drivers/block/nvme.c

   1 /*
   2  * NVM Express device driver
   3  * Copyright (c) 2011, Intel Corporation.
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms and conditions of the GNU General Public License,
   7  * version 2, as published by the Free Software Foundation.
   8  *
   9  * This program is distributed in the hope it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
  12  * more details.
  13  *
  14  * You should have received a copy of the GNU General Public License along with
  15  * this program; if not, write to the Free Software Foundation, Inc.,
  16  * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
  17  */
  18
  19 #include <linux/nvme.h>
  20 #include <linux/bio.h>
  21 #include <linux/blkdev.h>
  22 #include <linux/errno.h>
  23 #include <linux/fs.h>
  24 #include <linux/genhd.h>
  25 #include <linux/init.h>
  26 #include <linux/interrupt.h>
  27 #include <linux/io.h>
  28 #include <linux/kdev_t.h>
  29 #include <linux/kthread.h>
  30 #include <linux/kernel.h>
  31 #include <linux/mm.h>
  32 #include <linux/module.h>
  33 #include <linux/moduleparam.h>
  34 #include <linux/pci.h>
  35 #include <linux/poison.h>
  36 #include <linux/sched.h>
  37 #include <linux/slab.h>
  38 #include <linux/types.h>
  39 #include <linux/version.h>
  40
  41 #define NVME_Q_DEPTH 1024
  42 #define SQ_SIZE(depth)          (depth * sizeof(struct nvme_command))
  43 #define CQ_SIZE(depth)          (depth * sizeof(struct nvme_completion))
  44 #define NVME_MINORS 64
  45 #define IO_TIMEOUT      (5 * HZ)
  46 #define ADMIN_TIMEOUT   (60 * HZ)
  47
  48 static int nvme_major;
  49 module_param(nvme_major, int, 0);
  50
  51 static int use_threaded_interrupts;
  52 module_param(use_threaded_interrupts, int, 0);
  53
  54 static DEFINE_SPINLOCK(dev_list_lock);
  55 static LIST_HEAD(dev_list);
  56 static struct task_struct *nvme_thread;
  57
  58 /*
  59  * Represents an NVM Express device.  Each nvme_dev is a PCI function.
  60  */
  61 struct nvme_dev {
  62         struct list_head node;
  63         struct nvme_queue **queues;
  64         u32 __iomem *dbs;
  65         struct pci_dev *pci_dev;
  66         struct dma_pool *prp_page_pool;
  67         struct dma_pool *prp_small_pool;
  68         int instance;
  69         int queue_count;
  70         u32 ctrl_config;
  71         struct msix_entry *entry;
  72         struct nvme_bar __iomem *bar;
  73         struct list_head namespaces;
  74         char serial[20];
  75         char model[40];
  76         char firmware_rev[8];
  77 };
  78
  79 /*
  80  * An NVM Express namespace is equivalent to a SCSI LUN
  81  */
  82 struct nvme_ns {
  83         struct list_head list;
  84
  85         struct nvme_dev *dev;
  86         struct request_queue *queue;
  87         struct gendisk *disk;
  88
  89         int ns_id;
  90         int lba_shift;
  91 };
  92
  93 /*
  94  * An NVM Express queue.  Each device has at least two (one for admin
  95  * commands and one for I/O commands).
  96  */
  97 struct nvme_queue {
  98         struct device *q_dmadev;
  99         struct nvme_dev *dev;
 100         spinlock_t q_lock;
 101         struct nvme_command *sq_cmds;
 102         volatile struct nvme_completion *cqes;
 103         dma_addr_t sq_dma_addr;
 104         dma_addr_t cq_dma_addr;
 105         wait_queue_head_t sq_full;
 106         wait_queue_t sq_cong_wait;
 107         struct bio_list sq_cong;
 108         u32 __iomem *q_db;
 109         u16 q_depth;
 110         u16 cq_vector;
 111         u16 sq_head;
 112         u16 sq_tail;
 113         u16 cq_head;
 114         u16 cq_phase;
 115         unsigned long cmdid_data[];
 116 };
 117
 118 /*
 119  * Check we didin't inadvertently grow the command struct
 120  */
 121 static inline void _nvme_check_size(void)
 122 {
 123         BUILD_BUG_ON(sizeof(struct nvme_rw_command) != 64);
 124         BUILD_BUG_ON(sizeof(struct nvme_create_cq) != 64);
 125         BUILD_BUG_ON(sizeof(struct nvme_create_sq) != 64);
 126         BUILD_BUG_ON(sizeof(struct nvme_delete_queue) != 64);
 127         BUILD_BUG_ON(sizeof(struct nvme_features) != 64);
 128         BUILD_BUG_ON(sizeof(struct nvme_command) != 64);
 129         BUILD_BUG_ON(sizeof(struct nvme_id_ctrl) != 4096);
 130         BUILD_BUG_ON(sizeof(struct nvme_id_ns) != 4096);
 131         BUILD_BUG_ON(sizeof(struct nvme_lba_range_type) != 64);
 132 }
 133
 134 struct nvme_cmd_info {
 135         unsigned long ctx;
 136         unsigned long timeout;
 137 };
 138
 139 static struct nvme_cmd_info *nvme_cmd_info(struct nvme_queue *nvmeq)
 140 {
 141         return (void *)&nvmeq->cmdid_data[BITS_TO_LONGS(nvmeq->q_depth)];
 142 }
 143
 144 /**
 145  * alloc_cmdid() - Allocate a Command ID
 146  * @nvmeq: The queue that will be used for this command
 147  * @ctx: A pointer that will be passed to the handler
 148  * @handler: The ID of the handler to call
 149  *
 150  * Allocate a Command ID for a queue.  The data passed in will
 151  * be passed to the completion handler.  This is implemented by using
 152  * the bottom two bits of the ctx pointer to store the handler ID.
 153  * Passing in a pointer that's not 4-byte aligned will cause a BUG.
 154  * We can change this if it becomes a problem.
 155  */
 156 static int alloc_cmdid(struct nvme_queue *nvmeq, void *ctx, int handler,
 157                                                         unsigned timeout)
 158 {
 159         int depth = nvmeq->q_depth - 1;
 160         struct nvme_cmd_info *info = nvme_cmd_info(nvmeq);
 161         int cmdid;
 162
 163         BUG_ON((unsigned long)ctx & 3);
 164
 165         do {
 166                 cmdid = find_first_zero_bit(nvmeq->cmdid_data, depth);
 167                 if (cmdid >= depth)
 168                         return -EBUSY;
 169         } while (test_and_set_bit(cmdid, nvmeq->cmdid_data));
 170
 171         info[cmdid].ctx = (unsigned long)ctx | handler;
 172         info[cmdid].timeout = jiffies + timeout;
 173         return cmdid;
 174 }
 175
 176 static int alloc_cmdid_killable(struct nvme_queue *nvmeq, void *ctx,
 177                                                 int handler, unsigned timeout)
 178 {
 179         int cmdid;
 180         wait_event_killable(nvmeq->sq_full,
 181                 (cmdid = alloc_cmdid(nvmeq, ctx, handler, timeout)) >= 0);
 182         return (cmdid < 0) ? -EINTR : cmdid;
 183 }
 184
 185 /*
 186  * If you need more than four handlers, you'll need to change how
 187  * alloc_cmdid and nvme_process_cq work.  Consider using a special
 188  * CMD_CTX value instead, if that works for your situation.
 189  */
 190 enum {
 191         sync_completion_id = 0,
 192         bio_completion_id,
 193 };
 194
 195 /* Special values must be a multiple of 4, and less than 0x1000 */
 196 #define CMD_CTX_BASE            (POISON_POINTER_DELTA + sync_completion_id)
 197 #define CMD_CTX_CANCELLED       (0x30C + CMD_CTX_BASE)
 198 #define CMD_CTX_COMPLETED       (0x310 + CMD_CTX_BASE)
 199 #define CMD_CTX_INVALID         (0x314 + CMD_CTX_BASE)
 200 #define CMD_CTX_FLUSH           (0x318 + CMD_CTX_BASE)
 201
 202 static unsigned long free_cmdid(struct nvme_queue *nvmeq, int cmdid)
 203 {
 204         unsigned long data;
 205         struct nvme_cmd_info *info = nvme_cmd_info(nvmeq);
 206
 207         if (cmdid >= nvmeq->q_depth)
 208                 return CMD_CTX_INVALID;
 209         data = info[cmdid].ctx;
 210         info[cmdid].ctx = CMD_CTX_COMPLETED;
 211         clear_bit(cmdid, nvmeq->cmdid_data);
 212         wake_up(&nvmeq->sq_full);
 213         return data;
 214 }
 215
 216 static void cancel_cmdid_data(struct nvme_queue *nvmeq, int cmdid)
 217 {
 218         struct nvme_cmd_info *info = nvme_cmd_info(nvmeq);
 219         info[cmdid].ctx = CMD_CTX_CANCELLED;
 220 }
 221
 222 static struct nvme_queue *get_nvmeq(struct nvme_ns *ns)
 223 {
 224         int qid, cpu = get_cpu();
 225         if (cpu < ns->dev->queue_count)
 226                 qid = cpu + 1;
 227         else
 228                 qid = (cpu % rounddown_pow_of_two(ns->dev->queue_count)) + 1;
 229         return ns->dev->queues[qid];
 230 }
 231
 232 static void put_nvmeq(struct nvme_queue *nvmeq)
 233 {
 234         put_cpu();
 235 }
 236
 237 /**
 238  * nvme_submit_cmd() - Copy a command into a queue and ring the doorbell
 239  * @nvmeq: The queue to use
 240  * @cmd: The command to send
 241  *
 242  * Safe to use from interrupt context
 243  */
 244 static int nvme_submit_cmd(struct nvme_queue *nvmeq, struct nvme_command *cmd)
 245 {
 246         unsigned long flags;
 247         u16 tail;
 248         spin_lock_irqsave(&nvmeq->q_lock, flags);
 249         tail = nvmeq->sq_tail;
 250         memcpy(&nvmeq->sq_cmds[tail], cmd, sizeof(*cmd));
 251         if (++tail == nvmeq->q_depth)
 252                 tail = 0;
 253         writel(tail, nvmeq->q_db);
 254         nvmeq->sq_tail = tail;
 255         spin_unlock_irqrestore(&nvmeq->q_lock, flags);
 256
 257         return 0;
 258 }
 259
 260 struct nvme_prps {
 261         int npages;
 262         dma_addr_t first_dma;
 263         __le64 *list[0];
 264 };
 265
 266 static void nvme_free_prps(struct nvme_dev *dev, struct nvme_prps *prps)
 267 {
 268         const int last_prp = PAGE_SIZE / 8 - 1;
 269         int i;
 270         dma_addr_t prp_dma;
 271
 272         if (!prps)
 273                 return;
 274
 275         prp_dma = prps->first_dma;
 276
 277         if (prps->npages == 0)
 278                 dma_pool_free(dev->prp_small_pool, prps->list[0], prp_dma);
 279         for (i = 0; i < prps->npages; i++) {
 280                 __le64 *prp_list = prps->list[i];
 281                 dma_addr_t next_prp_dma = le64_to_cpu(prp_list[last_prp]);
 282                 dma_pool_free(dev->prp_page_pool, prp_list, prp_dma);
 283                 prp_dma = next_prp_dma;
 284         }
 285         kfree(prps);
 286 }
 287
 288 struct nvme_bio {
 289         struct bio *bio;
 290         int nents;
 291         struct nvme_prps *prps;
 292         struct scatterlist sg[0];
 293 };
 294
 295 /* XXX: use a mempool */
 296 static struct nvme_bio *alloc_nbio(unsigned nseg, gfp_t gfp)
 297 {
 298         return kzalloc(sizeof(struct nvme_bio) +
 299                         sizeof(struct scatterlist) * nseg, gfp);
 300 }
 301
 302 static void free_nbio(struct nvme_queue *nvmeq, struct nvme_bio *nbio)
 303 {
 304         nvme_free_prps(nvmeq->dev, nbio->prps);
 305         kfree(nbio);
 306 }
 307
 308 static void bio_completion(struct nvme_queue *nvmeq, void *ctx,
 309                                                 struct nvme_completion *cqe)
 310 {
 311         struct nvme_bio *nbio = ctx;
 312         struct bio *bio = nbio->bio;
 313         u16 status = le16_to_cpup(&cqe->status) >> 1;
 314
 315         dma_unmap_sg(nvmeq->q_dmadev, nbio->sg, nbio->nents,
 316                         bio_data_dir(bio) ? DMA_TO_DEVICE : DMA_FROM_DEVICE);
 317         free_nbio(nvmeq, nbio);
 318         if (status)
 319                 bio_endio(bio, -EIO);
 320         if (bio->bi_vcnt > bio->bi_idx) {
 321                 bio_list_add(&nvmeq->sq_cong, bio);
 322                 wake_up_process(nvme_thread);
 323         } else {
 324                 bio_endio(bio, 0);
 325         }
 326 }
 327
 328 /* length is in bytes */
 329 static struct nvme_prps *nvme_setup_prps(struct nvme_dev *dev,
 330                                         struct nvme_common_command *cmd,
 331                                         struct scatterlist *sg, int length)
 332 {
 333         struct dma_pool *pool;
 334         int dma_len = sg_dma_len(sg);
 335         u64 dma_addr = sg_dma_address(sg);
 336         int offset = offset_in_page(dma_addr);
 337         __le64 *prp_list;
 338         dma_addr_t prp_dma;
 339         int nprps, npages, i, prp_page;
 340         struct nvme_prps *prps = NULL;
 341
 342         cmd->prp1 = cpu_to_le64(dma_addr);
 343         length -= (PAGE_SIZE - offset);
 344         if (length <= 0)
 345                 return prps;
 346
 347         dma_len -= (PAGE_SIZE - offset);
 348         if (dma_len) {
 349                 dma_addr += (PAGE_SIZE - offset);
 350         } else {
 351                 sg = sg_next(sg);
 352                 dma_addr = sg_dma_address(sg);
 353                 dma_len = sg_dma_len(sg);
 354         }
 355
 356         if (length <= PAGE_SIZE) {
 357                 cmd->prp2 = cpu_to_le64(dma_addr);
 358                 return prps;
 359         }
 360
 361         nprps = DIV_ROUND_UP(length, PAGE_SIZE);
 362         npages = DIV_ROUND_UP(8 * nprps, PAGE_SIZE);
 363         prps = kmalloc(sizeof(*prps) + sizeof(__le64 *) * npages, GFP_ATOMIC);
 364         prp_page = 0;
 365         if (nprps <= (256 / 8)) {
 366                 pool = dev->prp_small_pool;
 367                 prps->npages = 0;
 368         } else {
 369                 pool = dev->prp_page_pool;
 370                 prps->npages = npages;
 371         }
 372
 373         prp_list = dma_pool_alloc(pool, GFP_ATOMIC, &prp_dma);
 374         prps->list[prp_page++] = prp_list;
 375         prps->first_dma = prp_dma;
 376         cmd->prp2 = cpu_to_le64(prp_dma);
 377         i = 0;
 378         for (;;) {
 379                 if (i == PAGE_SIZE / 8) {
 380                         __le64 *old_prp_list = prp_list;
 381                         prp_list = dma_pool_alloc(pool, GFP_ATOMIC, &prp_dma);
 382                         prps->list[prp_page++] = prp_list;
 383                         prp_list[0] = old_prp_list[i - 1];
 384                         old_prp_list[i - 1] = cpu_to_le64(prp_dma);
 385                         i = 1;
 386                 }
 387                 prp_list[i++] = cpu_to_le64(dma_addr);
 388                 dma_len -= PAGE_SIZE;
 389                 dma_addr += PAGE_SIZE;
 390                 length -= PAGE_SIZE;
 391                 if (length <= 0)
 392                         break;
 393                 if (dma_len > 0)
 394                         continue;
 395                 BUG_ON(dma_len < 0);
 396                 sg = sg_next(sg);
 397                 dma_addr = sg_dma_address(sg);
 398                 dma_len = sg_dma_len(sg);
 399         }
 400
 401         return prps;
 402 }
 403
 404 /* NVMe scatterlists require no holes in the virtual address */
 405 #define BIOVEC_NOT_VIRT_MERGEABLE(vec1, vec2)   ((vec2)->bv_offset || \
 406                         (((vec1)->bv_offset + (vec1)->bv_len) % PAGE_SIZE))
 407
 408 static int nvme_map_bio(struct device *dev, struct nvme_bio *nbio,
 409                 struct bio *bio, enum dma_data_direction dma_dir, int psegs)
 410 {
 411         struct bio_vec *bvec, *bvprv = NULL;
 412         struct scatterlist *sg = NULL;
 413         int i, old_idx, length = 0, nsegs = 0;
 414
 415         sg_init_table(nbio->sg, psegs);
 416         old_idx = bio->bi_idx;
 417         bio_for_each_segment(bvec, bio, i) {
 418                 if (bvprv && BIOVEC_PHYS_MERGEABLE(bvprv, bvec)) {
 419                         sg->length += bvec->bv_len;
 420                 } else {
 421                         if (bvprv && BIOVEC_NOT_VIRT_MERGEABLE(bvprv, bvec))
 422                                 break;
 423                         sg = sg ? sg + 1 : nbio->sg;
 424                         sg_set_page(sg, bvec->bv_page, bvec->bv_len,
 425                                                         bvec->bv_offset);
 426                         nsegs++;
 427                 }
 428                 length += bvec->bv_len;
 429                 bvprv = bvec;
 430         }
 431         bio->bi_idx = i;
 432         nbio->nents = nsegs;
 433         sg_mark_end(sg);
 434         if (dma_map_sg(dev, nbio->sg, nbio->nents, dma_dir) == 0) {
 435                 bio->bi_idx = old_idx;
 436                 return -ENOMEM;
 437         }
 438         return length;
 439 }
 440
 441 static int nvme_submit_flush(struct nvme_queue *nvmeq, struct nvme_ns *ns,
 442                                                                 int cmdid)
 443 {
 444         struct nvme_command *cmnd = &nvmeq->sq_cmds[nvmeq->sq_tail];
 445
 446         memset(cmnd, 0, sizeof(*cmnd));
 447         cmnd->common.opcode = nvme_cmd_flush;
 448         cmnd->common.command_id = cmdid;
 449         cmnd->common.nsid = cpu_to_le32(ns->ns_id);
 450
 451         if (++nvmeq->sq_tail == nvmeq->q_depth)
 452                 nvmeq->sq_tail = 0;
 453         writel(nvmeq->sq_tail, nvmeq->q_db);
 454
 455         return 0;
 456 }
 457
 458 static int nvme_submit_flush_data(struct nvme_queue *nvmeq, struct nvme_ns *ns)
 459 {
 460         int cmdid = alloc_cmdid(nvmeq, (void *)CMD_CTX_FLUSH,
 461                                                 sync_completion_id, IO_TIMEOUT);
 462         if (unlikely(cmdid < 0))
 463                 return cmdid;
 464
 465         return nvme_submit_flush(nvmeq, ns, cmdid);
 466 }
 467
 468 static int nvme_submit_bio_queue(struct nvme_queue *nvmeq, struct nvme_ns *ns,
 469                                                                 struct bio *bio)
 470 {
 471         struct nvme_command *cmnd;
 472         struct nvme_bio *nbio;
 473         enum dma_data_direction dma_dir;
 474         int cmdid, length, result = -ENOMEM;
 475         u16 control;
 476         u32 dsmgmt;
 477         int psegs = bio_phys_segments(ns->queue, bio);
 478
 479         if ((bio->bi_rw & REQ_FLUSH) && psegs) {
 480                 result = nvme_submit_flush_data(nvmeq, ns);
 481                 if (result)
 482                         return result;
 483         }
 484
 485         nbio = alloc_nbio(psegs, GFP_ATOMIC);
 486         if (!nbio)
 487                 goto nomem;
 488         nbio->bio = bio;
 489
 490         result = -EBUSY;
 491         cmdid = alloc_cmdid(nvmeq, nbio, bio_completion_id, IO_TIMEOUT);
 492         if (unlikely(cmdid < 0))
 493                 goto free_nbio;
 494
 495         if ((bio->bi_rw & REQ_FLUSH) && !psegs)
 496                 return nvme_submit_flush(nvmeq, ns, cmdid);
 497
 498         control = 0;
 499         if (bio->bi_rw & REQ_FUA)
 500                 control |= NVME_RW_FUA;
 501         if (bio->bi_rw & (REQ_FAILFAST_DEV | REQ_RAHEAD))
 502                 control |= NVME_RW_LR;
 503
 504         dsmgmt = 0;
 505         if (bio->bi_rw & REQ_RAHEAD)
 506                 dsmgmt |= NVME_RW_DSM_FREQ_PREFETCH;
 507
 508         cmnd = &nvmeq->sq_cmds[nvmeq->sq_tail];
 509
 510         memset(cmnd, 0, sizeof(*cmnd));
 511         if (bio_data_dir(bio)) {
 512                 cmnd->rw.opcode = nvme_cmd_write;
 513                 dma_dir = DMA_TO_DEVICE;
 514         } else {
 515                 cmnd->rw.opcode = nvme_cmd_read;
 516                 dma_dir = DMA_FROM_DEVICE;
 517         }
 518
 519         result = nvme_map_bio(nvmeq->q_dmadev, nbio, bio, dma_dir, psegs);
 520         if (result < 0)
 521                 goto free_nbio;
 522         length = result;
 523
 524         cmnd->rw.command_id = cmdid;
 525         cmnd->rw.nsid = cpu_to_le32(ns->ns_id);
 526         nbio->prps = nvme_setup_prps(nvmeq->dev, &cmnd->common, nbio->sg,
 527                                                                 length);
 528         cmnd->rw.slba = cpu_to_le64(bio->bi_sector >> (ns->lba_shift - 9));
 529         cmnd->rw.length = cpu_to_le16((length >> ns->lba_shift) - 1);
 530         cmnd->rw.control = cpu_to_le16(control);
 531         cmnd->rw.dsmgmt = cpu_to_le32(dsmgmt);
 532
 533         bio->bi_sector += length >> 9;
 534
 535         if (++nvmeq->sq_tail == nvmeq->q_depth)
 536                 nvmeq->sq_tail = 0;
 537         writel(nvmeq->sq_tail, nvmeq->q_db);
 538
 539         return 0;
 540
 541  free_nbio:
 542         free_nbio(nvmeq, nbio);
 543  nomem:
 544         return result;
 545 }
 546
 547 /*
 548  * NB: return value of non-zero would mean that we were a stacking driver.
 549  * make_request must always succeed.
 550  */
 551 static int nvme_make_request(struct request_queue *q, struct bio *bio)
 552 {
 553         struct nvme_ns *ns = q->queuedata;
 554         struct nvme_queue *nvmeq = get_nvmeq(ns);
 555         int result = -EBUSY;
 556
 557         spin_lock_irq(&nvmeq->q_lock);
 558         if (bio_list_empty(&nvmeq->sq_cong))
 559                 result = nvme_submit_bio_queue(nvmeq, ns, bio);
 560         if (unlikely(result)) {
 561                 if (bio_list_empty(&nvmeq->sq_cong))
 562                         add_wait_queue(&nvmeq->sq_full, &nvmeq->sq_cong_wait);
 563                 bio_list_add(&nvmeq->sq_cong, bio);
 564         }
 565
 566         spin_unlock_irq(&nvmeq->q_lock);
 567         put_nvmeq(nvmeq);
 568
 569         return 0;
 570 }
 571
 572 struct sync_cmd_info {
 573         struct task_struct *task;
 574         u32 result;
 575         int status;
 576 };
 577
 578 static void sync_completion(struct nvme_queue *nvmeq, void *ctx,
 579                                                 struct nvme_completion *cqe)
 580 {
 581         struct sync_cmd_info *cmdinfo = ctx;
 582         if (unlikely((unsigned long)cmdinfo == CMD_CTX_CANCELLED))
 583                 return;
 584         if ((unsigned long)cmdinfo == CMD_CTX_FLUSH)
 585                 return;
 586         if (unlikely((unsigned long)cmdinfo == CMD_CTX_COMPLETED)) {
 587                 dev_warn(nvmeq->q_dmadev,
 588                                 "completed id %d twice on queue %d\n",
 589                                 cqe->command_id, le16_to_cpup(&cqe->sq_id));
 590                 return;
 591         }
 592         if (unlikely((unsigned long)cmdinfo == CMD_CTX_INVALID)) {
 593                 dev_warn(nvmeq->q_dmadev,
 594                                 "invalid id %d completed on queue %d\n",
 595                                 cqe->command_id, le16_to_cpup(&cqe->sq_id));
 596                 return;
 597         }
 598         cmdinfo->result = le32_to_cpup(&cqe->result);
 599         cmdinfo->status = le16_to_cpup(&cqe->status) >> 1;
 600         wake_up_process(cmdinfo->task);
 601 }
 602
 603 typedef void (*completion_fn)(struct nvme_queue *, void *,
 604                                                 struct nvme_completion *);
 605
 606 static irqreturn_t nvme_process_cq(struct nvme_queue *nvmeq)
 607 {
 608         u16 head, phase;
 609
 610         static const completion_fn completions[4] = {
 611                 [sync_completion_id] = sync_completion,
 612                 [bio_completion_id]  = bio_completion,
 613         };
 614
 615         head = nvmeq->cq_head;
 616         phase = nvmeq->cq_phase;
 617
 618         for (;;) {
 619                 unsigned long data;
 620                 void *ptr;
 621                 unsigned char handler;
 622                 struct nvme_completion cqe = nvmeq->cqes[head];
 623                 if ((le16_to_cpu(cqe.status) & 1) != phase)
 624                         break;
 625                 nvmeq->sq_head = le16_to_cpu(cqe.sq_head);
 626                 if (++head == nvmeq->q_depth) {
 627                         head = 0;
 628                         phase = !phase;
 629                 }
 630
 631                 data = free_cmdid(nvmeq, cqe.command_id);
 632                 handler = data & 3;
 633                 ptr = (void *)(data & ~3UL);
 634                 completions[handler](nvmeq, ptr, &cqe);
 635         }
 636
 637         /* If the controller ignores the cq head doorbell and continuously
 638          * writes to the queue, it is theoretically possible to wrap around
 639          * the queue twice and mistakenly return IRQ_NONE.  Linux only
 640          * requires that 0.1% of your interrupts are handled, so this isn't
 641          * a big problem.
 642          */
 643         if (head == nvmeq->cq_head && phase == nvmeq->cq_phase)
 644                 return IRQ_NONE;
 645
 646         writel(head, nvmeq->q_db + 1);
 647         nvmeq->cq_head = head;
 648         nvmeq->cq_phase = phase;
 649
 650         return IRQ_HANDLED;
 651 }
 652
 653 static irqreturn_t nvme_irq(int irq, void *data)
 654 {
 655         irqreturn_t result;
 656         struct nvme_queue *nvmeq = data;
 657         spin_lock(&nvmeq->q_lock);
 658         result = nvme_process_cq(nvmeq);
 659         spin_unlock(&nvmeq->q_lock);
 660         return result;
 661 }
 662
 663 static irqreturn_t nvme_irq_check(int irq, void *data)
 664 {
 665         struct nvme_queue *nvmeq = data;
 666         struct nvme_completion cqe = nvmeq->cqes[nvmeq->cq_head];
 667         if ((le16_to_cpu(cqe.status) & 1) != nvmeq->cq_phase)
 668                 return IRQ_NONE;
 669         return IRQ_WAKE_THREAD;
 670 }
 671
 672 static void nvme_abort_command(struct nvme_queue *nvmeq, int cmdid)
 673 {
 674         spin_lock_irq(&nvmeq->q_lock);
 675         cancel_cmdid_data(nvmeq, cmdid);
 676         spin_unlock_irq(&nvmeq->q_lock);
 677 }
 678
 679 /*
 680  * Returns 0 on success.  If the result is negative, it's a Linux error code;
 681  * if the result is positive, it's an NVM Express status code
 682  */
 683 static int nvme_submit_sync_cmd(struct nvme_queue *nvmeq,
 684                         struct nvme_command *cmd, u32 *result, unsigned timeout)
 685 {
 686         int cmdid;
 687         struct sync_cmd_info cmdinfo;
 688
 689         cmdinfo.task = current;
 690         cmdinfo.status = -EINTR;
 691
 692         cmdid = alloc_cmdid_killable(nvmeq, &cmdinfo, sync_completion_id,
 693                                                                 timeout);
 694         if (cmdid < 0)
 695                 return cmdid;
 696         cmd->common.command_id = cmdid;
 697
 698         set_current_state(TASK_KILLABLE);
 699         nvme_submit_cmd(nvmeq, cmd);
 700         schedule();
 701
 702         if (cmdinfo.status == -EINTR) {
 703                 nvme_abort_command(nvmeq, cmdid);
 704                 return -EINTR;
 705         }
 706
 707         if (result)
 708                 *result = cmdinfo.result;
 709
 710         return cmdinfo.status;
 711 }
 712
 713 static int nvme_submit_admin_cmd(struct nvme_dev *dev, struct nvme_command *cmd,
 714                                                                 u32 *result)
 715 {
 716         return nvme_submit_sync_cmd(dev->queues[0], cmd, result, ADMIN_TIMEOUT);
 717 }
 718
 719 static int adapter_delete_queue(struct nvme_dev *dev, u8 opcode, u16 id)
 720 {
 721         int status;
 722         struct nvme_command c;
 723
 724         memset(&c, 0, sizeof(c));
 725         c.delete_queue.opcode = opcode;
 726         c.delete_queue.qid = cpu_to_le16(id);
 727
 728         status = nvme_submit_admin_cmd(dev, &c, NULL);
 729         if (status)
 730                 return -EIO;
 731         return 0;
 732 }
 733
 734 static int adapter_alloc_cq(struct nvme_dev *dev, u16 qid,
 735                                                 struct nvme_queue *nvmeq)
 736 {
 737         int status;
 738         struct nvme_command c;
 739         int flags = NVME_QUEUE_PHYS_CONTIG | NVME_CQ_IRQ_ENABLED;
 740
 741         memset(&c, 0, sizeof(c));
 742         c.create_cq.opcode = nvme_admin_create_cq;
 743         c.create_cq.prp1 = cpu_to_le64(nvmeq->cq_dma_addr);
 744         c.create_cq.cqid = cpu_to_le16(qid);
 745         c.create_cq.qsize = cpu_to_le16(nvmeq->q_depth - 1);
 746         c.create_cq.cq_flags = cpu_to_le16(flags);
 747         c.create_cq.irq_vector = cpu_to_le16(nvmeq->cq_vector);
 748
 749         status = nvme_submit_admin_cmd(dev, &c, NULL);
 750         if (status)
 751                 return -EIO;
 752         return 0;
 753 }
 754
 755 static int adapter_alloc_sq(struct nvme_dev *dev, u16 qid,
 756                                                 struct nvme_queue *nvmeq)
 757 {
 758         int status;
 759         struct nvme_command c;
 760         int flags = NVME_QUEUE_PHYS_CONTIG | NVME_SQ_PRIO_MEDIUM;
 761
 762         memset(&c, 0, sizeof(c));
 763         c.create_sq.opcode = nvme_admin_create_sq;
 764         c.create_sq.prp1 = cpu_to_le64(nvmeq->sq_dma_addr);
 765         c.create_sq.sqid = cpu_to_le16(qid);
 766         c.create_sq.qsize = cpu_to_le16(nvmeq->q_depth - 1);
 767         c.create_sq.sq_flags = cpu_to_le16(flags);
 768         c.create_sq.cqid = cpu_to_le16(qid);
 769
 770         status = nvme_submit_admin_cmd(dev, &c, NULL);
 771         if (status)
 772                 return -EIO;
 773         return 0;
 774 }
 775
 776 static int adapter_delete_cq(struct nvme_dev *dev, u16 cqid)
 777 {
 778         return adapter_delete_queue(dev, nvme_admin_delete_cq, cqid);
 779 }
 780
 781 static int adapter_delete_sq(struct nvme_dev *dev, u16 sqid)
 782 {
 783         return adapter_delete_queue(dev, nvme_admin_delete_sq, sqid);
 784 }
 785
 786 static void nvme_free_queue(struct nvme_dev *dev, int qid)
 787 {
 788         struct nvme_queue *nvmeq = dev->queues[qid];
 789
 790         free_irq(dev->entry[nvmeq->cq_vector].vector, nvmeq);
 791
 792         /* Don't tell the adapter to delete the admin queue */
 793         if (qid) {
 794                 adapter_delete_sq(dev, qid);
 795                 adapter_delete_cq(dev, qid);
 796         }
 797
 798         dma_free_coherent(nvmeq->q_dmadev, CQ_SIZE(nvmeq->q_depth),
 799                                 (void *)nvmeq->cqes, nvmeq->cq_dma_addr);
 800         dma_free_coherent(nvmeq->q_dmadev, SQ_SIZE(nvmeq->q_depth),
 801                                         nvmeq->sq_cmds, nvmeq->sq_dma_addr);
 802         kfree(nvmeq);
 803 }
 804
 805 static struct nvme_queue *nvme_alloc_queue(struct nvme_dev *dev, int qid,
 806                                                         int depth, int vector)
 807 {
 808         struct device *dmadev = &dev->pci_dev->dev;
 809         unsigned extra = (depth / 8) + (depth * sizeof(struct nvme_cmd_info));
 810         struct nvme_queue *nvmeq = kzalloc(sizeof(*nvmeq) + extra, GFP_KERNEL);
 811         if (!nvmeq)
 812                 return NULL;
 813
 814         nvmeq->cqes = dma_alloc_coherent(dmadev, CQ_SIZE(depth),
 815                                         &nvmeq->cq_dma_addr, GFP_KERNEL);
 816         if (!nvmeq->cqes)
 817                 goto free_nvmeq;
 818         memset((void *)nvmeq->cqes, 0, CQ_SIZE(depth));
 819
 820         nvmeq->sq_cmds = dma_alloc_coherent(dmadev, SQ_SIZE(depth),
 821                                         &nvmeq->sq_dma_addr, GFP_KERNEL);
 822         if (!nvmeq->sq_cmds)
 823                 goto free_cqdma;
 824
 825         nvmeq->q_dmadev = dmadev;
 826         nvmeq->dev = dev;
 827         spin_lock_init(&nvmeq->q_lock);
 828         nvmeq->cq_head = 0;
 829         nvmeq->cq_phase = 1;
 830         init_waitqueue_head(&nvmeq->sq_full);
 831         init_waitqueue_entry(&nvmeq->sq_cong_wait, nvme_thread);
 832         bio_list_init(&nvmeq->sq_cong);
 833         nvmeq->q_db = &dev->dbs[qid * 2];
 834         nvmeq->q_depth = depth;
 835         nvmeq->cq_vector = vector;
 836
 837         return nvmeq;
 838
 839  free_cqdma:
 840         dma_free_coherent(dmadev, CQ_SIZE(nvmeq->q_depth), (void *)nvmeq->cqes,
 841                                                         nvmeq->cq_dma_addr);
 842  free_nvmeq:
 843         kfree(nvmeq);
 844         return NULL;
 845 }
 846
 847 static int queue_request_irq(struct nvme_dev *dev, struct nvme_queue *nvmeq,
 848                                                         const char *name)
 849 {
 850         if (use_threaded_interrupts)
 851                 return request_threaded_irq(dev->entry[nvmeq->cq_vector].vector,
 852                                         nvme_irq_check, nvme_irq,
 853                                         IRQF_DISABLED | IRQF_SHARED,
 854                                         name, nvmeq);
 855         return request_irq(dev->entry[nvmeq->cq_vector].vector, nvme_irq,
 856                                 IRQF_DISABLED | IRQF_SHARED, name, nvmeq);
 857 }
 858
 859 static __devinit struct nvme_queue *nvme_create_queue(struct nvme_dev *dev,
 860                                         int qid, int cq_size, int vector)
 861 {
 862         int result;
 863         struct nvme_queue *nvmeq = nvme_alloc_queue(dev, qid, cq_size, vector);
 864
 865         if (!nvmeq)
 866                 return NULL;
 867
 868         result = adapter_alloc_cq(dev, qid, nvmeq);
 869         if (result < 0)
 870                 goto free_nvmeq;
 871
 872         result = adapter_alloc_sq(dev, qid, nvmeq);
 873         if (result < 0)
 874                 goto release_cq;
 875
 876         result = queue_request_irq(dev, nvmeq, "nvme");
 877         if (result < 0)
 878                 goto release_sq;
 879
 880         return nvmeq;
 881
 882  release_sq:
 883         adapter_delete_sq(dev, qid);
 884  release_cq:
 885         adapter_delete_cq(dev, qid);
 886  free_nvmeq:
 887         dma_free_coherent(nvmeq->q_dmadev, CQ_SIZE(nvmeq->q_depth),
 888                                 (void *)nvmeq->cqes, nvmeq->cq_dma_addr);
 889         dma_free_coherent(nvmeq->q_dmadev, SQ_SIZE(nvmeq->q_depth),
 890                                         nvmeq->sq_cmds, nvmeq->sq_dma_addr);
 891         kfree(nvmeq);
 892         return NULL;
 893 }
 894
 895 static int __devinit nvme_configure_admin_queue(struct nvme_dev *dev)
 896 {
 897         int result;
 898         u32 aqa;
 899         struct nvme_queue *nvmeq;
 900
 901         dev->dbs = ((void __iomem *)dev->bar) + 4096;
 902
 903         nvmeq = nvme_alloc_queue(dev, 0, 64, 0);
 904         if (!nvmeq)
 905                 return -ENOMEM;
 906
 907         aqa = nvmeq->q_depth - 1;
 908         aqa |= aqa << 16;
 909
 910         dev->ctrl_config = NVME_CC_ENABLE | NVME_CC_CSS_NVM;
 911         dev->ctrl_config |= (PAGE_SHIFT - 12) << NVME_CC_MPS_SHIFT;
 912         dev->ctrl_config |= NVME_CC_ARB_RR | NVME_CC_SHN_NONE;
 913
 914         writel(0, &dev->bar->cc);
 915         writel(aqa, &dev->bar->aqa);
 916         writeq(nvmeq->sq_dma_addr, &dev->bar->asq);
 917         writeq(nvmeq->cq_dma_addr, &dev->bar->acq);
 918         writel(dev->ctrl_config, &dev->bar->cc);
 919
 920         while (!(readl(&dev->bar->csts) & NVME_CSTS_RDY)) {
 921                 msleep(100);
 922                 if (fatal_signal_pending(current))
 923                         return -EINTR;
 924         }
 925
 926         result = queue_request_irq(dev, nvmeq, "nvme admin");
 927         dev->queues[0] = nvmeq;
 928         return result;
 929 }
 930
 931 static int nvme_map_user_pages(struct nvme_dev *dev, int write,
 932                                 unsigned long addr, unsigned length,
 933                                 struct scatterlist **sgp)
 934 {
 935         int i, err, count, nents, offset;
 936         struct scatterlist *sg;
 937         struct page **pages;
 938
 939         if (addr & 3)
 940                 return -EINVAL;
 941         if (!length)
 942                 return -EINVAL;
 943
 944         offset = offset_in_page(addr);
 945         count = DIV_ROUND_UP(offset + length, PAGE_SIZE);
 946         pages = kcalloc(count, sizeof(*pages), GFP_KERNEL);
 947
 948         err = get_user_pages_fast(addr, count, 1, pages);
 949         if (err < count) {
 950                 count = err;
 951                 err = -EFAULT;
 952                 goto put_pages;
 953         }
 954
 955         sg = kcalloc(count, sizeof(*sg), GFP_KERNEL);
 956         sg_init_table(sg, count);
 957         sg_set_page(&sg[0], pages[0], PAGE_SIZE - offset, offset);
 958         length -= (PAGE_SIZE - offset);
 959         for (i = 1; i < count; i++) {
 960                 sg_set_page(&sg[i], pages[i], min_t(int, length, PAGE_SIZE), 0);
 961                 length -= PAGE_SIZE;
 962         }
 963
 964         err = -ENOMEM;
 965         nents = dma_map_sg(&dev->pci_dev->dev, sg, count,
 966                                 write ? DMA_TO_DEVICE : DMA_FROM_DEVICE);
 967         if (!nents)
 968                 goto put_pages;
 969
 970         kfree(pages);
 971         *sgp = sg;
 972         return nents;
 973
 974  put_pages:
 975         for (i = 0; i < count; i++)
 976                 put_page(pages[i]);
 977         kfree(pages);
 978         return err;
 979 }
 980
 981 static void nvme_unmap_user_pages(struct nvme_dev *dev, int write,
 982                                 unsigned long addr, int length,
 983                                 struct scatterlist *sg, int nents)
 984 {
 985         int i, count;
 986
 987         count = DIV_ROUND_UP(offset_in_page(addr) + length, PAGE_SIZE);
 988         dma_unmap_sg(&dev->pci_dev->dev, sg, nents, DMA_FROM_DEVICE);
 989
 990         for (i = 0; i < count; i++)
 991                 put_page(sg_page(&sg[i]));
 992 }
 993
 994 static int nvme_submit_user_admin_command(struct nvme_dev *dev,
 995                                         unsigned long addr, unsigned length,
 996                                         struct nvme_command *cmd)
 997 {
 998         int err, nents;
 999         struct scatterlist *sg;
1000         struct nvme_prps *prps;
1001
1002         nents = nvme_map_user_pages(dev, 0, addr, length, &sg);
1003         if (nents < 0)
1004                 return nents;
1005         prps = nvme_setup_prps(dev, &cmd->common, sg, length);
1006         err = nvme_submit_admin_cmd(dev, cmd, NULL);
1007         nvme_unmap_user_pages(dev, 0, addr, length, sg, nents);
1008         nvme_free_prps(dev, prps);
1009         return err ? -EIO : 0;
1010 }
1011
1012 static int nvme_identify(struct nvme_ns *ns, unsigned long addr, int cns)
1013 {
1014         struct nvme_command c;
1015
1016         memset(&c, 0, sizeof(c));
1017         c.identify.opcode = nvme_admin_identify;
1018         c.identify.nsid = cns ? 0 : cpu_to_le32(ns->ns_id);
1019         c.identify.cns = cpu_to_le32(cns);
1020
1021         return nvme_submit_user_admin_command(ns->dev, addr, 4096, &c);
1022 }
1023
1024 static int nvme_get_range_type(struct nvme_ns *ns, unsigned long addr)
1025 {
1026         struct nvme_command c;
1027
1028         memset(&c, 0, sizeof(c));
1029         c.features.opcode = nvme_admin_get_features;
1030         c.features.nsid = cpu_to_le32(ns->ns_id);
1031         c.features.fid = cpu_to_le32(NVME_FEAT_LBA_RANGE);
1032
1033         return nvme_submit_user_admin_command(ns->dev, addr, 4096, &c);
1034 }
1035
1036 static int nvme_submit_io(struct nvme_ns *ns, struct nvme_user_io __user *uio)
1037 {
1038         struct nvme_dev *dev = ns->dev;
1039         struct nvme_queue *nvmeq;
1040         struct nvme_user_io io;
1041         struct nvme_command c;
1042         unsigned length;
1043         u32 result;
1044         int nents, status;
1045         struct scatterlist *sg;
1046         struct nvme_prps *prps;
1047
1048         if (copy_from_user(&io, uio, sizeof(io)))
1049                 return -EFAULT;
1050         length = io.nblocks << io.block_shift;
1051         nents = nvme_map_user_pages(dev, io.opcode & 1, io.addr, length, &sg);
1052         if (nents < 0)
1053                 return nents;
1054
1055         memset(&c, 0, sizeof(c));
1056         c.rw.opcode = io.opcode;
1057         c.rw.flags = io.flags;
1058         c.rw.nsid = cpu_to_le32(io.nsid);
1059         c.rw.slba = cpu_to_le64(io.slba);
1060         c.rw.length = cpu_to_le16(io.nblocks - 1);
1061         c.rw.control = cpu_to_le16(io.control);
1062         c.rw.dsmgmt = cpu_to_le16(io.dsmgmt);
1063         c.rw.reftag = cpu_to_le32(io.reftag);   /* XXX: endian? */
1064         c.rw.apptag = cpu_to_le16(io.apptag);
1065         c.rw.appmask = cpu_to_le16(io.appmask);
1066         /* XXX: metadata */
1067         prps = nvme_setup_prps(dev, &c.common, sg, length);
1068
1069         nvmeq = get_nvmeq(ns);
1070         /*
1071          * Since nvme_submit_sync_cmd sleeps, we can't keep preemption
1072          * disabled.  We may be preempted at any point, and be rescheduled
1073          * to a different CPU.  That will cause cacheline bouncing, but no
1074          * additional races since q_lock already protects against other CPUs.
1075          */
1076         put_nvmeq(nvmeq);
1077         status = nvme_submit_sync_cmd(nvmeq, &c, &result, IO_TIMEOUT);
1078
1079         nvme_unmap_user_pages(dev, io.opcode & 1, io.addr, length, sg, nents);
1080         nvme_free_prps(dev, prps);
1081         put_user(result, &uio->result);
1082         return status;
1083 }
1084
1085 static int nvme_download_firmware(struct nvme_ns *ns,
1086                                                 struct nvme_dlfw __user *udlfw)
1087 {
1088         struct nvme_dev *dev = ns->dev;
1089         struct nvme_dlfw dlfw;
1090         struct nvme_command c;
1091         int nents, status;
1092         struct scatterlist *sg;
1093         struct nvme_prps *prps;
1094
1095         if (copy_from_user(&dlfw, udlfw, sizeof(dlfw)))
1096                 return -EFAULT;
1097         if (dlfw.length >= (1 << 30))
1098                 return -EINVAL;
1099
1100         nents = nvme_map_user_pages(dev, 1, dlfw.addr, dlfw.length * 4, &sg);
1101         if (nents < 0)
1102                 return nents;
1103
1104         memset(&c, 0, sizeof(c));
1105         c.dlfw.opcode = nvme_admin_download_fw;
1106         c.dlfw.numd = cpu_to_le32(dlfw.length);
1107         c.dlfw.offset = cpu_to_le32(dlfw.offset);
1108         prps = nvme_setup_prps(dev, &c.common, sg, dlfw.length * 4);
1109
1110         status = nvme_submit_admin_cmd(dev, &c, NULL);
1111         nvme_unmap_user_pages(dev, 0, dlfw.addr, dlfw.length * 4, sg, nents);
1112         nvme_free_prps(dev, prps);
1113         return status;
1114 }
1115
1116 static int nvme_activate_firmware(struct nvme_ns *ns, unsigned long arg)
1117 {
1118         struct nvme_dev *dev = ns->dev;
1119         struct nvme_command c;
1120
1121         memset(&c, 0, sizeof(c));
1122         c.common.opcode = nvme_admin_activate_fw;
1123         c.common.rsvd10[0] = cpu_to_le32(arg);
1124
1125         return nvme_submit_admin_cmd(dev, &c, NULL);
1126 }
1127
1128 static int nvme_ioctl(struct block_device *bdev, fmode_t mode, unsigned int cmd,
1129                                                         unsigned long arg)
1130 {
1131         struct nvme_ns *ns = bdev->bd_disk->private_data;
1132
1133         switch (cmd) {
1134         case NVME_IOCTL_IDENTIFY_NS:
1135                 return nvme_identify(ns, arg, 0);
1136         case NVME_IOCTL_IDENTIFY_CTRL:
1137                 return nvme_identify(ns, arg, 1);
1138         case NVME_IOCTL_GET_RANGE_TYPE:
1139                 return nvme_get_range_type(ns, arg);
1140         case NVME_IOCTL_SUBMIT_IO:
1141                 return nvme_submit_io(ns, (void __user *)arg);
1142         case NVME_IOCTL_DOWNLOAD_FW:
1143                 return nvme_download_firmware(ns, (void __user *)arg);
1144         case NVME_IOCTL_ACTIVATE_FW:
1145                 return nvme_activate_firmware(ns, arg);
1146         default:
1147                 return -ENOTTY;
1148         }
1149 }
1150
1151 static const struct block_device_operations nvme_fops = {
1152         .owner          = THIS_MODULE,
1153         .ioctl          = nvme_ioctl,
1154 };
1155
1156 static void nvme_resubmit_bios(struct nvme_queue *nvmeq)
1157 {
1158         while (bio_list_peek(&nvmeq->sq_cong)) {
1159                 struct bio *bio = bio_list_pop(&nvmeq->sq_cong);
1160                 struct nvme_ns *ns = bio->bi_bdev->bd_disk->private_data;
1161                 if (nvme_submit_bio_queue(nvmeq, ns, bio)) {
1162                         bio_list_add_head(&nvmeq->sq_cong, bio);
1163                         break;
1164                 }
1165         }
1166 }
1167
1168 static int nvme_kthread(void *data)
1169 {
1170         struct nvme_dev *dev;
1171
1172         while (!kthread_should_stop()) {
1173                 __set_current_state(TASK_RUNNING);
1174                 spin_lock(&dev_list_lock);
1175                 list_for_each_entry(dev, &dev_list, node) {
1176                         int i;
1177                         for (i = 0; i < dev->queue_count; i++) {
1178                                 struct nvme_queue *nvmeq = dev->queues[i];
1179                                 if (!nvmeq)
1180                                         continue;
1181                                 spin_lock_irq(&nvmeq->q_lock);
1182                                 if (nvme_process_cq(nvmeq))
1183                                         printk("process_cq did something\n");
1184                                 nvme_resubmit_bios(nvmeq);
1185                                 spin_unlock_irq(&nvmeq->q_lock);
1186                         }
1187                 }
1188                 spin_unlock(&dev_list_lock);
1189                 set_current_state(TASK_INTERRUPTIBLE);
1190                 schedule_timeout(HZ);
1191         }
1192         return 0;
1193 }
1194
1195 static struct nvme_ns *nvme_alloc_ns(struct nvme_dev *dev, int index,
1196                         struct nvme_id_ns *id, struct nvme_lba_range_type *rt)
1197 {
1198         struct nvme_ns *ns;
1199         struct gendisk *disk;
1200         int lbaf;
1201
1202         if (rt->attributes & NVME_LBART_ATTRIB_HIDE)
1203                 return NULL;
1204
1205         ns = kzalloc(sizeof(*ns), GFP_KERNEL);
1206         if (!ns)
1207                 return NULL;
1208         ns->queue = blk_alloc_queue(GFP_KERNEL);
1209         if (!ns->queue)
1210                 goto out_free_ns;
1211         ns->queue->queue_flags = QUEUE_FLAG_DEFAULT | QUEUE_FLAG_NOMERGES |
1212                                 QUEUE_FLAG_NONROT | QUEUE_FLAG_DISCARD;
1213         blk_queue_make_request(ns->queue, nvme_make_request);
1214         ns->dev = dev;
1215         ns->queue->queuedata = ns;
1216
1217         disk = alloc_disk(NVME_MINORS);
1218         if (!disk)
1219                 goto out_free_queue;
1220         ns->ns_id = index;
1221         ns->disk = disk;
1222         lbaf = id->flbas & 0xf;
1223         ns->lba_shift = id->lbaf[lbaf].ds;
1224
1225         disk->major = nvme_major;
1226         disk->minors = NVME_MINORS;
1227         disk->first_minor = NVME_MINORS * index;
1228         disk->fops = &nvme_fops;
1229         disk->private_data = ns;
1230         disk->queue = ns->queue;
1231         disk->driverfs_dev = &dev->pci_dev->dev;
1232         sprintf(disk->disk_name, "nvme%dn%d", dev->instance, index);
1233         set_capacity(disk, le64_to_cpup(&id->nsze) << (ns->lba_shift - 9));
1234
1235         return ns;
1236
1237  out_free_queue:
1238         blk_cleanup_queue(ns->queue);
1239  out_free_ns:
1240         kfree(ns);
1241         return NULL;
1242 }
1243
1244 static void nvme_ns_free(struct nvme_ns *ns)
1245 {
1246         put_disk(ns->disk);
1247         blk_cleanup_queue(ns->queue);
1248         kfree(ns);
1249 }
1250
1251 static int set_queue_count(struct nvme_dev *dev, int count)
1252 {
1253         int status;
1254         u32 result;
1255         struct nvme_command c;
1256         u32 q_count = (count - 1) | ((count - 1) << 16);
1257
1258         memset(&c, 0, sizeof(c));
1259         c.features.opcode = nvme_admin_get_features;
1260         c.features.fid = cpu_to_le32(NVME_FEAT_NUM_QUEUES);
1261         c.features.dword11 = cpu_to_le32(q_count);
1262
1263         status = nvme_submit_admin_cmd(dev, &c, &result);
1264         if (status)
1265                 return -EIO;
1266         return min(result & 0xffff, result >> 16) + 1;
1267 }
1268
1269 static int __devinit nvme_setup_io_queues(struct nvme_dev *dev)
1270 {
1271         int result, cpu, i, nr_io_queues;
1272
1273         nr_io_queues = num_online_cpus();
1274         result = set_queue_count(dev, nr_io_queues);
1275         if (result < 0)
1276                 return result;
1277         if (result < nr_io_queues)
1278                 nr_io_queues = result;
1279
1280         /* Deregister the admin queue's interrupt */
1281         free_irq(dev->entry[0].vector, dev->queues[0]);
1282
1283         for (i = 0; i < nr_io_queues; i++)
1284                 dev->entry[i].entry = i;
1285         for (;;) {
1286                 result = pci_enable_msix(dev->pci_dev, dev->entry,
1287                                                                 nr_io_queues);
1288                 if (result == 0) {
1289                         break;
1290                 } else if (result > 0) {
1291                         nr_io_queues = result;
1292                         continue;
1293                 } else {
1294                         nr_io_queues = 1;
1295                         break;
1296                 }
1297         }
1298
1299         result = queue_request_irq(dev, dev->queues[0], "nvme admin");
1300         /* XXX: handle failure here */
1301
1302         cpu = cpumask_first(cpu_online_mask);
1303         for (i = 0; i < nr_io_queues; i++) {
1304                 irq_set_affinity_hint(dev->entry[i].vector, get_cpu_mask(cpu));
1305                 cpu = cpumask_next(cpu, cpu_online_mask);
1306         }
1307
1308         for (i = 0; i < nr_io_queues; i++) {
1309                 dev->queues[i + 1] = nvme_create_queue(dev, i + 1,
1310                                                         NVME_Q_DEPTH, i);
1311                 if (!dev->queues[i + 1])
1312                         return -ENOMEM;
1313                 dev->queue_count++;
1314         }
1315
1316         return 0;
1317 }
1318
1319 static void nvme_free_queues(struct nvme_dev *dev)
1320 {
1321         int i;
1322
1323         for (i = dev->queue_count - 1; i >= 0; i--)
1324                 nvme_free_queue(dev, i);
1325 }
1326
1327 static int __devinit nvme_dev_add(struct nvme_dev *dev)
1328 {
1329         int res, nn, i;
1330         struct nvme_ns *ns, *next;
1331         struct nvme_id_ctrl *ctrl;
1332         void *id;
1333         dma_addr_t dma_addr;
1334         struct nvme_command cid, crt;
1335
1336         res = nvme_setup_io_queues(dev);
1337         if (res)
1338                 return res;
1339
1340         /* XXX: Switch to a SG list once prp2 works */
1341         id = dma_alloc_coherent(&dev->pci_dev->dev, 8192, &dma_addr,
1342                                                                 GFP_KERNEL);
1343
1344         memset(&cid, 0, sizeof(cid));
1345         cid.identify.opcode = nvme_admin_identify;
1346         cid.identify.nsid = 0;
1347         cid.identify.prp1 = cpu_to_le64(dma_addr);
1348         cid.identify.cns = cpu_to_le32(1);
1349
1350         res = nvme_submit_admin_cmd(dev, &cid, NULL);
1351         if (res) {
1352                 res = -EIO;
1353                 goto out_free;
1354         }
1355
1356         ctrl = id;
1357         nn = le32_to_cpup(&ctrl->nn);
1358         memcpy(dev->serial, ctrl->sn, sizeof(ctrl->sn));
1359         memcpy(dev->model, ctrl->mn, sizeof(ctrl->mn));
1360         memcpy(dev->firmware_rev, ctrl->fr, sizeof(ctrl->fr));
1361
1362         cid.identify.cns = 0;
1363         memset(&crt, 0, sizeof(crt));
1364         crt.features.opcode = nvme_admin_get_features;
1365         crt.features.prp1 = cpu_to_le64(dma_addr + 4096);
1366         crt.features.fid = cpu_to_le32(NVME_FEAT_LBA_RANGE);
1367
1368         for (i = 0; i <= nn; i++) {
1369                 cid.identify.nsid = cpu_to_le32(i);
1370                 res = nvme_submit_admin_cmd(dev, &cid, NULL);
1371                 if (res)
1372                         continue;
1373
1374                 if (((struct nvme_id_ns *)id)->ncap == 0)
1375                         continue;
1376
1377                 crt.features.nsid = cpu_to_le32(i);
1378                 res = nvme_submit_admin_cmd(dev, &crt, NULL);
1379                 if (res)
1380                         continue;
1381
1382                 ns = nvme_alloc_ns(dev, i, id, id + 4096);
1383                 if (ns)
1384                         list_add_tail(&ns->list, &dev->namespaces);
1385         }
1386         list_for_each_entry(ns, &dev->namespaces, list)
1387                 add_disk(ns->disk);
1388
1389         dma_free_coherent(&dev->pci_dev->dev, 4096, id, dma_addr);
1390         return 0;
1391
1392  out_free:
1393         list_for_each_entry_safe(ns, next, &dev->namespaces, list) {
1394                 list_del(&ns->list);
1395                 nvme_ns_free(ns);
1396         }
1397
1398         dma_free_coherent(&dev->pci_dev->dev, 4096, id, dma_addr);
1399         return res;
1400 }
1401
1402 static int nvme_dev_remove(struct nvme_dev *dev)
1403 {
1404         struct nvme_ns *ns, *next;
1405
1406         spin_lock(&dev_list_lock);
1407         list_del(&dev->node);
1408         spin_unlock(&dev_list_lock);
1409
1410         /* TODO: wait all I/O finished or cancel them */
1411
1412         list_for_each_entry_safe(ns, next, &dev->namespaces, list) {
1413                 list_del(&ns->list);
1414                 del_gendisk(ns->disk);
1415                 nvme_ns_free(ns);
1416         }
1417
1418         nvme_free_queues(dev);
1419
1420         return 0;
1421 }
1422
1423 static int nvme_setup_prp_pools(struct nvme_dev *dev)
1424 {
1425         struct device *dmadev = &dev->pci_dev->dev;
1426         dev->prp_page_pool = dma_pool_create("prp list page", dmadev,
1427                                                 PAGE_SIZE, PAGE_SIZE, 0);
1428         if (!dev->prp_page_pool)
1429                 return -ENOMEM;
1430
1431         /* Optimisation for I/Os between 4k and 128k */
1432         dev->prp_small_pool = dma_pool_create("prp list 256", dmadev,
1433                                                 256, 256, 0);
1434         if (!dev->prp_small_pool) {
1435                 dma_pool_destroy(dev->prp_page_pool);
1436                 return -ENOMEM;
1437         }
1438         return 0;
1439 }
1440
1441 static void nvme_release_prp_pools(struct nvme_dev *dev)
1442 {
1443         dma_pool_destroy(dev->prp_page_pool);
1444         dma_pool_destroy(dev->prp_small_pool);
1445 }
1446
1447 /* XXX: Use an ida or something to let remove / add work correctly */
1448 static void nvme_set_instance(struct nvme_dev *dev)
1449 {
1450         static int instance;
1451         dev->instance = instance++;
1452 }
1453
1454 static void nvme_release_instance(struct nvme_dev *dev)
1455 {
1456 }
1457
1458 static int __devinit nvme_probe(struct pci_dev *pdev,
1459                                                 const struct pci_device_id *id)
1460 {
1461         int bars, result = -ENOMEM;
1462         struct nvme_dev *dev;
1463
1464         dev = kzalloc(sizeof(*dev), GFP_KERNEL);
1465         if (!dev)
1466                 return -ENOMEM;
1467         dev->entry = kcalloc(num_possible_cpus(), sizeof(*dev->entry),
1468                                                                 GFP_KERNEL);
1469         if (!dev->entry)
1470                 goto free;
1471         dev->queues = kcalloc(num_possible_cpus() + 1, sizeof(void *),
1472                                                                 GFP_KERNEL);
1473         if (!dev->queues)
1474                 goto free;
1475
1476         if (pci_enable_device_mem(pdev))
1477                 goto free;
1478         pci_set_master(pdev);
1479         bars = pci_select_bars(pdev, IORESOURCE_MEM);
1480         if (pci_request_selected_regions(pdev, bars, "nvme"))
1481                 goto disable;
1482
1483         INIT_LIST_HEAD(&dev->namespaces);
1484         dev->pci_dev = pdev;
1485         pci_set_drvdata(pdev, dev);
1486         dma_set_mask(&pdev->dev, DMA_BIT_MASK(64));
1487         dma_set_coherent_mask(&pdev->dev, DMA_BIT_MASK(64));
1488         nvme_set_instance(dev);
1489         dev->entry[0].vector = pdev->irq;
1490
1491         result = nvme_setup_prp_pools(dev);
1492         if (result)
1493                 goto disable_msix;
1494
1495         dev->bar = ioremap(pci_resource_start(pdev, 0), 8192);
1496         if (!dev->bar) {
1497                 result = -ENOMEM;
1498                 goto disable_msix;
1499         }
1500
1501         result = nvme_configure_admin_queue(dev);
1502         if (result)
1503                 goto unmap;
1504         dev->queue_count++;
1505
1506         spin_lock(&dev_list_lock);
1507         list_add(&dev->node, &dev_list);
1508         spin_unlock(&dev_list_lock);
1509
1510         result = nvme_dev_add(dev);
1511         if (result)
1512                 goto delete;
1513
1514         return 0;
1515
1516  delete:
1517         spin_lock(&dev_list_lock);
1518         list_del(&dev->node);
1519         spin_unlock(&dev_list_lock);
1520
1521         nvme_free_queues(dev);
1522  unmap:
1523         iounmap(dev->bar);
1524  disable_msix:
1525         pci_disable_msix(pdev);
1526         nvme_release_instance(dev);
1527         nvme_release_prp_pools(dev);
1528  disable:
1529         pci_disable_device(pdev);
1530         pci_release_regions(pdev);
1531  free:
1532         kfree(dev->queues);
1533         kfree(dev->entry);
1534         kfree(dev);
1535         return result;
1536 }
1537
1538 static void __devexit nvme_remove(struct pci_dev *pdev)
1539 {
1540         struct nvme_dev *dev = pci_get_drvdata(pdev);
1541         nvme_dev_remove(dev);
1542         pci_disable_msix(pdev);
1543         iounmap(dev->bar);
1544         nvme_release_instance(dev);
1545         nvme_release_prp_pools(dev);
1546         pci_disable_device(pdev);
1547         pci_release_regions(pdev);
1548         kfree(dev->queues);
1549         kfree(dev->entry);
1550         kfree(dev);
1551 }
1552
1553 /* These functions are yet to be implemented */
1554 #define nvme_error_detected NULL
1555 #define nvme_dump_registers NULL
1556 #define nvme_link_reset NULL
1557 #define nvme_slot_reset NULL
1558 #define nvme_error_resume NULL
1559 #define nvme_suspend NULL
1560 #define nvme_resume NULL
1561
1562 static struct pci_error_handlers nvme_err_handler = {
1563         .error_detected = nvme_error_detected,
1564         .mmio_enabled   = nvme_dump_registers,
1565         .link_reset     = nvme_link_reset,
1566         .slot_reset     = nvme_slot_reset,
1567         .resume         = nvme_error_resume,
1568 };
1569
1570 /* Move to pci_ids.h later */
1571 #define PCI_CLASS_STORAGE_EXPRESS       0x010802
1572
1573 static DEFINE_PCI_DEVICE_TABLE(nvme_id_table) = {
1574         { PCI_DEVICE_CLASS(PCI_CLASS_STORAGE_EXPRESS, 0xffffff) },
1575         { 0, }
1576 };
1577 MODULE_DEVICE_TABLE(pci, nvme_id_table);
1578
1579 static struct pci_driver nvme_driver = {
1580         .name           = "nvme",
1581         .id_table       = nvme_id_table,
1582         .probe          = nvme_probe,
1583         .remove         = __devexit_p(nvme_remove),
1584         .suspend        = nvme_suspend,
1585         .resume         = nvme_resume,
1586         .err_handler    = &nvme_err_handler,
1587 };
1588
1589 static int __init nvme_init(void)
1590 {
1591         int result = -EBUSY;
1592
1593         nvme_thread = kthread_run(nvme_kthread, NULL, "nvme");
1594         if (IS_ERR(nvme_thread))
1595                 return PTR_ERR(nvme_thread);
1596
1597         nvme_major = register_blkdev(nvme_major, "nvme");
1598         if (nvme_major <= 0)
1599                 goto kill_kthread;
1600
1601         result = pci_register_driver(&nvme_driver);
1602         if (result)
1603                 goto unregister_blkdev;
1604         return 0;
1605
1606  unregister_blkdev:
1607         unregister_blkdev(nvme_major, "nvme");
1608  kill_kthread:
1609         kthread_stop(nvme_thread);
1610         return result;
1611 }
1612
1613 static void __exit nvme_exit(void)
1614 {
1615         pci_unregister_driver(&nvme_driver);
1616         unregister_blkdev(nvme_major, "nvme");
1617         kthread_stop(nvme_thread);
1618 }
1619
1620 MODULE_AUTHOR("Matthew Wilcox <willy@linux.intel.com>");
1621 MODULE_LICENSE("GPL");
1622 MODULE_VERSION("0.4");
1623 module_init(nvme_init);
1624 module_exit(nvme_exit);