1/*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2008 Yahoo!, Inc. 5 * All rights reserved. 6 * Written by: John Baldwin <jhb@FreeBSD.org> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the author nor the names of any co-contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * Avago Technologies (LSI) MPT-Fusion Host Adapter FreeBSD userland interface 33 */ 34/*- 35 * Copyright (c) 2011-2015 LSI Corp. 36 * Copyright (c) 2013-2015 Avago Technologies 37 * All rights reserved. 38 * 39 * Redistribution and use in source and binary forms, with or without 40 * modification, are permitted provided that the following conditions 41 * are met: 42 * 1. Redistributions of source code must retain the above copyright 43 * notice, this list of conditions and the following disclaimer. 44 * 2. Redistributions in binary form must reproduce the above copyright 45 * notice, this list of conditions and the following disclaimer in the 46 * documentation and/or other materials provided with the distribution. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * Avago Technologies (LSI) MPT-Fusion Host Adapter FreeBSD 61 * 62 * $FreeBSD$ 63 */ 64 65#include <sys/cdefs.h> 66__FBSDID("$FreeBSD$"); 67 68/* TODO Move headers to mpsvar */ 69#include <sys/types.h> 70#include <sys/param.h> 71#include <sys/systm.h> 72#include <sys/kernel.h> 73#include <sys/selinfo.h> 74#include <sys/module.h> 75#include <sys/bus.h> 76#include <sys/conf.h> 77#include <sys/bio.h> 78#include <sys/abi_compat.h> 79#include <sys/malloc.h> 80#include <sys/uio.h> 81#include <sys/sysctl.h> 82#include <sys/ioccom.h> 83#include <sys/endian.h> 84#include <sys/queue.h> 85#include <sys/kthread.h> 86#include <sys/taskqueue.h> 87#include <sys/proc.h> 88#include <sys/sysent.h> 89 90#include <machine/bus.h> 91#include <machine/resource.h> 92#include <sys/rman.h> 93 94#include <cam/cam.h> 95#include <cam/cam_ccb.h> 96#include <cam/scsi/scsi_all.h> 97 98#include <dev/mps/mpi/mpi2_type.h> 99#include <dev/mps/mpi/mpi2.h> 100#include <dev/mps/mpi/mpi2_ioc.h> 101#include <dev/mps/mpi/mpi2_cnfg.h> 102#include <dev/mps/mpi/mpi2_init.h> 103#include <dev/mps/mpi/mpi2_tool.h> 104#include <dev/mps/mps_ioctl.h> 105#include <dev/mps/mpsvar.h> 106#include <dev/mps/mps_table.h> 107#include <dev/mps/mps_sas.h> 108#include <dev/pci/pcivar.h> 109#include <dev/pci/pcireg.h> 110 111static d_open_t mps_open; 112static d_close_t mps_close; 113static d_ioctl_t mps_ioctl_devsw; 114 115static struct cdevsw mps_cdevsw = { 116 .d_version = D_VERSION, 117 .d_flags = 0, 118 .d_open = mps_open, 119 .d_close = mps_close, 120 .d_ioctl = mps_ioctl_devsw, 121 .d_name = "mps", 122}; 123 124typedef int (mps_user_f)(struct mps_command *, struct mps_usr_command *); 125static mps_user_f mpi_pre_ioc_facts; 126static mps_user_f mpi_pre_port_facts; 127static mps_user_f mpi_pre_fw_download; 128static mps_user_f mpi_pre_fw_upload; 129static mps_user_f mpi_pre_sata_passthrough; 130static mps_user_f mpi_pre_smp_passthrough; 131static mps_user_f mpi_pre_config; 132static mps_user_f mpi_pre_sas_io_unit_control; 133 134static int mps_user_read_cfg_header(struct mps_softc *, 135 struct mps_cfg_page_req *); 136static int mps_user_read_cfg_page(struct mps_softc *, 137 struct mps_cfg_page_req *, void *); 138static int mps_user_read_extcfg_header(struct mps_softc *, 139 struct mps_ext_cfg_page_req *); 140static int mps_user_read_extcfg_page(struct mps_softc *, 141 struct mps_ext_cfg_page_req *, void *); 142static int mps_user_write_cfg_page(struct mps_softc *, 143 struct mps_cfg_page_req *, void *); 144static int mps_user_setup_request(struct mps_command *, 145 struct mps_usr_command *); 146static int mps_user_command(struct mps_softc *, struct mps_usr_command *); 147 148static int mps_user_pass_thru(struct mps_softc *sc, mps_pass_thru_t *data); 149static void mps_user_get_adapter_data(struct mps_softc *sc, 150 mps_adapter_data_t *data); 151static void mps_user_read_pci_info(struct mps_softc *sc, 152 mps_pci_info_t *data); 153static uint8_t mps_get_fw_diag_buffer_number(struct mps_softc *sc, 154 uint32_t unique_id); 155static int mps_post_fw_diag_buffer(struct mps_softc *sc, 156 mps_fw_diagnostic_buffer_t *pBuffer, uint32_t *return_code); 157static int mps_release_fw_diag_buffer(struct mps_softc *sc, 158 mps_fw_diagnostic_buffer_t *pBuffer, uint32_t *return_code, 159 uint32_t diag_type); 160static int mps_diag_register(struct mps_softc *sc, 161 mps_fw_diag_register_t *diag_register, uint32_t *return_code); 162static int mps_diag_unregister(struct mps_softc *sc, 163 mps_fw_diag_unregister_t *diag_unregister, uint32_t *return_code); 164static int mps_diag_query(struct mps_softc *sc, mps_fw_diag_query_t *diag_query, 165 uint32_t *return_code); 166static int mps_diag_read_buffer(struct mps_softc *sc, 167 mps_diag_read_buffer_t *diag_read_buffer, uint8_t *ioctl_buf, 168 uint32_t *return_code); 169static int mps_diag_release(struct mps_softc *sc, 170 mps_fw_diag_release_t *diag_release, uint32_t *return_code); 171static int mps_do_diag_action(struct mps_softc *sc, uint32_t action, 172 uint8_t *diag_action, uint32_t length, uint32_t *return_code); 173static int mps_user_diag_action(struct mps_softc *sc, mps_diag_action_t *data); 174static void mps_user_event_query(struct mps_softc *sc, mps_event_query_t *data); 175static void mps_user_event_enable(struct mps_softc *sc, 176 mps_event_enable_t *data); 177static int mps_user_event_report(struct mps_softc *sc, 178 mps_event_report_t *data); 179static int mps_user_reg_access(struct mps_softc *sc, mps_reg_access_t *data); 180static int mps_user_btdh(struct mps_softc *sc, mps_btdh_mapping_t *data); 181 182MALLOC_DEFINE(M_MPSUSER, "mps_user", "Buffers for mps(4) ioctls"); 183 184int 185mps_attach_user(struct mps_softc *sc) 186{ 187 int unit; 188 189 unit = device_get_unit(sc->mps_dev); 190 sc->mps_cdev = make_dev(&mps_cdevsw, unit, UID_ROOT, GID_OPERATOR, 0640, 191 "mps%d", unit); 192 if (sc->mps_cdev == NULL) { 193 return (ENOMEM); 194 } 195 sc->mps_cdev->si_drv1 = sc; 196 return (0); 197} 198 199void 200mps_detach_user(struct mps_softc *sc) 201{ 202 203 /* XXX: do a purge of pending requests? */ 204 if (sc->mps_cdev != NULL) 205 destroy_dev(sc->mps_cdev); 206} 207 208static int 209mps_open(struct cdev *dev, int flags, int fmt, struct thread *td) 210{ 211 212 return (0); 213} 214 215static int 216mps_close(struct cdev *dev, int flags, int fmt, struct thread *td) 217{ 218 219 return (0); 220} 221 222static int 223mps_user_read_cfg_header(struct mps_softc *sc, 224 struct mps_cfg_page_req *page_req) 225{ 226 MPI2_CONFIG_PAGE_HEADER *hdr; 227 struct mps_config_params params; 228 int error; 229 230 hdr = ¶ms.hdr.Struct; 231 params.action = MPI2_CONFIG_ACTION_PAGE_HEADER; 232 params.page_address = le32toh(page_req->page_address); 233 hdr->PageVersion = 0; 234 hdr->PageLength = 0; 235 hdr->PageNumber = page_req->header.PageNumber; 236 hdr->PageType = page_req->header.PageType; 237 params.buffer = NULL; 238 params.length = 0; 239 params.callback = NULL; 240 241 if ((error = mps_read_config_page(sc, ¶ms)) != 0) { 242 /* 243 * Leave the request. Without resetting the chip, it's 244 * still owned by it and we'll just get into trouble 245 * freeing it now. Mark it as abandoned so that if it 246 * shows up later it can be freed. 247 */ 248 mps_printf(sc, "read_cfg_header timed out\n"); 249 return (ETIMEDOUT); 250 } 251 252 page_req->ioc_status = htole16(params.status); 253 if ((page_req->ioc_status & MPI2_IOCSTATUS_MASK) == 254 MPI2_IOCSTATUS_SUCCESS) { 255 bcopy(hdr, &page_req->header, sizeof(page_req->header)); 256 } 257 258 return (0); 259} 260 261static int 262mps_user_read_cfg_page(struct mps_softc *sc, struct mps_cfg_page_req *page_req, 263 void *buf) 264{ 265 MPI2_CONFIG_PAGE_HEADER *reqhdr, *hdr; 266 struct mps_config_params params; 267 int error; 268 269 reqhdr = buf; 270 hdr = ¶ms.hdr.Struct; 271 hdr->PageVersion = reqhdr->PageVersion; 272 hdr->PageLength = reqhdr->PageLength; 273 hdr->PageNumber = reqhdr->PageNumber; 274 hdr->PageType = reqhdr->PageType & MPI2_CONFIG_PAGETYPE_MASK; 275 params.action = MPI2_CONFIG_ACTION_PAGE_READ_CURRENT; 276 params.page_address = le32toh(page_req->page_address); 277 params.buffer = buf; 278 params.length = le32toh(page_req->len); 279 params.callback = NULL; 280 281 if ((error = mps_read_config_page(sc, ¶ms)) != 0) { 282 mps_printf(sc, "mps_user_read_cfg_page timed out\n"); 283 return (ETIMEDOUT); 284 } 285 286 page_req->ioc_status = htole16(params.status); 287 return (0); 288} 289 290static int 291mps_user_read_extcfg_header(struct mps_softc *sc, 292 struct mps_ext_cfg_page_req *ext_page_req) 293{ 294 MPI2_CONFIG_EXTENDED_PAGE_HEADER *hdr; 295 struct mps_config_params params; 296 int error; 297 298 hdr = ¶ms.hdr.Ext; 299 params.action = MPI2_CONFIG_ACTION_PAGE_HEADER; 300 hdr->PageVersion = ext_page_req->header.PageVersion; 301 hdr->PageType = MPI2_CONFIG_PAGETYPE_EXTENDED; 302 hdr->ExtPageLength = 0; 303 hdr->PageNumber = ext_page_req->header.PageNumber; 304 hdr->ExtPageType = ext_page_req->header.ExtPageType; 305 params.page_address = le32toh(ext_page_req->page_address); 306 params.buffer = NULL; 307 params.length = 0; 308 params.callback = NULL; 309 310 if ((error = mps_read_config_page(sc, ¶ms)) != 0) { 311 /* 312 * Leave the request. Without resetting the chip, it's 313 * still owned by it and we'll just get into trouble 314 * freeing it now. Mark it as abandoned so that if it 315 * shows up later it can be freed. 316 */ 317 mps_printf(sc, "mps_user_read_extcfg_header timed out\n"); 318 return (ETIMEDOUT); 319 } 320 321 ext_page_req->ioc_status = htole16(params.status); 322 if ((ext_page_req->ioc_status & MPI2_IOCSTATUS_MASK) == 323 MPI2_IOCSTATUS_SUCCESS) { 324 ext_page_req->header.PageVersion = hdr->PageVersion; 325 ext_page_req->header.PageNumber = hdr->PageNumber; 326 ext_page_req->header.PageType = hdr->PageType; 327 ext_page_req->header.ExtPageLength = hdr->ExtPageLength; 328 ext_page_req->header.ExtPageType = hdr->ExtPageType; 329 } 330 331 return (0); 332} 333 334static int 335mps_user_read_extcfg_page(struct mps_softc *sc, 336 struct mps_ext_cfg_page_req *ext_page_req, void *buf) 337{ 338 MPI2_CONFIG_EXTENDED_PAGE_HEADER *reqhdr, *hdr; 339 struct mps_config_params params; 340 int error; 341 342 reqhdr = buf; 343 hdr = ¶ms.hdr.Ext; 344 params.action = MPI2_CONFIG_ACTION_PAGE_READ_CURRENT; 345 params.page_address = le32toh(ext_page_req->page_address); 346 hdr->PageVersion = reqhdr->PageVersion; 347 hdr->PageType = MPI2_CONFIG_PAGETYPE_EXTENDED; 348 hdr->PageNumber = reqhdr->PageNumber; 349 hdr->ExtPageType = reqhdr->ExtPageType; 350 hdr->ExtPageLength = reqhdr->ExtPageLength; 351 params.buffer = buf; 352 params.length = le32toh(ext_page_req->len); 353 params.callback = NULL; 354 355 if ((error = mps_read_config_page(sc, ¶ms)) != 0) { 356 mps_printf(sc, "mps_user_read_extcfg_page timed out\n"); 357 return (ETIMEDOUT); 358 } 359 360 ext_page_req->ioc_status = htole16(params.status); 361 return (0); 362} 363 364static int 365mps_user_write_cfg_page(struct mps_softc *sc, 366 struct mps_cfg_page_req *page_req, void *buf) 367{ 368 MPI2_CONFIG_PAGE_HEADER *reqhdr, *hdr; 369 struct mps_config_params params; 370 u_int hdr_attr; 371 int error; 372 373 reqhdr = buf; 374 hdr = ¶ms.hdr.Struct; 375 hdr_attr = reqhdr->PageType & MPI2_CONFIG_PAGEATTR_MASK; 376 if (hdr_attr != MPI2_CONFIG_PAGEATTR_CHANGEABLE && 377 hdr_attr != MPI2_CONFIG_PAGEATTR_PERSISTENT) { 378 mps_printf(sc, "page type 0x%x not changeable\n", 379 reqhdr->PageType & MPI2_CONFIG_PAGETYPE_MASK); 380 return (EINVAL); 381 } 382 383 /* 384 * There isn't any point in restoring stripped out attributes 385 * if you then mask them going down to issue the request. 386 */ 387 388 hdr->PageVersion = reqhdr->PageVersion; 389 hdr->PageLength = reqhdr->PageLength; 390 hdr->PageNumber = reqhdr->PageNumber; 391 hdr->PageType = reqhdr->PageType; 392 params.action = MPI2_CONFIG_ACTION_PAGE_WRITE_CURRENT; 393 params.page_address = le32toh(page_req->page_address); 394 params.buffer = buf; 395 params.length = le32toh(page_req->len); 396 params.callback = NULL; 397 398 if ((error = mps_write_config_page(sc, ¶ms)) != 0) { 399 mps_printf(sc, "mps_write_cfg_page timed out\n"); 400 return (ETIMEDOUT); 401 } 402 403 page_req->ioc_status = htole16(params.status); 404 return (0); 405} 406 407void 408mpi_init_sge(struct mps_command *cm, void *req, void *sge) 409{ 410 int off, space; 411 412 space = (int)cm->cm_sc->reqframesz; 413 off = (uintptr_t)sge - (uintptr_t)req; 414 415 KASSERT(off < space, ("bad pointers %p %p, off %d, space %d", 416 req, sge, off, space)); 417 418 cm->cm_sge = sge; 419 cm->cm_sglsize = space - off; 420} 421 422/* 423 * Prepare the mps_command for an IOC_FACTS request. 424 */ 425static int 426mpi_pre_ioc_facts(struct mps_command *cm, struct mps_usr_command *cmd) 427{ 428 MPI2_IOC_FACTS_REQUEST *req = (void *)cm->cm_req; 429 MPI2_IOC_FACTS_REPLY *rpl; 430 431 if (cmd->req_len != sizeof *req) 432 return (EINVAL); 433 if (cmd->rpl_len != sizeof *rpl) 434 return (EINVAL); 435 436 cm->cm_sge = NULL; 437 cm->cm_sglsize = 0; 438 return (0); 439} 440 441/* 442 * Prepare the mps_command for a PORT_FACTS request. 443 */ 444static int 445mpi_pre_port_facts(struct mps_command *cm, struct mps_usr_command *cmd) 446{ 447 MPI2_PORT_FACTS_REQUEST *req = (void *)cm->cm_req; 448 MPI2_PORT_FACTS_REPLY *rpl; 449 450 if (cmd->req_len != sizeof *req) 451 return (EINVAL); 452 if (cmd->rpl_len != sizeof *rpl) 453 return (EINVAL); 454 455 cm->cm_sge = NULL; 456 cm->cm_sglsize = 0; 457 return (0); 458} 459 460/* 461 * Prepare the mps_command for a FW_DOWNLOAD request. 462 */ 463static int 464mpi_pre_fw_download(struct mps_command *cm, struct mps_usr_command *cmd) 465{ 466 MPI2_FW_DOWNLOAD_REQUEST *req = (void *)cm->cm_req; 467 MPI2_FW_DOWNLOAD_REPLY *rpl; 468 MPI2_FW_DOWNLOAD_TCSGE tc; 469 int error; 470 471 /* 472 * This code assumes there is room in the request's SGL for 473 * the TransactionContext plus at least a SGL chain element. 474 */ 475 CTASSERT(sizeof req->SGL >= sizeof tc + MPS_SGC_SIZE); 476 477 if (cmd->req_len != sizeof *req) 478 return (EINVAL); 479 if (cmd->rpl_len != sizeof *rpl) 480 return (EINVAL); 481 482 if (cmd->len == 0) 483 return (EINVAL); 484 485 error = copyin(cmd->buf, cm->cm_data, cmd->len); 486 if (error != 0) 487 return (error); 488 489 mpi_init_sge(cm, req, &req->SGL); 490 bzero(&tc, sizeof tc); 491 492 /* 493 * For now, the F/W image must be provided in a single request. 494 */ 495 if ((req->MsgFlags & MPI2_FW_DOWNLOAD_MSGFLGS_LAST_SEGMENT) == 0) 496 return (EINVAL); 497 if (req->TotalImageSize != cmd->len) 498 return (EINVAL); 499 500 /* 501 * The value of the first two elements is specified in the 502 * Fusion-MPT Message Passing Interface document. 503 */ 504 tc.ContextSize = 0; 505 tc.DetailsLength = 12; 506 tc.ImageOffset = 0; 507 tc.ImageSize = cmd->len; 508 509 cm->cm_flags |= MPS_CM_FLAGS_DATAOUT; 510 511 return (mps_push_sge(cm, &tc, sizeof tc, 0)); 512} 513 514/* 515 * Prepare the mps_command for a FW_UPLOAD request. 516 */ 517static int 518mpi_pre_fw_upload(struct mps_command *cm, struct mps_usr_command *cmd) 519{ 520 MPI2_FW_UPLOAD_REQUEST *req = (void *)cm->cm_req; 521 MPI2_FW_UPLOAD_REPLY *rpl; 522 MPI2_FW_UPLOAD_TCSGE tc; 523 524 /* 525 * This code assumes there is room in the request's SGL for 526 * the TransactionContext plus at least a SGL chain element. 527 */ 528 CTASSERT(sizeof req->SGL >= sizeof tc + MPS_SGC_SIZE); 529 530 if (cmd->req_len != sizeof *req) 531 return (EINVAL); 532 if (cmd->rpl_len != sizeof *rpl) 533 return (EINVAL); 534 535 mpi_init_sge(cm, req, &req->SGL); 536 bzero(&tc, sizeof tc); 537 538 /* 539 * The value of the first two elements is specified in the 540 * Fusion-MPT Message Passing Interface document. 541 */ 542 tc.ContextSize = 0; 543 tc.DetailsLength = 12; 544 /* 545 * XXX Is there any reason to fetch a partial image? I.e. to 546 * set ImageOffset to something other than 0? 547 */ 548 tc.ImageOffset = 0; 549 tc.ImageSize = cmd->len; 550 551 cm->cm_flags |= MPS_CM_FLAGS_DATAIN; 552 553 return (mps_push_sge(cm, &tc, sizeof tc, 0)); 554} 555 556/* 557 * Prepare the mps_command for a SATA_PASSTHROUGH request. 558 */ 559static int 560mpi_pre_sata_passthrough(struct mps_command *cm, struct mps_usr_command *cmd) 561{ 562 MPI2_SATA_PASSTHROUGH_REQUEST *req = (void *)cm->cm_req; 563 MPI2_SATA_PASSTHROUGH_REPLY *rpl; 564 565 if (cmd->req_len != sizeof *req) 566 return (EINVAL); 567 if (cmd->rpl_len != sizeof *rpl) 568 return (EINVAL); 569 570 mpi_init_sge(cm, req, &req->SGL); 571 return (0); 572} 573 574/* 575 * Prepare the mps_command for a SMP_PASSTHROUGH request. 576 */ 577static int 578mpi_pre_smp_passthrough(struct mps_command *cm, struct mps_usr_command *cmd) 579{ 580 MPI2_SMP_PASSTHROUGH_REQUEST *req = (void *)cm->cm_req; 581 MPI2_SMP_PASSTHROUGH_REPLY *rpl; 582 583 if (cmd->req_len != sizeof *req) 584 return (EINVAL); 585 if (cmd->rpl_len != sizeof *rpl) 586 return (EINVAL); 587 588 mpi_init_sge(cm, req, &req->SGL); 589 return (0); 590} 591 592/* 593 * Prepare the mps_command for a CONFIG request. 594 */ 595static int 596mpi_pre_config(struct mps_command *cm, struct mps_usr_command *cmd) 597{ 598 MPI2_CONFIG_REQUEST *req = (void *)cm->cm_req; 599 MPI2_CONFIG_REPLY *rpl; 600 601 if (cmd->req_len != sizeof *req) 602 return (EINVAL); 603 if (cmd->rpl_len != sizeof *rpl) 604 return (EINVAL); 605 606 mpi_init_sge(cm, req, &req->PageBufferSGE); 607 return (0); 608} 609 610/* 611 * Prepare the mps_command for a SAS_IO_UNIT_CONTROL request. 612 */ 613static int 614mpi_pre_sas_io_unit_control(struct mps_command *cm, 615 struct mps_usr_command *cmd) 616{ 617 618 cm->cm_sge = NULL; 619 cm->cm_sglsize = 0; 620 return (0); 621} 622 623/* 624 * A set of functions to prepare an mps_command for the various 625 * supported requests. 626 */ 627struct mps_user_func { 628 U8 Function; 629 mps_user_f *f_pre; 630} mps_user_func_list[] = { 631 { MPI2_FUNCTION_IOC_FACTS, mpi_pre_ioc_facts }, 632 { MPI2_FUNCTION_PORT_FACTS, mpi_pre_port_facts }, 633 { MPI2_FUNCTION_FW_DOWNLOAD, mpi_pre_fw_download }, 634 { MPI2_FUNCTION_FW_UPLOAD, mpi_pre_fw_upload }, 635 { MPI2_FUNCTION_SATA_PASSTHROUGH, mpi_pre_sata_passthrough }, 636 { MPI2_FUNCTION_SMP_PASSTHROUGH, mpi_pre_smp_passthrough}, 637 { MPI2_FUNCTION_CONFIG, mpi_pre_config}, 638 { MPI2_FUNCTION_SAS_IO_UNIT_CONTROL, mpi_pre_sas_io_unit_control }, 639 { 0xFF, NULL } /* list end */ 640}; 641 642static int 643mps_user_setup_request(struct mps_command *cm, struct mps_usr_command *cmd) 644{ 645 MPI2_REQUEST_HEADER *hdr = (MPI2_REQUEST_HEADER *)cm->cm_req; 646 struct mps_user_func *f; 647 648 for (f = mps_user_func_list; f->f_pre != NULL; f++) { 649 if (hdr->Function == f->Function) 650 return (f->f_pre(cm, cmd)); 651 } 652 return (EINVAL); 653} 654 655static int 656mps_user_command(struct mps_softc *sc, struct mps_usr_command *cmd) 657{ 658 MPI2_REQUEST_HEADER *hdr; 659 MPI2_DEFAULT_REPLY *rpl; 660 void *buf = NULL; 661 struct mps_command *cm = NULL; 662 int err = 0; 663 int sz; 664 665 mps_lock(sc); 666 cm = mps_alloc_command(sc); 667 668 if (cm == NULL) { 669 mps_printf(sc, "%s: no mps requests\n", __func__); 670 err = ENOMEM; 671 goto RetFree; 672 } 673 mps_unlock(sc); 674 675 hdr = (MPI2_REQUEST_HEADER *)cm->cm_req; 676 677 mps_dprint(sc, MPS_USER, "%s: req %p %d rpl %p %d\n", __func__, 678 cmd->req, cmd->req_len, cmd->rpl, cmd->rpl_len); 679 680 if (cmd->req_len > sc->reqframesz) { 681 err = EINVAL; 682 goto RetFreeUnlocked; 683 } 684 err = copyin(cmd->req, hdr, cmd->req_len); 685 if (err != 0) 686 goto RetFreeUnlocked; 687 688 mps_dprint(sc, MPS_USER, "%s: Function %02X MsgFlags %02X\n", __func__, 689 hdr->Function, hdr->MsgFlags); 690 691 if (cmd->len > 0) { 692 buf = malloc(cmd->len, M_MPSUSER, M_WAITOK|M_ZERO); 693 cm->cm_data = buf; 694 cm->cm_length = cmd->len; 695 } else { 696 cm->cm_data = NULL; 697 cm->cm_length = 0; 698 } 699 700 cm->cm_flags = MPS_CM_FLAGS_SGE_SIMPLE; 701 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 702 703 err = mps_user_setup_request(cm, cmd); 704 if (err == EINVAL) { 705 mps_printf(sc, "%s: unsupported parameter or unsupported " 706 "function in request (function = 0x%X)\n", __func__, 707 hdr->Function); 708 } 709 if (err != 0) 710 goto RetFreeUnlocked; 711 712 mps_lock(sc); 713 err = mps_wait_command(sc, &cm, 60, CAN_SLEEP); 714 715 if (err || (cm == NULL)) { 716 mps_printf(sc, "%s: invalid request: error %d\n", 717 __func__, err); 718 goto RetFree; 719 } 720 721 rpl = (MPI2_DEFAULT_REPLY *)cm->cm_reply; 722 if (rpl != NULL) 723 sz = rpl->MsgLength * 4; 724 else 725 sz = 0; 726 727 if (sz > cmd->rpl_len) { 728 mps_printf(sc, "%s: user reply buffer (%d) smaller than " 729 "returned buffer (%d)\n", __func__, cmd->rpl_len, sz); 730 sz = cmd->rpl_len; 731 } 732 733 mps_unlock(sc); 734 copyout(rpl, cmd->rpl, sz); 735 if (buf != NULL) 736 copyout(buf, cmd->buf, cmd->len); 737 mps_dprint(sc, MPS_USER, "%s: reply size %d\n", __func__, sz); 738 739RetFreeUnlocked: 740 mps_lock(sc); 741RetFree: 742 if (cm != NULL) 743 mps_free_command(sc, cm); 744 mps_unlock(sc); 745 if (buf != NULL) 746 free(buf, M_MPSUSER); 747 return (err); 748} 749 750static int 751mps_user_pass_thru(struct mps_softc *sc, mps_pass_thru_t *data) 752{ 753 MPI2_REQUEST_HEADER *hdr, *tmphdr; 754 MPI2_DEFAULT_REPLY *rpl = NULL; 755 struct mps_command *cm = NULL; 756 void *req = NULL; 757 int err = 0, dir = 0, sz; 758 uint8_t function = 0; 759 u_int sense_len; 760 struct mpssas_target *targ = NULL; 761 762 /* 763 * Only allow one passthru command at a time. Use the MPS_FLAGS_BUSY 764 * bit to denote that a passthru is being processed. 765 */ 766 mps_lock(sc); 767 if (sc->mps_flags & MPS_FLAGS_BUSY) { 768 mps_dprint(sc, MPS_USER, "%s: Only one passthru command " 769 "allowed at a single time.", __func__); 770 mps_unlock(sc); 771 return (EBUSY); 772 } 773 sc->mps_flags |= MPS_FLAGS_BUSY; 774 mps_unlock(sc); 775 776 /* 777 * Do some validation on data direction. Valid cases are: 778 * 1) DataSize is 0 and direction is NONE 779 * 2) DataSize is non-zero and one of: 780 * a) direction is READ or 781 * b) direction is WRITE or 782 * c) direction is BOTH and DataOutSize is non-zero 783 * If valid and the direction is BOTH, change the direction to READ. 784 * if valid and the direction is not BOTH, make sure DataOutSize is 0. 785 */ 786 if (((data->DataSize == 0) && 787 (data->DataDirection == MPS_PASS_THRU_DIRECTION_NONE)) || 788 ((data->DataSize != 0) && 789 ((data->DataDirection == MPS_PASS_THRU_DIRECTION_READ) || 790 (data->DataDirection == MPS_PASS_THRU_DIRECTION_WRITE) || 791 ((data->DataDirection == MPS_PASS_THRU_DIRECTION_BOTH) && 792 (data->DataOutSize != 0))))) { 793 if (data->DataDirection == MPS_PASS_THRU_DIRECTION_BOTH) 794 data->DataDirection = MPS_PASS_THRU_DIRECTION_READ; 795 else 796 data->DataOutSize = 0; 797 } else { 798 err = EINVAL; 799 goto RetFreeUnlocked; 800 } 801 802 mps_dprint(sc, MPS_USER, "%s: req 0x%jx %d rpl 0x%jx %d " 803 "data in 0x%jx %d data out 0x%jx %d data dir %d\n", __func__, 804 data->PtrRequest, data->RequestSize, data->PtrReply, 805 data->ReplySize, data->PtrData, data->DataSize, 806 data->PtrDataOut, data->DataOutSize, data->DataDirection); 807 808 if (data->RequestSize > sc->reqframesz) { 809 err = EINVAL; 810 goto RetFreeUnlocked; 811 } 812 813 req = malloc(data->RequestSize, M_MPSUSER, M_WAITOK | M_ZERO); 814 tmphdr = (MPI2_REQUEST_HEADER *)req; 815 816 err = copyin(PTRIN(data->PtrRequest), req, data->RequestSize); 817 if (err != 0) 818 goto RetFreeUnlocked; 819 820 function = tmphdr->Function; 821 mps_dprint(sc, MPS_USER, "%s: Function %02X MsgFlags %02X\n", __func__, 822 function, tmphdr->MsgFlags); 823 824 /* 825 * Handle a passthru TM request. 826 */ 827 if (function == MPI2_FUNCTION_SCSI_TASK_MGMT) { 828 MPI2_SCSI_TASK_MANAGE_REQUEST *task; 829 830 mps_lock(sc); 831 cm = mpssas_alloc_tm(sc); 832 if (cm == NULL) { 833 err = EINVAL; 834 goto Ret; 835 } 836 837 /* Copy the header in. Only a small fixup is needed. */ 838 task = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req; 839 memcpy(task, req, data->RequestSize); 840 task->TaskMID = cm->cm_desc.Default.SMID; 841 842 cm->cm_data = NULL; 843 cm->cm_complete = NULL; 844 cm->cm_complete_data = NULL; 845 846 targ = mpssas_find_target_by_handle(sc->sassc, 0, 847 task->DevHandle); 848 if (targ == NULL) { 849 mps_dprint(sc, MPS_INFO, 850 "%s %d : invalid handle for requested TM 0x%x \n", 851 __func__, __LINE__, task->DevHandle); 852 err = 1; 853 } else { 854 mpssas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD); 855 err = mps_wait_command(sc, &cm, 30, CAN_SLEEP); 856 } 857 858 if (err != 0) { 859 err = EIO; 860 mps_dprint(sc, MPS_FAULT, "%s: task management failed", 861 __func__); 862 } 863 /* 864 * Copy the reply data and sense data to user space. 865 */ 866 if ((cm != NULL) && (cm->cm_reply != NULL)) { 867 rpl = (MPI2_DEFAULT_REPLY *)cm->cm_reply; 868 sz = rpl->MsgLength * 4; 869 870 if (sz > data->ReplySize) { 871 mps_printf(sc, "%s: user reply buffer (%d) " 872 "smaller than returned buffer (%d)\n", 873 __func__, data->ReplySize, sz); 874 } 875 mps_unlock(sc); 876 copyout(cm->cm_reply, PTRIN(data->PtrReply), 877 data->ReplySize); 878 mps_lock(sc); 879 } 880 mpssas_free_tm(sc, cm); 881 goto Ret; 882 } 883 884 mps_lock(sc); 885 cm = mps_alloc_command(sc); 886 if (cm == NULL) { 887 mps_printf(sc, "%s: no mps requests\n", __func__); 888 err = ENOMEM; 889 goto Ret; 890 } 891 mps_unlock(sc); 892 893 hdr = (MPI2_REQUEST_HEADER *)cm->cm_req; 894 memcpy(hdr, req, data->RequestSize); 895 896 /* 897 * Do some checking to make sure the IOCTL request contains a valid 898 * request. Then set the SGL info. 899 */ 900 mpi_init_sge(cm, hdr, (void *)((uint8_t *)hdr + data->RequestSize)); 901 902 /* 903 * Set up for read, write or both. From check above, DataOutSize will 904 * be 0 if direction is READ or WRITE, but it will have some non-zero 905 * value if the direction is BOTH. So, just use the biggest size to get 906 * the cm_data buffer size. If direction is BOTH, 2 SGLs need to be set 907 * up; the first is for the request and the second will contain the 908 * response data. cm_out_len needs to be set here and this will be used 909 * when the SGLs are set up. 910 */ 911 cm->cm_data = NULL; 912 cm->cm_length = MAX(data->DataSize, data->DataOutSize); 913 cm->cm_out_len = data->DataOutSize; 914 cm->cm_flags = 0; 915 if (cm->cm_length != 0) { 916 cm->cm_data = malloc(cm->cm_length, M_MPSUSER, M_WAITOK | 917 M_ZERO); 918 cm->cm_flags = MPS_CM_FLAGS_DATAIN; 919 if (data->DataOutSize) { 920 cm->cm_flags |= MPS_CM_FLAGS_DATAOUT; 921 err = copyin(PTRIN(data->PtrDataOut), 922 cm->cm_data, data->DataOutSize); 923 } else if (data->DataDirection == 924 MPS_PASS_THRU_DIRECTION_WRITE) { 925 cm->cm_flags = MPS_CM_FLAGS_DATAOUT; 926 err = copyin(PTRIN(data->PtrData), 927 cm->cm_data, data->DataSize); 928 } 929 if (err != 0) 930 mps_dprint(sc, MPS_FAULT, "%s: failed to copy " 931 "IOCTL data from user space\n", __func__); 932 } 933 cm->cm_flags |= MPS_CM_FLAGS_SGE_SIMPLE; 934 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 935 936 /* 937 * Set up Sense buffer and SGL offset for IO passthru. SCSI IO request 938 * uses SCSI IO descriptor. 939 */ 940 if ((function == MPI2_FUNCTION_SCSI_IO_REQUEST) || 941 (function == MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH)) { 942 MPI2_SCSI_IO_REQUEST *scsi_io_req; 943 944 scsi_io_req = (MPI2_SCSI_IO_REQUEST *)hdr; 945 /* 946 * Put SGE for data and data_out buffer at the end of 947 * scsi_io_request message header (64 bytes in total). 948 * Following above SGEs, the residual space will be used by 949 * sense data. 950 */ 951 scsi_io_req->SenseBufferLength = (uint8_t)(data->RequestSize - 952 64); 953 scsi_io_req->SenseBufferLowAddress = htole32(cm->cm_sense_busaddr); 954 955 /* 956 * Set SGLOffset0 value. This is the number of dwords that SGL 957 * is offset from the beginning of MPI2_SCSI_IO_REQUEST struct. 958 */ 959 scsi_io_req->SGLOffset0 = 24; 960 961 /* 962 * Setup descriptor info. RAID passthrough must use the 963 * default request descriptor which is already set, so if this 964 * is a SCSI IO request, change the descriptor to SCSI IO. 965 * Also, if this is a SCSI IO request, handle the reply in the 966 * mpssas_scsio_complete function. 967 */ 968 if (function == MPI2_FUNCTION_SCSI_IO_REQUEST) { 969 cm->cm_desc.SCSIIO.RequestFlags = 970 MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO; 971 cm->cm_desc.SCSIIO.DevHandle = scsi_io_req->DevHandle; 972 973 /* 974 * Make sure the DevHandle is not 0 because this is a 975 * likely error. 976 */ 977 if (scsi_io_req->DevHandle == 0) { 978 err = EINVAL; 979 goto RetFreeUnlocked; 980 } 981 } 982 } 983 984 mps_lock(sc); 985 986 err = mps_wait_command(sc, &cm, 30, CAN_SLEEP); 987 988 if (err || (cm == NULL)) { 989 mps_printf(sc, "%s: invalid request: error %d\n", __func__, 990 err); 991 mps_unlock(sc); 992 goto RetFreeUnlocked; 993 } 994 995 /* 996 * Sync the DMA data, if any. Then copy the data to user space. 997 */ 998 if (cm->cm_data != NULL) { 999 if (cm->cm_flags & MPS_CM_FLAGS_DATAIN) 1000 dir = BUS_DMASYNC_POSTREAD; 1001 else if (cm->cm_flags & MPS_CM_FLAGS_DATAOUT) 1002 dir = BUS_DMASYNC_POSTWRITE; 1003 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, dir); 1004 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 1005 1006 if (cm->cm_flags & MPS_CM_FLAGS_DATAIN) { 1007 mps_unlock(sc); 1008 err = copyout(cm->cm_data, 1009 PTRIN(data->PtrData), data->DataSize); 1010 mps_lock(sc); 1011 if (err != 0) 1012 mps_dprint(sc, MPS_FAULT, "%s: failed to copy " 1013 "IOCTL data to user space\n", __func__); 1014 } 1015 } 1016 1017 /* 1018 * Copy the reply data and sense data to user space. 1019 */ 1020 if (cm->cm_reply != NULL) { 1021 rpl = (MPI2_DEFAULT_REPLY *)cm->cm_reply; 1022 sz = rpl->MsgLength * 4; 1023 1024 if (sz > data->ReplySize) { 1025 mps_printf(sc, "%s: user reply buffer (%d) smaller " 1026 "than returned buffer (%d)\n", __func__, 1027 data->ReplySize, sz); 1028 } 1029 mps_unlock(sc); 1030 copyout(cm->cm_reply, PTRIN(data->PtrReply), data->ReplySize); 1031 mps_lock(sc); 1032 1033 if ((function == MPI2_FUNCTION_SCSI_IO_REQUEST) || 1034 (function == MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH)) { 1035 if (((MPI2_SCSI_IO_REPLY *)rpl)->SCSIState & 1036 MPI2_SCSI_STATE_AUTOSENSE_VALID) { 1037 sense_len = 1038 MIN((le32toh(((MPI2_SCSI_IO_REPLY *)rpl)-> 1039 SenseCount)), sizeof(struct 1040 scsi_sense_data)); 1041 mps_unlock(sc); 1042 copyout(cm->cm_sense, (PTRIN(data->PtrReply + 1043 sizeof(MPI2_SCSI_IO_REPLY))), sense_len); 1044 mps_lock(sc); 1045 } 1046 } 1047 } 1048 mps_unlock(sc); 1049 1050RetFreeUnlocked: 1051 mps_lock(sc); 1052 1053 if (cm != NULL) { 1054 if (cm->cm_data) 1055 free(cm->cm_data, M_MPSUSER); 1056 mps_free_command(sc, cm); 1057 } 1058Ret: 1059 sc->mps_flags &= ~MPS_FLAGS_BUSY; 1060 mps_unlock(sc); 1061 free(req, M_MPSUSER); 1062 1063 return (err); 1064} 1065 1066static void 1067mps_user_get_adapter_data(struct mps_softc *sc, mps_adapter_data_t *data) 1068{ 1069 Mpi2ConfigReply_t mpi_reply; 1070 Mpi2BiosPage3_t config_page; 1071 1072 /* 1073 * Use the PCI interface functions to get the Bus, Device, and Function 1074 * information. 1075 */ 1076 data->PciInformation.u.bits.BusNumber = pci_get_bus(sc->mps_dev); 1077 data->PciInformation.u.bits.DeviceNumber = pci_get_slot(sc->mps_dev); 1078 data->PciInformation.u.bits.FunctionNumber = 1079 pci_get_function(sc->mps_dev); 1080 1081 /* 1082 * Get the FW version that should already be saved in IOC Facts. 1083 */ 1084 data->MpiFirmwareVersion = sc->facts->FWVersion.Word; 1085 1086 /* 1087 * General device info. 1088 */ 1089 data->AdapterType = MPSIOCTL_ADAPTER_TYPE_SAS2; 1090 if (sc->mps_flags & MPS_FLAGS_WD_AVAILABLE) 1091 data->AdapterType = MPSIOCTL_ADAPTER_TYPE_SAS2_SSS6200; 1092 data->PCIDeviceHwId = pci_get_device(sc->mps_dev); 1093 data->PCIDeviceHwRev = pci_read_config(sc->mps_dev, PCIR_REVID, 1); 1094 data->SubSystemId = pci_get_subdevice(sc->mps_dev); 1095 data->SubsystemVendorId = pci_get_subvendor(sc->mps_dev); 1096 1097 /* 1098 * Get the driver version. 1099 */ 1100 strcpy((char *)&data->DriverVersion[0], MPS_DRIVER_VERSION); 1101 1102 /* 1103 * Need to get BIOS Config Page 3 for the BIOS Version. 1104 */ 1105 data->BiosVersion = 0; 1106 mps_lock(sc); 1107 if (mps_config_get_bios_pg3(sc, &mpi_reply, &config_page)) 1108 printf("%s: Error while retrieving BIOS Version\n", __func__); 1109 else 1110 data->BiosVersion = config_page.BiosVersion; 1111 mps_unlock(sc); 1112} 1113 1114static void 1115mps_user_read_pci_info(struct mps_softc *sc, mps_pci_info_t *data) 1116{ 1117 int i; 1118 1119 /* 1120 * Use the PCI interface functions to get the Bus, Device, and Function 1121 * information. 1122 */ 1123 data->BusNumber = pci_get_bus(sc->mps_dev); 1124 data->DeviceNumber = pci_get_slot(sc->mps_dev); 1125 data->FunctionNumber = pci_get_function(sc->mps_dev); 1126 1127 /* 1128 * Now get the interrupt vector and the pci header. The vector can 1129 * only be 0 right now. The header is the first 256 bytes of config 1130 * space. 1131 */ 1132 data->InterruptVector = 0; 1133 for (i = 0; i < sizeof (data->PciHeader); i++) { 1134 data->PciHeader[i] = pci_read_config(sc->mps_dev, i, 1); 1135 } 1136} 1137 1138static uint8_t 1139mps_get_fw_diag_buffer_number(struct mps_softc *sc, uint32_t unique_id) 1140{ 1141 uint8_t index; 1142 1143 for (index = 0; index < MPI2_DIAG_BUF_TYPE_COUNT; index++) { 1144 if (sc->fw_diag_buffer_list[index].unique_id == unique_id) { 1145 return (index); 1146 } 1147 } 1148 1149 return (MPS_FW_DIAGNOSTIC_UID_NOT_FOUND); 1150} 1151 1152static int 1153mps_post_fw_diag_buffer(struct mps_softc *sc, 1154 mps_fw_diagnostic_buffer_t *pBuffer, uint32_t *return_code) 1155{ 1156 MPI2_DIAG_BUFFER_POST_REQUEST *req; 1157 MPI2_DIAG_BUFFER_POST_REPLY *reply = NULL; 1158 struct mps_command *cm = NULL; 1159 int i, status; 1160 1161 /* 1162 * If buffer is not enabled, just leave. 1163 */ 1164 *return_code = MPS_FW_DIAG_ERROR_POST_FAILED; 1165 if (!pBuffer->enabled) { 1166 return (MPS_DIAG_FAILURE); 1167 } 1168 1169 /* 1170 * Clear some flags initially. 1171 */ 1172 pBuffer->force_release = FALSE; 1173 pBuffer->valid_data = FALSE; 1174 pBuffer->owned_by_firmware = FALSE; 1175 1176 /* 1177 * Get a command. 1178 */ 1179 cm = mps_alloc_command(sc); 1180 if (cm == NULL) { 1181 mps_printf(sc, "%s: no mps requests\n", __func__); 1182 return (MPS_DIAG_FAILURE); 1183 } 1184 1185 /* 1186 * Build the request for releasing the FW Diag Buffer and send it. 1187 */ 1188 req = (MPI2_DIAG_BUFFER_POST_REQUEST *)cm->cm_req; 1189 req->Function = MPI2_FUNCTION_DIAG_BUFFER_POST; 1190 req->BufferType = pBuffer->buffer_type; 1191 req->ExtendedType = pBuffer->extended_type; 1192 req->BufferLength = pBuffer->size; 1193 for (i = 0; i < (sizeof(req->ProductSpecific) / 4); i++) 1194 req->ProductSpecific[i] = pBuffer->product_specific[i]; 1195 mps_from_u64(sc->fw_diag_busaddr, &req->BufferAddress); 1196 cm->cm_data = NULL; 1197 cm->cm_length = 0; 1198 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 1199 cm->cm_complete_data = NULL; 1200 1201 /* 1202 * Send command synchronously. 1203 */ 1204 status = mps_wait_command(sc, &cm, 30, CAN_SLEEP); 1205 if (status || (cm == NULL)) { 1206 mps_printf(sc, "%s: invalid request: error %d\n", __func__, 1207 status); 1208 status = MPS_DIAG_FAILURE; 1209 goto done; 1210 } 1211 1212 /* 1213 * Process POST reply. 1214 */ 1215 reply = (MPI2_DIAG_BUFFER_POST_REPLY *)cm->cm_reply; 1216 if (reply == NULL) { 1217 mps_printf(sc, "%s: reply is NULL, probably due to " 1218 "reinitialization\n", __func__); 1219 status = MPS_DIAG_FAILURE; 1220 goto done; 1221 } 1222 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 1223 MPI2_IOCSTATUS_SUCCESS) { 1224 status = MPS_DIAG_FAILURE; 1225 mps_dprint(sc, MPS_FAULT, "%s: post of FW Diag Buffer failed " 1226 "with IOCStatus = 0x%x, IOCLogInfo = 0x%x and " 1227 "TransferLength = 0x%x\n", __func__, 1228 le16toh(reply->IOCStatus), le32toh(reply->IOCLogInfo), 1229 le32toh(reply->TransferLength)); 1230 goto done; 1231 } 1232 1233 /* 1234 * Post was successful. 1235 */ 1236 pBuffer->valid_data = TRUE; 1237 pBuffer->owned_by_firmware = TRUE; 1238 *return_code = MPS_FW_DIAG_ERROR_SUCCESS; 1239 status = MPS_DIAG_SUCCESS; 1240 1241done: 1242 if (cm != NULL) 1243 mps_free_command(sc, cm); 1244 return (status); 1245} 1246 1247static int 1248mps_release_fw_diag_buffer(struct mps_softc *sc, 1249 mps_fw_diagnostic_buffer_t *pBuffer, uint32_t *return_code, 1250 uint32_t diag_type) 1251{ 1252 MPI2_DIAG_RELEASE_REQUEST *req; 1253 MPI2_DIAG_RELEASE_REPLY *reply = NULL; 1254 struct mps_command *cm = NULL; 1255 int status; 1256 1257 /* 1258 * If buffer is not enabled, just leave. 1259 */ 1260 *return_code = MPS_FW_DIAG_ERROR_RELEASE_FAILED; 1261 if (!pBuffer->enabled) { 1262 mps_dprint(sc, MPS_USER, "%s: This buffer type is not " 1263 "supported by the IOC", __func__); 1264 return (MPS_DIAG_FAILURE); 1265 } 1266 1267 /* 1268 * Clear some flags initially. 1269 */ 1270 pBuffer->force_release = FALSE; 1271 pBuffer->valid_data = FALSE; 1272 pBuffer->owned_by_firmware = FALSE; 1273 1274 /* 1275 * Get a command. 1276 */ 1277 cm = mps_alloc_command(sc); 1278 if (cm == NULL) { 1279 mps_printf(sc, "%s: no mps requests\n", __func__); 1280 return (MPS_DIAG_FAILURE); 1281 } 1282 1283 /* 1284 * Build the request for releasing the FW Diag Buffer and send it. 1285 */ 1286 req = (MPI2_DIAG_RELEASE_REQUEST *)cm->cm_req; 1287 req->Function = MPI2_FUNCTION_DIAG_RELEASE; 1288 req->BufferType = pBuffer->buffer_type; 1289 cm->cm_data = NULL; 1290 cm->cm_length = 0; 1291 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 1292 cm->cm_complete_data = NULL; 1293 1294 /* 1295 * Send command synchronously. 1296 */ 1297 status = mps_wait_command(sc, &cm, 30, CAN_SLEEP); 1298 if (status || (cm == NULL)) { 1299 mps_printf(sc, "%s: invalid request: error %d\n", __func__, 1300 status); 1301 status = MPS_DIAG_FAILURE; 1302 goto done; 1303 } 1304 1305 /* 1306 * Process RELEASE reply. 1307 */ 1308 reply = (MPI2_DIAG_RELEASE_REPLY *)cm->cm_reply; 1309 if (reply == NULL) { 1310 mps_printf(sc, "%s: reply is NULL, probably due to " 1311 "reinitialization\n", __func__); 1312 status = MPS_DIAG_FAILURE; 1313 goto done; 1314 } 1315 if (((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 1316 MPI2_IOCSTATUS_SUCCESS) || pBuffer->owned_by_firmware) { 1317 status = MPS_DIAG_FAILURE; 1318 mps_dprint(sc, MPS_FAULT, "%s: release of FW Diag Buffer " 1319 "failed with IOCStatus = 0x%x and IOCLogInfo = 0x%x\n", 1320 __func__, le16toh(reply->IOCStatus), 1321 le32toh(reply->IOCLogInfo)); 1322 goto done; 1323 } 1324 1325 /* 1326 * Release was successful. 1327 */ 1328 *return_code = MPS_FW_DIAG_ERROR_SUCCESS; 1329 status = MPS_DIAG_SUCCESS; 1330 1331 /* 1332 * If this was for an UNREGISTER diag type command, clear the unique ID. 1333 */ 1334 if (diag_type == MPS_FW_DIAG_TYPE_UNREGISTER) { 1335 pBuffer->unique_id = MPS_FW_DIAG_INVALID_UID; 1336 } 1337 1338done: 1339 if (cm != NULL) 1340 mps_free_command(sc, cm); 1341 1342 return (status); 1343} 1344 1345static int 1346mps_diag_register(struct mps_softc *sc, mps_fw_diag_register_t *diag_register, 1347 uint32_t *return_code) 1348{ 1349 mps_fw_diagnostic_buffer_t *pBuffer; 1350 struct mps_busdma_context *ctx; 1351 uint8_t extended_type, buffer_type, i; 1352 uint32_t buffer_size; 1353 uint32_t unique_id; 1354 int status; 1355 int error; 1356 1357 extended_type = diag_register->ExtendedType; 1358 buffer_type = diag_register->BufferType; 1359 buffer_size = diag_register->RequestedBufferSize; 1360 unique_id = diag_register->UniqueId; 1361 ctx = NULL; 1362 error = 0; 1363 1364 /* 1365 * Check for valid buffer type 1366 */ 1367 if (buffer_type >= MPI2_DIAG_BUF_TYPE_COUNT) { 1368 *return_code = MPS_FW_DIAG_ERROR_INVALID_PARAMETER; 1369 return (MPS_DIAG_FAILURE); 1370 } 1371 1372 /* 1373 * Get the current buffer and look up the unique ID. The unique ID 1374 * should not be found. If it is, the ID is already in use. 1375 */ 1376 i = mps_get_fw_diag_buffer_number(sc, unique_id); 1377 pBuffer = &sc->fw_diag_buffer_list[buffer_type]; 1378 if (i != MPS_FW_DIAGNOSTIC_UID_NOT_FOUND) { 1379 *return_code = MPS_FW_DIAG_ERROR_INVALID_UID; 1380 return (MPS_DIAG_FAILURE); 1381 } 1382 1383 /* 1384 * The buffer's unique ID should not be registered yet, and the given 1385 * unique ID cannot be 0. 1386 */ 1387 if ((pBuffer->unique_id != MPS_FW_DIAG_INVALID_UID) || 1388 (unique_id == MPS_FW_DIAG_INVALID_UID)) { 1389 *return_code = MPS_FW_DIAG_ERROR_INVALID_UID; 1390 return (MPS_DIAG_FAILURE); 1391 } 1392 1393 /* 1394 * If this buffer is already posted as immediate, just change owner. 1395 */ 1396 if (pBuffer->immediate && pBuffer->owned_by_firmware && 1397 (pBuffer->unique_id == MPS_FW_DIAG_INVALID_UID)) { 1398 pBuffer->immediate = FALSE; 1399 pBuffer->unique_id = unique_id; 1400 return (MPS_DIAG_SUCCESS); 1401 } 1402 1403 /* 1404 * Post a new buffer after checking if it's enabled. The DMA buffer 1405 * that is allocated will be contiguous (nsegments = 1). 1406 */ 1407 if (!pBuffer->enabled) { 1408 *return_code = MPS_FW_DIAG_ERROR_NO_BUFFER; 1409 return (MPS_DIAG_FAILURE); 1410 } 1411 if (bus_dma_tag_create( sc->mps_parent_dmat, /* parent */ 1412 1, 0, /* algnmnt, boundary */ 1413 BUS_SPACE_MAXADDR_32BIT,/* lowaddr */ 1414 BUS_SPACE_MAXADDR, /* highaddr */ 1415 NULL, NULL, /* filter, filterarg */ 1416 buffer_size, /* maxsize */ 1417 1, /* nsegments */ 1418 buffer_size, /* maxsegsize */ 1419 0, /* flags */ 1420 NULL, NULL, /* lockfunc, lockarg */ 1421 &sc->fw_diag_dmat)) { 1422 mps_dprint(sc, MPS_ERROR, 1423 "Cannot allocate FW diag buffer DMA tag\n"); 1424 *return_code = MPS_FW_DIAG_ERROR_NO_BUFFER; 1425 status = MPS_DIAG_FAILURE; 1426 goto bailout; 1427 } 1428 if (bus_dmamem_alloc(sc->fw_diag_dmat, (void **)&sc->fw_diag_buffer, 1429 BUS_DMA_NOWAIT, &sc->fw_diag_map)) { 1430 mps_dprint(sc, MPS_ERROR, 1431 "Cannot allocate FW diag buffer memory\n"); 1432 *return_code = MPS_FW_DIAG_ERROR_NO_BUFFER; 1433 status = MPS_DIAG_FAILURE; 1434 goto bailout; 1435 } 1436 bzero(sc->fw_diag_buffer, buffer_size); 1437 1438 ctx = malloc(sizeof(*ctx), M_MPSUSER, M_WAITOK | M_ZERO); 1439 ctx->addr = &sc->fw_diag_busaddr; 1440 ctx->buffer_dmat = sc->fw_diag_dmat; 1441 ctx->buffer_dmamap = sc->fw_diag_map; 1442 ctx->softc = sc; 1443 error = bus_dmamap_load(sc->fw_diag_dmat, sc->fw_diag_map, 1444 sc->fw_diag_buffer, buffer_size, mps_memaddr_wait_cb, 1445 ctx, 0); 1446 1447 if (error == EINPROGRESS) { 1448 1449 /* XXX KDM */ 1450 device_printf(sc->mps_dev, "%s: Deferred bus_dmamap_load\n", 1451 __func__); 1452 /* 1453 * Wait for the load to complete. If we're interrupted, 1454 * bail out. 1455 */ 1456 mps_lock(sc); 1457 if (ctx->completed == 0) { 1458 error = msleep(ctx, &sc->mps_mtx, PCATCH, "mpswait", 0); 1459 if (error != 0) { 1460 /* 1461 * We got an error from msleep(9). This is 1462 * most likely due to a signal. Tell 1463 * mpr_memaddr_wait_cb() that we've abandoned 1464 * the context, so it needs to clean up when 1465 * it is called. 1466 */ 1467 ctx->abandoned = 1; 1468 1469 /* The callback will free this memory */ 1470 ctx = NULL; 1471 mps_unlock(sc); 1472 1473 device_printf(sc->mps_dev, "Cannot " 1474 "bus_dmamap_load FW diag buffer, error = " 1475 "%d returned from msleep\n", error); 1476 *return_code = MPS_FW_DIAG_ERROR_NO_BUFFER; 1477 status = MPS_DIAG_FAILURE; 1478 goto bailout; 1479 } 1480 } 1481 mps_unlock(sc); 1482 } 1483 1484 if ((error != 0) || (ctx->error != 0)) { 1485 device_printf(sc->mps_dev, "Cannot bus_dmamap_load FW diag " 1486 "buffer, %serror = %d\n", error ? "" : "callback ", 1487 error ? error : ctx->error); 1488 *return_code = MPS_FW_DIAG_ERROR_NO_BUFFER; 1489 status = MPS_DIAG_FAILURE; 1490 goto bailout; 1491 } 1492 1493 bus_dmamap_sync(sc->fw_diag_dmat, sc->fw_diag_map, BUS_DMASYNC_PREREAD); 1494 1495 pBuffer->size = buffer_size; 1496 1497 /* 1498 * Copy the given info to the diag buffer and post the buffer. 1499 */ 1500 pBuffer->buffer_type = buffer_type; 1501 pBuffer->immediate = FALSE; 1502 if (buffer_type == MPI2_DIAG_BUF_TYPE_TRACE) { 1503 for (i = 0; i < (sizeof (pBuffer->product_specific) / 4); 1504 i++) { 1505 pBuffer->product_specific[i] = 1506 diag_register->ProductSpecific[i]; 1507 } 1508 } 1509 pBuffer->extended_type = extended_type; 1510 pBuffer->unique_id = unique_id; 1511 status = mps_post_fw_diag_buffer(sc, pBuffer, return_code); 1512 1513bailout: 1514 /* 1515 * In case there was a failure, free the DMA buffer. 1516 */ 1517 if (status == MPS_DIAG_FAILURE) { 1518 if (sc->fw_diag_busaddr != 0) { 1519 bus_dmamap_unload(sc->fw_diag_dmat, sc->fw_diag_map); 1520 sc->fw_diag_busaddr = 0; 1521 } 1522 if (sc->fw_diag_buffer != NULL) { 1523 bus_dmamem_free(sc->fw_diag_dmat, sc->fw_diag_buffer, 1524 sc->fw_diag_map); 1525 sc->fw_diag_buffer = NULL; 1526 } 1527 if (sc->fw_diag_dmat != NULL) { 1528 bus_dma_tag_destroy(sc->fw_diag_dmat); 1529 sc->fw_diag_dmat = NULL; 1530 } 1531 } 1532 1533 if (ctx != NULL) 1534 free(ctx, M_MPSUSER); 1535 1536 return (status); 1537} 1538 1539static int 1540mps_diag_unregister(struct mps_softc *sc, 1541 mps_fw_diag_unregister_t *diag_unregister, uint32_t *return_code) 1542{ 1543 mps_fw_diagnostic_buffer_t *pBuffer; 1544 uint8_t i; 1545 uint32_t unique_id; 1546 int status; 1547 1548 unique_id = diag_unregister->UniqueId; 1549 1550 /* 1551 * Get the current buffer and look up the unique ID. The unique ID 1552 * should be there. 1553 */ 1554 i = mps_get_fw_diag_buffer_number(sc, unique_id); 1555 if (i == MPS_FW_DIAGNOSTIC_UID_NOT_FOUND) { 1556 *return_code = MPS_FW_DIAG_ERROR_INVALID_UID; 1557 return (MPS_DIAG_FAILURE); 1558 } 1559 1560 pBuffer = &sc->fw_diag_buffer_list[i]; 1561 1562 /* 1563 * Try to release the buffer from FW before freeing it. If release 1564 * fails, don't free the DMA buffer in case FW tries to access it 1565 * later. If buffer is not owned by firmware, can't release it. 1566 */ 1567 if (!pBuffer->owned_by_firmware) { 1568 status = MPS_DIAG_SUCCESS; 1569 } else { 1570 status = mps_release_fw_diag_buffer(sc, pBuffer, return_code, 1571 MPS_FW_DIAG_TYPE_UNREGISTER); 1572 } 1573 1574 /* 1575 * At this point, return the current status no matter what happens with 1576 * the DMA buffer. 1577 */ 1578 pBuffer->unique_id = MPS_FW_DIAG_INVALID_UID; 1579 if (status == MPS_DIAG_SUCCESS) { 1580 if (sc->fw_diag_busaddr != 0) { 1581 bus_dmamap_unload(sc->fw_diag_dmat, sc->fw_diag_map); 1582 sc->fw_diag_busaddr = 0; 1583 } 1584 if (sc->fw_diag_buffer != NULL) { 1585 bus_dmamem_free(sc->fw_diag_dmat, sc->fw_diag_buffer, 1586 sc->fw_diag_map); 1587 sc->fw_diag_buffer = NULL; 1588 } 1589 if (sc->fw_diag_dmat != NULL) { 1590 bus_dma_tag_destroy(sc->fw_diag_dmat); 1591 sc->fw_diag_dmat = NULL; 1592 } 1593 } 1594 1595 return (status); 1596} 1597 1598static int 1599mps_diag_query(struct mps_softc *sc, mps_fw_diag_query_t *diag_query, 1600 uint32_t *return_code) 1601{ 1602 mps_fw_diagnostic_buffer_t *pBuffer; 1603 uint8_t i; 1604 uint32_t unique_id; 1605 1606 unique_id = diag_query->UniqueId; 1607 1608 /* 1609 * If ID is valid, query on ID. 1610 * If ID is invalid, query on buffer type. 1611 */ 1612 if (unique_id == MPS_FW_DIAG_INVALID_UID) { 1613 i = diag_query->BufferType; 1614 if (i >= MPI2_DIAG_BUF_TYPE_COUNT) { 1615 *return_code = MPS_FW_DIAG_ERROR_INVALID_UID; 1616 return (MPS_DIAG_FAILURE); 1617 } 1618 } else { 1619 i = mps_get_fw_diag_buffer_number(sc, unique_id); 1620 if (i == MPS_FW_DIAGNOSTIC_UID_NOT_FOUND) { 1621 *return_code = MPS_FW_DIAG_ERROR_INVALID_UID; 1622 return (MPS_DIAG_FAILURE); 1623 } 1624 } 1625 1626 /* 1627 * Fill query structure with the diag buffer info. 1628 */ 1629 pBuffer = &sc->fw_diag_buffer_list[i]; 1630 diag_query->BufferType = pBuffer->buffer_type; 1631 diag_query->ExtendedType = pBuffer->extended_type; 1632 if (diag_query->BufferType == MPI2_DIAG_BUF_TYPE_TRACE) { 1633 for (i = 0; i < (sizeof(diag_query->ProductSpecific) / 4); 1634 i++) { 1635 diag_query->ProductSpecific[i] = 1636 pBuffer->product_specific[i]; 1637 } 1638 } 1639 diag_query->TotalBufferSize = pBuffer->size; 1640 diag_query->DriverAddedBufferSize = 0; 1641 diag_query->UniqueId = pBuffer->unique_id; 1642 diag_query->ApplicationFlags = 0; 1643 diag_query->DiagnosticFlags = 0; 1644 1645 /* 1646 * Set/Clear application flags 1647 */ 1648 if (pBuffer->immediate) { 1649 diag_query->ApplicationFlags &= ~MPS_FW_DIAG_FLAG_APP_OWNED; 1650 } else { 1651 diag_query->ApplicationFlags |= MPS_FW_DIAG_FLAG_APP_OWNED; 1652 } 1653 if (pBuffer->valid_data || pBuffer->owned_by_firmware) { 1654 diag_query->ApplicationFlags |= MPS_FW_DIAG_FLAG_BUFFER_VALID; 1655 } else { 1656 diag_query->ApplicationFlags &= ~MPS_FW_DIAG_FLAG_BUFFER_VALID; 1657 } 1658 if (pBuffer->owned_by_firmware) { 1659 diag_query->ApplicationFlags |= 1660 MPS_FW_DIAG_FLAG_FW_BUFFER_ACCESS; 1661 } else { 1662 diag_query->ApplicationFlags &= 1663 ~MPS_FW_DIAG_FLAG_FW_BUFFER_ACCESS; 1664 } 1665 1666 return (MPS_DIAG_SUCCESS); 1667} 1668 1669static int 1670mps_diag_read_buffer(struct mps_softc *sc, 1671 mps_diag_read_buffer_t *diag_read_buffer, uint8_t *ioctl_buf, 1672 uint32_t *return_code) 1673{ 1674 mps_fw_diagnostic_buffer_t *pBuffer; 1675 uint8_t i, *pData; 1676 uint32_t unique_id; 1677 int status; 1678 1679 unique_id = diag_read_buffer->UniqueId; 1680 1681 /* 1682 * Get the current buffer and look up the unique ID. The unique ID 1683 * should be there. 1684 */ 1685 i = mps_get_fw_diag_buffer_number(sc, unique_id); 1686 if (i == MPS_FW_DIAGNOSTIC_UID_NOT_FOUND) { 1687 *return_code = MPS_FW_DIAG_ERROR_INVALID_UID; 1688 return (MPS_DIAG_FAILURE); 1689 } 1690 1691 pBuffer = &sc->fw_diag_buffer_list[i]; 1692 1693 /* 1694 * Make sure requested read is within limits 1695 */ 1696 if (diag_read_buffer->StartingOffset + diag_read_buffer->BytesToRead > 1697 pBuffer->size) { 1698 *return_code = MPS_FW_DIAG_ERROR_INVALID_PARAMETER; 1699 return (MPS_DIAG_FAILURE); 1700 } 1701 1702 /* Sync the DMA map before we copy to userland. */ 1703 bus_dmamap_sync(sc->fw_diag_dmat, sc->fw_diag_map, 1704 BUS_DMASYNC_POSTREAD); 1705 1706 /* 1707 * Copy the requested data from DMA to the diag_read_buffer. The DMA 1708 * buffer that was allocated is one contiguous buffer. 1709 */ 1710 pData = (uint8_t *)(sc->fw_diag_buffer + 1711 diag_read_buffer->StartingOffset); 1712 if (copyout(pData, ioctl_buf, diag_read_buffer->BytesToRead) != 0) 1713 return (MPS_DIAG_FAILURE); 1714 diag_read_buffer->Status = 0; 1715 1716 /* 1717 * Set or clear the Force Release flag. 1718 */ 1719 if (pBuffer->force_release) { 1720 diag_read_buffer->Flags |= MPS_FW_DIAG_FLAG_FORCE_RELEASE; 1721 } else { 1722 diag_read_buffer->Flags &= ~MPS_FW_DIAG_FLAG_FORCE_RELEASE; 1723 } 1724 1725 /* 1726 * If buffer is to be reregistered, make sure it's not already owned by 1727 * firmware first. 1728 */ 1729 status = MPS_DIAG_SUCCESS; 1730 if (!pBuffer->owned_by_firmware) { 1731 if (diag_read_buffer->Flags & MPS_FW_DIAG_FLAG_REREGISTER) { 1732 status = mps_post_fw_diag_buffer(sc, pBuffer, 1733 return_code); 1734 } 1735 } 1736 1737 return (status); 1738} 1739 1740static int 1741mps_diag_release(struct mps_softc *sc, mps_fw_diag_release_t *diag_release, 1742 uint32_t *return_code) 1743{ 1744 mps_fw_diagnostic_buffer_t *pBuffer; 1745 uint8_t i; 1746 uint32_t unique_id; 1747 int status; 1748 1749 unique_id = diag_release->UniqueId; 1750 1751 /* 1752 * Get the current buffer and look up the unique ID. The unique ID 1753 * should be there. 1754 */ 1755 i = mps_get_fw_diag_buffer_number(sc, unique_id); 1756 if (i == MPS_FW_DIAGNOSTIC_UID_NOT_FOUND) { 1757 *return_code = MPS_FW_DIAG_ERROR_INVALID_UID; 1758 return (MPS_DIAG_FAILURE); 1759 } 1760 1761 pBuffer = &sc->fw_diag_buffer_list[i]; 1762 1763 /* 1764 * If buffer is not owned by firmware, it's already been released. 1765 */ 1766 if (!pBuffer->owned_by_firmware) { 1767 *return_code = MPS_FW_DIAG_ERROR_ALREADY_RELEASED; 1768 return (MPS_DIAG_FAILURE); 1769 } 1770 1771 /* 1772 * Release the buffer. 1773 */ 1774 status = mps_release_fw_diag_buffer(sc, pBuffer, return_code, 1775 MPS_FW_DIAG_TYPE_RELEASE); 1776 return (status); 1777} 1778 1779static int 1780mps_do_diag_action(struct mps_softc *sc, uint32_t action, uint8_t *diag_action, 1781 uint32_t length, uint32_t *return_code) 1782{ 1783 mps_fw_diag_register_t diag_register; 1784 mps_fw_diag_unregister_t diag_unregister; 1785 mps_fw_diag_query_t diag_query; 1786 mps_diag_read_buffer_t diag_read_buffer; 1787 mps_fw_diag_release_t diag_release; 1788 int status = MPS_DIAG_SUCCESS; 1789 uint32_t original_return_code; 1790 1791 original_return_code = *return_code; 1792 *return_code = MPS_FW_DIAG_ERROR_SUCCESS; 1793 1794 switch (action) { 1795 case MPS_FW_DIAG_TYPE_REGISTER: 1796 if (!length) { 1797 *return_code = 1798 MPS_FW_DIAG_ERROR_INVALID_PARAMETER; 1799 status = MPS_DIAG_FAILURE; 1800 break; 1801 } 1802 if (copyin(diag_action, &diag_register, 1803 sizeof(diag_register)) != 0) 1804 return (MPS_DIAG_FAILURE); 1805 status = mps_diag_register(sc, &diag_register, 1806 return_code); 1807 break; 1808 1809 case MPS_FW_DIAG_TYPE_UNREGISTER: 1810 if (length < sizeof(diag_unregister)) { 1811 *return_code = 1812 MPS_FW_DIAG_ERROR_INVALID_PARAMETER; 1813 status = MPS_DIAG_FAILURE; 1814 break; 1815 } 1816 if (copyin(diag_action, &diag_unregister, 1817 sizeof(diag_unregister)) != 0) 1818 return (MPS_DIAG_FAILURE); 1819 status = mps_diag_unregister(sc, &diag_unregister, 1820 return_code); 1821 break; 1822 1823 case MPS_FW_DIAG_TYPE_QUERY: 1824 if (length < sizeof (diag_query)) { 1825 *return_code = 1826 MPS_FW_DIAG_ERROR_INVALID_PARAMETER; 1827 status = MPS_DIAG_FAILURE; 1828 break; 1829 } 1830 if (copyin(diag_action, &diag_query, sizeof(diag_query)) 1831 != 0) 1832 return (MPS_DIAG_FAILURE); 1833 status = mps_diag_query(sc, &diag_query, return_code); 1834 if (status == MPS_DIAG_SUCCESS) 1835 if (copyout(&diag_query, diag_action, 1836 sizeof (diag_query)) != 0) 1837 return (MPS_DIAG_FAILURE); 1838 break; 1839 1840 case MPS_FW_DIAG_TYPE_READ_BUFFER: 1841 if (copyin(diag_action, &diag_read_buffer, 1842 sizeof(diag_read_buffer)) != 0) 1843 return (MPS_DIAG_FAILURE); 1844 if (length < diag_read_buffer.BytesToRead) { 1845 *return_code = 1846 MPS_FW_DIAG_ERROR_INVALID_PARAMETER; 1847 status = MPS_DIAG_FAILURE; 1848 break; 1849 } 1850 status = mps_diag_read_buffer(sc, &diag_read_buffer, 1851 PTRIN(diag_read_buffer.PtrDataBuffer), 1852 return_code); 1853 if (status == MPS_DIAG_SUCCESS) { 1854 if (copyout(&diag_read_buffer, diag_action, 1855 sizeof(diag_read_buffer) - 1856 sizeof(diag_read_buffer.PtrDataBuffer)) != 1857 0) 1858 return (MPS_DIAG_FAILURE); 1859 } 1860 break; 1861 1862 case MPS_FW_DIAG_TYPE_RELEASE: 1863 if (length < sizeof(diag_release)) { 1864 *return_code = 1865 MPS_FW_DIAG_ERROR_INVALID_PARAMETER; 1866 status = MPS_DIAG_FAILURE; 1867 break; 1868 } 1869 if (copyin(diag_action, &diag_release, 1870 sizeof(diag_release)) != 0) 1871 return (MPS_DIAG_FAILURE); 1872 status = mps_diag_release(sc, &diag_release, 1873 return_code); 1874 break; 1875 1876 default: 1877 *return_code = MPS_FW_DIAG_ERROR_INVALID_PARAMETER; 1878 status = MPS_DIAG_FAILURE; 1879 break; 1880 } 1881 1882 if ((status == MPS_DIAG_FAILURE) && 1883 (original_return_code == MPS_FW_DIAG_NEW) && 1884 (*return_code != MPS_FW_DIAG_ERROR_SUCCESS)) 1885 status = MPS_DIAG_SUCCESS; 1886 1887 return (status); 1888} 1889 1890static int 1891mps_user_diag_action(struct mps_softc *sc, mps_diag_action_t *data) 1892{ 1893 int status; 1894 1895 /* 1896 * Only allow one diag action at one time. 1897 */ 1898 if (sc->mps_flags & MPS_FLAGS_BUSY) { 1899 mps_dprint(sc, MPS_USER, "%s: Only one FW diag command " 1900 "allowed at a single time.", __func__); 1901 return (EBUSY); 1902 } 1903 sc->mps_flags |= MPS_FLAGS_BUSY; 1904 1905 /* 1906 * Send diag action request 1907 */ 1908 if (data->Action == MPS_FW_DIAG_TYPE_REGISTER || 1909 data->Action == MPS_FW_DIAG_TYPE_UNREGISTER || 1910 data->Action == MPS_FW_DIAG_TYPE_QUERY || 1911 data->Action == MPS_FW_DIAG_TYPE_READ_BUFFER || 1912 data->Action == MPS_FW_DIAG_TYPE_RELEASE) { 1913 status = mps_do_diag_action(sc, data->Action, 1914 PTRIN(data->PtrDiagAction), data->Length, 1915 &data->ReturnCode); 1916 } else 1917 status = EINVAL; 1918 1919 sc->mps_flags &= ~MPS_FLAGS_BUSY; 1920 return (status); 1921} 1922 1923/* 1924 * Copy the event recording mask and the event queue size out. For 1925 * clarification, the event recording mask (events_to_record) is not the same 1926 * thing as the event mask (event_mask). events_to_record has a bit set for 1927 * every event type that is to be recorded by the driver, and event_mask has a 1928 * bit cleared for every event that is allowed into the driver from the IOC. 1929 * They really have nothing to do with each other. 1930 */ 1931static void 1932mps_user_event_query(struct mps_softc *sc, mps_event_query_t *data) 1933{ 1934 uint8_t i; 1935 1936 mps_lock(sc); 1937 data->Entries = MPS_EVENT_QUEUE_SIZE; 1938 1939 for (i = 0; i < 4; i++) { 1940 data->Types[i] = sc->events_to_record[i]; 1941 } 1942 mps_unlock(sc); 1943} 1944 1945/* 1946 * Set the driver's event mask according to what's been given. See 1947 * mps_user_event_query for explanation of the event recording mask and the IOC 1948 * event mask. It's the app's responsibility to enable event logging by setting 1949 * the bits in events_to_record. Initially, no events will be logged. 1950 */ 1951static void 1952mps_user_event_enable(struct mps_softc *sc, mps_event_enable_t *data) 1953{ 1954 uint8_t i; 1955 1956 mps_lock(sc); 1957 for (i = 0; i < 4; i++) { 1958 sc->events_to_record[i] = data->Types[i]; 1959 } 1960 mps_unlock(sc); 1961} 1962 1963/* 1964 * Copy out the events that have been recorded, up to the max events allowed. 1965 */ 1966static int 1967mps_user_event_report(struct mps_softc *sc, mps_event_report_t *data) 1968{ 1969 int status = 0; 1970 uint32_t size; 1971 1972 mps_lock(sc); 1973 size = data->Size; 1974 if ((size >= sizeof(sc->recorded_events)) && (status == 0)) { 1975 mps_unlock(sc); 1976 if (copyout((void *)sc->recorded_events, 1977 PTRIN(data->PtrEvents), size) != 0) 1978 status = EFAULT; 1979 mps_lock(sc); 1980 } else { 1981 /* 1982 * data->Size value is not large enough to copy event data. 1983 */ 1984 status = EFAULT; 1985 } 1986 1987 /* 1988 * Change size value to match the number of bytes that were copied. 1989 */ 1990 if (status == 0) 1991 data->Size = sizeof(sc->recorded_events); 1992 mps_unlock(sc); 1993 1994 return (status); 1995} 1996 1997/* 1998 * Record events into the driver from the IOC if they are not masked. 1999 */ 2000void 2001mpssas_record_event(struct mps_softc *sc, 2002 MPI2_EVENT_NOTIFICATION_REPLY *event_reply) 2003{ 2004 uint32_t event; 2005 int i, j; 2006 uint16_t event_data_len; 2007 boolean_t sendAEN = FALSE; 2008 2009 event = event_reply->Event; 2010 2011 /* 2012 * Generate a system event to let anyone who cares know that a 2013 * LOG_ENTRY_ADDED event has occurred. This is sent no matter what the 2014 * event mask is set to. 2015 */ 2016 if (event == MPI2_EVENT_LOG_ENTRY_ADDED) { 2017 sendAEN = TRUE; 2018 } 2019 2020 /* 2021 * Record the event only if its corresponding bit is set in 2022 * events_to_record. event_index is the index into recorded_events and 2023 * event_number is the overall number of an event being recorded since 2024 * start-of-day. event_index will roll over; event_number will never 2025 * roll over. 2026 */ 2027 i = (uint8_t)(event / 32); 2028 j = (uint8_t)(event % 32); 2029 if ((i < 4) && ((1 << j) & sc->events_to_record[i])) { 2030 i = sc->event_index; 2031 sc->recorded_events[i].Type = event; 2032 sc->recorded_events[i].Number = ++sc->event_number; 2033 bzero(sc->recorded_events[i].Data, MPS_MAX_EVENT_DATA_LENGTH * 2034 4); 2035 event_data_len = event_reply->EventDataLength; 2036 2037 if (event_data_len > 0) { 2038 /* 2039 * Limit data to size in m_event entry 2040 */ 2041 if (event_data_len > MPS_MAX_EVENT_DATA_LENGTH) { 2042 event_data_len = MPS_MAX_EVENT_DATA_LENGTH; 2043 } 2044 for (j = 0; j < event_data_len; j++) { 2045 sc->recorded_events[i].Data[j] = 2046 event_reply->EventData[j]; 2047 } 2048 2049 /* 2050 * check for index wrap-around 2051 */ 2052 if (++i == MPS_EVENT_QUEUE_SIZE) { 2053 i = 0; 2054 } 2055 sc->event_index = (uint8_t)i; 2056 2057 /* 2058 * Set flag to send the event. 2059 */ 2060 sendAEN = TRUE; 2061 } 2062 } 2063 2064 /* 2065 * Generate a system event if flag is set to let anyone who cares know 2066 * that an event has occurred. 2067 */ 2068 if (sendAEN) { 2069//SLM-how to send a system event (see kqueue, kevent) 2070// (void) ddi_log_sysevent(mpt->m_dip, DDI_VENDOR_LSI, "MPT_SAS", 2071// "SAS", NULL, NULL, DDI_NOSLEEP); 2072 } 2073} 2074 2075static int 2076mps_user_reg_access(struct mps_softc *sc, mps_reg_access_t *data) 2077{ 2078 int status = 0; 2079 2080 switch (data->Command) { 2081 /* 2082 * IO access is not supported. 2083 */ 2084 case REG_IO_READ: 2085 case REG_IO_WRITE: 2086 mps_dprint(sc, MPS_USER, "IO access is not supported. " 2087 "Use memory access."); 2088 status = EINVAL; 2089 break; 2090 2091 case REG_MEM_READ: 2092 data->RegData = mps_regread(sc, data->RegOffset); 2093 break; 2094 2095 case REG_MEM_WRITE: 2096 mps_regwrite(sc, data->RegOffset, data->RegData); 2097 break; 2098 2099 default: 2100 status = EINVAL; 2101 break; 2102 } 2103 2104 return (status); 2105} 2106 2107static int 2108mps_user_btdh(struct mps_softc *sc, mps_btdh_mapping_t *data) 2109{ 2110 uint8_t bt2dh = FALSE; 2111 uint8_t dh2bt = FALSE; 2112 uint16_t dev_handle, bus, target; 2113 2114 bus = data->Bus; 2115 target = data->TargetID; 2116 dev_handle = data->DevHandle; 2117 2118 /* 2119 * When DevHandle is 0xFFFF and Bus/Target are not 0xFFFF, use Bus/ 2120 * Target to get DevHandle. When Bus/Target are 0xFFFF and DevHandle is 2121 * not 0xFFFF, use DevHandle to get Bus/Target. Anything else is 2122 * invalid. 2123 */ 2124 if ((bus == 0xFFFF) && (target == 0xFFFF) && (dev_handle != 0xFFFF)) 2125 dh2bt = TRUE; 2126 if ((dev_handle == 0xFFFF) && (bus != 0xFFFF) && (target != 0xFFFF)) 2127 bt2dh = TRUE; 2128 if (!dh2bt && !bt2dh) 2129 return (EINVAL); 2130 2131 /* 2132 * Only handle bus of 0. Make sure target is within range. 2133 */ 2134 if (bt2dh) { 2135 if (bus != 0) 2136 return (EINVAL); 2137 2138 if (target >= sc->max_devices) { 2139 mps_dprint(sc, MPS_FAULT, "Target ID is out of range " 2140 "for Bus/Target to DevHandle mapping."); 2141 return (EINVAL); 2142 } 2143 dev_handle = sc->mapping_table[target].dev_handle; 2144 if (dev_handle) 2145 data->DevHandle = dev_handle; 2146 } else { 2147 bus = 0; 2148 target = mps_mapping_get_tid_from_handle(sc, dev_handle); 2149 data->Bus = bus; 2150 data->TargetID = target; 2151 } 2152 2153 return (0); 2154} 2155 2156static int 2157mps_ioctl(struct cdev *dev, u_long cmd, void *arg, int flag, 2158 struct thread *td) 2159{ 2160 struct mps_softc *sc; 2161 struct mps_cfg_page_req *page_req; 2162 struct mps_ext_cfg_page_req *ext_page_req; 2163 void *mps_page; 2164 int error, msleep_ret; 2165 2166 mps_page = NULL; 2167 sc = dev->si_drv1; 2168 page_req = (void *)arg; 2169 ext_page_req = (void *)arg; 2170 2171 switch (cmd) { 2172 case MPSIO_READ_CFG_HEADER: 2173 mps_lock(sc); 2174 error = mps_user_read_cfg_header(sc, page_req); 2175 mps_unlock(sc); 2176 break; 2177 case MPSIO_READ_CFG_PAGE: 2178 mps_page = malloc(page_req->len, M_MPSUSER, M_WAITOK | M_ZERO); 2179 error = copyin(page_req->buf, mps_page, 2180 sizeof(MPI2_CONFIG_PAGE_HEADER)); 2181 if (error) 2182 break; 2183 mps_lock(sc); 2184 error = mps_user_read_cfg_page(sc, page_req, mps_page); 2185 mps_unlock(sc); 2186 if (error) 2187 break; 2188 error = copyout(mps_page, page_req->buf, page_req->len); 2189 break; 2190 case MPSIO_READ_EXT_CFG_HEADER: 2191 mps_lock(sc); 2192 error = mps_user_read_extcfg_header(sc, ext_page_req); 2193 mps_unlock(sc); 2194 break; 2195 case MPSIO_READ_EXT_CFG_PAGE: 2196 mps_page = malloc(ext_page_req->len, M_MPSUSER, M_WAITOK|M_ZERO); 2197 error = copyin(ext_page_req->buf, mps_page, 2198 sizeof(MPI2_CONFIG_EXTENDED_PAGE_HEADER)); 2199 if (error) 2200 break; 2201 mps_lock(sc); 2202 error = mps_user_read_extcfg_page(sc, ext_page_req, mps_page); 2203 mps_unlock(sc); 2204 if (error) 2205 break; 2206 error = copyout(mps_page, ext_page_req->buf, ext_page_req->len); 2207 break; 2208 case MPSIO_WRITE_CFG_PAGE: 2209 mps_page = malloc(page_req->len, M_MPSUSER, M_WAITOK|M_ZERO); 2210 error = copyin(page_req->buf, mps_page, page_req->len); 2211 if (error) 2212 break; 2213 mps_lock(sc); 2214 error = mps_user_write_cfg_page(sc, page_req, mps_page); 2215 mps_unlock(sc); 2216 break; 2217 case MPSIO_MPS_COMMAND: 2218 error = mps_user_command(sc, (struct mps_usr_command *)arg); 2219 break; 2220 case MPTIOCTL_PASS_THRU: 2221 /* 2222 * The user has requested to pass through a command to be 2223 * executed by the MPT firmware. Call our routine which does 2224 * this. Only allow one passthru IOCTL at one time. 2225 */ 2226 error = mps_user_pass_thru(sc, (mps_pass_thru_t *)arg); 2227 break; 2228 case MPTIOCTL_GET_ADAPTER_DATA: 2229 /* 2230 * The user has requested to read adapter data. Call our 2231 * routine which does this. 2232 */ 2233 error = 0; 2234 mps_user_get_adapter_data(sc, (mps_adapter_data_t *)arg); 2235 break; 2236 case MPTIOCTL_GET_PCI_INFO: 2237 /* 2238 * The user has requested to read pci info. Call 2239 * our routine which does this. 2240 */ 2241 mps_lock(sc); 2242 error = 0; 2243 mps_user_read_pci_info(sc, (mps_pci_info_t *)arg); 2244 mps_unlock(sc); 2245 break; 2246 case MPTIOCTL_RESET_ADAPTER: 2247 mps_lock(sc); 2248 sc->port_enable_complete = 0; 2249 uint32_t reinit_start = time_uptime; 2250 error = mps_reinit(sc); 2251 /* Sleep for 300 second. */ 2252 msleep_ret = msleep(&sc->port_enable_complete, &sc->mps_mtx, PRIBIO, 2253 "mps_porten", 300 * hz); 2254 mps_unlock(sc); 2255 if (msleep_ret) 2256 printf("Port Enable did not complete after Diag " 2257 "Reset msleep error %d.\n", msleep_ret); 2258 else 2259 mps_dprint(sc, MPS_USER, 2260 "Hard Reset with Port Enable completed in %d seconds.\n", 2261 (uint32_t) (time_uptime - reinit_start)); 2262 break; 2263 case MPTIOCTL_DIAG_ACTION: 2264 /* 2265 * The user has done a diag buffer action. Call our routine 2266 * which does this. Only allow one diag action at one time. 2267 */ 2268 mps_lock(sc); 2269 error = mps_user_diag_action(sc, (mps_diag_action_t *)arg); 2270 mps_unlock(sc); 2271 break; 2272 case MPTIOCTL_EVENT_QUERY: 2273 /* 2274 * The user has done an event query. Call our routine which does 2275 * this. 2276 */ 2277 error = 0; 2278 mps_user_event_query(sc, (mps_event_query_t *)arg); 2279 break; 2280 case MPTIOCTL_EVENT_ENABLE: 2281 /* 2282 * The user has done an event enable. Call our routine which 2283 * does this. 2284 */ 2285 error = 0; 2286 mps_user_event_enable(sc, (mps_event_enable_t *)arg); 2287 break; 2288 case MPTIOCTL_EVENT_REPORT: 2289 /* 2290 * The user has done an event report. Call our routine which 2291 * does this. 2292 */ 2293 error = mps_user_event_report(sc, (mps_event_report_t *)arg); 2294 break; 2295 case MPTIOCTL_REG_ACCESS: 2296 /* 2297 * The user has requested register access. Call our routine 2298 * which does this. 2299 */ 2300 mps_lock(sc); 2301 error = mps_user_reg_access(sc, (mps_reg_access_t *)arg); 2302 mps_unlock(sc); 2303 break; 2304 case MPTIOCTL_BTDH_MAPPING: 2305 /* 2306 * The user has requested to translate a bus/target to a 2307 * DevHandle or a DevHandle to a bus/target. Call our routine 2308 * which does this. 2309 */ 2310 error = mps_user_btdh(sc, (mps_btdh_mapping_t *)arg); 2311 break; 2312 default: 2313 error = ENOIOCTL; 2314 break; 2315 } 2316 2317 if (mps_page != NULL) 2318 free(mps_page, M_MPSUSER); 2319 2320 return (error); 2321} 2322 2323#ifdef COMPAT_FREEBSD32 2324 2325struct mps_cfg_page_req32 { 2326 MPI2_CONFIG_PAGE_HEADER header; 2327 uint32_t page_address; 2328 uint32_t buf; 2329 int len; 2330 uint16_t ioc_status; 2331}; 2332 2333struct mps_ext_cfg_page_req32 { 2334 MPI2_CONFIG_EXTENDED_PAGE_HEADER header; 2335 uint32_t page_address; 2336 uint32_t buf; 2337 int len; 2338 uint16_t ioc_status; 2339}; 2340 2341struct mps_raid_action32 { 2342 uint8_t action; 2343 uint8_t volume_bus; 2344 uint8_t volume_id; 2345 uint8_t phys_disk_num; 2346 uint32_t action_data_word; 2347 uint32_t buf; 2348 int len; 2349 uint32_t volume_status; 2350 uint32_t action_data[4]; 2351 uint16_t action_status; 2352 uint16_t ioc_status; 2353 uint8_t write; 2354}; 2355 2356struct mps_usr_command32 { 2357 uint32_t req; 2358 uint32_t req_len; 2359 uint32_t rpl; 2360 uint32_t rpl_len; 2361 uint32_t buf; 2362 int len; 2363 uint32_t flags; 2364}; 2365 2366#define MPSIO_READ_CFG_HEADER32 _IOWR('M', 200, struct mps_cfg_page_req32) 2367#define MPSIO_READ_CFG_PAGE32 _IOWR('M', 201, struct mps_cfg_page_req32) 2368#define MPSIO_READ_EXT_CFG_HEADER32 _IOWR('M', 202, struct mps_ext_cfg_page_req32) 2369#define MPSIO_READ_EXT_CFG_PAGE32 _IOWR('M', 203, struct mps_ext_cfg_page_req32) 2370#define MPSIO_WRITE_CFG_PAGE32 _IOWR('M', 204, struct mps_cfg_page_req32) 2371#define MPSIO_RAID_ACTION32 _IOWR('M', 205, struct mps_raid_action32) 2372#define MPSIO_MPS_COMMAND32 _IOWR('M', 210, struct mps_usr_command32) 2373 2374static int 2375mps_ioctl32(struct cdev *dev, u_long cmd32, void *_arg, int flag, 2376 struct thread *td) 2377{ 2378 struct mps_cfg_page_req32 *page32 = _arg; 2379 struct mps_ext_cfg_page_req32 *ext32 = _arg; 2380 struct mps_raid_action32 *raid32 = _arg; 2381 struct mps_usr_command32 *user32 = _arg; 2382 union { 2383 struct mps_cfg_page_req page; 2384 struct mps_ext_cfg_page_req ext; 2385 struct mps_raid_action raid; 2386 struct mps_usr_command user; 2387 } arg; 2388 u_long cmd; 2389 int error; 2390 2391 switch (cmd32) { 2392 case MPSIO_READ_CFG_HEADER32: 2393 case MPSIO_READ_CFG_PAGE32: 2394 case MPSIO_WRITE_CFG_PAGE32: 2395 if (cmd32 == MPSIO_READ_CFG_HEADER32) 2396 cmd = MPSIO_READ_CFG_HEADER; 2397 else if (cmd32 == MPSIO_READ_CFG_PAGE32) 2398 cmd = MPSIO_READ_CFG_PAGE; 2399 else 2400 cmd = MPSIO_WRITE_CFG_PAGE; 2401 CP(*page32, arg.page, header); 2402 CP(*page32, arg.page, page_address); 2403 PTRIN_CP(*page32, arg.page, buf); 2404 CP(*page32, arg.page, len); 2405 CP(*page32, arg.page, ioc_status); 2406 break; 2407 2408 case MPSIO_READ_EXT_CFG_HEADER32: 2409 case MPSIO_READ_EXT_CFG_PAGE32: 2410 if (cmd32 == MPSIO_READ_EXT_CFG_HEADER32) 2411 cmd = MPSIO_READ_EXT_CFG_HEADER; 2412 else 2413 cmd = MPSIO_READ_EXT_CFG_PAGE; 2414 CP(*ext32, arg.ext, header); 2415 CP(*ext32, arg.ext, page_address); 2416 PTRIN_CP(*ext32, arg.ext, buf); 2417 CP(*ext32, arg.ext, len); 2418 CP(*ext32, arg.ext, ioc_status); 2419 break; 2420 2421 case MPSIO_RAID_ACTION32: 2422 cmd = MPSIO_RAID_ACTION; 2423 CP(*raid32, arg.raid, action); 2424 CP(*raid32, arg.raid, volume_bus); 2425 CP(*raid32, arg.raid, volume_id); 2426 CP(*raid32, arg.raid, phys_disk_num); 2427 CP(*raid32, arg.raid, action_data_word); 2428 PTRIN_CP(*raid32, arg.raid, buf); 2429 CP(*raid32, arg.raid, len); 2430 CP(*raid32, arg.raid, volume_status); 2431 bcopy(raid32->action_data, arg.raid.action_data, 2432 sizeof arg.raid.action_data); 2433 CP(*raid32, arg.raid, ioc_status); 2434 CP(*raid32, arg.raid, write); 2435 break; 2436 2437 case MPSIO_MPS_COMMAND32: 2438 cmd = MPSIO_MPS_COMMAND; 2439 PTRIN_CP(*user32, arg.user, req); 2440 CP(*user32, arg.user, req_len); 2441 PTRIN_CP(*user32, arg.user, rpl); 2442 CP(*user32, arg.user, rpl_len); 2443 PTRIN_CP(*user32, arg.user, buf); 2444 CP(*user32, arg.user, len); 2445 CP(*user32, arg.user, flags); 2446 break; 2447 default: 2448 return (ENOIOCTL); 2449 } 2450 2451 error = mps_ioctl(dev, cmd, &arg, flag, td); 2452 if (error == 0 && (cmd32 & IOC_OUT) != 0) { 2453 switch (cmd32) { 2454 case MPSIO_READ_CFG_HEADER32: 2455 case MPSIO_READ_CFG_PAGE32: 2456 case MPSIO_WRITE_CFG_PAGE32: 2457 CP(arg.page, *page32, header); 2458 CP(arg.page, *page32, page_address); 2459 PTROUT_CP(arg.page, *page32, buf); 2460 CP(arg.page, *page32, len); 2461 CP(arg.page, *page32, ioc_status); 2462 break; 2463 2464 case MPSIO_READ_EXT_CFG_HEADER32: 2465 case MPSIO_READ_EXT_CFG_PAGE32: 2466 CP(arg.ext, *ext32, header); 2467 CP(arg.ext, *ext32, page_address); 2468 PTROUT_CP(arg.ext, *ext32, buf); 2469 CP(arg.ext, *ext32, len); 2470 CP(arg.ext, *ext32, ioc_status); 2471 break; 2472 2473 case MPSIO_RAID_ACTION32: 2474 CP(arg.raid, *raid32, action); 2475 CP(arg.raid, *raid32, volume_bus); 2476 CP(arg.raid, *raid32, volume_id); 2477 CP(arg.raid, *raid32, phys_disk_num); 2478 CP(arg.raid, *raid32, action_data_word); 2479 PTROUT_CP(arg.raid, *raid32, buf); 2480 CP(arg.raid, *raid32, len); 2481 CP(arg.raid, *raid32, volume_status); 2482 bcopy(arg.raid.action_data, raid32->action_data, 2483 sizeof arg.raid.action_data); 2484 CP(arg.raid, *raid32, ioc_status); 2485 CP(arg.raid, *raid32, write); 2486 break; 2487 2488 case MPSIO_MPS_COMMAND32: 2489 PTROUT_CP(arg.user, *user32, req); 2490 CP(arg.user, *user32, req_len); 2491 PTROUT_CP(arg.user, *user32, rpl); 2492 CP(arg.user, *user32, rpl_len); 2493 PTROUT_CP(arg.user, *user32, buf); 2494 CP(arg.user, *user32, len); 2495 CP(arg.user, *user32, flags); 2496 break; 2497 } 2498 } 2499 2500 return (error); 2501} 2502#endif /* COMPAT_FREEBSD32 */ 2503 2504static int 2505mps_ioctl_devsw(struct cdev *dev, u_long com, caddr_t arg, int flag, 2506 struct thread *td) 2507{ 2508#ifdef COMPAT_FREEBSD32 2509 if (SV_CURPROC_FLAG(SV_ILP32)) 2510 return (mps_ioctl32(dev, com, arg, flag, td)); 2511#endif 2512 return (mps_ioctl(dev, com, arg, flag, td)); 2513} 2514