xref: /openbmc/linux/drivers/scsi/scsi.c (revision 22246614)
1 /*
2  *  scsi.c Copyright (C) 1992 Drew Eckhardt
3  *         Copyright (C) 1993, 1994, 1995, 1999 Eric Youngdale
4  *         Copyright (C) 2002, 2003 Christoph Hellwig
5  *
6  *  generic mid-level SCSI driver
7  *      Initial versions: Drew Eckhardt
8  *      Subsequent revisions: Eric Youngdale
9  *
10  *  <drew@colorado.edu>
11  *
12  *  Bug correction thanks go to :
13  *      Rik Faith <faith@cs.unc.edu>
14  *      Tommy Thorn <tthorn>
15  *      Thomas Wuensche <tw@fgb1.fgb.mw.tu-muenchen.de>
16  *
17  *  Modified by Eric Youngdale eric@andante.org or ericy@gnu.ai.mit.edu to
18  *  add scatter-gather, multiple outstanding request, and other
19  *  enhancements.
20  *
21  *  Native multichannel, wide scsi, /proc/scsi and hot plugging
22  *  support added by Michael Neuffer <mike@i-connect.net>
23  *
24  *  Added request_module("scsi_hostadapter") for kerneld:
25  *  (Put an "alias scsi_hostadapter your_hostadapter" in /etc/modprobe.conf)
26  *  Bjorn Ekwall  <bj0rn@blox.se>
27  *  (changed to kmod)
28  *
29  *  Major improvements to the timeout, abort, and reset processing,
30  *  as well as performance modifications for large queue depths by
31  *  Leonard N. Zubkoff <lnz@dandelion.com>
32  *
33  *  Converted cli() code to spinlocks, Ingo Molnar
34  *
35  *  Jiffies wrap fixes (host->resetting), 3 Dec 1998 Andrea Arcangeli
36  *
37  *  out_of_space hacks, D. Gilbert (dpg) 990608
38  */
39 
40 #include <linux/module.h>
41 #include <linux/moduleparam.h>
42 #include <linux/kernel.h>
43 #include <linux/timer.h>
44 #include <linux/string.h>
45 #include <linux/slab.h>
46 #include <linux/blkdev.h>
47 #include <linux/delay.h>
48 #include <linux/init.h>
49 #include <linux/completion.h>
50 #include <linux/unistd.h>
51 #include <linux/spinlock.h>
52 #include <linux/kmod.h>
53 #include <linux/interrupt.h>
54 #include <linux/notifier.h>
55 #include <linux/cpu.h>
56 #include <linux/mutex.h>
57 
58 #include <scsi/scsi.h>
59 #include <scsi/scsi_cmnd.h>
60 #include <scsi/scsi_dbg.h>
61 #include <scsi/scsi_device.h>
62 #include <scsi/scsi_driver.h>
63 #include <scsi/scsi_eh.h>
64 #include <scsi/scsi_host.h>
65 #include <scsi/scsi_tcq.h>
66 
67 #include "scsi_priv.h"
68 #include "scsi_logging.h"
69 
70 static void scsi_done(struct scsi_cmnd *cmd);
71 
72 /*
73  * Definitions and constants.
74  */
75 
76 #define MIN_RESET_DELAY (2*HZ)
77 
78 /* Do not call reset on error if we just did a reset within 15 sec. */
79 #define MIN_RESET_PERIOD (15*HZ)
80 
81 /*
82  * Note - the initial logging level can be set here to log events at boot time.
83  * After the system is up, you may enable logging via the /proc interface.
84  */
85 unsigned int scsi_logging_level;
86 #if defined(CONFIG_SCSI_LOGGING)
87 EXPORT_SYMBOL(scsi_logging_level);
88 #endif
89 
90 /* NB: These are exposed through /proc/scsi/scsi and form part of the ABI.
91  * You may not alter any existing entry (although adding new ones is
92  * encouraged once assigned by ANSI/INCITS T10
93  */
94 static const char *const scsi_device_types[] = {
95 	"Direct-Access    ",
96 	"Sequential-Access",
97 	"Printer          ",
98 	"Processor        ",
99 	"WORM             ",
100 	"CD-ROM           ",
101 	"Scanner          ",
102 	"Optical Device   ",
103 	"Medium Changer   ",
104 	"Communications   ",
105 	"ASC IT8          ",
106 	"ASC IT8          ",
107 	"RAID             ",
108 	"Enclosure        ",
109 	"Direct-Access-RBC",
110 	"Optical card     ",
111 	"Bridge controller",
112 	"Object storage   ",
113 	"Automation/Drive ",
114 };
115 
116 /**
117  * scsi_device_type - Return 17 char string indicating device type.
118  * @type: type number to look up
119  */
120 
121 const char * scsi_device_type(unsigned type)
122 {
123 	if (type == 0x1e)
124 		return "Well-known LUN   ";
125 	if (type == 0x1f)
126 		return "No Device        ";
127 	if (type >= ARRAY_SIZE(scsi_device_types))
128 		return "Unknown          ";
129 	return scsi_device_types[type];
130 }
131 
132 EXPORT_SYMBOL(scsi_device_type);
133 
134 struct scsi_host_cmd_pool {
135 	struct kmem_cache	*cmd_slab;
136 	struct kmem_cache	*sense_slab;
137 	unsigned int		users;
138 	char			*cmd_name;
139 	char			*sense_name;
140 	unsigned int		slab_flags;
141 	gfp_t			gfp_mask;
142 };
143 
144 static struct scsi_host_cmd_pool scsi_cmd_pool = {
145 	.cmd_name	= "scsi_cmd_cache",
146 	.sense_name	= "scsi_sense_cache",
147 	.slab_flags	= SLAB_HWCACHE_ALIGN,
148 };
149 
150 static struct scsi_host_cmd_pool scsi_cmd_dma_pool = {
151 	.cmd_name	= "scsi_cmd_cache(DMA)",
152 	.sense_name	= "scsi_sense_cache(DMA)",
153 	.slab_flags	= SLAB_HWCACHE_ALIGN|SLAB_CACHE_DMA,
154 	.gfp_mask	= __GFP_DMA,
155 };
156 
157 static DEFINE_MUTEX(host_cmd_pool_mutex);
158 
159 /**
160  * scsi_pool_alloc_command - internal function to get a fully allocated command
161  * @pool:	slab pool to allocate the command from
162  * @gfp_mask:	mask for the allocation
163  *
164  * Returns a fully allocated command (with the allied sense buffer) or
165  * NULL on failure
166  */
167 static struct scsi_cmnd *
168 scsi_pool_alloc_command(struct scsi_host_cmd_pool *pool, gfp_t gfp_mask)
169 {
170 	struct scsi_cmnd *cmd;
171 
172 	cmd = kmem_cache_alloc(pool->cmd_slab, gfp_mask | pool->gfp_mask);
173 	if (!cmd)
174 		return NULL;
175 
176 	memset(cmd, 0, sizeof(*cmd));
177 
178 	cmd->sense_buffer = kmem_cache_alloc(pool->sense_slab,
179 					     gfp_mask | pool->gfp_mask);
180 	if (!cmd->sense_buffer) {
181 		kmem_cache_free(pool->cmd_slab, cmd);
182 		return NULL;
183 	}
184 
185 	return cmd;
186 }
187 
188 /**
189  * scsi_pool_free_command - internal function to release a command
190  * @pool:	slab pool to allocate the command from
191  * @cmd:	command to release
192  *
193  * the command must previously have been allocated by
194  * scsi_pool_alloc_command.
195  */
196 static void
197 scsi_pool_free_command(struct scsi_host_cmd_pool *pool,
198 			 struct scsi_cmnd *cmd)
199 {
200 	kmem_cache_free(pool->sense_slab, cmd->sense_buffer);
201 	kmem_cache_free(pool->cmd_slab, cmd);
202 }
203 
204 /**
205  * __scsi_get_command - Allocate a struct scsi_cmnd
206  * @shost: host to transmit command
207  * @gfp_mask: allocation mask
208  *
209  * Description: allocate a struct scsi_cmd from host's slab, recycling from the
210  *              host's free_list if necessary.
211  */
212 struct scsi_cmnd *__scsi_get_command(struct Scsi_Host *shost, gfp_t gfp_mask)
213 {
214 	struct scsi_cmnd *cmd;
215 	unsigned char *buf;
216 
217 	cmd = scsi_pool_alloc_command(shost->cmd_pool, gfp_mask);
218 
219 	if (unlikely(!cmd)) {
220 		unsigned long flags;
221 
222 		spin_lock_irqsave(&shost->free_list_lock, flags);
223 		if (likely(!list_empty(&shost->free_list))) {
224 			cmd = list_entry(shost->free_list.next,
225 					 struct scsi_cmnd, list);
226 			list_del_init(&cmd->list);
227 		}
228 		spin_unlock_irqrestore(&shost->free_list_lock, flags);
229 
230 		if (cmd) {
231 			buf = cmd->sense_buffer;
232 			memset(cmd, 0, sizeof(*cmd));
233 			cmd->sense_buffer = buf;
234 		}
235 	}
236 
237 	return cmd;
238 }
239 EXPORT_SYMBOL_GPL(__scsi_get_command);
240 
241 /**
242  * scsi_get_command - Allocate and setup a scsi command block
243  * @dev: parent scsi device
244  * @gfp_mask: allocator flags
245  *
246  * Returns:	The allocated scsi command structure.
247  */
248 struct scsi_cmnd *scsi_get_command(struct scsi_device *dev, gfp_t gfp_mask)
249 {
250 	struct scsi_cmnd *cmd;
251 
252 	/* Bail if we can't get a reference to the device */
253 	if (!get_device(&dev->sdev_gendev))
254 		return NULL;
255 
256 	cmd = __scsi_get_command(dev->host, gfp_mask);
257 
258 	if (likely(cmd != NULL)) {
259 		unsigned long flags;
260 
261 		cmd->device = dev;
262 		init_timer(&cmd->eh_timeout);
263 		INIT_LIST_HEAD(&cmd->list);
264 		spin_lock_irqsave(&dev->list_lock, flags);
265 		list_add_tail(&cmd->list, &dev->cmd_list);
266 		spin_unlock_irqrestore(&dev->list_lock, flags);
267 		cmd->jiffies_at_alloc = jiffies;
268 	} else
269 		put_device(&dev->sdev_gendev);
270 
271 	return cmd;
272 }
273 EXPORT_SYMBOL(scsi_get_command);
274 
275 /**
276  * __scsi_put_command - Free a struct scsi_cmnd
277  * @shost: dev->host
278  * @cmd: Command to free
279  * @dev: parent scsi device
280  */
281 void __scsi_put_command(struct Scsi_Host *shost, struct scsi_cmnd *cmd,
282 			struct device *dev)
283 {
284 	unsigned long flags;
285 
286 	/* changing locks here, don't need to restore the irq state */
287 	spin_lock_irqsave(&shost->free_list_lock, flags);
288 	if (unlikely(list_empty(&shost->free_list))) {
289 		list_add(&cmd->list, &shost->free_list);
290 		cmd = NULL;
291 	}
292 	spin_unlock_irqrestore(&shost->free_list_lock, flags);
293 
294 	if (likely(cmd != NULL))
295 		scsi_pool_free_command(shost->cmd_pool, cmd);
296 
297 	put_device(dev);
298 }
299 EXPORT_SYMBOL(__scsi_put_command);
300 
301 /**
302  * scsi_put_command - Free a scsi command block
303  * @cmd: command block to free
304  *
305  * Returns:	Nothing.
306  *
307  * Notes:	The command must not belong to any lists.
308  */
309 void scsi_put_command(struct scsi_cmnd *cmd)
310 {
311 	struct scsi_device *sdev = cmd->device;
312 	unsigned long flags;
313 
314 	/* serious error if the command hasn't come from a device list */
315 	spin_lock_irqsave(&cmd->device->list_lock, flags);
316 	BUG_ON(list_empty(&cmd->list));
317 	list_del_init(&cmd->list);
318 	spin_unlock_irqrestore(&cmd->device->list_lock, flags);
319 
320 	__scsi_put_command(cmd->device->host, cmd, &sdev->sdev_gendev);
321 }
322 EXPORT_SYMBOL(scsi_put_command);
323 
324 static struct scsi_host_cmd_pool *scsi_get_host_cmd_pool(gfp_t gfp_mask)
325 {
326 	struct scsi_host_cmd_pool *retval = NULL, *pool;
327 	/*
328 	 * Select a command slab for this host and create it if not
329 	 * yet existent.
330 	 */
331 	mutex_lock(&host_cmd_pool_mutex);
332 	pool = (gfp_mask & __GFP_DMA) ? &scsi_cmd_dma_pool :
333 		&scsi_cmd_pool;
334 	if (!pool->users) {
335 		pool->cmd_slab = kmem_cache_create(pool->cmd_name,
336 						   sizeof(struct scsi_cmnd), 0,
337 						   pool->slab_flags, NULL);
338 		if (!pool->cmd_slab)
339 			goto fail;
340 
341 		pool->sense_slab = kmem_cache_create(pool->sense_name,
342 						     SCSI_SENSE_BUFFERSIZE, 0,
343 						     pool->slab_flags, NULL);
344 		if (!pool->sense_slab) {
345 			kmem_cache_destroy(pool->cmd_slab);
346 			goto fail;
347 		}
348 	}
349 
350 	pool->users++;
351 	retval = pool;
352  fail:
353 	mutex_unlock(&host_cmd_pool_mutex);
354 	return retval;
355 }
356 
357 static void scsi_put_host_cmd_pool(gfp_t gfp_mask)
358 {
359 	struct scsi_host_cmd_pool *pool;
360 
361 	mutex_lock(&host_cmd_pool_mutex);
362 	pool = (gfp_mask & __GFP_DMA) ? &scsi_cmd_dma_pool :
363 		&scsi_cmd_pool;
364 	/*
365 	 * This may happen if a driver has a mismatched get and put
366 	 * of the command pool; the driver should be implicated in
367 	 * the stack trace
368 	 */
369 	BUG_ON(pool->users == 0);
370 
371 	if (!--pool->users) {
372 		kmem_cache_destroy(pool->cmd_slab);
373 		kmem_cache_destroy(pool->sense_slab);
374 	}
375 	mutex_unlock(&host_cmd_pool_mutex);
376 }
377 
378 /**
379  * scsi_allocate_command - get a fully allocated SCSI command
380  * @gfp_mask:	allocation mask
381  *
382  * This function is for use outside of the normal host based pools.
383  * It allocates the relevant command and takes an additional reference
384  * on the pool it used.  This function *must* be paired with
385  * scsi_free_command which also has the identical mask, otherwise the
386  * free pool counts will eventually go wrong and you'll trigger a bug.
387  *
388  * This function should *only* be used by drivers that need a static
389  * command allocation at start of day for internal functions.
390  */
391 struct scsi_cmnd *scsi_allocate_command(gfp_t gfp_mask)
392 {
393 	struct scsi_host_cmd_pool *pool = scsi_get_host_cmd_pool(gfp_mask);
394 
395 	if (!pool)
396 		return NULL;
397 
398 	return scsi_pool_alloc_command(pool, gfp_mask);
399 }
400 EXPORT_SYMBOL(scsi_allocate_command);
401 
402 /**
403  * scsi_free_command - free a command allocated by scsi_allocate_command
404  * @gfp_mask:	mask used in the original allocation
405  * @cmd:	command to free
406  *
407  * Note: using the original allocation mask is vital because that's
408  * what determines which command pool we use to free the command.  Any
409  * mismatch will cause the system to BUG eventually.
410  */
411 void scsi_free_command(gfp_t gfp_mask, struct scsi_cmnd *cmd)
412 {
413 	struct scsi_host_cmd_pool *pool = scsi_get_host_cmd_pool(gfp_mask);
414 
415 	/*
416 	 * this could trigger if the mask to scsi_allocate_command
417 	 * doesn't match this mask.  Otherwise we're guaranteed that this
418 	 * succeeds because scsi_allocate_command must have taken a reference
419 	 * on the pool
420 	 */
421 	BUG_ON(!pool);
422 
423 	scsi_pool_free_command(pool, cmd);
424 	/*
425 	 * scsi_put_host_cmd_pool is called twice; once to release the
426 	 * reference we took above, and once to release the reference
427 	 * originally taken by scsi_allocate_command
428 	 */
429 	scsi_put_host_cmd_pool(gfp_mask);
430 	scsi_put_host_cmd_pool(gfp_mask);
431 }
432 EXPORT_SYMBOL(scsi_free_command);
433 
434 /**
435  * scsi_setup_command_freelist - Setup the command freelist for a scsi host.
436  * @shost: host to allocate the freelist for.
437  *
438  * Description: The command freelist protects against system-wide out of memory
439  * deadlock by preallocating one SCSI command structure for each host, so the
440  * system can always write to a swap file on a device associated with that host.
441  *
442  * Returns:	Nothing.
443  */
444 int scsi_setup_command_freelist(struct Scsi_Host *shost)
445 {
446 	struct scsi_cmnd *cmd;
447 	const gfp_t gfp_mask = shost->unchecked_isa_dma ? GFP_DMA : GFP_KERNEL;
448 
449 	spin_lock_init(&shost->free_list_lock);
450 	INIT_LIST_HEAD(&shost->free_list);
451 
452 	shost->cmd_pool = scsi_get_host_cmd_pool(gfp_mask);
453 
454 	if (!shost->cmd_pool)
455 		return -ENOMEM;
456 
457 	/*
458 	 * Get one backup command for this host.
459 	 */
460 	cmd = scsi_pool_alloc_command(shost->cmd_pool, gfp_mask);
461 	if (!cmd) {
462 		scsi_put_host_cmd_pool(gfp_mask);
463 		shost->cmd_pool = NULL;
464 		return -ENOMEM;
465 	}
466 	list_add(&cmd->list, &shost->free_list);
467 	return 0;
468 }
469 
470 /**
471  * scsi_destroy_command_freelist - Release the command freelist for a scsi host.
472  * @shost: host whose freelist is going to be destroyed
473  */
474 void scsi_destroy_command_freelist(struct Scsi_Host *shost)
475 {
476 	/*
477 	 * If cmd_pool is NULL the free list was not initialized, so
478 	 * do not attempt to release resources.
479 	 */
480 	if (!shost->cmd_pool)
481 		return;
482 
483 	while (!list_empty(&shost->free_list)) {
484 		struct scsi_cmnd *cmd;
485 
486 		cmd = list_entry(shost->free_list.next, struct scsi_cmnd, list);
487 		list_del_init(&cmd->list);
488 		scsi_pool_free_command(shost->cmd_pool, cmd);
489 	}
490 	shost->cmd_pool = NULL;
491 	scsi_put_host_cmd_pool(shost->unchecked_isa_dma ? GFP_DMA : GFP_KERNEL);
492 }
493 
494 #ifdef CONFIG_SCSI_LOGGING
495 void scsi_log_send(struct scsi_cmnd *cmd)
496 {
497 	unsigned int level;
498 
499 	/*
500 	 * If ML QUEUE log level is greater than or equal to:
501 	 *
502 	 * 1: nothing (match completion)
503 	 *
504 	 * 2: log opcode + command of all commands
505 	 *
506 	 * 3: same as 2 plus dump cmd address
507 	 *
508 	 * 4: same as 3 plus dump extra junk
509 	 */
510 	if (unlikely(scsi_logging_level)) {
511 		level = SCSI_LOG_LEVEL(SCSI_LOG_MLQUEUE_SHIFT,
512 				       SCSI_LOG_MLQUEUE_BITS);
513 		if (level > 1) {
514 			scmd_printk(KERN_INFO, cmd, "Send: ");
515 			if (level > 2)
516 				printk("0x%p ", cmd);
517 			printk("\n");
518 			scsi_print_command(cmd);
519 			if (level > 3) {
520 				printk(KERN_INFO "buffer = 0x%p, bufflen = %d,"
521 				       " queuecommand 0x%p\n",
522 					scsi_sglist(cmd), scsi_bufflen(cmd),
523 					cmd->device->host->hostt->queuecommand);
524 
525 			}
526 		}
527 	}
528 }
529 
530 void scsi_log_completion(struct scsi_cmnd *cmd, int disposition)
531 {
532 	unsigned int level;
533 
534 	/*
535 	 * If ML COMPLETE log level is greater than or equal to:
536 	 *
537 	 * 1: log disposition, result, opcode + command, and conditionally
538 	 * sense data for failures or non SUCCESS dispositions.
539 	 *
540 	 * 2: same as 1 but for all command completions.
541 	 *
542 	 * 3: same as 2 plus dump cmd address
543 	 *
544 	 * 4: same as 3 plus dump extra junk
545 	 */
546 	if (unlikely(scsi_logging_level)) {
547 		level = SCSI_LOG_LEVEL(SCSI_LOG_MLCOMPLETE_SHIFT,
548 				       SCSI_LOG_MLCOMPLETE_BITS);
549 		if (((level > 0) && (cmd->result || disposition != SUCCESS)) ||
550 		    (level > 1)) {
551 			scmd_printk(KERN_INFO, cmd, "Done: ");
552 			if (level > 2)
553 				printk("0x%p ", cmd);
554 			/*
555 			 * Dump truncated values, so we usually fit within
556 			 * 80 chars.
557 			 */
558 			switch (disposition) {
559 			case SUCCESS:
560 				printk("SUCCESS\n");
561 				break;
562 			case NEEDS_RETRY:
563 				printk("RETRY\n");
564 				break;
565 			case ADD_TO_MLQUEUE:
566 				printk("MLQUEUE\n");
567 				break;
568 			case FAILED:
569 				printk("FAILED\n");
570 				break;
571 			case TIMEOUT_ERROR:
572 				/*
573 				 * If called via scsi_times_out.
574 				 */
575 				printk("TIMEOUT\n");
576 				break;
577 			default:
578 				printk("UNKNOWN\n");
579 			}
580 			scsi_print_result(cmd);
581 			scsi_print_command(cmd);
582 			if (status_byte(cmd->result) & CHECK_CONDITION)
583 				scsi_print_sense("", cmd);
584 			if (level > 3)
585 				scmd_printk(KERN_INFO, cmd,
586 					    "scsi host busy %d failed %d\n",
587 					    cmd->device->host->host_busy,
588 					    cmd->device->host->host_failed);
589 		}
590 	}
591 }
592 #endif
593 
594 /**
595  * scsi_cmd_get_serial - Assign a serial number to a command
596  * @host: the scsi host
597  * @cmd: command to assign serial number to
598  *
599  * Description: a serial number identifies a request for error recovery
600  * and debugging purposes.  Protected by the Host_Lock of host.
601  */
602 static inline void scsi_cmd_get_serial(struct Scsi_Host *host, struct scsi_cmnd *cmd)
603 {
604 	cmd->serial_number = host->cmd_serial_number++;
605 	if (cmd->serial_number == 0)
606 		cmd->serial_number = host->cmd_serial_number++;
607 }
608 
609 /**
610  * scsi_dispatch_command - Dispatch a command to the low-level driver.
611  * @cmd: command block we are dispatching.
612  *
613  * Return: nonzero return request was rejected and device's queue needs to be
614  * plugged.
615  */
616 int scsi_dispatch_cmd(struct scsi_cmnd *cmd)
617 {
618 	struct Scsi_Host *host = cmd->device->host;
619 	unsigned long flags = 0;
620 	unsigned long timeout;
621 	int rtn = 0;
622 
623 	/* check if the device is still usable */
624 	if (unlikely(cmd->device->sdev_state == SDEV_DEL)) {
625 		/* in SDEV_DEL we error all commands. DID_NO_CONNECT
626 		 * returns an immediate error upwards, and signals
627 		 * that the device is no longer present */
628 		cmd->result = DID_NO_CONNECT << 16;
629 		atomic_inc(&cmd->device->iorequest_cnt);
630 		__scsi_done(cmd);
631 		/* return 0 (because the command has been processed) */
632 		goto out;
633 	}
634 
635 	/* Check to see if the scsi lld put this device into state SDEV_BLOCK. */
636 	if (unlikely(cmd->device->sdev_state == SDEV_BLOCK)) {
637 		/*
638 		 * in SDEV_BLOCK, the command is just put back on the device
639 		 * queue.  The suspend state has already blocked the queue so
640 		 * future requests should not occur until the device
641 		 * transitions out of the suspend state.
642 		 */
643 		scsi_queue_insert(cmd, SCSI_MLQUEUE_DEVICE_BUSY);
644 
645 		SCSI_LOG_MLQUEUE(3, printk("queuecommand : device blocked \n"));
646 
647 		/*
648 		 * NOTE: rtn is still zero here because we don't need the
649 		 * queue to be plugged on return (it's already stopped)
650 		 */
651 		goto out;
652 	}
653 
654 	/*
655 	 * If SCSI-2 or lower, store the LUN value in cmnd.
656 	 */
657 	if (cmd->device->scsi_level <= SCSI_2 &&
658 	    cmd->device->scsi_level != SCSI_UNKNOWN) {
659 		cmd->cmnd[1] = (cmd->cmnd[1] & 0x1f) |
660 			       (cmd->device->lun << 5 & 0xe0);
661 	}
662 
663 	/*
664 	 * We will wait MIN_RESET_DELAY clock ticks after the last reset so
665 	 * we can avoid the drive not being ready.
666 	 */
667 	timeout = host->last_reset + MIN_RESET_DELAY;
668 
669 	if (host->resetting && time_before(jiffies, timeout)) {
670 		int ticks_remaining = timeout - jiffies;
671 		/*
672 		 * NOTE: This may be executed from within an interrupt
673 		 * handler!  This is bad, but for now, it'll do.  The irq
674 		 * level of the interrupt handler has been masked out by the
675 		 * platform dependent interrupt handling code already, so the
676 		 * sti() here will not cause another call to the SCSI host's
677 		 * interrupt handler (assuming there is one irq-level per
678 		 * host).
679 		 */
680 		while (--ticks_remaining >= 0)
681 			mdelay(1 + 999 / HZ);
682 		host->resetting = 0;
683 	}
684 
685 	/*
686 	 * AK: unlikely race here: for some reason the timer could
687 	 * expire before the serial number is set up below.
688 	 */
689 	scsi_add_timer(cmd, cmd->timeout_per_command, scsi_times_out);
690 
691 	scsi_log_send(cmd);
692 
693 	/*
694 	 * We will use a queued command if possible, otherwise we will
695 	 * emulate the queuing and calling of completion function ourselves.
696 	 */
697 	atomic_inc(&cmd->device->iorequest_cnt);
698 
699 	/*
700 	 * Before we queue this command, check if the command
701 	 * length exceeds what the host adapter can handle.
702 	 */
703 	if (cmd->cmd_len > cmd->device->host->max_cmd_len) {
704 		SCSI_LOG_MLQUEUE(3,
705 			printk("queuecommand : command too long. "
706 			       "cdb_size=%d host->max_cmd_len=%d\n",
707 			       cmd->cmd_len, cmd->device->host->max_cmd_len));
708 		cmd->result = (DID_ABORT << 16);
709 
710 		scsi_done(cmd);
711 		goto out;
712 	}
713 
714 	spin_lock_irqsave(host->host_lock, flags);
715 	scsi_cmd_get_serial(host, cmd);
716 
717 	if (unlikely(host->shost_state == SHOST_DEL)) {
718 		cmd->result = (DID_NO_CONNECT << 16);
719 		scsi_done(cmd);
720 	} else {
721 		rtn = host->hostt->queuecommand(cmd, scsi_done);
722 	}
723 	spin_unlock_irqrestore(host->host_lock, flags);
724 	if (rtn) {
725 		if (scsi_delete_timer(cmd)) {
726 			atomic_inc(&cmd->device->iodone_cnt);
727 			scsi_queue_insert(cmd,
728 					  (rtn == SCSI_MLQUEUE_DEVICE_BUSY) ?
729 					  rtn : SCSI_MLQUEUE_HOST_BUSY);
730 		}
731 		SCSI_LOG_MLQUEUE(3,
732 		    printk("queuecommand : request rejected\n"));
733 	}
734 
735  out:
736 	SCSI_LOG_MLQUEUE(3, printk("leaving scsi_dispatch_cmnd()\n"));
737 	return rtn;
738 }
739 
740 /**
741  * scsi_req_abort_cmd -- Request command recovery for the specified command
742  * @cmd: pointer to the SCSI command of interest
743  *
744  * This function requests that SCSI Core start recovery for the
745  * command by deleting the timer and adding the command to the eh
746  * queue.  It can be called by either LLDDs or SCSI Core.  LLDDs who
747  * implement their own error recovery MAY ignore the timeout event if
748  * they generated scsi_req_abort_cmd.
749  */
750 void scsi_req_abort_cmd(struct scsi_cmnd *cmd)
751 {
752 	if (!scsi_delete_timer(cmd))
753 		return;
754 	scsi_times_out(cmd);
755 }
756 EXPORT_SYMBOL(scsi_req_abort_cmd);
757 
758 /**
759  * scsi_done - Enqueue the finished SCSI command into the done queue.
760  * @cmd: The SCSI Command for which a low-level device driver (LLDD) gives
761  * ownership back to SCSI Core -- i.e. the LLDD has finished with it.
762  *
763  * Description: This function is the mid-level's (SCSI Core) interrupt routine,
764  * which regains ownership of the SCSI command (de facto) from a LLDD, and
765  * enqueues the command to the done queue for further processing.
766  *
767  * This is the producer of the done queue who enqueues at the tail.
768  *
769  * This function is interrupt context safe.
770  */
771 static void scsi_done(struct scsi_cmnd *cmd)
772 {
773 	/*
774 	 * We don't have to worry about this one timing out anymore.
775 	 * If we are unable to remove the timer, then the command
776 	 * has already timed out.  In which case, we have no choice but to
777 	 * let the timeout function run, as we have no idea where in fact
778 	 * that function could really be.  It might be on another processor,
779 	 * etc, etc.
780 	 */
781 	if (!scsi_delete_timer(cmd))
782 		return;
783 	__scsi_done(cmd);
784 }
785 
786 /* Private entry to scsi_done() to complete a command when the timer
787  * isn't running --- used by scsi_times_out */
788 void __scsi_done(struct scsi_cmnd *cmd)
789 {
790 	struct request *rq = cmd->request;
791 
792 	/*
793 	 * Set the serial numbers back to zero
794 	 */
795 	cmd->serial_number = 0;
796 
797 	atomic_inc(&cmd->device->iodone_cnt);
798 	if (cmd->result)
799 		atomic_inc(&cmd->device->ioerr_cnt);
800 
801 	BUG_ON(!rq);
802 
803 	/*
804 	 * The uptodate/nbytes values don't matter, as we allow partial
805 	 * completes and thus will check this in the softirq callback
806 	 */
807 	rq->completion_data = cmd;
808 	blk_complete_request(rq);
809 }
810 
811 /* Move this to a header if it becomes more generally useful */
812 static struct scsi_driver *scsi_cmd_to_driver(struct scsi_cmnd *cmd)
813 {
814 	return *(struct scsi_driver **)cmd->request->rq_disk->private_data;
815 }
816 
817 /**
818  * scsi_finish_command - cleanup and pass command back to upper layer
819  * @cmd: the command
820  *
821  * Description: Pass command off to upper layer for finishing of I/O
822  *              request, waking processes that are waiting on results,
823  *              etc.
824  */
825 void scsi_finish_command(struct scsi_cmnd *cmd)
826 {
827 	struct scsi_device *sdev = cmd->device;
828 	struct Scsi_Host *shost = sdev->host;
829 	struct scsi_driver *drv;
830 	unsigned int good_bytes;
831 
832 	scsi_device_unbusy(sdev);
833 
834         /*
835          * Clear the flags which say that the device/host is no longer
836          * capable of accepting new commands.  These are set in scsi_queue.c
837          * for both the queue full condition on a device, and for a
838          * host full condition on the host.
839 	 *
840 	 * XXX(hch): What about locking?
841          */
842         shost->host_blocked = 0;
843         sdev->device_blocked = 0;
844 
845 	/*
846 	 * If we have valid sense information, then some kind of recovery
847 	 * must have taken place.  Make a note of this.
848 	 */
849 	if (SCSI_SENSE_VALID(cmd))
850 		cmd->result |= (DRIVER_SENSE << 24);
851 
852 	SCSI_LOG_MLCOMPLETE(4, sdev_printk(KERN_INFO, sdev,
853 				"Notifying upper driver of completion "
854 				"(result %x)\n", cmd->result));
855 
856 	good_bytes = scsi_bufflen(cmd);
857         if (cmd->request->cmd_type != REQ_TYPE_BLOCK_PC) {
858 		drv = scsi_cmd_to_driver(cmd);
859 		if (drv->done)
860 			good_bytes = drv->done(cmd);
861 	}
862 	scsi_io_completion(cmd, good_bytes);
863 }
864 EXPORT_SYMBOL(scsi_finish_command);
865 
866 /**
867  * scsi_adjust_queue_depth - Let low level drivers change a device's queue depth
868  * @sdev: SCSI Device in question
869  * @tagged: Do we use tagged queueing (non-0) or do we treat
870  *          this device as an untagged device (0)
871  * @tags: Number of tags allowed if tagged queueing enabled,
872  *        or number of commands the low level driver can
873  *        queue up in non-tagged mode (as per cmd_per_lun).
874  *
875  * Returns:	Nothing
876  *
877  * Lock Status:	None held on entry
878  *
879  * Notes:	Low level drivers may call this at any time and we will do
880  * 		the right thing depending on whether or not the device is
881  * 		currently active and whether or not it even has the
882  * 		command blocks built yet.
883  */
884 void scsi_adjust_queue_depth(struct scsi_device *sdev, int tagged, int tags)
885 {
886 	unsigned long flags;
887 
888 	/*
889 	 * refuse to set tagged depth to an unworkable size
890 	 */
891 	if (tags <= 0)
892 		return;
893 
894 	spin_lock_irqsave(sdev->request_queue->queue_lock, flags);
895 
896 	/* Check to see if the queue is managed by the block layer.
897 	 * If it is, and we fail to adjust the depth, exit. */
898 	if (blk_queue_tagged(sdev->request_queue) &&
899 	    blk_queue_resize_tags(sdev->request_queue, tags) != 0)
900 		goto out;
901 
902 	sdev->queue_depth = tags;
903 	switch (tagged) {
904 		case MSG_ORDERED_TAG:
905 			sdev->ordered_tags = 1;
906 			sdev->simple_tags = 1;
907 			break;
908 		case MSG_SIMPLE_TAG:
909 			sdev->ordered_tags = 0;
910 			sdev->simple_tags = 1;
911 			break;
912 		default:
913 			sdev_printk(KERN_WARNING, sdev,
914 				    "scsi_adjust_queue_depth, bad queue type, "
915 				    "disabled\n");
916 		case 0:
917 			sdev->ordered_tags = sdev->simple_tags = 0;
918 			sdev->queue_depth = tags;
919 			break;
920 	}
921  out:
922 	spin_unlock_irqrestore(sdev->request_queue->queue_lock, flags);
923 }
924 EXPORT_SYMBOL(scsi_adjust_queue_depth);
925 
926 /**
927  * scsi_track_queue_full - track QUEUE_FULL events to adjust queue depth
928  * @sdev: SCSI Device in question
929  * @depth: Current number of outstanding SCSI commands on this device,
930  *         not counting the one returned as QUEUE_FULL.
931  *
932  * Description:	This function will track successive QUEUE_FULL events on a
933  * 		specific SCSI device to determine if and when there is a
934  * 		need to adjust the queue depth on the device.
935  *
936  * Returns:	0 - No change needed, >0 - Adjust queue depth to this new depth,
937  * 		-1 - Drop back to untagged operation using host->cmd_per_lun
938  * 			as the untagged command depth
939  *
940  * Lock Status:	None held on entry
941  *
942  * Notes:	Low level drivers may call this at any time and we will do
943  * 		"The Right Thing."  We are interrupt context safe.
944  */
945 int scsi_track_queue_full(struct scsi_device *sdev, int depth)
946 {
947 	if ((jiffies >> 4) == sdev->last_queue_full_time)
948 		return 0;
949 
950 	sdev->last_queue_full_time = (jiffies >> 4);
951 	if (sdev->last_queue_full_depth != depth) {
952 		sdev->last_queue_full_count = 1;
953 		sdev->last_queue_full_depth = depth;
954 	} else {
955 		sdev->last_queue_full_count++;
956 	}
957 
958 	if (sdev->last_queue_full_count <= 10)
959 		return 0;
960 	if (sdev->last_queue_full_depth < 8) {
961 		/* Drop back to untagged */
962 		scsi_adjust_queue_depth(sdev, 0, sdev->host->cmd_per_lun);
963 		return -1;
964 	}
965 
966 	if (sdev->ordered_tags)
967 		scsi_adjust_queue_depth(sdev, MSG_ORDERED_TAG, depth);
968 	else
969 		scsi_adjust_queue_depth(sdev, MSG_SIMPLE_TAG, depth);
970 	return depth;
971 }
972 EXPORT_SYMBOL(scsi_track_queue_full);
973 
974 /**
975  * scsi_device_get  -  get an additional reference to a scsi_device
976  * @sdev:	device to get a reference to
977  *
978  * Description: Gets a reference to the scsi_device and increments the use count
979  * of the underlying LLDD module.  You must hold host_lock of the
980  * parent Scsi_Host or already have a reference when calling this.
981  */
982 int scsi_device_get(struct scsi_device *sdev)
983 {
984 	if (sdev->sdev_state == SDEV_DEL)
985 		return -ENXIO;
986 	if (!get_device(&sdev->sdev_gendev))
987 		return -ENXIO;
988 	/* We can fail this if we're doing SCSI operations
989 	 * from module exit (like cache flush) */
990 	try_module_get(sdev->host->hostt->module);
991 
992 	return 0;
993 }
994 EXPORT_SYMBOL(scsi_device_get);
995 
996 /**
997  * scsi_device_put  -  release a reference to a scsi_device
998  * @sdev:	device to release a reference on.
999  *
1000  * Description: Release a reference to the scsi_device and decrements the use
1001  * count of the underlying LLDD module.  The device is freed once the last
1002  * user vanishes.
1003  */
1004 void scsi_device_put(struct scsi_device *sdev)
1005 {
1006 #ifdef CONFIG_MODULE_UNLOAD
1007 	struct module *module = sdev->host->hostt->module;
1008 
1009 	/* The module refcount will be zero if scsi_device_get()
1010 	 * was called from a module removal routine */
1011 	if (module && module_refcount(module) != 0)
1012 		module_put(module);
1013 #endif
1014 	put_device(&sdev->sdev_gendev);
1015 }
1016 EXPORT_SYMBOL(scsi_device_put);
1017 
1018 /* helper for shost_for_each_device, see that for documentation */
1019 struct scsi_device *__scsi_iterate_devices(struct Scsi_Host *shost,
1020 					   struct scsi_device *prev)
1021 {
1022 	struct list_head *list = (prev ? &prev->siblings : &shost->__devices);
1023 	struct scsi_device *next = NULL;
1024 	unsigned long flags;
1025 
1026 	spin_lock_irqsave(shost->host_lock, flags);
1027 	while (list->next != &shost->__devices) {
1028 		next = list_entry(list->next, struct scsi_device, siblings);
1029 		/* skip devices that we can't get a reference to */
1030 		if (!scsi_device_get(next))
1031 			break;
1032 		next = NULL;
1033 		list = list->next;
1034 	}
1035 	spin_unlock_irqrestore(shost->host_lock, flags);
1036 
1037 	if (prev)
1038 		scsi_device_put(prev);
1039 	return next;
1040 }
1041 EXPORT_SYMBOL(__scsi_iterate_devices);
1042 
1043 /**
1044  * starget_for_each_device  -  helper to walk all devices of a target
1045  * @starget:	target whose devices we want to iterate over.
1046  * @data:	Opaque passed to each function call.
1047  * @fn:		Function to call on each device
1048  *
1049  * This traverses over each device of @starget.  The devices have
1050  * a reference that must be released by scsi_host_put when breaking
1051  * out of the loop.
1052  */
1053 void starget_for_each_device(struct scsi_target *starget, void *data,
1054 		     void (*fn)(struct scsi_device *, void *))
1055 {
1056 	struct Scsi_Host *shost = dev_to_shost(starget->dev.parent);
1057 	struct scsi_device *sdev;
1058 
1059 	shost_for_each_device(sdev, shost) {
1060 		if ((sdev->channel == starget->channel) &&
1061 		    (sdev->id == starget->id))
1062 			fn(sdev, data);
1063 	}
1064 }
1065 EXPORT_SYMBOL(starget_for_each_device);
1066 
1067 /**
1068  * __starget_for_each_device - helper to walk all devices of a target (UNLOCKED)
1069  * @starget:	target whose devices we want to iterate over.
1070  * @data:	parameter for callback @fn()
1071  * @fn:		callback function that is invoked for each device
1072  *
1073  * This traverses over each device of @starget.  It does _not_
1074  * take a reference on the scsi_device, so the whole loop must be
1075  * protected by shost->host_lock.
1076  *
1077  * Note:  The only reason why drivers would want to use this is because
1078  * they need to access the device list in irq context.  Otherwise you
1079  * really want to use starget_for_each_device instead.
1080  **/
1081 void __starget_for_each_device(struct scsi_target *starget, void *data,
1082 			       void (*fn)(struct scsi_device *, void *))
1083 {
1084 	struct Scsi_Host *shost = dev_to_shost(starget->dev.parent);
1085 	struct scsi_device *sdev;
1086 
1087 	__shost_for_each_device(sdev, shost) {
1088 		if ((sdev->channel == starget->channel) &&
1089 		    (sdev->id == starget->id))
1090 			fn(sdev, data);
1091 	}
1092 }
1093 EXPORT_SYMBOL(__starget_for_each_device);
1094 
1095 /**
1096  * __scsi_device_lookup_by_target - find a device given the target (UNLOCKED)
1097  * @starget:	SCSI target pointer
1098  * @lun:	SCSI Logical Unit Number
1099  *
1100  * Description: Looks up the scsi_device with the specified @lun for a given
1101  * @starget.  The returned scsi_device does not have an additional
1102  * reference.  You must hold the host's host_lock over this call and
1103  * any access to the returned scsi_device.
1104  *
1105  * Note:  The only reason why drivers should use this is because
1106  * they need to access the device list in irq context.  Otherwise you
1107  * really want to use scsi_device_lookup_by_target instead.
1108  **/
1109 struct scsi_device *__scsi_device_lookup_by_target(struct scsi_target *starget,
1110 						   uint lun)
1111 {
1112 	struct scsi_device *sdev;
1113 
1114 	list_for_each_entry(sdev, &starget->devices, same_target_siblings) {
1115 		if (sdev->lun ==lun)
1116 			return sdev;
1117 	}
1118 
1119 	return NULL;
1120 }
1121 EXPORT_SYMBOL(__scsi_device_lookup_by_target);
1122 
1123 /**
1124  * scsi_device_lookup_by_target - find a device given the target
1125  * @starget:	SCSI target pointer
1126  * @lun:	SCSI Logical Unit Number
1127  *
1128  * Description: Looks up the scsi_device with the specified @channel, @id, @lun
1129  * for a given host.  The returned scsi_device has an additional reference that
1130  * needs to be released with scsi_device_put once you're done with it.
1131  **/
1132 struct scsi_device *scsi_device_lookup_by_target(struct scsi_target *starget,
1133 						 uint lun)
1134 {
1135 	struct scsi_device *sdev;
1136 	struct Scsi_Host *shost = dev_to_shost(starget->dev.parent);
1137 	unsigned long flags;
1138 
1139 	spin_lock_irqsave(shost->host_lock, flags);
1140 	sdev = __scsi_device_lookup_by_target(starget, lun);
1141 	if (sdev && scsi_device_get(sdev))
1142 		sdev = NULL;
1143 	spin_unlock_irqrestore(shost->host_lock, flags);
1144 
1145 	return sdev;
1146 }
1147 EXPORT_SYMBOL(scsi_device_lookup_by_target);
1148 
1149 /**
1150  * __scsi_device_lookup - find a device given the host (UNLOCKED)
1151  * @shost:	SCSI host pointer
1152  * @channel:	SCSI channel (zero if only one channel)
1153  * @id:		SCSI target number (physical unit number)
1154  * @lun:	SCSI Logical Unit Number
1155  *
1156  * Description: Looks up the scsi_device with the specified @channel, @id, @lun
1157  * for a given host. The returned scsi_device does not have an additional
1158  * reference.  You must hold the host's host_lock over this call and any access
1159  * to the returned scsi_device.
1160  *
1161  * Note:  The only reason why drivers would want to use this is because
1162  * they need to access the device list in irq context.  Otherwise you
1163  * really want to use scsi_device_lookup instead.
1164  **/
1165 struct scsi_device *__scsi_device_lookup(struct Scsi_Host *shost,
1166 		uint channel, uint id, uint lun)
1167 {
1168 	struct scsi_device *sdev;
1169 
1170 	list_for_each_entry(sdev, &shost->__devices, siblings) {
1171 		if (sdev->channel == channel && sdev->id == id &&
1172 				sdev->lun ==lun)
1173 			return sdev;
1174 	}
1175 
1176 	return NULL;
1177 }
1178 EXPORT_SYMBOL(__scsi_device_lookup);
1179 
1180 /**
1181  * scsi_device_lookup - find a device given the host
1182  * @shost:	SCSI host pointer
1183  * @channel:	SCSI channel (zero if only one channel)
1184  * @id:		SCSI target number (physical unit number)
1185  * @lun:	SCSI Logical Unit Number
1186  *
1187  * Description: Looks up the scsi_device with the specified @channel, @id, @lun
1188  * for a given host.  The returned scsi_device has an additional reference that
1189  * needs to be released with scsi_device_put once you're done with it.
1190  **/
1191 struct scsi_device *scsi_device_lookup(struct Scsi_Host *shost,
1192 		uint channel, uint id, uint lun)
1193 {
1194 	struct scsi_device *sdev;
1195 	unsigned long flags;
1196 
1197 	spin_lock_irqsave(shost->host_lock, flags);
1198 	sdev = __scsi_device_lookup(shost, channel, id, lun);
1199 	if (sdev && scsi_device_get(sdev))
1200 		sdev = NULL;
1201 	spin_unlock_irqrestore(shost->host_lock, flags);
1202 
1203 	return sdev;
1204 }
1205 EXPORT_SYMBOL(scsi_device_lookup);
1206 
1207 MODULE_DESCRIPTION("SCSI core");
1208 MODULE_LICENSE("GPL");
1209 
1210 module_param(scsi_logging_level, int, S_IRUGO|S_IWUSR);
1211 MODULE_PARM_DESC(scsi_logging_level, "a bit mask of logging levels");
1212 
1213 static int __init init_scsi(void)
1214 {
1215 	int error;
1216 
1217 	error = scsi_init_queue();
1218 	if (error)
1219 		return error;
1220 	error = scsi_init_procfs();
1221 	if (error)
1222 		goto cleanup_queue;
1223 	error = scsi_init_devinfo();
1224 	if (error)
1225 		goto cleanup_procfs;
1226 	error = scsi_init_hosts();
1227 	if (error)
1228 		goto cleanup_devlist;
1229 	error = scsi_init_sysctl();
1230 	if (error)
1231 		goto cleanup_hosts;
1232 	error = scsi_sysfs_register();
1233 	if (error)
1234 		goto cleanup_sysctl;
1235 
1236 	scsi_netlink_init();
1237 
1238 	printk(KERN_NOTICE "SCSI subsystem initialized\n");
1239 	return 0;
1240 
1241 cleanup_sysctl:
1242 	scsi_exit_sysctl();
1243 cleanup_hosts:
1244 	scsi_exit_hosts();
1245 cleanup_devlist:
1246 	scsi_exit_devinfo();
1247 cleanup_procfs:
1248 	scsi_exit_procfs();
1249 cleanup_queue:
1250 	scsi_exit_queue();
1251 	printk(KERN_ERR "SCSI subsystem failed to initialize, error = %d\n",
1252 	       -error);
1253 	return error;
1254 }
1255 
1256 static void __exit exit_scsi(void)
1257 {
1258 	scsi_netlink_exit();
1259 	scsi_sysfs_unregister();
1260 	scsi_exit_sysctl();
1261 	scsi_exit_hosts();
1262 	scsi_exit_devinfo();
1263 	scsi_exit_procfs();
1264 	scsi_exit_queue();
1265 }
1266 
1267 subsys_initcall(init_scsi);
1268 module_exit(exit_scsi);
1269