1 /* $NetBSD: dpti.c,v 1.47 2014/03/20 20:40:42 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 2001, 2007 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Andrew Doran. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 /* 33 * Copyright (c) 1996-2000 Distributed Processing Technology Corporation 34 * Copyright (c) 2000 Adaptec Corporation 35 * All rights reserved. 36 * 37 * TERMS AND CONDITIONS OF USE 38 * 39 * Redistribution and use in source form, with or without modification, are 40 * permitted provided that redistributions of source code must retain the 41 * above copyright notice, this list of conditions and the following disclaimer. 42 * 43 * This software is provided `as is' by Adaptec and any express or implied 44 * warranties, including, but not limited to, the implied warranties of 45 * merchantability and fitness for a particular purpose, are disclaimed. In no 46 * event shall Adaptec be liable for any direct, indirect, incidental, special, 47 * exemplary or consequential damages (including, but not limited to, 48 * procurement of substitute goods or services; loss of use, data, or profits; 49 * or business interruptions) however caused and on any theory of liability, 50 * whether in contract, strict liability, or tort (including negligence or 51 * otherwise) arising in any way out of the use of this driver software, even 52 * if advised of the possibility of such damage. 53 */ 54 55 /* 56 * Adaptec/DPT I2O control interface. 57 */ 58 59 #include <sys/cdefs.h> 60 __KERNEL_RCSID(0, "$NetBSD: dpti.c,v 1.47 2014/03/20 20:40:42 christos Exp $"); 61 62 #include <sys/param.h> 63 #include <sys/systm.h> 64 #include <sys/kernel.h> 65 #include <sys/device.h> 66 #include <sys/queue.h> 67 #include <sys/proc.h> 68 #include <sys/endian.h> 69 #include <sys/malloc.h> 70 #include <sys/conf.h> 71 #include <sys/ioctl.h> 72 #include <sys/kauth.h> 73 74 #include <sys/bus.h> 75 #ifdef __i386__ 76 #include <machine/pio.h> 77 #include <machine/cputypes.h> 78 #endif 79 80 #include <dev/i2o/i2o.h> 81 #include <dev/i2o/i2odpt.h> 82 #include <dev/i2o/iopio.h> 83 #include <dev/i2o/iopvar.h> 84 #include <dev/i2o/dptivar.h> 85 86 #ifdef I2ODEBUG 87 #define DPRINTF(x) printf x 88 #else 89 #define DPRINTF(x) 90 #endif 91 92 static struct dpt_sig dpti_sig = { 93 .dsSignature = { 'd', 'P', 't', 'S', 'i', 'G'}, 94 .dsSigVersion = SIG_VERSION, 95 #if defined(__i386__) 96 .dsProcessorFamily = PROC_INTEL, 97 #elif defined(__powerpc__) 98 .dsProcessorFamily = PROC_POWERPC, 99 #elif defined(__alpha__) 100 .dsProcessorFamily = PROC_ALPHA, 101 #elif defined(__mips__) 102 .dsProcessorFamily = PROC_MIPS, 103 #elif defined(__sparc64__) 104 .dsProcessorFamily = PROC_ULTRASPARC, 105 #endif 106 #if defined(__i386__) 107 .dsProcessor = PROC_386 | PROC_486 | PROC_PENTIUM | PROC_SEXIUM, 108 #else 109 .dsProcessor = 0, 110 #endif 111 .dsFiletype = FT_HBADRVR, 112 .dsFiletypeFlags = 0, 113 .dsOEM = OEM_DPT, 114 .dsOS = (uint32_t)OS_FREE_BSD, /* XXX */ 115 .dsCapabilities = CAP_ABOVE16MB, 116 .dsDeviceSupp = DEV_ALL, 117 .dsAdapterSupp = ADF_ALL_SC5, 118 .dsApplication = 0, 119 .dsRequirements = 0, 120 .dsVersion = DPTI_VERSION, 121 .dsRevision = DPTI_REVISION, 122 .dsSubRevision = DPTI_SUBREVISION, 123 .dsMonth = DPTI_MONTH, 124 .dsDay = DPTI_DAY, 125 .dsYear = DPTI_YEAR, 126 .dsDescription = { '\0' }, /* Will be filled later */ 127 }; 128 129 void dpti_attach(device_t, device_t, void *); 130 int dpti_blinkled(struct dpti_softc *); 131 int dpti_ctlrinfo(struct dpti_softc *, int, void *); 132 int dpti_match(device_t, cfdata_t, void *); 133 int dpti_passthrough(struct dpti_softc *, void *, struct proc *); 134 int dpti_sysinfo(struct dpti_softc *, int, void *); 135 136 dev_type_open(dptiopen); 137 dev_type_ioctl(dptiioctl); 138 139 const struct cdevsw dpti_cdevsw = { 140 .d_open = dptiopen, 141 .d_close = nullclose, 142 .d_read = noread, 143 .d_write = nowrite, 144 .d_ioctl = dptiioctl, 145 .d_stop = nostop, 146 .d_tty = notty, 147 .d_poll = nopoll, 148 .d_mmap = nommap, 149 .d_kqfilter = nokqfilter, 150 .d_flag = D_OTHER, 151 }; 152 153 extern struct cfdriver dpti_cd; 154 155 CFATTACH_DECL_NEW(dpti, sizeof(struct dpti_softc), 156 dpti_match, dpti_attach, NULL, NULL); 157 158 int 159 dpti_match(device_t parent, cfdata_t match, void *aux) 160 { 161 struct iop_attach_args *ia; 162 struct iop_softc *iop; 163 164 ia = aux; 165 iop = device_private(parent); 166 167 if (ia->ia_class != I2O_CLASS_ANY || ia->ia_tid != I2O_TID_IOP) 168 return (0); 169 170 if (le16toh(iop->sc_status.orgid) != I2O_ORG_DPT) 171 return (0); 172 173 return (1); 174 } 175 176 void 177 dpti_attach(device_t parent, device_t self, void *aux) 178 { 179 struct iop_softc *iop; 180 struct dpti_softc *sc; 181 struct { 182 struct i2o_param_op_results pr; 183 struct i2o_param_read_results prr; 184 struct i2o_dpt_param_exec_iop_buffers dib; 185 } __packed param; 186 int rv; 187 188 sc = device_private(self); 189 sc->sc_dev = self; 190 iop = device_private(parent); 191 192 /* 193 * Tell the world what we are. The description in the signature 194 * must be no more than 46 bytes long (see dptivar.h). 195 */ 196 printf(": DPT/Adaptec RAID management interface\n"); 197 snprintf(dpti_sig.dsDescription, sizeof(dpti_sig.dsDescription), 198 "NetBSD %s I2O OSM", osrelease); 199 200 rv = iop_field_get_all(iop, I2O_TID_IOP, 201 I2O_DPT_PARAM_EXEC_IOP_BUFFERS, ¶m, 202 sizeof(param), NULL); 203 if (rv != 0) 204 return; 205 206 sc->sc_blinkled = le32toh(param.dib.serialoutputoff) + 8; 207 } 208 209 int 210 dptiopen(dev_t dev, int flag, int mode, 211 struct lwp *l) 212 { 213 214 if (device_lookup(&dpti_cd, minor(dev)) == NULL) 215 return (ENXIO); 216 217 return (0); 218 } 219 220 int 221 dptiioctl(dev_t dev, u_long cmd, void *data, int flag, struct lwp *l) 222 { 223 struct iop_softc *iop; 224 struct dpti_softc *sc; 225 struct ioctl_pt *pt; 226 int i, size, rv, linux; 227 228 sc = device_lookup_private(&dpti_cd, minor(dev)); 229 iop = device_private(device_parent(sc->sc_dev)); 230 rv = 0; 231 232 if (cmd == PTIOCLINUX) { 233 pt = (struct ioctl_pt *)data; 234 size = IOCPARM_LEN(pt->com); 235 cmd = pt->com & 0xffff; 236 data = pt->data; 237 linux = 1; 238 } else { 239 size = IOCPARM_LEN(cmd); 240 cmd = cmd & 0xffff; 241 linux = 0; 242 } 243 244 switch (cmd) { 245 case DPT_SIGNATURE: 246 if (size > sizeof(dpti_sig)) 247 size = sizeof(dpti_sig); 248 memcpy(data, &dpti_sig, size); 249 break; 250 251 case DPT_CTRLINFO: 252 rv = dpti_ctlrinfo(sc, size, data); 253 break; 254 255 case DPT_SYSINFO: 256 rv = dpti_sysinfo(sc, size, data); 257 break; 258 259 case DPT_BLINKLED: 260 if ((i = dpti_blinkled(sc)) == -1) 261 i = 0; 262 263 if (size == 0) { 264 rv = copyout(&i, *(void **)data, sizeof(i)); 265 break; 266 } 267 268 *(int *)data = i; 269 break; 270 271 case DPT_TARGET_BUSY: 272 /* 273 * XXX This is here to stop linux_machdepioctl() from 274 * whining about an unknown ioctl. 275 */ 276 rv = EIO; 277 break; 278 279 case DPT_I2OUSRCMD: 280 rv = kauth_authorize_device_passthru(l->l_cred, dev, 281 KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_ALL, data); 282 if (rv) 283 break; 284 285 mutex_enter(&iop->sc_conflock); 286 if (linux) { 287 rv = dpti_passthrough(sc, data, l->l_proc); 288 } else { 289 rv = dpti_passthrough(sc, *(void **)data, l->l_proc); 290 } 291 mutex_exit(&iop->sc_conflock); 292 break; 293 294 case DPT_I2ORESETCMD: 295 printf("%s: I2ORESETCMD not implemented\n", 296 device_xname(sc->sc_dev)); 297 rv = EOPNOTSUPP; 298 break; 299 300 case DPT_I2ORESCANCMD: 301 mutex_enter(&iop->sc_conflock); 302 rv = iop_reconfigure(iop, 0); 303 mutex_exit(&iop->sc_conflock); 304 break; 305 306 default: 307 rv = ENOTTY; 308 break; 309 } 310 311 return (rv); 312 } 313 314 int 315 dpti_blinkled(struct dpti_softc *sc) 316 { 317 struct iop_softc *iop; 318 u_int v; 319 320 iop = device_private(device_parent(sc->sc_dev)); 321 322 v = bus_space_read_1(iop->sc_iot, iop->sc_ioh, sc->sc_blinkled + 0); 323 if (v == 0xbc) { 324 v = bus_space_read_1(iop->sc_iot, iop->sc_ioh, 325 sc->sc_blinkled + 1); 326 return (v); 327 } 328 329 return (-1); 330 } 331 332 int 333 dpti_ctlrinfo(struct dpti_softc *sc, int size, void *data) 334 { 335 struct dpt_ctlrinfo info; 336 struct iop_softc *iop; 337 int rv, i; 338 339 iop = device_private(device_parent(sc->sc_dev)); 340 341 memset(&info, 0, sizeof(info)); 342 343 info.length = sizeof(info) - sizeof(u_int16_t); 344 info.drvrHBAnum = device_unit(sc->sc_dev); 345 info.baseAddr = iop->sc_memaddr; 346 if ((i = dpti_blinkled(sc)) == -1) 347 i = 0; 348 info.blinkState = i; 349 info.pciBusNum = iop->sc_pcibus; 350 info.pciDeviceNum = iop->sc_pcidev; 351 info.hbaFlags = FLG_OSD_PCI_VALID | FLG_OSD_DMA | FLG_OSD_I2O; 352 info.Interrupt = 10; /* XXX */ 353 354 if (size > sizeof(char)) { 355 memcpy(data, &info, min(sizeof(info), size)); 356 rv = 0; 357 } else 358 rv = copyout(&info, *(void **)data, sizeof(info)); 359 360 return (rv); 361 } 362 363 int 364 dpti_sysinfo(struct dpti_softc *sc, int size, void *data) 365 { 366 struct dpt_sysinfo info; 367 int rv; 368 #ifdef __i386__ 369 int i, j; 370 #endif 371 372 memset(&info, 0, sizeof(info)); 373 374 #ifdef __i386__ 375 outb (0x70, 0x12); 376 i = inb(0x71); 377 j = i >> 4; 378 if (i == 0x0f) { 379 outb (0x70, 0x19); 380 j = inb (0x71); 381 } 382 info.drive0CMOS = j; 383 384 j = i & 0x0f; 385 if (i == 0x0f) { 386 outb (0x70, 0x1a); 387 j = inb (0x71); 388 } 389 info.drive1CMOS = j; 390 info.processorFamily = dpti_sig.dsProcessorFamily; 391 392 /* 393 * Get the conventional memory size from CMOS. 394 */ 395 outb(0x70, 0x16); 396 j = inb(0x71); 397 j <<= 8; 398 outb(0x70, 0x15); 399 j |= inb(0x71); 400 info.conventionalMemSize = j; 401 402 /* 403 * Get the extended memory size from CMOS. 404 */ 405 outb(0x70, 0x31); 406 j = inb(0x71); 407 j <<= 8; 408 outb(0x70, 0x30); 409 j |= inb(0x71); 410 info.extendedMemSize = j; 411 412 switch (cpu_class) { 413 case CPUCLASS_386: 414 info.processorType = PROC_386; 415 break; 416 case CPUCLASS_486: 417 info.processorType = PROC_486; 418 break; 419 case CPUCLASS_586: 420 info.processorType = PROC_PENTIUM; 421 break; 422 case CPUCLASS_686: 423 default: 424 info.processorType = PROC_SEXIUM; 425 break; 426 } 427 428 info.flags = SI_CMOS_Valid | SI_BusTypeValid | 429 SI_MemorySizeValid | SI_NO_SmartROM; 430 #else 431 info.flags = SI_BusTypeValid | SI_NO_SmartROM; 432 #endif 433 434 info.busType = SI_PCI_BUS; 435 436 /* 437 * Copy out the info structure to the user. 438 */ 439 if (size > sizeof(char)) { 440 memcpy(data, &info, min(sizeof(info), size)); 441 rv = 0; 442 } else 443 rv = copyout(&info, *(void **)data, sizeof(info)); 444 445 return (rv); 446 } 447 448 int 449 dpti_passthrough(struct dpti_softc *sc, void *data, struct proc *proc) 450 { 451 struct iop_softc *iop; 452 struct i2o_msg mh, *mf; 453 struct i2o_reply rh; 454 struct iop_msg *im; 455 struct dpti_ptbuf bufs[IOP_MAX_MSG_XFERS]; 456 u_int32_t mbtmp[IOP_MAX_MSG_SIZE / sizeof(u_int32_t)]; 457 u_int32_t rbtmp[IOP_MAX_MSG_SIZE / sizeof(u_int32_t)]; 458 int rv, msgsize, repsize, sgoff, i, mapped, nbuf, nfrag, j, sz; 459 u_int32_t *p, *pmax; 460 461 iop = device_private(device_parent(sc->sc_dev)); 462 im = NULL; 463 464 if ((rv = dpti_blinkled(sc)) != -1) { 465 if (rv != 0) { 466 aprint_error_dev(sc->sc_dev, "adapter blinkled = 0x%02x\n", rv); 467 return (EIO); 468 } 469 } 470 471 /* 472 * Copy in the message frame header and determine the size of the 473 * full message frame. 474 */ 475 if ((rv = copyin(data, &mh, sizeof(mh))) != 0) { 476 DPRINTF(("%s: message copyin failed\n", 477 device_xname(sc->sc_dev))); 478 return (rv); 479 } 480 481 msgsize = (mh.msgflags >> 14) & ~3; 482 if (msgsize < sizeof(mh) || msgsize >= IOP_MAX_MSG_SIZE) { 483 DPRINTF(("%s: bad message frame size\n", 484 device_xname(sc->sc_dev))); 485 return (EINVAL); 486 } 487 488 /* 489 * Handle special commands. 490 */ 491 switch (mh.msgfunc >> 24) { 492 case I2O_EXEC_IOP_RESET: 493 printf("%s: I2O_EXEC_IOP_RESET not implemented\n", 494 device_xname(sc->sc_dev)); 495 return (EOPNOTSUPP); 496 497 case I2O_EXEC_OUTBOUND_INIT: 498 printf("%s: I2O_EXEC_OUTBOUND_INIT not implemented\n", 499 device_xname(sc->sc_dev)); 500 return (EOPNOTSUPP); 501 502 case I2O_EXEC_SYS_TAB_SET: 503 printf("%s: I2O_EXEC_SYS_TAB_SET not implemented\n", 504 device_xname(sc->sc_dev)); 505 return (EOPNOTSUPP); 506 507 case I2O_EXEC_STATUS_GET: 508 if ((rv = iop_status_get(iop, 0)) == 0) 509 rv = copyout(&iop->sc_status, (char *)data + msgsize, 510 sizeof(iop->sc_status)); 511 return (rv); 512 } 513 514 /* 515 * Copy in the full message frame. 516 */ 517 if ((rv = copyin(data, mbtmp, msgsize)) != 0) { 518 DPRINTF(("%s: full message copyin failed\n", 519 device_xname(sc->sc_dev))); 520 return (rv); 521 } 522 523 /* 524 * Determine the size of the reply frame, and copy it in. 525 */ 526 if ((rv = copyin((char *)data + msgsize, &rh, sizeof(rh))) != 0) { 527 DPRINTF(("%s: reply copyin failed\n", 528 device_xname(sc->sc_dev))); 529 return (rv); 530 } 531 532 repsize = (rh.msgflags >> 14) & ~3; 533 if (repsize < sizeof(rh) || repsize >= IOP_MAX_MSG_SIZE) { 534 DPRINTF(("%s: bad reply header size\n", 535 device_xname(sc->sc_dev))); 536 return (EINVAL); 537 } 538 539 if ((rv = copyin((char *)data + msgsize, rbtmp, repsize)) != 0) { 540 DPRINTF(("%s: reply too large\n", device_xname(sc->sc_dev))); 541 return (rv); 542 } 543 544 /* 545 * If the message has a scatter gather list, it must be comprised of 546 * simple elements. If any one transfer contains multiple segments, 547 * we allocate a temporary buffer for it; otherwise, the buffer will 548 * be mapped directly. 549 */ 550 mapped = 0; 551 if ((sgoff = ((mh.msgflags >> 4) & 15)) != 0) { 552 if ((sgoff + 2) > (msgsize >> 2)) { 553 DPRINTF(("%s: invalid message size fields\n", 554 device_xname(sc->sc_dev))); 555 return (EINVAL); 556 } 557 558 memset(bufs, 0, sizeof(bufs)); 559 560 p = mbtmp + sgoff; 561 pmax = mbtmp + (msgsize >> 2) - 2; 562 563 for (nbuf = 0; nbuf < IOP_MAX_MSG_XFERS; nbuf++, p += 2) { 564 if (p > pmax) { 565 DPRINTF(("%s: invalid SGL (1)\n", 566 device_xname(sc->sc_dev))); 567 goto bad; 568 } 569 570 if ((p[0] & 0x30000000) != I2O_SGL_SIMPLE) { 571 DPRINTF(("%s: invalid SGL (2)\n", 572 device_xname(sc->sc_dev))); 573 goto bad; 574 } 575 576 bufs[nbuf].db_out = (p[0] & I2O_SGL_DATA_OUT) != 0; 577 bufs[nbuf].db_ptr = NULL; 578 579 if ((p[0] & I2O_SGL_END_BUFFER) != 0) { 580 if ((p[0] & 0x00ffffff) > IOP_MAX_XFER) { 581 DPRINTF(("%s: buffer too large\n", 582 device_xname(sc->sc_dev))); 583 goto bad; 584 } 585 586 // XXX: 32 bits 587 bufs[nbuf].db_ptr = (void *)(intptr_t)p[1]; 588 bufs[nbuf].db_proc = proc; 589 bufs[nbuf].db_size = p[0] & 0x00ffffff; 590 591 if ((p[0] & I2O_SGL_END) != 0) 592 break; 593 594 continue; 595 } 596 597 /* 598 * The buffer has multiple segments. Determine the 599 * total size. 600 */ 601 nfrag = 0; 602 sz = 0; 603 for (; p <= pmax; p += 2) { 604 if (nfrag == DPTI_MAX_SEGS) { 605 DPRINTF(("%s: too many segments\n", 606 device_xname(sc->sc_dev))); 607 goto bad; 608 } 609 610 bufs[nbuf].db_frags[nfrag].iov_len = 611 p[0] & 0x00ffffff; 612 // XXX: 32 bits 613 bufs[nbuf].db_frags[nfrag].iov_base = 614 (void *)(intptr_t)p[1]; 615 616 sz += p[0] & 0x00ffffff; 617 nfrag++; 618 619 if ((p[0] & I2O_SGL_END) != 0) { 620 if ((p[0] & I2O_SGL_END_BUFFER) == 0) { 621 DPRINTF(( 622 "%s: invalid SGL (3)\n", 623 device_xname(sc->sc_dev))); 624 goto bad; 625 } 626 break; 627 } 628 if ((p[0] & I2O_SGL_END_BUFFER) != 0) 629 break; 630 } 631 bufs[nbuf].db_nfrag = nfrag; 632 633 if (p > pmax) { 634 DPRINTF(("%s: invalid SGL (4)\n", 635 device_xname(sc->sc_dev))); 636 goto bad; 637 } 638 639 if (sz > IOP_MAX_XFER) { 640 DPRINTF(("%s: buffer too large\n", 641 device_xname(sc->sc_dev))); 642 goto bad; 643 } 644 645 bufs[nbuf].db_size = sz; 646 bufs[nbuf].db_ptr = malloc(sz, M_DEVBUF, M_WAITOK); 647 if (bufs[nbuf].db_ptr == NULL) { 648 DPRINTF(("%s: allocation failure\n", 649 device_xname(sc->sc_dev))); 650 rv = ENOMEM; 651 goto bad; 652 } 653 654 for (i = 0, sz = 0; i < bufs[nbuf].db_nfrag; i++) { 655 rv = copyin(bufs[nbuf].db_frags[i].iov_base, 656 (char *)bufs[nbuf].db_ptr + sz, 657 bufs[nbuf].db_frags[i].iov_len); 658 if (rv != 0) { 659 DPRINTF(("%s: frag copyin\n", 660 device_xname(sc->sc_dev))); 661 goto bad; 662 } 663 sz += bufs[nbuf].db_frags[i].iov_len; 664 } 665 666 if ((p[0] & I2O_SGL_END) != 0) 667 break; 668 } 669 670 if (nbuf == IOP_MAX_MSG_XFERS) { 671 DPRINTF(("%s: too many transfers\n", 672 device_xname(sc->sc_dev))); 673 goto bad; 674 } 675 } else 676 nbuf = -1; 677 678 /* 679 * Allocate a wrapper, and adjust the message header fields to 680 * indicate that no scatter-gather list is currently present. 681 */ 682 683 im = iop_msg_alloc(iop, IM_WAIT | IM_NOSTATUS); 684 im->im_rb = (struct i2o_reply *)rbtmp; 685 mf = (struct i2o_msg *)mbtmp; 686 mf->msgictx = IOP_ICTX; 687 mf->msgtctx = im->im_tctx; 688 689 if (sgoff != 0) 690 mf->msgflags = (mf->msgflags & 0xff0f) | (sgoff << 16); 691 692 /* 693 * Map the data transfer(s). 694 */ 695 for (i = 0; i <= nbuf; i++) { 696 rv = iop_msg_map(iop, im, mbtmp, bufs[i].db_ptr, 697 bufs[i].db_size, bufs[i].db_out, bufs[i].db_proc); 698 if (rv != 0) { 699 DPRINTF(("%s: msg_map failed, rv = %d\n", 700 device_xname(sc->sc_dev), rv)); 701 goto bad; 702 } 703 mapped = 1; 704 } 705 706 /* 707 * Start the command and sleep until it completes. 708 */ 709 if ((rv = iop_msg_post(iop, im, mbtmp, 5*60*1000)) != 0) 710 goto bad; 711 712 /* 713 * Copy out the reply frame. 714 */ 715 if ((rv = copyout(rbtmp, (char *)data + msgsize, repsize)) != 0) { 716 DPRINTF(("%s: reply copyout() failed\n", 717 device_xname(sc->sc_dev))); 718 } 719 720 bad: 721 /* 722 * Free resources and return to the caller. 723 */ 724 if (im != NULL) { 725 if (mapped) 726 iop_msg_unmap(iop, im); 727 iop_msg_free(iop, im); 728 } 729 730 for (i = 0; i <= nbuf; i++) { 731 if (bufs[i].db_proc != NULL) 732 continue; 733 734 if (!bufs[i].db_out && rv == 0) { 735 for (j = 0, sz = 0; j < bufs[i].db_nfrag; j++) { 736 rv = copyout((char *)bufs[i].db_ptr + sz, 737 bufs[i].db_frags[j].iov_base, 738 bufs[i].db_frags[j].iov_len); 739 if (rv != 0) 740 break; 741 sz += bufs[i].db_frags[j].iov_len; 742 } 743 } 744 745 if (bufs[i].db_ptr != NULL) 746 free(bufs[i].db_ptr, M_DEVBUF); 747 } 748 749 return (rv); 750 } 751