projects / linux-flexiantxendom0-3.2.10.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
NVMe: Handle failures from memory allocations in nvme_setup_prps
[linux-flexiantxendom0-3.2.10.git] / drivers / block / nvme.c
1 /*
2  * NVM Express device driver
3  * Copyright (c) 2011, Intel Corporation.
4  *
5  * This program is free software; you can redistribute it and/or modify it
6  * under the terms and conditions of the GNU General Public License,
7  * version 2, as published by the Free Software Foundation.
8  *
9  * This program is distributed in the hope it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
12  * more details.
13  *
14  * You should have received a copy of the GNU General Public License along with
15  * this program; if not, write to the Free Software Foundation, Inc.,
16  * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
17  */
18
19 #include <linux/nvme.h>
20 #include <linux/bio.h>
21 #include <linux/bitops.h>
22 #include <linux/blkdev.h>
23 #include <linux/delay.h>
24 #include <linux/errno.h>
25 #include <linux/fs.h>
26 #include <linux/genhd.h>
27 #include <linux/idr.h>
28 #include <linux/init.h>
29 #include <linux/interrupt.h>
30 #include <linux/io.h>
31 #include <linux/kdev_t.h>
32 #include <linux/kthread.h>
33 #include <linux/kernel.h>
34 #include <linux/mm.h>
35 #include <linux/module.h>
36 #include <linux/moduleparam.h>
37 #include <linux/pci.h>
38 #include <linux/poison.h>
39 #include <linux/sched.h>
40 #include <linux/slab.h>
41 #include <linux/types.h>
42 #include <linux/version.h>
43
44 #define NVME_Q_DEPTH 1024
45 #define SQ_SIZE(depth)          (depth * sizeof(struct nvme_command))
46 #define CQ_SIZE(depth)          (depth * sizeof(struct nvme_completion))
47 #define NVME_MINORS 64
48 #define IO_TIMEOUT      (5 * HZ)
49 #define ADMIN_TIMEOUT   (60 * HZ)
50
51 static int nvme_major;
52 module_param(nvme_major, int, 0);
53
54 static int use_threaded_interrupts;
55 module_param(use_threaded_interrupts, int, 0);
56
57 static DEFINE_SPINLOCK(dev_list_lock);
58 static LIST_HEAD(dev_list);
59 static struct task_struct *nvme_thread;
60
61 /*
62  * Represents an NVM Express device.  Each nvme_dev is a PCI function.
63  */
64 struct nvme_dev {
65         struct list_head node;
66         struct nvme_queue **queues;
67         u32 __iomem *dbs;
68         struct pci_dev *pci_dev;
69         struct dma_pool *prp_page_pool;
70         struct dma_pool *prp_small_pool;
71         int instance;
72         int queue_count;
73         u32 ctrl_config;
74         struct msix_entry *entry;
75         struct nvme_bar __iomem *bar;
76         struct list_head namespaces;
77         char serial[20];
78         char model[40];
79         char firmware_rev[8];
80 };
81
82 /*
83  * An NVM Express namespace is equivalent to a SCSI LUN
84  */
85 struct nvme_ns {
86         struct list_head list;
87
88         struct nvme_dev *dev;
89         struct request_queue *queue;
90         struct gendisk *disk;
91
92         int ns_id;
93         int lba_shift;
94 };
95
96 /*
97  * An NVM Express queue.  Each device has at least two (one for admin
98  * commands and one for I/O commands).
99  */
100 struct nvme_queue {
101         struct device *q_dmadev;
102         struct nvme_dev *dev;
103         spinlock_t q_lock;
104         struct nvme_command *sq_cmds;
105         volatile struct nvme_completion *cqes;
106         dma_addr_t sq_dma_addr;
107         dma_addr_t cq_dma_addr;
108         wait_queue_head_t sq_full;
109         wait_queue_t sq_cong_wait;
110         struct bio_list sq_cong;
111         u32 __iomem *q_db;
112         u16 q_depth;
113         u16 cq_vector;
114         u16 sq_head;
115         u16 sq_tail;
116         u16 cq_head;
117         u16 cq_phase;
118         unsigned long cmdid_data[];
119 };
120
121 /*
122  * Check we didin't inadvertently grow the command struct
123  */
124 static inline void _nvme_check_size(void)
125 {
126         BUILD_BUG_ON(sizeof(struct nvme_rw_command) != 64);
127         BUILD_BUG_ON(sizeof(struct nvme_create_cq) != 64);
128         BUILD_BUG_ON(sizeof(struct nvme_create_sq) != 64);
129         BUILD_BUG_ON(sizeof(struct nvme_delete_queue) != 64);
130         BUILD_BUG_ON(sizeof(struct nvme_features) != 64);
131         BUILD_BUG_ON(sizeof(struct nvme_command) != 64);
132         BUILD_BUG_ON(sizeof(struct nvme_id_ctrl) != 4096);
133         BUILD_BUG_ON(sizeof(struct nvme_id_ns) != 4096);
134         BUILD_BUG_ON(sizeof(struct nvme_lba_range_type) != 64);
135 }
136
137 struct nvme_cmd_info {
138         unsigned long ctx;
139         unsigned long timeout;
140 };
141
142 static struct nvme_cmd_info *nvme_cmd_info(struct nvme_queue *nvmeq)
143 {
144         return (void *)&nvmeq->cmdid_data[BITS_TO_LONGS(nvmeq->q_depth)];
145 }
146
147 /**
148  * alloc_cmdid() - Allocate a Command ID
149  * @nvmeq: The queue that will be used for this command
150  * @ctx: A pointer that will be passed to the handler
151  * @handler: The ID of the handler to call
152  *
153  * Allocate a Command ID for a queue.  The data passed in will
154  * be passed to the completion handler.  This is implemented by using
155  * the bottom two bits of the ctx pointer to store the handler ID.
156  * Passing in a pointer that's not 4-byte aligned will cause a BUG.
157  * We can change this if it becomes a problem.
158  */
159 static int alloc_cmdid(struct nvme_queue *nvmeq, void *ctx, int handler,
160                                                         unsigned timeout)
161 {
162         int depth = nvmeq->q_depth - 1;
163         struct nvme_cmd_info *info = nvme_cmd_info(nvmeq);
164         int cmdid;
165
166         BUG_ON((unsigned long)ctx & 3);
167
168         do {
169                 cmdid = find_first_zero_bit(nvmeq->cmdid_data, depth);
170                 if (cmdid >= depth)
171                         return -EBUSY;
172         } while (test_and_set_bit(cmdid, nvmeq->cmdid_data));
173
174         info[cmdid].ctx = (unsigned long)ctx | handler;
175         info[cmdid].timeout = jiffies + timeout;
176         return cmdid;
177 }
178
179 static int alloc_cmdid_killable(struct nvme_queue *nvmeq, void *ctx,
180                                                 int handler, unsigned timeout)
181 {
182         int cmdid;
183         wait_event_killable(nvmeq->sq_full,
184                 (cmdid = alloc_cmdid(nvmeq, ctx, handler, timeout)) >= 0);
185         return (cmdid < 0) ? -EINTR : cmdid;
186 }
187
188 /*
189  * If you need more than four handlers, you'll need to change how
190  * alloc_cmdid and nvme_process_cq work.  Consider using a special
191  * CMD_CTX value instead, if that works for your situation.
192  */
193 enum {
194         sync_completion_id = 0,
195         bio_completion_id,
196 };
197
198 /* Special values must be a multiple of 4, and less than 0x1000 */
199 #define CMD_CTX_BASE            (POISON_POINTER_DELTA + sync_completion_id)
200 #define CMD_CTX_CANCELLED       (0x30C + CMD_CTX_BASE)
201 #define CMD_CTX_COMPLETED       (0x310 + CMD_CTX_BASE)
202 #define CMD_CTX_INVALID         (0x314 + CMD_CTX_BASE)
203 #define CMD_CTX_FLUSH           (0x318 + CMD_CTX_BASE)
204
205 static unsigned long free_cmdid(struct nvme_queue *nvmeq, int cmdid)
206 {
207         unsigned long data;
208         struct nvme_cmd_info *info = nvme_cmd_info(nvmeq);
209
210         if (cmdid >= nvmeq->q_depth)
211                 return CMD_CTX_INVALID;
212         data = info[cmdid].ctx;
213         info[cmdid].ctx = CMD_CTX_COMPLETED;
214         clear_bit(cmdid, nvmeq->cmdid_data);
215         wake_up(&nvmeq->sq_full);
216         return data;
217 }
218
219 static unsigned long cancel_cmdid(struct nvme_queue *nvmeq, int cmdid)
220 {
221         unsigned long data;
222         struct nvme_cmd_info *info = nvme_cmd_info(nvmeq);
223         data = info[cmdid].ctx;
224         info[cmdid].ctx = CMD_CTX_CANCELLED;
225         return data;
226 }
227
228 static struct nvme_queue *get_nvmeq(struct nvme_ns *ns)
229 {
230         return ns->dev->queues[get_cpu() + 1];
231 }
232
233 static void put_nvmeq(struct nvme_queue *nvmeq)
234 {
235         put_cpu();
236 }
237
238 /**
239  * nvme_submit_cmd() - Copy a command into a queue and ring the doorbell
240  * @nvmeq: The queue to use
241  * @cmd: The command to send
242  *
243  * Safe to use from interrupt context
244  */
245 static int nvme_submit_cmd(struct nvme_queue *nvmeq, struct nvme_command *cmd)
246 {
247         unsigned long flags;
248         u16 tail;
249         spin_lock_irqsave(&nvmeq->q_lock, flags);
250         tail = nvmeq->sq_tail;
251         memcpy(&nvmeq->sq_cmds[tail], cmd, sizeof(*cmd));
252         if (++tail == nvmeq->q_depth)
253                 tail = 0;
254         writel(tail, nvmeq->q_db);
255         nvmeq->sq_tail = tail;
256         spin_unlock_irqrestore(&nvmeq->q_lock, flags);
257
258         return 0;
259 }
260
261 struct nvme_prps {
262         int npages;
263         dma_addr_t first_dma;
264         __le64 *list[0];
265 };
266
267 static void nvme_free_prps(struct nvme_dev *dev, struct nvme_prps *prps)
268 {
269         const int last_prp = PAGE_SIZE / 8 - 1;
270         int i;
271         dma_addr_t prp_dma;
272
273         if (!prps)
274                 return;
275
276         prp_dma = prps->first_dma;
277
278         if (prps->npages == 0)
279                 dma_pool_free(dev->prp_small_pool, prps->list[0], prp_dma);
280         for (i = 0; i < prps->npages; i++) {
281                 __le64 *prp_list = prps->list[i];
282                 dma_addr_t next_prp_dma = le64_to_cpu(prp_list[last_prp]);
283                 dma_pool_free(dev->prp_page_pool, prp_list, prp_dma);
284                 prp_dma = next_prp_dma;
285         }
286         kfree(prps);
287 }
288
289 struct nvme_bio {
290         struct bio *bio;
291         int nents;
292         struct nvme_prps *prps;
293         struct scatterlist sg[0];
294 };
295
296 /* XXX: use a mempool */
297 static struct nvme_bio *alloc_nbio(unsigned nseg, gfp_t gfp)
298 {
299         return kzalloc(sizeof(struct nvme_bio) +
300                         sizeof(struct scatterlist) * nseg, gfp);
301 }
302
303 static void free_nbio(struct nvme_queue *nvmeq, struct nvme_bio *nbio)
304 {
305         nvme_free_prps(nvmeq->dev, nbio->prps);
306         kfree(nbio);
307 }
308
309 static void bio_completion(struct nvme_queue *nvmeq, void *ctx,
310                                                 struct nvme_completion *cqe)
311 {
312         struct nvme_bio *nbio = ctx;
313         struct bio *bio = nbio->bio;
314         u16 status = le16_to_cpup(&cqe->status) >> 1;
315
316         dma_unmap_sg(nvmeq->q_dmadev, nbio->sg, nbio->nents,
317                         bio_data_dir(bio) ? DMA_TO_DEVICE : DMA_FROM_DEVICE);
318         free_nbio(nvmeq, nbio);
319         if (status) {
320                 bio_endio(bio, -EIO);
321         } else if (bio->bi_vcnt > bio->bi_idx) {
322                 bio_list_add(&nvmeq->sq_cong, bio);
323                 wake_up_process(nvme_thread);
324         } else {
325                 bio_endio(bio, 0);
326         }
327 }
328
329 /* length is in bytes */
330 static struct nvme_prps *nvme_setup_prps(struct nvme_dev *dev,
331                                         struct nvme_common_command *cmd,
332                                         struct scatterlist *sg, int *len,
333                                         gfp_t gfp)
334 {
335         struct dma_pool *pool;
336         int length = *len;
337         int dma_len = sg_dma_len(sg);
338         u64 dma_addr = sg_dma_address(sg);
339         int offset = offset_in_page(dma_addr);
340         __le64 *prp_list;
341         dma_addr_t prp_dma;
342         int nprps, npages, i, prp_page;
343         struct nvme_prps *prps = NULL;
344
345         cmd->prp1 = cpu_to_le64(dma_addr);
346         length -= (PAGE_SIZE - offset);
347         if (length <= 0)
348                 return prps;
349
350         dma_len -= (PAGE_SIZE - offset);
351         if (dma_len) {
352                 dma_addr += (PAGE_SIZE - offset);
353         } else {
354                 sg = sg_next(sg);
355                 dma_addr = sg_dma_address(sg);
356                 dma_len = sg_dma_len(sg);
357         }
358
359         if (length <= PAGE_SIZE) {
360                 cmd->prp2 = cpu_to_le64(dma_addr);
361                 return prps;
362         }
363
364         nprps = DIV_ROUND_UP(length, PAGE_SIZE);
365         npages = DIV_ROUND_UP(8 * nprps, PAGE_SIZE);
366         prps = kmalloc(sizeof(*prps) + sizeof(__le64 *) * npages, gfp);
367         if (!prps) {
368                 cmd->prp2 = cpu_to_le64(dma_addr);
369                 *len = (*len - length) + PAGE_SIZE;
370                 return prps;
371         }
372         prp_page = 0;
373         if (nprps <= (256 / 8)) {
374                 pool = dev->prp_small_pool;
375                 prps->npages = 0;
376         } else {
377                 pool = dev->prp_page_pool;
378                 prps->npages = npages;
379         }
380
381         prp_list = dma_pool_alloc(pool, gfp, &prp_dma);
382         if (!prp_list) {
383                 cmd->prp2 = cpu_to_le64(dma_addr);
384                 *len = (*len - length) + PAGE_SIZE;
385                 kfree(prps);
386                 return NULL;
387         }
388         prps->list[prp_page++] = prp_list;
389         prps->first_dma = prp_dma;
390         cmd->prp2 = cpu_to_le64(prp_dma);
391         i = 0;
392         for (;;) {
393                 if (i == PAGE_SIZE / 8) {
394                         __le64 *old_prp_list = prp_list;
395                         prp_list = dma_pool_alloc(pool, gfp, &prp_dma);
396                         if (!prp_list) {
397                                 *len = (*len - length);
398                                 return prps;
399                         }
400                         prps->list[prp_page++] = prp_list;
401                         prp_list[0] = old_prp_list[i - 1];
402                         old_prp_list[i - 1] = cpu_to_le64(prp_dma);
403                         i = 1;
404                 }
405                 prp_list[i++] = cpu_to_le64(dma_addr);
406                 dma_len -= PAGE_SIZE;
407                 dma_addr += PAGE_SIZE;
408                 length -= PAGE_SIZE;
409                 if (length <= 0)
410                         break;
411                 if (dma_len > 0)
412                         continue;
413                 BUG_ON(dma_len < 0);
414                 sg = sg_next(sg);
415                 dma_addr = sg_dma_address(sg);
416                 dma_len = sg_dma_len(sg);
417         }
418
419         return prps;
420 }
421
422 /* NVMe scatterlists require no holes in the virtual address */
423 #define BIOVEC_NOT_VIRT_MERGEABLE(vec1, vec2)   ((vec2)->bv_offset || \
424                         (((vec1)->bv_offset + (vec1)->bv_len) % PAGE_SIZE))
425
426 static int nvme_map_bio(struct device *dev, struct nvme_bio *nbio,
427                 struct bio *bio, enum dma_data_direction dma_dir, int psegs)
428 {
429         struct bio_vec *bvec, *bvprv = NULL;
430         struct scatterlist *sg = NULL;
431         int i, old_idx, length = 0, nsegs = 0;
432
433         sg_init_table(nbio->sg, psegs);
434         old_idx = bio->bi_idx;
435         bio_for_each_segment(bvec, bio, i) {
436                 if (bvprv && BIOVEC_PHYS_MERGEABLE(bvprv, bvec)) {
437                         sg->length += bvec->bv_len;
438                 } else {
439                         if (bvprv && BIOVEC_NOT_VIRT_MERGEABLE(bvprv, bvec))
440                                 break;
441                         sg = sg ? sg + 1 : nbio->sg;
442                         sg_set_page(sg, bvec->bv_page, bvec->bv_len,
443                                                         bvec->bv_offset);
444                         nsegs++;
445                 }
446                 length += bvec->bv_len;
447                 bvprv = bvec;
448         }
449         bio->bi_idx = i;
450         nbio->nents = nsegs;
451         sg_mark_end(sg);
452         if (dma_map_sg(dev, nbio->sg, nbio->nents, dma_dir) == 0) {
453                 bio->bi_idx = old_idx;
454                 return -ENOMEM;
455         }
456         return length;
457 }
458
459 static int nvme_submit_flush(struct nvme_queue *nvmeq, struct nvme_ns *ns,
460                                                                 int cmdid)
461 {
462         struct nvme_command *cmnd = &nvmeq->sq_cmds[nvmeq->sq_tail];
463
464         memset(cmnd, 0, sizeof(*cmnd));
465         cmnd->common.opcode = nvme_cmd_flush;
466         cmnd->common.command_id = cmdid;
467         cmnd->common.nsid = cpu_to_le32(ns->ns_id);
468
469         if (++nvmeq->sq_tail == nvmeq->q_depth)
470                 nvmeq->sq_tail = 0;
471         writel(nvmeq->sq_tail, nvmeq->q_db);
472
473         return 0;
474 }
475
476 static int nvme_submit_flush_data(struct nvme_queue *nvmeq, struct nvme_ns *ns)
477 {
478         int cmdid = alloc_cmdid(nvmeq, (void *)CMD_CTX_FLUSH,
479                                                 sync_completion_id, IO_TIMEOUT);
480         if (unlikely(cmdid < 0))
481                 return cmdid;
482
483         return nvme_submit_flush(nvmeq, ns, cmdid);
484 }
485
486 static int nvme_submit_bio_queue(struct nvme_queue *nvmeq, struct nvme_ns *ns,
487                                                                 struct bio *bio)
488 {
489         struct nvme_command *cmnd;
490         struct nvme_bio *nbio;
491         enum dma_data_direction dma_dir;
492         int cmdid, length, result = -ENOMEM;
493         u16 control;
494         u32 dsmgmt;
495         int psegs = bio_phys_segments(ns->queue, bio);
496
497         if ((bio->bi_rw & REQ_FLUSH) && psegs) {
498                 result = nvme_submit_flush_data(nvmeq, ns);
499                 if (result)
500                         return result;
501         }
502
503         nbio = alloc_nbio(psegs, GFP_ATOMIC);
504         if (!nbio)
505                 goto nomem;
506         nbio->bio = bio;
507
508         result = -EBUSY;
509         cmdid = alloc_cmdid(nvmeq, nbio, bio_completion_id, IO_TIMEOUT);
510         if (unlikely(cmdid < 0))
511                 goto free_nbio;
512
513         if ((bio->bi_rw & REQ_FLUSH) && !psegs)
514                 return nvme_submit_flush(nvmeq, ns, cmdid);
515
516         control = 0;
517         if (bio->bi_rw & REQ_FUA)
518                 control |= NVME_RW_FUA;
519         if (bio->bi_rw & (REQ_FAILFAST_DEV | REQ_RAHEAD))
520                 control |= NVME_RW_LR;
521
522         dsmgmt = 0;
523         if (bio->bi_rw & REQ_RAHEAD)
524                 dsmgmt |= NVME_RW_DSM_FREQ_PREFETCH;
525
526         cmnd = &nvmeq->sq_cmds[nvmeq->sq_tail];
527
528         memset(cmnd, 0, sizeof(*cmnd));
529         if (bio_data_dir(bio)) {
530                 cmnd->rw.opcode = nvme_cmd_write;
531                 dma_dir = DMA_TO_DEVICE;
532         } else {
533                 cmnd->rw.opcode = nvme_cmd_read;
534                 dma_dir = DMA_FROM_DEVICE;
535         }
536
537         result = nvme_map_bio(nvmeq->q_dmadev, nbio, bio, dma_dir, psegs);
538         if (result < 0)
539                 goto free_nbio;
540         length = result;
541
542         cmnd->rw.command_id = cmdid;
543         cmnd->rw.nsid = cpu_to_le32(ns->ns_id);
544         nbio->prps = nvme_setup_prps(nvmeq->dev, &cmnd->common, nbio->sg,
545                                                         &length, GFP_ATOMIC);
546         cmnd->rw.slba = cpu_to_le64(bio->bi_sector >> (ns->lba_shift - 9));
547         cmnd->rw.length = cpu_to_le16((length >> ns->lba_shift) - 1);
548         cmnd->rw.control = cpu_to_le16(control);
549         cmnd->rw.dsmgmt = cpu_to_le32(dsmgmt);
550
551         bio->bi_sector += length >> 9;
552
553         if (++nvmeq->sq_tail == nvmeq->q_depth)
554                 nvmeq->sq_tail = 0;
555         writel(nvmeq->sq_tail, nvmeq->q_db);
556
557         return 0;
558
559  free_nbio:
560         free_nbio(nvmeq, nbio);
561  nomem:
562         return result;
563 }
564
565 /*
566  * NB: return value of non-zero would mean that we were a stacking driver.
567  * make_request must always succeed.
568  */
569 static int nvme_make_request(struct request_queue *q, struct bio *bio)
570 {
571         struct nvme_ns *ns = q->queuedata;
572         struct nvme_queue *nvmeq = get_nvmeq(ns);
573         int result = -EBUSY;
574
575         spin_lock_irq(&nvmeq->q_lock);
576         if (bio_list_empty(&nvmeq->sq_cong))
577                 result = nvme_submit_bio_queue(nvmeq, ns, bio);
578         if (unlikely(result)) {
579                 if (bio_list_empty(&nvmeq->sq_cong))
580                         add_wait_queue(&nvmeq->sq_full, &nvmeq->sq_cong_wait);
581                 bio_list_add(&nvmeq->sq_cong, bio);
582         }
583
584         spin_unlock_irq(&nvmeq->q_lock);
585         put_nvmeq(nvmeq);
586
587         return 0;
588 }
589
590 struct sync_cmd_info {
591         struct task_struct *task;
592         u32 result;
593         int status;
594 };
595
596 static void sync_completion(struct nvme_queue *nvmeq, void *ctx,
597                                                 struct nvme_completion *cqe)
598 {
599         struct sync_cmd_info *cmdinfo = ctx;
600         if (unlikely((unsigned long)cmdinfo == CMD_CTX_CANCELLED))
601                 return;
602         if ((unsigned long)cmdinfo == CMD_CTX_FLUSH)
603                 return;
604         if (unlikely((unsigned long)cmdinfo == CMD_CTX_COMPLETED)) {
605                 dev_warn(nvmeq->q_dmadev,
606                                 "completed id %d twice on queue %d\n",
607                                 cqe->command_id, le16_to_cpup(&cqe->sq_id));
608                 return;
609         }
610         if (unlikely((unsigned long)cmdinfo == CMD_CTX_INVALID)) {
611                 dev_warn(nvmeq->q_dmadev,
612                                 "invalid id %d completed on queue %d\n",
613                                 cqe->command_id, le16_to_cpup(&cqe->sq_id));
614                 return;
615         }
616         cmdinfo->result = le32_to_cpup(&cqe->result);
617         cmdinfo->status = le16_to_cpup(&cqe->status) >> 1;
618         wake_up_process(cmdinfo->task);
619 }
620
621 typedef void (*completion_fn)(struct nvme_queue *, void *,
622                                                 struct nvme_completion *);
623
624 static const completion_fn nvme_completions[4] = {
625         [sync_completion_id] = sync_completion,
626         [bio_completion_id]  = bio_completion,
627 };
628
629 static irqreturn_t nvme_process_cq(struct nvme_queue *nvmeq)
630 {
631         u16 head, phase;
632
633         head = nvmeq->cq_head;
634         phase = nvmeq->cq_phase;
635
636         for (;;) {
637                 unsigned long data;
638                 void *ptr;
639                 unsigned char handler;
640                 struct nvme_completion cqe = nvmeq->cqes[head];
641                 if ((le16_to_cpu(cqe.status) & 1) != phase)
642                         break;
643                 nvmeq->sq_head = le16_to_cpu(cqe.sq_head);
644                 if (++head == nvmeq->q_depth) {
645                         head = 0;
646                         phase = !phase;
647                 }
648
649                 data = free_cmdid(nvmeq, cqe.command_id);
650                 handler = data & 3;
651                 ptr = (void *)(data & ~3UL);
652                 nvme_completions[handler](nvmeq, ptr, &cqe);
653         }
654
655         /* If the controller ignores the cq head doorbell and continuously
656          * writes to the queue, it is theoretically possible to wrap around
657          * the queue twice and mistakenly return IRQ_NONE.  Linux only
658          * requires that 0.1% of your interrupts are handled, so this isn't
659          * a big problem.
660          */
661         if (head == nvmeq->cq_head && phase == nvmeq->cq_phase)
662                 return IRQ_NONE;
663
664         writel(head, nvmeq->q_db + 1);
665         nvmeq->cq_head = head;
666         nvmeq->cq_phase = phase;
667
668         return IRQ_HANDLED;
669 }
670
671 static irqreturn_t nvme_irq(int irq, void *data)
672 {
673         irqreturn_t result;
674         struct nvme_queue *nvmeq = data;
675         spin_lock(&nvmeq->q_lock);
676         result = nvme_process_cq(nvmeq);
677         spin_unlock(&nvmeq->q_lock);
678         return result;
679 }
680
681 static irqreturn_t nvme_irq_check(int irq, void *data)
682 {
683         struct nvme_queue *nvmeq = data;
684         struct nvme_completion cqe = nvmeq->cqes[nvmeq->cq_head];
685         if ((le16_to_cpu(cqe.status) & 1) != nvmeq->cq_phase)
686                 return IRQ_NONE;
687         return IRQ_WAKE_THREAD;
688 }
689
690 static void nvme_abort_command(struct nvme_queue *nvmeq, int cmdid)
691 {
692         spin_lock_irq(&nvmeq->q_lock);
693         cancel_cmdid(nvmeq, cmdid);
694         spin_unlock_irq(&nvmeq->q_lock);
695 }
696
697 /*
698  * Returns 0 on success.  If the result is negative, it's a Linux error code;
699  * if the result is positive, it's an NVM Express status code
700  */
701 static int nvme_submit_sync_cmd(struct nvme_queue *nvmeq,
702                         struct nvme_command *cmd, u32 *result, unsigned timeout)
703 {
704         int cmdid;
705         struct sync_cmd_info cmdinfo;
706
707         cmdinfo.task = current;
708         cmdinfo.status = -EINTR;
709
710         cmdid = alloc_cmdid_killable(nvmeq, &cmdinfo, sync_completion_id,
711                                                                 timeout);
712         if (cmdid < 0)
713                 return cmdid;
714         cmd->common.command_id = cmdid;
715
716         set_current_state(TASK_KILLABLE);
717         nvme_submit_cmd(nvmeq, cmd);
718         schedule();
719
720         if (cmdinfo.status == -EINTR) {
721                 nvme_abort_command(nvmeq, cmdid);
722                 return -EINTR;
723         }
724
725         if (result)
726                 *result = cmdinfo.result;
727
728         return cmdinfo.status;
729 }
730
731 static int nvme_submit_admin_cmd(struct nvme_dev *dev, struct nvme_command *cmd,
732                                                                 u32 *result)
733 {
734         return nvme_submit_sync_cmd(dev->queues[0], cmd, result, ADMIN_TIMEOUT);
735 }
736
737 static int adapter_delete_queue(struct nvme_dev *dev, u8 opcode, u16 id)
738 {
739         int status;
740         struct nvme_command c;
741
742         memset(&c, 0, sizeof(c));
743         c.delete_queue.opcode = opcode;
744         c.delete_queue.qid = cpu_to_le16(id);
745
746         status = nvme_submit_admin_cmd(dev, &c, NULL);
747         if (status)
748                 return -EIO;
749         return 0;
750 }
751
752 static int adapter_alloc_cq(struct nvme_dev *dev, u16 qid,
753                                                 struct nvme_queue *nvmeq)
754 {
755         int status;
756         struct nvme_command c;
757         int flags = NVME_QUEUE_PHYS_CONTIG | NVME_CQ_IRQ_ENABLED;
758
759         memset(&c, 0, sizeof(c));
760         c.create_cq.opcode = nvme_admin_create_cq;
761         c.create_cq.prp1 = cpu_to_le64(nvmeq->cq_dma_addr);
762         c.create_cq.cqid = cpu_to_le16(qid);
763         c.create_cq.qsize = cpu_to_le16(nvmeq->q_depth - 1);
764         c.create_cq.cq_flags = cpu_to_le16(flags);
765         c.create_cq.irq_vector = cpu_to_le16(nvmeq->cq_vector);
766
767         status = nvme_submit_admin_cmd(dev, &c, NULL);
768         if (status)
769                 return -EIO;
770         return 0;
771 }
772
773 static int adapter_alloc_sq(struct nvme_dev *dev, u16 qid,
774                                                 struct nvme_queue *nvmeq)
775 {
776         int status;
777         struct nvme_command c;
778         int flags = NVME_QUEUE_PHYS_CONTIG | NVME_SQ_PRIO_MEDIUM;
779
780         memset(&c, 0, sizeof(c));
781         c.create_sq.opcode = nvme_admin_create_sq;
782         c.create_sq.prp1 = cpu_to_le64(nvmeq->sq_dma_addr);
783         c.create_sq.sqid = cpu_to_le16(qid);
784         c.create_sq.qsize = cpu_to_le16(nvmeq->q_depth - 1);
785         c.create_sq.sq_flags = cpu_to_le16(flags);
786         c.create_sq.cqid = cpu_to_le16(qid);
787
788         status = nvme_submit_admin_cmd(dev, &c, NULL);
789         if (status)
790                 return -EIO;
791         return 0;
792 }
793
794 static int adapter_delete_cq(struct nvme_dev *dev, u16 cqid)
795 {
796         return adapter_delete_queue(dev, nvme_admin_delete_cq, cqid);
797 }
798
799 static int adapter_delete_sq(struct nvme_dev *dev, u16 sqid)
800 {
801         return adapter_delete_queue(dev, nvme_admin_delete_sq, sqid);
802 }
803
804 static void nvme_free_queue(struct nvme_dev *dev, int qid)
805 {
806         struct nvme_queue *nvmeq = dev->queues[qid];
807         int vector = dev->entry[nvmeq->cq_vector].vector;
808
809         irq_set_affinity_hint(vector, NULL);
810         free_irq(vector, nvmeq);
811
812         /* Don't tell the adapter to delete the admin queue */
813         if (qid) {
814                 adapter_delete_sq(dev, qid);
815                 adapter_delete_cq(dev, qid);
816         }
817
818         dma_free_coherent(nvmeq->q_dmadev, CQ_SIZE(nvmeq->q_depth),
819                                 (void *)nvmeq->cqes, nvmeq->cq_dma_addr);
820         dma_free_coherent(nvmeq->q_dmadev, SQ_SIZE(nvmeq->q_depth),
821                                         nvmeq->sq_cmds, nvmeq->sq_dma_addr);
822         kfree(nvmeq);
823 }
824
825 static struct nvme_queue *nvme_alloc_queue(struct nvme_dev *dev, int qid,
826                                                         int depth, int vector)
827 {
828         struct device *dmadev = &dev->pci_dev->dev;
829         unsigned extra = (depth / 8) + (depth * sizeof(struct nvme_cmd_info));
830         struct nvme_queue *nvmeq = kzalloc(sizeof(*nvmeq) + extra, GFP_KERNEL);
831         if (!nvmeq)
832                 return NULL;
833
834         nvmeq->cqes = dma_alloc_coherent(dmadev, CQ_SIZE(depth),
835                                         &nvmeq->cq_dma_addr, GFP_KERNEL);
836         if (!nvmeq->cqes)
837                 goto free_nvmeq;
838         memset((void *)nvmeq->cqes, 0, CQ_SIZE(depth));
839
840         nvmeq->sq_cmds = dma_alloc_coherent(dmadev, SQ_SIZE(depth),
841                                         &nvmeq->sq_dma_addr, GFP_KERNEL);
842         if (!nvmeq->sq_cmds)
843                 goto free_cqdma;
844
845         nvmeq->q_dmadev = dmadev;
846         nvmeq->dev = dev;
847         spin_lock_init(&nvmeq->q_lock);
848         nvmeq->cq_head = 0;
849         nvmeq->cq_phase = 1;
850         init_waitqueue_head(&nvmeq->sq_full);
851         init_waitqueue_entry(&nvmeq->sq_cong_wait, nvme_thread);
852         bio_list_init(&nvmeq->sq_cong);
853         nvmeq->q_db = &dev->dbs[qid * 2];
854         nvmeq->q_depth = depth;
855         nvmeq->cq_vector = vector;
856
857         return nvmeq;
858
859  free_cqdma:
860         dma_free_coherent(dmadev, CQ_SIZE(nvmeq->q_depth), (void *)nvmeq->cqes,
861                                                         nvmeq->cq_dma_addr);
862  free_nvmeq:
863         kfree(nvmeq);
864         return NULL;
865 }
866
867 static int queue_request_irq(struct nvme_dev *dev, struct nvme_queue *nvmeq,
868                                                         const char *name)
869 {
870         if (use_threaded_interrupts)
871                 return request_threaded_irq(dev->entry[nvmeq->cq_vector].vector,
872                                         nvme_irq_check, nvme_irq,
873                                         IRQF_DISABLED | IRQF_SHARED,
874                                         name, nvmeq);
875         return request_irq(dev->entry[nvmeq->cq_vector].vector, nvme_irq,
876                                 IRQF_DISABLED | IRQF_SHARED, name, nvmeq);
877 }
878
879 static __devinit struct nvme_queue *nvme_create_queue(struct nvme_dev *dev,
880                                         int qid, int cq_size, int vector)
881 {
882         int result;
883         struct nvme_queue *nvmeq = nvme_alloc_queue(dev, qid, cq_size, vector);
884
885         if (!nvmeq)
886                 return NULL;
887
888         result = adapter_alloc_cq(dev, qid, nvmeq);
889         if (result < 0)
890                 goto free_nvmeq;
891
892         result = adapter_alloc_sq(dev, qid, nvmeq);
893         if (result < 0)
894                 goto release_cq;
895
896         result = queue_request_irq(dev, nvmeq, "nvme");
897         if (result < 0)
898                 goto release_sq;
899
900         return nvmeq;
901
902  release_sq:
903         adapter_delete_sq(dev, qid);
904  release_cq:
905         adapter_delete_cq(dev, qid);
906  free_nvmeq:
907         dma_free_coherent(nvmeq->q_dmadev, CQ_SIZE(nvmeq->q_depth),
908                                 (void *)nvmeq->cqes, nvmeq->cq_dma_addr);
909         dma_free_coherent(nvmeq->q_dmadev, SQ_SIZE(nvmeq->q_depth),
910                                         nvmeq->sq_cmds, nvmeq->sq_dma_addr);
911         kfree(nvmeq);
912         return NULL;
913 }
914
915 static int __devinit nvme_configure_admin_queue(struct nvme_dev *dev)
916 {
917         int result;
918         u32 aqa;
919         u64 cap;
920         unsigned long timeout;
921         struct nvme_queue *nvmeq;
922
923         dev->dbs = ((void __iomem *)dev->bar) + 4096;
924
925         nvmeq = nvme_alloc_queue(dev, 0, 64, 0);
926         if (!nvmeq)
927                 return -ENOMEM;
928
929         aqa = nvmeq->q_depth - 1;
930         aqa |= aqa << 16;
931
932         dev->ctrl_config = NVME_CC_ENABLE | NVME_CC_CSS_NVM;
933         dev->ctrl_config |= (PAGE_SHIFT - 12) << NVME_CC_MPS_SHIFT;
934         dev->ctrl_config |= NVME_CC_ARB_RR | NVME_CC_SHN_NONE;
935         dev->ctrl_config |= NVME_CC_IOSQES | NVME_CC_IOCQES;
936
937         writel(0, &dev->bar->cc);
938         writel(aqa, &dev->bar->aqa);
939         writeq(nvmeq->sq_dma_addr, &dev->bar->asq);
940         writeq(nvmeq->cq_dma_addr, &dev->bar->acq);
941         writel(dev->ctrl_config, &dev->bar->cc);
942
943         cap = readq(&dev->bar->cap);
944         timeout = ((NVME_CAP_TIMEOUT(cap) + 1) * HZ / 2) + jiffies;
945
946         while (!(readl(&dev->bar->csts) & NVME_CSTS_RDY)) {
947                 msleep(100);
948                 if (fatal_signal_pending(current))
949                         return -EINTR;
950                 if (time_after(jiffies, timeout)) {
951                         dev_err(&dev->pci_dev->dev,
952                                 "Device not ready; aborting initialisation\n");
953                         return -ENODEV;
954                 }
955         }
956
957         result = queue_request_irq(dev, nvmeq, "nvme admin");
958         dev->queues[0] = nvmeq;
959         return result;
960 }
961
962 static int nvme_map_user_pages(struct nvme_dev *dev, int write,
963                                 unsigned long addr, unsigned length,
964                                 struct scatterlist **sgp)
965 {
966         int i, err, count, nents, offset;
967         struct scatterlist *sg;
968         struct page **pages;
969
970         if (addr & 3)
971                 return -EINVAL;
972         if (!length)
973                 return -EINVAL;
974
975         offset = offset_in_page(addr);
976         count = DIV_ROUND_UP(offset + length, PAGE_SIZE);
977         pages = kcalloc(count, sizeof(*pages), GFP_KERNEL);
978
979         err = get_user_pages_fast(addr, count, 1, pages);
980         if (err < count) {
981                 count = err;
982                 err = -EFAULT;
983                 goto put_pages;
984         }
985
986         sg = kcalloc(count, sizeof(*sg), GFP_KERNEL);
987         sg_init_table(sg, count);
988         sg_set_page(&sg[0], pages[0], PAGE_SIZE - offset, offset);
989         length -= (PAGE_SIZE - offset);
990         for (i = 1; i < count; i++) {
991                 sg_set_page(&sg[i], pages[i], min_t(int, length, PAGE_SIZE), 0);
992                 length -= PAGE_SIZE;
993         }
994
995         err = -ENOMEM;
996         nents = dma_map_sg(&dev->pci_dev->dev, sg, count,
997                                 write ? DMA_TO_DEVICE : DMA_FROM_DEVICE);
998         if (!nents)
999                 goto put_pages;
1000
1001         kfree(pages);
1002         *sgp = sg;
1003         return nents;
1004
1005  put_pages:
1006         for (i = 0; i < count; i++)
1007                 put_page(pages[i]);
1008         kfree(pages);
1009         return err;
1010 }
1011
1012 static void nvme_unmap_user_pages(struct nvme_dev *dev, int write,
1013                                 unsigned long addr, int length,
1014                                 struct scatterlist *sg, int nents)
1015 {
1016         int i, count;
1017
1018         count = DIV_ROUND_UP(offset_in_page(addr) + length, PAGE_SIZE);
1019         dma_unmap_sg(&dev->pci_dev->dev, sg, nents, DMA_FROM_DEVICE);
1020
1021         for (i = 0; i < count; i++)
1022                 put_page(sg_page(&sg[i]));
1023 }
1024
1025 static int nvme_submit_user_admin_command(struct nvme_dev *dev,
1026                                         unsigned long addr, unsigned length,
1027                                         struct nvme_command *cmd)
1028 {
1029         int err, nents, tmplen = length;
1030         struct scatterlist *sg;
1031         struct nvme_prps *prps;
1032
1033         nents = nvme_map_user_pages(dev, 0, addr, length, &sg);
1034         if (nents < 0)
1035                 return nents;
1036         prps = nvme_setup_prps(dev, &cmd->common, sg, &tmplen, GFP_KERNEL);
1037         if (tmplen != length)
1038                 err = -ENOMEM;
1039         else
1040                 err = nvme_submit_admin_cmd(dev, cmd, NULL);
1041         nvme_unmap_user_pages(dev, 0, addr, length, sg, nents);
1042         nvme_free_prps(dev, prps);
1043         return err ? -EIO : 0;
1044 }
1045
1046 static int nvme_identify(struct nvme_ns *ns, unsigned long addr, int cns)
1047 {
1048         struct nvme_command c;
1049
1050         memset(&c, 0, sizeof(c));
1051         c.identify.opcode = nvme_admin_identify;
1052         c.identify.nsid = cns ? 0 : cpu_to_le32(ns->ns_id);
1053         c.identify.cns = cpu_to_le32(cns);
1054
1055         return nvme_submit_user_admin_command(ns->dev, addr, 4096, &c);
1056 }
1057
1058 static int nvme_get_range_type(struct nvme_ns *ns, unsigned long addr)
1059 {
1060         struct nvme_command c;
1061
1062         memset(&c, 0, sizeof(c));
1063         c.features.opcode = nvme_admin_get_features;
1064         c.features.nsid = cpu_to_le32(ns->ns_id);
1065         c.features.fid = cpu_to_le32(NVME_FEAT_LBA_RANGE);
1066
1067         return nvme_submit_user_admin_command(ns->dev, addr, 4096, &c);
1068 }
1069
1070 static int nvme_submit_io(struct nvme_ns *ns, struct nvme_user_io __user *uio)
1071 {
1072         struct nvme_dev *dev = ns->dev;
1073         struct nvme_queue *nvmeq;
1074         struct nvme_user_io io;
1075         struct nvme_command c;
1076         unsigned length;
1077         int nents, status;
1078         struct scatterlist *sg;
1079         struct nvme_prps *prps;
1080
1081         if (copy_from_user(&io, uio, sizeof(io)))
1082                 return -EFAULT;
1083         length = (io.nblocks + 1) << ns->lba_shift;
1084
1085         switch (io.opcode) {
1086         case nvme_cmd_write:
1087         case nvme_cmd_read:
1088                 nents = nvme_map_user_pages(dev, io.opcode & 1, io.addr,
1089                                                                 length, &sg);
1090         default:
1091                 return -EFAULT;
1092         }
1093
1094         if (nents < 0)
1095                 return nents;
1096
1097         memset(&c, 0, sizeof(c));
1098         c.rw.opcode = io.opcode;
1099         c.rw.flags = io.flags;
1100         c.rw.nsid = cpu_to_le32(ns->ns_id);
1101         c.rw.slba = cpu_to_le64(io.slba);
1102         c.rw.length = cpu_to_le16(io.nblocks);
1103         c.rw.control = cpu_to_le16(io.control);
1104         c.rw.dsmgmt = cpu_to_le16(io.dsmgmt);
1105         c.rw.reftag = io.reftag;
1106         c.rw.apptag = io.apptag;
1107         c.rw.appmask = io.appmask;
1108         /* XXX: metadata */
1109         prps = nvme_setup_prps(dev, &c.common, sg, &length, GFP_KERNEL);
1110
1111         nvmeq = get_nvmeq(ns);
1112         /*
1113          * Since nvme_submit_sync_cmd sleeps, we can't keep preemption
1114          * disabled.  We may be preempted at any point, and be rescheduled
1115          * to a different CPU.  That will cause cacheline bouncing, but no
1116          * additional races since q_lock already protects against other CPUs.
1117          */
1118         put_nvmeq(nvmeq);
1119         if (length != (io.nblocks + 1) << ns->lba_shift)
1120                 status = -ENOMEM;
1121         else
1122                 status = nvme_submit_sync_cmd(nvmeq, &c, NULL, IO_TIMEOUT);
1123
1124         nvme_unmap_user_pages(dev, io.opcode & 1, io.addr, length, sg, nents);
1125         nvme_free_prps(dev, prps);
1126         return status;
1127 }
1128
1129 static int nvme_download_firmware(struct nvme_ns *ns,
1130                                                 struct nvme_dlfw __user *udlfw)
1131 {
1132         struct nvme_dev *dev = ns->dev;
1133         struct nvme_dlfw dlfw;
1134         struct nvme_command c;
1135         int nents, status, length;
1136         struct scatterlist *sg;
1137         struct nvme_prps *prps;
1138
1139         if (copy_from_user(&dlfw, udlfw, sizeof(dlfw)))
1140                 return -EFAULT;
1141         if (dlfw.length >= (1 << 30))
1142                 return -EINVAL;
1143         length = dlfw.length * 4;
1144
1145         nents = nvme_map_user_pages(dev, 1, dlfw.addr, length, &sg);
1146         if (nents < 0)
1147                 return nents;
1148
1149         memset(&c, 0, sizeof(c));
1150         c.dlfw.opcode = nvme_admin_download_fw;
1151         c.dlfw.numd = cpu_to_le32(dlfw.length);
1152         c.dlfw.offset = cpu_to_le32(dlfw.offset);
1153         prps = nvme_setup_prps(dev, &c.common, sg, &length, GFP_KERNEL);
1154         if (length != dlfw.length * 4)
1155                 status = -ENOMEM;
1156         else
1157                 status = nvme_submit_admin_cmd(dev, &c, NULL);
1158         nvme_unmap_user_pages(dev, 0, dlfw.addr, dlfw.length * 4, sg, nents);
1159         nvme_free_prps(dev, prps);
1160         return status;
1161 }
1162
1163 static int nvme_activate_firmware(struct nvme_ns *ns, unsigned long arg)
1164 {
1165         struct nvme_dev *dev = ns->dev;
1166         struct nvme_command c;
1167
1168         memset(&c, 0, sizeof(c));
1169         c.common.opcode = nvme_admin_activate_fw;
1170         c.common.rsvd10[0] = cpu_to_le32(arg);
1171
1172         return nvme_submit_admin_cmd(dev, &c, NULL);
1173 }
1174
1175 static int nvme_ioctl(struct block_device *bdev, fmode_t mode, unsigned int cmd,
1176                                                         unsigned long arg)
1177 {
1178         struct nvme_ns *ns = bdev->bd_disk->private_data;
1179
1180         switch (cmd) {
1181         case NVME_IOCTL_IDENTIFY_NS:
1182                 return nvme_identify(ns, arg, 0);
1183         case NVME_IOCTL_IDENTIFY_CTRL:
1184                 return nvme_identify(ns, arg, 1);
1185         case NVME_IOCTL_GET_RANGE_TYPE:
1186                 return nvme_get_range_type(ns, arg);
1187         case NVME_IOCTL_SUBMIT_IO:
1188                 return nvme_submit_io(ns, (void __user *)arg);
1189         case NVME_IOCTL_DOWNLOAD_FW:
1190                 return nvme_download_firmware(ns, (void __user *)arg);
1191         case NVME_IOCTL_ACTIVATE_FW:
1192                 return nvme_activate_firmware(ns, arg);
1193         default:
1194                 return -ENOTTY;
1195         }
1196 }
1197
1198 static const struct block_device_operations nvme_fops = {
1199         .owner          = THIS_MODULE,
1200         .ioctl          = nvme_ioctl,
1201         .compat_ioctl   = nvme_ioctl,
1202 };
1203
1204 static void nvme_timeout_ios(struct nvme_queue *nvmeq)
1205 {
1206         int depth = nvmeq->q_depth - 1;
1207         struct nvme_cmd_info *info = nvme_cmd_info(nvmeq);
1208         unsigned long now = jiffies;
1209         int cmdid;
1210
1211         for_each_set_bit(cmdid, nvmeq->cmdid_data, depth) {
1212                 unsigned long data;
1213                 void *ptr;
1214                 unsigned char handler;
1215                 static struct nvme_completion cqe = { .status = cpu_to_le16(NVME_SC_ABORT_REQ) << 1, };
1216
1217                 if (!time_after(now, info[cmdid].timeout))
1218                         continue;
1219                 dev_warn(nvmeq->q_dmadev, "Timing out I/O %d\n", cmdid);
1220                 data = cancel_cmdid(nvmeq, cmdid);
1221                 handler = data & 3;
1222                 ptr = (void *)(data & ~3UL);
1223                 nvme_completions[handler](nvmeq, ptr, &cqe);
1224         }
1225 }
1226
1227 static void nvme_resubmit_bios(struct nvme_queue *nvmeq)
1228 {
1229         while (bio_list_peek(&nvmeq->sq_cong)) {
1230                 struct bio *bio = bio_list_pop(&nvmeq->sq_cong);
1231                 struct nvme_ns *ns = bio->bi_bdev->bd_disk->private_data;
1232                 if (nvme_submit_bio_queue(nvmeq, ns, bio)) {
1233                         bio_list_add_head(&nvmeq->sq_cong, bio);
1234                         break;
1235                 }
1236                 if (bio_list_empty(&nvmeq->sq_cong))
1237                         remove_wait_queue(&nvmeq->sq_full,
1238                                                         &nvmeq->sq_cong_wait);
1239         }
1240 }
1241
1242 static int nvme_kthread(void *data)
1243 {
1244         struct nvme_dev *dev;
1245
1246         while (!kthread_should_stop()) {
1247                 __set_current_state(TASK_RUNNING);
1248                 spin_lock(&dev_list_lock);
1249                 list_for_each_entry(dev, &dev_list, node) {
1250                         int i;
1251                         for (i = 0; i < dev->queue_count; i++) {
1252                                 struct nvme_queue *nvmeq = dev->queues[i];
1253                                 if (!nvmeq)
1254                                         continue;
1255                                 spin_lock_irq(&nvmeq->q_lock);
1256                                 if (nvme_process_cq(nvmeq))
1257                                         printk("process_cq did something\n");
1258                                 nvme_timeout_ios(nvmeq);
1259                                 nvme_resubmit_bios(nvmeq);
1260                                 spin_unlock_irq(&nvmeq->q_lock);
1261                         }
1262                 }
1263                 spin_unlock(&dev_list_lock);
1264                 set_current_state(TASK_INTERRUPTIBLE);
1265                 schedule_timeout(HZ);
1266         }
1267         return 0;
1268 }
1269
1270 static DEFINE_IDA(nvme_index_ida);
1271
1272 static int nvme_get_ns_idx(void)
1273 {
1274         int index, error;
1275
1276         do {
1277                 if (!ida_pre_get(&nvme_index_ida, GFP_KERNEL))
1278                         return -1;
1279
1280                 spin_lock(&dev_list_lock);
1281                 error = ida_get_new(&nvme_index_ida, &index);
1282                 spin_unlock(&dev_list_lock);
1283         } while (error == -EAGAIN);
1284
1285         if (error)
1286                 index = -1;
1287         return index;
1288 }
1289
1290 static void nvme_put_ns_idx(int index)
1291 {
1292         spin_lock(&dev_list_lock);
1293         ida_remove(&nvme_index_ida, index);
1294         spin_unlock(&dev_list_lock);
1295 }
1296
1297 static struct nvme_ns *nvme_alloc_ns(struct nvme_dev *dev, int nsid,
1298                         struct nvme_id_ns *id, struct nvme_lba_range_type *rt)
1299 {
1300         struct nvme_ns *ns;
1301         struct gendisk *disk;
1302         int lbaf;
1303
1304         if (rt->attributes & NVME_LBART_ATTRIB_HIDE)
1305                 return NULL;
1306
1307         ns = kzalloc(sizeof(*ns), GFP_KERNEL);
1308         if (!ns)
1309                 return NULL;
1310         ns->queue = blk_alloc_queue(GFP_KERNEL);
1311         if (!ns->queue)
1312                 goto out_free_ns;
1313         ns->queue->queue_flags = QUEUE_FLAG_DEFAULT | QUEUE_FLAG_NOMERGES |
1314                                 QUEUE_FLAG_NONROT | QUEUE_FLAG_DISCARD;
1315         blk_queue_make_request(ns->queue, nvme_make_request);
1316         ns->dev = dev;
1317         ns->queue->queuedata = ns;
1318
1319         disk = alloc_disk(NVME_MINORS);
1320         if (!disk)
1321                 goto out_free_queue;
1322         ns->ns_id = nsid;
1323         ns->disk = disk;
1324         lbaf = id->flbas & 0xf;
1325         ns->lba_shift = id->lbaf[lbaf].ds;
1326
1327         disk->major = nvme_major;
1328         disk->minors = NVME_MINORS;
1329         disk->first_minor = NVME_MINORS * nvme_get_ns_idx();
1330         disk->fops = &nvme_fops;
1331         disk->private_data = ns;
1332         disk->queue = ns->queue;
1333         disk->driverfs_dev = &dev->pci_dev->dev;
1334         sprintf(disk->disk_name, "nvme%dn%d", dev->instance, nsid);
1335         set_capacity(disk, le64_to_cpup(&id->nsze) << (ns->lba_shift - 9));
1336
1337         return ns;
1338
1339  out_free_queue:
1340         blk_cleanup_queue(ns->queue);
1341  out_free_ns:
1342         kfree(ns);
1343         return NULL;
1344 }
1345
1346 static void nvme_ns_free(struct nvme_ns *ns)
1347 {
1348         int index = ns->disk->first_minor / NVME_MINORS;
1349         put_disk(ns->disk);
1350         nvme_put_ns_idx(index);
1351         blk_cleanup_queue(ns->queue);
1352         kfree(ns);
1353 }
1354
1355 static int set_queue_count(struct nvme_dev *dev, int count)
1356 {
1357         int status;
1358         u32 result;
1359         struct nvme_command c;
1360         u32 q_count = (count - 1) | ((count - 1) << 16);
1361
1362         memset(&c, 0, sizeof(c));
1363         c.features.opcode = nvme_admin_get_features;
1364         c.features.fid = cpu_to_le32(NVME_FEAT_NUM_QUEUES);
1365         c.features.dword11 = cpu_to_le32(q_count);
1366
1367         status = nvme_submit_admin_cmd(dev, &c, &result);
1368         if (status)
1369                 return -EIO;
1370         return min(result & 0xffff, result >> 16) + 1;
1371 }
1372
1373 static int __devinit nvme_setup_io_queues(struct nvme_dev *dev)
1374 {
1375         int result, cpu, i, nr_io_queues;
1376
1377         nr_io_queues = num_online_cpus();
1378         result = set_queue_count(dev, nr_io_queues);
1379         if (result < 0)
1380                 return result;
1381         if (result < nr_io_queues)
1382                 nr_io_queues = result;
1383
1384         /* Deregister the admin queue's interrupt */
1385         free_irq(dev->entry[0].vector, dev->queues[0]);
1386
1387         for (i = 0; i < nr_io_queues; i++)
1388                 dev->entry[i].entry = i;
1389         for (;;) {
1390                 result = pci_enable_msix(dev->pci_dev, dev->entry,
1391                                                                 nr_io_queues);
1392                 if (result == 0) {
1393                         break;
1394                 } else if (result > 0) {
1395                         nr_io_queues = result;
1396                         continue;
1397                 } else {
1398                         nr_io_queues = 1;
1399                         break;
1400                 }
1401         }
1402
1403         result = queue_request_irq(dev, dev->queues[0], "nvme admin");
1404         /* XXX: handle failure here */
1405
1406         cpu = cpumask_first(cpu_online_mask);
1407         for (i = 0; i < nr_io_queues; i++) {
1408                 irq_set_affinity_hint(dev->entry[i].vector, get_cpu_mask(cpu));
1409                 cpu = cpumask_next(cpu, cpu_online_mask);
1410         }
1411
1412         for (i = 0; i < nr_io_queues; i++) {
1413                 dev->queues[i + 1] = nvme_create_queue(dev, i + 1,
1414                                                         NVME_Q_DEPTH, i);
1415                 if (!dev->queues[i + 1])
1416                         return -ENOMEM;
1417                 dev->queue_count++;
1418         }
1419
1420         for (; i < num_possible_cpus(); i++) {
1421                 int target = i % rounddown_pow_of_two(dev->queue_count - 1);
1422                 dev->queues[i + 1] = dev->queues[target + 1];
1423         }
1424
1425         return 0;
1426 }
1427
1428 static void nvme_free_queues(struct nvme_dev *dev)
1429 {
1430         int i;
1431
1432         for (i = dev->queue_count - 1; i >= 0; i--)
1433                 nvme_free_queue(dev, i);
1434 }
1435
1436 static int __devinit nvme_dev_add(struct nvme_dev *dev)
1437 {
1438         int res, nn, i;
1439         struct nvme_ns *ns, *next;
1440         struct nvme_id_ctrl *ctrl;
1441         void *id;
1442         dma_addr_t dma_addr;
1443         struct nvme_command cid, crt;
1444
1445         res = nvme_setup_io_queues(dev);
1446         if (res)
1447                 return res;
1448
1449         /* XXX: Switch to a SG list once prp2 works */
1450         id = dma_alloc_coherent(&dev->pci_dev->dev, 8192, &dma_addr,
1451                                                                 GFP_KERNEL);
1452
1453         memset(&cid, 0, sizeof(cid));
1454         cid.identify.opcode = nvme_admin_identify;
1455         cid.identify.nsid = 0;
1456         cid.identify.prp1 = cpu_to_le64(dma_addr);
1457         cid.identify.cns = cpu_to_le32(1);
1458
1459         res = nvme_submit_admin_cmd(dev, &cid, NULL);
1460         if (res) {
1461                 res = -EIO;
1462                 goto out_free;
1463         }
1464
1465         ctrl = id;
1466         nn = le32_to_cpup(&ctrl->nn);
1467         memcpy(dev->serial, ctrl->sn, sizeof(ctrl->sn));
1468         memcpy(dev->model, ctrl->mn, sizeof(ctrl->mn));
1469         memcpy(dev->firmware_rev, ctrl->fr, sizeof(ctrl->fr));
1470
1471         cid.identify.cns = 0;
1472         memset(&crt, 0, sizeof(crt));
1473         crt.features.opcode = nvme_admin_get_features;
1474         crt.features.prp1 = cpu_to_le64(dma_addr + 4096);
1475         crt.features.fid = cpu_to_le32(NVME_FEAT_LBA_RANGE);
1476
1477         for (i = 0; i <= nn; i++) {
1478                 cid.identify.nsid = cpu_to_le32(i);
1479                 res = nvme_submit_admin_cmd(dev, &cid, NULL);
1480                 if (res)
1481                         continue;
1482
1483                 if (((struct nvme_id_ns *)id)->ncap == 0)
1484                         continue;
1485
1486                 crt.features.nsid = cpu_to_le32(i);
1487                 res = nvme_submit_admin_cmd(dev, &crt, NULL);
1488                 if (res)
1489                         continue;
1490
1491                 ns = nvme_alloc_ns(dev, i, id, id + 4096);
1492                 if (ns)
1493                         list_add_tail(&ns->list, &dev->namespaces);
1494         }
1495         list_for_each_entry(ns, &dev->namespaces, list)
1496                 add_disk(ns->disk);
1497
1498         dma_free_coherent(&dev->pci_dev->dev, 4096, id, dma_addr);
1499         return 0;
1500
1501  out_free:
1502         list_for_each_entry_safe(ns, next, &dev->namespaces, list) {
1503                 list_del(&ns->list);
1504                 nvme_ns_free(ns);
1505         }
1506
1507         dma_free_coherent(&dev->pci_dev->dev, 4096, id, dma_addr);
1508         return res;
1509 }
1510
1511 static int nvme_dev_remove(struct nvme_dev *dev)
1512 {
1513         struct nvme_ns *ns, *next;
1514
1515         spin_lock(&dev_list_lock);
1516         list_del(&dev->node);
1517         spin_unlock(&dev_list_lock);
1518
1519         /* TODO: wait all I/O finished or cancel them */
1520
1521         list_for_each_entry_safe(ns, next, &dev->namespaces, list) {
1522                 list_del(&ns->list);
1523                 del_gendisk(ns->disk);
1524                 nvme_ns_free(ns);
1525         }
1526
1527         nvme_free_queues(dev);
1528
1529         return 0;
1530 }
1531
1532 static int nvme_setup_prp_pools(struct nvme_dev *dev)
1533 {
1534         struct device *dmadev = &dev->pci_dev->dev;
1535         dev->prp_page_pool = dma_pool_create("prp list page", dmadev,
1536                                                 PAGE_SIZE, PAGE_SIZE, 0);
1537         if (!dev->prp_page_pool)
1538                 return -ENOMEM;
1539
1540         /* Optimisation for I/Os between 4k and 128k */
1541         dev->prp_small_pool = dma_pool_create("prp list 256", dmadev,
1542                                                 256, 256, 0);
1543         if (!dev->prp_small_pool) {
1544                 dma_pool_destroy(dev->prp_page_pool);
1545                 return -ENOMEM;
1546         }
1547         return 0;
1548 }
1549
1550 static void nvme_release_prp_pools(struct nvme_dev *dev)
1551 {
1552         dma_pool_destroy(dev->prp_page_pool);
1553         dma_pool_destroy(dev->prp_small_pool);
1554 }
1555
1556 /* XXX: Use an ida or something to let remove / add work correctly */
1557 static void nvme_set_instance(struct nvme_dev *dev)
1558 {
1559         static int instance;
1560         dev->instance = instance++;
1561 }
1562
1563 static void nvme_release_instance(struct nvme_dev *dev)
1564 {
1565 }
1566
1567 static int __devinit nvme_probe(struct pci_dev *pdev,
1568                                                 const struct pci_device_id *id)
1569 {
1570         int bars, result = -ENOMEM;
1571         struct nvme_dev *dev;
1572
1573         dev = kzalloc(sizeof(*dev), GFP_KERNEL);
1574         if (!dev)
1575                 return -ENOMEM;
1576         dev->entry = kcalloc(num_possible_cpus(), sizeof(*dev->entry),
1577                                                                 GFP_KERNEL);
1578         if (!dev->entry)
1579                 goto free;
1580         dev->queues = kcalloc(num_possible_cpus() + 1, sizeof(void *),
1581                                                                 GFP_KERNEL);
1582         if (!dev->queues)
1583                 goto free;
1584
1585         if (pci_enable_device_mem(pdev))
1586                 goto free;
1587         pci_set_master(pdev);
1588         bars = pci_select_bars(pdev, IORESOURCE_MEM);
1589         if (pci_request_selected_regions(pdev, bars, "nvme"))
1590                 goto disable;
1591
1592         INIT_LIST_HEAD(&dev->namespaces);
1593         dev->pci_dev = pdev;
1594         pci_set_drvdata(pdev, dev);
1595         dma_set_mask(&pdev->dev, DMA_BIT_MASK(64));
1596         dma_set_coherent_mask(&pdev->dev, DMA_BIT_MASK(64));
1597         nvme_set_instance(dev);
1598         dev->entry[0].vector = pdev->irq;
1599
1600         result = nvme_setup_prp_pools(dev);
1601         if (result)
1602                 goto disable_msix;
1603
1604         dev->bar = ioremap(pci_resource_start(pdev, 0), 8192);
1605         if (!dev->bar) {
1606                 result = -ENOMEM;
1607                 goto disable_msix;
1608         }
1609
1610         result = nvme_configure_admin_queue(dev);
1611         if (result)
1612                 goto unmap;
1613         dev->queue_count++;
1614
1615         spin_lock(&dev_list_lock);
1616         list_add(&dev->node, &dev_list);
1617         spin_unlock(&dev_list_lock);
1618
1619         result = nvme_dev_add(dev);
1620         if (result)
1621                 goto delete;
1622
1623         return 0;
1624
1625  delete:
1626         spin_lock(&dev_list_lock);
1627         list_del(&dev->node);
1628         spin_unlock(&dev_list_lock);
1629
1630         nvme_free_queues(dev);
1631  unmap:
1632         iounmap(dev->bar);
1633  disable_msix:
1634         pci_disable_msix(pdev);
1635         nvme_release_instance(dev);
1636         nvme_release_prp_pools(dev);
1637  disable:
1638         pci_disable_device(pdev);
1639         pci_release_regions(pdev);
1640  free:
1641         kfree(dev->queues);
1642         kfree(dev->entry);
1643         kfree(dev);
1644         return result;
1645 }
1646
1647 static void __devexit nvme_remove(struct pci_dev *pdev)
1648 {
1649         struct nvme_dev *dev = pci_get_drvdata(pdev);
1650         nvme_dev_remove(dev);
1651         pci_disable_msix(pdev);
1652         iounmap(dev->bar);
1653         nvme_release_instance(dev);
1654         nvme_release_prp_pools(dev);
1655         pci_disable_device(pdev);
1656         pci_release_regions(pdev);
1657         kfree(dev->queues);
1658         kfree(dev->entry);
1659         kfree(dev);
1660 }
1661
1662 /* These functions are yet to be implemented */
1663 #define nvme_error_detected NULL
1664 #define nvme_dump_registers NULL
1665 #define nvme_link_reset NULL
1666 #define nvme_slot_reset NULL
1667 #define nvme_error_resume NULL
1668 #define nvme_suspend NULL
1669 #define nvme_resume NULL
1670
1671 static struct pci_error_handlers nvme_err_handler = {
1672         .error_detected = nvme_error_detected,
1673         .mmio_enabled   = nvme_dump_registers,
1674         .link_reset     = nvme_link_reset,
1675         .slot_reset     = nvme_slot_reset,
1676         .resume         = nvme_error_resume,
1677 };
1678
1679 /* Move to pci_ids.h later */
1680 #define PCI_CLASS_STORAGE_EXPRESS       0x010802
1681
1682 static DEFINE_PCI_DEVICE_TABLE(nvme_id_table) = {
1683         { PCI_DEVICE_CLASS(PCI_CLASS_STORAGE_EXPRESS, 0xffffff) },
1684         { 0, }
1685 };
1686 MODULE_DEVICE_TABLE(pci, nvme_id_table);
1687
1688 static struct pci_driver nvme_driver = {
1689         .name           = "nvme",
1690         .id_table       = nvme_id_table,
1691         .probe          = nvme_probe,
1692         .remove         = __devexit_p(nvme_remove),
1693         .suspend        = nvme_suspend,
1694         .resume         = nvme_resume,
1695         .err_handler    = &nvme_err_handler,
1696 };
1697
1698 static int __init nvme_init(void)
1699 {
1700         int result = -EBUSY;
1701
1702         nvme_thread = kthread_run(nvme_kthread, NULL, "nvme");
1703         if (IS_ERR(nvme_thread))
1704                 return PTR_ERR(nvme_thread);
1705
1706         nvme_major = register_blkdev(nvme_major, "nvme");
1707         if (nvme_major <= 0)
1708                 goto kill_kthread;
1709
1710         result = pci_register_driver(&nvme_driver);
1711         if (result)
1712                 goto unregister_blkdev;
1713         return 0;
1714
1715  unregister_blkdev:
1716         unregister_blkdev(nvme_major, "nvme");
1717  kill_kthread:
1718         kthread_stop(nvme_thread);
1719         return result;
1720 }
1721
1722 static void __exit nvme_exit(void)
1723 {
1724         pci_unregister_driver(&nvme_driver);
1725         unregister_blkdev(nvme_major, "nvme");
1726         kthread_stop(nvme_thread);
1727 }
1728
1729 MODULE_AUTHOR("Matthew Wilcox <willy@linux.intel.com>");
1730 MODULE_LICENSE("GPL");
1731 MODULE_VERSION("0.5");
1732 module_init(nvme_init);
1733 module_exit(nvme_exit);
Port of xen3.3 xenlinux code to Ubuntu packaged SUSE kernel (3.2.10)