1 /* Driver for USB Mass Storage compliant devices
2 *
3 * $Id: transport.c,v 1.44 2002/02/25 00:43:41 mdharm Exp $
4 *
5 * Current development and maintenance by:
6 * (c) 1999-2002 Matthew Dharm (mdharm-usb@one-eyed-alien.net)
7 *
8 * Developed with the assistance of:
9 * (c) 2000 David L. Brown, Jr. (usb-storage@davidb.org)
10 * (c) 2000 Stephen J. Gowdy (SGowdy@lbl.gov)
11 * (c) 2002 Alan Stern <stern@rowland.org>
12 *
13 * Initial work by:
14 * (c) 1999 Michael Gee (michael@linuxspecific.com)
15 *
16 * This driver is based on the 'USB Mass Storage Class' document. This
17 * describes in detail the protocol used to communicate with such
18 * devices. Clearly, the designers had SCSI and ATAPI commands in
19 * mind when they created this document. The commands are all very
20 * similar to commands in the SCSI-II and ATAPI specifications.
21 *
22 * It is important to note that in a number of cases this class
23 * exhibits class-specific exemptions from the USB specification.
24 * Notably the usage of NAK, STALL and ACK differs from the norm, in
25 * that they are used to communicate wait, failed and OK on commands.
26 *
27 * Also, for certain devices, the interrupt endpoint is used to convey
28 * status of a command.
29 *
30 * Please see http://www.one-eyed-alien.net/~mdharm/linux-usb for more
31 * information about this driver.
32 *
33 * This program is free software; you can redistribute it and/or modify it
34 * under the terms of the GNU General Public License as published by the
35 * Free Software Foundation; either version 2, or (at your option) any
36 * later version.
37 *
38 * This program is distributed in the hope that it will be useful, but
39 * WITHOUT ANY WARRANTY; without even the implied warranty of
40 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
41 * General Public License for more details.
42 *
43 * You should have received a copy of the GNU General Public License along
44 * with this program; if not, write to the Free Software Foundation, Inc.,
45 * 675 Mass Ave, Cambridge, MA 02139, USA.
46 */
47
48 #include <linux/config.h>
49 #include "transport.h"
50 #include "protocol.h"
51 #include "usb.h"
52 #include "debug.h"
53
54 #include <linux/sched.h>
55 #include <linux/errno.h>
56 #include <linux/slab.h>
57
58 /***********************************************************************
59 * Helper routines
60 ***********************************************************************/
61
62 /* Calculate the length of the data transfer (not the command) for any
63 * given SCSI command
64 */
usb_stor_transfer_length(Scsi_Cmnd * srb)65 unsigned int usb_stor_transfer_length(Scsi_Cmnd *srb)
66 {
67 int i;
68 int doDefault = 0;
69 unsigned int len = 0;
70 unsigned int total = 0;
71 struct scatterlist *sg;
72
73 /* This table tells us:
74 X = command not supported
75 L = return length in cmnd[4] (8 bits).
76 M = return length in cmnd[8] (8 bits).
77 G = return length in cmnd[3] and cmnd[4] (16 bits)
78 H = return length in cmnd[7] and cmnd[8] (16 bits)
79 I = return length in cmnd[8] and cmnd[9] (16 bits)
80 C = return length in cmnd[2] to cmnd[5] (32 bits)
81 D = return length in cmnd[6] to cmnd[9] (32 bits)
82 B = return length in blocksize so we use buff_len
83 R = return length in cmnd[2] to cmnd[4] (24 bits)
84 S = return length in cmnd[3] to cmnd[5] (24 bits)
85 T = return length in cmnd[6] to cmnd[8] (24 bits)
86 U = return length in cmnd[7] to cmnd[9] (24 bits)
87 0-9 = fixed return length
88 V = 20 bytes
89 W = 24 bytes
90 Z = return length is mode dependant or not in command, use buff_len
91 */
92
93 static char *lengths =
94
95 /* 0123456789ABCDEF 0123456789ABCDEF */
96
97 "00XLZ6XZBXBBXXXB" "00LBBLG0R0L0GG0X" /* 00-1F */
98 "XXXXT8XXB4B0BBBB" "ZZZ0B00HCSSZTBHH" /* 20-3F */
99 "M0HHB0X000H0HH0X" "XHH0HHXX0TH0H0XX" /* 40-5F */
100 "XXXXXXXXXXXXXXXX" "XXXXXXXXXXXXXXXX" /* 60-7F */
101 "XXXXXXXXXXXXXXXX" "XXXXXXXXXXXXXXXX" /* 80-9F */
102 "X0XXX00XB0BXBXBB" "ZZZ0XUIDU000XHBX" /* A0-BF */
103 "XXXXXXXXXXXXXXXX" "XXXXXXXXXXXXXXXX" /* C0-DF */
104 "XDXXXXXXXXXXXXXX" "XXW00HXXXXXXXXXX"; /* E0-FF */
105
106 /* Commands checked in table:
107
108 CHANGE_DEFINITION 40
109 COMPARE 39
110 COPY 18
111 COPY_AND_VERIFY 3a
112 ERASE 19
113 ERASE_10 2c
114 ERASE_12 ac
115 EXCHANGE_MEDIUM a6
116 FORMAT_UNIT 04
117 GET_DATA_BUFFER_STATUS 34
118 GET_MESSAGE_10 28
119 GET_MESSAGE_12 a8
120 GET_WINDOW 25 !!! Has more data than READ_CAPACITY, need to fix table
121 INITIALIZE_ELEMENT_STATUS 07 !!! REASSIGN_BLOCKS luckily uses buff_len
122 INQUIRY 12
123 LOAD_UNLOAD 1b
124 LOCATE 2b
125 LOCK_UNLOCK_CACHE 36
126 LOG_SELECT 4c
127 LOG_SENSE 4d
128 MEDIUM_SCAN 38 !!! This was M
129 MODE_SELECT6 15
130 MODE_SELECT_10 55
131 MODE_SENSE_6 1a
132 MODE_SENSE_10 5a
133 MOVE_MEDIUM a5
134 OBJECT_POSITION 31 !!! Same as SEARCH_DATA_EQUAL
135 PAUSE_RESUME 4b
136 PLAY_AUDIO_10 45
137 PLAY_AUDIO_12 a5
138 PLAY_AUDIO_MSF 47
139 PLAY_AUDIO_TRACK_INDEX 48
140 PLAY_AUDIO_TRACK_RELATIVE_10 49
141 PLAY_AUDIO_TRACK_RELATIVE_12 a9
142 POSITION_TO_ELEMENT 2b
143 PRE-FETCH 34
144 PREVENT_ALLOW_MEDIUM_REMOVAL 1e
145 PRINT 0a !!! Same as WRITE_6 but is always in bytes
146 READ_6 08
147 READ_10 28
148 READ_12 a8
149 READ_BLOCK_LIMITS 05
150 READ_BUFFER 3c
151 READ_CAPACITY 25
152 READ_CDROM_CAPACITY 25
153 READ_DEFECT_DATA 37
154 READ_DEFECT_DATA_12 b7
155 READ_ELEMENT_STATUS b8 !!! Think this is in bytes
156 READ_GENERATION 29 !!! Could also be M?
157 READ_HEADER 44 !!! This was L
158 READ_LONG 3e
159 READ_POSITION 34 !!! This should be V but conflicts with PRE-FETCH
160 READ_REVERSE 0f
161 READ_SUB-CHANNEL 42 !!! Is this in bytes?
162 READ_TOC 43 !!! Is this in bytes?
163 READ_UPDATED_BLOCK 2d
164 REASSIGN_BLOCKS 07
165 RECEIVE 08 !!! Same as READ_6 probably in bytes though
166 RECEIVE_DIAGNOSTIC_RESULTS 1c
167 RECOVER_BUFFERED_DATA 14 !!! For PRINTERs this is bytes
168 RELEASE_UNIT 17
169 REQUEST_SENSE 03
170 REQUEST_VOLUME_ELEMENT_ADDRESS b5 !!! Think this is in bytes
171 RESERVE_UNIT 16
172 REWIND 01
173 REZERO_UNIT 01
174 SCAN 1b !!! Conflicts with various commands, should be L
175 SEARCH_DATA_EQUAL 31
176 SEARCH_DATA_EQUAL_12 b1
177 SEARCH_DATA_LOW 30
178 SEARCH_DATA_LOW_12 b0
179 SEARCH_DATA_HIGH 32
180 SEARCH_DATA_HIGH_12 b2
181 SEEK_6 0b !!! Conflicts with SLEW_AND_PRINT
182 SEEK_10 2b
183 SEND 0a !!! Same as WRITE_6, probably in bytes though
184 SEND 2a !!! Similar to WRITE_10 but for scanners
185 SEND_DIAGNOSTIC 1d
186 SEND_MESSAGE_6 0a !!! Same as WRITE_6 - is in bytes
187 SEND_MESSAGE_10 2a !!! Same as WRITE_10 - is in bytes
188 SEND_MESSAGE_12 aa !!! Same as WRITE_12 - is in bytes
189 SEND_OPC 54
190 SEND_VOLUME_TAG b6 !!! Think this is in bytes
191 SET_LIMITS 33
192 SET_LIMITS_12 b3
193 SET_WINDOW 24
194 SLEW_AND_PRINT 0b !!! Conflicts with SEEK_6
195 SPACE 11
196 START_STOP_UNIT 1b
197 STOP_PRINT 1b
198 SYNCHRONIZE_BUFFER 10
199 SYNCHRONIZE_CACHE 35
200 TEST_UNIT_READY 00
201 UPDATE_BLOCK 3d
202 VERIFY 13
203 VERIFY 2f
204 VERIFY_12 af
205 WRITE_6 0a
206 WRITE_10 2a
207 WRITE_12 aa
208 WRITE_AND_VERIFY 2e
209 WRITE_AND_VERIFY_12 ae
210 WRITE_BUFFER 3b
211 WRITE_FILEMARKS 10
212 WRITE_LONG 3f
213 WRITE_SAME 41
214 */
215
216 if (srb->sc_data_direction == SCSI_DATA_WRITE) {
217 doDefault = 1;
218 }
219 else
220 switch (lengths[srb->cmnd[0]]) {
221 case 'L':
222 len = srb->cmnd[4];
223 break;
224
225 case 'M':
226 len = srb->cmnd[8];
227 break;
228
229 case '0':
230 case '1':
231 case '2':
232 case '3':
233 case '4':
234 case '5':
235 case '6':
236 case '7':
237 case '8':
238 case '9':
239 len = lengths[srb->cmnd[0]]-'0';
240 break;
241
242 case 'G':
243 len = (((unsigned int)srb->cmnd[3])<<8) |
244 srb->cmnd[4];
245 break;
246
247 case 'H':
248 len = (((unsigned int)srb->cmnd[7])<<8) |
249 srb->cmnd[8];
250 break;
251
252 case 'I':
253 len = (((unsigned int)srb->cmnd[8])<<8) |
254 srb->cmnd[9];
255 break;
256
257 case 'R':
258 len = (((unsigned int)srb->cmnd[2])<<16) |
259 (((unsigned int)srb->cmnd[3])<<8) |
260 srb->cmnd[4];
261 break;
262
263 case 'S':
264 len = (((unsigned int)srb->cmnd[3])<<16) |
265 (((unsigned int)srb->cmnd[4])<<8) |
266 srb->cmnd[5];
267 break;
268
269 case 'T':
270 len = (((unsigned int)srb->cmnd[6])<<16) |
271 (((unsigned int)srb->cmnd[7])<<8) |
272 srb->cmnd[8];
273 break;
274
275 case 'U':
276 len = (((unsigned int)srb->cmnd[7])<<16) |
277 (((unsigned int)srb->cmnd[8])<<8) |
278 srb->cmnd[9];
279 break;
280
281 case 'C':
282 len = (((unsigned int)srb->cmnd[2])<<24) |
283 (((unsigned int)srb->cmnd[3])<<16) |
284 (((unsigned int)srb->cmnd[4])<<8) |
285 srb->cmnd[5];
286 break;
287
288 case 'D':
289 len = (((unsigned int)srb->cmnd[6])<<24) |
290 (((unsigned int)srb->cmnd[7])<<16) |
291 (((unsigned int)srb->cmnd[8])<<8) |
292 srb->cmnd[9];
293 break;
294
295 case 'V':
296 len = 20;
297 break;
298
299 case 'W':
300 len = 24;
301 break;
302
303 case 'B':
304 /* Use buffer size due to different block sizes */
305 doDefault = 1;
306 break;
307
308 case 'X':
309 US_DEBUGP("Error: UNSUPPORTED COMMAND %02X\n",
310 srb->cmnd[0]);
311 doDefault = 1;
312 break;
313
314 case 'Z':
315 /* Use buffer size due to mode dependence */
316 doDefault = 1;
317 break;
318
319 default:
320 US_DEBUGP("Error: COMMAND %02X out of range or table inconsistent (%c).\n",
321 srb->cmnd[0], lengths[srb->cmnd[0]] );
322 doDefault = 1;
323 }
324
325 if ( doDefault == 1 ) {
326 /* Are we going to scatter gather? */
327 if (srb->use_sg) {
328 /* Add up the sizes of all the sg segments */
329 sg = (struct scatterlist *) srb->request_buffer;
330 for (i = 0; i < srb->use_sg; i++)
331 total += sg[i].length;
332 len = total;
333 }
334 else
335 /* Just return the length of the buffer */
336 len = srb->request_bufflen;
337 }
338
339 return len;
340 }
341
342 /***********************************************************************
343 * Data transfer routines
344 ***********************************************************************/
345
346 /* This is the completion handler which will wake us up when an URB
347 * completes.
348 */
usb_stor_blocking_completion(struct urb * urb)349 static void usb_stor_blocking_completion(struct urb *urb)
350 {
351 struct completion *urb_done_ptr = (struct completion *)urb->context;
352
353 complete(urb_done_ptr);
354 }
355
356 /* This is our function to emulate usb_control_msg() but give us enough
357 * access to make aborts/resets work
358 */
usb_stor_control_msg(struct us_data * us,unsigned int pipe,u8 request,u8 requesttype,u16 value,u16 index,void * data,u16 size)359 int usb_stor_control_msg(struct us_data *us, unsigned int pipe,
360 u8 request, u8 requesttype, u16 value, u16 index,
361 void *data, u16 size)
362 {
363 int status;
364 struct usb_ctrlrequest *dr;
365
366 /* allocate the device request structure */
367 dr = kmalloc(sizeof(struct usb_ctrlrequest), GFP_NOIO);
368 if (!dr)
369 return -ENOMEM;
370
371 /* fill in the structure */
372 dr->bRequestType = requesttype;
373 dr->bRequest = request;
374 dr->wValue = cpu_to_le16(value);
375 dr->wIndex = cpu_to_le16(index);
376 dr->wLength = cpu_to_le16(size);
377
378 /* set up data structures for the wakeup system */
379 init_completion(&us->current_done);
380
381 /* lock the URB */
382 down(&(us->current_urb_sem));
383
384 /* fill the URB */
385 FILL_CONTROL_URB(us->current_urb, us->pusb_dev, pipe,
386 (unsigned char*) dr, data, size,
387 usb_stor_blocking_completion, &us->current_done);
388 us->current_urb->actual_length = 0;
389 us->current_urb->error_count = 0;
390 us->current_urb->transfer_flags = USB_ASYNC_UNLINK;
391 us->current_urb->status = 0;
392
393 /* submit the URB */
394 status = usb_submit_urb(us->current_urb);
395 if (status) {
396 /* something went wrong */
397 up(&(us->current_urb_sem));
398 kfree(dr);
399 return status;
400 }
401
402 /* wait for the completion of the URB */
403 up(&(us->current_urb_sem));
404 wait_for_completion(&us->current_done);
405 down(&(us->current_urb_sem));
406
407 /* return the actual length of the data transferred if no error*/
408 status = us->current_urb->status;
409 if (status == -ENOENT)
410 status = -ECONNRESET;
411 if (status >= 0)
412 status = us->current_urb->actual_length;
413
414 /* release the lock and return status */
415 up(&(us->current_urb_sem));
416 kfree(dr);
417 return status;
418 }
419
420 /* This is our function to emulate usb_bulk_msg() but give us enough
421 * access to make aborts/resets work
422 */
usb_stor_bulk_msg(struct us_data * us,void * data,int pipe,unsigned int len,unsigned int * act_len)423 int usb_stor_bulk_msg(struct us_data *us, void *data, int pipe,
424 unsigned int len, unsigned int *act_len)
425 {
426 int status;
427
428 /* set up data structures for the wakeup system */
429 init_completion(&us->current_done);
430
431 /* lock the URB */
432 down(&(us->current_urb_sem));
433
434 /* fill the URB */
435 FILL_BULK_URB(us->current_urb, us->pusb_dev, pipe, data, len,
436 usb_stor_blocking_completion, &us->current_done);
437 us->current_urb->actual_length = 0;
438 us->current_urb->error_count = 0;
439 us->current_urb->transfer_flags = USB_ASYNC_UNLINK;
440 us->current_urb->status = 0;
441
442 /* submit the URB */
443 status = usb_submit_urb(us->current_urb);
444 if (status) {
445 /* something went wrong */
446 up(&(us->current_urb_sem));
447 return status;
448 }
449
450 /* wait for the completion of the URB */
451 up(&(us->current_urb_sem));
452 wait_for_completion(&us->current_done);
453 down(&(us->current_urb_sem));
454 if (us->current_urb->status == -ENOENT)
455 us->current_urb->status = -ECONNRESET;
456
457 /* return the actual length of the data transferred */
458 *act_len = us->current_urb->actual_length;
459
460 /* release the lock and return status */
461 up(&(us->current_urb_sem));
462 return us->current_urb->status;
463 }
464
465 /* This is a version of usb_clear_halt() that doesn't read the status from
466 * the device -- this is because some devices crash their internal firmware
467 * when the status is requested after a halt
468 */
usb_stor_clear_halt(struct us_data * us,int pipe)469 int usb_stor_clear_halt(struct us_data *us, int pipe)
470 {
471 int result;
472 int endp = usb_pipeendpoint(pipe) | (usb_pipein(pipe) << 7);
473
474 result = usb_stor_control_msg(us,
475 usb_sndctrlpipe(us->pusb_dev, 0),
476 USB_REQ_CLEAR_FEATURE, USB_RECIP_ENDPOINT, 0,
477 endp, NULL, 0); /* note: no 3*HZ timeout */
478 US_DEBUGP("usb_stor_clear_halt: result=%d\n", result);
479
480 /* this is a failure case */
481 if (result < 0)
482 return result;
483
484 /* reset the toggles and endpoint flags */
485 usb_endpoint_running(us->pusb_dev, usb_pipeendpoint(pipe),
486 usb_pipeout(pipe));
487 usb_settoggle(us->pusb_dev, usb_pipeendpoint(pipe),
488 usb_pipeout(pipe), 0);
489
490 return 0;
491 }
492
493 /*
494 * Transfer one SCSI scatter-gather buffer via bulk transfer
495 *
496 * Note that this function is necessary because we want the ability to
497 * use scatter-gather memory. Good performance is achieved by a combination
498 * of scatter-gather and clustering (which makes each chunk bigger).
499 *
500 * Note that the lower layer will always retry when a NAK occurs, up to the
501 * timeout limit. Thus we don't have to worry about it for individual
502 * packets.
503 */
usb_stor_transfer_partial(struct us_data * us,char * buf,int length)504 int usb_stor_transfer_partial(struct us_data *us, char *buf, int length)
505 {
506 int result;
507 int partial;
508 int pipe;
509
510 /* calculate the appropriate pipe information */
511 if (us->srb->sc_data_direction == SCSI_DATA_READ)
512 pipe = usb_rcvbulkpipe(us->pusb_dev, us->ep_in);
513 else
514 pipe = usb_sndbulkpipe(us->pusb_dev, us->ep_out);
515
516 /* transfer the data */
517 US_DEBUGP("usb_stor_transfer_partial(): xfer %d bytes\n", length);
518 result = usb_stor_bulk_msg(us, buf, pipe, length, &partial);
519 US_DEBUGP("usb_stor_bulk_msg() returned %d xferred %d/%d\n",
520 result, partial, length);
521
522 /* if we stall, we need to clear it before we go on */
523 if (result == -EPIPE) {
524 US_DEBUGP("clearing endpoint halt for pipe 0x%x\n", pipe);
525 usb_stor_clear_halt(us, pipe);
526 }
527
528 /* did we abort this command? */
529 if (result == -ECONNRESET) {
530 US_DEBUGP("usb_stor_transfer_partial(): transfer aborted\n");
531 return US_BULK_TRANSFER_ABORTED;
532 }
533
534 /* did we send all the data? */
535 if (partial == length) {
536 US_DEBUGP("usb_stor_transfer_partial(): transfer complete\n");
537 return US_BULK_TRANSFER_GOOD;
538 }
539
540 /* NAK - that means we've retried a few times already */
541 if (result == -ETIMEDOUT) {
542 US_DEBUGP("usb_stor_transfer_partial(): device NAKed\n");
543 return US_BULK_TRANSFER_FAILED;
544 }
545
546 /* the catch-all error case */
547 if (result) {
548 US_DEBUGP("usb_stor_transfer_partial(): unknown error\n");
549 return US_BULK_TRANSFER_FAILED;
550 }
551
552 /* no error code, so we must have transferred some data,
553 * just not all of it */
554 return US_BULK_TRANSFER_SHORT;
555 }
556
557 /*
558 * Transfer an entire SCSI command's worth of data payload over the bulk
559 * pipe.
560 *
561 * Note that this uses usb_stor_transfer_partial to achieve its goals -- this
562 * function simply determines if we're going to use scatter-gather or not,
563 * and acts appropriately. For now, it also re-interprets the error codes.
564 */
usb_stor_transfer(Scsi_Cmnd * srb,struct us_data * us)565 void usb_stor_transfer(Scsi_Cmnd *srb, struct us_data* us)
566 {
567 int i;
568 int result = -1;
569 struct scatterlist *sg;
570 unsigned int total_transferred = 0;
571 unsigned int transfer_amount;
572
573 /* calculate how much we want to transfer */
574 transfer_amount = usb_stor_transfer_length(srb);
575
576 /* was someone foolish enough to request more data than available
577 * buffer space? */
578 if (transfer_amount > srb->request_bufflen)
579 transfer_amount = srb->request_bufflen;
580
581 /* are we scatter-gathering? */
582 if (srb->use_sg) {
583
584 /* loop over all the scatter gather structures and
585 * make the appropriate requests for each, until done
586 */
587 sg = (struct scatterlist *) srb->request_buffer;
588 for (i = 0; i < srb->use_sg; i++) {
589
590 /* transfer the lesser of the next buffer or the
591 * remaining data */
592 if (transfer_amount - total_transferred >=
593 sg[i].length) {
594 result = usb_stor_transfer_partial(us,
595 sg[i].address, sg[i].length);
596 total_transferred += sg[i].length;
597 } else
598 result = usb_stor_transfer_partial(us,
599 sg[i].address,
600 transfer_amount - total_transferred);
601
602 /* if we get an error, end the loop here */
603 if (result)
604 break;
605 }
606 }
607 else
608 /* no scatter-gather, just make the request */
609 result = usb_stor_transfer_partial(us, srb->request_buffer,
610 transfer_amount);
611
612 /* return the result in the data structure itself */
613 srb->result = result;
614 }
615
616 /***********************************************************************
617 * Transport routines
618 ***********************************************************************/
619
620 /* Invoke the transport and basic error-handling/recovery methods
621 *
622 * This is used by the protocol layers to actually send the message to
623 * the device and receive the response.
624 */
usb_stor_invoke_transport(Scsi_Cmnd * srb,struct us_data * us)625 void usb_stor_invoke_transport(Scsi_Cmnd *srb, struct us_data *us)
626 {
627 int need_auto_sense;
628 int result;
629
630 /*
631 * Grab device's exclusive access lock to prevent libusb/usbfs from
632 * sending out a command in the middle of ours (if libusb sends a
633 * get_descriptor or something on pipe 0 after our CBW and before
634 * our CSW, and then we get a stall, we have trouble).
635 */
636 usb_excl_lock(us->pusb_dev, 3, 0);
637
638 /* send the command to the transport layer */
639 result = us->transport(srb, us);
640 usb_excl_unlock(us->pusb_dev, 3);
641
642 /* if the command gets aborted by the higher layers, we need to
643 * short-circuit all other processing
644 */
645 if (result == USB_STOR_TRANSPORT_ABORTED) {
646 US_DEBUGP("-- transport indicates command was aborted\n");
647 srb->result = DID_ABORT << 16;
648
649 /* Bulk-only aborts require a device reset */
650 if (us->protocol == US_PR_BULK)
651 us->transport_reset(us);
652 return;
653 }
654
655 /* if there is a transport error, reset and don't auto-sense */
656 if (result == USB_STOR_TRANSPORT_ERROR) {
657 US_DEBUGP("-- transport indicates error, resetting\n");
658 us->transport_reset(us);
659 srb->result = DID_ERROR << 16;
660 return;
661 }
662
663 /* Determine if we need to auto-sense
664 *
665 * I normally don't use a flag like this, but it's almost impossible
666 * to understand what's going on here if I don't.
667 */
668 need_auto_sense = 0;
669
670 /*
671 * If we're running the CB transport, which is incapable
672 * of determining status on it's own, we need to auto-sense almost
673 * every time.
674 */
675 if (us->protocol == US_PR_CB || us->protocol == US_PR_DPCM_USB) {
676 US_DEBUGP("-- CB transport device requiring auto-sense\n");
677 need_auto_sense = 1;
678
679 /* There are some exceptions to this. Notably, if this is
680 * a UFI device and the command is REQUEST_SENSE or INQUIRY,
681 * then it is impossible to truly determine status.
682 */
683 if (us->subclass == US_SC_UFI &&
684 ((srb->cmnd[0] == REQUEST_SENSE) ||
685 (srb->cmnd[0] == INQUIRY))) {
686 US_DEBUGP("** no auto-sense for a special command\n");
687 need_auto_sense = 0;
688 }
689 }
690
691 /*
692 * If we have a failure, we're going to do a REQUEST_SENSE
693 * automatically. Note that we differentiate between a command
694 * "failure" and an "error" in the transport mechanism.
695 */
696 if (result == USB_STOR_TRANSPORT_FAILED) {
697 US_DEBUGP("-- transport indicates command failure\n");
698 need_auto_sense = 1;
699 }
700
701 /*
702 * Also, if we have a short transfer on a command that can't have
703 * a short transfer, we're going to do this.
704 */
705 if ((srb->result == US_BULK_TRANSFER_SHORT) &&
706 !((srb->cmnd[0] == REQUEST_SENSE) ||
707 (srb->cmnd[0] == INQUIRY) ||
708 (srb->cmnd[0] == MODE_SENSE) ||
709 (srb->cmnd[0] == LOG_SENSE) ||
710 (srb->cmnd[0] == MODE_SENSE_10))) {
711 US_DEBUGP("-- unexpectedly short transfer\n");
712 need_auto_sense = 1;
713 }
714
715 /* Now, if we need to do the auto-sense, let's do it */
716 if (need_auto_sense) {
717 int temp_result;
718 void* old_request_buffer;
719 unsigned short old_sg;
720 unsigned old_request_bufflen;
721 unsigned char old_sc_data_direction;
722 unsigned char old_cmd_len;
723 unsigned char old_cmnd[MAX_COMMAND_SIZE];
724
725 US_DEBUGP("Issuing auto-REQUEST_SENSE\n");
726
727 /* save the old command */
728 memcpy(old_cmnd, srb->cmnd, MAX_COMMAND_SIZE);
729 old_cmd_len = srb->cmd_len;
730
731 /* set the command and the LUN */
732 memset(srb->cmnd, 0, MAX_COMMAND_SIZE);
733 srb->cmnd[0] = REQUEST_SENSE;
734 srb->cmnd[1] = old_cmnd[1] & 0xE0;
735 srb->cmnd[4] = 18;
736
737 /* FIXME: we must do the protocol translation here */
738 if (us->subclass == US_SC_RBC || us->subclass == US_SC_SCSI)
739 srb->cmd_len = 6;
740 else
741 srb->cmd_len = 12;
742
743 /* set the transfer direction */
744 old_sc_data_direction = srb->sc_data_direction;
745 srb->sc_data_direction = SCSI_DATA_READ;
746
747 /* use the new buffer we have */
748 old_request_buffer = srb->request_buffer;
749 srb->request_buffer = srb->sense_buffer;
750
751 /* set the buffer length for transfer */
752 old_request_bufflen = srb->request_bufflen;
753 srb->request_bufflen = 18;
754
755 /* set up for no scatter-gather use */
756 old_sg = srb->use_sg;
757 srb->use_sg = 0;
758
759 /* issue the auto-sense command */
760 usb_excl_lock(us->pusb_dev, 3, 0);
761 temp_result = us->transport(us->srb, us);
762 usb_excl_unlock(us->pusb_dev, 3);
763
764 /* let's clean up right away */
765 srb->request_buffer = old_request_buffer;
766 srb->request_bufflen = old_request_bufflen;
767 srb->use_sg = old_sg;
768 srb->sc_data_direction = old_sc_data_direction;
769 srb->cmd_len = old_cmd_len;
770 memcpy(srb->cmnd, old_cmnd, MAX_COMMAND_SIZE);
771
772 if (temp_result == USB_STOR_TRANSPORT_ABORTED) {
773 US_DEBUGP("-- auto-sense aborted\n");
774 srb->result = DID_ABORT << 16;
775 return;
776 }
777 if (temp_result != USB_STOR_TRANSPORT_GOOD) {
778 US_DEBUGP("-- auto-sense failure\n");
779
780 /* we skip the reset if this happens to be a
781 * multi-target device, since failure of an
782 * auto-sense is perfectly valid
783 */
784 if (!(us->flags & US_FL_SCM_MULT_TARG)) {
785 us->transport_reset(us);
786 }
787 srb->result = DID_ERROR << 16;
788 return;
789 }
790
791 US_DEBUGP("-- Result from auto-sense is %d\n", temp_result);
792 US_DEBUGP("-- code: 0x%x, key: 0x%x, ASC: 0x%x, ASCQ: 0x%x\n",
793 srb->sense_buffer[0],
794 srb->sense_buffer[2] & 0xf,
795 srb->sense_buffer[12],
796 srb->sense_buffer[13]);
797 #ifdef CONFIG_USB_STORAGE_DEBUG
798 usb_stor_show_sense(
799 srb->sense_buffer[2] & 0xf,
800 srb->sense_buffer[12],
801 srb->sense_buffer[13]);
802 #endif
803
804 /* set the result so the higher layers expect this data */
805 srb->result = CHECK_CONDITION << 1;
806
807 /* If things are really okay, then let's show that */
808 if ((srb->sense_buffer[2] & 0xf) == 0x0)
809 srb->result = GOOD << 1;
810 } else /* if (need_auto_sense) */
811 srb->result = GOOD << 1;
812
813 /* Regardless of auto-sense, if we _know_ we have an error
814 * condition, show that in the result code
815 */
816 if (result == USB_STOR_TRANSPORT_FAILED)
817 srb->result = CHECK_CONDITION << 1;
818
819 /* If we think we're good, then make sure the sense data shows it.
820 * This is necessary because the auto-sense for some devices always
821 * sets byte 0 == 0x70, even if there is no error
822 */
823 if ((us->protocol == US_PR_CB || us->protocol == US_PR_DPCM_USB) &&
824 (result == USB_STOR_TRANSPORT_GOOD) &&
825 ((srb->sense_buffer[2] & 0xf) == 0x0))
826 srb->sense_buffer[0] = 0x0;
827 }
828
829 /*
830 * Control/Bulk/Interrupt transport
831 */
832
833 /* The interrupt handler for CBI devices */
usb_stor_CBI_irq(struct urb * urb)834 void usb_stor_CBI_irq(struct urb *urb)
835 {
836 struct us_data *us = (struct us_data *)urb->context;
837
838 US_DEBUGP("USB IRQ received for device on host %d\n", us->host_no);
839 US_DEBUGP("-- IRQ data length is %d\n", urb->actual_length);
840 US_DEBUGP("-- IRQ state is %d\n", urb->status);
841 US_DEBUGP("-- Interrupt Status (0x%x, 0x%x)\n",
842 us->irqbuf[0], us->irqbuf[1]);
843
844 /* reject improper IRQs */
845 if (urb->actual_length != 2) {
846 US_DEBUGP("-- IRQ too short\n");
847 return;
848 }
849
850 /* is the device removed? */
851 if (urb->status == -ENODEV) {
852 US_DEBUGP("-- device has been removed\n");
853 return;
854 }
855
856 /* was this a command-completion interrupt? */
857 if (us->irqbuf[0] && (us->subclass != US_SC_UFI)) {
858 US_DEBUGP("-- not a command-completion IRQ\n");
859 return;
860 }
861
862 /* was this a wanted interrupt? */
863 if (!atomic_read(us->ip_wanted)) {
864 US_DEBUGP("ERROR: Unwanted interrupt received!\n");
865 return;
866 }
867
868 /* adjust the flag */
869 atomic_set(us->ip_wanted, 0);
870
871 /* copy the valid data */
872 us->irqdata[0] = us->irqbuf[0];
873 us->irqdata[1] = us->irqbuf[1];
874
875 /* wake up the command thread */
876 US_DEBUGP("-- Current value of ip_waitq is: %d\n",
877 atomic_read(&us->ip_waitq.count));
878 up(&(us->ip_waitq));
879 }
880
usb_stor_CBI_transport(Scsi_Cmnd * srb,struct us_data * us)881 int usb_stor_CBI_transport(Scsi_Cmnd *srb, struct us_data *us)
882 {
883 int result;
884
885 /* Set up for status notification */
886 atomic_set(us->ip_wanted, 1);
887
888 /* re-initialize the mutex so that we avoid any races with
889 * early/late IRQs from previous commands */
890 init_MUTEX_LOCKED(&(us->ip_waitq));
891
892 /* COMMAND STAGE */
893 /* let's send the command via the control pipe */
894 result = usb_stor_control_msg(us, usb_sndctrlpipe(us->pusb_dev,0),
895 US_CBI_ADSC,
896 USB_TYPE_CLASS | USB_RECIP_INTERFACE, 0,
897 us->ifnum, srb->cmnd, srb->cmd_len);
898
899 /* check the return code for the command */
900 US_DEBUGP("Call to usb_stor_control_msg() returned %d\n", result);
901 if (result < 0) {
902 /* Reset flag for status notification */
903 atomic_set(us->ip_wanted, 0);
904 }
905
906 /* if the command was aborted, indicate that */
907 if (result == -ECONNRESET)
908 return USB_STOR_TRANSPORT_ABORTED;
909
910 /* STALL must be cleared when it is detected */
911 if (result == -EPIPE) {
912 US_DEBUGP("-- Stall on control pipe. Clearing\n");
913 result = usb_stor_clear_halt(us,
914 usb_sndctrlpipe(us->pusb_dev, 0));
915
916 /* if the command was aborted, indicate that */
917 if (result == -ECONNRESET)
918 return USB_STOR_TRANSPORT_ABORTED;
919 return USB_STOR_TRANSPORT_FAILED;
920 }
921
922 if (result < 0) {
923 /* Uh oh... serious problem here */
924 return USB_STOR_TRANSPORT_ERROR;
925 }
926
927 /* DATA STAGE */
928 /* transfer the data payload for this command, if one exists*/
929 if (usb_stor_transfer_length(srb)) {
930 usb_stor_transfer(srb, us);
931 result = srb->result;
932 US_DEBUGP("CBI data stage result is 0x%x\n", result);
933
934 /* report any errors */
935 if (result == US_BULK_TRANSFER_ABORTED) {
936 atomic_set(us->ip_wanted, 0);
937 return USB_STOR_TRANSPORT_ABORTED;
938 }
939 if (result == US_BULK_TRANSFER_FAILED) {
940 atomic_set(us->ip_wanted, 0);
941 return USB_STOR_TRANSPORT_FAILED;
942 }
943 }
944
945 /* STATUS STAGE */
946
947 /* go to sleep until we get this interrupt */
948 US_DEBUGP("Current value of ip_waitq is: %d\n", atomic_read(&us->ip_waitq.count));
949 down(&(us->ip_waitq));
950
951 /* if we were woken up by an abort instead of the actual interrupt */
952 if (atomic_read(us->ip_wanted)) {
953 US_DEBUGP("Did not get interrupt on CBI\n");
954 atomic_set(us->ip_wanted, 0);
955 return USB_STOR_TRANSPORT_ABORTED;
956 }
957
958 US_DEBUGP("Got interrupt data (0x%x, 0x%x)\n",
959 us->irqdata[0], us->irqdata[1]);
960
961 /* UFI gives us ASC and ASCQ, like a request sense
962 *
963 * REQUEST_SENSE and INQUIRY don't affect the sense data on UFI
964 * devices, so we ignore the information for those commands. Note
965 * that this means we could be ignoring a real error on these
966 * commands, but that can't be helped.
967 */
968 if (us->subclass == US_SC_UFI) {
969 if (srb->cmnd[0] == REQUEST_SENSE ||
970 srb->cmnd[0] == INQUIRY)
971 return USB_STOR_TRANSPORT_GOOD;
972 else
973 if (((unsigned char*)us->irq_urb->transfer_buffer)[0])
974 return USB_STOR_TRANSPORT_FAILED;
975 else
976 return USB_STOR_TRANSPORT_GOOD;
977 }
978
979 /* If not UFI, we interpret the data as a result code
980 * The first byte should always be a 0x0
981 * The second byte & 0x0F should be 0x0 for good, otherwise error
982 */
983 if (us->irqdata[0]) {
984 US_DEBUGP("CBI IRQ data showed reserved bType %d\n",
985 us->irqdata[0]);
986 return USB_STOR_TRANSPORT_ERROR;
987 }
988
989 switch (us->irqdata[1] & 0x0F) {
990 case 0x00:
991 return USB_STOR_TRANSPORT_GOOD;
992 case 0x01:
993 return USB_STOR_TRANSPORT_FAILED;
994 default:
995 return USB_STOR_TRANSPORT_ERROR;
996 }
997
998 /* we should never get here, but if we do, we're in trouble */
999 return USB_STOR_TRANSPORT_ERROR;
1000 }
1001
1002 /*
1003 * Control/Bulk transport
1004 */
usb_stor_CB_transport(Scsi_Cmnd * srb,struct us_data * us)1005 int usb_stor_CB_transport(Scsi_Cmnd *srb, struct us_data *us)
1006 {
1007 int result;
1008
1009 /* COMMAND STAGE */
1010 /* let's send the command via the control pipe */
1011 result = usb_stor_control_msg(us, usb_sndctrlpipe(us->pusb_dev,0),
1012 US_CBI_ADSC,
1013 USB_TYPE_CLASS | USB_RECIP_INTERFACE, 0,
1014 us->ifnum, srb->cmnd, srb->cmd_len);
1015
1016 /* check the return code for the command */
1017 US_DEBUGP("Call to usb_stor_control_msg() returned %d\n", result);
1018 if (result < 0) {
1019 /* if the command was aborted, indicate that */
1020 if (result == -ECONNRESET)
1021 return USB_STOR_TRANSPORT_ABORTED;
1022
1023 /* a stall is a fatal condition from the device */
1024 if (result == -EPIPE) {
1025 US_DEBUGP("-- Stall on control pipe. Clearing\n");
1026 result = usb_stor_clear_halt(us,
1027 usb_sndctrlpipe(us->pusb_dev, 0));
1028
1029 /* if the command was aborted, indicate that */
1030 if (result == -ECONNRESET)
1031 return USB_STOR_TRANSPORT_ABORTED;
1032 return USB_STOR_TRANSPORT_FAILED;
1033 }
1034
1035 /* Uh oh... serious problem here */
1036 return USB_STOR_TRANSPORT_ERROR;
1037 }
1038
1039 /* DATA STAGE */
1040 /* transfer the data payload for this command, if one exists*/
1041 if (usb_stor_transfer_length(srb)) {
1042 usb_stor_transfer(srb, us);
1043 result = srb->result;
1044 US_DEBUGP("CB data stage result is 0x%x\n", result);
1045
1046 /* report any errors */
1047 if (result == US_BULK_TRANSFER_ABORTED) {
1048 return USB_STOR_TRANSPORT_ABORTED;
1049 }
1050 if (result == US_BULK_TRANSFER_FAILED) {
1051 return USB_STOR_TRANSPORT_FAILED;
1052 }
1053 }
1054
1055 /* STATUS STAGE */
1056 /* NOTE: CB does not have a status stage. Silly, I know. So
1057 * we have to catch this at a higher level.
1058 */
1059 return USB_STOR_TRANSPORT_GOOD;
1060 }
1061
1062 /*
1063 * Bulk only transport
1064 */
1065
1066 /* Determine what the maximum LUN supported is */
usb_stor_Bulk_max_lun(struct us_data * us)1067 int usb_stor_Bulk_max_lun(struct us_data *us)
1068 {
1069 unsigned char *data;
1070 int result;
1071 int pipe;
1072
1073 data = kmalloc(sizeof *data, GFP_KERNEL);
1074 if (!data) {
1075 return 0;
1076 }
1077
1078 /* issue the command -- use usb_control_msg() because
1079 * the state machine is not yet alive */
1080 pipe = usb_rcvctrlpipe(us->pusb_dev, 0);
1081 result = usb_control_msg(us->pusb_dev, pipe,
1082 US_BULK_GET_MAX_LUN,
1083 USB_DIR_IN | USB_TYPE_CLASS |
1084 USB_RECIP_INTERFACE,
1085 0, us->ifnum, data, sizeof(*data), HZ);
1086
1087 US_DEBUGP("GetMaxLUN command result is %d, data is %d\n",
1088 result, *data);
1089
1090 /* if we have a successful request, return the result */
1091 if (result == 1) {
1092 result = *data;
1093 kfree(data);
1094 return result;
1095 } else {
1096 kfree(data);
1097 }
1098
1099 /* if we get a STALL, clear the stall */
1100 if (result == -EPIPE) {
1101 US_DEBUGP("clearing endpoint halt for pipe 0x%x\n", pipe);
1102
1103 /* Use usb_clear_halt() because the state machine
1104 * is not yet alive */
1105 usb_clear_halt(us->pusb_dev, pipe);
1106 }
1107
1108 /* return the default -- no LUNs */
1109 return 0;
1110 }
1111
1112 int usb_stor_Bulk_reset(struct us_data *us);
1113
usb_stor_Bulk_transport(Scsi_Cmnd * srb,struct us_data * us)1114 int usb_stor_Bulk_transport(Scsi_Cmnd *srb, struct us_data *us)
1115 {
1116 struct bulk_cb_wrap *bcb;
1117 struct bulk_cs_wrap *bcs;
1118 int result;
1119 int pipe;
1120 int partial;
1121 int ret = USB_STOR_TRANSPORT_ERROR;
1122
1123 bcb = kmalloc(sizeof *bcb, in_interrupt() ? GFP_ATOMIC : GFP_NOIO);
1124 if (!bcb) {
1125 return USB_STOR_TRANSPORT_ERROR;
1126 }
1127 bcs = kmalloc(sizeof *bcs, in_interrupt() ? GFP_ATOMIC : GFP_NOIO);
1128 if (!bcs) {
1129 kfree(bcb);
1130 return USB_STOR_TRANSPORT_ERROR;
1131 }
1132
1133 /* set up the command wrapper */
1134 bcb->Signature = cpu_to_le32(US_BULK_CB_SIGN);
1135 bcb->DataTransferLength = cpu_to_le32(usb_stor_transfer_length(srb));
1136 bcb->Flags = srb->sc_data_direction == SCSI_DATA_READ ? 1 << 7 : 0;
1137 bcb->Tag = ++(us->tag);
1138 bcb->Lun = srb->cmnd[1] >> 5;
1139 if (us->flags & US_FL_SCM_MULT_TARG)
1140 bcb->Lun |= srb->target << 4;
1141 bcb->Length = srb->cmd_len;
1142
1143 /* construct the pipe handle */
1144 pipe = usb_sndbulkpipe(us->pusb_dev, us->ep_out);
1145
1146 /* copy the command payload */
1147 memset(bcb->CDB, 0, sizeof(bcb->CDB));
1148 memcpy(bcb->CDB, srb->cmnd, bcb->Length);
1149
1150 /* send it to out endpoint */
1151 US_DEBUGP("Bulk command S 0x%x T 0x%x Trg %d LUN %d L %d F %d CL %d\n",
1152 le32_to_cpu(bcb->Signature), bcb->Tag,
1153 (bcb->Lun >> 4), (bcb->Lun & 0x0F),
1154 le32_to_cpu(bcb->DataTransferLength), bcb->Flags, bcb->Length);
1155 result = usb_stor_bulk_msg(us, bcb, pipe, US_BULK_CB_WRAP_LEN,
1156 &partial);
1157 US_DEBUGP("Bulk command transfer result=%d\n", result);
1158
1159 /* if the command was aborted, indicate that */
1160 if (result == -ECONNRESET) {
1161 ret = USB_STOR_TRANSPORT_ABORTED;
1162 goto out;
1163 }
1164
1165 /* if we stall, we need to clear it before we go on */
1166 if (result == -EPIPE) {
1167 US_DEBUGP("clearing endpoint halt for pipe 0x%x\n", pipe);
1168 result = usb_stor_clear_halt(us, pipe);
1169
1170 /* if the command was aborted, indicate that */
1171 if (result == -ECONNRESET) {
1172 ret = USB_STOR_TRANSPORT_ABORTED;
1173 goto out;
1174 }
1175 result = -EPIPE;
1176 } else if (result) {
1177 /* unknown error -- we've got a problem */
1178 ret = USB_STOR_TRANSPORT_ERROR;
1179 goto out;
1180 }
1181
1182 /* if the command transfered well, then we go to the data stage */
1183 if (result == 0) {
1184
1185 /* Genesys Logic interface chips need a 100us delay between
1186 * the command phase and the data phase. Some systems need
1187 * even more, probably because of clock rate inaccuracies. */
1188 if (us->pusb_dev->descriptor.idVendor == USB_VENDOR_ID_GENESYS)
1189 udelay(110);
1190
1191 /* send/receive data payload, if there is any */
1192 if (bcb->DataTransferLength) {
1193 usb_stor_transfer(srb, us);
1194 result = srb->result;
1195 US_DEBUGP("Bulk data transfer result 0x%x\n", result);
1196
1197 /* if it was aborted, we need to indicate that */
1198 if (result == US_BULK_TRANSFER_ABORTED) {
1199 ret = USB_STOR_TRANSPORT_ABORTED;
1200 goto out;
1201 }
1202 }
1203 }
1204
1205 /* See flow chart on pg 15 of the Bulk Only Transport spec for
1206 * an explanation of how this code works.
1207 */
1208
1209 /* construct the pipe handle */
1210 pipe = usb_rcvbulkpipe(us->pusb_dev, us->ep_in);
1211
1212 /* get CSW for device status */
1213 US_DEBUGP("Attempting to get CSW...\n");
1214 result = usb_stor_bulk_msg(us, bcs, pipe, US_BULK_CS_WRAP_LEN,
1215 &partial);
1216
1217 /* if the command was aborted, indicate that */
1218 if (result == -ECONNRESET) {
1219 ret = USB_STOR_TRANSPORT_ABORTED;
1220 goto out;
1221 }
1222
1223 /* did the attempt to read the CSW fail? */
1224 if (result == -EPIPE) {
1225 US_DEBUGP("clearing endpoint halt for pipe 0x%x\n", pipe);
1226 result = usb_stor_clear_halt(us, pipe);
1227
1228 /* if the command was aborted, indicate that */
1229 if (result == -ECONNRESET) {
1230 ret = USB_STOR_TRANSPORT_ABORTED;
1231 goto out;
1232 }
1233
1234 /* get the status again */
1235 US_DEBUGP("Attempting to get CSW (2nd try)...\n");
1236 result = usb_stor_bulk_msg(us, bcs, pipe,
1237 US_BULK_CS_WRAP_LEN, &partial);
1238
1239 /* if the command was aborted, indicate that */
1240 if (result == -ECONNRESET) {
1241 ret = USB_STOR_TRANSPORT_ABORTED;
1242 goto out;
1243 }
1244
1245 /* if it fails again, we need a reset and return an error*/
1246 if (result == -EPIPE) {
1247 US_DEBUGP("clearing halt for pipe 0x%x\n", pipe);
1248 result = usb_stor_clear_halt(us, pipe);
1249
1250 /* if the command was aborted, indicate that */
1251 if (result == -ECONNRESET) {
1252 ret = USB_STOR_TRANSPORT_ABORTED;
1253 } else {
1254 ret = USB_STOR_TRANSPORT_ERROR;
1255 }
1256 goto out;
1257 }
1258 }
1259
1260 /* if we still have a failure at this point, we're in trouble */
1261 US_DEBUGP("Bulk status result = %d\n", result);
1262 if (result) {
1263 ret = USB_STOR_TRANSPORT_ERROR;
1264 goto out;
1265 }
1266
1267 /* check bulk status */
1268 US_DEBUGP("Bulk status Sig 0x%x T 0x%x R %d Stat 0x%x\n",
1269 le32_to_cpu(bcs->Signature), bcs->Tag,
1270 bcs->Residue, bcs->Status);
1271 if ((bcs->Signature != cpu_to_le32(US_BULK_CS_SIGN) && bcs->Signature != cpu_to_le32(US_BULK_CS_OLYMPUS_SIGN)) ||
1272 bcs->Tag != bcb->Tag ||
1273 bcs->Status > US_BULK_STAT_PHASE || partial != 13) {
1274 US_DEBUGP("Bulk logical error\n");
1275 ret = USB_STOR_TRANSPORT_ERROR;
1276 goto out;
1277 }
1278
1279 /* based on the status code, we report good or bad */
1280 switch (bcs->Status) {
1281 case US_BULK_STAT_OK:
1282 /* command good -- note that data could be short */
1283 ret = USB_STOR_TRANSPORT_GOOD;
1284 goto out;
1285
1286 case US_BULK_STAT_FAIL:
1287 /* command failed */
1288 ret = USB_STOR_TRANSPORT_FAILED;
1289 goto out;
1290
1291 case US_BULK_STAT_PHASE:
1292 /* phase error -- note that a transport reset will be
1293 * invoked by the invoke_transport() function
1294 */
1295 ret = USB_STOR_TRANSPORT_ERROR;
1296 goto out;
1297 }
1298
1299 /* we should never get here, but if we do, we're in trouble */
1300
1301 out:
1302 kfree(bcb);
1303 kfree(bcs);
1304 return ret;
1305 }
1306
1307 /***********************************************************************
1308 * Reset routines
1309 ***********************************************************************/
1310
1311 /* This issues a CB[I] Reset to the device in question
1312 */
usb_stor_CB_reset(struct us_data * us)1313 int usb_stor_CB_reset(struct us_data *us)
1314 {
1315 unsigned char cmd[12];
1316 int result;
1317
1318 US_DEBUGP("CB_reset() called\n");
1319
1320 /* if the device was removed, then we're already reset */
1321 if (!us->pusb_dev)
1322 return SUCCESS;
1323
1324 memset(cmd, 0xFF, sizeof(cmd));
1325 cmd[0] = SEND_DIAGNOSTIC;
1326 cmd[1] = 4;
1327 result = usb_control_msg(us->pusb_dev, usb_sndctrlpipe(us->pusb_dev,0),
1328 US_CBI_ADSC,
1329 USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1330 0, us->ifnum, cmd, sizeof(cmd), HZ*5);
1331
1332 if (result < 0) {
1333 US_DEBUGP("CB[I] soft reset failed %d\n", result);
1334 return FAILED;
1335 }
1336
1337 /* long wait for reset */
1338 set_current_state(TASK_UNINTERRUPTIBLE);
1339 schedule_timeout(HZ*6);
1340 set_current_state(TASK_RUNNING);
1341
1342 US_DEBUGP("CB_reset: clearing endpoint halt\n");
1343 usb_stor_clear_halt(us,
1344 usb_rcvbulkpipe(us->pusb_dev, us->ep_in));
1345 usb_stor_clear_halt(us,
1346 usb_sndbulkpipe(us->pusb_dev, us->ep_out));
1347
1348 US_DEBUGP("CB_reset done\n");
1349 /* return a result code based on the result of the control message */
1350 return SUCCESS;
1351 }
1352
1353 /* This issues a Bulk-only Reset to the device in question, including
1354 * clearing the subsequent endpoint halts that may occur.
1355 */
usb_stor_Bulk_reset(struct us_data * us)1356 int usb_stor_Bulk_reset(struct us_data *us)
1357 {
1358 int result;
1359
1360 US_DEBUGP("Bulk reset requested\n");
1361
1362 /* if the device was removed, then we're already reset */
1363 if (!us->pusb_dev)
1364 return SUCCESS;
1365
1366 result = usb_control_msg(us->pusb_dev,
1367 usb_sndctrlpipe(us->pusb_dev,0),
1368 US_BULK_RESET_REQUEST,
1369 USB_TYPE_CLASS | USB_RECIP_INTERFACE,
1370 0, us->ifnum, NULL, 0, HZ*5);
1371
1372 if (result < 0) {
1373 US_DEBUGP("Bulk soft reset failed %d\n", result);
1374 return FAILED;
1375 }
1376
1377 /* long wait for reset */
1378 set_current_state(TASK_UNINTERRUPTIBLE);
1379 schedule_timeout(HZ*6);
1380 set_current_state(TASK_RUNNING);
1381
1382 usb_stor_clear_halt(us,
1383 usb_rcvbulkpipe(us->pusb_dev, us->ep_in));
1384 usb_stor_clear_halt(us,
1385 usb_sndbulkpipe(us->pusb_dev, us->ep_out));
1386 US_DEBUGP("Bulk soft reset completed\n");
1387 return SUCCESS;
1388 }
1389