1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  *  linux/drivers/block/floppy.c
4  *
5  *  Copyright (C) 1991, 1992  Linus Torvalds
6  *  Copyright (C) 1993, 1994  Alain Knaff
7  *  Copyright (C) 1998 Alan Cox
8  */
9 
10 /*
11  * 02.12.91 - Changed to static variables to indicate need for reset
12  * and recalibrate. This makes some things easier (output_byte reset
13  * checking etc), and means less interrupt jumping in case of errors,
14  * so the code is hopefully easier to understand.
15  */
16 
17 /*
18  * This file is certainly a mess. I've tried my best to get it working,
19  * but I don't like programming floppies, and I have only one anyway.
20  * Urgel. I should check for more errors, and do more graceful error
21  * recovery. Seems there are problems with several drives. I've tried to
22  * correct them. No promises.
23  */
24 
25 /*
26  * As with hd.c, all routines within this file can (and will) be called
27  * by interrupts, so extreme caution is needed. A hardware interrupt
28  * handler may not sleep, or a kernel panic will happen. Thus I cannot
29  * call "floppy-on" directly, but have to set a special timer interrupt
30  * etc.
31  */
32 
33 /*
34  * 28.02.92 - made track-buffering routines, based on the routines written
35  * by entropy@wintermute.wpi.edu (Lawrence Foard). Linus.
36  */
37 
38 /*
39  * Automatic floppy-detection and formatting written by Werner Almesberger
40  * (almesber@nessie.cs.id.ethz.ch), who also corrected some problems with
41  * the floppy-change signal detection.
42  */
43 
44 /*
45  * 1992/7/22 -- Hennus Bergman: Added better error reporting, fixed
46  * FDC data overrun bug, added some preliminary stuff for vertical
47  * recording support.
48  *
49  * 1992/9/17: Added DMA allocation & DMA functions. -- hhb.
50  *
51  * TODO: Errors are still not counted properly.
52  */
53 
54 /* 1992/9/20
55  * Modifications for ``Sector Shifting'' by Rob Hooft (hooft@chem.ruu.nl)
56  * modeled after the freeware MS-DOS program fdformat/88 V1.8 by
57  * Christoph H. Hochst\"atter.
58  * I have fixed the shift values to the ones I always use. Maybe a new
59  * ioctl() should be created to be able to modify them.
60  * There is a bug in the driver that makes it impossible to format a
61  * floppy as the first thing after bootup.
62  */
63 
64 /*
65  * 1993/4/29 -- Linus -- cleaned up the timer handling in the kernel, and
66  * this helped the floppy driver as well. Much cleaner, and still seems to
67  * work.
68  */
69 
70 /* 1994/6/24 --bbroad-- added the floppy table entries and made
71  * minor modifications to allow 2.88 floppies to be run.
72  */
73 
74 /* 1994/7/13 -- Paul Vojta -- modified the probing code to allow three or more
75  * disk types.
76  */
77 
78 /*
79  * 1994/8/8 -- Alain Knaff -- Switched to fdpatch driver: Support for bigger
80  * format bug fixes, but unfortunately some new bugs too...
81  */
82 
83 /* 1994/9/17 -- Koen Holtman -- added logging of physical floppy write
84  * errors to allow safe writing by specialized programs.
85  */
86 
87 /* 1995/4/24 -- Dan Fandrich -- added support for Commodore 1581 3.5" disks
88  * by defining bit 1 of the "stretch" parameter to mean put sectors on the
89  * opposite side of the disk, leaving the sector IDs alone (i.e. Commodore's
90  * drives are "upside-down").
91  */
92 
93 /*
94  * 1995/8/26 -- Andreas Busse -- added Mips support.
95  */
96 
97 /*
98  * 1995/10/18 -- Ralf Baechle -- Portability cleanup; move machine dependent
99  * features to asm/floppy.h.
100  */
101 
102 /*
103  * 1998/1/21 -- Richard Gooch <rgooch@atnf.csiro.au> -- devfs support
104  */
105 
106 /*
107  * 1998/05/07 -- Russell King -- More portability cleanups; moved definition of
108  * interrupt and dma channel to asm/floppy.h. Cleaned up some formatting &
109  * use of '0' for NULL.
110  */
111 
112 /*
113  * 1998/06/07 -- Alan Cox -- Merged the 2.0.34 fixes for resource allocation
114  * failures.
115  */
116 
117 /*
118  * 1998/09/20 -- David Weinehall -- Added slow-down code for buggy PS/2-drives.
119  */
120 
121 /*
122  * 1999/08/13 -- Paul Slootman -- floppy stopped working on Alpha after 24
123  * days, 6 hours, 32 minutes and 32 seconds (i.e. MAXINT jiffies; ints were
124  * being used to store jiffies, which are unsigned longs).
125  */
126 
127 /*
128  * 2000/08/28 -- Arnaldo Carvalho de Melo <acme@conectiva.com.br>
129  * - get rid of check_region
130  * - s/suser/capable/
131  */
132 
133 /*
134  * 2001/08/26 -- Paul Gortmaker - fix insmod oops on machines with no
135  * floppy controller (lingering task on list after module is gone... boom.)
136  */
137 
138 /*
139  * 2002/02/07 -- Anton Altaparmakov - Fix io ports reservation to correct range
140  * (0x3f2-0x3f5, 0x3f7). This fix is a bit of a hack but the proper fix
141  * requires many non-obvious changes in arch dependent code.
142  */
143 
144 /* 2003/07/28 -- Daniele Bellucci <bellucda@tiscali.it>.
145  * Better audit of register_blkdev.
146  */
147 
148 #define REALLY_SLOW_IO
149 
150 #define DEBUGT 2
151 
152 #define DPRINT(format, args...) \
153 	pr_info("floppy%d: " format, current_drive, ##args)
154 
155 #define DCL_DEBUG		/* debug disk change line */
156 #ifdef DCL_DEBUG
157 #define debug_dcl(test, fmt, args...) \
158 	do { if ((test) & FD_DEBUG) DPRINT(fmt, ##args); } while (0)
159 #else
160 #define debug_dcl(test, fmt, args...) \
161 	do { if (0) DPRINT(fmt, ##args); } while (0)
162 #endif
163 
164 /* do print messages for unexpected interrupts */
165 static int print_unex = 1;
166 #include <linux/module.h>
167 #include <linux/sched.h>
168 #include <linux/fs.h>
169 #include <linux/kernel.h>
170 #include <linux/timer.h>
171 #include <linux/workqueue.h>
172 #include <linux/fdreg.h>
173 #include <linux/fd.h>
174 #include <linux/hdreg.h>
175 #include <linux/errno.h>
176 #include <linux/slab.h>
177 #include <linux/mm.h>
178 #include <linux/bio.h>
179 #include <linux/string.h>
180 #include <linux/jiffies.h>
181 #include <linux/fcntl.h>
182 #include <linux/delay.h>
183 #include <linux/mc146818rtc.h>	/* CMOS defines */
184 #include <linux/ioport.h>
185 #include <linux/interrupt.h>
186 #include <linux/init.h>
187 #include <linux/major.h>
188 #include <linux/platform_device.h>
189 #include <linux/mod_devicetable.h>
190 #include <linux/mutex.h>
191 #include <linux/io.h>
192 #include <linux/uaccess.h>
193 #include <linux/async.h>
194 #include <linux/compat.h>
195 
196 /*
197  * PS/2 floppies have much slower step rates than regular floppies.
198  * It's been recommended that take about 1/4 of the default speed
199  * in some more extreme cases.
200  */
201 static DEFINE_MUTEX(floppy_mutex);
202 static int slow_floppy;
203 
204 #include <asm/dma.h>
205 #include <asm/irq.h>
206 
207 static int FLOPPY_IRQ = 6;
208 static int FLOPPY_DMA = 2;
209 static int can_use_virtual_dma = 2;
210 /* =======
211  * can use virtual DMA:
212  * 0 = use of virtual DMA disallowed by config
213  * 1 = use of virtual DMA prescribed by config
214  * 2 = no virtual DMA preference configured.  By default try hard DMA,
215  * but fall back on virtual DMA when not enough memory available
216  */
217 
218 static int use_virtual_dma;
219 /* =======
220  * use virtual DMA
221  * 0 using hard DMA
222  * 1 using virtual DMA
223  * This variable is set to virtual when a DMA mem problem arises, and
224  * reset back in floppy_grab_irq_and_dma.
225  * It is not safe to reset it in other circumstances, because the floppy
226  * driver may have several buffers in use at once, and we do currently not
227  * record each buffers capabilities
228  */
229 
230 static DEFINE_SPINLOCK(floppy_lock);
231 
232 static unsigned short virtual_dma_port = 0x3f0;
233 irqreturn_t floppy_interrupt(int irq, void *dev_id);
234 static int set_dor(int fdc, char mask, char data);
235 
236 #define K_64	0x10000		/* 64KB */
237 
238 /* the following is the mask of allowed drives. By default units 2 and
239  * 3 of both floppy controllers are disabled, because switching on the
240  * motor of these drives causes system hangs on some PCI computers. drive
241  * 0 is the low bit (0x1), and drive 7 is the high bit (0x80). Bits are on if
242  * a drive is allowed.
243  *
244  * NOTE: This must come before we include the arch floppy header because
245  *       some ports reference this variable from there. -DaveM
246  */
247 
248 static int allowed_drive_mask = 0x33;
249 
250 #include <asm/floppy.h>
251 
252 static int irqdma_allocated;
253 
254 #include <linux/blk-mq.h>
255 #include <linux/blkpg.h>
256 #include <linux/cdrom.h>	/* for the compatibility eject ioctl */
257 #include <linux/completion.h>
258 
259 static LIST_HEAD(floppy_reqs);
260 static struct request *current_req;
261 static int set_next_request(void);
262 
263 #ifndef fd_get_dma_residue
264 #define fd_get_dma_residue() get_dma_residue(FLOPPY_DMA)
265 #endif
266 
267 /* Dma Memory related stuff */
268 
269 #ifndef fd_dma_mem_free
270 #define fd_dma_mem_free(addr, size) free_pages(addr, get_order(size))
271 #endif
272 
273 #ifndef fd_dma_mem_alloc
274 #define fd_dma_mem_alloc(size) __get_dma_pages(GFP_KERNEL, get_order(size))
275 #endif
276 
277 #ifndef fd_cacheflush
278 #define fd_cacheflush(addr, size) /* nothing... */
279 #endif
280 
fallback_on_nodma_alloc(char ** addr,size_t l)281 static inline void fallback_on_nodma_alloc(char **addr, size_t l)
282 {
283 #ifdef FLOPPY_CAN_FALLBACK_ON_NODMA
284 	if (*addr)
285 		return;		/* we have the memory */
286 	if (can_use_virtual_dma != 2)
287 		return;		/* no fallback allowed */
288 	pr_info("DMA memory shortage. Temporarily falling back on virtual DMA\n");
289 	*addr = (char *)nodma_mem_alloc(l);
290 #else
291 	return;
292 #endif
293 }
294 
295 /* End dma memory related stuff */
296 
297 static unsigned long fake_change;
298 static bool initialized;
299 
300 #define ITYPE(x)	(((x) >> 2) & 0x1f)
301 #define TOMINOR(x)	((x & 3) | ((x & 4) << 5))
302 #define UNIT(x)		((x) & 0x03)		/* drive on fdc */
303 #define FDC(x)		(((x) & 0x04) >> 2)	/* fdc of drive */
304 	/* reverse mapping from unit and fdc to drive */
305 #define REVDRIVE(fdc, unit) ((unit) + ((fdc) << 2))
306 
307 #define PH_HEAD(floppy, head) (((((floppy)->stretch & 2) >> 1) ^ head) << 2)
308 #define STRETCH(floppy)	((floppy)->stretch & FD_STRETCH)
309 
310 /* read/write commands */
311 #define COMMAND			0
312 #define DR_SELECT		1
313 #define TRACK			2
314 #define HEAD			3
315 #define SECTOR			4
316 #define SIZECODE		5
317 #define SECT_PER_TRACK		6
318 #define GAP			7
319 #define SIZECODE2		8
320 #define NR_RW 9
321 
322 /* format commands */
323 #define F_SIZECODE		2
324 #define F_SECT_PER_TRACK	3
325 #define F_GAP			4
326 #define F_FILL			5
327 #define NR_F 6
328 
329 /*
330  * Maximum disk size (in kilobytes).
331  * This default is used whenever the current disk size is unknown.
332  * [Now it is rather a minimum]
333  */
334 #define MAX_DISK_SIZE 4		/* 3984 */
335 
336 /*
337  * globals used by 'result()'
338  */
339 static unsigned char reply_buffer[FD_RAW_REPLY_SIZE];
340 static int inr;		/* size of reply buffer, when called from interrupt */
341 #define ST0		0
342 #define ST1		1
343 #define ST2		2
344 #define ST3		0	/* result of GETSTATUS */
345 #define R_TRACK		3
346 #define R_HEAD		4
347 #define R_SECTOR	5
348 #define R_SIZECODE	6
349 
350 #define SEL_DLY		(2 * HZ / 100)
351 
352 /*
353  * this struct defines the different floppy drive types.
354  */
355 static struct {
356 	struct floppy_drive_params params;
357 	const char *name;	/* name printed while booting */
358 } default_drive_params[] = {
359 /* NOTE: the time values in jiffies should be in msec!
360  CMOS drive type
361   |     Maximum data rate supported by drive type
362   |     |   Head load time, msec
363   |     |   |   Head unload time, msec (not used)
364   |     |   |   |     Step rate interval, usec
365   |     |   |   |     |       Time needed for spinup time (jiffies)
366   |     |   |   |     |       |      Timeout for spinning down (jiffies)
367   |     |   |   |     |       |      |   Spindown offset (where disk stops)
368   |     |   |   |     |       |      |   |     Select delay
369   |     |   |   |     |       |      |   |     |     RPS
370   |     |   |   |     |       |      |   |     |     |    Max number of tracks
371   |     |   |   |     |       |      |   |     |     |    |     Interrupt timeout
372   |     |   |   |     |       |      |   |     |     |    |     |   Max nonintlv. sectors
373   |     |   |   |     |       |      |   |     |     |    |     |   | -Max Errors- flags */
374 {{0,  500, 16, 16, 8000,    1*HZ, 3*HZ,  0, SEL_DLY, 5,  80, 3*HZ, 20, {3,1,2,0,2}, 0,
375       0, { 7, 4, 8, 2, 1, 5, 3,10}, 3*HZ/2, 0 }, "unknown" },
376 
377 {{1,  300, 16, 16, 8000,    1*HZ, 3*HZ,  0, SEL_DLY, 5,  40, 3*HZ, 17, {3,1,2,0,2}, 0,
378       0, { 1, 0, 0, 0, 0, 0, 0, 0}, 3*HZ/2, 1 }, "360K PC" }, /*5 1/4 360 KB PC*/
379 
380 {{2,  500, 16, 16, 6000, 4*HZ/10, 3*HZ, 14, SEL_DLY, 6,  83, 3*HZ, 17, {3,1,2,0,2}, 0,
381       0, { 2, 5, 6,23,10,20,12, 0}, 3*HZ/2, 2 }, "1.2M" }, /*5 1/4 HD AT*/
382 
383 {{3,  250, 16, 16, 3000,    1*HZ, 3*HZ,  0, SEL_DLY, 5,  83, 3*HZ, 20, {3,1,2,0,2}, 0,
384       0, { 4,22,21,30, 3, 0, 0, 0}, 3*HZ/2, 4 }, "720k" }, /*3 1/2 DD*/
385 
386 {{4,  500, 16, 16, 4000, 4*HZ/10, 3*HZ, 10, SEL_DLY, 5,  83, 3*HZ, 20, {3,1,2,0,2}, 0,
387       0, { 7, 4,25,22,31,21,29,11}, 3*HZ/2, 7 }, "1.44M" }, /*3 1/2 HD*/
388 
389 {{5, 1000, 15,  8, 3000, 4*HZ/10, 3*HZ, 10, SEL_DLY, 5,  83, 3*HZ, 40, {3,1,2,0,2}, 0,
390       0, { 7, 8, 4,25,28,22,31,21}, 3*HZ/2, 8 }, "2.88M AMI BIOS" }, /*3 1/2 ED*/
391 
392 {{6, 1000, 15,  8, 3000, 4*HZ/10, 3*HZ, 10, SEL_DLY, 5,  83, 3*HZ, 40, {3,1,2,0,2}, 0,
393       0, { 7, 8, 4,25,28,22,31,21}, 3*HZ/2, 8 }, "2.88M" } /*3 1/2 ED*/
394 /*    |  --autodetected formats---    |      |      |
395  *    read_track                      |      |    Name printed when booting
396  *				      |     Native format
397  *	            Frequency of disk change checks */
398 };
399 
400 static struct floppy_drive_params drive_params[N_DRIVE];
401 static struct floppy_drive_struct drive_state[N_DRIVE];
402 static struct floppy_write_errors write_errors[N_DRIVE];
403 static struct timer_list motor_off_timer[N_DRIVE];
404 static struct blk_mq_tag_set tag_sets[N_DRIVE];
405 static struct gendisk *opened_disk[N_DRIVE];
406 static DEFINE_MUTEX(open_lock);
407 static struct floppy_raw_cmd *raw_cmd, default_raw_cmd;
408 
409 /*
410  * This struct defines the different floppy types.
411  *
412  * Bit 0 of 'stretch' tells if the tracks need to be doubled for some
413  * types (e.g. 360kB diskette in 1.2MB drive, etc.).  Bit 1 of 'stretch'
414  * tells if the disk is in Commodore 1581 format, which means side 0 sectors
415  * are located on side 1 of the disk but with a side 0 ID, and vice-versa.
416  * This is the same as the Sharp MZ-80 5.25" CP/M disk format, except that the
417  * 1581's logical side 0 is on physical side 1, whereas the Sharp's logical
418  * side 0 is on physical side 0 (but with the misnamed sector IDs).
419  * 'stretch' should probably be renamed to something more general, like
420  * 'options'.
421  *
422  * Bits 2 through 9 of 'stretch' tell the number of the first sector.
423  * The LSB (bit 2) is flipped. For most disks, the first sector
424  * is 1 (represented by 0x00<<2).  For some CP/M and music sampler
425  * disks (such as Ensoniq EPS 16plus) it is 0 (represented as 0x01<<2).
426  * For Amstrad CPC disks it is 0xC1 (represented as 0xC0<<2).
427  *
428  * Other parameters should be self-explanatory (see also setfdprm(8)).
429  */
430 /*
431 	    Size
432 	     |  Sectors per track
433 	     |  | Head
434 	     |  | |  Tracks
435 	     |  | |  | Stretch
436 	     |  | |  | |  Gap 1 size
437 	     |  | |  | |    |  Data rate, | 0x40 for perp
438 	     |  | |  | |    |    |  Spec1 (stepping rate, head unload
439 	     |  | |  | |    |    |    |    /fmt gap (gap2) */
440 static struct floppy_struct floppy_type[32] = {
441 	{    0, 0,0, 0,0,0x00,0x00,0x00,0x00,NULL    },	/*  0 no testing    */
442 	{  720, 9,2,40,0,0x2A,0x02,0xDF,0x50,"d360"  }, /*  1 360KB PC      */
443 	{ 2400,15,2,80,0,0x1B,0x00,0xDF,0x54,"h1200" },	/*  2 1.2MB AT      */
444 	{  720, 9,1,80,0,0x2A,0x02,0xDF,0x50,"D360"  },	/*  3 360KB SS 3.5" */
445 	{ 1440, 9,2,80,0,0x2A,0x02,0xDF,0x50,"D720"  },	/*  4 720KB 3.5"    */
446 	{  720, 9,2,40,1,0x23,0x01,0xDF,0x50,"h360"  },	/*  5 360KB AT      */
447 	{ 1440, 9,2,80,0,0x23,0x01,0xDF,0x50,"h720"  },	/*  6 720KB AT      */
448 	{ 2880,18,2,80,0,0x1B,0x00,0xCF,0x6C,"H1440" },	/*  7 1.44MB 3.5"   */
449 	{ 5760,36,2,80,0,0x1B,0x43,0xAF,0x54,"E2880" },	/*  8 2.88MB 3.5"   */
450 	{ 6240,39,2,80,0,0x1B,0x43,0xAF,0x28,"E3120" },	/*  9 3.12MB 3.5"   */
451 
452 	{ 2880,18,2,80,0,0x25,0x00,0xDF,0x02,"h1440" }, /* 10 1.44MB 5.25"  */
453 	{ 3360,21,2,80,0,0x1C,0x00,0xCF,0x0C,"H1680" }, /* 11 1.68MB 3.5"   */
454 	{  820,10,2,41,1,0x25,0x01,0xDF,0x2E,"h410"  },	/* 12 410KB 5.25"   */
455 	{ 1640,10,2,82,0,0x25,0x02,0xDF,0x2E,"H820"  },	/* 13 820KB 3.5"    */
456 	{ 2952,18,2,82,0,0x25,0x00,0xDF,0x02,"h1476" },	/* 14 1.48MB 5.25"  */
457 	{ 3444,21,2,82,0,0x25,0x00,0xDF,0x0C,"H1722" },	/* 15 1.72MB 3.5"   */
458 	{  840,10,2,42,1,0x25,0x01,0xDF,0x2E,"h420"  },	/* 16 420KB 5.25"   */
459 	{ 1660,10,2,83,0,0x25,0x02,0xDF,0x2E,"H830"  },	/* 17 830KB 3.5"    */
460 	{ 2988,18,2,83,0,0x25,0x00,0xDF,0x02,"h1494" },	/* 18 1.49MB 5.25"  */
461 	{ 3486,21,2,83,0,0x25,0x00,0xDF,0x0C,"H1743" }, /* 19 1.74 MB 3.5"  */
462 
463 	{ 1760,11,2,80,0,0x1C,0x09,0xCF,0x00,"h880"  }, /* 20 880KB 5.25"   */
464 	{ 2080,13,2,80,0,0x1C,0x01,0xCF,0x00,"D1040" }, /* 21 1.04MB 3.5"   */
465 	{ 2240,14,2,80,0,0x1C,0x19,0xCF,0x00,"D1120" }, /* 22 1.12MB 3.5"   */
466 	{ 3200,20,2,80,0,0x1C,0x20,0xCF,0x2C,"h1600" }, /* 23 1.6MB 5.25"   */
467 	{ 3520,22,2,80,0,0x1C,0x08,0xCF,0x2e,"H1760" }, /* 24 1.76MB 3.5"   */
468 	{ 3840,24,2,80,0,0x1C,0x20,0xCF,0x00,"H1920" }, /* 25 1.92MB 3.5"   */
469 	{ 6400,40,2,80,0,0x25,0x5B,0xCF,0x00,"E3200" }, /* 26 3.20MB 3.5"   */
470 	{ 7040,44,2,80,0,0x25,0x5B,0xCF,0x00,"E3520" }, /* 27 3.52MB 3.5"   */
471 	{ 7680,48,2,80,0,0x25,0x63,0xCF,0x00,"E3840" }, /* 28 3.84MB 3.5"   */
472 	{ 3680,23,2,80,0,0x1C,0x10,0xCF,0x00,"H1840" }, /* 29 1.84MB 3.5"   */
473 
474 	{ 1600,10,2,80,0,0x25,0x02,0xDF,0x2E,"D800"  },	/* 30 800KB 3.5"    */
475 	{ 3200,20,2,80,0,0x1C,0x00,0xCF,0x2C,"H1600" }, /* 31 1.6MB 3.5"    */
476 };
477 
478 static struct gendisk *disks[N_DRIVE][ARRAY_SIZE(floppy_type)];
479 
480 #define SECTSIZE (_FD_SECTSIZE(*floppy))
481 
482 /* Auto-detection: Disk type used until the next media change occurs. */
483 static struct floppy_struct *current_type[N_DRIVE];
484 
485 /*
486  * User-provided type information. current_type points to
487  * the respective entry of this array.
488  */
489 static struct floppy_struct user_params[N_DRIVE];
490 
491 static sector_t floppy_sizes[256];
492 
493 static char floppy_device_name[] = "floppy";
494 
495 /*
496  * The driver is trying to determine the correct media format
497  * while probing is set. rw_interrupt() clears it after a
498  * successful access.
499  */
500 static int probing;
501 
502 /* Synchronization of FDC access. */
503 #define FD_COMMAND_NONE		-1
504 #define FD_COMMAND_ERROR	2
505 #define FD_COMMAND_OKAY		3
506 
507 static volatile int command_status = FD_COMMAND_NONE;
508 static unsigned long fdc_busy;
509 static DECLARE_WAIT_QUEUE_HEAD(fdc_wait);
510 static DECLARE_WAIT_QUEUE_HEAD(command_done);
511 
512 /* errors encountered on the current (or last) request */
513 static int floppy_errors;
514 
515 /* Format request descriptor. */
516 static struct format_descr format_req;
517 
518 /*
519  * Rate is 0 for 500kb/s, 1 for 300kbps, 2 for 250kbps
520  * Spec1 is 0xSH, where S is stepping rate (F=1ms, E=2ms, D=3ms etc),
521  * H is head unload time (1=16ms, 2=32ms, etc)
522  */
523 
524 /*
525  * Track buffer
526  * Because these are written to by the DMA controller, they must
527  * not contain a 64k byte boundary crossing, or data will be
528  * corrupted/lost.
529  */
530 static char *floppy_track_buffer;
531 static int max_buffer_sectors;
532 
533 static const struct cont_t {
534 	void (*interrupt)(void);
535 				/* this is called after the interrupt of the
536 				 * main command */
537 	void (*redo)(void);	/* this is called to retry the operation */
538 	void (*error)(void);	/* this is called to tally an error */
539 	void (*done)(int);	/* this is called to say if the operation has
540 				 * succeeded/failed */
541 } *cont;
542 
543 static void floppy_ready(void);
544 static void floppy_start(void);
545 static void process_fd_request(void);
546 static void recalibrate_floppy(void);
547 static void floppy_shutdown(struct work_struct *);
548 
549 static int floppy_request_regions(int);
550 static void floppy_release_regions(int);
551 static int floppy_grab_irq_and_dma(void);
552 static void floppy_release_irq_and_dma(void);
553 
554 /*
555  * The "reset" variable should be tested whenever an interrupt is scheduled,
556  * after the commands have been sent. This is to ensure that the driver doesn't
557  * get wedged when the interrupt doesn't come because of a failed command.
558  * reset doesn't need to be tested before sending commands, because
559  * output_byte is automatically disabled when reset is set.
560  */
561 static void reset_fdc(void);
562 static int floppy_revalidate(struct gendisk *disk);
563 
564 /*
565  * These are global variables, as that's the easiest way to give
566  * information to interrupts. They are the data used for the current
567  * request.
568  */
569 #define NO_TRACK	-1
570 #define NEED_1_RECAL	-2
571 #define NEED_2_RECAL	-3
572 
573 static atomic_t usage_count = ATOMIC_INIT(0);
574 
575 /* buffer related variables */
576 static int buffer_track = -1;
577 static int buffer_drive = -1;
578 static int buffer_min = -1;
579 static int buffer_max = -1;
580 
581 /* fdc related variables, should end up in a struct */
582 static struct floppy_fdc_state fdc_state[N_FDC];
583 static int current_fdc;			/* current fdc */
584 
585 static struct workqueue_struct *floppy_wq;
586 
587 static struct floppy_struct *_floppy = floppy_type;
588 static unsigned char current_drive;
589 static long current_count_sectors;
590 static unsigned char fsector_t;	/* sector in track */
591 static unsigned char in_sector_offset;	/* offset within physical sector,
592 					 * expressed in units of 512 bytes */
593 
fdc_inb(int fdc,int reg)594 static inline unsigned char fdc_inb(int fdc, int reg)
595 {
596 	return fd_inb(fdc_state[fdc].address, reg);
597 }
598 
fdc_outb(unsigned char value,int fdc,int reg)599 static inline void fdc_outb(unsigned char value, int fdc, int reg)
600 {
601 	fd_outb(value, fdc_state[fdc].address, reg);
602 }
603 
drive_no_geom(int drive)604 static inline bool drive_no_geom(int drive)
605 {
606 	return !current_type[drive] && !ITYPE(drive_state[drive].fd_device);
607 }
608 
609 #ifndef fd_eject
fd_eject(int drive)610 static inline int fd_eject(int drive)
611 {
612 	return -EINVAL;
613 }
614 #endif
615 
616 /*
617  * Debugging
618  * =========
619  */
620 #ifdef DEBUGT
621 static long unsigned debugtimer;
622 
set_debugt(void)623 static inline void set_debugt(void)
624 {
625 	debugtimer = jiffies;
626 }
627 
debugt(const char * func,const char * msg)628 static inline void debugt(const char *func, const char *msg)
629 {
630 	if (drive_params[current_drive].flags & DEBUGT)
631 		pr_info("%s:%s dtime=%lu\n", func, msg, jiffies - debugtimer);
632 }
633 #else
set_debugt(void)634 static inline void set_debugt(void) { }
debugt(const char * func,const char * msg)635 static inline void debugt(const char *func, const char *msg) { }
636 #endif /* DEBUGT */
637 
638 
639 static DECLARE_DELAYED_WORK(fd_timeout, floppy_shutdown);
640 static const char *timeout_message;
641 
is_alive(const char * func,const char * message)642 static void is_alive(const char *func, const char *message)
643 {
644 	/* this routine checks whether the floppy driver is "alive" */
645 	if (test_bit(0, &fdc_busy) && command_status < 2 &&
646 	    !delayed_work_pending(&fd_timeout)) {
647 		DPRINT("%s: timeout handler died.  %s\n", func, message);
648 	}
649 }
650 
651 static void (*do_floppy)(void) = NULL;
652 
653 #define OLOGSIZE 20
654 
655 static void (*lasthandler)(void);
656 static unsigned long interruptjiffies;
657 static unsigned long resultjiffies;
658 static int resultsize;
659 static unsigned long lastredo;
660 
661 static struct output_log {
662 	unsigned char data;
663 	unsigned char status;
664 	unsigned long jiffies;
665 } output_log[OLOGSIZE];
666 
667 static int output_log_pos;
668 
669 #define MAXTIMEOUT -2
670 
__reschedule_timeout(int drive,const char * message)671 static void __reschedule_timeout(int drive, const char *message)
672 {
673 	unsigned long delay;
674 
675 	if (drive < 0 || drive >= N_DRIVE) {
676 		delay = 20UL * HZ;
677 		drive = 0;
678 	} else
679 		delay = drive_params[drive].timeout;
680 
681 	mod_delayed_work(floppy_wq, &fd_timeout, delay);
682 	if (drive_params[drive].flags & FD_DEBUG)
683 		DPRINT("reschedule timeout %s\n", message);
684 	timeout_message = message;
685 }
686 
reschedule_timeout(int drive,const char * message)687 static void reschedule_timeout(int drive, const char *message)
688 {
689 	unsigned long flags;
690 
691 	spin_lock_irqsave(&floppy_lock, flags);
692 	__reschedule_timeout(drive, message);
693 	spin_unlock_irqrestore(&floppy_lock, flags);
694 }
695 
696 #define INFBOUND(a, b) (a) = max_t(int, a, b)
697 #define SUPBOUND(a, b) (a) = min_t(int, a, b)
698 
699 /*
700  * Bottom half floppy driver.
701  * ==========================
702  *
703  * This part of the file contains the code talking directly to the hardware,
704  * and also the main service loop (seek-configure-spinup-command)
705  */
706 
707 /*
708  * disk change.
709  * This routine is responsible for maintaining the FD_DISK_CHANGE flag,
710  * and the last_checked date.
711  *
712  * last_checked is the date of the last check which showed 'no disk change'
713  * FD_DISK_CHANGE is set under two conditions:
714  * 1. The floppy has been changed after some i/o to that floppy already
715  *    took place.
716  * 2. No floppy disk is in the drive. This is done in order to ensure that
717  *    requests are quickly flushed in case there is no disk in the drive. It
718  *    follows that FD_DISK_CHANGE can only be cleared if there is a disk in
719  *    the drive.
720  *
721  * For 1., maxblock is observed. Maxblock is 0 if no i/o has taken place yet.
722  * For 2., FD_DISK_NEWCHANGE is watched. FD_DISK_NEWCHANGE is cleared on
723  *  each seek. If a disk is present, the disk change line should also be
724  *  cleared on each seek. Thus, if FD_DISK_NEWCHANGE is clear, but the disk
725  *  change line is set, this means either that no disk is in the drive, or
726  *  that it has been removed since the last seek.
727  *
728  * This means that we really have a third possibility too:
729  *  The floppy has been changed after the last seek.
730  */
731 
disk_change(int drive)732 static int disk_change(int drive)
733 {
734 	int fdc = FDC(drive);
735 
736 	if (time_before(jiffies, drive_state[drive].select_date + drive_params[drive].select_delay))
737 		DPRINT("WARNING disk change called early\n");
738 	if (!(fdc_state[fdc].dor & (0x10 << UNIT(drive))) ||
739 	    (fdc_state[fdc].dor & 3) != UNIT(drive) || fdc != FDC(drive)) {
740 		DPRINT("probing disk change on unselected drive\n");
741 		DPRINT("drive=%d fdc=%d dor=%x\n", drive, FDC(drive),
742 		       (unsigned int)fdc_state[fdc].dor);
743 	}
744 
745 	debug_dcl(drive_params[drive].flags,
746 		  "checking disk change line for drive %d\n", drive);
747 	debug_dcl(drive_params[drive].flags, "jiffies=%lu\n", jiffies);
748 	debug_dcl(drive_params[drive].flags, "disk change line=%x\n",
749 		  fdc_inb(fdc, FD_DIR) & 0x80);
750 	debug_dcl(drive_params[drive].flags, "flags=%lx\n",
751 		  drive_state[drive].flags);
752 
753 	if (drive_params[drive].flags & FD_BROKEN_DCL)
754 		return test_bit(FD_DISK_CHANGED_BIT,
755 				&drive_state[drive].flags);
756 	if ((fdc_inb(fdc, FD_DIR) ^ drive_params[drive].flags) & 0x80) {
757 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
758 					/* verify write protection */
759 
760 		if (drive_state[drive].maxblock)	/* mark it changed */
761 			set_bit(FD_DISK_CHANGED_BIT,
762 				&drive_state[drive].flags);
763 
764 		/* invalidate its geometry */
765 		if (drive_state[drive].keep_data >= 0) {
766 			if ((drive_params[drive].flags & FTD_MSG) &&
767 			    current_type[drive] != NULL)
768 				DPRINT("Disk type is undefined after disk change\n");
769 			current_type[drive] = NULL;
770 			floppy_sizes[TOMINOR(drive)] = MAX_DISK_SIZE << 1;
771 		}
772 
773 		return 1;
774 	} else {
775 		drive_state[drive].last_checked = jiffies;
776 		clear_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[drive].flags);
777 	}
778 	return 0;
779 }
780 
is_selected(int dor,int unit)781 static inline int is_selected(int dor, int unit)
782 {
783 	return ((dor & (0x10 << unit)) && (dor & 3) == unit);
784 }
785 
is_ready_state(int status)786 static bool is_ready_state(int status)
787 {
788 	int state = status & (STATUS_READY | STATUS_DIR | STATUS_DMA);
789 	return state == STATUS_READY;
790 }
791 
set_dor(int fdc,char mask,char data)792 static int set_dor(int fdc, char mask, char data)
793 {
794 	unsigned char unit;
795 	unsigned char drive;
796 	unsigned char newdor;
797 	unsigned char olddor;
798 
799 	if (fdc_state[fdc].address == -1)
800 		return -1;
801 
802 	olddor = fdc_state[fdc].dor;
803 	newdor = (olddor & mask) | data;
804 	if (newdor != olddor) {
805 		unit = olddor & 0x3;
806 		if (is_selected(olddor, unit) && !is_selected(newdor, unit)) {
807 			drive = REVDRIVE(fdc, unit);
808 			debug_dcl(drive_params[drive].flags,
809 				  "calling disk change from set_dor\n");
810 			disk_change(drive);
811 		}
812 		fdc_state[fdc].dor = newdor;
813 		fdc_outb(newdor, fdc, FD_DOR);
814 
815 		unit = newdor & 0x3;
816 		if (!is_selected(olddor, unit) && is_selected(newdor, unit)) {
817 			drive = REVDRIVE(fdc, unit);
818 			drive_state[drive].select_date = jiffies;
819 		}
820 	}
821 	return olddor;
822 }
823 
twaddle(int fdc,int drive)824 static void twaddle(int fdc, int drive)
825 {
826 	if (drive_params[drive].select_delay)
827 		return;
828 	fdc_outb(fdc_state[fdc].dor & ~(0x10 << UNIT(drive)),
829 		 fdc, FD_DOR);
830 	fdc_outb(fdc_state[fdc].dor, fdc, FD_DOR);
831 	drive_state[drive].select_date = jiffies;
832 }
833 
834 /*
835  * Reset all driver information about the specified fdc.
836  * This is needed after a reset, and after a raw command.
837  */
reset_fdc_info(int fdc,int mode)838 static void reset_fdc_info(int fdc, int mode)
839 {
840 	int drive;
841 
842 	fdc_state[fdc].spec1 = fdc_state[fdc].spec2 = -1;
843 	fdc_state[fdc].need_configure = 1;
844 	fdc_state[fdc].perp_mode = 1;
845 	fdc_state[fdc].rawcmd = 0;
846 	for (drive = 0; drive < N_DRIVE; drive++)
847 		if (FDC(drive) == fdc &&
848 		    (mode || drive_state[drive].track != NEED_1_RECAL))
849 			drive_state[drive].track = NEED_2_RECAL;
850 }
851 
852 /*
853  * selects the fdc and drive, and enables the fdc's input/dma.
854  * Both current_drive and current_fdc are changed to match the new drive.
855  */
set_fdc(int drive)856 static void set_fdc(int drive)
857 {
858 	unsigned int fdc;
859 
860 	if (drive < 0 || drive >= N_DRIVE) {
861 		pr_info("bad drive value %d\n", drive);
862 		return;
863 	}
864 
865 	fdc = FDC(drive);
866 	if (fdc >= N_FDC) {
867 		pr_info("bad fdc value\n");
868 		return;
869 	}
870 
871 	set_dor(fdc, ~0, 8);
872 #if N_FDC > 1
873 	set_dor(1 - fdc, ~8, 0);
874 #endif
875 	if (fdc_state[fdc].rawcmd == 2)
876 		reset_fdc_info(fdc, 1);
877 	if (fdc_inb(fdc, FD_STATUS) != STATUS_READY)
878 		fdc_state[fdc].reset = 1;
879 
880 	current_drive = drive;
881 	current_fdc = fdc;
882 }
883 
884 /*
885  * locks the driver.
886  * Both current_drive and current_fdc are changed to match the new drive.
887  */
lock_fdc(int drive)888 static int lock_fdc(int drive)
889 {
890 	if (WARN(atomic_read(&usage_count) == 0,
891 		 "Trying to lock fdc while usage count=0\n"))
892 		return -1;
893 
894 	if (wait_event_interruptible(fdc_wait, !test_and_set_bit(0, &fdc_busy)))
895 		return -EINTR;
896 
897 	command_status = FD_COMMAND_NONE;
898 
899 	reschedule_timeout(drive, "lock fdc");
900 	set_fdc(drive);
901 	return 0;
902 }
903 
904 /* unlocks the driver */
unlock_fdc(void)905 static void unlock_fdc(void)
906 {
907 	if (!test_bit(0, &fdc_busy))
908 		DPRINT("FDC access conflict!\n");
909 
910 	raw_cmd = NULL;
911 	command_status = FD_COMMAND_NONE;
912 	cancel_delayed_work(&fd_timeout);
913 	do_floppy = NULL;
914 	cont = NULL;
915 	clear_bit(0, &fdc_busy);
916 	wake_up(&fdc_wait);
917 }
918 
919 /* switches the motor off after a given timeout */
motor_off_callback(struct timer_list * t)920 static void motor_off_callback(struct timer_list *t)
921 {
922 	unsigned long nr = t - motor_off_timer;
923 	unsigned char mask = ~(0x10 << UNIT(nr));
924 
925 	if (WARN_ON_ONCE(nr >= N_DRIVE))
926 		return;
927 
928 	set_dor(FDC(nr), mask, 0);
929 }
930 
931 /* schedules motor off */
floppy_off(unsigned int drive)932 static void floppy_off(unsigned int drive)
933 {
934 	unsigned long volatile delta;
935 	int fdc = FDC(drive);
936 
937 	if (!(fdc_state[fdc].dor & (0x10 << UNIT(drive))))
938 		return;
939 
940 	del_timer(motor_off_timer + drive);
941 
942 	/* make spindle stop in a position which minimizes spinup time
943 	 * next time */
944 	if (drive_params[drive].rps) {
945 		delta = jiffies - drive_state[drive].first_read_date + HZ -
946 		    drive_params[drive].spindown_offset;
947 		delta = ((delta * drive_params[drive].rps) % HZ) / drive_params[drive].rps;
948 		motor_off_timer[drive].expires =
949 		    jiffies + drive_params[drive].spindown - delta;
950 	}
951 	add_timer(motor_off_timer + drive);
952 }
953 
954 /*
955  * cycle through all N_DRIVE floppy drives, for disk change testing.
956  * stopping at current drive. This is done before any long operation, to
957  * be sure to have up to date disk change information.
958  */
scandrives(void)959 static void scandrives(void)
960 {
961 	int i;
962 	int drive;
963 	int saved_drive;
964 
965 	if (drive_params[current_drive].select_delay)
966 		return;
967 
968 	saved_drive = current_drive;
969 	for (i = 0; i < N_DRIVE; i++) {
970 		drive = (saved_drive + i + 1) % N_DRIVE;
971 		if (drive_state[drive].fd_ref == 0 || drive_params[drive].select_delay != 0)
972 			continue;	/* skip closed drives */
973 		set_fdc(drive);
974 		if (!(set_dor(current_fdc, ~3, UNIT(drive) | (0x10 << UNIT(drive))) &
975 		      (0x10 << UNIT(drive))))
976 			/* switch the motor off again, if it was off to
977 			 * begin with */
978 			set_dor(current_fdc, ~(0x10 << UNIT(drive)), 0);
979 	}
980 	set_fdc(saved_drive);
981 }
982 
empty(void)983 static void empty(void)
984 {
985 }
986 
empty_done(int result)987 static void empty_done(int result)
988 {
989 }
990 
991 static void (*floppy_work_fn)(void);
992 
floppy_work_workfn(struct work_struct * work)993 static void floppy_work_workfn(struct work_struct *work)
994 {
995 	floppy_work_fn();
996 }
997 
998 static DECLARE_WORK(floppy_work, floppy_work_workfn);
999 
schedule_bh(void (* handler)(void))1000 static void schedule_bh(void (*handler)(void))
1001 {
1002 	WARN_ON(work_pending(&floppy_work));
1003 
1004 	floppy_work_fn = handler;
1005 	queue_work(floppy_wq, &floppy_work);
1006 }
1007 
1008 static void (*fd_timer_fn)(void) = NULL;
1009 
fd_timer_workfn(struct work_struct * work)1010 static void fd_timer_workfn(struct work_struct *work)
1011 {
1012 	fd_timer_fn();
1013 }
1014 
1015 static DECLARE_DELAYED_WORK(fd_timer, fd_timer_workfn);
1016 
cancel_activity(void)1017 static void cancel_activity(void)
1018 {
1019 	do_floppy = NULL;
1020 	cancel_delayed_work(&fd_timer);
1021 	cancel_work_sync(&floppy_work);
1022 }
1023 
1024 /* this function makes sure that the disk stays in the drive during the
1025  * transfer */
fd_watchdog(void)1026 static void fd_watchdog(void)
1027 {
1028 	debug_dcl(drive_params[current_drive].flags,
1029 		  "calling disk change from watchdog\n");
1030 
1031 	if (disk_change(current_drive)) {
1032 		DPRINT("disk removed during i/o\n");
1033 		cancel_activity();
1034 		cont->done(0);
1035 		reset_fdc();
1036 	} else {
1037 		cancel_delayed_work(&fd_timer);
1038 		fd_timer_fn = fd_watchdog;
1039 		queue_delayed_work(floppy_wq, &fd_timer, HZ / 10);
1040 	}
1041 }
1042 
main_command_interrupt(void)1043 static void main_command_interrupt(void)
1044 {
1045 	cancel_delayed_work(&fd_timer);
1046 	cont->interrupt();
1047 }
1048 
1049 /* waits for a delay (spinup or select) to pass */
fd_wait_for_completion(unsigned long expires,void (* function)(void))1050 static int fd_wait_for_completion(unsigned long expires,
1051 				  void (*function)(void))
1052 {
1053 	if (fdc_state[current_fdc].reset) {
1054 		reset_fdc();	/* do the reset during sleep to win time
1055 				 * if we don't need to sleep, it's a good
1056 				 * occasion anyways */
1057 		return 1;
1058 	}
1059 
1060 	if (time_before(jiffies, expires)) {
1061 		cancel_delayed_work(&fd_timer);
1062 		fd_timer_fn = function;
1063 		queue_delayed_work(floppy_wq, &fd_timer, expires - jiffies);
1064 		return 1;
1065 	}
1066 	return 0;
1067 }
1068 
setup_DMA(void)1069 static void setup_DMA(void)
1070 {
1071 	unsigned long f;
1072 
1073 	if (raw_cmd->length == 0) {
1074 		print_hex_dump(KERN_INFO, "zero dma transfer size: ",
1075 			       DUMP_PREFIX_NONE, 16, 1,
1076 			       raw_cmd->fullcmd, raw_cmd->cmd_count, false);
1077 		cont->done(0);
1078 		fdc_state[current_fdc].reset = 1;
1079 		return;
1080 	}
1081 	if (((unsigned long)raw_cmd->kernel_data) % 512) {
1082 		pr_info("non aligned address: %p\n", raw_cmd->kernel_data);
1083 		cont->done(0);
1084 		fdc_state[current_fdc].reset = 1;
1085 		return;
1086 	}
1087 	f = claim_dma_lock();
1088 	fd_disable_dma();
1089 #ifdef fd_dma_setup
1090 	if (fd_dma_setup(raw_cmd->kernel_data, raw_cmd->length,
1091 			 (raw_cmd->flags & FD_RAW_READ) ?
1092 			 DMA_MODE_READ : DMA_MODE_WRITE,
1093 			 fdc_state[current_fdc].address) < 0) {
1094 		release_dma_lock(f);
1095 		cont->done(0);
1096 		fdc_state[current_fdc].reset = 1;
1097 		return;
1098 	}
1099 	release_dma_lock(f);
1100 #else
1101 	fd_clear_dma_ff();
1102 	fd_cacheflush(raw_cmd->kernel_data, raw_cmd->length);
1103 	fd_set_dma_mode((raw_cmd->flags & FD_RAW_READ) ?
1104 			DMA_MODE_READ : DMA_MODE_WRITE);
1105 	fd_set_dma_addr(raw_cmd->kernel_data);
1106 	fd_set_dma_count(raw_cmd->length);
1107 	virtual_dma_port = fdc_state[current_fdc].address;
1108 	fd_enable_dma();
1109 	release_dma_lock(f);
1110 #endif
1111 }
1112 
1113 static void show_floppy(int fdc);
1114 
1115 /* waits until the fdc becomes ready */
wait_til_ready(int fdc)1116 static int wait_til_ready(int fdc)
1117 {
1118 	int status;
1119 	int counter;
1120 
1121 	if (fdc_state[fdc].reset)
1122 		return -1;
1123 	for (counter = 0; counter < 10000; counter++) {
1124 		status = fdc_inb(fdc, FD_STATUS);
1125 		if (status & STATUS_READY)
1126 			return status;
1127 	}
1128 	if (initialized) {
1129 		DPRINT("Getstatus times out (%x) on fdc %d\n", status, fdc);
1130 		show_floppy(fdc);
1131 	}
1132 	fdc_state[fdc].reset = 1;
1133 	return -1;
1134 }
1135 
1136 /* sends a command byte to the fdc */
output_byte(int fdc,char byte)1137 static int output_byte(int fdc, char byte)
1138 {
1139 	int status = wait_til_ready(fdc);
1140 
1141 	if (status < 0)
1142 		return -1;
1143 
1144 	if (is_ready_state(status)) {
1145 		fdc_outb(byte, fdc, FD_DATA);
1146 		output_log[output_log_pos].data = byte;
1147 		output_log[output_log_pos].status = status;
1148 		output_log[output_log_pos].jiffies = jiffies;
1149 		output_log_pos = (output_log_pos + 1) % OLOGSIZE;
1150 		return 0;
1151 	}
1152 	fdc_state[fdc].reset = 1;
1153 	if (initialized) {
1154 		DPRINT("Unable to send byte %x to FDC. Fdc=%x Status=%x\n",
1155 		       byte, fdc, status);
1156 		show_floppy(fdc);
1157 	}
1158 	return -1;
1159 }
1160 
1161 /* gets the response from the fdc */
result(int fdc)1162 static int result(int fdc)
1163 {
1164 	int i;
1165 	int status = 0;
1166 
1167 	for (i = 0; i < FD_RAW_REPLY_SIZE; i++) {
1168 		status = wait_til_ready(fdc);
1169 		if (status < 0)
1170 			break;
1171 		status &= STATUS_DIR | STATUS_READY | STATUS_BUSY | STATUS_DMA;
1172 		if ((status & ~STATUS_BUSY) == STATUS_READY) {
1173 			resultjiffies = jiffies;
1174 			resultsize = i;
1175 			return i;
1176 		}
1177 		if (status == (STATUS_DIR | STATUS_READY | STATUS_BUSY))
1178 			reply_buffer[i] = fdc_inb(fdc, FD_DATA);
1179 		else
1180 			break;
1181 	}
1182 	if (initialized) {
1183 		DPRINT("get result error. Fdc=%d Last status=%x Read bytes=%d\n",
1184 		       fdc, status, i);
1185 		show_floppy(fdc);
1186 	}
1187 	fdc_state[fdc].reset = 1;
1188 	return -1;
1189 }
1190 
1191 #define MORE_OUTPUT -2
1192 /* does the fdc need more output? */
need_more_output(int fdc)1193 static int need_more_output(int fdc)
1194 {
1195 	int status = wait_til_ready(fdc);
1196 
1197 	if (status < 0)
1198 		return -1;
1199 
1200 	if (is_ready_state(status))
1201 		return MORE_OUTPUT;
1202 
1203 	return result(fdc);
1204 }
1205 
1206 /* Set perpendicular mode as required, based on data rate, if supported.
1207  * 82077 Now tested. 1Mbps data rate only possible with 82077-1.
1208  */
perpendicular_mode(int fdc)1209 static void perpendicular_mode(int fdc)
1210 {
1211 	unsigned char perp_mode;
1212 
1213 	if (raw_cmd->rate & 0x40) {
1214 		switch (raw_cmd->rate & 3) {
1215 		case 0:
1216 			perp_mode = 2;
1217 			break;
1218 		case 3:
1219 			perp_mode = 3;
1220 			break;
1221 		default:
1222 			DPRINT("Invalid data rate for perpendicular mode!\n");
1223 			cont->done(0);
1224 			fdc_state[fdc].reset = 1;
1225 					/*
1226 					 * convenient way to return to
1227 					 * redo without too much hassle
1228 					 * (deep stack et al.)
1229 					 */
1230 			return;
1231 		}
1232 	} else
1233 		perp_mode = 0;
1234 
1235 	if (fdc_state[fdc].perp_mode == perp_mode)
1236 		return;
1237 	if (fdc_state[fdc].version >= FDC_82077_ORIG) {
1238 		output_byte(fdc, FD_PERPENDICULAR);
1239 		output_byte(fdc, perp_mode);
1240 		fdc_state[fdc].perp_mode = perp_mode;
1241 	} else if (perp_mode) {
1242 		DPRINT("perpendicular mode not supported by this FDC.\n");
1243 	}
1244 }				/* perpendicular_mode */
1245 
1246 static int fifo_depth = 0xa;
1247 static int no_fifo;
1248 
fdc_configure(int fdc)1249 static int fdc_configure(int fdc)
1250 {
1251 	/* Turn on FIFO */
1252 	output_byte(fdc, FD_CONFIGURE);
1253 	if (need_more_output(fdc) != MORE_OUTPUT)
1254 		return 0;
1255 	output_byte(fdc, 0);
1256 	output_byte(fdc, 0x10 | (no_fifo & 0x20) | (fifo_depth & 0xf));
1257 	output_byte(fdc, 0);    /* pre-compensation from track 0 upwards */
1258 	return 1;
1259 }
1260 
1261 #define NOMINAL_DTR 500
1262 
1263 /* Issue a "SPECIFY" command to set the step rate time, head unload time,
1264  * head load time, and DMA disable flag to values needed by floppy.
1265  *
1266  * The value "dtr" is the data transfer rate in Kbps.  It is needed
1267  * to account for the data rate-based scaling done by the 82072 and 82077
1268  * FDC types.  This parameter is ignored for other types of FDCs (i.e.
1269  * 8272a).
1270  *
1271  * Note that changing the data transfer rate has a (probably deleterious)
1272  * effect on the parameters subject to scaling for 82072/82077 FDCs, so
1273  * fdc_specify is called again after each data transfer rate
1274  * change.
1275  *
1276  * srt: 1000 to 16000 in microseconds
1277  * hut: 16 to 240 milliseconds
1278  * hlt: 2 to 254 milliseconds
1279  *
1280  * These values are rounded up to the next highest available delay time.
1281  */
fdc_specify(int fdc,int drive)1282 static void fdc_specify(int fdc, int drive)
1283 {
1284 	unsigned char spec1;
1285 	unsigned char spec2;
1286 	unsigned long srt;
1287 	unsigned long hlt;
1288 	unsigned long hut;
1289 	unsigned long dtr = NOMINAL_DTR;
1290 	unsigned long scale_dtr = NOMINAL_DTR;
1291 	int hlt_max_code = 0x7f;
1292 	int hut_max_code = 0xf;
1293 
1294 	if (fdc_state[fdc].need_configure &&
1295 	    fdc_state[fdc].version >= FDC_82072A) {
1296 		fdc_configure(fdc);
1297 		fdc_state[fdc].need_configure = 0;
1298 	}
1299 
1300 	switch (raw_cmd->rate & 0x03) {
1301 	case 3:
1302 		dtr = 1000;
1303 		break;
1304 	case 1:
1305 		dtr = 300;
1306 		if (fdc_state[fdc].version >= FDC_82078) {
1307 			/* chose the default rate table, not the one
1308 			 * where 1 = 2 Mbps */
1309 			output_byte(fdc, FD_DRIVESPEC);
1310 			if (need_more_output(fdc) == MORE_OUTPUT) {
1311 				output_byte(fdc, UNIT(drive));
1312 				output_byte(fdc, 0xc0);
1313 			}
1314 		}
1315 		break;
1316 	case 2:
1317 		dtr = 250;
1318 		break;
1319 	}
1320 
1321 	if (fdc_state[fdc].version >= FDC_82072) {
1322 		scale_dtr = dtr;
1323 		hlt_max_code = 0x00;	/* 0==256msec*dtr0/dtr (not linear!) */
1324 		hut_max_code = 0x0;	/* 0==256msec*dtr0/dtr (not linear!) */
1325 	}
1326 
1327 	/* Convert step rate from microseconds to milliseconds and 4 bits */
1328 	srt = 16 - DIV_ROUND_UP(drive_params[drive].srt * scale_dtr / 1000,
1329 				NOMINAL_DTR);
1330 	if (slow_floppy)
1331 		srt = srt / 4;
1332 
1333 	SUPBOUND(srt, 0xf);
1334 	INFBOUND(srt, 0);
1335 
1336 	hlt = DIV_ROUND_UP(drive_params[drive].hlt * scale_dtr / 2,
1337 			   NOMINAL_DTR);
1338 	if (hlt < 0x01)
1339 		hlt = 0x01;
1340 	else if (hlt > 0x7f)
1341 		hlt = hlt_max_code;
1342 
1343 	hut = DIV_ROUND_UP(drive_params[drive].hut * scale_dtr / 16,
1344 			   NOMINAL_DTR);
1345 	if (hut < 0x1)
1346 		hut = 0x1;
1347 	else if (hut > 0xf)
1348 		hut = hut_max_code;
1349 
1350 	spec1 = (srt << 4) | hut;
1351 	spec2 = (hlt << 1) | (use_virtual_dma & 1);
1352 
1353 	/* If these parameters did not change, just return with success */
1354 	if (fdc_state[fdc].spec1 != spec1 ||
1355 	    fdc_state[fdc].spec2 != spec2) {
1356 		/* Go ahead and set spec1 and spec2 */
1357 		output_byte(fdc, FD_SPECIFY);
1358 		output_byte(fdc, fdc_state[fdc].spec1 = spec1);
1359 		output_byte(fdc, fdc_state[fdc].spec2 = spec2);
1360 	}
1361 }				/* fdc_specify */
1362 
1363 /* Set the FDC's data transfer rate on behalf of the specified drive.
1364  * NOTE: with 82072/82077 FDCs, changing the data rate requires a reissue
1365  * of the specify command (i.e. using the fdc_specify function).
1366  */
fdc_dtr(void)1367 static int fdc_dtr(void)
1368 {
1369 	/* If data rate not already set to desired value, set it. */
1370 	if ((raw_cmd->rate & 3) == fdc_state[current_fdc].dtr)
1371 		return 0;
1372 
1373 	/* Set dtr */
1374 	fdc_outb(raw_cmd->rate & 3, current_fdc, FD_DCR);
1375 
1376 	/* TODO: some FDC/drive combinations (C&T 82C711 with TEAC 1.2MB)
1377 	 * need a stabilization period of several milliseconds to be
1378 	 * enforced after data rate changes before R/W operations.
1379 	 * Pause 5 msec to avoid trouble. (Needs to be 2 jiffies)
1380 	 */
1381 	fdc_state[current_fdc].dtr = raw_cmd->rate & 3;
1382 	return fd_wait_for_completion(jiffies + 2UL * HZ / 100, floppy_ready);
1383 }				/* fdc_dtr */
1384 
tell_sector(void)1385 static void tell_sector(void)
1386 {
1387 	pr_cont(": track %d, head %d, sector %d, size %d",
1388 		reply_buffer[R_TRACK], reply_buffer[R_HEAD],
1389 		reply_buffer[R_SECTOR],
1390 		reply_buffer[R_SIZECODE]);
1391 }				/* tell_sector */
1392 
print_errors(void)1393 static void print_errors(void)
1394 {
1395 	DPRINT("");
1396 	if (reply_buffer[ST0] & ST0_ECE) {
1397 		pr_cont("Recalibrate failed!");
1398 	} else if (reply_buffer[ST2] & ST2_CRC) {
1399 		pr_cont("data CRC error");
1400 		tell_sector();
1401 	} else if (reply_buffer[ST1] & ST1_CRC) {
1402 		pr_cont("CRC error");
1403 		tell_sector();
1404 	} else if ((reply_buffer[ST1] & (ST1_MAM | ST1_ND)) ||
1405 		   (reply_buffer[ST2] & ST2_MAM)) {
1406 		if (!probing) {
1407 			pr_cont("sector not found");
1408 			tell_sector();
1409 		} else
1410 			pr_cont("probe failed...");
1411 	} else if (reply_buffer[ST2] & ST2_WC) {	/* seek error */
1412 		pr_cont("wrong cylinder");
1413 	} else if (reply_buffer[ST2] & ST2_BC) {	/* cylinder marked as bad */
1414 		pr_cont("bad cylinder");
1415 	} else {
1416 		pr_cont("unknown error. ST[0..2] are: 0x%x 0x%x 0x%x",
1417 			reply_buffer[ST0], reply_buffer[ST1],
1418 			reply_buffer[ST2]);
1419 		tell_sector();
1420 	}
1421 	pr_cont("\n");
1422 }
1423 
1424 /*
1425  * OK, this error interpreting routine is called after a
1426  * DMA read/write has succeeded
1427  * or failed, so we check the results, and copy any buffers.
1428  * hhb: Added better error reporting.
1429  * ak: Made this into a separate routine.
1430  */
interpret_errors(void)1431 static int interpret_errors(void)
1432 {
1433 	char bad;
1434 
1435 	if (inr != 7) {
1436 		DPRINT("-- FDC reply error\n");
1437 		fdc_state[current_fdc].reset = 1;
1438 		return 1;
1439 	}
1440 
1441 	/* check IC to find cause of interrupt */
1442 	switch (reply_buffer[ST0] & ST0_INTR) {
1443 	case 0x40:		/* error occurred during command execution */
1444 		if (reply_buffer[ST1] & ST1_EOC)
1445 			return 0;	/* occurs with pseudo-DMA */
1446 		bad = 1;
1447 		if (reply_buffer[ST1] & ST1_WP) {
1448 			DPRINT("Drive is write protected\n");
1449 			clear_bit(FD_DISK_WRITABLE_BIT,
1450 				  &drive_state[current_drive].flags);
1451 			cont->done(0);
1452 			bad = 2;
1453 		} else if (reply_buffer[ST1] & ST1_ND) {
1454 			set_bit(FD_NEED_TWADDLE_BIT,
1455 				&drive_state[current_drive].flags);
1456 		} else if (reply_buffer[ST1] & ST1_OR) {
1457 			if (drive_params[current_drive].flags & FTD_MSG)
1458 				DPRINT("Over/Underrun - retrying\n");
1459 			bad = 0;
1460 		} else if (floppy_errors >= drive_params[current_drive].max_errors.reporting) {
1461 			print_errors();
1462 		}
1463 		if (reply_buffer[ST2] & ST2_WC || reply_buffer[ST2] & ST2_BC)
1464 			/* wrong cylinder => recal */
1465 			drive_state[current_drive].track = NEED_2_RECAL;
1466 		return bad;
1467 	case 0x80:		/* invalid command given */
1468 		DPRINT("Invalid FDC command given!\n");
1469 		cont->done(0);
1470 		return 2;
1471 	case 0xc0:
1472 		DPRINT("Abnormal termination caused by polling\n");
1473 		cont->error();
1474 		return 2;
1475 	default:		/* (0) Normal command termination */
1476 		return 0;
1477 	}
1478 }
1479 
1480 /*
1481  * This routine is called when everything should be correctly set up
1482  * for the transfer (i.e. floppy motor is on, the correct floppy is
1483  * selected, and the head is sitting on the right track).
1484  */
setup_rw_floppy(void)1485 static void setup_rw_floppy(void)
1486 {
1487 	int i;
1488 	int r;
1489 	int flags;
1490 	unsigned long ready_date;
1491 	void (*function)(void);
1492 
1493 	flags = raw_cmd->flags;
1494 	if (flags & (FD_RAW_READ | FD_RAW_WRITE))
1495 		flags |= FD_RAW_INTR;
1496 
1497 	if ((flags & FD_RAW_SPIN) && !(flags & FD_RAW_NO_MOTOR)) {
1498 		ready_date = drive_state[current_drive].spinup_date + drive_params[current_drive].spinup;
1499 		/* If spinup will take a long time, rerun scandrives
1500 		 * again just before spinup completion. Beware that
1501 		 * after scandrives, we must again wait for selection.
1502 		 */
1503 		if (time_after(ready_date, jiffies + drive_params[current_drive].select_delay)) {
1504 			ready_date -= drive_params[current_drive].select_delay;
1505 			function = floppy_start;
1506 		} else
1507 			function = setup_rw_floppy;
1508 
1509 		/* wait until the floppy is spinning fast enough */
1510 		if (fd_wait_for_completion(ready_date, function))
1511 			return;
1512 	}
1513 	if ((flags & FD_RAW_READ) || (flags & FD_RAW_WRITE))
1514 		setup_DMA();
1515 
1516 	if (flags & FD_RAW_INTR)
1517 		do_floppy = main_command_interrupt;
1518 
1519 	r = 0;
1520 	for (i = 0; i < raw_cmd->cmd_count; i++)
1521 		r |= output_byte(current_fdc, raw_cmd->fullcmd[i]);
1522 
1523 	debugt(__func__, "rw_command");
1524 
1525 	if (r) {
1526 		cont->error();
1527 		reset_fdc();
1528 		return;
1529 	}
1530 
1531 	if (!(flags & FD_RAW_INTR)) {
1532 		inr = result(current_fdc);
1533 		cont->interrupt();
1534 	} else if (flags & FD_RAW_NEED_DISK)
1535 		fd_watchdog();
1536 }
1537 
1538 static int blind_seek;
1539 
1540 /*
1541  * This is the routine called after every seek (or recalibrate) interrupt
1542  * from the floppy controller.
1543  */
seek_interrupt(void)1544 static void seek_interrupt(void)
1545 {
1546 	debugt(__func__, "");
1547 	if (inr != 2 || (reply_buffer[ST0] & 0xF8) != 0x20) {
1548 		DPRINT("seek failed\n");
1549 		drive_state[current_drive].track = NEED_2_RECAL;
1550 		cont->error();
1551 		cont->redo();
1552 		return;
1553 	}
1554 	if (drive_state[current_drive].track >= 0 &&
1555 	    drive_state[current_drive].track != reply_buffer[ST1] &&
1556 	    !blind_seek) {
1557 		debug_dcl(drive_params[current_drive].flags,
1558 			  "clearing NEWCHANGE flag because of effective seek\n");
1559 		debug_dcl(drive_params[current_drive].flags, "jiffies=%lu\n",
1560 			  jiffies);
1561 		clear_bit(FD_DISK_NEWCHANGE_BIT,
1562 			  &drive_state[current_drive].flags);
1563 					/* effective seek */
1564 		drive_state[current_drive].select_date = jiffies;
1565 	}
1566 	drive_state[current_drive].track = reply_buffer[ST1];
1567 	floppy_ready();
1568 }
1569 
check_wp(int fdc,int drive)1570 static void check_wp(int fdc, int drive)
1571 {
1572 	if (test_bit(FD_VERIFY_BIT, &drive_state[drive].flags)) {
1573 					/* check write protection */
1574 		output_byte(fdc, FD_GETSTATUS);
1575 		output_byte(fdc, UNIT(drive));
1576 		if (result(fdc) != 1) {
1577 			fdc_state[fdc].reset = 1;
1578 			return;
1579 		}
1580 		clear_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
1581 		clear_bit(FD_NEED_TWADDLE_BIT,
1582 			  &drive_state[drive].flags);
1583 		debug_dcl(drive_params[drive].flags,
1584 			  "checking whether disk is write protected\n");
1585 		debug_dcl(drive_params[drive].flags, "wp=%x\n",
1586 			  reply_buffer[ST3] & 0x40);
1587 		if (!(reply_buffer[ST3] & 0x40))
1588 			set_bit(FD_DISK_WRITABLE_BIT,
1589 				&drive_state[drive].flags);
1590 		else
1591 			clear_bit(FD_DISK_WRITABLE_BIT,
1592 				  &drive_state[drive].flags);
1593 	}
1594 }
1595 
seek_floppy(void)1596 static void seek_floppy(void)
1597 {
1598 	int track;
1599 
1600 	blind_seek = 0;
1601 
1602 	debug_dcl(drive_params[current_drive].flags,
1603 		  "calling disk change from %s\n", __func__);
1604 
1605 	if (!test_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags) &&
1606 	    disk_change(current_drive) && (raw_cmd->flags & FD_RAW_NEED_DISK)) {
1607 		/* the media changed flag should be cleared after the seek.
1608 		 * If it isn't, this means that there is really no disk in
1609 		 * the drive.
1610 		 */
1611 		set_bit(FD_DISK_CHANGED_BIT,
1612 			&drive_state[current_drive].flags);
1613 		cont->done(0);
1614 		cont->redo();
1615 		return;
1616 	}
1617 	if (drive_state[current_drive].track <= NEED_1_RECAL) {
1618 		recalibrate_floppy();
1619 		return;
1620 	} else if (test_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags) &&
1621 		   (raw_cmd->flags & FD_RAW_NEED_DISK) &&
1622 		   (drive_state[current_drive].track <= NO_TRACK || drive_state[current_drive].track == raw_cmd->track)) {
1623 		/* we seek to clear the media-changed condition. Does anybody
1624 		 * know a more elegant way, which works on all drives? */
1625 		if (raw_cmd->track)
1626 			track = raw_cmd->track - 1;
1627 		else {
1628 			if (drive_params[current_drive].flags & FD_SILENT_DCL_CLEAR) {
1629 				set_dor(current_fdc, ~(0x10 << UNIT(current_drive)), 0);
1630 				blind_seek = 1;
1631 				raw_cmd->flags |= FD_RAW_NEED_SEEK;
1632 			}
1633 			track = 1;
1634 		}
1635 	} else {
1636 		check_wp(current_fdc, current_drive);
1637 		if (raw_cmd->track != drive_state[current_drive].track &&
1638 		    (raw_cmd->flags & FD_RAW_NEED_SEEK))
1639 			track = raw_cmd->track;
1640 		else {
1641 			setup_rw_floppy();
1642 			return;
1643 		}
1644 	}
1645 
1646 	do_floppy = seek_interrupt;
1647 	output_byte(current_fdc, FD_SEEK);
1648 	output_byte(current_fdc, UNIT(current_drive));
1649 	if (output_byte(current_fdc, track) < 0) {
1650 		reset_fdc();
1651 		return;
1652 	}
1653 	debugt(__func__, "");
1654 }
1655 
recal_interrupt(void)1656 static void recal_interrupt(void)
1657 {
1658 	debugt(__func__, "");
1659 	if (inr != 2)
1660 		fdc_state[current_fdc].reset = 1;
1661 	else if (reply_buffer[ST0] & ST0_ECE) {
1662 		switch (drive_state[current_drive].track) {
1663 		case NEED_1_RECAL:
1664 			debugt(__func__, "need 1 recal");
1665 			/* after a second recalibrate, we still haven't
1666 			 * reached track 0. Probably no drive. Raise an
1667 			 * error, as failing immediately might upset
1668 			 * computers possessed by the Devil :-) */
1669 			cont->error();
1670 			cont->redo();
1671 			return;
1672 		case NEED_2_RECAL:
1673 			debugt(__func__, "need 2 recal");
1674 			/* If we already did a recalibrate,
1675 			 * and we are not at track 0, this
1676 			 * means we have moved. (The only way
1677 			 * not to move at recalibration is to
1678 			 * be already at track 0.) Clear the
1679 			 * new change flag */
1680 			debug_dcl(drive_params[current_drive].flags,
1681 				  "clearing NEWCHANGE flag because of second recalibrate\n");
1682 
1683 			clear_bit(FD_DISK_NEWCHANGE_BIT,
1684 				  &drive_state[current_drive].flags);
1685 			drive_state[current_drive].select_date = jiffies;
1686 			fallthrough;
1687 		default:
1688 			debugt(__func__, "default");
1689 			/* Recalibrate moves the head by at
1690 			 * most 80 steps. If after one
1691 			 * recalibrate we don't have reached
1692 			 * track 0, this might mean that we
1693 			 * started beyond track 80.  Try
1694 			 * again.  */
1695 			drive_state[current_drive].track = NEED_1_RECAL;
1696 			break;
1697 		}
1698 	} else
1699 		drive_state[current_drive].track = reply_buffer[ST1];
1700 	floppy_ready();
1701 }
1702 
print_result(char * message,int inr)1703 static void print_result(char *message, int inr)
1704 {
1705 	int i;
1706 
1707 	DPRINT("%s ", message);
1708 	if (inr >= 0)
1709 		for (i = 0; i < inr; i++)
1710 			pr_cont("repl[%d]=%x ", i, reply_buffer[i]);
1711 	pr_cont("\n");
1712 }
1713 
1714 /* interrupt handler. Note that this can be called externally on the Sparc */
floppy_interrupt(int irq,void * dev_id)1715 irqreturn_t floppy_interrupt(int irq, void *dev_id)
1716 {
1717 	int do_print;
1718 	unsigned long f;
1719 	void (*handler)(void) = do_floppy;
1720 
1721 	lasthandler = handler;
1722 	interruptjiffies = jiffies;
1723 
1724 	f = claim_dma_lock();
1725 	fd_disable_dma();
1726 	release_dma_lock(f);
1727 
1728 	do_floppy = NULL;
1729 	if (current_fdc >= N_FDC || fdc_state[current_fdc].address == -1) {
1730 		/* we don't even know which FDC is the culprit */
1731 		pr_info("DOR0=%x\n", fdc_state[0].dor);
1732 		pr_info("floppy interrupt on bizarre fdc %d\n", current_fdc);
1733 		pr_info("handler=%ps\n", handler);
1734 		is_alive(__func__, "bizarre fdc");
1735 		return IRQ_NONE;
1736 	}
1737 
1738 	fdc_state[current_fdc].reset = 0;
1739 	/* We have to clear the reset flag here, because apparently on boxes
1740 	 * with level triggered interrupts (PS/2, Sparc, ...), it is needed to
1741 	 * emit SENSEI's to clear the interrupt line. And fdc_state[fdc].reset
1742 	 * blocks the emission of the SENSEI's.
1743 	 * It is OK to emit floppy commands because we are in an interrupt
1744 	 * handler here, and thus we have to fear no interference of other
1745 	 * activity.
1746 	 */
1747 
1748 	do_print = !handler && print_unex && initialized;
1749 
1750 	inr = result(current_fdc);
1751 	if (do_print)
1752 		print_result("unexpected interrupt", inr);
1753 	if (inr == 0) {
1754 		int max_sensei = 4;
1755 		do {
1756 			output_byte(current_fdc, FD_SENSEI);
1757 			inr = result(current_fdc);
1758 			if (do_print)
1759 				print_result("sensei", inr);
1760 			max_sensei--;
1761 		} while ((reply_buffer[ST0] & 0x83) != UNIT(current_drive) &&
1762 			 inr == 2 && max_sensei);
1763 	}
1764 	if (!handler) {
1765 		fdc_state[current_fdc].reset = 1;
1766 		return IRQ_NONE;
1767 	}
1768 	schedule_bh(handler);
1769 	is_alive(__func__, "normal interrupt end");
1770 
1771 	/* FIXME! Was it really for us? */
1772 	return IRQ_HANDLED;
1773 }
1774 
recalibrate_floppy(void)1775 static void recalibrate_floppy(void)
1776 {
1777 	debugt(__func__, "");
1778 	do_floppy = recal_interrupt;
1779 	output_byte(current_fdc, FD_RECALIBRATE);
1780 	if (output_byte(current_fdc, UNIT(current_drive)) < 0)
1781 		reset_fdc();
1782 }
1783 
1784 /*
1785  * Must do 4 FD_SENSEIs after reset because of ``drive polling''.
1786  */
reset_interrupt(void)1787 static void reset_interrupt(void)
1788 {
1789 	debugt(__func__, "");
1790 	result(current_fdc);		/* get the status ready for set_fdc */
1791 	if (fdc_state[current_fdc].reset) {
1792 		pr_info("reset set in interrupt, calling %ps\n", cont->error);
1793 		cont->error();	/* a reset just after a reset. BAD! */
1794 	}
1795 	cont->redo();
1796 }
1797 
1798 /*
1799  * reset is done by pulling bit 2 of DOR low for a while (old FDCs),
1800  * or by setting the self clearing bit 7 of STATUS (newer FDCs).
1801  * This WILL trigger an interrupt, causing the handlers in the current
1802  * cont's ->redo() to be called via reset_interrupt().
1803  */
reset_fdc(void)1804 static void reset_fdc(void)
1805 {
1806 	unsigned long flags;
1807 
1808 	do_floppy = reset_interrupt;
1809 	fdc_state[current_fdc].reset = 0;
1810 	reset_fdc_info(current_fdc, 0);
1811 
1812 	/* Pseudo-DMA may intercept 'reset finished' interrupt.  */
1813 	/* Irrelevant for systems with true DMA (i386).          */
1814 
1815 	flags = claim_dma_lock();
1816 	fd_disable_dma();
1817 	release_dma_lock(flags);
1818 
1819 	if (fdc_state[current_fdc].version >= FDC_82072A)
1820 		fdc_outb(0x80 | (fdc_state[current_fdc].dtr & 3),
1821 			 current_fdc, FD_STATUS);
1822 	else {
1823 		fdc_outb(fdc_state[current_fdc].dor & ~0x04, current_fdc, FD_DOR);
1824 		udelay(FD_RESET_DELAY);
1825 		fdc_outb(fdc_state[current_fdc].dor, current_fdc, FD_DOR);
1826 	}
1827 }
1828 
show_floppy(int fdc)1829 static void show_floppy(int fdc)
1830 {
1831 	int i;
1832 
1833 	pr_info("\n");
1834 	pr_info("floppy driver state\n");
1835 	pr_info("-------------------\n");
1836 	pr_info("now=%lu last interrupt=%lu diff=%lu last called handler=%ps\n",
1837 		jiffies, interruptjiffies, jiffies - interruptjiffies,
1838 		lasthandler);
1839 
1840 	pr_info("timeout_message=%s\n", timeout_message);
1841 	pr_info("last output bytes:\n");
1842 	for (i = 0; i < OLOGSIZE; i++)
1843 		pr_info("%2x %2x %lu\n",
1844 			output_log[(i + output_log_pos) % OLOGSIZE].data,
1845 			output_log[(i + output_log_pos) % OLOGSIZE].status,
1846 			output_log[(i + output_log_pos) % OLOGSIZE].jiffies);
1847 	pr_info("last result at %lu\n", resultjiffies);
1848 	pr_info("last redo_fd_request at %lu\n", lastredo);
1849 	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1,
1850 		       reply_buffer, resultsize, true);
1851 
1852 	pr_info("status=%x\n", fdc_inb(fdc, FD_STATUS));
1853 	pr_info("fdc_busy=%lu\n", fdc_busy);
1854 	if (do_floppy)
1855 		pr_info("do_floppy=%ps\n", do_floppy);
1856 	if (work_pending(&floppy_work))
1857 		pr_info("floppy_work.func=%ps\n", floppy_work.func);
1858 	if (delayed_work_pending(&fd_timer))
1859 		pr_info("delayed work.function=%p expires=%ld\n",
1860 		       fd_timer.work.func,
1861 		       fd_timer.timer.expires - jiffies);
1862 	if (delayed_work_pending(&fd_timeout))
1863 		pr_info("timer_function=%p expires=%ld\n",
1864 		       fd_timeout.work.func,
1865 		       fd_timeout.timer.expires - jiffies);
1866 
1867 	pr_info("cont=%p\n", cont);
1868 	pr_info("current_req=%p\n", current_req);
1869 	pr_info("command_status=%d\n", command_status);
1870 	pr_info("\n");
1871 }
1872 
floppy_shutdown(struct work_struct * arg)1873 static void floppy_shutdown(struct work_struct *arg)
1874 {
1875 	unsigned long flags;
1876 
1877 	if (initialized)
1878 		show_floppy(current_fdc);
1879 	cancel_activity();
1880 
1881 	flags = claim_dma_lock();
1882 	fd_disable_dma();
1883 	release_dma_lock(flags);
1884 
1885 	/* avoid dma going to a random drive after shutdown */
1886 
1887 	if (initialized)
1888 		DPRINT("floppy timeout called\n");
1889 	fdc_state[current_fdc].reset = 1;
1890 	if (cont) {
1891 		cont->done(0);
1892 		cont->redo();	/* this will recall reset when needed */
1893 	} else {
1894 		pr_info("no cont in shutdown!\n");
1895 		process_fd_request();
1896 	}
1897 	is_alive(__func__, "");
1898 }
1899 
1900 /* start motor, check media-changed condition and write protection */
start_motor(void (* function)(void))1901 static int start_motor(void (*function)(void))
1902 {
1903 	int mask;
1904 	int data;
1905 
1906 	mask = 0xfc;
1907 	data = UNIT(current_drive);
1908 	if (!(raw_cmd->flags & FD_RAW_NO_MOTOR)) {
1909 		if (!(fdc_state[current_fdc].dor & (0x10 << UNIT(current_drive)))) {
1910 			set_debugt();
1911 			/* no read since this drive is running */
1912 			drive_state[current_drive].first_read_date = 0;
1913 			/* note motor start time if motor is not yet running */
1914 			drive_state[current_drive].spinup_date = jiffies;
1915 			data |= (0x10 << UNIT(current_drive));
1916 		}
1917 	} else if (fdc_state[current_fdc].dor & (0x10 << UNIT(current_drive)))
1918 		mask &= ~(0x10 << UNIT(current_drive));
1919 
1920 	/* starts motor and selects floppy */
1921 	del_timer(motor_off_timer + current_drive);
1922 	set_dor(current_fdc, mask, data);
1923 
1924 	/* wait_for_completion also schedules reset if needed. */
1925 	return fd_wait_for_completion(drive_state[current_drive].select_date + drive_params[current_drive].select_delay,
1926 				      function);
1927 }
1928 
floppy_ready(void)1929 static void floppy_ready(void)
1930 {
1931 	if (fdc_state[current_fdc].reset) {
1932 		reset_fdc();
1933 		return;
1934 	}
1935 	if (start_motor(floppy_ready))
1936 		return;
1937 	if (fdc_dtr())
1938 		return;
1939 
1940 	debug_dcl(drive_params[current_drive].flags,
1941 		  "calling disk change from floppy_ready\n");
1942 	if (!(raw_cmd->flags & FD_RAW_NO_MOTOR) &&
1943 	    disk_change(current_drive) && !drive_params[current_drive].select_delay)
1944 		twaddle(current_fdc, current_drive);	/* this clears the dcl on certain
1945 				 * drive/controller combinations */
1946 
1947 #ifdef fd_chose_dma_mode
1948 	if ((raw_cmd->flags & FD_RAW_READ) || (raw_cmd->flags & FD_RAW_WRITE)) {
1949 		unsigned long flags = claim_dma_lock();
1950 		fd_chose_dma_mode(raw_cmd->kernel_data, raw_cmd->length);
1951 		release_dma_lock(flags);
1952 	}
1953 #endif
1954 
1955 	if (raw_cmd->flags & (FD_RAW_NEED_SEEK | FD_RAW_NEED_DISK)) {
1956 		perpendicular_mode(current_fdc);
1957 		fdc_specify(current_fdc, current_drive); /* must be done here because of hut, hlt ... */
1958 		seek_floppy();
1959 	} else {
1960 		if ((raw_cmd->flags & FD_RAW_READ) ||
1961 		    (raw_cmd->flags & FD_RAW_WRITE))
1962 			fdc_specify(current_fdc, current_drive);
1963 		setup_rw_floppy();
1964 	}
1965 }
1966 
floppy_start(void)1967 static void floppy_start(void)
1968 {
1969 	reschedule_timeout(current_drive, "floppy start");
1970 
1971 	scandrives();
1972 	debug_dcl(drive_params[current_drive].flags,
1973 		  "setting NEWCHANGE in floppy_start\n");
1974 	set_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags);
1975 	floppy_ready();
1976 }
1977 
1978 /*
1979  * ========================================================================
1980  * here ends the bottom half. Exported routines are:
1981  * floppy_start, floppy_off, floppy_ready, lock_fdc, unlock_fdc, set_fdc,
1982  * start_motor, reset_fdc, reset_fdc_info, interpret_errors.
1983  * Initialization also uses output_byte, result, set_dor, floppy_interrupt
1984  * and set_dor.
1985  * ========================================================================
1986  */
1987 /*
1988  * General purpose continuations.
1989  * ==============================
1990  */
1991 
do_wakeup(void)1992 static void do_wakeup(void)
1993 {
1994 	reschedule_timeout(MAXTIMEOUT, "do wakeup");
1995 	cont = NULL;
1996 	command_status += 2;
1997 	wake_up(&command_done);
1998 }
1999 
2000 static const struct cont_t wakeup_cont = {
2001 	.interrupt	= empty,
2002 	.redo		= do_wakeup,
2003 	.error		= empty,
2004 	.done		= empty_done,
2005 };
2006 
2007 static const struct cont_t intr_cont = {
2008 	.interrupt	= empty,
2009 	.redo		= process_fd_request,
2010 	.error		= empty,
2011 	.done		= empty_done,
2012 };
2013 
2014 /* schedules handler, waiting for completion. May be interrupted, will then
2015  * return -EINTR, in which case the driver will automatically be unlocked.
2016  */
wait_til_done(void (* handler)(void),bool interruptible)2017 static int wait_til_done(void (*handler)(void), bool interruptible)
2018 {
2019 	int ret;
2020 
2021 	schedule_bh(handler);
2022 
2023 	if (interruptible)
2024 		wait_event_interruptible(command_done, command_status >= 2);
2025 	else
2026 		wait_event(command_done, command_status >= 2);
2027 
2028 	if (command_status < 2) {
2029 		cancel_activity();
2030 		cont = &intr_cont;
2031 		reset_fdc();
2032 		return -EINTR;
2033 	}
2034 
2035 	if (fdc_state[current_fdc].reset)
2036 		command_status = FD_COMMAND_ERROR;
2037 	if (command_status == FD_COMMAND_OKAY)
2038 		ret = 0;
2039 	else
2040 		ret = -EIO;
2041 	command_status = FD_COMMAND_NONE;
2042 	return ret;
2043 }
2044 
generic_done(int result)2045 static void generic_done(int result)
2046 {
2047 	command_status = result;
2048 	cont = &wakeup_cont;
2049 }
2050 
generic_success(void)2051 static void generic_success(void)
2052 {
2053 	cont->done(1);
2054 }
2055 
generic_failure(void)2056 static void generic_failure(void)
2057 {
2058 	cont->done(0);
2059 }
2060 
success_and_wakeup(void)2061 static void success_and_wakeup(void)
2062 {
2063 	generic_success();
2064 	cont->redo();
2065 }
2066 
2067 /*
2068  * formatting and rw support.
2069  * ==========================
2070  */
2071 
next_valid_format(int drive)2072 static int next_valid_format(int drive)
2073 {
2074 	int probed_format;
2075 
2076 	probed_format = drive_state[drive].probed_format;
2077 	while (1) {
2078 		if (probed_format >= FD_AUTODETECT_SIZE ||
2079 		    !drive_params[drive].autodetect[probed_format]) {
2080 			drive_state[drive].probed_format = 0;
2081 			return 1;
2082 		}
2083 		if (floppy_type[drive_params[drive].autodetect[probed_format]].sect) {
2084 			drive_state[drive].probed_format = probed_format;
2085 			return 0;
2086 		}
2087 		probed_format++;
2088 	}
2089 }
2090 
bad_flp_intr(void)2091 static void bad_flp_intr(void)
2092 {
2093 	int err_count;
2094 
2095 	if (probing) {
2096 		drive_state[current_drive].probed_format++;
2097 		if (!next_valid_format(current_drive))
2098 			return;
2099 	}
2100 	err_count = ++floppy_errors;
2101 	INFBOUND(write_errors[current_drive].badness, err_count);
2102 	if (err_count > drive_params[current_drive].max_errors.abort)
2103 		cont->done(0);
2104 	if (err_count > drive_params[current_drive].max_errors.reset)
2105 		fdc_state[current_fdc].reset = 1;
2106 	else if (err_count > drive_params[current_drive].max_errors.recal)
2107 		drive_state[current_drive].track = NEED_2_RECAL;
2108 }
2109 
set_floppy(int drive)2110 static void set_floppy(int drive)
2111 {
2112 	int type = ITYPE(drive_state[drive].fd_device);
2113 
2114 	if (type)
2115 		_floppy = floppy_type + type;
2116 	else
2117 		_floppy = current_type[drive];
2118 }
2119 
2120 /*
2121  * formatting support.
2122  * ===================
2123  */
format_interrupt(void)2124 static void format_interrupt(void)
2125 {
2126 	switch (interpret_errors()) {
2127 	case 1:
2128 		cont->error();
2129 		break;
2130 	case 2:
2131 		break;
2132 	case 0:
2133 		cont->done(1);
2134 	}
2135 	cont->redo();
2136 }
2137 
2138 #define FM_MODE(x, y) ((y) & ~(((x)->rate & 0x80) >> 1))
2139 #define CT(x) ((x) | 0xc0)
2140 
setup_format_params(int track)2141 static void setup_format_params(int track)
2142 {
2143 	int n;
2144 	int il;
2145 	int count;
2146 	int head_shift;
2147 	int track_shift;
2148 	struct fparm {
2149 		unsigned char track, head, sect, size;
2150 	} *here = (struct fparm *)floppy_track_buffer;
2151 
2152 	raw_cmd = &default_raw_cmd;
2153 	raw_cmd->track = track;
2154 
2155 	raw_cmd->flags = (FD_RAW_WRITE | FD_RAW_INTR | FD_RAW_SPIN |
2156 			  FD_RAW_NEED_DISK | FD_RAW_NEED_SEEK);
2157 	raw_cmd->rate = _floppy->rate & 0x43;
2158 	raw_cmd->cmd_count = NR_F;
2159 	raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_FORMAT);
2160 	raw_cmd->cmd[DR_SELECT] = UNIT(current_drive) + PH_HEAD(_floppy, format_req.head);
2161 	raw_cmd->cmd[F_SIZECODE] = FD_SIZECODE(_floppy);
2162 	raw_cmd->cmd[F_SECT_PER_TRACK] = _floppy->sect << 2 >> raw_cmd->cmd[F_SIZECODE];
2163 	raw_cmd->cmd[F_GAP] = _floppy->fmt_gap;
2164 	raw_cmd->cmd[F_FILL] = FD_FILL_BYTE;
2165 
2166 	raw_cmd->kernel_data = floppy_track_buffer;
2167 	raw_cmd->length = 4 * raw_cmd->cmd[F_SECT_PER_TRACK];
2168 
2169 	if (!raw_cmd->cmd[F_SECT_PER_TRACK])
2170 		return;
2171 
2172 	/* allow for about 30ms for data transport per track */
2173 	head_shift = (raw_cmd->cmd[F_SECT_PER_TRACK] + 5) / 6;
2174 
2175 	/* a ``cylinder'' is two tracks plus a little stepping time */
2176 	track_shift = 2 * head_shift + 3;
2177 
2178 	/* position of logical sector 1 on this track */
2179 	n = (track_shift * format_req.track + head_shift * format_req.head)
2180 	    % raw_cmd->cmd[F_SECT_PER_TRACK];
2181 
2182 	/* determine interleave */
2183 	il = 1;
2184 	if (_floppy->fmt_gap < 0x22)
2185 		il++;
2186 
2187 	/* initialize field */
2188 	for (count = 0; count < raw_cmd->cmd[F_SECT_PER_TRACK]; ++count) {
2189 		here[count].track = format_req.track;
2190 		here[count].head = format_req.head;
2191 		here[count].sect = 0;
2192 		here[count].size = raw_cmd->cmd[F_SIZECODE];
2193 	}
2194 	/* place logical sectors */
2195 	for (count = 1; count <= raw_cmd->cmd[F_SECT_PER_TRACK]; ++count) {
2196 		here[n].sect = count;
2197 		n = (n + il) % raw_cmd->cmd[F_SECT_PER_TRACK];
2198 		if (here[n].sect) {	/* sector busy, find next free sector */
2199 			++n;
2200 			if (n >= raw_cmd->cmd[F_SECT_PER_TRACK]) {
2201 				n -= raw_cmd->cmd[F_SECT_PER_TRACK];
2202 				while (here[n].sect)
2203 					++n;
2204 			}
2205 		}
2206 	}
2207 	if (_floppy->stretch & FD_SECTBASEMASK) {
2208 		for (count = 0; count < raw_cmd->cmd[F_SECT_PER_TRACK]; count++)
2209 			here[count].sect += FD_SECTBASE(_floppy) - 1;
2210 	}
2211 }
2212 
redo_format(void)2213 static void redo_format(void)
2214 {
2215 	buffer_track = -1;
2216 	setup_format_params(format_req.track << STRETCH(_floppy));
2217 	floppy_start();
2218 	debugt(__func__, "queue format request");
2219 }
2220 
2221 static const struct cont_t format_cont = {
2222 	.interrupt	= format_interrupt,
2223 	.redo		= redo_format,
2224 	.error		= bad_flp_intr,
2225 	.done		= generic_done
2226 };
2227 
do_format(int drive,struct format_descr * tmp_format_req)2228 static int do_format(int drive, struct format_descr *tmp_format_req)
2229 {
2230 	int ret;
2231 
2232 	if (lock_fdc(drive))
2233 		return -EINTR;
2234 
2235 	set_floppy(drive);
2236 	if (!_floppy ||
2237 	    _floppy->track > drive_params[current_drive].tracks ||
2238 	    tmp_format_req->track >= _floppy->track ||
2239 	    tmp_format_req->head >= _floppy->head ||
2240 	    (_floppy->sect << 2) % (1 << FD_SIZECODE(_floppy)) ||
2241 	    !_floppy->fmt_gap) {
2242 		process_fd_request();
2243 		return -EINVAL;
2244 	}
2245 	format_req = *tmp_format_req;
2246 	cont = &format_cont;
2247 	floppy_errors = 0;
2248 	ret = wait_til_done(redo_format, true);
2249 	if (ret == -EINTR)
2250 		return -EINTR;
2251 	process_fd_request();
2252 	return ret;
2253 }
2254 
2255 /*
2256  * Buffer read/write and support
2257  * =============================
2258  */
2259 
floppy_end_request(struct request * req,blk_status_t error)2260 static void floppy_end_request(struct request *req, blk_status_t error)
2261 {
2262 	unsigned int nr_sectors = current_count_sectors;
2263 	unsigned int drive = (unsigned long)req->q->disk->private_data;
2264 
2265 	/* current_count_sectors can be zero if transfer failed */
2266 	if (error)
2267 		nr_sectors = blk_rq_cur_sectors(req);
2268 	if (blk_update_request(req, error, nr_sectors << 9))
2269 		return;
2270 	__blk_mq_end_request(req, error);
2271 
2272 	/* We're done with the request */
2273 	floppy_off(drive);
2274 	current_req = NULL;
2275 }
2276 
2277 /* new request_done. Can handle physical sectors which are smaller than a
2278  * logical buffer */
request_done(int uptodate)2279 static void request_done(int uptodate)
2280 {
2281 	struct request *req = current_req;
2282 	int block;
2283 	char msg[sizeof("request done ") + sizeof(int) * 3];
2284 
2285 	probing = 0;
2286 	snprintf(msg, sizeof(msg), "request done %d", uptodate);
2287 	reschedule_timeout(MAXTIMEOUT, msg);
2288 
2289 	if (!req) {
2290 		pr_info("floppy.c: no request in request_done\n");
2291 		return;
2292 	}
2293 
2294 	if (uptodate) {
2295 		/* maintain values for invalidation on geometry
2296 		 * change */
2297 		block = current_count_sectors + blk_rq_pos(req);
2298 		INFBOUND(drive_state[current_drive].maxblock, block);
2299 		if (block > _floppy->sect)
2300 			drive_state[current_drive].maxtrack = 1;
2301 
2302 		floppy_end_request(req, 0);
2303 	} else {
2304 		if (rq_data_dir(req) == WRITE) {
2305 			/* record write error information */
2306 			write_errors[current_drive].write_errors++;
2307 			if (write_errors[current_drive].write_errors == 1) {
2308 				write_errors[current_drive].first_error_sector = blk_rq_pos(req);
2309 				write_errors[current_drive].first_error_generation = drive_state[current_drive].generation;
2310 			}
2311 			write_errors[current_drive].last_error_sector = blk_rq_pos(req);
2312 			write_errors[current_drive].last_error_generation = drive_state[current_drive].generation;
2313 		}
2314 		floppy_end_request(req, BLK_STS_IOERR);
2315 	}
2316 }
2317 
2318 /* Interrupt handler evaluating the result of the r/w operation */
rw_interrupt(void)2319 static void rw_interrupt(void)
2320 {
2321 	int eoc;
2322 	int ssize;
2323 	int heads;
2324 	int nr_sectors;
2325 
2326 	if (reply_buffer[R_HEAD] >= 2) {
2327 		/* some Toshiba floppy controllers occasionnally seem to
2328 		 * return bogus interrupts after read/write operations, which
2329 		 * can be recognized by a bad head number (>= 2) */
2330 		return;
2331 	}
2332 
2333 	if (!drive_state[current_drive].first_read_date)
2334 		drive_state[current_drive].first_read_date = jiffies;
2335 
2336 	ssize = DIV_ROUND_UP(1 << raw_cmd->cmd[SIZECODE], 4);
2337 
2338 	if (reply_buffer[ST1] & ST1_EOC)
2339 		eoc = 1;
2340 	else
2341 		eoc = 0;
2342 
2343 	if (raw_cmd->cmd[COMMAND] & 0x80)
2344 		heads = 2;
2345 	else
2346 		heads = 1;
2347 
2348 	nr_sectors = (((reply_buffer[R_TRACK] - raw_cmd->cmd[TRACK]) * heads +
2349 		       reply_buffer[R_HEAD] - raw_cmd->cmd[HEAD]) * raw_cmd->cmd[SECT_PER_TRACK] +
2350 		      reply_buffer[R_SECTOR] - raw_cmd->cmd[SECTOR] + eoc) << raw_cmd->cmd[SIZECODE] >> 2;
2351 
2352 	if (nr_sectors / ssize >
2353 	    DIV_ROUND_UP(in_sector_offset + current_count_sectors, ssize)) {
2354 		DPRINT("long rw: %x instead of %lx\n",
2355 		       nr_sectors, current_count_sectors);
2356 		pr_info("rs=%d s=%d\n", reply_buffer[R_SECTOR],
2357 			raw_cmd->cmd[SECTOR]);
2358 		pr_info("rh=%d h=%d\n", reply_buffer[R_HEAD],
2359 			raw_cmd->cmd[HEAD]);
2360 		pr_info("rt=%d t=%d\n", reply_buffer[R_TRACK],
2361 			raw_cmd->cmd[TRACK]);
2362 		pr_info("heads=%d eoc=%d\n", heads, eoc);
2363 		pr_info("spt=%d st=%d ss=%d\n",
2364 			raw_cmd->cmd[SECT_PER_TRACK], fsector_t, ssize);
2365 		pr_info("in_sector_offset=%d\n", in_sector_offset);
2366 	}
2367 
2368 	nr_sectors -= in_sector_offset;
2369 	INFBOUND(nr_sectors, 0);
2370 	SUPBOUND(current_count_sectors, nr_sectors);
2371 
2372 	switch (interpret_errors()) {
2373 	case 2:
2374 		cont->redo();
2375 		return;
2376 	case 1:
2377 		if (!current_count_sectors) {
2378 			cont->error();
2379 			cont->redo();
2380 			return;
2381 		}
2382 		break;
2383 	case 0:
2384 		if (!current_count_sectors) {
2385 			cont->redo();
2386 			return;
2387 		}
2388 		current_type[current_drive] = _floppy;
2389 		floppy_sizes[TOMINOR(current_drive)] = _floppy->size;
2390 		break;
2391 	}
2392 
2393 	if (probing) {
2394 		if (drive_params[current_drive].flags & FTD_MSG)
2395 			DPRINT("Auto-detected floppy type %s in fd%d\n",
2396 			       _floppy->name, current_drive);
2397 		current_type[current_drive] = _floppy;
2398 		floppy_sizes[TOMINOR(current_drive)] = _floppy->size;
2399 		probing = 0;
2400 	}
2401 
2402 	if (CT(raw_cmd->cmd[COMMAND]) != FD_READ) {
2403 		/* transfer directly from buffer */
2404 		cont->done(1);
2405 	} else {
2406 		buffer_track = raw_cmd->track;
2407 		buffer_drive = current_drive;
2408 		INFBOUND(buffer_max, nr_sectors + fsector_t);
2409 	}
2410 	cont->redo();
2411 }
2412 
2413 /* Compute the maximal transfer size */
transfer_size(int ssize,int max_sector,int max_size)2414 static int transfer_size(int ssize, int max_sector, int max_size)
2415 {
2416 	SUPBOUND(max_sector, fsector_t + max_size);
2417 
2418 	/* alignment */
2419 	max_sector -= (max_sector % _floppy->sect) % ssize;
2420 
2421 	/* transfer size, beginning not aligned */
2422 	current_count_sectors = max_sector - fsector_t;
2423 
2424 	return max_sector;
2425 }
2426 
2427 /*
2428  * Move data from/to the track buffer to/from the buffer cache.
2429  */
copy_buffer(int ssize,int max_sector,int max_sector_2)2430 static void copy_buffer(int ssize, int max_sector, int max_sector_2)
2431 {
2432 	int remaining;		/* number of transferred 512-byte sectors */
2433 	struct bio_vec bv;
2434 	char *dma_buffer;
2435 	int size;
2436 	struct req_iterator iter;
2437 
2438 	max_sector = transfer_size(ssize,
2439 				   min(max_sector, max_sector_2),
2440 				   blk_rq_sectors(current_req));
2441 
2442 	if (current_count_sectors <= 0 && CT(raw_cmd->cmd[COMMAND]) == FD_WRITE &&
2443 	    buffer_max > fsector_t + blk_rq_sectors(current_req))
2444 		current_count_sectors = min_t(int, buffer_max - fsector_t,
2445 					      blk_rq_sectors(current_req));
2446 
2447 	remaining = current_count_sectors << 9;
2448 	if (remaining > blk_rq_bytes(current_req) && CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2449 		DPRINT("in copy buffer\n");
2450 		pr_info("current_count_sectors=%ld\n", current_count_sectors);
2451 		pr_info("remaining=%d\n", remaining >> 9);
2452 		pr_info("current_req->nr_sectors=%u\n",
2453 			blk_rq_sectors(current_req));
2454 		pr_info("current_req->current_nr_sectors=%u\n",
2455 			blk_rq_cur_sectors(current_req));
2456 		pr_info("max_sector=%d\n", max_sector);
2457 		pr_info("ssize=%d\n", ssize);
2458 	}
2459 
2460 	buffer_max = max(max_sector, buffer_max);
2461 
2462 	dma_buffer = floppy_track_buffer + ((fsector_t - buffer_min) << 9);
2463 
2464 	size = blk_rq_cur_bytes(current_req);
2465 
2466 	rq_for_each_segment(bv, current_req, iter) {
2467 		if (!remaining)
2468 			break;
2469 
2470 		size = bv.bv_len;
2471 		SUPBOUND(size, remaining);
2472 		if (dma_buffer + size >
2473 		    floppy_track_buffer + (max_buffer_sectors << 10) ||
2474 		    dma_buffer < floppy_track_buffer) {
2475 			DPRINT("buffer overrun in copy buffer %d\n",
2476 			       (int)((floppy_track_buffer - dma_buffer) >> 9));
2477 			pr_info("fsector_t=%d buffer_min=%d\n",
2478 				fsector_t, buffer_min);
2479 			pr_info("current_count_sectors=%ld\n",
2480 				current_count_sectors);
2481 			if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2482 				pr_info("read\n");
2483 			if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE)
2484 				pr_info("write\n");
2485 			break;
2486 		}
2487 
2488 		if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2489 			memcpy_to_bvec(&bv, dma_buffer);
2490 		else
2491 			memcpy_from_bvec(dma_buffer, &bv);
2492 
2493 		remaining -= size;
2494 		dma_buffer += size;
2495 	}
2496 	if (remaining) {
2497 		if (remaining > 0)
2498 			max_sector -= remaining >> 9;
2499 		DPRINT("weirdness: remaining %d\n", remaining >> 9);
2500 	}
2501 }
2502 
2503 /* work around a bug in pseudo DMA
2504  * (on some FDCs) pseudo DMA does not stop when the CPU stops
2505  * sending data.  Hence we need a different way to signal the
2506  * transfer length:  We use raw_cmd->cmd[SECT_PER_TRACK].  Unfortunately, this
2507  * does not work with MT, hence we can only transfer one head at
2508  * a time
2509  */
virtualdmabug_workaround(void)2510 static void virtualdmabug_workaround(void)
2511 {
2512 	int hard_sectors;
2513 	int end_sector;
2514 
2515 	if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2516 		raw_cmd->cmd[COMMAND] &= ~0x80;	/* switch off multiple track mode */
2517 
2518 		hard_sectors = raw_cmd->length >> (7 + raw_cmd->cmd[SIZECODE]);
2519 		end_sector = raw_cmd->cmd[SECTOR] + hard_sectors - 1;
2520 		if (end_sector > raw_cmd->cmd[SECT_PER_TRACK]) {
2521 			pr_info("too many sectors %d > %d\n",
2522 				end_sector, raw_cmd->cmd[SECT_PER_TRACK]);
2523 			return;
2524 		}
2525 		raw_cmd->cmd[SECT_PER_TRACK] = end_sector;
2526 					/* make sure raw_cmd->cmd[SECT_PER_TRACK]
2527 					 * points to end of transfer */
2528 	}
2529 }
2530 
2531 /*
2532  * Formulate a read/write request.
2533  * this routine decides where to load the data (directly to buffer, or to
2534  * tmp floppy area), how much data to load (the size of the buffer, the whole
2535  * track, or a single sector)
2536  * All floppy_track_buffer handling goes in here. If we ever add track buffer
2537  * allocation on the fly, it should be done here. No other part should need
2538  * modification.
2539  */
2540 
make_raw_rw_request(void)2541 static int make_raw_rw_request(void)
2542 {
2543 	int aligned_sector_t;
2544 	int max_sector;
2545 	int max_size;
2546 	int tracksize;
2547 	int ssize;
2548 
2549 	if (WARN(max_buffer_sectors == 0, "VFS: Block I/O scheduled on unopened device\n"))
2550 		return 0;
2551 
2552 	set_fdc((long)current_req->q->disk->private_data);
2553 
2554 	raw_cmd = &default_raw_cmd;
2555 	raw_cmd->flags = FD_RAW_SPIN | FD_RAW_NEED_DISK | FD_RAW_NEED_SEEK;
2556 	raw_cmd->cmd_count = NR_RW;
2557 	if (rq_data_dir(current_req) == READ) {
2558 		raw_cmd->flags |= FD_RAW_READ;
2559 		raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_READ);
2560 	} else if (rq_data_dir(current_req) == WRITE) {
2561 		raw_cmd->flags |= FD_RAW_WRITE;
2562 		raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_WRITE);
2563 	} else {
2564 		DPRINT("%s: unknown command\n", __func__);
2565 		return 0;
2566 	}
2567 
2568 	max_sector = _floppy->sect * _floppy->head;
2569 
2570 	raw_cmd->cmd[TRACK] = (int)blk_rq_pos(current_req) / max_sector;
2571 	fsector_t = (int)blk_rq_pos(current_req) % max_sector;
2572 	if (_floppy->track && raw_cmd->cmd[TRACK] >= _floppy->track) {
2573 		if (blk_rq_cur_sectors(current_req) & 1) {
2574 			current_count_sectors = 1;
2575 			return 1;
2576 		} else
2577 			return 0;
2578 	}
2579 	raw_cmd->cmd[HEAD] = fsector_t / _floppy->sect;
2580 
2581 	if (((_floppy->stretch & (FD_SWAPSIDES | FD_SECTBASEMASK)) ||
2582 	     test_bit(FD_NEED_TWADDLE_BIT, &drive_state[current_drive].flags)) &&
2583 	    fsector_t < _floppy->sect)
2584 		max_sector = _floppy->sect;
2585 
2586 	/* 2M disks have phantom sectors on the first track */
2587 	if ((_floppy->rate & FD_2M) && (!raw_cmd->cmd[TRACK]) && (!raw_cmd->cmd[HEAD])) {
2588 		max_sector = 2 * _floppy->sect / 3;
2589 		if (fsector_t >= max_sector) {
2590 			current_count_sectors =
2591 			    min_t(int, _floppy->sect - fsector_t,
2592 				  blk_rq_sectors(current_req));
2593 			return 1;
2594 		}
2595 		raw_cmd->cmd[SIZECODE] = 2;
2596 	} else
2597 		raw_cmd->cmd[SIZECODE] = FD_SIZECODE(_floppy);
2598 	raw_cmd->rate = _floppy->rate & 0x43;
2599 	if ((_floppy->rate & FD_2M) &&
2600 	    (raw_cmd->cmd[TRACK] || raw_cmd->cmd[HEAD]) && raw_cmd->rate == 2)
2601 		raw_cmd->rate = 1;
2602 
2603 	if (raw_cmd->cmd[SIZECODE])
2604 		raw_cmd->cmd[SIZECODE2] = 0xff;
2605 	else
2606 		raw_cmd->cmd[SIZECODE2] = 0x80;
2607 	raw_cmd->track = raw_cmd->cmd[TRACK] << STRETCH(_floppy);
2608 	raw_cmd->cmd[DR_SELECT] = UNIT(current_drive) + PH_HEAD(_floppy, raw_cmd->cmd[HEAD]);
2609 	raw_cmd->cmd[GAP] = _floppy->gap;
2610 	ssize = DIV_ROUND_UP(1 << raw_cmd->cmd[SIZECODE], 4);
2611 	raw_cmd->cmd[SECT_PER_TRACK] = _floppy->sect << 2 >> raw_cmd->cmd[SIZECODE];
2612 	raw_cmd->cmd[SECTOR] = ((fsector_t % _floppy->sect) << 2 >> raw_cmd->cmd[SIZECODE]) +
2613 	    FD_SECTBASE(_floppy);
2614 
2615 	/* tracksize describes the size which can be filled up with sectors
2616 	 * of size ssize.
2617 	 */
2618 	tracksize = _floppy->sect - _floppy->sect % ssize;
2619 	if (tracksize < _floppy->sect) {
2620 		raw_cmd->cmd[SECT_PER_TRACK]++;
2621 		if (tracksize <= fsector_t % _floppy->sect)
2622 			raw_cmd->cmd[SECTOR]--;
2623 
2624 		/* if we are beyond tracksize, fill up using smaller sectors */
2625 		while (tracksize <= fsector_t % _floppy->sect) {
2626 			while (tracksize + ssize > _floppy->sect) {
2627 				raw_cmd->cmd[SIZECODE]--;
2628 				ssize >>= 1;
2629 			}
2630 			raw_cmd->cmd[SECTOR]++;
2631 			raw_cmd->cmd[SECT_PER_TRACK]++;
2632 			tracksize += ssize;
2633 		}
2634 		max_sector = raw_cmd->cmd[HEAD] * _floppy->sect + tracksize;
2635 	} else if (!raw_cmd->cmd[TRACK] && !raw_cmd->cmd[HEAD] && !(_floppy->rate & FD_2M) && probing) {
2636 		max_sector = _floppy->sect;
2637 	} else if (!raw_cmd->cmd[HEAD] && CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2638 		/* for virtual DMA bug workaround */
2639 		max_sector = _floppy->sect;
2640 	}
2641 
2642 	in_sector_offset = (fsector_t % _floppy->sect) % ssize;
2643 	aligned_sector_t = fsector_t - in_sector_offset;
2644 	max_size = blk_rq_sectors(current_req);
2645 	if ((raw_cmd->track == buffer_track) &&
2646 	    (current_drive == buffer_drive) &&
2647 	    (fsector_t >= buffer_min) && (fsector_t < buffer_max)) {
2648 		/* data already in track buffer */
2649 		if (CT(raw_cmd->cmd[COMMAND]) == FD_READ) {
2650 			copy_buffer(1, max_sector, buffer_max);
2651 			return 1;
2652 		}
2653 	} else if (in_sector_offset || blk_rq_sectors(current_req) < ssize) {
2654 		if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2655 			unsigned int sectors;
2656 
2657 			sectors = fsector_t + blk_rq_sectors(current_req);
2658 			if (sectors > ssize && sectors < ssize + ssize)
2659 				max_size = ssize + ssize;
2660 			else
2661 				max_size = ssize;
2662 		}
2663 		raw_cmd->flags &= ~FD_RAW_WRITE;
2664 		raw_cmd->flags |= FD_RAW_READ;
2665 		raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_READ);
2666 	}
2667 
2668 	if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2669 		max_size = max_sector;	/* unbounded */
2670 
2671 	/* claim buffer track if needed */
2672 	if (buffer_track != raw_cmd->track ||	/* bad track */
2673 	    buffer_drive != current_drive ||	/* bad drive */
2674 	    fsector_t > buffer_max ||
2675 	    fsector_t < buffer_min ||
2676 	    ((CT(raw_cmd->cmd[COMMAND]) == FD_READ ||
2677 	      (!in_sector_offset && blk_rq_sectors(current_req) >= ssize)) &&
2678 	     max_sector > 2 * max_buffer_sectors + buffer_min &&
2679 	     max_size + fsector_t > 2 * max_buffer_sectors + buffer_min)) {
2680 		/* not enough space */
2681 		buffer_track = -1;
2682 		buffer_drive = current_drive;
2683 		buffer_max = buffer_min = aligned_sector_t;
2684 	}
2685 	raw_cmd->kernel_data = floppy_track_buffer +
2686 		((aligned_sector_t - buffer_min) << 9);
2687 
2688 	if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2689 		/* copy write buffer to track buffer.
2690 		 * if we get here, we know that the write
2691 		 * is either aligned or the data already in the buffer
2692 		 * (buffer will be overwritten) */
2693 		if (in_sector_offset && buffer_track == -1)
2694 			DPRINT("internal error offset !=0 on write\n");
2695 		buffer_track = raw_cmd->track;
2696 		buffer_drive = current_drive;
2697 		copy_buffer(ssize, max_sector,
2698 			    2 * max_buffer_sectors + buffer_min);
2699 	} else
2700 		transfer_size(ssize, max_sector,
2701 			      2 * max_buffer_sectors + buffer_min -
2702 			      aligned_sector_t);
2703 
2704 	/* round up current_count_sectors to get dma xfer size */
2705 	raw_cmd->length = in_sector_offset + current_count_sectors;
2706 	raw_cmd->length = ((raw_cmd->length - 1) | (ssize - 1)) + 1;
2707 	raw_cmd->length <<= 9;
2708 	if ((raw_cmd->length < current_count_sectors << 9) ||
2709 	    (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE &&
2710 	     (aligned_sector_t + (raw_cmd->length >> 9) > buffer_max ||
2711 	      aligned_sector_t < buffer_min)) ||
2712 	    raw_cmd->length % (128 << raw_cmd->cmd[SIZECODE]) ||
2713 	    raw_cmd->length <= 0 || current_count_sectors <= 0) {
2714 		DPRINT("fractionary current count b=%lx s=%lx\n",
2715 		       raw_cmd->length, current_count_sectors);
2716 		pr_info("addr=%d, length=%ld\n",
2717 			(int)((raw_cmd->kernel_data -
2718 			       floppy_track_buffer) >> 9),
2719 			current_count_sectors);
2720 		pr_info("st=%d ast=%d mse=%d msi=%d\n",
2721 			fsector_t, aligned_sector_t, max_sector, max_size);
2722 		pr_info("ssize=%x SIZECODE=%d\n", ssize, raw_cmd->cmd[SIZECODE]);
2723 		pr_info("command=%x SECTOR=%d HEAD=%d, TRACK=%d\n",
2724 			raw_cmd->cmd[COMMAND], raw_cmd->cmd[SECTOR],
2725 			raw_cmd->cmd[HEAD], raw_cmd->cmd[TRACK]);
2726 		pr_info("buffer drive=%d\n", buffer_drive);
2727 		pr_info("buffer track=%d\n", buffer_track);
2728 		pr_info("buffer_min=%d\n", buffer_min);
2729 		pr_info("buffer_max=%d\n", buffer_max);
2730 		return 0;
2731 	}
2732 
2733 	if (raw_cmd->kernel_data < floppy_track_buffer ||
2734 	    current_count_sectors < 0 ||
2735 	    raw_cmd->length < 0 ||
2736 	    raw_cmd->kernel_data + raw_cmd->length >
2737 	    floppy_track_buffer + (max_buffer_sectors << 10)) {
2738 		DPRINT("buffer overrun in schedule dma\n");
2739 		pr_info("fsector_t=%d buffer_min=%d current_count=%ld\n",
2740 			fsector_t, buffer_min, raw_cmd->length >> 9);
2741 		pr_info("current_count_sectors=%ld\n",
2742 			current_count_sectors);
2743 		if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2744 			pr_info("read\n");
2745 		if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE)
2746 			pr_info("write\n");
2747 		return 0;
2748 	}
2749 	if (raw_cmd->length == 0) {
2750 		DPRINT("zero dma transfer attempted from make_raw_request\n");
2751 		return 0;
2752 	}
2753 
2754 	virtualdmabug_workaround();
2755 	return 2;
2756 }
2757 
set_next_request(void)2758 static int set_next_request(void)
2759 {
2760 	current_req = list_first_entry_or_null(&floppy_reqs, struct request,
2761 					       queuelist);
2762 	if (current_req) {
2763 		floppy_errors = 0;
2764 		list_del_init(&current_req->queuelist);
2765 		return 1;
2766 	}
2767 	return 0;
2768 }
2769 
2770 /* Starts or continues processing request. Will automatically unlock the
2771  * driver at end of request.
2772  */
redo_fd_request(void)2773 static void redo_fd_request(void)
2774 {
2775 	int drive;
2776 	int tmp;
2777 
2778 	lastredo = jiffies;
2779 	if (current_drive < N_DRIVE)
2780 		floppy_off(current_drive);
2781 
2782 do_request:
2783 	if (!current_req) {
2784 		int pending;
2785 
2786 		spin_lock_irq(&floppy_lock);
2787 		pending = set_next_request();
2788 		spin_unlock_irq(&floppy_lock);
2789 		if (!pending) {
2790 			unlock_fdc();
2791 			return;
2792 		}
2793 	}
2794 	drive = (long)current_req->q->disk->private_data;
2795 	set_fdc(drive);
2796 	reschedule_timeout(current_drive, "redo fd request");
2797 
2798 	set_floppy(drive);
2799 	raw_cmd = &default_raw_cmd;
2800 	raw_cmd->flags = 0;
2801 	if (start_motor(redo_fd_request))
2802 		return;
2803 
2804 	disk_change(current_drive);
2805 	if (test_bit(current_drive, &fake_change) ||
2806 	    test_bit(FD_DISK_CHANGED_BIT, &drive_state[current_drive].flags)) {
2807 		DPRINT("disk absent or changed during operation\n");
2808 		request_done(0);
2809 		goto do_request;
2810 	}
2811 	if (!_floppy) {	/* Autodetection */
2812 		if (!probing) {
2813 			drive_state[current_drive].probed_format = 0;
2814 			if (next_valid_format(current_drive)) {
2815 				DPRINT("no autodetectable formats\n");
2816 				_floppy = NULL;
2817 				request_done(0);
2818 				goto do_request;
2819 			}
2820 		}
2821 		probing = 1;
2822 		_floppy = floppy_type + drive_params[current_drive].autodetect[drive_state[current_drive].probed_format];
2823 	} else
2824 		probing = 0;
2825 	tmp = make_raw_rw_request();
2826 	if (tmp < 2) {
2827 		request_done(tmp);
2828 		goto do_request;
2829 	}
2830 
2831 	if (test_bit(FD_NEED_TWADDLE_BIT, &drive_state[current_drive].flags))
2832 		twaddle(current_fdc, current_drive);
2833 	schedule_bh(floppy_start);
2834 	debugt(__func__, "queue fd request");
2835 	return;
2836 }
2837 
2838 static const struct cont_t rw_cont = {
2839 	.interrupt	= rw_interrupt,
2840 	.redo		= redo_fd_request,
2841 	.error		= bad_flp_intr,
2842 	.done		= request_done
2843 };
2844 
2845 /* schedule the request and automatically unlock the driver on completion */
process_fd_request(void)2846 static void process_fd_request(void)
2847 {
2848 	cont = &rw_cont;
2849 	schedule_bh(redo_fd_request);
2850 }
2851 
floppy_queue_rq(struct blk_mq_hw_ctx * hctx,const struct blk_mq_queue_data * bd)2852 static blk_status_t floppy_queue_rq(struct blk_mq_hw_ctx *hctx,
2853 				    const struct blk_mq_queue_data *bd)
2854 {
2855 	blk_mq_start_request(bd->rq);
2856 
2857 	if (WARN(max_buffer_sectors == 0,
2858 		 "VFS: %s called on non-open device\n", __func__))
2859 		return BLK_STS_IOERR;
2860 
2861 	if (WARN(atomic_read(&usage_count) == 0,
2862 		 "warning: usage count=0, current_req=%p sect=%ld flags=%llx\n",
2863 		 current_req, (long)blk_rq_pos(current_req),
2864 		 (__force unsigned long long) current_req->cmd_flags))
2865 		return BLK_STS_IOERR;
2866 
2867 	if (test_and_set_bit(0, &fdc_busy)) {
2868 		/* fdc busy, this new request will be treated when the
2869 		   current one is done */
2870 		is_alive(__func__, "old request running");
2871 		return BLK_STS_RESOURCE;
2872 	}
2873 
2874 	spin_lock_irq(&floppy_lock);
2875 	list_add_tail(&bd->rq->queuelist, &floppy_reqs);
2876 	spin_unlock_irq(&floppy_lock);
2877 
2878 	command_status = FD_COMMAND_NONE;
2879 	__reschedule_timeout(MAXTIMEOUT, "fd_request");
2880 	set_fdc(0);
2881 	process_fd_request();
2882 	is_alive(__func__, "");
2883 	return BLK_STS_OK;
2884 }
2885 
2886 static const struct cont_t poll_cont = {
2887 	.interrupt	= success_and_wakeup,
2888 	.redo		= floppy_ready,
2889 	.error		= generic_failure,
2890 	.done		= generic_done
2891 };
2892 
poll_drive(bool interruptible,int flag)2893 static int poll_drive(bool interruptible, int flag)
2894 {
2895 	/* no auto-sense, just clear dcl */
2896 	raw_cmd = &default_raw_cmd;
2897 	raw_cmd->flags = flag;
2898 	raw_cmd->track = 0;
2899 	raw_cmd->cmd_count = 0;
2900 	cont = &poll_cont;
2901 	debug_dcl(drive_params[current_drive].flags,
2902 		  "setting NEWCHANGE in poll_drive\n");
2903 	set_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags);
2904 
2905 	return wait_til_done(floppy_ready, interruptible);
2906 }
2907 
2908 /*
2909  * User triggered reset
2910  * ====================
2911  */
2912 
reset_intr(void)2913 static void reset_intr(void)
2914 {
2915 	pr_info("weird, reset interrupt called\n");
2916 }
2917 
2918 static const struct cont_t reset_cont = {
2919 	.interrupt	= reset_intr,
2920 	.redo		= success_and_wakeup,
2921 	.error		= generic_failure,
2922 	.done		= generic_done
2923 };
2924 
2925 /*
2926  * Resets the FDC connected to drive <drive>.
2927  * Both current_drive and current_fdc are changed to match the new drive.
2928  */
user_reset_fdc(int drive,int arg,bool interruptible)2929 static int user_reset_fdc(int drive, int arg, bool interruptible)
2930 {
2931 	int ret;
2932 
2933 	if (lock_fdc(drive))
2934 		return -EINTR;
2935 
2936 	if (arg == FD_RESET_ALWAYS)
2937 		fdc_state[current_fdc].reset = 1;
2938 	if (fdc_state[current_fdc].reset) {
2939 		/* note: reset_fdc will take care of unlocking the driver
2940 		 * on completion.
2941 		 */
2942 		cont = &reset_cont;
2943 		ret = wait_til_done(reset_fdc, interruptible);
2944 		if (ret == -EINTR)
2945 			return -EINTR;
2946 	}
2947 	process_fd_request();
2948 	return 0;
2949 }
2950 
2951 /*
2952  * Misc Ioctl's and support
2953  * ========================
2954  */
fd_copyout(void __user * param,const void * address,unsigned long size)2955 static inline int fd_copyout(void __user *param, const void *address,
2956 			     unsigned long size)
2957 {
2958 	return copy_to_user(param, address, size) ? -EFAULT : 0;
2959 }
2960 
fd_copyin(void __user * param,void * address,unsigned long size)2961 static inline int fd_copyin(void __user *param, void *address,
2962 			    unsigned long size)
2963 {
2964 	return copy_from_user(address, param, size) ? -EFAULT : 0;
2965 }
2966 
drive_name(int type,int drive)2967 static const char *drive_name(int type, int drive)
2968 {
2969 	struct floppy_struct *floppy;
2970 
2971 	if (type)
2972 		floppy = floppy_type + type;
2973 	else {
2974 		if (drive_params[drive].native_format)
2975 			floppy = floppy_type + drive_params[drive].native_format;
2976 		else
2977 			return "(null)";
2978 	}
2979 	if (floppy->name)
2980 		return floppy->name;
2981 	else
2982 		return "(null)";
2983 }
2984 
2985 #ifdef CONFIG_BLK_DEV_FD_RAWCMD
2986 
2987 /* raw commands */
raw_cmd_done(int flag)2988 static void raw_cmd_done(int flag)
2989 {
2990 	if (!flag) {
2991 		raw_cmd->flags |= FD_RAW_FAILURE;
2992 		raw_cmd->flags |= FD_RAW_HARDFAILURE;
2993 	} else {
2994 		raw_cmd->reply_count = inr;
2995 		if (raw_cmd->reply_count > FD_RAW_REPLY_SIZE)
2996 			raw_cmd->reply_count = 0;
2997 		memcpy(raw_cmd->reply, reply_buffer, raw_cmd->reply_count);
2998 
2999 		if (raw_cmd->flags & (FD_RAW_READ | FD_RAW_WRITE)) {
3000 			unsigned long flags;
3001 			flags = claim_dma_lock();
3002 			raw_cmd->length = fd_get_dma_residue();
3003 			release_dma_lock(flags);
3004 		}
3005 
3006 		if ((raw_cmd->flags & FD_RAW_SOFTFAILURE) &&
3007 		    (!raw_cmd->reply_count || (raw_cmd->reply[0] & 0xc0)))
3008 			raw_cmd->flags |= FD_RAW_FAILURE;
3009 
3010 		if (disk_change(current_drive))
3011 			raw_cmd->flags |= FD_RAW_DISK_CHANGE;
3012 		else
3013 			raw_cmd->flags &= ~FD_RAW_DISK_CHANGE;
3014 		if (raw_cmd->flags & FD_RAW_NO_MOTOR_AFTER)
3015 			motor_off_callback(&motor_off_timer[current_drive]);
3016 
3017 		if (raw_cmd->next &&
3018 		    (!(raw_cmd->flags & FD_RAW_FAILURE) ||
3019 		     !(raw_cmd->flags & FD_RAW_STOP_IF_FAILURE)) &&
3020 		    ((raw_cmd->flags & FD_RAW_FAILURE) ||
3021 		     !(raw_cmd->flags & FD_RAW_STOP_IF_SUCCESS))) {
3022 			raw_cmd = raw_cmd->next;
3023 			return;
3024 		}
3025 	}
3026 	generic_done(flag);
3027 }
3028 
3029 static const struct cont_t raw_cmd_cont = {
3030 	.interrupt	= success_and_wakeup,
3031 	.redo		= floppy_start,
3032 	.error		= generic_failure,
3033 	.done		= raw_cmd_done
3034 };
3035 
raw_cmd_copyout(int cmd,void __user * param,struct floppy_raw_cmd * ptr)3036 static int raw_cmd_copyout(int cmd, void __user *param,
3037 				  struct floppy_raw_cmd *ptr)
3038 {
3039 	int ret;
3040 
3041 	while (ptr) {
3042 		struct floppy_raw_cmd cmd = *ptr;
3043 		cmd.next = NULL;
3044 		cmd.kernel_data = NULL;
3045 		ret = copy_to_user(param, &cmd, sizeof(cmd));
3046 		if (ret)
3047 			return -EFAULT;
3048 		param += sizeof(struct floppy_raw_cmd);
3049 		if ((ptr->flags & FD_RAW_READ) && ptr->buffer_length) {
3050 			if (ptr->length >= 0 &&
3051 			    ptr->length <= ptr->buffer_length) {
3052 				long length = ptr->buffer_length - ptr->length;
3053 				ret = fd_copyout(ptr->data, ptr->kernel_data,
3054 						 length);
3055 				if (ret)
3056 					return ret;
3057 			}
3058 		}
3059 		ptr = ptr->next;
3060 	}
3061 
3062 	return 0;
3063 }
3064 
raw_cmd_free(struct floppy_raw_cmd ** ptr)3065 static void raw_cmd_free(struct floppy_raw_cmd **ptr)
3066 {
3067 	struct floppy_raw_cmd *next;
3068 	struct floppy_raw_cmd *this;
3069 
3070 	this = *ptr;
3071 	*ptr = NULL;
3072 	while (this) {
3073 		if (this->buffer_length) {
3074 			fd_dma_mem_free((unsigned long)this->kernel_data,
3075 					this->buffer_length);
3076 			this->buffer_length = 0;
3077 		}
3078 		next = this->next;
3079 		kfree(this);
3080 		this = next;
3081 	}
3082 }
3083 
3084 #define MAX_LEN (1UL << MAX_PAGE_ORDER << PAGE_SHIFT)
3085 
raw_cmd_copyin(int cmd,void __user * param,struct floppy_raw_cmd ** rcmd)3086 static int raw_cmd_copyin(int cmd, void __user *param,
3087 				 struct floppy_raw_cmd **rcmd)
3088 {
3089 	struct floppy_raw_cmd *ptr;
3090 	int ret;
3091 
3092 	*rcmd = NULL;
3093 
3094 loop:
3095 	ptr = kmalloc(sizeof(struct floppy_raw_cmd), GFP_KERNEL);
3096 	if (!ptr)
3097 		return -ENOMEM;
3098 	*rcmd = ptr;
3099 	ret = copy_from_user(ptr, param, sizeof(*ptr));
3100 	ptr->next = NULL;
3101 	ptr->buffer_length = 0;
3102 	ptr->kernel_data = NULL;
3103 	if (ret)
3104 		return -EFAULT;
3105 	param += sizeof(struct floppy_raw_cmd);
3106 	if (ptr->cmd_count > FD_RAW_CMD_FULLSIZE)
3107 		return -EINVAL;
3108 
3109 	memset(ptr->reply, 0, FD_RAW_REPLY_SIZE);
3110 	ptr->resultcode = 0;
3111 
3112 	if (ptr->flags & (FD_RAW_READ | FD_RAW_WRITE)) {
3113 		if (ptr->length <= 0 || ptr->length > MAX_LEN)
3114 			return -EINVAL;
3115 		ptr->kernel_data = (char *)fd_dma_mem_alloc(ptr->length);
3116 		fallback_on_nodma_alloc(&ptr->kernel_data, ptr->length);
3117 		if (!ptr->kernel_data)
3118 			return -ENOMEM;
3119 		ptr->buffer_length = ptr->length;
3120 	}
3121 	if (ptr->flags & FD_RAW_WRITE) {
3122 		ret = fd_copyin(ptr->data, ptr->kernel_data, ptr->length);
3123 		if (ret)
3124 			return ret;
3125 	}
3126 
3127 	if (ptr->flags & FD_RAW_MORE) {
3128 		rcmd = &(ptr->next);
3129 		ptr->rate &= 0x43;
3130 		goto loop;
3131 	}
3132 
3133 	return 0;
3134 }
3135 
raw_cmd_ioctl(int cmd,void __user * param)3136 static int raw_cmd_ioctl(int cmd, void __user *param)
3137 {
3138 	struct floppy_raw_cmd *my_raw_cmd;
3139 	int drive;
3140 	int ret2;
3141 	int ret;
3142 
3143 	if (fdc_state[current_fdc].rawcmd <= 1)
3144 		fdc_state[current_fdc].rawcmd = 1;
3145 	for (drive = 0; drive < N_DRIVE; drive++) {
3146 		if (FDC(drive) != current_fdc)
3147 			continue;
3148 		if (drive == current_drive) {
3149 			if (drive_state[drive].fd_ref > 1) {
3150 				fdc_state[current_fdc].rawcmd = 2;
3151 				break;
3152 			}
3153 		} else if (drive_state[drive].fd_ref) {
3154 			fdc_state[current_fdc].rawcmd = 2;
3155 			break;
3156 		}
3157 	}
3158 
3159 	if (fdc_state[current_fdc].reset)
3160 		return -EIO;
3161 
3162 	ret = raw_cmd_copyin(cmd, param, &my_raw_cmd);
3163 	if (ret) {
3164 		raw_cmd_free(&my_raw_cmd);
3165 		return ret;
3166 	}
3167 
3168 	raw_cmd = my_raw_cmd;
3169 	cont = &raw_cmd_cont;
3170 	ret = wait_til_done(floppy_start, true);
3171 	debug_dcl(drive_params[current_drive].flags,
3172 		  "calling disk change from raw_cmd ioctl\n");
3173 
3174 	if (ret != -EINTR && fdc_state[current_fdc].reset)
3175 		ret = -EIO;
3176 
3177 	drive_state[current_drive].track = NO_TRACK;
3178 
3179 	ret2 = raw_cmd_copyout(cmd, param, my_raw_cmd);
3180 	if (!ret)
3181 		ret = ret2;
3182 	raw_cmd_free(&my_raw_cmd);
3183 	return ret;
3184 }
3185 
floppy_raw_cmd_ioctl(int type,int drive,int cmd,void __user * param)3186 static int floppy_raw_cmd_ioctl(int type, int drive, int cmd,
3187 				void __user *param)
3188 {
3189 	int ret;
3190 
3191 	pr_warn_once("Note: FDRAWCMD is deprecated and will be removed from the kernel in the near future.\n");
3192 
3193 	if (type)
3194 		return -EINVAL;
3195 	if (lock_fdc(drive))
3196 		return -EINTR;
3197 	set_floppy(drive);
3198 	ret = raw_cmd_ioctl(cmd, param);
3199 	if (ret == -EINTR)
3200 		return -EINTR;
3201 	process_fd_request();
3202 	return ret;
3203 }
3204 
3205 #else /* CONFIG_BLK_DEV_FD_RAWCMD */
3206 
floppy_raw_cmd_ioctl(int type,int drive,int cmd,void __user * param)3207 static int floppy_raw_cmd_ioctl(int type, int drive, int cmd,
3208 				void __user *param)
3209 {
3210 	return -EOPNOTSUPP;
3211 }
3212 
3213 #endif
3214 
invalidate_drive(struct gendisk * disk)3215 static int invalidate_drive(struct gendisk *disk)
3216 {
3217 	/* invalidate the buffer track to force a reread */
3218 	set_bit((long)disk->private_data, &fake_change);
3219 	process_fd_request();
3220 	if (disk_check_media_change(disk)) {
3221 		bdev_mark_dead(disk->part0, true);
3222 		floppy_revalidate(disk);
3223 	}
3224 	return 0;
3225 }
3226 
set_geometry(unsigned int cmd,struct floppy_struct * g,int drive,int type,struct block_device * bdev)3227 static int set_geometry(unsigned int cmd, struct floppy_struct *g,
3228 			       int drive, int type, struct block_device *bdev)
3229 {
3230 	int cnt;
3231 
3232 	/* sanity checking for parameters. */
3233 	if ((int)g->sect <= 0 ||
3234 	    (int)g->head <= 0 ||
3235 	    /* check for overflow in max_sector */
3236 	    (int)(g->sect * g->head) <= 0 ||
3237 	    /* check for zero in raw_cmd->cmd[F_SECT_PER_TRACK] */
3238 	    (unsigned char)((g->sect << 2) >> FD_SIZECODE(g)) == 0 ||
3239 	    g->track <= 0 || g->track > drive_params[drive].tracks >> STRETCH(g) ||
3240 	    /* check if reserved bits are set */
3241 	    (g->stretch & ~(FD_STRETCH | FD_SWAPSIDES | FD_SECTBASEMASK)) != 0)
3242 		return -EINVAL;
3243 	if (type) {
3244 		if (!capable(CAP_SYS_ADMIN))
3245 			return -EPERM;
3246 		mutex_lock(&open_lock);
3247 		if (lock_fdc(drive)) {
3248 			mutex_unlock(&open_lock);
3249 			return -EINTR;
3250 		}
3251 		floppy_type[type] = *g;
3252 		floppy_type[type].name = "user format";
3253 		for (cnt = type << 2; cnt < (type << 2) + 4; cnt++)
3254 			floppy_sizes[cnt] = floppy_sizes[cnt + 0x80] =
3255 			    floppy_type[type].size + 1;
3256 		process_fd_request();
3257 		for (cnt = 0; cnt < N_DRIVE; cnt++) {
3258 			struct gendisk *disk = opened_disk[cnt];
3259 
3260 			if (!disk || ITYPE(drive_state[cnt].fd_device) != type)
3261 				continue;
3262 			disk_force_media_change(disk);
3263 		}
3264 		mutex_unlock(&open_lock);
3265 	} else {
3266 		int oldStretch;
3267 
3268 		if (lock_fdc(drive))
3269 			return -EINTR;
3270 		if (cmd != FDDEFPRM) {
3271 			/* notice a disk change immediately, else
3272 			 * we lose our settings immediately*/
3273 			if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3274 				return -EINTR;
3275 		}
3276 		oldStretch = g->stretch;
3277 		user_params[drive] = *g;
3278 		if (buffer_drive == drive)
3279 			SUPBOUND(buffer_max, user_params[drive].sect);
3280 		current_type[drive] = &user_params[drive];
3281 		floppy_sizes[drive] = user_params[drive].size;
3282 		if (cmd == FDDEFPRM)
3283 			drive_state[current_drive].keep_data = -1;
3284 		else
3285 			drive_state[current_drive].keep_data = 1;
3286 		/* invalidation. Invalidate only when needed, i.e.
3287 		 * when there are already sectors in the buffer cache
3288 		 * whose number will change. This is useful, because
3289 		 * mtools often changes the geometry of the disk after
3290 		 * looking at the boot block */
3291 		if (drive_state[current_drive].maxblock > user_params[drive].sect ||
3292 		    drive_state[current_drive].maxtrack ||
3293 		    ((user_params[drive].sect ^ oldStretch) &
3294 		     (FD_SWAPSIDES | FD_SECTBASEMASK)))
3295 			invalidate_drive(bdev->bd_disk);
3296 		else
3297 			process_fd_request();
3298 	}
3299 	return 0;
3300 }
3301 
3302 /* handle obsolete ioctl's */
3303 static unsigned int ioctl_table[] = {
3304 	FDCLRPRM,
3305 	FDSETPRM,
3306 	FDDEFPRM,
3307 	FDGETPRM,
3308 	FDMSGON,
3309 	FDMSGOFF,
3310 	FDFMTBEG,
3311 	FDFMTTRK,
3312 	FDFMTEND,
3313 	FDSETEMSGTRESH,
3314 	FDFLUSH,
3315 	FDSETMAXERRS,
3316 	FDGETMAXERRS,
3317 	FDGETDRVTYP,
3318 	FDSETDRVPRM,
3319 	FDGETDRVPRM,
3320 	FDGETDRVSTAT,
3321 	FDPOLLDRVSTAT,
3322 	FDRESET,
3323 	FDGETFDCSTAT,
3324 	FDWERRORCLR,
3325 	FDWERRORGET,
3326 	FDRAWCMD,
3327 	FDEJECT,
3328 	FDTWADDLE
3329 };
3330 
normalize_ioctl(unsigned int * cmd,int * size)3331 static int normalize_ioctl(unsigned int *cmd, int *size)
3332 {
3333 	int i;
3334 
3335 	for (i = 0; i < ARRAY_SIZE(ioctl_table); i++) {
3336 		if ((*cmd & 0xffff) == (ioctl_table[i] & 0xffff)) {
3337 			*size = _IOC_SIZE(*cmd);
3338 			*cmd = ioctl_table[i];
3339 			if (*size > _IOC_SIZE(*cmd)) {
3340 				pr_info("ioctl not yet supported\n");
3341 				return -EFAULT;
3342 			}
3343 			return 0;
3344 		}
3345 	}
3346 	return -EINVAL;
3347 }
3348 
get_floppy_geometry(int drive,int type,struct floppy_struct ** g)3349 static int get_floppy_geometry(int drive, int type, struct floppy_struct **g)
3350 {
3351 	if (type)
3352 		*g = &floppy_type[type];
3353 	else {
3354 		if (lock_fdc(drive))
3355 			return -EINTR;
3356 		if (poll_drive(false, 0) == -EINTR)
3357 			return -EINTR;
3358 		process_fd_request();
3359 		*g = current_type[drive];
3360 	}
3361 	if (!*g)
3362 		return -ENODEV;
3363 	return 0;
3364 }
3365 
fd_getgeo(struct block_device * bdev,struct hd_geometry * geo)3366 static int fd_getgeo(struct block_device *bdev, struct hd_geometry *geo)
3367 {
3368 	int drive = (long)bdev->bd_disk->private_data;
3369 	int type = ITYPE(drive_state[drive].fd_device);
3370 	struct floppy_struct *g;
3371 	int ret;
3372 
3373 	ret = get_floppy_geometry(drive, type, &g);
3374 	if (ret)
3375 		return ret;
3376 
3377 	geo->heads = g->head;
3378 	geo->sectors = g->sect;
3379 	geo->cylinders = g->track;
3380 	return 0;
3381 }
3382 
valid_floppy_drive_params(const short autodetect[FD_AUTODETECT_SIZE],int native_format)3383 static bool valid_floppy_drive_params(const short autodetect[FD_AUTODETECT_SIZE],
3384 		int native_format)
3385 {
3386 	size_t floppy_type_size = ARRAY_SIZE(floppy_type);
3387 	size_t i = 0;
3388 
3389 	for (i = 0; i < FD_AUTODETECT_SIZE; ++i) {
3390 		if (autodetect[i] < 0 ||
3391 		    autodetect[i] >= floppy_type_size)
3392 			return false;
3393 	}
3394 
3395 	if (native_format < 0 || native_format >= floppy_type_size)
3396 		return false;
3397 
3398 	return true;
3399 }
3400 
fd_locked_ioctl(struct block_device * bdev,blk_mode_t mode,unsigned int cmd,unsigned long param)3401 static int fd_locked_ioctl(struct block_device *bdev, blk_mode_t mode,
3402 		unsigned int cmd, unsigned long param)
3403 {
3404 	int drive = (long)bdev->bd_disk->private_data;
3405 	int type = ITYPE(drive_state[drive].fd_device);
3406 	int ret;
3407 	int size;
3408 	union inparam {
3409 		struct floppy_struct g;	/* geometry */
3410 		struct format_descr f;
3411 		struct floppy_max_errors max_errors;
3412 		struct floppy_drive_params dp;
3413 	} inparam;		/* parameters coming from user space */
3414 	const void *outparam;	/* parameters passed back to user space */
3415 
3416 	/* convert compatibility eject ioctls into floppy eject ioctl.
3417 	 * We do this in order to provide a means to eject floppy disks before
3418 	 * installing the new fdutils package */
3419 	if (cmd == CDROMEJECT ||	/* CD-ROM eject */
3420 	    cmd == 0x6470) {		/* SunOS floppy eject */
3421 		DPRINT("obsolete eject ioctl\n");
3422 		DPRINT("please use floppycontrol --eject\n");
3423 		cmd = FDEJECT;
3424 	}
3425 
3426 	if (!((cmd & 0xff00) == 0x0200))
3427 		return -EINVAL;
3428 
3429 	/* convert the old style command into a new style command */
3430 	ret = normalize_ioctl(&cmd, &size);
3431 	if (ret)
3432 		return ret;
3433 
3434 	/* permission checks */
3435 	if (((cmd & 0x40) &&
3436 	     !(mode & (BLK_OPEN_WRITE | BLK_OPEN_WRITE_IOCTL))) ||
3437 	    ((cmd & 0x80) && !capable(CAP_SYS_ADMIN)))
3438 		return -EPERM;
3439 
3440 	if (WARN_ON(size < 0 || size > sizeof(inparam)))
3441 		return -EINVAL;
3442 
3443 	/* copyin */
3444 	memset(&inparam, 0, sizeof(inparam));
3445 	if (_IOC_DIR(cmd) & _IOC_WRITE) {
3446 		ret = fd_copyin((void __user *)param, &inparam, size);
3447 		if (ret)
3448 			return ret;
3449 	}
3450 
3451 	switch (cmd) {
3452 	case FDEJECT:
3453 		if (drive_state[drive].fd_ref != 1)
3454 			/* somebody else has this drive open */
3455 			return -EBUSY;
3456 		if (lock_fdc(drive))
3457 			return -EINTR;
3458 
3459 		/* do the actual eject. Fails on
3460 		 * non-Sparc architectures */
3461 		ret = fd_eject(UNIT(drive));
3462 
3463 		set_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
3464 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
3465 		process_fd_request();
3466 		return ret;
3467 	case FDCLRPRM:
3468 		if (lock_fdc(drive))
3469 			return -EINTR;
3470 		current_type[drive] = NULL;
3471 		floppy_sizes[drive] = MAX_DISK_SIZE << 1;
3472 		drive_state[drive].keep_data = 0;
3473 		return invalidate_drive(bdev->bd_disk);
3474 	case FDSETPRM:
3475 	case FDDEFPRM:
3476 		return set_geometry(cmd, &inparam.g, drive, type, bdev);
3477 	case FDGETPRM:
3478 		ret = get_floppy_geometry(drive, type,
3479 					  (struct floppy_struct **)&outparam);
3480 		if (ret)
3481 			return ret;
3482 		memcpy(&inparam.g, outparam,
3483 				offsetof(struct floppy_struct, name));
3484 		outparam = &inparam.g;
3485 		break;
3486 	case FDMSGON:
3487 		drive_params[drive].flags |= FTD_MSG;
3488 		return 0;
3489 	case FDMSGOFF:
3490 		drive_params[drive].flags &= ~FTD_MSG;
3491 		return 0;
3492 	case FDFMTBEG:
3493 		if (lock_fdc(drive))
3494 			return -EINTR;
3495 		if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3496 			return -EINTR;
3497 		ret = drive_state[drive].flags;
3498 		process_fd_request();
3499 		if (ret & FD_VERIFY)
3500 			return -ENODEV;
3501 		if (!(ret & FD_DISK_WRITABLE))
3502 			return -EROFS;
3503 		return 0;
3504 	case FDFMTTRK:
3505 		if (drive_state[drive].fd_ref != 1)
3506 			return -EBUSY;
3507 		return do_format(drive, &inparam.f);
3508 	case FDFMTEND:
3509 	case FDFLUSH:
3510 		if (lock_fdc(drive))
3511 			return -EINTR;
3512 		return invalidate_drive(bdev->bd_disk);
3513 	case FDSETEMSGTRESH:
3514 		drive_params[drive].max_errors.reporting = (unsigned short)(param & 0x0f);
3515 		return 0;
3516 	case FDGETMAXERRS:
3517 		outparam = &drive_params[drive].max_errors;
3518 		break;
3519 	case FDSETMAXERRS:
3520 		drive_params[drive].max_errors = inparam.max_errors;
3521 		break;
3522 	case FDGETDRVTYP:
3523 		outparam = drive_name(type, drive);
3524 		SUPBOUND(size, strlen((const char *)outparam) + 1);
3525 		break;
3526 	case FDSETDRVPRM:
3527 		if (!valid_floppy_drive_params(inparam.dp.autodetect,
3528 				inparam.dp.native_format))
3529 			return -EINVAL;
3530 		drive_params[drive] = inparam.dp;
3531 		break;
3532 	case FDGETDRVPRM:
3533 		outparam = &drive_params[drive];
3534 		break;
3535 	case FDPOLLDRVSTAT:
3536 		if (lock_fdc(drive))
3537 			return -EINTR;
3538 		if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3539 			return -EINTR;
3540 		process_fd_request();
3541 		fallthrough;
3542 	case FDGETDRVSTAT:
3543 		outparam = &drive_state[drive];
3544 		break;
3545 	case FDRESET:
3546 		return user_reset_fdc(drive, (int)param, true);
3547 	case FDGETFDCSTAT:
3548 		outparam = &fdc_state[FDC(drive)];
3549 		break;
3550 	case FDWERRORCLR:
3551 		memset(&write_errors[drive], 0, sizeof(write_errors[drive]));
3552 		return 0;
3553 	case FDWERRORGET:
3554 		outparam = &write_errors[drive];
3555 		break;
3556 	case FDRAWCMD:
3557 		return floppy_raw_cmd_ioctl(type, drive, cmd, (void __user *)param);
3558 	case FDTWADDLE:
3559 		if (lock_fdc(drive))
3560 			return -EINTR;
3561 		twaddle(current_fdc, current_drive);
3562 		process_fd_request();
3563 		return 0;
3564 	default:
3565 		return -EINVAL;
3566 	}
3567 
3568 	if (_IOC_DIR(cmd) & _IOC_READ)
3569 		return fd_copyout((void __user *)param, outparam, size);
3570 
3571 	return 0;
3572 }
3573 
fd_ioctl(struct block_device * bdev,blk_mode_t mode,unsigned int cmd,unsigned long param)3574 static int fd_ioctl(struct block_device *bdev, blk_mode_t mode,
3575 			     unsigned int cmd, unsigned long param)
3576 {
3577 	int ret;
3578 
3579 	mutex_lock(&floppy_mutex);
3580 	ret = fd_locked_ioctl(bdev, mode, cmd, param);
3581 	mutex_unlock(&floppy_mutex);
3582 
3583 	return ret;
3584 }
3585 
3586 #ifdef CONFIG_COMPAT
3587 
3588 struct compat_floppy_drive_params {
3589 	char		cmos;
3590 	compat_ulong_t	max_dtr;
3591 	compat_ulong_t	hlt;
3592 	compat_ulong_t	hut;
3593 	compat_ulong_t	srt;
3594 	compat_ulong_t	spinup;
3595 	compat_ulong_t	spindown;
3596 	unsigned char	spindown_offset;
3597 	unsigned char	select_delay;
3598 	unsigned char	rps;
3599 	unsigned char	tracks;
3600 	compat_ulong_t	timeout;
3601 	unsigned char	interleave_sect;
3602 	struct floppy_max_errors max_errors;
3603 	char		flags;
3604 	char		read_track;
3605 	short		autodetect[FD_AUTODETECT_SIZE];
3606 	compat_int_t	checkfreq;
3607 	compat_int_t	native_format;
3608 };
3609 
3610 struct compat_floppy_drive_struct {
3611 	signed char	flags;
3612 	compat_ulong_t	spinup_date;
3613 	compat_ulong_t	select_date;
3614 	compat_ulong_t	first_read_date;
3615 	short		probed_format;
3616 	short		track;
3617 	short		maxblock;
3618 	short		maxtrack;
3619 	compat_int_t	generation;
3620 	compat_int_t	keep_data;
3621 	compat_int_t	fd_ref;
3622 	compat_int_t	fd_device;
3623 	compat_int_t	last_checked;
3624 	compat_caddr_t dmabuf;
3625 	compat_int_t	bufblocks;
3626 };
3627 
3628 struct compat_floppy_fdc_state {
3629 	compat_int_t	spec1;
3630 	compat_int_t	spec2;
3631 	compat_int_t	dtr;
3632 	unsigned char	version;
3633 	unsigned char	dor;
3634 	compat_ulong_t	address;
3635 	unsigned int	rawcmd:2;
3636 	unsigned int	reset:1;
3637 	unsigned int	need_configure:1;
3638 	unsigned int	perp_mode:2;
3639 	unsigned int	has_fifo:1;
3640 	unsigned int	driver_version;
3641 	unsigned char	track[4];
3642 };
3643 
3644 struct compat_floppy_write_errors {
3645 	unsigned int	write_errors;
3646 	compat_ulong_t	first_error_sector;
3647 	compat_int_t	first_error_generation;
3648 	compat_ulong_t	last_error_sector;
3649 	compat_int_t	last_error_generation;
3650 	compat_uint_t	badness;
3651 };
3652 
3653 #define FDSETPRM32 _IOW(2, 0x42, struct compat_floppy_struct)
3654 #define FDDEFPRM32 _IOW(2, 0x43, struct compat_floppy_struct)
3655 #define FDSETDRVPRM32 _IOW(2, 0x90, struct compat_floppy_drive_params)
3656 #define FDGETDRVPRM32 _IOR(2, 0x11, struct compat_floppy_drive_params)
3657 #define FDGETDRVSTAT32 _IOR(2, 0x12, struct compat_floppy_drive_struct)
3658 #define FDPOLLDRVSTAT32 _IOR(2, 0x13, struct compat_floppy_drive_struct)
3659 #define FDGETFDCSTAT32 _IOR(2, 0x15, struct compat_floppy_fdc_state)
3660 #define FDWERRORGET32  _IOR(2, 0x17, struct compat_floppy_write_errors)
3661 
compat_set_geometry(struct block_device * bdev,blk_mode_t mode,unsigned int cmd,struct compat_floppy_struct __user * arg)3662 static int compat_set_geometry(struct block_device *bdev, blk_mode_t mode,
3663 		unsigned int cmd, struct compat_floppy_struct __user *arg)
3664 {
3665 	struct floppy_struct v;
3666 	int drive, type;
3667 	int err;
3668 
3669 	BUILD_BUG_ON(offsetof(struct floppy_struct, name) !=
3670 		     offsetof(struct compat_floppy_struct, name));
3671 
3672 	if (!(mode & (BLK_OPEN_WRITE | BLK_OPEN_WRITE_IOCTL)))
3673 		return -EPERM;
3674 
3675 	memset(&v, 0, sizeof(struct floppy_struct));
3676 	if (copy_from_user(&v, arg, offsetof(struct floppy_struct, name)))
3677 		return -EFAULT;
3678 
3679 	mutex_lock(&floppy_mutex);
3680 	drive = (long)bdev->bd_disk->private_data;
3681 	type = ITYPE(drive_state[drive].fd_device);
3682 	err = set_geometry(cmd == FDSETPRM32 ? FDSETPRM : FDDEFPRM,
3683 			&v, drive, type, bdev);
3684 	mutex_unlock(&floppy_mutex);
3685 	return err;
3686 }
3687 
compat_get_prm(int drive,struct compat_floppy_struct __user * arg)3688 static int compat_get_prm(int drive,
3689 			  struct compat_floppy_struct __user *arg)
3690 {
3691 	struct compat_floppy_struct v;
3692 	struct floppy_struct *p;
3693 	int err;
3694 
3695 	memset(&v, 0, sizeof(v));
3696 	mutex_lock(&floppy_mutex);
3697 	err = get_floppy_geometry(drive, ITYPE(drive_state[drive].fd_device),
3698 				  &p);
3699 	if (err) {
3700 		mutex_unlock(&floppy_mutex);
3701 		return err;
3702 	}
3703 	memcpy(&v, p, offsetof(struct floppy_struct, name));
3704 	mutex_unlock(&floppy_mutex);
3705 	if (copy_to_user(arg, &v, sizeof(struct compat_floppy_struct)))
3706 		return -EFAULT;
3707 	return 0;
3708 }
3709 
compat_setdrvprm(int drive,struct compat_floppy_drive_params __user * arg)3710 static int compat_setdrvprm(int drive,
3711 			    struct compat_floppy_drive_params __user *arg)
3712 {
3713 	struct compat_floppy_drive_params v;
3714 
3715 	if (!capable(CAP_SYS_ADMIN))
3716 		return -EPERM;
3717 	if (copy_from_user(&v, arg, sizeof(struct compat_floppy_drive_params)))
3718 		return -EFAULT;
3719 	if (!valid_floppy_drive_params(v.autodetect, v.native_format))
3720 		return -EINVAL;
3721 	mutex_lock(&floppy_mutex);
3722 	drive_params[drive].cmos = v.cmos;
3723 	drive_params[drive].max_dtr = v.max_dtr;
3724 	drive_params[drive].hlt = v.hlt;
3725 	drive_params[drive].hut = v.hut;
3726 	drive_params[drive].srt = v.srt;
3727 	drive_params[drive].spinup = v.spinup;
3728 	drive_params[drive].spindown = v.spindown;
3729 	drive_params[drive].spindown_offset = v.spindown_offset;
3730 	drive_params[drive].select_delay = v.select_delay;
3731 	drive_params[drive].rps = v.rps;
3732 	drive_params[drive].tracks = v.tracks;
3733 	drive_params[drive].timeout = v.timeout;
3734 	drive_params[drive].interleave_sect = v.interleave_sect;
3735 	drive_params[drive].max_errors = v.max_errors;
3736 	drive_params[drive].flags = v.flags;
3737 	drive_params[drive].read_track = v.read_track;
3738 	memcpy(drive_params[drive].autodetect, v.autodetect,
3739 	       sizeof(v.autodetect));
3740 	drive_params[drive].checkfreq = v.checkfreq;
3741 	drive_params[drive].native_format = v.native_format;
3742 	mutex_unlock(&floppy_mutex);
3743 	return 0;
3744 }
3745 
compat_getdrvprm(int drive,struct compat_floppy_drive_params __user * arg)3746 static int compat_getdrvprm(int drive,
3747 			    struct compat_floppy_drive_params __user *arg)
3748 {
3749 	struct compat_floppy_drive_params v;
3750 
3751 	memset(&v, 0, sizeof(struct compat_floppy_drive_params));
3752 	mutex_lock(&floppy_mutex);
3753 	v.cmos = drive_params[drive].cmos;
3754 	v.max_dtr = drive_params[drive].max_dtr;
3755 	v.hlt = drive_params[drive].hlt;
3756 	v.hut = drive_params[drive].hut;
3757 	v.srt = drive_params[drive].srt;
3758 	v.spinup = drive_params[drive].spinup;
3759 	v.spindown = drive_params[drive].spindown;
3760 	v.spindown_offset = drive_params[drive].spindown_offset;
3761 	v.select_delay = drive_params[drive].select_delay;
3762 	v.rps = drive_params[drive].rps;
3763 	v.tracks = drive_params[drive].tracks;
3764 	v.timeout = drive_params[drive].timeout;
3765 	v.interleave_sect = drive_params[drive].interleave_sect;
3766 	v.max_errors = drive_params[drive].max_errors;
3767 	v.flags = drive_params[drive].flags;
3768 	v.read_track = drive_params[drive].read_track;
3769 	memcpy(v.autodetect, drive_params[drive].autodetect,
3770 	       sizeof(v.autodetect));
3771 	v.checkfreq = drive_params[drive].checkfreq;
3772 	v.native_format = drive_params[drive].native_format;
3773 	mutex_unlock(&floppy_mutex);
3774 
3775 	if (copy_to_user(arg, &v, sizeof(struct compat_floppy_drive_params)))
3776 		return -EFAULT;
3777 	return 0;
3778 }
3779 
compat_getdrvstat(int drive,bool poll,struct compat_floppy_drive_struct __user * arg)3780 static int compat_getdrvstat(int drive, bool poll,
3781 			    struct compat_floppy_drive_struct __user *arg)
3782 {
3783 	struct compat_floppy_drive_struct v;
3784 
3785 	memset(&v, 0, sizeof(struct compat_floppy_drive_struct));
3786 	mutex_lock(&floppy_mutex);
3787 
3788 	if (poll) {
3789 		if (lock_fdc(drive))
3790 			goto Eintr;
3791 		if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3792 			goto Eintr;
3793 		process_fd_request();
3794 	}
3795 	v.spinup_date = drive_state[drive].spinup_date;
3796 	v.select_date = drive_state[drive].select_date;
3797 	v.first_read_date = drive_state[drive].first_read_date;
3798 	v.probed_format = drive_state[drive].probed_format;
3799 	v.track = drive_state[drive].track;
3800 	v.maxblock = drive_state[drive].maxblock;
3801 	v.maxtrack = drive_state[drive].maxtrack;
3802 	v.generation = drive_state[drive].generation;
3803 	v.keep_data = drive_state[drive].keep_data;
3804 	v.fd_ref = drive_state[drive].fd_ref;
3805 	v.fd_device = drive_state[drive].fd_device;
3806 	v.last_checked = drive_state[drive].last_checked;
3807 	v.dmabuf = (uintptr_t) drive_state[drive].dmabuf;
3808 	v.bufblocks = drive_state[drive].bufblocks;
3809 	mutex_unlock(&floppy_mutex);
3810 
3811 	if (copy_to_user(arg, &v, sizeof(struct compat_floppy_drive_struct)))
3812 		return -EFAULT;
3813 	return 0;
3814 Eintr:
3815 	mutex_unlock(&floppy_mutex);
3816 	return -EINTR;
3817 }
3818 
compat_getfdcstat(int drive,struct compat_floppy_fdc_state __user * arg)3819 static int compat_getfdcstat(int drive,
3820 			    struct compat_floppy_fdc_state __user *arg)
3821 {
3822 	struct compat_floppy_fdc_state v32;
3823 	struct floppy_fdc_state v;
3824 
3825 	mutex_lock(&floppy_mutex);
3826 	v = fdc_state[FDC(drive)];
3827 	mutex_unlock(&floppy_mutex);
3828 
3829 	memset(&v32, 0, sizeof(struct compat_floppy_fdc_state));
3830 	v32.spec1 = v.spec1;
3831 	v32.spec2 = v.spec2;
3832 	v32.dtr = v.dtr;
3833 	v32.version = v.version;
3834 	v32.dor = v.dor;
3835 	v32.address = v.address;
3836 	v32.rawcmd = v.rawcmd;
3837 	v32.reset = v.reset;
3838 	v32.need_configure = v.need_configure;
3839 	v32.perp_mode = v.perp_mode;
3840 	v32.has_fifo = v.has_fifo;
3841 	v32.driver_version = v.driver_version;
3842 	memcpy(v32.track, v.track, 4);
3843 	if (copy_to_user(arg, &v32, sizeof(struct compat_floppy_fdc_state)))
3844 		return -EFAULT;
3845 	return 0;
3846 }
3847 
compat_werrorget(int drive,struct compat_floppy_write_errors __user * arg)3848 static int compat_werrorget(int drive,
3849 			    struct compat_floppy_write_errors __user *arg)
3850 {
3851 	struct compat_floppy_write_errors v32;
3852 	struct floppy_write_errors v;
3853 
3854 	memset(&v32, 0, sizeof(struct compat_floppy_write_errors));
3855 	mutex_lock(&floppy_mutex);
3856 	v = write_errors[drive];
3857 	mutex_unlock(&floppy_mutex);
3858 	v32.write_errors = v.write_errors;
3859 	v32.first_error_sector = v.first_error_sector;
3860 	v32.first_error_generation = v.first_error_generation;
3861 	v32.last_error_sector = v.last_error_sector;
3862 	v32.last_error_generation = v.last_error_generation;
3863 	v32.badness = v.badness;
3864 	if (copy_to_user(arg, &v32, sizeof(struct compat_floppy_write_errors)))
3865 		return -EFAULT;
3866 	return 0;
3867 }
3868 
fd_compat_ioctl(struct block_device * bdev,blk_mode_t mode,unsigned int cmd,unsigned long param)3869 static int fd_compat_ioctl(struct block_device *bdev, blk_mode_t mode,
3870 		unsigned int cmd, unsigned long param)
3871 {
3872 	int drive = (long)bdev->bd_disk->private_data;
3873 	switch (cmd) {
3874 	case CDROMEJECT: /* CD-ROM eject */
3875 	case 0x6470:	 /* SunOS floppy eject */
3876 
3877 	case FDMSGON:
3878 	case FDMSGOFF:
3879 	case FDSETEMSGTRESH:
3880 	case FDFLUSH:
3881 	case FDWERRORCLR:
3882 	case FDEJECT:
3883 	case FDCLRPRM:
3884 	case FDFMTBEG:
3885 	case FDRESET:
3886 	case FDTWADDLE:
3887 		return fd_ioctl(bdev, mode, cmd, param);
3888 	case FDSETMAXERRS:
3889 	case FDGETMAXERRS:
3890 	case FDGETDRVTYP:
3891 	case FDFMTEND:
3892 	case FDFMTTRK:
3893 	case FDRAWCMD:
3894 		return fd_ioctl(bdev, mode, cmd,
3895 				(unsigned long)compat_ptr(param));
3896 	case FDSETPRM32:
3897 	case FDDEFPRM32:
3898 		return compat_set_geometry(bdev, mode, cmd, compat_ptr(param));
3899 	case FDGETPRM32:
3900 		return compat_get_prm(drive, compat_ptr(param));
3901 	case FDSETDRVPRM32:
3902 		return compat_setdrvprm(drive, compat_ptr(param));
3903 	case FDGETDRVPRM32:
3904 		return compat_getdrvprm(drive, compat_ptr(param));
3905 	case FDPOLLDRVSTAT32:
3906 		return compat_getdrvstat(drive, true, compat_ptr(param));
3907 	case FDGETDRVSTAT32:
3908 		return compat_getdrvstat(drive, false, compat_ptr(param));
3909 	case FDGETFDCSTAT32:
3910 		return compat_getfdcstat(drive, compat_ptr(param));
3911 	case FDWERRORGET32:
3912 		return compat_werrorget(drive, compat_ptr(param));
3913 	}
3914 	return -EINVAL;
3915 }
3916 #endif
3917 
config_types(void)3918 static void __init config_types(void)
3919 {
3920 	bool has_drive = false;
3921 	int drive;
3922 
3923 	/* read drive info out of physical CMOS */
3924 	drive = 0;
3925 	if (!drive_params[drive].cmos)
3926 		drive_params[drive].cmos = FLOPPY0_TYPE;
3927 	drive = 1;
3928 	if (!drive_params[drive].cmos)
3929 		drive_params[drive].cmos = FLOPPY1_TYPE;
3930 
3931 	/* FIXME: additional physical CMOS drive detection should go here */
3932 
3933 	for (drive = 0; drive < N_DRIVE; drive++) {
3934 		unsigned int type = drive_params[drive].cmos;
3935 		struct floppy_drive_params *params;
3936 		const char *name = NULL;
3937 		char temparea[32];
3938 
3939 		if (type < ARRAY_SIZE(default_drive_params)) {
3940 			params = &default_drive_params[type].params;
3941 			if (type) {
3942 				name = default_drive_params[type].name;
3943 				allowed_drive_mask |= 1 << drive;
3944 			} else
3945 				allowed_drive_mask &= ~(1 << drive);
3946 		} else {
3947 			params = &default_drive_params[0].params;
3948 			snprintf(temparea, sizeof(temparea),
3949 				 "unknown type %d (usb?)", type);
3950 			name = temparea;
3951 		}
3952 		if (name) {
3953 			const char *prepend;
3954 			if (!has_drive) {
3955 				prepend = "";
3956 				has_drive = true;
3957 				pr_info("Floppy drive(s):");
3958 			} else {
3959 				prepend = ",";
3960 			}
3961 
3962 			pr_cont("%s fd%d is %s", prepend, drive, name);
3963 		}
3964 		drive_params[drive] = *params;
3965 	}
3966 
3967 	if (has_drive)
3968 		pr_cont("\n");
3969 }
3970 
floppy_release(struct gendisk * disk)3971 static void floppy_release(struct gendisk *disk)
3972 {
3973 	int drive = (long)disk->private_data;
3974 
3975 	mutex_lock(&floppy_mutex);
3976 	mutex_lock(&open_lock);
3977 	if (!drive_state[drive].fd_ref--) {
3978 		DPRINT("floppy_release with fd_ref == 0");
3979 		drive_state[drive].fd_ref = 0;
3980 	}
3981 	if (!drive_state[drive].fd_ref)
3982 		opened_disk[drive] = NULL;
3983 	mutex_unlock(&open_lock);
3984 	mutex_unlock(&floppy_mutex);
3985 }
3986 
3987 /*
3988  * floppy_open check for aliasing (/dev/fd0 can be the same as
3989  * /dev/PS0 etc), and disallows simultaneous access to the same
3990  * drive with different device numbers.
3991  */
floppy_open(struct gendisk * disk,blk_mode_t mode)3992 static int floppy_open(struct gendisk *disk, blk_mode_t mode)
3993 {
3994 	int drive = (long)disk->private_data;
3995 	int old_dev, new_dev;
3996 	int try;
3997 	int res = -EBUSY;
3998 	char *tmp;
3999 
4000 	mutex_lock(&floppy_mutex);
4001 	mutex_lock(&open_lock);
4002 	old_dev = drive_state[drive].fd_device;
4003 	if (opened_disk[drive] && opened_disk[drive] != disk)
4004 		goto out2;
4005 
4006 	if (!drive_state[drive].fd_ref && (drive_params[drive].flags & FD_BROKEN_DCL)) {
4007 		set_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
4008 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
4009 	}
4010 
4011 	drive_state[drive].fd_ref++;
4012 
4013 	opened_disk[drive] = disk;
4014 
4015 	res = -ENXIO;
4016 
4017 	if (!floppy_track_buffer) {
4018 		/* if opening an ED drive, reserve a big buffer,
4019 		 * else reserve a small one */
4020 		if ((drive_params[drive].cmos == 6) || (drive_params[drive].cmos == 5))
4021 			try = 64;	/* Only 48 actually useful */
4022 		else
4023 			try = 32;	/* Only 24 actually useful */
4024 
4025 		tmp = (char *)fd_dma_mem_alloc(1024 * try);
4026 		if (!tmp && !floppy_track_buffer) {
4027 			try >>= 1;	/* buffer only one side */
4028 			INFBOUND(try, 16);
4029 			tmp = (char *)fd_dma_mem_alloc(1024 * try);
4030 		}
4031 		if (!tmp && !floppy_track_buffer)
4032 			fallback_on_nodma_alloc(&tmp, 2048 * try);
4033 		if (!tmp && !floppy_track_buffer) {
4034 			DPRINT("Unable to allocate DMA memory\n");
4035 			goto out;
4036 		}
4037 		if (floppy_track_buffer) {
4038 			if (tmp)
4039 				fd_dma_mem_free((unsigned long)tmp, try * 1024);
4040 		} else {
4041 			buffer_min = buffer_max = -1;
4042 			floppy_track_buffer = tmp;
4043 			max_buffer_sectors = try;
4044 		}
4045 	}
4046 
4047 	new_dev = disk->first_minor;
4048 	drive_state[drive].fd_device = new_dev;
4049 	set_capacity(disks[drive][ITYPE(new_dev)], floppy_sizes[new_dev]);
4050 	if (old_dev != -1 && old_dev != new_dev) {
4051 		if (buffer_drive == drive)
4052 			buffer_track = -1;
4053 	}
4054 
4055 	if (fdc_state[FDC(drive)].rawcmd == 1)
4056 		fdc_state[FDC(drive)].rawcmd = 2;
4057 	if (!(mode & BLK_OPEN_NDELAY)) {
4058 		if (mode & (BLK_OPEN_READ | BLK_OPEN_WRITE)) {
4059 			drive_state[drive].last_checked = 0;
4060 			clear_bit(FD_OPEN_SHOULD_FAIL_BIT,
4061 				  &drive_state[drive].flags);
4062 			if (disk_check_media_change(disk))
4063 				floppy_revalidate(disk);
4064 			if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags))
4065 				goto out;
4066 			if (test_bit(FD_OPEN_SHOULD_FAIL_BIT, &drive_state[drive].flags))
4067 				goto out;
4068 		}
4069 		res = -EROFS;
4070 		if ((mode & BLK_OPEN_WRITE) &&
4071 		    !test_bit(FD_DISK_WRITABLE_BIT, &drive_state[drive].flags))
4072 			goto out;
4073 	}
4074 	mutex_unlock(&open_lock);
4075 	mutex_unlock(&floppy_mutex);
4076 	return 0;
4077 out:
4078 	drive_state[drive].fd_ref--;
4079 
4080 	if (!drive_state[drive].fd_ref)
4081 		opened_disk[drive] = NULL;
4082 out2:
4083 	mutex_unlock(&open_lock);
4084 	mutex_unlock(&floppy_mutex);
4085 	return res;
4086 }
4087 
4088 /*
4089  * Check if the disk has been changed or if a change has been faked.
4090  */
floppy_check_events(struct gendisk * disk,unsigned int clearing)4091 static unsigned int floppy_check_events(struct gendisk *disk,
4092 					unsigned int clearing)
4093 {
4094 	int drive = (long)disk->private_data;
4095 
4096 	if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4097 	    test_bit(FD_VERIFY_BIT, &drive_state[drive].flags))
4098 		return DISK_EVENT_MEDIA_CHANGE;
4099 
4100 	if (time_after(jiffies, drive_state[drive].last_checked + drive_params[drive].checkfreq)) {
4101 		if (lock_fdc(drive))
4102 			return 0;
4103 		poll_drive(false, 0);
4104 		process_fd_request();
4105 	}
4106 
4107 	if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4108 	    test_bit(FD_VERIFY_BIT, &drive_state[drive].flags) ||
4109 	    test_bit(drive, &fake_change) ||
4110 	    drive_no_geom(drive))
4111 		return DISK_EVENT_MEDIA_CHANGE;
4112 	return 0;
4113 }
4114 
4115 /*
4116  * This implements "read block 0" for floppy_revalidate().
4117  * Needed for format autodetection, checking whether there is
4118  * a disk in the drive, and whether that disk is writable.
4119  */
4120 
4121 struct rb0_cbdata {
4122 	int drive;
4123 	struct completion complete;
4124 };
4125 
floppy_rb0_cb(struct bio * bio)4126 static void floppy_rb0_cb(struct bio *bio)
4127 {
4128 	struct rb0_cbdata *cbdata = (struct rb0_cbdata *)bio->bi_private;
4129 	int drive = cbdata->drive;
4130 
4131 	if (bio->bi_status) {
4132 		pr_info("floppy: error %d while reading block 0\n",
4133 			bio->bi_status);
4134 		set_bit(FD_OPEN_SHOULD_FAIL_BIT, &drive_state[drive].flags);
4135 	}
4136 	complete(&cbdata->complete);
4137 }
4138 
__floppy_read_block_0(struct block_device * bdev,int drive)4139 static int __floppy_read_block_0(struct block_device *bdev, int drive)
4140 {
4141 	struct bio bio;
4142 	struct bio_vec bio_vec;
4143 	struct page *page;
4144 	struct rb0_cbdata cbdata;
4145 
4146 	page = alloc_page(GFP_NOIO);
4147 	if (!page) {
4148 		process_fd_request();
4149 		return -ENOMEM;
4150 	}
4151 
4152 	cbdata.drive = drive;
4153 
4154 	bio_init(&bio, bdev, &bio_vec, 1, REQ_OP_READ);
4155 	__bio_add_page(&bio, page, block_size(bdev), 0);
4156 
4157 	bio.bi_iter.bi_sector = 0;
4158 	bio.bi_flags |= (1 << BIO_QUIET);
4159 	bio.bi_private = &cbdata;
4160 	bio.bi_end_io = floppy_rb0_cb;
4161 
4162 	init_completion(&cbdata.complete);
4163 
4164 	submit_bio(&bio);
4165 	process_fd_request();
4166 
4167 	wait_for_completion(&cbdata.complete);
4168 
4169 	__free_page(page);
4170 
4171 	return 0;
4172 }
4173 
4174 /* revalidate the floppy disk, i.e. trigger format autodetection by reading
4175  * the bootblock (block 0). "Autodetection" is also needed to check whether
4176  * there is a disk in the drive at all... Thus we also do it for fixed
4177  * geometry formats */
floppy_revalidate(struct gendisk * disk)4178 static int floppy_revalidate(struct gendisk *disk)
4179 {
4180 	int drive = (long)disk->private_data;
4181 	int cf;
4182 	int res = 0;
4183 
4184 	if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4185 	    test_bit(FD_VERIFY_BIT, &drive_state[drive].flags) ||
4186 	    test_bit(drive, &fake_change) ||
4187 	    drive_no_geom(drive)) {
4188 		if (WARN(atomic_read(&usage_count) == 0,
4189 			 "VFS: revalidate called on non-open device.\n"))
4190 			return -EFAULT;
4191 
4192 		res = lock_fdc(drive);
4193 		if (res)
4194 			return res;
4195 		cf = (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4196 		      test_bit(FD_VERIFY_BIT, &drive_state[drive].flags));
4197 		if (!(cf || test_bit(drive, &fake_change) || drive_no_geom(drive))) {
4198 			process_fd_request();	/*already done by another thread */
4199 			return 0;
4200 		}
4201 		drive_state[drive].maxblock = 0;
4202 		drive_state[drive].maxtrack = 0;
4203 		if (buffer_drive == drive)
4204 			buffer_track = -1;
4205 		clear_bit(drive, &fake_change);
4206 		clear_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
4207 		if (cf)
4208 			drive_state[drive].generation++;
4209 		if (drive_no_geom(drive)) {
4210 			/* auto-sensing */
4211 			res = __floppy_read_block_0(opened_disk[drive]->part0,
4212 						    drive);
4213 		} else {
4214 			if (cf)
4215 				poll_drive(false, FD_RAW_NEED_DISK);
4216 			process_fd_request();
4217 		}
4218 	}
4219 	set_capacity(disk, floppy_sizes[drive_state[drive].fd_device]);
4220 	return res;
4221 }
4222 
4223 static const struct block_device_operations floppy_fops = {
4224 	.owner			= THIS_MODULE,
4225 	.open			= floppy_open,
4226 	.release		= floppy_release,
4227 	.ioctl			= fd_ioctl,
4228 	.getgeo			= fd_getgeo,
4229 	.check_events		= floppy_check_events,
4230 #ifdef CONFIG_COMPAT
4231 	.compat_ioctl		= fd_compat_ioctl,
4232 #endif
4233 };
4234 
4235 /*
4236  * Floppy Driver initialization
4237  * =============================
4238  */
4239 
4240 /* Determine the floppy disk controller type */
4241 /* This routine was written by David C. Niemi */
get_fdc_version(int fdc)4242 static char __init get_fdc_version(int fdc)
4243 {
4244 	int r;
4245 
4246 	output_byte(fdc, FD_DUMPREGS);	/* 82072 and better know DUMPREGS */
4247 	if (fdc_state[fdc].reset)
4248 		return FDC_NONE;
4249 	r = result(fdc);
4250 	if (r <= 0x00)
4251 		return FDC_NONE;	/* No FDC present ??? */
4252 	if ((r == 1) && (reply_buffer[ST0] == 0x80)) {
4253 		pr_info("FDC %d is an 8272A\n", fdc);
4254 		return FDC_8272A;	/* 8272a/765 don't know DUMPREGS */
4255 	}
4256 	if (r != 10) {
4257 		pr_info("FDC %d init: DUMPREGS: unexpected return of %d bytes.\n",
4258 			fdc, r);
4259 		return FDC_UNKNOWN;
4260 	}
4261 
4262 	if (!fdc_configure(fdc)) {
4263 		pr_info("FDC %d is an 82072\n", fdc);
4264 		return FDC_82072;	/* 82072 doesn't know CONFIGURE */
4265 	}
4266 
4267 	output_byte(fdc, FD_PERPENDICULAR);
4268 	if (need_more_output(fdc) == MORE_OUTPUT) {
4269 		output_byte(fdc, 0);
4270 	} else {
4271 		pr_info("FDC %d is an 82072A\n", fdc);
4272 		return FDC_82072A;	/* 82072A as found on Sparcs. */
4273 	}
4274 
4275 	output_byte(fdc, FD_UNLOCK);
4276 	r = result(fdc);
4277 	if ((r == 1) && (reply_buffer[ST0] == 0x80)) {
4278 		pr_info("FDC %d is a pre-1991 82077\n", fdc);
4279 		return FDC_82077_ORIG;	/* Pre-1991 82077, doesn't know
4280 					 * LOCK/UNLOCK */
4281 	}
4282 	if ((r != 1) || (reply_buffer[ST0] != 0x00)) {
4283 		pr_info("FDC %d init: UNLOCK: unexpected return of %d bytes.\n",
4284 			fdc, r);
4285 		return FDC_UNKNOWN;
4286 	}
4287 	output_byte(fdc, FD_PARTID);
4288 	r = result(fdc);
4289 	if (r != 1) {
4290 		pr_info("FDC %d init: PARTID: unexpected return of %d bytes.\n",
4291 			fdc, r);
4292 		return FDC_UNKNOWN;
4293 	}
4294 	if (reply_buffer[ST0] == 0x80) {
4295 		pr_info("FDC %d is a post-1991 82077\n", fdc);
4296 		return FDC_82077;	/* Revised 82077AA passes all the tests */
4297 	}
4298 	switch (reply_buffer[ST0] >> 5) {
4299 	case 0x0:
4300 		/* Either a 82078-1 or a 82078SL running at 5Volt */
4301 		pr_info("FDC %d is an 82078.\n", fdc);
4302 		return FDC_82078;
4303 	case 0x1:
4304 		pr_info("FDC %d is a 44pin 82078\n", fdc);
4305 		return FDC_82078;
4306 	case 0x2:
4307 		pr_info("FDC %d is a S82078B\n", fdc);
4308 		return FDC_S82078B;
4309 	case 0x3:
4310 		pr_info("FDC %d is a National Semiconductor PC87306\n", fdc);
4311 		return FDC_87306;
4312 	default:
4313 		pr_info("FDC %d init: 82078 variant with unknown PARTID=%d.\n",
4314 			fdc, reply_buffer[ST0] >> 5);
4315 		return FDC_82078_UNKN;
4316 	}
4317 }				/* get_fdc_version */
4318 
4319 /* lilo configuration */
4320 
floppy_set_flags(int * ints,int param,int param2)4321 static void __init floppy_set_flags(int *ints, int param, int param2)
4322 {
4323 	int i;
4324 
4325 	for (i = 0; i < ARRAY_SIZE(default_drive_params); i++) {
4326 		if (param)
4327 			default_drive_params[i].params.flags |= param2;
4328 		else
4329 			default_drive_params[i].params.flags &= ~param2;
4330 	}
4331 	DPRINT("%s flag 0x%x\n", param2 ? "Setting" : "Clearing", param);
4332 }
4333 
daring(int * ints,int param,int param2)4334 static void __init daring(int *ints, int param, int param2)
4335 {
4336 	int i;
4337 
4338 	for (i = 0; i < ARRAY_SIZE(default_drive_params); i++) {
4339 		if (param) {
4340 			default_drive_params[i].params.select_delay = 0;
4341 			default_drive_params[i].params.flags |=
4342 			    FD_SILENT_DCL_CLEAR;
4343 		} else {
4344 			default_drive_params[i].params.select_delay =
4345 			    2 * HZ / 100;
4346 			default_drive_params[i].params.flags &=
4347 			    ~FD_SILENT_DCL_CLEAR;
4348 		}
4349 	}
4350 	DPRINT("Assuming %s floppy hardware\n", param ? "standard" : "broken");
4351 }
4352 
set_cmos(int * ints,int dummy,int dummy2)4353 static void __init set_cmos(int *ints, int dummy, int dummy2)
4354 {
4355 	int current_drive = 0;
4356 
4357 	if (ints[0] != 2) {
4358 		DPRINT("wrong number of parameters for CMOS\n");
4359 		return;
4360 	}
4361 	current_drive = ints[1];
4362 	if (current_drive < 0 || current_drive >= 8) {
4363 		DPRINT("bad drive for set_cmos\n");
4364 		return;
4365 	}
4366 #if N_FDC > 1
4367 	if (current_drive >= 4 && !FDC2)
4368 		FDC2 = 0x370;
4369 #endif
4370 	drive_params[current_drive].cmos = ints[2];
4371 	DPRINT("setting CMOS code to %d\n", ints[2]);
4372 }
4373 
4374 static struct param_table {
4375 	const char *name;
4376 	void (*fn) (int *ints, int param, int param2);
4377 	int *var;
4378 	int def_param;
4379 	int param2;
4380 } config_params[] __initdata = {
4381 	{"allowed_drive_mask", NULL, &allowed_drive_mask, 0xff, 0}, /* obsolete */
4382 	{"all_drives", NULL, &allowed_drive_mask, 0xff, 0},	/* obsolete */
4383 	{"asus_pci", NULL, &allowed_drive_mask, 0x33, 0},
4384 	{"irq", NULL, &FLOPPY_IRQ, 6, 0},
4385 	{"dma", NULL, &FLOPPY_DMA, 2, 0},
4386 	{"daring", daring, NULL, 1, 0},
4387 #if N_FDC > 1
4388 	{"two_fdc", NULL, &FDC2, 0x370, 0},
4389 	{"one_fdc", NULL, &FDC2, 0, 0},
4390 #endif
4391 	{"thinkpad", floppy_set_flags, NULL, 1, FD_INVERTED_DCL},
4392 	{"broken_dcl", floppy_set_flags, NULL, 1, FD_BROKEN_DCL},
4393 	{"messages", floppy_set_flags, NULL, 1, FTD_MSG},
4394 	{"silent_dcl_clear", floppy_set_flags, NULL, 1, FD_SILENT_DCL_CLEAR},
4395 	{"debug", floppy_set_flags, NULL, 1, FD_DEBUG},
4396 	{"nodma", NULL, &can_use_virtual_dma, 1, 0},
4397 	{"omnibook", NULL, &can_use_virtual_dma, 1, 0},
4398 	{"yesdma", NULL, &can_use_virtual_dma, 0, 0},
4399 	{"fifo_depth", NULL, &fifo_depth, 0xa, 0},
4400 	{"nofifo", NULL, &no_fifo, 0x20, 0},
4401 	{"usefifo", NULL, &no_fifo, 0, 0},
4402 	{"cmos", set_cmos, NULL, 0, 0},
4403 	{"slow", NULL, &slow_floppy, 1, 0},
4404 	{"unexpected_interrupts", NULL, &print_unex, 1, 0},
4405 	{"no_unexpected_interrupts", NULL, &print_unex, 0, 0},
4406 	{"L40SX", NULL, &print_unex, 0, 0}
4407 
4408 	EXTRA_FLOPPY_PARAMS
4409 };
4410 
floppy_setup(char * str)4411 static int __init floppy_setup(char *str)
4412 {
4413 	int i;
4414 	int param;
4415 	int ints[11];
4416 
4417 	str = get_options(str, ARRAY_SIZE(ints), ints);
4418 	if (str) {
4419 		for (i = 0; i < ARRAY_SIZE(config_params); i++) {
4420 			if (strcmp(str, config_params[i].name) == 0) {
4421 				if (ints[0])
4422 					param = ints[1];
4423 				else
4424 					param = config_params[i].def_param;
4425 				if (config_params[i].fn)
4426 					config_params[i].fn(ints, param,
4427 							    config_params[i].
4428 							    param2);
4429 				if (config_params[i].var) {
4430 					DPRINT("%s=%d\n", str, param);
4431 					*config_params[i].var = param;
4432 				}
4433 				return 1;
4434 			}
4435 		}
4436 	}
4437 	if (str) {
4438 		DPRINT("unknown floppy option [%s]\n", str);
4439 
4440 		DPRINT("allowed options are:");
4441 		for (i = 0; i < ARRAY_SIZE(config_params); i++)
4442 			pr_cont(" %s", config_params[i].name);
4443 		pr_cont("\n");
4444 	} else
4445 		DPRINT("botched floppy option\n");
4446 	DPRINT("Read Documentation/admin-guide/blockdev/floppy.rst\n");
4447 	return 0;
4448 }
4449 
4450 static int have_no_fdc = -ENODEV;
4451 
floppy_cmos_show(struct device * dev,struct device_attribute * attr,char * buf)4452 static ssize_t floppy_cmos_show(struct device *dev,
4453 				struct device_attribute *attr, char *buf)
4454 {
4455 	struct platform_device *p = to_platform_device(dev);
4456 	int drive;
4457 
4458 	drive = p->id;
4459 	return sprintf(buf, "%X\n", drive_params[drive].cmos);
4460 }
4461 
4462 static DEVICE_ATTR(cmos, 0444, floppy_cmos_show, NULL);
4463 
4464 static struct attribute *floppy_dev_attrs[] = {
4465 	&dev_attr_cmos.attr,
4466 	NULL
4467 };
4468 
4469 ATTRIBUTE_GROUPS(floppy_dev);
4470 
floppy_device_release(struct device * dev)4471 static void floppy_device_release(struct device *dev)
4472 {
4473 }
4474 
floppy_resume(struct device * dev)4475 static int floppy_resume(struct device *dev)
4476 {
4477 	int fdc;
4478 	int saved_drive;
4479 
4480 	saved_drive = current_drive;
4481 	for (fdc = 0; fdc < N_FDC; fdc++)
4482 		if (fdc_state[fdc].address != -1)
4483 			user_reset_fdc(REVDRIVE(fdc, 0), FD_RESET_ALWAYS, false);
4484 	set_fdc(saved_drive);
4485 	return 0;
4486 }
4487 
4488 static const struct dev_pm_ops floppy_pm_ops = {
4489 	.resume = floppy_resume,
4490 	.restore = floppy_resume,
4491 };
4492 
4493 static struct platform_driver floppy_driver = {
4494 	.driver = {
4495 		   .name = "floppy",
4496 		   .pm = &floppy_pm_ops,
4497 	},
4498 };
4499 
4500 static const struct blk_mq_ops floppy_mq_ops = {
4501 	.queue_rq = floppy_queue_rq,
4502 };
4503 
4504 static struct platform_device floppy_device[N_DRIVE];
4505 static bool registered[N_DRIVE];
4506 
floppy_available(int drive)4507 static bool floppy_available(int drive)
4508 {
4509 	if (!(allowed_drive_mask & (1 << drive)))
4510 		return false;
4511 	if (fdc_state[FDC(drive)].version == FDC_NONE)
4512 		return false;
4513 	return true;
4514 }
4515 
floppy_alloc_disk(unsigned int drive,unsigned int type)4516 static int floppy_alloc_disk(unsigned int drive, unsigned int type)
4517 {
4518 	struct queue_limits lim = {
4519 		.max_hw_sectors		= 64,
4520 		.features		= BLK_FEAT_ROTATIONAL,
4521 	};
4522 	struct gendisk *disk;
4523 
4524 	disk = blk_mq_alloc_disk(&tag_sets[drive], &lim, NULL);
4525 	if (IS_ERR(disk))
4526 		return PTR_ERR(disk);
4527 
4528 	disk->major = FLOPPY_MAJOR;
4529 	disk->first_minor = TOMINOR(drive) | (type << 2);
4530 	disk->minors = 1;
4531 	disk->fops = &floppy_fops;
4532 	disk->flags |= GENHD_FL_NO_PART;
4533 	disk->events = DISK_EVENT_MEDIA_CHANGE;
4534 	if (type)
4535 		sprintf(disk->disk_name, "fd%d_type%d", drive, type);
4536 	else
4537 		sprintf(disk->disk_name, "fd%d", drive);
4538 	/* to be cleaned up... */
4539 	disk->private_data = (void *)(long)drive;
4540 	disk->flags |= GENHD_FL_REMOVABLE;
4541 
4542 	disks[drive][type] = disk;
4543 	return 0;
4544 }
4545 
4546 static DEFINE_MUTEX(floppy_probe_lock);
4547 
floppy_probe(dev_t dev)4548 static void floppy_probe(dev_t dev)
4549 {
4550 	unsigned int drive = (MINOR(dev) & 3) | ((MINOR(dev) & 0x80) >> 5);
4551 	unsigned int type = (MINOR(dev) >> 2) & 0x1f;
4552 
4553 	if (drive >= N_DRIVE || !floppy_available(drive) ||
4554 	    type >= ARRAY_SIZE(floppy_type))
4555 		return;
4556 
4557 	mutex_lock(&floppy_probe_lock);
4558 	if (disks[drive][type])
4559 		goto out;
4560 	if (floppy_alloc_disk(drive, type))
4561 		goto out;
4562 	if (add_disk(disks[drive][type]))
4563 		goto cleanup_disk;
4564 out:
4565 	mutex_unlock(&floppy_probe_lock);
4566 	return;
4567 
4568 cleanup_disk:
4569 	put_disk(disks[drive][type]);
4570 	disks[drive][type] = NULL;
4571 	mutex_unlock(&floppy_probe_lock);
4572 }
4573 
do_floppy_init(void)4574 static int __init do_floppy_init(void)
4575 {
4576 	int i, unit, drive, err;
4577 
4578 	set_debugt();
4579 	interruptjiffies = resultjiffies = jiffies;
4580 
4581 #if defined(CONFIG_PPC)
4582 	if (check_legacy_ioport(FDC1))
4583 		return -ENODEV;
4584 #endif
4585 
4586 	raw_cmd = NULL;
4587 
4588 	floppy_wq = alloc_ordered_workqueue("floppy", 0);
4589 	if (!floppy_wq)
4590 		return -ENOMEM;
4591 
4592 	for (drive = 0; drive < N_DRIVE; drive++) {
4593 		memset(&tag_sets[drive], 0, sizeof(tag_sets[drive]));
4594 		tag_sets[drive].ops = &floppy_mq_ops;
4595 		tag_sets[drive].nr_hw_queues = 1;
4596 		tag_sets[drive].nr_maps = 1;
4597 		tag_sets[drive].queue_depth = 2;
4598 		tag_sets[drive].numa_node = NUMA_NO_NODE;
4599 		tag_sets[drive].flags = BLK_MQ_F_SHOULD_MERGE;
4600 		err = blk_mq_alloc_tag_set(&tag_sets[drive]);
4601 		if (err)
4602 			goto out_put_disk;
4603 
4604 		err = floppy_alloc_disk(drive, 0);
4605 		if (err) {
4606 			blk_mq_free_tag_set(&tag_sets[drive]);
4607 			goto out_put_disk;
4608 		}
4609 
4610 		timer_setup(&motor_off_timer[drive], motor_off_callback, 0);
4611 	}
4612 
4613 	err = __register_blkdev(FLOPPY_MAJOR, "fd", floppy_probe);
4614 	if (err)
4615 		goto out_put_disk;
4616 
4617 	err = platform_driver_register(&floppy_driver);
4618 	if (err)
4619 		goto out_unreg_blkdev;
4620 
4621 	for (i = 0; i < 256; i++)
4622 		if (ITYPE(i))
4623 			floppy_sizes[i] = floppy_type[ITYPE(i)].size;
4624 		else
4625 			floppy_sizes[i] = MAX_DISK_SIZE << 1;
4626 
4627 	reschedule_timeout(MAXTIMEOUT, "floppy init");
4628 	config_types();
4629 
4630 	for (i = 0; i < N_FDC; i++) {
4631 		memset(&fdc_state[i], 0, sizeof(*fdc_state));
4632 		fdc_state[i].dtr = -1;
4633 		fdc_state[i].dor = 0x4;
4634 #if defined(__sparc__) || defined(__mc68000__)
4635 	/*sparcs/sun3x don't have a DOR reset which we can fall back on to */
4636 #ifdef __mc68000__
4637 		if (MACH_IS_SUN3X)
4638 #endif
4639 			fdc_state[i].version = FDC_82072A;
4640 #endif
4641 	}
4642 
4643 	use_virtual_dma = can_use_virtual_dma & 1;
4644 	fdc_state[0].address = FDC1;
4645 	if (fdc_state[0].address == -1) {
4646 		cancel_delayed_work(&fd_timeout);
4647 		err = -ENODEV;
4648 		goto out_unreg_driver;
4649 	}
4650 #if N_FDC > 1
4651 	fdc_state[1].address = FDC2;
4652 #endif
4653 
4654 	current_fdc = 0;	/* reset fdc in case of unexpected interrupt */
4655 	err = floppy_grab_irq_and_dma();
4656 	if (err) {
4657 		cancel_delayed_work(&fd_timeout);
4658 		err = -EBUSY;
4659 		goto out_unreg_driver;
4660 	}
4661 
4662 	/* initialise drive state */
4663 	for (drive = 0; drive < N_DRIVE; drive++) {
4664 		memset(&drive_state[drive], 0, sizeof(drive_state[drive]));
4665 		memset(&write_errors[drive], 0, sizeof(write_errors[drive]));
4666 		set_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[drive].flags);
4667 		set_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
4668 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
4669 		drive_state[drive].fd_device = -1;
4670 		floppy_track_buffer = NULL;
4671 		max_buffer_sectors = 0;
4672 	}
4673 	/*
4674 	 * Small 10 msec delay to let through any interrupt that
4675 	 * initialization might have triggered, to not
4676 	 * confuse detection:
4677 	 */
4678 	msleep(10);
4679 
4680 	for (i = 0; i < N_FDC; i++) {
4681 		fdc_state[i].driver_version = FD_DRIVER_VERSION;
4682 		for (unit = 0; unit < 4; unit++)
4683 			fdc_state[i].track[unit] = 0;
4684 		if (fdc_state[i].address == -1)
4685 			continue;
4686 		fdc_state[i].rawcmd = 2;
4687 		if (user_reset_fdc(REVDRIVE(i, 0), FD_RESET_ALWAYS, false)) {
4688 			/* free ioports reserved by floppy_grab_irq_and_dma() */
4689 			floppy_release_regions(i);
4690 			fdc_state[i].address = -1;
4691 			fdc_state[i].version = FDC_NONE;
4692 			continue;
4693 		}
4694 		/* Try to determine the floppy controller type */
4695 		fdc_state[i].version = get_fdc_version(i);
4696 		if (fdc_state[i].version == FDC_NONE) {
4697 			/* free ioports reserved by floppy_grab_irq_and_dma() */
4698 			floppy_release_regions(i);
4699 			fdc_state[i].address = -1;
4700 			continue;
4701 		}
4702 		if (can_use_virtual_dma == 2 &&
4703 		    fdc_state[i].version < FDC_82072A)
4704 			can_use_virtual_dma = 0;
4705 
4706 		have_no_fdc = 0;
4707 		/* Not all FDCs seem to be able to handle the version command
4708 		 * properly, so force a reset for the standard FDC clones,
4709 		 * to avoid interrupt garbage.
4710 		 */
4711 		user_reset_fdc(REVDRIVE(i, 0), FD_RESET_ALWAYS, false);
4712 	}
4713 	current_fdc = 0;
4714 	cancel_delayed_work(&fd_timeout);
4715 	current_drive = 0;
4716 	initialized = true;
4717 	if (have_no_fdc) {
4718 		DPRINT("no floppy controllers found\n");
4719 		err = have_no_fdc;
4720 		goto out_release_dma;
4721 	}
4722 
4723 	for (drive = 0; drive < N_DRIVE; drive++) {
4724 		if (!floppy_available(drive))
4725 			continue;
4726 
4727 		floppy_device[drive].name = floppy_device_name;
4728 		floppy_device[drive].id = drive;
4729 		floppy_device[drive].dev.release = floppy_device_release;
4730 		floppy_device[drive].dev.groups = floppy_dev_groups;
4731 
4732 		err = platform_device_register(&floppy_device[drive]);
4733 		if (err)
4734 			goto out_remove_drives;
4735 
4736 		registered[drive] = true;
4737 
4738 		err = device_add_disk(&floppy_device[drive].dev,
4739 				      disks[drive][0], NULL);
4740 		if (err)
4741 			goto out_remove_drives;
4742 	}
4743 
4744 	return 0;
4745 
4746 out_remove_drives:
4747 	while (drive--) {
4748 		if (floppy_available(drive)) {
4749 			del_gendisk(disks[drive][0]);
4750 			if (registered[drive])
4751 				platform_device_unregister(&floppy_device[drive]);
4752 		}
4753 	}
4754 out_release_dma:
4755 	if (atomic_read(&usage_count))
4756 		floppy_release_irq_and_dma();
4757 out_unreg_driver:
4758 	platform_driver_unregister(&floppy_driver);
4759 out_unreg_blkdev:
4760 	unregister_blkdev(FLOPPY_MAJOR, "fd");
4761 out_put_disk:
4762 	destroy_workqueue(floppy_wq);
4763 	for (drive = 0; drive < N_DRIVE; drive++) {
4764 		if (!disks[drive][0])
4765 			break;
4766 		del_timer_sync(&motor_off_timer[drive]);
4767 		put_disk(disks[drive][0]);
4768 		blk_mq_free_tag_set(&tag_sets[drive]);
4769 	}
4770 	return err;
4771 }
4772 
4773 #ifndef MODULE
floppy_async_init(void * data,async_cookie_t cookie)4774 static __init void floppy_async_init(void *data, async_cookie_t cookie)
4775 {
4776 	do_floppy_init();
4777 }
4778 #endif
4779 
floppy_init(void)4780 static int __init floppy_init(void)
4781 {
4782 #ifdef MODULE
4783 	return do_floppy_init();
4784 #else
4785 	/* Don't hold up the bootup by the floppy initialization */
4786 	async_schedule(floppy_async_init, NULL);
4787 	return 0;
4788 #endif
4789 }
4790 
4791 static const struct io_region {
4792 	int offset;
4793 	int size;
4794 } io_regions[] = {
4795 	{ 2, 1 },
4796 	/* address + 3 is sometimes reserved by pnp bios for motherboard */
4797 	{ 4, 2 },
4798 	/* address + 6 is reserved, and may be taken by IDE.
4799 	 * Unfortunately, Adaptec doesn't know this :-(, */
4800 	{ 7, 1 },
4801 };
4802 
floppy_release_allocated_regions(int fdc,const struct io_region * p)4803 static void floppy_release_allocated_regions(int fdc, const struct io_region *p)
4804 {
4805 	while (p != io_regions) {
4806 		p--;
4807 		release_region(fdc_state[fdc].address + p->offset, p->size);
4808 	}
4809 }
4810 
4811 #define ARRAY_END(X) (&((X)[ARRAY_SIZE(X)]))
4812 
floppy_request_regions(int fdc)4813 static int floppy_request_regions(int fdc)
4814 {
4815 	const struct io_region *p;
4816 
4817 	for (p = io_regions; p < ARRAY_END(io_regions); p++) {
4818 		if (!request_region(fdc_state[fdc].address + p->offset,
4819 				    p->size, "floppy")) {
4820 			DPRINT("Floppy io-port 0x%04lx in use\n",
4821 			       fdc_state[fdc].address + p->offset);
4822 			floppy_release_allocated_regions(fdc, p);
4823 			return -EBUSY;
4824 		}
4825 	}
4826 	return 0;
4827 }
4828 
floppy_release_regions(int fdc)4829 static void floppy_release_regions(int fdc)
4830 {
4831 	floppy_release_allocated_regions(fdc, ARRAY_END(io_regions));
4832 }
4833 
floppy_grab_irq_and_dma(void)4834 static int floppy_grab_irq_and_dma(void)
4835 {
4836 	int fdc;
4837 
4838 	if (atomic_inc_return(&usage_count) > 1)
4839 		return 0;
4840 
4841 	/*
4842 	 * We might have scheduled a free_irq(), wait it to
4843 	 * drain first:
4844 	 */
4845 	flush_workqueue(floppy_wq);
4846 
4847 	if (fd_request_irq()) {
4848 		DPRINT("Unable to grab IRQ%d for the floppy driver\n",
4849 		       FLOPPY_IRQ);
4850 		atomic_dec(&usage_count);
4851 		return -1;
4852 	}
4853 	if (fd_request_dma()) {
4854 		DPRINT("Unable to grab DMA%d for the floppy driver\n",
4855 		       FLOPPY_DMA);
4856 		if (can_use_virtual_dma & 2)
4857 			use_virtual_dma = can_use_virtual_dma = 1;
4858 		if (!(can_use_virtual_dma & 1)) {
4859 			fd_free_irq();
4860 			atomic_dec(&usage_count);
4861 			return -1;
4862 		}
4863 	}
4864 
4865 	for (fdc = 0; fdc < N_FDC; fdc++) {
4866 		if (fdc_state[fdc].address != -1) {
4867 			if (floppy_request_regions(fdc))
4868 				goto cleanup;
4869 		}
4870 	}
4871 	for (fdc = 0; fdc < N_FDC; fdc++) {
4872 		if (fdc_state[fdc].address != -1) {
4873 			reset_fdc_info(fdc, 1);
4874 			fdc_outb(fdc_state[fdc].dor, fdc, FD_DOR);
4875 		}
4876 	}
4877 
4878 	set_dor(0, ~0, 8);	/* avoid immediate interrupt */
4879 
4880 	for (fdc = 0; fdc < N_FDC; fdc++)
4881 		if (fdc_state[fdc].address != -1)
4882 			fdc_outb(fdc_state[fdc].dor, fdc, FD_DOR);
4883 	/*
4884 	 * The driver will try and free resources and relies on us
4885 	 * to know if they were allocated or not.
4886 	 */
4887 	current_fdc = 0;
4888 	irqdma_allocated = 1;
4889 	return 0;
4890 cleanup:
4891 	fd_free_irq();
4892 	fd_free_dma();
4893 	while (--fdc >= 0)
4894 		floppy_release_regions(fdc);
4895 	current_fdc = 0;
4896 	atomic_dec(&usage_count);
4897 	return -1;
4898 }
4899 
floppy_release_irq_and_dma(void)4900 static void floppy_release_irq_and_dma(void)
4901 {
4902 	int fdc;
4903 #ifndef __sparc__
4904 	int drive;
4905 #endif
4906 	long tmpsize;
4907 	unsigned long tmpaddr;
4908 
4909 	if (!atomic_dec_and_test(&usage_count))
4910 		return;
4911 
4912 	if (irqdma_allocated) {
4913 		fd_disable_dma();
4914 		fd_free_dma();
4915 		fd_free_irq();
4916 		irqdma_allocated = 0;
4917 	}
4918 	set_dor(0, ~0, 8);
4919 #if N_FDC > 1
4920 	set_dor(1, ~8, 0);
4921 #endif
4922 
4923 	if (floppy_track_buffer && max_buffer_sectors) {
4924 		tmpsize = max_buffer_sectors * 1024;
4925 		tmpaddr = (unsigned long)floppy_track_buffer;
4926 		floppy_track_buffer = NULL;
4927 		max_buffer_sectors = 0;
4928 		buffer_min = buffer_max = -1;
4929 		fd_dma_mem_free(tmpaddr, tmpsize);
4930 	}
4931 #ifndef __sparc__
4932 	for (drive = 0; drive < N_FDC * 4; drive++)
4933 		if (timer_pending(motor_off_timer + drive))
4934 			pr_info("motor off timer %d still active\n", drive);
4935 #endif
4936 
4937 	if (delayed_work_pending(&fd_timeout))
4938 		pr_info("floppy timer still active:%s\n", timeout_message);
4939 	if (delayed_work_pending(&fd_timer))
4940 		pr_info("auxiliary floppy timer still active\n");
4941 	if (work_pending(&floppy_work))
4942 		pr_info("work still pending\n");
4943 	for (fdc = 0; fdc < N_FDC; fdc++)
4944 		if (fdc_state[fdc].address != -1)
4945 			floppy_release_regions(fdc);
4946 }
4947 
4948 #ifdef MODULE
4949 
4950 static char *floppy;
4951 
parse_floppy_cfg_string(char * cfg)4952 static void __init parse_floppy_cfg_string(char *cfg)
4953 {
4954 	char *ptr;
4955 
4956 	while (*cfg) {
4957 		ptr = cfg;
4958 		while (*cfg && *cfg != ' ' && *cfg != '\t')
4959 			cfg++;
4960 		if (*cfg) {
4961 			*cfg = '\0';
4962 			cfg++;
4963 		}
4964 		if (*ptr)
4965 			floppy_setup(ptr);
4966 	}
4967 }
4968 
floppy_module_init(void)4969 static int __init floppy_module_init(void)
4970 {
4971 	if (floppy)
4972 		parse_floppy_cfg_string(floppy);
4973 	return floppy_init();
4974 }
4975 module_init(floppy_module_init);
4976 
floppy_module_exit(void)4977 static void __exit floppy_module_exit(void)
4978 {
4979 	int drive, i;
4980 
4981 	unregister_blkdev(FLOPPY_MAJOR, "fd");
4982 	platform_driver_unregister(&floppy_driver);
4983 
4984 	destroy_workqueue(floppy_wq);
4985 
4986 	for (drive = 0; drive < N_DRIVE; drive++) {
4987 		del_timer_sync(&motor_off_timer[drive]);
4988 
4989 		if (floppy_available(drive)) {
4990 			for (i = 0; i < ARRAY_SIZE(floppy_type); i++) {
4991 				if (disks[drive][i])
4992 					del_gendisk(disks[drive][i]);
4993 			}
4994 			if (registered[drive])
4995 				platform_device_unregister(&floppy_device[drive]);
4996 		}
4997 		for (i = 0; i < ARRAY_SIZE(floppy_type); i++) {
4998 			if (disks[drive][i])
4999 				put_disk(disks[drive][i]);
5000 		}
5001 		blk_mq_free_tag_set(&tag_sets[drive]);
5002 	}
5003 
5004 	cancel_delayed_work_sync(&fd_timeout);
5005 	cancel_delayed_work_sync(&fd_timer);
5006 
5007 	if (atomic_read(&usage_count))
5008 		floppy_release_irq_and_dma();
5009 
5010 	/* eject disk, if any */
5011 	fd_eject(0);
5012 }
5013 
5014 module_exit(floppy_module_exit);
5015 
5016 module_param(floppy, charp, 0);
5017 module_param(FLOPPY_IRQ, int, 0);
5018 module_param(FLOPPY_DMA, int, 0);
5019 MODULE_AUTHOR("Alain L. Knaff");
5020 MODULE_DESCRIPTION("Normal floppy disk support");
5021 MODULE_LICENSE("GPL");
5022 
5023 /* This doesn't actually get used other than for module information */
5024 static const struct pnp_device_id floppy_pnpids[] = {
5025 	{"PNP0700", 0},
5026 	{}
5027 };
5028 
5029 MODULE_DEVICE_TABLE(pnp, floppy_pnpids);
5030 
5031 #else
5032 
5033 __setup("floppy=", floppy_setup);
5034 module_init(floppy_init)
5035 #endif
5036 
5037 MODULE_ALIAS_BLOCKDEV_MAJOR(FLOPPY_MAJOR);
5038