1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  *  linux/drivers/block/floppy.c
4  *
5  *  Copyright (C) 1991, 1992  Linus Torvalds
6  *  Copyright (C) 1993, 1994  Alain Knaff
7  *  Copyright (C) 1998 Alan Cox
8  */
9 
10 /*
11  * 02.12.91 - Changed to static variables to indicate need for reset
12  * and recalibrate. This makes some things easier (output_byte reset
13  * checking etc), and means less interrupt jumping in case of errors,
14  * so the code is hopefully easier to understand.
15  */
16 
17 /*
18  * This file is certainly a mess. I've tried my best to get it working,
19  * but I don't like programming floppies, and I have only one anyway.
20  * Urgel. I should check for more errors, and do more graceful error
21  * recovery. Seems there are problems with several drives. I've tried to
22  * correct them. No promises.
23  */
24 
25 /*
26  * As with hd.c, all routines within this file can (and will) be called
27  * by interrupts, so extreme caution is needed. A hardware interrupt
28  * handler may not sleep, or a kernel panic will happen. Thus I cannot
29  * call "floppy-on" directly, but have to set a special timer interrupt
30  * etc.
31  */
32 
33 /*
34  * 28.02.92 - made track-buffering routines, based on the routines written
35  * by entropy@wintermute.wpi.edu (Lawrence Foard). Linus.
36  */
37 
38 /*
39  * Automatic floppy-detection and formatting written by Werner Almesberger
40  * (almesber@nessie.cs.id.ethz.ch), who also corrected some problems with
41  * the floppy-change signal detection.
42  */
43 
44 /*
45  * 1992/7/22 -- Hennus Bergman: Added better error reporting, fixed
46  * FDC data overrun bug, added some preliminary stuff for vertical
47  * recording support.
48  *
49  * 1992/9/17: Added DMA allocation & DMA functions. -- hhb.
50  *
51  * TODO: Errors are still not counted properly.
52  */
53 
54 /* 1992/9/20
55  * Modifications for ``Sector Shifting'' by Rob Hooft (hooft@chem.ruu.nl)
56  * modeled after the freeware MS-DOS program fdformat/88 V1.8 by
57  * Christoph H. Hochst\"atter.
58  * I have fixed the shift values to the ones I always use. Maybe a new
59  * ioctl() should be created to be able to modify them.
60  * There is a bug in the driver that makes it impossible to format a
61  * floppy as the first thing after bootup.
62  */
63 
64 /*
65  * 1993/4/29 -- Linus -- cleaned up the timer handling in the kernel, and
66  * this helped the floppy driver as well. Much cleaner, and still seems to
67  * work.
68  */
69 
70 /* 1994/6/24 --bbroad-- added the floppy table entries and made
71  * minor modifications to allow 2.88 floppies to be run.
72  */
73 
74 /* 1994/7/13 -- Paul Vojta -- modified the probing code to allow three or more
75  * disk types.
76  */
77 
78 /*
79  * 1994/8/8 -- Alain Knaff -- Switched to fdpatch driver: Support for bigger
80  * format bug fixes, but unfortunately some new bugs too...
81  */
82 
83 /* 1994/9/17 -- Koen Holtman -- added logging of physical floppy write
84  * errors to allow safe writing by specialized programs.
85  */
86 
87 /* 1995/4/24 -- Dan Fandrich -- added support for Commodore 1581 3.5" disks
88  * by defining bit 1 of the "stretch" parameter to mean put sectors on the
89  * opposite side of the disk, leaving the sector IDs alone (i.e. Commodore's
90  * drives are "upside-down").
91  */
92 
93 /*
94  * 1995/8/26 -- Andreas Busse -- added Mips support.
95  */
96 
97 /*
98  * 1995/10/18 -- Ralf Baechle -- Portability cleanup; move machine dependent
99  * features to asm/floppy.h.
100  */
101 
102 /*
103  * 1998/1/21 -- Richard Gooch <rgooch@atnf.csiro.au> -- devfs support
104  */
105 
106 /*
107  * 1998/05/07 -- Russell King -- More portability cleanups; moved definition of
108  * interrupt and dma channel to asm/floppy.h. Cleaned up some formatting &
109  * use of '0' for NULL.
110  */
111 
112 /*
113  * 1998/06/07 -- Alan Cox -- Merged the 2.0.34 fixes for resource allocation
114  * failures.
115  */
116 
117 /*
118  * 1998/09/20 -- David Weinehall -- Added slow-down code for buggy PS/2-drives.
119  */
120 
121 /*
122  * 1999/08/13 -- Paul Slootman -- floppy stopped working on Alpha after 24
123  * days, 6 hours, 32 minutes and 32 seconds (i.e. MAXINT jiffies; ints were
124  * being used to store jiffies, which are unsigned longs).
125  */
126 
127 /*
128  * 2000/08/28 -- Arnaldo Carvalho de Melo <acme@conectiva.com.br>
129  * - get rid of check_region
130  * - s/suser/capable/
131  */
132 
133 /*
134  * 2001/08/26 -- Paul Gortmaker - fix insmod oops on machines with no
135  * floppy controller (lingering task on list after module is gone... boom.)
136  */
137 
138 /*
139  * 2002/02/07 -- Anton Altaparmakov - Fix io ports reservation to correct range
140  * (0x3f2-0x3f5, 0x3f7). This fix is a bit of a hack but the proper fix
141  * requires many non-obvious changes in arch dependent code.
142  */
143 
144 /* 2003/07/28 -- Daniele Bellucci <bellucda@tiscali.it>.
145  * Better audit of register_blkdev.
146  */
147 
148 #define REALLY_SLOW_IO
149 
150 #define DEBUGT 2
151 
152 #define DPRINT(format, args...) \
153 	pr_info("floppy%d: " format, current_drive, ##args)
154 
155 #define DCL_DEBUG		/* debug disk change line */
156 #ifdef DCL_DEBUG
157 #define debug_dcl(test, fmt, args...) \
158 	do { if ((test) & FD_DEBUG) DPRINT(fmt, ##args); } while (0)
159 #else
160 #define debug_dcl(test, fmt, args...) \
161 	do { if (0) DPRINT(fmt, ##args); } while (0)
162 #endif
163 
164 /* do print messages for unexpected interrupts */
165 static int print_unex = 1;
166 #include <linux/module.h>
167 #include <linux/sched.h>
168 #include <linux/fs.h>
169 #include <linux/kernel.h>
170 #include <linux/timer.h>
171 #include <linux/workqueue.h>
172 #include <linux/fdreg.h>
173 #include <linux/fd.h>
174 #include <linux/hdreg.h>
175 #include <linux/errno.h>
176 #include <linux/slab.h>
177 #include <linux/mm.h>
178 #include <linux/bio.h>
179 #include <linux/string.h>
180 #include <linux/jiffies.h>
181 #include <linux/fcntl.h>
182 #include <linux/delay.h>
183 #include <linux/mc146818rtc.h>	/* CMOS defines */
184 #include <linux/ioport.h>
185 #include <linux/interrupt.h>
186 #include <linux/init.h>
187 #include <linux/major.h>
188 #include <linux/platform_device.h>
189 #include <linux/mod_devicetable.h>
190 #include <linux/mutex.h>
191 #include <linux/io.h>
192 #include <linux/uaccess.h>
193 #include <linux/async.h>
194 #include <linux/compat.h>
195 
196 /*
197  * PS/2 floppies have much slower step rates than regular floppies.
198  * It's been recommended that take about 1/4 of the default speed
199  * in some more extreme cases.
200  */
201 static DEFINE_MUTEX(floppy_mutex);
202 static int slow_floppy;
203 
204 #include <asm/dma.h>
205 #include <asm/irq.h>
206 
207 static int FLOPPY_IRQ = 6;
208 static int FLOPPY_DMA = 2;
209 static int can_use_virtual_dma = 2;
210 /* =======
211  * can use virtual DMA:
212  * 0 = use of virtual DMA disallowed by config
213  * 1 = use of virtual DMA prescribed by config
214  * 2 = no virtual DMA preference configured.  By default try hard DMA,
215  * but fall back on virtual DMA when not enough memory available
216  */
217 
218 static int use_virtual_dma;
219 /* =======
220  * use virtual DMA
221  * 0 using hard DMA
222  * 1 using virtual DMA
223  * This variable is set to virtual when a DMA mem problem arises, and
224  * reset back in floppy_grab_irq_and_dma.
225  * It is not safe to reset it in other circumstances, because the floppy
226  * driver may have several buffers in use at once, and we do currently not
227  * record each buffers capabilities
228  */
229 
230 static DEFINE_SPINLOCK(floppy_lock);
231 
232 static unsigned short virtual_dma_port = 0x3f0;
233 irqreturn_t floppy_interrupt(int irq, void *dev_id);
234 static int set_dor(int fdc, char mask, char data);
235 
236 #define K_64	0x10000		/* 64KB */
237 
238 /* the following is the mask of allowed drives. By default units 2 and
239  * 3 of both floppy controllers are disabled, because switching on the
240  * motor of these drives causes system hangs on some PCI computers. drive
241  * 0 is the low bit (0x1), and drive 7 is the high bit (0x80). Bits are on if
242  * a drive is allowed.
243  *
244  * NOTE: This must come before we include the arch floppy header because
245  *       some ports reference this variable from there. -DaveM
246  */
247 
248 static int allowed_drive_mask = 0x33;
249 
250 #include <asm/floppy.h>
251 
252 static int irqdma_allocated;
253 
254 #include <linux/blk-mq.h>
255 #include <linux/blkpg.h>
256 #include <linux/cdrom.h>	/* for the compatibility eject ioctl */
257 #include <linux/completion.h>
258 
259 static LIST_HEAD(floppy_reqs);
260 static struct request *current_req;
261 static int set_next_request(void);
262 
263 #ifndef fd_get_dma_residue
264 #define fd_get_dma_residue() get_dma_residue(FLOPPY_DMA)
265 #endif
266 
267 /* Dma Memory related stuff */
268 
269 #ifndef fd_dma_mem_free
270 #define fd_dma_mem_free(addr, size) free_pages(addr, get_order(size))
271 #endif
272 
273 #ifndef fd_dma_mem_alloc
274 #define fd_dma_mem_alloc(size) __get_dma_pages(GFP_KERNEL, get_order(size))
275 #endif
276 
277 #ifndef fd_cacheflush
278 #define fd_cacheflush(addr, size) /* nothing... */
279 #endif
280 
fallback_on_nodma_alloc(char ** addr,size_t l)281 static inline void fallback_on_nodma_alloc(char **addr, size_t l)
282 {
283 #ifdef FLOPPY_CAN_FALLBACK_ON_NODMA
284 	if (*addr)
285 		return;		/* we have the memory */
286 	if (can_use_virtual_dma != 2)
287 		return;		/* no fallback allowed */
288 	pr_info("DMA memory shortage. Temporarily falling back on virtual DMA\n");
289 	*addr = (char *)nodma_mem_alloc(l);
290 #else
291 	return;
292 #endif
293 }
294 
295 /* End dma memory related stuff */
296 
297 static unsigned long fake_change;
298 static bool initialized;
299 
300 #define ITYPE(x)	(((x) >> 2) & 0x1f)
301 #define TOMINOR(x)	((x & 3) | ((x & 4) << 5))
302 #define UNIT(x)		((x) & 0x03)		/* drive on fdc */
303 #define FDC(x)		(((x) & 0x04) >> 2)	/* fdc of drive */
304 	/* reverse mapping from unit and fdc to drive */
305 #define REVDRIVE(fdc, unit) ((unit) + ((fdc) << 2))
306 
307 #define PH_HEAD(floppy, head) (((((floppy)->stretch & 2) >> 1) ^ head) << 2)
308 #define STRETCH(floppy)	((floppy)->stretch & FD_STRETCH)
309 
310 /* read/write commands */
311 #define COMMAND			0
312 #define DR_SELECT		1
313 #define TRACK			2
314 #define HEAD			3
315 #define SECTOR			4
316 #define SIZECODE		5
317 #define SECT_PER_TRACK		6
318 #define GAP			7
319 #define SIZECODE2		8
320 #define NR_RW 9
321 
322 /* format commands */
323 #define F_SIZECODE		2
324 #define F_SECT_PER_TRACK	3
325 #define F_GAP			4
326 #define F_FILL			5
327 #define NR_F 6
328 
329 /*
330  * Maximum disk size (in kilobytes).
331  * This default is used whenever the current disk size is unknown.
332  * [Now it is rather a minimum]
333  */
334 #define MAX_DISK_SIZE 4		/* 3984 */
335 
336 /*
337  * globals used by 'result()'
338  */
339 static unsigned char reply_buffer[FD_RAW_REPLY_SIZE];
340 static int inr;		/* size of reply buffer, when called from interrupt */
341 #define ST0		0
342 #define ST1		1
343 #define ST2		2
344 #define ST3		0	/* result of GETSTATUS */
345 #define R_TRACK		3
346 #define R_HEAD		4
347 #define R_SECTOR	5
348 #define R_SIZECODE	6
349 
350 #define SEL_DLY		(2 * HZ / 100)
351 
352 /*
353  * this struct defines the different floppy drive types.
354  */
355 static struct {
356 	struct floppy_drive_params params;
357 	const char *name;	/* name printed while booting */
358 } default_drive_params[] = {
359 /* NOTE: the time values in jiffies should be in msec!
360  CMOS drive type
361   |     Maximum data rate supported by drive type
362   |     |   Head load time, msec
363   |     |   |   Head unload time, msec (not used)
364   |     |   |   |     Step rate interval, usec
365   |     |   |   |     |       Time needed for spinup time (jiffies)
366   |     |   |   |     |       |      Timeout for spinning down (jiffies)
367   |     |   |   |     |       |      |   Spindown offset (where disk stops)
368   |     |   |   |     |       |      |   |     Select delay
369   |     |   |   |     |       |      |   |     |     RPS
370   |     |   |   |     |       |      |   |     |     |    Max number of tracks
371   |     |   |   |     |       |      |   |     |     |    |     Interrupt timeout
372   |     |   |   |     |       |      |   |     |     |    |     |   Max nonintlv. sectors
373   |     |   |   |     |       |      |   |     |     |    |     |   | -Max Errors- flags */
374 {{0,  500, 16, 16, 8000,    1*HZ, 3*HZ,  0, SEL_DLY, 5,  80, 3*HZ, 20, {3,1,2,0,2}, 0,
375       0, { 7, 4, 8, 2, 1, 5, 3,10}, 3*HZ/2, 0 }, "unknown" },
376 
377 {{1,  300, 16, 16, 8000,    1*HZ, 3*HZ,  0, SEL_DLY, 5,  40, 3*HZ, 17, {3,1,2,0,2}, 0,
378       0, { 1, 0, 0, 0, 0, 0, 0, 0}, 3*HZ/2, 1 }, "360K PC" }, /*5 1/4 360 KB PC*/
379 
380 {{2,  500, 16, 16, 6000, 4*HZ/10, 3*HZ, 14, SEL_DLY, 6,  83, 3*HZ, 17, {3,1,2,0,2}, 0,
381       0, { 2, 5, 6,23,10,20,12, 0}, 3*HZ/2, 2 }, "1.2M" }, /*5 1/4 HD AT*/
382 
383 {{3,  250, 16, 16, 3000,    1*HZ, 3*HZ,  0, SEL_DLY, 5,  83, 3*HZ, 20, {3,1,2,0,2}, 0,
384       0, { 4,22,21,30, 3, 0, 0, 0}, 3*HZ/2, 4 }, "720k" }, /*3 1/2 DD*/
385 
386 {{4,  500, 16, 16, 4000, 4*HZ/10, 3*HZ, 10, SEL_DLY, 5,  83, 3*HZ, 20, {3,1,2,0,2}, 0,
387       0, { 7, 4,25,22,31,21,29,11}, 3*HZ/2, 7 }, "1.44M" }, /*3 1/2 HD*/
388 
389 {{5, 1000, 15,  8, 3000, 4*HZ/10, 3*HZ, 10, SEL_DLY, 5,  83, 3*HZ, 40, {3,1,2,0,2}, 0,
390       0, { 7, 8, 4,25,28,22,31,21}, 3*HZ/2, 8 }, "2.88M AMI BIOS" }, /*3 1/2 ED*/
391 
392 {{6, 1000, 15,  8, 3000, 4*HZ/10, 3*HZ, 10, SEL_DLY, 5,  83, 3*HZ, 40, {3,1,2,0,2}, 0,
393       0, { 7, 8, 4,25,28,22,31,21}, 3*HZ/2, 8 }, "2.88M" } /*3 1/2 ED*/
394 /*    |  --autodetected formats---    |      |      |
395  *    read_track                      |      |    Name printed when booting
396  *				      |     Native format
397  *	            Frequency of disk change checks */
398 };
399 
400 static struct floppy_drive_params drive_params[N_DRIVE];
401 static struct floppy_drive_struct drive_state[N_DRIVE];
402 static struct floppy_write_errors write_errors[N_DRIVE];
403 static struct timer_list motor_off_timer[N_DRIVE];
404 static struct blk_mq_tag_set tag_sets[N_DRIVE];
405 static struct gendisk *opened_disk[N_DRIVE];
406 static DEFINE_MUTEX(open_lock);
407 static struct floppy_raw_cmd *raw_cmd, default_raw_cmd;
408 
409 /*
410  * This struct defines the different floppy types.
411  *
412  * Bit 0 of 'stretch' tells if the tracks need to be doubled for some
413  * types (e.g. 360kB diskette in 1.2MB drive, etc.).  Bit 1 of 'stretch'
414  * tells if the disk is in Commodore 1581 format, which means side 0 sectors
415  * are located on side 1 of the disk but with a side 0 ID, and vice-versa.
416  * This is the same as the Sharp MZ-80 5.25" CP/M disk format, except that the
417  * 1581's logical side 0 is on physical side 1, whereas the Sharp's logical
418  * side 0 is on physical side 0 (but with the misnamed sector IDs).
419  * 'stretch' should probably be renamed to something more general, like
420  * 'options'.
421  *
422  * Bits 2 through 9 of 'stretch' tell the number of the first sector.
423  * The LSB (bit 2) is flipped. For most disks, the first sector
424  * is 1 (represented by 0x00<<2).  For some CP/M and music sampler
425  * disks (such as Ensoniq EPS 16plus) it is 0 (represented as 0x01<<2).
426  * For Amstrad CPC disks it is 0xC1 (represented as 0xC0<<2).
427  *
428  * Other parameters should be self-explanatory (see also setfdprm(8)).
429  */
430 /*
431 	    Size
432 	     |  Sectors per track
433 	     |  | Head
434 	     |  | |  Tracks
435 	     |  | |  | Stretch
436 	     |  | |  | |  Gap 1 size
437 	     |  | |  | |    |  Data rate, | 0x40 for perp
438 	     |  | |  | |    |    |  Spec1 (stepping rate, head unload
439 	     |  | |  | |    |    |    |    /fmt gap (gap2) */
440 static struct floppy_struct floppy_type[32] = {
441 	{    0, 0,0, 0,0,0x00,0x00,0x00,0x00,NULL    },	/*  0 no testing    */
442 	{  720, 9,2,40,0,0x2A,0x02,0xDF,0x50,"d360"  }, /*  1 360KB PC      */
443 	{ 2400,15,2,80,0,0x1B,0x00,0xDF,0x54,"h1200" },	/*  2 1.2MB AT      */
444 	{  720, 9,1,80,0,0x2A,0x02,0xDF,0x50,"D360"  },	/*  3 360KB SS 3.5" */
445 	{ 1440, 9,2,80,0,0x2A,0x02,0xDF,0x50,"D720"  },	/*  4 720KB 3.5"    */
446 	{  720, 9,2,40,1,0x23,0x01,0xDF,0x50,"h360"  },	/*  5 360KB AT      */
447 	{ 1440, 9,2,80,0,0x23,0x01,0xDF,0x50,"h720"  },	/*  6 720KB AT      */
448 	{ 2880,18,2,80,0,0x1B,0x00,0xCF,0x6C,"H1440" },	/*  7 1.44MB 3.5"   */
449 	{ 5760,36,2,80,0,0x1B,0x43,0xAF,0x54,"E2880" },	/*  8 2.88MB 3.5"   */
450 	{ 6240,39,2,80,0,0x1B,0x43,0xAF,0x28,"E3120" },	/*  9 3.12MB 3.5"   */
451 
452 	{ 2880,18,2,80,0,0x25,0x00,0xDF,0x02,"h1440" }, /* 10 1.44MB 5.25"  */
453 	{ 3360,21,2,80,0,0x1C,0x00,0xCF,0x0C,"H1680" }, /* 11 1.68MB 3.5"   */
454 	{  820,10,2,41,1,0x25,0x01,0xDF,0x2E,"h410"  },	/* 12 410KB 5.25"   */
455 	{ 1640,10,2,82,0,0x25,0x02,0xDF,0x2E,"H820"  },	/* 13 820KB 3.5"    */
456 	{ 2952,18,2,82,0,0x25,0x00,0xDF,0x02,"h1476" },	/* 14 1.48MB 5.25"  */
457 	{ 3444,21,2,82,0,0x25,0x00,0xDF,0x0C,"H1722" },	/* 15 1.72MB 3.5"   */
458 	{  840,10,2,42,1,0x25,0x01,0xDF,0x2E,"h420"  },	/* 16 420KB 5.25"   */
459 	{ 1660,10,2,83,0,0x25,0x02,0xDF,0x2E,"H830"  },	/* 17 830KB 3.5"    */
460 	{ 2988,18,2,83,0,0x25,0x00,0xDF,0x02,"h1494" },	/* 18 1.49MB 5.25"  */
461 	{ 3486,21,2,83,0,0x25,0x00,0xDF,0x0C,"H1743" }, /* 19 1.74 MB 3.5"  */
462 
463 	{ 1760,11,2,80,0,0x1C,0x09,0xCF,0x00,"h880"  }, /* 20 880KB 5.25"   */
464 	{ 2080,13,2,80,0,0x1C,0x01,0xCF,0x00,"D1040" }, /* 21 1.04MB 3.5"   */
465 	{ 2240,14,2,80,0,0x1C,0x19,0xCF,0x00,"D1120" }, /* 22 1.12MB 3.5"   */
466 	{ 3200,20,2,80,0,0x1C,0x20,0xCF,0x2C,"h1600" }, /* 23 1.6MB 5.25"   */
467 	{ 3520,22,2,80,0,0x1C,0x08,0xCF,0x2e,"H1760" }, /* 24 1.76MB 3.5"   */
468 	{ 3840,24,2,80,0,0x1C,0x20,0xCF,0x00,"H1920" }, /* 25 1.92MB 3.5"   */
469 	{ 6400,40,2,80,0,0x25,0x5B,0xCF,0x00,"E3200" }, /* 26 3.20MB 3.5"   */
470 	{ 7040,44,2,80,0,0x25,0x5B,0xCF,0x00,"E3520" }, /* 27 3.52MB 3.5"   */
471 	{ 7680,48,2,80,0,0x25,0x63,0xCF,0x00,"E3840" }, /* 28 3.84MB 3.5"   */
472 	{ 3680,23,2,80,0,0x1C,0x10,0xCF,0x00,"H1840" }, /* 29 1.84MB 3.5"   */
473 
474 	{ 1600,10,2,80,0,0x25,0x02,0xDF,0x2E,"D800"  },	/* 30 800KB 3.5"    */
475 	{ 3200,20,2,80,0,0x1C,0x00,0xCF,0x2C,"H1600" }, /* 31 1.6MB 3.5"    */
476 };
477 
478 static struct gendisk *disks[N_DRIVE][ARRAY_SIZE(floppy_type)];
479 
480 #define SECTSIZE (_FD_SECTSIZE(*floppy))
481 
482 /* Auto-detection: Disk type used until the next media change occurs. */
483 static struct floppy_struct *current_type[N_DRIVE];
484 
485 /*
486  * User-provided type information. current_type points to
487  * the respective entry of this array.
488  */
489 static struct floppy_struct user_params[N_DRIVE];
490 
491 static sector_t floppy_sizes[256];
492 
493 static char floppy_device_name[] = "floppy";
494 
495 /*
496  * The driver is trying to determine the correct media format
497  * while probing is set. rw_interrupt() clears it after a
498  * successful access.
499  */
500 static int probing;
501 
502 /* Synchronization of FDC access. */
503 #define FD_COMMAND_NONE		-1
504 #define FD_COMMAND_ERROR	2
505 #define FD_COMMAND_OKAY		3
506 
507 static volatile int command_status = FD_COMMAND_NONE;
508 static unsigned long fdc_busy;
509 static DECLARE_WAIT_QUEUE_HEAD(fdc_wait);
510 static DECLARE_WAIT_QUEUE_HEAD(command_done);
511 
512 /* errors encountered on the current (or last) request */
513 static int floppy_errors;
514 
515 /* Format request descriptor. */
516 static struct format_descr format_req;
517 
518 /*
519  * Rate is 0 for 500kb/s, 1 for 300kbps, 2 for 250kbps
520  * Spec1 is 0xSH, where S is stepping rate (F=1ms, E=2ms, D=3ms etc),
521  * H is head unload time (1=16ms, 2=32ms, etc)
522  */
523 
524 /*
525  * Track buffer
526  * Because these are written to by the DMA controller, they must
527  * not contain a 64k byte boundary crossing, or data will be
528  * corrupted/lost.
529  */
530 static char *floppy_track_buffer;
531 static int max_buffer_sectors;
532 
533 typedef void (*done_f)(int);
534 static const struct cont_t {
535 	void (*interrupt)(void);
536 				/* this is called after the interrupt of the
537 				 * main command */
538 	void (*redo)(void);	/* this is called to retry the operation */
539 	void (*error)(void);	/* this is called to tally an error */
540 	done_f done;		/* this is called to say if the operation has
541 				 * succeeded/failed */
542 } *cont;
543 
544 static void floppy_ready(void);
545 static void floppy_start(void);
546 static void process_fd_request(void);
547 static void recalibrate_floppy(void);
548 static void floppy_shutdown(struct work_struct *);
549 
550 static int floppy_request_regions(int);
551 static void floppy_release_regions(int);
552 static int floppy_grab_irq_and_dma(void);
553 static void floppy_release_irq_and_dma(void);
554 
555 /*
556  * The "reset" variable should be tested whenever an interrupt is scheduled,
557  * after the commands have been sent. This is to ensure that the driver doesn't
558  * get wedged when the interrupt doesn't come because of a failed command.
559  * reset doesn't need to be tested before sending commands, because
560  * output_byte is automatically disabled when reset is set.
561  */
562 static void reset_fdc(void);
563 static int floppy_revalidate(struct gendisk *disk);
564 
565 /*
566  * These are global variables, as that's the easiest way to give
567  * information to interrupts. They are the data used for the current
568  * request.
569  */
570 #define NO_TRACK	-1
571 #define NEED_1_RECAL	-2
572 #define NEED_2_RECAL	-3
573 
574 static atomic_t usage_count = ATOMIC_INIT(0);
575 
576 /* buffer related variables */
577 static int buffer_track = -1;
578 static int buffer_drive = -1;
579 static int buffer_min = -1;
580 static int buffer_max = -1;
581 
582 /* fdc related variables, should end up in a struct */
583 static struct floppy_fdc_state fdc_state[N_FDC];
584 static int current_fdc;			/* current fdc */
585 
586 static struct workqueue_struct *floppy_wq;
587 
588 static struct floppy_struct *_floppy = floppy_type;
589 static unsigned char current_drive;
590 static long current_count_sectors;
591 static unsigned char fsector_t;	/* sector in track */
592 static unsigned char in_sector_offset;	/* offset within physical sector,
593 					 * expressed in units of 512 bytes */
594 
fdc_inb(int fdc,int reg)595 static inline unsigned char fdc_inb(int fdc, int reg)
596 {
597 	return fd_inb(fdc_state[fdc].address, reg);
598 }
599 
fdc_outb(unsigned char value,int fdc,int reg)600 static inline void fdc_outb(unsigned char value, int fdc, int reg)
601 {
602 	fd_outb(value, fdc_state[fdc].address, reg);
603 }
604 
drive_no_geom(int drive)605 static inline bool drive_no_geom(int drive)
606 {
607 	return !current_type[drive] && !ITYPE(drive_state[drive].fd_device);
608 }
609 
610 #ifndef fd_eject
fd_eject(int drive)611 static inline int fd_eject(int drive)
612 {
613 	return -EINVAL;
614 }
615 #endif
616 
617 /*
618  * Debugging
619  * =========
620  */
621 #ifdef DEBUGT
622 static long unsigned debugtimer;
623 
set_debugt(void)624 static inline void set_debugt(void)
625 {
626 	debugtimer = jiffies;
627 }
628 
debugt(const char * func,const char * msg)629 static inline void debugt(const char *func, const char *msg)
630 {
631 	if (drive_params[current_drive].flags & DEBUGT)
632 		pr_info("%s:%s dtime=%lu\n", func, msg, jiffies - debugtimer);
633 }
634 #else
set_debugt(void)635 static inline void set_debugt(void) { }
debugt(const char * func,const char * msg)636 static inline void debugt(const char *func, const char *msg) { }
637 #endif /* DEBUGT */
638 
639 
640 static DECLARE_DELAYED_WORK(fd_timeout, floppy_shutdown);
641 static const char *timeout_message;
642 
is_alive(const char * func,const char * message)643 static void is_alive(const char *func, const char *message)
644 {
645 	/* this routine checks whether the floppy driver is "alive" */
646 	if (test_bit(0, &fdc_busy) && command_status < 2 &&
647 	    !delayed_work_pending(&fd_timeout)) {
648 		DPRINT("%s: timeout handler died.  %s\n", func, message);
649 	}
650 }
651 
652 static void (*do_floppy)(void) = NULL;
653 
654 #define OLOGSIZE 20
655 
656 static void (*lasthandler)(void);
657 static unsigned long interruptjiffies;
658 static unsigned long resultjiffies;
659 static int resultsize;
660 static unsigned long lastredo;
661 
662 static struct output_log {
663 	unsigned char data;
664 	unsigned char status;
665 	unsigned long jiffies;
666 } output_log[OLOGSIZE];
667 
668 static int output_log_pos;
669 
670 #define MAXTIMEOUT -2
671 
__reschedule_timeout(int drive,const char * message)672 static void __reschedule_timeout(int drive, const char *message)
673 {
674 	unsigned long delay;
675 
676 	if (drive < 0 || drive >= N_DRIVE) {
677 		delay = 20UL * HZ;
678 		drive = 0;
679 	} else
680 		delay = drive_params[drive].timeout;
681 
682 	mod_delayed_work(floppy_wq, &fd_timeout, delay);
683 	if (drive_params[drive].flags & FD_DEBUG)
684 		DPRINT("reschedule timeout %s\n", message);
685 	timeout_message = message;
686 }
687 
reschedule_timeout(int drive,const char * message)688 static void reschedule_timeout(int drive, const char *message)
689 {
690 	unsigned long flags;
691 
692 	spin_lock_irqsave(&floppy_lock, flags);
693 	__reschedule_timeout(drive, message);
694 	spin_unlock_irqrestore(&floppy_lock, flags);
695 }
696 
697 #define INFBOUND(a, b) (a) = max_t(int, a, b)
698 #define SUPBOUND(a, b) (a) = min_t(int, a, b)
699 
700 /*
701  * Bottom half floppy driver.
702  * ==========================
703  *
704  * This part of the file contains the code talking directly to the hardware,
705  * and also the main service loop (seek-configure-spinup-command)
706  */
707 
708 /*
709  * disk change.
710  * This routine is responsible for maintaining the FD_DISK_CHANGE flag,
711  * and the last_checked date.
712  *
713  * last_checked is the date of the last check which showed 'no disk change'
714  * FD_DISK_CHANGE is set under two conditions:
715  * 1. The floppy has been changed after some i/o to that floppy already
716  *    took place.
717  * 2. No floppy disk is in the drive. This is done in order to ensure that
718  *    requests are quickly flushed in case there is no disk in the drive. It
719  *    follows that FD_DISK_CHANGE can only be cleared if there is a disk in
720  *    the drive.
721  *
722  * For 1., maxblock is observed. Maxblock is 0 if no i/o has taken place yet.
723  * For 2., FD_DISK_NEWCHANGE is watched. FD_DISK_NEWCHANGE is cleared on
724  *  each seek. If a disk is present, the disk change line should also be
725  *  cleared on each seek. Thus, if FD_DISK_NEWCHANGE is clear, but the disk
726  *  change line is set, this means either that no disk is in the drive, or
727  *  that it has been removed since the last seek.
728  *
729  * This means that we really have a third possibility too:
730  *  The floppy has been changed after the last seek.
731  */
732 
disk_change(int drive)733 static int disk_change(int drive)
734 {
735 	int fdc = FDC(drive);
736 
737 	if (time_before(jiffies, drive_state[drive].select_date + drive_params[drive].select_delay))
738 		DPRINT("WARNING disk change called early\n");
739 	if (!(fdc_state[fdc].dor & (0x10 << UNIT(drive))) ||
740 	    (fdc_state[fdc].dor & 3) != UNIT(drive) || fdc != FDC(drive)) {
741 		DPRINT("probing disk change on unselected drive\n");
742 		DPRINT("drive=%d fdc=%d dor=%x\n", drive, FDC(drive),
743 		       (unsigned int)fdc_state[fdc].dor);
744 	}
745 
746 	debug_dcl(drive_params[drive].flags,
747 		  "checking disk change line for drive %d\n", drive);
748 	debug_dcl(drive_params[drive].flags, "jiffies=%lu\n", jiffies);
749 	debug_dcl(drive_params[drive].flags, "disk change line=%x\n",
750 		  fdc_inb(fdc, FD_DIR) & 0x80);
751 	debug_dcl(drive_params[drive].flags, "flags=%lx\n",
752 		  drive_state[drive].flags);
753 
754 	if (drive_params[drive].flags & FD_BROKEN_DCL)
755 		return test_bit(FD_DISK_CHANGED_BIT,
756 				&drive_state[drive].flags);
757 	if ((fdc_inb(fdc, FD_DIR) ^ drive_params[drive].flags) & 0x80) {
758 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
759 					/* verify write protection */
760 
761 		if (drive_state[drive].maxblock)	/* mark it changed */
762 			set_bit(FD_DISK_CHANGED_BIT,
763 				&drive_state[drive].flags);
764 
765 		/* invalidate its geometry */
766 		if (drive_state[drive].keep_data >= 0) {
767 			if ((drive_params[drive].flags & FTD_MSG) &&
768 			    current_type[drive] != NULL)
769 				DPRINT("Disk type is undefined after disk change\n");
770 			current_type[drive] = NULL;
771 			floppy_sizes[TOMINOR(drive)] = MAX_DISK_SIZE << 1;
772 		}
773 
774 		return 1;
775 	} else {
776 		drive_state[drive].last_checked = jiffies;
777 		clear_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[drive].flags);
778 	}
779 	return 0;
780 }
781 
is_selected(int dor,int unit)782 static inline int is_selected(int dor, int unit)
783 {
784 	return ((dor & (0x10 << unit)) && (dor & 3) == unit);
785 }
786 
is_ready_state(int status)787 static bool is_ready_state(int status)
788 {
789 	int state = status & (STATUS_READY | STATUS_DIR | STATUS_DMA);
790 	return state == STATUS_READY;
791 }
792 
set_dor(int fdc,char mask,char data)793 static int set_dor(int fdc, char mask, char data)
794 {
795 	unsigned char unit;
796 	unsigned char drive;
797 	unsigned char newdor;
798 	unsigned char olddor;
799 
800 	if (fdc_state[fdc].address == -1)
801 		return -1;
802 
803 	olddor = fdc_state[fdc].dor;
804 	newdor = (olddor & mask) | data;
805 	if (newdor != olddor) {
806 		unit = olddor & 0x3;
807 		if (is_selected(olddor, unit) && !is_selected(newdor, unit)) {
808 			drive = REVDRIVE(fdc, unit);
809 			debug_dcl(drive_params[drive].flags,
810 				  "calling disk change from set_dor\n");
811 			disk_change(drive);
812 		}
813 		fdc_state[fdc].dor = newdor;
814 		fdc_outb(newdor, fdc, FD_DOR);
815 
816 		unit = newdor & 0x3;
817 		if (!is_selected(olddor, unit) && is_selected(newdor, unit)) {
818 			drive = REVDRIVE(fdc, unit);
819 			drive_state[drive].select_date = jiffies;
820 		}
821 	}
822 	return olddor;
823 }
824 
twaddle(int fdc,int drive)825 static void twaddle(int fdc, int drive)
826 {
827 	if (drive_params[drive].select_delay)
828 		return;
829 	fdc_outb(fdc_state[fdc].dor & ~(0x10 << UNIT(drive)),
830 		 fdc, FD_DOR);
831 	fdc_outb(fdc_state[fdc].dor, fdc, FD_DOR);
832 	drive_state[drive].select_date = jiffies;
833 }
834 
835 /*
836  * Reset all driver information about the specified fdc.
837  * This is needed after a reset, and after a raw command.
838  */
reset_fdc_info(int fdc,int mode)839 static void reset_fdc_info(int fdc, int mode)
840 {
841 	int drive;
842 
843 	fdc_state[fdc].spec1 = fdc_state[fdc].spec2 = -1;
844 	fdc_state[fdc].need_configure = 1;
845 	fdc_state[fdc].perp_mode = 1;
846 	fdc_state[fdc].rawcmd = 0;
847 	for (drive = 0; drive < N_DRIVE; drive++)
848 		if (FDC(drive) == fdc &&
849 		    (mode || drive_state[drive].track != NEED_1_RECAL))
850 			drive_state[drive].track = NEED_2_RECAL;
851 }
852 
853 /*
854  * selects the fdc and drive, and enables the fdc's input/dma.
855  * Both current_drive and current_fdc are changed to match the new drive.
856  */
set_fdc(int drive)857 static void set_fdc(int drive)
858 {
859 	unsigned int fdc;
860 
861 	if (drive < 0 || drive >= N_DRIVE) {
862 		pr_info("bad drive value %d\n", drive);
863 		return;
864 	}
865 
866 	fdc = FDC(drive);
867 	if (fdc >= N_FDC) {
868 		pr_info("bad fdc value\n");
869 		return;
870 	}
871 
872 	set_dor(fdc, ~0, 8);
873 #if N_FDC > 1
874 	set_dor(1 - fdc, ~8, 0);
875 #endif
876 	if (fdc_state[fdc].rawcmd == 2)
877 		reset_fdc_info(fdc, 1);
878 	if (fdc_inb(fdc, FD_STATUS) != STATUS_READY)
879 		fdc_state[fdc].reset = 1;
880 
881 	current_drive = drive;
882 	current_fdc = fdc;
883 }
884 
885 /*
886  * locks the driver.
887  * Both current_drive and current_fdc are changed to match the new drive.
888  */
lock_fdc(int drive)889 static int lock_fdc(int drive)
890 {
891 	if (WARN(atomic_read(&usage_count) == 0,
892 		 "Trying to lock fdc while usage count=0\n"))
893 		return -1;
894 
895 	if (wait_event_interruptible(fdc_wait, !test_and_set_bit(0, &fdc_busy)))
896 		return -EINTR;
897 
898 	command_status = FD_COMMAND_NONE;
899 
900 	reschedule_timeout(drive, "lock fdc");
901 	set_fdc(drive);
902 	return 0;
903 }
904 
905 /* unlocks the driver */
unlock_fdc(void)906 static void unlock_fdc(void)
907 {
908 	if (!test_bit(0, &fdc_busy))
909 		DPRINT("FDC access conflict!\n");
910 
911 	raw_cmd = NULL;
912 	command_status = FD_COMMAND_NONE;
913 	cancel_delayed_work(&fd_timeout);
914 	do_floppy = NULL;
915 	cont = NULL;
916 	clear_bit(0, &fdc_busy);
917 	wake_up(&fdc_wait);
918 }
919 
920 /* switches the motor off after a given timeout */
motor_off_callback(struct timer_list * t)921 static void motor_off_callback(struct timer_list *t)
922 {
923 	unsigned long nr = t - motor_off_timer;
924 	unsigned char mask = ~(0x10 << UNIT(nr));
925 
926 	if (WARN_ON_ONCE(nr >= N_DRIVE))
927 		return;
928 
929 	set_dor(FDC(nr), mask, 0);
930 }
931 
932 /* schedules motor off */
floppy_off(unsigned int drive)933 static void floppy_off(unsigned int drive)
934 {
935 	unsigned long volatile delta;
936 	int fdc = FDC(drive);
937 
938 	if (!(fdc_state[fdc].dor & (0x10 << UNIT(drive))))
939 		return;
940 
941 	del_timer(motor_off_timer + drive);
942 
943 	/* make spindle stop in a position which minimizes spinup time
944 	 * next time */
945 	if (drive_params[drive].rps) {
946 		delta = jiffies - drive_state[drive].first_read_date + HZ -
947 		    drive_params[drive].spindown_offset;
948 		delta = ((delta * drive_params[drive].rps) % HZ) / drive_params[drive].rps;
949 		motor_off_timer[drive].expires =
950 		    jiffies + drive_params[drive].spindown - delta;
951 	}
952 	add_timer(motor_off_timer + drive);
953 }
954 
955 /*
956  * cycle through all N_DRIVE floppy drives, for disk change testing.
957  * stopping at current drive. This is done before any long operation, to
958  * be sure to have up to date disk change information.
959  */
scandrives(void)960 static void scandrives(void)
961 {
962 	int i;
963 	int drive;
964 	int saved_drive;
965 
966 	if (drive_params[current_drive].select_delay)
967 		return;
968 
969 	saved_drive = current_drive;
970 	for (i = 0; i < N_DRIVE; i++) {
971 		drive = (saved_drive + i + 1) % N_DRIVE;
972 		if (drive_state[drive].fd_ref == 0 || drive_params[drive].select_delay != 0)
973 			continue;	/* skip closed drives */
974 		set_fdc(drive);
975 		if (!(set_dor(current_fdc, ~3, UNIT(drive) | (0x10 << UNIT(drive))) &
976 		      (0x10 << UNIT(drive))))
977 			/* switch the motor off again, if it was off to
978 			 * begin with */
979 			set_dor(current_fdc, ~(0x10 << UNIT(drive)), 0);
980 	}
981 	set_fdc(saved_drive);
982 }
983 
empty(void)984 static void empty(void)
985 {
986 }
987 
988 static void (*floppy_work_fn)(void);
989 
floppy_work_workfn(struct work_struct * work)990 static void floppy_work_workfn(struct work_struct *work)
991 {
992 	floppy_work_fn();
993 }
994 
995 static DECLARE_WORK(floppy_work, floppy_work_workfn);
996 
schedule_bh(void (* handler)(void))997 static void schedule_bh(void (*handler)(void))
998 {
999 	WARN_ON(work_pending(&floppy_work));
1000 
1001 	floppy_work_fn = handler;
1002 	queue_work(floppy_wq, &floppy_work);
1003 }
1004 
1005 static void (*fd_timer_fn)(void) = NULL;
1006 
fd_timer_workfn(struct work_struct * work)1007 static void fd_timer_workfn(struct work_struct *work)
1008 {
1009 	fd_timer_fn();
1010 }
1011 
1012 static DECLARE_DELAYED_WORK(fd_timer, fd_timer_workfn);
1013 
cancel_activity(void)1014 static void cancel_activity(void)
1015 {
1016 	do_floppy = NULL;
1017 	cancel_delayed_work(&fd_timer);
1018 	cancel_work_sync(&floppy_work);
1019 }
1020 
1021 /* this function makes sure that the disk stays in the drive during the
1022  * transfer */
fd_watchdog(void)1023 static void fd_watchdog(void)
1024 {
1025 	debug_dcl(drive_params[current_drive].flags,
1026 		  "calling disk change from watchdog\n");
1027 
1028 	if (disk_change(current_drive)) {
1029 		DPRINT("disk removed during i/o\n");
1030 		cancel_activity();
1031 		cont->done(0);
1032 		reset_fdc();
1033 	} else {
1034 		cancel_delayed_work(&fd_timer);
1035 		fd_timer_fn = fd_watchdog;
1036 		queue_delayed_work(floppy_wq, &fd_timer, HZ / 10);
1037 	}
1038 }
1039 
main_command_interrupt(void)1040 static void main_command_interrupt(void)
1041 {
1042 	cancel_delayed_work(&fd_timer);
1043 	cont->interrupt();
1044 }
1045 
1046 /* waits for a delay (spinup or select) to pass */
fd_wait_for_completion(unsigned long expires,void (* function)(void))1047 static int fd_wait_for_completion(unsigned long expires,
1048 				  void (*function)(void))
1049 {
1050 	if (fdc_state[current_fdc].reset) {
1051 		reset_fdc();	/* do the reset during sleep to win time
1052 				 * if we don't need to sleep, it's a good
1053 				 * occasion anyways */
1054 		return 1;
1055 	}
1056 
1057 	if (time_before(jiffies, expires)) {
1058 		cancel_delayed_work(&fd_timer);
1059 		fd_timer_fn = function;
1060 		queue_delayed_work(floppy_wq, &fd_timer, expires - jiffies);
1061 		return 1;
1062 	}
1063 	return 0;
1064 }
1065 
setup_DMA(void)1066 static void setup_DMA(void)
1067 {
1068 	unsigned long f;
1069 
1070 	if (raw_cmd->length == 0) {
1071 		print_hex_dump(KERN_INFO, "zero dma transfer size: ",
1072 			       DUMP_PREFIX_NONE, 16, 1,
1073 			       raw_cmd->fullcmd, raw_cmd->cmd_count, false);
1074 		cont->done(0);
1075 		fdc_state[current_fdc].reset = 1;
1076 		return;
1077 	}
1078 	if (((unsigned long)raw_cmd->kernel_data) % 512) {
1079 		pr_info("non aligned address: %p\n", raw_cmd->kernel_data);
1080 		cont->done(0);
1081 		fdc_state[current_fdc].reset = 1;
1082 		return;
1083 	}
1084 	f = claim_dma_lock();
1085 	fd_disable_dma();
1086 #ifdef fd_dma_setup
1087 	if (fd_dma_setup(raw_cmd->kernel_data, raw_cmd->length,
1088 			 (raw_cmd->flags & FD_RAW_READ) ?
1089 			 DMA_MODE_READ : DMA_MODE_WRITE,
1090 			 fdc_state[current_fdc].address) < 0) {
1091 		release_dma_lock(f);
1092 		cont->done(0);
1093 		fdc_state[current_fdc].reset = 1;
1094 		return;
1095 	}
1096 	release_dma_lock(f);
1097 #else
1098 	fd_clear_dma_ff();
1099 	fd_cacheflush(raw_cmd->kernel_data, raw_cmd->length);
1100 	fd_set_dma_mode((raw_cmd->flags & FD_RAW_READ) ?
1101 			DMA_MODE_READ : DMA_MODE_WRITE);
1102 	fd_set_dma_addr(raw_cmd->kernel_data);
1103 	fd_set_dma_count(raw_cmd->length);
1104 	virtual_dma_port = fdc_state[current_fdc].address;
1105 	fd_enable_dma();
1106 	release_dma_lock(f);
1107 #endif
1108 }
1109 
1110 static void show_floppy(int fdc);
1111 
1112 /* waits until the fdc becomes ready */
wait_til_ready(int fdc)1113 static int wait_til_ready(int fdc)
1114 {
1115 	int status;
1116 	int counter;
1117 
1118 	if (fdc_state[fdc].reset)
1119 		return -1;
1120 	for (counter = 0; counter < 10000; counter++) {
1121 		status = fdc_inb(fdc, FD_STATUS);
1122 		if (status & STATUS_READY)
1123 			return status;
1124 	}
1125 	if (initialized) {
1126 		DPRINT("Getstatus times out (%x) on fdc %d\n", status, fdc);
1127 		show_floppy(fdc);
1128 	}
1129 	fdc_state[fdc].reset = 1;
1130 	return -1;
1131 }
1132 
1133 /* sends a command byte to the fdc */
output_byte(int fdc,char byte)1134 static int output_byte(int fdc, char byte)
1135 {
1136 	int status = wait_til_ready(fdc);
1137 
1138 	if (status < 0)
1139 		return -1;
1140 
1141 	if (is_ready_state(status)) {
1142 		fdc_outb(byte, fdc, FD_DATA);
1143 		output_log[output_log_pos].data = byte;
1144 		output_log[output_log_pos].status = status;
1145 		output_log[output_log_pos].jiffies = jiffies;
1146 		output_log_pos = (output_log_pos + 1) % OLOGSIZE;
1147 		return 0;
1148 	}
1149 	fdc_state[fdc].reset = 1;
1150 	if (initialized) {
1151 		DPRINT("Unable to send byte %x to FDC. Fdc=%x Status=%x\n",
1152 		       byte, fdc, status);
1153 		show_floppy(fdc);
1154 	}
1155 	return -1;
1156 }
1157 
1158 /* gets the response from the fdc */
result(int fdc)1159 static int result(int fdc)
1160 {
1161 	int i;
1162 	int status = 0;
1163 
1164 	for (i = 0; i < FD_RAW_REPLY_SIZE; i++) {
1165 		status = wait_til_ready(fdc);
1166 		if (status < 0)
1167 			break;
1168 		status &= STATUS_DIR | STATUS_READY | STATUS_BUSY | STATUS_DMA;
1169 		if ((status & ~STATUS_BUSY) == STATUS_READY) {
1170 			resultjiffies = jiffies;
1171 			resultsize = i;
1172 			return i;
1173 		}
1174 		if (status == (STATUS_DIR | STATUS_READY | STATUS_BUSY))
1175 			reply_buffer[i] = fdc_inb(fdc, FD_DATA);
1176 		else
1177 			break;
1178 	}
1179 	if (initialized) {
1180 		DPRINT("get result error. Fdc=%d Last status=%x Read bytes=%d\n",
1181 		       fdc, status, i);
1182 		show_floppy(fdc);
1183 	}
1184 	fdc_state[fdc].reset = 1;
1185 	return -1;
1186 }
1187 
1188 #define MORE_OUTPUT -2
1189 /* does the fdc need more output? */
need_more_output(int fdc)1190 static int need_more_output(int fdc)
1191 {
1192 	int status = wait_til_ready(fdc);
1193 
1194 	if (status < 0)
1195 		return -1;
1196 
1197 	if (is_ready_state(status))
1198 		return MORE_OUTPUT;
1199 
1200 	return result(fdc);
1201 }
1202 
1203 /* Set perpendicular mode as required, based on data rate, if supported.
1204  * 82077 Now tested. 1Mbps data rate only possible with 82077-1.
1205  */
perpendicular_mode(int fdc)1206 static void perpendicular_mode(int fdc)
1207 {
1208 	unsigned char perp_mode;
1209 
1210 	if (raw_cmd->rate & 0x40) {
1211 		switch (raw_cmd->rate & 3) {
1212 		case 0:
1213 			perp_mode = 2;
1214 			break;
1215 		case 3:
1216 			perp_mode = 3;
1217 			break;
1218 		default:
1219 			DPRINT("Invalid data rate for perpendicular mode!\n");
1220 			cont->done(0);
1221 			fdc_state[fdc].reset = 1;
1222 					/*
1223 					 * convenient way to return to
1224 					 * redo without too much hassle
1225 					 * (deep stack et al.)
1226 					 */
1227 			return;
1228 		}
1229 	} else
1230 		perp_mode = 0;
1231 
1232 	if (fdc_state[fdc].perp_mode == perp_mode)
1233 		return;
1234 	if (fdc_state[fdc].version >= FDC_82077_ORIG) {
1235 		output_byte(fdc, FD_PERPENDICULAR);
1236 		output_byte(fdc, perp_mode);
1237 		fdc_state[fdc].perp_mode = perp_mode;
1238 	} else if (perp_mode) {
1239 		DPRINT("perpendicular mode not supported by this FDC.\n");
1240 	}
1241 }				/* perpendicular_mode */
1242 
1243 static int fifo_depth = 0xa;
1244 static int no_fifo;
1245 
fdc_configure(int fdc)1246 static int fdc_configure(int fdc)
1247 {
1248 	/* Turn on FIFO */
1249 	output_byte(fdc, FD_CONFIGURE);
1250 	if (need_more_output(fdc) != MORE_OUTPUT)
1251 		return 0;
1252 	output_byte(fdc, 0);
1253 	output_byte(fdc, 0x10 | (no_fifo & 0x20) | (fifo_depth & 0xf));
1254 	output_byte(fdc, 0);    /* pre-compensation from track 0 upwards */
1255 	return 1;
1256 }
1257 
1258 #define NOMINAL_DTR 500
1259 
1260 /* Issue a "SPECIFY" command to set the step rate time, head unload time,
1261  * head load time, and DMA disable flag to values needed by floppy.
1262  *
1263  * The value "dtr" is the data transfer rate in Kbps.  It is needed
1264  * to account for the data rate-based scaling done by the 82072 and 82077
1265  * FDC types.  This parameter is ignored for other types of FDCs (i.e.
1266  * 8272a).
1267  *
1268  * Note that changing the data transfer rate has a (probably deleterious)
1269  * effect on the parameters subject to scaling for 82072/82077 FDCs, so
1270  * fdc_specify is called again after each data transfer rate
1271  * change.
1272  *
1273  * srt: 1000 to 16000 in microseconds
1274  * hut: 16 to 240 milliseconds
1275  * hlt: 2 to 254 milliseconds
1276  *
1277  * These values are rounded up to the next highest available delay time.
1278  */
fdc_specify(int fdc,int drive)1279 static void fdc_specify(int fdc, int drive)
1280 {
1281 	unsigned char spec1;
1282 	unsigned char spec2;
1283 	unsigned long srt;
1284 	unsigned long hlt;
1285 	unsigned long hut;
1286 	unsigned long dtr = NOMINAL_DTR;
1287 	unsigned long scale_dtr = NOMINAL_DTR;
1288 	int hlt_max_code = 0x7f;
1289 	int hut_max_code = 0xf;
1290 
1291 	if (fdc_state[fdc].need_configure &&
1292 	    fdc_state[fdc].version >= FDC_82072A) {
1293 		fdc_configure(fdc);
1294 		fdc_state[fdc].need_configure = 0;
1295 	}
1296 
1297 	switch (raw_cmd->rate & 0x03) {
1298 	case 3:
1299 		dtr = 1000;
1300 		break;
1301 	case 1:
1302 		dtr = 300;
1303 		if (fdc_state[fdc].version >= FDC_82078) {
1304 			/* chose the default rate table, not the one
1305 			 * where 1 = 2 Mbps */
1306 			output_byte(fdc, FD_DRIVESPEC);
1307 			if (need_more_output(fdc) == MORE_OUTPUT) {
1308 				output_byte(fdc, UNIT(drive));
1309 				output_byte(fdc, 0xc0);
1310 			}
1311 		}
1312 		break;
1313 	case 2:
1314 		dtr = 250;
1315 		break;
1316 	}
1317 
1318 	if (fdc_state[fdc].version >= FDC_82072) {
1319 		scale_dtr = dtr;
1320 		hlt_max_code = 0x00;	/* 0==256msec*dtr0/dtr (not linear!) */
1321 		hut_max_code = 0x0;	/* 0==256msec*dtr0/dtr (not linear!) */
1322 	}
1323 
1324 	/* Convert step rate from microseconds to milliseconds and 4 bits */
1325 	srt = 16 - DIV_ROUND_UP(drive_params[drive].srt * scale_dtr / 1000,
1326 				NOMINAL_DTR);
1327 	if (slow_floppy)
1328 		srt = srt / 4;
1329 
1330 	SUPBOUND(srt, 0xf);
1331 	INFBOUND(srt, 0);
1332 
1333 	hlt = DIV_ROUND_UP(drive_params[drive].hlt * scale_dtr / 2,
1334 			   NOMINAL_DTR);
1335 	if (hlt < 0x01)
1336 		hlt = 0x01;
1337 	else if (hlt > 0x7f)
1338 		hlt = hlt_max_code;
1339 
1340 	hut = DIV_ROUND_UP(drive_params[drive].hut * scale_dtr / 16,
1341 			   NOMINAL_DTR);
1342 	if (hut < 0x1)
1343 		hut = 0x1;
1344 	else if (hut > 0xf)
1345 		hut = hut_max_code;
1346 
1347 	spec1 = (srt << 4) | hut;
1348 	spec2 = (hlt << 1) | (use_virtual_dma & 1);
1349 
1350 	/* If these parameters did not change, just return with success */
1351 	if (fdc_state[fdc].spec1 != spec1 ||
1352 	    fdc_state[fdc].spec2 != spec2) {
1353 		/* Go ahead and set spec1 and spec2 */
1354 		output_byte(fdc, FD_SPECIFY);
1355 		output_byte(fdc, fdc_state[fdc].spec1 = spec1);
1356 		output_byte(fdc, fdc_state[fdc].spec2 = spec2);
1357 	}
1358 }				/* fdc_specify */
1359 
1360 /* Set the FDC's data transfer rate on behalf of the specified drive.
1361  * NOTE: with 82072/82077 FDCs, changing the data rate requires a reissue
1362  * of the specify command (i.e. using the fdc_specify function).
1363  */
fdc_dtr(void)1364 static int fdc_dtr(void)
1365 {
1366 	/* If data rate not already set to desired value, set it. */
1367 	if ((raw_cmd->rate & 3) == fdc_state[current_fdc].dtr)
1368 		return 0;
1369 
1370 	/* Set dtr */
1371 	fdc_outb(raw_cmd->rate & 3, current_fdc, FD_DCR);
1372 
1373 	/* TODO: some FDC/drive combinations (C&T 82C711 with TEAC 1.2MB)
1374 	 * need a stabilization period of several milliseconds to be
1375 	 * enforced after data rate changes before R/W operations.
1376 	 * Pause 5 msec to avoid trouble. (Needs to be 2 jiffies)
1377 	 */
1378 	fdc_state[current_fdc].dtr = raw_cmd->rate & 3;
1379 	return fd_wait_for_completion(jiffies + 2UL * HZ / 100, floppy_ready);
1380 }				/* fdc_dtr */
1381 
tell_sector(void)1382 static void tell_sector(void)
1383 {
1384 	pr_cont(": track %d, head %d, sector %d, size %d",
1385 		reply_buffer[R_TRACK], reply_buffer[R_HEAD],
1386 		reply_buffer[R_SECTOR],
1387 		reply_buffer[R_SIZECODE]);
1388 }				/* tell_sector */
1389 
print_errors(void)1390 static void print_errors(void)
1391 {
1392 	DPRINT("");
1393 	if (reply_buffer[ST0] & ST0_ECE) {
1394 		pr_cont("Recalibrate failed!");
1395 	} else if (reply_buffer[ST2] & ST2_CRC) {
1396 		pr_cont("data CRC error");
1397 		tell_sector();
1398 	} else if (reply_buffer[ST1] & ST1_CRC) {
1399 		pr_cont("CRC error");
1400 		tell_sector();
1401 	} else if ((reply_buffer[ST1] & (ST1_MAM | ST1_ND)) ||
1402 		   (reply_buffer[ST2] & ST2_MAM)) {
1403 		if (!probing) {
1404 			pr_cont("sector not found");
1405 			tell_sector();
1406 		} else
1407 			pr_cont("probe failed...");
1408 	} else if (reply_buffer[ST2] & ST2_WC) {	/* seek error */
1409 		pr_cont("wrong cylinder");
1410 	} else if (reply_buffer[ST2] & ST2_BC) {	/* cylinder marked as bad */
1411 		pr_cont("bad cylinder");
1412 	} else {
1413 		pr_cont("unknown error. ST[0..2] are: 0x%x 0x%x 0x%x",
1414 			reply_buffer[ST0], reply_buffer[ST1],
1415 			reply_buffer[ST2]);
1416 		tell_sector();
1417 	}
1418 	pr_cont("\n");
1419 }
1420 
1421 /*
1422  * OK, this error interpreting routine is called after a
1423  * DMA read/write has succeeded
1424  * or failed, so we check the results, and copy any buffers.
1425  * hhb: Added better error reporting.
1426  * ak: Made this into a separate routine.
1427  */
interpret_errors(void)1428 static int interpret_errors(void)
1429 {
1430 	char bad;
1431 
1432 	if (inr != 7) {
1433 		DPRINT("-- FDC reply error\n");
1434 		fdc_state[current_fdc].reset = 1;
1435 		return 1;
1436 	}
1437 
1438 	/* check IC to find cause of interrupt */
1439 	switch (reply_buffer[ST0] & ST0_INTR) {
1440 	case 0x40:		/* error occurred during command execution */
1441 		if (reply_buffer[ST1] & ST1_EOC)
1442 			return 0;	/* occurs with pseudo-DMA */
1443 		bad = 1;
1444 		if (reply_buffer[ST1] & ST1_WP) {
1445 			DPRINT("Drive is write protected\n");
1446 			clear_bit(FD_DISK_WRITABLE_BIT,
1447 				  &drive_state[current_drive].flags);
1448 			cont->done(0);
1449 			bad = 2;
1450 		} else if (reply_buffer[ST1] & ST1_ND) {
1451 			set_bit(FD_NEED_TWADDLE_BIT,
1452 				&drive_state[current_drive].flags);
1453 		} else if (reply_buffer[ST1] & ST1_OR) {
1454 			if (drive_params[current_drive].flags & FTD_MSG)
1455 				DPRINT("Over/Underrun - retrying\n");
1456 			bad = 0;
1457 		} else if (floppy_errors >= drive_params[current_drive].max_errors.reporting) {
1458 			print_errors();
1459 		}
1460 		if (reply_buffer[ST2] & ST2_WC || reply_buffer[ST2] & ST2_BC)
1461 			/* wrong cylinder => recal */
1462 			drive_state[current_drive].track = NEED_2_RECAL;
1463 		return bad;
1464 	case 0x80:		/* invalid command given */
1465 		DPRINT("Invalid FDC command given!\n");
1466 		cont->done(0);
1467 		return 2;
1468 	case 0xc0:
1469 		DPRINT("Abnormal termination caused by polling\n");
1470 		cont->error();
1471 		return 2;
1472 	default:		/* (0) Normal command termination */
1473 		return 0;
1474 	}
1475 }
1476 
1477 /*
1478  * This routine is called when everything should be correctly set up
1479  * for the transfer (i.e. floppy motor is on, the correct floppy is
1480  * selected, and the head is sitting on the right track).
1481  */
setup_rw_floppy(void)1482 static void setup_rw_floppy(void)
1483 {
1484 	int i;
1485 	int r;
1486 	int flags;
1487 	unsigned long ready_date;
1488 	void (*function)(void);
1489 
1490 	flags = raw_cmd->flags;
1491 	if (flags & (FD_RAW_READ | FD_RAW_WRITE))
1492 		flags |= FD_RAW_INTR;
1493 
1494 	if ((flags & FD_RAW_SPIN) && !(flags & FD_RAW_NO_MOTOR)) {
1495 		ready_date = drive_state[current_drive].spinup_date + drive_params[current_drive].spinup;
1496 		/* If spinup will take a long time, rerun scandrives
1497 		 * again just before spinup completion. Beware that
1498 		 * after scandrives, we must again wait for selection.
1499 		 */
1500 		if (time_after(ready_date, jiffies + drive_params[current_drive].select_delay)) {
1501 			ready_date -= drive_params[current_drive].select_delay;
1502 			function = floppy_start;
1503 		} else
1504 			function = setup_rw_floppy;
1505 
1506 		/* wait until the floppy is spinning fast enough */
1507 		if (fd_wait_for_completion(ready_date, function))
1508 			return;
1509 	}
1510 	if ((flags & FD_RAW_READ) || (flags & FD_RAW_WRITE))
1511 		setup_DMA();
1512 
1513 	if (flags & FD_RAW_INTR)
1514 		do_floppy = main_command_interrupt;
1515 
1516 	r = 0;
1517 	for (i = 0; i < raw_cmd->cmd_count; i++)
1518 		r |= output_byte(current_fdc, raw_cmd->fullcmd[i]);
1519 
1520 	debugt(__func__, "rw_command");
1521 
1522 	if (r) {
1523 		cont->error();
1524 		reset_fdc();
1525 		return;
1526 	}
1527 
1528 	if (!(flags & FD_RAW_INTR)) {
1529 		inr = result(current_fdc);
1530 		cont->interrupt();
1531 	} else if (flags & FD_RAW_NEED_DISK)
1532 		fd_watchdog();
1533 }
1534 
1535 static int blind_seek;
1536 
1537 /*
1538  * This is the routine called after every seek (or recalibrate) interrupt
1539  * from the floppy controller.
1540  */
seek_interrupt(void)1541 static void seek_interrupt(void)
1542 {
1543 	debugt(__func__, "");
1544 	if (inr != 2 || (reply_buffer[ST0] & 0xF8) != 0x20) {
1545 		DPRINT("seek failed\n");
1546 		drive_state[current_drive].track = NEED_2_RECAL;
1547 		cont->error();
1548 		cont->redo();
1549 		return;
1550 	}
1551 	if (drive_state[current_drive].track >= 0 &&
1552 	    drive_state[current_drive].track != reply_buffer[ST1] &&
1553 	    !blind_seek) {
1554 		debug_dcl(drive_params[current_drive].flags,
1555 			  "clearing NEWCHANGE flag because of effective seek\n");
1556 		debug_dcl(drive_params[current_drive].flags, "jiffies=%lu\n",
1557 			  jiffies);
1558 		clear_bit(FD_DISK_NEWCHANGE_BIT,
1559 			  &drive_state[current_drive].flags);
1560 					/* effective seek */
1561 		drive_state[current_drive].select_date = jiffies;
1562 	}
1563 	drive_state[current_drive].track = reply_buffer[ST1];
1564 	floppy_ready();
1565 }
1566 
check_wp(int fdc,int drive)1567 static void check_wp(int fdc, int drive)
1568 {
1569 	if (test_bit(FD_VERIFY_BIT, &drive_state[drive].flags)) {
1570 					/* check write protection */
1571 		output_byte(fdc, FD_GETSTATUS);
1572 		output_byte(fdc, UNIT(drive));
1573 		if (result(fdc) != 1) {
1574 			fdc_state[fdc].reset = 1;
1575 			return;
1576 		}
1577 		clear_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
1578 		clear_bit(FD_NEED_TWADDLE_BIT,
1579 			  &drive_state[drive].flags);
1580 		debug_dcl(drive_params[drive].flags,
1581 			  "checking whether disk is write protected\n");
1582 		debug_dcl(drive_params[drive].flags, "wp=%x\n",
1583 			  reply_buffer[ST3] & 0x40);
1584 		if (!(reply_buffer[ST3] & 0x40))
1585 			set_bit(FD_DISK_WRITABLE_BIT,
1586 				&drive_state[drive].flags);
1587 		else
1588 			clear_bit(FD_DISK_WRITABLE_BIT,
1589 				  &drive_state[drive].flags);
1590 	}
1591 }
1592 
seek_floppy(void)1593 static void seek_floppy(void)
1594 {
1595 	int track;
1596 
1597 	blind_seek = 0;
1598 
1599 	debug_dcl(drive_params[current_drive].flags,
1600 		  "calling disk change from %s\n", __func__);
1601 
1602 	if (!test_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags) &&
1603 	    disk_change(current_drive) && (raw_cmd->flags & FD_RAW_NEED_DISK)) {
1604 		/* the media changed flag should be cleared after the seek.
1605 		 * If it isn't, this means that there is really no disk in
1606 		 * the drive.
1607 		 */
1608 		set_bit(FD_DISK_CHANGED_BIT,
1609 			&drive_state[current_drive].flags);
1610 		cont->done(0);
1611 		cont->redo();
1612 		return;
1613 	}
1614 	if (drive_state[current_drive].track <= NEED_1_RECAL) {
1615 		recalibrate_floppy();
1616 		return;
1617 	} else if (test_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags) &&
1618 		   (raw_cmd->flags & FD_RAW_NEED_DISK) &&
1619 		   (drive_state[current_drive].track <= NO_TRACK || drive_state[current_drive].track == raw_cmd->track)) {
1620 		/* we seek to clear the media-changed condition. Does anybody
1621 		 * know a more elegant way, which works on all drives? */
1622 		if (raw_cmd->track)
1623 			track = raw_cmd->track - 1;
1624 		else {
1625 			if (drive_params[current_drive].flags & FD_SILENT_DCL_CLEAR) {
1626 				set_dor(current_fdc, ~(0x10 << UNIT(current_drive)), 0);
1627 				blind_seek = 1;
1628 				raw_cmd->flags |= FD_RAW_NEED_SEEK;
1629 			}
1630 			track = 1;
1631 		}
1632 	} else {
1633 		check_wp(current_fdc, current_drive);
1634 		if (raw_cmd->track != drive_state[current_drive].track &&
1635 		    (raw_cmd->flags & FD_RAW_NEED_SEEK))
1636 			track = raw_cmd->track;
1637 		else {
1638 			setup_rw_floppy();
1639 			return;
1640 		}
1641 	}
1642 
1643 	do_floppy = seek_interrupt;
1644 	output_byte(current_fdc, FD_SEEK);
1645 	output_byte(current_fdc, UNIT(current_drive));
1646 	if (output_byte(current_fdc, track) < 0) {
1647 		reset_fdc();
1648 		return;
1649 	}
1650 	debugt(__func__, "");
1651 }
1652 
recal_interrupt(void)1653 static void recal_interrupt(void)
1654 {
1655 	debugt(__func__, "");
1656 	if (inr != 2)
1657 		fdc_state[current_fdc].reset = 1;
1658 	else if (reply_buffer[ST0] & ST0_ECE) {
1659 		switch (drive_state[current_drive].track) {
1660 		case NEED_1_RECAL:
1661 			debugt(__func__, "need 1 recal");
1662 			/* after a second recalibrate, we still haven't
1663 			 * reached track 0. Probably no drive. Raise an
1664 			 * error, as failing immediately might upset
1665 			 * computers possessed by the Devil :-) */
1666 			cont->error();
1667 			cont->redo();
1668 			return;
1669 		case NEED_2_RECAL:
1670 			debugt(__func__, "need 2 recal");
1671 			/* If we already did a recalibrate,
1672 			 * and we are not at track 0, this
1673 			 * means we have moved. (The only way
1674 			 * not to move at recalibration is to
1675 			 * be already at track 0.) Clear the
1676 			 * new change flag */
1677 			debug_dcl(drive_params[current_drive].flags,
1678 				  "clearing NEWCHANGE flag because of second recalibrate\n");
1679 
1680 			clear_bit(FD_DISK_NEWCHANGE_BIT,
1681 				  &drive_state[current_drive].flags);
1682 			drive_state[current_drive].select_date = jiffies;
1683 			fallthrough;
1684 		default:
1685 			debugt(__func__, "default");
1686 			/* Recalibrate moves the head by at
1687 			 * most 80 steps. If after one
1688 			 * recalibrate we don't have reached
1689 			 * track 0, this might mean that we
1690 			 * started beyond track 80.  Try
1691 			 * again.  */
1692 			drive_state[current_drive].track = NEED_1_RECAL;
1693 			break;
1694 		}
1695 	} else
1696 		drive_state[current_drive].track = reply_buffer[ST1];
1697 	floppy_ready();
1698 }
1699 
print_result(char * message,int inr)1700 static void print_result(char *message, int inr)
1701 {
1702 	int i;
1703 
1704 	DPRINT("%s ", message);
1705 	if (inr >= 0)
1706 		for (i = 0; i < inr; i++)
1707 			pr_cont("repl[%d]=%x ", i, reply_buffer[i]);
1708 	pr_cont("\n");
1709 }
1710 
1711 /* interrupt handler. Note that this can be called externally on the Sparc */
floppy_interrupt(int irq,void * dev_id)1712 irqreturn_t floppy_interrupt(int irq, void *dev_id)
1713 {
1714 	int do_print;
1715 	unsigned long f;
1716 	void (*handler)(void) = do_floppy;
1717 
1718 	lasthandler = handler;
1719 	interruptjiffies = jiffies;
1720 
1721 	f = claim_dma_lock();
1722 	fd_disable_dma();
1723 	release_dma_lock(f);
1724 
1725 	do_floppy = NULL;
1726 	if (current_fdc >= N_FDC || fdc_state[current_fdc].address == -1) {
1727 		/* we don't even know which FDC is the culprit */
1728 		pr_info("DOR0=%x\n", fdc_state[0].dor);
1729 		pr_info("floppy interrupt on bizarre fdc %d\n", current_fdc);
1730 		pr_info("handler=%ps\n", handler);
1731 		is_alive(__func__, "bizarre fdc");
1732 		return IRQ_NONE;
1733 	}
1734 
1735 	fdc_state[current_fdc].reset = 0;
1736 	/* We have to clear the reset flag here, because apparently on boxes
1737 	 * with level triggered interrupts (PS/2, Sparc, ...), it is needed to
1738 	 * emit SENSEI's to clear the interrupt line. And fdc_state[fdc].reset
1739 	 * blocks the emission of the SENSEI's.
1740 	 * It is OK to emit floppy commands because we are in an interrupt
1741 	 * handler here, and thus we have to fear no interference of other
1742 	 * activity.
1743 	 */
1744 
1745 	do_print = !handler && print_unex && initialized;
1746 
1747 	inr = result(current_fdc);
1748 	if (do_print)
1749 		print_result("unexpected interrupt", inr);
1750 	if (inr == 0) {
1751 		int max_sensei = 4;
1752 		do {
1753 			output_byte(current_fdc, FD_SENSEI);
1754 			inr = result(current_fdc);
1755 			if (do_print)
1756 				print_result("sensei", inr);
1757 			max_sensei--;
1758 		} while ((reply_buffer[ST0] & 0x83) != UNIT(current_drive) &&
1759 			 inr == 2 && max_sensei);
1760 	}
1761 	if (!handler) {
1762 		fdc_state[current_fdc].reset = 1;
1763 		return IRQ_NONE;
1764 	}
1765 	schedule_bh(handler);
1766 	is_alive(__func__, "normal interrupt end");
1767 
1768 	/* FIXME! Was it really for us? */
1769 	return IRQ_HANDLED;
1770 }
1771 
recalibrate_floppy(void)1772 static void recalibrate_floppy(void)
1773 {
1774 	debugt(__func__, "");
1775 	do_floppy = recal_interrupt;
1776 	output_byte(current_fdc, FD_RECALIBRATE);
1777 	if (output_byte(current_fdc, UNIT(current_drive)) < 0)
1778 		reset_fdc();
1779 }
1780 
1781 /*
1782  * Must do 4 FD_SENSEIs after reset because of ``drive polling''.
1783  */
reset_interrupt(void)1784 static void reset_interrupt(void)
1785 {
1786 	debugt(__func__, "");
1787 	result(current_fdc);		/* get the status ready for set_fdc */
1788 	if (fdc_state[current_fdc].reset) {
1789 		pr_info("reset set in interrupt, calling %ps\n", cont->error);
1790 		cont->error();	/* a reset just after a reset. BAD! */
1791 	}
1792 	cont->redo();
1793 }
1794 
1795 /*
1796  * reset is done by pulling bit 2 of DOR low for a while (old FDCs),
1797  * or by setting the self clearing bit 7 of STATUS (newer FDCs).
1798  * This WILL trigger an interrupt, causing the handlers in the current
1799  * cont's ->redo() to be called via reset_interrupt().
1800  */
reset_fdc(void)1801 static void reset_fdc(void)
1802 {
1803 	unsigned long flags;
1804 
1805 	do_floppy = reset_interrupt;
1806 	fdc_state[current_fdc].reset = 0;
1807 	reset_fdc_info(current_fdc, 0);
1808 
1809 	/* Pseudo-DMA may intercept 'reset finished' interrupt.  */
1810 	/* Irrelevant for systems with true DMA (i386).          */
1811 
1812 	flags = claim_dma_lock();
1813 	fd_disable_dma();
1814 	release_dma_lock(flags);
1815 
1816 	if (fdc_state[current_fdc].version >= FDC_82072A)
1817 		fdc_outb(0x80 | (fdc_state[current_fdc].dtr & 3),
1818 			 current_fdc, FD_STATUS);
1819 	else {
1820 		fdc_outb(fdc_state[current_fdc].dor & ~0x04, current_fdc, FD_DOR);
1821 		udelay(FD_RESET_DELAY);
1822 		fdc_outb(fdc_state[current_fdc].dor, current_fdc, FD_DOR);
1823 	}
1824 }
1825 
show_floppy(int fdc)1826 static void show_floppy(int fdc)
1827 {
1828 	int i;
1829 
1830 	pr_info("\n");
1831 	pr_info("floppy driver state\n");
1832 	pr_info("-------------------\n");
1833 	pr_info("now=%lu last interrupt=%lu diff=%lu last called handler=%ps\n",
1834 		jiffies, interruptjiffies, jiffies - interruptjiffies,
1835 		lasthandler);
1836 
1837 	pr_info("timeout_message=%s\n", timeout_message);
1838 	pr_info("last output bytes:\n");
1839 	for (i = 0; i < OLOGSIZE; i++)
1840 		pr_info("%2x %2x %lu\n",
1841 			output_log[(i + output_log_pos) % OLOGSIZE].data,
1842 			output_log[(i + output_log_pos) % OLOGSIZE].status,
1843 			output_log[(i + output_log_pos) % OLOGSIZE].jiffies);
1844 	pr_info("last result at %lu\n", resultjiffies);
1845 	pr_info("last redo_fd_request at %lu\n", lastredo);
1846 	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1,
1847 		       reply_buffer, resultsize, true);
1848 
1849 	pr_info("status=%x\n", fdc_inb(fdc, FD_STATUS));
1850 	pr_info("fdc_busy=%lu\n", fdc_busy);
1851 	if (do_floppy)
1852 		pr_info("do_floppy=%ps\n", do_floppy);
1853 	if (work_pending(&floppy_work))
1854 		pr_info("floppy_work.func=%ps\n", floppy_work.func);
1855 	if (delayed_work_pending(&fd_timer))
1856 		pr_info("delayed work.function=%p expires=%ld\n",
1857 		       fd_timer.work.func,
1858 		       fd_timer.timer.expires - jiffies);
1859 	if (delayed_work_pending(&fd_timeout))
1860 		pr_info("timer_function=%p expires=%ld\n",
1861 		       fd_timeout.work.func,
1862 		       fd_timeout.timer.expires - jiffies);
1863 
1864 	pr_info("cont=%p\n", cont);
1865 	pr_info("current_req=%p\n", current_req);
1866 	pr_info("command_status=%d\n", command_status);
1867 	pr_info("\n");
1868 }
1869 
floppy_shutdown(struct work_struct * arg)1870 static void floppy_shutdown(struct work_struct *arg)
1871 {
1872 	unsigned long flags;
1873 
1874 	if (initialized)
1875 		show_floppy(current_fdc);
1876 	cancel_activity();
1877 
1878 	flags = claim_dma_lock();
1879 	fd_disable_dma();
1880 	release_dma_lock(flags);
1881 
1882 	/* avoid dma going to a random drive after shutdown */
1883 
1884 	if (initialized)
1885 		DPRINT("floppy timeout called\n");
1886 	fdc_state[current_fdc].reset = 1;
1887 	if (cont) {
1888 		cont->done(0);
1889 		cont->redo();	/* this will recall reset when needed */
1890 	} else {
1891 		pr_info("no cont in shutdown!\n");
1892 		process_fd_request();
1893 	}
1894 	is_alive(__func__, "");
1895 }
1896 
1897 /* start motor, check media-changed condition and write protection */
start_motor(void (* function)(void))1898 static int start_motor(void (*function)(void))
1899 {
1900 	int mask;
1901 	int data;
1902 
1903 	mask = 0xfc;
1904 	data = UNIT(current_drive);
1905 	if (!(raw_cmd->flags & FD_RAW_NO_MOTOR)) {
1906 		if (!(fdc_state[current_fdc].dor & (0x10 << UNIT(current_drive)))) {
1907 			set_debugt();
1908 			/* no read since this drive is running */
1909 			drive_state[current_drive].first_read_date = 0;
1910 			/* note motor start time if motor is not yet running */
1911 			drive_state[current_drive].spinup_date = jiffies;
1912 			data |= (0x10 << UNIT(current_drive));
1913 		}
1914 	} else if (fdc_state[current_fdc].dor & (0x10 << UNIT(current_drive)))
1915 		mask &= ~(0x10 << UNIT(current_drive));
1916 
1917 	/* starts motor and selects floppy */
1918 	del_timer(motor_off_timer + current_drive);
1919 	set_dor(current_fdc, mask, data);
1920 
1921 	/* wait_for_completion also schedules reset if needed. */
1922 	return fd_wait_for_completion(drive_state[current_drive].select_date + drive_params[current_drive].select_delay,
1923 				      function);
1924 }
1925 
floppy_ready(void)1926 static void floppy_ready(void)
1927 {
1928 	if (fdc_state[current_fdc].reset) {
1929 		reset_fdc();
1930 		return;
1931 	}
1932 	if (start_motor(floppy_ready))
1933 		return;
1934 	if (fdc_dtr())
1935 		return;
1936 
1937 	debug_dcl(drive_params[current_drive].flags,
1938 		  "calling disk change from floppy_ready\n");
1939 	if (!(raw_cmd->flags & FD_RAW_NO_MOTOR) &&
1940 	    disk_change(current_drive) && !drive_params[current_drive].select_delay)
1941 		twaddle(current_fdc, current_drive);	/* this clears the dcl on certain
1942 				 * drive/controller combinations */
1943 
1944 #ifdef fd_chose_dma_mode
1945 	if ((raw_cmd->flags & FD_RAW_READ) || (raw_cmd->flags & FD_RAW_WRITE)) {
1946 		unsigned long flags = claim_dma_lock();
1947 		fd_chose_dma_mode(raw_cmd->kernel_data, raw_cmd->length);
1948 		release_dma_lock(flags);
1949 	}
1950 #endif
1951 
1952 	if (raw_cmd->flags & (FD_RAW_NEED_SEEK | FD_RAW_NEED_DISK)) {
1953 		perpendicular_mode(current_fdc);
1954 		fdc_specify(current_fdc, current_drive); /* must be done here because of hut, hlt ... */
1955 		seek_floppy();
1956 	} else {
1957 		if ((raw_cmd->flags & FD_RAW_READ) ||
1958 		    (raw_cmd->flags & FD_RAW_WRITE))
1959 			fdc_specify(current_fdc, current_drive);
1960 		setup_rw_floppy();
1961 	}
1962 }
1963 
floppy_start(void)1964 static void floppy_start(void)
1965 {
1966 	reschedule_timeout(current_drive, "floppy start");
1967 
1968 	scandrives();
1969 	debug_dcl(drive_params[current_drive].flags,
1970 		  "setting NEWCHANGE in floppy_start\n");
1971 	set_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags);
1972 	floppy_ready();
1973 }
1974 
1975 /*
1976  * ========================================================================
1977  * here ends the bottom half. Exported routines are:
1978  * floppy_start, floppy_off, floppy_ready, lock_fdc, unlock_fdc, set_fdc,
1979  * start_motor, reset_fdc, reset_fdc_info, interpret_errors.
1980  * Initialization also uses output_byte, result, set_dor, floppy_interrupt
1981  * and set_dor.
1982  * ========================================================================
1983  */
1984 /*
1985  * General purpose continuations.
1986  * ==============================
1987  */
1988 
do_wakeup(void)1989 static void do_wakeup(void)
1990 {
1991 	reschedule_timeout(MAXTIMEOUT, "do wakeup");
1992 	cont = NULL;
1993 	command_status += 2;
1994 	wake_up(&command_done);
1995 }
1996 
1997 static const struct cont_t wakeup_cont = {
1998 	.interrupt	= empty,
1999 	.redo		= do_wakeup,
2000 	.error		= empty,
2001 	.done		= (done_f)empty
2002 };
2003 
2004 static const struct cont_t intr_cont = {
2005 	.interrupt	= empty,
2006 	.redo		= process_fd_request,
2007 	.error		= empty,
2008 	.done		= (done_f)empty
2009 };
2010 
2011 /* schedules handler, waiting for completion. May be interrupted, will then
2012  * return -EINTR, in which case the driver will automatically be unlocked.
2013  */
wait_til_done(void (* handler)(void),bool interruptible)2014 static int wait_til_done(void (*handler)(void), bool interruptible)
2015 {
2016 	int ret;
2017 
2018 	schedule_bh(handler);
2019 
2020 	if (interruptible)
2021 		wait_event_interruptible(command_done, command_status >= 2);
2022 	else
2023 		wait_event(command_done, command_status >= 2);
2024 
2025 	if (command_status < 2) {
2026 		cancel_activity();
2027 		cont = &intr_cont;
2028 		reset_fdc();
2029 		return -EINTR;
2030 	}
2031 
2032 	if (fdc_state[current_fdc].reset)
2033 		command_status = FD_COMMAND_ERROR;
2034 	if (command_status == FD_COMMAND_OKAY)
2035 		ret = 0;
2036 	else
2037 		ret = -EIO;
2038 	command_status = FD_COMMAND_NONE;
2039 	return ret;
2040 }
2041 
generic_done(int result)2042 static void generic_done(int result)
2043 {
2044 	command_status = result;
2045 	cont = &wakeup_cont;
2046 }
2047 
generic_success(void)2048 static void generic_success(void)
2049 {
2050 	cont->done(1);
2051 }
2052 
generic_failure(void)2053 static void generic_failure(void)
2054 {
2055 	cont->done(0);
2056 }
2057 
success_and_wakeup(void)2058 static void success_and_wakeup(void)
2059 {
2060 	generic_success();
2061 	cont->redo();
2062 }
2063 
2064 /*
2065  * formatting and rw support.
2066  * ==========================
2067  */
2068 
next_valid_format(int drive)2069 static int next_valid_format(int drive)
2070 {
2071 	int probed_format;
2072 
2073 	probed_format = drive_state[drive].probed_format;
2074 	while (1) {
2075 		if (probed_format >= FD_AUTODETECT_SIZE ||
2076 		    !drive_params[drive].autodetect[probed_format]) {
2077 			drive_state[drive].probed_format = 0;
2078 			return 1;
2079 		}
2080 		if (floppy_type[drive_params[drive].autodetect[probed_format]].sect) {
2081 			drive_state[drive].probed_format = probed_format;
2082 			return 0;
2083 		}
2084 		probed_format++;
2085 	}
2086 }
2087 
bad_flp_intr(void)2088 static void bad_flp_intr(void)
2089 {
2090 	int err_count;
2091 
2092 	if (probing) {
2093 		drive_state[current_drive].probed_format++;
2094 		if (!next_valid_format(current_drive))
2095 			return;
2096 	}
2097 	err_count = ++floppy_errors;
2098 	INFBOUND(write_errors[current_drive].badness, err_count);
2099 	if (err_count > drive_params[current_drive].max_errors.abort)
2100 		cont->done(0);
2101 	if (err_count > drive_params[current_drive].max_errors.reset)
2102 		fdc_state[current_fdc].reset = 1;
2103 	else if (err_count > drive_params[current_drive].max_errors.recal)
2104 		drive_state[current_drive].track = NEED_2_RECAL;
2105 }
2106 
set_floppy(int drive)2107 static void set_floppy(int drive)
2108 {
2109 	int type = ITYPE(drive_state[drive].fd_device);
2110 
2111 	if (type)
2112 		_floppy = floppy_type + type;
2113 	else
2114 		_floppy = current_type[drive];
2115 }
2116 
2117 /*
2118  * formatting support.
2119  * ===================
2120  */
format_interrupt(void)2121 static void format_interrupt(void)
2122 {
2123 	switch (interpret_errors()) {
2124 	case 1:
2125 		cont->error();
2126 		break;
2127 	case 2:
2128 		break;
2129 	case 0:
2130 		cont->done(1);
2131 	}
2132 	cont->redo();
2133 }
2134 
2135 #define FM_MODE(x, y) ((y) & ~(((x)->rate & 0x80) >> 1))
2136 #define CT(x) ((x) | 0xc0)
2137 
setup_format_params(int track)2138 static void setup_format_params(int track)
2139 {
2140 	int n;
2141 	int il;
2142 	int count;
2143 	int head_shift;
2144 	int track_shift;
2145 	struct fparm {
2146 		unsigned char track, head, sect, size;
2147 	} *here = (struct fparm *)floppy_track_buffer;
2148 
2149 	raw_cmd = &default_raw_cmd;
2150 	raw_cmd->track = track;
2151 
2152 	raw_cmd->flags = (FD_RAW_WRITE | FD_RAW_INTR | FD_RAW_SPIN |
2153 			  FD_RAW_NEED_DISK | FD_RAW_NEED_SEEK);
2154 	raw_cmd->rate = _floppy->rate & 0x43;
2155 	raw_cmd->cmd_count = NR_F;
2156 	raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_FORMAT);
2157 	raw_cmd->cmd[DR_SELECT] = UNIT(current_drive) + PH_HEAD(_floppy, format_req.head);
2158 	raw_cmd->cmd[F_SIZECODE] = FD_SIZECODE(_floppy);
2159 	raw_cmd->cmd[F_SECT_PER_TRACK] = _floppy->sect << 2 >> raw_cmd->cmd[F_SIZECODE];
2160 	raw_cmd->cmd[F_GAP] = _floppy->fmt_gap;
2161 	raw_cmd->cmd[F_FILL] = FD_FILL_BYTE;
2162 
2163 	raw_cmd->kernel_data = floppy_track_buffer;
2164 	raw_cmd->length = 4 * raw_cmd->cmd[F_SECT_PER_TRACK];
2165 
2166 	if (!raw_cmd->cmd[F_SECT_PER_TRACK])
2167 		return;
2168 
2169 	/* allow for about 30ms for data transport per track */
2170 	head_shift = (raw_cmd->cmd[F_SECT_PER_TRACK] + 5) / 6;
2171 
2172 	/* a ``cylinder'' is two tracks plus a little stepping time */
2173 	track_shift = 2 * head_shift + 3;
2174 
2175 	/* position of logical sector 1 on this track */
2176 	n = (track_shift * format_req.track + head_shift * format_req.head)
2177 	    % raw_cmd->cmd[F_SECT_PER_TRACK];
2178 
2179 	/* determine interleave */
2180 	il = 1;
2181 	if (_floppy->fmt_gap < 0x22)
2182 		il++;
2183 
2184 	/* initialize field */
2185 	for (count = 0; count < raw_cmd->cmd[F_SECT_PER_TRACK]; ++count) {
2186 		here[count].track = format_req.track;
2187 		here[count].head = format_req.head;
2188 		here[count].sect = 0;
2189 		here[count].size = raw_cmd->cmd[F_SIZECODE];
2190 	}
2191 	/* place logical sectors */
2192 	for (count = 1; count <= raw_cmd->cmd[F_SECT_PER_TRACK]; ++count) {
2193 		here[n].sect = count;
2194 		n = (n + il) % raw_cmd->cmd[F_SECT_PER_TRACK];
2195 		if (here[n].sect) {	/* sector busy, find next free sector */
2196 			++n;
2197 			if (n >= raw_cmd->cmd[F_SECT_PER_TRACK]) {
2198 				n -= raw_cmd->cmd[F_SECT_PER_TRACK];
2199 				while (here[n].sect)
2200 					++n;
2201 			}
2202 		}
2203 	}
2204 	if (_floppy->stretch & FD_SECTBASEMASK) {
2205 		for (count = 0; count < raw_cmd->cmd[F_SECT_PER_TRACK]; count++)
2206 			here[count].sect += FD_SECTBASE(_floppy) - 1;
2207 	}
2208 }
2209 
redo_format(void)2210 static void redo_format(void)
2211 {
2212 	buffer_track = -1;
2213 	setup_format_params(format_req.track << STRETCH(_floppy));
2214 	floppy_start();
2215 	debugt(__func__, "queue format request");
2216 }
2217 
2218 static const struct cont_t format_cont = {
2219 	.interrupt	= format_interrupt,
2220 	.redo		= redo_format,
2221 	.error		= bad_flp_intr,
2222 	.done		= generic_done
2223 };
2224 
do_format(int drive,struct format_descr * tmp_format_req)2225 static int do_format(int drive, struct format_descr *tmp_format_req)
2226 {
2227 	int ret;
2228 
2229 	if (lock_fdc(drive))
2230 		return -EINTR;
2231 
2232 	set_floppy(drive);
2233 	if (!_floppy ||
2234 	    _floppy->track > drive_params[current_drive].tracks ||
2235 	    tmp_format_req->track >= _floppy->track ||
2236 	    tmp_format_req->head >= _floppy->head ||
2237 	    (_floppy->sect << 2) % (1 << FD_SIZECODE(_floppy)) ||
2238 	    !_floppy->fmt_gap) {
2239 		process_fd_request();
2240 		return -EINVAL;
2241 	}
2242 	format_req = *tmp_format_req;
2243 	cont = &format_cont;
2244 	floppy_errors = 0;
2245 	ret = wait_til_done(redo_format, true);
2246 	if (ret == -EINTR)
2247 		return -EINTR;
2248 	process_fd_request();
2249 	return ret;
2250 }
2251 
2252 /*
2253  * Buffer read/write and support
2254  * =============================
2255  */
2256 
floppy_end_request(struct request * req,blk_status_t error)2257 static void floppy_end_request(struct request *req, blk_status_t error)
2258 {
2259 	unsigned int nr_sectors = current_count_sectors;
2260 	unsigned int drive = (unsigned long)req->q->disk->private_data;
2261 
2262 	/* current_count_sectors can be zero if transfer failed */
2263 	if (error)
2264 		nr_sectors = blk_rq_cur_sectors(req);
2265 	if (blk_update_request(req, error, nr_sectors << 9))
2266 		return;
2267 	__blk_mq_end_request(req, error);
2268 
2269 	/* We're done with the request */
2270 	floppy_off(drive);
2271 	current_req = NULL;
2272 }
2273 
2274 /* new request_done. Can handle physical sectors which are smaller than a
2275  * logical buffer */
request_done(int uptodate)2276 static void request_done(int uptodate)
2277 {
2278 	struct request *req = current_req;
2279 	int block;
2280 	char msg[sizeof("request done ") + sizeof(int) * 3];
2281 
2282 	probing = 0;
2283 	snprintf(msg, sizeof(msg), "request done %d", uptodate);
2284 	reschedule_timeout(MAXTIMEOUT, msg);
2285 
2286 	if (!req) {
2287 		pr_info("floppy.c: no request in request_done\n");
2288 		return;
2289 	}
2290 
2291 	if (uptodate) {
2292 		/* maintain values for invalidation on geometry
2293 		 * change */
2294 		block = current_count_sectors + blk_rq_pos(req);
2295 		INFBOUND(drive_state[current_drive].maxblock, block);
2296 		if (block > _floppy->sect)
2297 			drive_state[current_drive].maxtrack = 1;
2298 
2299 		floppy_end_request(req, 0);
2300 	} else {
2301 		if (rq_data_dir(req) == WRITE) {
2302 			/* record write error information */
2303 			write_errors[current_drive].write_errors++;
2304 			if (write_errors[current_drive].write_errors == 1) {
2305 				write_errors[current_drive].first_error_sector = blk_rq_pos(req);
2306 				write_errors[current_drive].first_error_generation = drive_state[current_drive].generation;
2307 			}
2308 			write_errors[current_drive].last_error_sector = blk_rq_pos(req);
2309 			write_errors[current_drive].last_error_generation = drive_state[current_drive].generation;
2310 		}
2311 		floppy_end_request(req, BLK_STS_IOERR);
2312 	}
2313 }
2314 
2315 /* Interrupt handler evaluating the result of the r/w operation */
rw_interrupt(void)2316 static void rw_interrupt(void)
2317 {
2318 	int eoc;
2319 	int ssize;
2320 	int heads;
2321 	int nr_sectors;
2322 
2323 	if (reply_buffer[R_HEAD] >= 2) {
2324 		/* some Toshiba floppy controllers occasionnally seem to
2325 		 * return bogus interrupts after read/write operations, which
2326 		 * can be recognized by a bad head number (>= 2) */
2327 		return;
2328 	}
2329 
2330 	if (!drive_state[current_drive].first_read_date)
2331 		drive_state[current_drive].first_read_date = jiffies;
2332 
2333 	ssize = DIV_ROUND_UP(1 << raw_cmd->cmd[SIZECODE], 4);
2334 
2335 	if (reply_buffer[ST1] & ST1_EOC)
2336 		eoc = 1;
2337 	else
2338 		eoc = 0;
2339 
2340 	if (raw_cmd->cmd[COMMAND] & 0x80)
2341 		heads = 2;
2342 	else
2343 		heads = 1;
2344 
2345 	nr_sectors = (((reply_buffer[R_TRACK] - raw_cmd->cmd[TRACK]) * heads +
2346 		       reply_buffer[R_HEAD] - raw_cmd->cmd[HEAD]) * raw_cmd->cmd[SECT_PER_TRACK] +
2347 		      reply_buffer[R_SECTOR] - raw_cmd->cmd[SECTOR] + eoc) << raw_cmd->cmd[SIZECODE] >> 2;
2348 
2349 	if (nr_sectors / ssize >
2350 	    DIV_ROUND_UP(in_sector_offset + current_count_sectors, ssize)) {
2351 		DPRINT("long rw: %x instead of %lx\n",
2352 		       nr_sectors, current_count_sectors);
2353 		pr_info("rs=%d s=%d\n", reply_buffer[R_SECTOR],
2354 			raw_cmd->cmd[SECTOR]);
2355 		pr_info("rh=%d h=%d\n", reply_buffer[R_HEAD],
2356 			raw_cmd->cmd[HEAD]);
2357 		pr_info("rt=%d t=%d\n", reply_buffer[R_TRACK],
2358 			raw_cmd->cmd[TRACK]);
2359 		pr_info("heads=%d eoc=%d\n", heads, eoc);
2360 		pr_info("spt=%d st=%d ss=%d\n",
2361 			raw_cmd->cmd[SECT_PER_TRACK], fsector_t, ssize);
2362 		pr_info("in_sector_offset=%d\n", in_sector_offset);
2363 	}
2364 
2365 	nr_sectors -= in_sector_offset;
2366 	INFBOUND(nr_sectors, 0);
2367 	SUPBOUND(current_count_sectors, nr_sectors);
2368 
2369 	switch (interpret_errors()) {
2370 	case 2:
2371 		cont->redo();
2372 		return;
2373 	case 1:
2374 		if (!current_count_sectors) {
2375 			cont->error();
2376 			cont->redo();
2377 			return;
2378 		}
2379 		break;
2380 	case 0:
2381 		if (!current_count_sectors) {
2382 			cont->redo();
2383 			return;
2384 		}
2385 		current_type[current_drive] = _floppy;
2386 		floppy_sizes[TOMINOR(current_drive)] = _floppy->size;
2387 		break;
2388 	}
2389 
2390 	if (probing) {
2391 		if (drive_params[current_drive].flags & FTD_MSG)
2392 			DPRINT("Auto-detected floppy type %s in fd%d\n",
2393 			       _floppy->name, current_drive);
2394 		current_type[current_drive] = _floppy;
2395 		floppy_sizes[TOMINOR(current_drive)] = _floppy->size;
2396 		probing = 0;
2397 	}
2398 
2399 	if (CT(raw_cmd->cmd[COMMAND]) != FD_READ) {
2400 		/* transfer directly from buffer */
2401 		cont->done(1);
2402 	} else {
2403 		buffer_track = raw_cmd->track;
2404 		buffer_drive = current_drive;
2405 		INFBOUND(buffer_max, nr_sectors + fsector_t);
2406 	}
2407 	cont->redo();
2408 }
2409 
2410 /* Compute the maximal transfer size */
transfer_size(int ssize,int max_sector,int max_size)2411 static int transfer_size(int ssize, int max_sector, int max_size)
2412 {
2413 	SUPBOUND(max_sector, fsector_t + max_size);
2414 
2415 	/* alignment */
2416 	max_sector -= (max_sector % _floppy->sect) % ssize;
2417 
2418 	/* transfer size, beginning not aligned */
2419 	current_count_sectors = max_sector - fsector_t;
2420 
2421 	return max_sector;
2422 }
2423 
2424 /*
2425  * Move data from/to the track buffer to/from the buffer cache.
2426  */
copy_buffer(int ssize,int max_sector,int max_sector_2)2427 static void copy_buffer(int ssize, int max_sector, int max_sector_2)
2428 {
2429 	int remaining;		/* number of transferred 512-byte sectors */
2430 	struct bio_vec bv;
2431 	char *dma_buffer;
2432 	int size;
2433 	struct req_iterator iter;
2434 
2435 	max_sector = transfer_size(ssize,
2436 				   min(max_sector, max_sector_2),
2437 				   blk_rq_sectors(current_req));
2438 
2439 	if (current_count_sectors <= 0 && CT(raw_cmd->cmd[COMMAND]) == FD_WRITE &&
2440 	    buffer_max > fsector_t + blk_rq_sectors(current_req))
2441 		current_count_sectors = min_t(int, buffer_max - fsector_t,
2442 					      blk_rq_sectors(current_req));
2443 
2444 	remaining = current_count_sectors << 9;
2445 	if (remaining > blk_rq_bytes(current_req) && CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2446 		DPRINT("in copy buffer\n");
2447 		pr_info("current_count_sectors=%ld\n", current_count_sectors);
2448 		pr_info("remaining=%d\n", remaining >> 9);
2449 		pr_info("current_req->nr_sectors=%u\n",
2450 			blk_rq_sectors(current_req));
2451 		pr_info("current_req->current_nr_sectors=%u\n",
2452 			blk_rq_cur_sectors(current_req));
2453 		pr_info("max_sector=%d\n", max_sector);
2454 		pr_info("ssize=%d\n", ssize);
2455 	}
2456 
2457 	buffer_max = max(max_sector, buffer_max);
2458 
2459 	dma_buffer = floppy_track_buffer + ((fsector_t - buffer_min) << 9);
2460 
2461 	size = blk_rq_cur_bytes(current_req);
2462 
2463 	rq_for_each_segment(bv, current_req, iter) {
2464 		if (!remaining)
2465 			break;
2466 
2467 		size = bv.bv_len;
2468 		SUPBOUND(size, remaining);
2469 		if (dma_buffer + size >
2470 		    floppy_track_buffer + (max_buffer_sectors << 10) ||
2471 		    dma_buffer < floppy_track_buffer) {
2472 			DPRINT("buffer overrun in copy buffer %d\n",
2473 			       (int)((floppy_track_buffer - dma_buffer) >> 9));
2474 			pr_info("fsector_t=%d buffer_min=%d\n",
2475 				fsector_t, buffer_min);
2476 			pr_info("current_count_sectors=%ld\n",
2477 				current_count_sectors);
2478 			if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2479 				pr_info("read\n");
2480 			if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE)
2481 				pr_info("write\n");
2482 			break;
2483 		}
2484 
2485 		if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2486 			memcpy_to_bvec(&bv, dma_buffer);
2487 		else
2488 			memcpy_from_bvec(dma_buffer, &bv);
2489 
2490 		remaining -= size;
2491 		dma_buffer += size;
2492 	}
2493 	if (remaining) {
2494 		if (remaining > 0)
2495 			max_sector -= remaining >> 9;
2496 		DPRINT("weirdness: remaining %d\n", remaining >> 9);
2497 	}
2498 }
2499 
2500 /* work around a bug in pseudo DMA
2501  * (on some FDCs) pseudo DMA does not stop when the CPU stops
2502  * sending data.  Hence we need a different way to signal the
2503  * transfer length:  We use raw_cmd->cmd[SECT_PER_TRACK].  Unfortunately, this
2504  * does not work with MT, hence we can only transfer one head at
2505  * a time
2506  */
virtualdmabug_workaround(void)2507 static void virtualdmabug_workaround(void)
2508 {
2509 	int hard_sectors;
2510 	int end_sector;
2511 
2512 	if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2513 		raw_cmd->cmd[COMMAND] &= ~0x80;	/* switch off multiple track mode */
2514 
2515 		hard_sectors = raw_cmd->length >> (7 + raw_cmd->cmd[SIZECODE]);
2516 		end_sector = raw_cmd->cmd[SECTOR] + hard_sectors - 1;
2517 		if (end_sector > raw_cmd->cmd[SECT_PER_TRACK]) {
2518 			pr_info("too many sectors %d > %d\n",
2519 				end_sector, raw_cmd->cmd[SECT_PER_TRACK]);
2520 			return;
2521 		}
2522 		raw_cmd->cmd[SECT_PER_TRACK] = end_sector;
2523 					/* make sure raw_cmd->cmd[SECT_PER_TRACK]
2524 					 * points to end of transfer */
2525 	}
2526 }
2527 
2528 /*
2529  * Formulate a read/write request.
2530  * this routine decides where to load the data (directly to buffer, or to
2531  * tmp floppy area), how much data to load (the size of the buffer, the whole
2532  * track, or a single sector)
2533  * All floppy_track_buffer handling goes in here. If we ever add track buffer
2534  * allocation on the fly, it should be done here. No other part should need
2535  * modification.
2536  */
2537 
make_raw_rw_request(void)2538 static int make_raw_rw_request(void)
2539 {
2540 	int aligned_sector_t;
2541 	int max_sector;
2542 	int max_size;
2543 	int tracksize;
2544 	int ssize;
2545 
2546 	if (WARN(max_buffer_sectors == 0, "VFS: Block I/O scheduled on unopened device\n"))
2547 		return 0;
2548 
2549 	set_fdc((long)current_req->q->disk->private_data);
2550 
2551 	raw_cmd = &default_raw_cmd;
2552 	raw_cmd->flags = FD_RAW_SPIN | FD_RAW_NEED_DISK | FD_RAW_NEED_SEEK;
2553 	raw_cmd->cmd_count = NR_RW;
2554 	if (rq_data_dir(current_req) == READ) {
2555 		raw_cmd->flags |= FD_RAW_READ;
2556 		raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_READ);
2557 	} else if (rq_data_dir(current_req) == WRITE) {
2558 		raw_cmd->flags |= FD_RAW_WRITE;
2559 		raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_WRITE);
2560 	} else {
2561 		DPRINT("%s: unknown command\n", __func__);
2562 		return 0;
2563 	}
2564 
2565 	max_sector = _floppy->sect * _floppy->head;
2566 
2567 	raw_cmd->cmd[TRACK] = (int)blk_rq_pos(current_req) / max_sector;
2568 	fsector_t = (int)blk_rq_pos(current_req) % max_sector;
2569 	if (_floppy->track && raw_cmd->cmd[TRACK] >= _floppy->track) {
2570 		if (blk_rq_cur_sectors(current_req) & 1) {
2571 			current_count_sectors = 1;
2572 			return 1;
2573 		} else
2574 			return 0;
2575 	}
2576 	raw_cmd->cmd[HEAD] = fsector_t / _floppy->sect;
2577 
2578 	if (((_floppy->stretch & (FD_SWAPSIDES | FD_SECTBASEMASK)) ||
2579 	     test_bit(FD_NEED_TWADDLE_BIT, &drive_state[current_drive].flags)) &&
2580 	    fsector_t < _floppy->sect)
2581 		max_sector = _floppy->sect;
2582 
2583 	/* 2M disks have phantom sectors on the first track */
2584 	if ((_floppy->rate & FD_2M) && (!raw_cmd->cmd[TRACK]) && (!raw_cmd->cmd[HEAD])) {
2585 		max_sector = 2 * _floppy->sect / 3;
2586 		if (fsector_t >= max_sector) {
2587 			current_count_sectors =
2588 			    min_t(int, _floppy->sect - fsector_t,
2589 				  blk_rq_sectors(current_req));
2590 			return 1;
2591 		}
2592 		raw_cmd->cmd[SIZECODE] = 2;
2593 	} else
2594 		raw_cmd->cmd[SIZECODE] = FD_SIZECODE(_floppy);
2595 	raw_cmd->rate = _floppy->rate & 0x43;
2596 	if ((_floppy->rate & FD_2M) &&
2597 	    (raw_cmd->cmd[TRACK] || raw_cmd->cmd[HEAD]) && raw_cmd->rate == 2)
2598 		raw_cmd->rate = 1;
2599 
2600 	if (raw_cmd->cmd[SIZECODE])
2601 		raw_cmd->cmd[SIZECODE2] = 0xff;
2602 	else
2603 		raw_cmd->cmd[SIZECODE2] = 0x80;
2604 	raw_cmd->track = raw_cmd->cmd[TRACK] << STRETCH(_floppy);
2605 	raw_cmd->cmd[DR_SELECT] = UNIT(current_drive) + PH_HEAD(_floppy, raw_cmd->cmd[HEAD]);
2606 	raw_cmd->cmd[GAP] = _floppy->gap;
2607 	ssize = DIV_ROUND_UP(1 << raw_cmd->cmd[SIZECODE], 4);
2608 	raw_cmd->cmd[SECT_PER_TRACK] = _floppy->sect << 2 >> raw_cmd->cmd[SIZECODE];
2609 	raw_cmd->cmd[SECTOR] = ((fsector_t % _floppy->sect) << 2 >> raw_cmd->cmd[SIZECODE]) +
2610 	    FD_SECTBASE(_floppy);
2611 
2612 	/* tracksize describes the size which can be filled up with sectors
2613 	 * of size ssize.
2614 	 */
2615 	tracksize = _floppy->sect - _floppy->sect % ssize;
2616 	if (tracksize < _floppy->sect) {
2617 		raw_cmd->cmd[SECT_PER_TRACK]++;
2618 		if (tracksize <= fsector_t % _floppy->sect)
2619 			raw_cmd->cmd[SECTOR]--;
2620 
2621 		/* if we are beyond tracksize, fill up using smaller sectors */
2622 		while (tracksize <= fsector_t % _floppy->sect) {
2623 			while (tracksize + ssize > _floppy->sect) {
2624 				raw_cmd->cmd[SIZECODE]--;
2625 				ssize >>= 1;
2626 			}
2627 			raw_cmd->cmd[SECTOR]++;
2628 			raw_cmd->cmd[SECT_PER_TRACK]++;
2629 			tracksize += ssize;
2630 		}
2631 		max_sector = raw_cmd->cmd[HEAD] * _floppy->sect + tracksize;
2632 	} else if (!raw_cmd->cmd[TRACK] && !raw_cmd->cmd[HEAD] && !(_floppy->rate & FD_2M) && probing) {
2633 		max_sector = _floppy->sect;
2634 	} else if (!raw_cmd->cmd[HEAD] && CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2635 		/* for virtual DMA bug workaround */
2636 		max_sector = _floppy->sect;
2637 	}
2638 
2639 	in_sector_offset = (fsector_t % _floppy->sect) % ssize;
2640 	aligned_sector_t = fsector_t - in_sector_offset;
2641 	max_size = blk_rq_sectors(current_req);
2642 	if ((raw_cmd->track == buffer_track) &&
2643 	    (current_drive == buffer_drive) &&
2644 	    (fsector_t >= buffer_min) && (fsector_t < buffer_max)) {
2645 		/* data already in track buffer */
2646 		if (CT(raw_cmd->cmd[COMMAND]) == FD_READ) {
2647 			copy_buffer(1, max_sector, buffer_max);
2648 			return 1;
2649 		}
2650 	} else if (in_sector_offset || blk_rq_sectors(current_req) < ssize) {
2651 		if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2652 			unsigned int sectors;
2653 
2654 			sectors = fsector_t + blk_rq_sectors(current_req);
2655 			if (sectors > ssize && sectors < ssize + ssize)
2656 				max_size = ssize + ssize;
2657 			else
2658 				max_size = ssize;
2659 		}
2660 		raw_cmd->flags &= ~FD_RAW_WRITE;
2661 		raw_cmd->flags |= FD_RAW_READ;
2662 		raw_cmd->cmd[COMMAND] = FM_MODE(_floppy, FD_READ);
2663 	}
2664 
2665 	if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2666 		max_size = max_sector;	/* unbounded */
2667 
2668 	/* claim buffer track if needed */
2669 	if (buffer_track != raw_cmd->track ||	/* bad track */
2670 	    buffer_drive != current_drive ||	/* bad drive */
2671 	    fsector_t > buffer_max ||
2672 	    fsector_t < buffer_min ||
2673 	    ((CT(raw_cmd->cmd[COMMAND]) == FD_READ ||
2674 	      (!in_sector_offset && blk_rq_sectors(current_req) >= ssize)) &&
2675 	     max_sector > 2 * max_buffer_sectors + buffer_min &&
2676 	     max_size + fsector_t > 2 * max_buffer_sectors + buffer_min)) {
2677 		/* not enough space */
2678 		buffer_track = -1;
2679 		buffer_drive = current_drive;
2680 		buffer_max = buffer_min = aligned_sector_t;
2681 	}
2682 	raw_cmd->kernel_data = floppy_track_buffer +
2683 		((aligned_sector_t - buffer_min) << 9);
2684 
2685 	if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE) {
2686 		/* copy write buffer to track buffer.
2687 		 * if we get here, we know that the write
2688 		 * is either aligned or the data already in the buffer
2689 		 * (buffer will be overwritten) */
2690 		if (in_sector_offset && buffer_track == -1)
2691 			DPRINT("internal error offset !=0 on write\n");
2692 		buffer_track = raw_cmd->track;
2693 		buffer_drive = current_drive;
2694 		copy_buffer(ssize, max_sector,
2695 			    2 * max_buffer_sectors + buffer_min);
2696 	} else
2697 		transfer_size(ssize, max_sector,
2698 			      2 * max_buffer_sectors + buffer_min -
2699 			      aligned_sector_t);
2700 
2701 	/* round up current_count_sectors to get dma xfer size */
2702 	raw_cmd->length = in_sector_offset + current_count_sectors;
2703 	raw_cmd->length = ((raw_cmd->length - 1) | (ssize - 1)) + 1;
2704 	raw_cmd->length <<= 9;
2705 	if ((raw_cmd->length < current_count_sectors << 9) ||
2706 	    (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE &&
2707 	     (aligned_sector_t + (raw_cmd->length >> 9) > buffer_max ||
2708 	      aligned_sector_t < buffer_min)) ||
2709 	    raw_cmd->length % (128 << raw_cmd->cmd[SIZECODE]) ||
2710 	    raw_cmd->length <= 0 || current_count_sectors <= 0) {
2711 		DPRINT("fractionary current count b=%lx s=%lx\n",
2712 		       raw_cmd->length, current_count_sectors);
2713 		pr_info("addr=%d, length=%ld\n",
2714 			(int)((raw_cmd->kernel_data -
2715 			       floppy_track_buffer) >> 9),
2716 			current_count_sectors);
2717 		pr_info("st=%d ast=%d mse=%d msi=%d\n",
2718 			fsector_t, aligned_sector_t, max_sector, max_size);
2719 		pr_info("ssize=%x SIZECODE=%d\n", ssize, raw_cmd->cmd[SIZECODE]);
2720 		pr_info("command=%x SECTOR=%d HEAD=%d, TRACK=%d\n",
2721 			raw_cmd->cmd[COMMAND], raw_cmd->cmd[SECTOR],
2722 			raw_cmd->cmd[HEAD], raw_cmd->cmd[TRACK]);
2723 		pr_info("buffer drive=%d\n", buffer_drive);
2724 		pr_info("buffer track=%d\n", buffer_track);
2725 		pr_info("buffer_min=%d\n", buffer_min);
2726 		pr_info("buffer_max=%d\n", buffer_max);
2727 		return 0;
2728 	}
2729 
2730 	if (raw_cmd->kernel_data < floppy_track_buffer ||
2731 	    current_count_sectors < 0 ||
2732 	    raw_cmd->length < 0 ||
2733 	    raw_cmd->kernel_data + raw_cmd->length >
2734 	    floppy_track_buffer + (max_buffer_sectors << 10)) {
2735 		DPRINT("buffer overrun in schedule dma\n");
2736 		pr_info("fsector_t=%d buffer_min=%d current_count=%ld\n",
2737 			fsector_t, buffer_min, raw_cmd->length >> 9);
2738 		pr_info("current_count_sectors=%ld\n",
2739 			current_count_sectors);
2740 		if (CT(raw_cmd->cmd[COMMAND]) == FD_READ)
2741 			pr_info("read\n");
2742 		if (CT(raw_cmd->cmd[COMMAND]) == FD_WRITE)
2743 			pr_info("write\n");
2744 		return 0;
2745 	}
2746 	if (raw_cmd->length == 0) {
2747 		DPRINT("zero dma transfer attempted from make_raw_request\n");
2748 		return 0;
2749 	}
2750 
2751 	virtualdmabug_workaround();
2752 	return 2;
2753 }
2754 
set_next_request(void)2755 static int set_next_request(void)
2756 {
2757 	current_req = list_first_entry_or_null(&floppy_reqs, struct request,
2758 					       queuelist);
2759 	if (current_req) {
2760 		floppy_errors = 0;
2761 		list_del_init(&current_req->queuelist);
2762 		return 1;
2763 	}
2764 	return 0;
2765 }
2766 
2767 /* Starts or continues processing request. Will automatically unlock the
2768  * driver at end of request.
2769  */
redo_fd_request(void)2770 static void redo_fd_request(void)
2771 {
2772 	int drive;
2773 	int tmp;
2774 
2775 	lastredo = jiffies;
2776 	if (current_drive < N_DRIVE)
2777 		floppy_off(current_drive);
2778 
2779 do_request:
2780 	if (!current_req) {
2781 		int pending;
2782 
2783 		spin_lock_irq(&floppy_lock);
2784 		pending = set_next_request();
2785 		spin_unlock_irq(&floppy_lock);
2786 		if (!pending) {
2787 			do_floppy = NULL;
2788 			unlock_fdc();
2789 			return;
2790 		}
2791 	}
2792 	drive = (long)current_req->q->disk->private_data;
2793 	set_fdc(drive);
2794 	reschedule_timeout(current_drive, "redo fd request");
2795 
2796 	set_floppy(drive);
2797 	raw_cmd = &default_raw_cmd;
2798 	raw_cmd->flags = 0;
2799 	if (start_motor(redo_fd_request))
2800 		return;
2801 
2802 	disk_change(current_drive);
2803 	if (test_bit(current_drive, &fake_change) ||
2804 	    test_bit(FD_DISK_CHANGED_BIT, &drive_state[current_drive].flags)) {
2805 		DPRINT("disk absent or changed during operation\n");
2806 		request_done(0);
2807 		goto do_request;
2808 	}
2809 	if (!_floppy) {	/* Autodetection */
2810 		if (!probing) {
2811 			drive_state[current_drive].probed_format = 0;
2812 			if (next_valid_format(current_drive)) {
2813 				DPRINT("no autodetectable formats\n");
2814 				_floppy = NULL;
2815 				request_done(0);
2816 				goto do_request;
2817 			}
2818 		}
2819 		probing = 1;
2820 		_floppy = floppy_type + drive_params[current_drive].autodetect[drive_state[current_drive].probed_format];
2821 	} else
2822 		probing = 0;
2823 	tmp = make_raw_rw_request();
2824 	if (tmp < 2) {
2825 		request_done(tmp);
2826 		goto do_request;
2827 	}
2828 
2829 	if (test_bit(FD_NEED_TWADDLE_BIT, &drive_state[current_drive].flags))
2830 		twaddle(current_fdc, current_drive);
2831 	schedule_bh(floppy_start);
2832 	debugt(__func__, "queue fd request");
2833 	return;
2834 }
2835 
2836 static const struct cont_t rw_cont = {
2837 	.interrupt	= rw_interrupt,
2838 	.redo		= redo_fd_request,
2839 	.error		= bad_flp_intr,
2840 	.done		= request_done
2841 };
2842 
2843 /* schedule the request and automatically unlock the driver on completion */
process_fd_request(void)2844 static void process_fd_request(void)
2845 {
2846 	cont = &rw_cont;
2847 	schedule_bh(redo_fd_request);
2848 }
2849 
floppy_queue_rq(struct blk_mq_hw_ctx * hctx,const struct blk_mq_queue_data * bd)2850 static blk_status_t floppy_queue_rq(struct blk_mq_hw_ctx *hctx,
2851 				    const struct blk_mq_queue_data *bd)
2852 {
2853 	blk_mq_start_request(bd->rq);
2854 
2855 	if (WARN(max_buffer_sectors == 0,
2856 		 "VFS: %s called on non-open device\n", __func__))
2857 		return BLK_STS_IOERR;
2858 
2859 	if (WARN(atomic_read(&usage_count) == 0,
2860 		 "warning: usage count=0, current_req=%p sect=%ld flags=%llx\n",
2861 		 current_req, (long)blk_rq_pos(current_req),
2862 		 (__force unsigned long long) current_req->cmd_flags))
2863 		return BLK_STS_IOERR;
2864 
2865 	if (test_and_set_bit(0, &fdc_busy)) {
2866 		/* fdc busy, this new request will be treated when the
2867 		   current one is done */
2868 		is_alive(__func__, "old request running");
2869 		return BLK_STS_RESOURCE;
2870 	}
2871 
2872 	spin_lock_irq(&floppy_lock);
2873 	list_add_tail(&bd->rq->queuelist, &floppy_reqs);
2874 	spin_unlock_irq(&floppy_lock);
2875 
2876 	command_status = FD_COMMAND_NONE;
2877 	__reschedule_timeout(MAXTIMEOUT, "fd_request");
2878 	set_fdc(0);
2879 	process_fd_request();
2880 	is_alive(__func__, "");
2881 	return BLK_STS_OK;
2882 }
2883 
2884 static const struct cont_t poll_cont = {
2885 	.interrupt	= success_and_wakeup,
2886 	.redo		= floppy_ready,
2887 	.error		= generic_failure,
2888 	.done		= generic_done
2889 };
2890 
poll_drive(bool interruptible,int flag)2891 static int poll_drive(bool interruptible, int flag)
2892 {
2893 	/* no auto-sense, just clear dcl */
2894 	raw_cmd = &default_raw_cmd;
2895 	raw_cmd->flags = flag;
2896 	raw_cmd->track = 0;
2897 	raw_cmd->cmd_count = 0;
2898 	cont = &poll_cont;
2899 	debug_dcl(drive_params[current_drive].flags,
2900 		  "setting NEWCHANGE in poll_drive\n");
2901 	set_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[current_drive].flags);
2902 
2903 	return wait_til_done(floppy_ready, interruptible);
2904 }
2905 
2906 /*
2907  * User triggered reset
2908  * ====================
2909  */
2910 
reset_intr(void)2911 static void reset_intr(void)
2912 {
2913 	pr_info("weird, reset interrupt called\n");
2914 }
2915 
2916 static const struct cont_t reset_cont = {
2917 	.interrupt	= reset_intr,
2918 	.redo		= success_and_wakeup,
2919 	.error		= generic_failure,
2920 	.done		= generic_done
2921 };
2922 
2923 /*
2924  * Resets the FDC connected to drive <drive>.
2925  * Both current_drive and current_fdc are changed to match the new drive.
2926  */
user_reset_fdc(int drive,int arg,bool interruptible)2927 static int user_reset_fdc(int drive, int arg, bool interruptible)
2928 {
2929 	int ret;
2930 
2931 	if (lock_fdc(drive))
2932 		return -EINTR;
2933 
2934 	if (arg == FD_RESET_ALWAYS)
2935 		fdc_state[current_fdc].reset = 1;
2936 	if (fdc_state[current_fdc].reset) {
2937 		/* note: reset_fdc will take care of unlocking the driver
2938 		 * on completion.
2939 		 */
2940 		cont = &reset_cont;
2941 		ret = wait_til_done(reset_fdc, interruptible);
2942 		if (ret == -EINTR)
2943 			return -EINTR;
2944 	}
2945 	process_fd_request();
2946 	return 0;
2947 }
2948 
2949 /*
2950  * Misc Ioctl's and support
2951  * ========================
2952  */
fd_copyout(void __user * param,const void * address,unsigned long size)2953 static inline int fd_copyout(void __user *param, const void *address,
2954 			     unsigned long size)
2955 {
2956 	return copy_to_user(param, address, size) ? -EFAULT : 0;
2957 }
2958 
fd_copyin(void __user * param,void * address,unsigned long size)2959 static inline int fd_copyin(void __user *param, void *address,
2960 			    unsigned long size)
2961 {
2962 	return copy_from_user(address, param, size) ? -EFAULT : 0;
2963 }
2964 
drive_name(int type,int drive)2965 static const char *drive_name(int type, int drive)
2966 {
2967 	struct floppy_struct *floppy;
2968 
2969 	if (type)
2970 		floppy = floppy_type + type;
2971 	else {
2972 		if (drive_params[drive].native_format)
2973 			floppy = floppy_type + drive_params[drive].native_format;
2974 		else
2975 			return "(null)";
2976 	}
2977 	if (floppy->name)
2978 		return floppy->name;
2979 	else
2980 		return "(null)";
2981 }
2982 
2983 #ifdef CONFIG_BLK_DEV_FD_RAWCMD
2984 
2985 /* raw commands */
raw_cmd_done(int flag)2986 static void raw_cmd_done(int flag)
2987 {
2988 	if (!flag) {
2989 		raw_cmd->flags |= FD_RAW_FAILURE;
2990 		raw_cmd->flags |= FD_RAW_HARDFAILURE;
2991 	} else {
2992 		raw_cmd->reply_count = inr;
2993 		if (raw_cmd->reply_count > FD_RAW_REPLY_SIZE)
2994 			raw_cmd->reply_count = 0;
2995 		memcpy(raw_cmd->reply, reply_buffer, raw_cmd->reply_count);
2996 
2997 		if (raw_cmd->flags & (FD_RAW_READ | FD_RAW_WRITE)) {
2998 			unsigned long flags;
2999 			flags = claim_dma_lock();
3000 			raw_cmd->length = fd_get_dma_residue();
3001 			release_dma_lock(flags);
3002 		}
3003 
3004 		if ((raw_cmd->flags & FD_RAW_SOFTFAILURE) &&
3005 		    (!raw_cmd->reply_count || (raw_cmd->reply[0] & 0xc0)))
3006 			raw_cmd->flags |= FD_RAW_FAILURE;
3007 
3008 		if (disk_change(current_drive))
3009 			raw_cmd->flags |= FD_RAW_DISK_CHANGE;
3010 		else
3011 			raw_cmd->flags &= ~FD_RAW_DISK_CHANGE;
3012 		if (raw_cmd->flags & FD_RAW_NO_MOTOR_AFTER)
3013 			motor_off_callback(&motor_off_timer[current_drive]);
3014 
3015 		if (raw_cmd->next &&
3016 		    (!(raw_cmd->flags & FD_RAW_FAILURE) ||
3017 		     !(raw_cmd->flags & FD_RAW_STOP_IF_FAILURE)) &&
3018 		    ((raw_cmd->flags & FD_RAW_FAILURE) ||
3019 		     !(raw_cmd->flags & FD_RAW_STOP_IF_SUCCESS))) {
3020 			raw_cmd = raw_cmd->next;
3021 			return;
3022 		}
3023 	}
3024 	generic_done(flag);
3025 }
3026 
3027 static const struct cont_t raw_cmd_cont = {
3028 	.interrupt	= success_and_wakeup,
3029 	.redo		= floppy_start,
3030 	.error		= generic_failure,
3031 	.done		= raw_cmd_done
3032 };
3033 
raw_cmd_copyout(int cmd,void __user * param,struct floppy_raw_cmd * ptr)3034 static int raw_cmd_copyout(int cmd, void __user *param,
3035 				  struct floppy_raw_cmd *ptr)
3036 {
3037 	int ret;
3038 
3039 	while (ptr) {
3040 		struct floppy_raw_cmd cmd = *ptr;
3041 		cmd.next = NULL;
3042 		cmd.kernel_data = NULL;
3043 		ret = copy_to_user(param, &cmd, sizeof(cmd));
3044 		if (ret)
3045 			return -EFAULT;
3046 		param += sizeof(struct floppy_raw_cmd);
3047 		if ((ptr->flags & FD_RAW_READ) && ptr->buffer_length) {
3048 			if (ptr->length >= 0 &&
3049 			    ptr->length <= ptr->buffer_length) {
3050 				long length = ptr->buffer_length - ptr->length;
3051 				ret = fd_copyout(ptr->data, ptr->kernel_data,
3052 						 length);
3053 				if (ret)
3054 					return ret;
3055 			}
3056 		}
3057 		ptr = ptr->next;
3058 	}
3059 
3060 	return 0;
3061 }
3062 
raw_cmd_free(struct floppy_raw_cmd ** ptr)3063 static void raw_cmd_free(struct floppy_raw_cmd **ptr)
3064 {
3065 	struct floppy_raw_cmd *next;
3066 	struct floppy_raw_cmd *this;
3067 
3068 	this = *ptr;
3069 	*ptr = NULL;
3070 	while (this) {
3071 		if (this->buffer_length) {
3072 			fd_dma_mem_free((unsigned long)this->kernel_data,
3073 					this->buffer_length);
3074 			this->buffer_length = 0;
3075 		}
3076 		next = this->next;
3077 		kfree(this);
3078 		this = next;
3079 	}
3080 }
3081 
3082 #define MAX_LEN (1UL << MAX_ORDER << PAGE_SHIFT)
3083 
raw_cmd_copyin(int cmd,void __user * param,struct floppy_raw_cmd ** rcmd)3084 static int raw_cmd_copyin(int cmd, void __user *param,
3085 				 struct floppy_raw_cmd **rcmd)
3086 {
3087 	struct floppy_raw_cmd *ptr;
3088 	int ret;
3089 
3090 	*rcmd = NULL;
3091 
3092 loop:
3093 	ptr = kmalloc(sizeof(struct floppy_raw_cmd), GFP_KERNEL);
3094 	if (!ptr)
3095 		return -ENOMEM;
3096 	*rcmd = ptr;
3097 	ret = copy_from_user(ptr, param, sizeof(*ptr));
3098 	ptr->next = NULL;
3099 	ptr->buffer_length = 0;
3100 	ptr->kernel_data = NULL;
3101 	if (ret)
3102 		return -EFAULT;
3103 	param += sizeof(struct floppy_raw_cmd);
3104 	if (ptr->cmd_count > FD_RAW_CMD_FULLSIZE)
3105 		return -EINVAL;
3106 
3107 	memset(ptr->reply, 0, FD_RAW_REPLY_SIZE);
3108 	ptr->resultcode = 0;
3109 
3110 	if (ptr->flags & (FD_RAW_READ | FD_RAW_WRITE)) {
3111 		if (ptr->length <= 0 || ptr->length > MAX_LEN)
3112 			return -EINVAL;
3113 		ptr->kernel_data = (char *)fd_dma_mem_alloc(ptr->length);
3114 		fallback_on_nodma_alloc(&ptr->kernel_data, ptr->length);
3115 		if (!ptr->kernel_data)
3116 			return -ENOMEM;
3117 		ptr->buffer_length = ptr->length;
3118 	}
3119 	if (ptr->flags & FD_RAW_WRITE) {
3120 		ret = fd_copyin(ptr->data, ptr->kernel_data, ptr->length);
3121 		if (ret)
3122 			return ret;
3123 	}
3124 
3125 	if (ptr->flags & FD_RAW_MORE) {
3126 		rcmd = &(ptr->next);
3127 		ptr->rate &= 0x43;
3128 		goto loop;
3129 	}
3130 
3131 	return 0;
3132 }
3133 
raw_cmd_ioctl(int cmd,void __user * param)3134 static int raw_cmd_ioctl(int cmd, void __user *param)
3135 {
3136 	struct floppy_raw_cmd *my_raw_cmd;
3137 	int drive;
3138 	int ret2;
3139 	int ret;
3140 
3141 	if (fdc_state[current_fdc].rawcmd <= 1)
3142 		fdc_state[current_fdc].rawcmd = 1;
3143 	for (drive = 0; drive < N_DRIVE; drive++) {
3144 		if (FDC(drive) != current_fdc)
3145 			continue;
3146 		if (drive == current_drive) {
3147 			if (drive_state[drive].fd_ref > 1) {
3148 				fdc_state[current_fdc].rawcmd = 2;
3149 				break;
3150 			}
3151 		} else if (drive_state[drive].fd_ref) {
3152 			fdc_state[current_fdc].rawcmd = 2;
3153 			break;
3154 		}
3155 	}
3156 
3157 	if (fdc_state[current_fdc].reset)
3158 		return -EIO;
3159 
3160 	ret = raw_cmd_copyin(cmd, param, &my_raw_cmd);
3161 	if (ret) {
3162 		raw_cmd_free(&my_raw_cmd);
3163 		return ret;
3164 	}
3165 
3166 	raw_cmd = my_raw_cmd;
3167 	cont = &raw_cmd_cont;
3168 	ret = wait_til_done(floppy_start, true);
3169 	debug_dcl(drive_params[current_drive].flags,
3170 		  "calling disk change from raw_cmd ioctl\n");
3171 
3172 	if (ret != -EINTR && fdc_state[current_fdc].reset)
3173 		ret = -EIO;
3174 
3175 	drive_state[current_drive].track = NO_TRACK;
3176 
3177 	ret2 = raw_cmd_copyout(cmd, param, my_raw_cmd);
3178 	if (!ret)
3179 		ret = ret2;
3180 	raw_cmd_free(&my_raw_cmd);
3181 	return ret;
3182 }
3183 
floppy_raw_cmd_ioctl(int type,int drive,int cmd,void __user * param)3184 static int floppy_raw_cmd_ioctl(int type, int drive, int cmd,
3185 				void __user *param)
3186 {
3187 	int ret;
3188 
3189 	pr_warn_once("Note: FDRAWCMD is deprecated and will be removed from the kernel in the near future.\n");
3190 
3191 	if (type)
3192 		return -EINVAL;
3193 	if (lock_fdc(drive))
3194 		return -EINTR;
3195 	set_floppy(drive);
3196 	ret = raw_cmd_ioctl(cmd, param);
3197 	if (ret == -EINTR)
3198 		return -EINTR;
3199 	process_fd_request();
3200 	return ret;
3201 }
3202 
3203 #else /* CONFIG_BLK_DEV_FD_RAWCMD */
3204 
floppy_raw_cmd_ioctl(int type,int drive,int cmd,void __user * param)3205 static int floppy_raw_cmd_ioctl(int type, int drive, int cmd,
3206 				void __user *param)
3207 {
3208 	return -EOPNOTSUPP;
3209 }
3210 
3211 #endif
3212 
invalidate_drive(struct gendisk * disk)3213 static int invalidate_drive(struct gendisk *disk)
3214 {
3215 	/* invalidate the buffer track to force a reread */
3216 	set_bit((long)disk->private_data, &fake_change);
3217 	process_fd_request();
3218 	if (disk_check_media_change(disk))
3219 		floppy_revalidate(disk);
3220 	return 0;
3221 }
3222 
set_geometry(unsigned int cmd,struct floppy_struct * g,int drive,int type,struct block_device * bdev)3223 static int set_geometry(unsigned int cmd, struct floppy_struct *g,
3224 			       int drive, int type, struct block_device *bdev)
3225 {
3226 	int cnt;
3227 
3228 	/* sanity checking for parameters. */
3229 	if ((int)g->sect <= 0 ||
3230 	    (int)g->head <= 0 ||
3231 	    /* check for overflow in max_sector */
3232 	    (int)(g->sect * g->head) <= 0 ||
3233 	    /* check for zero in raw_cmd->cmd[F_SECT_PER_TRACK] */
3234 	    (unsigned char)((g->sect << 2) >> FD_SIZECODE(g)) == 0 ||
3235 	    g->track <= 0 || g->track > drive_params[drive].tracks >> STRETCH(g) ||
3236 	    /* check if reserved bits are set */
3237 	    (g->stretch & ~(FD_STRETCH | FD_SWAPSIDES | FD_SECTBASEMASK)) != 0)
3238 		return -EINVAL;
3239 	if (type) {
3240 		if (!capable(CAP_SYS_ADMIN))
3241 			return -EPERM;
3242 		mutex_lock(&open_lock);
3243 		if (lock_fdc(drive)) {
3244 			mutex_unlock(&open_lock);
3245 			return -EINTR;
3246 		}
3247 		floppy_type[type] = *g;
3248 		floppy_type[type].name = "user format";
3249 		for (cnt = type << 2; cnt < (type << 2) + 4; cnt++)
3250 			floppy_sizes[cnt] = floppy_sizes[cnt + 0x80] =
3251 			    floppy_type[type].size + 1;
3252 		process_fd_request();
3253 		for (cnt = 0; cnt < N_DRIVE; cnt++) {
3254 			struct gendisk *disk = opened_disk[cnt];
3255 
3256 			if (!disk || ITYPE(drive_state[cnt].fd_device) != type)
3257 				continue;
3258 			disk_force_media_change(disk);
3259 		}
3260 		mutex_unlock(&open_lock);
3261 	} else {
3262 		int oldStretch;
3263 
3264 		if (lock_fdc(drive))
3265 			return -EINTR;
3266 		if (cmd != FDDEFPRM) {
3267 			/* notice a disk change immediately, else
3268 			 * we lose our settings immediately*/
3269 			if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3270 				return -EINTR;
3271 		}
3272 		oldStretch = g->stretch;
3273 		user_params[drive] = *g;
3274 		if (buffer_drive == drive)
3275 			SUPBOUND(buffer_max, user_params[drive].sect);
3276 		current_type[drive] = &user_params[drive];
3277 		floppy_sizes[drive] = user_params[drive].size;
3278 		if (cmd == FDDEFPRM)
3279 			drive_state[current_drive].keep_data = -1;
3280 		else
3281 			drive_state[current_drive].keep_data = 1;
3282 		/* invalidation. Invalidate only when needed, i.e.
3283 		 * when there are already sectors in the buffer cache
3284 		 * whose number will change. This is useful, because
3285 		 * mtools often changes the geometry of the disk after
3286 		 * looking at the boot block */
3287 		if (drive_state[current_drive].maxblock > user_params[drive].sect ||
3288 		    drive_state[current_drive].maxtrack ||
3289 		    ((user_params[drive].sect ^ oldStretch) &
3290 		     (FD_SWAPSIDES | FD_SECTBASEMASK)))
3291 			invalidate_drive(bdev->bd_disk);
3292 		else
3293 			process_fd_request();
3294 	}
3295 	return 0;
3296 }
3297 
3298 /* handle obsolete ioctl's */
3299 static unsigned int ioctl_table[] = {
3300 	FDCLRPRM,
3301 	FDSETPRM,
3302 	FDDEFPRM,
3303 	FDGETPRM,
3304 	FDMSGON,
3305 	FDMSGOFF,
3306 	FDFMTBEG,
3307 	FDFMTTRK,
3308 	FDFMTEND,
3309 	FDSETEMSGTRESH,
3310 	FDFLUSH,
3311 	FDSETMAXERRS,
3312 	FDGETMAXERRS,
3313 	FDGETDRVTYP,
3314 	FDSETDRVPRM,
3315 	FDGETDRVPRM,
3316 	FDGETDRVSTAT,
3317 	FDPOLLDRVSTAT,
3318 	FDRESET,
3319 	FDGETFDCSTAT,
3320 	FDWERRORCLR,
3321 	FDWERRORGET,
3322 	FDRAWCMD,
3323 	FDEJECT,
3324 	FDTWADDLE
3325 };
3326 
normalize_ioctl(unsigned int * cmd,int * size)3327 static int normalize_ioctl(unsigned int *cmd, int *size)
3328 {
3329 	int i;
3330 
3331 	for (i = 0; i < ARRAY_SIZE(ioctl_table); i++) {
3332 		if ((*cmd & 0xffff) == (ioctl_table[i] & 0xffff)) {
3333 			*size = _IOC_SIZE(*cmd);
3334 			*cmd = ioctl_table[i];
3335 			if (*size > _IOC_SIZE(*cmd)) {
3336 				pr_info("ioctl not yet supported\n");
3337 				return -EFAULT;
3338 			}
3339 			return 0;
3340 		}
3341 	}
3342 	return -EINVAL;
3343 }
3344 
get_floppy_geometry(int drive,int type,struct floppy_struct ** g)3345 static int get_floppy_geometry(int drive, int type, struct floppy_struct **g)
3346 {
3347 	if (type)
3348 		*g = &floppy_type[type];
3349 	else {
3350 		if (lock_fdc(drive))
3351 			return -EINTR;
3352 		if (poll_drive(false, 0) == -EINTR)
3353 			return -EINTR;
3354 		process_fd_request();
3355 		*g = current_type[drive];
3356 	}
3357 	if (!*g)
3358 		return -ENODEV;
3359 	return 0;
3360 }
3361 
fd_getgeo(struct block_device * bdev,struct hd_geometry * geo)3362 static int fd_getgeo(struct block_device *bdev, struct hd_geometry *geo)
3363 {
3364 	int drive = (long)bdev->bd_disk->private_data;
3365 	int type = ITYPE(drive_state[drive].fd_device);
3366 	struct floppy_struct *g;
3367 	int ret;
3368 
3369 	ret = get_floppy_geometry(drive, type, &g);
3370 	if (ret)
3371 		return ret;
3372 
3373 	geo->heads = g->head;
3374 	geo->sectors = g->sect;
3375 	geo->cylinders = g->track;
3376 	return 0;
3377 }
3378 
valid_floppy_drive_params(const short autodetect[FD_AUTODETECT_SIZE],int native_format)3379 static bool valid_floppy_drive_params(const short autodetect[FD_AUTODETECT_SIZE],
3380 		int native_format)
3381 {
3382 	size_t floppy_type_size = ARRAY_SIZE(floppy_type);
3383 	size_t i = 0;
3384 
3385 	for (i = 0; i < FD_AUTODETECT_SIZE; ++i) {
3386 		if (autodetect[i] < 0 ||
3387 		    autodetect[i] >= floppy_type_size)
3388 			return false;
3389 	}
3390 
3391 	if (native_format < 0 || native_format >= floppy_type_size)
3392 		return false;
3393 
3394 	return true;
3395 }
3396 
fd_locked_ioctl(struct block_device * bdev,blk_mode_t mode,unsigned int cmd,unsigned long param)3397 static int fd_locked_ioctl(struct block_device *bdev, blk_mode_t mode,
3398 		unsigned int cmd, unsigned long param)
3399 {
3400 	int drive = (long)bdev->bd_disk->private_data;
3401 	int type = ITYPE(drive_state[drive].fd_device);
3402 	int ret;
3403 	int size;
3404 	union inparam {
3405 		struct floppy_struct g;	/* geometry */
3406 		struct format_descr f;
3407 		struct floppy_max_errors max_errors;
3408 		struct floppy_drive_params dp;
3409 	} inparam;		/* parameters coming from user space */
3410 	const void *outparam;	/* parameters passed back to user space */
3411 
3412 	/* convert compatibility eject ioctls into floppy eject ioctl.
3413 	 * We do this in order to provide a means to eject floppy disks before
3414 	 * installing the new fdutils package */
3415 	if (cmd == CDROMEJECT ||	/* CD-ROM eject */
3416 	    cmd == 0x6470) {		/* SunOS floppy eject */
3417 		DPRINT("obsolete eject ioctl\n");
3418 		DPRINT("please use floppycontrol --eject\n");
3419 		cmd = FDEJECT;
3420 	}
3421 
3422 	if (!((cmd & 0xff00) == 0x0200))
3423 		return -EINVAL;
3424 
3425 	/* convert the old style command into a new style command */
3426 	ret = normalize_ioctl(&cmd, &size);
3427 	if (ret)
3428 		return ret;
3429 
3430 	/* permission checks */
3431 	if (((cmd & 0x40) &&
3432 	     !(mode & (BLK_OPEN_WRITE | BLK_OPEN_WRITE_IOCTL))) ||
3433 	    ((cmd & 0x80) && !capable(CAP_SYS_ADMIN)))
3434 		return -EPERM;
3435 
3436 	if (WARN_ON(size < 0 || size > sizeof(inparam)))
3437 		return -EINVAL;
3438 
3439 	/* copyin */
3440 	memset(&inparam, 0, sizeof(inparam));
3441 	if (_IOC_DIR(cmd) & _IOC_WRITE) {
3442 		ret = fd_copyin((void __user *)param, &inparam, size);
3443 		if (ret)
3444 			return ret;
3445 	}
3446 
3447 	switch (cmd) {
3448 	case FDEJECT:
3449 		if (drive_state[drive].fd_ref != 1)
3450 			/* somebody else has this drive open */
3451 			return -EBUSY;
3452 		if (lock_fdc(drive))
3453 			return -EINTR;
3454 
3455 		/* do the actual eject. Fails on
3456 		 * non-Sparc architectures */
3457 		ret = fd_eject(UNIT(drive));
3458 
3459 		set_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
3460 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
3461 		process_fd_request();
3462 		return ret;
3463 	case FDCLRPRM:
3464 		if (lock_fdc(drive))
3465 			return -EINTR;
3466 		current_type[drive] = NULL;
3467 		floppy_sizes[drive] = MAX_DISK_SIZE << 1;
3468 		drive_state[drive].keep_data = 0;
3469 		return invalidate_drive(bdev->bd_disk);
3470 	case FDSETPRM:
3471 	case FDDEFPRM:
3472 		return set_geometry(cmd, &inparam.g, drive, type, bdev);
3473 	case FDGETPRM:
3474 		ret = get_floppy_geometry(drive, type,
3475 					  (struct floppy_struct **)&outparam);
3476 		if (ret)
3477 			return ret;
3478 		memcpy(&inparam.g, outparam,
3479 				offsetof(struct floppy_struct, name));
3480 		outparam = &inparam.g;
3481 		break;
3482 	case FDMSGON:
3483 		drive_params[drive].flags |= FTD_MSG;
3484 		return 0;
3485 	case FDMSGOFF:
3486 		drive_params[drive].flags &= ~FTD_MSG;
3487 		return 0;
3488 	case FDFMTBEG:
3489 		if (lock_fdc(drive))
3490 			return -EINTR;
3491 		if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3492 			return -EINTR;
3493 		ret = drive_state[drive].flags;
3494 		process_fd_request();
3495 		if (ret & FD_VERIFY)
3496 			return -ENODEV;
3497 		if (!(ret & FD_DISK_WRITABLE))
3498 			return -EROFS;
3499 		return 0;
3500 	case FDFMTTRK:
3501 		if (drive_state[drive].fd_ref != 1)
3502 			return -EBUSY;
3503 		return do_format(drive, &inparam.f);
3504 	case FDFMTEND:
3505 	case FDFLUSH:
3506 		if (lock_fdc(drive))
3507 			return -EINTR;
3508 		return invalidate_drive(bdev->bd_disk);
3509 	case FDSETEMSGTRESH:
3510 		drive_params[drive].max_errors.reporting = (unsigned short)(param & 0x0f);
3511 		return 0;
3512 	case FDGETMAXERRS:
3513 		outparam = &drive_params[drive].max_errors;
3514 		break;
3515 	case FDSETMAXERRS:
3516 		drive_params[drive].max_errors = inparam.max_errors;
3517 		break;
3518 	case FDGETDRVTYP:
3519 		outparam = drive_name(type, drive);
3520 		SUPBOUND(size, strlen((const char *)outparam) + 1);
3521 		break;
3522 	case FDSETDRVPRM:
3523 		if (!valid_floppy_drive_params(inparam.dp.autodetect,
3524 				inparam.dp.native_format))
3525 			return -EINVAL;
3526 		drive_params[drive] = inparam.dp;
3527 		break;
3528 	case FDGETDRVPRM:
3529 		outparam = &drive_params[drive];
3530 		break;
3531 	case FDPOLLDRVSTAT:
3532 		if (lock_fdc(drive))
3533 			return -EINTR;
3534 		if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3535 			return -EINTR;
3536 		process_fd_request();
3537 		fallthrough;
3538 	case FDGETDRVSTAT:
3539 		outparam = &drive_state[drive];
3540 		break;
3541 	case FDRESET:
3542 		return user_reset_fdc(drive, (int)param, true);
3543 	case FDGETFDCSTAT:
3544 		outparam = &fdc_state[FDC(drive)];
3545 		break;
3546 	case FDWERRORCLR:
3547 		memset(&write_errors[drive], 0, sizeof(write_errors[drive]));
3548 		return 0;
3549 	case FDWERRORGET:
3550 		outparam = &write_errors[drive];
3551 		break;
3552 	case FDRAWCMD:
3553 		return floppy_raw_cmd_ioctl(type, drive, cmd, (void __user *)param);
3554 	case FDTWADDLE:
3555 		if (lock_fdc(drive))
3556 			return -EINTR;
3557 		twaddle(current_fdc, current_drive);
3558 		process_fd_request();
3559 		return 0;
3560 	default:
3561 		return -EINVAL;
3562 	}
3563 
3564 	if (_IOC_DIR(cmd) & _IOC_READ)
3565 		return fd_copyout((void __user *)param, outparam, size);
3566 
3567 	return 0;
3568 }
3569 
fd_ioctl(struct block_device * bdev,blk_mode_t mode,unsigned int cmd,unsigned long param)3570 static int fd_ioctl(struct block_device *bdev, blk_mode_t mode,
3571 			     unsigned int cmd, unsigned long param)
3572 {
3573 	int ret;
3574 
3575 	mutex_lock(&floppy_mutex);
3576 	ret = fd_locked_ioctl(bdev, mode, cmd, param);
3577 	mutex_unlock(&floppy_mutex);
3578 
3579 	return ret;
3580 }
3581 
3582 #ifdef CONFIG_COMPAT
3583 
3584 struct compat_floppy_drive_params {
3585 	char		cmos;
3586 	compat_ulong_t	max_dtr;
3587 	compat_ulong_t	hlt;
3588 	compat_ulong_t	hut;
3589 	compat_ulong_t	srt;
3590 	compat_ulong_t	spinup;
3591 	compat_ulong_t	spindown;
3592 	unsigned char	spindown_offset;
3593 	unsigned char	select_delay;
3594 	unsigned char	rps;
3595 	unsigned char	tracks;
3596 	compat_ulong_t	timeout;
3597 	unsigned char	interleave_sect;
3598 	struct floppy_max_errors max_errors;
3599 	char		flags;
3600 	char		read_track;
3601 	short		autodetect[FD_AUTODETECT_SIZE];
3602 	compat_int_t	checkfreq;
3603 	compat_int_t	native_format;
3604 };
3605 
3606 struct compat_floppy_drive_struct {
3607 	signed char	flags;
3608 	compat_ulong_t	spinup_date;
3609 	compat_ulong_t	select_date;
3610 	compat_ulong_t	first_read_date;
3611 	short		probed_format;
3612 	short		track;
3613 	short		maxblock;
3614 	short		maxtrack;
3615 	compat_int_t	generation;
3616 	compat_int_t	keep_data;
3617 	compat_int_t	fd_ref;
3618 	compat_int_t	fd_device;
3619 	compat_int_t	last_checked;
3620 	compat_caddr_t dmabuf;
3621 	compat_int_t	bufblocks;
3622 };
3623 
3624 struct compat_floppy_fdc_state {
3625 	compat_int_t	spec1;
3626 	compat_int_t	spec2;
3627 	compat_int_t	dtr;
3628 	unsigned char	version;
3629 	unsigned char	dor;
3630 	compat_ulong_t	address;
3631 	unsigned int	rawcmd:2;
3632 	unsigned int	reset:1;
3633 	unsigned int	need_configure:1;
3634 	unsigned int	perp_mode:2;
3635 	unsigned int	has_fifo:1;
3636 	unsigned int	driver_version;
3637 	unsigned char	track[4];
3638 };
3639 
3640 struct compat_floppy_write_errors {
3641 	unsigned int	write_errors;
3642 	compat_ulong_t	first_error_sector;
3643 	compat_int_t	first_error_generation;
3644 	compat_ulong_t	last_error_sector;
3645 	compat_int_t	last_error_generation;
3646 	compat_uint_t	badness;
3647 };
3648 
3649 #define FDSETPRM32 _IOW(2, 0x42, struct compat_floppy_struct)
3650 #define FDDEFPRM32 _IOW(2, 0x43, struct compat_floppy_struct)
3651 #define FDSETDRVPRM32 _IOW(2, 0x90, struct compat_floppy_drive_params)
3652 #define FDGETDRVPRM32 _IOR(2, 0x11, struct compat_floppy_drive_params)
3653 #define FDGETDRVSTAT32 _IOR(2, 0x12, struct compat_floppy_drive_struct)
3654 #define FDPOLLDRVSTAT32 _IOR(2, 0x13, struct compat_floppy_drive_struct)
3655 #define FDGETFDCSTAT32 _IOR(2, 0x15, struct compat_floppy_fdc_state)
3656 #define FDWERRORGET32  _IOR(2, 0x17, struct compat_floppy_write_errors)
3657 
compat_set_geometry(struct block_device * bdev,blk_mode_t mode,unsigned int cmd,struct compat_floppy_struct __user * arg)3658 static int compat_set_geometry(struct block_device *bdev, blk_mode_t mode,
3659 		unsigned int cmd, struct compat_floppy_struct __user *arg)
3660 {
3661 	struct floppy_struct v;
3662 	int drive, type;
3663 	int err;
3664 
3665 	BUILD_BUG_ON(offsetof(struct floppy_struct, name) !=
3666 		     offsetof(struct compat_floppy_struct, name));
3667 
3668 	if (!(mode & (BLK_OPEN_WRITE | BLK_OPEN_WRITE_IOCTL)))
3669 		return -EPERM;
3670 
3671 	memset(&v, 0, sizeof(struct floppy_struct));
3672 	if (copy_from_user(&v, arg, offsetof(struct floppy_struct, name)))
3673 		return -EFAULT;
3674 
3675 	mutex_lock(&floppy_mutex);
3676 	drive = (long)bdev->bd_disk->private_data;
3677 	type = ITYPE(drive_state[drive].fd_device);
3678 	err = set_geometry(cmd == FDSETPRM32 ? FDSETPRM : FDDEFPRM,
3679 			&v, drive, type, bdev);
3680 	mutex_unlock(&floppy_mutex);
3681 	return err;
3682 }
3683 
compat_get_prm(int drive,struct compat_floppy_struct __user * arg)3684 static int compat_get_prm(int drive,
3685 			  struct compat_floppy_struct __user *arg)
3686 {
3687 	struct compat_floppy_struct v;
3688 	struct floppy_struct *p;
3689 	int err;
3690 
3691 	memset(&v, 0, sizeof(v));
3692 	mutex_lock(&floppy_mutex);
3693 	err = get_floppy_geometry(drive, ITYPE(drive_state[drive].fd_device),
3694 				  &p);
3695 	if (err) {
3696 		mutex_unlock(&floppy_mutex);
3697 		return err;
3698 	}
3699 	memcpy(&v, p, offsetof(struct floppy_struct, name));
3700 	mutex_unlock(&floppy_mutex);
3701 	if (copy_to_user(arg, &v, sizeof(struct compat_floppy_struct)))
3702 		return -EFAULT;
3703 	return 0;
3704 }
3705 
compat_setdrvprm(int drive,struct compat_floppy_drive_params __user * arg)3706 static int compat_setdrvprm(int drive,
3707 			    struct compat_floppy_drive_params __user *arg)
3708 {
3709 	struct compat_floppy_drive_params v;
3710 
3711 	if (!capable(CAP_SYS_ADMIN))
3712 		return -EPERM;
3713 	if (copy_from_user(&v, arg, sizeof(struct compat_floppy_drive_params)))
3714 		return -EFAULT;
3715 	if (!valid_floppy_drive_params(v.autodetect, v.native_format))
3716 		return -EINVAL;
3717 	mutex_lock(&floppy_mutex);
3718 	drive_params[drive].cmos = v.cmos;
3719 	drive_params[drive].max_dtr = v.max_dtr;
3720 	drive_params[drive].hlt = v.hlt;
3721 	drive_params[drive].hut = v.hut;
3722 	drive_params[drive].srt = v.srt;
3723 	drive_params[drive].spinup = v.spinup;
3724 	drive_params[drive].spindown = v.spindown;
3725 	drive_params[drive].spindown_offset = v.spindown_offset;
3726 	drive_params[drive].select_delay = v.select_delay;
3727 	drive_params[drive].rps = v.rps;
3728 	drive_params[drive].tracks = v.tracks;
3729 	drive_params[drive].timeout = v.timeout;
3730 	drive_params[drive].interleave_sect = v.interleave_sect;
3731 	drive_params[drive].max_errors = v.max_errors;
3732 	drive_params[drive].flags = v.flags;
3733 	drive_params[drive].read_track = v.read_track;
3734 	memcpy(drive_params[drive].autodetect, v.autodetect,
3735 	       sizeof(v.autodetect));
3736 	drive_params[drive].checkfreq = v.checkfreq;
3737 	drive_params[drive].native_format = v.native_format;
3738 	mutex_unlock(&floppy_mutex);
3739 	return 0;
3740 }
3741 
compat_getdrvprm(int drive,struct compat_floppy_drive_params __user * arg)3742 static int compat_getdrvprm(int drive,
3743 			    struct compat_floppy_drive_params __user *arg)
3744 {
3745 	struct compat_floppy_drive_params v;
3746 
3747 	memset(&v, 0, sizeof(struct compat_floppy_drive_params));
3748 	mutex_lock(&floppy_mutex);
3749 	v.cmos = drive_params[drive].cmos;
3750 	v.max_dtr = drive_params[drive].max_dtr;
3751 	v.hlt = drive_params[drive].hlt;
3752 	v.hut = drive_params[drive].hut;
3753 	v.srt = drive_params[drive].srt;
3754 	v.spinup = drive_params[drive].spinup;
3755 	v.spindown = drive_params[drive].spindown;
3756 	v.spindown_offset = drive_params[drive].spindown_offset;
3757 	v.select_delay = drive_params[drive].select_delay;
3758 	v.rps = drive_params[drive].rps;
3759 	v.tracks = drive_params[drive].tracks;
3760 	v.timeout = drive_params[drive].timeout;
3761 	v.interleave_sect = drive_params[drive].interleave_sect;
3762 	v.max_errors = drive_params[drive].max_errors;
3763 	v.flags = drive_params[drive].flags;
3764 	v.read_track = drive_params[drive].read_track;
3765 	memcpy(v.autodetect, drive_params[drive].autodetect,
3766 	       sizeof(v.autodetect));
3767 	v.checkfreq = drive_params[drive].checkfreq;
3768 	v.native_format = drive_params[drive].native_format;
3769 	mutex_unlock(&floppy_mutex);
3770 
3771 	if (copy_to_user(arg, &v, sizeof(struct compat_floppy_drive_params)))
3772 		return -EFAULT;
3773 	return 0;
3774 }
3775 
compat_getdrvstat(int drive,bool poll,struct compat_floppy_drive_struct __user * arg)3776 static int compat_getdrvstat(int drive, bool poll,
3777 			    struct compat_floppy_drive_struct __user *arg)
3778 {
3779 	struct compat_floppy_drive_struct v;
3780 
3781 	memset(&v, 0, sizeof(struct compat_floppy_drive_struct));
3782 	mutex_lock(&floppy_mutex);
3783 
3784 	if (poll) {
3785 		if (lock_fdc(drive))
3786 			goto Eintr;
3787 		if (poll_drive(true, FD_RAW_NEED_DISK) == -EINTR)
3788 			goto Eintr;
3789 		process_fd_request();
3790 	}
3791 	v.spinup_date = drive_state[drive].spinup_date;
3792 	v.select_date = drive_state[drive].select_date;
3793 	v.first_read_date = drive_state[drive].first_read_date;
3794 	v.probed_format = drive_state[drive].probed_format;
3795 	v.track = drive_state[drive].track;
3796 	v.maxblock = drive_state[drive].maxblock;
3797 	v.maxtrack = drive_state[drive].maxtrack;
3798 	v.generation = drive_state[drive].generation;
3799 	v.keep_data = drive_state[drive].keep_data;
3800 	v.fd_ref = drive_state[drive].fd_ref;
3801 	v.fd_device = drive_state[drive].fd_device;
3802 	v.last_checked = drive_state[drive].last_checked;
3803 	v.dmabuf = (uintptr_t) drive_state[drive].dmabuf;
3804 	v.bufblocks = drive_state[drive].bufblocks;
3805 	mutex_unlock(&floppy_mutex);
3806 
3807 	if (copy_to_user(arg, &v, sizeof(struct compat_floppy_drive_struct)))
3808 		return -EFAULT;
3809 	return 0;
3810 Eintr:
3811 	mutex_unlock(&floppy_mutex);
3812 	return -EINTR;
3813 }
3814 
compat_getfdcstat(int drive,struct compat_floppy_fdc_state __user * arg)3815 static int compat_getfdcstat(int drive,
3816 			    struct compat_floppy_fdc_state __user *arg)
3817 {
3818 	struct compat_floppy_fdc_state v32;
3819 	struct floppy_fdc_state v;
3820 
3821 	mutex_lock(&floppy_mutex);
3822 	v = fdc_state[FDC(drive)];
3823 	mutex_unlock(&floppy_mutex);
3824 
3825 	memset(&v32, 0, sizeof(struct compat_floppy_fdc_state));
3826 	v32.spec1 = v.spec1;
3827 	v32.spec2 = v.spec2;
3828 	v32.dtr = v.dtr;
3829 	v32.version = v.version;
3830 	v32.dor = v.dor;
3831 	v32.address = v.address;
3832 	v32.rawcmd = v.rawcmd;
3833 	v32.reset = v.reset;
3834 	v32.need_configure = v.need_configure;
3835 	v32.perp_mode = v.perp_mode;
3836 	v32.has_fifo = v.has_fifo;
3837 	v32.driver_version = v.driver_version;
3838 	memcpy(v32.track, v.track, 4);
3839 	if (copy_to_user(arg, &v32, sizeof(struct compat_floppy_fdc_state)))
3840 		return -EFAULT;
3841 	return 0;
3842 }
3843 
compat_werrorget(int drive,struct compat_floppy_write_errors __user * arg)3844 static int compat_werrorget(int drive,
3845 			    struct compat_floppy_write_errors __user *arg)
3846 {
3847 	struct compat_floppy_write_errors v32;
3848 	struct floppy_write_errors v;
3849 
3850 	memset(&v32, 0, sizeof(struct compat_floppy_write_errors));
3851 	mutex_lock(&floppy_mutex);
3852 	v = write_errors[drive];
3853 	mutex_unlock(&floppy_mutex);
3854 	v32.write_errors = v.write_errors;
3855 	v32.first_error_sector = v.first_error_sector;
3856 	v32.first_error_generation = v.first_error_generation;
3857 	v32.last_error_sector = v.last_error_sector;
3858 	v32.last_error_generation = v.last_error_generation;
3859 	v32.badness = v.badness;
3860 	if (copy_to_user(arg, &v32, sizeof(struct compat_floppy_write_errors)))
3861 		return -EFAULT;
3862 	return 0;
3863 }
3864 
fd_compat_ioctl(struct block_device * bdev,blk_mode_t mode,unsigned int cmd,unsigned long param)3865 static int fd_compat_ioctl(struct block_device *bdev, blk_mode_t mode,
3866 		unsigned int cmd, unsigned long param)
3867 {
3868 	int drive = (long)bdev->bd_disk->private_data;
3869 	switch (cmd) {
3870 	case CDROMEJECT: /* CD-ROM eject */
3871 	case 0x6470:	 /* SunOS floppy eject */
3872 
3873 	case FDMSGON:
3874 	case FDMSGOFF:
3875 	case FDSETEMSGTRESH:
3876 	case FDFLUSH:
3877 	case FDWERRORCLR:
3878 	case FDEJECT:
3879 	case FDCLRPRM:
3880 	case FDFMTBEG:
3881 	case FDRESET:
3882 	case FDTWADDLE:
3883 		return fd_ioctl(bdev, mode, cmd, param);
3884 	case FDSETMAXERRS:
3885 	case FDGETMAXERRS:
3886 	case FDGETDRVTYP:
3887 	case FDFMTEND:
3888 	case FDFMTTRK:
3889 	case FDRAWCMD:
3890 		return fd_ioctl(bdev, mode, cmd,
3891 				(unsigned long)compat_ptr(param));
3892 	case FDSETPRM32:
3893 	case FDDEFPRM32:
3894 		return compat_set_geometry(bdev, mode, cmd, compat_ptr(param));
3895 	case FDGETPRM32:
3896 		return compat_get_prm(drive, compat_ptr(param));
3897 	case FDSETDRVPRM32:
3898 		return compat_setdrvprm(drive, compat_ptr(param));
3899 	case FDGETDRVPRM32:
3900 		return compat_getdrvprm(drive, compat_ptr(param));
3901 	case FDPOLLDRVSTAT32:
3902 		return compat_getdrvstat(drive, true, compat_ptr(param));
3903 	case FDGETDRVSTAT32:
3904 		return compat_getdrvstat(drive, false, compat_ptr(param));
3905 	case FDGETFDCSTAT32:
3906 		return compat_getfdcstat(drive, compat_ptr(param));
3907 	case FDWERRORGET32:
3908 		return compat_werrorget(drive, compat_ptr(param));
3909 	}
3910 	return -EINVAL;
3911 }
3912 #endif
3913 
config_types(void)3914 static void __init config_types(void)
3915 {
3916 	bool has_drive = false;
3917 	int drive;
3918 
3919 	/* read drive info out of physical CMOS */
3920 	drive = 0;
3921 	if (!drive_params[drive].cmos)
3922 		drive_params[drive].cmos = FLOPPY0_TYPE;
3923 	drive = 1;
3924 	if (!drive_params[drive].cmos)
3925 		drive_params[drive].cmos = FLOPPY1_TYPE;
3926 
3927 	/* FIXME: additional physical CMOS drive detection should go here */
3928 
3929 	for (drive = 0; drive < N_DRIVE; drive++) {
3930 		unsigned int type = drive_params[drive].cmos;
3931 		struct floppy_drive_params *params;
3932 		const char *name = NULL;
3933 		char temparea[32];
3934 
3935 		if (type < ARRAY_SIZE(default_drive_params)) {
3936 			params = &default_drive_params[type].params;
3937 			if (type) {
3938 				name = default_drive_params[type].name;
3939 				allowed_drive_mask |= 1 << drive;
3940 			} else
3941 				allowed_drive_mask &= ~(1 << drive);
3942 		} else {
3943 			params = &default_drive_params[0].params;
3944 			snprintf(temparea, sizeof(temparea),
3945 				 "unknown type %d (usb?)", type);
3946 			name = temparea;
3947 		}
3948 		if (name) {
3949 			const char *prepend;
3950 			if (!has_drive) {
3951 				prepend = "";
3952 				has_drive = true;
3953 				pr_info("Floppy drive(s):");
3954 			} else {
3955 				prepend = ",";
3956 			}
3957 
3958 			pr_cont("%s fd%d is %s", prepend, drive, name);
3959 		}
3960 		drive_params[drive] = *params;
3961 	}
3962 
3963 	if (has_drive)
3964 		pr_cont("\n");
3965 }
3966 
floppy_release(struct gendisk * disk)3967 static void floppy_release(struct gendisk *disk)
3968 {
3969 	int drive = (long)disk->private_data;
3970 
3971 	mutex_lock(&floppy_mutex);
3972 	mutex_lock(&open_lock);
3973 	if (!drive_state[drive].fd_ref--) {
3974 		DPRINT("floppy_release with fd_ref == 0");
3975 		drive_state[drive].fd_ref = 0;
3976 	}
3977 	if (!drive_state[drive].fd_ref)
3978 		opened_disk[drive] = NULL;
3979 	mutex_unlock(&open_lock);
3980 	mutex_unlock(&floppy_mutex);
3981 }
3982 
3983 /*
3984  * floppy_open check for aliasing (/dev/fd0 can be the same as
3985  * /dev/PS0 etc), and disallows simultaneous access to the same
3986  * drive with different device numbers.
3987  */
floppy_open(struct gendisk * disk,blk_mode_t mode)3988 static int floppy_open(struct gendisk *disk, blk_mode_t mode)
3989 {
3990 	int drive = (long)disk->private_data;
3991 	int old_dev, new_dev;
3992 	int try;
3993 	int res = -EBUSY;
3994 	char *tmp;
3995 
3996 	mutex_lock(&floppy_mutex);
3997 	mutex_lock(&open_lock);
3998 	old_dev = drive_state[drive].fd_device;
3999 	if (opened_disk[drive] && opened_disk[drive] != disk)
4000 		goto out2;
4001 
4002 	if (!drive_state[drive].fd_ref && (drive_params[drive].flags & FD_BROKEN_DCL)) {
4003 		set_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
4004 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
4005 	}
4006 
4007 	drive_state[drive].fd_ref++;
4008 
4009 	opened_disk[drive] = disk;
4010 
4011 	res = -ENXIO;
4012 
4013 	if (!floppy_track_buffer) {
4014 		/* if opening an ED drive, reserve a big buffer,
4015 		 * else reserve a small one */
4016 		if ((drive_params[drive].cmos == 6) || (drive_params[drive].cmos == 5))
4017 			try = 64;	/* Only 48 actually useful */
4018 		else
4019 			try = 32;	/* Only 24 actually useful */
4020 
4021 		tmp = (char *)fd_dma_mem_alloc(1024 * try);
4022 		if (!tmp && !floppy_track_buffer) {
4023 			try >>= 1;	/* buffer only one side */
4024 			INFBOUND(try, 16);
4025 			tmp = (char *)fd_dma_mem_alloc(1024 * try);
4026 		}
4027 		if (!tmp && !floppy_track_buffer)
4028 			fallback_on_nodma_alloc(&tmp, 2048 * try);
4029 		if (!tmp && !floppy_track_buffer) {
4030 			DPRINT("Unable to allocate DMA memory\n");
4031 			goto out;
4032 		}
4033 		if (floppy_track_buffer) {
4034 			if (tmp)
4035 				fd_dma_mem_free((unsigned long)tmp, try * 1024);
4036 		} else {
4037 			buffer_min = buffer_max = -1;
4038 			floppy_track_buffer = tmp;
4039 			max_buffer_sectors = try;
4040 		}
4041 	}
4042 
4043 	new_dev = disk->first_minor;
4044 	drive_state[drive].fd_device = new_dev;
4045 	set_capacity(disks[drive][ITYPE(new_dev)], floppy_sizes[new_dev]);
4046 	if (old_dev != -1 && old_dev != new_dev) {
4047 		if (buffer_drive == drive)
4048 			buffer_track = -1;
4049 	}
4050 
4051 	if (fdc_state[FDC(drive)].rawcmd == 1)
4052 		fdc_state[FDC(drive)].rawcmd = 2;
4053 	if (!(mode & BLK_OPEN_NDELAY)) {
4054 		if (mode & (BLK_OPEN_READ | BLK_OPEN_WRITE)) {
4055 			drive_state[drive].last_checked = 0;
4056 			clear_bit(FD_OPEN_SHOULD_FAIL_BIT,
4057 				  &drive_state[drive].flags);
4058 			if (disk_check_media_change(disk))
4059 				floppy_revalidate(disk);
4060 			if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags))
4061 				goto out;
4062 			if (test_bit(FD_OPEN_SHOULD_FAIL_BIT, &drive_state[drive].flags))
4063 				goto out;
4064 		}
4065 		res = -EROFS;
4066 		if ((mode & BLK_OPEN_WRITE) &&
4067 		    !test_bit(FD_DISK_WRITABLE_BIT, &drive_state[drive].flags))
4068 			goto out;
4069 	}
4070 	mutex_unlock(&open_lock);
4071 	mutex_unlock(&floppy_mutex);
4072 	return 0;
4073 out:
4074 	drive_state[drive].fd_ref--;
4075 
4076 	if (!drive_state[drive].fd_ref)
4077 		opened_disk[drive] = NULL;
4078 out2:
4079 	mutex_unlock(&open_lock);
4080 	mutex_unlock(&floppy_mutex);
4081 	return res;
4082 }
4083 
4084 /*
4085  * Check if the disk has been changed or if a change has been faked.
4086  */
floppy_check_events(struct gendisk * disk,unsigned int clearing)4087 static unsigned int floppy_check_events(struct gendisk *disk,
4088 					unsigned int clearing)
4089 {
4090 	int drive = (long)disk->private_data;
4091 
4092 	if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4093 	    test_bit(FD_VERIFY_BIT, &drive_state[drive].flags))
4094 		return DISK_EVENT_MEDIA_CHANGE;
4095 
4096 	if (time_after(jiffies, drive_state[drive].last_checked + drive_params[drive].checkfreq)) {
4097 		if (lock_fdc(drive))
4098 			return 0;
4099 		poll_drive(false, 0);
4100 		process_fd_request();
4101 	}
4102 
4103 	if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4104 	    test_bit(FD_VERIFY_BIT, &drive_state[drive].flags) ||
4105 	    test_bit(drive, &fake_change) ||
4106 	    drive_no_geom(drive))
4107 		return DISK_EVENT_MEDIA_CHANGE;
4108 	return 0;
4109 }
4110 
4111 /*
4112  * This implements "read block 0" for floppy_revalidate().
4113  * Needed for format autodetection, checking whether there is
4114  * a disk in the drive, and whether that disk is writable.
4115  */
4116 
4117 struct rb0_cbdata {
4118 	int drive;
4119 	struct completion complete;
4120 };
4121 
floppy_rb0_cb(struct bio * bio)4122 static void floppy_rb0_cb(struct bio *bio)
4123 {
4124 	struct rb0_cbdata *cbdata = (struct rb0_cbdata *)bio->bi_private;
4125 	int drive = cbdata->drive;
4126 
4127 	if (bio->bi_status) {
4128 		pr_info("floppy: error %d while reading block 0\n",
4129 			bio->bi_status);
4130 		set_bit(FD_OPEN_SHOULD_FAIL_BIT, &drive_state[drive].flags);
4131 	}
4132 	complete(&cbdata->complete);
4133 }
4134 
__floppy_read_block_0(struct block_device * bdev,int drive)4135 static int __floppy_read_block_0(struct block_device *bdev, int drive)
4136 {
4137 	struct bio bio;
4138 	struct bio_vec bio_vec;
4139 	struct page *page;
4140 	struct rb0_cbdata cbdata;
4141 
4142 	page = alloc_page(GFP_NOIO);
4143 	if (!page) {
4144 		process_fd_request();
4145 		return -ENOMEM;
4146 	}
4147 
4148 	cbdata.drive = drive;
4149 
4150 	bio_init(&bio, bdev, &bio_vec, 1, REQ_OP_READ);
4151 	__bio_add_page(&bio, page, block_size(bdev), 0);
4152 
4153 	bio.bi_iter.bi_sector = 0;
4154 	bio.bi_flags |= (1 << BIO_QUIET);
4155 	bio.bi_private = &cbdata;
4156 	bio.bi_end_io = floppy_rb0_cb;
4157 
4158 	init_completion(&cbdata.complete);
4159 
4160 	submit_bio(&bio);
4161 	process_fd_request();
4162 
4163 	wait_for_completion(&cbdata.complete);
4164 
4165 	__free_page(page);
4166 
4167 	return 0;
4168 }
4169 
4170 /* revalidate the floppy disk, i.e. trigger format autodetection by reading
4171  * the bootblock (block 0). "Autodetection" is also needed to check whether
4172  * there is a disk in the drive at all... Thus we also do it for fixed
4173  * geometry formats */
floppy_revalidate(struct gendisk * disk)4174 static int floppy_revalidate(struct gendisk *disk)
4175 {
4176 	int drive = (long)disk->private_data;
4177 	int cf;
4178 	int res = 0;
4179 
4180 	if (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4181 	    test_bit(FD_VERIFY_BIT, &drive_state[drive].flags) ||
4182 	    test_bit(drive, &fake_change) ||
4183 	    drive_no_geom(drive)) {
4184 		if (WARN(atomic_read(&usage_count) == 0,
4185 			 "VFS: revalidate called on non-open device.\n"))
4186 			return -EFAULT;
4187 
4188 		res = lock_fdc(drive);
4189 		if (res)
4190 			return res;
4191 		cf = (test_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags) ||
4192 		      test_bit(FD_VERIFY_BIT, &drive_state[drive].flags));
4193 		if (!(cf || test_bit(drive, &fake_change) || drive_no_geom(drive))) {
4194 			process_fd_request();	/*already done by another thread */
4195 			return 0;
4196 		}
4197 		drive_state[drive].maxblock = 0;
4198 		drive_state[drive].maxtrack = 0;
4199 		if (buffer_drive == drive)
4200 			buffer_track = -1;
4201 		clear_bit(drive, &fake_change);
4202 		clear_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
4203 		if (cf)
4204 			drive_state[drive].generation++;
4205 		if (drive_no_geom(drive)) {
4206 			/* auto-sensing */
4207 			res = __floppy_read_block_0(opened_disk[drive]->part0,
4208 						    drive);
4209 		} else {
4210 			if (cf)
4211 				poll_drive(false, FD_RAW_NEED_DISK);
4212 			process_fd_request();
4213 		}
4214 	}
4215 	set_capacity(disk, floppy_sizes[drive_state[drive].fd_device]);
4216 	return res;
4217 }
4218 
4219 static const struct block_device_operations floppy_fops = {
4220 	.owner			= THIS_MODULE,
4221 	.open			= floppy_open,
4222 	.release		= floppy_release,
4223 	.ioctl			= fd_ioctl,
4224 	.getgeo			= fd_getgeo,
4225 	.check_events		= floppy_check_events,
4226 #ifdef CONFIG_COMPAT
4227 	.compat_ioctl		= fd_compat_ioctl,
4228 #endif
4229 };
4230 
4231 /*
4232  * Floppy Driver initialization
4233  * =============================
4234  */
4235 
4236 /* Determine the floppy disk controller type */
4237 /* This routine was written by David C. Niemi */
get_fdc_version(int fdc)4238 static char __init get_fdc_version(int fdc)
4239 {
4240 	int r;
4241 
4242 	output_byte(fdc, FD_DUMPREGS);	/* 82072 and better know DUMPREGS */
4243 	if (fdc_state[fdc].reset)
4244 		return FDC_NONE;
4245 	r = result(fdc);
4246 	if (r <= 0x00)
4247 		return FDC_NONE;	/* No FDC present ??? */
4248 	if ((r == 1) && (reply_buffer[ST0] == 0x80)) {
4249 		pr_info("FDC %d is an 8272A\n", fdc);
4250 		return FDC_8272A;	/* 8272a/765 don't know DUMPREGS */
4251 	}
4252 	if (r != 10) {
4253 		pr_info("FDC %d init: DUMPREGS: unexpected return of %d bytes.\n",
4254 			fdc, r);
4255 		return FDC_UNKNOWN;
4256 	}
4257 
4258 	if (!fdc_configure(fdc)) {
4259 		pr_info("FDC %d is an 82072\n", fdc);
4260 		return FDC_82072;	/* 82072 doesn't know CONFIGURE */
4261 	}
4262 
4263 	output_byte(fdc, FD_PERPENDICULAR);
4264 	if (need_more_output(fdc) == MORE_OUTPUT) {
4265 		output_byte(fdc, 0);
4266 	} else {
4267 		pr_info("FDC %d is an 82072A\n", fdc);
4268 		return FDC_82072A;	/* 82072A as found on Sparcs. */
4269 	}
4270 
4271 	output_byte(fdc, FD_UNLOCK);
4272 	r = result(fdc);
4273 	if ((r == 1) && (reply_buffer[ST0] == 0x80)) {
4274 		pr_info("FDC %d is a pre-1991 82077\n", fdc);
4275 		return FDC_82077_ORIG;	/* Pre-1991 82077, doesn't know
4276 					 * LOCK/UNLOCK */
4277 	}
4278 	if ((r != 1) || (reply_buffer[ST0] != 0x00)) {
4279 		pr_info("FDC %d init: UNLOCK: unexpected return of %d bytes.\n",
4280 			fdc, r);
4281 		return FDC_UNKNOWN;
4282 	}
4283 	output_byte(fdc, FD_PARTID);
4284 	r = result(fdc);
4285 	if (r != 1) {
4286 		pr_info("FDC %d init: PARTID: unexpected return of %d bytes.\n",
4287 			fdc, r);
4288 		return FDC_UNKNOWN;
4289 	}
4290 	if (reply_buffer[ST0] == 0x80) {
4291 		pr_info("FDC %d is a post-1991 82077\n", fdc);
4292 		return FDC_82077;	/* Revised 82077AA passes all the tests */
4293 	}
4294 	switch (reply_buffer[ST0] >> 5) {
4295 	case 0x0:
4296 		/* Either a 82078-1 or a 82078SL running at 5Volt */
4297 		pr_info("FDC %d is an 82078.\n", fdc);
4298 		return FDC_82078;
4299 	case 0x1:
4300 		pr_info("FDC %d is a 44pin 82078\n", fdc);
4301 		return FDC_82078;
4302 	case 0x2:
4303 		pr_info("FDC %d is a S82078B\n", fdc);
4304 		return FDC_S82078B;
4305 	case 0x3:
4306 		pr_info("FDC %d is a National Semiconductor PC87306\n", fdc);
4307 		return FDC_87306;
4308 	default:
4309 		pr_info("FDC %d init: 82078 variant with unknown PARTID=%d.\n",
4310 			fdc, reply_buffer[ST0] >> 5);
4311 		return FDC_82078_UNKN;
4312 	}
4313 }				/* get_fdc_version */
4314 
4315 /* lilo configuration */
4316 
floppy_set_flags(int * ints,int param,int param2)4317 static void __init floppy_set_flags(int *ints, int param, int param2)
4318 {
4319 	int i;
4320 
4321 	for (i = 0; i < ARRAY_SIZE(default_drive_params); i++) {
4322 		if (param)
4323 			default_drive_params[i].params.flags |= param2;
4324 		else
4325 			default_drive_params[i].params.flags &= ~param2;
4326 	}
4327 	DPRINT("%s flag 0x%x\n", param2 ? "Setting" : "Clearing", param);
4328 }
4329 
daring(int * ints,int param,int param2)4330 static void __init daring(int *ints, int param, int param2)
4331 {
4332 	int i;
4333 
4334 	for (i = 0; i < ARRAY_SIZE(default_drive_params); i++) {
4335 		if (param) {
4336 			default_drive_params[i].params.select_delay = 0;
4337 			default_drive_params[i].params.flags |=
4338 			    FD_SILENT_DCL_CLEAR;
4339 		} else {
4340 			default_drive_params[i].params.select_delay =
4341 			    2 * HZ / 100;
4342 			default_drive_params[i].params.flags &=
4343 			    ~FD_SILENT_DCL_CLEAR;
4344 		}
4345 	}
4346 	DPRINT("Assuming %s floppy hardware\n", param ? "standard" : "broken");
4347 }
4348 
set_cmos(int * ints,int dummy,int dummy2)4349 static void __init set_cmos(int *ints, int dummy, int dummy2)
4350 {
4351 	int current_drive = 0;
4352 
4353 	if (ints[0] != 2) {
4354 		DPRINT("wrong number of parameters for CMOS\n");
4355 		return;
4356 	}
4357 	current_drive = ints[1];
4358 	if (current_drive < 0 || current_drive >= 8) {
4359 		DPRINT("bad drive for set_cmos\n");
4360 		return;
4361 	}
4362 #if N_FDC > 1
4363 	if (current_drive >= 4 && !FDC2)
4364 		FDC2 = 0x370;
4365 #endif
4366 	drive_params[current_drive].cmos = ints[2];
4367 	DPRINT("setting CMOS code to %d\n", ints[2]);
4368 }
4369 
4370 static struct param_table {
4371 	const char *name;
4372 	void (*fn) (int *ints, int param, int param2);
4373 	int *var;
4374 	int def_param;
4375 	int param2;
4376 } config_params[] __initdata = {
4377 	{"allowed_drive_mask", NULL, &allowed_drive_mask, 0xff, 0}, /* obsolete */
4378 	{"all_drives", NULL, &allowed_drive_mask, 0xff, 0},	/* obsolete */
4379 	{"asus_pci", NULL, &allowed_drive_mask, 0x33, 0},
4380 	{"irq", NULL, &FLOPPY_IRQ, 6, 0},
4381 	{"dma", NULL, &FLOPPY_DMA, 2, 0},
4382 	{"daring", daring, NULL, 1, 0},
4383 #if N_FDC > 1
4384 	{"two_fdc", NULL, &FDC2, 0x370, 0},
4385 	{"one_fdc", NULL, &FDC2, 0, 0},
4386 #endif
4387 	{"thinkpad", floppy_set_flags, NULL, 1, FD_INVERTED_DCL},
4388 	{"broken_dcl", floppy_set_flags, NULL, 1, FD_BROKEN_DCL},
4389 	{"messages", floppy_set_flags, NULL, 1, FTD_MSG},
4390 	{"silent_dcl_clear", floppy_set_flags, NULL, 1, FD_SILENT_DCL_CLEAR},
4391 	{"debug", floppy_set_flags, NULL, 1, FD_DEBUG},
4392 	{"nodma", NULL, &can_use_virtual_dma, 1, 0},
4393 	{"omnibook", NULL, &can_use_virtual_dma, 1, 0},
4394 	{"yesdma", NULL, &can_use_virtual_dma, 0, 0},
4395 	{"fifo_depth", NULL, &fifo_depth, 0xa, 0},
4396 	{"nofifo", NULL, &no_fifo, 0x20, 0},
4397 	{"usefifo", NULL, &no_fifo, 0, 0},
4398 	{"cmos", set_cmos, NULL, 0, 0},
4399 	{"slow", NULL, &slow_floppy, 1, 0},
4400 	{"unexpected_interrupts", NULL, &print_unex, 1, 0},
4401 	{"no_unexpected_interrupts", NULL, &print_unex, 0, 0},
4402 	{"L40SX", NULL, &print_unex, 0, 0}
4403 
4404 	EXTRA_FLOPPY_PARAMS
4405 };
4406 
floppy_setup(char * str)4407 static int __init floppy_setup(char *str)
4408 {
4409 	int i;
4410 	int param;
4411 	int ints[11];
4412 
4413 	str = get_options(str, ARRAY_SIZE(ints), ints);
4414 	if (str) {
4415 		for (i = 0; i < ARRAY_SIZE(config_params); i++) {
4416 			if (strcmp(str, config_params[i].name) == 0) {
4417 				if (ints[0])
4418 					param = ints[1];
4419 				else
4420 					param = config_params[i].def_param;
4421 				if (config_params[i].fn)
4422 					config_params[i].fn(ints, param,
4423 							    config_params[i].
4424 							    param2);
4425 				if (config_params[i].var) {
4426 					DPRINT("%s=%d\n", str, param);
4427 					*config_params[i].var = param;
4428 				}
4429 				return 1;
4430 			}
4431 		}
4432 	}
4433 	if (str) {
4434 		DPRINT("unknown floppy option [%s]\n", str);
4435 
4436 		DPRINT("allowed options are:");
4437 		for (i = 0; i < ARRAY_SIZE(config_params); i++)
4438 			pr_cont(" %s", config_params[i].name);
4439 		pr_cont("\n");
4440 	} else
4441 		DPRINT("botched floppy option\n");
4442 	DPRINT("Read Documentation/admin-guide/blockdev/floppy.rst\n");
4443 	return 0;
4444 }
4445 
4446 static int have_no_fdc = -ENODEV;
4447 
floppy_cmos_show(struct device * dev,struct device_attribute * attr,char * buf)4448 static ssize_t floppy_cmos_show(struct device *dev,
4449 				struct device_attribute *attr, char *buf)
4450 {
4451 	struct platform_device *p = to_platform_device(dev);
4452 	int drive;
4453 
4454 	drive = p->id;
4455 	return sprintf(buf, "%X\n", drive_params[drive].cmos);
4456 }
4457 
4458 static DEVICE_ATTR(cmos, 0444, floppy_cmos_show, NULL);
4459 
4460 static struct attribute *floppy_dev_attrs[] = {
4461 	&dev_attr_cmos.attr,
4462 	NULL
4463 };
4464 
4465 ATTRIBUTE_GROUPS(floppy_dev);
4466 
floppy_device_release(struct device * dev)4467 static void floppy_device_release(struct device *dev)
4468 {
4469 }
4470 
floppy_resume(struct device * dev)4471 static int floppy_resume(struct device *dev)
4472 {
4473 	int fdc;
4474 	int saved_drive;
4475 
4476 	saved_drive = current_drive;
4477 	for (fdc = 0; fdc < N_FDC; fdc++)
4478 		if (fdc_state[fdc].address != -1)
4479 			user_reset_fdc(REVDRIVE(fdc, 0), FD_RESET_ALWAYS, false);
4480 	set_fdc(saved_drive);
4481 	return 0;
4482 }
4483 
4484 static const struct dev_pm_ops floppy_pm_ops = {
4485 	.resume = floppy_resume,
4486 	.restore = floppy_resume,
4487 };
4488 
4489 static struct platform_driver floppy_driver = {
4490 	.driver = {
4491 		   .name = "floppy",
4492 		   .pm = &floppy_pm_ops,
4493 	},
4494 };
4495 
4496 static const struct blk_mq_ops floppy_mq_ops = {
4497 	.queue_rq = floppy_queue_rq,
4498 };
4499 
4500 static struct platform_device floppy_device[N_DRIVE];
4501 static bool registered[N_DRIVE];
4502 
floppy_available(int drive)4503 static bool floppy_available(int drive)
4504 {
4505 	if (!(allowed_drive_mask & (1 << drive)))
4506 		return false;
4507 	if (fdc_state[FDC(drive)].version == FDC_NONE)
4508 		return false;
4509 	return true;
4510 }
4511 
floppy_alloc_disk(unsigned int drive,unsigned int type)4512 static int floppy_alloc_disk(unsigned int drive, unsigned int type)
4513 {
4514 	struct gendisk *disk;
4515 
4516 	disk = blk_mq_alloc_disk(&tag_sets[drive], NULL);
4517 	if (IS_ERR(disk))
4518 		return PTR_ERR(disk);
4519 
4520 	blk_queue_max_hw_sectors(disk->queue, 64);
4521 	disk->major = FLOPPY_MAJOR;
4522 	disk->first_minor = TOMINOR(drive) | (type << 2);
4523 	disk->minors = 1;
4524 	disk->fops = &floppy_fops;
4525 	disk->flags |= GENHD_FL_NO_PART;
4526 	disk->events = DISK_EVENT_MEDIA_CHANGE;
4527 	if (type)
4528 		sprintf(disk->disk_name, "fd%d_type%d", drive, type);
4529 	else
4530 		sprintf(disk->disk_name, "fd%d", drive);
4531 	/* to be cleaned up... */
4532 	disk->private_data = (void *)(long)drive;
4533 	disk->flags |= GENHD_FL_REMOVABLE;
4534 
4535 	disks[drive][type] = disk;
4536 	return 0;
4537 }
4538 
4539 static DEFINE_MUTEX(floppy_probe_lock);
4540 
floppy_probe(dev_t dev)4541 static void floppy_probe(dev_t dev)
4542 {
4543 	unsigned int drive = (MINOR(dev) & 3) | ((MINOR(dev) & 0x80) >> 5);
4544 	unsigned int type = (MINOR(dev) >> 2) & 0x1f;
4545 
4546 	if (drive >= N_DRIVE || !floppy_available(drive) ||
4547 	    type >= ARRAY_SIZE(floppy_type))
4548 		return;
4549 
4550 	mutex_lock(&floppy_probe_lock);
4551 	if (disks[drive][type])
4552 		goto out;
4553 	if (floppy_alloc_disk(drive, type))
4554 		goto out;
4555 	if (add_disk(disks[drive][type]))
4556 		goto cleanup_disk;
4557 out:
4558 	mutex_unlock(&floppy_probe_lock);
4559 	return;
4560 
4561 cleanup_disk:
4562 	put_disk(disks[drive][type]);
4563 	disks[drive][type] = NULL;
4564 	mutex_unlock(&floppy_probe_lock);
4565 }
4566 
do_floppy_init(void)4567 static int __init do_floppy_init(void)
4568 {
4569 	int i, unit, drive, err;
4570 
4571 	set_debugt();
4572 	interruptjiffies = resultjiffies = jiffies;
4573 
4574 #if defined(CONFIG_PPC)
4575 	if (check_legacy_ioport(FDC1))
4576 		return -ENODEV;
4577 #endif
4578 
4579 	raw_cmd = NULL;
4580 
4581 	floppy_wq = alloc_ordered_workqueue("floppy", 0);
4582 	if (!floppy_wq)
4583 		return -ENOMEM;
4584 
4585 	for (drive = 0; drive < N_DRIVE; drive++) {
4586 		memset(&tag_sets[drive], 0, sizeof(tag_sets[drive]));
4587 		tag_sets[drive].ops = &floppy_mq_ops;
4588 		tag_sets[drive].nr_hw_queues = 1;
4589 		tag_sets[drive].nr_maps = 1;
4590 		tag_sets[drive].queue_depth = 2;
4591 		tag_sets[drive].numa_node = NUMA_NO_NODE;
4592 		tag_sets[drive].flags = BLK_MQ_F_SHOULD_MERGE;
4593 		err = blk_mq_alloc_tag_set(&tag_sets[drive]);
4594 		if (err)
4595 			goto out_put_disk;
4596 
4597 		err = floppy_alloc_disk(drive, 0);
4598 		if (err) {
4599 			blk_mq_free_tag_set(&tag_sets[drive]);
4600 			goto out_put_disk;
4601 		}
4602 
4603 		timer_setup(&motor_off_timer[drive], motor_off_callback, 0);
4604 	}
4605 
4606 	err = __register_blkdev(FLOPPY_MAJOR, "fd", floppy_probe);
4607 	if (err)
4608 		goto out_put_disk;
4609 
4610 	err = platform_driver_register(&floppy_driver);
4611 	if (err)
4612 		goto out_unreg_blkdev;
4613 
4614 	for (i = 0; i < 256; i++)
4615 		if (ITYPE(i))
4616 			floppy_sizes[i] = floppy_type[ITYPE(i)].size;
4617 		else
4618 			floppy_sizes[i] = MAX_DISK_SIZE << 1;
4619 
4620 	reschedule_timeout(MAXTIMEOUT, "floppy init");
4621 	config_types();
4622 
4623 	for (i = 0; i < N_FDC; i++) {
4624 		memset(&fdc_state[i], 0, sizeof(*fdc_state));
4625 		fdc_state[i].dtr = -1;
4626 		fdc_state[i].dor = 0x4;
4627 #if defined(__sparc__) || defined(__mc68000__)
4628 	/*sparcs/sun3x don't have a DOR reset which we can fall back on to */
4629 #ifdef __mc68000__
4630 		if (MACH_IS_SUN3X)
4631 #endif
4632 			fdc_state[i].version = FDC_82072A;
4633 #endif
4634 	}
4635 
4636 	use_virtual_dma = can_use_virtual_dma & 1;
4637 	fdc_state[0].address = FDC1;
4638 	if (fdc_state[0].address == -1) {
4639 		cancel_delayed_work(&fd_timeout);
4640 		err = -ENODEV;
4641 		goto out_unreg_driver;
4642 	}
4643 #if N_FDC > 1
4644 	fdc_state[1].address = FDC2;
4645 #endif
4646 
4647 	current_fdc = 0;	/* reset fdc in case of unexpected interrupt */
4648 	err = floppy_grab_irq_and_dma();
4649 	if (err) {
4650 		cancel_delayed_work(&fd_timeout);
4651 		err = -EBUSY;
4652 		goto out_unreg_driver;
4653 	}
4654 
4655 	/* initialise drive state */
4656 	for (drive = 0; drive < N_DRIVE; drive++) {
4657 		memset(&drive_state[drive], 0, sizeof(drive_state[drive]));
4658 		memset(&write_errors[drive], 0, sizeof(write_errors[drive]));
4659 		set_bit(FD_DISK_NEWCHANGE_BIT, &drive_state[drive].flags);
4660 		set_bit(FD_DISK_CHANGED_BIT, &drive_state[drive].flags);
4661 		set_bit(FD_VERIFY_BIT, &drive_state[drive].flags);
4662 		drive_state[drive].fd_device = -1;
4663 		floppy_track_buffer = NULL;
4664 		max_buffer_sectors = 0;
4665 	}
4666 	/*
4667 	 * Small 10 msec delay to let through any interrupt that
4668 	 * initialization might have triggered, to not
4669 	 * confuse detection:
4670 	 */
4671 	msleep(10);
4672 
4673 	for (i = 0; i < N_FDC; i++) {
4674 		fdc_state[i].driver_version = FD_DRIVER_VERSION;
4675 		for (unit = 0; unit < 4; unit++)
4676 			fdc_state[i].track[unit] = 0;
4677 		if (fdc_state[i].address == -1)
4678 			continue;
4679 		fdc_state[i].rawcmd = 2;
4680 		if (user_reset_fdc(REVDRIVE(i, 0), FD_RESET_ALWAYS, false)) {
4681 			/* free ioports reserved by floppy_grab_irq_and_dma() */
4682 			floppy_release_regions(i);
4683 			fdc_state[i].address = -1;
4684 			fdc_state[i].version = FDC_NONE;
4685 			continue;
4686 		}
4687 		/* Try to determine the floppy controller type */
4688 		fdc_state[i].version = get_fdc_version(i);
4689 		if (fdc_state[i].version == FDC_NONE) {
4690 			/* free ioports reserved by floppy_grab_irq_and_dma() */
4691 			floppy_release_regions(i);
4692 			fdc_state[i].address = -1;
4693 			continue;
4694 		}
4695 		if (can_use_virtual_dma == 2 &&
4696 		    fdc_state[i].version < FDC_82072A)
4697 			can_use_virtual_dma = 0;
4698 
4699 		have_no_fdc = 0;
4700 		/* Not all FDCs seem to be able to handle the version command
4701 		 * properly, so force a reset for the standard FDC clones,
4702 		 * to avoid interrupt garbage.
4703 		 */
4704 		user_reset_fdc(REVDRIVE(i, 0), FD_RESET_ALWAYS, false);
4705 	}
4706 	current_fdc = 0;
4707 	cancel_delayed_work(&fd_timeout);
4708 	current_drive = 0;
4709 	initialized = true;
4710 	if (have_no_fdc) {
4711 		DPRINT("no floppy controllers found\n");
4712 		err = have_no_fdc;
4713 		goto out_release_dma;
4714 	}
4715 
4716 	for (drive = 0; drive < N_DRIVE; drive++) {
4717 		if (!floppy_available(drive))
4718 			continue;
4719 
4720 		floppy_device[drive].name = floppy_device_name;
4721 		floppy_device[drive].id = drive;
4722 		floppy_device[drive].dev.release = floppy_device_release;
4723 		floppy_device[drive].dev.groups = floppy_dev_groups;
4724 
4725 		err = platform_device_register(&floppy_device[drive]);
4726 		if (err)
4727 			goto out_remove_drives;
4728 
4729 		registered[drive] = true;
4730 
4731 		err = device_add_disk(&floppy_device[drive].dev,
4732 				      disks[drive][0], NULL);
4733 		if (err)
4734 			goto out_remove_drives;
4735 	}
4736 
4737 	return 0;
4738 
4739 out_remove_drives:
4740 	while (drive--) {
4741 		if (floppy_available(drive)) {
4742 			del_gendisk(disks[drive][0]);
4743 			if (registered[drive])
4744 				platform_device_unregister(&floppy_device[drive]);
4745 		}
4746 	}
4747 out_release_dma:
4748 	if (atomic_read(&usage_count))
4749 		floppy_release_irq_and_dma();
4750 out_unreg_driver:
4751 	platform_driver_unregister(&floppy_driver);
4752 out_unreg_blkdev:
4753 	unregister_blkdev(FLOPPY_MAJOR, "fd");
4754 out_put_disk:
4755 	destroy_workqueue(floppy_wq);
4756 	for (drive = 0; drive < N_DRIVE; drive++) {
4757 		if (!disks[drive][0])
4758 			break;
4759 		del_timer_sync(&motor_off_timer[drive]);
4760 		put_disk(disks[drive][0]);
4761 		blk_mq_free_tag_set(&tag_sets[drive]);
4762 	}
4763 	return err;
4764 }
4765 
4766 #ifndef MODULE
floppy_async_init(void * data,async_cookie_t cookie)4767 static __init void floppy_async_init(void *data, async_cookie_t cookie)
4768 {
4769 	do_floppy_init();
4770 }
4771 #endif
4772 
floppy_init(void)4773 static int __init floppy_init(void)
4774 {
4775 #ifdef MODULE
4776 	return do_floppy_init();
4777 #else
4778 	/* Don't hold up the bootup by the floppy initialization */
4779 	async_schedule(floppy_async_init, NULL);
4780 	return 0;
4781 #endif
4782 }
4783 
4784 static const struct io_region {
4785 	int offset;
4786 	int size;
4787 } io_regions[] = {
4788 	{ 2, 1 },
4789 	/* address + 3 is sometimes reserved by pnp bios for motherboard */
4790 	{ 4, 2 },
4791 	/* address + 6 is reserved, and may be taken by IDE.
4792 	 * Unfortunately, Adaptec doesn't know this :-(, */
4793 	{ 7, 1 },
4794 };
4795 
floppy_release_allocated_regions(int fdc,const struct io_region * p)4796 static void floppy_release_allocated_regions(int fdc, const struct io_region *p)
4797 {
4798 	while (p != io_regions) {
4799 		p--;
4800 		release_region(fdc_state[fdc].address + p->offset, p->size);
4801 	}
4802 }
4803 
4804 #define ARRAY_END(X) (&((X)[ARRAY_SIZE(X)]))
4805 
floppy_request_regions(int fdc)4806 static int floppy_request_regions(int fdc)
4807 {
4808 	const struct io_region *p;
4809 
4810 	for (p = io_regions; p < ARRAY_END(io_regions); p++) {
4811 		if (!request_region(fdc_state[fdc].address + p->offset,
4812 				    p->size, "floppy")) {
4813 			DPRINT("Floppy io-port 0x%04lx in use\n",
4814 			       fdc_state[fdc].address + p->offset);
4815 			floppy_release_allocated_regions(fdc, p);
4816 			return -EBUSY;
4817 		}
4818 	}
4819 	return 0;
4820 }
4821 
floppy_release_regions(int fdc)4822 static void floppy_release_regions(int fdc)
4823 {
4824 	floppy_release_allocated_regions(fdc, ARRAY_END(io_regions));
4825 }
4826 
floppy_grab_irq_and_dma(void)4827 static int floppy_grab_irq_and_dma(void)
4828 {
4829 	int fdc;
4830 
4831 	if (atomic_inc_return(&usage_count) > 1)
4832 		return 0;
4833 
4834 	/*
4835 	 * We might have scheduled a free_irq(), wait it to
4836 	 * drain first:
4837 	 */
4838 	flush_workqueue(floppy_wq);
4839 
4840 	if (fd_request_irq()) {
4841 		DPRINT("Unable to grab IRQ%d for the floppy driver\n",
4842 		       FLOPPY_IRQ);
4843 		atomic_dec(&usage_count);
4844 		return -1;
4845 	}
4846 	if (fd_request_dma()) {
4847 		DPRINT("Unable to grab DMA%d for the floppy driver\n",
4848 		       FLOPPY_DMA);
4849 		if (can_use_virtual_dma & 2)
4850 			use_virtual_dma = can_use_virtual_dma = 1;
4851 		if (!(can_use_virtual_dma & 1)) {
4852 			fd_free_irq();
4853 			atomic_dec(&usage_count);
4854 			return -1;
4855 		}
4856 	}
4857 
4858 	for (fdc = 0; fdc < N_FDC; fdc++) {
4859 		if (fdc_state[fdc].address != -1) {
4860 			if (floppy_request_regions(fdc))
4861 				goto cleanup;
4862 		}
4863 	}
4864 	for (fdc = 0; fdc < N_FDC; fdc++) {
4865 		if (fdc_state[fdc].address != -1) {
4866 			reset_fdc_info(fdc, 1);
4867 			fdc_outb(fdc_state[fdc].dor, fdc, FD_DOR);
4868 		}
4869 	}
4870 
4871 	set_dor(0, ~0, 8);	/* avoid immediate interrupt */
4872 
4873 	for (fdc = 0; fdc < N_FDC; fdc++)
4874 		if (fdc_state[fdc].address != -1)
4875 			fdc_outb(fdc_state[fdc].dor, fdc, FD_DOR);
4876 	/*
4877 	 * The driver will try and free resources and relies on us
4878 	 * to know if they were allocated or not.
4879 	 */
4880 	current_fdc = 0;
4881 	irqdma_allocated = 1;
4882 	return 0;
4883 cleanup:
4884 	fd_free_irq();
4885 	fd_free_dma();
4886 	while (--fdc >= 0)
4887 		floppy_release_regions(fdc);
4888 	current_fdc = 0;
4889 	atomic_dec(&usage_count);
4890 	return -1;
4891 }
4892 
floppy_release_irq_and_dma(void)4893 static void floppy_release_irq_and_dma(void)
4894 {
4895 	int fdc;
4896 #ifndef __sparc__
4897 	int drive;
4898 #endif
4899 	long tmpsize;
4900 	unsigned long tmpaddr;
4901 
4902 	if (!atomic_dec_and_test(&usage_count))
4903 		return;
4904 
4905 	if (irqdma_allocated) {
4906 		fd_disable_dma();
4907 		fd_free_dma();
4908 		fd_free_irq();
4909 		irqdma_allocated = 0;
4910 	}
4911 	set_dor(0, ~0, 8);
4912 #if N_FDC > 1
4913 	set_dor(1, ~8, 0);
4914 #endif
4915 
4916 	if (floppy_track_buffer && max_buffer_sectors) {
4917 		tmpsize = max_buffer_sectors * 1024;
4918 		tmpaddr = (unsigned long)floppy_track_buffer;
4919 		floppy_track_buffer = NULL;
4920 		max_buffer_sectors = 0;
4921 		buffer_min = buffer_max = -1;
4922 		fd_dma_mem_free(tmpaddr, tmpsize);
4923 	}
4924 #ifndef __sparc__
4925 	for (drive = 0; drive < N_FDC * 4; drive++)
4926 		if (timer_pending(motor_off_timer + drive))
4927 			pr_info("motor off timer %d still active\n", drive);
4928 #endif
4929 
4930 	if (delayed_work_pending(&fd_timeout))
4931 		pr_info("floppy timer still active:%s\n", timeout_message);
4932 	if (delayed_work_pending(&fd_timer))
4933 		pr_info("auxiliary floppy timer still active\n");
4934 	if (work_pending(&floppy_work))
4935 		pr_info("work still pending\n");
4936 	for (fdc = 0; fdc < N_FDC; fdc++)
4937 		if (fdc_state[fdc].address != -1)
4938 			floppy_release_regions(fdc);
4939 }
4940 
4941 #ifdef MODULE
4942 
4943 static char *floppy;
4944 
parse_floppy_cfg_string(char * cfg)4945 static void __init parse_floppy_cfg_string(char *cfg)
4946 {
4947 	char *ptr;
4948 
4949 	while (*cfg) {
4950 		ptr = cfg;
4951 		while (*cfg && *cfg != ' ' && *cfg != '\t')
4952 			cfg++;
4953 		if (*cfg) {
4954 			*cfg = '\0';
4955 			cfg++;
4956 		}
4957 		if (*ptr)
4958 			floppy_setup(ptr);
4959 	}
4960 }
4961 
floppy_module_init(void)4962 static int __init floppy_module_init(void)
4963 {
4964 	if (floppy)
4965 		parse_floppy_cfg_string(floppy);
4966 	return floppy_init();
4967 }
4968 module_init(floppy_module_init);
4969 
floppy_module_exit(void)4970 static void __exit floppy_module_exit(void)
4971 {
4972 	int drive, i;
4973 
4974 	unregister_blkdev(FLOPPY_MAJOR, "fd");
4975 	platform_driver_unregister(&floppy_driver);
4976 
4977 	destroy_workqueue(floppy_wq);
4978 
4979 	for (drive = 0; drive < N_DRIVE; drive++) {
4980 		del_timer_sync(&motor_off_timer[drive]);
4981 
4982 		if (floppy_available(drive)) {
4983 			for (i = 0; i < ARRAY_SIZE(floppy_type); i++) {
4984 				if (disks[drive][i])
4985 					del_gendisk(disks[drive][i]);
4986 			}
4987 			if (registered[drive])
4988 				platform_device_unregister(&floppy_device[drive]);
4989 		}
4990 		for (i = 0; i < ARRAY_SIZE(floppy_type); i++) {
4991 			if (disks[drive][i])
4992 				put_disk(disks[drive][i]);
4993 		}
4994 		blk_mq_free_tag_set(&tag_sets[drive]);
4995 	}
4996 
4997 	cancel_delayed_work_sync(&fd_timeout);
4998 	cancel_delayed_work_sync(&fd_timer);
4999 
5000 	if (atomic_read(&usage_count))
5001 		floppy_release_irq_and_dma();
5002 
5003 	/* eject disk, if any */
5004 	fd_eject(0);
5005 }
5006 
5007 module_exit(floppy_module_exit);
5008 
5009 module_param(floppy, charp, 0);
5010 module_param(FLOPPY_IRQ, int, 0);
5011 module_param(FLOPPY_DMA, int, 0);
5012 MODULE_AUTHOR("Alain L. Knaff");
5013 MODULE_LICENSE("GPL");
5014 
5015 /* This doesn't actually get used other than for module information */
5016 static const struct pnp_device_id floppy_pnpids[] = {
5017 	{"PNP0700", 0},
5018 	{}
5019 };
5020 
5021 MODULE_DEVICE_TABLE(pnp, floppy_pnpids);
5022 
5023 #else
5024 
5025 __setup("floppy=", floppy_setup);
5026 module_init(floppy_init)
5027 #endif
5028 
5029 MODULE_ALIAS_BLOCKDEV_MAJOR(FLOPPY_MAJOR);
5030