1/* 2 * USB Attached SCSI 3 * Note that this is not the same as the USB Mass Storage driver 4 * 5 * Copyright Hans de Goede <hdegoede@redhat.com> for Red Hat, Inc. 2013 - 2016 6 * Copyright Matthew Wilcox for Intel Corp, 2010 7 * Copyright Sarah Sharp for Intel Corp, 2010 8 * 9 * Distributed under the terms of the GNU GPL, version two. 10 */ 11 12#include <linux/blkdev.h> 13#include <linux/slab.h> 14#include <linux/types.h> 15#include <linux/module.h> 16#include <linux/usb.h> 17#include <linux/usb_usual.h> 18#include <linux/usb/hcd.h> 19#include <linux/usb/storage.h> 20#include <linux/usb/uas.h> 21 22#include <scsi/scsi.h> 23#include <scsi/scsi_eh.h> 24#include <scsi/scsi_dbg.h> 25#include <scsi/scsi_cmnd.h> 26#include <scsi/scsi_device.h> 27#include <scsi/scsi_host.h> 28#include <scsi/scsi_tcq.h> 29 30#include "uas-detect.h" 31#include "scsiglue.h" 32 33#define MAX_CMNDS 256 34 35struct uas_dev_info { 36 struct usb_interface *intf; 37 struct usb_device *udev; 38 struct usb_anchor cmd_urbs; 39 struct usb_anchor sense_urbs; 40 struct usb_anchor data_urbs; 41 unsigned long flags; 42 int qdepth, resetting; 43 unsigned cmd_pipe, status_pipe, data_in_pipe, data_out_pipe; 44 unsigned use_streams:1; 45 unsigned shutdown:1; 46 struct scsi_cmnd *cmnd[MAX_CMNDS]; 47 spinlock_t lock; 48 struct work_struct work; 49}; 50 51enum { 52 SUBMIT_STATUS_URB = (1 << 1), 53 ALLOC_DATA_IN_URB = (1 << 2), 54 SUBMIT_DATA_IN_URB = (1 << 3), 55 ALLOC_DATA_OUT_URB = (1 << 4), 56 SUBMIT_DATA_OUT_URB = (1 << 5), 57 ALLOC_CMD_URB = (1 << 6), 58 SUBMIT_CMD_URB = (1 << 7), 59 COMMAND_INFLIGHT = (1 << 8), 60 DATA_IN_URB_INFLIGHT = (1 << 9), 61 DATA_OUT_URB_INFLIGHT = (1 << 10), 62 COMMAND_ABORTED = (1 << 11), 63 IS_IN_WORK_LIST = (1 << 12), 64}; 65 66/* Overrides scsi_pointer */ 67struct uas_cmd_info { 68 unsigned int state; 69 unsigned int uas_tag; 70 struct urb *cmd_urb; 71 struct urb *data_in_urb; 72 struct urb *data_out_urb; 73}; 74 75/* I hate forward declarations, but I actually have a loop */ 76static int uas_submit_urbs(struct scsi_cmnd *cmnd, 77 struct uas_dev_info *devinfo, gfp_t gfp); 78static void uas_do_work(struct work_struct *work); 79static int uas_try_complete(struct scsi_cmnd *cmnd, const char *caller); 80static void uas_free_streams(struct uas_dev_info *devinfo); 81static void uas_log_cmd_state(struct scsi_cmnd *cmnd, const char *prefix, 82 int status); 83 84static void uas_do_work(struct work_struct *work) 85{ 86 struct uas_dev_info *devinfo = 87 container_of(work, struct uas_dev_info, work); 88 struct uas_cmd_info *cmdinfo; 89 struct scsi_cmnd *cmnd; 90 unsigned long flags; 91 int i, err; 92 93 spin_lock_irqsave(&devinfo->lock, flags); 94 95 if (devinfo->resetting) 96 goto out; 97 98 for (i = 0; i < devinfo->qdepth; i++) { 99 if (!devinfo->cmnd[i]) 100 continue; 101 102 cmnd = devinfo->cmnd[i]; 103 cmdinfo = (void *)&cmnd->SCp; 104 105 if (!(cmdinfo->state & IS_IN_WORK_LIST)) 106 continue; 107 108 err = uas_submit_urbs(cmnd, cmnd->device->hostdata, GFP_ATOMIC); 109 if (!err) 110 cmdinfo->state &= ~IS_IN_WORK_LIST; 111 else 112 schedule_work(&devinfo->work); 113 } 114out: 115 spin_unlock_irqrestore(&devinfo->lock, flags); 116} 117 118static void uas_add_work(struct uas_cmd_info *cmdinfo) 119{ 120 struct scsi_pointer *scp = (void *)cmdinfo; 121 struct scsi_cmnd *cmnd = container_of(scp, struct scsi_cmnd, SCp); 122 struct uas_dev_info *devinfo = cmnd->device->hostdata; 123 124 lockdep_assert_held(&devinfo->lock); 125 cmdinfo->state |= IS_IN_WORK_LIST; 126 schedule_work(&devinfo->work); 127} 128 129static void uas_zap_pending(struct uas_dev_info *devinfo, int result) 130{ 131 struct uas_cmd_info *cmdinfo; 132 struct scsi_cmnd *cmnd; 133 unsigned long flags; 134 int i, err; 135 136 spin_lock_irqsave(&devinfo->lock, flags); 137 for (i = 0; i < devinfo->qdepth; i++) { 138 if (!devinfo->cmnd[i]) 139 continue; 140 141 cmnd = devinfo->cmnd[i]; 142 cmdinfo = (void *)&cmnd->SCp; 143 uas_log_cmd_state(cmnd, __func__, 0); 144 /* Sense urbs were killed, clear COMMAND_INFLIGHT manually */ 145 cmdinfo->state &= ~COMMAND_INFLIGHT; 146 cmnd->result = result << 16; 147 err = uas_try_complete(cmnd, __func__); 148 WARN_ON(err != 0); 149 } 150 spin_unlock_irqrestore(&devinfo->lock, flags); 151} 152 153static void uas_sense(struct urb *urb, struct scsi_cmnd *cmnd) 154{ 155 struct sense_iu *sense_iu = urb->transfer_buffer; 156 struct scsi_device *sdev = cmnd->device; 157 158 if (urb->actual_length > 16) { 159 unsigned len = be16_to_cpup(&sense_iu->len); 160 if (len + 16 != urb->actual_length) { 161 int newlen = min(len + 16, urb->actual_length) - 16; 162 if (newlen < 0) 163 newlen = 0; 164 sdev_printk(KERN_INFO, sdev, "%s: urb length %d " 165 "disagrees with IU sense data length %d, " 166 "using %d bytes of sense data\n", __func__, 167 urb->actual_length, len, newlen); 168 len = newlen; 169 } 170 memcpy(cmnd->sense_buffer, sense_iu->sense, len); 171 } 172 173 cmnd->result = sense_iu->status; 174} 175 176static void uas_log_cmd_state(struct scsi_cmnd *cmnd, const char *prefix, 177 int status) 178{ 179 struct uas_cmd_info *ci = (void *)&cmnd->SCp; 180 struct uas_cmd_info *cmdinfo = (void *)&cmnd->SCp; 181 182 scmd_printk(KERN_INFO, cmnd, 183 "%s %d uas-tag %d inflight:%s%s%s%s%s%s%s%s%s%s%s%s ", 184 prefix, status, cmdinfo->uas_tag, 185 (ci->state & SUBMIT_STATUS_URB) ? " s-st" : "", 186 (ci->state & ALLOC_DATA_IN_URB) ? " a-in" : "", 187 (ci->state & SUBMIT_DATA_IN_URB) ? " s-in" : "", 188 (ci->state & ALLOC_DATA_OUT_URB) ? " a-out" : "", 189 (ci->state & SUBMIT_DATA_OUT_URB) ? " s-out" : "", 190 (ci->state & ALLOC_CMD_URB) ? " a-cmd" : "", 191 (ci->state & SUBMIT_CMD_URB) ? " s-cmd" : "", 192 (ci->state & COMMAND_INFLIGHT) ? " CMD" : "", 193 (ci->state & DATA_IN_URB_INFLIGHT) ? " IN" : "", 194 (ci->state & DATA_OUT_URB_INFLIGHT) ? " OUT" : "", 195 (ci->state & COMMAND_ABORTED) ? " abort" : "", 196 (ci->state & IS_IN_WORK_LIST) ? " work" : ""); 197 scsi_print_command(cmnd); 198} 199 200static void uas_free_unsubmitted_urbs(struct scsi_cmnd *cmnd) 201{ 202 struct uas_cmd_info *cmdinfo; 203 204 if (!cmnd) 205 return; 206 207 cmdinfo = (void *)&cmnd->SCp; 208 209 if (cmdinfo->state & SUBMIT_CMD_URB) 210 usb_free_urb(cmdinfo->cmd_urb); 211 212 /* data urbs may have never gotten their submit flag set */ 213 if (!(cmdinfo->state & DATA_IN_URB_INFLIGHT)) 214 usb_free_urb(cmdinfo->data_in_urb); 215 if (!(cmdinfo->state & DATA_OUT_URB_INFLIGHT)) 216 usb_free_urb(cmdinfo->data_out_urb); 217} 218 219static int uas_try_complete(struct scsi_cmnd *cmnd, const char *caller) 220{ 221 struct uas_cmd_info *cmdinfo = (void *)&cmnd->SCp; 222 struct uas_dev_info *devinfo = (void *)cmnd->device->hostdata; 223 224 lockdep_assert_held(&devinfo->lock); 225 if (cmdinfo->state & (COMMAND_INFLIGHT | 226 DATA_IN_URB_INFLIGHT | 227 DATA_OUT_URB_INFLIGHT | 228 COMMAND_ABORTED)) 229 return -EBUSY; 230 devinfo->cmnd[cmdinfo->uas_tag - 1] = NULL; 231 uas_free_unsubmitted_urbs(cmnd); 232 cmnd->scsi_done(cmnd); 233 return 0; 234} 235 236static void uas_xfer_data(struct urb *urb, struct scsi_cmnd *cmnd, 237 unsigned direction) 238{ 239 struct uas_cmd_info *cmdinfo = (void *)&cmnd->SCp; 240 int err; 241 242 cmdinfo->state |= direction | SUBMIT_STATUS_URB; 243 err = uas_submit_urbs(cmnd, cmnd->device->hostdata, GFP_ATOMIC); 244 if (err) { 245 uas_add_work(cmdinfo); 246 } 247} 248 249static void uas_stat_cmplt(struct urb *urb) 250{ 251 struct iu *iu = urb->transfer_buffer; 252 struct Scsi_Host *shost = urb->context; 253 struct uas_dev_info *devinfo = (struct uas_dev_info *)shost->hostdata; 254 struct urb *data_in_urb = NULL; 255 struct urb *data_out_urb = NULL; 256 struct scsi_cmnd *cmnd; 257 struct uas_cmd_info *cmdinfo; 258 unsigned long flags; 259 unsigned int idx; 260 int status = urb->status; 261 262 spin_lock_irqsave(&devinfo->lock, flags); 263 264 if (devinfo->resetting) 265 goto out; 266 267 if (status) { 268 if (status != -ENOENT && status != -ECONNRESET && status != -ESHUTDOWN) 269 dev_err(&urb->dev->dev, "stat urb: status %d\n", status); 270 goto out; 271 } 272 273 idx = be16_to_cpup(&iu->tag) - 1; 274 if (idx >= MAX_CMNDS || !devinfo->cmnd[idx]) { 275 dev_err(&urb->dev->dev, 276 "stat urb: no pending cmd for uas-tag %d\n", idx + 1); 277 goto out; 278 } 279 280 cmnd = devinfo->cmnd[idx]; 281 cmdinfo = (void *)&cmnd->SCp; 282 283 if (!(cmdinfo->state & COMMAND_INFLIGHT)) { 284 uas_log_cmd_state(cmnd, "unexpected status cmplt", 0); 285 goto out; 286 } 287 288 switch (iu->iu_id) { 289 case IU_ID_STATUS: 290 uas_sense(urb, cmnd); 291 if (cmnd->result != 0) { 292 /* cancel data transfers on error */ 293 data_in_urb = usb_get_urb(cmdinfo->data_in_urb); 294 data_out_urb = usb_get_urb(cmdinfo->data_out_urb); 295 } 296 cmdinfo->state &= ~COMMAND_INFLIGHT; 297 uas_try_complete(cmnd, __func__); 298 break; 299 case IU_ID_READ_READY: 300 if (!cmdinfo->data_in_urb || 301 (cmdinfo->state & DATA_IN_URB_INFLIGHT)) { 302 uas_log_cmd_state(cmnd, "unexpected read rdy", 0); 303 break; 304 } 305 uas_xfer_data(urb, cmnd, SUBMIT_DATA_IN_URB); 306 break; 307 case IU_ID_WRITE_READY: 308 if (!cmdinfo->data_out_urb || 309 (cmdinfo->state & DATA_OUT_URB_INFLIGHT)) { 310 uas_log_cmd_state(cmnd, "unexpected write rdy", 0); 311 break; 312 } 313 uas_xfer_data(urb, cmnd, SUBMIT_DATA_OUT_URB); 314 break; 315 case IU_ID_RESPONSE: 316 uas_log_cmd_state(cmnd, "unexpected response iu", 317 ((struct response_iu *)iu)->response_code); 318 /* Error, cancel data transfers */ 319 data_in_urb = usb_get_urb(cmdinfo->data_in_urb); 320 data_out_urb = usb_get_urb(cmdinfo->data_out_urb); 321 cmdinfo->state &= ~COMMAND_INFLIGHT; 322 cmnd->result = DID_ERROR << 16; 323 uas_try_complete(cmnd, __func__); 324 break; 325 default: 326 uas_log_cmd_state(cmnd, "bogus IU", iu->iu_id); 327 } 328out: 329 usb_free_urb(urb); 330 spin_unlock_irqrestore(&devinfo->lock, flags); 331 332 /* Unlinking of data urbs must be done without holding the lock */ 333 if (data_in_urb) { 334 usb_unlink_urb(data_in_urb); 335 usb_put_urb(data_in_urb); 336 } 337 if (data_out_urb) { 338 usb_unlink_urb(data_out_urb); 339 usb_put_urb(data_out_urb); 340 } 341} 342 343static void uas_data_cmplt(struct urb *urb) 344{ 345 struct scsi_cmnd *cmnd = urb->context; 346 struct uas_cmd_info *cmdinfo = (void *)&cmnd->SCp; 347 struct uas_dev_info *devinfo = (void *)cmnd->device->hostdata; 348 struct scsi_data_buffer *sdb = NULL; 349 unsigned long flags; 350 int status = urb->status; 351 352 spin_lock_irqsave(&devinfo->lock, flags); 353 354 if (cmdinfo->data_in_urb == urb) { 355 sdb = scsi_in(cmnd); 356 cmdinfo->state &= ~DATA_IN_URB_INFLIGHT; 357 cmdinfo->data_in_urb = NULL; 358 } else if (cmdinfo->data_out_urb == urb) { 359 sdb = scsi_out(cmnd); 360 cmdinfo->state &= ~DATA_OUT_URB_INFLIGHT; 361 cmdinfo->data_out_urb = NULL; 362 } 363 if (sdb == NULL) { 364 WARN_ON_ONCE(1); 365 goto out; 366 } 367 368 if (devinfo->resetting) 369 goto out; 370 371 /* Data urbs should not complete before the cmd urb is submitted */ 372 if (cmdinfo->state & SUBMIT_CMD_URB) { 373 uas_log_cmd_state(cmnd, "unexpected data cmplt", 0); 374 goto out; 375 } 376 377 if (status) { 378 if (status != -ENOENT && status != -ECONNRESET && status != -ESHUTDOWN) 379 uas_log_cmd_state(cmnd, "data cmplt err", status); 380 /* error: no data transfered */ 381 sdb->resid = sdb->length; 382 } else { 383 sdb->resid = sdb->length - urb->actual_length; 384 } 385 uas_try_complete(cmnd, __func__); 386out: 387 usb_free_urb(urb); 388 spin_unlock_irqrestore(&devinfo->lock, flags); 389} 390 391static void uas_cmd_cmplt(struct urb *urb) 392{ 393 if (urb->status) 394 dev_err(&urb->dev->dev, "cmd cmplt err %d\n", urb->status); 395 396 usb_free_urb(urb); 397} 398 399static struct urb *uas_alloc_data_urb(struct uas_dev_info *devinfo, gfp_t gfp, 400 struct scsi_cmnd *cmnd, 401 enum dma_data_direction dir) 402{ 403 struct usb_device *udev = devinfo->udev; 404 struct uas_cmd_info *cmdinfo = (void *)&cmnd->SCp; 405 struct urb *urb = usb_alloc_urb(0, gfp); 406 struct scsi_data_buffer *sdb = (dir == DMA_FROM_DEVICE) 407 ? scsi_in(cmnd) : scsi_out(cmnd); 408 unsigned int pipe = (dir == DMA_FROM_DEVICE) 409 ? devinfo->data_in_pipe : devinfo->data_out_pipe; 410 411 if (!urb) 412 goto out; 413 usb_fill_bulk_urb(urb, udev, pipe, NULL, sdb->length, 414 uas_data_cmplt, cmnd); 415 if (devinfo->use_streams) 416 urb->stream_id = cmdinfo->uas_tag; 417 urb->num_sgs = udev->bus->sg_tablesize ? sdb->table.nents : 0; 418 urb->sg = sdb->table.sgl; 419 out: 420 return urb; 421} 422 423static struct urb *uas_alloc_sense_urb(struct uas_dev_info *devinfo, gfp_t gfp, 424 struct scsi_cmnd *cmnd) 425{ 426 struct usb_device *udev = devinfo->udev; 427 struct uas_cmd_info *cmdinfo = (void *)&cmnd->SCp; 428 struct urb *urb = usb_alloc_urb(0, gfp); 429 struct sense_iu *iu; 430 431 if (!urb) 432 goto out; 433 434 iu = kzalloc(sizeof(*iu), gfp); 435 if (!iu) 436 goto free; 437 438 usb_fill_bulk_urb(urb, udev, devinfo->status_pipe, iu, sizeof(*iu), 439 uas_stat_cmplt, cmnd->device->host); 440 if (devinfo->use_streams) 441 urb->stream_id = cmdinfo->uas_tag; 442 urb->transfer_flags |= URB_FREE_BUFFER; 443 out: 444 return urb; 445 free: 446 usb_free_urb(urb); 447 return NULL; 448} 449 450static struct urb *uas_alloc_cmd_urb(struct uas_dev_info *devinfo, gfp_t gfp, 451 struct scsi_cmnd *cmnd) 452{ 453 struct usb_device *udev = devinfo->udev; 454 struct scsi_device *sdev = cmnd->device; 455 struct uas_cmd_info *cmdinfo = (void *)&cmnd->SCp; 456 struct urb *urb = usb_alloc_urb(0, gfp); 457 struct command_iu *iu; 458 int len; 459 460 if (!urb) 461 goto out; 462 463 len = cmnd->cmd_len - 16; 464 if (len < 0) 465 len = 0; 466 len = ALIGN(len, 4); 467 iu = kzalloc(sizeof(*iu) + len, gfp); 468 if (!iu) 469 goto free; 470 471 iu->iu_id = IU_ID_COMMAND; 472 iu->tag = cpu_to_be16(cmdinfo->uas_tag); 473 iu->prio_attr = UAS_SIMPLE_TAG; 474 iu->len = len; 475 int_to_scsilun(sdev->lun, &iu->lun); 476 memcpy(iu->cdb, cmnd->cmnd, cmnd->cmd_len); 477 478 usb_fill_bulk_urb(urb, udev, devinfo->cmd_pipe, iu, sizeof(*iu) + len, 479 uas_cmd_cmplt, NULL); 480 urb->transfer_flags |= URB_FREE_BUFFER; 481 out: 482 return urb; 483 free: 484 usb_free_urb(urb); 485 return NULL; 486} 487 488/* 489 * Why should I request the Status IU before sending the Command IU? Spec 490 * says to, but also says the device may receive them in any order. Seems 491 * daft to me. 492 */ 493 494static struct urb *uas_submit_sense_urb(struct scsi_cmnd *cmnd, gfp_t gfp) 495{ 496 struct uas_dev_info *devinfo = cmnd->device->hostdata; 497 struct urb *urb; 498 int err; 499 500 urb = uas_alloc_sense_urb(devinfo, gfp, cmnd); 501 if (!urb) 502 return NULL; 503 usb_anchor_urb(urb, &devinfo->sense_urbs); 504 err = usb_submit_urb(urb, gfp); 505 if (err) { 506 usb_unanchor_urb(urb); 507 uas_log_cmd_state(cmnd, "sense submit err", err); 508 usb_free_urb(urb); 509 return NULL; 510 } 511 return urb; 512} 513 514static int uas_submit_urbs(struct scsi_cmnd *cmnd, 515 struct uas_dev_info *devinfo, gfp_t gfp) 516{ 517 struct uas_cmd_info *cmdinfo = (void *)&cmnd->SCp; 518 struct urb *urb; 519 int err; 520 521 lockdep_assert_held(&devinfo->lock); 522 if (cmdinfo->state & SUBMIT_STATUS_URB) { 523 urb = uas_submit_sense_urb(cmnd, gfp); 524 if (!urb) 525 return SCSI_MLQUEUE_DEVICE_BUSY; 526 cmdinfo->state &= ~SUBMIT_STATUS_URB; 527 } 528 529 if (cmdinfo->state & ALLOC_DATA_IN_URB) { 530 cmdinfo->data_in_urb = uas_alloc_data_urb(devinfo, gfp, 531 cmnd, DMA_FROM_DEVICE); 532 if (!cmdinfo->data_in_urb) 533 return SCSI_MLQUEUE_DEVICE_BUSY; 534 cmdinfo->state &= ~ALLOC_DATA_IN_URB; 535 } 536 537 if (cmdinfo->state & SUBMIT_DATA_IN_URB) { 538 usb_anchor_urb(cmdinfo->data_in_urb, &devinfo->data_urbs); 539 err = usb_submit_urb(cmdinfo->data_in_urb, gfp); 540 if (err) { 541 usb_unanchor_urb(cmdinfo->data_in_urb); 542 uas_log_cmd_state(cmnd, "data in submit err", err); 543 return SCSI_MLQUEUE_DEVICE_BUSY; 544 } 545 cmdinfo->state &= ~SUBMIT_DATA_IN_URB; 546 cmdinfo->state |= DATA_IN_URB_INFLIGHT; 547 } 548 549 if (cmdinfo->state & ALLOC_DATA_OUT_URB) { 550 cmdinfo->data_out_urb = uas_alloc_data_urb(devinfo, gfp, 551 cmnd, DMA_TO_DEVICE); 552 if (!cmdinfo->data_out_urb) 553 return SCSI_MLQUEUE_DEVICE_BUSY; 554 cmdinfo->state &= ~ALLOC_DATA_OUT_URB; 555 } 556 557 if (cmdinfo->state & SUBMIT_DATA_OUT_URB) { 558 usb_anchor_urb(cmdinfo->data_out_urb, &devinfo->data_urbs); 559 err = usb_submit_urb(cmdinfo->data_out_urb, gfp); 560 if (err) { 561 usb_unanchor_urb(cmdinfo->data_out_urb); 562 uas_log_cmd_state(cmnd, "data out submit err", err); 563 return SCSI_MLQUEUE_DEVICE_BUSY; 564 } 565 cmdinfo->state &= ~SUBMIT_DATA_OUT_URB; 566 cmdinfo->state |= DATA_OUT_URB_INFLIGHT; 567 } 568 569 if (cmdinfo->state & ALLOC_CMD_URB) { 570 cmdinfo->cmd_urb = uas_alloc_cmd_urb(devinfo, gfp, cmnd); 571 if (!cmdinfo->cmd_urb) 572 return SCSI_MLQUEUE_DEVICE_BUSY; 573 cmdinfo->state &= ~ALLOC_CMD_URB; 574 } 575 576 if (cmdinfo->state & SUBMIT_CMD_URB) { 577 usb_anchor_urb(cmdinfo->cmd_urb, &devinfo->cmd_urbs); 578 err = usb_submit_urb(cmdinfo->cmd_urb, gfp); 579 if (err) { 580 usb_unanchor_urb(cmdinfo->cmd_urb); 581 uas_log_cmd_state(cmnd, "cmd submit err", err); 582 return SCSI_MLQUEUE_DEVICE_BUSY; 583 } 584 cmdinfo->cmd_urb = NULL; 585 cmdinfo->state &= ~SUBMIT_CMD_URB; 586 cmdinfo->state |= COMMAND_INFLIGHT; 587 } 588 589 return 0; 590} 591 592static int uas_queuecommand_lck(struct scsi_cmnd *cmnd, 593 void (*done)(struct scsi_cmnd *)) 594{ 595 struct scsi_device *sdev = cmnd->device; 596 struct uas_dev_info *devinfo = sdev->hostdata; 597 struct uas_cmd_info *cmdinfo = (void *)&cmnd->SCp; 598 unsigned long flags; 599 int idx, err; 600 601 BUILD_BUG_ON(sizeof(struct uas_cmd_info) > sizeof(struct scsi_pointer)); 602 603 /* Re-check scsi_block_requests now that we've the host-lock */ 604 if (cmnd->device->host->host_self_blocked) 605 return SCSI_MLQUEUE_DEVICE_BUSY; 606 607 if ((devinfo->flags & US_FL_NO_ATA_1X) && 608 (cmnd->cmnd[0] == ATA_12 || cmnd->cmnd[0] == ATA_16)) { 609 memcpy(cmnd->sense_buffer, usb_stor_sense_invalidCDB, 610 sizeof(usb_stor_sense_invalidCDB)); 611 cmnd->result = SAM_STAT_CHECK_CONDITION; 612 cmnd->scsi_done(cmnd); 613 return 0; 614 } 615 616 spin_lock_irqsave(&devinfo->lock, flags); 617 618 if (devinfo->resetting) { 619 cmnd->result = DID_ERROR << 16; 620 cmnd->scsi_done(cmnd); 621 spin_unlock_irqrestore(&devinfo->lock, flags); 622 return 0; 623 } 624 625 /* Find a free uas-tag */ 626 for (idx = 0; idx < devinfo->qdepth; idx++) { 627 if (!devinfo->cmnd[idx]) 628 break; 629 } 630 if (idx == devinfo->qdepth) { 631 spin_unlock_irqrestore(&devinfo->lock, flags); 632 return SCSI_MLQUEUE_DEVICE_BUSY; 633 } 634 635 cmnd->scsi_done = done; 636 637 memset(cmdinfo, 0, sizeof(*cmdinfo)); 638 cmdinfo->uas_tag = idx + 1; /* uas-tag == usb-stream-id, so 1 based */ 639 cmdinfo->state = SUBMIT_STATUS_URB | ALLOC_CMD_URB | SUBMIT_CMD_URB; 640 641 switch (cmnd->sc_data_direction) { 642 case DMA_FROM_DEVICE: 643 cmdinfo->state |= ALLOC_DATA_IN_URB | SUBMIT_DATA_IN_URB; 644 break; 645 case DMA_BIDIRECTIONAL: 646 cmdinfo->state |= ALLOC_DATA_IN_URB | SUBMIT_DATA_IN_URB; 647 case DMA_TO_DEVICE: 648 cmdinfo->state |= ALLOC_DATA_OUT_URB | SUBMIT_DATA_OUT_URB; 649 case DMA_NONE: 650 break; 651 } 652 653 if (!devinfo->use_streams) 654 cmdinfo->state &= ~(SUBMIT_DATA_IN_URB | SUBMIT_DATA_OUT_URB); 655 656 err = uas_submit_urbs(cmnd, devinfo, GFP_ATOMIC); 657 if (err) { 658 /* If we did nothing, give up now */ 659 if (cmdinfo->state & SUBMIT_STATUS_URB) { 660 spin_unlock_irqrestore(&devinfo->lock, flags); 661 return SCSI_MLQUEUE_DEVICE_BUSY; 662 } 663 uas_add_work(cmdinfo); 664 } 665 666 devinfo->cmnd[idx] = cmnd; 667 spin_unlock_irqrestore(&devinfo->lock, flags); 668 return 0; 669} 670 671static DEF_SCSI_QCMD(uas_queuecommand) 672 673/* 674 * For now we do not support actually sending an abort to the device, so 675 * this eh always fails. Still we must define it to make sure that we've 676 * dropped all references to the cmnd in question once this function exits. 677 */ 678static int uas_eh_abort_handler(struct scsi_cmnd *cmnd) 679{ 680 struct uas_cmd_info *cmdinfo = (void *)&cmnd->SCp; 681 struct uas_dev_info *devinfo = (void *)cmnd->device->hostdata; 682 struct urb *data_in_urb = NULL; 683 struct urb *data_out_urb = NULL; 684 unsigned long flags; 685 686 spin_lock_irqsave(&devinfo->lock, flags); 687 688 uas_log_cmd_state(cmnd, __func__, 0); 689 690 /* Ensure that try_complete does not call scsi_done */ 691 cmdinfo->state |= COMMAND_ABORTED; 692 693 /* Drop all refs to this cmnd, kill data urbs to break their ref */ 694 devinfo->cmnd[cmdinfo->uas_tag - 1] = NULL; 695 if (cmdinfo->state & DATA_IN_URB_INFLIGHT) 696 data_in_urb = usb_get_urb(cmdinfo->data_in_urb); 697 if (cmdinfo->state & DATA_OUT_URB_INFLIGHT) 698 data_out_urb = usb_get_urb(cmdinfo->data_out_urb); 699 700 uas_free_unsubmitted_urbs(cmnd); 701 702 spin_unlock_irqrestore(&devinfo->lock, flags); 703 704 if (data_in_urb) { 705 usb_kill_urb(data_in_urb); 706 usb_put_urb(data_in_urb); 707 } 708 if (data_out_urb) { 709 usb_kill_urb(data_out_urb); 710 usb_put_urb(data_out_urb); 711 } 712 713 return FAILED; 714} 715 716static int uas_eh_bus_reset_handler(struct scsi_cmnd *cmnd) 717{ 718 struct scsi_device *sdev = cmnd->device; 719 struct uas_dev_info *devinfo = sdev->hostdata; 720 struct usb_device *udev = devinfo->udev; 721 unsigned long flags; 722 int err; 723 724 err = usb_lock_device_for_reset(udev, devinfo->intf); 725 if (err) { 726 shost_printk(KERN_ERR, sdev->host, 727 "%s FAILED to get lock err %d\n", __func__, err); 728 return FAILED; 729 } 730 731 shost_printk(KERN_INFO, sdev->host, "%s start\n", __func__); 732 733 spin_lock_irqsave(&devinfo->lock, flags); 734 devinfo->resetting = 1; 735 spin_unlock_irqrestore(&devinfo->lock, flags); 736 737 usb_kill_anchored_urbs(&devinfo->cmd_urbs); 738 usb_kill_anchored_urbs(&devinfo->sense_urbs); 739 usb_kill_anchored_urbs(&devinfo->data_urbs); 740 uas_zap_pending(devinfo, DID_RESET); 741 742 err = usb_reset_device(udev); 743 744 spin_lock_irqsave(&devinfo->lock, flags); 745 devinfo->resetting = 0; 746 spin_unlock_irqrestore(&devinfo->lock, flags); 747 748 usb_unlock_device(udev); 749 750 if (err) { 751 shost_printk(KERN_INFO, sdev->host, "%s FAILED err %d\n", 752 __func__, err); 753 return FAILED; 754 } 755 756 shost_printk(KERN_INFO, sdev->host, "%s success\n", __func__); 757 return SUCCESS; 758} 759 760static int uas_target_alloc(struct scsi_target *starget) 761{ 762 struct uas_dev_info *devinfo = (struct uas_dev_info *) 763 dev_to_shost(starget->dev.parent)->hostdata; 764 765 if (devinfo->flags & US_FL_NO_REPORT_LUNS) 766 starget->no_report_luns = 1; 767 768 return 0; 769} 770 771static int uas_slave_alloc(struct scsi_device *sdev) 772{ 773 struct uas_dev_info *devinfo = 774 (struct uas_dev_info *)sdev->host->hostdata; 775 776 sdev->hostdata = devinfo; 777 778 /* USB has unusual DMA-alignment requirements: Although the 779 * starting address of each scatter-gather element doesn't matter, 780 * the length of each element except the last must be divisible 781 * by the Bulk maxpacket value. There's currently no way to 782 * express this by block-layer constraints, so we'll cop out 783 * and simply require addresses to be aligned at 512-byte 784 * boundaries. This is okay since most block I/O involves 785 * hardware sectors that are multiples of 512 bytes in length, 786 * and since host controllers up through USB 2.0 have maxpacket 787 * values no larger than 512. 788 * 789 * But it doesn't suffice for Wireless USB, where Bulk maxpacket 790 * values can be as large as 2048. To make that work properly 791 * will require changes to the block layer. 792 */ 793 blk_queue_update_dma_alignment(sdev->request_queue, (512 - 1)); 794 795 if (devinfo->flags & US_FL_MAX_SECTORS_64) 796 blk_queue_max_hw_sectors(sdev->request_queue, 64); 797 else if (devinfo->flags & US_FL_MAX_SECTORS_240) 798 blk_queue_max_hw_sectors(sdev->request_queue, 240); 799 800 return 0; 801} 802 803static int uas_slave_configure(struct scsi_device *sdev) 804{ 805 struct uas_dev_info *devinfo = sdev->hostdata; 806 807 if (devinfo->flags & US_FL_NO_REPORT_OPCODES) 808 sdev->no_report_opcodes = 1; 809 810 /* A few buggy USB-ATA bridges don't understand FUA */ 811 if (devinfo->flags & US_FL_BROKEN_FUA) 812 sdev->broken_fua = 1; 813 814 return 0; 815} 816 817static struct scsi_host_template uas_host_template = { 818 .module = THIS_MODULE, 819 .name = "uas", 820 .queuecommand = uas_queuecommand, 821 .target_alloc = uas_target_alloc, 822 .slave_alloc = uas_slave_alloc, 823 .slave_configure = uas_slave_configure, 824 .eh_abort_handler = uas_eh_abort_handler, 825 .eh_bus_reset_handler = uas_eh_bus_reset_handler, 826 .can_queue = MAX_CMNDS, 827 .this_id = -1, 828 .sg_tablesize = SG_NONE, 829 .skip_settle_delay = 1, 830}; 831 832#define UNUSUAL_DEV(id_vendor, id_product, bcdDeviceMin, bcdDeviceMax, \ 833 vendorName, productName, useProtocol, useTransport, \ 834 initFunction, flags) \ 835{ USB_DEVICE_VER(id_vendor, id_product, bcdDeviceMin, bcdDeviceMax), \ 836 .driver_info = (flags) } 837 838static struct usb_device_id uas_usb_ids[] = { 839# include "unusual_uas.h" 840 { USB_INTERFACE_INFO(USB_CLASS_MASS_STORAGE, USB_SC_SCSI, USB_PR_BULK) }, 841 { USB_INTERFACE_INFO(USB_CLASS_MASS_STORAGE, USB_SC_SCSI, USB_PR_UAS) }, 842 { } 843}; 844MODULE_DEVICE_TABLE(usb, uas_usb_ids); 845 846#undef UNUSUAL_DEV 847 848static int uas_switch_interface(struct usb_device *udev, 849 struct usb_interface *intf) 850{ 851 int alt; 852 853 alt = uas_find_uas_alt_setting(intf); 854 if (alt < 0) 855 return alt; 856 857 return usb_set_interface(udev, 858 intf->altsetting[0].desc.bInterfaceNumber, alt); 859} 860 861static int uas_configure_endpoints(struct uas_dev_info *devinfo) 862{ 863 struct usb_host_endpoint *eps[4] = { }; 864 struct usb_device *udev = devinfo->udev; 865 int r; 866 867 r = uas_find_endpoints(devinfo->intf->cur_altsetting, eps); 868 if (r) 869 return r; 870 871 devinfo->cmd_pipe = usb_sndbulkpipe(udev, 872 usb_endpoint_num(&eps[0]->desc)); 873 devinfo->status_pipe = usb_rcvbulkpipe(udev, 874 usb_endpoint_num(&eps[1]->desc)); 875 devinfo->data_in_pipe = usb_rcvbulkpipe(udev, 876 usb_endpoint_num(&eps[2]->desc)); 877 devinfo->data_out_pipe = usb_sndbulkpipe(udev, 878 usb_endpoint_num(&eps[3]->desc)); 879 880 if (udev->speed < USB_SPEED_SUPER) { 881 devinfo->qdepth = 32; 882 devinfo->use_streams = 0; 883 } else { 884 devinfo->qdepth = usb_alloc_streams(devinfo->intf, eps + 1, 885 3, MAX_CMNDS, GFP_NOIO); 886 if (devinfo->qdepth < 0) 887 return devinfo->qdepth; 888 devinfo->use_streams = 1; 889 } 890 891 return 0; 892} 893 894static void uas_free_streams(struct uas_dev_info *devinfo) 895{ 896 struct usb_device *udev = devinfo->udev; 897 struct usb_host_endpoint *eps[3]; 898 899 eps[0] = usb_pipe_endpoint(udev, devinfo->status_pipe); 900 eps[1] = usb_pipe_endpoint(udev, devinfo->data_in_pipe); 901 eps[2] = usb_pipe_endpoint(udev, devinfo->data_out_pipe); 902 usb_free_streams(devinfo->intf, eps, 3, GFP_NOIO); 903} 904 905static int uas_probe(struct usb_interface *intf, const struct usb_device_id *id) 906{ 907 int result = -ENOMEM; 908 struct Scsi_Host *shost = NULL; 909 struct uas_dev_info *devinfo; 910 struct usb_device *udev = interface_to_usbdev(intf); 911 unsigned long dev_flags; 912 913 if (!uas_use_uas_driver(intf, id, &dev_flags)) 914 return -ENODEV; 915 916 if (uas_switch_interface(udev, intf)) 917 return -ENODEV; 918 919 shost = scsi_host_alloc(&uas_host_template, 920 sizeof(struct uas_dev_info)); 921 if (!shost) 922 goto set_alt0; 923 924 shost->max_cmd_len = 16 + 252; 925 shost->max_id = 1; 926 shost->max_lun = 256; 927 shost->max_channel = 0; 928 shost->sg_tablesize = udev->bus->sg_tablesize; 929 930 devinfo = (struct uas_dev_info *)shost->hostdata; 931 devinfo->intf = intf; 932 devinfo->udev = udev; 933 devinfo->resetting = 0; 934 devinfo->shutdown = 0; 935 devinfo->flags = dev_flags; 936 init_usb_anchor(&devinfo->cmd_urbs); 937 init_usb_anchor(&devinfo->sense_urbs); 938 init_usb_anchor(&devinfo->data_urbs); 939 spin_lock_init(&devinfo->lock); 940 INIT_WORK(&devinfo->work, uas_do_work); 941 942 result = uas_configure_endpoints(devinfo); 943 if (result) 944 goto set_alt0; 945 946 /* 947 * 1 tag is reserved for untagged commands + 948 * 1 tag to avoid off by one errors in some bridge firmwares 949 */ 950 shost->can_queue = devinfo->qdepth - 2; 951 952 usb_set_intfdata(intf, shost); 953 result = scsi_add_host(shost, &intf->dev); 954 if (result) 955 goto free_streams; 956 957 scsi_scan_host(shost); 958 return result; 959 960free_streams: 961 uas_free_streams(devinfo); 962 usb_set_intfdata(intf, NULL); 963set_alt0: 964 usb_set_interface(udev, intf->altsetting[0].desc.bInterfaceNumber, 0); 965 if (shost) 966 scsi_host_put(shost); 967 return result; 968} 969 970static int uas_cmnd_list_empty(struct uas_dev_info *devinfo) 971{ 972 unsigned long flags; 973 int i, r = 1; 974 975 spin_lock_irqsave(&devinfo->lock, flags); 976 977 for (i = 0; i < devinfo->qdepth; i++) { 978 if (devinfo->cmnd[i]) { 979 r = 0; /* Not empty */ 980 break; 981 } 982 } 983 984 spin_unlock_irqrestore(&devinfo->lock, flags); 985 986 return r; 987} 988 989/* 990 * Wait for any pending cmnds to complete, on usb-2 sense_urbs may temporarily 991 * get empty while there still is more work to do due to sense-urbs completing 992 * with a READ/WRITE_READY iu code, so keep waiting until the list gets empty. 993 */ 994static int uas_wait_for_pending_cmnds(struct uas_dev_info *devinfo) 995{ 996 unsigned long start_time; 997 int r; 998 999 start_time = jiffies; 1000 do { 1001 flush_work(&devinfo->work); 1002 1003 r = usb_wait_anchor_empty_timeout(&devinfo->sense_urbs, 5000); 1004 if (r == 0) 1005 return -ETIME; 1006 1007 r = usb_wait_anchor_empty_timeout(&devinfo->data_urbs, 500); 1008 if (r == 0) 1009 return -ETIME; 1010 1011 if (time_after(jiffies, start_time + 5 * HZ)) 1012 return -ETIME; 1013 } while (!uas_cmnd_list_empty(devinfo)); 1014 1015 return 0; 1016} 1017 1018static int uas_pre_reset(struct usb_interface *intf) 1019{ 1020 struct Scsi_Host *shost = usb_get_intfdata(intf); 1021 struct uas_dev_info *devinfo = (struct uas_dev_info *)shost->hostdata; 1022 unsigned long flags; 1023 1024 if (devinfo->shutdown) 1025 return 0; 1026 1027 /* Block new requests */ 1028 spin_lock_irqsave(shost->host_lock, flags); 1029 scsi_block_requests(shost); 1030 spin_unlock_irqrestore(shost->host_lock, flags); 1031 1032 if (uas_wait_for_pending_cmnds(devinfo) != 0) { 1033 shost_printk(KERN_ERR, shost, "%s: timed out\n", __func__); 1034 scsi_unblock_requests(shost); 1035 return 1; 1036 } 1037 1038 uas_free_streams(devinfo); 1039 1040 return 0; 1041} 1042 1043static int uas_post_reset(struct usb_interface *intf) 1044{ 1045 struct Scsi_Host *shost = usb_get_intfdata(intf); 1046 struct uas_dev_info *devinfo = (struct uas_dev_info *)shost->hostdata; 1047 unsigned long flags; 1048 int err; 1049 1050 if (devinfo->shutdown) 1051 return 0; 1052 1053 err = uas_configure_endpoints(devinfo); 1054 if (err) { 1055 shost_printk(KERN_ERR, shost, 1056 "%s: alloc streams error %d after reset", 1057 __func__, err); 1058 return 1; 1059 } 1060 1061 spin_lock_irqsave(shost->host_lock, flags); 1062 scsi_report_bus_reset(shost, 0); 1063 spin_unlock_irqrestore(shost->host_lock, flags); 1064 1065 scsi_unblock_requests(shost); 1066 1067 return 0; 1068} 1069 1070static int uas_suspend(struct usb_interface *intf, pm_message_t message) 1071{ 1072 struct Scsi_Host *shost = usb_get_intfdata(intf); 1073 struct uas_dev_info *devinfo = (struct uas_dev_info *)shost->hostdata; 1074 1075 if (uas_wait_for_pending_cmnds(devinfo) != 0) { 1076 shost_printk(KERN_ERR, shost, "%s: timed out\n", __func__); 1077 return -ETIME; 1078 } 1079 1080 return 0; 1081} 1082 1083static int uas_resume(struct usb_interface *intf) 1084{ 1085 return 0; 1086} 1087 1088static int uas_reset_resume(struct usb_interface *intf) 1089{ 1090 struct Scsi_Host *shost = usb_get_intfdata(intf); 1091 struct uas_dev_info *devinfo = (struct uas_dev_info *)shost->hostdata; 1092 unsigned long flags; 1093 int err; 1094 1095 err = uas_configure_endpoints(devinfo); 1096 if (err) { 1097 shost_printk(KERN_ERR, shost, 1098 "%s: alloc streams error %d after reset", 1099 __func__, err); 1100 return -EIO; 1101 } 1102 1103 spin_lock_irqsave(shost->host_lock, flags); 1104 scsi_report_bus_reset(shost, 0); 1105 spin_unlock_irqrestore(shost->host_lock, flags); 1106 1107 return 0; 1108} 1109 1110static void uas_disconnect(struct usb_interface *intf) 1111{ 1112 struct Scsi_Host *shost = usb_get_intfdata(intf); 1113 struct uas_dev_info *devinfo = (struct uas_dev_info *)shost->hostdata; 1114 unsigned long flags; 1115 1116 spin_lock_irqsave(&devinfo->lock, flags); 1117 devinfo->resetting = 1; 1118 spin_unlock_irqrestore(&devinfo->lock, flags); 1119 1120 cancel_work_sync(&devinfo->work); 1121 usb_kill_anchored_urbs(&devinfo->cmd_urbs); 1122 usb_kill_anchored_urbs(&devinfo->sense_urbs); 1123 usb_kill_anchored_urbs(&devinfo->data_urbs); 1124 uas_zap_pending(devinfo, DID_NO_CONNECT); 1125 1126 scsi_remove_host(shost); 1127 uas_free_streams(devinfo); 1128 scsi_host_put(shost); 1129} 1130 1131/* 1132 * Put the device back in usb-storage mode on shutdown, as some BIOS-es 1133 * hang on reboot when the device is still in uas mode. Note the reset is 1134 * necessary as some devices won't revert to usb-storage mode without it. 1135 */ 1136static void uas_shutdown(struct device *dev) 1137{ 1138 struct usb_interface *intf = to_usb_interface(dev); 1139 struct usb_device *udev = interface_to_usbdev(intf); 1140 struct Scsi_Host *shost = usb_get_intfdata(intf); 1141 struct uas_dev_info *devinfo = (struct uas_dev_info *)shost->hostdata; 1142 1143 if (system_state != SYSTEM_RESTART) 1144 return; 1145 1146 devinfo->shutdown = 1; 1147 uas_free_streams(devinfo); 1148 usb_set_interface(udev, intf->altsetting[0].desc.bInterfaceNumber, 0); 1149 usb_reset_device(udev); 1150} 1151 1152static struct usb_driver uas_driver = { 1153 .name = "uas", 1154 .probe = uas_probe, 1155 .disconnect = uas_disconnect, 1156 .pre_reset = uas_pre_reset, 1157 .post_reset = uas_post_reset, 1158 .suspend = uas_suspend, 1159 .resume = uas_resume, 1160 .reset_resume = uas_reset_resume, 1161 .drvwrap.driver.shutdown = uas_shutdown, 1162 .id_table = uas_usb_ids, 1163}; 1164 1165module_usb_driver(uas_driver); 1166 1167MODULE_LICENSE("GPL"); 1168MODULE_AUTHOR( 1169 "Hans de Goede <hdegoede@redhat.com>, Matthew Wilcox and Sarah Sharp"); 1170