-only' shost attribute.
2845  */
2846 static ssize_t
2847 ioc_reset_count_show(struct device *cdev, struct device_attribute *attr,
2848 	char *buf)
2849 {
2850 	struct Scsi_Host *shost = class_to_shost(cdev);
2851 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2852 
2853 	return snprintf(buf, PAGE_SIZE, "%d\n", ioc->ioc_reset_count);
2854 }
2855 static DEVICE_ATTR_RO(ioc_reset_count);
2856 
2857 /**
2858  * reply_queue_count_show - number of reply queues
2859  * @cdev: pointer to embedded class device
2860  * @attr: ?
2861  * @buf: the buffer returned
2862  *
2863  * This is number of reply queues
2864  *
2865  * A sysfs 'read-only' shost attribute.
2866  */
2867 static ssize_t
2868 reply_queue_count_show(struct device *cdev,
2869 	struct device_attribute *attr, char *buf)
2870 {
2871 	u8 reply_queue_count;
2872 	struct Scsi_Host *shost = class_to_shost(cdev);
2873 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2874 
2875 	if ((ioc->facts.IOCCapabilities &
2876 	    MPI2_IOCFACTS_CAPABILITY_MSI_X_INDEX) && ioc->msix_enable)
2877 		reply_queue_count = ioc->reply_queue_count;
2878 	else
2879 		reply_queue_count = 1;
2880 
2881 	return snprintf(buf, PAGE_SIZE, "%d\n", reply_queue_count);
2882 }
2883 static DEVICE_ATTR_RO(reply_queue_count);
2884 
2885 /**
2886  * BRM_status_show - Backup Rail Monitor Status
2887  * @cdev: pointer to embedded class device
2888  * @attr: ?
2889  * @buf: the buffer returned
2890  *
2891  * This is number of reply queues
2892  *
2893  * A sysfs 'read-only' shost attribute.
2894  */
2895 static ssize_t
2896 BRM_status_show(struct device *cdev, struct device_attribute *attr,
2897 	char *buf)
2898 {
2899 	struct Scsi_Host *shost = class_to_shost(cdev);
2900 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2901 	Mpi2IOUnitPage3_t *io_unit_pg3 = NULL;
2902 	Mpi2ConfigReply_t mpi_reply;
2903 	u16 backup_rail_monitor_status = 0;
2904 	u16 ioc_status;
2905 	int sz;
2906 	ssize_t rc = 0;
2907 
2908 	if (!ioc->is_warpdrive) {
2909 		ioc_err(ioc, "%s: BRM attribute is only for warpdrive\n",
2910 			__func__);
2911 		goto out;
2912 	}
2913 	/* pci_access_mutex lock acquired by sysfs show path */
2914 	mutex_lock(&ioc->pci_access_mutex);
2915 	if (ioc->pci_error_recovery || ioc->remove_host) {
2916 		mutex_unlock(&ioc->pci_access_mutex);
2917 		return 0;
2918 	}
2919 
2920 	/* allocate upto GPIOVal 36 entries */
2921 	sz = offsetof(Mpi2IOUnitPage3_t, GPIOVal) + (sizeof(u16) * 36);
2922 	io_unit_pg3 = kzalloc(sz, GFP_KERNEL);
2923 	if (!io_unit_pg3) {
2924 		ioc_err(ioc, "%s: failed allocating memory for iounit_pg3: (%d) bytes\n",
2925 			__func__, sz);
2926 		goto out;
2927 	}
2928 
2929 	if (mpt3sas_config_get_iounit_pg3(ioc, &mpi_reply, io_unit_pg3, sz) !=
2930 	    0) {
2931 		ioc_err(ioc, "%s: failed reading iounit_pg3\n",
2932 			__func__);
2933 		goto out;
2934 	}
2935 
2936 	ioc_status = le16_to_cpu(mpi_reply.IOCStatus) & MPI2_IOCSTATUS_MASK;
2937 	if (ioc_status != MPI2_IOCSTATUS_SUCCESS) {
2938 		ioc_err(ioc, "%s: iounit_pg3 failed with ioc_status(0x%04x)\n",
2939 			__func__, ioc_status);
2940 		goto out;
2941 	}
2942 
2943 	if (io_unit_pg3->GPIOCount < 25) {
2944 		ioc_err(ioc, "%s: iounit_pg3->GPIOCount less than 25 entries, detected (%d) entries\n",
2945 			__func__, io_unit_pg3->GPIOCount);
2946 		goto out;
2947 	}
2948 
2949 	/* BRM status is in bit zero of GPIOVal[24] */
2950 	backup_rail_monitor_status = le16_to_cpu(io_unit_pg3->GPIOVal[24]);
2951 	rc = snprintf(buf, PAGE_SIZE, "%d\n", (backup_rail_monitor_status & 1));
2952 
2953  out:
2954 	kfree(io_unit_pg3);
2955 	mutex_unlock(&ioc->pci_access_mutex);
2956 	return rc;
2957 }
2958 static DEVICE_ATTR_RO(BRM_status);
2959 
2960 struct DIAG_BUFFER_START {
2961 	__le32	Size;
2962 	__le32	DiagVersion;
2963 	u8	BufferType;
2964 	u8	Reserved[3];
2965 	__le32	Reserved1;
2966 	__le32	Reserved2;
2967 	__le32	Reserved3;
2968 };
2969 
2970 /**
2971  * host_trace_buffer_size_show - host buffer size (trace only)
2972  * @cdev: pointer to embedded class device
2973  * @attr: ?
2974  * @buf: the buffer returned
2975  *
2976  * A sysfs 'read-only' shost attribute.
2977  */
2978 static ssize_t
2979 host_trace_buffer_size_show(struct device *cdev,
2980 	struct device_attribute *attr, char *buf)
2981 {
2982 	struct Scsi_Host *shost = class_to_shost(cdev);
2983 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
2984 	u32 size = 0;
2985 	struct DIAG_BUFFER_START *request_data;
2986 
2987 	if (!ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE]) {
2988 		ioc_err(ioc, "%s: host_trace_buffer is not registered\n",
2989 			__func__);
2990 		return 0;
2991 	}
2992 
2993 	if ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
2994 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0) {
2995 		ioc_err(ioc, "%s: host_trace_buffer is not registered\n",
2996 			__func__);
2997 		return 0;
2998 	}
2999 
3000 	request_data = (struct DIAG_BUFFER_START *)
3001 	    ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE];
3002 	if ((le32_to_cpu(request_data->DiagVersion) == 0x00000000 ||
3003 	    le32_to_cpu(request_data->DiagVersion) == 0x01000000 ||
3004 	    le32_to_cpu(request_data->DiagVersion) == 0x01010000) &&
3005 	    le32_to_cpu(request_data->Reserved3) == 0x4742444c)
3006 		size = le32_to_cpu(request_data->Size);
3007 
3008 	ioc->ring_buffer_sz = size;
3009 	return snprintf(buf, PAGE_SIZE, "%d\n", size);
3010 }
3011 static DEVICE_ATTR_RO(host_trace_buffer_size);
3012 
3013 /**
3014  * host_trace_buffer_show - firmware ring buffer (trace only)
3015  * @cdev: pointer to embedded class device
3016  * @attr: ?
3017  * @buf: the buffer returned
3018  *
3019  * A sysfs 'read/write' shost attribute.
3020  *
3021  * You will only be able to read 4k bytes of ring buffer at a time.
3022  * In order to read beyond 4k bytes, you will have to write out the
3023  * offset to the same attribute, it will move the pointer.
3024  */
3025 static ssize_t
3026 host_trace_buffer_show(struct device *cdev, struct device_attribute *attr,
3027 	char *buf)
3028 {
3029 	struct Scsi_Host *shost = class_to_shost(cdev);
3030 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3031 	void *request_data;
3032 	u32 size;
3033 
3034 	if (!ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE]) {
3035 		ioc_err(ioc, "%s: host_trace_buffer is not registered\n",
3036 			__func__);
3037 		return 0;
3038 	}
3039 
3040 	if ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
3041 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0) {
3042 		ioc_err(ioc, "%s: host_trace_buffer is not registered\n",
3043 			__func__);
3044 		return 0;
3045 	}
3046 
3047 	if (ioc->ring_buffer_offset > ioc->ring_buffer_sz)
3048 		return 0;
3049 
3050 	size = ioc->ring_buffer_sz - ioc->ring_buffer_offset;
3051 	size = (size >= PAGE_SIZE) ? (PAGE_SIZE - 1) : size;
3052 	request_data = ioc->diag_buffer[0] + ioc->ring_buffer_offset;
3053 	memcpy(buf, request_data, size);
3054 	return size;
3055 }
3056 
3057 static ssize_t
3058 host_trace_buffer_store(struct device *cdev, struct device_attribute *attr,
3059 	const char *buf, size_t count)
3060 {
3061 	struct Scsi_Host *shost = class_to_shost(cdev);
3062 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3063 	int val = 0;
3064 
3065 	if (sscanf(buf, "%d", &val) != 1)
3066 		return -EINVAL;
3067 
3068 	ioc->ring_buffer_offset = val;
3069 	return strlen(buf);
3070 }
3071 static DEVICE_ATTR_RW(host_trace_buffer);
3072 
3073 
3074 /*****************************************/
3075 
3076 /**
3077  * host_trace_buffer_enable_show - firmware ring buffer (trace only)
3078  * @cdev: pointer to embedded class device
3079  * @attr: ?
3080  * @buf: the buffer returned
3081  *
3082  * A sysfs 'read/write' shost attribute.
3083  *
3084  * This is a mechnism to post/release host_trace_buffers
3085  */
3086 static ssize_t
3087 host_trace_buffer_enable_show(struct device *cdev,
3088 	struct device_attribute *attr, char *buf)
3089 {
3090 	struct Scsi_Host *shost = class_to_shost(cdev);
3091 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3092 
3093 	if ((!ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE]) ||
3094 	   ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
3095 	    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0))
3096 		return snprintf(buf, PAGE_SIZE, "off\n");
3097 	else if ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
3098 	    MPT3_DIAG_BUFFER_IS_RELEASED))
3099 		return snprintf(buf, PAGE_SIZE, "release\n");
3100 	else
3101 		return snprintf(buf, PAGE_SIZE, "post\n");
3102 }
3103 
3104 static ssize_t
3105 host_trace_buffer_enable_store(struct device *cdev,
3106 	struct device_attribute *attr, const char *buf, size_t count)
3107 {
3108 	struct Scsi_Host *shost = class_to_shost(cdev);
3109 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3110 	char str[10] = "";
3111 	struct mpt3_diag_register diag_register;
3112 	u8 issue_reset = 0;
3113 
3114 	/* don't allow post/release occurr while recovery is active */
3115 	if (ioc->shost_recovery || ioc->remove_host ||
3116 	    ioc->pci_error_recovery || ioc->is_driver_loading)
3117 		return -EBUSY;
3118 
3119 	if (sscanf(buf, "%9s", str) != 1)
3120 		return -EINVAL;
3121 
3122 	if (!strcmp(str, "post")) {
3123 		/* exit out if host buffers are already posted */
3124 		if ((ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE]) &&
3125 		    (ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
3126 		    MPT3_DIAG_BUFFER_IS_REGISTERED) &&
3127 		    ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
3128 		    MPT3_DIAG_BUFFER_IS_RELEASED) == 0))
3129 			goto out;
3130 		memset(&diag_register, 0, sizeof(struct mpt3_diag_register));
3131 		ioc_info(ioc, "posting host trace buffers\n");
3132 		diag_register.buffer_type = MPI2_DIAG_BUF_TYPE_TRACE;
3133 		diag_register.requested_buffer_size = (1024 * 1024);
3134 		diag_register.unique_id = 0x7075900;
3135 		ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] = 0;
3136 		_ctl_diag_register_2(ioc,  &diag_register);
3137 	} else if (!strcmp(str, "release")) {
3138 		/* exit out if host buffers are already released */
3139 		if (!ioc->diag_buffer[MPI2_DIAG_BUF_TYPE_TRACE])
3140 			goto out;
3141 		if ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
3142 		    MPT3_DIAG_BUFFER_IS_REGISTERED) == 0)
3143 			goto out;
3144 		if ((ioc->diag_buffer_status[MPI2_DIAG_BUF_TYPE_TRACE] &
3145 		    MPT3_DIAG_BUFFER_IS_RELEASED))
3146 			goto out;
3147 		ioc_info(ioc, "releasing host trace buffer\n");
3148 		mpt3sas_send_diag_release(ioc, MPI2_DIAG_BUF_TYPE_TRACE,
3149 		    &issue_reset);
3150 	}
3151 
3152  out:
3153 	return strlen(buf);
3154 }
3155 static DEVICE_ATTR_RW(host_trace_buffer_enable);
3156 
3157 /*********** diagnostic trigger suppport *********************************/
3158 
3159 /**
3160  * diag_trigger_master_show - show the diag_trigger_master attribute
3161  * @cdev: pointer to embedded class device
3162  * @attr: ?
3163  * @buf: the buffer returned
3164  *
3165  * A sysfs 'read/write' shost attribute.
3166  */
3167 static ssize_t
3168 diag_trigger_master_show(struct device *cdev,
3169 	struct device_attribute *attr, char *buf)
3170 
3171 {
3172 	struct Scsi_Host *shost = class_to_shost(cdev);
3173 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3174 	unsigned long flags;
3175 	ssize_t rc;
3176 
3177 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3178 	rc = sizeof(struct SL_WH_MASTER_TRIGGER_T);
3179 	memcpy(buf, &ioc->diag_trigger_master, rc);
3180 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3181 	return rc;
3182 }
3183 
3184 /**
3185  * diag_trigger_master_store - store the diag_trigger_master attribute
3186  * @cdev: pointer to embedded class device
3187  * @attr: ?
3188  * @buf: the buffer returned
3189  * @count: ?
3190  *
3191  * A sysfs 'read/write' shost attribute.
3192  */
3193 static ssize_t
3194 diag_trigger_master_store(struct device *cdev,
3195 	struct device_attribute *attr, const char *buf, size_t count)
3196 
3197 {
3198 	struct Scsi_Host *shost = class_to_shost(cdev);
3199 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3200 	unsigned long flags;
3201 	ssize_t rc;
3202 
3203 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3204 	rc = min(sizeof(struct SL_WH_MASTER_TRIGGER_T), count);
3205 	memset(&ioc->diag_trigger_master, 0,
3206 	    sizeof(struct SL_WH_MASTER_TRIGGER_T));
3207 	memcpy(&ioc->diag_trigger_master, buf, rc);
3208 	ioc->diag_trigger_master.MasterData |=
3209 	    (MASTER_TRIGGER_FW_FAULT + MASTER_TRIGGER_ADAPTER_RESET);
3210 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3211 	return rc;
3212 }
3213 static DEVICE_ATTR_RW(diag_trigger_master);
3214 
3215 
3216 /**
3217  * diag_trigger_event_show - show the diag_trigger_event attribute
3218  * @cdev: pointer to embedded class device
3219  * @attr: ?
3220  * @buf: the buffer returned
3221  *
3222  * A sysfs 'read/write' shost attribute.
3223  */
3224 static ssize_t
3225 diag_trigger_event_show(struct device *cdev,
3226 	struct device_attribute *attr, char *buf)
3227 {
3228 	struct Scsi_Host *shost = class_to_shost(cdev);
3229 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3230 	unsigned long flags;
3231 	ssize_t rc;
3232 
3233 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3234 	rc = sizeof(struct SL_WH_EVENT_TRIGGERS_T);
3235 	memcpy(buf, &ioc->diag_trigger_event, rc);
3236 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3237 	return rc;
3238 }
3239 
3240 /**
3241  * diag_trigger_event_store - store the diag_trigger_event attribute
3242  * @cdev: pointer to embedded class device
3243  * @attr: ?
3244  * @buf: the buffer returned
3245  * @count: ?
3246  *
3247  * A sysfs 'read/write' shost attribute.
3248  */
3249 static ssize_t
3250 diag_trigger_event_store(struct device *cdev,
3251 	struct device_attribute *attr, const char *buf, size_t count)
3252 
3253 {
3254 	struct Scsi_Host *shost = class_to_shost(cdev);
3255 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3256 	unsigned long flags;
3257 	ssize_t sz;
3258 
3259 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3260 	sz = min(sizeof(struct SL_WH_EVENT_TRIGGERS_T), count);
3261 	memset(&ioc->diag_trigger_event, 0,
3262 	    sizeof(struct SL_WH_EVENT_TRIGGERS_T));
3263 	memcpy(&ioc->diag_trigger_event, buf, sz);
3264 	if (ioc->diag_trigger_event.ValidEntries > NUM_VALID_ENTRIES)
3265 		ioc->diag_trigger_event.ValidEntries = NUM_VALID_ENTRIES;
3266 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3267 	return sz;
3268 }
3269 static DEVICE_ATTR_RW(diag_trigger_event);
3270 
3271 
3272 /**
3273  * diag_trigger_scsi_show - show the diag_trigger_scsi attribute
3274  * @cdev: pointer to embedded class device
3275  * @attr: ?
3276  * @buf: the buffer returned
3277  *
3278  * A sysfs 'read/write' shost attribute.
3279  */
3280 static ssize_t
3281 diag_trigger_scsi_show(struct device *cdev,
3282 	struct device_attribute *attr, char *buf)
3283 {
3284 	struct Scsi_Host *shost = class_to_shost(cdev);
3285 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3286 	unsigned long flags;
3287 	ssize_t rc;
3288 
3289 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3290 	rc = sizeof(struct SL_WH_SCSI_TRIGGERS_T);
3291 	memcpy(buf, &ioc->diag_trigger_scsi, rc);
3292 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3293 	return rc;
3294 }
3295 
3296 /**
3297  * diag_trigger_scsi_store - store the diag_trigger_scsi attribute
3298  * @cdev: pointer to embedded class device
3299  * @attr: ?
3300  * @buf: the buffer returned
3301  * @count: ?
3302  *
3303  * A sysfs 'read/write' shost attribute.
3304  */
3305 static ssize_t
3306 diag_trigger_scsi_store(struct device *cdev,
3307 	struct device_attribute *attr, const char *buf, size_t count)
3308 {
3309 	struct Scsi_Host *shost = class_to_shost(cdev);
3310 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3311 	unsigned long flags;
3312 	ssize_t sz;
3313 
3314 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3315 	sz = min(sizeof(ioc->diag_trigger_scsi), count);
3316 	memset(&ioc->diag_trigger_scsi, 0, sizeof(ioc->diag_trigger_scsi));
3317 	memcpy(&ioc->diag_trigger_scsi, buf, sz);
3318 	if (ioc->diag_trigger_scsi.ValidEntries > NUM_VALID_ENTRIES)
3319 		ioc->diag_trigger_scsi.ValidEntries = NUM_VALID_ENTRIES;
3320 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3321 	return sz;
3322 }
3323 static DEVICE_ATTR_RW(diag_trigger_scsi);
3324 
3325 
3326 /**
3327  * diag_trigger_scsi_show - show the diag_trigger_mpi attribute
3328  * @cdev: pointer to embedded class device
3329  * @attr: ?
3330  * @buf: the buffer returned
3331  *
3332  * A sysfs 'read/write' shost attribute.
3333  */
3334 static ssize_t
3335 diag_trigger_mpi_show(struct device *cdev,
3336 	struct device_attribute *attr, char *buf)
3337 {
3338 	struct Scsi_Host *shost = class_to_shost(cdev);
3339 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3340 	unsigned long flags;
3341 	ssize_t rc;
3342 
3343 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3344 	rc = sizeof(struct SL_WH_MPI_TRIGGERS_T);
3345 	memcpy(buf, &ioc->diag_trigger_mpi, rc);
3346 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3347 	return rc;
3348 }
3349 
3350 /**
3351  * diag_trigger_mpi_store - store the diag_trigger_mpi attribute
3352  * @cdev: pointer to embedded class device
3353  * @attr: ?
3354  * @buf: the buffer returned
3355  * @count: ?
3356  *
3357  * A sysfs 'read/write' shost attribute.
3358  */
3359 static ssize_t
3360 diag_trigger_mpi_store(struct device *cdev,
3361 	struct device_attribute *attr, const char *buf, size_t count)
3362 {
3363 	struct Scsi_Host *shost = class_to_shost(cdev);
3364 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3365 	unsigned long flags;
3366 	ssize_t sz;
3367 
3368 	spin_lock_irqsave(&ioc->diag_trigger_lock, flags);
3369 	sz = min(sizeof(struct SL_WH_MPI_TRIGGERS_T), count);
3370 	memset(&ioc->diag_trigger_mpi, 0,
3371 	    sizeof(ioc->diag_trigger_mpi));
3372 	memcpy(&ioc->diag_trigger_mpi, buf, sz);
3373 	if (ioc->diag_trigger_mpi.ValidEntries > NUM_VALID_ENTRIES)
3374 		ioc->diag_trigger_mpi.ValidEntries = NUM_VALID_ENTRIES;
3375 	spin_unlock_irqrestore(&ioc->diag_trigger_lock, flags);
3376 	return sz;
3377 }
3378 
3379 static DEVICE_ATTR_RW(diag_trigger_mpi);
3380 
3381 /*********** diagnostic trigger suppport *** END ****************************/
3382 
3383 /*****************************************/
3384 
3385 /**
3386  * drv_support_bitmap_show - driver supported feature bitmap
3387  * @cdev - pointer to embedded class device
3388  * @buf - the buffer returned
3389  *
3390  * A sysfs 'read-only' shost attribute.
3391  */
3392 static ssize_t
3393 drv_support_bitmap_show(struct device *cdev,
3394 	struct device_attribute *attr, char *buf)
3395 {
3396 	struct Scsi_Host *shost = class_to_shost(cdev);
3397 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3398 
3399 	return snprintf(buf, PAGE_SIZE, "0x%08x\n", ioc->drv_support_bitmap);
3400 }
3401 static DEVICE_ATTR_RO(drv_support_bitmap);
3402 
3403 /**
3404  * enable_sdev_max_qd_show - display whether sdev max qd is enabled/disabled
3405  * @cdev - pointer to embedded class device
3406  * @buf - the buffer returned
3407  *
3408  * A sysfs read/write shost attribute. This attribute is used to set the
3409  * targets queue depth to HBA IO queue depth if this attribute is enabled.
3410  */
3411 static ssize_t
3412 enable_sdev_max_qd_show(struct device *cdev,
3413 	struct device_attribute *attr, char *buf)
3414 {
3415 	struct Scsi_Host *shost = class_to_shost(cdev);
3416 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3417 
3418 	return snprintf(buf, PAGE_SIZE, "%d\n", ioc->enable_sdev_max_qd);
3419 }
3420 
3421 /**
3422  * enable_sdev_max_qd_store - Enable/disable sdev max qd
3423  * @cdev - pointer to embedded class device
3424  * @buf - the buffer returned
3425  *
3426  * A sysfs read/write shost attribute. This attribute is used to set the
3427  * targets queue depth to HBA IO queue depth if this attribute is enabled.
3428  * If this attribute is disabled then targets will have corresponding default
3429  * queue depth.
3430  */
3431 static ssize_t
3432 enable_sdev_max_qd_store(struct device *cdev,
3433 	struct device_attribute *attr, const char *buf, size_t count)
3434 {
3435 	struct Scsi_Host *shost = class_to_shost(cdev);
3436 	struct MPT3SAS_ADAPTER *ioc = shost_priv(shost);
3437 	struct MPT3SAS_DEVICE *sas_device_priv_data;
3438 	struct MPT3SAS_TARGET *sas_target_priv_data;
3439 	int val = 0;
3440 	struct scsi_device *sdev;
3441 	struct _raid_device *raid_device;
3442 	int qdepth;
3443 
3444 	if (kstrtoint(buf, 0, &val) != 0)
3445 		return -EINVAL;
3446 
3447 	switch (val) {
3448 	case 0:
3449 		ioc->enable_sdev_max_qd = 0;
3450 		shost_for_each_device(sdev, ioc->shost) {
3451 			sas_device_priv_data = sdev->hostdata;
3452 			if (!sas_device_priv_data)
3453 				continue;
3454 			sas_target_priv_data = sas_device_priv_data->sas_target;
3455 			if (!sas_target_priv_data)
3456 				continue;
3457 
3458 			if (sas_target_priv_data->flags &
3459 			    MPT_TARGET_FLAGS_VOLUME) {
3460 				raid_device =
3461 				    mpt3sas_raid_device_find_by_handle(ioc,
3462 				    sas_target_priv_data->handle);
3463 
3464 				switch (raid_device->volume_type) {
3465 				case MPI2_RAID_VOL_TYPE_RAID0:
3466 					if (raid_device->device_info &
3467 					    MPI2_SAS_DEVICE_INFO_SSP_TARGET)
3468 						qdepth =
3469 						    MPT3SAS_SAS_QUEUE_DEPTH;
3470 					else
3471 						qdepth =
3472 						    MPT3SAS_SATA_QUEUE_DEPTH;
3473 					break;
3474 				case MPI2_RAID_VOL_TYPE_RAID1E:
3475 				case MPI2_RAID_VOL_TYPE_RAID1:
3476 				case MPI2_RAID_VOL_TYPE_RAID10:
3477 				case MPI2_RAID_VOL_TYPE_UNKNOWN:
3478 				default:
3479 					qdepth = MPT3SAS_RAID_QUEUE_DEPTH;
3480 				}
3481 			} else if (sas_target_priv_data->flags &
3482 			    MPT_TARGET_FLAGS_PCIE_DEVICE)
3483 				qdepth = MPT3SAS_NVME_QUEUE_DEPTH;
3484 			else
3485 				qdepth = MPT3SAS_SAS_QUEUE_DEPTH;
3486 
3487 			mpt3sas_scsih_change_queue_depth(sdev, qdepth);
3488 		}
3489 		break;
3490 	case 1:
3491 		ioc->enable_sdev_max_qd = 1;
3492 		shost_for_each_device(sdev, ioc->shost)
3493 			mpt3sas_scsih_change_queue_depth(sdev,
3494 			    shost->can_queue);
3495 		break;
3496 	default:
3497 		return -EINVAL;
3498 	}
3499 
3500 	return strlen(buf);
3501 }
3502 static DEVICE_ATTR_RW(enable_sdev_max_qd);
3503 
3504 struct device_attribute *mpt3sas_host_attrs[] = {
3505 	&dev_attr_version_fw,
3506 	&dev_attr_version_bios,
3507 	&dev_attr_version_mpi,
3508 	&dev_attr_version_product,
3509 	&dev_attr_version_nvdata_persistent,
3510 	&dev_attr_version_nvdata_default,
3511 	&dev_attr_board_name,
3512 	&dev_attr_board_assembly,
3513 	&dev_attr_board_tracer,
3514 	&dev_attr_io_delay,
3515 	&dev_attr_device_delay,
3516 	&dev_attr_logging_level,
3517 	&dev_attr_fwfault_debug,
3518 	&dev_attr_fw_queue_depth,
3519 	&dev_attr_host_sas_address,
3520 	&dev_attr_ioc_reset_count,
3521 	&dev_attr_host_trace_buffer_size,
3522 	&dev_attr_host_trace_buffer,
3523 	&dev_attr_host_trace_buffer_enable,
3524 	&dev_attr_reply_queue_count,
3525 	&dev_attr_diag_trigger_master,
3526 	&dev_attr_diag_trigger_event,
3527 	&dev_attr_diag_trigger_scsi,
3528 	&dev_attr_diag_trigger_mpi,
3529 	&dev_attr_drv_support_bitmap,
3530 	&dev_attr_BRM_status,
3531 	&dev_attr_enable_sdev_max_qd,
3532 	NULL,
3533 };
3534 
3535 /* device attributes */
3536 
3537 /**
3538  * sas_address_show - sas address
3539  * @dev: pointer to embedded class device
3540  * @attr: ?
3541  * @buf: the buffer returned
3542  *
3543  * This is the sas address for the target
3544  *
3545  * A sysfs 'read-only' shost attribute.
3546  */
3547 static ssize_t
3548 sas_address_show(struct device *dev, struct device_attribute *attr,
3549 	char *buf)
3550 {
3551 	struct scsi_device *sdev = to_scsi_device(dev);
3552 	struct MPT3SAS_DEVICE *sas_device_priv_data = sdev->hostdata;
3553 
3554 	return snprintf(buf, PAGE_SIZE, "0x%016llx\n",
3555 	    (unsigned long long)sas_device_priv_data->sas_target->sas_address);
3556 }
3557 static DEVICE_ATTR_RO(sas_address);
3558 
3559 /**
3560  * sas_device_handle_show - device handle
3561  * @dev: pointer to embedded class device
3562  * @attr: ?
3563  * @buf: the buffer returned
3564  *
3565  * This is the firmware assigned device handle
3566  *
3567  * A sysfs 'read-only' shost attribute.
3568  */
3569 static ssize_t
3570 sas_device_handle_show(struct device *dev, struct device_attribute *attr,
3571 	char *buf)
3572 {
3573 	struct scsi_device *sdev = to_scsi_device(dev);
3574 	struct MPT3SAS_DEVICE *sas_device_priv_data = sdev->hostdata;
3575 
3576 	return snprintf(buf, PAGE_SIZE, "0x%04x\n",
3577 	    sas_device_priv_data->sas_target->handle);
3578 }
3579 static DEVICE_ATTR_RO(sas_device_handle);
3580 
3581 /**
3582  * sas_ncq_io_prio_show - send prioritized io commands to device
3583  * @dev: pointer to embedded device
3584  * @attr: ?
3585  * @buf: the buffer returned
3586  *
3587  * A sysfs 'read/write' sdev attribute, only works with SATA
3588  */
3589 static ssize_t
3590 sas_ncq_prio_enable_show(struct device *dev,
3591 				 struct device_attribute *attr, char *buf)
3592 {
3593 	struct scsi_device *sdev = to_scsi_device(dev);
3594 	struct MPT3SAS_DEVICE *sas_device_priv_data = sdev->hostdata;
3595 
3596 	return snprintf(buf, PAGE_SIZE, "%d\n",
3597 			sas_device_priv_data->ncq_prio_enable);
3598 }
3599 
3600 static ssize_t
3601 sas_ncq_prio_enable_store(struct device *dev,
3602 				  struct device_attribute *attr,
3603 				  const char *buf, size_t count)
3604 {
3605 	struct scsi_device *sdev = to_scsi_device(dev);
3606 	struct MPT3SAS_DEVICE *sas_device_priv_data = sdev->hostdata;
3607 	bool ncq_prio_enable = 0;
3608 
3609 	if (kstrtobool(buf, &ncq_prio_enable))
3610 		return -EINVAL;
3611 
3612 	if (!scsih_ncq_prio_supp(sdev))
3613 		return -EINVAL;
3614 
3615 	sas_device_priv_data->ncq_prio_enable = ncq_prio_enable;
3616 	return strlen(buf);
3617 }
3618 static DEVICE_ATTR_RW(sas_ncq_prio_enable);
3619 
3620 struct device_attribute *mpt3sas_dev_attrs[] = {
3621 	&dev_attr_sas_address,
3622 	&dev_attr_sas_device_handle,
3623 	&dev_attr_sas_ncq_prio_enable,
3624 	NULL,
3625 };
3626 
3627 /* file operations table for mpt3ctl device */
3628 static const struct file_operations ctl_fops = {
3629 	.owner = THIS_MODULE,
3630 	.unlocked_ioctl = _ctl_ioctl,
3631 	.poll = _ctl_poll,
3632 	.fasync = _ctl_fasync,
3633 #ifdef CONFIG_COMPAT
3634 	.compat_ioctl = _ctl_ioctl_compat,
3635 #endif
3636 };
3637 
3638 /* file operations table for mpt2ctl device */
3639 static const struct file_operations ctl_gen2_fops = {
3640 	.owner = THIS_MODULE,
3641 	.unlocked_ioctl = _ctl_mpt2_ioctl,
3642 	.poll = _ctl_poll,
3643 	.fasync = _ctl_fasync,
3644 #ifdef CONFIG_COMPAT
3645 	.compat_ioctl = _ctl_mpt2_ioctl_compat,
3646 #endif
3647 };
3648 
3649 static struct miscdevice ctl_dev = {
3650 	.minor  = MPT3SAS_MINOR,
3651 	.name   = MPT3SAS_DEV_NAME,
3652 	.fops   = &ctl_fops,
3653 };
3654 
3655 static struct miscdevice gen2_ctl_dev = {
3656 	.minor  = MPT2SAS_MINOR,
3657 	.name   = MPT2SAS_DEV_NAME,
3658 	.fops   = &ctl_gen2_fops,
3659 };
3660 
3661 /**
3662  * mpt3sas_ctl_init - main entry point for ctl.
3663  * @hbas_to_enumerate: ?
3664  */
3665 void
3666 mpt3sas_ctl_init(ushort hbas_to_enumerate)
3667 {
3668 	async_queue = NULL;
3669 
3670 	/* Don't register mpt3ctl ioctl device if
3671 	 * hbas_to_enumarate is one.
3672 	 */
3673 	if (hbas_to_enumerate != 1)
3674 		if (misc_register(&ctl_dev) < 0)
3675 			pr_err("%s can't register misc device [minor=%d]\n",
3676 			    MPT3SAS_DRIVER_NAME, MPT3SAS_MINOR);
3677 
3678 	/* Don't register mpt3ctl ioctl device if
3679 	 * hbas_to_enumarate is two.
3680 	 */
3681 	if (hbas_to_enumerate != 2)
3682 		if (misc_register(&gen2_ctl_dev) < 0)
3683 			pr_err("%s can't register misc device [minor=%d]\n",
3684 			    MPT2SAS_DRIVER_NAME, MPT2SAS_MINOR);
3685 
3686 	init_waitqueue_head(&ctl_poll_wait);
3687 }
3688 
3689 /**
3690  * mpt3sas_ctl_exit - exit point for ctl
3691  * @hbas_to_enumerate: ?
3692  */
3693 void
3694 mpt3sas_ctl_exit(ushort hbas_to_enumerate)
3695 {
3696 	struct MPT3SAS_ADAPTER *ioc;
3697 	int i;
3698 
3699 	list_for_each_entry(ioc, &mpt3sas_ioc_list, list) {
3700 
3701 		/* free memory associated to diag buffers */
3702 		for (i = 0; i < MPI2_DIAG_BUF_TYPE_COUNT; i++) {
3703 			if (!ioc->diag_buffer[i])
3704 				continue;
3705 			if (!(ioc->diag_buffer_status[i] &
3706 			    MPT3_DIAG_BUFFER_IS_REGISTERED))
3707 				continue;
3708 			if ((ioc->diag_buffer_status[i] &
3709 			    MPT3_DIAG_BUFFER_IS_RELEASED))
3710 				continue;
3711 			dma_free_coherent(&ioc->pdev->dev,
3712 					  ioc->diag_buffer_sz[i],
3713 					  ioc->diag_buffer[i],
3714 					  ioc->diag_buffer_dma[i]);
3715 			ioc->diag_buffer[i] = NULL;
3716 			ioc->diag_buffer_status[i] = 0;
3717 		}
3718 
3719 		kfree(ioc->event_log);
3720 	}
3721 	if (hbas_to_enumerate != 1)
3722 		misc_deregister(&ctl_dev);
3723 	if (hbas_to_enumerate != 2)
3724 		misc_deregister(&gen2_ctl_dev);
3725 }
3726