scsi: efct: Fix possible memleak in efct_device_init()
[platform/kernel/linux-starfive.git] / drivers / scsi / st.c
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3    SCSI Tape Driver for Linux version 1.1 and newer. See the accompanying
4    file Documentation/scsi/st.rst for more information.
5
6    History:
7    Rewritten from Dwayne Forsyth's SCSI tape driver by Kai Makisara.
8    Contribution and ideas from several people including (in alphabetical
9    order) Klaus Ehrenfried, Eugene Exarevsky, Eric Lee Green, Wolfgang Denk,
10    Steve Hirsch, Andreas Koppenh"ofer, Michael Leodolter, Eyal Lebedinsky,
11    Michael Schaefer, J"org Weule, and Eric Youngdale.
12
13    Copyright 1992 - 2016 Kai Makisara
14    email Kai.Makisara@kolumbus.fi
15
16    Some small formal changes - aeb, 950809
17
18    Last modified: 18-JAN-1998 Richard Gooch <rgooch@atnf.csiro.au> Devfs support
19  */
20
21 static const char *verstr = "20160209";
22
23 #include <linux/module.h>
24
25 #include <linux/compat.h>
26 #include <linux/fs.h>
27 #include <linux/kernel.h>
28 #include <linux/sched/signal.h>
29 #include <linux/mm.h>
30 #include <linux/init.h>
31 #include <linux/string.h>
32 #include <linux/slab.h>
33 #include <linux/errno.h>
34 #include <linux/mtio.h>
35 #include <linux/major.h>
36 #include <linux/cdrom.h>
37 #include <linux/ioctl.h>
38 #include <linux/fcntl.h>
39 #include <linux/spinlock.h>
40 #include <linux/blkdev.h>
41 #include <linux/moduleparam.h>
42 #include <linux/cdev.h>
43 #include <linux/idr.h>
44 #include <linux/delay.h>
45 #include <linux/mutex.h>
46
47 #include <linux/uaccess.h>
48 #include <asm/dma.h>
49 #include <asm/unaligned.h>
50
51 #include <scsi/scsi.h>
52 #include <scsi/scsi_dbg.h>
53 #include <scsi/scsi_device.h>
54 #include <scsi/scsi_driver.h>
55 #include <scsi/scsi_eh.h>
56 #include <scsi/scsi_host.h>
57 #include <scsi/scsi_ioctl.h>
58 #include <scsi/sg.h>
59
60
61 /* The driver prints some debugging information on the console if DEBUG
62    is defined and non-zero. */
63 #define DEBUG 1
64 #define NO_DEBUG 0
65
66 #define ST_DEB_MSG  KERN_NOTICE
67 #if DEBUG
68 /* The message level for the debug messages is currently set to KERN_NOTICE
69    so that people can easily see the messages. Later when the debugging messages
70    in the drivers are more widely classified, this may be changed to KERN_DEBUG. */
71 #define DEB(a) a
72 #define DEBC(a) if (debugging) { a ; }
73 #else
74 #define DEB(a)
75 #define DEBC(a)
76 #endif
77
78 #define ST_KILOBYTE 1024
79
80 #include "st_options.h"
81 #include "st.h"
82
83 static int buffer_kbs;
84 static int max_sg_segs;
85 static int try_direct_io = TRY_DIRECT_IO;
86 static int try_rdio = 1;
87 static int try_wdio = 1;
88 static int debug_flag;
89
90 static struct class st_sysfs_class;
91 static const struct attribute_group *st_dev_groups[];
92 static const struct attribute_group *st_drv_groups[];
93
94 MODULE_AUTHOR("Kai Makisara");
95 MODULE_DESCRIPTION("SCSI tape (st) driver");
96 MODULE_LICENSE("GPL");
97 MODULE_ALIAS_CHARDEV_MAJOR(SCSI_TAPE_MAJOR);
98 MODULE_ALIAS_SCSI_DEVICE(TYPE_TAPE);
99
100 /* Set 'perm' (4th argument) to 0 to disable module_param's definition
101  * of sysfs parameters (which module_param doesn't yet support).
102  * Sysfs parameters defined explicitly later.
103  */
104 module_param_named(buffer_kbs, buffer_kbs, int, 0);
105 MODULE_PARM_DESC(buffer_kbs, "Default driver buffer size for fixed block mode (KB; 32)");
106 module_param_named(max_sg_segs, max_sg_segs, int, 0);
107 MODULE_PARM_DESC(max_sg_segs, "Maximum number of scatter/gather segments to use (256)");
108 module_param_named(try_direct_io, try_direct_io, int, 0);
109 MODULE_PARM_DESC(try_direct_io, "Try direct I/O between user buffer and tape drive (1)");
110 module_param_named(debug_flag, debug_flag, int, 0);
111 MODULE_PARM_DESC(debug_flag, "Enable DEBUG, same as setting debugging=1");
112
113
114 /* Extra parameters for testing */
115 module_param_named(try_rdio, try_rdio, int, 0);
116 MODULE_PARM_DESC(try_rdio, "Try direct read i/o when possible");
117 module_param_named(try_wdio, try_wdio, int, 0);
118 MODULE_PARM_DESC(try_wdio, "Try direct write i/o when possible");
119
120 #ifndef MODULE
121 static int write_threshold_kbs;  /* retained for compatibility */
122 static struct st_dev_parm {
123         char *name;
124         int *val;
125 } parms[] __initdata = {
126         {
127                 "buffer_kbs", &buffer_kbs
128         },
129         {       /* Retained for compatibility with 2.4 */
130                 "write_threshold_kbs", &write_threshold_kbs
131         },
132         {
133                 "max_sg_segs", NULL
134         },
135         {
136                 "try_direct_io", &try_direct_io
137         },
138         {
139                 "debug_flag", &debug_flag
140         }
141 };
142 #endif
143
144 /* Restrict the number of modes so that names for all are assigned */
145 #if ST_NBR_MODES > 16
146 #error "Maximum number of modes is 16"
147 #endif
148 /* Bit reversed order to get same names for same minors with all
149    mode counts */
150 static const char *st_formats[] = {
151         "",  "r", "k", "s", "l", "t", "o", "u",
152         "m", "v", "p", "x", "a", "y", "q", "z"}; 
153
154 /* The default definitions have been moved to st_options.h */
155
156 #define ST_FIXED_BUFFER_SIZE (ST_FIXED_BUFFER_BLOCKS * ST_KILOBYTE)
157
158 /* The buffer size should fit into the 24 bits for length in the
159    6-byte SCSI read and write commands. */
160 #if ST_FIXED_BUFFER_SIZE >= (2 << 24 - 1)
161 #error "Buffer size should not exceed (2 << 24 - 1) bytes!"
162 #endif
163
164 static int debugging = DEBUG;
165
166 #define MAX_RETRIES 0
167 #define MAX_WRITE_RETRIES 0
168 #define MAX_READY_RETRIES 0
169 #define NO_TAPE  NOT_READY
170
171 #define ST_TIMEOUT (900 * HZ)
172 #define ST_LONG_TIMEOUT (14000 * HZ)
173
174 /* Remove mode bits and auto-rewind bit (7) */
175 #define TAPE_NR(x) ( ((iminor(x) & ~255) >> (ST_NBR_MODE_BITS + 1)) | \
176         (iminor(x) & ((1 << ST_MODE_SHIFT)-1)))
177 #define TAPE_MODE(x) ((iminor(x) & ST_MODE_MASK) >> ST_MODE_SHIFT)
178
179 /* Construct the minor number from the device (d), mode (m), and non-rewind (n) data */
180 #define TAPE_MINOR(d, m, n) (((d & ~(255 >> (ST_NBR_MODE_BITS + 1))) << (ST_NBR_MODE_BITS + 1)) | \
181   (d & (255 >> (ST_NBR_MODE_BITS + 1))) | (m << ST_MODE_SHIFT) | ((n != 0) << 7) )
182
183 /* Internal ioctl to set both density (uppermost 8 bits) and blocksize (lower
184    24 bits) */
185 #define SET_DENS_AND_BLK 0x10001
186
187 static int st_fixed_buffer_size = ST_FIXED_BUFFER_SIZE;
188 static int st_max_sg_segs = ST_MAX_SG;
189
190 static int modes_defined;
191
192 static int enlarge_buffer(struct st_buffer *, int);
193 static void clear_buffer(struct st_buffer *);
194 static void normalize_buffer(struct st_buffer *);
195 static int append_to_buffer(const char __user *, struct st_buffer *, int);
196 static int from_buffer(struct st_buffer *, char __user *, int);
197 static void move_buffer_data(struct st_buffer *, int);
198
199 static int sgl_map_user_pages(struct st_buffer *, const unsigned int,
200                               unsigned long, size_t, int);
201 static int sgl_unmap_user_pages(struct st_buffer *, const unsigned int, int);
202
203 static int st_probe(struct device *);
204 static int st_remove(struct device *);
205
206 static struct scsi_driver st_template = {
207         .gendrv = {
208                 .name           = "st",
209                 .owner          = THIS_MODULE,
210                 .probe          = st_probe,
211                 .remove         = st_remove,
212                 .groups         = st_drv_groups,
213         },
214 };
215
216 static int st_compression(struct scsi_tape *, int);
217
218 static int find_partition(struct scsi_tape *);
219 static int switch_partition(struct scsi_tape *);
220
221 static int st_int_ioctl(struct scsi_tape *, unsigned int, unsigned long);
222
223 static void scsi_tape_release(struct kref *);
224
225 #define to_scsi_tape(obj) container_of(obj, struct scsi_tape, kref)
226
227 static DEFINE_MUTEX(st_ref_mutex);
228 static DEFINE_SPINLOCK(st_index_lock);
229 static DEFINE_SPINLOCK(st_use_lock);
230 static DEFINE_IDR(st_index_idr);
231
232
233 \f
234 #ifndef SIGS_FROM_OSST
235 #define SIGS_FROM_OSST \
236         {"OnStream", "SC-", "", "osst"}, \
237         {"OnStream", "DI-", "", "osst"}, \
238         {"OnStream", "DP-", "", "osst"}, \
239         {"OnStream", "USB", "", "osst"}, \
240         {"OnStream", "FW-", "", "osst"}
241 #endif
242
243 static struct scsi_tape *scsi_tape_get(int dev)
244 {
245         struct scsi_tape *STp = NULL;
246
247         mutex_lock(&st_ref_mutex);
248         spin_lock(&st_index_lock);
249
250         STp = idr_find(&st_index_idr, dev);
251         if (!STp) goto out;
252
253         kref_get(&STp->kref);
254
255         if (!STp->device)
256                 goto out_put;
257
258         if (scsi_device_get(STp->device))
259                 goto out_put;
260
261         goto out;
262
263 out_put:
264         kref_put(&STp->kref, scsi_tape_release);
265         STp = NULL;
266 out:
267         spin_unlock(&st_index_lock);
268         mutex_unlock(&st_ref_mutex);
269         return STp;
270 }
271
272 static void scsi_tape_put(struct scsi_tape *STp)
273 {
274         struct scsi_device *sdev = STp->device;
275
276         mutex_lock(&st_ref_mutex);
277         kref_put(&STp->kref, scsi_tape_release);
278         scsi_device_put(sdev);
279         mutex_unlock(&st_ref_mutex);
280 }
281
282 struct st_reject_data {
283         char *vendor;
284         char *model;
285         char *rev;
286         char *driver_hint; /* Name of the correct driver, NULL if unknown */
287 };
288
289 static struct st_reject_data reject_list[] = {
290         /* {"XXX", "Yy-", "", NULL},  example */
291         SIGS_FROM_OSST,
292         {NULL, }};
293
294 /* If the device signature is on the list of incompatible drives, the
295    function returns a pointer to the name of the correct driver (if known) */
296 static char * st_incompatible(struct scsi_device* SDp)
297 {
298         struct st_reject_data *rp;
299
300         for (rp=&(reject_list[0]); rp->vendor != NULL; rp++)
301                 if (!strncmp(rp->vendor, SDp->vendor, strlen(rp->vendor)) &&
302                     !strncmp(rp->model, SDp->model, strlen(rp->model)) &&
303                     !strncmp(rp->rev, SDp->rev, strlen(rp->rev))) {
304                         if (rp->driver_hint)
305                                 return rp->driver_hint;
306                         else
307                                 return "unknown";
308                 }
309         return NULL;
310 }
311 \f
312
313 #define st_printk(prefix, t, fmt, a...) \
314         sdev_prefix_printk(prefix, (t)->device, (t)->name, fmt, ##a)
315 #ifdef DEBUG
316 #define DEBC_printk(t, fmt, a...) \
317         if (debugging) { st_printk(ST_DEB_MSG, t, fmt, ##a ); }
318 #else
319 #define DEBC_printk(t, fmt, a...)
320 #endif
321
322 static void st_analyze_sense(struct st_request *SRpnt, struct st_cmdstatus *s)
323 {
324         const u8 *ucp;
325         const u8 *sense = SRpnt->sense;
326
327         s->have_sense = scsi_normalize_sense(SRpnt->sense,
328                                 SCSI_SENSE_BUFFERSIZE, &s->sense_hdr);
329         s->flags = 0;
330
331         if (s->have_sense) {
332                 s->deferred = 0;
333                 s->remainder_valid =
334                         scsi_get_sense_info_fld(sense, SCSI_SENSE_BUFFERSIZE, &s->uremainder64);
335                 switch (sense[0] & 0x7f) {
336                 case 0x71:
337                         s->deferred = 1;
338                         fallthrough;
339                 case 0x70:
340                         s->fixed_format = 1;
341                         s->flags = sense[2] & 0xe0;
342                         break;
343                 case 0x73:
344                         s->deferred = 1;
345                         fallthrough;
346                 case 0x72:
347                         s->fixed_format = 0;
348                         ucp = scsi_sense_desc_find(sense, SCSI_SENSE_BUFFERSIZE, 4);
349                         s->flags = ucp ? (ucp[3] & 0xe0) : 0;
350                         break;
351                 }
352         }
353 }
354
355
356 /* Convert the result to success code */
357 static int st_chk_result(struct scsi_tape *STp, struct st_request * SRpnt)
358 {
359         int result = SRpnt->result;
360         u8 scode;
361         DEB(const char *stp;)
362         char *name = STp->name;
363         struct st_cmdstatus *cmdstatp;
364
365         if (!result)
366                 return 0;
367
368         cmdstatp = &STp->buffer->cmdstat;
369         st_analyze_sense(SRpnt, cmdstatp);
370
371         if (cmdstatp->have_sense)
372                 scode = STp->buffer->cmdstat.sense_hdr.sense_key;
373         else
374                 scode = 0;
375
376         DEB(
377         if (debugging) {
378                 st_printk(ST_DEB_MSG, STp,
379                             "Error: %x, cmd: %x %x %x %x %x %x\n", result,
380                             SRpnt->cmd[0], SRpnt->cmd[1], SRpnt->cmd[2],
381                             SRpnt->cmd[3], SRpnt->cmd[4], SRpnt->cmd[5]);
382                 if (cmdstatp->have_sense)
383                         __scsi_print_sense(STp->device, name,
384                                            SRpnt->sense, SCSI_SENSE_BUFFERSIZE);
385         } ) /* end DEB */
386         if (!debugging) { /* Abnormal conditions for tape */
387                 if (!cmdstatp->have_sense)
388                         st_printk(KERN_WARNING, STp,
389                                "Error %x (driver bt 0, host bt 0x%x).\n",
390                                result, host_byte(result));
391                 else if (cmdstatp->have_sense &&
392                          scode != NO_SENSE &&
393                          scode != RECOVERED_ERROR &&
394                          /* scode != UNIT_ATTENTION && */
395                          scode != BLANK_CHECK &&
396                          scode != VOLUME_OVERFLOW &&
397                          SRpnt->cmd[0] != MODE_SENSE &&
398                          SRpnt->cmd[0] != TEST_UNIT_READY) {
399
400                         __scsi_print_sense(STp->device, name,
401                                            SRpnt->sense, SCSI_SENSE_BUFFERSIZE);
402                 }
403         }
404
405         if (cmdstatp->fixed_format &&
406             STp->cln_mode >= EXTENDED_SENSE_START) {  /* Only fixed format sense */
407                 if (STp->cln_sense_value)
408                         STp->cleaning_req |= ((SRpnt->sense[STp->cln_mode] &
409                                                STp->cln_sense_mask) == STp->cln_sense_value);
410                 else
411                         STp->cleaning_req |= ((SRpnt->sense[STp->cln_mode] &
412                                                STp->cln_sense_mask) != 0);
413         }
414         if (cmdstatp->have_sense &&
415             cmdstatp->sense_hdr.asc == 0 && cmdstatp->sense_hdr.ascq == 0x17)
416                 STp->cleaning_req = 1; /* ASC and ASCQ => cleaning requested */
417
418         STp->pos_unknown |= STp->device->was_reset;
419
420         if (cmdstatp->have_sense &&
421             scode == RECOVERED_ERROR
422 #if ST_RECOVERED_WRITE_FATAL
423             && SRpnt->cmd[0] != WRITE_6
424             && SRpnt->cmd[0] != WRITE_FILEMARKS
425 #endif
426             ) {
427                 STp->recover_count++;
428                 STp->recover_reg++;
429
430                 DEB(
431                 if (debugging) {
432                         if (SRpnt->cmd[0] == READ_6)
433                                 stp = "read";
434                         else if (SRpnt->cmd[0] == WRITE_6)
435                                 stp = "write";
436                         else
437                                 stp = "ioctl";
438                         st_printk(ST_DEB_MSG, STp,
439                                   "Recovered %s error (%d).\n",
440                                   stp, STp->recover_count);
441                 } ) /* end DEB */
442
443                 if (cmdstatp->flags == 0)
444                         return 0;
445         }
446         return (-EIO);
447 }
448
449 static struct st_request *st_allocate_request(struct scsi_tape *stp)
450 {
451         struct st_request *streq;
452
453         streq = kzalloc(sizeof(*streq), GFP_KERNEL);
454         if (streq)
455                 streq->stp = stp;
456         else {
457                 st_printk(KERN_ERR, stp,
458                           "Can't get SCSI request.\n");
459                 if (signal_pending(current))
460                         stp->buffer->syscall_result = -EINTR;
461                 else
462                         stp->buffer->syscall_result = -EBUSY;
463         }
464
465         return streq;
466 }
467
468 static void st_release_request(struct st_request *streq)
469 {
470         kfree(streq);
471 }
472
473 static void st_do_stats(struct scsi_tape *STp, struct request *req)
474 {
475         struct scsi_cmnd *scmd = blk_mq_rq_to_pdu(req);
476         ktime_t now;
477
478         now = ktime_get();
479         if (scmd->cmnd[0] == WRITE_6) {
480                 now = ktime_sub(now, STp->stats->write_time);
481                 atomic64_add(ktime_to_ns(now), &STp->stats->tot_write_time);
482                 atomic64_add(ktime_to_ns(now), &STp->stats->tot_io_time);
483                 atomic64_inc(&STp->stats->write_cnt);
484                 if (scmd->result) {
485                         atomic64_add(atomic_read(&STp->stats->last_write_size)
486                                 - STp->buffer->cmdstat.residual,
487                                 &STp->stats->write_byte_cnt);
488                         if (STp->buffer->cmdstat.residual > 0)
489                                 atomic64_inc(&STp->stats->resid_cnt);
490                 } else
491                         atomic64_add(atomic_read(&STp->stats->last_write_size),
492                                 &STp->stats->write_byte_cnt);
493         } else if (scmd->cmnd[0] == READ_6) {
494                 now = ktime_sub(now, STp->stats->read_time);
495                 atomic64_add(ktime_to_ns(now), &STp->stats->tot_read_time);
496                 atomic64_add(ktime_to_ns(now), &STp->stats->tot_io_time);
497                 atomic64_inc(&STp->stats->read_cnt);
498                 if (scmd->result) {
499                         atomic64_add(atomic_read(&STp->stats->last_read_size)
500                                 - STp->buffer->cmdstat.residual,
501                                 &STp->stats->read_byte_cnt);
502                         if (STp->buffer->cmdstat.residual > 0)
503                                 atomic64_inc(&STp->stats->resid_cnt);
504                 } else
505                         atomic64_add(atomic_read(&STp->stats->last_read_size),
506                                 &STp->stats->read_byte_cnt);
507         } else {
508                 now = ktime_sub(now, STp->stats->other_time);
509                 atomic64_add(ktime_to_ns(now), &STp->stats->tot_io_time);
510                 atomic64_inc(&STp->stats->other_cnt);
511         }
512         atomic64_dec(&STp->stats->in_flight);
513 }
514
515 static enum rq_end_io_ret st_scsi_execute_end(struct request *req,
516                                               blk_status_t status)
517 {
518         struct scsi_cmnd *scmd = blk_mq_rq_to_pdu(req);
519         struct st_request *SRpnt = req->end_io_data;
520         struct scsi_tape *STp = SRpnt->stp;
521         struct bio *tmp;
522
523         STp->buffer->cmdstat.midlevel_result = SRpnt->result = scmd->result;
524         STp->buffer->cmdstat.residual = scmd->resid_len;
525
526         st_do_stats(STp, req);
527
528         tmp = SRpnt->bio;
529         if (scmd->sense_len)
530                 memcpy(SRpnt->sense, scmd->sense_buffer, SCSI_SENSE_BUFFERSIZE);
531         if (SRpnt->waiting)
532                 complete(SRpnt->waiting);
533
534         blk_rq_unmap_user(tmp);
535         blk_mq_free_request(req);
536         return RQ_END_IO_NONE;
537 }
538
539 static int st_scsi_execute(struct st_request *SRpnt, const unsigned char *cmd,
540                            int data_direction, void *buffer, unsigned bufflen,
541                            int timeout, int retries)
542 {
543         struct request *req;
544         struct rq_map_data *mdata = &SRpnt->stp->buffer->map_data;
545         int err = 0;
546         struct scsi_tape *STp = SRpnt->stp;
547         struct scsi_cmnd *scmd;
548
549         req = scsi_alloc_request(SRpnt->stp->device->request_queue,
550                         data_direction == DMA_TO_DEVICE ?
551                         REQ_OP_DRV_OUT : REQ_OP_DRV_IN, 0);
552         if (IS_ERR(req))
553                 return PTR_ERR(req);
554         scmd = blk_mq_rq_to_pdu(req);
555         req->rq_flags |= RQF_QUIET;
556
557         mdata->null_mapped = 1;
558
559         if (bufflen) {
560                 err = blk_rq_map_user(req->q, req, mdata, NULL, bufflen,
561                                       GFP_KERNEL);
562                 if (err) {
563                         blk_mq_free_request(req);
564                         return err;
565                 }
566         }
567
568         atomic64_inc(&STp->stats->in_flight);
569         if (cmd[0] == WRITE_6) {
570                 atomic_set(&STp->stats->last_write_size, bufflen);
571                 STp->stats->write_time = ktime_get();
572         } else if (cmd[0] == READ_6) {
573                 atomic_set(&STp->stats->last_read_size, bufflen);
574                 STp->stats->read_time = ktime_get();
575         } else {
576                 STp->stats->other_time = ktime_get();
577         }
578
579         SRpnt->bio = req->bio;
580         scmd->cmd_len = COMMAND_SIZE(cmd[0]);
581         memcpy(scmd->cmnd, cmd, scmd->cmd_len);
582         req->timeout = timeout;
583         scmd->allowed = retries;
584         req->end_io = st_scsi_execute_end;
585         req->end_io_data = SRpnt;
586
587         blk_execute_rq_nowait(req, true);
588         return 0;
589 }
590
591 /* Do the scsi command. Waits until command performed if do_wait is true.
592    Otherwise write_behind_check() is used to check that the command
593    has finished. */
594 static struct st_request *
595 st_do_scsi(struct st_request * SRpnt, struct scsi_tape * STp, unsigned char *cmd,
596            int bytes, int direction, int timeout, int retries, int do_wait)
597 {
598         struct completion *waiting;
599         struct rq_map_data *mdata = &STp->buffer->map_data;
600         int ret;
601
602         /* if async, make sure there's no command outstanding */
603         if (!do_wait && ((STp->buffer)->last_SRpnt)) {
604                 st_printk(KERN_ERR, STp,
605                           "Async command already active.\n");
606                 if (signal_pending(current))
607                         (STp->buffer)->syscall_result = (-EINTR);
608                 else
609                         (STp->buffer)->syscall_result = (-EBUSY);
610                 return NULL;
611         }
612
613         if (!SRpnt) {
614                 SRpnt = st_allocate_request(STp);
615                 if (!SRpnt)
616                         return NULL;
617         }
618
619         /* If async IO, set last_SRpnt. This ptr tells write_behind_check
620            which IO is outstanding. It's nulled out when the IO completes. */
621         if (!do_wait)
622                 (STp->buffer)->last_SRpnt = SRpnt;
623
624         waiting = &STp->wait;
625         init_completion(waiting);
626         SRpnt->waiting = waiting;
627
628         if (STp->buffer->do_dio) {
629                 mdata->page_order = 0;
630                 mdata->nr_entries = STp->buffer->sg_segs;
631                 mdata->pages = STp->buffer->mapped_pages;
632         } else {
633                 mdata->page_order = STp->buffer->reserved_page_order;
634                 mdata->nr_entries =
635                         DIV_ROUND_UP(bytes, PAGE_SIZE << mdata->page_order);
636                 mdata->pages = STp->buffer->reserved_pages;
637                 mdata->offset = 0;
638         }
639
640         memcpy(SRpnt->cmd, cmd, sizeof(SRpnt->cmd));
641         STp->buffer->cmdstat.have_sense = 0;
642         STp->buffer->syscall_result = 0;
643
644         ret = st_scsi_execute(SRpnt, cmd, direction, NULL, bytes, timeout,
645                               retries);
646         if (ret) {
647                 /* could not allocate the buffer or request was too large */
648                 (STp->buffer)->syscall_result = (-EBUSY);
649                 (STp->buffer)->last_SRpnt = NULL;
650         } else if (do_wait) {
651                 wait_for_completion(waiting);
652                 SRpnt->waiting = NULL;
653                 (STp->buffer)->syscall_result = st_chk_result(STp, SRpnt);
654         }
655
656         return SRpnt;
657 }
658
659
660 /* Handle the write-behind checking (waits for completion). Returns -ENOSPC if
661    write has been correct but EOM early warning reached, -EIO if write ended in
662    error or zero if write successful. Asynchronous writes are used only in
663    variable block mode. */
664 static int write_behind_check(struct scsi_tape * STp)
665 {
666         int retval = 0;
667         struct st_buffer *STbuffer;
668         struct st_partstat *STps;
669         struct st_cmdstatus *cmdstatp;
670         struct st_request *SRpnt;
671
672         STbuffer = STp->buffer;
673         if (!STbuffer->writing)
674                 return 0;
675
676         DEB(
677         if (STp->write_pending)
678                 STp->nbr_waits++;
679         else
680                 STp->nbr_finished++;
681         ) /* end DEB */
682
683         wait_for_completion(&(STp->wait));
684         SRpnt = STbuffer->last_SRpnt;
685         STbuffer->last_SRpnt = NULL;
686         SRpnt->waiting = NULL;
687
688         (STp->buffer)->syscall_result = st_chk_result(STp, SRpnt);
689         st_release_request(SRpnt);
690
691         STbuffer->buffer_bytes -= STbuffer->writing;
692         STps = &(STp->ps[STp->partition]);
693         if (STps->drv_block >= 0) {
694                 if (STp->block_size == 0)
695                         STps->drv_block++;
696                 else
697                         STps->drv_block += STbuffer->writing / STp->block_size;
698         }
699
700         cmdstatp = &STbuffer->cmdstat;
701         if (STbuffer->syscall_result) {
702                 retval = -EIO;
703                 if (cmdstatp->have_sense && !cmdstatp->deferred &&
704                     (cmdstatp->flags & SENSE_EOM) &&
705                     (cmdstatp->sense_hdr.sense_key == NO_SENSE ||
706                      cmdstatp->sense_hdr.sense_key == RECOVERED_ERROR)) {
707                         /* EOM at write-behind, has all data been written? */
708                         if (!cmdstatp->remainder_valid ||
709                             cmdstatp->uremainder64 == 0)
710                                 retval = -ENOSPC;
711                 }
712                 if (retval == -EIO)
713                         STps->drv_block = -1;
714         }
715         STbuffer->writing = 0;
716
717         DEB(if (debugging && retval)
718                     st_printk(ST_DEB_MSG, STp,
719                                 "Async write error %x, return value %d.\n",
720                                 STbuffer->cmdstat.midlevel_result, retval);) /* end DEB */
721
722         return retval;
723 }
724
725
726 /* Step over EOF if it has been inadvertently crossed (ioctl not used because
727    it messes up the block number). */
728 static int cross_eof(struct scsi_tape * STp, int forward)
729 {
730         struct st_request *SRpnt;
731         unsigned char cmd[MAX_COMMAND_SIZE];
732
733         cmd[0] = SPACE;
734         cmd[1] = 0x01;          /* Space FileMarks */
735         if (forward) {
736                 cmd[2] = cmd[3] = 0;
737                 cmd[4] = 1;
738         } else
739                 cmd[2] = cmd[3] = cmd[4] = 0xff;        /* -1 filemarks */
740         cmd[5] = 0;
741
742         DEBC_printk(STp, "Stepping over filemark %s.\n",
743                     forward ? "forward" : "backward");
744
745         SRpnt = st_do_scsi(NULL, STp, cmd, 0, DMA_NONE,
746                            STp->device->request_queue->rq_timeout,
747                            MAX_RETRIES, 1);
748         if (!SRpnt)
749                 return (STp->buffer)->syscall_result;
750
751         st_release_request(SRpnt);
752         SRpnt = NULL;
753
754         if ((STp->buffer)->cmdstat.midlevel_result != 0)
755                 st_printk(KERN_ERR, STp,
756                           "Stepping over filemark %s failed.\n",
757                           forward ? "forward" : "backward");
758
759         return (STp->buffer)->syscall_result;
760 }
761
762
763 /* Flush the write buffer (never need to write if variable blocksize). */
764 static int st_flush_write_buffer(struct scsi_tape * STp)
765 {
766         int transfer, blks;
767         int result;
768         unsigned char cmd[MAX_COMMAND_SIZE];
769         struct st_request *SRpnt;
770         struct st_partstat *STps;
771
772         result = write_behind_check(STp);
773         if (result)
774                 return result;
775
776         result = 0;
777         if (STp->dirty == 1) {
778
779                 transfer = STp->buffer->buffer_bytes;
780                 DEBC_printk(STp, "Flushing %d bytes.\n", transfer);
781
782                 memset(cmd, 0, MAX_COMMAND_SIZE);
783                 cmd[0] = WRITE_6;
784                 cmd[1] = 1;
785                 blks = transfer / STp->block_size;
786                 cmd[2] = blks >> 16;
787                 cmd[3] = blks >> 8;
788                 cmd[4] = blks;
789
790                 SRpnt = st_do_scsi(NULL, STp, cmd, transfer, DMA_TO_DEVICE,
791                                    STp->device->request_queue->rq_timeout,
792                                    MAX_WRITE_RETRIES, 1);
793                 if (!SRpnt)
794                         return (STp->buffer)->syscall_result;
795
796                 STps = &(STp->ps[STp->partition]);
797                 if ((STp->buffer)->syscall_result != 0) {
798                         struct st_cmdstatus *cmdstatp = &STp->buffer->cmdstat;
799
800                         if (cmdstatp->have_sense && !cmdstatp->deferred &&
801                             (cmdstatp->flags & SENSE_EOM) &&
802                             (cmdstatp->sense_hdr.sense_key == NO_SENSE ||
803                              cmdstatp->sense_hdr.sense_key == RECOVERED_ERROR) &&
804                             (!cmdstatp->remainder_valid ||
805                              cmdstatp->uremainder64 == 0)) { /* All written at EOM early warning */
806                                 STp->dirty = 0;
807                                 (STp->buffer)->buffer_bytes = 0;
808                                 if (STps->drv_block >= 0)
809                                         STps->drv_block += blks;
810                                 result = (-ENOSPC);
811                         } else {
812                                 st_printk(KERN_ERR, STp, "Error on flush.\n");
813                                 STps->drv_block = (-1);
814                                 result = (-EIO);
815                         }
816                 } else {
817                         if (STps->drv_block >= 0)
818                                 STps->drv_block += blks;
819                         STp->dirty = 0;
820                         (STp->buffer)->buffer_bytes = 0;
821                 }
822                 st_release_request(SRpnt);
823                 SRpnt = NULL;
824         }
825         return result;
826 }
827
828
829 /* Flush the tape buffer. The tape will be positioned correctly unless
830    seek_next is true. */
831 static int flush_buffer(struct scsi_tape *STp, int seek_next)
832 {
833         int backspace, result;
834         struct st_partstat *STps;
835
836         /*
837          * If there was a bus reset, block further access
838          * to this device.
839          */
840         if (STp->pos_unknown)
841                 return (-EIO);
842
843         if (STp->ready != ST_READY)
844                 return 0;
845         STps = &(STp->ps[STp->partition]);
846         if (STps->rw == ST_WRITING)     /* Writing */
847                 return st_flush_write_buffer(STp);
848
849         if (STp->block_size == 0)
850                 return 0;
851
852         backspace = ((STp->buffer)->buffer_bytes +
853                      (STp->buffer)->read_pointer) / STp->block_size -
854             ((STp->buffer)->read_pointer + STp->block_size - 1) /
855             STp->block_size;
856         (STp->buffer)->buffer_bytes = 0;
857         (STp->buffer)->read_pointer = 0;
858         result = 0;
859         if (!seek_next) {
860                 if (STps->eof == ST_FM_HIT) {
861                         result = cross_eof(STp, 0);     /* Back over the EOF hit */
862                         if (!result)
863                                 STps->eof = ST_NOEOF;
864                         else {
865                                 if (STps->drv_file >= 0)
866                                         STps->drv_file++;
867                                 STps->drv_block = 0;
868                         }
869                 }
870                 if (!result && backspace > 0)
871                         result = st_int_ioctl(STp, MTBSR, backspace);
872         } else if (STps->eof == ST_FM_HIT) {
873                 if (STps->drv_file >= 0)
874                         STps->drv_file++;
875                 STps->drv_block = 0;
876                 STps->eof = ST_NOEOF;
877         }
878         return result;
879
880 }
881 \f
882 /* Set the mode parameters */
883 static int set_mode_densblk(struct scsi_tape * STp, struct st_modedef * STm)
884 {
885         int set_it = 0;
886         unsigned long arg;
887
888         if (!STp->density_changed &&
889             STm->default_density >= 0 &&
890             STm->default_density != STp->density) {
891                 arg = STm->default_density;
892                 set_it = 1;
893         } else
894                 arg = STp->density;
895         arg <<= MT_ST_DENSITY_SHIFT;
896         if (!STp->blksize_changed &&
897             STm->default_blksize >= 0 &&
898             STm->default_blksize != STp->block_size) {
899                 arg |= STm->default_blksize;
900                 set_it = 1;
901         } else
902                 arg |= STp->block_size;
903         if (set_it &&
904             st_int_ioctl(STp, SET_DENS_AND_BLK, arg)) {
905                 st_printk(KERN_WARNING, STp,
906                           "Can't set default block size to %d bytes "
907                           "and density %x.\n",
908                           STm->default_blksize, STm->default_density);
909                 if (modes_defined)
910                         return (-EINVAL);
911         }
912         return 0;
913 }
914
915
916 /* Lock or unlock the drive door. Don't use when st_request allocated. */
917 static int do_door_lock(struct scsi_tape * STp, int do_lock)
918 {
919         int retval;
920
921         DEBC_printk(STp, "%socking drive door.\n", do_lock ? "L" : "Unl");
922
923         retval = scsi_set_medium_removal(STp->device,
924                         do_lock ? SCSI_REMOVAL_PREVENT : SCSI_REMOVAL_ALLOW);
925         if (!retval)
926                 STp->door_locked = do_lock ? ST_LOCKED_EXPLICIT : ST_UNLOCKED;
927         else
928                 STp->door_locked = ST_LOCK_FAILS;
929         return retval;
930 }
931
932
933 /* Set the internal state after reset */
934 static void reset_state(struct scsi_tape *STp)
935 {
936         int i;
937         struct st_partstat *STps;
938
939         STp->pos_unknown = 0;
940         for (i = 0; i < ST_NBR_PARTITIONS; i++) {
941                 STps = &(STp->ps[i]);
942                 STps->rw = ST_IDLE;
943                 STps->eof = ST_NOEOF;
944                 STps->at_sm = 0;
945                 STps->last_block_valid = 0;
946                 STps->drv_block = -1;
947                 STps->drv_file = -1;
948         }
949         if (STp->can_partitions) {
950                 STp->partition = find_partition(STp);
951                 if (STp->partition < 0)
952                         STp->partition = 0;
953                 STp->new_partition = STp->partition;
954         }
955 }
956 \f
957 /* Test if the drive is ready. Returns either one of the codes below or a negative system
958    error code. */
959 #define CHKRES_READY       0
960 #define CHKRES_NEW_SESSION 1
961 #define CHKRES_NOT_READY   2
962 #define CHKRES_NO_TAPE     3
963
964 #define MAX_ATTENTIONS    10
965
966 static int test_ready(struct scsi_tape *STp, int do_wait)
967 {
968         int attentions, waits, max_wait, scode;
969         int retval = CHKRES_READY, new_session = 0;
970         unsigned char cmd[MAX_COMMAND_SIZE];
971         struct st_request *SRpnt = NULL;
972         struct st_cmdstatus *cmdstatp = &STp->buffer->cmdstat;
973
974         max_wait = do_wait ? ST_BLOCK_SECONDS : 0;
975
976         for (attentions=waits=0; ; ) {
977                 memset((void *) &cmd[0], 0, MAX_COMMAND_SIZE);
978                 cmd[0] = TEST_UNIT_READY;
979                 SRpnt = st_do_scsi(SRpnt, STp, cmd, 0, DMA_NONE,
980                                    STp->long_timeout, MAX_READY_RETRIES, 1);
981
982                 if (!SRpnt) {
983                         retval = (STp->buffer)->syscall_result;
984                         break;
985                 }
986
987                 if (cmdstatp->have_sense) {
988
989                         scode = cmdstatp->sense_hdr.sense_key;
990
991                         if (scode == UNIT_ATTENTION) { /* New media? */
992                                 new_session = 1;
993                                 if (attentions < MAX_ATTENTIONS) {
994                                         attentions++;
995                                         continue;
996                                 }
997                                 else {
998                                         retval = (-EIO);
999                                         break;
1000                                 }
1001                         }
1002
1003                         if (scode == NOT_READY) {
1004                                 if (waits < max_wait) {
1005                                         if (msleep_interruptible(1000)) {
1006                                                 retval = (-EINTR);
1007                                                 break;
1008                                         }
1009                                         waits++;
1010                                         continue;
1011                                 }
1012                                 else {
1013                                         if ((STp->device)->scsi_level >= SCSI_2 &&
1014                                             cmdstatp->sense_hdr.asc == 0x3a)    /* Check ASC */
1015                                                 retval = CHKRES_NO_TAPE;
1016                                         else
1017                                                 retval = CHKRES_NOT_READY;
1018                                         break;
1019                                 }
1020                         }
1021                 }
1022
1023                 retval = (STp->buffer)->syscall_result;
1024                 if (!retval)
1025                         retval = new_session ? CHKRES_NEW_SESSION : CHKRES_READY;
1026                 break;
1027         }
1028
1029         if (SRpnt != NULL)
1030                 st_release_request(SRpnt);
1031         return retval;
1032 }
1033
1034
1035 /* See if the drive is ready and gather information about the tape. Return values:
1036    < 0   negative error code from errno.h
1037    0     drive ready
1038    1     drive not ready (possibly no tape)
1039 */
1040 static int check_tape(struct scsi_tape *STp, struct file *filp)
1041 {
1042         int i, retval, new_session = 0, do_wait;
1043         unsigned char cmd[MAX_COMMAND_SIZE], saved_cleaning;
1044         unsigned short st_flags = filp->f_flags;
1045         struct st_request *SRpnt = NULL;
1046         struct st_modedef *STm;
1047         struct st_partstat *STps;
1048         struct inode *inode = file_inode(filp);
1049         int mode = TAPE_MODE(inode);
1050
1051         STp->ready = ST_READY;
1052
1053         if (mode != STp->current_mode) {
1054                 DEBC_printk(STp, "Mode change from %d to %d.\n",
1055                             STp->current_mode, mode);
1056                 new_session = 1;
1057                 STp->current_mode = mode;
1058         }
1059         STm = &(STp->modes[STp->current_mode]);
1060
1061         saved_cleaning = STp->cleaning_req;
1062         STp->cleaning_req = 0;
1063
1064         do_wait = ((filp->f_flags & O_NONBLOCK) == 0);
1065         retval = test_ready(STp, do_wait);
1066
1067         if (retval < 0)
1068             goto err_out;
1069
1070         if (retval == CHKRES_NEW_SESSION) {
1071                 STp->pos_unknown = 0;
1072                 STp->partition = STp->new_partition = 0;
1073                 if (STp->can_partitions)
1074                         STp->nbr_partitions = 1; /* This guess will be updated later
1075                                                     if necessary */
1076                 for (i = 0; i < ST_NBR_PARTITIONS; i++) {
1077                         STps = &(STp->ps[i]);
1078                         STps->rw = ST_IDLE;
1079                         STps->eof = ST_NOEOF;
1080                         STps->at_sm = 0;
1081                         STps->last_block_valid = 0;
1082                         STps->drv_block = 0;
1083                         STps->drv_file = 0;
1084                 }
1085                 new_session = 1;
1086         }
1087         else {
1088                 STp->cleaning_req |= saved_cleaning;
1089
1090                 if (retval == CHKRES_NOT_READY || retval == CHKRES_NO_TAPE) {
1091                         if (retval == CHKRES_NO_TAPE)
1092                                 STp->ready = ST_NO_TAPE;
1093                         else
1094                                 STp->ready = ST_NOT_READY;
1095
1096                         STp->density = 0;       /* Clear the erroneous "residue" */
1097                         STp->write_prot = 0;
1098                         STp->block_size = 0;
1099                         STp->ps[0].drv_file = STp->ps[0].drv_block = (-1);
1100                         STp->partition = STp->new_partition = 0;
1101                         STp->door_locked = ST_UNLOCKED;
1102                         return CHKRES_NOT_READY;
1103                 }
1104         }
1105
1106         if (STp->omit_blklims)
1107                 STp->min_block = STp->max_block = (-1);
1108         else {
1109                 memset((void *) &cmd[0], 0, MAX_COMMAND_SIZE);
1110                 cmd[0] = READ_BLOCK_LIMITS;
1111
1112                 SRpnt = st_do_scsi(SRpnt, STp, cmd, 6, DMA_FROM_DEVICE,
1113                                    STp->device->request_queue->rq_timeout,
1114                                    MAX_READY_RETRIES, 1);
1115                 if (!SRpnt) {
1116                         retval = (STp->buffer)->syscall_result;
1117                         goto err_out;
1118                 }
1119
1120                 if (!SRpnt->result && !STp->buffer->cmdstat.have_sense) {
1121                         STp->max_block = ((STp->buffer)->b_data[1] << 16) |
1122                             ((STp->buffer)->b_data[2] << 8) | (STp->buffer)->b_data[3];
1123                         STp->min_block = ((STp->buffer)->b_data[4] << 8) |
1124                             (STp->buffer)->b_data[5];
1125                         if ( DEB( debugging || ) !STp->inited)
1126                                 st_printk(KERN_INFO, STp,
1127                                           "Block limits %d - %d bytes.\n",
1128                                           STp->min_block, STp->max_block);
1129                 } else {
1130                         STp->min_block = STp->max_block = (-1);
1131                         DEBC_printk(STp, "Can't read block limits.\n");
1132                 }
1133         }
1134
1135         memset((void *) &cmd[0], 0, MAX_COMMAND_SIZE);
1136         cmd[0] = MODE_SENSE;
1137         cmd[4] = 12;
1138
1139         SRpnt = st_do_scsi(SRpnt, STp, cmd, 12, DMA_FROM_DEVICE,
1140                            STp->device->request_queue->rq_timeout,
1141                            MAX_READY_RETRIES, 1);
1142         if (!SRpnt) {
1143                 retval = (STp->buffer)->syscall_result;
1144                 goto err_out;
1145         }
1146
1147         if ((STp->buffer)->syscall_result != 0) {
1148                 DEBC_printk(STp, "No Mode Sense.\n");
1149                 STp->block_size = ST_DEFAULT_BLOCK;     /* Educated guess (?) */
1150                 (STp->buffer)->syscall_result = 0;      /* Prevent error propagation */
1151                 STp->drv_write_prot = 0;
1152         } else {
1153                 DEBC_printk(STp,"Mode sense. Length %d, "
1154                             "medium %x, WBS %x, BLL %d\n",
1155                             (STp->buffer)->b_data[0],
1156                             (STp->buffer)->b_data[1],
1157                             (STp->buffer)->b_data[2],
1158                             (STp->buffer)->b_data[3]);
1159
1160                 if ((STp->buffer)->b_data[3] >= 8) {
1161                         STp->drv_buffer = ((STp->buffer)->b_data[2] >> 4) & 7;
1162                         STp->density = (STp->buffer)->b_data[4];
1163                         STp->block_size = (STp->buffer)->b_data[9] * 65536 +
1164                             (STp->buffer)->b_data[10] * 256 + (STp->buffer)->b_data[11];
1165                         DEBC_printk(STp, "Density %x, tape length: %x, "
1166                                     "drv buffer: %d\n",
1167                                     STp->density,
1168                                     (STp->buffer)->b_data[5] * 65536 +
1169                                     (STp->buffer)->b_data[6] * 256 +
1170                                     (STp->buffer)->b_data[7],
1171                                     STp->drv_buffer);
1172                 }
1173                 STp->drv_write_prot = ((STp->buffer)->b_data[2] & 0x80) != 0;
1174                 if (!STp->drv_buffer && STp->immediate_filemark) {
1175                         st_printk(KERN_WARNING, STp,
1176                                   "non-buffered tape: disabling "
1177                                   "writing immediate filemarks\n");
1178                         STp->immediate_filemark = 0;
1179                 }
1180         }
1181         st_release_request(SRpnt);
1182         SRpnt = NULL;
1183         STp->inited = 1;
1184
1185         if (STp->block_size > 0)
1186                 (STp->buffer)->buffer_blocks =
1187                         (STp->buffer)->buffer_size / STp->block_size;
1188         else
1189                 (STp->buffer)->buffer_blocks = 1;
1190         (STp->buffer)->buffer_bytes = (STp->buffer)->read_pointer = 0;
1191
1192         DEBC_printk(STp, "Block size: %d, buffer size: %d (%d blocks).\n",
1193                     STp->block_size, (STp->buffer)->buffer_size,
1194                     (STp->buffer)->buffer_blocks);
1195
1196         if (STp->drv_write_prot) {
1197                 STp->write_prot = 1;
1198
1199                 DEBC_printk(STp, "Write protected\n");
1200
1201                 if (do_wait &&
1202                     ((st_flags & O_ACCMODE) == O_WRONLY ||
1203                      (st_flags & O_ACCMODE) == O_RDWR)) {
1204                         retval = (-EROFS);
1205                         goto err_out;
1206                 }
1207         }
1208
1209         if (STp->can_partitions && STp->nbr_partitions < 1) {
1210                 /* This code is reached when the device is opened for the first time
1211                    after the driver has been initialized with tape in the drive and the
1212                    partition support has been enabled. */
1213                 DEBC_printk(STp, "Updating partition number in status.\n");
1214                 if ((STp->partition = find_partition(STp)) < 0) {
1215                         retval = STp->partition;
1216                         goto err_out;
1217                 }
1218                 STp->new_partition = STp->partition;
1219                 STp->nbr_partitions = 1; /* This guess will be updated when necessary */
1220         }
1221
1222         if (new_session) {      /* Change the drive parameters for the new mode */
1223                 STp->density_changed = STp->blksize_changed = 0;
1224                 STp->compression_changed = 0;
1225                 if (!(STm->defaults_for_writes) &&
1226                     (retval = set_mode_densblk(STp, STm)) < 0)
1227                     goto err_out;
1228
1229                 if (STp->default_drvbuffer != 0xff) {
1230                         if (st_int_ioctl(STp, MTSETDRVBUFFER, STp->default_drvbuffer))
1231                                 st_printk(KERN_WARNING, STp,
1232                                           "Can't set default drive "
1233                                           "buffering to %d.\n",
1234                                           STp->default_drvbuffer);
1235                 }
1236         }
1237
1238         return CHKRES_READY;
1239
1240  err_out:
1241         return retval;
1242 }
1243
1244
1245 \f/* Open the device. Needs to take the BKL only because of incrementing the SCSI host
1246    module count. */
1247 static int st_open(struct inode *inode, struct file *filp)
1248 {
1249         int i, retval = (-EIO);
1250         int resumed = 0;
1251         struct scsi_tape *STp;
1252         struct st_partstat *STps;
1253         int dev = TAPE_NR(inode);
1254
1255         /*
1256          * We really want to do nonseekable_open(inode, filp); here, but some
1257          * versions of tar incorrectly call lseek on tapes and bail out if that
1258          * fails.  So we disallow pread() and pwrite(), but permit lseeks.
1259          */
1260         filp->f_mode &= ~(FMODE_PREAD | FMODE_PWRITE);
1261
1262         if (!(STp = scsi_tape_get(dev))) {
1263                 return -ENXIO;
1264         }
1265
1266         filp->private_data = STp;
1267
1268         spin_lock(&st_use_lock);
1269         if (STp->in_use) {
1270                 spin_unlock(&st_use_lock);
1271                 DEBC_printk(STp, "Device already in use.\n");
1272                 scsi_tape_put(STp);
1273                 return (-EBUSY);
1274         }
1275
1276         STp->in_use = 1;
1277         spin_unlock(&st_use_lock);
1278         STp->rew_at_close = STp->autorew_dev = (iminor(inode) & 0x80) == 0;
1279
1280         if (scsi_autopm_get_device(STp->device) < 0) {
1281                 retval = -EIO;
1282                 goto err_out;
1283         }
1284         resumed = 1;
1285         if (!scsi_block_when_processing_errors(STp->device)) {
1286                 retval = (-ENXIO);
1287                 goto err_out;
1288         }
1289
1290         /* See that we have at least a one page buffer available */
1291         if (!enlarge_buffer(STp->buffer, PAGE_SIZE)) {
1292                 st_printk(KERN_WARNING, STp,
1293                           "Can't allocate one page tape buffer.\n");
1294                 retval = (-EOVERFLOW);
1295                 goto err_out;
1296         }
1297
1298         (STp->buffer)->cleared = 0;
1299         (STp->buffer)->writing = 0;
1300         (STp->buffer)->syscall_result = 0;
1301
1302         STp->write_prot = ((filp->f_flags & O_ACCMODE) == O_RDONLY);
1303
1304         STp->dirty = 0;
1305         for (i = 0; i < ST_NBR_PARTITIONS; i++) {
1306                 STps = &(STp->ps[i]);
1307                 STps->rw = ST_IDLE;
1308         }
1309         STp->try_dio_now = STp->try_dio;
1310         STp->recover_count = 0;
1311         DEB( STp->nbr_waits = STp->nbr_finished = 0;
1312              STp->nbr_requests = STp->nbr_dio = STp->nbr_pages = 0; )
1313
1314         retval = check_tape(STp, filp);
1315         if (retval < 0)
1316                 goto err_out;
1317         if ((filp->f_flags & O_NONBLOCK) == 0 &&
1318             retval != CHKRES_READY) {
1319                 if (STp->ready == NO_TAPE)
1320                         retval = (-ENOMEDIUM);
1321                 else
1322                         retval = (-EIO);
1323                 goto err_out;
1324         }
1325         return 0;
1326
1327  err_out:
1328         normalize_buffer(STp->buffer);
1329         spin_lock(&st_use_lock);
1330         STp->in_use = 0;
1331         spin_unlock(&st_use_lock);
1332         if (resumed)
1333                 scsi_autopm_put_device(STp->device);
1334         scsi_tape_put(STp);
1335         return retval;
1336
1337 }
1338 \f
1339
1340 /* Flush the tape buffer before close */
1341 static int st_flush(struct file *filp, fl_owner_t id)
1342 {
1343         int result = 0, result2;
1344         unsigned char cmd[MAX_COMMAND_SIZE];
1345         struct st_request *SRpnt;
1346         struct scsi_tape *STp = filp->private_data;
1347         struct st_modedef *STm = &(STp->modes[STp->current_mode]);
1348         struct st_partstat *STps = &(STp->ps[STp->partition]);
1349
1350         if (file_count(filp) > 1)
1351                 return 0;
1352
1353         if (STps->rw == ST_WRITING && !STp->pos_unknown) {
1354                 result = st_flush_write_buffer(STp);
1355                 if (result != 0 && result != (-ENOSPC))
1356                         goto out;
1357         }
1358
1359         if (STp->can_partitions &&
1360             (result2 = switch_partition(STp)) < 0) {
1361                 DEBC_printk(STp, "switch_partition at close failed.\n");
1362                 if (result == 0)
1363                         result = result2;
1364                 goto out;
1365         }
1366
1367         DEBC( if (STp->nbr_requests)
1368                 st_printk(KERN_DEBUG, STp,
1369                           "Number of r/w requests %d, dio used in %d, "
1370                           "pages %d.\n", STp->nbr_requests, STp->nbr_dio,
1371                           STp->nbr_pages));
1372
1373         if (STps->rw == ST_WRITING && !STp->pos_unknown) {
1374                 struct st_cmdstatus *cmdstatp = &STp->buffer->cmdstat;
1375
1376 #if DEBUG
1377                 DEBC_printk(STp, "Async write waits %d, finished %d.\n",
1378                             STp->nbr_waits, STp->nbr_finished);
1379 #endif
1380                 memset(cmd, 0, MAX_COMMAND_SIZE);
1381                 cmd[0] = WRITE_FILEMARKS;
1382                 if (STp->immediate_filemark)
1383                         cmd[1] = 1;
1384                 cmd[4] = 1 + STp->two_fm;
1385
1386                 SRpnt = st_do_scsi(NULL, STp, cmd, 0, DMA_NONE,
1387                                    STp->device->request_queue->rq_timeout,
1388                                    MAX_WRITE_RETRIES, 1);
1389                 if (!SRpnt) {
1390                         result = (STp->buffer)->syscall_result;
1391                         goto out;
1392                 }
1393
1394                 if (STp->buffer->syscall_result == 0 ||
1395                     (cmdstatp->have_sense && !cmdstatp->deferred &&
1396                      (cmdstatp->flags & SENSE_EOM) &&
1397                      (cmdstatp->sense_hdr.sense_key == NO_SENSE ||
1398                       cmdstatp->sense_hdr.sense_key == RECOVERED_ERROR) &&
1399                      (!cmdstatp->remainder_valid || cmdstatp->uremainder64 == 0))) {
1400                         /* Write successful at EOM */
1401                         st_release_request(SRpnt);
1402                         SRpnt = NULL;
1403                         if (STps->drv_file >= 0)
1404                                 STps->drv_file++;
1405                         STps->drv_block = 0;
1406                         if (STp->two_fm)
1407                                 cross_eof(STp, 0);
1408                         STps->eof = ST_FM;
1409                 }
1410                 else { /* Write error */
1411                         st_release_request(SRpnt);
1412                         SRpnt = NULL;
1413                         st_printk(KERN_ERR, STp,
1414                                   "Error on write filemark.\n");
1415                         if (result == 0)
1416                                 result = (-EIO);
1417                 }
1418
1419                 DEBC_printk(STp, "Buffer flushed, %d EOF(s) written\n", cmd[4]);
1420         } else if (!STp->rew_at_close) {
1421                 STps = &(STp->ps[STp->partition]);
1422                 if (!STm->sysv || STps->rw != ST_READING) {
1423                         if (STp->can_bsr)
1424                                 result = flush_buffer(STp, 0);
1425                         else if (STps->eof == ST_FM_HIT) {
1426                                 result = cross_eof(STp, 0);
1427                                 if (result) {
1428                                         if (STps->drv_file >= 0)
1429                                                 STps->drv_file++;
1430                                         STps->drv_block = 0;
1431                                         STps->eof = ST_FM;
1432                                 } else
1433                                         STps->eof = ST_NOEOF;
1434                         }
1435                 } else if ((STps->eof == ST_NOEOF &&
1436                             !(result = cross_eof(STp, 1))) ||
1437                            STps->eof == ST_FM_HIT) {
1438                         if (STps->drv_file >= 0)
1439                                 STps->drv_file++;
1440                         STps->drv_block = 0;
1441                         STps->eof = ST_FM;
1442                 }
1443         }
1444
1445       out:
1446         if (STp->rew_at_close) {
1447                 result2 = st_int_ioctl(STp, MTREW, 1);
1448                 if (result == 0)
1449                         result = result2;
1450         }
1451         return result;
1452 }
1453
1454
1455 /* Close the device and release it. BKL is not needed: this is the only thread
1456    accessing this tape. */
1457 static int st_release(struct inode *inode, struct file *filp)
1458 {
1459         struct scsi_tape *STp = filp->private_data;
1460
1461         if (STp->door_locked == ST_LOCKED_AUTO)
1462                 do_door_lock(STp, 0);
1463
1464         normalize_buffer(STp->buffer);
1465         spin_lock(&st_use_lock);
1466         STp->in_use = 0;
1467         spin_unlock(&st_use_lock);
1468         scsi_autopm_put_device(STp->device);
1469         scsi_tape_put(STp);
1470
1471         return 0;
1472 }
1473
1474 /* The checks common to both reading and writing */
1475 static ssize_t rw_checks(struct scsi_tape *STp, struct file *filp, size_t count)
1476 {
1477         ssize_t retval = 0;
1478
1479         /*
1480          * If we are in the middle of error recovery, don't let anyone
1481          * else try and use this device.  Also, if error recovery fails, it
1482          * may try and take the device offline, in which case all further
1483          * access to the device is prohibited.
1484          */
1485         if (!scsi_block_when_processing_errors(STp->device)) {
1486                 retval = (-ENXIO);
1487                 goto out;
1488         }
1489
1490         if (STp->ready != ST_READY) {
1491                 if (STp->ready == ST_NO_TAPE)
1492                         retval = (-ENOMEDIUM);
1493                 else
1494                         retval = (-EIO);
1495                 goto out;
1496         }
1497
1498         if (! STp->modes[STp->current_mode].defined) {
1499                 retval = (-ENXIO);
1500                 goto out;
1501         }
1502
1503
1504         /*
1505          * If there was a bus reset, block further access
1506          * to this device.
1507          */
1508         if (STp->pos_unknown) {
1509                 retval = (-EIO);
1510                 goto out;
1511         }
1512
1513         if (count == 0)
1514                 goto out;
1515
1516         DEB(
1517         if (!STp->in_use) {
1518                 st_printk(ST_DEB_MSG, STp,
1519                           "Incorrect device.\n");
1520                 retval = (-EIO);
1521                 goto out;
1522         } ) /* end DEB */
1523
1524         if (STp->can_partitions &&
1525             (retval = switch_partition(STp)) < 0)
1526                 goto out;
1527
1528         if (STp->block_size == 0 && STp->max_block > 0 &&
1529             (count < STp->min_block || count > STp->max_block)) {
1530                 retval = (-EINVAL);
1531                 goto out;
1532         }
1533
1534         if (STp->do_auto_lock && STp->door_locked == ST_UNLOCKED &&
1535             !do_door_lock(STp, 1))
1536                 STp->door_locked = ST_LOCKED_AUTO;
1537
1538  out:
1539         return retval;
1540 }
1541
1542
1543 static int setup_buffering(struct scsi_tape *STp, const char __user *buf,
1544                            size_t count, int is_read)
1545 {
1546         int i, bufsize, retval = 0;
1547         struct st_buffer *STbp = STp->buffer;
1548
1549         if (is_read)
1550                 i = STp->try_dio_now && try_rdio;
1551         else
1552                 i = STp->try_dio_now && try_wdio;
1553
1554         if (i && ((unsigned long)buf & queue_dma_alignment(
1555                                         STp->device->request_queue)) == 0) {
1556                 i = sgl_map_user_pages(STbp, STbp->use_sg, (unsigned long)buf,
1557                                        count, (is_read ? READ : WRITE));
1558                 if (i > 0) {
1559                         STbp->do_dio = i;
1560                         STbp->buffer_bytes = 0;   /* can be used as transfer counter */
1561                 }
1562                 else
1563                         STbp->do_dio = 0;  /* fall back to buffering with any error */
1564                 STbp->sg_segs = STbp->do_dio;
1565                 DEB(
1566                      if (STbp->do_dio) {
1567                         STp->nbr_dio++;
1568                         STp->nbr_pages += STbp->do_dio;
1569                      }
1570                 )
1571         } else
1572                 STbp->do_dio = 0;
1573         DEB( STp->nbr_requests++; )
1574
1575         if (!STbp->do_dio) {
1576                 if (STp->block_size)
1577                         bufsize = STp->block_size > st_fixed_buffer_size ?
1578                                 STp->block_size : st_fixed_buffer_size;
1579                 else {
1580                         bufsize = count;
1581                         /* Make sure that data from previous user is not leaked even if
1582                            HBA does not return correct residual */
1583                         if (is_read && STp->sili && !STbp->cleared)
1584                                 clear_buffer(STbp);
1585                 }
1586
1587                 if (bufsize > STbp->buffer_size &&
1588                     !enlarge_buffer(STbp, bufsize)) {
1589                         st_printk(KERN_WARNING, STp,
1590                                   "Can't allocate %d byte tape buffer.\n",
1591                                   bufsize);
1592                         retval = (-EOVERFLOW);
1593                         goto out;
1594                 }
1595                 if (STp->block_size)
1596                         STbp->buffer_blocks = bufsize / STp->block_size;
1597         }
1598
1599  out:
1600         return retval;
1601 }
1602
1603
1604 /* Can be called more than once after each setup_buffer() */
1605 static void release_buffering(struct scsi_tape *STp, int is_read)
1606 {
1607         struct st_buffer *STbp;
1608
1609         STbp = STp->buffer;
1610         if (STbp->do_dio) {
1611                 sgl_unmap_user_pages(STbp, STbp->do_dio, is_read);
1612                 STbp->do_dio = 0;
1613                 STbp->sg_segs = 0;
1614         }
1615 }
1616
1617
1618 /* Write command */
1619 static ssize_t
1620 st_write(struct file *filp, const char __user *buf, size_t count, loff_t * ppos)
1621 {
1622         ssize_t total;
1623         ssize_t i, do_count, blks, transfer;
1624         ssize_t retval;
1625         int undone, retry_eot = 0, scode;
1626         int async_write;
1627         unsigned char cmd[MAX_COMMAND_SIZE];
1628         const char __user *b_point;
1629         struct st_request *SRpnt = NULL;
1630         struct scsi_tape *STp = filp->private_data;
1631         struct st_modedef *STm;
1632         struct st_partstat *STps;
1633         struct st_buffer *STbp;
1634
1635         if (mutex_lock_interruptible(&STp->lock))
1636                 return -ERESTARTSYS;
1637
1638         retval = rw_checks(STp, filp, count);
1639         if (retval || count == 0)
1640                 goto out;
1641
1642         /* Write must be integral number of blocks */
1643         if (STp->block_size != 0 && (count % STp->block_size) != 0) {
1644                 st_printk(KERN_WARNING, STp,
1645                           "Write not multiple of tape block size.\n");
1646                 retval = (-EINVAL);
1647                 goto out;
1648         }
1649
1650         STm = &(STp->modes[STp->current_mode]);
1651         STps = &(STp->ps[STp->partition]);
1652
1653         if (STp->write_prot) {
1654                 retval = (-EACCES);
1655                 goto out;
1656         }
1657
1658
1659         if (STps->rw == ST_READING) {
1660                 retval = flush_buffer(STp, 0);
1661                 if (retval)
1662                         goto out;
1663                 STps->rw = ST_WRITING;
1664         } else if (STps->rw != ST_WRITING &&
1665                    STps->drv_file == 0 && STps->drv_block == 0) {
1666                 if ((retval = set_mode_densblk(STp, STm)) < 0)
1667                         goto out;
1668                 if (STm->default_compression != ST_DONT_TOUCH &&
1669                     !(STp->compression_changed)) {
1670                         if (st_compression(STp, (STm->default_compression == ST_YES))) {
1671                                 st_printk(KERN_WARNING, STp,
1672                                           "Can't set default compression.\n");
1673                                 if (modes_defined) {
1674                                         retval = (-EINVAL);
1675                                         goto out;
1676                                 }
1677                         }
1678                 }
1679         }
1680
1681         STbp = STp->buffer;
1682         i = write_behind_check(STp);
1683         if (i) {
1684                 if (i == -ENOSPC)
1685                         STps->eof = ST_EOM_OK;
1686                 else
1687                         STps->eof = ST_EOM_ERROR;
1688         }
1689
1690         if (STps->eof == ST_EOM_OK) {
1691                 STps->eof = ST_EOD_1;  /* allow next write */
1692                 retval = (-ENOSPC);
1693                 goto out;
1694         }
1695         else if (STps->eof == ST_EOM_ERROR) {
1696                 retval = (-EIO);
1697                 goto out;
1698         }
1699
1700         /* Check the buffer readability in cases where copy_user might catch
1701            the problems after some tape movement. */
1702         if (STp->block_size != 0 &&
1703             !STbp->do_dio &&
1704             (copy_from_user(&i, buf, 1) != 0 ||
1705              copy_from_user(&i, buf + count - 1, 1) != 0)) {
1706                 retval = (-EFAULT);
1707                 goto out;
1708         }
1709
1710         retval = setup_buffering(STp, buf, count, 0);
1711         if (retval)
1712                 goto out;
1713
1714         total = count;
1715
1716         memset(cmd, 0, MAX_COMMAND_SIZE);
1717         cmd[0] = WRITE_6;
1718         cmd[1] = (STp->block_size != 0);
1719
1720         STps->rw = ST_WRITING;
1721
1722         b_point = buf;
1723         while (count > 0 && !retry_eot) {
1724
1725                 if (STbp->do_dio) {
1726                         do_count = count;
1727                 }
1728                 else {
1729                         if (STp->block_size == 0)
1730                                 do_count = count;
1731                         else {
1732                                 do_count = STbp->buffer_blocks * STp->block_size -
1733                                         STbp->buffer_bytes;
1734                                 if (do_count > count)
1735                                         do_count = count;
1736                         }
1737
1738                         i = append_to_buffer(b_point, STbp, do_count);
1739                         if (i) {
1740                                 retval = i;
1741                                 goto out;
1742                         }
1743                 }
1744                 count -= do_count;
1745                 b_point += do_count;
1746
1747                 async_write = STp->block_size == 0 && !STbp->do_dio &&
1748                         STm->do_async_writes && STps->eof < ST_EOM_OK;
1749
1750                 if (STp->block_size != 0 && STm->do_buffer_writes &&
1751                     !(STp->try_dio_now && try_wdio) && STps->eof < ST_EOM_OK &&
1752                     STbp->buffer_bytes < STbp->buffer_size) {
1753                         STp->dirty = 1;
1754                         /* Don't write a buffer that is not full enough. */
1755                         if (!async_write && count == 0)
1756                                 break;
1757                 }
1758
1759         retry_write:
1760                 if (STp->block_size == 0)
1761                         blks = transfer = do_count;
1762                 else {
1763                         if (!STbp->do_dio)
1764                                 blks = STbp->buffer_bytes;
1765                         else
1766                                 blks = do_count;
1767                         blks /= STp->block_size;
1768                         transfer = blks * STp->block_size;
1769                 }
1770                 cmd[2] = blks >> 16;
1771                 cmd[3] = blks >> 8;
1772                 cmd[4] = blks;
1773
1774                 SRpnt = st_do_scsi(SRpnt, STp, cmd, transfer, DMA_TO_DEVICE,
1775                                    STp->device->request_queue->rq_timeout,
1776                                    MAX_WRITE_RETRIES, !async_write);
1777                 if (!SRpnt) {
1778                         retval = STbp->syscall_result;
1779                         goto out;
1780                 }
1781                 if (async_write && !STbp->syscall_result) {
1782                         STbp->writing = transfer;
1783                         STp->dirty = !(STbp->writing ==
1784                                        STbp->buffer_bytes);
1785                         SRpnt = NULL;  /* Prevent releasing this request! */
1786                         DEB( STp->write_pending = 1; )
1787                         break;
1788                 }
1789
1790                 if (STbp->syscall_result != 0) {
1791                         struct st_cmdstatus *cmdstatp = &STp->buffer->cmdstat;
1792
1793                         DEBC_printk(STp, "Error on write:\n");
1794                         if (cmdstatp->have_sense && (cmdstatp->flags & SENSE_EOM)) {
1795                                 scode = cmdstatp->sense_hdr.sense_key;
1796                                 if (cmdstatp->remainder_valid)
1797                                         undone = (int)cmdstatp->uremainder64;
1798                                 else if (STp->block_size == 0 &&
1799                                          scode == VOLUME_OVERFLOW)
1800                                         undone = transfer;
1801                                 else
1802                                         undone = 0;
1803                                 if (STp->block_size != 0)
1804                                         undone *= STp->block_size;
1805                                 if (undone <= do_count) {
1806                                         /* Only data from this write is not written */
1807                                         count += undone;
1808                                         b_point -= undone;
1809                                         do_count -= undone;
1810                                         if (STp->block_size)
1811                                                 blks = (transfer - undone) / STp->block_size;
1812                                         STps->eof = ST_EOM_OK;
1813                                         /* Continue in fixed block mode if all written
1814                                            in this request but still something left to write
1815                                            (retval left to zero)
1816                                         */
1817                                         if (STp->block_size == 0 ||
1818                                             undone > 0 || count == 0)
1819                                                 retval = (-ENOSPC); /* EOM within current request */
1820                                         DEBC_printk(STp, "EOM with %d "
1821                                                     "bytes unwritten.\n",
1822                                                     (int)count);
1823                                 } else {
1824                                         /* EOT within data buffered earlier (possible only
1825                                            in fixed block mode without direct i/o) */
1826                                         if (!retry_eot && !cmdstatp->deferred &&
1827                                             (scode == NO_SENSE || scode == RECOVERED_ERROR)) {
1828                                                 move_buffer_data(STp->buffer, transfer - undone);
1829                                                 retry_eot = 1;
1830                                                 if (STps->drv_block >= 0) {
1831                                                         STps->drv_block += (transfer - undone) /
1832                                                                 STp->block_size;
1833                                                 }
1834                                                 STps->eof = ST_EOM_OK;
1835                                                 DEBC_printk(STp, "Retry "
1836                                                             "write of %d "
1837                                                             "bytes at EOM.\n",
1838                                                             STp->buffer->buffer_bytes);
1839                                                 goto retry_write;
1840                                         }
1841                                         else {
1842                                                 /* Either error within data buffered by driver or
1843                                                    failed retry */
1844                                                 count -= do_count;
1845                                                 blks = do_count = 0;
1846                                                 STps->eof = ST_EOM_ERROR;
1847                                                 STps->drv_block = (-1); /* Too cautious? */
1848                                                 retval = (-EIO);        /* EOM for old data */
1849                                                 DEBC_printk(STp, "EOM with "
1850                                                             "lost data.\n");
1851                                         }
1852                                 }
1853                         } else {
1854                                 count += do_count;
1855                                 STps->drv_block = (-1);         /* Too cautious? */
1856                                 retval = STbp->syscall_result;
1857                         }
1858
1859                 }
1860
1861                 if (STps->drv_block >= 0) {
1862                         if (STp->block_size == 0)
1863                                 STps->drv_block += (do_count > 0);
1864                         else
1865                                 STps->drv_block += blks;
1866                 }
1867
1868                 STbp->buffer_bytes = 0;
1869                 STp->dirty = 0;
1870
1871                 if (retval || retry_eot) {
1872                         if (count < total)
1873                                 retval = total - count;
1874                         goto out;
1875                 }
1876         }
1877
1878         if (STps->eof == ST_EOD_1)
1879                 STps->eof = ST_EOM_OK;
1880         else if (STps->eof != ST_EOM_OK)
1881                 STps->eof = ST_NOEOF;
1882         retval = total - count;
1883
1884  out:
1885         if (SRpnt != NULL)
1886                 st_release_request(SRpnt);
1887         release_buffering(STp, 0);
1888         mutex_unlock(&STp->lock);
1889
1890         return retval;
1891 }
1892 \f
1893 /* Read data from the tape. Returns zero in the normal case, one if the
1894    eof status has changed, and the negative error code in case of a
1895    fatal error. Otherwise updates the buffer and the eof state.
1896
1897    Does release user buffer mapping if it is set.
1898 */
1899 static long read_tape(struct scsi_tape *STp, long count,
1900                       struct st_request ** aSRpnt)
1901 {
1902         int transfer, blks, bytes;
1903         unsigned char cmd[MAX_COMMAND_SIZE];
1904         struct st_request *SRpnt;
1905         struct st_modedef *STm;
1906         struct st_partstat *STps;
1907         struct st_buffer *STbp;
1908         int retval = 0;
1909
1910         if (count == 0)
1911                 return 0;
1912
1913         STm = &(STp->modes[STp->current_mode]);
1914         STps = &(STp->ps[STp->partition]);
1915         if (STps->eof == ST_FM_HIT)
1916                 return 1;
1917         STbp = STp->buffer;
1918
1919         if (STp->block_size == 0)
1920                 blks = bytes = count;
1921         else {
1922                 if (!(STp->try_dio_now && try_rdio) && STm->do_read_ahead) {
1923                         blks = (STp->buffer)->buffer_blocks;
1924                         bytes = blks * STp->block_size;
1925                 } else {
1926                         bytes = count;
1927                         if (!STbp->do_dio && bytes > (STp->buffer)->buffer_size)
1928                                 bytes = (STp->buffer)->buffer_size;
1929                         blks = bytes / STp->block_size;
1930                         bytes = blks * STp->block_size;
1931                 }
1932         }
1933
1934         memset(cmd, 0, MAX_COMMAND_SIZE);
1935         cmd[0] = READ_6;
1936         cmd[1] = (STp->block_size != 0);
1937         if (!cmd[1] && STp->sili)
1938                 cmd[1] |= 2;
1939         cmd[2] = blks >> 16;
1940         cmd[3] = blks >> 8;
1941         cmd[4] = blks;
1942
1943         SRpnt = *aSRpnt;
1944         SRpnt = st_do_scsi(SRpnt, STp, cmd, bytes, DMA_FROM_DEVICE,
1945                            STp->device->request_queue->rq_timeout,
1946                            MAX_RETRIES, 1);
1947         release_buffering(STp, 1);
1948         *aSRpnt = SRpnt;
1949         if (!SRpnt)
1950                 return STbp->syscall_result;
1951
1952         STbp->read_pointer = 0;
1953         STps->at_sm = 0;
1954
1955         /* Something to check */
1956         if (STbp->syscall_result) {
1957                 struct st_cmdstatus *cmdstatp = &STp->buffer->cmdstat;
1958
1959                 retval = 1;
1960                 DEBC_printk(STp,
1961                             "Sense: %2x %2x %2x %2x %2x %2x %2x %2x\n",
1962                             SRpnt->sense[0], SRpnt->sense[1],
1963                             SRpnt->sense[2], SRpnt->sense[3],
1964                             SRpnt->sense[4], SRpnt->sense[5],
1965                             SRpnt->sense[6], SRpnt->sense[7]);
1966                 if (cmdstatp->have_sense) {
1967
1968                         if (cmdstatp->sense_hdr.sense_key == BLANK_CHECK)
1969                                 cmdstatp->flags &= 0xcf;        /* No need for EOM in this case */
1970
1971                         if (cmdstatp->flags != 0) { /* EOF, EOM, or ILI */
1972                                 /* Compute the residual count */
1973                                 if (cmdstatp->remainder_valid)
1974                                         transfer = (int)cmdstatp->uremainder64;
1975                                 else
1976                                         transfer = 0;
1977                                 if (cmdstatp->sense_hdr.sense_key == MEDIUM_ERROR) {
1978                                         if (STp->block_size == 0)
1979                                                 transfer = bytes;
1980                                         /* Some drives set ILI with MEDIUM ERROR */
1981                                         cmdstatp->flags &= ~SENSE_ILI;
1982                                 }
1983
1984                                 if (cmdstatp->flags & SENSE_ILI) {      /* ILI */
1985                                         if (STp->block_size == 0 &&
1986                                             transfer < 0) {
1987                                                 st_printk(KERN_NOTICE, STp,
1988                                                           "Failed to read %d "
1989                                                           "byte block with %d "
1990                                                           "byte transfer.\n",
1991                                                           bytes - transfer,
1992                                                           bytes);
1993                                                 if (STps->drv_block >= 0)
1994                                                         STps->drv_block += 1;
1995                                                 STbp->buffer_bytes = 0;
1996                                                 return (-ENOMEM);
1997                                         } else if (STp->block_size == 0) {
1998                                                 STbp->buffer_bytes = bytes - transfer;
1999                                         } else {
2000                                                 st_release_request(SRpnt);
2001                                                 SRpnt = *aSRpnt = NULL;
2002                                                 if (transfer == blks) { /* We did not get anything, error */
2003                                                         st_printk(KERN_NOTICE, STp,
2004                                                                   "Incorrect "
2005                                                                   "block size.\n");
2006                                                         if (STps->drv_block >= 0)
2007                                                                 STps->drv_block += blks - transfer + 1;
2008                                                         st_int_ioctl(STp, MTBSR, 1);
2009                                                         return (-EIO);
2010                                                 }
2011                                                 /* We have some data, deliver it */
2012                                                 STbp->buffer_bytes = (blks - transfer) *
2013                                                     STp->block_size;
2014                                                 DEBC_printk(STp, "ILI but "
2015                                                             "enough data "
2016                                                             "received %ld "
2017                                                             "%d.\n", count,
2018                                                             STbp->buffer_bytes);
2019                                                 if (STps->drv_block >= 0)
2020                                                         STps->drv_block += 1;
2021                                                 if (st_int_ioctl(STp, MTBSR, 1))
2022                                                         return (-EIO);
2023                                         }
2024                                 } else if (cmdstatp->flags & SENSE_FMK) {       /* FM overrides EOM */
2025                                         if (STps->eof != ST_FM_HIT)
2026                                                 STps->eof = ST_FM_HIT;
2027                                         else
2028                                                 STps->eof = ST_EOD_2;
2029                                         if (STp->block_size == 0)
2030                                                 STbp->buffer_bytes = 0;
2031                                         else
2032                                                 STbp->buffer_bytes =
2033                                                     bytes - transfer * STp->block_size;
2034                                         DEBC_printk(STp, "EOF detected (%d "
2035                                                     "bytes read).\n",
2036                                                     STbp->buffer_bytes);
2037                                 } else if (cmdstatp->flags & SENSE_EOM) {
2038                                         if (STps->eof == ST_FM)
2039                                                 STps->eof = ST_EOD_1;
2040                                         else
2041                                                 STps->eof = ST_EOM_OK;
2042                                         if (STp->block_size == 0)
2043                                                 STbp->buffer_bytes = bytes - transfer;
2044                                         else
2045                                                 STbp->buffer_bytes =
2046                                                     bytes - transfer * STp->block_size;
2047
2048                                         DEBC_printk(STp, "EOM detected (%d "
2049                                                     "bytes read).\n",
2050                                                     STbp->buffer_bytes);
2051                                 }
2052                         }
2053                         /* end of EOF, EOM, ILI test */
2054                         else {  /* nonzero sense key */
2055                                 DEBC_printk(STp, "Tape error while reading.\n");
2056                                 STps->drv_block = (-1);
2057                                 if (STps->eof == ST_FM &&
2058                                     cmdstatp->sense_hdr.sense_key == BLANK_CHECK) {
2059                                         DEBC_printk(STp, "Zero returned for "
2060                                                     "first BLANK CHECK "
2061                                                     "after EOF.\n");
2062                                         STps->eof = ST_EOD_2;   /* First BLANK_CHECK after FM */
2063                                 } else  /* Some other extended sense code */
2064                                         retval = (-EIO);
2065                         }
2066
2067                         if (STbp->buffer_bytes < 0)  /* Caused by bogus sense data */
2068                                 STbp->buffer_bytes = 0;
2069                 }
2070                 /* End of extended sense test */
2071                 else {          /* Non-extended sense */
2072                         retval = STbp->syscall_result;
2073                 }
2074
2075         }
2076         /* End of error handling */
2077         else {                  /* Read successful */
2078                 STbp->buffer_bytes = bytes;
2079                 if (STp->sili) /* In fixed block mode residual is always zero here */
2080                         STbp->buffer_bytes -= STp->buffer->cmdstat.residual;
2081         }
2082
2083         if (STps->drv_block >= 0) {
2084                 if (STp->block_size == 0)
2085                         STps->drv_block++;
2086                 else
2087                         STps->drv_block += STbp->buffer_bytes / STp->block_size;
2088         }
2089         return retval;
2090 }
2091 \f
2092
2093 /* Read command */
2094 static ssize_t
2095 st_read(struct file *filp, char __user *buf, size_t count, loff_t * ppos)
2096 {
2097         ssize_t total;
2098         ssize_t retval = 0;
2099         ssize_t i, transfer;
2100         int special, do_dio = 0;
2101         struct st_request *SRpnt = NULL;
2102         struct scsi_tape *STp = filp->private_data;
2103         struct st_modedef *STm;
2104         struct st_partstat *STps;
2105         struct st_buffer *STbp = STp->buffer;
2106
2107         if (mutex_lock_interruptible(&STp->lock))
2108                 return -ERESTARTSYS;
2109
2110         retval = rw_checks(STp, filp, count);
2111         if (retval || count == 0)
2112                 goto out;
2113
2114         STm = &(STp->modes[STp->current_mode]);
2115         if (STp->block_size != 0 && (count % STp->block_size) != 0) {
2116                 if (!STm->do_read_ahead) {
2117                         retval = (-EINVAL);     /* Read must be integral number of blocks */
2118                         goto out;
2119                 }
2120                 STp->try_dio_now = 0;  /* Direct i/o can't handle split blocks */
2121         }
2122
2123         STps = &(STp->ps[STp->partition]);
2124         if (STps->rw == ST_WRITING) {
2125                 retval = flush_buffer(STp, 0);
2126                 if (retval)
2127                         goto out;
2128                 STps->rw = ST_READING;
2129         }
2130         DEB(
2131         if (debugging && STps->eof != ST_NOEOF)
2132                 st_printk(ST_DEB_MSG, STp,
2133                           "EOF/EOM flag up (%d). Bytes %d\n",
2134                           STps->eof, STbp->buffer_bytes);
2135         ) /* end DEB */
2136
2137         retval = setup_buffering(STp, buf, count, 1);
2138         if (retval)
2139                 goto out;
2140         do_dio = STbp->do_dio;
2141
2142         if (STbp->buffer_bytes == 0 &&
2143             STps->eof >= ST_EOD_1) {
2144                 if (STps->eof < ST_EOD) {
2145                         STps->eof += 1;
2146                         retval = 0;
2147                         goto out;
2148                 }
2149                 retval = (-EIO);        /* EOM or Blank Check */
2150                 goto out;
2151         }
2152
2153         if (do_dio) {
2154                 /* Check the buffer writability before any tape movement. Don't alter
2155                    buffer data. */
2156                 if (copy_from_user(&i, buf, 1) != 0 ||
2157                     copy_to_user(buf, &i, 1) != 0 ||
2158                     copy_from_user(&i, buf + count - 1, 1) != 0 ||
2159                     copy_to_user(buf + count - 1, &i, 1) != 0) {
2160                         retval = (-EFAULT);
2161                         goto out;
2162                 }
2163         }
2164
2165         STps->rw = ST_READING;
2166
2167
2168         /* Loop until enough data in buffer or a special condition found */
2169         for (total = 0, special = 0; total < count && !special;) {
2170
2171                 /* Get new data if the buffer is empty */
2172                 if (STbp->buffer_bytes == 0) {
2173                         special = read_tape(STp, count - total, &SRpnt);
2174                         if (special < 0) {      /* No need to continue read */
2175                                 retval = special;
2176                                 goto out;
2177                         }
2178                 }
2179
2180                 /* Move the data from driver buffer to user buffer */
2181                 if (STbp->buffer_bytes > 0) {
2182                         DEB(
2183                         if (debugging && STps->eof != ST_NOEOF)
2184                                 st_printk(ST_DEB_MSG, STp,
2185                                           "EOF up (%d). Left %d, needed %d.\n",
2186                                           STps->eof, STbp->buffer_bytes,
2187                                           (int)(count - total));
2188                         ) /* end DEB */
2189                         transfer = STbp->buffer_bytes < count - total ?
2190                             STbp->buffer_bytes : count - total;
2191                         if (!do_dio) {
2192                                 i = from_buffer(STbp, buf, transfer);
2193                                 if (i) {
2194                                         retval = i;
2195                                         goto out;
2196                                 }
2197                         }
2198                         buf += transfer;
2199                         total += transfer;
2200                 }
2201
2202                 if (STp->block_size == 0)
2203                         break;  /* Read only one variable length block */
2204
2205         }                       /* for (total = 0, special = 0;
2206                                    total < count && !special; ) */
2207
2208         /* Change the eof state if no data from tape or buffer */
2209         if (total == 0) {
2210                 if (STps->eof == ST_FM_HIT) {
2211                         STps->eof = ST_FM;
2212                         STps->drv_block = 0;
2213                         if (STps->drv_file >= 0)
2214                                 STps->drv_file++;
2215                 } else if (STps->eof == ST_EOD_1) {
2216                         STps->eof = ST_EOD_2;
2217                         STps->drv_block = 0;
2218                         if (STps->drv_file >= 0)
2219                                 STps->drv_file++;
2220                 } else if (STps->eof == ST_EOD_2)
2221                         STps->eof = ST_EOD;
2222         } else if (STps->eof == ST_FM)
2223                 STps->eof = ST_NOEOF;
2224         retval = total;
2225
2226  out:
2227         if (SRpnt != NULL) {
2228                 st_release_request(SRpnt);
2229                 SRpnt = NULL;
2230         }
2231         if (do_dio) {
2232                 release_buffering(STp, 1);
2233                 STbp->buffer_bytes = 0;
2234         }
2235         mutex_unlock(&STp->lock);
2236
2237         return retval;
2238 }
2239 \f
2240
2241
2242 DEB(
2243 /* Set the driver options */
2244 static void st_log_options(struct scsi_tape * STp, struct st_modedef * STm)
2245 {
2246         if (debugging) {
2247                 st_printk(KERN_INFO, STp,
2248                           "Mode %d options: buffer writes: %d, "
2249                           "async writes: %d, read ahead: %d\n",
2250                           STp->current_mode, STm->do_buffer_writes,
2251                           STm->do_async_writes, STm->do_read_ahead);
2252                 st_printk(KERN_INFO, STp,
2253                           "    can bsr: %d, two FMs: %d, "
2254                           "fast mteom: %d, auto lock: %d,\n",
2255                           STp->can_bsr, STp->two_fm, STp->fast_mteom,
2256                           STp->do_auto_lock);
2257                 st_printk(KERN_INFO, STp,
2258                           "    defs for wr: %d, no block limits: %d, "
2259                           "partitions: %d, s2 log: %d\n",
2260                           STm->defaults_for_writes, STp->omit_blklims,
2261                           STp->can_partitions, STp->scsi2_logical);
2262                 st_printk(KERN_INFO, STp,
2263                           "    sysv: %d nowait: %d sili: %d "
2264                           "nowait_filemark: %d\n",
2265                           STm->sysv, STp->immediate, STp->sili,
2266                           STp->immediate_filemark);
2267                 st_printk(KERN_INFO, STp, "    debugging: %d\n", debugging);
2268         }
2269 }
2270         )
2271
2272
2273 static int st_set_options(struct scsi_tape *STp, long options)
2274 {
2275         int value;
2276         long code;
2277         struct st_modedef *STm;
2278         struct cdev *cd0, *cd1;
2279         struct device *d0, *d1;
2280
2281         STm = &(STp->modes[STp->current_mode]);
2282         if (!STm->defined) {
2283                 cd0 = STm->cdevs[0];
2284                 cd1 = STm->cdevs[1];
2285                 d0  = STm->devs[0];
2286                 d1  = STm->devs[1];
2287                 memcpy(STm, &(STp->modes[0]), sizeof(struct st_modedef));
2288                 STm->cdevs[0] = cd0;
2289                 STm->cdevs[1] = cd1;
2290                 STm->devs[0]  = d0;
2291                 STm->devs[1]  = d1;
2292                 modes_defined = 1;
2293                 DEBC_printk(STp, "Initialized mode %d definition from mode 0\n",
2294                             STp->current_mode);
2295         }
2296
2297         code = options & MT_ST_OPTIONS;
2298         if (code == MT_ST_BOOLEANS) {
2299                 STm->do_buffer_writes = (options & MT_ST_BUFFER_WRITES) != 0;
2300                 STm->do_async_writes = (options & MT_ST_ASYNC_WRITES) != 0;
2301                 STm->defaults_for_writes = (options & MT_ST_DEF_WRITES) != 0;
2302                 STm->do_read_ahead = (options & MT_ST_READ_AHEAD) != 0;
2303                 STp->two_fm = (options & MT_ST_TWO_FM) != 0;
2304                 STp->fast_mteom = (options & MT_ST_FAST_MTEOM) != 0;
2305                 STp->do_auto_lock = (options & MT_ST_AUTO_LOCK) != 0;
2306                 STp->can_bsr = (options & MT_ST_CAN_BSR) != 0;
2307                 STp->omit_blklims = (options & MT_ST_NO_BLKLIMS) != 0;
2308                 if ((STp->device)->scsi_level >= SCSI_2)
2309                         STp->can_partitions = (options & MT_ST_CAN_PARTITIONS) != 0;
2310                 STp->scsi2_logical = (options & MT_ST_SCSI2LOGICAL) != 0;
2311                 STp->immediate = (options & MT_ST_NOWAIT) != 0;
2312                 STp->immediate_filemark = (options & MT_ST_NOWAIT_EOF) != 0;
2313                 STm->sysv = (options & MT_ST_SYSV) != 0;
2314                 STp->sili = (options & MT_ST_SILI) != 0;
2315                 DEB( debugging = (options & MT_ST_DEBUGGING) != 0;
2316                      st_log_options(STp, STm); )
2317         } else if (code == MT_ST_SETBOOLEANS || code == MT_ST_CLEARBOOLEANS) {
2318                 value = (code == MT_ST_SETBOOLEANS);
2319                 if ((options & MT_ST_BUFFER_WRITES) != 0)
2320                         STm->do_buffer_writes = value;
2321                 if ((options & MT_ST_ASYNC_WRITES) != 0)
2322                         STm->do_async_writes = value;
2323                 if ((options & MT_ST_DEF_WRITES) != 0)
2324                         STm->defaults_for_writes = value;
2325                 if ((options & MT_ST_READ_AHEAD) != 0)
2326                         STm->do_read_ahead = value;
2327                 if ((options & MT_ST_TWO_FM) != 0)
2328                         STp->two_fm = value;
2329                 if ((options & MT_ST_FAST_MTEOM) != 0)
2330                         STp->fast_mteom = value;
2331                 if ((options & MT_ST_AUTO_LOCK) != 0)
2332                         STp->do_auto_lock = value;
2333                 if ((options & MT_ST_CAN_BSR) != 0)
2334                         STp->can_bsr = value;
2335                 if ((options & MT_ST_NO_BLKLIMS) != 0)
2336                         STp->omit_blklims = value;
2337                 if ((STp->device)->scsi_level >= SCSI_2 &&
2338                     (options & MT_ST_CAN_PARTITIONS) != 0)
2339                         STp->can_partitions = value;
2340                 if ((options & MT_ST_SCSI2LOGICAL) != 0)
2341                         STp->scsi2_logical = value;
2342                 if ((options & MT_ST_NOWAIT) != 0)
2343                         STp->immediate = value;
2344                 if ((options & MT_ST_NOWAIT_EOF) != 0)
2345                         STp->immediate_filemark = value;
2346                 if ((options & MT_ST_SYSV) != 0)
2347                         STm->sysv = value;
2348                 if ((options & MT_ST_SILI) != 0)
2349                         STp->sili = value;
2350                 DEB(
2351                 if ((options & MT_ST_DEBUGGING) != 0)
2352                         debugging = value;
2353                         st_log_options(STp, STm); )
2354         } else if (code == MT_ST_WRITE_THRESHOLD) {
2355                 /* Retained for compatibility */
2356         } else if (code == MT_ST_DEF_BLKSIZE) {
2357                 value = (options & ~MT_ST_OPTIONS);
2358                 if (value == ~MT_ST_OPTIONS) {
2359                         STm->default_blksize = (-1);
2360                         DEBC_printk(STp, "Default block size disabled.\n");
2361                 } else {
2362                         STm->default_blksize = value;
2363                         DEBC_printk(STp,"Default block size set to "
2364                                     "%d bytes.\n", STm->default_blksize);
2365                         if (STp->ready == ST_READY) {
2366                                 STp->blksize_changed = 0;
2367                                 set_mode_densblk(STp, STm);
2368                         }
2369                 }
2370         } else if (code == MT_ST_TIMEOUTS) {
2371                 value = (options & ~MT_ST_OPTIONS);
2372                 if ((value & MT_ST_SET_LONG_TIMEOUT) != 0) {
2373                         STp->long_timeout = (value & ~MT_ST_SET_LONG_TIMEOUT) * HZ;
2374                         DEBC_printk(STp, "Long timeout set to %d seconds.\n",
2375                                     (value & ~MT_ST_SET_LONG_TIMEOUT));
2376                 } else {
2377                         blk_queue_rq_timeout(STp->device->request_queue,
2378                                              value * HZ);
2379                         DEBC_printk(STp, "Normal timeout set to %d seconds.\n",
2380                                     value);
2381                 }
2382         } else if (code == MT_ST_SET_CLN) {
2383                 value = (options & ~MT_ST_OPTIONS) & 0xff;
2384                 if (value != 0 &&
2385                         (value < EXTENDED_SENSE_START ||
2386                                 value >= SCSI_SENSE_BUFFERSIZE))
2387                         return (-EINVAL);
2388                 STp->cln_mode = value;
2389                 STp->cln_sense_mask = (options >> 8) & 0xff;
2390                 STp->cln_sense_value = (options >> 16) & 0xff;
2391                 st_printk(KERN_INFO, STp,
2392                           "Cleaning request mode %d, mask %02x, value %02x\n",
2393                           value, STp->cln_sense_mask, STp->cln_sense_value);
2394         } else if (code == MT_ST_DEF_OPTIONS) {
2395                 code = (options & ~MT_ST_CLEAR_DEFAULT);
2396                 value = (options & MT_ST_CLEAR_DEFAULT);
2397                 if (code == MT_ST_DEF_DENSITY) {
2398                         if (value == MT_ST_CLEAR_DEFAULT) {
2399                                 STm->default_density = (-1);
2400                                 DEBC_printk(STp,
2401                                             "Density default disabled.\n");
2402                         } else {
2403                                 STm->default_density = value & 0xff;
2404                                 DEBC_printk(STp, "Density default set to %x\n",
2405                                             STm->default_density);
2406                                 if (STp->ready == ST_READY) {
2407                                         STp->density_changed = 0;
2408                                         set_mode_densblk(STp, STm);
2409                                 }
2410                         }
2411                 } else if (code == MT_ST_DEF_DRVBUFFER) {
2412                         if (value == MT_ST_CLEAR_DEFAULT) {
2413                                 STp->default_drvbuffer = 0xff;
2414                                 DEBC_printk(STp,
2415                                             "Drive buffer default disabled.\n");
2416                         } else {
2417                                 STp->default_drvbuffer = value & 7;
2418                                 DEBC_printk(STp,
2419                                             "Drive buffer default set to %x\n",
2420                                             STp->default_drvbuffer);
2421                                 if (STp->ready == ST_READY)
2422                                         st_int_ioctl(STp, MTSETDRVBUFFER, STp->default_drvbuffer);
2423                         }
2424                 } else if (code == MT_ST_DEF_COMPRESSION) {
2425                         if (value == MT_ST_CLEAR_DEFAULT) {
2426                                 STm->default_compression = ST_DONT_TOUCH;
2427                                 DEBC_printk(STp,
2428                                             "Compression default disabled.\n");
2429                         } else {
2430                                 if ((value & 0xff00) != 0) {
2431                                         STp->c_algo = (value & 0xff00) >> 8;
2432                                         DEBC_printk(STp, "Compression "
2433                                                     "algorithm set to 0x%x.\n",
2434                                                     STp->c_algo);
2435                                 }
2436                                 if ((value & 0xff) != 0xff) {
2437                                         STm->default_compression = (value & 1 ? ST_YES : ST_NO);
2438                                         DEBC_printk(STp, "Compression default "
2439                                                     "set to %x\n",
2440                                                     (value & 1));
2441                                         if (STp->ready == ST_READY) {
2442                                                 STp->compression_changed = 0;
2443                                                 st_compression(STp, (STm->default_compression == ST_YES));
2444                                         }
2445                                 }
2446                         }
2447                 }
2448         } else
2449                 return (-EIO);
2450
2451         return 0;
2452 }
2453 \f
2454 #define MODE_HEADER_LENGTH  4
2455
2456 /* Mode header and page byte offsets */
2457 #define MH_OFF_DATA_LENGTH     0
2458 #define MH_OFF_MEDIUM_TYPE     1
2459 #define MH_OFF_DEV_SPECIFIC    2
2460 #define MH_OFF_BDESCS_LENGTH   3
2461 #define MP_OFF_PAGE_NBR        0
2462 #define MP_OFF_PAGE_LENGTH     1
2463
2464 /* Mode header and page bit masks */
2465 #define MH_BIT_WP              0x80
2466 #define MP_MSK_PAGE_NBR        0x3f
2467
2468 /* Don't return block descriptors */
2469 #define MODE_SENSE_OMIT_BDESCS 0x08
2470
2471 #define MODE_SELECT_PAGE_FORMAT 0x10
2472
2473 /* Read a mode page into the tape buffer. The block descriptors are included
2474    if incl_block_descs is true. The page control is ored to the page number
2475    parameter, if necessary. */
2476 static int read_mode_page(struct scsi_tape *STp, int page, int omit_block_descs)
2477 {
2478         unsigned char cmd[MAX_COMMAND_SIZE];
2479         struct st_request *SRpnt;
2480
2481         memset(cmd, 0, MAX_COMMAND_SIZE);
2482         cmd[0] = MODE_SENSE;
2483         if (omit_block_descs)
2484                 cmd[1] = MODE_SENSE_OMIT_BDESCS;
2485         cmd[2] = page;
2486         cmd[4] = 255;
2487
2488         SRpnt = st_do_scsi(NULL, STp, cmd, cmd[4], DMA_FROM_DEVICE,
2489                            STp->device->request_queue->rq_timeout, 0, 1);
2490         if (SRpnt == NULL)
2491                 return (STp->buffer)->syscall_result;
2492
2493         st_release_request(SRpnt);
2494
2495         return STp->buffer->syscall_result;
2496 }
2497
2498
2499 /* Send the mode page in the tape buffer to the drive. Assumes that the mode data
2500    in the buffer is correctly formatted. The long timeout is used if slow is non-zero. */
2501 static int write_mode_page(struct scsi_tape *STp, int page, int slow)
2502 {
2503         int pgo;
2504         unsigned char cmd[MAX_COMMAND_SIZE];
2505         struct st_request *SRpnt;
2506         int timeout;
2507
2508         memset(cmd, 0, MAX_COMMAND_SIZE);
2509         cmd[0] = MODE_SELECT;
2510         cmd[1] = MODE_SELECT_PAGE_FORMAT;
2511         pgo = MODE_HEADER_LENGTH + (STp->buffer)->b_data[MH_OFF_BDESCS_LENGTH];
2512         cmd[4] = pgo + (STp->buffer)->b_data[pgo + MP_OFF_PAGE_LENGTH] + 2;
2513
2514         /* Clear reserved fields */
2515         (STp->buffer)->b_data[MH_OFF_DATA_LENGTH] = 0;
2516         (STp->buffer)->b_data[MH_OFF_MEDIUM_TYPE] = 0;
2517         (STp->buffer)->b_data[MH_OFF_DEV_SPECIFIC] &= ~MH_BIT_WP;
2518         (STp->buffer)->b_data[pgo + MP_OFF_PAGE_NBR] &= MP_MSK_PAGE_NBR;
2519
2520         timeout = slow ?
2521                 STp->long_timeout : STp->device->request_queue->rq_timeout;
2522         SRpnt = st_do_scsi(NULL, STp, cmd, cmd[4], DMA_TO_DEVICE,
2523                            timeout, 0, 1);
2524         if (SRpnt == NULL)
2525                 return (STp->buffer)->syscall_result;
2526
2527         st_release_request(SRpnt);
2528
2529         return STp->buffer->syscall_result;
2530 }
2531
2532
2533 #define COMPRESSION_PAGE        0x0f
2534 #define COMPRESSION_PAGE_LENGTH 16
2535
2536 #define CP_OFF_DCE_DCC          2
2537 #define CP_OFF_C_ALGO           7
2538
2539 #define DCE_MASK  0x80
2540 #define DCC_MASK  0x40
2541 #define RED_MASK  0x60
2542
2543
2544 /* Control the compression with mode page 15. Algorithm not changed if zero.
2545
2546    The block descriptors are read and written because Sony SDT-7000 does not
2547    work without this (suggestion from Michael Schaefer <Michael.Schaefer@dlr.de>).
2548    Including block descriptors should not cause any harm to other drives. */
2549
2550 static int st_compression(struct scsi_tape * STp, int state)
2551 {
2552         int retval;
2553         int mpoffs;  /* Offset to mode page start */
2554         unsigned char *b_data = (STp->buffer)->b_data;
2555
2556         if (STp->ready != ST_READY)
2557                 return (-EIO);
2558
2559         /* Read the current page contents */
2560         retval = read_mode_page(STp, COMPRESSION_PAGE, 0);
2561         if (retval) {
2562                 DEBC_printk(STp, "Compression mode page not supported.\n");
2563                 return (-EIO);
2564         }
2565
2566         mpoffs = MODE_HEADER_LENGTH + b_data[MH_OFF_BDESCS_LENGTH];
2567         DEBC_printk(STp, "Compression state is %d.\n",
2568                     (b_data[mpoffs + CP_OFF_DCE_DCC] & DCE_MASK ? 1 : 0));
2569
2570         /* Check if compression can be changed */
2571         if ((b_data[mpoffs + CP_OFF_DCE_DCC] & DCC_MASK) == 0) {
2572                 DEBC_printk(STp, "Compression not supported.\n");
2573                 return (-EIO);
2574         }
2575
2576         /* Do the change */
2577         if (state) {
2578                 b_data[mpoffs + CP_OFF_DCE_DCC] |= DCE_MASK;
2579                 if (STp->c_algo != 0)
2580                         b_data[mpoffs + CP_OFF_C_ALGO] = STp->c_algo;
2581         }
2582         else {
2583                 b_data[mpoffs + CP_OFF_DCE_DCC] &= ~DCE_MASK;
2584                 if (STp->c_algo != 0)
2585                         b_data[mpoffs + CP_OFF_C_ALGO] = 0; /* no compression */
2586         }
2587
2588         retval = write_mode_page(STp, COMPRESSION_PAGE, 0);
2589         if (retval) {
2590                 DEBC_printk(STp, "Compression change failed.\n");
2591                 return (-EIO);
2592         }
2593         DEBC_printk(STp, "Compression state changed to %d.\n", state);
2594
2595         STp->compression_changed = 1;
2596         return 0;
2597 }
2598
2599
2600 /* Process the load and unload commands (does unload if the load code is zero) */
2601 static int do_load_unload(struct scsi_tape *STp, struct file *filp, int load_code)
2602 {
2603         int retval = (-EIO), timeout;
2604         unsigned char cmd[MAX_COMMAND_SIZE];
2605         struct st_partstat *STps;
2606         struct st_request *SRpnt;
2607
2608         if (STp->ready != ST_READY && !load_code) {
2609                 if (STp->ready == ST_NO_TAPE)
2610                         return (-ENOMEDIUM);
2611                 else
2612                         return (-EIO);
2613         }
2614
2615         memset(cmd, 0, MAX_COMMAND_SIZE);
2616         cmd[0] = START_STOP;
2617         if (load_code)
2618                 cmd[4] |= 1;
2619         /*
2620          * If arg >= 1 && arg <= 6 Enhanced load/unload in HP C1553A
2621          */
2622         if (load_code >= 1 + MT_ST_HPLOADER_OFFSET
2623             && load_code <= 6 + MT_ST_HPLOADER_OFFSET) {
2624                 DEBC_printk(STp, " Enhanced %sload slot %2d.\n",
2625                             (cmd[4]) ? "" : "un",
2626                             load_code - MT_ST_HPLOADER_OFFSET);
2627                 cmd[3] = load_code - MT_ST_HPLOADER_OFFSET; /* MediaID field of C1553A */
2628         }
2629         if (STp->immediate) {
2630                 cmd[1] = 1;     /* Don't wait for completion */
2631                 timeout = STp->device->request_queue->rq_timeout;
2632         }
2633         else
2634                 timeout = STp->long_timeout;
2635
2636         DEBC(
2637                 if (!load_code)
2638                         st_printk(ST_DEB_MSG, STp, "Unloading tape.\n");
2639                 else
2640                         st_printk(ST_DEB_MSG, STp, "Loading tape.\n");
2641                 );
2642
2643         SRpnt = st_do_scsi(NULL, STp, cmd, 0, DMA_NONE,
2644                            timeout, MAX_RETRIES, 1);
2645         if (!SRpnt)
2646                 return (STp->buffer)->syscall_result;
2647
2648         retval = (STp->buffer)->syscall_result;
2649         st_release_request(SRpnt);
2650
2651         if (!retval) {  /* SCSI command successful */
2652
2653                 if (!load_code) {
2654                         STp->rew_at_close = 0;
2655                         STp->ready = ST_NO_TAPE;
2656                 }
2657                 else {
2658                         STp->rew_at_close = STp->autorew_dev;
2659                         retval = check_tape(STp, filp);
2660                         if (retval > 0)
2661                                 retval = 0;
2662                 }
2663         }
2664         else {
2665                 STps = &(STp->ps[STp->partition]);
2666                 STps->drv_file = STps->drv_block = (-1);
2667         }
2668
2669         return retval;
2670 }
2671 \f
2672 #if DEBUG
2673 #define ST_DEB_FORWARD  0
2674 #define ST_DEB_BACKWARD 1
2675 static void deb_space_print(struct scsi_tape *STp, int direction, char *units, unsigned char *cmd)
2676 {
2677         s32 sc;
2678
2679         if (!debugging)
2680                 return;
2681
2682         sc = sign_extend32(get_unaligned_be24(&cmd[2]), 23);
2683         if (direction)
2684                 sc = -sc;
2685         st_printk(ST_DEB_MSG, STp, "Spacing tape %s over %d %s.\n",
2686                   direction ? "backward" : "forward", sc, units);
2687 }
2688 #else
2689 #define ST_DEB_FORWARD  0
2690 #define ST_DEB_BACKWARD 1
2691 static void deb_space_print(struct scsi_tape *STp, int direction, char *units, unsigned char *cmd) {}
2692 #endif
2693
2694
2695 /* Internal ioctl function */
2696 static int st_int_ioctl(struct scsi_tape *STp, unsigned int cmd_in, unsigned long arg)
2697 {
2698         int timeout;
2699         long ltmp;
2700         int ioctl_result;
2701         int chg_eof = 1;
2702         unsigned char cmd[MAX_COMMAND_SIZE];
2703         struct st_request *SRpnt;
2704         struct st_partstat *STps;
2705         int fileno, blkno, at_sm, undone;
2706         int datalen = 0, direction = DMA_NONE;
2707
2708         WARN_ON(STp->buffer->do_dio != 0);
2709         if (STp->ready != ST_READY) {
2710                 if (STp->ready == ST_NO_TAPE)
2711                         return (-ENOMEDIUM);
2712                 else
2713                         return (-EIO);
2714         }
2715         timeout = STp->long_timeout;
2716         STps = &(STp->ps[STp->partition]);
2717         fileno = STps->drv_file;
2718         blkno = STps->drv_block;
2719         at_sm = STps->at_sm;
2720
2721         memset(cmd, 0, MAX_COMMAND_SIZE);
2722         switch (cmd_in) {
2723         case MTFSFM:
2724                 chg_eof = 0;    /* Changed from the FSF after this */
2725                 fallthrough;
2726         case MTFSF:
2727                 cmd[0] = SPACE;
2728                 cmd[1] = 0x01;  /* Space FileMarks */
2729                 cmd[2] = (arg >> 16);
2730                 cmd[3] = (arg >> 8);
2731                 cmd[4] = arg;
2732                 deb_space_print(STp, ST_DEB_FORWARD, "filemarks", cmd);
2733                 if (fileno >= 0)
2734                         fileno += arg;
2735                 blkno = 0;
2736                 at_sm &= (arg == 0);
2737                 break;
2738         case MTBSFM:
2739                 chg_eof = 0;    /* Changed from the FSF after this */
2740                 fallthrough;
2741         case MTBSF:
2742                 cmd[0] = SPACE;
2743                 cmd[1] = 0x01;  /* Space FileMarks */
2744                 ltmp = (-arg);
2745                 cmd[2] = (ltmp >> 16);
2746                 cmd[3] = (ltmp >> 8);
2747                 cmd[4] = ltmp;
2748                 deb_space_print(STp, ST_DEB_BACKWARD, "filemarks", cmd);
2749                 if (fileno >= 0)
2750                         fileno -= arg;
2751                 blkno = (-1);   /* We can't know the block number */
2752                 at_sm &= (arg == 0);
2753                 break;
2754         case MTFSR:
2755                 cmd[0] = SPACE;
2756                 cmd[1] = 0x00;  /* Space Blocks */
2757                 cmd[2] = (arg >> 16);
2758                 cmd[3] = (arg >> 8);
2759                 cmd[4] = arg;
2760                 deb_space_print(STp, ST_DEB_FORWARD, "blocks", cmd);
2761                 if (blkno >= 0)
2762                         blkno += arg;
2763                 at_sm &= (arg == 0);
2764                 break;
2765         case MTBSR:
2766                 cmd[0] = SPACE;
2767                 cmd[1] = 0x00;  /* Space Blocks */
2768                 ltmp = (-arg);
2769                 cmd[2] = (ltmp >> 16);
2770                 cmd[3] = (ltmp >> 8);
2771                 cmd[4] = ltmp;
2772                 deb_space_print(STp, ST_DEB_BACKWARD, "blocks", cmd);
2773                 if (blkno >= 0)
2774                         blkno -= arg;
2775                 at_sm &= (arg == 0);
2776                 break;
2777         case MTFSS:
2778                 cmd[0] = SPACE;
2779                 cmd[1] = 0x04;  /* Space Setmarks */
2780                 cmd[2] = (arg >> 16);
2781                 cmd[3] = (arg >> 8);
2782                 cmd[4] = arg;
2783                 deb_space_print(STp, ST_DEB_FORWARD, "setmarks", cmd);
2784                 if (arg != 0) {
2785                         blkno = fileno = (-1);
2786                         at_sm = 1;
2787                 }
2788                 break;
2789         case MTBSS:
2790                 cmd[0] = SPACE;
2791                 cmd[1] = 0x04;  /* Space Setmarks */
2792                 ltmp = (-arg);
2793                 cmd[2] = (ltmp >> 16);
2794                 cmd[3] = (ltmp >> 8);
2795                 cmd[4] = ltmp;
2796                 deb_space_print(STp, ST_DEB_BACKWARD, "setmarks", cmd);
2797                 if (arg != 0) {
2798                         blkno = fileno = (-1);
2799                         at_sm = 1;
2800                 }
2801                 break;
2802         case MTWEOF:
2803         case MTWEOFI:
2804         case MTWSM:
2805                 if (STp->write_prot)
2806                         return (-EACCES);
2807                 cmd[0] = WRITE_FILEMARKS;
2808                 if (cmd_in == MTWSM)
2809                         cmd[1] = 2;
2810                 if (cmd_in == MTWEOFI ||
2811                     (cmd_in == MTWEOF && STp->immediate_filemark))
2812                         cmd[1] |= 1;
2813                 cmd[2] = (arg >> 16);
2814                 cmd[3] = (arg >> 8);
2815                 cmd[4] = arg;
2816                 timeout = STp->device->request_queue->rq_timeout;
2817                 DEBC(
2818                         if (cmd_in != MTWSM)
2819                                 st_printk(ST_DEB_MSG, STp,
2820                                           "Writing %d filemarks.\n",
2821                                           cmd[2] * 65536 +
2822                                           cmd[3] * 256 +
2823                                           cmd[4]);
2824                         else
2825                                 st_printk(ST_DEB_MSG, STp,
2826                                           "Writing %d setmarks.\n",
2827                                           cmd[2] * 65536 +
2828                                           cmd[3] * 256 +
2829                                           cmd[4]);
2830                 )
2831                 if (fileno >= 0)
2832                         fileno += arg;
2833                 blkno = 0;
2834                 at_sm = (cmd_in == MTWSM);
2835                 break;
2836         case MTREW:
2837                 cmd[0] = REZERO_UNIT;
2838                 if (STp->immediate) {
2839                         cmd[1] = 1;     /* Don't wait for completion */
2840                         timeout = STp->device->request_queue->rq_timeout;
2841                 }
2842                 DEBC_printk(STp, "Rewinding tape.\n");
2843                 fileno = blkno = at_sm = 0;
2844                 break;
2845         case MTNOP:
2846                 DEBC_printk(STp, "No op on tape.\n");
2847                 return 0;       /* Should do something ? */
2848         case MTRETEN:
2849                 cmd[0] = START_STOP;
2850                 if (STp->immediate) {
2851                         cmd[1] = 1;     /* Don't wait for completion */
2852                         timeout = STp->device->request_queue->rq_timeout;
2853                 }
2854                 cmd[4] = 3;
2855                 DEBC_printk(STp, "Retensioning tape.\n");
2856                 fileno = blkno = at_sm = 0;
2857                 break;
2858         case MTEOM:
2859                 if (!STp->fast_mteom) {
2860                         /* space to the end of tape */
2861                         ioctl_result = st_int_ioctl(STp, MTFSF, 0x7fffff);
2862                         fileno = STps->drv_file;
2863                         if (STps->eof >= ST_EOD_1)
2864                                 return 0;
2865                         /* The next lines would hide the number of spaced FileMarks
2866                            That's why I inserted the previous lines. I had no luck
2867                            with detecting EOM with FSF, so we go now to EOM.
2868                            Joerg Weule */
2869                 } else
2870                         fileno = (-1);
2871                 cmd[0] = SPACE;
2872                 cmd[1] = 3;
2873                 DEBC_printk(STp, "Spacing to end of recorded medium.\n");
2874                 blkno = -1;
2875                 at_sm = 0;
2876                 break;
2877         case MTERASE:
2878                 if (STp->write_prot)
2879                         return (-EACCES);
2880                 cmd[0] = ERASE;
2881                 cmd[1] = (arg ? 1 : 0); /* Long erase with non-zero argument */
2882                 if (STp->immediate) {
2883                         cmd[1] |= 2;    /* Don't wait for completion */
2884                         timeout = STp->device->request_queue->rq_timeout;
2885                 }
2886                 else
2887                         timeout = STp->long_timeout * 8;
2888
2889                 DEBC_printk(STp, "Erasing tape.\n");
2890                 fileno = blkno = at_sm = 0;
2891                 break;
2892         case MTSETBLK:          /* Set block length */
2893         case MTSETDENSITY:      /* Set tape density */
2894         case MTSETDRVBUFFER:    /* Set drive buffering */
2895         case SET_DENS_AND_BLK:  /* Set density and block size */
2896                 chg_eof = 0;
2897                 if (STp->dirty || (STp->buffer)->buffer_bytes != 0)
2898                         return (-EIO);  /* Not allowed if data in buffer */
2899                 if ((cmd_in == MTSETBLK || cmd_in == SET_DENS_AND_BLK) &&
2900                     (arg & MT_ST_BLKSIZE_MASK) != 0 &&
2901                     STp->max_block > 0 &&
2902                     ((arg & MT_ST_BLKSIZE_MASK) < STp->min_block ||
2903                      (arg & MT_ST_BLKSIZE_MASK) > STp->max_block)) {
2904                         st_printk(KERN_WARNING, STp, "Illegal block size.\n");
2905                         return (-EINVAL);
2906                 }
2907                 cmd[0] = MODE_SELECT;
2908                 if ((STp->use_pf & USE_PF))
2909                         cmd[1] = MODE_SELECT_PAGE_FORMAT;
2910                 cmd[4] = datalen = 12;
2911                 direction = DMA_TO_DEVICE;
2912
2913                 memset((STp->buffer)->b_data, 0, 12);
2914                 if (cmd_in == MTSETDRVBUFFER)
2915                         (STp->buffer)->b_data[2] = (arg & 7) << 4;
2916                 else
2917                         (STp->buffer)->b_data[2] =
2918                             STp->drv_buffer << 4;
2919                 (STp->buffer)->b_data[3] = 8;   /* block descriptor length */
2920                 if (cmd_in == MTSETDENSITY) {
2921                         (STp->buffer)->b_data[4] = arg;
2922                         STp->density_changed = 1;       /* At least we tried ;-) */
2923                 } else if (cmd_in == SET_DENS_AND_BLK)
2924                         (STp->buffer)->b_data[4] = arg >> 24;
2925                 else
2926                         (STp->buffer)->b_data[4] = STp->density;
2927                 if (cmd_in == MTSETBLK || cmd_in == SET_DENS_AND_BLK) {
2928                         ltmp = arg & MT_ST_BLKSIZE_MASK;
2929                         if (cmd_in == MTSETBLK)
2930                                 STp->blksize_changed = 1; /* At least we tried ;-) */
2931                 } else
2932                         ltmp = STp->block_size;
2933                 (STp->buffer)->b_data[9] = (ltmp >> 16);
2934                 (STp->buffer)->b_data[10] = (ltmp >> 8);
2935                 (STp->buffer)->b_data[11] = ltmp;
2936                 timeout = STp->device->request_queue->rq_timeout;
2937                 DEBC(
2938                         if (cmd_in == MTSETBLK || cmd_in == SET_DENS_AND_BLK)
2939                                 st_printk(ST_DEB_MSG, STp,
2940                                           "Setting block size to %d bytes.\n",
2941                                           (STp->buffer)->b_data[9] * 65536 +
2942                                           (STp->buffer)->b_data[10] * 256 +
2943                                           (STp->buffer)->b_data[11]);
2944                         if (cmd_in == MTSETDENSITY || cmd_in == SET_DENS_AND_BLK)
2945                                 st_printk(ST_DEB_MSG, STp,
2946                                           "Setting density code to %x.\n",
2947                                           (STp->buffer)->b_data[4]);
2948                         if (cmd_in == MTSETDRVBUFFER)
2949                                 st_printk(ST_DEB_MSG, STp,
2950                                           "Setting drive buffer code to %d.\n",
2951                                           ((STp->buffer)->b_data[2] >> 4) & 7);
2952                 )
2953                 break;
2954         default:
2955                 return (-ENOSYS);
2956         }
2957
2958         SRpnt = st_do_scsi(NULL, STp, cmd, datalen, direction,
2959                            timeout, MAX_RETRIES, 1);
2960         if (!SRpnt)
2961                 return (STp->buffer)->syscall_result;
2962
2963         ioctl_result = (STp->buffer)->syscall_result;
2964
2965         if (!ioctl_result) {    /* SCSI command successful */
2966                 st_release_request(SRpnt);
2967                 SRpnt = NULL;
2968                 STps->drv_block = blkno;
2969                 STps->drv_file = fileno;
2970                 STps->at_sm = at_sm;
2971
2972                 if (cmd_in == MTBSFM)
2973                         ioctl_result = st_int_ioctl(STp, MTFSF, 1);
2974                 else if (cmd_in == MTFSFM)
2975                         ioctl_result = st_int_ioctl(STp, MTBSF, 1);
2976
2977                 if (cmd_in == MTSETBLK || cmd_in == SET_DENS_AND_BLK) {
2978                         STp->block_size = arg & MT_ST_BLKSIZE_MASK;
2979                         if (STp->block_size != 0) {
2980                                 (STp->buffer)->buffer_blocks =
2981                                     (STp->buffer)->buffer_size / STp->block_size;
2982                         }
2983                         (STp->buffer)->buffer_bytes = (STp->buffer)->read_pointer = 0;
2984                         if (cmd_in == SET_DENS_AND_BLK)
2985                                 STp->density = arg >> MT_ST_DENSITY_SHIFT;
2986                 } else if (cmd_in == MTSETDRVBUFFER)
2987                         STp->drv_buffer = (arg & 7);
2988                 else if (cmd_in == MTSETDENSITY)
2989                         STp->density = arg;
2990
2991                 if (cmd_in == MTEOM)
2992                         STps->eof = ST_EOD;
2993                 else if (cmd_in == MTFSF)
2994                         STps->eof = ST_FM;
2995                 else if (chg_eof)
2996                         STps->eof = ST_NOEOF;
2997
2998                 if (cmd_in == MTWEOF || cmd_in == MTWEOFI)
2999                         STps->rw = ST_IDLE;  /* prevent automatic WEOF at close */
3000         } else { /* SCSI command was not completely successful. Don't return
3001                     from this block without releasing the SCSI command block! */
3002                 struct st_cmdstatus *cmdstatp = &STp->buffer->cmdstat;
3003
3004                 if (cmdstatp->flags & SENSE_EOM) {
3005                         if (cmd_in != MTBSF && cmd_in != MTBSFM &&
3006                             cmd_in != MTBSR && cmd_in != MTBSS)
3007                                 STps->eof = ST_EOM_OK;
3008                         STps->drv_block = 0;
3009                 }
3010
3011                 if (cmdstatp->remainder_valid)
3012                         undone = (int)cmdstatp->uremainder64;
3013                 else
3014                         undone = 0;
3015
3016                 if ((cmd_in == MTWEOF || cmd_in == MTWEOFI) &&
3017                     cmdstatp->have_sense &&
3018                     (cmdstatp->flags & SENSE_EOM)) {
3019                         if (cmdstatp->sense_hdr.sense_key == NO_SENSE ||
3020                             cmdstatp->sense_hdr.sense_key == RECOVERED_ERROR) {
3021                                 ioctl_result = 0;       /* EOF(s) written successfully at EOM */
3022                                 STps->eof = ST_NOEOF;
3023                         } else {  /* Writing EOF(s) failed */
3024                                 if (fileno >= 0)
3025                                         fileno -= undone;
3026                                 if (undone < arg)
3027                                         STps->eof = ST_NOEOF;
3028                         }
3029                         STps->drv_file = fileno;
3030                 } else if ((cmd_in == MTFSF) || (cmd_in == MTFSFM)) {
3031                         if (fileno >= 0)
3032                                 STps->drv_file = fileno - undone;
3033                         else
3034                                 STps->drv_file = fileno;
3035                         STps->drv_block = -1;
3036                         STps->eof = ST_NOEOF;
3037                 } else if ((cmd_in == MTBSF) || (cmd_in == MTBSFM)) {
3038                         if (arg > 0 && undone < 0)  /* Some drives get this wrong */
3039                                 undone = (-undone);
3040                         if (STps->drv_file >= 0)
3041                                 STps->drv_file = fileno + undone;
3042                         STps->drv_block = 0;
3043                         STps->eof = ST_NOEOF;
3044                 } else if (cmd_in == MTFSR) {
3045                         if (cmdstatp->flags & SENSE_FMK) {      /* Hit filemark */
3046                                 if (STps->drv_file >= 0)
3047                                         STps->drv_file++;
3048                                 STps->drv_block = 0;
3049                                 STps->eof = ST_FM;
3050                         } else {
3051                                 if (blkno >= undone)
3052                                         STps->drv_block = blkno - undone;
3053                                 else
3054                                         STps->drv_block = (-1);
3055                                 STps->eof = ST_NOEOF;
3056                         }
3057                 } else if (cmd_in == MTBSR) {
3058                         if (cmdstatp->flags & SENSE_FMK) {      /* Hit filemark */
3059                                 STps->drv_file--;
3060                                 STps->drv_block = (-1);
3061                         } else {
3062                                 if (arg > 0 && undone < 0)  /* Some drives get this wrong */
3063                                         undone = (-undone);
3064                                 if (STps->drv_block >= 0)
3065                                         STps->drv_block = blkno + undone;
3066                         }
3067                         STps->eof = ST_NOEOF;
3068                 } else if (cmd_in == MTEOM) {
3069                         STps->drv_file = (-1);
3070                         STps->drv_block = (-1);
3071                         STps->eof = ST_EOD;
3072                 } else if (cmd_in == MTSETBLK ||
3073                            cmd_in == MTSETDENSITY ||
3074                            cmd_in == MTSETDRVBUFFER ||
3075                            cmd_in == SET_DENS_AND_BLK) {
3076                         if (cmdstatp->sense_hdr.sense_key == ILLEGAL_REQUEST &&
3077                             !(STp->use_pf & PF_TESTED)) {
3078                                 /* Try the other possible state of Page Format if not
3079                                    already tried */
3080                                 STp->use_pf = (STp->use_pf ^ USE_PF) | PF_TESTED;
3081                                 st_release_request(SRpnt);
3082                                 SRpnt = NULL;
3083                                 return st_int_ioctl(STp, cmd_in, arg);
3084                         }
3085                 } else if (chg_eof)
3086                         STps->eof = ST_NOEOF;
3087
3088                 if (cmdstatp->sense_hdr.sense_key == BLANK_CHECK)
3089                         STps->eof = ST_EOD;
3090
3091                 st_release_request(SRpnt);
3092                 SRpnt = NULL;
3093         }
3094
3095         return ioctl_result;
3096 }
3097 \f
3098
3099 /* Get the tape position. If bt == 2, arg points into a kernel space mt_loc
3100    structure. */
3101
3102 static int get_location(struct scsi_tape *STp, unsigned int *block, int *partition,
3103                         int logical)
3104 {
3105         int result;
3106         unsigned char scmd[MAX_COMMAND_SIZE];
3107         struct st_request *SRpnt;
3108
3109         if (STp->ready != ST_READY)
3110                 return (-EIO);
3111
3112         memset(scmd, 0, MAX_COMMAND_SIZE);
3113         if ((STp->device)->scsi_level < SCSI_2) {
3114                 scmd[0] = QFA_REQUEST_BLOCK;
3115                 scmd[4] = 3;
3116         } else {
3117                 scmd[0] = READ_POSITION;
3118                 if (!logical && !STp->scsi2_logical)
3119                         scmd[1] = 1;
3120         }
3121         SRpnt = st_do_scsi(NULL, STp, scmd, 20, DMA_FROM_DEVICE,
3122                            STp->device->request_queue->rq_timeout,
3123                            MAX_READY_RETRIES, 1);
3124         if (!SRpnt)
3125                 return (STp->buffer)->syscall_result;
3126
3127         if ((STp->buffer)->syscall_result != 0 ||
3128             (STp->device->scsi_level >= SCSI_2 &&
3129              ((STp->buffer)->b_data[0] & 4) != 0)) {
3130                 *block = *partition = 0;
3131                 DEBC_printk(STp, " Can't read tape position.\n");
3132                 result = (-EIO);
3133         } else {
3134                 result = 0;
3135                 if ((STp->device)->scsi_level < SCSI_2) {
3136                         *block = ((STp->buffer)->b_data[0] << 16)
3137                             + ((STp->buffer)->b_data[1] << 8)
3138                             + (STp->buffer)->b_data[2];
3139                         *partition = 0;
3140                 } else {
3141                         *block = ((STp->buffer)->b_data[4] << 24)
3142                             + ((STp->buffer)->b_data[5] << 16)
3143                             + ((STp->buffer)->b_data[6] << 8)
3144                             + (STp->buffer)->b_data[7];
3145                         *partition = (STp->buffer)->b_data[1];
3146                         if (((STp->buffer)->b_data[0] & 0x80) &&
3147                             (STp->buffer)->b_data[1] == 0)      /* BOP of partition 0 */
3148                                 STp->ps[0].drv_block = STp->ps[0].drv_file = 0;
3149                 }
3150                 DEBC_printk(STp, "Got tape pos. blk %d part %d.\n",
3151                             *block, *partition);
3152         }
3153         st_release_request(SRpnt);
3154         SRpnt = NULL;
3155
3156         return result;
3157 }
3158
3159
3160 /* Set the tape block and partition. Negative partition means that only the
3161    block should be set in vendor specific way. */
3162 static int set_location(struct scsi_tape *STp, unsigned int block, int partition,
3163                         int logical)
3164 {
3165         struct st_partstat *STps;
3166         int result, p;
3167         unsigned int blk;
3168         int timeout;
3169         unsigned char scmd[MAX_COMMAND_SIZE];
3170         struct st_request *SRpnt;
3171
3172         if (STp->ready != ST_READY)
3173                 return (-EIO);
3174         timeout = STp->long_timeout;
3175         STps = &(STp->ps[STp->partition]);
3176
3177         DEBC_printk(STp, "Setting block to %d and partition to %d.\n",
3178                     block, partition);
3179         DEB(if (partition < 0)
3180                 return (-EIO); )
3181
3182         /* Update the location at the partition we are leaving */
3183         if ((!STp->can_partitions && partition != 0) ||
3184             partition >= ST_NBR_PARTITIONS)
3185                 return (-EINVAL);
3186         if (partition != STp->partition) {
3187                 if (get_location(STp, &blk, &p, 1))
3188                         STps->last_block_valid = 0;
3189                 else {
3190                         STps->last_block_valid = 1;
3191                         STps->last_block_visited = blk;
3192                         DEBC_printk(STp, "Visited block %d for "
3193                                     "partition %d saved.\n",
3194                                     blk, STp->partition);
3195                 }
3196         }
3197
3198         memset(scmd, 0, MAX_COMMAND_SIZE);
3199         if ((STp->device)->scsi_level < SCSI_2) {
3200                 scmd[0] = QFA_SEEK_BLOCK;
3201                 scmd[2] = (block >> 16);
3202                 scmd[3] = (block >> 8);
3203                 scmd[4] = block;
3204                 scmd[5] = 0;
3205         } else {
3206                 scmd[0] = SEEK_10;
3207                 scmd[3] = (block >> 24);
3208                 scmd[4] = (block >> 16);
3209                 scmd[5] = (block >> 8);
3210                 scmd[6] = block;
3211                 if (!logical && !STp->scsi2_logical)
3212                         scmd[1] = 4;
3213                 if (STp->partition != partition) {
3214                         scmd[1] |= 2;
3215                         scmd[8] = partition;
3216                         DEBC_printk(STp, "Trying to change partition "
3217                                     "from %d to %d\n", STp->partition,
3218                                     partition);
3219                 }
3220         }
3221         if (STp->immediate) {
3222                 scmd[1] |= 1;           /* Don't wait for completion */
3223                 timeout = STp->device->request_queue->rq_timeout;
3224         }
3225
3226         SRpnt = st_do_scsi(NULL, STp, scmd, 0, DMA_NONE,
3227                            timeout, MAX_READY_RETRIES, 1);
3228         if (!SRpnt)
3229                 return (STp->buffer)->syscall_result;
3230
3231         STps->drv_block = STps->drv_file = (-1);
3232         STps->eof = ST_NOEOF;
3233         if ((STp->buffer)->syscall_result != 0) {
3234                 result = (-EIO);
3235                 if (STp->can_partitions &&
3236                     (STp->device)->scsi_level >= SCSI_2 &&
3237                     (p = find_partition(STp)) >= 0)
3238                         STp->partition = p;
3239         } else {
3240                 if (STp->can_partitions) {
3241                         STp->partition = partition;
3242                         STps = &(STp->ps[partition]);
3243                         if (!STps->last_block_valid ||
3244                             STps->last_block_visited != block) {
3245                                 STps->at_sm = 0;
3246                                 STps->rw = ST_IDLE;
3247                         }
3248                 } else
3249                         STps->at_sm = 0;
3250                 if (block == 0)
3251                         STps->drv_block = STps->drv_file = 0;
3252                 result = 0;
3253         }
3254
3255         st_release_request(SRpnt);
3256         SRpnt = NULL;
3257
3258         return result;
3259 }
3260
3261
3262 /* Find the current partition number for the drive status. Called from open and
3263    returns either partition number of negative error code. */
3264 static int find_partition(struct scsi_tape *STp)
3265 {
3266         int i, partition;
3267         unsigned int block;
3268
3269         if ((i = get_location(STp, &block, &partition, 1)) < 0)
3270                 return i;
3271         if (partition >= ST_NBR_PARTITIONS)
3272                 return (-EIO);
3273         return partition;
3274 }
3275
3276
3277 /* Change the partition if necessary */
3278 static int switch_partition(struct scsi_tape *STp)
3279 {
3280         struct st_partstat *STps;
3281
3282         if (STp->partition == STp->new_partition)
3283                 return 0;
3284         STps = &(STp->ps[STp->new_partition]);
3285         if (!STps->last_block_valid)
3286                 STps->last_block_visited = 0;
3287         return set_location(STp, STps->last_block_visited, STp->new_partition, 1);
3288 }
3289 \f
3290 /* Functions for reading and writing the medium partition mode page. */
3291
3292 #define PART_PAGE   0x11
3293 #define PART_PAGE_FIXED_LENGTH 8
3294
3295 #define PP_OFF_MAX_ADD_PARTS   2
3296 #define PP_OFF_NBR_ADD_PARTS   3
3297 #define PP_OFF_FLAGS           4
3298 #define PP_OFF_PART_UNITS      6
3299 #define PP_OFF_RESERVED        7
3300
3301 #define PP_BIT_IDP             0x20
3302 #define PP_BIT_FDP             0x80
3303 #define PP_MSK_PSUM_MB         0x10
3304 #define PP_MSK_PSUM_UNITS      0x18
3305 #define PP_MSK_POFM            0x04
3306
3307 /* Get the number of partitions on the tape. As a side effect reads the
3308    mode page into the tape buffer. */
3309 static int nbr_partitions(struct scsi_tape *STp)
3310 {
3311         int result;
3312
3313         if (STp->ready != ST_READY)
3314                 return (-EIO);
3315
3316         result = read_mode_page(STp, PART_PAGE, 1);
3317
3318         if (result) {
3319                 DEBC_printk(STp, "Can't read medium partition page.\n");
3320                 result = (-EIO);
3321         } else {
3322                 result = (STp->buffer)->b_data[MODE_HEADER_LENGTH +
3323                                               PP_OFF_NBR_ADD_PARTS] + 1;
3324                 DEBC_printk(STp, "Number of partitions %d.\n", result);
3325         }
3326
3327         return result;
3328 }
3329
3330
3331 static int format_medium(struct scsi_tape *STp, int format)
3332 {
3333         int result = 0;
3334         int timeout = STp->long_timeout;
3335         unsigned char scmd[MAX_COMMAND_SIZE];
3336         struct st_request *SRpnt;
3337
3338         memset(scmd, 0, MAX_COMMAND_SIZE);
3339         scmd[0] = FORMAT_UNIT;
3340         scmd[2] = format;
3341         if (STp->immediate) {
3342                 scmd[1] |= 1;           /* Don't wait for completion */
3343                 timeout = STp->device->request_queue->rq_timeout;
3344         }
3345         DEBC_printk(STp, "Sending FORMAT MEDIUM\n");
3346         SRpnt = st_do_scsi(NULL, STp, scmd, 0, DMA_NONE,
3347                            timeout, MAX_RETRIES, 1);
3348         if (!SRpnt)
3349                 result = STp->buffer->syscall_result;
3350         return result;
3351 }
3352
3353
3354 /* Partition the tape into two partitions if size > 0 or one partition if
3355    size == 0.
3356
3357    The block descriptors are read and written because Sony SDT-7000 does not
3358    work without this (suggestion from Michael Schaefer <Michael.Schaefer@dlr.de>).
3359
3360    My HP C1533A drive returns only one partition size field. This is used to
3361    set the size of partition 1. There is no size field for the default partition.
3362    Michael Schaefer's Sony SDT-7000 returns two descriptors and the second is
3363    used to set the size of partition 1 (this is what the SCSI-3 standard specifies).
3364    The following algorithm is used to accommodate both drives: if the number of
3365    partition size fields is greater than the maximum number of additional partitions
3366    in the mode page, the second field is used. Otherwise the first field is used.
3367
3368    For Seagate DDS drives the page length must be 8 when no partitions is defined
3369    and 10 when 1 partition is defined (information from Eric Lee Green). This is
3370    is acceptable also to some other old drives and enforced if the first partition
3371    size field is used for the first additional partition size.
3372
3373    For drives that advertize SCSI-3 or newer, use the SSC-3 methods.
3374  */
3375 static int partition_tape(struct scsi_tape *STp, int size)
3376 {
3377         int result;
3378         int target_partition;
3379         bool scsi3 = STp->device->scsi_level >= SCSI_3, needs_format = false;
3380         int pgo, psd_cnt, psdo;
3381         int psum = PP_MSK_PSUM_MB, units = 0;
3382         unsigned char *bp;
3383
3384         result = read_mode_page(STp, PART_PAGE, 0);
3385         if (result) {
3386                 DEBC_printk(STp, "Can't read partition mode page.\n");
3387                 return result;
3388         }
3389         target_partition = 1;
3390         if (size < 0) {
3391                 target_partition = 0;
3392                 size = -size;
3393         }
3394
3395         /* The mode page is in the buffer. Let's modify it and write it. */
3396         bp = (STp->buffer)->b_data;
3397         pgo = MODE_HEADER_LENGTH + bp[MH_OFF_BDESCS_LENGTH];
3398         DEBC_printk(STp, "Partition page length is %d bytes.\n",
3399                     bp[pgo + MP_OFF_PAGE_LENGTH] + 2);
3400
3401         psd_cnt = (bp[pgo + MP_OFF_PAGE_LENGTH] + 2 - PART_PAGE_FIXED_LENGTH) / 2;
3402
3403         if (scsi3) {
3404                 needs_format = (bp[pgo + PP_OFF_FLAGS] & PP_MSK_POFM) != 0;
3405                 if (needs_format && size == 0) {
3406                         /* No need to write the mode page when clearing
3407                          *  partitioning
3408                          */
3409                         DEBC_printk(STp, "Formatting tape with one partition.\n");
3410                         result = format_medium(STp, 0);
3411                         goto out;
3412                 }
3413                 if (needs_format)  /* Leave the old value for HP DATs claiming SCSI_3 */
3414                         psd_cnt = 2;
3415                 if ((bp[pgo + PP_OFF_FLAGS] & PP_MSK_PSUM_UNITS) == PP_MSK_PSUM_UNITS) {
3416                         /* Use units scaling for large partitions if the device
3417                          * suggests it and no precision lost. Required for IBM
3418                          * TS1140/50 drives that don't support MB units.
3419                          */
3420                         if (size >= 1000 && (size % 1000) == 0) {
3421                                 size /= 1000;
3422                                 psum = PP_MSK_PSUM_UNITS;
3423                                 units = 9; /* GB */
3424                         }
3425                 }
3426                 /* Try it anyway if too large to specify in MB */
3427                 if (psum == PP_MSK_PSUM_MB && size >= 65534) {
3428                         size /= 1000;
3429                         psum = PP_MSK_PSUM_UNITS;
3430                         units = 9;  /* GB */
3431                 }
3432         }
3433
3434         if (size >= 65535 ||  /* Does not fit into two bytes */
3435             (target_partition == 0 && psd_cnt < 2)) {
3436                 result = -EINVAL;
3437                 goto out;
3438         }
3439
3440         psdo = pgo + PART_PAGE_FIXED_LENGTH;
3441         /* The second condition is for HP DDS which use only one partition size
3442          * descriptor
3443          */
3444         if (target_partition > 0 &&
3445             (psd_cnt > bp[pgo + PP_OFF_MAX_ADD_PARTS] ||
3446              bp[pgo + PP_OFF_MAX_ADD_PARTS] != 1)) {
3447                 bp[psdo] = bp[psdo + 1] = 0xff;  /* Rest to partition 0 */
3448                 psdo += 2;
3449         }
3450         memset(bp + psdo, 0, bp[pgo + PP_OFF_NBR_ADD_PARTS] * 2);
3451
3452         DEBC_printk(STp, "psd_cnt %d, max.parts %d, nbr_parts %d\n",
3453                     psd_cnt, bp[pgo + PP_OFF_MAX_ADD_PARTS],
3454                     bp[pgo + PP_OFF_NBR_ADD_PARTS]);
3455
3456         if (size == 0) {
3457                 bp[pgo + PP_OFF_NBR_ADD_PARTS] = 0;
3458                 if (psd_cnt <= bp[pgo + PP_OFF_MAX_ADD_PARTS])
3459                     bp[pgo + MP_OFF_PAGE_LENGTH] = 6;
3460                 DEBC_printk(STp, "Formatting tape with one partition.\n");
3461         } else {
3462                 bp[psdo] = (size >> 8) & 0xff;
3463                 bp[psdo + 1] = size & 0xff;
3464                 if (target_partition == 0)
3465                         bp[psdo + 2] = bp[psdo + 3] = 0xff;
3466                 bp[pgo + 3] = 1;
3467                 if (bp[pgo + MP_OFF_PAGE_LENGTH] < 8)
3468                     bp[pgo + MP_OFF_PAGE_LENGTH] = 8;
3469                 DEBC_printk(STp,
3470                             "Formatting tape with two partitions (%i = %d MB).\n",
3471                             target_partition, units > 0 ? size * 1000 : size);
3472         }
3473         bp[pgo + PP_OFF_PART_UNITS] = 0;
3474         bp[pgo + PP_OFF_RESERVED] = 0;
3475         if (size != 1 || units != 0) {
3476                 bp[pgo + PP_OFF_FLAGS] = PP_BIT_IDP | psum |
3477                         (bp[pgo + PP_OFF_FLAGS] & 0x07);
3478                 bp[pgo + PP_OFF_PART_UNITS] = units;
3479         } else
3480                 bp[pgo + PP_OFF_FLAGS] = PP_BIT_FDP |
3481                         (bp[pgo + PP_OFF_FLAGS] & 0x1f);
3482         bp[pgo + MP_OFF_PAGE_LENGTH] = 6 + psd_cnt * 2;
3483
3484         result = write_mode_page(STp, PART_PAGE, 1);
3485
3486         if (!result && needs_format)
3487                 result = format_medium(STp, 1);
3488
3489         if (result) {
3490                 st_printk(KERN_INFO, STp, "Partitioning of tape failed.\n");
3491                 result = (-EIO);
3492         }
3493
3494 out:
3495         return result;
3496 }
3497 \f
3498
3499
3500 /* The ioctl command */
3501 static long st_ioctl(struct file *file, unsigned int cmd_in, unsigned long arg)
3502 {
3503         void __user *p = (void __user *)arg;
3504         int i, cmd_nr, cmd_type, bt;
3505         int retval = 0;
3506         unsigned int blk;
3507         struct scsi_tape *STp = file->private_data;
3508         struct st_modedef *STm;
3509         struct st_partstat *STps;
3510
3511         if (mutex_lock_interruptible(&STp->lock))
3512                 return -ERESTARTSYS;
3513
3514         DEB(
3515         if (debugging && !STp->in_use) {
3516                 st_printk(ST_DEB_MSG, STp, "Incorrect device.\n");
3517                 retval = (-EIO);
3518                 goto out;
3519         } ) /* end DEB */
3520
3521         STm = &(STp->modes[STp->current_mode]);
3522         STps = &(STp->ps[STp->partition]);
3523
3524         /*
3525          * If we are in the middle of error recovery, don't let anyone
3526          * else try and use this device.  Also, if error recovery fails, it
3527          * may try and take the device offline, in which case all further
3528          * access to the device is prohibited.
3529          */
3530         retval = scsi_ioctl_block_when_processing_errors(STp->device, cmd_in,
3531                         file->f_flags & O_NDELAY);
3532         if (retval)
3533                 goto out;
3534
3535         cmd_type = _IOC_TYPE(cmd_in);
3536         cmd_nr = _IOC_NR(cmd_in);
3537
3538         if (cmd_type == _IOC_TYPE(MTIOCTOP) && cmd_nr == _IOC_NR(MTIOCTOP)) {
3539                 struct mtop mtc;
3540
3541                 if (_IOC_SIZE(cmd_in) != sizeof(mtc)) {
3542                         retval = (-EINVAL);
3543                         goto out;
3544                 }
3545
3546                 i = copy_from_user(&mtc, p, sizeof(struct mtop));
3547                 if (i) {
3548                         retval = (-EFAULT);
3549                         goto out;
3550                 }
3551
3552                 if (mtc.mt_op == MTSETDRVBUFFER && !capable(CAP_SYS_ADMIN)) {
3553                         st_printk(KERN_WARNING, STp,
3554                                   "MTSETDRVBUFFER only allowed for root.\n");
3555                         retval = (-EPERM);
3556                         goto out;
3557                 }
3558                 if (!STm->defined &&
3559                     (mtc.mt_op != MTSETDRVBUFFER &&
3560                      (mtc.mt_count & MT_ST_OPTIONS) == 0)) {
3561                         retval = (-ENXIO);
3562                         goto out;
3563                 }
3564
3565                 if (!STp->pos_unknown) {
3566
3567                         if (STps->eof == ST_FM_HIT) {
3568                                 if (mtc.mt_op == MTFSF || mtc.mt_op == MTFSFM ||
3569                                     mtc.mt_op == MTEOM) {
3570                                         mtc.mt_count -= 1;
3571                                         if (STps->drv_file >= 0)
3572                                                 STps->drv_file += 1;
3573                                 } else if (mtc.mt_op == MTBSF || mtc.mt_op == MTBSFM) {
3574                                         mtc.mt_count += 1;
3575                                         if (STps->drv_file >= 0)
3576                                                 STps->drv_file += 1;
3577                                 }
3578                         }
3579
3580                         if (mtc.mt_op == MTSEEK) {
3581                                 /* Old position must be restored if partition will be
3582                                    changed */
3583                                 i = !STp->can_partitions ||
3584                                     (STp->new_partition != STp->partition);
3585                         } else {
3586                                 i = mtc.mt_op == MTREW || mtc.mt_op == MTOFFL ||
3587                                     mtc.mt_op == MTRETEN || mtc.mt_op == MTEOM ||
3588                                     mtc.mt_op == MTLOCK || mtc.mt_op == MTLOAD ||
3589                                     mtc.mt_op == MTFSF || mtc.mt_op == MTFSFM ||
3590                                     mtc.mt_op == MTBSF || mtc.mt_op == MTBSFM ||
3591                                     mtc.mt_op == MTCOMPRESSION;
3592                         }
3593                         i = flush_buffer(STp, i);
3594                         if (i < 0) {
3595                                 retval = i;
3596                                 goto out;
3597                         }
3598                         if (STps->rw == ST_WRITING &&
3599                             (mtc.mt_op == MTREW || mtc.mt_op == MTOFFL ||
3600                              mtc.mt_op == MTSEEK ||
3601                              mtc.mt_op == MTBSF || mtc.mt_op == MTBSFM)) {
3602                                 i = st_int_ioctl(STp, MTWEOF, 1);
3603                                 if (i < 0) {
3604                                         retval = i;
3605                                         goto out;
3606                                 }
3607                                 if (mtc.mt_op == MTBSF || mtc.mt_op == MTBSFM)
3608                                         mtc.mt_count++;
3609                                 STps->rw = ST_IDLE;
3610                              }
3611
3612                 } else {
3613                         /*
3614                          * If there was a bus reset, block further access
3615                          * to this device.  If the user wants to rewind the tape,
3616                          * then reset the flag and allow access again.
3617                          */
3618                         if (mtc.mt_op != MTREW &&
3619                             mtc.mt_op != MTOFFL &&
3620                             mtc.mt_op != MTRETEN &&
3621                             mtc.mt_op != MTERASE &&
3622                             mtc.mt_op != MTSEEK &&
3623                             mtc.mt_op != MTEOM) {
3624                                 retval = (-EIO);
3625                                 goto out;
3626                         }
3627                         reset_state(STp);
3628                         /* remove this when the midlevel properly clears was_reset */
3629                         STp->device->was_reset = 0;
3630                 }
3631
3632                 if (mtc.mt_op != MTNOP && mtc.mt_op != MTSETBLK &&
3633                     mtc.mt_op != MTSETDENSITY && mtc.mt_op != MTWSM &&
3634                     mtc.mt_op != MTSETDRVBUFFER && mtc.mt_op != MTSETPART)
3635                         STps->rw = ST_IDLE;     /* Prevent automatic WEOF and fsf */
3636
3637                 if (mtc.mt_op == MTOFFL && STp->door_locked != ST_UNLOCKED)
3638                         do_door_lock(STp, 0);   /* Ignore result! */
3639
3640                 if (mtc.mt_op == MTSETDRVBUFFER &&
3641                     (mtc.mt_count & MT_ST_OPTIONS) != 0) {
3642                         retval = st_set_options(STp, mtc.mt_count);
3643                         goto out;
3644                 }
3645
3646                 if (mtc.mt_op == MTSETPART) {
3647                         if (!STp->can_partitions ||
3648                             mtc.mt_count < 0 || mtc.mt_count >= ST_NBR_PARTITIONS) {
3649                                 retval = (-EINVAL);
3650                                 goto out;
3651                         }
3652                         if (mtc.mt_count >= STp->nbr_partitions &&
3653                             (STp->nbr_partitions = nbr_partitions(STp)) < 0) {
3654                                 retval = (-EIO);
3655                                 goto out;
3656                         }
3657                         if (mtc.mt_count >= STp->nbr_partitions) {
3658                                 retval = (-EINVAL);
3659                                 goto out;
3660                         }
3661                         STp->new_partition = mtc.mt_count;
3662                         retval = 0;
3663                         goto out;
3664                 }
3665
3666                 if (mtc.mt_op == MTMKPART) {
3667                         if (!STp->can_partitions) {
3668                                 retval = (-EINVAL);
3669                                 goto out;
3670                         }
3671                         i = do_load_unload(STp, file, 1);
3672                         if (i < 0) {
3673                                 retval = i;
3674                                 goto out;
3675                         }
3676                         i = partition_tape(STp, mtc.mt_count);
3677                         if (i < 0) {
3678                                 retval = i;
3679                                 goto out;
3680                         }
3681                         for (i = 0; i < ST_NBR_PARTITIONS; i++) {
3682                                 STp->ps[i].rw = ST_IDLE;
3683                                 STp->ps[i].at_sm = 0;
3684                                 STp->ps[i].last_block_valid = 0;
3685                         }
3686                         STp->partition = STp->new_partition = 0;
3687                         STp->nbr_partitions = mtc.mt_count != 0 ? 2 : 1;
3688                         STps->drv_block = STps->drv_file = 0;
3689                         retval = 0;
3690                         goto out;
3691                 }
3692
3693                 if (mtc.mt_op == MTSEEK) {
3694                         i = set_location(STp, mtc.mt_count, STp->new_partition, 0);
3695                         if (!STp->can_partitions)
3696                                 STp->ps[0].rw = ST_IDLE;
3697                         retval = i;
3698                         goto out;
3699                 }
3700
3701                 if (mtc.mt_op == MTUNLOAD || mtc.mt_op == MTOFFL) {
3702                         retval = do_load_unload(STp, file, 0);
3703                         goto out;
3704                 }
3705
3706                 if (mtc.mt_op == MTLOAD) {
3707                         retval = do_load_unload(STp, file, max(1, mtc.mt_count));
3708                         goto out;
3709                 }
3710
3711                 if (mtc.mt_op == MTLOCK || mtc.mt_op == MTUNLOCK) {
3712                         retval = do_door_lock(STp, (mtc.mt_op == MTLOCK));
3713                         goto out;
3714                 }
3715
3716                 if (STp->can_partitions && STp->ready == ST_READY &&
3717                     (i = switch_partition(STp)) < 0) {
3718                         retval = i;
3719                         goto out;
3720                 }
3721
3722                 if (mtc.mt_op == MTCOMPRESSION)
3723                         retval = st_compression(STp, (mtc.mt_count & 1));
3724                 else
3725                         retval = st_int_ioctl(STp, mtc.mt_op, mtc.mt_count);
3726                 goto out;
3727         }
3728         if (!STm->defined) {
3729                 retval = (-ENXIO);
3730                 goto out;
3731         }
3732
3733         if ((i = flush_buffer(STp, 0)) < 0) {
3734                 retval = i;
3735                 goto out;
3736         }
3737         if (STp->can_partitions &&
3738             (i = switch_partition(STp)) < 0) {
3739                 retval = i;
3740                 goto out;
3741         }
3742
3743         if (cmd_type == _IOC_TYPE(MTIOCGET) && cmd_nr == _IOC_NR(MTIOCGET)) {
3744                 struct mtget mt_status;
3745
3746                 if (_IOC_SIZE(cmd_in) != sizeof(struct mtget)) {
3747                          retval = (-EINVAL);
3748                          goto out;
3749                 }
3750
3751                 mt_status.mt_type = STp->tape_type;
3752                 mt_status.mt_dsreg =
3753                     ((STp->block_size << MT_ST_BLKSIZE_SHIFT) & MT_ST_BLKSIZE_MASK) |
3754                     ((STp->density << MT_ST_DENSITY_SHIFT) & MT_ST_DENSITY_MASK);
3755                 mt_status.mt_blkno = STps->drv_block;
3756                 mt_status.mt_fileno = STps->drv_file;
3757                 if (STp->block_size != 0) {
3758                         if (STps->rw == ST_WRITING)
3759                                 mt_status.mt_blkno +=
3760                                     (STp->buffer)->buffer_bytes / STp->block_size;
3761                         else if (STps->rw == ST_READING)
3762                                 mt_status.mt_blkno -=
3763                                         ((STp->buffer)->buffer_bytes +
3764                                          STp->block_size - 1) / STp->block_size;
3765                 }
3766
3767                 mt_status.mt_gstat = 0;
3768                 if (STp->drv_write_prot)
3769                         mt_status.mt_gstat |= GMT_WR_PROT(0xffffffff);
3770                 if (mt_status.mt_blkno == 0) {
3771                         if (mt_status.mt_fileno == 0)
3772                                 mt_status.mt_gstat |= GMT_BOT(0xffffffff);
3773                         else
3774                                 mt_status.mt_gstat |= GMT_EOF(0xffffffff);
3775                 }
3776                 mt_status.mt_erreg = (STp->recover_reg << MT_ST_SOFTERR_SHIFT);
3777                 mt_status.mt_resid = STp->partition;
3778                 if (STps->eof == ST_EOM_OK || STps->eof == ST_EOM_ERROR)
3779                         mt_status.mt_gstat |= GMT_EOT(0xffffffff);
3780                 else if (STps->eof >= ST_EOM_OK)
3781                         mt_status.mt_gstat |= GMT_EOD(0xffffffff);
3782                 if (STp->density == 1)
3783                         mt_status.mt_gstat |= GMT_D_800(0xffffffff);
3784                 else if (STp->density == 2)
3785                         mt_status.mt_gstat |= GMT_D_1600(0xffffffff);
3786                 else if (STp->density == 3)
3787                         mt_status.mt_gstat |= GMT_D_6250(0xffffffff);
3788                 if (STp->ready == ST_READY)
3789                         mt_status.mt_gstat |= GMT_ONLINE(0xffffffff);
3790                 if (STp->ready == ST_NO_TAPE)
3791                         mt_status.mt_gstat |= GMT_DR_OPEN(0xffffffff);
3792                 if (STps->at_sm)
3793                         mt_status.mt_gstat |= GMT_SM(0xffffffff);
3794                 if (STm->do_async_writes ||
3795                     (STm->do_buffer_writes && STp->block_size != 0) ||
3796                     STp->drv_buffer != 0)
3797                         mt_status.mt_gstat |= GMT_IM_REP_EN(0xffffffff);
3798                 if (STp->cleaning_req)
3799                         mt_status.mt_gstat |= GMT_CLN(0xffffffff);
3800
3801                 retval = put_user_mtget(p, &mt_status);
3802                 if (retval)
3803                         goto out;
3804
3805                 STp->recover_reg = 0;           /* Clear after read */
3806                 goto out;
3807         }                       /* End of MTIOCGET */
3808         if (cmd_type == _IOC_TYPE(MTIOCPOS) && cmd_nr == _IOC_NR(MTIOCPOS)) {
3809                 struct mtpos mt_pos;
3810                 if (_IOC_SIZE(cmd_in) != sizeof(struct mtpos)) {
3811                          retval = (-EINVAL);
3812                          goto out;
3813                 }
3814                 if ((i = get_location(STp, &blk, &bt, 0)) < 0) {
3815                         retval = i;
3816                         goto out;
3817                 }
3818                 mt_pos.mt_blkno = blk;
3819                 retval = put_user_mtpos(p, &mt_pos);
3820                 goto out;
3821         }
3822         mutex_unlock(&STp->lock);
3823
3824         switch (cmd_in) {
3825         case SG_IO:
3826         case SCSI_IOCTL_SEND_COMMAND:
3827         case CDROM_SEND_PACKET:
3828                 if (!capable(CAP_SYS_RAWIO))
3829                         return -EPERM;
3830                 break;
3831         default:
3832                 break;
3833         }
3834
3835         retval = scsi_ioctl(STp->device, file->f_mode, cmd_in, p);
3836         if (!retval && cmd_in == SCSI_IOCTL_STOP_UNIT) {
3837                 /* unload */
3838                 STp->rew_at_close = 0;
3839                 STp->ready = ST_NO_TAPE;
3840         }
3841         return retval;
3842
3843  out:
3844         mutex_unlock(&STp->lock);
3845         return retval;
3846 }
3847
3848 #ifdef CONFIG_COMPAT
3849 static long st_compat_ioctl(struct file *file, unsigned int cmd_in, unsigned long arg)
3850 {
3851         /* argument conversion is handled using put_user_mtpos/put_user_mtget */
3852         switch (cmd_in) {
3853         case MTIOCPOS32:
3854                 cmd_in = MTIOCPOS;
3855                 break;
3856         case MTIOCGET32:
3857                 cmd_in = MTIOCGET;
3858                 break;
3859         }
3860
3861         return st_ioctl(file, cmd_in, arg);
3862 }
3863 #endif
3864
3865 \f
3866
3867 /* Try to allocate a new tape buffer. Calling function must not hold
3868    dev_arr_lock. */
3869 static struct st_buffer *new_tape_buffer(int max_sg)
3870 {
3871         struct st_buffer *tb;
3872
3873         tb = kzalloc(sizeof(struct st_buffer), GFP_KERNEL);
3874         if (!tb) {
3875                 printk(KERN_NOTICE "st: Can't allocate new tape buffer.\n");
3876                 return NULL;
3877         }
3878         tb->frp_segs = 0;
3879         tb->use_sg = max_sg;
3880         tb->buffer_size = 0;
3881
3882         tb->reserved_pages = kcalloc(max_sg, sizeof(struct page *),
3883                                      GFP_KERNEL);
3884         if (!tb->reserved_pages) {
3885                 kfree(tb);
3886                 return NULL;
3887         }
3888
3889         return tb;
3890 }
3891
3892
3893 /* Try to allocate enough space in the tape buffer */
3894 #define ST_MAX_ORDER 6
3895
3896 static int enlarge_buffer(struct st_buffer * STbuffer, int new_size)
3897 {
3898         int segs, max_segs, b_size, order, got;
3899         gfp_t priority;
3900
3901         if (new_size <= STbuffer->buffer_size)
3902                 return 1;
3903
3904         if (STbuffer->buffer_size <= PAGE_SIZE)
3905                 normalize_buffer(STbuffer);  /* Avoid extra segment */
3906
3907         max_segs = STbuffer->use_sg;
3908
3909         priority = GFP_KERNEL | __GFP_NOWARN;
3910
3911         if (STbuffer->cleared)
3912                 priority |= __GFP_ZERO;
3913
3914         if (STbuffer->frp_segs) {
3915                 order = STbuffer->reserved_page_order;
3916                 b_size = PAGE_SIZE << order;
3917         } else {
3918                 for (b_size = PAGE_SIZE, order = 0;
3919                      order < ST_MAX_ORDER &&
3920                              max_segs * (PAGE_SIZE << order) < new_size;
3921                      order++, b_size *= 2)
3922                         ;  /* empty */
3923                 STbuffer->reserved_page_order = order;
3924         }
3925         if (max_segs * (PAGE_SIZE << order) < new_size) {
3926                 if (order == ST_MAX_ORDER)
3927                         return 0;
3928                 normalize_buffer(STbuffer);
3929                 return enlarge_buffer(STbuffer, new_size);
3930         }
3931
3932         for (segs = STbuffer->frp_segs, got = STbuffer->buffer_size;
3933              segs < max_segs && got < new_size;) {
3934                 struct page *page;
3935
3936                 page = alloc_pages(priority, order);
3937                 if (!page) {
3938                         DEB(STbuffer->buffer_size = got);
3939                         normalize_buffer(STbuffer);
3940                         return 0;
3941                 }
3942
3943                 STbuffer->frp_segs += 1;
3944                 got += b_size;
3945                 STbuffer->buffer_size = got;
3946                 STbuffer->reserved_pages[segs] = page;
3947                 segs++;
3948         }
3949         STbuffer->b_data = page_address(STbuffer->reserved_pages[0]);
3950
3951         return 1;
3952 }
3953
3954
3955 /* Make sure that no data from previous user is in the internal buffer */
3956 static void clear_buffer(struct st_buffer * st_bp)
3957 {
3958         int i;
3959
3960         for (i=0; i < st_bp->frp_segs; i++)
3961                 memset(page_address(st_bp->reserved_pages[i]), 0,
3962                        PAGE_SIZE << st_bp->reserved_page_order);
3963         st_bp->cleared = 1;
3964 }
3965
3966
3967 /* Release the extra buffer */
3968 static void normalize_buffer(struct st_buffer * STbuffer)
3969 {
3970         int i, order = STbuffer->reserved_page_order;
3971
3972         for (i = 0; i < STbuffer->frp_segs; i++) {
3973                 __free_pages(STbuffer->reserved_pages[i], order);
3974                 STbuffer->buffer_size -= (PAGE_SIZE << order);
3975         }
3976         STbuffer->frp_segs = 0;
3977         STbuffer->sg_segs = 0;
3978         STbuffer->reserved_page_order = 0;
3979         STbuffer->map_data.offset = 0;
3980 }
3981
3982
3983 /* Move data from the user buffer to the tape buffer. Returns zero (success) or
3984    negative error code. */
3985 static int append_to_buffer(const char __user *ubp, struct st_buffer * st_bp, int do_count)
3986 {
3987         int i, cnt, res, offset;
3988         int length = PAGE_SIZE << st_bp->reserved_page_order;
3989
3990         for (i = 0, offset = st_bp->buffer_bytes;
3991              i < st_bp->frp_segs && offset >= length; i++)
3992                 offset -= length;
3993         if (i == st_bp->frp_segs) {     /* Should never happen */
3994                 printk(KERN_WARNING "st: append_to_buffer offset overflow.\n");
3995                 return (-EIO);
3996         }
3997         for (; i < st_bp->frp_segs && do_count > 0; i++) {
3998                 struct page *page = st_bp->reserved_pages[i];
3999                 cnt = length - offset < do_count ? length - offset : do_count;
4000                 res = copy_from_user(page_address(page) + offset, ubp, cnt);
4001                 if (res)
4002                         return (-EFAULT);
4003                 do_count -= cnt;
4004                 st_bp->buffer_bytes += cnt;
4005                 ubp += cnt;
4006                 offset = 0;
4007         }
4008         if (do_count) /* Should never happen */
4009                 return (-EIO);
4010
4011         return 0;
4012 }
4013
4014
4015 /* Move data from the tape buffer to the user buffer. Returns zero (success) or
4016    negative error code. */
4017 static int from_buffer(struct st_buffer * st_bp, char __user *ubp, int do_count)
4018 {
4019         int i, cnt, res, offset;
4020         int length = PAGE_SIZE << st_bp->reserved_page_order;
4021
4022         for (i = 0, offset = st_bp->read_pointer;
4023              i < st_bp->frp_segs && offset >= length; i++)
4024                 offset -= length;
4025         if (i == st_bp->frp_segs) {     /* Should never happen */
4026                 printk(KERN_WARNING "st: from_buffer offset overflow.\n");
4027                 return (-EIO);
4028         }
4029         for (; i < st_bp->frp_segs && do_count > 0; i++) {
4030                 struct page *page = st_bp->reserved_pages[i];
4031                 cnt = length - offset < do_count ? length - offset : do_count;
4032                 res = copy_to_user(ubp, page_address(page) + offset, cnt);
4033                 if (res)
4034                         return (-EFAULT);
4035                 do_count -= cnt;
4036                 st_bp->buffer_bytes -= cnt;
4037                 st_bp->read_pointer += cnt;
4038                 ubp += cnt;
4039                 offset = 0;
4040         }
4041         if (do_count) /* Should never happen */
4042                 return (-EIO);
4043
4044         return 0;
4045 }
4046
4047
4048 /* Move data towards start of buffer */
4049 static void move_buffer_data(struct st_buffer * st_bp, int offset)
4050 {
4051         int src_seg, dst_seg, src_offset = 0, dst_offset;
4052         int count, total;
4053         int length = PAGE_SIZE << st_bp->reserved_page_order;
4054
4055         if (offset == 0)
4056                 return;
4057
4058         total=st_bp->buffer_bytes - offset;
4059         for (src_seg=0; src_seg < st_bp->frp_segs; src_seg++) {
4060                 src_offset = offset;
4061                 if (src_offset < length)
4062                         break;
4063                 offset -= length;
4064         }
4065
4066         st_bp->buffer_bytes = st_bp->read_pointer = total;
4067         for (dst_seg=dst_offset=0; total > 0; ) {
4068                 struct page *dpage = st_bp->reserved_pages[dst_seg];
4069                 struct page *spage = st_bp->reserved_pages[src_seg];
4070
4071                 count = min(length - dst_offset, length - src_offset);
4072                 memmove(page_address(dpage) + dst_offset,
4073                         page_address(spage) + src_offset, count);
4074                 src_offset += count;
4075                 if (src_offset >= length) {
4076                         src_seg++;
4077                         src_offset = 0;
4078                 }
4079                 dst_offset += count;
4080                 if (dst_offset >= length) {
4081                         dst_seg++;
4082                         dst_offset = 0;
4083                 }
4084                 total -= count;
4085         }
4086 }
4087
4088 /* Validate the options from command line or module parameters */
4089 static void validate_options(void)
4090 {
4091         if (buffer_kbs > 0)
4092                 st_fixed_buffer_size = buffer_kbs * ST_KILOBYTE;
4093         if (max_sg_segs >= ST_FIRST_SG)
4094                 st_max_sg_segs = max_sg_segs;
4095 }
4096
4097 #ifndef MODULE
4098 /* Set the boot options. Syntax is defined in Documenation/scsi/st.txt.
4099  */
4100 static int __init st_setup(char *str)
4101 {
4102         int i, len, ints[5];
4103         char *stp;
4104
4105         stp = get_options(str, ARRAY_SIZE(ints), ints);
4106
4107         if (ints[0] > 0) {
4108                 for (i = 0; i < ints[0] && i < ARRAY_SIZE(parms); i++)
4109                         if (parms[i].val)
4110                                 *parms[i].val = ints[i + 1];
4111         } else {
4112                 while (stp != NULL) {
4113                         for (i = 0; i < ARRAY_SIZE(parms); i++) {
4114                                 len = strlen(parms[i].name);
4115                                 if (!strncmp(stp, parms[i].name, len) &&
4116                                     (*(stp + len) == ':' || *(stp + len) == '=')) {
4117                                         if (parms[i].val)
4118                                                 *parms[i].val =
4119                                                         simple_strtoul(stp + len + 1, NULL, 0);
4120                                         else
4121                                                 printk(KERN_WARNING "st: Obsolete parameter %s\n",
4122                                                        parms[i].name);
4123                                         break;
4124                                 }
4125                         }
4126                         if (i >= ARRAY_SIZE(parms))
4127                                  printk(KERN_WARNING "st: invalid parameter in '%s'\n",
4128                                         stp);
4129                         stp = strchr(stp, ',');
4130                         if (stp)
4131                                 stp++;
4132                 }
4133         }
4134
4135         validate_options();
4136
4137         return 1;
4138 }
4139
4140 __setup("st=", st_setup);
4141
4142 #endif
4143
4144 static const struct file_operations st_fops =
4145 {
4146         .owner =        THIS_MODULE,
4147         .read =         st_read,
4148         .write =        st_write,
4149         .unlocked_ioctl = st_ioctl,
4150 #ifdef CONFIG_COMPAT
4151         .compat_ioctl = st_compat_ioctl,
4152 #endif
4153         .open =         st_open,
4154         .flush =        st_flush,
4155         .release =      st_release,
4156         .llseek =       noop_llseek,
4157 };
4158
4159 static int create_one_cdev(struct scsi_tape *tape, int mode, int rew)
4160 {
4161         int i, error;
4162         dev_t cdev_devno;
4163         struct cdev *cdev;
4164         struct device *dev;
4165         struct st_modedef *STm = &(tape->modes[mode]);
4166         char name[10];
4167         int dev_num = tape->index;
4168
4169         cdev_devno = MKDEV(SCSI_TAPE_MAJOR, TAPE_MINOR(dev_num, mode, rew));
4170
4171         cdev = cdev_alloc();
4172         if (!cdev) {
4173                 pr_err("st%d: out of memory. Device not attached.\n", dev_num);
4174                 error = -ENOMEM;
4175                 goto out;
4176         }
4177         cdev->owner = THIS_MODULE;
4178         cdev->ops = &st_fops;
4179         STm->cdevs[rew] = cdev;
4180
4181         error = cdev_add(cdev, cdev_devno, 1);
4182         if (error) {
4183                 pr_err("st%d: Can't add %s-rewind mode %d\n", dev_num,
4184                        rew ? "non" : "auto", mode);
4185                 pr_err("st%d: Device not attached.\n", dev_num);
4186                 goto out_free;
4187         }
4188
4189         i = mode << (4 - ST_NBR_MODE_BITS);
4190         snprintf(name, 10, "%s%s%s", rew ? "n" : "",
4191                  tape->name, st_formats[i]);
4192
4193         dev = device_create(&st_sysfs_class, &tape->device->sdev_gendev,
4194                             cdev_devno, &tape->modes[mode], "%s", name);
4195         if (IS_ERR(dev)) {
4196                 pr_err("st%d: device_create failed\n", dev_num);
4197                 error = PTR_ERR(dev);
4198                 goto out_free;
4199         }
4200
4201         STm->devs[rew] = dev;
4202
4203         return 0;
4204 out_free:
4205         cdev_del(STm->cdevs[rew]);
4206 out:
4207         STm->cdevs[rew] = NULL;
4208         STm->devs[rew] = NULL;
4209         return error;
4210 }
4211
4212 static int create_cdevs(struct scsi_tape *tape)
4213 {
4214         int mode, error;
4215         for (mode = 0; mode < ST_NBR_MODES; ++mode) {
4216                 error = create_one_cdev(tape, mode, 0);
4217                 if (error)
4218                         return error;
4219                 error = create_one_cdev(tape, mode, 1);
4220                 if (error)
4221                         return error;
4222         }
4223
4224         return sysfs_create_link(&tape->device->sdev_gendev.kobj,
4225                                  &tape->modes[0].devs[0]->kobj, "tape");
4226 }
4227
4228 static void remove_cdevs(struct scsi_tape *tape)
4229 {
4230         int mode, rew;
4231         sysfs_remove_link(&tape->device->sdev_gendev.kobj, "tape");
4232         for (mode = 0; mode < ST_NBR_MODES; mode++) {
4233                 struct st_modedef *STm = &(tape->modes[mode]);
4234                 for (rew = 0; rew < 2; rew++) {
4235                         if (STm->cdevs[rew])
4236                                 cdev_del(STm->cdevs[rew]);
4237                         if (STm->devs[rew])
4238                                 device_unregister(STm->devs[rew]);
4239                 }
4240         }
4241 }
4242
4243 static int st_probe(struct device *dev)
4244 {
4245         struct scsi_device *SDp = to_scsi_device(dev);
4246         struct scsi_tape *tpnt = NULL;
4247         struct st_modedef *STm;
4248         struct st_partstat *STps;
4249         struct st_buffer *buffer;
4250         int i, error;
4251
4252         if (SDp->type != TYPE_TAPE)
4253                 return -ENODEV;
4254         if (st_incompatible(SDp)) {
4255                 sdev_printk(KERN_INFO, SDp,
4256                             "OnStream tapes are no longer supported;\n");
4257                 sdev_printk(KERN_INFO, SDp,
4258                             "please mail to linux-scsi@vger.kernel.org.\n");
4259                 return -ENODEV;
4260         }
4261
4262         scsi_autopm_get_device(SDp);
4263         i = queue_max_segments(SDp->request_queue);
4264         if (st_max_sg_segs < i)
4265                 i = st_max_sg_segs;
4266         buffer = new_tape_buffer(i);
4267         if (buffer == NULL) {
4268                 sdev_printk(KERN_ERR, SDp,
4269                             "st: Can't allocate new tape buffer. "
4270                             "Device not attached.\n");
4271                 goto out;
4272         }
4273
4274         tpnt = kzalloc(sizeof(struct scsi_tape), GFP_KERNEL);
4275         if (tpnt == NULL) {
4276                 sdev_printk(KERN_ERR, SDp,
4277                             "st: Can't allocate device descriptor.\n");
4278                 goto out_buffer_free;
4279         }
4280         kref_init(&tpnt->kref);
4281
4282         tpnt->device = SDp;
4283         if (SDp->scsi_level <= 2)
4284                 tpnt->tape_type = MT_ISSCSI1;
4285         else
4286                 tpnt->tape_type = MT_ISSCSI2;
4287
4288         tpnt->buffer = buffer;
4289         tpnt->buffer->last_SRpnt = NULL;
4290
4291         tpnt->inited = 0;
4292         tpnt->dirty = 0;
4293         tpnt->in_use = 0;
4294         tpnt->drv_buffer = 1;   /* Try buffering if no mode sense */
4295         tpnt->use_pf = (SDp->scsi_level >= SCSI_2);
4296         tpnt->density = 0;
4297         tpnt->do_auto_lock = ST_AUTO_LOCK;
4298         tpnt->can_bsr = (SDp->scsi_level > 2 ? 1 : ST_IN_FILE_POS); /* BSR mandatory in SCSI3 */
4299         tpnt->can_partitions = 0;
4300         tpnt->two_fm = ST_TWO_FM;
4301         tpnt->fast_mteom = ST_FAST_MTEOM;
4302         tpnt->scsi2_logical = ST_SCSI2LOGICAL;
4303         tpnt->sili = ST_SILI;
4304         tpnt->immediate = ST_NOWAIT;
4305         tpnt->immediate_filemark = 0;
4306         tpnt->default_drvbuffer = 0xff;         /* No forced buffering */
4307         tpnt->partition = 0;
4308         tpnt->new_partition = 0;
4309         tpnt->nbr_partitions = 0;
4310         blk_queue_rq_timeout(tpnt->device->request_queue, ST_TIMEOUT);
4311         tpnt->long_timeout = ST_LONG_TIMEOUT;
4312         tpnt->try_dio = try_direct_io;
4313
4314         for (i = 0; i < ST_NBR_MODES; i++) {
4315                 STm = &(tpnt->modes[i]);
4316                 STm->defined = 0;
4317                 STm->sysv = ST_SYSV;
4318                 STm->defaults_for_writes = 0;
4319                 STm->do_async_writes = ST_ASYNC_WRITES;
4320                 STm->do_buffer_writes = ST_BUFFER_WRITES;
4321                 STm->do_read_ahead = ST_READ_AHEAD;
4322                 STm->default_compression = ST_DONT_TOUCH;
4323                 STm->default_blksize = (-1);    /* No forced size */
4324                 STm->default_density = (-1);    /* No forced density */
4325                 STm->tape = tpnt;
4326         }
4327
4328         for (i = 0; i < ST_NBR_PARTITIONS; i++) {
4329                 STps = &(tpnt->ps[i]);
4330                 STps->rw = ST_IDLE;
4331                 STps->eof = ST_NOEOF;
4332                 STps->at_sm = 0;
4333                 STps->last_block_valid = 0;
4334                 STps->drv_block = (-1);
4335                 STps->drv_file = (-1);
4336         }
4337
4338         tpnt->current_mode = 0;
4339         tpnt->modes[0].defined = 1;
4340
4341         tpnt->density_changed = tpnt->compression_changed =
4342             tpnt->blksize_changed = 0;
4343         mutex_init(&tpnt->lock);
4344
4345         idr_preload(GFP_KERNEL);
4346         spin_lock(&st_index_lock);
4347         error = idr_alloc(&st_index_idr, tpnt, 0, ST_MAX_TAPES + 1, GFP_NOWAIT);
4348         spin_unlock(&st_index_lock);
4349         idr_preload_end();
4350         if (error < 0) {
4351                 pr_warn("st: idr allocation failed: %d\n", error);
4352                 goto out_free_tape;
4353         }
4354         tpnt->index = error;
4355         sprintf(tpnt->name, "st%d", tpnt->index);
4356         tpnt->stats = kzalloc(sizeof(struct scsi_tape_stats), GFP_KERNEL);
4357         if (tpnt->stats == NULL) {
4358                 sdev_printk(KERN_ERR, SDp,
4359                             "st: Can't allocate statistics.\n");
4360                 goto out_idr_remove;
4361         }
4362
4363         dev_set_drvdata(dev, tpnt);
4364
4365
4366         error = create_cdevs(tpnt);
4367         if (error)
4368                 goto out_remove_devs;
4369         scsi_autopm_put_device(SDp);
4370
4371         sdev_printk(KERN_NOTICE, SDp,
4372                     "Attached scsi tape %s\n", tpnt->name);
4373         sdev_printk(KERN_INFO, SDp, "%s: try direct i/o: %s (alignment %d B)\n",
4374                     tpnt->name, tpnt->try_dio ? "yes" : "no",
4375                     queue_dma_alignment(SDp->request_queue) + 1);
4376
4377         return 0;
4378
4379 out_remove_devs:
4380         remove_cdevs(tpnt);
4381         kfree(tpnt->stats);
4382 out_idr_remove:
4383         spin_lock(&st_index_lock);
4384         idr_remove(&st_index_idr, tpnt->index);
4385         spin_unlock(&st_index_lock);
4386 out_free_tape:
4387         kfree(tpnt);
4388 out_buffer_free:
4389         kfree(buffer);
4390 out:
4391         scsi_autopm_put_device(SDp);
4392         return -ENODEV;
4393 };
4394
4395
4396 static int st_remove(struct device *dev)
4397 {
4398         struct scsi_tape *tpnt = dev_get_drvdata(dev);
4399         int index = tpnt->index;
4400
4401         scsi_autopm_get_device(to_scsi_device(dev));
4402         remove_cdevs(tpnt);
4403
4404         mutex_lock(&st_ref_mutex);
4405         kref_put(&tpnt->kref, scsi_tape_release);
4406         mutex_unlock(&st_ref_mutex);
4407         spin_lock(&st_index_lock);
4408         idr_remove(&st_index_idr, index);
4409         spin_unlock(&st_index_lock);
4410         return 0;
4411 }
4412
4413 /**
4414  *      scsi_tape_release - Called to free the Scsi_Tape structure
4415  *      @kref: pointer to embedded kref
4416  *
4417  *      st_ref_mutex must be held entering this routine.  Because it is
4418  *      called on last put, you should always use the scsi_tape_get()
4419  *      scsi_tape_put() helpers which manipulate the semaphore directly
4420  *      and never do a direct kref_put().
4421  **/
4422 static void scsi_tape_release(struct kref *kref)
4423 {
4424         struct scsi_tape *tpnt = to_scsi_tape(kref);
4425
4426         tpnt->device = NULL;
4427
4428         if (tpnt->buffer) {
4429                 normalize_buffer(tpnt->buffer);
4430                 kfree(tpnt->buffer->reserved_pages);
4431                 kfree(tpnt->buffer);
4432         }
4433
4434         kfree(tpnt->stats);
4435         kfree(tpnt);
4436         return;
4437 }
4438
4439 static struct class st_sysfs_class = {
4440         .name = "scsi_tape",
4441         .dev_groups = st_dev_groups,
4442 };
4443
4444 static int __init init_st(void)
4445 {
4446         int err;
4447
4448         validate_options();
4449
4450         printk(KERN_INFO "st: Version %s, fixed bufsize %d, s/g segs %d\n",
4451                 verstr, st_fixed_buffer_size, st_max_sg_segs);
4452
4453         debugging = (debug_flag > 0) ? debug_flag : NO_DEBUG;
4454         if (debugging) {
4455                 printk(KERN_INFO "st: Debugging enabled debug_flag = %d\n",
4456                         debugging);
4457         }
4458
4459         err = class_register(&st_sysfs_class);
4460         if (err) {
4461                 pr_err("Unable register sysfs class for SCSI tapes\n");
4462                 return err;
4463         }
4464
4465         err = register_chrdev_region(MKDEV(SCSI_TAPE_MAJOR, 0),
4466                                      ST_MAX_TAPE_ENTRIES, "st");
4467         if (err) {
4468                 printk(KERN_ERR "Unable to get major %d for SCSI tapes\n",
4469                        SCSI_TAPE_MAJOR);
4470                 goto err_class;
4471         }
4472
4473         err = scsi_register_driver(&st_template.gendrv);
4474         if (err)
4475                 goto err_chrdev;
4476
4477         return 0;
4478
4479 err_chrdev:
4480         unregister_chrdev_region(MKDEV(SCSI_TAPE_MAJOR, 0),
4481                                  ST_MAX_TAPE_ENTRIES);
4482 err_class:
4483         class_unregister(&st_sysfs_class);
4484         return err;
4485 }
4486
4487 static void __exit exit_st(void)
4488 {
4489         scsi_unregister_driver(&st_template.gendrv);
4490         unregister_chrdev_region(MKDEV(SCSI_TAPE_MAJOR, 0),
4491                                  ST_MAX_TAPE_ENTRIES);
4492         class_unregister(&st_sysfs_class);
4493         idr_destroy(&st_index_idr);
4494         printk(KERN_INFO "st: Unloaded.\n");
4495 }
4496
4497 module_init(init_st);
4498 module_exit(exit_st);
4499
4500
4501 /* The sysfs driver interface. Read-only at the moment */
4502 static ssize_t try_direct_io_show(struct device_driver *ddp, char *buf)
4503 {
4504         return scnprintf(buf, PAGE_SIZE, "%d\n", try_direct_io);
4505 }
4506 static DRIVER_ATTR_RO(try_direct_io);
4507
4508 static ssize_t fixed_buffer_size_show(struct device_driver *ddp, char *buf)
4509 {
4510         return scnprintf(buf, PAGE_SIZE, "%d\n", st_fixed_buffer_size);
4511 }
4512 static DRIVER_ATTR_RO(fixed_buffer_size);
4513
4514 static ssize_t max_sg_segs_show(struct device_driver *ddp, char *buf)
4515 {
4516         return scnprintf(buf, PAGE_SIZE, "%d\n", st_max_sg_segs);
4517 }
4518 static DRIVER_ATTR_RO(max_sg_segs);
4519
4520 static ssize_t version_show(struct device_driver *ddd, char *buf)
4521 {
4522         return scnprintf(buf, PAGE_SIZE, "[%s]\n", verstr);
4523 }
4524 static DRIVER_ATTR_RO(version);
4525
4526 #if DEBUG
4527 static ssize_t debug_flag_store(struct device_driver *ddp,
4528         const char *buf, size_t count)
4529 {
4530 /* We only care what the first byte of the data is the rest is unused.
4531  * if it's a '1' we turn on debug and if it's a '0' we disable it. All
4532  * other values have -EINVAL returned if they are passed in.
4533  */
4534         if (count > 0) {
4535                 if (buf[0] == '0') {
4536                         debugging = NO_DEBUG;
4537                         return count;
4538                 } else if (buf[0] == '1') {
4539                         debugging = 1;
4540                         return count;
4541                 }
4542         }
4543         return -EINVAL;
4544 }
4545
4546 static ssize_t debug_flag_show(struct device_driver *ddp, char *buf)
4547 {
4548         return scnprintf(buf, PAGE_SIZE, "%d\n", debugging);
4549 }
4550 static DRIVER_ATTR_RW(debug_flag);
4551 #endif
4552
4553 static struct attribute *st_drv_attrs[] = {
4554         &driver_attr_try_direct_io.attr,
4555         &driver_attr_fixed_buffer_size.attr,
4556         &driver_attr_max_sg_segs.attr,
4557         &driver_attr_version.attr,
4558 #if DEBUG
4559         &driver_attr_debug_flag.attr,
4560 #endif
4561         NULL,
4562 };
4563 ATTRIBUTE_GROUPS(st_drv);
4564
4565 /* The sysfs simple class interface */
4566 static ssize_t
4567 defined_show(struct device *dev, struct device_attribute *attr, char *buf)
4568 {
4569         struct st_modedef *STm = dev_get_drvdata(dev);
4570         ssize_t l = 0;
4571
4572         l = snprintf(buf, PAGE_SIZE, "%d\n", STm->defined);
4573         return l;
4574 }
4575 static DEVICE_ATTR_RO(defined);
4576
4577 static ssize_t
4578 default_blksize_show(struct device *dev, struct device_attribute *attr,
4579                      char *buf)
4580 {
4581         struct st_modedef *STm = dev_get_drvdata(dev);
4582         ssize_t l = 0;
4583
4584         l = snprintf(buf, PAGE_SIZE, "%d\n", STm->default_blksize);
4585         return l;
4586 }
4587 static DEVICE_ATTR_RO(default_blksize);
4588
4589 static ssize_t
4590 default_density_show(struct device *dev, struct device_attribute *attr,
4591                      char *buf)
4592 {
4593         struct st_modedef *STm = dev_get_drvdata(dev);
4594         ssize_t l = 0;
4595         char *fmt;
4596
4597         fmt = STm->default_density >= 0 ? "0x%02x\n" : "%d\n";
4598         l = snprintf(buf, PAGE_SIZE, fmt, STm->default_density);
4599         return l;
4600 }
4601 static DEVICE_ATTR_RO(default_density);
4602
4603 static ssize_t
4604 default_compression_show(struct device *dev, struct device_attribute *attr,
4605                          char *buf)
4606 {
4607         struct st_modedef *STm = dev_get_drvdata(dev);
4608         ssize_t l = 0;
4609
4610         l = snprintf(buf, PAGE_SIZE, "%d\n", STm->default_compression - 1);
4611         return l;
4612 }
4613 static DEVICE_ATTR_RO(default_compression);
4614
4615 static ssize_t
4616 options_show(struct device *dev, struct device_attribute *attr, char *buf)
4617 {
4618         struct st_modedef *STm = dev_get_drvdata(dev);
4619         struct scsi_tape *STp = STm->tape;
4620         int options;
4621         ssize_t l = 0;
4622
4623         options = STm->do_buffer_writes ? MT_ST_BUFFER_WRITES : 0;
4624         options |= STm->do_async_writes ? MT_ST_ASYNC_WRITES : 0;
4625         options |= STm->do_read_ahead ? MT_ST_READ_AHEAD : 0;
4626         DEB( options |= debugging ? MT_ST_DEBUGGING : 0 );
4627         options |= STp->two_fm ? MT_ST_TWO_FM : 0;
4628         options |= STp->fast_mteom ? MT_ST_FAST_MTEOM : 0;
4629         options |= STm->defaults_for_writes ? MT_ST_DEF_WRITES : 0;
4630         options |= STp->can_bsr ? MT_ST_CAN_BSR : 0;
4631         options |= STp->omit_blklims ? MT_ST_NO_BLKLIMS : 0;
4632         options |= STp->can_partitions ? MT_ST_CAN_PARTITIONS : 0;
4633         options |= STp->scsi2_logical ? MT_ST_SCSI2LOGICAL : 0;
4634         options |= STm->sysv ? MT_ST_SYSV : 0;
4635         options |= STp->immediate ? MT_ST_NOWAIT : 0;
4636         options |= STp->immediate_filemark ? MT_ST_NOWAIT_EOF : 0;
4637         options |= STp->sili ? MT_ST_SILI : 0;
4638
4639         l = snprintf(buf, PAGE_SIZE, "0x%08x\n", options);
4640         return l;
4641 }
4642 static DEVICE_ATTR_RO(options);
4643
4644 /* Support for tape stats */
4645
4646 /**
4647  * read_cnt_show - return read count - count of reads made from tape drive
4648  * @dev: struct device
4649  * @attr: attribute structure
4650  * @buf: buffer to return formatted data in
4651  */
4652 static ssize_t read_cnt_show(struct device *dev,
4653         struct device_attribute *attr, char *buf)
4654 {
4655         struct st_modedef *STm = dev_get_drvdata(dev);
4656
4657         return sprintf(buf, "%lld",
4658                        (long long)atomic64_read(&STm->tape->stats->read_cnt));
4659 }
4660 static DEVICE_ATTR_RO(read_cnt);
4661
4662 /**
4663  * read_byte_cnt_show - return read byte count - tape drives
4664  * may use blocks less than 512 bytes this gives the raw byte count of
4665  * of data read from the tape drive.
4666  * @dev: struct device
4667  * @attr: attribute structure
4668  * @buf: buffer to return formatted data in
4669  */
4670 static ssize_t read_byte_cnt_show(struct device *dev,
4671         struct device_attribute *attr, char *buf)
4672 {
4673         struct st_modedef *STm = dev_get_drvdata(dev);
4674
4675         return sprintf(buf, "%lld",
4676                        (long long)atomic64_read(&STm->tape->stats->read_byte_cnt));
4677 }
4678 static DEVICE_ATTR_RO(read_byte_cnt);
4679
4680 /**
4681  * read_ns_show - return read ns - overall time spent waiting on reads in ns.
4682  * @dev: struct device
4683  * @attr: attribute structure
4684  * @buf: buffer to return formatted data in
4685  */
4686 static ssize_t read_ns_show(struct device *dev,
4687         struct device_attribute *attr, char *buf)
4688 {
4689         struct st_modedef *STm = dev_get_drvdata(dev);
4690
4691         return sprintf(buf, "%lld",
4692                        (long long)atomic64_read(&STm->tape->stats->tot_read_time));
4693 }
4694 static DEVICE_ATTR_RO(read_ns);
4695
4696 /**
4697  * write_cnt_show - write count - number of user calls
4698  * to write(2) that have written data to tape.
4699  * @dev: struct device
4700  * @attr: attribute structure
4701  * @buf: buffer to return formatted data in
4702  */
4703 static ssize_t write_cnt_show(struct device *dev,
4704         struct device_attribute *attr, char *buf)
4705 {
4706         struct st_modedef *STm = dev_get_drvdata(dev);
4707
4708         return sprintf(buf, "%lld",
4709                        (long long)atomic64_read(&STm->tape->stats->write_cnt));
4710 }
4711 static DEVICE_ATTR_RO(write_cnt);
4712
4713 /**
4714  * write_byte_cnt_show - write byte count - raw count of
4715  * bytes written to tape.
4716  * @dev: struct device
4717  * @attr: attribute structure
4718  * @buf: buffer to return formatted data in
4719  */
4720 static ssize_t write_byte_cnt_show(struct device *dev,
4721         struct device_attribute *attr, char *buf)
4722 {
4723         struct st_modedef *STm = dev_get_drvdata(dev);
4724
4725         return sprintf(buf, "%lld",
4726                        (long long)atomic64_read(&STm->tape->stats->write_byte_cnt));
4727 }
4728 static DEVICE_ATTR_RO(write_byte_cnt);
4729
4730 /**
4731  * write_ns_show - write ns - number of nanoseconds waiting on write
4732  * requests to complete.
4733  * @dev: struct device
4734  * @attr: attribute structure
4735  * @buf: buffer to return formatted data in
4736  */
4737 static ssize_t write_ns_show(struct device *dev,
4738         struct device_attribute *attr, char *buf)
4739 {
4740         struct st_modedef *STm = dev_get_drvdata(dev);
4741
4742         return sprintf(buf, "%lld",
4743                        (long long)atomic64_read(&STm->tape->stats->tot_write_time));
4744 }
4745 static DEVICE_ATTR_RO(write_ns);
4746
4747 /**
4748  * in_flight_show - number of I/Os currently in flight -
4749  * in most cases this will be either 0 or 1. It may be higher if someone
4750  * has also issued other SCSI commands such as via an ioctl.
4751  * @dev: struct device
4752  * @attr: attribute structure
4753  * @buf: buffer to return formatted data in
4754  */
4755 static ssize_t in_flight_show(struct device *dev,
4756         struct device_attribute *attr, char *buf)
4757 {
4758         struct st_modedef *STm = dev_get_drvdata(dev);
4759
4760         return sprintf(buf, "%lld",
4761                        (long long)atomic64_read(&STm->tape->stats->in_flight));
4762 }
4763 static DEVICE_ATTR_RO(in_flight);
4764
4765 /**
4766  * io_ns_show - io wait ns - this is the number of ns spent
4767  * waiting on all I/O to complete. This includes tape movement commands
4768  * such as rewinding, seeking to end of file or tape, it also includes
4769  * read and write. To determine the time spent on tape movement
4770  * subtract the read and write ns from this value.
4771  * @dev: struct device
4772  * @attr: attribute structure
4773  * @buf: buffer to return formatted data in
4774  */
4775 static ssize_t io_ns_show(struct device *dev,
4776         struct device_attribute *attr, char *buf)
4777 {
4778         struct st_modedef *STm = dev_get_drvdata(dev);
4779
4780         return sprintf(buf, "%lld",
4781                        (long long)atomic64_read(&STm->tape->stats->tot_io_time));
4782 }
4783 static DEVICE_ATTR_RO(io_ns);
4784
4785 /**
4786  * other_cnt_show - other io count - this is the number of
4787  * I/O requests other than read and write requests.
4788  * Typically these are tape movement requests but will include driver
4789  * tape movement. This includes only requests issued by the st driver.
4790  * @dev: struct device
4791  * @attr: attribute structure
4792  * @buf: buffer to return formatted data in
4793  */
4794 static ssize_t other_cnt_show(struct device *dev,
4795         struct device_attribute *attr, char *buf)
4796 {
4797         struct st_modedef *STm = dev_get_drvdata(dev);
4798
4799         return sprintf(buf, "%lld",
4800                        (long long)atomic64_read(&STm->tape->stats->other_cnt));
4801 }
4802 static DEVICE_ATTR_RO(other_cnt);
4803
4804 /**
4805  * resid_cnt_show - A count of the number of times we get a residual
4806  * count - this should indicate someone issuing reads larger than the
4807  * block size on tape.
4808  * @dev: struct device
4809  * @attr: attribute structure
4810  * @buf: buffer to return formatted data in
4811  */
4812 static ssize_t resid_cnt_show(struct device *dev,
4813         struct device_attribute *attr, char *buf)
4814 {
4815         struct st_modedef *STm = dev_get_drvdata(dev);
4816
4817         return sprintf(buf, "%lld",
4818                        (long long)atomic64_read(&STm->tape->stats->resid_cnt));
4819 }
4820 static DEVICE_ATTR_RO(resid_cnt);
4821
4822 static struct attribute *st_dev_attrs[] = {
4823         &dev_attr_defined.attr,
4824         &dev_attr_default_blksize.attr,
4825         &dev_attr_default_density.attr,
4826         &dev_attr_default_compression.attr,
4827         &dev_attr_options.attr,
4828         NULL,
4829 };
4830
4831 static struct attribute *st_stats_attrs[] = {
4832         &dev_attr_read_cnt.attr,
4833         &dev_attr_read_byte_cnt.attr,
4834         &dev_attr_read_ns.attr,
4835         &dev_attr_write_cnt.attr,
4836         &dev_attr_write_byte_cnt.attr,
4837         &dev_attr_write_ns.attr,
4838         &dev_attr_in_flight.attr,
4839         &dev_attr_io_ns.attr,
4840         &dev_attr_other_cnt.attr,
4841         &dev_attr_resid_cnt.attr,
4842         NULL,
4843 };
4844
4845 static struct attribute_group stats_group = {
4846         .name = "stats",
4847         .attrs = st_stats_attrs,
4848 };
4849
4850 static struct attribute_group st_group = {
4851         .attrs = st_dev_attrs,
4852 };
4853
4854 static const struct attribute_group *st_dev_groups[] = {
4855         &st_group,
4856         &stats_group,
4857         NULL,
4858 };
4859
4860 /* The following functions may be useful for a larger audience. */
4861 static int sgl_map_user_pages(struct st_buffer *STbp,
4862                               const unsigned int max_pages, unsigned long uaddr,
4863                               size_t count, int rw)
4864 {
4865         unsigned long end = (uaddr + count + PAGE_SIZE - 1) >> PAGE_SHIFT;
4866         unsigned long start = uaddr >> PAGE_SHIFT;
4867         const int nr_pages = end - start;
4868         int res, i;
4869         struct page **pages;
4870         struct rq_map_data *mdata = &STbp->map_data;
4871
4872         /* User attempted Overflow! */
4873         if ((uaddr + count) < uaddr)
4874                 return -EINVAL;
4875
4876         /* Too big */
4877         if (nr_pages > max_pages)
4878                 return -ENOMEM;
4879
4880         /* Hmm? */
4881         if (count == 0)
4882                 return 0;
4883
4884         pages = kmalloc_array(max_pages, sizeof(*pages), GFP_KERNEL);
4885         if (pages == NULL)
4886                 return -ENOMEM;
4887
4888         /* Try to fault in all of the necessary pages */
4889         /* rw==READ means read from drive, write into memory area */
4890         res = pin_user_pages_fast(uaddr, nr_pages, rw == READ ? FOLL_WRITE : 0,
4891                                   pages);
4892
4893         /* Errors and no page mapped should return here */
4894         if (res < nr_pages)
4895                 goto out_unmap;
4896
4897         for (i=0; i < nr_pages; i++) {
4898                 /* FIXME: flush superflous for rw==READ,
4899                  * probably wrong function for rw==WRITE
4900                  */
4901                 flush_dcache_page(pages[i]);
4902         }
4903
4904         mdata->offset = uaddr & ~PAGE_MASK;
4905         STbp->mapped_pages = pages;
4906
4907         return nr_pages;
4908  out_unmap:
4909         if (res > 0) {
4910                 unpin_user_pages(pages, res);
4911                 res = 0;
4912         }
4913         kfree(pages);
4914         return res;
4915 }
4916
4917
4918 /* And unmap them... */
4919 static int sgl_unmap_user_pages(struct st_buffer *STbp,
4920                                 const unsigned int nr_pages, int dirtied)
4921 {
4922         /* FIXME: cache flush missing for rw==READ */
4923         unpin_user_pages_dirty_lock(STbp->mapped_pages, nr_pages, dirtied);
4924
4925         kfree(STbp->mapped_pages);
4926         STbp->mapped_pages = NULL;
4927
4928         return 0;
4929 }