1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  *  linux/drivers/block/floppy.c
4  *
5  *  Copyright (C) 1991, 1992  Linus Torvalds
6  *  Copyright (C) 1993, 1994  Alain Knaff
7  *  Copyright (C) 1998 Alan Cox
8  */
9 
10 /*
11  * 02.12.91 - Changed to static variables to indicate need for reset
12  * and recalibrate. This makes some things easier (output_byte reset
13  * checking etc), and means less interrupt jumping in case of errors,
14  * so the code is hopefully easier to understand.
15  */
16 
17 /*
18  * This file is certainly a mess. I've tried my best to get it working,
19  * but I don't like programming floppies, and I have only one anyway.
20  * Urgel. I should check for more errors, and do more graceful error
21  * recovery. Seems there are problems with several drives. I've tried to
22  * correct them. No promises.
23  */
24 
25 /*
26  * As with hd.c, all routines within this file can (and will) be called
27  * by interrupts, so extreme caution is needed. A hardware interrupt
28  * handler may not sleep, or a kernel panic will happen. Thus I cannot
29  * call "floppy-on" directly, but have to set a special timer interrupt
30  * etc.
31  */
32 
33 /*
34  * 28.02.92 - made track-buffering routines, based on the routines written
35  * by entropy@wintermute.wpi.edu (Lawrence Foard). Linus.
36  */
37 
38 /*
39  * Automatic floppy-detection and formatting written by Werner Almesberger
40  * (almesber@nessie.cs.id.ethz.ch), who also corrected some problems with
41  * the floppy-change signal detection.
42  */
43 
44 /*
45  * 1992/7/22 -- Hennus Bergman: Added better error reporting, fixed
46  * FDC data overrun bug, added some preliminary stuff for vertical
47  * recording support.
48  *
49  * 1992/9/17: Added DMA allocation & DMA functions. -- hhb.
50  *
51  * TODO: Errors are still not counted properly.
52  */
53 
54 /* 1992/9/20
55  * Modifications for ``Sector Shifting'' by Rob Hooft (hooft@chem.ruu.nl)
56  * modeled after the freeware MS-DOS program fdformat/88 V1.8 by
57  * Christoph H. Hochst\"atter.
58  * I have fixed the shift values to the ones I always use. Maybe a new
59  * ioctl() should be created to be able to modify them.
60  * There is a bug in the driver that makes it impossible to format a
61  * floppy as the first thing after bootup.
62  */
63 
64 /*
65  * 1993/4/29 -- Linus -- cleaned up the timer handling in the kernel, and
66  * this helped the floppy driver as well. Much cleaner, and still seems to
67  * work.
68  */
69 
70 /* 1994/6/24 --bbroad-- added the floppy table entries and made
71  * minor modifications to allow 2.88 floppies to be run.
72  */
73 
74 /* 1994/7/13 -- Paul Vojta -- modified the probing code to allow three or more
75  * disk types.
76  */
77 
78 /*
79  * 1994/8/8 -- Alain Knaff -- Switched to fdpatch driver: Support for bigger
80  * format bug fixes, but unfortunately some new bugs too...
81  */
82 
83 /* 1994/9/17 -- Koen Holtman -- added logging of physical floppy write
84  * errors to allow safe writing by specialized programs.
85  */
86 
87 /* 1995/4/24 -- Dan Fandrich -- added support for Commodore 1581 3.5" disks
88  * by defining bit 1 of the "stretch" parameter to mean put sectors on the
89  * opposite side of the disk, leaving the sector IDs alone (i.e. Commodore's
90  * drives are "upside-down").
91  */
92 
93 /*
94  * 1995/8/26 -- Andreas Busse -- added Mips support.
95  */
96 
97 /*
98  * 1995/10/18 -- Ralf Baechle -- Portability cleanup; move machine dependent
99  * features to asm/floppy.h.
100  */
101 
102 /*
103  * 1998/1/21 -- Richard Gooch <rgooch@atnf.csiro.au> -- devfs support
104  */
105 
106 /*
107  * 1998/05/07 -- Russell King -- More portability cleanups; moved definition of
108  * interrupt and dma channel to asm/floppy.h. Cleaned up some formatting &
109  * use of '0' for NULL.
110  */
111 
112 /*
113  * 1998/06/07 -- Alan Cox -- Merged the 2.0.34 fixes for resource allocation
114  * failures.
115  */
116 
117 /*
118  * 1998/09/20 -- David Weinehall -- Added slow-down code for buggy PS/2-drives.
119  */
120 
121 /*
122  * 1999/08/13 -- Paul Slootman -- floppy stopped working on Alpha after 24
123  * days, 6 hours, 32 minutes and 32 seconds (i.e. MAXINT jiffies; ints were
124  * being used to store jiffies, which are unsigned longs).
125  */
126 
127 /*
128  * 2000/08/28 -- Arnaldo Carvalho de Melo <acme@conectiva.com.br>
129  * - get rid of check_region
130  * - s/suser/capable/
131  */
132 
133 /*
134  * 2001/08/26 -- Paul Gortmaker - fix insmod oops on machines with no
135  * floppy controller (lingering task on list after module is gone... boom.)
136  */
137 
138 /*
139  * 2002/02/07 -- Anton Altaparmakov - Fix io ports reservation to correct range
140  * (0x3f2-0x3f5, 0x3f7). This fix is a bit of a hack but the proper fix
141  * requires many non-obvious changes in arch dependent code.
142  */
143 
144 /* 2003/07/28 -- Daniele Bellucci <bellucda@tiscali.it>.
145  * Better audit of register_blkdev.
146  */
147 
148 #define REALLY_SLOW_IO
149 
150 #define DEBUGT 2
151 
152 #define DPRINT(format, args...) \
153 	pr_info("floppy%d: " format, current_drive, ##args)
154 
155 #define DCL_DEBUG		/* debug disk change line */
156 #ifdef DCL_DEBUG
157 #define debug_dcl(test, fmt, args...) \
158 	do { if ((test) & FD_DEBUG) DPRINT(fmt, ##args); } while (0)
159 #else
160 #define debug_dcl(test, fmt, args...) \
161 	do { if (0) DPRINT(fmt, ##args); } while (0)
162 #endif
163 
164 /* do print messages for unexpected interrupts */
165 static int print_unex = 1;
166 #include <linux/module.h>
167 #include <linux/sched.h>
168 #include <linux/fs.h>
169 #include <linux/kernel.h>
170 #include <linux/timer.h>
171 #include <linux/workqueue.h>
172 #include <linux/fdreg.h>
173 #include <linux/fd.h>
174 #include <linux/hdreg.h>
175 #include <linux/errno.h>
176 #include <linux/slab.h>
177 #include <linux/mm.h>
178 #include <linux/bio.h>
179 #include <linux/string.h>
180 #include <linux/jiffies.h>
181 #include <linux/fcntl.h>
182 #include <linux/delay.h>
183 #include <linux/mc146818rtc.h>	/* CMOS defines */
184 #include <linux/ioport.h>
185 #include <linux/interrupt.h>
186 #include <linux/init.h>
187 #include <linux/major.h>
188 #include <linux/platform_device.h>
189 #include <linux/mod_devicetable.h>
190 #include <linux/mutex.h>
191 #include <linux/io.h>
192 #include <linux/uaccess.h>
193 #include <linux/async.h>
194 #include <linux/compat.h>
195 
196 /*
197  * PS/2 floppies have much slower step rates than regular floppies.
198  * It's been recommended that take about 1/4 of the default speed
199  * in some more extreme cases.
200  */
201 static DEFINE_MUTEX(floppy_mutex);
202 static int slow_floppy;
203 
204 #include <asm/dma.h>
205 #include <asm/irq.h>
206 
207 static int FLOPPY_IRQ = 6;
208 static int FLOPPY_DMA = 2;
209 static int can_use_virtual_dma = 2;
210 /* =======
211  * can use virtual DMA:
212  * 0 = use of virtual DMA disallowed by config
213  * 1 = use of virtual DMA prescribed by config
214  * 2 = no virtual DMA preference configured.  By default try hard DMA,
215  * but fall back on virtual DMA when not enough memory available
216  */
217 
218 static int use_virtual_dma;
219 /* =======
220  * use virtual DMA
221  * 0 using hard DMA
222  * 1 using virtual DMA
223  * This variable is set to virtual when a DMA mem problem arises, and
224  * reset back in floppy_grab_irq_and_dma.
225  * It is not safe to reset it in other circumstances, because the floppy
226  * driver may have several buffers in use at once, and we do currently not
227  * record each buffers capabilities
228  */
229 
230 static DEFINE_SPINLOCK(floppy_lock);
231 
232 static unsigned short virtual_dma_port = 0x3f0;
233 irqreturn_t floppy_interrupt(int irq, void *dev_id);
234 static int set_dor(int fdc, char mask, char data);
235 
236 #define K_64	0x10000		/* 64KB */
237 
238 /* the following is the mask of allowed drives. By default units 2 and
239  * 3 of both floppy controllers are disabled, because switching on the
240  * motor of these drives causes system hangs on some PCI computers. drive
241  * 0 is the low bit (0x1), and drive 7 is the high bit (0x80). Bits are on if
242  * a drive is allowed.
243  *
244  * NOTE: This must come before we include the arch floppy header because
245  *       some ports reference this variable from there. -DaveM
246  */
247 
248 static int allowed_drive_mask = 0x33;
249 
250 #include <asm/floppy.h>
251 
252 static int irqdma_allocated;
253 
254 #include <linux/blk-mq.h>
255 #include <linux/blkpg.h>
256 #include <linux/cdrom.h>	/* for the compatibility eject ioctl */
257 #include <linux/completion.h>
258 
259 static LIST_HEAD(floppy_reqs);
260 static struct request *current_req;
261 static int set_next_request(void);
262 
263 #ifndef fd_get_dma_residue
264 #define fd_get_dma_residue() get_dma_residue(FLOPPY_DMA)
265 #endif
266 
267 /* Dma Memory related stuff */
268 
269 #ifndef fd_dma_mem_free
270 #define fd_dma_mem_free(addr, size) free_pages(addr, get_order(size))
271 #endif
272 
273 #ifndef fd_dma_mem_alloc
274 #define fd_dma_mem_alloc(size) __get_dma_pages(GFP_KERNEL, get_order(size))
275 #endif
276 
277 #ifndef fd_cacheflush
278 #define fd_cacheflush(addr, size) /* nothing... */
279 #endif
280 
fallback_on_nodma_alloc(char ** addr,size_t l)281 static inline void fallback_on_nodma_alloc(char **addr, size_t l)
282 {
283 #ifdef FLOPPY_CAN_FALLBACK_ON_NODMA
284 	if (*addr)
285 		return;		/* we have the memory */
286 	if (can_use_virtual_dma != 2)
287 		return;		/* no fallback allowed */
288 	pr_info("DMA memory shortage. Temporarily falling back on virtual DMA\n");
289 	*addr = (char *)nodma_mem_alloc(l);
290 #else
291 	return;
292 #endif
293 }
294 
295 /* End dma memory related stuff */
296 
297 static unsigned long fake_change;
298 static bool initialized;
299 
300 #define ITYPE(x)	(((x) >> 2) & 0x1f)
301 #define TOMINOR(x)	((x & 3) | ((x & 4) << 5))
302 #define UNIT(x)		((x) & 0x03)		/* drive on fdc */
303 #define FDC(x)		(((x) & 0x04) >> 2)	/* fdc of drive */
304 	/* reverse mapping from unit and fdc to drive */
305 #define REVDRIVE(fdc, unit) ((unit) + ((fdc) << 2))
306 
307 #define PH_HEAD(floppy, head) (((((floppy)->stretch & 2) >> 1) ^ head) << 2)
308 #define STRETCH(floppy)	((floppy)->stretch & FD_STRETCH)
309 
310 /* read/write commands */
311 #define COMMAND			0
312 #define DR_SELECT		1
313 #define TRACK			2
314 #define HEAD			3
315 #define SECTOR			4
316 #define SIZECODE		5
317 #define SECT_PER_TRACK		6
318 #define GAP			7
319 #define SIZECODE2		8
320 #define NR_RW 9
321 
322 /* format commands */
323 #define F_SIZECODE		2
324 #define F_SECT_PER_TRACK	3
325 #define F_GAP			4
326 #define F_FILL			5
327 #define NR_F 6
328 
329 /*
330  * Maximum disk size (in kilobytes).
331  * This default is used whenever the current disk size is unknown.
332  * [Now it is rather a minimum]
333  */
334 #define MAX_DISK_SIZE 4		/* 3984 */
335 
336 /*
337  * globals used by 'result()'
338  */
339 static unsigned char reply_buffer[FD_RAW_REPLY_SIZE];
340 static int inr;		/* size of reply buffer, when called from interrupt */
341 #define ST0		0
342 #define ST1		1
343 #define ST2		2
344 #define ST3		0	/* result of GETSTATUS */
345 #define R_TRACK		3
346 #define R_HEAD		4
347 #define R_SECTOR	5
348 #define R_SIZECODE	6
349 
350 #define SEL_DLY		(2 * HZ / 100)
351 
352 /*
353  * this struct defines the different floppy drive types.
354  */
355 static struct {
356 	struct floppy_drive_params params;
357 	const char *name;	/* name printed while booting */
358 } default_drive_params[] = {
359 /* NOTE: the time values in jiffies should be in msec!
360  CMOS drive type
361   |     Maximum data rate supported by drive type
362   |     |   Head load time, msec
363   |     |   |   Head unload time, msec (not used)
364   |     |   |   |     Step rate interval, usec
365   |     |   |   |     |       Time needed for spinup time (jiffies)
366   |     |   |   |     |       |      Timeout for spinning down (jiffies)
367   |     |   |   |     |       |      |   Spindown offset (where disk stops)
368   |     |   |   |     |       |      |   |     Select delay
369   |     |   |   |     |       |      |   |     |     RPS
370   |     |   |   |     |       |      |   |     |     |    Max number of tracks
371   |     |   |   |     |       |      |   |     |     |    |     Interrupt timeout
372   |     |   |   |     |       |      |   |     |     |    |     |   Max nonintlv. sectors
373   |     |   |   |     |       |      |   |     |     |    |     |   | -Max Errors- flags */
374 {{0,  500, 16, 16, 8000,    1*HZ, 3*HZ,  0, SEL_DLY, 5,  80, 3*HZ, 20, {3,1,2,0,2}, 0,
375       0, { 7, 4, 8, 2, 1, 5, 3,10}, 3*HZ/2, 0 }, "unknown" },
376 
377 {{1,  300, 16, 16, 8000,    1*HZ, 3*HZ,  0, SEL_DLY, 5,  40, 3*HZ, 17, {3,1,2,0,2}, 0,
378       0, { 1, 0, 0, 0, 0, 0, 0, 0}, 3*HZ/2, 1 }, "360K PC" }, /*5 1/4 360 KB PC*/
379 
380 {{2,  500, 16, 16, 6000, 4*HZ/10, 3*HZ, 14, SEL_DLY, 6,  83, 3*HZ, 17, {3,1,2,0,2}, 0,
381       0, { 2, 5, 6,23,10,20,12, 0}, 3*HZ/2, 2 }, "1.2M" }, /*5 1/4 HD AT*/
382 
383 {{3,  250, 16, 16, 3000,    1*HZ, 3*HZ,  0, SEL_DLY, 5,  83, 3*HZ, 20, {3,1,2,0,2}, 0,
384       0, { 4,22,21,30, 3, 0, 0, 0}, 3*HZ/2, 4 }, "720k" }, /*3 1/2 DD*/
385 
386 {{4,  500, 16, 16, 4000, 4*HZ/10, 3*HZ, 10, SEL_DLY, 5,  83, 3*HZ, 20, {3,1,2,0,2}, 0,
387       0, { 7, 4,25,22,31,21,29,11}, 3*HZ/2, 7 }, "1.44M" }, /*3 1/2 HD*/
388 
389 {{5, 1000, 15,  8, 3000, 4*HZ/10, 3*HZ, 10, SEL_DLY, 5,  83, 3*HZ, 40, {3,1,2,0,2}, 0,
390       0, { 7, 8, 4,25,28,22,31,21}, 3*HZ/2, 8 }, "2.88M AMI BIOS" }, /*3 1/2 ED*/
391 
392 {{6, 1000, 15,  8, 3000, 4*HZ/10, 3*HZ, 10, SEL_DLY, 5,  83, 3*HZ, 40, {3,1,2,0,2}, 0,
393       0, { 7, 8, 4,25,28,22,31,21}, 3*HZ/2, 8 }, "2.88M" } /*3 1/2 ED*/
394 /*    |  --autodetected formats---    |      |      |
395  *    read_track                      |      |    Name printed when booting
396  *				      |     Native format
397  *	            Frequency of disk change checks */
398 };
399 
400 static struct floppy_drive_params drive_params[N_DRIVE];
401 static struct floppy_drive_struct drive_state[N_DRIVE];
402 static struct floppy_write_errors write_errors[N_DRIVE];
403 static struct timer_list motor_off_timer[N_DRIVE];
404 static struct blk_mq_tag_set tag_sets[N_DRIVE];
405 static struct block_device *opened_bdev[N_DRIVE];
406 static DEFINE_MUTEX(open_lock);
407 static struct floppy_raw_cmd *raw_cmd, default_raw_cmd;
408 
409 /*
410  * This struct defines the different floppy types.
411  *
412  * Bit 0 of 'stretch' tells if the tracks need to be doubled for some
413  * types (e.g. 360kB diskette in 1.2MB drive, etc.).  Bit 1 of 'stretch'
414  * tells if the disk is in Commodore 1581 format, which means side 0 sectors
415  * are located on side 1 of the disk but with a side 0 ID, and vice-versa.
416  * This is the same as the Sharp MZ-80 5.25" CP/M disk format, except that the
417  * 1581's logical side 0 is on physical side 1, whereas the Sharp's logical
418  * side 0 is on physical side 0 (but with the misnamed sector IDs).
419  * 'stretch' should probably be renamed to something more general, like
420  * 'options'.
421  *
422  * Bits 2 through 9 of 'stretch' tell the number of the first sector.
423  * The LSB (bit 2) is flipped. For most disks, the first sector
424  * is 1 (represented by 0x00<<2).  For some CP/M and music sampler
425  * disks (such as Ensoniq EPS 16plus) it is 0 (represented as 0x01<<2).
426  * For Amstrad CPC disks it is 0xC1 (represented as 0xC0<<2).
427  *
428  * Other parameters should be self-explanatory (see also setfdprm(8)).
429  */
430 /*
431 	    Size
432 	     |  Sectors per track
433 	     |  | Head
434 	     |  | |  Tracks
435 	     |  | |  | Stretch
436 	     |  | |  | |  Gap 1 size
437 	     |  | |  | |    |  Data rate, | 0x40 for perp
438 	     |  | |  | |    |    |  Spec1 (stepping rate, head unload
439 	     |  | |  | |    |    |    |    /fmt gap (gap2) */
440 static struct floppy_struct floppy_type[32] = {
441 	{    0, 0,0, 0,0,0x00,0x00,0x00,0x00,NULL    },	/*  0 no testing    */
442 	{  720, 9,2,40,0,0x2A,0x02,0xDF,0x50,"d360"  }, /*  1 360KB PC      */
443 	{ 2400,15,2,80,0,0x1B,0x00,0xDF,0x54,"h1200" },	/*  2 1.2MB AT      */
444 	{  720, 9,1,80,0,0x2A,0x02,0xDF,0x50,"D360"  },	/*  3 360KB SS 3.5" */
445 	{ 1440, 9,2,80,0,0x2A,0x02,0xDF,0x50,"D720"  },	/*  4 720KB 3.5"    */
446 	{  720, 9,2,40,1,0x23,0x01,0xDF,0x50,"h360"  },	/*  5 360KB AT      */
447 	{ 1440, 9,2,80,0,0x23,0x01,0xDF,0x50,"h720"  },	/*  6 720KB AT      */
448 	{ 2880,18,2,80,0,0x1B,0x00,0xCF,0x6C,"H1440" },	/*  7 1.44MB 3.5"   */
449 	{ 5760,36,2,80,0,0x1B,0x43,0xAF,0x54,"E2880" },	/*  8 2.88MB 3.5"   */
450 	{ 6240,39,2,80,0,0x1B,0x43,0xAF,0x28,"E3120" },	/*  9 3.12MB 3.5"   */
451 
452 	{ 2880,18,2,80,0,0x25,0x00,0xDF,0x02,"h1440" }, /* 10 1.44MB 5.25"  */
453 	{ 3360,21,2,80,0,0x1C,0x00,0xCF,0x0C,"H1680" }, /* 11 1.68MB 3.5"   */
454 	{  820,10,2,41,1,0x25,0x01,0xDF,0x2E,"h410"  },	/* 12 410KB 5.25"   */
455 	{ 1640,10,2,82,0,0x25,0x02,0xDF,0x2E,"H820"  },	/* 13 820KB 3.5"    */
456 	{ 2952,18,2,82,0,0x25,0x00,0xDF,0x02,"h1476" },	/* 14 1.48MB 5.25"  */
457 	{ 3444,21,2,82,0,0x25,0x00,0xDF,0x0C,"H1722" },	/* 15 1.72MB 3.5"   */
458 	{  840,10,2,42,1,0x25,0x01,0xDF,0x2E,"h420"  },	/* 16 420KB 5.25"   */
459 	{ 1660,10,2,83,0,0x25,0x02,0xDF,0x2E,"H830"  },	/* 17 830KB 3.5"    */
460 	{ 2988,18,2,83,0,0x25,0x00,0xDF,0x02,"h1494" },	/* 18 1.49MB 5.25"  */
461 	{ 3486,21,2,83,0,0x25,0x00,0xDF,0x0C,"H1743" }, /* 19 1.74 MB 3.5"  */
462 
463 	{ 1760,11,2,80,0,0x1C,0x09,0xCF,0x00,"h880"  }, /* 20 880KB 5.25"   */
464 	{ 2080,13,2,80,0,0x1C,0x01,0xCF,0x00,"D1040" }, /* 21 1.04MB 3.5"   */
465 	{ 2240,14,2,80,0,0x1C,0x19,0xCF,0x00,"D1120" }, /* 22 1.12MB 3.5"   */
466 	{ 3200,20,2,80,0,0x1C,0x20,0xCF,0x2C,"h1600" }, /* 23 1.6MB 5.25"   */
467 	{ 3520,22,2,80,0,0x1C,0x08,0xCF,0x2e,"H1760" }, /* 24 1.76MB 3.5"   */
468 	{ 3840,24,2,80,0,0x1C,0x20,0xCF,0x00,"H1920" }, /* 25 1.92MB 3.5"   */
469 	{ 6400,40,2,80,0,0x25,0x5B,0xCF,0x00,"E3200" }, /* 26 3.20MB 3.5"   */
470 	{ 7040,44,2,80,0,0x25,0x5B,0xCF,0x00,"E3520" }, /* 27 3.52MB 3.5"   */
471 	{ 7680,48,2,80,0,0x25,0x63,0xCF,0x00,"E3840" }, /* 28 3.84MB 3.5"   */
472 	{ 3680,23,2,80,0,0x1C,0x10,0xCF,0x00,"H1840" }, /* 29 1.84MB 3.5"   */
473 
474 	{ 1600,10,2,80,0,0x25,0x02,0xDF,0x2E,"D800"  },	/* 30 800KB 3.5"    */
475 	{ 3200,20,2,80,0,0x1C,0x00,0xCF,0x2C,"H1600" }, /* 31 1.6MB 3.5"    */
476 };
477 
478 static struct gendisk *disks[N_DRIVE][ARRAY_SIZE(floppy_type)];
479 
480 #define SECTSIZE (_FD_SECTSIZE(*floppy))
481 
482 /* Auto-detection: Disk type used until the next media change occurs. */
483 static struct floppy_struct *current_type[N_DRIVE];
484 
485 /*
486  * User-provided type information. current_type points to
487  * the respective entry of this array.
488  */
489 static struct floppy_struct user_params[N_DRIVE];
490 
491 static sector_t floppy_sizes[256];
492 
493 static char floppy_device_name[] = "floppy";
494 
495 /*
496  * The driver is trying to determine the correct media format
497  * while probing is set. rw_interrupt() clears it after a
498  * successful access.
499  */
500 static int probing;
501 
502 /* Synchronization of FDC access. */
503 #define FD_COMMAND_NONE		-1
504 #define FD_COMMAND_ERROR	2
505 #define FD_COMMAND_OKAY		3
506 
507 static volatile int command_status = FD_COMMAND_NONE;
508 static unsigned long fdc_busy;
509 static DECLARE_WAIT_QUEUE_HEAD(fdc_wait);
510 static DECLARE_WAIT_QUEUE_HEAD(command_done);
511 
512 /* errors encountered on the current (or last) request */
513 static int floppy_errors;
514 
515 /* Format request descriptor. */
516 static struct format_descr format_req;
517 
518 /*
519  * Rate is 0 for 500kb/s, 1 for 300kbps, 2 for 250kbps
520  * Spec1 is 0xSH, where S is stepping rate (F=1ms, E=2ms, D=3ms etc),
521  * H is head unload time (1=16ms, 2=32ms, etc)
522  */
523 
524 /*
525  * Track buffer
526  * Because these are written to by the DMA controller, they must
527  * not contain a 64k byte boundary crossing, or data will be
528  * corrupted/lost.
529  */
530 static char *floppy_track_buffer;
531 static int max_buffer_sectors;
532 
533 typedef void (*done_f)(int);
534 static const struct cont_t {
535 	void (*interrupt)(void);
536 				/* this is called after the interrupt of the
537 				 * main command */
538 	void (*redo)(void);	/* this is called to retry the operation */
539 	void (*error)(void);	/* this is called to tally an error */
540 	done_f done;		/* this is called to say if the operation has
541 				 * succeeded/failed */
542 } *cont;
543 
544 static void floppy_ready(void);
545 static void floppy_start(void);
546 static void process_fd_request(void);
547 static void recalibrate_floppy(void);
548 static void floppy_shutdown(struct work_struct *);
549 
550 static int floppy_request_regions(int);
551 static void floppy_release_regions(int);
552 static int floppy_grab_irq_and_dma(void);
553 static void floppy_release_irq_and_dma(void);
554 
555 /*
556  * The "reset" variable should be tested whenever an interrupt is scheduled,
557  * after the commands have been sent. This is to ensure that the driver doesn't
558  * get wedged when the interrupt doesn't come because of a failed command.
559  * reset doesn't need to be tested before sending commands, because
560  * output_byte is automatically disabled when reset is set.
561  */
562 static void reset_fdc(void);
563 static int floppy_revalidate(struct gendisk *disk);
564 
565 /*
566  * These are global variables, as that's the easiest way to give
567  * information to interrupts. They are the data used for the current
568  * request.
569  */
570 #define NO_TRACK	-1
571 #define NEED_1_RECAL	-2
572 #define NEED_2_RECAL	-3
573 
574 static atomic_t usage_count = ATOMIC_INIT(0);
575 
576 /* buffer related variables */
577 static int buffer_track = -1;
578 static int buffer_drive = -1;
579 static int buffer_min = -1;
580 static int buffer_max = -1;
581 
582 /* fdc related variables, should end up in a struct */
583 static struct floppy_fdc_state fdc_state[N_FDC];
584 static int current_fdc;			/* current fdc */
585 
586 static struct workqueue_struct *floppy_wq;
587 
588 static struct floppy_struct *_floppy = floppy_type;
589 static unsigned char current_drive;
590 static long current_count_sectors;
591 static unsigned char fsector_t;	/* sector in track */
592 static unsigned char in_sector_offset;	/* offset within physical sector,
593 					 * expressed in units of 512 bytes */
594 
fdc_inb(int fdc,int reg)595 static inline unsigned char fdc_inb(int fdc, int reg)
596 {
597 	return fd_inb(fdc_state[fdc].address, reg);
598 }
599 
fdc_outb(unsigned char value,int fdc,int reg)600 static inline void fdc_outb(unsigned char value, int fdc, int reg)
601 {
602 	fd_outb(value, fdc_state[fdc].address, reg);
603 }
604 
drive_no_geom(int drive)605 static inline bool drive_no_geom(int drive)
606 {
607 	return !current_type[drive] && !ITYPE(drive_state[drive].fd_device);
608 }
609 
610 #ifndef fd_eject
fd_eject(int drive)611 static inline int fd_eject(int drive)
612 {
613 	return -EINVAL;
614 }
615 #endif
616 
617 /*
618  * Debugging
619  * =========
620  */
621 #ifdef DEBUGT
622 static long unsigned debugtimer;
623 
set_debugt(void)624 static inline void set_debugt(void)
625 {
626 	debugtimer = jiffies;
627 }
628 
debugt(const char * func,const char * msg)629 static inline void debugt(const char *func, const char *msg)
630 {
631 	if (drive_params[current_drive].flags & DEBUGT)
632 		pr_info("%s:%s dtime=%lu\n", func, msg, jiffies - debugtimer);
633 }
634 #else
set_debugt(void)635 static inline void set_debugt(void) { }
debugt(const char * func,const char * msg)636 static inline void debugt(const char *func, const char *msg) { }
637 #endif /* DEBUGT */
638 
639 
640 static DECLARE_DELAYED_WORK(fd_timeout, floppy_shutdown);
641 static const char *timeout_message;
642 
is_alive(const char * func,const char * message)643 static void is_alive(const char *func, const char *message)
644 {
645 	/* this routine checks whether the floppy driver is "alive" */
646 	if (test_bit(0, &fdc_busy) && command_status < 2 &&
647 	    !delayed_work_pending(&fd_timeout)) {
648 		DPRINT("%s: timeout handler died.  %s\n", func, message);
649 	}
650 }
651 
652 static void (*do_floppy)(void) = NULL;
653 
654 #define OLOGSIZE 20
655 
656 static void (*lasthandler)(void);
657 static unsigned long interruptjiffies;
658 static unsigned long resultjiffies;
659 static int resultsize;
660 static unsigned long lastredo;
661 
662 static struct output_log {
663 	unsigned char data;
664 	unsigned char status;
665 	unsigned long jiffies;
666 } output_log[OLOGSIZE];
667 
668 static int output_log_pos;
669 
670 #define MAXTIMEOUT -2
671 
__reschedule_timeout(int drive,const char * message)672 static void __reschedule_timeout(int drive, const char *message)
673 {
674 	unsigned long delay;
675 
676 	if (drive < 0 || drive >= N_DRIVE) {
677 		delay = 20UL * HZ;
678 		drive = 0;
679 	} else
680 		delay = drive_params[drive].timeout;
681 
682 	mod_delayed_work(floppy_wq, &fd_timeout, delay);
683 	if (drive_params[drive].flags & FD_DEBUG)
684 		DPRINT("reschedule timeout %s\n", message);
685 	timeout_message = message;
686 }
687 
reschedule_timeout(int drive,const char * message)688 static void reschedule_timeout(int drive, const char *message)
689 {
690 	unsigned long flags;
691 
692 	spin_lock_irqsave(&floppy_lock, flags);
693 	__reschedule_timeout(drive, message);
694 	spin_unlock_irqrestore(&floppy_lock, flags);
695 }
696 
697 #define INFBOUND(a, b) (a) = max_t(int, a, b)
698 #define SUPBOUND(a, b) (a) = min_t(int, a, b)
699 
700 /*
701  * Bottom half floppy driver.
702  * ==========================
703  *
704  * This part of the file contains the code talking directly to the hardware,
705  * and also the main service loop (seek-configure-spinup-command)
706  */
707 
708 /*
709  * disk change.
710  * This routine is responsible for maintaining the FD_DISK_CHANGE flag,
711  * and the last_checked date.
712  *
713  * last_checked is the date of the last check which showed 'no disk change'
714  * FD_DISK_CHANGE is set under two conditions:
715  * 1. The floppy has been changed after some i/o to that floppy already
716  *    took place.
717  * 2. No floppy disk is in the drive. This is done in order to ensure that
718  *    requests are quickly flushed in case there is no disk in the drive. It
719  *    follows that FD_DISK_CHANGE can only be cleared if there is a disk in
720  *    the drive.
721  *
722  * For 1., maxblock is observed. Maxblock is 0 if no i/o has taken place yet.
723  * For 2., FD_DISK_NEWCHANGE is watched. FD_DISK_NEWCHANGE is cleared on
724  *  each seek. If a disk is present, the disk change line should also be
725  *  cleared on each seek. Thus, if FD_DISK_NEWCHANGE is clear, but the disk
726  *  change line is set, this means either that no disk is in the drive, or
727  *  that it has been removed since the last seek.
728  *
729  * This means that we really have a third possibility too:
730  *  The floppy has been changed after the last seek.
731  */
732 
disk_change(int drive)733 static int disk_change(int drive)
734 {
735 	int fdc = FDC(drive);
736 
737 	if (time_before(jiffies, drive_state[drive].select_date + drive_params[drive].select_delay))
738 		DPRINT("WARNING disk change called early\n");
739 	if (!(fdc_state[fdc].dor & (0x10 << UNIT(drive))) ||
740 	    (fdc_state[fdc].dor & 3) != UNIT(drive) || fdc != FDC(drive)) {
741 		DPRINT("probing disk change on unselected drive\n");
742 		DPRINT("drive=%d fdc=%d dor=%x\n", drive, FDC(drive),
743 		       (unsigned int)fdc_state[fdc].dor);
744 	}
745 
746 	debug_dcl(drive_params[drive].flags,
747 		  "checking disk change line for drive %d\n", drive);
748 	debug_dcl(drive_params[drive].flags, "jiffies=%lu\n", jiffies);
749 	debug_dcl(drive_params[drive].flags, "disk change line=%x\n",
750 		  fdc_inb(fdc, FD_DIR) & 0x80);
751 	debug_dcl(drive_params[drive].flags, "flags=%lx\n",
752 		  drive_state[drive].flags);
753 
754 	if (drive_params[drive].flags & FD_BROKEN_DCL)
755 		return test_bit(FD_DISK_CHANGED_BIT,
756 				&drive_state[drive].flags);
757 	if ((fdc_inb(fdc, FD_DIR) ^ drive_params[drive].flags) & 0x80) {
758 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
759 					/* verify write protection */
760 
761 		if (drive_state[drive].maxblock)	/* mark it changed */
762 			set_bit(FD_DISK_CHANGED_BIT,
763 				&drive_state[drive].flags);
764 
765 		/* invalidate its geometry */
766 		if (drive_state[drive].keep_data >= 0) {
767 			if ((drive_params[drive].flags & FTD_MSG) &&
768 			    current_type[drive] != NULL)
769 				DPRINT("Disk type is undefined after disk change\n");
770 			current_type[drive] = NULL;
771 			floppy_sizes[TOMINOR(drive)] = MAX_DISK_SIZE << 1;
772 		}
773 
774 		return 1;
775 	} else {
776 		drive_state[drive].last_checked = jiffies;
777 		clear_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[drive].flags);
778 	}
779 	return 0;
780 }
781 
is_selected(int dor,int unit)782 static inline int is_selected(int dor, int unit)
783 {
784 	return ((dor & (0x10 << unit)) && (dor & 3) == unit);
785 }
786 
is_ready_state(int status)787 static bool is_ready_state(int status)
788 {
789 	int state = status & (STATUS_READY | STATUS_DIR | STATUS_DMA);
790 	return state == STATUS_READY;
791 }
792 
set_dor(int fdc,char mask,char data)793 static int set_dor(int fdc, char mask, char data)
794 {
795 	unsigned char unit;
796 	unsigned char drive;
797 	unsigned char newdor;
798 	unsigned char olddor;
799 
800 	if (fdc_state[fdc].address == -1)
801 		return -1;
802 
803 	olddor = fdc_state[fdc].dor;
804 	newdor = (olddor & mask) | data;
805 	if (newdor != olddor) {
806 		unit = olddor & 0x3;
807 		if (is_selected(olddor, unit) && !is_selected(newdor, unit)) {
808 			drive = REVDRIVE(fdc, unit);
809 			debug_dcl(drive_params[drive].flags,
810 				  "calling disk change from set_dor\n");
811 			disk_change(drive);
812 		}
813 		fdc_state[fdc].dor = newdor;
814 		fdc_outb(newdor, fdc, FD_DOR);
815 
816 		unit = newdor & 0x3;
817 		if (!is_selected(olddor, unit) && is_selected(newdor, unit)) {
818 			drive = REVDRIVE(fdc, unit);
819 			drive_state[drive].select_date = jiffies;
820 		}
821 	}
822 	return olddor;
823 }
824 
twaddle(int fdc,int drive)825 static void twaddle(int fdc, int drive)
826 {
827 	if (drive_params[drive].select_delay)
828 		return;
829 	fdc_outb(fdc_state[fdc].dor & ~(0x10 << UNIT(drive)),
830 		 fdc, FD_DOR);
831 	fdc_outb(fdc_state[fdc].dor, fdc, FD_DOR);
832 	drive_state[drive].select_date = jiffies;
833 }
834 
835 /*
836  * Reset all driver information about the specified fdc.
837  * This is needed after a reset, and after a raw command.
838  */
reset_fdc_info(int fdc,int mode)839 static void reset_fdc_info(int fdc, int mode)
840 {
841 	int drive;
842 
843 	fdc_state[fdc].spec1 = fdc_state[fdc].spec2 = -1;
844 	fdc_state[fdc].need_configure = 1;
845 	fdc_state[fdc].perp_mode = 1;
846 	fdc_state[fdc].rawcmd = 0;
847 	for (drive = 0; drive < N_DRIVE; drive++)
848 		if (FDC(drive) == fdc &&
849 		    (mode || drive_state[drive].track != NEED_1_RECAL))
850 			drive_state[drive].track = NEED_2_RECAL;
851 }
852 
853 /*
854  * selects the fdc and drive, and enables the fdc's input/dma.
855  * Both current_drive and current_fdc are changed to match the new drive.
856  */
set_fdc(int drive)857 static void set_fdc(int drive)
858 {
859 	unsigned int fdc;
860 
861 	if (drive < 0 || drive >= N_DRIVE) {
862 		pr_info("bad drive value %d\n", drive);
863 		return;
864 	}
865 
866 	fdc = FDC(drive);
867 	if (fdc >= N_FDC) {
868 		pr_info("bad fdc value\n");
869 		return;
870 	}
871 
872 	set_dor(fdc, ~0, 8);
873 #if N_FDC > 1
874 	set_dor(1 - fdc, ~8, 0);
875 #endif
876 	if (fdc_state[fdc].rawcmd == 2)
877 		reset_fdc_info(fdc, 1);
878 	if (fdc_inb(fdc, FD_STATUS) != STATUS_READY)
879 		fdc_state[fdc].reset = 1;
880 
881 	current_drive = drive;
882 	current_fdc = fdc;
883 }
884 
885 /*
886  * locks the driver.
887  * Both current_drive and current_fdc are changed to match the new drive.
888  */
lock_fdc(int drive)889 static int lock_fdc(int drive)
890 {
891 	if (WARN(atomic_read(&usage_count) == 0,
892 		 "Trying to lock fdc while usage count=0\n"))
893 		return -1;
894 
895 	if (wait_event_interruptible(fdc_wait, !test_and_set_bit(0, &fdc_busy)))
896 		return -EINTR;
897 
898 	command_status = FD_COMMAND_NONE;
899 
900 	reschedule_timeout(drive, "lock fdc");
901 	set_fdc(drive);
902 	return 0;
903 }
904 
905 /* unlocks the driver */
unlock_fdc(void)906 static void unlock_fdc(void)
907 {
908 	if (!test_bit(0, &fdc_busy))
909 		DPRINT("FDC access conflict!\n");
910 
911 	raw_cmd = NULL;
912 	command_status = FD_COMMAND_NONE;
913 	cancel_delayed_work(&fd_timeout);
914 	do_floppy = NULL;
915 	cont = NULL;
916 	clear_bit(0, &fdc_busy);
917 	wake_up(&fdc_wait);
918 }
919 
920 /* switches the motor off after a given timeout */
motor_off_callback(struct timer_list * t)921 static void motor_off_callback(struct timer_list *t)
922 {
923 	unsigned long nr = t - motor_off_timer;
924 	unsigned char mask = ~(0x10 << UNIT(nr));
925 
926 	if (WARN_ON_ONCE(nr >= N_DRIVE))
927 		return;
928 
929 	set_dor(FDC(nr), mask, 0);
930 }
931 
932 /* schedules motor off */
floppy_off(unsigned int drive)933 static void floppy_off(unsigned int drive)
934 {
935 	unsigned long volatile delta;
936 	int fdc = FDC(drive);
937 
938 	if (!(fdc_state[fdc].dor & (0x10 << UNIT(drive))))
939 		return;
940 
941 	del_timer(motor_off_timer + drive);
942 
943 	/* make spindle stop in a position which minimizes spinup time
944 	 * next time */
945 	if (drive_params[drive].rps) {
946 		delta = jiffies - drive_state[drive].first_read_date + HZ -
947 		    drive_params[drive].spindown_offset;
948 		delta = ((delta * drive_params[drive].rps) % HZ) / drive_params[drive].rps;
949 		motor_off_timer[drive].expires =
950 		    jiffies + drive_params[drive].spindown - delta;
951 	}
952 	add_timer(motor_off_timer + drive);
953 }
954 
955 /*
956  * cycle through all N_DRIVE floppy drives, for disk change testing.
957  * stopping at current drive. This is done before any long operation, to
958  * be sure to have up to date disk change information.
959  */
scandrives(void)960 static void scandrives(void)
961 {
962 	int i;
963 	int drive;
964 	int saved_drive;
965 
966 	if (drive_params[current_drive].select_delay)
967 		return;
968 
969 	saved_drive = current_drive;
970 	for (i = 0; i < N_DRIVE; i++) {
971 		drive = (saved_drive + i + 1) % N_DRIVE;
972 		if (drive_state[drive].fd_ref == 0 || drive_params[drive].select_delay != 0)
973 			continue;	/* skip closed drives */
974 		set_fdc(drive);
975 		if (!(set_dor(current_fdc, ~3, UNIT(drive) | (0x10 << UNIT(drive))) &
976 		      (0x10 << UNIT(drive))))
977 			/* switch the motor off again, if it was off to
978 			 * begin with */
979 			set_dor(current_fdc, ~(0x10 << UNIT(drive)), 0);
980 	}
981 	set_fdc(saved_drive);
982 }
983 
empty(void)984 static void empty(void)
985 {
986 }
987 
988 static void (*floppy_work_fn)(void);
989 
floppy_work_workfn(struct work_struct * work)990 static void floppy_work_workfn(struct work_struct *work)
991 {
992 	floppy_work_fn();
993 }
994 
995 static DECLARE_WORK(floppy_work, floppy_work_workfn);
996 
schedule_bh(void (* handler)(void))997 static void schedule_bh(void (*handler)(void))
998 {
999 	WARN_ON(work_pending(&floppy_work));
1000 
1001 	floppy_work_fn = handler;
1002 	queue_work(floppy_wq, &floppy_work);
1003 }
1004 
1005 static void (*fd_timer_fn)(void) = NULL;
1006 
fd_timer_workfn(struct work_struct * work)1007 static void fd_timer_workfn(struct work_struct *work)
1008 {
1009 	fd_timer_fn();
1010 }
1011 
1012 static DECLARE_DELAYED_WORK(fd_timer, fd_timer_workfn);
1013 
cancel_activity(void)1014 static void cancel_activity(void)
1015 {
1016 	do_floppy = NULL;
1017 	cancel_delayed_work(&fd_timer);
1018 	cancel_work_sync(&floppy_work);
1019 }
1020 
1021 /* this function makes sure that the disk stays in the drive during the
1022  * transfer */
fd_watchdog(void)1023 static void fd_watchdog(void)
1024 {
1025 	debug_dcl(drive_params[current_drive].flags,
1026 		  "calling disk change from watchdog\n");
1027 
1028 	if (disk_change(current_drive)) {
1029 		DPRINT("disk removed during i/o\n");
1030 		cancel_activity();
1031 		cont->done(0);
1032 		reset_fdc();
1033 	} else {
1034 		cancel_delayed_work(&fd_timer);
1035 		fd_timer_fn = fd_watchdog;
1036 		queue_delayed_work(floppy_wq, &fd_timer, HZ / 10);
1037 	}
1038 }
1039 
main_command_interrupt(void)1040 static void main_command_interrupt(void)
1041 {
1042 	cancel_delayed_work(&fd_timer);
1043 	cont->interrupt();
1044 }
1045 
1046 /* waits for a delay (spinup or select) to pass */
fd_wait_for_completion(unsigned long expires,void (* function)(void))1047 static int fd_wait_for_completion(unsigned long expires,
1048 				  void (*function)(void))
1049 {
1050 	if (fdc_state[current_fdc].reset) {
1051 		reset_fdc();	/* do the reset during sleep to win time
1052 				 * if we don't need to sleep, it's a good
1053 				 * occasion anyways */
1054 		return 1;
1055 	}
1056 
1057 	if (time_before(jiffies, expires)) {
1058 		cancel_delayed_work(&fd_timer);
1059 		fd_timer_fn = function;
1060 		queue_delayed_work(floppy_wq, &fd_timer, expires - jiffies);
1061 		return 1;
1062 	}
1063 	return 0;
1064 }
1065 
setup_DMA(void)1066 static void setup_DMA(void)
1067 {
1068 	unsigned long f;
1069 
1070 	if (raw_cmd->length == 0) {
1071 		print_hex_dump(KERN_INFO, "zero dma transfer size: ",
1072 			       DUMP_PREFIX_NONE, 16, 1,
1073 			       raw_cmd->fullcmd, raw_cmd->cmd_count, false);
1074 		cont->done(0);
1075 		fdc_state[current_fdc].reset = 1;
1076 		return;
1077 	}
1078 	if (((unsigned long)raw_cmd->kernel_data) % 512) {
1079 		pr_info("non aligned address: %p\n", raw_cmd->kernel_data);
1080 		cont->done(0);
1081 		fdc_state[current_fdc].reset = 1;
1082 		return;
1083 	}
1084 	f = claim_dma_lock();
1085 	fd_disable_dma();
1086 #ifdef fd_dma_setup
1087 	if (fd_dma_setup(raw_cmd->kernel_data, raw_cmd->length,
1088 			 (raw_cmd->flags & FD_RAW_READ) ?
1089 			 DMA_MODE_READ : DMA_MODE_WRITE,
1090 			 fdc_state[current_fdc].address) < 0) {
1091 		release_dma_lock(f);
1092 		cont->done(0);
1093 		fdc_state[current_fdc].reset = 1;
1094 		return;
1095 	}
1096 	release_dma_lock(f);
1097 #else
1098 	fd_clear_dma_ff();
1099 	fd_cacheflush(raw_cmd->kernel_data, raw_cmd->length);
1100 	fd_set_dma_mode((raw_cmd->flags & FD_RAW_READ) ?
1101 			DMA_MODE_READ : DMA_MODE_WRITE);
1102 	fd_set_dma_addr(raw_cmd->kernel_data);
1103 	fd_set_dma_count(raw_cmd->length);
1104 	virtual_dma_port = fdc_state[current_fdc].address;
1105 	fd_enable_dma();
1106 	release_dma_lock(f);
1107 #endif
1108 }
1109 
1110 static void show_floppy(int fdc);
1111 
1112 /* waits until the fdc becomes ready */
wait_til_ready(int fdc)1113 static int wait_til_ready(int fdc)
1114 {
1115 	int status;
1116 	int counter;
1117 
1118 	if (fdc_state[fdc].reset)
1119 		return -1;
1120 	for (counter = 0; counter < 10000; counter++) {
1121 		status = fdc_inb(fdc, FD_STATUS);
1122 		if (status & STATUS_READY)
1123 			return status;
1124 	}
1125 	if (initialized) {
1126 		DPRINT("Getstatus times out (%x) on fdc %d\n", status, fdc);
1127 		show_floppy(fdc);
1128 	}
1129 	fdc_state[fdc].reset = 1;
1130 	return -1;
1131 }
1132 
1133 /* sends a command byte to the fdc */
output_byte(int fdc,char byte)1134 static int output_byte(int fdc, char byte)
1135 {
1136 	int status = wait_til_ready(fdc);
1137 
1138 	if (status < 0)
1139 		return -1;
1140 
1141 	if (is_ready_state(status)) {
1142 		fdc_outb(byte, fdc, FD_DATA);
1143 		output_log[output_log_pos].data = byte;
1144 		output_log[output_log_pos].status = status;
1145 		output_log[output_log_pos].jiffies = jiffies;
1146 		output_log_pos = (output_log_pos + 1) % OLOGSIZE;
1147 		return 0;
1148 	}
1149 	fdc_state[fdc].reset = 1;
1150 	if (initialized) {
1151 		DPRINT("Unable to send byte %x to FDC. Fdc=%x Status=%x\n",
1152 		       byte, fdc, status);
1153 		show_floppy(fdc);
1154 	}
1155 	return -1;
1156 }
1157 
1158 /* gets the response from the fdc */
result(int fdc)1159 static int result(int fdc)
1160 {
1161 	int i;
1162 	int status = 0;
1163 
1164 	for (i = 0; i < FD_RAW_REPLY_SIZE; i++) {
1165 		status = wait_til_ready(fdc);
1166 		if (status < 0)
1167 			break;
1168 		status &= STATUS_DIR | STATUS_READY | STATUS_BUSY | STATUS_DMA;
1169 		if ((status & ~STATUS_BUSY) == STATUS_READY) {
1170 			resultjiffies = jiffies;
1171 			resultsize = i;
1172 			return i;
1173 		}
1174 		if (status == (STATUS_DIR | STATUS_READY | STATUS_BUSY))
1175 			reply_buffer[i] = fdc_inb(fdc, FD_DATA);
1176 		else
1177 			break;
1178 	}
1179 	if (initialized) {
1180 		DPRINT("get result error. Fdc=%d Last status=%x Read bytes=%d\n",
1181 		       fdc, status, i);
1182 		show_floppy(fdc);
1183 	}
1184 	fdc_state[fdc].reset = 1;
1185 	return -1;
1186 }
1187 
1188 #define MORE_OUTPUT -2
1189 /* does the fdc need more output? */
need_more_output(int fdc)1190 static int need_more_output(int fdc)
1191 {
1192 	int status = wait_til_ready(fdc);
1193 
1194 	if (status < 0)
1195 		return -1;
1196 
1197 	if (is_ready_state(status))
1198 		return MORE_OUTPUT;
1199 
1200 	return result(fdc);
1201 }
1202 
1203 /* Set perpendicular mode as required, based on data rate, if supported.
1204  * 82077 Now tested. 1Mbps data rate only possible with 82077-1.
1205  */
perpendicular_mode(int fdc)1206 static void perpendicular_mode(int fdc)
1207 {
1208 	unsigned char perp_mode;
1209 
1210 	if (raw_cmd->rate & 0x40) {
1211 		switch (raw_cmd->rate & 3) {
1212 		case 0:
1213 			perp_mode = 2;
1214 			break;
1215 		case 3:
1216 			perp_mode = 3;
1217 			break;
1218 		default:
1219 			DPRINT("Invalid data rate for perpendicular mode!\n");
1220 			cont->done(0);
1221 			fdc_state[fdc].reset = 1;
1222 					/*
1223 					 * convenient way to return to
1224 					 * redo without too much hassle
1225 					 * (deep stack et al.)
1226 					 */
1227 			return;
1228 		}
1229 	} else
1230 		perp_mode = 0;
1231 
1232 	if (fdc_state[fdc].perp_mode == perp_mode)
1233 		return;
1234 	if (fdc_state[fdc].version >= FDC_82077_ORIG) {
1235 		output_byte(fdc, FD_PERPENDICULAR);
1236 		output_byte(fdc, perp_mode);
1237 		fdc_state[fdc].perp_mode = perp_mode;
1238 	} else if (perp_mode) {
1239 		DPRINT("perpendicular mode not supported by this FDC.\n");
1240 	}
1241 }				/* perpendicular_mode */
1242 
1243 static int fifo_depth = 0xa;
1244 static int no_fifo;
1245 
fdc_configure(int fdc)1246 static int fdc_configure(int fdc)
1247 {
1248 	/* Turn on FIFO */
1249 	output_byte(fdc, FD_CONFIGURE);
1250 	if (need_more_output(fdc) != MORE_OUTPUT)
1251 		return 0;
1252 	output_byte(fdc, 0);
1253 	output_byte(fdc, 0x10 | (no_fifo & 0x20) | (fifo_depth & 0xf));
1254 	output_byte(fdc, 0);    /* pre-compensation from track 0 upwards */
1255 	return 1;
1256 }
1257 
1258 #define NOMINAL_DTR 500
1259 
1260 /* Issue a "SPECIFY" command to set the step rate time, head unload time,
1261  * head load time, and DMA disable flag to values needed by floppy.
1262  *
1263  * The value "dtr" is the data transfer rate in Kbps.  It is needed
1264  * to account for the data rate-based scaling done by the 82072 and 82077
1265  * FDC types.  This parameter is ignored for other types of FDCs (i.e.
1266  * 8272a).
1267  *
1268  * Note that changing the data transfer rate has a (probably deleterious)
1269  * effect on the parameters subject to scaling for 82072/82077 FDCs, so
1270  * fdc_specify is called again after each data transfer rate
1271  * change.
1272  *
1273  * srt: 1000 to 16000 in microseconds
1274  * hut: 16 to 240 milliseconds
1275  * hlt: 2 to 254 milliseconds
1276  *
1277  * These values are rounded up to the next highest available delay time.
1278  */
fdc_specify(int fdc,int drive)1279 static void fdc_specify(int fdc, int drive)
1280 {
1281 	unsigned char spec1;
1282 	unsigned char spec2;
1283 	unsigned long srt;
1284 	unsigned long hlt;
1285 	unsigned long hut;
1286 	unsigned long dtr = NOMINAL_DTR;
1287 	unsigned long scale_dtr = NOMINAL_DTR;
1288 	int hlt_max_code = 0x7f;
1289 	int hut_max_code = 0xf;
1290 
1291 	if (fdc_state[fdc].need_configure &&
1292 	    fdc_state[fdc].version >= FDC_82072A) {
1293 		fdc_configure(fdc);
1294 		fdc_state[fdc].need_configure = 0;
1295 	}
1296 
1297 	switch (raw_cmd->rate & 0x03) {
1298 	case 3:
1299 		dtr = 1000;
1300 		break;
1301 	case 1:
1302 		dtr = 300;
1303 		if (fdc_state[fdc].version >= FDC_82078) {
1304 			/* chose the default rate table, not the one
1305 			 * where 1 = 2 Mbps */
1306 			output_byte(fdc, FD_DRIVESPEC);
1307 			if (need_more_output(fdc) == MORE_OUTPUT) {
1308 				output_byte(fdc, UNIT(drive));
1309 				output_byte(fdc, 0xc0);
1310 			}
1311 		}
1312 		break;
1313 	case 2:
1314 		dtr = 250;
1315 		break;
1316 	}
1317 
1318 	if (fdc_state[fdc].version >= FDC_82072) {
1319 		scale_dtr = dtr;
1320 		hlt_max_code = 0x00;	/* 0==256msec*dtr0/dtr (not linear!) */
1321 		hut_max_code = 0x0;	/* 0==256msec*dtr0/dtr (not linear!) */
1322 	}
1323 
1324 	/* Convert step rate from microseconds to milliseconds and 4 bits */
1325 	srt = 16 - DIV_ROUND_UP(drive_params[drive].srt * scale_dtr / 1000,
1326 				NOMINAL_DTR);
1327 	if (slow_floppy)
1328 		srt = srt / 4;
1329 
1330 	SUPBOUND(srt, 0xf);
1331 	INFBOUND(srt, 0);
1332 
1333 	hlt = DIV_ROUND_UP(drive_params[drive].hlt * scale_dtr / 2,
1334 			   NOMINAL_DTR);
1335 	if (hlt < 0x01)
1336 		hlt = 0x01;
1337 	else if (hlt > 0x7f)
1338 		hlt = hlt_max_code;
1339 
1340 	hut = DIV_ROUND_UP(drive_params[drive].hut * scale_dtr / 16,
1341 			   NOMINAL_DTR);
1342 	if (hut < 0x1)
1343 		hut = 0x1;
1344 	else if (hut > 0xf)
1345 		hut = hut_max_code;
1346 
1347 	spec1 = (srt << 4) | hut;
1348 	spec2 = (hlt << 1) | (use_virtual_dma & 1);
1349 
1350 	/* If these parameters did not change, just return with success */
1351 	if (fdc_state[fdc].spec1 != spec1 ||
1352 	    fdc_state[fdc].spec2 != spec2) {
1353 		/* Go ahead and set spec1 and spec2 */
1354 		output_byte(fdc, FD_SPECIFY);
1355 		output_byte(fdc, fdc_state[fdc].spec1 = spec1);
1356 		output_byte(fdc, fdc_state[fdc].spec2 = spec2);
1357 	}
1358 }				/* fdc_specify */
1359 
1360 /* Set the FDC's data transfer rate on behalf of the specified drive.
1361  * NOTE: with 82072/82077 FDCs, changing the data rate requires a reissue
1362  * of the specify command (i.e. using the fdc_specify function).
1363  */
fdc_dtr(void)1364 static int fdc_dtr(void)
1365 {
1366 	/* If data rate not already set to desired value, set it. */
1367 	if ((raw_cmd->rate & 3) == fdc_state[current_fdc].dtr)
1368 		return 0;
1369 
1370 	/* Set dtr */
1371 	fdc_outb(raw_cmd->rate & 3, current_fdc, FD_DCR);
1372 
1373 	/* TODO: some FDC/drive combinations (C&T 82C711 with TEAC 1.2MB)
1374 	 * need a stabilization period of several milliseconds to be
1375 	 * enforced after data rate changes before R/W operations.
1376 	 * Pause 5 msec to avoid trouble. (Needs to be 2 jiffies)
1377 	 */
1378 	fdc_state[current_fdc].dtr = raw_cmd->rate & 3;
1379 	return fd_wait_for_completion(jiffies + 2UL * HZ / 100, floppy_ready);
1380 }				/* fdc_dtr */
1381 
tell_sector(void)1382 static void tell_sector(void)
1383 {
1384 	pr_cont(": track %d, head %d, sector %d, size %d",
1385 		reply_buffer[R_TRACK], reply_buffer[R_HEAD],
1386 		reply_buffer[R_SECTOR],
1387 		reply_buffer[R_SIZECODE]);
1388 }				/* tell_sector */
1389 
print_errors(void)1390 static void print_errors(void)
1391 {
1392 	DPRINT("");
1393 	if (reply_buffer[ST0] & ST0_ECE) {
1394 		pr_cont("Recalibrate failed!");
1395 	} else if (reply_buffer[ST2] & ST2_CRC) {
1396 		pr_cont("data CRC error");
1397 		tell_sector();
1398 	} else if (reply_buffer[ST1] & ST1_CRC) {
1399 		pr_cont("CRC error");
1400 		tell_sector();
1401 	} else if ((reply_buffer[ST1] & (ST1_MAM | ST1_ND)) ||
1402 		   (reply_buffer[ST2] & ST2_MAM)) {
1403 		if (!probing) {
1404 			pr_cont("sector not found");
1405 			tell_sector();
1406 		} else
1407 			pr_cont("probe failed...");
1408 	} else if (reply_buffer[ST2] & ST2_WC) {	/* seek error */
1409 		pr_cont("wrong cylinder");
1410 	} else if (reply_buffer[ST2] & ST2_BC) {	/* cylinder marked as bad */
1411 		pr_cont("bad cylinder");
1412 	} else {
1413 		pr_cont("unknown error. ST[0..2] are: 0x%x 0x%x 0x%x",
1414 			reply_buffer[ST0], reply_buffer[ST1],
1415 			reply_buffer[ST2]);
1416 		tell_sector();
1417 	}
1418 	pr_cont("\n");
1419 }
1420 
1421 /*
1422  * OK, this error interpreting routine is called after a
1423  * DMA read/write has succeeded
1424  * or failed, so we check the results, and copy any buffers.
1425  * hhb: Added better error reporting.
1426  * ak: Made this into a separate routine.
1427  */
interpret_errors(void)1428 static int interpret_errors(void)
1429 {
1430 	char bad;
1431 
1432 	if (inr != 7) {
1433 		DPRINT("-- FDC reply error\n");
1434 		fdc_state[current_fdc].reset = 1;
1435 		return 1;
1436 	}
1437 
1438 	/* check IC to find cause of interrupt */
1439 	switch (reply_buffer[ST0] & ST0_INTR) {
1440 	case 0x40:		/* error occurred during command execution */
1441 		if (reply_buffer[ST1] & ST1_EOC)
1442 			return 0;	/* occurs with pseudo-DMA */
1443 		bad = 1;
1444 		if (reply_buffer[ST1] & ST1_WP) {
1445 			DPRINT("Drive is write protected\n");
1446 			clear_bit(FD_DISK_WRITABLE_BIT,
1447 				  &drive_state[current_drive].flags);
1448 			cont->done(0);
1449 			bad = 2;
1450 		} else if (reply_buffer[ST1] & ST1_ND) {
1451 			set_bit(FD_NEED_TWADDLE_BIT,
1452 				&drive_state[current_drive].flags);
1453 		} else if (reply_buffer[ST1] & ST1_OR) {
1454 			if (drive_params[current_drive].flags & FTD_MSG)
1455 				DPRINT("Over/Underrun - retrying\n");
1456 			bad = 0;
1457 		} else if (floppy_errors >= drive_params[current_drive].max_errors.reporting) {
1458 			print_errors();
1459 		}
1460 		if (reply_buffer[ST2] & ST2_WC || reply_buffer[ST2] & ST2_BC)
1461 			/* wrong cylinder => recal */
1462 			drive_state[current_drive].track = NEED_2_RECAL;
1463 		return bad;
1464 	case 0x80:		/* invalid command given */
1465 		DPRINT("Invalid FDC command given!\n");
1466 		cont->done(0);
1467 		return 2;
1468 	case 0xc0:
1469 		DPRINT("Abnormal termination caused by polling\n");
1470 		cont->error();
1471 		return 2;
1472 	default:		/* (0) Normal command termination */
1473 		return 0;
1474 	}
1475 }
1476 
1477 /*
1478  * This routine is called when everything should be correctly set up
1479  * for the transfer (i.e. floppy motor is on, the correct floppy is
1480  * selected, and the head is sitting on the right track).
1481  */
setup_rw_floppy(void)1482 static void setup_rw_floppy(void)
1483 {
1484 	int i;
1485 	int r;
1486 	int flags;
1487 	unsigned long ready_date;
1488 	void (*function)(void);
1489 
1490 	flags = raw_cmd->flags;
1491 	if (flags & (FD_RAW_READ | FD_RAW_WRITE))
1492 		flags |= FD_RAW_INTR;
1493 
1494 	if ((flags & FD_RAW_SPIN) && !(flags & FD_RAW_NO_MOTOR)) {
1495 		ready_date = drive_state[current_drive].spinup_date + drive_params[current_drive].spinup;
1496 		/* If spinup will take a long time, rerun scandrives
1497 		 * again just before spinup completion. Beware that
1498 		 * after scandrives, we must again wait for selection.
1499 		 */
1500 		if (time_after(ready_date, jiffies + drive_params[current_drive].select_delay)) {
1501 			ready_date -= drive_params[current_drive].select_delay;
1502 			function = floppy_start;
1503 		} else
1504 			function = setup_rw_floppy;
1505 
1506 		/* wait until the floppy is spinning fast enough */
1507 		if (fd_wait_for_completion(ready_date, function))
1508 			return;
1509 	}
1510 	if ((flags & FD_RAW_READ) || (flags & FD_RAW_WRITE))
1511 		setup_DMA();
1512 
1513 	if (flags & FD_RAW_INTR)
1514 		do_floppy = main_command_interrupt;
1515 
1516 	r = 0;
1517 	for (i = 0; i < raw_cmd->cmd_count; i++)
1518 		r |= output_byte(current_fdc, raw_cmd->fullcmd[i]);
1519 
1520 	debugt(__func__, "rw_command");
1521 
1522 	if (r) {
1523 		cont->error();
1524 		reset_fdc();
1525 		return;
1526 	}
1527 
1528 	if (!(flags & FD_RAW_INTR)) {
1529 		inr = result(current_fdc);
1530 		cont->interrupt();
1531 	} else if (flags & FD_RAW_NEED_DISK)
1532 		fd_watchdog();
1533 }
1534 
1535 static int blind_seek;
1536 
1537 /*
1538  * This is the routine called after every seek (or recalibrate) interrupt
1539  * from the floppy controller.
1540  */
seek_interrupt(void)1541 static void seek_interrupt(void)
1542 {
1543 	debugt(__func__, "");
1544 	if (inr != 2 || (reply_buffer[ST0] & 0xF8) != 0x20) {
1545 		DPRINT("seek failed\n");
1546 		drive_state[current_drive].track = NEED_2_RECAL;
1547 		cont->error();
1548 		cont->redo();
1549 		return;
1550 	}
1551 	if (drive_state[current_drive].track >= 0 &&
1552 	    drive_state[current_drive].track != reply_buffer[ST1] &&
1553 	    !blind_seek) {
1554 		debug_dcl(drive_params[current_drive].flags,
1555 			  "clearing NEWCHANGE flag because of effective seek\n");
1556 		debug_dcl(drive_params[current_drive].flags, "jiffies=%lu\n",
1557 			  jiffies);
1558 		clear_bit(FD_DISK_NEWCHANGE_BIT,
1559 			  &drive_state[current_drive].flags);
1560 					/* effective seek */
1561 		drive_state[current_drive].select_date = jiffies;
1562 	}
1563 	drive_state[current_drive].track = reply_buffer[ST1];
1564 	floppy_ready();
1565 }
1566 
check_wp(int fdc,int drive)1567 static void check_wp(int fdc, int drive)
1568 {
1569 	if (test_bit(FD_VERIFY_BIT, &drive_state[drive].flags)) {
1570 					/* check write protection */
1571 		output_byte(fdc, FD_GETSTATUS);
1572 		output_byte(fdc, UNIT(drive));
1573 		if (result(fdc) != 1) {
1574 			fdc_state[fdc].reset = 1;
1575 			return;
1576 		}
1577 		clear_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
1578 		clear_bit(FD_NEED_TWADDLE_BIT,
1579 			  &drive_state[drive].flags);
1580 		debug_dcl(drive_params[drive].flags,
1581 			  "checking whether disk is write protected\n");
1582 		debug_dcl(drive_params[drive].flags, "wp=%x\n",
1583 			  reply_buffer[ST3] & 0x40);
1584 		if (!(reply_buffer[ST3] & 0x40))
1585 			set_bit(FD_DISK_WRITABLE_BIT,
1586 				&drive_state[drive].flags);
1587 		else
1588 			clear_bit(FD_DISK_WRITABLE_BIT,
1589 				  &drive_state[drive].flags);
1590 	}
1591 }
1592 
seek_floppy(void)1593 static void seek_floppy(void)
1594 {
1595 	int track;
1596 
1597 	blind_seek = 0;
1598 
1599 	debug_dcl(drive_params[current_drive].flags,
1600 		  "calling disk change from %s\n", __func__);
1601 
1602 	if (!test_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags) &&
1603 	    disk_change(current_drive) && (raw_cmd->flags & FD_RAW_NEED_DISK)) {
1604 		/* the media changed flag should be cleared after the seek.
1605 		 * If it isn't, this means that there is really no disk in
1606 		 * the drive.
1607 		 */
1608 		set_bit(FD_DISK_CHANGED_BIT,
1609 			&drive_state[current_drive].flags);
1610 		cont->done(0);
1611 		cont->redo();
1612 		return;
1613 	}
1614 	if (drive_state[current_drive].track <= NEED_1_RECAL) {
1615 		recalibrate_floppy();
1616 		return;
1617 	} else if (test_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags) &&
1618 		   (raw_cmd->flags & FD_RAW_NEED_DISK) &&
1619 		   (drive_state[current_drive].track <= NO_TRACK || drive_state[current_drive].track == raw_cmd->track)) {
1620 		/* we seek to clear the media-changed condition. Does anybody
1621 		 * know a more elegant way, which works on all drives? */
1622 		if (raw_cmd->track)
1623 			track = raw_cmd->track - 1;
1624 		else {
1625 			if (drive_params[current_drive].flags & FD_SILENT_DCL_CLEAR) {
1626 				set_dor(current_fdc, ~(0x10 << UNIT(current_drive)), 0);
1627 				blind_seek = 1;
1628 				raw_cmd->flags |= FD_RAW_NEED_SEEK;
1629 			}
1630 			track = 1;
1631 		}
1632 	} else {
1633 		check_wp(current_fdc, current_drive);
1634 		if (raw_cmd->track != drive_state[current_drive].track &&
1635 		    (raw_cmd->flags & FD_RAW_NEED_SEEK))
1636 			track = raw_cmd->track;
1637 		else {
1638 			setup_rw_floppy();
1639 			return;
1640 		}
1641 	}
1642 
1643 	do_floppy = seek_interrupt;
1644 	output_byte(current_fdc, FD_SEEK);
1645 	output_byte(current_fdc, UNIT(current_drive));
1646 	if (output_byte(current_fdc, track) < 0) {
1647 		reset_fdc();
1648 		return;
1649 	}
1650 	debugt(__func__, "");
1651 }
1652 
recal_interrupt(void)1653 static void recal_interrupt(void)
1654 {
1655 	debugt(__func__, "");
1656 	if (inr != 2)
1657 		fdc_state[current_fdc].reset = 1;
1658 	else if (reply_buffer[ST0] & ST0_ECE) {
1659 		switch (drive_state[current_drive].track) {
1660 		case NEED_1_RECAL:
1661 			debugt(__func__, "need 1 recal");
1662 			/* after a second recalibrate, we still haven't
1663 			 * reached track 0. Probably no drive. Raise an
1664 			 * error, as failing immediately might upset
1665 			 * computers possessed by the Devil :-) */
1666 			cont->error();
1667 			cont->redo();
1668 			return;
1669 		case NEED_2_RECAL:
1670 			debugt(__func__, "need 2 recal");
1671 			/* If we already did a recalibrate,
1672 			 * and we are not at track 0, this
1673 			 * means we have moved. (The only way
1674 			 * not to move at recalibration is to
1675 			 * be already at track 0.) Clear the
1676 			 * new change flag */
1677 			debug_dcl(drive_params[current_drive].flags,
1678 				  "clearing NEWCHANGE flag because of second recalibrate\n");
1679 
1680 			clear_bit(FD_DISK_NEWCHANGE_BIT,
1681 				  &drive_state[current_drive].flags);
1682 			drive_state[current_drive].select_date = jiffies;
1683 			fallthrough;
1684 		default:
1685 			debugt(__func__, "default");
1686 			/* Recalibrate moves the head by at
1687 			 * most 80 steps. If after one
1688 			 * recalibrate we don't have reached
1689 			 * track 0, this might mean that we
1690 			 * started beyond track 80.  Try
1691 			 * again.  */
1692 			drive_state[current_drive].track = NEED_1_RECAL;
1693 			break;
1694 		}
1695 	} else
1696 		drive_state[current_drive].track = reply_buffer[ST1];
1697 	floppy_ready();
1698 }
1699 
print_result(char * message,int inr)1700 static void print_result(char *message, int inr)
1701 {
1702 	int i;
1703 
1704 	DPRINT("%s ", message);
1705 	if (inr >= 0)
1706 		for (i = 0; i < inr; i++)
1707 			pr_cont("repl[%d]=%x ", i, reply_buffer[i]);
1708 	pr_cont("\n");
1709 }
1710 
1711 /* interrupt handler. Note that this can be called externally on the Sparc */
floppy_interrupt(int irq,void * dev_id)1712 irqreturn_t floppy_interrupt(int irq, void *dev_id)
1713 {
1714 	int do_print;
1715 	unsigned long f;
1716 	void (*handler)(void) = do_floppy;
1717 
1718 	lasthandler = handler;
1719 	interruptjiffies = jiffies;
1720 
1721 	f = claim_dma_lock();
1722 	fd_disable_dma();
1723 	release_dma_lock(f);
1724 
1725 	do_floppy = NULL;
1726 	if (current_fdc >= N_FDC || fdc_state[current_fdc].address == -1) {
1727 		/* we don't even know which FDC is the culprit */
1728 		pr_info("DOR0=%x\n", fdc_state[0].dor);
1729 		pr_info("floppy interrupt on bizarre fdc %d\n", current_fdc);
1730 		pr_info("handler=%ps\n", handler);
1731 		is_alive(__func__, "bizarre fdc");
1732 		return IRQ_NONE;
1733 	}
1734 
1735 	fdc_state[current_fdc].reset = 0;
1736 	/* We have to clear the reset flag here, because apparently on boxes
1737 	 * with level triggered interrupts (PS/2, Sparc, ...), it is needed to
1738 	 * emit SENSEI's to clear the interrupt line. And fdc_state[fdc].reset
1739 	 * blocks the emission of the SENSEI's.
1740 	 * It is OK to emit floppy commands because we are in an interrupt
1741 	 * handler here, and thus we have to fear no interference of other
1742 	 * activity.
1743 	 */
1744 
1745 	do_print = !handler && print_unex && initialized;
1746 
1747 	inr = result(current_fdc);
1748 	if (do_print)
1749 		print_result("unexpected interrupt", inr);
1750 	if (inr == 0) {
1751 		int max_sensei = 4;
1752 		do {
1753 			output_byte(current_fdc, FD_SENSEI);
1754 			inr = result(current_fdc);
1755 			if (do_print)
1756 				print_result("sensei", inr);
1757 			max_sensei--;
1758 		} while ((reply_buffer[ST0] & 0x83) != UNIT(current_drive) &&
1759 			 inr == 2 && max_sensei);
1760 	}
1761 	if (!handler) {
1762 		fdc_state[current_fdc].reset = 1;
1763 		return IRQ_NONE;
1764 	}
1765 	schedule_bh(handler);
1766 	is_alive(__func__, "normal interrupt end");
1767 
1768 	/* FIXME! Was it really for us? */
1769 	return IRQ_HANDLED;
1770 }
1771 
recalibrate_floppy(void)1772 static void recalibrate_floppy(void)
1773 {
1774 	debugt(__func__, "");
1775 	do_floppy = recal_interrupt;
1776 	output_byte(current_fdc, FD_RECALIBRATE);
1777 	if (output_byte(current_fdc, UNIT(current_drive)) < 0)
1778 		reset_fdc();
1779 }
1780 
1781 /*
1782  * Must do 4 FD_SENSEIs after reset because of ``drive polling''.
1783  */
reset_interrupt(void)1784 static void reset_interrupt(void)
1785 {
1786 	debugt(__func__, "");
1787 	result(current_fdc);		/* get the status ready for set_fdc */
1788 	if (fdc_state[current_fdc].reset) {
1789 		pr_info("reset set in interrupt, calling %ps\n", cont->error);
1790 		cont->error();	/* a reset just after a reset. BAD! */
1791 	}
1792 	cont->redo();
1793 }
1794 
1795 /*
1796  * reset is done by pulling bit 2 of DOR low for a while (old FDCs),
1797  * or by setting the self clearing bit 7 of STATUS (newer FDCs).
1798  * This WILL trigger an interrupt, causing the handlers in the current
1799  * cont's ->redo() to be called via reset_interrupt().
1800  */
reset_fdc(void)1801 static void reset_fdc(void)
1802 {
1803 	unsigned long flags;
1804 
1805 	do_floppy = reset_interrupt;
1806 	fdc_state[current_fdc].reset = 0;
1807 	reset_fdc_info(current_fdc, 0);
1808 
1809 	/* Pseudo-DMA may intercept 'reset finished' interrupt.  */
1810 	/* Irrelevant for systems with true DMA (i386).          */
1811 
1812 	flags = claim_dma_lock();
1813 	fd_disable_dma();
1814 	release_dma_lock(flags);
1815 
1816 	if (fdc_state[current_fdc].version >= FDC_82072A)
1817 		fdc_outb(0x80 | (fdc_state[current_fdc].dtr & 3),
1818 			 current_fdc, FD_STATUS);
1819 	else {
1820 		fdc_outb(fdc_state[current_fdc].dor & ~0x04, current_fdc, FD_DOR);
1821 		udelay(FD_RESET_DELAY);
1822 		fdc_outb(fdc_state[current_fdc].dor, current_fdc, FD_DOR);
1823 	}
1824 }
1825 
show_floppy(int fdc)1826 static void show_floppy(int fdc)
1827 {
1828 	int i;
1829 
1830 	pr_info("\n");
1831 	pr_info("floppy driver state\n");
1832 	pr_info("-------------------\n");
1833 	pr_info("now=%lu last interrupt=%lu diff=%lu last called handler=%ps\n",
1834 		jiffies, interruptjiffies, jiffies - interruptjiffies,
1835 		lasthandler);
1836 
1837 	pr_info("timeout_message=%s\n", timeout_message);
1838 	pr_info("last output bytes:\n");
1839 	for (i = 0; i < OLOGSIZE; i++)
1840 		pr_info("%2x %2x %lu\n",
1841 			output_log[(i + output_log_pos) % OLOGSIZE].data,
1842 			output_log[(i + output_log_pos) % OLOGSIZE].status,
1843 			output_log[(i + output_log_pos) % OLOGSIZE].jiffies);
1844 	pr_info("last result at %lu\n", resultjiffies);
1845 	pr_info("last redo_fd_request at %lu\n", lastredo);
1846 	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1,
1847 		       reply_buffer, resultsize, true);
1848 
1849 	pr_info("status=%x\n", fdc_inb(fdc, FD_STATUS));
1850 	pr_info("fdc_busy=%lu\n", fdc_busy);
1851 	if (do_floppy)
1852 		pr_info("do_floppy=%ps\n", do_floppy);
1853 	if (work_pending(&floppy_work))
1854 		pr_info("floppy_work.func=%ps\n", floppy_work.func);
1855 	if (delayed_work_pending(&fd_timer))
1856 		pr_info("delayed work.function=%p expires=%ld\n",
1857 		       fd_timer.work.func,
1858 		       fd_timer.timer.expires - jiffies);
1859 	if (delayed_work_pending(&fd_timeout))
1860 		pr_info("timer_function=%p expires=%ld\n",
1861 		       fd_timeout.work.func,
1862 		       fd_timeout.timer.expires - jiffies);
1863 
1864 	pr_info("cont=%p\n", cont);
1865 	pr_info("current_req=%p\n", current_req);
1866 	pr_info("command_status=%d\n", command_status);
1867 	pr_info("\n");
1868 }
1869 
floppy_shutdown(struct work_struct * arg)1870 static void floppy_shutdown(struct work_struct *arg)
1871 {
1872 	unsigned long flags;
1873 
1874 	if (initialized)
1875 		show_floppy(current_fdc);
1876 	cancel_activity();
1877 
1878 	flags = claim_dma_lock();
1879 	fd_disable_dma();
1880 	release_dma_lock(flags);
1881 
1882 	/* avoid dma going to a random drive after shutdown */
1883 
1884 	if (initialized)
1885 		DPRINT("floppy timeout called\n");
1886 	fdc_state[current_fdc].reset = 1;
1887 	if (cont) {
1888 		cont->done(0);
1889 		cont->redo();	/* this will recall reset when needed */
1890 	} else {
1891 		pr_info("no cont in shutdown!\n");
1892 		process_fd_request();
1893 	}
1894 	is_alive(__func__, "");
1895 }
1896 
1897 /* start motor, check media-changed condition and write protection */
start_motor(void (* function)(void))1898 static int start_motor(void (*function)(void))
1899 {
1900 	int mask;
1901 	int data;
1902 
1903 	mask = 0xfc;
1904 	data = UNIT(current_drive);
1905 	if (!(raw_cmd->flags & FD_RAW_NO_MOTOR)) {
1906 		if (!(fdc_state[current_fdc].dor & (0x10 << UNIT(current_drive)))) {
1907 			set_debugt();
1908 			/* no read since this drive is running */
1909 			drive_state[current_drive].first_read_date = 0;
1910 			/* note motor start time if motor is not yet running */
1911 			drive_state[current_drive].spinup_date = jiffies;
1912 			data |= (0x10 << UNIT(current_drive));
1913 		}
1914 	} else if (fdc_state[current_fdc].dor & (0x10 << UNIT(current_drive)))
1915 		mask &= ~(0x10 << UNIT(current_drive));
1916 
1917 	/* starts motor and selects floppy */
1918 	del_timer(motor_off_timer + current_drive);
1919 	set_dor(current_fdc, mask, data);
1920 
1921 	/* wait_for_completion also schedules reset if needed. */
1922 	return fd_wait_for_completion(drive_state[current_drive].select_date + drive_params[current_drive].select_delay,
1923 				      function);
1924 }
1925 
floppy_ready(void)1926 static void floppy_ready(void)
1927 {
1928 	if (fdc_state[current_fdc].reset) {
1929 		reset_fdc();
1930 		return;
1931 	}
1932 	if (start_motor(floppy_ready))
1933 		return;
1934 	if (fdc_dtr())
1935 		return;
1936 
1937 	debug_dcl(drive_params[current_drive].flags,
1938 		  "calling disk change from floppy_ready\n");
1939 	if (!(raw_cmd->flags & FD_RAW_NO_MOTOR) &&
1940 	    disk_change(current_drive) && !drive_params[current_drive].select_delay)
1941 		twaddle(current_fdc, current_drive);	/* this clears the dcl on certain
1942 				 * drive/controller combinations */
1943 
1944 #ifdef fd_chose_dma_mode
1945 	if ((raw_cmd->flags & FD_RAW_READ) || (raw_cmd->flags & FD_RAW_WRITE)) {
1946 		unsigned long flags = claim_dma_lock();
1947 		fd_chose_dma_mode(raw_cmd->kernel_data, raw_cmd->length);
1948 		release_dma_lock(flags);
1949 	}
1950 #endif
1951 
1952 	if (raw_cmd->flags & (FD_RAW_NEED_SEEK | FD_RAW_NEED_DISK)) {
1953 		perpendicular_mode(current_fdc);
1954 		fdc_specify(current_fdc, current_drive); /* must be done here because of hut, hlt ... */
1955 		seek_floppy();
1956 	} else {
1957 		if ((raw_cmd->flags & FD_RAW_READ) ||
1958 		    (raw_cmd->flags & FD_RAW_WRITE))
1959 			fdc_specify(current_fdc, current_drive);
1960 		setup_rw_floppy();
1961 	}
1962 }
1963 
floppy_start(void)1964 static void floppy_start(void)
1965 {
1966 	reschedule_timeout(current_drive, "floppy start");
1967 
1968 	scandrives();
1969 	debug_dcl(drive_params[current_drive].flags,
1970 		  "setting NEWCHANGE in floppy_start\n");
1971 	set_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags);
1972 	floppy_ready();
1973 }
1974 
1975 /*
1976  * ========================================================================
1977  * here ends the bottom half. Exported routines are:
1978  * floppy_start, floppy_off, floppy_ready, lock_fdc, unlock_fdc, set_fdc,
1979  * start_motor, reset_fdc, reset_fdc_info, interpret_errors.
1980  * Initialization also uses output_byte, result, set_dor, floppy_interrupt
1981  * and set_dor.
1982  * ========================================================================
1983  */
1984 /*
1985  * General purpose continuations.
1986  * ==============================
1987  */
1988 
do_wakeup(void)1989 static void do_wakeup(void)
1990 {
1991 	reschedule_timeout(MAXTIMEOUT, "do wakeup");
1992 	cont = NULL;
1993 	command_status += 2;
1994 	wake_up(&command_done);
1995 }
1996 
1997 static const struct cont_t wakeup_cont = {
1998 	.interrupt	= empty,
1999 	.redo		= do_wakeup,
2000 	.error		= empty,
2001 	.done		= (done_f)empty
2002 };
2003 
2004 static const struct cont_t intr_cont = {
2005 	.interrupt	= empty,
2006 	.redo		= process_fd_request,
2007 	.error		= empty,
2008 	.done		= (done_f)empty
2009 };
2010 
2011 /* schedules handler, waiting for completion. May be interrupted, will then
2012  * return -EINTR, in which case the driver will automatically be unlocked.
2013  */
wait_til_done(void (* handler)(void),bool interruptible)2014 static int wait_til_done(void (*handler)(void), bool interruptible)
2015 {
2016 	int ret;
2017 
2018 	schedule_bh(handler);
2019 
2020 	if (interruptible)
2021 		wait_event_interruptible(command_done, command_status >= 2);
2022 	else
2023 		wait_event(command_done, command_status >= 2);
2024 
2025 	if (command_status < 2) {
2026 		cancel_activity();
2027 		cont = &intr_cont;
2028 		reset_fdc();
2029 		return -EINTR;
2030 	}
2031 
2032 	if (fdc_state[current_fdc].reset)
2033 		command_status = FD_COMMAND_ERROR;
2034 	if (command_status == FD_COMMAND_OKAY)
2035 		ret = 0;
2036 	else
2037 		ret = -EIO;
2038 	command_status = FD_COMMAND_NONE;
2039 	return ret;
2040 }
2041 
generic_done(int result)2042 static void generic_done(int result)
2043 {
2044 	command_status = result;
2045 	cont = &wakeup_cont;
2046 }
2047 
generic_success(void)2048 static void generic_success(void)
2049 {
2050 	cont->done(1);
2051 }
2052 
generic_failure(void)2053 static void generic_failure(void)
2054 {
2055 	cont->done(0);
2056 }
2057 
success_and_wakeup(void)2058 static void success_and_wakeup(void)
2059 {
2060 	generic_success();
2061 	cont->redo();
2062 }
2063 
2064 /*
2065  * formatting and rw support.
2066  * ==========================
2067  */
2068 
next_valid_format(int drive)2069 static int next_valid_format(int drive)
2070 {
2071 	int probed_format;
2072 
2073 	probed_format = drive_state[drive].probed_format;
2074 	while (1) {
2075 		if (probed_format >= FD_AUTODETECT_SIZE ||
2076 		    !drive_params[drive].autodetect[probed_format]) {
2077 			drive_state[drive].probed_format = 0;
2078 			return 1;
2079 		}
2080 		if (floppy_type[drive_params[drive].autodetect[probed_format]].sect) {
2081 			drive_state[drive].probed_format = probed_format;
2082 			return 0;
2083 		}
2084 		probed_format++;
2085 	}
2086 }
2087 
bad_flp_intr(void)2088 static void bad_flp_intr(void)
2089 {
2090 	int err_count;
2091 
2092 	if (probing) {
2093 		drive_state[current_drive].probed_format++;
2094 		if (!next_valid_format(current_drive))
2095 			return;
2096 	}
2097 	err_count = ++floppy_errors;
2098 	INFBOUND(write_errors[current_drive].badness, err_count);
2099 	if (err_count > drive_params[current_drive].max_errors.abort)
2100 		cont->done(0);
2101 	if (err_count > drive_params[current_drive].max_errors.reset)
2102 		fdc_state[current_fdc].reset = 1;
2103 	else if (err_count > drive_params[current_drive].max_errors.recal)
2104 		drive_state[current_drive].track = NEED_2_RECAL;
2105 }
2106 
set_floppy(int drive)2107 static void set_floppy(int drive)
2108 {
2109 	int type = ITYPE(drive_state[drive].fd_device);
2110 
2111 	if (type)
2112 		_floppy = floppy_type + type;
2113 	else
2114 		_floppy = current_type[drive];
2115 }
2116 
2117 /*
2118  * formatting support.
2119  * ===================
2120  */
format_interrupt(void)2121 static void format_interrupt(void)
2122 {
2123 	switch (interpret_errors()) {
2124 	case 1:
2125 		cont->error();
2126 		break;
2127 	case 2:
2128 		break;
2129 	case 0:
2130 		cont->done(1);
2131 	}
2132 	cont->redo();
2133 }
2134 
2135 #define FM_MODE(x, y) ((y) & ~(((x)->rate & 0x80) >> 1))
2136 #define CT(x) ((x) | 0xc0)
2137 
setup_format_params(int track)2138 static void setup_format_params(int track)
2139 {
2140 	int n;
2141 	int il;
2142 	int count;
2143 	int head_shift;
2144 	int track_shift;
2145 	struct fparm {
2146 		unsigned char track, head, sect, size;
2147 	} *here = (struct fparm *)floppy_track_buffer;
2148 
2149 	raw_cmd = &default_raw_cmd;
2150 	raw_cmd->track = track;
2151 
2152 	raw_cmd->flags = (FD_RAW_WRITE | FD_RAW_INTR | FD_RAW_SPIN |
2153 			  FD_RAW_NEED_DISK | FD_RAW_NEED_SEEK);
2154 	raw_cmd->rate = _floppy->rate & 0x43;
2155 	raw_cmd->cmd_count = NR_F;
2156 	raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_FORMAT);
2157 	raw_cmd->cmd[DR_SELECT] = UNIT(current_drive) + PH_HEAD(_floppy, format_req.head);
2158 	raw_cmd->cmd[F_SIZECODE] = FD_SIZECODE(_floppy);
2159 	raw_cmd->cmd[F_SECT_PER_TRACK] = _floppy->sect << 2 >> raw_cmd->cmd[F_SIZECODE];
2160 	raw_cmd->cmd[F_GAP] = _floppy->fmt_gap;
2161 	raw_cmd->cmd[F_FILL] = FD_FILL_BYTE;
2162 
2163 	raw_cmd->kernel_data = floppy_track_buffer;
2164 	raw_cmd->length = 4 * raw_cmd->cmd[F_SECT_PER_TRACK];
2165 
2166 	if (!raw_cmd->cmd[F_SECT_PER_TRACK])
2167 		return;
2168 
2169 	/* allow for about 30ms for data transport per track */
2170 	head_shift = (raw_cmd->cmd[F_SECT_PER_TRACK] + 5) / 6;
2171 
2172 	/* a ``cylinder'' is two tracks plus a little stepping time */
2173 	track_shift = 2 * head_shift + 3;
2174 
2175 	/* position of logical sector 1 on this track */
2176 	n = (track_shift * format_req.track + head_shift * format_req.head)
2177 	    % raw_cmd->cmd[F_SECT_PER_TRACK];
2178 
2179 	/* determine interleave */
2180 	il = 1;
2181 	if (_floppy->fmt_gap < 0x22)
2182 		il++;
2183 
2184 	/* initialize field */
2185 	for (count = 0; count < raw_cmd->cmd[F_SECT_PER_TRACK]; ++count) {
2186 		here[count].track = format_req.track;
2187 		here[count].head = format_req.head;
2188 		here[count].sect = 0;
2189 		here[count].size = raw_cmd->cmd[F_SIZECODE];
2190 	}
2191 	/* place logical sectors */
2192 	for (count = 1; count <= raw_cmd->cmd[F_SECT_PER_TRACK]; ++count) {
2193 		here[n].sect = count;
2194 		n = (n + il) % raw_cmd->cmd[F_SECT_PER_TRACK];
2195 		if (here[n].sect) {	/* sector busy, find next free sector */
2196 			++n;
2197 			if (n >= raw_cmd->cmd[F_SECT_PER_TRACK]) {
2198 				n -= raw_cmd->cmd[F_SECT_PER_TRACK];
2199 				while (here[n].sect)
2200 					++n;
2201 			}
2202 		}
2203 	}
2204 	if (_floppy->stretch & FD_SECTBASEMASK) {
2205 		for (count = 0; count < raw_cmd->cmd[F_SECT_PER_TRACK]; count++)
2206 			here[count].sect += FD_SECTBASE(_floppy) - 1;
2207 	}
2208 }
2209 
redo_format(void)2210 static void redo_format(void)
2211 {
2212 	buffer_track = -1;
2213 	setup_format_params(format_req.track << STRETCH(_floppy));
2214 	floppy_start();
2215 	debugt(__func__, "queue format request");
2216 }
2217 
2218 static const struct cont_t format_cont = {
2219 	.interrupt	= format_interrupt,
2220 	.redo		= redo_format,
2221 	.error		= bad_flp_intr,
2222 	.done		= generic_done
2223 };
2224 
do_format(int drive,struct format_descr * tmp_format_req)2225 static int do_format(int drive, struct format_descr *tmp_format_req)
2226 {
2227 	int ret;
2228 
2229 	if (lock_fdc(drive))
2230 		return -EINTR;
2231 
2232 	set_floppy(drive);
2233 	if (!_floppy ||
2234 	    _floppy->track > drive_params[current_drive].tracks ||
2235 	    tmp_format_req->track >= _floppy->track ||
2236 	    tmp_format_req->head >= _floppy->head ||
2237 	    (_floppy->sect << 2) % (1 << FD_SIZECODE(_floppy)) ||
2238 	    !_floppy->fmt_gap) {
2239 		process_fd_request();
2240 		return -EINVAL;
2241 	}
2242 	format_req = *tmp_format_req;
2243 	cont = &format_cont;
2244 	floppy_errors = 0;
2245 	ret = wait_til_done(redo_format, true);
2246 	if (ret == -EINTR)
2247 		return -EINTR;
2248 	process_fd_request();
2249 	return ret;
2250 }
2251 
2252 /*
2253  * Buffer read/write and support
2254  * =============================
2255  */
2256 
floppy_end_request(struct request * req,blk_status_t error)2257 static void floppy_end_request(struct request *req, blk_status_t error)
2258 {
2259 	unsigned int nr_sectors = current_count_sectors;
2260 	unsigned int drive = (unsigned long)req->q->disk->private_data;
2261 
2262 	/* current_count_sectors can be zero if transfer failed */
2263 	if (error)
2264 		nr_sectors = blk_rq_cur_sectors(req);
2265 	if (blk_update_request(req, error, nr_sectors << 9))
2266 		return;
2267 	__blk_mq_end_request(req, error);
2268 
2269 	/* We're done with the request */
2270 	floppy_off(drive);
2271 	current_req = NULL;
2272 }
2273 
2274 /* new request_done. Can handle physical sectors which are smaller than a
2275  * logical buffer */
request_done(int uptodate)2276 static void request_done(int uptodate)
2277 {
2278 	struct request *req = current_req;
2279 	int block;
2280 	char msg[sizeof("request done ") + sizeof(int) * 3];
2281 
2282 	probing = 0;
2283 	snprintf(msg, sizeof(msg), "request done %d", uptodate);
2284 	reschedule_timeout(MAXTIMEOUT, msg);
2285 
2286 	if (!req) {
2287 		pr_info("floppy.c: no request in request_done\n");
2288 		return;
2289 	}
2290 
2291 	if (uptodate) {
2292 		/* maintain values for invalidation on geometry
2293 		 * change */
2294 		block = current_count_sectors + blk_rq_pos(req);
2295 		INFBOUND(drive_state[current_drive].maxblock, block);
2296 		if (block > _floppy->sect)
2297 			drive_state[current_drive].maxtrack = 1;
2298 
2299 		floppy_end_request(req, 0);
2300 	} else {
2301 		if (rq_data_dir(req) == WRITE) {
2302 			/* record write error information */
2303 			write_errors[current_drive].write_errors++;
2304 			if (write_errors[current_drive].write_errors == 1) {
2305 				write_errors[current_drive].first_error_sector = blk_rq_pos(req);
2306 				write_errors[current_drive].first_error_generation = drive_state[current_drive].generation;
2307 			}
2308 			write_errors[current_drive].last_error_sector = blk_rq_pos(req);
2309 			write_errors[current_drive].last_error_generation = drive_state[current_drive].generation;
2310 		}
2311 		floppy_end_request(req, BLK_STS_IOERR);
2312 	}
2313 }
2314 
2315 /* Interrupt handler evaluating the result of the r/w operation */
rw_interrupt(void)2316 static void rw_interrupt(void)
2317 {
2318 	int eoc;
2319 	int ssize;
2320 	int heads;
2321 	int nr_sectors;
2322 
2323 	if (reply_buffer[R_HEAD] >= 2) {
2324 		/* some Toshiba floppy controllers occasionnally seem to
2325 		 * return bogus interrupts after read/write operations, which
2326 		 * can be recognized by a bad head number (>= 2) */
2327 		return;
2328 	}
2329 
2330 	if (!drive_state[current_drive].first_read_date)
2331 		drive_state[current_drive].first_read_date = jiffies;
2332 
2333 	ssize = DIV_ROUND_UP(1 << raw_cmd->cmd[SIZECODE], 4);
2334 
2335 	if (reply_buffer[ST1] & ST1_EOC)
2336 		eoc = 1;
2337 	else
2338 		eoc = 0;
2339 
2340 	if (raw_cmd->cmd[COMMAND] & 0x80)
2341 		heads = 2;
2342 	else
2343 		heads = 1;
2344 
2345 	nr_sectors = (((reply_buffer[R_TRACK] - raw_cmd->cmd[TRACK]) * heads +
2346 		       reply_buffer[R_HEAD] - raw_cmd->cmd[HEAD]) * raw_cmd->cmd[SECT_PER_TRACK] +
2347 		      reply_buffer[R_SECTOR] - raw_cmd->cmd[SECTOR] + eoc) << raw_cmd->cmd[SIZECODE] >> 2;
2348 
2349 	if (nr_sectors / ssize >
2350 	    DIV_ROUND_UP(in_sector_offset + current_count_sectors, ssize)) {
2351 		DPRINT("long rw: %x instead of %lx\n",
2352 		       nr_sectors, current_count_sectors);
2353 		pr_info("rs=%d s=%d\n", reply_buffer[R_SECTOR],
2354 			raw_cmd->cmd[SECTOR]);
2355 		pr_info("rh=%d h=%d\n", reply_buffer[R_HEAD],
2356 			raw_cmd->cmd[HEAD]);
2357 		pr_info("rt=%d t=%d\n", reply_buffer[R_TRACK],
2358 			raw_cmd->cmd[TRACK]);
2359 		pr_info("heads=%d eoc=%d\n", heads, eoc);
2360 		pr_info("spt=%d st=%d ss=%d\n",
2361 			raw_cmd->cmd[SECT_PER_TRACK], fsector_t, ssize);
2362 		pr_info("in_sector_offset=%d\n", in_sector_offset);
2363 	}
2364 
2365 	nr_sectors -= in_sector_offset;
2366 	INFBOUND(nr_sectors, 0);
2367 	SUPBOUND(current_count_sectors, nr_sectors);
2368 
2369 	switch (interpret_errors()) {
2370 	case 2:
2371 		cont->redo();
2372 		return;
2373 	case 1:
2374 		if (!current_count_sectors) {
2375 			cont->error();
2376 			cont->redo();
2377 			return;
2378 		}
2379 		break;
2380 	case 0:
2381 		if (!current_count_sectors) {
2382 			cont->redo();
2383 			return;
2384 		}
2385 		current_type[current_drive] = _floppy;
2386 		floppy_sizes[TOMINOR(current_drive)] = _floppy->size;
2387 		break;
2388 	}
2389 
2390 	if (probing) {
2391 		if (drive_params[current_drive].flags & FTD_MSG)
2392 			DPRINT("Auto-detected floppy type %s in fd%d\n",
2393 			       _floppy->name, current_drive);
2394 		current_type[current_drive] = _floppy;
2395 		floppy_sizes[TOMINOR(current_drive)] = _floppy->size;
2396 		probing = 0;
2397 	}
2398 
2399 	if (CT(raw_cmd->cmd[COMMAND]) != FD_READ) {
2400 		/* transfer directly from buffer */
2401 		cont->done(1);
2402 	} else {
2403 		buffer_track = raw_cmd->track;
2404 		buffer_drive = current_drive;
2405 		INFBOUND(buffer_max, nr_sectors + fsector_t);
2406 	}
2407 	cont->redo();
2408 }
2409 
2410 /* Compute the maximal transfer size */
transfer_size(int ssize,int max_sector,int max_size)2411 static int transfer_size(int ssize, int max_sector, int max_size)
2412 {
2413 	SUPBOUND(max_sector, fsector_t + max_size);
2414 
2415 	/* alignment */
2416 	max_sector -= (max_sector % _floppy->sect) % ssize;
2417 
2418 	/* transfer size, beginning not aligned */
2419 	current_count_sectors = max_sector - fsector_t;
2420 
2421 	return max_sector;
2422 }
2423 
2424 /*
2425  * Move data from/to the track buffer to/from the buffer cache.
2426  */
copy_buffer(int ssize,int max_sector,int max_sector_2)2427 static void copy_buffer(int ssize, int max_sector, int max_sector_2)
2428 {
2429 	int remaining;		/* number of transferred 512-byte sectors */
2430 	struct bio_vec bv;
2431 	char *dma_buffer;
2432 	int size;
2433 	struct req_iterator iter;
2434 
2435 	max_sector = transfer_size(ssize,
2436 				   min(max_sector, max_sector_2),
2437 				   blk_rq_sectors(current_req));
2438 
2439 	if (current_count_sectors <= 0 && CT(raw_cmd->cmd[COMMAND]) == FD_WRITE &&
2440 	    buffer_max > fsector_t + blk_rq_sectors(current_req))
2441 		current_count_sectors = min_t(int, buffer_max - fsector_t,
2442 					      blk_rq_sectors(current_req));
2443 
2444 	remaining = current_count_sectors << 9;
2445 	if (remaining > blk_rq_bytes(current_req) && CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2446 		DPRINT("in copy buffer\n");
2447 		pr_info("current_count_sectors=%ld\n", current_count_sectors);
2448 		pr_info("remaining=%d\n", remaining >> 9);
2449 		pr_info("current_req->nr_sectors=%u\n",
2450 			blk_rq_sectors(current_req));
2451 		pr_info("current_req->current_nr_sectors=%u\n",
2452 			blk_rq_cur_sectors(current_req));
2453 		pr_info("max_sector=%d\n", max_sector);
2454 		pr_info("ssize=%d\n", ssize);
2455 	}
2456 
2457 	buffer_max = max(max_sector, buffer_max);
2458 
2459 	dma_buffer = floppy_track_buffer + ((fsector_t - buffer_min) << 9);
2460 
2461 	size = blk_rq_cur_bytes(current_req);
2462 
2463 	rq_for_each_segment(bv, current_req, iter) {
2464 		if (!remaining)
2465 			break;
2466 
2467 		size = bv.bv_len;
2468 		SUPBOUND(size, remaining);
2469 		if (dma_buffer + size >
2470 		    floppy_track_buffer + (max_buffer_sectors << 10) ||
2471 		    dma_buffer < floppy_track_buffer) {
2472 			DPRINT("buffer overrun in copy buffer %d\n",
2473 			       (int)((floppy_track_buffer - dma_buffer) >> 9));
2474 			pr_info("fsector_t=%d buffer_min=%d\n",
2475 				fsector_t, buffer_min);
2476 			pr_info("current_count_sectors=%ld\n",
2477 				current_count_sectors);
2478 			if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2479 				pr_info("read\n");
2480 			if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE)
2481 				pr_info("write\n");
2482 			break;
2483 		}
2484 
2485 		if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2486 			memcpy_to_bvec(&bv, dma_buffer);
2487 		else
2488 			memcpy_from_bvec(dma_buffer, &bv);
2489 
2490 		remaining -= size;
2491 		dma_buffer += size;
2492 	}
2493 	if (remaining) {
2494 		if (remaining > 0)
2495 			max_sector -= remaining >> 9;
2496 		DPRINT("weirdness: remaining %d\n", remaining >> 9);
2497 	}
2498 }
2499 
2500 /* work around a bug in pseudo DMA
2501  * (on some FDCs) pseudo DMA does not stop when the CPU stops
2502  * sending data.  Hence we need a different way to signal the
2503  * transfer length:  We use raw_cmd->cmd[SECT_PER_TRACK].  Unfortunately, this
2504  * does not work with MT, hence we can only transfer one head at
2505  * a time
2506  */
virtualdmabug_workaround(void)2507 static void virtualdmabug_workaround(void)
2508 {
2509 	int hard_sectors;
2510 	int end_sector;
2511 
2512 	if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2513 		raw_cmd->cmd[COMMAND] &= ~0x80;	/* switch off multiple track mode */
2514 
2515 		hard_sectors = raw_cmd->length >> (7 + raw_cmd->cmd[SIZECODE]);
2516 		end_sector = raw_cmd->cmd[SECTOR] + hard_sectors - 1;
2517 		if (end_sector > raw_cmd->cmd[SECT_PER_TRACK]) {
2518 			pr_info("too many sectors %d > %d\n",
2519 				end_sector, raw_cmd->cmd[SECT_PER_TRACK]);
2520 			return;
2521 		}
2522 		raw_cmd->cmd[SECT_PER_TRACK] = end_sector;
2523 					/* make sure raw_cmd->cmd[SECT_PER_TRACK]
2524 					 * points to end of transfer */
2525 	}
2526 }
2527 
2528 /*
2529  * Formulate a read/write request.
2530  * this routine decides where to load the data (directly to buffer, or to
2531  * tmp floppy area), how much data to load (the size of the buffer, the whole
2532  * track, or a single sector)
2533  * All floppy_track_buffer handling goes in here. If we ever add track buffer
2534  * allocation on the fly, it should be done here. No other part should need
2535  * modification.
2536  */
2537 
make_raw_rw_request(void)2538 static int make_raw_rw_request(void)
2539 {
2540 	int aligned_sector_t;
2541 	int max_sector;
2542 	int max_size;
2543 	int tracksize;
2544 	int ssize;
2545 
2546 	if (WARN(max_buffer_sectors == 0, "VFS: Block I/O scheduled on unopened device\n"))
2547 		return 0;
2548 
2549 	set_fdc((long)current_req->q->disk->private_data);
2550 
2551 	raw_cmd = &default_raw_cmd;
2552 	raw_cmd->flags = FD_RAW_SPIN | FD_RAW_NEED_DISK | FD_RAW_NEED_SEEK;
2553 	raw_cmd->cmd_count = NR_RW;
2554 	if (rq_data_dir(current_req) == READ) {
2555 		raw_cmd->flags |= FD_RAW_READ;
2556 		raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_READ);
2557 	} else if (rq_data_dir(current_req) == WRITE) {
2558 		raw_cmd->flags |= FD_RAW_WRITE;
2559 		raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_WRITE);
2560 	} else {
2561 		DPRINT("%s: unknown command\n", __func__);
2562 		return 0;
2563 	}
2564 
2565 	max_sector = _floppy->sect * _floppy->head;
2566 
2567 	raw_cmd->cmd[TRACK] = (int)blk_rq_pos(current_req) / max_sector;
2568 	fsector_t = (int)blk_rq_pos(current_req) % max_sector;
2569 	if (_floppy->track && raw_cmd->cmd[TRACK] >= _floppy->track) {
2570 		if (blk_rq_cur_sectors(current_req) & 1) {
2571 			current_count_sectors = 1;
2572 			return 1;
2573 		} else
2574 			return 0;
2575 	}
2576 	raw_cmd->cmd[HEAD] = fsector_t / _floppy->sect;
2577 
2578 	if (((_floppy->stretch & (FD_SWAPSIDES | FD_SECTBASEMASK)) ||
2579 	     test_bit(FD_NEED_TWADDLE_BIT, &drive_state[current_drive].flags)) &&
2580 	    fsector_t < _floppy->sect)
2581 		max_sector = _floppy->sect;
2582 
2583 	/* 2M disks have phantom sectors on the first track */
2584 	if ((_floppy->rate & FD_2M) && (!raw_cmd->cmd[TRACK]) && (!raw_cmd->cmd[HEAD])) {
2585 		max_sector = 2 * _floppy->sect / 3;
2586 		if (fsector_t >= max_sector) {
2587 			current_count_sectors =
2588 			    min_t(int, _floppy->sect - fsector_t,
2589 				  blk_rq_sectors(current_req));
2590 			return 1;
2591 		}
2592 		raw_cmd->cmd[SIZECODE] = 2;
2593 	} else
2594 		raw_cmd->cmd[SIZECODE] = FD_SIZECODE(_floppy);
2595 	raw_cmd->rate = _floppy->rate & 0x43;
2596 	if ((_floppy->rate & FD_2M) &&
2597 	    (raw_cmd->cmd[TRACK] || raw_cmd->cmd[HEAD]) && raw_cmd->rate == 2)
2598 		raw_cmd->rate = 1;
2599 
2600 	if (raw_cmd->cmd[SIZECODE])
2601 		raw_cmd->cmd[SIZECODE2] = 0xff;
2602 	else
2603 		raw_cmd->cmd[SIZECODE2] = 0x80;
2604 	raw_cmd->track = raw_cmd->cmd[TRACK] << STRETCH(_floppy);
2605 	raw_cmd->cmd[DR_SELECT] = UNIT(current_drive) + PH_HEAD(_floppy, raw_cmd->cmd[HEAD]);
2606 	raw_cmd->cmd[GAP] = _floppy->gap;
2607 	ssize = DIV_ROUND_UP(1 << raw_cmd->cmd[SIZECODE], 4);
2608 	raw_cmd->cmd[SECT_PER_TRACK] = _floppy->sect << 2 >> raw_cmd->cmd[SIZECODE];
2609 	raw_cmd->cmd[SECTOR] = ((fsector_t % _floppy->sect) << 2 >> raw_cmd->cmd[SIZECODE]) +
2610 	    FD_SECTBASE(_floppy);
2611 
2612 	/* tracksize describes the size which can be filled up with sectors
2613 	 * of size ssize.
2614 	 */
2615 	tracksize = _floppy->sect - _floppy->sect % ssize;
2616 	if (tracksize < _floppy->sect) {
2617 		raw_cmd->cmd[SECT_PER_TRACK]++;
2618 		if (tracksize <= fsector_t % _floppy->sect)
2619 			raw_cmd->cmd[SECTOR]--;
2620 
2621 		/* if we are beyond tracksize, fill up using smaller sectors */
2622 		while (tracksize <= fsector_t % _floppy->sect) {
2623 			while (tracksize + ssize > _floppy->sect) {
2624 				raw_cmd->cmd[SIZECODE]--;
2625 				ssize >>= 1;
2626 			}
2627 			raw_cmd->cmd[SECTOR]++;
2628 			raw_cmd->cmd[SECT_PER_TRACK]++;
2629 			tracksize += ssize;
2630 		}
2631 		max_sector = raw_cmd->cmd[HEAD] * _floppy->sect + tracksize;
2632 	} else if (!raw_cmd->cmd[TRACK] && !raw_cmd->cmd[HEAD] && !(_floppy->rate & FD_2M) && probing) {
2633 		max_sector = _floppy->sect;
2634 	} else if (!raw_cmd->cmd[HEAD] && CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2635 		/* for virtual DMA bug workaround */
2636 		max_sector = _floppy->sect;
2637 	}
2638 
2639 	in_sector_offset = (fsector_t % _floppy->sect) % ssize;
2640 	aligned_sector_t = fsector_t - in_sector_offset;
2641 	max_size = blk_rq_sectors(current_req);
2642 	if ((raw_cmd->track == buffer_track) &&
2643 	    (current_drive == buffer_drive) &&
2644 	    (fsector_t >= buffer_min) && (fsector_t < buffer_max)) {
2645 		/* data already in track buffer */
2646 		if (CT(raw_cmd->cmd[COMMAND]) == FD_READ) {
2647 			copy_buffer(1, max_sector, buffer_max);
2648 			return 1;
2649 		}
2650 	} else if (in_sector_offset || blk_rq_sectors(current_req) < ssize) {
2651 		if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2652 			unsigned int sectors;
2653 
2654 			sectors = fsector_t + blk_rq_sectors(current_req);
2655 			if (sectors > ssize && sectors < ssize + ssize)
2656 				max_size = ssize + ssize;
2657 			else
2658 				max_size = ssize;
2659 		}
2660 		raw_cmd->flags &= ~FD_RAW_WRITE;
2661 		raw_cmd->flags |= FD_RAW_READ;
2662 		raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_READ);
2663 	}
2664 
2665 	if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2666 		max_size = max_sector;	/* unbounded */
2667 
2668 	/* claim buffer track if needed */
2669 	if (buffer_track != raw_cmd->track ||	/* bad track */
2670 	    buffer_drive != current_drive ||	/* bad drive */
2671 	    fsector_t > buffer_max ||
2672 	    fsector_t < buffer_min ||
2673 	    ((CT(raw_cmd->cmd[COMMAND]) == FD_READ ||
2674 	      (!in_sector_offset && blk_rq_sectors(current_req) >= ssize)) &&
2675 	     max_sector > 2 * max_buffer_sectors + buffer_min &&
2676 	     max_size + fsector_t > 2 * max_buffer_sectors + buffer_min)) {
2677 		/* not enough space */
2678 		buffer_track = -1;
2679 		buffer_drive = current_drive;
2680 		buffer_max = buffer_min = aligned_sector_t;
2681 	}
2682 	raw_cmd->kernel_data = floppy_track_buffer +
2683 		((aligned_sector_t - buffer_min) << 9);
2684 
2685 	if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2686 		/* copy write buffer to track buffer.
2687 		 * if we get here, we know that the write
2688 		 * is either aligned or the data already in the buffer
2689 		 * (buffer will be overwritten) */
2690 		if (in_sector_offset && buffer_track == -1)
2691 			DPRINT("internal error offset !=0 on write\n");
2692 		buffer_track = raw_cmd->track;
2693 		buffer_drive = current_drive;
2694 		copy_buffer(ssize, max_sector,
2695 			    2 * max_buffer_sectors + buffer_min);
2696 	} else
2697 		transfer_size(ssize, max_sector,
2698 			      2 * max_buffer_sectors + buffer_min -
2699 			      aligned_sector_t);
2700 
2701 	/* round up current_count_sectors to get dma xfer size */
2702 	raw_cmd->length = in_sector_offset + current_count_sectors;
2703 	raw_cmd->length = ((raw_cmd->length - 1) | (ssize - 1)) + 1;
2704 	raw_cmd->length <<= 9;
2705 	if ((raw_cmd->length < current_count_sectors << 9) ||
2706 	    (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE &&
2707 	     (aligned_sector_t + (raw_cmd->length >> 9) > buffer_max ||
2708 	      aligned_sector_t < buffer_min)) ||
2709 	    raw_cmd->length % (128 << raw_cmd->cmd[SIZECODE]) ||
2710 	    raw_cmd->length <= 0 || current_count_sectors <= 0) {
2711 		DPRINT("fractionary current count b=%lx s=%lx\n",
2712 		       raw_cmd->length, current_count_sectors);
2713 		pr_info("addr=%d, length=%ld\n",
2714 			(int)((raw_cmd->kernel_data -
2715 			       floppy_track_buffer) >> 9),
2716 			current_count_sectors);
2717 		pr_info("st=%d ast=%d mse=%d msi=%d\n",
2718 			fsector_t, aligned_sector_t, max_sector, max_size);
2719 		pr_info("ssize=%x SIZECODE=%d\n", ssize, raw_cmd->cmd[SIZECODE]);
2720 		pr_info("command=%x SECTOR=%d HEAD=%d, TRACK=%d\n",
2721 			raw_cmd->cmd[COMMAND], raw_cmd->cmd[SECTOR],
2722 			raw_cmd->cmd[HEAD], raw_cmd->cmd[TRACK]);
2723 		pr_info("buffer drive=%d\n", buffer_drive);
2724 		pr_info("buffer track=%d\n", buffer_track);
2725 		pr_info("buffer_min=%d\n", buffer_min);
2726 		pr_info("buffer_max=%d\n", buffer_max);
2727 		return 0;
2728 	}
2729 
2730 	if (raw_cmd->kernel_data < floppy_track_buffer ||
2731 	    current_count_sectors < 0 ||
2732 	    raw_cmd->length < 0 ||
2733 	    raw_cmd->kernel_data + raw_cmd->length >
2734 	    floppy_track_buffer + (max_buffer_sectors << 10)) {
2735 		DPRINT("buffer overrun in schedule dma\n");
2736 		pr_info("fsector_t=%d buffer_min=%d current_count=%ld\n",
2737 			fsector_t, buffer_min, raw_cmd->length >> 9);
2738 		pr_info("current_count_sectors=%ld\n",
2739 			current_count_sectors);
2740 		if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2741 			pr_info("read\n");
2742 		if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE)
2743 			pr_info("write\n");
2744 		return 0;
2745 	}
2746 	if (raw_cmd->length == 0) {
2747 		DPRINT("zero dma transfer attempted from make_raw_request\n");
2748 		return 0;
2749 	}
2750 
2751 	virtualdmabug_workaround();
2752 	return 2;
2753 }
2754 
set_next_request(void)2755 static int set_next_request(void)
2756 {
2757 	current_req = list_first_entry_or_null(&floppy_reqs, struct request,
2758 					       queuelist);
2759 	if (current_req) {
2760 		floppy_errors = 0;
2761 		list_del_init(&current_req->queuelist);
2762 		return 1;
2763 	}
2764 	return 0;
2765 }
2766 
2767 /* Starts or continues processing request. Will automatically unlock the
2768  * driver at end of request.
2769  */
redo_fd_request(void)2770 static void redo_fd_request(void)
2771 {
2772 	int drive;
2773 	int tmp;
2774 
2775 	lastredo = jiffies;
2776 	if (current_drive < N_DRIVE)
2777 		floppy_off(current_drive);
2778 
2779 do_request:
2780 	if (!current_req) {
2781 		int pending;
2782 
2783 		spin_lock_irq(&floppy_lock);
2784 		pending = set_next_request();
2785 		spin_unlock_irq(&floppy_lock);
2786 		if (!pending) {
2787 			do_floppy = NULL;
2788 			unlock_fdc();
2789 			return;
2790 		}
2791 	}
2792 	drive = (long)current_req->q->disk->private_data;
2793 	set_fdc(drive);
2794 	reschedule_timeout(current_drive, "redo fd request");
2795 
2796 	set_floppy(drive);
2797 	raw_cmd = &default_raw_cmd;
2798 	raw_cmd->flags = 0;
2799 	if (start_motor(redo_fd_request))
2800 		return;
2801 
2802 	disk_change(current_drive);
2803 	if (test_bit(current_drive, &fake_change) ||
2804 	    test_bit(FD_DISK_CHANGED_BIT, &drive_state[current_drive].flags)) {
2805 		DPRINT("disk absent or changed during operation\n");
2806 		request_done(0);
2807 		goto do_request;
2808 	}
2809 	if (!_floppy) {	/* Autodetection */
2810 		if (!probing) {
2811 			drive_state[current_drive].probed_format = 0;
2812 			if (next_valid_format(current_drive)) {
2813 				DPRINT("no autodetectable formats\n");
2814 				_floppy = NULL;
2815 				request_done(0);
2816 				goto do_request;
2817 			}
2818 		}
2819 		probing = 1;
2820 		_floppy = floppy_type + drive_params[current_drive].autodetect[drive_state[current_drive].probed_format];
2821 	} else
2822 		probing = 0;
2823 	tmp = make_raw_rw_request();
2824 	if (tmp < 2) {
2825 		request_done(tmp);
2826 		goto do_request;
2827 	}
2828 
2829 	if (test_bit(FD_NEED_TWADDLE_BIT, &drive_state[current_drive].flags))
2830 		twaddle(current_fdc, current_drive);
2831 	schedule_bh(floppy_start);
2832 	debugt(__func__, "queue fd request");
2833 	return;
2834 }
2835 
2836 static const struct cont_t rw_cont = {
2837 	.interrupt	= rw_interrupt,
2838 	.redo		= redo_fd_request,
2839 	.error		= bad_flp_intr,
2840 	.done		= request_done
2841 };
2842 
2843 /* schedule the request and automatically unlock the driver on completion */
process_fd_request(void)2844 static void process_fd_request(void)
2845 {
2846 	cont = &rw_cont;
2847 	schedule_bh(redo_fd_request);
2848 }
2849 
floppy_queue_rq(struct blk_mq_hw_ctx * hctx,const struct blk_mq_queue_data * bd)2850 static blk_status_t floppy_queue_rq(struct blk_mq_hw_ctx *hctx,
2851 				    const struct blk_mq_queue_data *bd)
2852 {
2853 	blk_mq_start_request(bd->rq);
2854 
2855 	if (WARN(max_buffer_sectors == 0,
2856 		 "VFS: %s called on non-open device\n", __func__))
2857 		return BLK_STS_IOERR;
2858 
2859 	if (WARN(atomic_read(&usage_count) == 0,
2860 		 "warning: usage count=0, current_req=%p sect=%ld flags=%llx\n",
2861 		 current_req, (long)blk_rq_pos(current_req),
2862 		 (__force unsigned long long) current_req->cmd_flags))
2863 		return BLK_STS_IOERR;
2864 
2865 	if (test_and_set_bit(0, &fdc_busy)) {
2866 		/* fdc busy, this new request will be treated when the
2867 		   current one is done */
2868 		is_alive(__func__, "old request running");
2869 		return BLK_STS_RESOURCE;
2870 	}
2871 
2872 	spin_lock_irq(&floppy_lock);
2873 	list_add_tail(&bd->rq->queuelist, &floppy_reqs);
2874 	spin_unlock_irq(&floppy_lock);
2875 
2876 	command_status = FD_COMMAND_NONE;
2877 	__reschedule_timeout(MAXTIMEOUT, "fd_request");
2878 	set_fdc(0);
2879 	process_fd_request();
2880 	is_alive(__func__, "");
2881 	return BLK_STS_OK;
2882 }
2883 
2884 static const struct cont_t poll_cont = {
2885 	.interrupt	= success_and_wakeup,
2886 	.redo		= floppy_ready,
2887 	.error		= generic_failure,
2888 	.done		= generic_done
2889 };
2890 
poll_drive(bool interruptible,int flag)2891 static int poll_drive(bool interruptible, int flag)
2892 {
2893 	/* no auto-sense, just clear dcl */
2894 	raw_cmd = &default_raw_cmd;
2895 	raw_cmd->flags = flag;
2896 	raw_cmd->track = 0;
2897 	raw_cmd->cmd_count = 0;
2898 	cont = &poll_cont;
2899 	debug_dcl(drive_params[current_drive].flags,
2900 		  "setting NEWCHANGE in poll_drive\n");
2901 	set_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags);
2902 
2903 	return wait_til_done(floppy_ready, interruptible);
2904 }
2905 
2906 /*
2907  * User triggered reset
2908  * ====================
2909  */
2910 
reset_intr(void)2911 static void reset_intr(void)
2912 {
2913 	pr_info("weird, reset interrupt called\n");
2914 }
2915 
2916 static const struct cont_t reset_cont = {
2917 	.interrupt	= reset_intr,
2918 	.redo		= success_and_wakeup,
2919 	.error		= generic_failure,
2920 	.done		= generic_done
2921 };
2922 
2923 /*
2924  * Resets the FDC connected to drive <drive>.
2925  * Both current_drive and current_fdc are changed to match the new drive.
2926  */
user_reset_fdc(int drive,int arg,bool interruptible)2927 static int user_reset_fdc(int drive, int arg, bool interruptible)
2928 {
2929 	int ret;
2930 
2931 	if (lock_fdc(drive))
2932 		return -EINTR;
2933 
2934 	if (arg == FD_RESET_ALWAYS)
2935 		fdc_state[current_fdc].reset = 1;
2936 	if (fdc_state[current_fdc].reset) {
2937 		/* note: reset_fdc will take care of unlocking the driver
2938 		 * on completion.
2939 		 */
2940 		cont = &reset_cont;
2941 		ret = wait_til_done(reset_fdc, interruptible);
2942 		if (ret == -EINTR)
2943 			return -EINTR;
2944 	}
2945 	process_fd_request();
2946 	return 0;
2947 }
2948 
2949 /*
2950  * Misc Ioctl's and support
2951  * ========================
2952  */
fd_copyout(void __user * param,const void * address,unsigned long size)2953 static inline int fd_copyout(void __user *param, const void *address,
2954 			     unsigned long size)
2955 {
2956 	return copy_to_user(param, address, size) ? -EFAULT : 0;
2957 }
2958 
fd_copyin(void __user * param,void * address,unsigned long size)2959 static inline int fd_copyin(void __user *param, void *address,
2960 			    unsigned long size)
2961 {
2962 	return copy_from_user(address, param, size) ? -EFAULT : 0;
2963 }
2964 
drive_name(int type,int drive)2965 static const char *drive_name(int type, int drive)
2966 {
2967 	struct floppy_struct *floppy;
2968 
2969 	if (type)
2970 		floppy = floppy_type + type;
2971 	else {
2972 		if (drive_params[drive].native_format)
2973 			floppy = floppy_type + drive_params[drive].native_format;
2974 		else
2975 			return "(null)";
2976 	}
2977 	if (floppy->name)
2978 		return floppy->name;
2979 	else
2980 		return "(null)";
2981 }
2982 
2983 #ifdef CONFIG_BLK_DEV_FD_RAWCMD
2984 
2985 /* raw commands */
raw_cmd_done(int flag)2986 static void raw_cmd_done(int flag)
2987 {
2988 	if (!flag) {
2989 		raw_cmd->flags |= FD_RAW_FAILURE;
2990 		raw_cmd->flags |= FD_RAW_HARDFAILURE;
2991 	} else {
2992 		raw_cmd->reply_count = inr;
2993 		if (raw_cmd->reply_count > FD_RAW_REPLY_SIZE)
2994 			raw_cmd->reply_count = 0;
2995 		memcpy(raw_cmd->reply, reply_buffer, raw_cmd->reply_count);
2996 
2997 		if (raw_cmd->flags & (FD_RAW_READ | FD_RAW_WRITE)) {
2998 			unsigned long flags;
2999 			flags = claim_dma_lock();
3000 			raw_cmd->length = fd_get_dma_residue();
3001 			release_dma_lock(flags);
3002 		}
3003 
3004 		if ((raw_cmd->flags & FD_RAW_SOFTFAILURE) &&
3005 		    (!raw_cmd->reply_count || (raw_cmd->reply[0] & 0xc0)))
3006 			raw_cmd->flags |= FD_RAW_FAILURE;
3007 
3008 		if (disk_change(current_drive))
3009 			raw_cmd->flags |= FD_RAW_DISK_CHANGE;
3010 		else
3011 			raw_cmd->flags &= ~FD_RAW_DISK_CHANGE;
3012 		if (raw_cmd->flags & FD_RAW_NO_MOTOR_AFTER)
3013 			motor_off_callback(&motor_off_timer[current_drive]);
3014 
3015 		if (raw_cmd->next &&
3016 		    (!(raw_cmd->flags & FD_RAW_FAILURE) ||
3017 		     !(raw_cmd->flags & FD_RAW_STOP_IF_FAILURE)) &&
3018 		    ((raw_cmd->flags & FD_RAW_FAILURE) ||
3019 		     !(raw_cmd->flags & FD_RAW_STOP_IF_SUCCESS))) {
3020 			raw_cmd = raw_cmd->next;
3021 			return;
3022 		}
3023 	}
3024 	generic_done(flag);
3025 }
3026 
3027 static const struct cont_t raw_cmd_cont = {
3028 	.interrupt	= success_and_wakeup,
3029 	.redo		= floppy_start,
3030 	.error		= generic_failure,
3031 	.done		= raw_cmd_done
3032 };
3033 
raw_cmd_copyout(int cmd,void __user * param,struct floppy_raw_cmd * ptr)3034 static int raw_cmd_copyout(int cmd, void __user *param,
3035 				  struct floppy_raw_cmd *ptr)
3036 {
3037 	int ret;
3038 
3039 	while (ptr) {
3040 		struct floppy_raw_cmd cmd = *ptr;
3041 		cmd.next = NULL;
3042 		cmd.kernel_data = NULL;
3043 		ret = copy_to_user(param, &cmd, sizeof(cmd));
3044 		if (ret)
3045 			return -EFAULT;
3046 		param += sizeof(struct floppy_raw_cmd);
3047 		if ((ptr->flags & FD_RAW_READ) && ptr->buffer_length) {
3048 			if (ptr->length >= 0 &&
3049 			    ptr->length <= ptr->buffer_length) {
3050 				long length = ptr->buffer_length - ptr->length;
3051 				ret = fd_copyout(ptr->data, ptr->kernel_data,
3052 						 length);
3053 				if (ret)
3054 					return ret;
3055 			}
3056 		}
3057 		ptr = ptr->next;
3058 	}
3059 
3060 	return 0;
3061 }
3062 
raw_cmd_free(struct floppy_raw_cmd ** ptr)3063 static void raw_cmd_free(struct floppy_raw_cmd **ptr)
3064 {
3065 	struct floppy_raw_cmd *next;
3066 	struct floppy_raw_cmd *this;
3067 
3068 	this = *ptr;
3069 	*ptr = NULL;
3070 	while (this) {
3071 		if (this->buffer_length) {
3072 			fd_dma_mem_free((unsigned long)this->kernel_data,
3073 					this->buffer_length);
3074 			this->buffer_length = 0;
3075 		}
3076 		next = this->next;
3077 		kfree(this);
3078 		this = next;
3079 	}
3080 }
3081 
3082 #define MAX_LEN (1UL << MAX_ORDER << PAGE_SHIFT)
3083 
raw_cmd_copyin(int cmd,void __user * param,struct floppy_raw_cmd ** rcmd)3084 static int raw_cmd_copyin(int cmd, void __user *param,
3085 				 struct floppy_raw_cmd **rcmd)
3086 {
3087 	struct floppy_raw_cmd *ptr;
3088 	int ret;
3089 
3090 	*rcmd = NULL;
3091 
3092 loop:
3093 	ptr = kmalloc(sizeof(struct floppy_raw_cmd), GFP_KERNEL);
3094 	if (!ptr)
3095 		return -ENOMEM;
3096 	*rcmd = ptr;
3097 	ret = copy_from_user(ptr, param, sizeof(*ptr));
3098 	ptr->next = NULL;
3099 	ptr->buffer_length = 0;
3100 	ptr->kernel_data = NULL;
3101 	if (ret)
3102 		return -EFAULT;
3103 	param += sizeof(struct floppy_raw_cmd);
3104 	if (ptr->cmd_count > FD_RAW_CMD_FULLSIZE)
3105 		return -EINVAL;
3106 
3107 	memset(ptr->reply, 0, FD_RAW_REPLY_SIZE);
3108 	ptr->resultcode = 0;
3109 
3110 	if (ptr->flags & (FD_RAW_READ | FD_RAW_WRITE)) {
3111 		if (ptr->length <= 0 || ptr->length >= MAX_LEN)
3112 			return -EINVAL;
3113 		ptr->kernel_data = (char *)fd_dma_mem_alloc(ptr->length);
3114 		fallback_on_nodma_alloc(&ptr->kernel_data, ptr->length);
3115 		if (!ptr->kernel_data)
3116 			return -ENOMEM;
3117 		ptr->buffer_length = ptr->length;
3118 	}
3119 	if (ptr->flags & FD_RAW_WRITE) {
3120 		ret = fd_copyin(ptr->data, ptr->kernel_data, ptr->length);
3121 		if (ret)
3122 			return ret;
3123 	}
3124 
3125 	if (ptr->flags & FD_RAW_MORE) {
3126 		rcmd = &(ptr->next);
3127 		ptr->rate &= 0x43;
3128 		goto loop;
3129 	}
3130 
3131 	return 0;
3132 }
3133 
raw_cmd_ioctl(int cmd,void __user * param)3134 static int raw_cmd_ioctl(int cmd, void __user *param)
3135 {
3136 	struct floppy_raw_cmd *my_raw_cmd;
3137 	int drive;
3138 	int ret2;
3139 	int ret;
3140 
3141 	if (fdc_state[current_fdc].rawcmd <= 1)
3142 		fdc_state[current_fdc].rawcmd = 1;
3143 	for (drive = 0; drive < N_DRIVE; drive++) {
3144 		if (FDC(drive) != current_fdc)
3145 			continue;
3146 		if (drive == current_drive) {
3147 			if (drive_state[drive].fd_ref > 1) {
3148 				fdc_state[current_fdc].rawcmd = 2;
3149 				break;
3150 			}
3151 		} else if (drive_state[drive].fd_ref) {
3152 			fdc_state[current_fdc].rawcmd = 2;
3153 			break;
3154 		}
3155 	}
3156 
3157 	if (fdc_state[current_fdc].reset)
3158 		return -EIO;
3159 
3160 	ret = raw_cmd_copyin(cmd, param, &my_raw_cmd);
3161 	if (ret) {
3162 		raw_cmd_free(&my_raw_cmd);
3163 		return ret;
3164 	}
3165 
3166 	raw_cmd = my_raw_cmd;
3167 	cont = &raw_cmd_cont;
3168 	ret = wait_til_done(floppy_start, true);
3169 	debug_dcl(drive_params[current_drive].flags,
3170 		  "calling disk change from raw_cmd ioctl\n");
3171 
3172 	if (ret != -EINTR && fdc_state[current_fdc].reset)
3173 		ret = -EIO;
3174 
3175 	drive_state[current_drive].track = NO_TRACK;
3176 
3177 	ret2 = raw_cmd_copyout(cmd, param, my_raw_cmd);
3178 	if (!ret)
3179 		ret = ret2;
3180 	raw_cmd_free(&my_raw_cmd);
3181 	return ret;
3182 }
3183 
floppy_raw_cmd_ioctl(int type,int drive,int cmd,void __user * param)3184 static int floppy_raw_cmd_ioctl(int type, int drive, int cmd,
3185 				void __user *param)
3186 {
3187 	int ret;
3188 
3189 	pr_warn_once("Note: FDRAWCMD is deprecated and will be removed from the kernel in the near future.\n");
3190 
3191 	if (type)
3192 		return -EINVAL;
3193 	if (lock_fdc(drive))
3194 		return -EINTR;
3195 	set_floppy(drive);
3196 	ret = raw_cmd_ioctl(cmd, param);
3197 	if (ret == -EINTR)
3198 		return -EINTR;
3199 	process_fd_request();
3200 	return ret;
3201 }
3202 
3203 #else /* CONFIG_BLK_DEV_FD_RAWCMD */
3204 
floppy_raw_cmd_ioctl(int type,int drive,int cmd,void __user * param)3205 static int floppy_raw_cmd_ioctl(int type, int drive, int cmd,
3206 				void __user *param)
3207 {
3208 	return -EOPNOTSUPP;
3209 }
3210 
3211 #endif
3212 
invalidate_drive(struct block_device * bdev)3213 static int invalidate_drive(struct block_device *bdev)
3214 {
3215 	/* invalidate the buffer track to force a reread */
3216 	set_bit((long)bdev->bd_disk->private_data, &fake_change);
3217 	process_fd_request();
3218 	if (bdev_check_media_change(bdev))
3219 		floppy_revalidate(bdev->bd_disk);
3220 	return 0;
3221 }
3222 
set_geometry(unsigned int cmd,struct floppy_struct * g,int drive,int type,struct block_device * bdev)3223 static int set_geometry(unsigned int cmd, struct floppy_struct *g,
3224 			       int drive, int type, struct block_device *bdev)
3225 {
3226 	int cnt;
3227 
3228 	/* sanity checking for parameters. */
3229 	if ((int)g->sect <= 0 ||
3230 	    (int)g->head <= 0 ||
3231 	    /* check for overflow in max_sector */
3232 	    (int)(g->sect * g->head) <= 0 ||
3233 	    /* check for zero in raw_cmd->cmd[F_SECT_PER_TRACK] */
3234 	    (unsigned char)((g->sect << 2) >> FD_SIZECODE(g)) == 0 ||
3235 	    g->track <= 0 || g->track > drive_params[drive].tracks >> STRETCH(g) ||
3236 	    /* check if reserved bits are set */
3237 	    (g->stretch & ~(FD_STRETCH | FD_SWAPSIDES | FD_SECTBASEMASK)) != 0)
3238 		return -EINVAL;
3239 	if (type) {
3240 		if (!capable(CAP_SYS_ADMIN))
3241 			return -EPERM;
3242 		mutex_lock(&open_lock);
3243 		if (lock_fdc(drive)) {
3244 			mutex_unlock(&open_lock);
3245 			return -EINTR;
3246 		}
3247 		floppy_type[type] = *g;
3248 		floppy_type[type].name = "user format";
3249 		for (cnt = type << 2; cnt < (type << 2) + 4; cnt++)
3250 			floppy_sizes[cnt] = floppy_sizes[cnt + 0x80] =
3251 			    floppy_type[type].size + 1;
3252 		process_fd_request();
3253 		for (cnt = 0; cnt < N_DRIVE; cnt++) {
3254 			struct block_device *bdev = opened_bdev[cnt];
3255 			if (!bdev || ITYPE(drive_state[cnt].fd_device) != type)
3256 				continue;
3257 			__invalidate_device(bdev, true);
3258 		}
3259 		mutex_unlock(&open_lock);
3260 	} else {
3261 		int oldStretch;
3262 
3263 		if (lock_fdc(drive))
3264 			return -EINTR;
3265 		if (cmd != FDDEFPRM) {
3266 			/* notice a disk change immediately, else
3267 			 * we lose our settings immediately*/
3268 			if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3269 				return -EINTR;
3270 		}
3271 		oldStretch = g->stretch;
3272 		user_params[drive] = *g;
3273 		if (buffer_drive == drive)
3274 			SUPBOUND(buffer_max, user_params[drive].sect);
3275 		current_type[drive] = &user_params[drive];
3276 		floppy_sizes[drive] = user_params[drive].size;
3277 		if (cmd == FDDEFPRM)
3278 			drive_state[current_drive].keep_data = -1;
3279 		else
3280 			drive_state[current_drive].keep_data = 1;
3281 		/* invalidation. Invalidate only when needed, i.e.
3282 		 * when there are already sectors in the buffer cache
3283 		 * whose number will change. This is useful, because
3284 		 * mtools often changes the geometry of the disk after
3285 		 * looking at the boot block */
3286 		if (drive_state[current_drive].maxblock > user_params[drive].sect ||
3287 		    drive_state[current_drive].maxtrack ||
3288 		    ((user_params[drive].sect ^ oldStretch) &
3289 		     (FD_SWAPSIDES | FD_SECTBASEMASK)))
3290 			invalidate_drive(bdev);
3291 		else
3292 			process_fd_request();
3293 	}
3294 	return 0;
3295 }
3296 
3297 /* handle obsolete ioctl's */
3298 static unsigned int ioctl_table[] = {
3299 	FDCLRPRM,
3300 	FDSETPRM,
3301 	FDDEFPRM,
3302 	FDGETPRM,
3303 	FDMSGON,
3304 	FDMSGOFF,
3305 	FDFMTBEG,
3306 	FDFMTTRK,
3307 	FDFMTEND,
3308 	FDSETEMSGTRESH,
3309 	FDFLUSH,
3310 	FDSETMAXERRS,
3311 	FDGETMAXERRS,
3312 	FDGETDRVTYP,
3313 	FDSETDRVPRM,
3314 	FDGETDRVPRM,
3315 	FDGETDRVSTAT,
3316 	FDPOLLDRVSTAT,
3317 	FDRESET,
3318 	FDGETFDCSTAT,
3319 	FDWERRORCLR,
3320 	FDWERRORGET,
3321 	FDRAWCMD,
3322 	FDEJECT,
3323 	FDTWADDLE
3324 };
3325 
normalize_ioctl(unsigned int * cmd,int * size)3326 static int normalize_ioctl(unsigned int *cmd, int *size)
3327 {
3328 	int i;
3329 
3330 	for (i = 0; i < ARRAY_SIZE(ioctl_table); i++) {
3331 		if ((*cmd & 0xffff) == (ioctl_table[i] & 0xffff)) {
3332 			*size = _IOC_SIZE(*cmd);
3333 			*cmd = ioctl_table[i];
3334 			if (*size > _IOC_SIZE(*cmd)) {
3335 				pr_info("ioctl not yet supported\n");
3336 				return -EFAULT;
3337 			}
3338 			return 0;
3339 		}
3340 	}
3341 	return -EINVAL;
3342 }
3343 
get_floppy_geometry(int drive,int type,struct floppy_struct ** g)3344 static int get_floppy_geometry(int drive, int type, struct floppy_struct **g)
3345 {
3346 	if (type)
3347 		*g = &floppy_type[type];
3348 	else {
3349 		if (lock_fdc(drive))
3350 			return -EINTR;
3351 		if (poll_drive(false, 0) == -EINTR)
3352 			return -EINTR;
3353 		process_fd_request();
3354 		*g = current_type[drive];
3355 	}
3356 	if (!*g)
3357 		return -ENODEV;
3358 	return 0;
3359 }
3360 
fd_getgeo(struct block_device * bdev,struct hd_geometry * geo)3361 static int fd_getgeo(struct block_device *bdev, struct hd_geometry *geo)
3362 {
3363 	int drive = (long)bdev->bd_disk->private_data;
3364 	int type = ITYPE(drive_state[drive].fd_device);
3365 	struct floppy_struct *g;
3366 	int ret;
3367 
3368 	ret = get_floppy_geometry(drive, type, &g);
3369 	if (ret)
3370 		return ret;
3371 
3372 	geo->heads = g->head;
3373 	geo->sectors = g->sect;
3374 	geo->cylinders = g->track;
3375 	return 0;
3376 }
3377 
valid_floppy_drive_params(const short autodetect[FD_AUTODETECT_SIZE],int native_format)3378 static bool valid_floppy_drive_params(const short autodetect[FD_AUTODETECT_SIZE],
3379 		int native_format)
3380 {
3381 	size_t floppy_type_size = ARRAY_SIZE(floppy_type);
3382 	size_t i = 0;
3383 
3384 	for (i = 0; i < FD_AUTODETECT_SIZE; ++i) {
3385 		if (autodetect[i] < 0 ||
3386 		    autodetect[i] >= floppy_type_size)
3387 			return false;
3388 	}
3389 
3390 	if (native_format < 0 || native_format >= floppy_type_size)
3391 		return false;
3392 
3393 	return true;
3394 }
3395 
fd_locked_ioctl(struct block_device * bdev,fmode_t mode,unsigned int cmd,unsigned long param)3396 static int fd_locked_ioctl(struct block_device *bdev, fmode_t mode, unsigned int cmd,
3397 		    unsigned long param)
3398 {
3399 	int drive = (long)bdev->bd_disk->private_data;
3400 	int type = ITYPE(drive_state[drive].fd_device);
3401 	int ret;
3402 	int size;
3403 	union inparam {
3404 		struct floppy_struct g;	/* geometry */
3405 		struct format_descr f;
3406 		struct floppy_max_errors max_errors;
3407 		struct floppy_drive_params dp;
3408 	} inparam;		/* parameters coming from user space */
3409 	const void *outparam;	/* parameters passed back to user space */
3410 
3411 	/* convert compatibility eject ioctls into floppy eject ioctl.
3412 	 * We do this in order to provide a means to eject floppy disks before
3413 	 * installing the new fdutils package */
3414 	if (cmd == CDROMEJECT ||	/* CD-ROM eject */
3415 	    cmd == 0x6470) {		/* SunOS floppy eject */
3416 		DPRINT("obsolete eject ioctl\n");
3417 		DPRINT("please use floppycontrol --eject\n");
3418 		cmd = FDEJECT;
3419 	}
3420 
3421 	if (!((cmd & 0xff00) == 0x0200))
3422 		return -EINVAL;
3423 
3424 	/* convert the old style command into a new style command */
3425 	ret = normalize_ioctl(&cmd, &size);
3426 	if (ret)
3427 		return ret;
3428 
3429 	/* permission checks */
3430 	if (((cmd & 0x40) && !(mode & (FMODE_WRITE | FMODE_WRITE_IOCTL))) ||
3431 	    ((cmd & 0x80) && !capable(CAP_SYS_ADMIN)))
3432 		return -EPERM;
3433 
3434 	if (WARN_ON(size < 0 || size > sizeof(inparam)))
3435 		return -EINVAL;
3436 
3437 	/* copyin */
3438 	memset(&inparam, 0, sizeof(inparam));
3439 	if (_IOC_DIR(cmd) & _IOC_WRITE) {
3440 		ret = fd_copyin((void __user *)param, &inparam, size);
3441 		if (ret)
3442 			return ret;
3443 	}
3444 
3445 	switch (cmd) {
3446 	case FDEJECT:
3447 		if (drive_state[drive].fd_ref != 1)
3448 			/* somebody else has this drive open */
3449 			return -EBUSY;
3450 		if (lock_fdc(drive))
3451 			return -EINTR;
3452 
3453 		/* do the actual eject. Fails on
3454 		 * non-Sparc architectures */
3455 		ret = fd_eject(UNIT(drive));
3456 
3457 		set_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
3458 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
3459 		process_fd_request();
3460 		return ret;
3461 	case FDCLRPRM:
3462 		if (lock_fdc(drive))
3463 			return -EINTR;
3464 		current_type[drive] = NULL;
3465 		floppy_sizes[drive] = MAX_DISK_SIZE << 1;
3466 		drive_state[drive].keep_data = 0;
3467 		return invalidate_drive(bdev);
3468 	case FDSETPRM:
3469 	case FDDEFPRM:
3470 		return set_geometry(cmd, &inparam.g, drive, type, bdev);
3471 	case FDGETPRM:
3472 		ret = get_floppy_geometry(drive, type,
3473 					  (struct floppy_struct **)&outparam);
3474 		if (ret)
3475 			return ret;
3476 		memcpy(&inparam.g, outparam,
3477 				offsetof(struct floppy_struct, name));
3478 		outparam = &inparam.g;
3479 		break;
3480 	case FDMSGON:
3481 		drive_params[drive].flags |= FTD_MSG;
3482 		return 0;
3483 	case FDMSGOFF:
3484 		drive_params[drive].flags &= ~FTD_MSG;
3485 		return 0;
3486 	case FDFMTBEG:
3487 		if (lock_fdc(drive))
3488 			return -EINTR;
3489 		if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3490 			return -EINTR;
3491 		ret = drive_state[drive].flags;
3492 		process_fd_request();
3493 		if (ret & FD_VERIFY)
3494 			return -ENODEV;
3495 		if (!(ret & FD_DISK_WRITABLE))
3496 			return -EROFS;
3497 		return 0;
3498 	case FDFMTTRK:
3499 		if (drive_state[drive].fd_ref != 1)
3500 			return -EBUSY;
3501 		return do_format(drive, &inparam.f);
3502 	case FDFMTEND:
3503 	case FDFLUSH:
3504 		if (lock_fdc(drive))
3505 			return -EINTR;
3506 		return invalidate_drive(bdev);
3507 	case FDSETEMSGTRESH:
3508 		drive_params[drive].max_errors.reporting = (unsigned short)(param & 0x0f);
3509 		return 0;
3510 	case FDGETMAXERRS:
3511 		outparam = &drive_params[drive].max_errors;
3512 		break;
3513 	case FDSETMAXERRS:
3514 		drive_params[drive].max_errors = inparam.max_errors;
3515 		break;
3516 	case FDGETDRVTYP:
3517 		outparam = drive_name(type, drive);
3518 		SUPBOUND(size, strlen((const char *)outparam) + 1);
3519 		break;
3520 	case FDSETDRVPRM:
3521 		if (!valid_floppy_drive_params(inparam.dp.autodetect,
3522 				inparam.dp.native_format))
3523 			return -EINVAL;
3524 		drive_params[drive] = inparam.dp;
3525 		break;
3526 	case FDGETDRVPRM:
3527 		outparam = &drive_params[drive];
3528 		break;
3529 	case FDPOLLDRVSTAT:
3530 		if (lock_fdc(drive))
3531 			return -EINTR;
3532 		if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3533 			return -EINTR;
3534 		process_fd_request();
3535 		fallthrough;
3536 	case FDGETDRVSTAT:
3537 		outparam = &drive_state[drive];
3538 		break;
3539 	case FDRESET:
3540 		return user_reset_fdc(drive, (int)param, true);
3541 	case FDGETFDCSTAT:
3542 		outparam = &fdc_state[FDC(drive)];
3543 		break;
3544 	case FDWERRORCLR:
3545 		memset(&write_errors[drive], 0, sizeof(write_errors[drive]));
3546 		return 0;
3547 	case FDWERRORGET:
3548 		outparam = &write_errors[drive];
3549 		break;
3550 	case FDRAWCMD:
3551 		return floppy_raw_cmd_ioctl(type, drive, cmd, (void __user *)param);
3552 	case FDTWADDLE:
3553 		if (lock_fdc(drive))
3554 			return -EINTR;
3555 		twaddle(current_fdc, current_drive);
3556 		process_fd_request();
3557 		return 0;
3558 	default:
3559 		return -EINVAL;
3560 	}
3561 
3562 	if (_IOC_DIR(cmd) & _IOC_READ)
3563 		return fd_copyout((void __user *)param, outparam, size);
3564 
3565 	return 0;
3566 }
3567 
fd_ioctl(struct block_device * bdev,fmode_t mode,unsigned int cmd,unsigned long param)3568 static int fd_ioctl(struct block_device *bdev, fmode_t mode,
3569 			     unsigned int cmd, unsigned long param)
3570 {
3571 	int ret;
3572 
3573 	mutex_lock(&floppy_mutex);
3574 	ret = fd_locked_ioctl(bdev, mode, cmd, param);
3575 	mutex_unlock(&floppy_mutex);
3576 
3577 	return ret;
3578 }
3579 
3580 #ifdef CONFIG_COMPAT
3581 
3582 struct compat_floppy_drive_params {
3583 	char		cmos;
3584 	compat_ulong_t	max_dtr;
3585 	compat_ulong_t	hlt;
3586 	compat_ulong_t	hut;
3587 	compat_ulong_t	srt;
3588 	compat_ulong_t	spinup;
3589 	compat_ulong_t	spindown;
3590 	unsigned char	spindown_offset;
3591 	unsigned char	select_delay;
3592 	unsigned char	rps;
3593 	unsigned char	tracks;
3594 	compat_ulong_t	timeout;
3595 	unsigned char	interleave_sect;
3596 	struct floppy_max_errors max_errors;
3597 	char		flags;
3598 	char		read_track;
3599 	short		autodetect[FD_AUTODETECT_SIZE];
3600 	compat_int_t	checkfreq;
3601 	compat_int_t	native_format;
3602 };
3603 
3604 struct compat_floppy_drive_struct {
3605 	signed char	flags;
3606 	compat_ulong_t	spinup_date;
3607 	compat_ulong_t	select_date;
3608 	compat_ulong_t	first_read_date;
3609 	short		probed_format;
3610 	short		track;
3611 	short		maxblock;
3612 	short		maxtrack;
3613 	compat_int_t	generation;
3614 	compat_int_t	keep_data;
3615 	compat_int_t	fd_ref;
3616 	compat_int_t	fd_device;
3617 	compat_int_t	last_checked;
3618 	compat_caddr_t dmabuf;
3619 	compat_int_t	bufblocks;
3620 };
3621 
3622 struct compat_floppy_fdc_state {
3623 	compat_int_t	spec1;
3624 	compat_int_t	spec2;
3625 	compat_int_t	dtr;
3626 	unsigned char	version;
3627 	unsigned char	dor;
3628 	compat_ulong_t	address;
3629 	unsigned int	rawcmd:2;
3630 	unsigned int	reset:1;
3631 	unsigned int	need_configure:1;
3632 	unsigned int	perp_mode:2;
3633 	unsigned int	has_fifo:1;
3634 	unsigned int	driver_version;
3635 	unsigned char	track[4];
3636 };
3637 
3638 struct compat_floppy_write_errors {
3639 	unsigned int	write_errors;
3640 	compat_ulong_t	first_error_sector;
3641 	compat_int_t	first_error_generation;
3642 	compat_ulong_t	last_error_sector;
3643 	compat_int_t	last_error_generation;
3644 	compat_uint_t	badness;
3645 };
3646 
3647 #define FDSETPRM32 _IOW(2, 0x42, struct compat_floppy_struct)
3648 #define FDDEFPRM32 _IOW(2, 0x43, struct compat_floppy_struct)
3649 #define FDSETDRVPRM32 _IOW(2, 0x90, struct compat_floppy_drive_params)
3650 #define FDGETDRVPRM32 _IOR(2, 0x11, struct compat_floppy_drive_params)
3651 #define FDGETDRVSTAT32 _IOR(2, 0x12, struct compat_floppy_drive_struct)
3652 #define FDPOLLDRVSTAT32 _IOR(2, 0x13, struct compat_floppy_drive_struct)
3653 #define FDGETFDCSTAT32 _IOR(2, 0x15, struct compat_floppy_fdc_state)
3654 #define FDWERRORGET32  _IOR(2, 0x17, struct compat_floppy_write_errors)
3655 
compat_set_geometry(struct block_device * bdev,fmode_t mode,unsigned int cmd,struct compat_floppy_struct __user * arg)3656 static int compat_set_geometry(struct block_device *bdev, fmode_t mode, unsigned int cmd,
3657 		    struct compat_floppy_struct __user *arg)
3658 {
3659 	struct floppy_struct v;
3660 	int drive, type;
3661 	int err;
3662 
3663 	BUILD_BUG_ON(offsetof(struct floppy_struct, name) !=
3664 		     offsetof(struct compat_floppy_struct, name));
3665 
3666 	if (!(mode & (FMODE_WRITE | FMODE_WRITE_IOCTL)))
3667 		return -EPERM;
3668 
3669 	memset(&v, 0, sizeof(struct floppy_struct));
3670 	if (copy_from_user(&v, arg, offsetof(struct floppy_struct, name)))
3671 		return -EFAULT;
3672 
3673 	mutex_lock(&floppy_mutex);
3674 	drive = (long)bdev->bd_disk->private_data;
3675 	type = ITYPE(drive_state[drive].fd_device);
3676 	err = set_geometry(cmd == FDSETPRM32 ? FDSETPRM : FDDEFPRM,
3677 			&v, drive, type, bdev);
3678 	mutex_unlock(&floppy_mutex);
3679 	return err;
3680 }
3681 
compat_get_prm(int drive,struct compat_floppy_struct __user * arg)3682 static int compat_get_prm(int drive,
3683 			  struct compat_floppy_struct __user *arg)
3684 {
3685 	struct compat_floppy_struct v;
3686 	struct floppy_struct *p;
3687 	int err;
3688 
3689 	memset(&v, 0, sizeof(v));
3690 	mutex_lock(&floppy_mutex);
3691 	err = get_floppy_geometry(drive, ITYPE(drive_state[drive].fd_device),
3692 				  &p);
3693 	if (err) {
3694 		mutex_unlock(&floppy_mutex);
3695 		return err;
3696 	}
3697 	memcpy(&v, p, offsetof(struct floppy_struct, name));
3698 	mutex_unlock(&floppy_mutex);
3699 	if (copy_to_user(arg, &v, sizeof(struct compat_floppy_struct)))
3700 		return -EFAULT;
3701 	return 0;
3702 }
3703 
compat_setdrvprm(int drive,struct compat_floppy_drive_params __user * arg)3704 static int compat_setdrvprm(int drive,
3705 			    struct compat_floppy_drive_params __user *arg)
3706 {
3707 	struct compat_floppy_drive_params v;
3708 
3709 	if (!capable(CAP_SYS_ADMIN))
3710 		return -EPERM;
3711 	if (copy_from_user(&v, arg, sizeof(struct compat_floppy_drive_params)))
3712 		return -EFAULT;
3713 	if (!valid_floppy_drive_params(v.autodetect, v.native_format))
3714 		return -EINVAL;
3715 	mutex_lock(&floppy_mutex);
3716 	drive_params[drive].cmos = v.cmos;
3717 	drive_params[drive].max_dtr = v.max_dtr;
3718 	drive_params[drive].hlt = v.hlt;
3719 	drive_params[drive].hut = v.hut;
3720 	drive_params[drive].srt = v.srt;
3721 	drive_params[drive].spinup = v.spinup;
3722 	drive_params[drive].spindown = v.spindown;
3723 	drive_params[drive].spindown_offset = v.spindown_offset;
3724 	drive_params[drive].select_delay = v.select_delay;
3725 	drive_params[drive].rps = v.rps;
3726 	drive_params[drive].tracks = v.tracks;
3727 	drive_params[drive].timeout = v.timeout;
3728 	drive_params[drive].interleave_sect = v.interleave_sect;
3729 	drive_params[drive].max_errors = v.max_errors;
3730 	drive_params[drive].flags = v.flags;
3731 	drive_params[drive].read_track = v.read_track;
3732 	memcpy(drive_params[drive].autodetect, v.autodetect,
3733 	       sizeof(v.autodetect));
3734 	drive_params[drive].checkfreq = v.checkfreq;
3735 	drive_params[drive].native_format = v.native_format;
3736 	mutex_unlock(&floppy_mutex);
3737 	return 0;
3738 }
3739 
compat_getdrvprm(int drive,struct compat_floppy_drive_params __user * arg)3740 static int compat_getdrvprm(int drive,
3741 			    struct compat_floppy_drive_params __user *arg)
3742 {
3743 	struct compat_floppy_drive_params v;
3744 
3745 	memset(&v, 0, sizeof(struct compat_floppy_drive_params));
3746 	mutex_lock(&floppy_mutex);
3747 	v.cmos = drive_params[drive].cmos;
3748 	v.max_dtr = drive_params[drive].max_dtr;
3749 	v.hlt = drive_params[drive].hlt;
3750 	v.hut = drive_params[drive].hut;
3751 	v.srt = drive_params[drive].srt;
3752 	v.spinup = drive_params[drive].spinup;
3753 	v.spindown = drive_params[drive].spindown;
3754 	v.spindown_offset = drive_params[drive].spindown_offset;
3755 	v.select_delay = drive_params[drive].select_delay;
3756 	v.rps = drive_params[drive].rps;
3757 	v.tracks = drive_params[drive].tracks;
3758 	v.timeout = drive_params[drive].timeout;
3759 	v.interleave_sect = drive_params[drive].interleave_sect;
3760 	v.max_errors = drive_params[drive].max_errors;
3761 	v.flags = drive_params[drive].flags;
3762 	v.read_track = drive_params[drive].read_track;
3763 	memcpy(v.autodetect, drive_params[drive].autodetect,
3764 	       sizeof(v.autodetect));
3765 	v.checkfreq = drive_params[drive].checkfreq;
3766 	v.native_format = drive_params[drive].native_format;
3767 	mutex_unlock(&floppy_mutex);
3768 
3769 	if (copy_to_user(arg, &v, sizeof(struct compat_floppy_drive_params)))
3770 		return -EFAULT;
3771 	return 0;
3772 }
3773 
compat_getdrvstat(int drive,bool poll,struct compat_floppy_drive_struct __user * arg)3774 static int compat_getdrvstat(int drive, bool poll,
3775 			    struct compat_floppy_drive_struct __user *arg)
3776 {
3777 	struct compat_floppy_drive_struct v;
3778 
3779 	memset(&v, 0, sizeof(struct compat_floppy_drive_struct));
3780 	mutex_lock(&floppy_mutex);
3781 
3782 	if (poll) {
3783 		if (lock_fdc(drive))
3784 			goto Eintr;
3785 		if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3786 			goto Eintr;
3787 		process_fd_request();
3788 	}
3789 	v.spinup_date = drive_state[drive].spinup_date;
3790 	v.select_date = drive_state[drive].select_date;
3791 	v.first_read_date = drive_state[drive].first_read_date;
3792 	v.probed_format = drive_state[drive].probed_format;
3793 	v.track = drive_state[drive].track;
3794 	v.maxblock = drive_state[drive].maxblock;
3795 	v.maxtrack = drive_state[drive].maxtrack;
3796 	v.generation = drive_state[drive].generation;
3797 	v.keep_data = drive_state[drive].keep_data;
3798 	v.fd_ref = drive_state[drive].fd_ref;
3799 	v.fd_device = drive_state[drive].fd_device;
3800 	v.last_checked = drive_state[drive].last_checked;
3801 	v.dmabuf = (uintptr_t) drive_state[drive].dmabuf;
3802 	v.bufblocks = drive_state[drive].bufblocks;
3803 	mutex_unlock(&floppy_mutex);
3804 
3805 	if (copy_to_user(arg, &v, sizeof(struct compat_floppy_drive_struct)))
3806 		return -EFAULT;
3807 	return 0;
3808 Eintr:
3809 	mutex_unlock(&floppy_mutex);
3810 	return -EINTR;
3811 }
3812 
compat_getfdcstat(int drive,struct compat_floppy_fdc_state __user * arg)3813 static int compat_getfdcstat(int drive,
3814 			    struct compat_floppy_fdc_state __user *arg)
3815 {
3816 	struct compat_floppy_fdc_state v32;
3817 	struct floppy_fdc_state v;
3818 
3819 	mutex_lock(&floppy_mutex);
3820 	v = fdc_state[FDC(drive)];
3821 	mutex_unlock(&floppy_mutex);
3822 
3823 	memset(&v32, 0, sizeof(struct compat_floppy_fdc_state));
3824 	v32.spec1 = v.spec1;
3825 	v32.spec2 = v.spec2;
3826 	v32.dtr = v.dtr;
3827 	v32.version = v.version;
3828 	v32.dor = v.dor;
3829 	v32.address = v.address;
3830 	v32.rawcmd = v.rawcmd;
3831 	v32.reset = v.reset;
3832 	v32.need_configure = v.need_configure;
3833 	v32.perp_mode = v.perp_mode;
3834 	v32.has_fifo = v.has_fifo;
3835 	v32.driver_version = v.driver_version;
3836 	memcpy(v32.track, v.track, 4);
3837 	if (copy_to_user(arg, &v32, sizeof(struct compat_floppy_fdc_state)))
3838 		return -EFAULT;
3839 	return 0;
3840 }
3841 
compat_werrorget(int drive,struct compat_floppy_write_errors __user * arg)3842 static int compat_werrorget(int drive,
3843 			    struct compat_floppy_write_errors __user *arg)
3844 {
3845 	struct compat_floppy_write_errors v32;
3846 	struct floppy_write_errors v;
3847 
3848 	memset(&v32, 0, sizeof(struct compat_floppy_write_errors));
3849 	mutex_lock(&floppy_mutex);
3850 	v = write_errors[drive];
3851 	mutex_unlock(&floppy_mutex);
3852 	v32.write_errors = v.write_errors;
3853 	v32.first_error_sector = v.first_error_sector;
3854 	v32.first_error_generation = v.first_error_generation;
3855 	v32.last_error_sector = v.last_error_sector;
3856 	v32.last_error_generation = v.last_error_generation;
3857 	v32.badness = v.badness;
3858 	if (copy_to_user(arg, &v32, sizeof(struct compat_floppy_write_errors)))
3859 		return -EFAULT;
3860 	return 0;
3861 }
3862 
fd_compat_ioctl(struct block_device * bdev,fmode_t mode,unsigned int cmd,unsigned long param)3863 static int fd_compat_ioctl(struct block_device *bdev, fmode_t mode, unsigned int cmd,
3864 		    unsigned long param)
3865 {
3866 	int drive = (long)bdev->bd_disk->private_data;
3867 	switch (cmd) {
3868 	case CDROMEJECT: /* CD-ROM eject */
3869 	case 0x6470:	 /* SunOS floppy eject */
3870 
3871 	case FDMSGON:
3872 	case FDMSGOFF:
3873 	case FDSETEMSGTRESH:
3874 	case FDFLUSH:
3875 	case FDWERRORCLR:
3876 	case FDEJECT:
3877 	case FDCLRPRM:
3878 	case FDFMTBEG:
3879 	case FDRESET:
3880 	case FDTWADDLE:
3881 		return fd_ioctl(bdev, mode, cmd, param);
3882 	case FDSETMAXERRS:
3883 	case FDGETMAXERRS:
3884 	case FDGETDRVTYP:
3885 	case FDFMTEND:
3886 	case FDFMTTRK:
3887 	case FDRAWCMD:
3888 		return fd_ioctl(bdev, mode, cmd,
3889 				(unsigned long)compat_ptr(param));
3890 	case FDSETPRM32:
3891 	case FDDEFPRM32:
3892 		return compat_set_geometry(bdev, mode, cmd, compat_ptr(param));
3893 	case FDGETPRM32:
3894 		return compat_get_prm(drive, compat_ptr(param));
3895 	case FDSETDRVPRM32:
3896 		return compat_setdrvprm(drive, compat_ptr(param));
3897 	case FDGETDRVPRM32:
3898 		return compat_getdrvprm(drive, compat_ptr(param));
3899 	case FDPOLLDRVSTAT32:
3900 		return compat_getdrvstat(drive, true, compat_ptr(param));
3901 	case FDGETDRVSTAT32:
3902 		return compat_getdrvstat(drive, false, compat_ptr(param));
3903 	case FDGETFDCSTAT32:
3904 		return compat_getfdcstat(drive, compat_ptr(param));
3905 	case FDWERRORGET32:
3906 		return compat_werrorget(drive, compat_ptr(param));
3907 	}
3908 	return -EINVAL;
3909 }
3910 #endif
3911 
config_types(void)3912 static void __init config_types(void)
3913 {
3914 	bool has_drive = false;
3915 	int drive;
3916 
3917 	/* read drive info out of physical CMOS */
3918 	drive = 0;
3919 	if (!drive_params[drive].cmos)
3920 		drive_params[drive].cmos = FLOPPY0_TYPE;
3921 	drive = 1;
3922 	if (!drive_params[drive].cmos)
3923 		drive_params[drive].cmos = FLOPPY1_TYPE;
3924 
3925 	/* FIXME: additional physical CMOS drive detection should go here */
3926 
3927 	for (drive = 0; drive < N_DRIVE; drive++) {
3928 		unsigned int type = drive_params[drive].cmos;
3929 		struct floppy_drive_params *params;
3930 		const char *name = NULL;
3931 		char temparea[32];
3932 
3933 		if (type < ARRAY_SIZE(default_drive_params)) {
3934 			params = &default_drive_params[type].params;
3935 			if (type) {
3936 				name = default_drive_params[type].name;
3937 				allowed_drive_mask |= 1 << drive;
3938 			} else
3939 				allowed_drive_mask &= ~(1 << drive);
3940 		} else {
3941 			params = &default_drive_params[0].params;
3942 			snprintf(temparea, sizeof(temparea),
3943 				 "unknown type %d (usb?)", type);
3944 			name = temparea;
3945 		}
3946 		if (name) {
3947 			const char *prepend;
3948 			if (!has_drive) {
3949 				prepend = "";
3950 				has_drive = true;
3951 				pr_info("Floppy drive(s):");
3952 			} else {
3953 				prepend = ",";
3954 			}
3955 
3956 			pr_cont("%s fd%d is %s", prepend, drive, name);
3957 		}
3958 		drive_params[drive] = *params;
3959 	}
3960 
3961 	if (has_drive)
3962 		pr_cont("\n");
3963 }
3964 
floppy_release(struct gendisk * disk,fmode_t mode)3965 static void floppy_release(struct gendisk *disk, fmode_t mode)
3966 {
3967 	int drive = (long)disk->private_data;
3968 
3969 	mutex_lock(&floppy_mutex);
3970 	mutex_lock(&open_lock);
3971 	if (!drive_state[drive].fd_ref--) {
3972 		DPRINT("floppy_release with fd_ref == 0");
3973 		drive_state[drive].fd_ref = 0;
3974 	}
3975 	if (!drive_state[drive].fd_ref)
3976 		opened_bdev[drive] = NULL;
3977 	mutex_unlock(&open_lock);
3978 	mutex_unlock(&floppy_mutex);
3979 }
3980 
3981 /*
3982  * floppy_open check for aliasing (/dev/fd0 can be the same as
3983  * /dev/PS0 etc), and disallows simultaneous access to the same
3984  * drive with different device numbers.
3985  */
floppy_open(struct block_device * bdev,fmode_t mode)3986 static int floppy_open(struct block_device *bdev, fmode_t mode)
3987 {
3988 	int drive = (long)bdev->bd_disk->private_data;
3989 	int old_dev, new_dev;
3990 	int try;
3991 	int res = -EBUSY;
3992 	char *tmp;
3993 
3994 	mutex_lock(&floppy_mutex);
3995 	mutex_lock(&open_lock);
3996 	old_dev = drive_state[drive].fd_device;
3997 	if (opened_bdev[drive] && opened_bdev[drive] != bdev)
3998 		goto out2;
3999 
4000 	if (!drive_state[drive].fd_ref && (drive_params[drive].flags & FD_BROKEN_DCL)) {
4001 		set_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
4002 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
4003 	}
4004 
4005 	drive_state[drive].fd_ref++;
4006 
4007 	opened_bdev[drive] = bdev;
4008 
4009 	res = -ENXIO;
4010 
4011 	if (!floppy_track_buffer) {
4012 		/* if opening an ED drive, reserve a big buffer,
4013 		 * else reserve a small one */
4014 		if ((drive_params[drive].cmos == 6) || (drive_params[drive].cmos == 5))
4015 			try = 64;	/* Only 48 actually useful */
4016 		else
4017 			try = 32;	/* Only 24 actually useful */
4018 
4019 		tmp = (char *)fd_dma_mem_alloc(1024 * try);
4020 		if (!tmp && !floppy_track_buffer) {
4021 			try >>= 1;	/* buffer only one side */
4022 			INFBOUND(try, 16);
4023 			tmp = (char *)fd_dma_mem_alloc(1024 * try);
4024 		}
4025 		if (!tmp && !floppy_track_buffer)
4026 			fallback_on_nodma_alloc(&tmp, 2048 * try);
4027 		if (!tmp && !floppy_track_buffer) {
4028 			DPRINT("Unable to allocate DMA memory\n");
4029 			goto out;
4030 		}
4031 		if (floppy_track_buffer) {
4032 			if (tmp)
4033 				fd_dma_mem_free((unsigned long)tmp, try * 1024);
4034 		} else {
4035 			buffer_min = buffer_max = -1;
4036 			floppy_track_buffer = tmp;
4037 			max_buffer_sectors = try;
4038 		}
4039 	}
4040 
4041 	new_dev = MINOR(bdev->bd_dev);
4042 	drive_state[drive].fd_device = new_dev;
4043 	set_capacity(disks[drive][ITYPE(new_dev)], floppy_sizes[new_dev]);
4044 	if (old_dev != -1 && old_dev != new_dev) {
4045 		if (buffer_drive == drive)
4046 			buffer_track = -1;
4047 	}
4048 
4049 	if (fdc_state[FDC(drive)].rawcmd == 1)
4050 		fdc_state[FDC(drive)].rawcmd = 2;
4051 
4052 	if (!(mode & FMODE_NDELAY)) {
4053 		if (mode & (FMODE_READ|FMODE_WRITE)) {
4054 			drive_state[drive].last_checked = 0;
4055 			clear_bit(FD_OPEN_SHOULD_FAIL_BIT,
4056 				  &drive_state[drive].flags);
4057 			if (bdev_check_media_change(bdev))
4058 				floppy_revalidate(bdev->bd_disk);
4059 			if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags))
4060 				goto out;
4061 			if (test_bit(FD_OPEN_SHOULD_FAIL_BIT, &drive_state[drive].flags))
4062 				goto out;
4063 		}
4064 		res = -EROFS;
4065 		if ((mode & FMODE_WRITE) &&
4066 		    !test_bit(FD_DISK_WRITABLE_BIT, &drive_state[drive].flags))
4067 			goto out;
4068 	}
4069 	mutex_unlock(&open_lock);
4070 	mutex_unlock(&floppy_mutex);
4071 	return 0;
4072 out:
4073 	drive_state[drive].fd_ref--;
4074 
4075 	if (!drive_state[drive].fd_ref)
4076 		opened_bdev[drive] = NULL;
4077 out2:
4078 	mutex_unlock(&open_lock);
4079 	mutex_unlock(&floppy_mutex);
4080 	return res;
4081 }
4082 
4083 /*
4084  * Check if the disk has been changed or if a change has been faked.
4085  */
floppy_check_events(struct gendisk * disk,unsigned int clearing)4086 static unsigned int floppy_check_events(struct gendisk *disk,
4087 					unsigned int clearing)
4088 {
4089 	int drive = (long)disk->private_data;
4090 
4091 	if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4092 	    test_bit(FD_VERIFY_BIT, &drive_state[drive].flags))
4093 		return DISK_EVENT_MEDIA_CHANGE;
4094 
4095 	if (time_after(jiffies, drive_state[drive].last_checked + drive_params[drive].checkfreq)) {
4096 		if (lock_fdc(drive))
4097 			return 0;
4098 		poll_drive(false, 0);
4099 		process_fd_request();
4100 	}
4101 
4102 	if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4103 	    test_bit(FD_VERIFY_BIT, &drive_state[drive].flags) ||
4104 	    test_bit(drive, &fake_change) ||
4105 	    drive_no_geom(drive))
4106 		return DISK_EVENT_MEDIA_CHANGE;
4107 	return 0;
4108 }
4109 
4110 /*
4111  * This implements "read block 0" for floppy_revalidate().
4112  * Needed for format autodetection, checking whether there is
4113  * a disk in the drive, and whether that disk is writable.
4114  */
4115 
4116 struct rb0_cbdata {
4117 	int drive;
4118 	struct completion complete;
4119 };
4120 
floppy_rb0_cb(struct bio * bio)4121 static void floppy_rb0_cb(struct bio *bio)
4122 {
4123 	struct rb0_cbdata *cbdata = (struct rb0_cbdata *)bio->bi_private;
4124 	int drive = cbdata->drive;
4125 
4126 	if (bio->bi_status) {
4127 		pr_info("floppy: error %d while reading block 0\n",
4128 			bio->bi_status);
4129 		set_bit(FD_OPEN_SHOULD_FAIL_BIT, &drive_state[drive].flags);
4130 	}
4131 	complete(&cbdata->complete);
4132 }
4133 
__floppy_read_block_0(struct block_device * bdev,int drive)4134 static int __floppy_read_block_0(struct block_device *bdev, int drive)
4135 {
4136 	struct bio bio;
4137 	struct bio_vec bio_vec;
4138 	struct page *page;
4139 	struct rb0_cbdata cbdata;
4140 
4141 	page = alloc_page(GFP_NOIO);
4142 	if (!page) {
4143 		process_fd_request();
4144 		return -ENOMEM;
4145 	}
4146 
4147 	cbdata.drive = drive;
4148 
4149 	bio_init(&bio, bdev, &bio_vec, 1, REQ_OP_READ);
4150 	bio_add_page(&bio, page, block_size(bdev), 0);
4151 
4152 	bio.bi_iter.bi_sector = 0;
4153 	bio.bi_flags |= (1 << BIO_QUIET);
4154 	bio.bi_private = &cbdata;
4155 	bio.bi_end_io = floppy_rb0_cb;
4156 
4157 	init_completion(&cbdata.complete);
4158 
4159 	submit_bio(&bio);
4160 	process_fd_request();
4161 
4162 	wait_for_completion(&cbdata.complete);
4163 
4164 	__free_page(page);
4165 
4166 	return 0;
4167 }
4168 
4169 /* revalidate the floppy disk, i.e. trigger format autodetection by reading
4170  * the bootblock (block 0). "Autodetection" is also needed to check whether
4171  * there is a disk in the drive at all... Thus we also do it for fixed
4172  * geometry formats */
floppy_revalidate(struct gendisk * disk)4173 static int floppy_revalidate(struct gendisk *disk)
4174 {
4175 	int drive = (long)disk->private_data;
4176 	int cf;
4177 	int res = 0;
4178 
4179 	if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4180 	    test_bit(FD_VERIFY_BIT, &drive_state[drive].flags) ||
4181 	    test_bit(drive, &fake_change) ||
4182 	    drive_no_geom(drive)) {
4183 		if (WARN(atomic_read(&usage_count) == 0,
4184 			 "VFS: revalidate called on non-open device.\n"))
4185 			return -EFAULT;
4186 
4187 		res = lock_fdc(drive);
4188 		if (res)
4189 			return res;
4190 		cf = (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4191 		      test_bit(FD_VERIFY_BIT, &drive_state[drive].flags));
4192 		if (!(cf || test_bit(drive, &fake_change) || drive_no_geom(drive))) {
4193 			process_fd_request();	/*already done by another thread */
4194 			return 0;
4195 		}
4196 		drive_state[drive].maxblock = 0;
4197 		drive_state[drive].maxtrack = 0;
4198 		if (buffer_drive == drive)
4199 			buffer_track = -1;
4200 		clear_bit(drive, &fake_change);
4201 		clear_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
4202 		if (cf)
4203 			drive_state[drive].generation++;
4204 		if (drive_no_geom(drive)) {
4205 			/* auto-sensing */
4206 			res = __floppy_read_block_0(opened_bdev[drive], drive);
4207 		} else {
4208 			if (cf)
4209 				poll_drive(false, FD_RAW_NEED_DISK);
4210 			process_fd_request();
4211 		}
4212 	}
4213 	set_capacity(disk, floppy_sizes[drive_state[drive].fd_device]);
4214 	return res;
4215 }
4216 
4217 static const struct block_device_operations floppy_fops = {
4218 	.owner			= THIS_MODULE,
4219 	.open			= floppy_open,
4220 	.release		= floppy_release,
4221 	.ioctl			= fd_ioctl,
4222 	.getgeo			= fd_getgeo,
4223 	.check_events		= floppy_check_events,
4224 #ifdef CONFIG_COMPAT
4225 	.compat_ioctl		= fd_compat_ioctl,
4226 #endif
4227 };
4228 
4229 /*
4230  * Floppy Driver initialization
4231  * =============================
4232  */
4233 
4234 /* Determine the floppy disk controller type */
4235 /* This routine was written by David C. Niemi */
get_fdc_version(int fdc)4236 static char __init get_fdc_version(int fdc)
4237 {
4238 	int r;
4239 
4240 	output_byte(fdc, FD_DUMPREGS);	/* 82072 and better know DUMPREGS */
4241 	if (fdc_state[fdc].reset)
4242 		return FDC_NONE;
4243 	r = result(fdc);
4244 	if (r <= 0x00)
4245 		return FDC_NONE;	/* No FDC present ??? */
4246 	if ((r == 1) && (reply_buffer[ST0] == 0x80)) {
4247 		pr_info("FDC %d is an 8272A\n", fdc);
4248 		return FDC_8272A;	/* 8272a/765 don't know DUMPREGS */
4249 	}
4250 	if (r != 10) {
4251 		pr_info("FDC %d init: DUMPREGS: unexpected return of %d bytes.\n",
4252 			fdc, r);
4253 		return FDC_UNKNOWN;
4254 	}
4255 
4256 	if (!fdc_configure(fdc)) {
4257 		pr_info("FDC %d is an 82072\n", fdc);
4258 		return FDC_82072;	/* 82072 doesn't know CONFIGURE */
4259 	}
4260 
4261 	output_byte(fdc, FD_PERPENDICULAR);
4262 	if (need_more_output(fdc) == MORE_OUTPUT) {
4263 		output_byte(fdc, 0);
4264 	} else {
4265 		pr_info("FDC %d is an 82072A\n", fdc);
4266 		return FDC_82072A;	/* 82072A as found on Sparcs. */
4267 	}
4268 
4269 	output_byte(fdc, FD_UNLOCK);
4270 	r = result(fdc);
4271 	if ((r == 1) && (reply_buffer[ST0] == 0x80)) {
4272 		pr_info("FDC %d is a pre-1991 82077\n", fdc);
4273 		return FDC_82077_ORIG;	/* Pre-1991 82077, doesn't know
4274 					 * LOCK/UNLOCK */
4275 	}
4276 	if ((r != 1) || (reply_buffer[ST0] != 0x00)) {
4277 		pr_info("FDC %d init: UNLOCK: unexpected return of %d bytes.\n",
4278 			fdc, r);
4279 		return FDC_UNKNOWN;
4280 	}
4281 	output_byte(fdc, FD_PARTID);
4282 	r = result(fdc);
4283 	if (r != 1) {
4284 		pr_info("FDC %d init: PARTID: unexpected return of %d bytes.\n",
4285 			fdc, r);
4286 		return FDC_UNKNOWN;
4287 	}
4288 	if (reply_buffer[ST0] == 0x80) {
4289 		pr_info("FDC %d is a post-1991 82077\n", fdc);
4290 		return FDC_82077;	/* Revised 82077AA passes all the tests */
4291 	}
4292 	switch (reply_buffer[ST0] >> 5) {
4293 	case 0x0:
4294 		/* Either a 82078-1 or a 82078SL running at 5Volt */
4295 		pr_info("FDC %d is an 82078.\n", fdc);
4296 		return FDC_82078;
4297 	case 0x1:
4298 		pr_info("FDC %d is a 44pin 82078\n", fdc);
4299 		return FDC_82078;
4300 	case 0x2:
4301 		pr_info("FDC %d is a S82078B\n", fdc);
4302 		return FDC_S82078B;
4303 	case 0x3:
4304 		pr_info("FDC %d is a National Semiconductor PC87306\n", fdc);
4305 		return FDC_87306;
4306 	default:
4307 		pr_info("FDC %d init: 82078 variant with unknown PARTID=%d.\n",
4308 			fdc, reply_buffer[ST0] >> 5);
4309 		return FDC_82078_UNKN;
4310 	}
4311 }				/* get_fdc_version */
4312 
4313 /* lilo configuration */
4314 
floppy_set_flags(int * ints,int param,int param2)4315 static void __init floppy_set_flags(int *ints, int param, int param2)
4316 {
4317 	int i;
4318 
4319 	for (i = 0; i < ARRAY_SIZE(default_drive_params); i++) {
4320 		if (param)
4321 			default_drive_params[i].params.flags |= param2;
4322 		else
4323 			default_drive_params[i].params.flags &= ~param2;
4324 	}
4325 	DPRINT("%s flag 0x%x\n", param2 ? "Setting" : "Clearing", param);
4326 }
4327 
daring(int * ints,int param,int param2)4328 static void __init daring(int *ints, int param, int param2)
4329 {
4330 	int i;
4331 
4332 	for (i = 0; i < ARRAY_SIZE(default_drive_params); i++) {
4333 		if (param) {
4334 			default_drive_params[i].params.select_delay = 0;
4335 			default_drive_params[i].params.flags |=
4336 			    FD_SILENT_DCL_CLEAR;
4337 		} else {
4338 			default_drive_params[i].params.select_delay =
4339 			    2 * HZ / 100;
4340 			default_drive_params[i].params.flags &=
4341 			    ~FD_SILENT_DCL_CLEAR;
4342 		}
4343 	}
4344 	DPRINT("Assuming %s floppy hardware\n", param ? "standard" : "broken");
4345 }
4346 
set_cmos(int * ints,int dummy,int dummy2)4347 static void __init set_cmos(int *ints, int dummy, int dummy2)
4348 {
4349 	int current_drive = 0;
4350 
4351 	if (ints[0] != 2) {
4352 		DPRINT("wrong number of parameters for CMOS\n");
4353 		return;
4354 	}
4355 	current_drive = ints[1];
4356 	if (current_drive < 0 || current_drive >= 8) {
4357 		DPRINT("bad drive for set_cmos\n");
4358 		return;
4359 	}
4360 #if N_FDC > 1
4361 	if (current_drive >= 4 && !FDC2)
4362 		FDC2 = 0x370;
4363 #endif
4364 	drive_params[current_drive].cmos = ints[2];
4365 	DPRINT("setting CMOS code to %d\n", ints[2]);
4366 }
4367 
4368 static struct param_table {
4369 	const char *name;
4370 	void (*fn) (int *ints, int param, int param2);
4371 	int *var;
4372 	int def_param;
4373 	int param2;
4374 } config_params[] __initdata = {
4375 	{"allowed_drive_mask", NULL, &allowed_drive_mask, 0xff, 0}, /* obsolete */
4376 	{"all_drives", NULL, &allowed_drive_mask, 0xff, 0},	/* obsolete */
4377 	{"asus_pci", NULL, &allowed_drive_mask, 0x33, 0},
4378 	{"irq", NULL, &FLOPPY_IRQ, 6, 0},
4379 	{"dma", NULL, &FLOPPY_DMA, 2, 0},
4380 	{"daring", daring, NULL, 1, 0},
4381 #if N_FDC > 1
4382 	{"two_fdc", NULL, &FDC2, 0x370, 0},
4383 	{"one_fdc", NULL, &FDC2, 0, 0},
4384 #endif
4385 	{"thinkpad", floppy_set_flags, NULL, 1, FD_INVERTED_DCL},
4386 	{"broken_dcl", floppy_set_flags, NULL, 1, FD_BROKEN_DCL},
4387 	{"messages", floppy_set_flags, NULL, 1, FTD_MSG},
4388 	{"silent_dcl_clear", floppy_set_flags, NULL, 1, FD_SILENT_DCL_CLEAR},
4389 	{"debug", floppy_set_flags, NULL, 1, FD_DEBUG},
4390 	{"nodma", NULL, &can_use_virtual_dma, 1, 0},
4391 	{"omnibook", NULL, &can_use_virtual_dma, 1, 0},
4392 	{"yesdma", NULL, &can_use_virtual_dma, 0, 0},
4393 	{"fifo_depth", NULL, &fifo_depth, 0xa, 0},
4394 	{"nofifo", NULL, &no_fifo, 0x20, 0},
4395 	{"usefifo", NULL, &no_fifo, 0, 0},
4396 	{"cmos", set_cmos, NULL, 0, 0},
4397 	{"slow", NULL, &slow_floppy, 1, 0},
4398 	{"unexpected_interrupts", NULL, &print_unex, 1, 0},
4399 	{"no_unexpected_interrupts", NULL, &print_unex, 0, 0},
4400 	{"L40SX", NULL, &print_unex, 0, 0}
4401 
4402 	EXTRA_FLOPPY_PARAMS
4403 };
4404 
floppy_setup(char * str)4405 static int __init floppy_setup(char *str)
4406 {
4407 	int i;
4408 	int param;
4409 	int ints[11];
4410 
4411 	str = get_options(str, ARRAY_SIZE(ints), ints);
4412 	if (str) {
4413 		for (i = 0; i < ARRAY_SIZE(config_params); i++) {
4414 			if (strcmp(str, config_params[i].name) == 0) {
4415 				if (ints[0])
4416 					param = ints[1];
4417 				else
4418 					param = config_params[i].def_param;
4419 				if (config_params[i].fn)
4420 					config_params[i].fn(ints, param,
4421 							    config_params[i].
4422 							    param2);
4423 				if (config_params[i].var) {
4424 					DPRINT("%s=%d\n", str, param);
4425 					*config_params[i].var = param;
4426 				}
4427 				return 1;
4428 			}
4429 		}
4430 	}
4431 	if (str) {
4432 		DPRINT("unknown floppy option [%s]\n", str);
4433 
4434 		DPRINT("allowed options are:");
4435 		for (i = 0; i < ARRAY_SIZE(config_params); i++)
4436 			pr_cont(" %s", config_params[i].name);
4437 		pr_cont("\n");
4438 	} else
4439 		DPRINT("botched floppy option\n");
4440 	DPRINT("Read Documentation/admin-guide/blockdev/floppy.rst\n");
4441 	return 0;
4442 }
4443 
4444 static int have_no_fdc = -ENODEV;
4445 
floppy_cmos_show(struct device * dev,struct device_attribute * attr,char * buf)4446 static ssize_t floppy_cmos_show(struct device *dev,
4447 				struct device_attribute *attr, char *buf)
4448 {
4449 	struct platform_device *p = to_platform_device(dev);
4450 	int drive;
4451 
4452 	drive = p->id;
4453 	return sprintf(buf, "%X\n", drive_params[drive].cmos);
4454 }
4455 
4456 static DEVICE_ATTR(cmos, 0444, floppy_cmos_show, NULL);
4457 
4458 static struct attribute *floppy_dev_attrs[] = {
4459 	&dev_attr_cmos.attr,
4460 	NULL
4461 };
4462 
4463 ATTRIBUTE_GROUPS(floppy_dev);
4464 
floppy_device_release(struct device * dev)4465 static void floppy_device_release(struct device *dev)
4466 {
4467 }
4468 
floppy_resume(struct device * dev)4469 static int floppy_resume(struct device *dev)
4470 {
4471 	int fdc;
4472 	int saved_drive;
4473 
4474 	saved_drive = current_drive;
4475 	for (fdc = 0; fdc < N_FDC; fdc++)
4476 		if (fdc_state[fdc].address != -1)
4477 			user_reset_fdc(REVDRIVE(fdc, 0), FD_RESET_ALWAYS, false);
4478 	set_fdc(saved_drive);
4479 	return 0;
4480 }
4481 
4482 static const struct dev_pm_ops floppy_pm_ops = {
4483 	.resume = floppy_resume,
4484 	.restore = floppy_resume,
4485 };
4486 
4487 static struct platform_driver floppy_driver = {
4488 	.driver = {
4489 		   .name = "floppy",
4490 		   .pm = &floppy_pm_ops,
4491 	},
4492 };
4493 
4494 static const struct blk_mq_ops floppy_mq_ops = {
4495 	.queue_rq = floppy_queue_rq,
4496 };
4497 
4498 static struct platform_device floppy_device[N_DRIVE];
4499 static bool registered[N_DRIVE];
4500 
floppy_available(int drive)4501 static bool floppy_available(int drive)
4502 {
4503 	if (!(allowed_drive_mask & (1 << drive)))
4504 		return false;
4505 	if (fdc_state[FDC(drive)].version == FDC_NONE)
4506 		return false;
4507 	return true;
4508 }
4509 
floppy_alloc_disk(unsigned int drive,unsigned int type)4510 static int floppy_alloc_disk(unsigned int drive, unsigned int type)
4511 {
4512 	struct gendisk *disk;
4513 
4514 	disk = blk_mq_alloc_disk(&tag_sets[drive], NULL);
4515 	if (IS_ERR(disk))
4516 		return PTR_ERR(disk);
4517 
4518 	blk_queue_max_hw_sectors(disk->queue, 64);
4519 	disk->major = FLOPPY_MAJOR;
4520 	disk->first_minor = TOMINOR(drive) | (type << 2);
4521 	disk->minors = 1;
4522 	disk->fops = &floppy_fops;
4523 	disk->flags |= GENHD_FL_NO_PART;
4524 	disk->events = DISK_EVENT_MEDIA_CHANGE;
4525 	if (type)
4526 		sprintf(disk->disk_name, "fd%d_type%d", drive, type);
4527 	else
4528 		sprintf(disk->disk_name, "fd%d", drive);
4529 	/* to be cleaned up... */
4530 	disk->private_data = (void *)(long)drive;
4531 	disk->flags |= GENHD_FL_REMOVABLE;
4532 
4533 	disks[drive][type] = disk;
4534 	return 0;
4535 }
4536 
4537 static DEFINE_MUTEX(floppy_probe_lock);
4538 
floppy_probe(dev_t dev)4539 static void floppy_probe(dev_t dev)
4540 {
4541 	unsigned int drive = (MINOR(dev) & 3) | ((MINOR(dev) & 0x80) >> 5);
4542 	unsigned int type = (MINOR(dev) >> 2) & 0x1f;
4543 
4544 	if (drive >= N_DRIVE || !floppy_available(drive) ||
4545 	    type >= ARRAY_SIZE(floppy_type))
4546 		return;
4547 
4548 	mutex_lock(&floppy_probe_lock);
4549 	if (disks[drive][type])
4550 		goto out;
4551 	if (floppy_alloc_disk(drive, type))
4552 		goto out;
4553 	if (add_disk(disks[drive][type]))
4554 		goto cleanup_disk;
4555 out:
4556 	mutex_unlock(&floppy_probe_lock);
4557 	return;
4558 
4559 cleanup_disk:
4560 	put_disk(disks[drive][type]);
4561 	disks[drive][type] = NULL;
4562 	mutex_unlock(&floppy_probe_lock);
4563 }
4564 
do_floppy_init(void)4565 static int __init do_floppy_init(void)
4566 {
4567 	int i, unit, drive, err;
4568 
4569 	set_debugt();
4570 	interruptjiffies = resultjiffies = jiffies;
4571 
4572 #if defined(CONFIG_PPC)
4573 	if (check_legacy_ioport(FDC1))
4574 		return -ENODEV;
4575 #endif
4576 
4577 	raw_cmd = NULL;
4578 
4579 	floppy_wq = alloc_ordered_workqueue("floppy", 0);
4580 	if (!floppy_wq)
4581 		return -ENOMEM;
4582 
4583 	for (drive = 0; drive < N_DRIVE; drive++) {
4584 		memset(&tag_sets[drive], 0, sizeof(tag_sets[drive]));
4585 		tag_sets[drive].ops = &floppy_mq_ops;
4586 		tag_sets[drive].nr_hw_queues = 1;
4587 		tag_sets[drive].nr_maps = 1;
4588 		tag_sets[drive].queue_depth = 2;
4589 		tag_sets[drive].numa_node = NUMA_NO_NODE;
4590 		tag_sets[drive].flags = BLK_MQ_F_SHOULD_MERGE;
4591 		err = blk_mq_alloc_tag_set(&tag_sets[drive]);
4592 		if (err)
4593 			goto out_put_disk;
4594 
4595 		err = floppy_alloc_disk(drive, 0);
4596 		if (err)
4597 			goto out_put_disk;
4598 
4599 		timer_setup(&motor_off_timer[drive], motor_off_callback, 0);
4600 	}
4601 
4602 	err = __register_blkdev(FLOPPY_MAJOR, "fd", floppy_probe);
4603 	if (err)
4604 		goto out_put_disk;
4605 
4606 	err = platform_driver_register(&floppy_driver);
4607 	if (err)
4608 		goto out_unreg_blkdev;
4609 
4610 	for (i = 0; i < 256; i++)
4611 		if (ITYPE(i))
4612 			floppy_sizes[i] = floppy_type[ITYPE(i)].size;
4613 		else
4614 			floppy_sizes[i] = MAX_DISK_SIZE << 1;
4615 
4616 	reschedule_timeout(MAXTIMEOUT, "floppy init");
4617 	config_types();
4618 
4619 	for (i = 0; i < N_FDC; i++) {
4620 		memset(&fdc_state[i], 0, sizeof(*fdc_state));
4621 		fdc_state[i].dtr = -1;
4622 		fdc_state[i].dor = 0x4;
4623 #if defined(__sparc__) || defined(__mc68000__)
4624 	/*sparcs/sun3x don't have a DOR reset which we can fall back on to */
4625 #ifdef __mc68000__
4626 		if (MACH_IS_SUN3X)
4627 #endif
4628 			fdc_state[i].version = FDC_82072A;
4629 #endif
4630 	}
4631 
4632 	use_virtual_dma = can_use_virtual_dma & 1;
4633 	fdc_state[0].address = FDC1;
4634 	if (fdc_state[0].address == -1) {
4635 		cancel_delayed_work(&fd_timeout);
4636 		err = -ENODEV;
4637 		goto out_unreg_driver;
4638 	}
4639 #if N_FDC > 1
4640 	fdc_state[1].address = FDC2;
4641 #endif
4642 
4643 	current_fdc = 0;	/* reset fdc in case of unexpected interrupt */
4644 	err = floppy_grab_irq_and_dma();
4645 	if (err) {
4646 		cancel_delayed_work(&fd_timeout);
4647 		err = -EBUSY;
4648 		goto out_unreg_driver;
4649 	}
4650 
4651 	/* initialise drive state */
4652 	for (drive = 0; drive < N_DRIVE; drive++) {
4653 		memset(&drive_state[drive], 0, sizeof(drive_state[drive]));
4654 		memset(&write_errors[drive], 0, sizeof(write_errors[drive]));
4655 		set_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[drive].flags);
4656 		set_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
4657 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
4658 		drive_state[drive].fd_device = -1;
4659 		floppy_track_buffer = NULL;
4660 		max_buffer_sectors = 0;
4661 	}
4662 	/*
4663 	 * Small 10 msec delay to let through any interrupt that
4664 	 * initialization might have triggered, to not
4665 	 * confuse detection:
4666 	 */
4667 	msleep(10);
4668 
4669 	for (i = 0; i < N_FDC; i++) {
4670 		fdc_state[i].driver_version = FD_DRIVER_VERSION;
4671 		for (unit = 0; unit < 4; unit++)
4672 			fdc_state[i].track[unit] = 0;
4673 		if (fdc_state[i].address == -1)
4674 			continue;
4675 		fdc_state[i].rawcmd = 2;
4676 		if (user_reset_fdc(REVDRIVE(i, 0), FD_RESET_ALWAYS, false)) {
4677 			/* free ioports reserved by floppy_grab_irq_and_dma() */
4678 			floppy_release_regions(i);
4679 			fdc_state[i].address = -1;
4680 			fdc_state[i].version = FDC_NONE;
4681 			continue;
4682 		}
4683 		/* Try to determine the floppy controller type */
4684 		fdc_state[i].version = get_fdc_version(i);
4685 		if (fdc_state[i].version == FDC_NONE) {
4686 			/* free ioports reserved by floppy_grab_irq_and_dma() */
4687 			floppy_release_regions(i);
4688 			fdc_state[i].address = -1;
4689 			continue;
4690 		}
4691 		if (can_use_virtual_dma == 2 &&
4692 		    fdc_state[i].version < FDC_82072A)
4693 			can_use_virtual_dma = 0;
4694 
4695 		have_no_fdc = 0;
4696 		/* Not all FDCs seem to be able to handle the version command
4697 		 * properly, so force a reset for the standard FDC clones,
4698 		 * to avoid interrupt garbage.
4699 		 */
4700 		user_reset_fdc(REVDRIVE(i, 0), FD_RESET_ALWAYS, false);
4701 	}
4702 	current_fdc = 0;
4703 	cancel_delayed_work(&fd_timeout);
4704 	current_drive = 0;
4705 	initialized = true;
4706 	if (have_no_fdc) {
4707 		DPRINT("no floppy controllers found\n");
4708 		err = have_no_fdc;
4709 		goto out_release_dma;
4710 	}
4711 
4712 	for (drive = 0; drive < N_DRIVE; drive++) {
4713 		if (!floppy_available(drive))
4714 			continue;
4715 
4716 		floppy_device[drive].name = floppy_device_name;
4717 		floppy_device[drive].id = drive;
4718 		floppy_device[drive].dev.release = floppy_device_release;
4719 		floppy_device[drive].dev.groups = floppy_dev_groups;
4720 
4721 		err = platform_device_register(&floppy_device[drive]);
4722 		if (err)
4723 			goto out_remove_drives;
4724 
4725 		registered[drive] = true;
4726 
4727 		err = device_add_disk(&floppy_device[drive].dev,
4728 				      disks[drive][0], NULL);
4729 		if (err)
4730 			goto out_remove_drives;
4731 	}
4732 
4733 	return 0;
4734 
4735 out_remove_drives:
4736 	while (drive--) {
4737 		if (floppy_available(drive)) {
4738 			del_gendisk(disks[drive][0]);
4739 			if (registered[drive])
4740 				platform_device_unregister(&floppy_device[drive]);
4741 		}
4742 	}
4743 out_release_dma:
4744 	if (atomic_read(&usage_count))
4745 		floppy_release_irq_and_dma();
4746 out_unreg_driver:
4747 	platform_driver_unregister(&floppy_driver);
4748 out_unreg_blkdev:
4749 	unregister_blkdev(FLOPPY_MAJOR, "fd");
4750 out_put_disk:
4751 	destroy_workqueue(floppy_wq);
4752 	for (drive = 0; drive < N_DRIVE; drive++) {
4753 		if (!disks[drive][0])
4754 			break;
4755 		del_timer_sync(&motor_off_timer[drive]);
4756 		put_disk(disks[drive][0]);
4757 		blk_mq_free_tag_set(&tag_sets[drive]);
4758 	}
4759 	return err;
4760 }
4761 
4762 #ifndef MODULE
floppy_async_init(void * data,async_cookie_t cookie)4763 static __init void floppy_async_init(void *data, async_cookie_t cookie)
4764 {
4765 	do_floppy_init();
4766 }
4767 #endif
4768 
floppy_init(void)4769 static int __init floppy_init(void)
4770 {
4771 #ifdef MODULE
4772 	return do_floppy_init();
4773 #else
4774 	/* Don't hold up the bootup by the floppy initialization */
4775 	async_schedule(floppy_async_init, NULL);
4776 	return 0;
4777 #endif
4778 }
4779 
4780 static const struct io_region {
4781 	int offset;
4782 	int size;
4783 } io_regions[] = {
4784 	{ 2, 1 },
4785 	/* address + 3 is sometimes reserved by pnp bios for motherboard */
4786 	{ 4, 2 },
4787 	/* address + 6 is reserved, and may be taken by IDE.
4788 	 * Unfortunately, Adaptec doesn't know this :-(, */
4789 	{ 7, 1 },
4790 };
4791 
floppy_release_allocated_regions(int fdc,const struct io_region * p)4792 static void floppy_release_allocated_regions(int fdc, const struct io_region *p)
4793 {
4794 	while (p != io_regions) {
4795 		p--;
4796 		release_region(fdc_state[fdc].address + p->offset, p->size);
4797 	}
4798 }
4799 
4800 #define ARRAY_END(X) (&((X)[ARRAY_SIZE(X)]))
4801 
floppy_request_regions(int fdc)4802 static int floppy_request_regions(int fdc)
4803 {
4804 	const struct io_region *p;
4805 
4806 	for (p = io_regions; p < ARRAY_END(io_regions); p++) {
4807 		if (!request_region(fdc_state[fdc].address + p->offset,
4808 				    p->size, "floppy")) {
4809 			DPRINT("Floppy io-port 0x%04lx in use\n",
4810 			       fdc_state[fdc].address + p->offset);
4811 			floppy_release_allocated_regions(fdc, p);
4812 			return -EBUSY;
4813 		}
4814 	}
4815 	return 0;
4816 }
4817 
floppy_release_regions(int fdc)4818 static void floppy_release_regions(int fdc)
4819 {
4820 	floppy_release_allocated_regions(fdc, ARRAY_END(io_regions));
4821 }
4822 
floppy_grab_irq_and_dma(void)4823 static int floppy_grab_irq_and_dma(void)
4824 {
4825 	int fdc;
4826 
4827 	if (atomic_inc_return(&usage_count) > 1)
4828 		return 0;
4829 
4830 	/*
4831 	 * We might have scheduled a free_irq(), wait it to
4832 	 * drain first:
4833 	 */
4834 	flush_workqueue(floppy_wq);
4835 
4836 	if (fd_request_irq()) {
4837 		DPRINT("Unable to grab IRQ%d for the floppy driver\n",
4838 		       FLOPPY_IRQ);
4839 		atomic_dec(&usage_count);
4840 		return -1;
4841 	}
4842 	if (fd_request_dma()) {
4843 		DPRINT("Unable to grab DMA%d for the floppy driver\n",
4844 		       FLOPPY_DMA);
4845 		if (can_use_virtual_dma & 2)
4846 			use_virtual_dma = can_use_virtual_dma = 1;
4847 		if (!(can_use_virtual_dma & 1)) {
4848 			fd_free_irq();
4849 			atomic_dec(&usage_count);
4850 			return -1;
4851 		}
4852 	}
4853 
4854 	for (fdc = 0; fdc < N_FDC; fdc++) {
4855 		if (fdc_state[fdc].address != -1) {
4856 			if (floppy_request_regions(fdc))
4857 				goto cleanup;
4858 		}
4859 	}
4860 	for (fdc = 0; fdc < N_FDC; fdc++) {
4861 		if (fdc_state[fdc].address != -1) {
4862 			reset_fdc_info(fdc, 1);
4863 			fdc_outb(fdc_state[fdc].dor, fdc, FD_DOR);
4864 		}
4865 	}
4866 
4867 	set_dor(0, ~0, 8);	/* avoid immediate interrupt */
4868 
4869 	for (fdc = 0; fdc < N_FDC; fdc++)
4870 		if (fdc_state[fdc].address != -1)
4871 			fdc_outb(fdc_state[fdc].dor, fdc, FD_DOR);
4872 	/*
4873 	 * The driver will try and free resources and relies on us
4874 	 * to know if they were allocated or not.
4875 	 */
4876 	current_fdc = 0;
4877 	irqdma_allocated = 1;
4878 	return 0;
4879 cleanup:
4880 	fd_free_irq();
4881 	fd_free_dma();
4882 	while (--fdc >= 0)
4883 		floppy_release_regions(fdc);
4884 	current_fdc = 0;
4885 	atomic_dec(&usage_count);
4886 	return -1;
4887 }
4888 
floppy_release_irq_and_dma(void)4889 static void floppy_release_irq_and_dma(void)
4890 {
4891 	int fdc;
4892 #ifndef __sparc__
4893 	int drive;
4894 #endif
4895 	long tmpsize;
4896 	unsigned long tmpaddr;
4897 
4898 	if (!atomic_dec_and_test(&usage_count))
4899 		return;
4900 
4901 	if (irqdma_allocated) {
4902 		fd_disable_dma();
4903 		fd_free_dma();
4904 		fd_free_irq();
4905 		irqdma_allocated = 0;
4906 	}
4907 	set_dor(0, ~0, 8);
4908 #if N_FDC > 1
4909 	set_dor(1, ~8, 0);
4910 #endif
4911 
4912 	if (floppy_track_buffer && max_buffer_sectors) {
4913 		tmpsize = max_buffer_sectors * 1024;
4914 		tmpaddr = (unsigned long)floppy_track_buffer;
4915 		floppy_track_buffer = NULL;
4916 		max_buffer_sectors = 0;
4917 		buffer_min = buffer_max = -1;
4918 		fd_dma_mem_free(tmpaddr, tmpsize);
4919 	}
4920 #ifndef __sparc__
4921 	for (drive = 0; drive < N_FDC * 4; drive++)
4922 		if (timer_pending(motor_off_timer + drive))
4923 			pr_info("motor off timer %d still active\n", drive);
4924 #endif
4925 
4926 	if (delayed_work_pending(&fd_timeout))
4927 		pr_info("floppy timer still active:%s\n", timeout_message);
4928 	if (delayed_work_pending(&fd_timer))
4929 		pr_info("auxiliary floppy timer still active\n");
4930 	if (work_pending(&floppy_work))
4931 		pr_info("work still pending\n");
4932 	for (fdc = 0; fdc < N_FDC; fdc++)
4933 		if (fdc_state[fdc].address != -1)
4934 			floppy_release_regions(fdc);
4935 }
4936 
4937 #ifdef MODULE
4938 
4939 static char *floppy;
4940 
parse_floppy_cfg_string(char * cfg)4941 static void __init parse_floppy_cfg_string(char *cfg)
4942 {
4943 	char *ptr;
4944 
4945 	while (*cfg) {
4946 		ptr = cfg;
4947 		while (*cfg && *cfg != ' ' && *cfg != '\t')
4948 			cfg++;
4949 		if (*cfg) {
4950 			*cfg = '\0';
4951 			cfg++;
4952 		}
4953 		if (*ptr)
4954 			floppy_setup(ptr);
4955 	}
4956 }
4957 
floppy_module_init(void)4958 static int __init floppy_module_init(void)
4959 {
4960 	if (floppy)
4961 		parse_floppy_cfg_string(floppy);
4962 	return floppy_init();
4963 }
4964 module_init(floppy_module_init);
4965 
floppy_module_exit(void)4966 static void __exit floppy_module_exit(void)
4967 {
4968 	int drive, i;
4969 
4970 	unregister_blkdev(FLOPPY_MAJOR, "fd");
4971 	platform_driver_unregister(&floppy_driver);
4972 
4973 	destroy_workqueue(floppy_wq);
4974 
4975 	for (drive = 0; drive < N_DRIVE; drive++) {
4976 		del_timer_sync(&motor_off_timer[drive]);
4977 
4978 		if (floppy_available(drive)) {
4979 			for (i = 0; i < ARRAY_SIZE(floppy_type); i++) {
4980 				if (disks[drive][i])
4981 					del_gendisk(disks[drive][i]);
4982 			}
4983 			if (registered[drive])
4984 				platform_device_unregister(&floppy_device[drive]);
4985 		}
4986 		for (i = 0; i < ARRAY_SIZE(floppy_type); i++) {
4987 			if (disks[drive][i])
4988 				put_disk(disks[drive][i]);
4989 		}
4990 		blk_mq_free_tag_set(&tag_sets[drive]);
4991 	}
4992 
4993 	cancel_delayed_work_sync(&fd_timeout);
4994 	cancel_delayed_work_sync(&fd_timer);
4995 
4996 	if (atomic_read(&usage_count))
4997 		floppy_release_irq_and_dma();
4998 
4999 	/* eject disk, if any */
5000 	fd_eject(0);
5001 }
5002 
5003 module_exit(floppy_module_exit);
5004 
5005 module_param(floppy, charp, 0);
5006 module_param(FLOPPY_IRQ, int, 0);
5007 module_param(FLOPPY_DMA, int, 0);
5008 MODULE_AUTHOR("Alain L. Knaff");
5009 MODULE_LICENSE("GPL");
5010 
5011 /* This doesn't actually get used other than for module information */
5012 static const struct pnp_device_id floppy_pnpids[] = {
5013 	{"PNP0700", 0},
5014 	{}
5015 };
5016 
5017 MODULE_DEVICE_TABLE(pnp, floppy_pnpids);
5018 
5019 #else
5020 
5021 __setup("floppy=", floppy_setup);
5022 module_init(floppy_init)
5023 #endif
5024 
5025 MODULE_ALIAS_BLOCKDEV_MAJOR(FLOPPY_MAJOR);
5026