Age | Commit message (Collapse) | Author |
|
* Use ->data_phase to set ->handler in do_rw_taskfile() instead of
setting ->handler in callers of ide_raw_taskfile()/do_rw_taskfile().
* Unexport task_no_data_intr() and make it static.
There should be no functionality changes caused by this patch.
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Use task->data_phase in do_rw_taskfile() to decide what to do.
* task->prehandler is only used by TASKFILE[_MULTI]_OUT so just
use pre_task_out_intr() directly and remove no longer needed
'prehandler' field from ide_task_t.
* Remove no longer needed ide_pre_handler_t type.
There should be no functionality changes caused by this patch.
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Based on the earlier work by Tejun Heo.
task->data_phase == TASKFILE_MULTI_{IN,OUT} vs drive->mult_count == 0
check is needed also for ide_taskfile_ioctl() requests that don't have
IDE_TFLAG_FLAGGED taskfile flag set.
Cc: Tejun Heo <htejun@gmail.com>
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Fix __ide_do_rw_disk() to use ->OUTBSYNC instead of ->OUTB
(needed for pmac and scc_pata host drivers).
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Save PCI regs values for both IDE ports in one buffer, in order to eliminate
a needless and ugly loop across all hwifs, searching for our PCI device.
Partially based on the previous patch by Jeff Garzik.
Cc: Jeff Garzik <jeff@garzik.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Add IDE_TFLAG_IN_DATA taskfile flag to indicate the need of reading
IDE_DATA_REG in ide_end_drive_cmd().
Set the new flag in ide_taskfile_ioctl() if ->in_flags.b.data is set.
* Add IDE_TFLAG_FLAGGED_SET_IN_FLAGS taskfile flag to indicate the
need of modifying ->in_flags in ide_taskfile_ioctl().
Set the new flag in flagged_taskfile() and move the code modifying
->tf_in_flags to ide_taskfile_ioctl().
While at it remove the bogus comment: ->tf_in_flags (except .b.data)
have no effect on selection of registers to read.
* Remove no longer needed 'tf_in_flags' field from ide_task_t.
As the result we finally have the internals of HDIO_DRIVE_TASKFILE ioctl
separated from the core IDE code.
There should be no functionality changes caused by this patch.
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Add 'data_buf' and 'nsect' variables in ide_taskfile_ioctl()
to cache data buffer pointer and number of sectors to transfer
(this allows us to have only one ide_diag_taskfile() call).
* Add IDE_TFLAG_WRITE taskfile flag and use it to check whether
the REQ_RW request flag should be set.
* Move ->command_type handling from ide_diag_taskfile() to
ide_taskfile_ioctl() and use ->req_cmd instead of ->command_type.
* Add 'nsect' parameter to ide_raw_taskfile().
* Merge ide_diag_taskfile() into ide_raw_taskfile().
* Initialize ->data_phase explicitly in idedisk_prepare_flush(),
ide_start_power_step() and ide_disk_special().
* Remove no longer needed 'command_type' field from ide_task_t.
* Add #ifndef/#endif __KERNEL__ to <linux/hdreg.h> around no
longer used by kernel IDE_DRIVE_TASK_* and TASKFILE_* defines.
There should be no functionality changes caused by this patch.
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Given that:
* hpt366.c::hpt3xx_intrproc() is the only user of hwif->intrproc
* hpt366.c::hpt3xx_quirkproc() sets drive->quirk_list to 1 for quirky drives
which is a value unique to hpt366 host driver
we can remove hwif->intproc and just check for drive->quirk_list == 1
in ide_do_request().
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Add ide_pktcmd_tf_load() helper and convert ATAPI device drivers to use it.
There should be no functionality changes caused by this patch.
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Load IDE_BCOUNTL_REG before IDE_BCOUNTH_REG when issuing packet command.
It shouldn't affect anything (just a usual paranoia to separate changes
which change the way in which hardware is accessed from code cleanups).
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Load IDE_CONTROL_REG before other registers in cdrom_start_packet_command().
It shouldn't affect anything (just a usual paranoia to separate changes
which change the way in which hardware is accessed from code cleanups).
While at it move misplaced FIXME comment in the right place.
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Remove atapi_ireason_t.
While at it:
* replace 'HWIF(drive)' by 'drive->hwif' (or just 'hwif' where possible)
v2:
* v1 had CD and IO bits reversed in many places.
* Use CD and IO defines from <linux/hdreg.h>.
v3:
* Fix incorrect "(ireason & IO) == test_bit()". (Noticed by Sergei)
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Remove ata_nsector_t, ata_data_t (unused) and atapi_bcount_t.
While at it:
* replace 'HWIF(drive)' by 'hwif'
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Remove atapi_feature_t.
While at it:
* replace 'HWIF(drive)' by 'hwif'
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Remove atapi_error_t.
While at it:
* replace 'HWIF(drive)' by 'drive->hwif'
v2:
* Add {ILI,EOM,LFS}_ERR defines to <linux/hdreg.h>.
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Remove ata_status_t (unused) and atapi_status_t.
While at it:
* replace 'HWIF(drive)' by 'drive->hwif' (or just 'hwif' where possible)
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
special_t is used only internally by the IDE subsystem (it isn't
related to hardware registers and isn't exported to the user-space).
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Based on the earlier work by Tejun Heo.
All users are gone so we can finally remove it.
Cc: Tejun Heo <htejun@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Based on the earlier work by Tejun Heo.
There should be no functionality changes caused by this patch.
Cc: Tejun Heo <htejun@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Based on the earlier work by Tejun Heo.
There should be no functionality changes caused by this patch.
Cc: Tejun Heo <htejun@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Extend timeout for REQ_TYPE_ATA_{CMD,TASK} requests from WAIT_CMD (10sec)
to WAIT_WORSTCASE (30sec, already used for REQ_TYPE_ATA_TASKFILE).
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Set taskfile flags for REQ_TYPE_ATA_TASKFILE requests before
adding the request to the queue.
* Cleanup execute_drive_cmd().
* Remove unnecessary writes to HOB taskfile registers when using
LBA48 disk for the following cases:
- Power Management requests
(WIN_FLUSH_CACHE[_EXT], WIN_STANDBYNOW1, WIN_IDLEIMMEDIATE commands)
- special commands (WIN_SPECIFY, WIN_RESTORE, WIN_SETMULT)
- Host Protected Area support (WIN_READ_NATIVE_MAX, WIN_SET_MAX)
- /proc/ide/ SMART support (WIN_SMART with SMART_ENABLE,
SMART_READ_VALUES and SMART_READ_THRESHOLDS subcommands)
- write cache enabling/disabling in ide-disk
(WIN_SETFEATURES with SETFEATURES_{EN,DIS}_WCACHE)
- write cache flushing in ide-disk (WIN_FLUSH_CACHE[_EXT])
- acoustic management in ide-disk
(WIN_SETFEATURES with SETFEATURES_{EN,DIS}_AAM)
- door (un)locking in ide-disk (WIN_DOORLOCK, WIN_DOORUNLOCK)
- /proc/ide/hd?/identify support (WIN_IDENTIFY)
- ACPI _GTF taskfiles
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Use IDE_TFLAG_LBA48 for REQ_TYPE_ATA_TASKFILE requests in ide_end_drive_cmd()
to decide whether we need to read HOB taskfile registers.
* Update execute_drive_cmd() accordingly.
This is a preparation for the next patch which removes unnecessary writes to
HOB taskfile registers for some ATA commands.
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Add IDE_TFLAG_OUT_DEVICE taskfile flag to indicate the need of writing
the Device register and handle it in ide_tf_load().
Update ide_tf_load() and {do_rw,flagged}_taskfile() users accordingly.
* Use struct ide_taskfile and ide_tf_load() in execute_drive_cmd().
* Make the debugging code dump all taskfile registers for both
REQ_ATA_TYPE_{CMD,TASK} requests and move it to ide_tf_load()
so it also covers REQ_ATA_TYPE_TASKFILE requests.
There should be no functionality changes caused by this patch
(unless DEBUG is defined).
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Remove ide_cmd() helper.
* Clear nIEN and call SELECT_MASK() before writing taskfile registers.
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Rename 'args' variable in 'if (rq->cmd_type == REQ_TYPE_ATA_TASKFILE)'
block to 'task'.
* execute_drive_cmd() is used only for REQ_TYPE_ATA_{CMD,TASK,TASKFILE} so
we can move the common code out from 'if (rq->cmd_type == REQ_TYPE_ATA_CMD)'
and 'if (rq->cmd_type == REQ_TYPE_ATA_TASK)' blocks.
There should be no functionality changes caused by this patch.
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Move loading of IDE_NSECTOR_REG from ide_cmd() to execute_drive_cmd()
(load the IDE_NSECTOR_REG just after IDE_FEATURE_REG).
This also allows us to drop 'nsect' argument from ide_cmd() and simplify
execute_drive_cmd() code for REQ_TYPE_ATA_CMD case a bit.
It shouldn't affect anything (just a usual paranoia to separate changes
which change the way in which hardware is accessed from code cleanups).
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Fix registers loading order for REQ_TYPE_ATA_CMD request with WIN_SMART
command in execute_drive_cmd() (load IDE_FEATURE_REG and IDE_SECTOR_REG
before loading IDE_LCYL_REG and IDE_HCYL_REG).
It shouldn't affect anything (just a usual paranoia to separate changes
which change the way in which hardware is accessed from code cleanups).
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Remove stale ide.h "configuration options":
* INITIAL_MULT_COUNT - always defined to 0
* SUPPORT_SLOW_DATA_PORTS - unused
* OK_TO_RESET_CONTROLLER - always defined to 1
* DISABLE_IRQ_NOSYNC - always defined to 0
Leave SUPPORT_VLB_SYNC (defined to 0 for CRIS and FRV, otherwise to 1)
for now but disallow overriding it by <asm/ide.h>.
There should be no functionality changes caused by this patch.
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
We can safely remove CONFIG_IDEPCI_SHARE_IRQ and always support
PCI IRQ sharing.
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
IRQF_DISABLED is not needed because the first thing that ide_intr()
(IDE IRQ handler) does is calling spin_lock_irqsave() which disables
local IRQs (IRQ unmasking is later handled by drive->unmask).
kernel/irq/handle.c:
irqreturn_t handle_IRQ_event(unsigned int irq, struct irqaction *action)
...
if (!(action->flags & IRQF_DISABLED))
local_irq_enable_in_hardirq();
do {
ret = action->handler(irq, action->dev_id);
if (ret == IRQ_HANDLED)
status |= action->flags;
retval |= ret;
action = action->next;
} while (action);
...
drivers/ide/ide-io.c:
irqreturn_t ide_intr (int irq, void *dev_id)
...
spin_lock_irqsave(&ide_lock, flags);
...
spin_unlock(&ide_lock);
...
if (drive->unmask)
local_irq_enable_in_hardirq();
...
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* pmac_ide_init_hwif_ports() can be called by ide_init_hwif_ports()
(through ppc_ide_md.ide_init_hwif hook) for non IDE PMAC interfaces.
If this is the case the hw->io_ports[] should be already setup by
ide_init_hwif_ports()->ide_std_init_ports() so remove redundant code
from pmac_ide_init_hwif_ports().
As side-effect this change fixes ctl_addr == 0 special handling in
ide_init_hwif_ports().
* Fix misleading comment while at it.
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Based on the earlier work by Tejun Heo.
* Move setting IDE_TFLAG_LBA48 taskfile flag from do_rw_taskfile()
function to the callers.
* Add IDE_TFLAG_FLAGGED taskfile flag for flagged taskfiles coming
from ide_taskfile_ioctl(). Check it instead of ->tf_out_flags.all.
* Add IDE_TFLAG_OUT_DATA taskfile flag to indicate the need to load
IDE data register in ide_tf_load().
* Add IDE_TFLAG_OUT_* taskfile flags to indicate the need to load
particular IDE taskfile registers in ide_tf_load().
* Update do_rw_taskfile() and ide_tf_load() users to set respective
IDE_TFLAG_OUT_* taksfile flags.
* Add task_dma_ok() helper.
* Use IDE_TFLAG_FLAGGED taskfile flag to select HIHI mask in ide_tf_load().
* Use do_rw_taskfile() in flagged_taskfile().
* Remove no longer needed 'tf_out_flags' field from ide_task_t.
There should be no functionality changes caused by this patch.
Cc: Tejun Heo <htejun@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Add ide_no_data_taskfile() helper and convert ide_raw_taskfile() w/ NO DATA
protocol users to use it instead.
* Set ->data_phase explicitly in ide_no_data_taskfile()
(TASKFILE_NO_DATA is defined as 0x0000).
* Unexport task_no_data_intr().
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Based on the earlier work by Tejun Heo.
* Add 'tf_flags' field (for taskfile flags) to ide_task_t.
* Add IDE_TFLAG_LBA48 taskfile flag for LBA48 taskfiles.
* Add IDE_TFLAG_NO_SELECT_MASK taskfile flag for __ide_do_rw_disk()
which doesn't use SELECT_MASK() (looks like a bug but it requires
some more investigation).
* Split off ide_tf_load() helper from do_rw_taskfile().
* Convert __ide_do_rw_disk() to use ide_tf_load().
There should be no functionality changes caused by this patch.
Cc: Tejun Heo <htejun@gmail.com>
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Based on the earlier work by Tejun Heo.
There should be no functionality changes caused by this patch.
Cc: Tejun Heo <htejun@gmail.com>
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Load IDE_SECTOR_REG after IDE_FEATURE_REG and IDE_NSECTOR_REG when using CHS.
This patch is basically a preparation for the next one which converts
__ide_do_rw_disk() to use struct ide_taskfile.
It shouldn't affect anything (just a usual paranoia to separate changes
which change the way in which hardware is accessed from code cleanups).
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Merge idedisk_{read_native,set}_max_address_ext() into
idedisk_{read_native,set}_max_address().
v2:
* Remove LBA48 code leftover from idedisk_read_native_max_address()
('high' variable initialization). (Noticed by Sergei).
There should be no functionality changes caused by this patch.
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Don't set write-only ide_task_t.hobRegister[6] and ide_task_t.hobRegister[7]
in idedisk_set_max_address_ext().
* Add struct ide_taskfile and use it in ide_task_t instead of tfRegister[]
and hobRegister[].
* Remove no longer needed IDE_CONTROL_OFFSET_HOB define.
* Add #ifndef/#endif __KERNEL__ around definitions of {task,hob}_struct_t.
While at it:
* Use ATA_LBA define for LBA bit (0x40) as suggested by Tejun Heo.
v2:
* Add missing newlines. (Noticed by Sergei)
* Use ~ATA_LBA instead of 0xBF. (Noticed by Sergei)
* Use unnamed unions for error/feature and status/command.
(Suggested by Sergei).
There should be no functionality changes caused by this patch.
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Cc: Tejun Heo <htejun@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Remove task_ioreg_t typedef from the kernel code (but leave it
in <linux/hdreg.h> for #ifndef/#endif __KERNEL__ case).
While at it also move sata_ioreg_t typedef under #ifndef/#endif __KERNEL__.
v2:
Remove name of the second parameter from ide_execute_command() declaration.
(Noticed by Sergei).
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
* Convert cmd64x, hpt366 and pdc202xx_old host drivers to use
pci_resource_start(hwif->pci_dev, 4) instead of hwif->dma_master.
* Remove no longer needed ->dma_master field from ide_hwif_t.
v2:
* Use the more readable 'hwif->dma_base - (hwif->channel * 8)' instead of
pci_resource_start(hwif->pci_dev, 4).
v3:
* Use hwif->extra_base in hpt366/pdc20xx_old + some cosmetic fixups over v2
(suggested by Sergei).
v4:
* Correct offsets in hpt3xxn_set_clock().
v5:
* Use hwif->extra_base in hpt366 for _real_ this time. (Noticed by Sergei)
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Cc: Jeff Garzik <jeff@garzik.org>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Group the array of pointers to the timing tables with the timing register masks
which allows us to merge HPT36x/HPT37x set_dma_mode() methods into one.
Signed-off-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
There's no reason to keep the set_dma_mode() method wrapper for two different
chip families, so get rid of it...
Signed-off-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Since PIO autotuning is now done always, there's no need anymore to program
the taskfile timings also on DMA modes, so change the IDE timing register
masks accordingly, "inverting the polarity" of the masks while at it...
Signed-off-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|
|
Currently it's possible to ide-cd to set an incorrect blocksize by
reading garbage if the drive is dead:
ide_cd_probe()
-> cdrom_read_toc()
-> cdrom_read_capacity()
-> cdrom_queue_packet_command()
-> ide_do_drive_cmd()
-> ide_do_request()
-> start_request()
on start_request():
/* bail early if we've exceeded max_failures */
if (drive->max_failures && (drive->failures > drive->max_failures)) {
goto kill_rq;
}
(...)
kill_rq:
ide_kill_rq(drive, rq);
return ide_stopped;
ide_kill_rq() and the next calls won't set REQ_FAILED on rq->cmd_flags and thus
cdrom_queue_packet_command() won't return an error. then:
stat = cdrom_queue_packet_command(drive, &req);
if (stat == 0) {
*capacity = 1 + be32_to_cpu(capbuf.lba);
*sectors_per_frame =
be32_to_cpu(capbuf.blocklen) >> SECTOR_BITS;
}
cdrom_read_capacity() ends believing capbuf is valid but in fact it's just
uninitialized data. back to cdrom_read_toc():
/* Try to get the total cdrom capacity and sector size. */
stat = cdrom_read_capacity(drive, &toc->capacity, §ors_per_frame,
sense);
if (stat)
toc->capacity = 0x1fffff;
set_capacity(info->disk, toc->capacity * sectors_per_frame);
/* Save a private copy of te TOC capacity for error handling */
drive->probed_capacity = toc->capacity * sectors_per_frame;
blk_queue_hardsect_size(drive->queue,
sectors_per_frame << SECTOR_BITS);
that will set drive->queue->hardsect_size to be the random value.
hardsect_size is used to calculate inode->i_blkbits. later on, on a read
path:
void create_empty_buffers(struct page *page,
unsigned long blocksize, unsigned long b_state)
{
struct buffer_head *bh, *head, *tail;
head = alloc_page_buffers(page, blocksize, 1);
bh = head;
do {
bh->b_state |= b_state;
tail = bh;
bh = bh->b_this_page;
} while (bh);
tail->b_this_page = head;
alloc_page_buffers() will return NULL if blocksize > 4096. blocksize is
calculed based on inode->i_blkbits. that will trigger a null
dereference on create_empty_buffers().
Signed-off-by: Aristeu Rozanski <arozansk@redhat.com>
Cc: Borislav Petkov <bbpetkov@yahoo.de>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
|