Change the kernel dev_t, representing a pointer to a specinfo structure,
[dragonfly.git] / sys / bus / cam / scsi / scsi_cd.c
1 /*
2  * Copyright (c) 1997 Justin T. Gibbs.
3  * Copyright (c) 1997, 1998, 1999, 2000, 2001, 2003, 2003 Kenneth D. Merry.
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions, and the following disclaimer,
11  *    without modification, immediately at the beginning of the file.
12  * 2. The name of the author may not be used to endorse or promote products
13  *    derived from this software without specific prior written permission.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR
19  * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25  * SUCH DAMAGE.
26  *
27  * $FreeBSD: src/sys/cam/scsi/scsi_cd.c,v 1.31.2.16 2003/10/21 22:26:11 thomas Exp $
28  * $DragonFly: src/sys/bus/cam/scsi/scsi_cd.c,v 1.25 2006/09/10 01:26:32 dillon Exp $
29  */
30 /*
31  * Portions of this driver taken from the original FreeBSD cd driver.
32  * Written by Julian Elischer (julian@tfs.com)
33  * for TRW Financial Systems for use under the MACH(2.5) operating system.
34  *
35  * TRW Financial Systems, in accordance with their agreement with Carnegie
36  * Mellon University, makes this software available to CMU to distribute
37  * or use in any manner that they see fit as long as this message is kept with
38  * the software. For this reason TFS also grants any other persons or
39  * organisations permission to use or modify this software.
40  *
41  * TFS supplies this software to be publicly redistributed
42  * on the understanding that TFS is not responsible for the correct
43  * functioning of this software in any circumstances.
44  *
45  * Ported to run under 386BSD by Julian Elischer (julian@tfs.com) Sept 1992
46  *
47  *      from: cd.c,v 1.83 1997/05/04 15:24:22 joerg Exp $
48  */
49
50 #include "opt_cd.h"
51
52 #include <sys/param.h>
53 #include <sys/bootmaj.h>
54 #include <sys/systm.h>
55 #include <sys/kernel.h>
56 #include <sys/buf.h>
57 #include <sys/conf.h>
58 #include <sys/disk.h>
59 #include <sys/malloc.h>
60 #include <sys/cdio.h>
61 #include <sys/cdrio.h>
62 #include <sys/dvdio.h>
63 #include <sys/devicestat.h>
64 #include <sys/sysctl.h>
65 #include <sys/taskqueue.h>
66 #include <sys/proc.h>
67 #include <sys/buf2.h>
68 #include <sys/thread2.h>
69
70 #include "../cam.h"
71 #include "../cam_ccb.h"
72 #include "../cam_extend.h"
73 #include "../cam_periph.h"
74 #include "../cam_xpt_periph.h"
75 #include "../cam_queue.h"
76
77 #include "scsi_message.h"
78 #include "scsi_da.h"
79 #include "scsi_cd.h"
80
81 #define LEADOUT         0xaa            /* leadout toc entry */
82
83 struct cd_params {
84         u_int32_t blksize;
85         u_long    disksize;
86 };
87
88 typedef enum {
89         CD_Q_NONE               = 0x00,
90         CD_Q_NO_TOUCH           = 0x01,
91         CD_Q_BCD_TRACKS         = 0x02,
92         CD_Q_NO_CHANGER         = 0x04,
93         CD_Q_CHANGER            = 0x08,
94         CD_Q_10_BYTE_ONLY       = 0x10
95 } cd_quirks;
96
97 typedef enum {
98         CD_FLAG_INVALID         = 0x0001,
99         CD_FLAG_NEW_DISC        = 0x0002,
100         CD_FLAG_DISC_LOCKED     = 0x0004,
101         CD_FLAG_DISC_REMOVABLE  = 0x0008,
102         CD_FLAG_TAGGED_QUEUING  = 0x0010,
103         CD_FLAG_CHANGER         = 0x0040,
104         CD_FLAG_ACTIVE          = 0x0080,
105         CD_FLAG_SCHED_ON_COMP   = 0x0100,
106         CD_FLAG_RETRY_UA        = 0x0200,
107         CD_FLAG_VALID_MEDIA     = 0x0400,
108         CD_FLAG_VALID_TOC       = 0x0800,
109         CD_FLAG_OPEN            = 0x1000,
110         CD_FLAG_SCTX_INIT       = 0x2000
111 } cd_flags;
112
113 typedef enum {
114         CD_CCB_PROBE            = 0x01,
115         CD_CCB_BUFFER_IO        = 0x02,
116         CD_CCB_WAITING          = 0x03,
117         CD_CCB_TYPE_MASK        = 0x0F,
118         CD_CCB_RETRY_UA         = 0x10
119 } cd_ccb_state;
120
121 typedef enum {
122         CHANGER_TIMEOUT_SCHED           = 0x01,
123         CHANGER_SHORT_TMOUT_SCHED       = 0x02,
124         CHANGER_MANUAL_CALL             = 0x04,
125         CHANGER_NEED_TIMEOUT            = 0x08
126 } cd_changer_flags;
127
128 #define ccb_state ppriv_field0
129 #define ccb_bio ppriv_ptr1
130
131 struct cd_tocdata {
132         struct ioc_toc_header header;
133         struct cd_toc_entry entries[100];
134 };
135
136 struct cd_toc_single {
137         struct ioc_toc_header header;
138         struct cd_toc_entry entry;
139 };
140
141 typedef enum {
142         CD_STATE_PROBE,
143         CD_STATE_NORMAL
144 } cd_state;
145
146 struct cd_softc {
147         cam_pinfo               pinfo;
148         cd_state                state;
149         volatile cd_flags       flags;
150         struct bio_queue_head   bio_queue;
151         LIST_HEAD(, ccb_hdr)    pending_ccbs;
152         struct cd_params        params;
153         struct disk             disk;
154         union ccb               saved_ccb;
155         cd_quirks               quirks;
156         struct devstat          device_stats;
157         STAILQ_ENTRY(cd_softc)  changer_links;
158         struct cdchanger        *changer;
159         int                     bufs_left;
160         struct cam_periph       *periph;
161         int                     minimum_command_size;
162         struct task             sysctl_task;
163         struct sysctl_ctx_list  sysctl_ctx;
164         struct sysctl_oid       *sysctl_tree;
165         STAILQ_HEAD(, cd_mode_params)   mode_queue;
166         struct cd_tocdata       toc;
167 };
168
169 struct cd_page_sizes {
170         int page;
171         int page_size;
172 };
173
174 static struct cd_page_sizes cd_page_size_table[] =
175 {
176         { AUDIO_PAGE, sizeof(struct cd_audio_page)}
177 };
178
179 struct cd_quirk_entry {
180         struct scsi_inquiry_pattern inq_pat;
181         cd_quirks quirks;
182 };
183
184 /*
185  * The changer quirk entries aren't strictly necessary.  Basically, what
186  * they do is tell cdregister() up front that a device is a changer.
187  * Otherwise, it will figure that fact out once it sees a LUN on the device
188  * that is greater than 0.  If it is known up front that a device is a changer,
189  * all I/O to the device will go through the changer scheduling routines, as
190  * opposed to the "normal" CD code.
191  *
192  * NOTE ON 10_BYTE_ONLY quirks:  Any 10_BYTE_ONLY quirks MUST be because
193  * your device hangs when it gets a 10 byte command.  Adding a quirk just
194  * to get rid of the informative diagnostic message is not acceptable.  All
195  * 10_BYTE_ONLY quirks must be documented in full in a PR (which should be
196  * referenced in a comment along with the quirk) , and must be approved by
197  * ken@FreeBSD.org.  Any quirks added that don't adhere to this policy may
198  * be removed until the submitter can explain why they are needed.
199  * 10_BYTE_ONLY quirks will be removed (as they will no longer be necessary)
200  * when the CAM_NEW_TRAN_CODE work is done.
201  */
202 static struct cd_quirk_entry cd_quirk_table[] =
203 {
204         {
205                 { T_CDROM, SIP_MEDIA_REMOVABLE, "NRC", "MBR-7", "*"},
206                  /*quirks*/ CD_Q_CHANGER
207         },
208         {
209                 { T_CDROM, SIP_MEDIA_REMOVABLE, "PIONEER", "CD-ROM DRM*",
210                   "*"}, /* quirks */ CD_Q_CHANGER
211         },
212         {
213                 { T_CDROM, SIP_MEDIA_REMOVABLE, "NAKAMICH", "MJ-*", "*"},
214                  /* quirks */ CD_Q_CHANGER
215         },
216         {
217                 { T_CDROM, SIP_MEDIA_REMOVABLE, "CHINON", "CD-ROM CDS-535","*"},
218                 /* quirks */ CD_Q_BCD_TRACKS
219         }
220 };
221
222 static  d_open_t        cdopen;
223 static  d_close_t       cdclose;
224 static  d_ioctl_t       cdioctl;
225 static  d_strategy_t    cdstrategy;
226
227 static  periph_init_t   cdinit;
228 static  periph_ctor_t   cdregister;
229 static  periph_dtor_t   cdcleanup;
230 static  periph_start_t  cdstart;
231 static  periph_oninv_t  cdoninvalidate;
232 static  void            cdasync(void *callback_arg, u_int32_t code,
233                                 struct cam_path *path, void *arg);
234 static  int             cdcmdsizesysctl(SYSCTL_HANDLER_ARGS);
235 static  void            cdshorttimeout(void *arg);
236 static  void            cdschedule(struct cam_periph *periph, int priority);
237 static  void            cdrunchangerqueue(void *arg);
238 static  void            cdchangerschedule(struct cd_softc *softc);
239 static  int             cdrunccb(union ccb *ccb,
240                                  int (*error_routine)(union ccb *ccb,
241                                                       u_int32_t cam_flags,
242                                                       u_int32_t sense_flags),
243                                  u_int32_t cam_flags, u_int32_t sense_flags);
244 static union    ccb     *cdgetccb(struct cam_periph *periph,
245                                   u_int32_t priority);
246 static  void            cddone(struct cam_periph *periph,
247                                union ccb *start_ccb);
248 static  int             cderror(union ccb *ccb, u_int32_t cam_flags,
249                                 u_int32_t sense_flags);
250 static  union cd_pages  *cdgetpage(struct cd_mode_params *mode_params);
251 static  int             cdgetpagesize(int page_num);
252 static  void            cdprevent(struct cam_periph *periph, int action);
253 static  int             cdcheckmedia(struct cam_periph *periph);
254 static  int             cdsize(struct cam_periph *periph, u_int32_t *size);
255 static  int             cd6byteworkaround(union ccb *ccb);
256 static  int             cdreadtoc(struct cam_periph *periph, u_int32_t mode, 
257                                   u_int32_t start, u_int8_t *data, 
258                                   u_int32_t len, u_int32_t sense_flags);
259 static  int             cdgetmode(struct cam_periph *periph, 
260                                   struct cd_mode_params *data, u_int32_t page);
261 static  int             cdsetmode(struct cam_periph *periph,
262                                   struct cd_mode_params *data);
263 static  int             cdplay(struct cam_periph *periph, u_int32_t blk, 
264                                u_int32_t len);
265 static  int             cdreadsubchannel(struct cam_periph *periph, 
266                                          u_int32_t mode, u_int32_t format, 
267                                          int track, 
268                                          struct cd_sub_channel_info *data, 
269                                          u_int32_t len);
270 static  int             cdplaymsf(struct cam_periph *periph, u_int32_t startm, 
271                                   u_int32_t starts, u_int32_t startf, 
272                                   u_int32_t endm, u_int32_t ends, 
273                                   u_int32_t endf);
274 static  int             cdplaytracks(struct cam_periph *periph, 
275                                      u_int32_t strack, u_int32_t sindex,
276                                      u_int32_t etrack, u_int32_t eindex);
277 static  int             cdpause(struct cam_periph *periph, u_int32_t go);
278 static  int             cdstopunit(struct cam_periph *periph, u_int32_t eject);
279 static  int             cdstartunit(struct cam_periph *periph, int load);
280 static  int             cdsetspeed(struct cam_periph *periph,
281                                    u_int32_t rdspeed, u_int32_t wrspeed);
282 static  int             cdreportkey(struct cam_periph *periph,
283                                     struct dvd_authinfo *authinfo);
284 static  int             cdsendkey(struct cam_periph *periph,
285                                   struct dvd_authinfo *authinfo);
286 static  int             cdreaddvdstructure(struct cam_periph *periph,
287                                            struct dvd_struct *dvdstruct);
288
289 static struct periph_driver cddriver =
290 {
291         cdinit, "cd",
292         TAILQ_HEAD_INITIALIZER(cddriver.units), /* generation */ 0
293 };
294
295 DATA_SET(periphdriver_set, cddriver);
296
297 /* For 2.2-stable support */
298 #ifndef D_DISK
299 #define D_DISK 0
300 #endif
301 static struct dev_ops cd_ops = {
302         { "cd", SCSICD_CDEV_MAJOR, D_DISK },
303         .d_open = cdopen,
304         .d_close = cdclose,
305         .d_read = physread,
306         .d_write = physwrite,
307         .d_ioctl = cdioctl,
308         .d_strategy = cdstrategy
309 };
310
311 static struct extend_array *cdperiphs;
312 static int num_changers;
313
314 #ifndef CHANGER_MIN_BUSY_SECONDS
315 #define CHANGER_MIN_BUSY_SECONDS        5
316 #endif
317 #ifndef CHANGER_MAX_BUSY_SECONDS
318 #define CHANGER_MAX_BUSY_SECONDS        15
319 #endif
320
321 static int changer_min_busy_seconds = CHANGER_MIN_BUSY_SECONDS;
322 static int changer_max_busy_seconds = CHANGER_MAX_BUSY_SECONDS;
323
324 /*
325  * XXX KDM this CAM node should be moved if we ever get more CAM sysctl
326  * variables.
327  */
328 SYSCTL_NODE(_kern_cam, OID_AUTO, cd, CTLFLAG_RD, 0, "CAM CDROM driver");
329 SYSCTL_NODE(_kern_cam_cd, OID_AUTO, changer, CTLFLAG_RD, 0, "CD Changer");
330 SYSCTL_INT(_kern_cam_cd_changer, OID_AUTO, min_busy_seconds, CTLFLAG_RW,
331            &changer_min_busy_seconds, 0, "Minimum changer scheduling quantum");
332 TUNABLE_INT("kern.cam.cd.changer.min_busy_seconds", &changer_min_busy_seconds);
333 SYSCTL_INT(_kern_cam_cd_changer, OID_AUTO, max_busy_seconds, CTLFLAG_RW,
334            &changer_max_busy_seconds, 0, "Maximum changer scheduling quantum");
335 TUNABLE_INT("kern.cam.cd.changer.max_busy_seconds", &changer_max_busy_seconds);
336
337 struct cdchanger {
338         path_id_t                        path_id;
339         target_id_t                      target_id;
340         int                              num_devices;
341         struct camq                      devq;
342         struct timeval                   start_time;
343         struct cd_softc                  *cur_device;
344         struct callout                   short_handle;
345         struct callout                   long_handle;
346         volatile cd_changer_flags        flags;
347         STAILQ_ENTRY(cdchanger)          changer_links;
348         STAILQ_HEAD(chdevlist, cd_softc) chluns;
349 };
350
351 static STAILQ_HEAD(changerlist, cdchanger) changerq;
352
353 void
354 cdinit(void)
355 {
356         cam_status status;
357         struct cam_path *path;
358
359         /*
360          * Create our extend array for storing the devices we attach to.
361          */
362         cdperiphs = cam_extend_new();
363         if (cdperiphs == NULL) {
364                 printf("cd: Failed to alloc extend array!\n");
365                 return;
366         }
367
368         /*
369          * Install a global async callback.  This callback will
370          * receive async callbacks like "new device found".
371          */
372         status = xpt_create_path(&path, /*periph*/NULL, CAM_XPT_PATH_ID,
373                                  CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD);
374
375         if (status == CAM_REQ_CMP) {
376                 struct ccb_setasync csa;
377
378                 xpt_setup_ccb(&csa.ccb_h, path, /*priority*/5);
379                 csa.ccb_h.func_code = XPT_SASYNC_CB;
380                 csa.event_enable = AC_FOUND_DEVICE;
381                 csa.callback = cdasync;
382                 csa.callback_arg = NULL;
383                 xpt_action((union ccb *)&csa);
384                 status = csa.ccb_h.status;
385                 xpt_free_path(path);
386         }
387
388         if (status != CAM_REQ_CMP) {
389                 printf("cd: Failed to attach master async callback "
390                        "due to status 0x%x!\n", status);
391         }
392 }
393
394 static void
395 cdoninvalidate(struct cam_periph *periph)
396 {
397         struct cd_softc *softc;
398         struct buf *q_bp;
399         struct bio *q_bio;
400         struct ccb_setasync csa;
401
402         softc = (struct cd_softc *)periph->softc;
403
404         /*
405          * De-register any async callbacks.
406          */
407         xpt_setup_ccb(&csa.ccb_h, periph->path,
408                       /* priority */ 5);
409         csa.ccb_h.func_code = XPT_SASYNC_CB;
410         csa.event_enable = 0;
411         csa.callback = cdasync;
412         csa.callback_arg = periph;
413         xpt_action((union ccb *)&csa);
414
415         softc->flags |= CD_FLAG_INVALID;
416
417         /*
418          * Although the oninvalidate() routines are always while in a
419          * critical section, we need to be in a critical section here to
420          * keep the buffer queue from being modified while we traverse it.
421          */
422         crit_enter();
423
424         /*
425          * Return all queued I/O with ENXIO.
426          * XXX Handle any transactions queued to the card
427          *     with XPT_ABORT_CCB.
428          */
429         while ((q_bio = bioq_first(&softc->bio_queue)) != NULL){
430                 bioq_remove(&softc->bio_queue, q_bio);
431                 q_bp = q_bio->bio_buf;
432                 q_bp->b_resid = q_bp->b_bcount;
433                 q_bp->b_error = ENXIO;
434                 q_bp->b_flags |= B_ERROR;
435                 biodone(q_bio);
436         }
437         crit_exit();
438
439         /*
440          * If this device is part of a changer, and it was scheduled
441          * to run, remove it from the run queue since we just nuked
442          * all of its scheduled I/O.
443          */
444         if ((softc->flags & CD_FLAG_CHANGER)
445          && (softc->pinfo.index != CAM_UNQUEUED_INDEX))
446                 camq_remove(&softc->changer->devq, softc->pinfo.index);
447
448         xpt_print_path(periph->path);
449         printf("lost device\n");
450 }
451
452 static void
453 cdcleanup(struct cam_periph *periph)
454 {
455         struct cd_softc *softc;
456
457         softc = (struct cd_softc *)periph->softc;
458
459         xpt_print_path(periph->path);
460         printf("removing device entry\n");
461
462         if ((softc->flags & CD_FLAG_SCTX_INIT) != 0
463             && sysctl_ctx_free(&softc->sysctl_ctx) != 0) {
464                 xpt_print_path(periph->path);
465                 printf("can't remove sysctl context\n");
466         }
467
468         crit_enter();
469         /*
470          * In the queued, non-active case, the device in question
471          * has already been removed from the changer run queue.  Since this
472          * device is active, we need to de-activate it, and schedule
473          * another device to run.  (if there is another one to run)
474          */
475         if ((softc->flags & CD_FLAG_CHANGER)
476          && (softc->flags & CD_FLAG_ACTIVE)) {
477
478                 /*
479                  * The purpose of the short timeout is soley to determine
480                  * whether the current device has finished or not.  Well,
481                  * since we're removing the active device, we know that it
482                  * is finished.  So, get rid of the short timeout.
483                  * Otherwise, if we're in the time period before the short
484                  * timeout fires, and there are no other devices in the
485                  * queue to run, there won't be any other device put in the
486                  * active slot.  i.e., when we call cdrunchangerqueue()
487                  * below, it won't do anything.  Then, when the short
488                  * timeout fires, it'll look at the "current device", which
489                  * we are free below, and possibly panic the kernel on a
490                  * bogus pointer reference.
491                  *
492                  * The long timeout doesn't really matter, since we
493                  * decrement the qfrozen_cnt to indicate that there is
494                  * nothing in the active slot now.  Therefore, there won't
495                  * be any bogus pointer references there.
496                  */
497                 if (softc->changer->flags & CHANGER_SHORT_TMOUT_SCHED) {
498                         callout_stop(&softc->changer->short_handle);
499                         softc->changer->flags &= ~CHANGER_SHORT_TMOUT_SCHED;
500                 }
501                 softc->changer->devq.qfrozen_cnt--;
502                 softc->changer->flags |= CHANGER_MANUAL_CALL;
503                 cdrunchangerqueue(softc->changer);
504         }
505
506         /*
507          * If we're removing the last device on the changer, go ahead and
508          * remove the changer device structure.
509          */
510         if ((softc->flags & CD_FLAG_CHANGER)
511          && (--softc->changer->num_devices == 0)) {
512
513                 /*
514                  * Theoretically, there shouldn't be any timeouts left, but
515                  * I'm not completely sure that that will be the case.  So,
516                  * it won't hurt to check and see if there are any left.
517                  */
518                 if (softc->changer->flags & CHANGER_TIMEOUT_SCHED) {
519                         callout_stop(&softc->changer->long_handle);
520                         softc->changer->flags &= ~CHANGER_TIMEOUT_SCHED;
521                 }
522
523                 if (softc->changer->flags & CHANGER_SHORT_TMOUT_SCHED) {
524                         callout_stop(&softc->changer->short_handle);
525                         softc->changer->flags &= ~CHANGER_SHORT_TMOUT_SCHED;
526                 }
527
528                 STAILQ_REMOVE(&changerq, softc->changer, cdchanger,
529                               changer_links);
530                 xpt_print_path(periph->path);
531                 printf("removing changer entry\n");
532                 kfree(softc->changer, M_DEVBUF);
533                 num_changers--;
534         }
535         devstat_remove_entry(&softc->device_stats);
536         cam_extend_release(cdperiphs, periph->unit_number);
537         if (softc->disk.d_rawdev) {
538                 disk_destroy(&softc->disk);
539         }
540         kfree(softc, M_DEVBUF);
541         crit_exit();
542 }
543
544 static void
545 cdasync(void *callback_arg, u_int32_t code,
546         struct cam_path *path, void *arg)
547 {
548         struct cam_periph *periph;
549
550         periph = (struct cam_periph *)callback_arg;
551         switch (code) {
552         case AC_FOUND_DEVICE:
553         {
554                 struct ccb_getdev *cgd;
555                 cam_status status;
556
557                 cgd = (struct ccb_getdev *)arg;
558
559                 if (SID_TYPE(&cgd->inq_data) != T_CDROM
560                     && SID_TYPE(&cgd->inq_data) != T_WORM)
561                         break;
562
563                 /*
564                  * Allocate a peripheral instance for
565                  * this device and start the probe
566                  * process.
567                  */
568                 status = cam_periph_alloc(cdregister, cdoninvalidate,
569                                           cdcleanup, cdstart,
570                                           "cd", CAM_PERIPH_BIO,
571                                           cgd->ccb_h.path, cdasync,
572                                           AC_FOUND_DEVICE, cgd);
573
574                 if (status != CAM_REQ_CMP
575                  && status != CAM_REQ_INPROG)
576                         printf("cdasync: Unable to attach new device "
577                                "due to status 0x%x\n", status);
578
579                 break;
580         }
581         case AC_SENT_BDR:
582         case AC_BUS_RESET:
583         {
584                 struct cd_softc *softc;
585                 struct ccb_hdr *ccbh;
586
587                 softc = (struct cd_softc *)periph->softc;
588                 crit_enter();
589                 /*
590                  * Don't fail on the expected unit attention
591                  * that will occur.
592                  */
593                 softc->flags |= CD_FLAG_RETRY_UA;
594                 for (ccbh = LIST_FIRST(&softc->pending_ccbs);
595                      ccbh != NULL; ccbh = LIST_NEXT(ccbh, periph_links.le))
596                         ccbh->ccb_state |= CD_CCB_RETRY_UA;
597                 crit_exit();
598                 /* FALLTHROUGH */
599         }
600         default:
601                 cam_periph_async(periph, code, path, arg);
602                 break;
603         }
604 }
605
606 static void
607 cdsysctlinit(void *context, int pending)
608 {
609         struct cam_periph *periph;
610         struct cd_softc *softc;
611         char tmpstr[80], tmpstr2[80];
612
613         periph = (struct cam_periph *)context;
614         softc = (struct cd_softc *)periph->softc;
615
616         snprintf(tmpstr, sizeof(tmpstr), "CAM CD unit %d", periph->unit_number);
617         snprintf(tmpstr2, sizeof(tmpstr2), "%d", periph->unit_number);
618
619         sysctl_ctx_init(&softc->sysctl_ctx);
620         softc->flags |= CD_FLAG_SCTX_INIT;
621         softc->sysctl_tree = SYSCTL_ADD_NODE(&softc->sysctl_ctx,
622         SYSCTL_STATIC_CHILDREN(_kern_cam_cd), OID_AUTO,
623         tmpstr2, CTLFLAG_RD, 0, tmpstr);
624
625         if (softc->sysctl_tree == NULL) {
626                 printf("cdsysctlinit: unable to allocate sysctl tree\n");
627                 return;
628         }
629
630         /*
631          * Now register the sysctl handler, so the user can the value on
632          * the fly.
633          */
634         SYSCTL_ADD_PROC(&softc->sysctl_ctx,SYSCTL_CHILDREN(softc->sysctl_tree),
635                         OID_AUTO, "minimum_cmd_size", CTLTYPE_INT | CTLFLAG_RW,
636                         &softc->minimum_command_size, 0, cdcmdsizesysctl, "I",
637                         "Minimum CDB size");
638 }
639
640 /*
641  * We have a handler function for this so we can check the values when the
642  * user sets them, instead of every time we look at them.
643  */
644 static int
645 cdcmdsizesysctl(SYSCTL_HANDLER_ARGS)
646 {
647         int error, value;
648
649         value = *(int *)arg1;
650
651         error = sysctl_handle_int(oidp, &value, 0, req);
652
653         if ((error != 0) || (req->newptr == NULL))
654                 return (error);
655
656         /*
657          * The only real values we can have here are 6 or 10.  I don't
658          * really forsee having 12 be an option at any time in the future.
659          * So if the user sets something less than or equal to 6, we'll set
660          * it to 6.  If he sets something greater than 6, we'll set it to 10.
661          *
662          * I suppose we could just return an error here for the wrong values,
663          * but I don't think it's necessary to do so, as long as we can
664          * determine the user's intent without too much trouble.
665          */
666         if (value < 6)
667                 value = 6;
668         else if (value > 6)
669                 value = 10;
670
671         *(int *)arg1 = value;
672
673         return (0);
674 }
675
676
677 static cam_status
678 cdregister(struct cam_periph *periph, void *arg)
679 {
680         struct cd_softc *softc;
681         struct ccb_setasync csa;
682         struct ccb_pathinq cpi;
683         struct ccb_getdev *cgd;
684         char tmpstr[80];
685         caddr_t match;
686
687         cgd = (struct ccb_getdev *)arg;
688         if (periph == NULL) {
689                 printf("cdregister: periph was NULL!!\n");
690                 return(CAM_REQ_CMP_ERR);
691         }
692         if (cgd == NULL) {
693                 printf("cdregister: no getdev CCB, can't register device\n");
694                 return(CAM_REQ_CMP_ERR);
695         }
696
697         softc = kmalloc(sizeof(*softc), M_DEVBUF, M_INTWAIT | M_ZERO);
698         LIST_INIT(&softc->pending_ccbs);
699         STAILQ_INIT(&softc->mode_queue);
700         softc->state = CD_STATE_PROBE;
701         bioq_init(&softc->bio_queue);
702         if (SID_IS_REMOVABLE(&cgd->inq_data))
703                 softc->flags |= CD_FLAG_DISC_REMOVABLE;
704         if ((cgd->inq_data.flags & SID_CmdQue) != 0)
705                 softc->flags |= CD_FLAG_TAGGED_QUEUING;
706
707         periph->softc = softc;
708         softc->periph = periph;
709
710         cam_extend_set(cdperiphs, periph->unit_number, periph);
711
712         /*
713          * See if this device has any quirks.
714          */
715         match = cam_quirkmatch((caddr_t)&cgd->inq_data,
716                                (caddr_t)cd_quirk_table,
717                                sizeof(cd_quirk_table)/sizeof(*cd_quirk_table),
718                                sizeof(*cd_quirk_table), scsi_inquiry_match);
719
720         if (match != NULL)
721                 softc->quirks = ((struct cd_quirk_entry *)match)->quirks;
722         else
723                 softc->quirks = CD_Q_NONE;
724
725         /* Check if the SIM does not want 6 byte commands */
726         xpt_setup_ccb(&cpi.ccb_h, periph->path, /*priority*/1);
727         cpi.ccb_h.func_code = XPT_PATH_INQ;
728         xpt_action((union ccb *)&cpi);
729         if (cpi.ccb_h.status == CAM_REQ_CMP && (cpi.hba_misc & PIM_NO_6_BYTE))
730                 softc->quirks |= CD_Q_10_BYTE_ONLY;
731
732         TASK_INIT(&softc->sysctl_task, 0, cdsysctlinit, periph);
733
734         /* The default is 6 byte commands, unless quirked otherwise */
735         if (softc->quirks & CD_Q_10_BYTE_ONLY)
736                 softc->minimum_command_size = 10;
737         else
738                 softc->minimum_command_size = 6;
739
740         /*
741          * Load the user's default, if any.
742          */
743         snprintf(tmpstr, sizeof(tmpstr), "kern.cam.cd.%d.minimum_cmd_size",
744                 periph->unit_number);
745         TUNABLE_INT_FETCH(tmpstr, &softc->minimum_command_size);
746
747         /* 6 and 10 are the only permissible values here. */
748         if (softc->minimum_command_size < 6)
749                 softc->minimum_command_size = 6;
750         else if (softc->minimum_command_size > 6)
751                 softc->minimum_command_size = 10;
752
753         /*
754          * We need to register the statistics structure for this device,
755          * but we don't have the blocksize yet for it.  So, we register
756          * the structure and indicate that we don't have the blocksize
757          * yet.  Unlike other SCSI peripheral drivers, we explicitly set
758          * the device type here to be CDROM, rather than just ORing in
759          * the device type.  This is because this driver can attach to either
760          * CDROM or WORM devices, and we want this peripheral driver to
761          * show up in the devstat list as a CD peripheral driver, not a
762          * WORM peripheral driver.  WORM drives will also have the WORM
763          * driver attached to them.
764          */
765         devstat_add_entry(&softc->device_stats, "cd", 
766                           periph->unit_number, 0,
767                           DEVSTAT_BS_UNAVAILABLE,
768                           DEVSTAT_TYPE_CDROM | DEVSTAT_TYPE_IF_SCSI,
769                           DEVSTAT_PRIORITY_CD);
770         disk_create(periph->unit_number, &softc->disk,
771                     DSO_ONESLICE | DSO_COMPATLABEL, &cd_ops);
772
773         /*
774          * Add an async callback so that we get
775          * notified if this device goes away.
776          */
777         xpt_setup_ccb(&csa.ccb_h, periph->path,
778                       /* priority */ 5);
779         csa.ccb_h.func_code = XPT_SASYNC_CB;
780         csa.event_enable = AC_SENT_BDR | AC_BUS_RESET | AC_LOST_DEVICE;
781         csa.callback = cdasync;
782         csa.callback_arg = periph;
783         xpt_action((union ccb *)&csa);
784
785         /*
786          * If the target lun is greater than 0, we most likely have a CD
787          * changer device.  Check the quirk entries as well, though, just
788          * in case someone has a CD tower with one lun per drive or
789          * something like that.  Also, if we know up front that a
790          * particular device is a changer, we can mark it as such starting
791          * with lun 0, instead of lun 1.  It shouldn't be necessary to have
792          * a quirk entry to define something as a changer, however.
793          */
794         if (((cgd->ccb_h.target_lun > 0)
795           && ((softc->quirks & CD_Q_NO_CHANGER) == 0))
796          || ((softc->quirks & CD_Q_CHANGER) != 0)) {
797                 struct cdchanger *nchanger;
798                 struct cam_periph *nperiph;
799                 struct cam_path *path;
800                 cam_status status;
801                 int found;
802
803                 /* Set the changer flag in the current device's softc */
804                 softc->flags |= CD_FLAG_CHANGER;
805
806                 if (num_changers == 0)
807                         STAILQ_INIT(&changerq);
808
809                 /*
810                  * Now, look around for an existing changer device with the
811                  * same path and target ID as the current device.
812                  */
813                 for (found = 0,
814                      nchanger = (struct cdchanger *)STAILQ_FIRST(&changerq);
815                      nchanger != NULL;
816                      nchanger = STAILQ_NEXT(nchanger, changer_links)){
817                         if ((nchanger->path_id == cgd->ccb_h.path_id) 
818                          && (nchanger->target_id == cgd->ccb_h.target_id)) {
819                                 found = 1;
820                                 break;
821                         }
822                 }
823
824                 /*
825                  * If we found a matching entry, just add this device to
826                  * the list of devices on this changer.
827                  */
828                 if (found == 1) {
829                         struct chdevlist *chlunhead;
830
831                         chlunhead = &nchanger->chluns;
832
833                         /*
834                          * XXX KDM look at consolidating this code with the
835                          * code below in a separate function.
836                          */
837
838                         /*
839                          * Create a path with lun id 0, and see if we can
840                          * find a matching device
841                          */
842                         status = xpt_create_path(&path, /*periph*/ periph,
843                                                  cgd->ccb_h.path_id,
844                                                  cgd->ccb_h.target_id, 0);
845
846                         if ((status == CAM_REQ_CMP)
847                          && ((nperiph = cam_periph_find(path, "cd")) != NULL)){
848                                 struct cd_softc *nsoftc;
849
850                                 nsoftc = (struct cd_softc *)nperiph->softc;
851
852                                 if ((nsoftc->flags & CD_FLAG_CHANGER) == 0){
853                                         nsoftc->flags |= CD_FLAG_CHANGER;
854                                         nchanger->num_devices++;
855                                         if (camq_resize(&nchanger->devq,
856                                            nchanger->num_devices)!=CAM_REQ_CMP){
857                                                 printf("cdregister: "
858                                                        "camq_resize "
859                                                        "failed, changer "
860                                                        "support may "
861                                                        "be messed up\n");
862                                         }
863                                         nsoftc->changer = nchanger;
864                                         nsoftc->pinfo.index =CAM_UNQUEUED_INDEX;
865
866                                         STAILQ_INSERT_TAIL(&nchanger->chluns,
867                                                           nsoftc,changer_links);
868                                 }
869                                 xpt_free_path(path);
870                         } else if (status == CAM_REQ_CMP)
871                                 xpt_free_path(path);
872                         else {
873                                 printf("cdregister: unable to allocate path\n"
874                                        "cdregister: changer support may be "
875                                        "broken\n");
876                         }
877
878                         nchanger->num_devices++;
879
880                         softc->changer = nchanger;
881                         softc->pinfo.index = CAM_UNQUEUED_INDEX;
882
883                         if (camq_resize(&nchanger->devq,
884                             nchanger->num_devices) != CAM_REQ_CMP) {
885                                 printf("cdregister: camq_resize "
886                                        "failed, changer support may "
887                                        "be messed up\n");
888                         }
889
890                         STAILQ_INSERT_TAIL(chlunhead, softc, changer_links);
891                 }
892                 /*
893                  * In this case, we don't already have an entry for this
894                  * particular changer, so we need to create one, add it to
895                  * the queue, and queue this device on the list for this
896                  * changer.  Before we queue this device, however, we need
897                  * to search for lun id 0 on this target, and add it to the
898                  * queue first, if it exists.  (and if it hasn't already
899                  * been marked as part of the changer.)
900                  */
901                 else {
902                         nchanger = kmalloc(sizeof(struct cdchanger),
903                                         M_DEVBUF, M_INTWAIT | M_ZERO);
904                         callout_init(&nchanger->short_handle);
905                         callout_init(&nchanger->long_handle);
906                         if (camq_init(&nchanger->devq, 1) != 0) {
907                                 softc->flags &= ~CD_FLAG_CHANGER;
908                                 printf("cdregister: changer support "
909                                        "disabled\n");
910                                 goto cdregisterexit;
911                         }
912
913                         num_changers++;
914
915                         nchanger->path_id = cgd->ccb_h.path_id;
916                         nchanger->target_id = cgd->ccb_h.target_id;
917
918                         /* this is superfluous, but it makes things clearer */
919                         nchanger->num_devices = 0;
920
921                         STAILQ_INIT(&nchanger->chluns);
922
923                         STAILQ_INSERT_TAIL(&changerq, nchanger,
924                                            changer_links);
925                         
926                         /*
927                          * Create a path with lun id 0, and see if we can
928                          * find a matching device
929                          */
930                         status = xpt_create_path(&path, /*periph*/ periph,
931                                                  cgd->ccb_h.path_id,
932                                                  cgd->ccb_h.target_id, 0);
933
934                         /*
935                          * If we were able to allocate the path, and if we
936                          * find a matching device and it isn't already
937                          * marked as part of a changer, then we add it to
938                          * the current changer.
939                          */
940                         if ((status == CAM_REQ_CMP)
941                          && ((nperiph = cam_periph_find(path, "cd")) != NULL)
942                          && ((((struct cd_softc *)periph->softc)->flags &
943                                CD_FLAG_CHANGER) == 0)) {
944                                 struct cd_softc *nsoftc;
945
946                                 nsoftc = (struct cd_softc *)nperiph->softc;
947
948                                 nsoftc->flags |= CD_FLAG_CHANGER;
949                                 nchanger->num_devices++;
950                                 if (camq_resize(&nchanger->devq,
951                                     nchanger->num_devices) != CAM_REQ_CMP) {
952                                         printf("cdregister: camq_resize "
953                                                "failed, changer support may "
954                                                "be messed up\n");
955                                 }
956                                 nsoftc->changer = nchanger;
957                                 nsoftc->pinfo.index = CAM_UNQUEUED_INDEX;
958
959                                 STAILQ_INSERT_TAIL(&nchanger->chluns,
960                                                    nsoftc, changer_links);
961                                 xpt_free_path(path);
962                         } else if (status == CAM_REQ_CMP)
963                                 xpt_free_path(path);
964                         else {
965                                 printf("cdregister: unable to allocate path\n"
966                                        "cdregister: changer support may be "
967                                        "broken\n");
968                         }
969
970                         softc->changer = nchanger;
971                         softc->pinfo.index = CAM_UNQUEUED_INDEX;
972                         nchanger->num_devices++;
973                         if (camq_resize(&nchanger->devq,
974                             nchanger->num_devices) != CAM_REQ_CMP) {
975                                 printf("cdregister: camq_resize "
976                                        "failed, changer support may "
977                                        "be messed up\n");
978                         }
979                         STAILQ_INSERT_TAIL(&nchanger->chluns, softc,
980                                            changer_links);
981                 }
982         }
983
984 cdregisterexit:
985
986         /* Lock this peripheral until we are setup */
987         /* Can't block */
988         cam_periph_lock(periph, 0); 
989
990         if ((softc->flags & CD_FLAG_CHANGER) == 0)
991                 xpt_schedule(periph, /*priority*/5);
992         else
993                 cdschedule(periph, /*priority*/ 5);
994
995         return(CAM_REQ_CMP);
996 }
997
998 static int
999 cdopen(struct dev_open_args *ap)
1000 {
1001         cdev_t dev = ap->a_head.a_dev;
1002         struct cam_periph *periph;
1003         struct cd_softc *softc;
1004         int unit, error;
1005
1006         unit = dkunit(dev);
1007         periph = cam_extend_get(cdperiphs, unit);
1008
1009         if (periph == NULL)
1010                 return (ENXIO);
1011
1012         softc = (struct cd_softc *)periph->softc;
1013
1014         /*
1015          * Grab a critical section and hold it until we lock the peripheral.
1016          */
1017         crit_enter();
1018         if (softc->flags & CD_FLAG_INVALID) {
1019                 crit_exit();
1020                 return(ENXIO);
1021         }
1022
1023         if ((error = cam_periph_lock(periph, PCATCH)) != 0) {
1024                 crit_exit();
1025                 return (error);
1026         }
1027
1028         crit_exit();
1029
1030         if (cam_periph_acquire(periph) != CAM_REQ_CMP)
1031                 return(ENXIO);
1032
1033         /*
1034          * Check for media, and set the appropriate flags.  We don't bail
1035          * if we don't have media, but then we don't allow anything but the
1036          * CDIOCEJECT/CDIOCCLOSE ioctls if there is no media.
1037          *
1038          * XXX KDM for now, we do fail the open if we don't have media.  We
1039          * can change this once we've figured out how to make the slice
1040          * code work well with media changing underneath it.
1041          */
1042         error = cdcheckmedia(periph);
1043
1044         if (error == 0)
1045                 softc->flags |= CD_FLAG_OPEN;
1046
1047         cam_periph_unlock(periph);
1048
1049         CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, ("leaving cdopen\n"));
1050
1051         return (error);
1052 }
1053
1054 static int
1055 cdclose(struct dev_close_args *ap)
1056 {
1057         cdev_t dev = ap->a_head.a_dev;
1058         struct  cam_periph *periph;
1059         struct  cd_softc *softc;
1060         int     unit, error;
1061
1062         unit = dkunit(dev);
1063         periph = cam_extend_get(cdperiphs, unit);
1064         if (periph == NULL)
1065                 return (ENXIO); 
1066
1067         softc = (struct cd_softc *)periph->softc;
1068
1069         if ((error = cam_periph_lock(periph, 0)) != 0)
1070                 return (error);
1071
1072         if ((softc->flags & CD_FLAG_DISC_REMOVABLE) != 0)
1073                 cdprevent(periph, PR_ALLOW);
1074
1075         /*
1076          * Unconditionally set the dsopen() flags back to their default
1077          * state.
1078          */
1079         softc->disk.d_dsflags &= ~DSO_NOLABELS;
1080         softc->disk.d_dsflags |= DSO_COMPATLABEL;
1081
1082         /*
1083          * Since we're closing this CD, mark the blocksize as unavailable.
1084          * It will be marked as available when the CD is opened again.
1085          */
1086         softc->device_stats.flags |= DEVSTAT_BS_UNAVAILABLE;
1087
1088         /*
1089          * We'll check the media and toc again at the next open().
1090          */
1091         softc->flags &= ~(CD_FLAG_VALID_MEDIA|CD_FLAG_VALID_TOC);
1092         
1093         softc->flags &= ~CD_FLAG_OPEN;
1094
1095         cam_periph_unlock(periph);
1096         cam_periph_release(periph);
1097
1098         return (0);
1099 }
1100
1101 static void
1102 cdshorttimeout(void *arg)
1103 {
1104         struct cdchanger *changer;
1105
1106         crit_enter();
1107
1108         changer = (struct cdchanger *)arg;
1109
1110         /* Always clear the short timeout flag, since that's what we're in */
1111         changer->flags &= ~CHANGER_SHORT_TMOUT_SCHED;
1112
1113         /*
1114          * Check to see if there is any more pending or outstanding I/O for
1115          * this device.  If not, move it out of the active slot.
1116          */
1117         if ((bioq_first(&changer->cur_device->bio_queue) == NULL)
1118          && (changer->cur_device->device_stats.busy_count == 0)) {
1119                 changer->flags |= CHANGER_MANUAL_CALL;
1120                 cdrunchangerqueue(changer);
1121         }
1122         crit_exit();
1123 }
1124
1125 /*
1126  * This is a wrapper for xpt_schedule.  It only applies to changers.
1127  */
1128 static void
1129 cdschedule(struct cam_periph *periph, int priority)
1130 {
1131         struct cd_softc *softc;
1132
1133         crit_enter();
1134
1135         softc = (struct cd_softc *)periph->softc;
1136
1137         /*
1138          * If this device isn't currently queued, and if it isn't
1139          * the active device, then we queue this device and run the
1140          * changer queue if there is no timeout scheduled to do it.
1141          * If this device is the active device, just schedule it
1142          * to run again.  If this device is queued, there should be
1143          * a timeout in place already that will make sure it runs.
1144          */
1145         if ((softc->pinfo.index == CAM_UNQUEUED_INDEX) 
1146          && ((softc->flags & CD_FLAG_ACTIVE) == 0)) {
1147                 /*
1148                  * We don't do anything with the priority here.
1149                  * This is strictly a fifo queue.
1150                  */
1151                 softc->pinfo.priority = 1;
1152                 softc->pinfo.generation = ++softc->changer->devq.generation;
1153                 camq_insert(&softc->changer->devq, (cam_pinfo *)softc);
1154
1155                 /*
1156                  * Since we just put a device in the changer queue,
1157                  * check and see if there is a timeout scheduled for
1158                  * this changer.  If so, let the timeout handle
1159                  * switching this device into the active slot.  If
1160                  * not, manually call the timeout routine to
1161                  * bootstrap things.
1162                  */
1163                 if (((softc->changer->flags & CHANGER_TIMEOUT_SCHED)==0)
1164                  && ((softc->changer->flags & CHANGER_NEED_TIMEOUT)==0)
1165                  && ((softc->changer->flags & CHANGER_SHORT_TMOUT_SCHED)==0)){
1166                         softc->changer->flags |= CHANGER_MANUAL_CALL;
1167                         cdrunchangerqueue(softc->changer);
1168                 }
1169         } else if ((softc->flags & CD_FLAG_ACTIVE)
1170                 && ((softc->flags & CD_FLAG_SCHED_ON_COMP) == 0)) {
1171                 xpt_schedule(periph, priority);
1172         }
1173         crit_exit();
1174 }
1175
1176 static void
1177 cdrunchangerqueue(void *arg)
1178 {
1179         struct cd_softc *softc;
1180         struct cdchanger *changer;
1181         int called_from_timeout;
1182
1183         crit_enter();
1184
1185         changer = (struct cdchanger *)arg;
1186
1187         /*
1188          * If we have NOT been called from cdstrategy() or cddone(), and
1189          * instead from a timeout routine, go ahead and clear the
1190          * timeout flag.
1191          */
1192         if ((changer->flags & CHANGER_MANUAL_CALL) == 0) {
1193                 changer->flags &= ~CHANGER_TIMEOUT_SCHED;
1194                 called_from_timeout = 1;
1195         } else
1196                 called_from_timeout = 0;
1197
1198         /* Always clear the manual call flag */
1199         changer->flags &= ~CHANGER_MANUAL_CALL;
1200
1201         /* nothing to do if the queue is empty */
1202         if (changer->devq.entries <= 0) {
1203                 crit_exit();
1204                 return;
1205         }
1206
1207         /*
1208          * If the changer queue is frozen, that means we have an active
1209          * device.
1210          */
1211         if (changer->devq.qfrozen_cnt > 0) {
1212
1213                 if (changer->cur_device->device_stats.busy_count > 0) {
1214                         changer->cur_device->flags |= CD_FLAG_SCHED_ON_COMP;
1215                         changer->cur_device->bufs_left = 
1216                                 changer->cur_device->device_stats.busy_count;
1217                         if (called_from_timeout) {
1218                                 callout_reset(&changer->long_handle,
1219                                         changer_max_busy_seconds * hz,
1220                                         cdrunchangerqueue, changer);
1221                                 changer->flags |= CHANGER_TIMEOUT_SCHED;
1222                         }
1223                         crit_exit();
1224                         return;
1225                 }
1226
1227                 /*
1228                  * We always need to reset the frozen count and clear the
1229                  * active flag.
1230                  */
1231                 changer->devq.qfrozen_cnt--;
1232                 changer->cur_device->flags &= ~CD_FLAG_ACTIVE;
1233                 changer->cur_device->flags &= ~CD_FLAG_SCHED_ON_COMP;
1234
1235                 /*
1236                  * Check to see whether the current device has any I/O left
1237                  * to do.  If so, requeue it at the end of the queue.  If
1238                  * not, there is no need to requeue it.
1239                  */
1240                 if (bioq_first(&changer->cur_device->bio_queue) != NULL) {
1241
1242                         changer->cur_device->pinfo.generation =
1243                                 ++changer->devq.generation;
1244                         camq_insert(&changer->devq,
1245                                 (cam_pinfo *)changer->cur_device);
1246                 } 
1247         }
1248
1249         softc = (struct cd_softc *)camq_remove(&changer->devq, CAMQ_HEAD);
1250
1251         changer->cur_device = softc;
1252
1253         changer->devq.qfrozen_cnt++;
1254         softc->flags |= CD_FLAG_ACTIVE;
1255
1256         /* Just in case this device is waiting */
1257         wakeup(&softc->changer);
1258         xpt_schedule(softc->periph, /*priority*/ 1);
1259
1260         /*
1261          * Get rid of any pending timeouts, and set a flag to schedule new
1262          * ones so this device gets its full time quantum.
1263          */
1264         if (changer->flags & CHANGER_TIMEOUT_SCHED) {
1265                 callout_stop(&changer->long_handle);
1266                 changer->flags &= ~CHANGER_TIMEOUT_SCHED;
1267         }
1268
1269         if (changer->flags & CHANGER_SHORT_TMOUT_SCHED) {
1270                 callout_stop(&changer->short_handle);
1271                 changer->flags &= ~CHANGER_SHORT_TMOUT_SCHED;
1272         }
1273
1274         /*
1275          * We need to schedule timeouts, but we only do this after the
1276          * first transaction has completed.  This eliminates the changer
1277          * switch time.
1278          */
1279         changer->flags |= CHANGER_NEED_TIMEOUT;
1280
1281         crit_exit();
1282 }
1283
1284 static void
1285 cdchangerschedule(struct cd_softc *softc)
1286 {
1287         struct cdchanger *changer;
1288
1289         crit_enter();
1290
1291         changer = softc->changer;
1292
1293         /*
1294          * If this is a changer, and this is the current device,
1295          * and this device has at least the minimum time quantum to
1296          * run, see if we can switch it out.
1297          */
1298         if ((softc->flags & CD_FLAG_ACTIVE) 
1299          && ((changer->flags & CHANGER_SHORT_TMOUT_SCHED) == 0)
1300          && ((changer->flags & CHANGER_NEED_TIMEOUT) == 0)) {
1301                 /*
1302                  * We try three things here.  The first is that we
1303                  * check to see whether the schedule on completion
1304                  * flag is set.  If it is, we decrement the number
1305                  * of buffers left, and if it's zero, we reschedule.
1306                  * Next, we check to see whether the pending buffer
1307                  * queue is empty and whether there are no
1308                  * outstanding transactions.  If so, we reschedule.
1309                  * Next, we see if the pending buffer queue is empty.
1310                  * If it is, we set the number of buffers left to
1311                  * the current active buffer count and set the
1312                  * schedule on complete flag.
1313                  */
1314                 if (softc->flags & CD_FLAG_SCHED_ON_COMP) {
1315                         if (--softc->bufs_left == 0) {
1316                                 softc->changer->flags |=
1317                                         CHANGER_MANUAL_CALL;
1318                                 softc->flags &= ~CD_FLAG_SCHED_ON_COMP;
1319                                 cdrunchangerqueue(softc->changer);
1320                         }
1321                 } else if ((bioq_first(&softc->bio_queue) == NULL)
1322                         && (softc->device_stats.busy_count == 0)) {
1323                         softc->changer->flags |= CHANGER_MANUAL_CALL;
1324                         cdrunchangerqueue(softc->changer);
1325                 }
1326         } else if ((softc->changer->flags & CHANGER_NEED_TIMEOUT) 
1327                 && (softc->flags & CD_FLAG_ACTIVE)) {
1328
1329                 /*
1330                  * Now that the first transaction to this
1331                  * particular device has completed, we can go ahead
1332                  * and schedule our timeouts.
1333                  */
1334                 if ((changer->flags & CHANGER_TIMEOUT_SCHED) == 0) {
1335                         callout_reset(&changer->long_handle,
1336                                     changer_max_busy_seconds * hz,
1337                                     cdrunchangerqueue, changer);
1338                         changer->flags |= CHANGER_TIMEOUT_SCHED;
1339                 } else
1340                         printf("cdchangerschedule: already have a long"
1341                                " timeout!\n");
1342
1343                 if ((changer->flags & CHANGER_SHORT_TMOUT_SCHED) == 0) {
1344                         callout_reset(&changer->short_handle,
1345                                         changer_min_busy_seconds * hz,
1346                                         cdshorttimeout, changer);
1347                         changer->flags |= CHANGER_SHORT_TMOUT_SCHED;
1348                 } else
1349                         printf("cdchangerschedule: already have a short "
1350                                "timeout!\n");
1351
1352                 /*
1353                  * We just scheduled timeouts, no need to schedule
1354                  * more.
1355                  */
1356                 changer->flags &= ~CHANGER_NEED_TIMEOUT;
1357
1358         }
1359         crit_exit();
1360 }
1361
1362 static int
1363 cdrunccb(union ccb *ccb, int (*error_routine)(union ccb *ccb,
1364                                               u_int32_t cam_flags,
1365                                               u_int32_t sense_flags),
1366          u_int32_t cam_flags, u_int32_t sense_flags)
1367 {
1368         struct cd_softc *softc;
1369         struct cam_periph *periph;
1370         int error;
1371
1372         periph = xpt_path_periph(ccb->ccb_h.path);
1373         softc = (struct cd_softc *)periph->softc;
1374
1375         error = cam_periph_runccb(ccb, error_routine, cam_flags, sense_flags,
1376                                   &softc->device_stats);
1377
1378         if (softc->flags & CD_FLAG_CHANGER)
1379                 cdchangerschedule(softc);
1380
1381         return(error);
1382 }
1383
1384 static union ccb *
1385 cdgetccb(struct cam_periph *periph, u_int32_t priority)
1386 {
1387         struct cd_softc *softc;
1388
1389         softc = (struct cd_softc *)periph->softc;
1390
1391         if (softc->flags & CD_FLAG_CHANGER) {
1392                 crit_enter();
1393
1394                 /*
1395                  * This should work the first time this device is woken up,
1396                  * but just in case it doesn't, we use a while loop.
1397                  */
1398                 while ((softc->flags & CD_FLAG_ACTIVE) == 0) {
1399                         /*
1400                          * If this changer isn't already queued, queue it up.
1401                          */
1402                         if (softc->pinfo.index == CAM_UNQUEUED_INDEX) {
1403                                 softc->pinfo.priority = 1;
1404                                 softc->pinfo.generation =
1405                                         ++softc->changer->devq.generation;
1406                                 camq_insert(&softc->changer->devq,
1407                                             (cam_pinfo *)softc);
1408                         }
1409                         if (((softc->changer->flags & CHANGER_TIMEOUT_SCHED)==0)
1410                          && ((softc->changer->flags & CHANGER_NEED_TIMEOUT)==0)
1411                          && ((softc->changer->flags
1412                               & CHANGER_SHORT_TMOUT_SCHED)==0)) {
1413                                 softc->changer->flags |= CHANGER_MANUAL_CALL;
1414                                 cdrunchangerqueue(softc->changer);
1415                         } else
1416                                 tsleep(&softc->changer, 0, "cgticb", 0);
1417                 }
1418                 crit_exit();
1419         }
1420         return(cam_periph_getccb(periph, priority));
1421 }
1422
1423 /*
1424  * Actually translate the requested transfer into one the physical driver
1425  * can understand.  The transfer is described by a buf and will include
1426  * only one physical transfer.
1427  */
1428 static int
1429 cdstrategy(struct dev_strategy_args *ap)
1430 {
1431         cdev_t dev = ap->a_head.a_dev;
1432         struct bio *bio = ap->a_bio;
1433         struct buf *bp = bio->bio_buf;
1434         struct cam_periph *periph;
1435         struct cd_softc *softc;
1436         u_int  unit, part;
1437
1438         unit = dkunit(dev);
1439         part = dkpart(dev);
1440         periph = cam_extend_get(cdperiphs, unit);
1441         if (periph == NULL) {
1442                 bp->b_error = ENXIO;
1443                 goto bad;
1444         }
1445
1446         CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, ("entering cdstrategy\n"));
1447
1448         softc = (struct cd_softc *)periph->softc;
1449
1450         /*
1451          * Mask interrupts so that the pack cannot be invalidated until
1452          * after we are in the queue.  Otherwise, we might not properly
1453          * clean up one of the buffers.
1454          */
1455         crit_enter();
1456         
1457         /*
1458          * If the device has been made invalid, error out
1459          */
1460         if ((softc->flags & CD_FLAG_INVALID)) {
1461                 crit_exit();
1462                 bp->b_error = ENXIO;
1463                 goto bad;
1464         }
1465
1466         /*
1467          * If we don't have valid media, look for it before trying to
1468          * schedule the I/O.
1469          */
1470         if ((softc->flags & CD_FLAG_VALID_MEDIA) == 0) {
1471                 int error;
1472
1473                 error = cdcheckmedia(periph);
1474                 if (error != 0) {
1475                         crit_exit();
1476                         bp->b_error = error;
1477                         goto bad;
1478                 }
1479         }
1480
1481         /*
1482          * Place it in the queue of disk activities for this disk
1483          */
1484         bioqdisksort(&softc->bio_queue, bio);
1485
1486         crit_exit();
1487         
1488         /*
1489          * Schedule ourselves for performing the work.  We do things
1490          * differently for changers.
1491          */
1492         if ((softc->flags & CD_FLAG_CHANGER) == 0)
1493                 xpt_schedule(periph, /* XXX priority */1);
1494         else
1495                 cdschedule(periph, /* priority */ 1);
1496
1497         return(0);
1498 bad:
1499         bp->b_flags |= B_ERROR;
1500         /*
1501          * Correctly set the buf to indicate a completed xfer
1502          */
1503         bp->b_resid = bp->b_bcount;
1504         biodone(bio);
1505         return(0);
1506 }
1507
1508 static void
1509 cdstart(struct cam_periph *periph, union ccb *start_ccb)
1510 {
1511         struct cd_softc *softc;
1512         struct bio *bio;
1513         struct buf *bp;
1514         struct ccb_scsiio *csio;
1515         struct scsi_read_capacity_data *rcap;
1516
1517         softc = (struct cd_softc *)periph->softc;
1518
1519         CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, ("entering cdstart\n"));
1520
1521         switch (softc->state) {
1522         case CD_STATE_NORMAL:
1523         {
1524                 crit_enter();
1525                 bio = bioq_first(&softc->bio_queue);
1526                 if (periph->immediate_priority <= periph->pinfo.priority) {
1527                         start_ccb->ccb_h.ccb_state = CD_CCB_WAITING;
1528
1529                         SLIST_INSERT_HEAD(&periph->ccb_list, &start_ccb->ccb_h,
1530                                           periph_links.sle);
1531                         periph->immediate_priority = CAM_PRIORITY_NONE;
1532                         crit_exit();
1533                         wakeup(&periph->ccb_list);
1534                 } else if (bio == NULL) {
1535                         crit_exit();
1536                         xpt_release_ccb(start_ccb);
1537                 } else {
1538                         bp = bio->bio_buf;
1539                         bioq_remove(&softc->bio_queue, bio);
1540
1541                         devstat_start_transaction(&softc->device_stats);
1542
1543                         KKASSERT(bio->bio_offset % softc->params.blksize == 0);
1544
1545                         scsi_read_write(&start_ccb->csio,
1546                                         /*retries*/4,
1547                                         /* cbfcnp */ cddone,
1548                                         (bp->b_flags & B_ORDERED) != 0 ?
1549                                             MSG_ORDERED_Q_TAG : 
1550                                             MSG_SIMPLE_Q_TAG,
1551                                         /* read */(bp->b_cmd == BUF_CMD_READ),
1552                                         /* byte2 */ 0,
1553                                         /* minimum_cmd_size */ 10,
1554                                         /* lba */ 
1555                                         bio->bio_offset / softc->params.blksize,
1556                                         bp->b_bcount / softc->params.blksize,
1557                                         /* data_ptr */ bp->b_data,
1558                                         /* dxfer_len */ bp->b_bcount,
1559                                         /* sense_len */ SSD_FULL_SIZE,
1560                                         /* timeout */ 30000);
1561                         start_ccb->ccb_h.ccb_state = CD_CCB_BUFFER_IO;
1562
1563                         
1564                         /*
1565                          * Block out any asyncronous callbacks
1566                          * while we touch the pending ccb list.
1567                          */
1568                         LIST_INSERT_HEAD(&softc->pending_ccbs,
1569                                          &start_ccb->ccb_h, periph_links.le);
1570
1571                         /* We expect a unit attention from this device */
1572                         if ((softc->flags & CD_FLAG_RETRY_UA) != 0) {
1573                                 start_ccb->ccb_h.ccb_state |= CD_CCB_RETRY_UA;
1574                                 softc->flags &= ~CD_FLAG_RETRY_UA;
1575                         }
1576
1577                         start_ccb->ccb_h.ccb_bio = bio;
1578                         bio = bioq_first(&softc->bio_queue);
1579                         crit_exit();
1580
1581                         xpt_action(start_ccb);
1582                 }
1583                 if (bio != NULL) {
1584                         /* Have more work to do, so ensure we stay scheduled */
1585                         xpt_schedule(periph, /* XXX priority */1);
1586                 }
1587                 break;
1588         }
1589         case CD_STATE_PROBE:
1590         {
1591
1592                 rcap = kmalloc(sizeof(*rcap), M_TEMP, M_INTWAIT);
1593                 csio = &start_ccb->csio;
1594                 scsi_read_capacity(csio,
1595                                    /*retries*/1,
1596                                    cddone,
1597                                    MSG_SIMPLE_Q_TAG,
1598                                    rcap,
1599                                    SSD_FULL_SIZE,
1600                                    /*timeout*/20000);
1601                 start_ccb->ccb_h.ccb_bio = NULL;
1602                 start_ccb->ccb_h.ccb_state = CD_CCB_PROBE;
1603                 xpt_action(start_ccb);
1604                 break;
1605         }
1606         }
1607 }
1608
1609 static void
1610 cddone(struct cam_periph *periph, union ccb *done_ccb)
1611
1612         struct cd_softc *softc;
1613         struct ccb_scsiio *csio;
1614
1615         CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, ("entering cddone\n"));
1616
1617         softc = (struct cd_softc *)periph->softc;
1618         csio = &done_ccb->csio;
1619
1620         switch (csio->ccb_h.ccb_state & CD_CCB_TYPE_MASK) {
1621         case CD_CCB_BUFFER_IO:
1622         {
1623                 struct buf      *bp;
1624                 struct bio      *bio;
1625                 int             error;
1626
1627                 bio = (struct bio *)done_ccb->ccb_h.ccb_bio;
1628                 bp = bio->bio_buf;
1629                 error = 0;
1630
1631                 if ((done_ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_CMP) {
1632                         int sf;
1633
1634                         if ((done_ccb->ccb_h.ccb_state & CD_CCB_RETRY_UA) != 0)
1635                                 sf = SF_RETRY_UA;
1636                         else
1637                                 sf = 0;
1638
1639                         /* Retry selection timeouts */
1640                         sf |= SF_RETRY_SELTO;
1641
1642                         if ((error = cderror(done_ccb, 0, sf)) == ERESTART) {
1643                                 /*
1644                                  * A retry was scheuled, so
1645                                  * just return.
1646                                  */
1647                                 return;
1648                         }
1649                 }
1650
1651                 if (error != 0) {
1652                         struct bio *q_bio;
1653                         struct buf *q_bp;
1654
1655                         xpt_print_path(periph->path);
1656                         printf("cddone: got error %#x back\n", error);
1657                         crit_enter();
1658                         while ((q_bio = bioq_first(&softc->bio_queue)) != NULL) {
1659                                 bioq_remove(&softc->bio_queue, q_bio);
1660                                 q_bp = q_bio->bio_buf;
1661                                 q_bp->b_resid = q_bp->b_bcount;
1662                                 q_bp->b_error = EIO;
1663                                 q_bp->b_flags |= B_ERROR;
1664                                 biodone(q_bio);
1665                         }
1666                         crit_exit();
1667                         bp->b_resid = bp->b_bcount;
1668                         bp->b_error = error;
1669                         bp->b_flags |= B_ERROR;
1670                         cam_release_devq(done_ccb->ccb_h.path,
1671                                          /*relsim_flags*/0,
1672                                          /*reduction*/0,
1673                                          /*timeout*/0,
1674                                          /*getcount_only*/0);
1675
1676                 } else {
1677                         bp->b_resid = csio->resid;
1678                         bp->b_error = 0;
1679                         if (bp->b_resid != 0) {
1680                                 /* Short transfer ??? */
1681                                 bp->b_flags |= B_ERROR;
1682                         }
1683                 }
1684
1685                 /*
1686                  * Block out any asyncronous callbacks
1687                  * while we touch the pending ccb list.
1688                  */
1689                 crit_enter();
1690                 LIST_REMOVE(&done_ccb->ccb_h, periph_links.le);
1691                 crit_exit();
1692
1693                 if (softc->flags & CD_FLAG_CHANGER)
1694                         cdchangerschedule(softc);
1695
1696                 devstat_end_transaction_buf(&softc->device_stats, bp);
1697                 biodone(bio);
1698                 break;
1699         }
1700         case CD_CCB_PROBE:
1701         {
1702                 struct     scsi_read_capacity_data *rdcap;
1703                 char       announce_buf[120]; /*
1704                                                * Currently (9/30/97) the 
1705                                                * longest possible announce 
1706                                                * buffer is 108 bytes, for the 
1707                                                * first error case below.  
1708                                                * That is 39 bytes for the 
1709                                                * basic string, 16 bytes for the
1710                                                * biggest sense key (hardware 
1711                                                * error), 52 bytes for the
1712                                                * text of the largest sense 
1713                                                * qualifier valid for a CDROM,
1714                                                * (0x72, 0x03 or 0x04,
1715                                                * 0x03), and one byte for the
1716                                                * null terminating character.
1717                                                * To allow for longer strings, 
1718                                                * the announce buffer is 120
1719                                                * bytes.
1720                                                */
1721                 struct     cd_params *cdp;
1722
1723                 cdp = &softc->params;
1724
1725                 rdcap = (struct scsi_read_capacity_data *)csio->data_ptr;
1726                 
1727                 cdp->disksize = scsi_4btoul (rdcap->addr) + 1;
1728                 cdp->blksize = scsi_4btoul (rdcap->length);
1729
1730                 if ((csio->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_CMP) {
1731
1732                         snprintf(announce_buf, sizeof(announce_buf),
1733                                 "cd present [%lu x %lu byte records]",
1734                                 cdp->disksize, (u_long)cdp->blksize);
1735
1736                 } else {
1737                         int     error;
1738                         /*
1739                          * Retry any UNIT ATTENTION type errors.  They
1740                          * are expected at boot.
1741                          */
1742                         error = cderror(done_ccb, 0, SF_RETRY_UA |
1743                                         SF_NO_PRINT | SF_RETRY_SELTO);
1744                         if (error == ERESTART) {
1745                                 /*
1746                                  * A retry was scheuled, so
1747                                  * just return.
1748                                  */
1749                                 return;
1750                         } else if (error != 0) {
1751
1752                                 struct scsi_sense_data *sense;
1753                                 int asc, ascq;
1754                                 int sense_key, error_code;
1755                                 int have_sense;
1756                                 cam_status status;
1757                                 struct ccb_getdev cgd;
1758
1759                                 /* Don't wedge this device's queue */
1760                                 cam_release_devq(done_ccb->ccb_h.path,
1761                                                  /*relsim_flags*/0,
1762                                                  /*reduction*/0,
1763                                                  /*timeout*/0,
1764                                                  /*getcount_only*/0);
1765
1766                                 status = done_ccb->ccb_h.status;
1767
1768                                 xpt_setup_ccb(&cgd.ccb_h, 
1769                                               done_ccb->ccb_h.path,
1770                                               /* priority */ 1);
1771                                 cgd.ccb_h.func_code = XPT_GDEV_TYPE;
1772                                 xpt_action((union ccb *)&cgd);
1773
1774                                 if (((csio->ccb_h.flags & CAM_SENSE_PHYS) != 0)
1775                                  || ((csio->ccb_h.flags & CAM_SENSE_PTR) != 0)
1776                                  || ((status & CAM_AUTOSNS_VALID) == 0))
1777                                         have_sense = FALSE;
1778                                 else
1779                                         have_sense = TRUE;
1780
1781                                 if (have_sense) {
1782                                         sense = &csio->sense_data;
1783                                         scsi_extract_sense(sense, &error_code,
1784                                                            &sense_key, 
1785                                                            &asc, &ascq);
1786                                 }
1787                                 /*
1788                                  * Attach to anything that claims to be a
1789                                  * CDROM or WORM device, as long as it
1790                                  * doesn't return a "Logical unit not
1791                                  * supported" (0x25) error.
1792                                  */
1793                                 if ((have_sense) && (asc != 0x25)
1794                                  && (error_code == SSD_CURRENT_ERROR))
1795                                         snprintf(announce_buf,
1796                                             sizeof(announce_buf),
1797                                                 "Attempt to query device "
1798                                                 "size failed: %s, %s",
1799                                                 scsi_sense_key_text[sense_key],
1800                                                 scsi_sense_desc(asc,ascq,
1801                                                                 &cgd.inq_data));
1802                                 else if ((have_sense == 0)
1803                                       && ((status & CAM_STATUS_MASK) ==
1804                                            CAM_SCSI_STATUS_ERROR)
1805                                       && (csio->scsi_status ==
1806                                           SCSI_STATUS_BUSY)) {
1807                                         snprintf(announce_buf,
1808                                             sizeof(announce_buf),
1809                                             "Attempt to query device "
1810                                             "size failed: SCSI status: BUSY");
1811                                 } else if (SID_TYPE(&cgd.inq_data) == T_CDROM) {
1812                                         /*
1813                                          * We only print out an error for
1814                                          * CDROM type devices.  For WORM
1815                                          * devices, we don't print out an
1816                                          * error since a few WORM devices
1817                                          * don't support CDROM commands.
1818                                          * If we have sense information, go
1819                                          * ahead and print it out.
1820                                          * Otherwise, just say that we 
1821                                          * couldn't attach.
1822                                          */
1823
1824                                         /*
1825                                          * Just print out the error, not
1826                                          * the full probe message, when we
1827                                          * don't attach.
1828                                          */
1829                                         if (have_sense)
1830                                                 scsi_sense_print(
1831                                                         &done_ccb->csio);
1832                                         else {
1833                                                 xpt_print_path(periph->path);
1834                                                 printf("got CAM status %#x\n",
1835                                                        done_ccb->ccb_h.status);
1836                                         }
1837                                         xpt_print_path(periph->path);
1838                                         printf("fatal error, failed" 
1839                                                " to attach to device\n");
1840
1841                                         /*
1842                                          * Invalidate this peripheral.
1843                                          */
1844                                         cam_periph_invalidate(periph);
1845
1846                                         announce_buf[0] = '\0';
1847                                 } else {
1848
1849                                         /*
1850                                          * Invalidate this peripheral.
1851                                          */
1852                                         cam_periph_invalidate(periph);
1853                                         announce_buf[0] = '\0';
1854                                 }
1855                         }
1856                 }
1857                 kfree(rdcap, M_TEMP);
1858                 if (announce_buf[0] != '\0') {
1859                         xpt_announce_periph(periph, announce_buf);
1860                         if (softc->flags & CD_FLAG_CHANGER)
1861                                 cdchangerschedule(softc);
1862                         /*
1863                          * Create our sysctl variables, now that we know
1864                          * we have successfully attached.
1865                          */
1866                         taskqueue_enqueue(taskqueue_thread[mycpuid],
1867                             &softc->sysctl_task);
1868                 }
1869                 softc->state = CD_STATE_NORMAL;         
1870                 /*
1871                  * Since our peripheral may be invalidated by an error
1872                  * above or an external event, we must release our CCB
1873                  * before releasing the probe lock on the peripheral.
1874                  * The peripheral will only go away once the last lock
1875                  * is removed, and we need it around for the CCB release
1876                  * operation.
1877                  */
1878                 xpt_release_ccb(done_ccb);
1879                 cam_periph_unlock(periph);
1880                 return;
1881         }
1882         case CD_CCB_WAITING:
1883         {
1884                 /* Caller will release the CCB */
1885                 CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, 
1886                           ("trying to wakeup ccbwait\n"));
1887
1888                 wakeup(&done_ccb->ccb_h.cbfcnp);
1889                 return;
1890         }
1891         default:
1892                 break;
1893         }
1894         xpt_release_ccb(done_ccb);
1895 }
1896
1897 static union cd_pages *
1898 cdgetpage(struct cd_mode_params *mode_params)
1899 {
1900         union cd_pages *page;
1901
1902         if (mode_params->cdb_size == 10)
1903                 page = (union cd_pages *)find_mode_page_10(
1904                         (struct scsi_mode_header_10 *)mode_params->mode_buf);
1905         else
1906                 page = (union cd_pages *)find_mode_page_6(
1907                         (struct scsi_mode_header_6 *)mode_params->mode_buf);
1908
1909         return (page);
1910 }
1911
1912 static int
1913 cdgetpagesize(int page_num)
1914 {
1915         int i;
1916
1917         for (i = 0; i < (sizeof(cd_page_size_table)/
1918             sizeof(cd_page_size_table[0])); i++) {
1919                 if (cd_page_size_table[i].page == page_num)
1920                         return (cd_page_size_table[i].page_size);
1921         }
1922         return (-1);
1923 }
1924
1925 static int
1926 cdioctl(struct dev_ioctl_args *ap)
1927 {
1928         cdev_t dev = ap->a_head.a_dev;
1929         caddr_t addr = ap->a_data;
1930         struct  cam_periph *periph;
1931         struct  cd_softc *softc;
1932         int     error, unit;
1933
1934         unit = dkunit(dev);
1935
1936         periph = cam_extend_get(cdperiphs, unit);
1937         if (periph == NULL)
1938                 return(ENXIO);  
1939
1940         CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, ("entering cdioctl\n"));
1941
1942         softc = (struct cd_softc *)periph->softc;
1943
1944         CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, 
1945                   ("trying to do ioctl %#lx\n", ap->a_cmd));
1946
1947         error = cam_periph_lock(periph, PCATCH);
1948
1949         if (error != 0)
1950                 return(error);
1951
1952         /*
1953          * If we don't have media loaded, check for it.  If still don't
1954          * have media loaded, we can only do a load or eject.
1955          */
1956         if (((softc->flags & CD_FLAG_VALID_MEDIA) == 0)
1957             && ((ap->a_cmd != CDIOCCLOSE)
1958             && (ap->a_cmd != CDIOCEJECT))) {
1959                 error = cdcheckmedia(periph);
1960                 if (error != 0) {
1961                         cam_periph_unlock(periph);
1962                         return (error);
1963                 }
1964         }
1965
1966         switch (ap->a_cmd) {
1967
1968         case CDIOCPLAYTRACKS:
1969                 {
1970                         struct ioc_play_track *args
1971                             = (struct ioc_play_track *)addr;
1972                         struct cd_mode_params params;
1973                         union cd_pages *page;
1974
1975                         params.alloc_len = sizeof(union cd_mode_data_6_10);
1976                         params.mode_buf = kmalloc(params.alloc_len, M_TEMP,
1977                                                  M_WAITOK | M_ZERO);
1978
1979                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
1980                                   ("trying to do CDIOCPLAYTRACKS\n"));
1981
1982                         error = cdgetmode(periph, &params, AUDIO_PAGE);
1983                         if (error) {
1984                                 kfree(params.mode_buf, M_TEMP);
1985                                 break;
1986                         }
1987                         page = cdgetpage(&params);
1988
1989                         page->audio.flags &= ~CD_PA_SOTC;
1990                         page->audio.flags |= CD_PA_IMMED;
1991                         error = cdsetmode(periph, &params);
1992                         kfree(params.mode_buf, M_TEMP);
1993                         if (error)
1994                                 break;
1995
1996                         /*
1997                          * This was originally implemented with the PLAY
1998                          * AUDIO TRACK INDEX command, but that command was
1999                          * deprecated after SCSI-2.  Most (all?) SCSI CDROM
2000                          * drives support it but ATAPI and ATAPI-derivative
2001                          * drives don't seem to support it.  So we keep a
2002                          * cache of the table of contents and translate
2003                          * track numbers to MSF format.
2004                          */
2005                         if (softc->flags & CD_FLAG_VALID_TOC) {
2006                                 union msf_lba *sentry, *eentry;
2007                                 int st, et;
2008
2009                                 if (args->end_track <
2010                                     softc->toc.header.ending_track + 1)
2011                                         args->end_track++;
2012                                 if (args->end_track >
2013                                     softc->toc.header.ending_track + 1)
2014                                         args->end_track =
2015                                             softc->toc.header.ending_track + 1;
2016                                 st = args->start_track -
2017                                         softc->toc.header.starting_track;
2018                                 et = args->end_track -
2019                                         softc->toc.header.starting_track;
2020                                 if ((st < 0)
2021                                  || (et < 0)
2022                                  || (st > (softc->toc.header.ending_track -
2023                                      softc->toc.header.starting_track))) {
2024                                         error = EINVAL;
2025                                         break;
2026                                 }
2027                                 sentry = &softc->toc.entries[st].addr;
2028                                 eentry = &softc->toc.entries[et].addr;
2029                                 error = cdplaymsf(periph,
2030                                                   sentry->msf.minute,
2031                                                   sentry->msf.second,
2032                                                   sentry->msf.frame,
2033                                                   eentry->msf.minute,
2034                                                   eentry->msf.second,
2035                                                   eentry->msf.frame);
2036                         } else {
2037                                 /*
2038                                  * If we don't have a valid TOC, try the
2039                                  * play track index command.  It is part of
2040                                  * the SCSI-2 spec, but was removed in the
2041                                  * MMC specs.  ATAPI and ATAPI-derived
2042                                  * drives don't support it.
2043                                  */
2044                                 if (softc->quirks & CD_Q_BCD_TRACKS) {
2045                                         args->start_track =
2046                                                 bin2bcd(args->start_track);
2047                                         args->end_track =
2048                                                 bin2bcd(args->end_track);
2049                                 }
2050                                 error = cdplaytracks(periph,
2051                                                      args->start_track,
2052                                                      args->start_index,
2053                                                      args->end_track,
2054                                                      args->end_index);
2055                         }
2056                 }
2057                 break;
2058         case CDIOCPLAYMSF:
2059                 {
2060                         struct ioc_play_msf *args
2061                                 = (struct ioc_play_msf *) addr;
2062                         struct cd_mode_params params;
2063                         union cd_pages *page;
2064
2065                         params.alloc_len = sizeof(union cd_mode_data_6_10);
2066                         params.mode_buf = kmalloc(params.alloc_len, M_TEMP,
2067                                                  M_WAITOK | M_ZERO);
2068
2069                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2070                                   ("trying to do CDIOCPLAYMSF\n"));
2071
2072                         error = cdgetmode(periph, &params, AUDIO_PAGE);
2073                         if (error) {
2074                                 kfree(params.mode_buf, M_TEMP);
2075                                 break;
2076                         }
2077                         page = cdgetpage(&params);
2078
2079                         page->audio.flags &= ~CD_PA_SOTC;
2080                         page->audio.flags |= CD_PA_IMMED;
2081                         error = cdsetmode(periph, &params);
2082                         kfree(params.mode_buf, M_TEMP);
2083                         if (error)
2084                                 break;
2085                         error = cdplaymsf(periph,
2086                                           args->start_m,
2087                                           args->start_s,
2088                                           args->start_f,
2089                                           args->end_m,
2090                                           args->end_s,
2091                                           args->end_f);
2092                 }
2093                 break;
2094         case CDIOCPLAYBLOCKS:
2095                 {
2096                         struct ioc_play_blocks *args
2097                                 = (struct ioc_play_blocks *) addr;
2098                         struct cd_mode_params params;
2099                         union cd_pages *page;
2100
2101                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2102                                   ("trying to do CDIOCPLAYBLOCKS\n"));
2103
2104                         params.alloc_len = sizeof(union cd_mode_data_6_10);
2105                         params.mode_buf = kmalloc(params.alloc_len, M_TEMP,
2106                                                  M_WAITOK | M_ZERO);
2107
2108                         error = cdgetmode(periph, &params, AUDIO_PAGE);
2109                         if (error) {
2110                                 kfree(params.mode_buf, M_TEMP);
2111                                 break;
2112                         }
2113                         page = cdgetpage(&params);
2114
2115                         page->audio.flags &= ~CD_PA_SOTC;
2116                         page->audio.flags |= CD_PA_IMMED;
2117                         error = cdsetmode(periph, &params);
2118                         kfree(params.mode_buf, M_TEMP);
2119                         if (error)
2120                                 break;
2121                         error = cdplay(periph, args->blk, args->len);
2122                 }
2123                 break;
2124         case CDIOCREADSUBCHANNEL:
2125                 {
2126                         struct ioc_read_subchannel *args
2127                                 = (struct ioc_read_subchannel *) addr;
2128                         struct cd_sub_channel_info *data;
2129                         u_int32_t len = args->data_len;
2130
2131                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2132                                   ("trying to do CDIOCREADSUBCHANNEL\n"));
2133
2134                         data = kmalloc(sizeof(struct cd_sub_channel_info), 
2135                                       M_TEMP, M_WAITOK);
2136
2137                         if ((len > sizeof(struct cd_sub_channel_info)) ||
2138                             (len < sizeof(struct cd_sub_channel_header))) {
2139                                 printf(
2140                                         "scsi_cd: cdioctl: "
2141                                         "cdioreadsubchannel: error, len=%d\n",
2142                                         len);
2143                                 error = EINVAL;
2144                                 kfree(data, M_TEMP);
2145                                 break;
2146                         }
2147
2148                         if (softc->quirks & CD_Q_BCD_TRACKS)
2149                                 args->track = bin2bcd(args->track);
2150
2151                         error = cdreadsubchannel(periph, args->address_format,
2152                                 args->data_format, args->track, data, len);
2153
2154                         if (error) {
2155                                 kfree(data, M_TEMP);
2156                                 break;
2157                         }
2158                         if (softc->quirks & CD_Q_BCD_TRACKS)
2159                                 data->what.track_info.track_number =
2160                                     bcd2bin(data->what.track_info.track_number);
2161                         len = min(len, ((data->header.data_len[0] << 8) +
2162                                 data->header.data_len[1] +
2163                                 sizeof(struct cd_sub_channel_header)));
2164                         if (copyout(data, args->data, len) != 0) {
2165                                 error = EFAULT;
2166                         }
2167                         kfree(data, M_TEMP);
2168                 }
2169                 break;
2170
2171         case CDIOREADTOCHEADER:
2172                 {
2173                         struct ioc_toc_header *th;
2174
2175                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2176                                   ("trying to do CDIOREADTOCHEADER\n"));
2177
2178                         th = kmalloc(sizeof(struct ioc_toc_header), M_TEMP,
2179                                     M_WAITOK);
2180                         error = cdreadtoc(periph, 0, 0, (u_int8_t *)th, 
2181                                           sizeof (*th), /*sense_flags*/0);
2182                         if (error) {
2183                                 kfree(th, M_TEMP);
2184                                 break;
2185                         }
2186                         if (softc->quirks & CD_Q_BCD_TRACKS) {
2187                                 /* we are going to have to convert the BCD
2188                                  * encoding on the cd to what is expected
2189                                  */
2190                                 th->starting_track = 
2191                                         bcd2bin(th->starting_track);
2192                                 th->ending_track = bcd2bin(th->ending_track);
2193                         }
2194                         th->len = ntohs(th->len);
2195                         bcopy(th, addr, sizeof(*th));
2196                         kfree(th, M_TEMP);
2197                 }
2198                 break;
2199         case CDIOREADTOCENTRYS:
2200                 {
2201                         struct cd_tocdata *data;
2202                         struct cd_toc_single *lead;
2203                         struct ioc_read_toc_entry *te =
2204                                 (struct ioc_read_toc_entry *) addr;
2205                         struct ioc_toc_header *th;
2206                         u_int32_t len, readlen, idx, num;
2207                         u_int32_t starting_track = te->starting_track;
2208
2209                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2210                                   ("trying to do CDIOREADTOCENTRYS\n"));
2211
2212                         data = kmalloc(sizeof(*data), M_TEMP, M_WAITOK);
2213                         lead = kmalloc(sizeof(*lead), M_TEMP, M_WAITOK);
2214
2215                         if (te->data_len < sizeof(struct cd_toc_entry)
2216                          || (te->data_len % sizeof(struct cd_toc_entry)) != 0
2217                          || (te->address_format != CD_MSF_FORMAT
2218                           && te->address_format != CD_LBA_FORMAT)) {
2219                                 error = EINVAL;
2220                                 printf("scsi_cd: error in readtocentries, "
2221                                        "returning EINVAL\n");
2222                                 kfree(data, M_TEMP);
2223                                 kfree(lead, M_TEMP);
2224                                 break;
2225                         }
2226
2227                         th = &data->header;
2228                         error = cdreadtoc(periph, 0, 0, (u_int8_t *)th, 
2229                                           sizeof (*th), /*sense_flags*/0);
2230                         if (error) {
2231                                 kfree(data, M_TEMP);
2232                                 kfree(lead, M_TEMP);
2233                                 break;
2234                         }
2235
2236                         if (softc->quirks & CD_Q_BCD_TRACKS) {
2237                                 /* we are going to have to convert the BCD
2238                                  * encoding on the cd to what is expected
2239                                  */
2240                                 th->starting_track =
2241                                     bcd2bin(th->starting_track);
2242                                 th->ending_track = bcd2bin(th->ending_track);
2243                         }
2244
2245                         if (starting_track == 0)
2246                                 starting_track = th->starting_track;
2247                         else if (starting_track == LEADOUT)
2248                                 starting_track = th->ending_track + 1;
2249                         else if (starting_track < th->starting_track ||
2250                                  starting_track > th->ending_track + 1) {
2251                                 printf("scsi_cd: error in readtocentries, "
2252                                        "returning EINVAL\n");
2253                                 kfree(data, M_TEMP);
2254                                 kfree(lead, M_TEMP);
2255                                 error = EINVAL;
2256                                 break;
2257                         }
2258
2259                         /* calculate reading length without leadout entry */
2260                         readlen = (th->ending_track - starting_track + 1) *
2261                                   sizeof(struct cd_toc_entry);
2262
2263                         /* and with leadout entry */
2264                         len = readlen + sizeof(struct cd_toc_entry);
2265                         if (te->data_len < len) {
2266                                 len = te->data_len;
2267                                 if (readlen > len)
2268                                         readlen = len;
2269                         }
2270                         if (len > sizeof(data->entries)) {
2271                                 printf("scsi_cd: error in readtocentries, "
2272                                        "returning EINVAL\n");
2273                                 error = EINVAL;
2274                                 kfree(data, M_TEMP);
2275                                 kfree(lead, M_TEMP);
2276                                 break;
2277                         }
2278                         num = len / sizeof(struct cd_toc_entry);
2279
2280                         if (readlen > 0) {
2281                                 error = cdreadtoc(periph, te->address_format,
2282                                                   starting_track,
2283                                                   (u_int8_t *)data,
2284                                                   readlen + sizeof (*th),
2285                                                   /*sense_flags*/0);
2286                                 if (error) {
2287                                         kfree(data, M_TEMP);
2288                                         kfree(lead, M_TEMP);
2289                                         break;
2290                                 }
2291                         }
2292
2293                         /* make leadout entry if needed */
2294                         idx = starting_track + num - 1;
2295                         if (softc->quirks & CD_Q_BCD_TRACKS)
2296                                 th->ending_track = bcd2bin(th->ending_track);
2297                         if (idx == th->ending_track + 1) {
2298                                 error = cdreadtoc(periph, te->address_format,
2299                                                   LEADOUT, (u_int8_t *)lead,
2300                                                   sizeof(*lead),
2301                                                   /*sense_flags*/0);
2302                                 if (error) {
2303                                         kfree(data, M_TEMP);
2304                                         kfree(lead, M_TEMP);
2305                                         break;
2306                                 }
2307                                 data->entries[idx - starting_track] = 
2308                                         lead->entry;
2309                         }
2310                         if (softc->quirks & CD_Q_BCD_TRACKS) {
2311                                 for (idx = 0; idx < num - 1; idx++) {
2312                                         data->entries[idx].track =
2313                                             bcd2bin(data->entries[idx].track);
2314                                 }
2315                         }
2316
2317                         error = copyout(data->entries, te->data, len);
2318                         kfree(data, M_TEMP);
2319                         kfree(lead, M_TEMP);
2320                 }
2321                 break;
2322         case CDIOREADTOCENTRY:
2323                 {
2324                         struct cd_toc_single *data;
2325                         struct ioc_read_toc_single_entry *te =
2326                                 (struct ioc_read_toc_single_entry *) addr;
2327                         struct ioc_toc_header *th;
2328                         u_int32_t track;
2329
2330                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2331                                   ("trying to do CDIOREADTOCENTRY\n"));
2332
2333                         data = kmalloc(sizeof(*data), M_TEMP, M_WAITOK);
2334
2335                         if (te->address_format != CD_MSF_FORMAT
2336                             && te->address_format != CD_LBA_FORMAT) {
2337                                 printf("error in readtocentry, "
2338                                        " returning EINVAL\n");
2339                                 kfree(data, M_TEMP);
2340                                 error = EINVAL;
2341                                 break;
2342                         }
2343
2344                         th = &data->header;
2345                         error = cdreadtoc(periph, 0, 0, (u_int8_t *)th,
2346                                           sizeof (*th), /*sense_flags*/0);
2347                         if (error) {
2348                                 kfree(data, M_TEMP);
2349                                 break;
2350                         }
2351
2352                         if (softc->quirks & CD_Q_BCD_TRACKS) {
2353                                 /* we are going to have to convert the BCD
2354                                  * encoding on the cd to what is expected
2355                                  */
2356                                 th->starting_track =
2357                                     bcd2bin(th->starting_track);
2358                                 th->ending_track = bcd2bin(th->ending_track);
2359                         }
2360                         track = te->track;
2361                         if (track == 0)
2362                                 track = th->starting_track;
2363                         else if (track == LEADOUT)
2364                                 /* OK */;
2365                         else if (track < th->starting_track ||
2366                                  track > th->ending_track + 1) {
2367                                 printf("error in readtocentry, "
2368                                        " returning EINVAL\n");
2369                                 kfree(data, M_TEMP);
2370                                 error = EINVAL;
2371                                 break;
2372                         }
2373
2374                         error = cdreadtoc(periph, te->address_format, track,
2375                                           (u_int8_t *)data, sizeof(*data),
2376                                           /*sense_flags*/0);
2377                         if (error) {
2378                                 kfree(data, M_TEMP);
2379                                 break;
2380                         }
2381
2382                         if (softc->quirks & CD_Q_BCD_TRACKS)
2383                                 data->entry.track = bcd2bin(data->entry.track);
2384                         bcopy(&data->entry, &te->entry,
2385                               sizeof(struct cd_toc_entry));
2386                         kfree(data, M_TEMP);
2387                 }
2388                 break;
2389         case CDIOCSETPATCH:
2390                 {
2391                         struct ioc_patch *arg = (struct ioc_patch *)addr;
2392                         struct cd_mode_params params;
2393                         union cd_pages *page;
2394
2395                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2396                                   ("trying to do CDIOCSETPATCH\n"));
2397
2398                         params.alloc_len = sizeof(union cd_mode_data_6_10);
2399                         params.mode_buf = kmalloc(params.alloc_len, M_TEMP, 
2400                                                  M_WAITOK | M_ZERO);
2401                         error = cdgetmode(periph, &params, AUDIO_PAGE);
2402                         if (error) {
2403                                 kfree(params.mode_buf, M_TEMP);
2404                                 break;
2405                         }
2406                         page = cdgetpage(&params);
2407
2408                         page->audio.port[LEFT_PORT].channels = 
2409                                 arg->patch[0];
2410                         page->audio.port[RIGHT_PORT].channels = 
2411                                 arg->patch[1];
2412                         page->audio.port[2].channels = arg->patch[2];
2413                         page->audio.port[3].channels = arg->patch[3];
2414                         error = cdsetmode(periph, &params);
2415                         kfree(params.mode_buf, M_TEMP);
2416                 }
2417                 break;
2418         case CDIOCGETVOL:
2419                 {
2420                         struct ioc_vol *arg = (struct ioc_vol *) addr;
2421                         struct cd_mode_params params;
2422                         union cd_pages *page;
2423
2424                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2425                                   ("trying to do CDIOCGETVOL\n"));
2426
2427                         params.alloc_len = sizeof(union cd_mode_data_6_10);
2428                         params.mode_buf = kmalloc(params.alloc_len, M_TEMP, 
2429                                                  M_WAITOK | M_ZERO);
2430                         error = cdgetmode(periph, &params, AUDIO_PAGE);
2431                         if (error) {
2432                                 kfree(params.mode_buf, M_TEMP);
2433                                 break;
2434                         }
2435                         page = cdgetpage(&params);
2436
2437                         arg->vol[LEFT_PORT] = 
2438                                 page->audio.port[LEFT_PORT].volume;
2439                         arg->vol[RIGHT_PORT] = 
2440                                 page->audio.port[RIGHT_PORT].volume;
2441                         arg->vol[2] = page->audio.port[2].volume;
2442                         arg->vol[3] = page->audio.port[3].volume;
2443                         kfree(params.mode_buf, M_TEMP);
2444                 }
2445                 break;
2446         case CDIOCSETVOL:
2447                 {
2448                         struct ioc_vol *arg = (struct ioc_vol *) addr;
2449                         struct cd_mode_params params;
2450                         union cd_pages *page;
2451
2452                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2453                                   ("trying to do CDIOCSETVOL\n"));
2454
2455                         params.alloc_len = sizeof(union cd_mode_data_6_10);
2456                         params.mode_buf = kmalloc(params.alloc_len, M_TEMP, 
2457                                                  M_WAITOK | M_ZERO);
2458                         error = cdgetmode(periph, &params, AUDIO_PAGE);
2459                         if (error) {
2460                                 kfree(params.mode_buf, M_TEMP);
2461                                 break;
2462                         }
2463                         page = cdgetpage(&params);
2464
2465                         page->audio.port[LEFT_PORT].channels = CHANNEL_0;
2466                         page->audio.port[LEFT_PORT].volume = 
2467                                 arg->vol[LEFT_PORT];
2468                         page->audio.port[RIGHT_PORT].channels = CHANNEL_1;
2469                         page->audio.port[RIGHT_PORT].volume = 
2470                                 arg->vol[RIGHT_PORT];
2471                         page->audio.port[2].volume = arg->vol[2];
2472                         page->audio.port[3].volume = arg->vol[3];
2473                         error = cdsetmode(periph, &params);
2474                         kfree(params.mode_buf, M_TEMP);
2475                 }
2476                 break;
2477         case CDIOCSETMONO:
2478                 {
2479                         struct cd_mode_params params;
2480                         union cd_pages *page;
2481
2482                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2483                                   ("trying to do CDIOCSETMONO\n"));
2484
2485                         params.alloc_len = sizeof(union cd_mode_data_6_10);
2486                         params.mode_buf = kmalloc(params.alloc_len, M_TEMP,
2487                                                  M_WAITOK | M_ZERO);
2488                         error = cdgetmode(periph, &params, AUDIO_PAGE);
2489                         if (error) {
2490                                 kfree(params.mode_buf, M_TEMP);
2491                                 break;
2492                         }
2493                         page = cdgetpage(&params);
2494
2495                         page->audio.port[LEFT_PORT].channels = 
2496                                 LEFT_CHANNEL | RIGHT_CHANNEL;
2497                         page->audio.port[RIGHT_PORT].channels = 
2498                                 LEFT_CHANNEL | RIGHT_CHANNEL;
2499                         page->audio.port[2].channels = 0;
2500                         page->audio.port[3].channels = 0;
2501                         error = cdsetmode(periph, &params);
2502                         kfree(params.mode_buf, M_TEMP);
2503                 }
2504                 break;
2505         case CDIOCSETSTEREO:
2506                 {
2507                         struct cd_mode_params params;
2508                         union cd_pages *page;
2509
2510                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2511                                   ("trying to do CDIOCSETSTEREO\n"));
2512
2513                         params.alloc_len = sizeof(union cd_mode_data_6_10);
2514                         params.mode_buf = kmalloc(params.alloc_len, M_TEMP,
2515                                                  M_WAITOK | M_ZERO);
2516                         error = cdgetmode(periph, &params, AUDIO_PAGE);
2517                         if (error) {
2518                                 kfree(params.mode_buf, M_TEMP);
2519                                 break;
2520                         }
2521                         page = cdgetpage(&params);
2522
2523                         page->audio.port[LEFT_PORT].channels = 
2524                                 LEFT_CHANNEL;
2525                         page->audio.port[RIGHT_PORT].channels = 
2526                                 RIGHT_CHANNEL;
2527                         page->audio.port[2].channels = 0;
2528                         page->audio.port[3].channels = 0;
2529                         error = cdsetmode(periph, &params);
2530                         kfree(params.mode_buf, M_TEMP);
2531                 }
2532                 break;
2533         case CDIOCSETMUTE:
2534                 {
2535                         struct cd_mode_params params;
2536                         union cd_pages *page;
2537
2538                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2539                                   ("trying to do CDIOCSETMUTE\n"));
2540
2541                         params.alloc_len = sizeof(union cd_mode_data_6_10);
2542                         params.mode_buf = kmalloc(params.alloc_len, M_TEMP,
2543                                                  M_WAITOK | M_ZERO);
2544                         error = cdgetmode(periph, &params, AUDIO_PAGE);
2545                         if (error) {
2546                                 kfree(&params, M_TEMP);
2547                                 break;
2548                         }
2549                         page = cdgetpage(&params);
2550
2551                         page->audio.port[LEFT_PORT].channels = 0;
2552                         page->audio.port[RIGHT_PORT].channels = 0;
2553                         page->audio.port[2].channels = 0;
2554                         page->audio.port[3].channels = 0;
2555                         error = cdsetmode(periph, &params);
2556                         kfree(params.mode_buf, M_TEMP);
2557                 }
2558                 break;
2559         case CDIOCSETLEFT:
2560                 {
2561                         struct cd_mode_params params;
2562                         union cd_pages *page;
2563
2564                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2565                                   ("trying to do CDIOCSETLEFT\n"));
2566
2567                         params.alloc_len = sizeof(union cd_mode_data_6_10);
2568                         params.mode_buf = kmalloc(params.alloc_len, M_TEMP,
2569                                                  M_WAITOK | M_ZERO);
2570                         
2571                         error = cdgetmode(periph, &params, AUDIO_PAGE);
2572                         if (error) {
2573                                 kfree(params.mode_buf, M_TEMP);
2574                                 break;
2575                         }
2576                         page = cdgetpage(&params);
2577
2578                         page->audio.port[LEFT_PORT].channels = LEFT_CHANNEL;
2579                         page->audio.port[RIGHT_PORT].channels = LEFT_CHANNEL;
2580                         page->audio.port[2].channels = 0;
2581                         page->audio.port[3].channels = 0;
2582                         error = cdsetmode(periph, &params);
2583                         kfree(params.mode_buf, M_TEMP);
2584                 }
2585                 break;
2586         case CDIOCSETRIGHT:
2587                 {
2588                         struct cd_mode_params params;
2589                         union cd_pages *page;
2590
2591                         CAM_DEBUG(periph->path, CAM_DEBUG_SUBTRACE, 
2592                                   ("trying to do CDIOCSETRIGHT\n"));
2593
2594                         params.alloc_len = sizeof(union cd_mode_data_6_10);
2595                         params.mode_buf = kmalloc(params.alloc_len, M_TEMP,
2596                                                  M_WAITOK | M_ZERO);
2597
2598                         error = cdgetmode(periph, &params, AUDIO_PAGE);
2599                         if (error) {
2600                                 kfree(params.mode_buf, M_TEMP);
2601                                 break;
2602                         }
2603                         page = cdgetpage(&params);
2604
2605                         page->audio.port[LEFT_PORT].channels = RIGHT_CHANNEL;
2606                         page->audio.port[RIGHT_PORT].channels = RIGHT_CHANNEL;
2607                         page->audio.port[2].channels = 0;
2608                         page->audio.port[3].channels = 0;
2609                         error = cdsetmode(periph, &params);
2610                         kfree(params.mode_buf, M_TEMP);
2611                 }
2612                 break;
2613         case CDIOCRESUME:
2614                 error = cdpause(periph, 1);
2615                 break;
2616         case CDIOCPAUSE:
2617                 error = cdpause(periph, 0);
2618                 break;
2619         case CDIOCSTART:
2620                 error = cdstartunit(periph, 0);
2621                 break;
2622         case CDIOCCLOSE:
2623                 error = cdstartunit(periph, 1);
2624
2625 #ifdef notyet
2626                 if (error != 0)
2627                         break;
2628
2629                 /*
2630                  * The user successfully closed the tray, run
2631                  * cdcheckmedia() again so we can re-sync the disklabel
2632                  * information.
2633                  */
2634                 cdcheckmedia(periph);
2635 #endif /* notyet */
2636                 break;
2637         case CDIOCSTOP:
2638                 error = cdstopunit(periph, 0);
2639                 break;
2640         case CDIOCEJECT:
2641                 error = cdstopunit(periph, 1);
2642
2643 #ifdef notyet
2644                 if (error != 0)
2645                         break;
2646
2647                 /*
2648                  * Since we've successfully ejected the media, run
2649                  * cdcheckmedia() again so we re-sync the disklabel
2650                  * information.
2651                  */
2652                 cdcheckmedia(periph);
2653 #endif /* notyet */
2654                 break;
2655         case CDIOCALLOW:
2656                 cdprevent(periph, PR_ALLOW);
2657                 break;
2658         case CDIOCPREVENT:
2659                 cdprevent(periph, PR_PREVENT);
2660                 break;
2661         case CDIOCSETDEBUG:
2662                 /* sc_link->flags |= (SDEV_DB1 | SDEV_DB2); */
2663                 error = ENOTTY;
2664                 break;
2665         case CDIOCCLRDEBUG:
2666                 /* sc_link->flags &= ~(SDEV_DB1 | SDEV_DB2); */
2667                 error = ENOTTY;
2668                 break;
2669         case CDIOCRESET:
2670                 /* return (cd_reset(periph)); */
2671                 error = ENOTTY;
2672                 break;
2673         case CDRIOCREADSPEED:
2674                 error = cdsetspeed(periph, *(u_int32_t *)addr, CDR_MAX_SPEED);
2675                 break;
2676         case CDRIOCWRITESPEED:
2677                 error = cdsetspeed(periph, CDR_MAX_SPEED, *(u_int32_t *)addr);
2678                 break;
2679         case DVDIOCSENDKEY:
2680         case DVDIOCREPORTKEY: {
2681                 struct dvd_authinfo *authinfo;
2682
2683                 authinfo = (struct dvd_authinfo *)addr;
2684
2685                 if (ap->a_cmd == DVDIOCREPORTKEY)
2686                         error = cdreportkey(periph, authinfo);
2687                 else
2688                         error = cdsendkey(periph, authinfo);
2689                 break;
2690         }
2691         case DVDIOCREADSTRUCTURE: {
2692                 struct dvd_struct *dvdstruct;
2693
2694                 dvdstruct = (struct dvd_struct *)addr;
2695
2696                 error = cdreaddvdstructure(periph, dvdstruct);
2697
2698                 break;
2699         }
2700         default:
2701                 error = cam_periph_ioctl(periph, ap->a_cmd, addr, cderror);
2702                 break;
2703         }
2704
2705         cam_periph_unlock(periph);
2706
2707         CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, ("leaving cdioctl\n"));
2708
2709         return (error);
2710 }
2711
2712 static void
2713 cdprevent(struct cam_periph *periph, int action)
2714 {
2715         union   ccb *ccb;
2716         struct  cd_softc *softc;
2717         int     error;
2718
2719         CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, ("entering cdprevent\n"));
2720
2721         softc = (struct cd_softc *)periph->softc;
2722         
2723         if (((action == PR_ALLOW)
2724           && (softc->flags & CD_FLAG_DISC_LOCKED) == 0)
2725          || ((action == PR_PREVENT)
2726           && (softc->flags & CD_FLAG_DISC_LOCKED) != 0)) {
2727                 return;
2728         }
2729             
2730         ccb = cdgetccb(periph, /* priority */ 1);
2731
2732         scsi_prevent(&ccb->csio, 
2733                      /*retries*/ 1,
2734                      cddone,
2735                      MSG_SIMPLE_Q_TAG,
2736                      action,
2737                      SSD_FULL_SIZE,
2738                      /* timeout */60000);
2739         
2740         error = cdrunccb(ccb, cderror, /*cam_flags*/0,
2741                         /*sense_flags*/SF_RETRY_UA|SF_NO_PRINT|SF_RETRY_SELTO);
2742
2743         xpt_release_ccb(ccb);
2744
2745         if (error == 0) {
2746                 if (action == PR_ALLOW)
2747                         softc->flags &= ~CD_FLAG_DISC_LOCKED;
2748                 else
2749                         softc->flags |= CD_FLAG_DISC_LOCKED;
2750         }
2751 }
2752
2753 int
2754 cdcheckmedia(struct cam_periph *periph)
2755 {
2756         struct cd_softc *softc;
2757         struct ioc_toc_header *toch;
2758         struct cd_toc_single leadout;
2759         struct ccb_getdev cgd;
2760         u_int32_t size, toclen;
2761         int error, num_entries, cdindex;
2762         int first_track_audio;
2763         struct disklabel *label;
2764
2765         softc = (struct cd_softc *)periph->softc;
2766
2767         first_track_audio = -1;
2768         error = 0;
2769
2770         cdprevent(periph, PR_PREVENT);
2771
2772         /*
2773          * Build prototype label for whole disk.
2774          * Should take information about different data tracks from the
2775          * TOC and put it in the partition table.
2776          */
2777         label = &softc->disk.d_label;
2778         bzero(label, sizeof(*label));
2779         label->d_type = DTYPE_SCSI;
2780
2781         /*
2782          * Grab the inquiry data to get the vendor and product names.
2783          * Put them in the typename and packname for the label.
2784          */
2785         xpt_setup_ccb(&cgd.ccb_h, periph->path, /*priority*/ 1);
2786         cgd.ccb_h.func_code = XPT_GDEV_TYPE;
2787         xpt_action((union ccb *)&cgd);
2788
2789         strncpy(label->d_typename, cgd.inq_data.vendor,
2790                 min(SID_VENDOR_SIZE, sizeof(label->d_typename)));
2791         strncpy(label->d_packname, cgd.inq_data.product,
2792                 min(SID_PRODUCT_SIZE, sizeof(label->d_packname)));
2793                 
2794         label->d_flags = D_REMOVABLE;
2795         /*
2796          * Make partition 'a' cover the whole disk.  This is a temporary
2797          * compatibility hack.  The 'a' partition should not exist, so
2798          * the slice code won't create it.  The slice code will make
2799          * partition (RAW_PART + 'a') cover the whole disk and fill in
2800          * some more defaults.
2801          */
2802         label->d_partitions[0].p_size = label->d_secperunit;
2803         label->d_partitions[0].p_fstype = FS_OTHER;
2804
2805         /*
2806          * Default to not reading the disklabel off the disk, until we can
2807          * verify that we have media, that we have a table of contents, and
2808          * that the first track is a data track (which could theoretically
2809          * contain a disklabel).
2810          */
2811         softc->disk.d_dsflags &= ~DSO_COMPATLABEL;
2812         softc->disk.d_dsflags |= DSO_NOLABELS;
2813
2814         /*
2815          * Clear the valid media and TOC flags until we've verified that we
2816          * have both.
2817          */
2818         softc->flags &= ~(CD_FLAG_VALID_MEDIA|CD_FLAG_VALID_TOC);
2819
2820         /*
2821          * Get the disc size and block size.  If we can't get it, we don't
2822          * have media, most likely.
2823          */
2824         if ((error = cdsize(periph, &size)) != 0) {
2825                 /*
2826                  * Set a bogus sector size, so the slice code won't try to
2827                  * divide by 0 and panic the kernel.
2828                  */
2829                 label->d_secsize = 2048;
2830
2831                 label->d_secperunit = 0;
2832
2833                 /*
2834                  * XXX KDM is this a good idea?  Seems to cause more
2835                  * problems.
2836                  */
2837                 if (softc->flags & CD_FLAG_OPEN) {
2838                         int force;
2839
2840                         force = 1;
2841
2842                         /*
2843                          * We don't bother checking the return value here,
2844                          * since we already have an error...
2845                          */
2846                         dsioctl(softc->disk.d_cdev, DIOCSYNCSLICEINFO,
2847                                 /*data*/(caddr_t)&force, /*flags*/ 0,
2848                                 &softc->disk.d_slice);
2849                 }
2850
2851                 /*
2852                  * Tell devstat(9) we don't have a blocksize.
2853                  */
2854                 softc->device_stats.flags |= DEVSTAT_BS_UNAVAILABLE;
2855
2856                 cdprevent(periph, PR_ALLOW);
2857
2858                 return (error);
2859         } else {
2860
2861                 label->d_secsize = softc->params.blksize;
2862                 label->d_secperunit = softc->params.disksize;
2863
2864                 /*
2865                  * Force a re-sync of slice information, like the blocksize,
2866                  * now that we know it.  It isn't pretty...but according to
2867                  * Bruce Evans, this is probably the best way to do it in
2868                  * -stable.  We only do this if we're already open, and
2869                  * therefore dsopen() has already run.  If CD_FLAG_OPEN
2870                  * isn't set, this isn't necessary.
2871                  */
2872                 if (softc->flags & CD_FLAG_OPEN) {
2873                         int force;
2874
2875                         force = 1;
2876
2877                         error = dsioctl(softc->disk.d_cdev, DIOCSYNCSLICEINFO,
2878                                         /*data*/(caddr_t)&force, /*flags*/ 0,
2879                                         &softc->disk.d_slice);
2880                         if (error != 0) {
2881                                 /*
2882                                  * Set a bogus sector size, so the slice code
2883                                  * won't try to divide by 0 and panic the
2884                                  * kernel.
2885                                  */
2886                                 label->d_secsize = 2048;
2887
2888                                 label->d_secperunit = 0;
2889
2890                                 /*
2891                                  * Tell devstat(9) we don't have a blocksize.
2892                                  */
2893                                 softc->device_stats.flags |=
2894                                         DEVSTAT_BS_UNAVAILABLE;
2895
2896                                 cdprevent(periph, PR_ALLOW);
2897                         }
2898                 }
2899
2900                 /*
2901                  * We unconditionally (re)set the blocksize each time the
2902                  * CD device is opened.  This is because the CD can change,
2903                  * and therefore the blocksize might change.
2904                  * XXX problems here if some slice or partition is still
2905                  * open with the old size?
2906                  */
2907                 if ((softc->device_stats.flags & DEVSTAT_BS_UNAVAILABLE) != 0)
2908                         softc->device_stats.flags &= ~DEVSTAT_BS_UNAVAILABLE;
2909                 softc->device_stats.block_size = softc->params.blksize;
2910
2911                 softc->flags |= CD_FLAG_VALID_MEDIA;
2912         }
2913
2914         /*
2915          * Now we check the table of contents.  This (currently) is only
2916          * used for the CDIOCPLAYTRACKS ioctl.  It may be used later to do
2917          * things like present a separate entry in /dev for each track,
2918          * like that acd(4) driver does.
2919          */
2920         bzero(&softc->toc, sizeof(softc->toc));
2921         toch = &softc->toc.header;
2922
2923         /*
2924          * We will get errors here for media that doesn't have a table of
2925          * contents.  According to the MMC-3 spec: "When a Read TOC/PMA/ATIP
2926          * command is presented for a DDCD/CD-R/RW media, where the first TOC
2927          * has not been recorded (no complete session) and the Format codes
2928          * 0000b, 0001b, or 0010b are specified, this command shall be rejected
2929          * with an INVALID FIELD IN CDB.  Devices that are not capable of
2930          * reading an incomplete session on DDC/CD-R/RW media shall report
2931          * CANNOT READ MEDIUM - INCOMPATIBLE FORMAT."
2932          *
2933          * So this isn't fatal if we can't read the table of contents, it
2934          * just means that the user won't be able to issue the play tracks
2935          * ioctl, and likely lots of other stuff won't work either.  They
2936          * need to burn the CD before we can do a whole lot with it.  So
2937          * we don't print anything here if we get an error back.
2938          */
2939         error = cdreadtoc(periph, 0, 0, (u_int8_t *)toch, sizeof(*toch),
2940                           SF_NO_PRINT);
2941         /*
2942          * Errors in reading the table of contents aren't fatal, we just
2943          * won't have a valid table of contents cached.
2944          */
2945         if (error != 0) {
2946                 error = 0;
2947                 bzero(&softc->toc, sizeof(softc->toc));
2948                 goto bailout;
2949         }
2950
2951         if (softc->quirks & CD_Q_BCD_TRACKS) {
2952                 toch->starting_track = bcd2bin(toch->starting_track);
2953                 toch->ending_track = bcd2bin(toch->ending_track);
2954         }
2955
2956         /* Number of TOC entries, plus leadout */
2957         num_entries = (toch->ending_track - toch->starting_track) + 2;
2958
2959         if (num_entries <= 0)
2960                 goto bailout;
2961
2962         toclen = num_entries * sizeof(struct cd_toc_entry);
2963
2964         error = cdreadtoc(periph, CD_MSF_FORMAT, toch->starting_track,
2965                           (u_int8_t *)&softc->toc, toclen + sizeof(*toch),
2966                           SF_NO_PRINT);
2967         if (error != 0) {
2968                 error = 0;
2969                 bzero(&softc->toc, sizeof(softc->toc));
2970                 goto bailout;
2971         }
2972
2973         if (softc->quirks & CD_Q_BCD_TRACKS) {
2974                 toch->starting_track = bcd2bin(toch->starting_track);
2975                 toch->ending_track = bcd2bin(toch->ending_track);
2976         }
2977         toch->len = scsi_2btoul((uint8_t *)&toch->len);
2978
2979         /*
2980          * XXX KDM is this necessary?  Probably only if the drive doesn't
2981          * return leadout information with the table of contents.
2982          */
2983         cdindex = toch->starting_track + num_entries -1;
2984         if (cdindex == toch->ending_track + 1) {
2985
2986                 error = cdreadtoc(periph, CD_MSF_FORMAT, LEADOUT, 
2987                                   (u_int8_t *)&leadout, sizeof(leadout),
2988                                   SF_NO_PRINT);
2989                 if (error != 0) {
2990                         error = 0;
2991                         goto bailout;
2992                 }
2993                 softc->toc.entries[cdindex - toch->starting_track] =
2994                         leadout.entry;
2995         }
2996         if (softc->quirks & CD_Q_BCD_TRACKS) {
2997                 for (cdindex = 0; cdindex < (num_entries - 1); cdindex++) {
2998                         softc->toc.entries[cdindex].track =
2999                                 bcd2bin(softc->toc.entries[cdindex].track);
3000                 }
3001         }
3002
3003         /*
3004          * Run through the TOC entries, find the first entry and determine
3005          * whether it is an audio or data track.
3006          */
3007         for (cdindex = 0; cdindex < (num_entries - 1); cdindex++) {
3008                 if (softc->toc.entries[cdindex].track == toch->starting_track) {
3009                         if (softc->toc.entries[cdindex].control & 0x04)
3010                                 first_track_audio = 0;
3011                         else
3012                                 first_track_audio = 1;
3013                         break;
3014                 }
3015         }
3016
3017         /*
3018          * If first_track_audio is non-zero, we either have an error (e.g.
3019          * couldn't find the starting track) or the first track is an audio
3020          * track.  If first_track_audio is 0, the first track is a data
3021          * track that could have a disklabel.  Attempt to read the
3022          * disklabel off the media, just in case the user put one there.
3023          */
3024         if (first_track_audio == 0) {
3025                 softc->disk.d_dsflags |= DSO_COMPATLABEL;
3026                 softc->disk.d_dsflags &= ~DSO_NOLABELS;
3027         }
3028         softc->flags |= CD_FLAG_VALID_TOC;
3029
3030 bailout:
3031         return (error);
3032 }
3033
3034 static int
3035 cdsize(struct cam_periph *periph, u_int32_t *size)
3036 {
3037         struct cd_softc *softc;
3038         union ccb *ccb;
3039         struct scsi_read_capacity_data *rcap_buf;
3040         int error;
3041
3042         CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, ("entering cdsize\n"));
3043
3044         softc = (struct cd_softc *)periph->softc;
3045              
3046         ccb = cdgetccb(periph, /* priority */ 1);
3047
3048         rcap_buf = kmalloc(sizeof(struct scsi_read_capacity_data), 
3049                           M_TEMP, M_INTWAIT | M_ZERO);
3050
3051         scsi_read_capacity(&ccb->csio, 
3052                            /*retries*/ 1,
3053                            cddone,
3054                            MSG_SIMPLE_Q_TAG,
3055                            rcap_buf,
3056                            SSD_FULL_SIZE,
3057                            /* timeout */20000);
3058
3059         error = cdrunccb(ccb, cderror, /*cam_flags*/0,
3060                          /*sense_flags*/SF_RETRY_UA|SF_NO_PRINT|SF_RETRY_SELTO);
3061
3062         xpt_release_ccb(ccb);
3063
3064         softc->params.disksize = scsi_4btoul(rcap_buf->addr) + 1;
3065         softc->params.blksize  = scsi_4btoul(rcap_buf->length);
3066         /*
3067          * SCSI-3 mandates that the reported blocksize shall be 2048.
3068          * Older drives sometimes report funny values, trim it down to
3069          * 2048, or other parts of the kernel will get confused.
3070          *
3071          * XXX we leave drives alone that might report 512 bytes, as
3072          * well as drives reporting more weird sizes like perhaps 4K.
3073          */
3074         if (softc->params.blksize > 2048 && softc->params.blksize <= 2352)
3075                 softc->params.blksize = 2048;
3076
3077         kfree(rcap_buf, M_TEMP);
3078         *size = softc->params.disksize;
3079
3080         return (error);
3081
3082 }
3083
3084 static int
3085 cd6byteworkaround(union ccb *ccb)
3086 {
3087         u_int8_t *cdb;
3088         struct cam_periph *periph;
3089         struct cd_softc *softc;
3090         struct cd_mode_params *params;
3091         int frozen, found;
3092
3093         periph = xpt_path_periph(ccb->ccb_h.path);
3094         softc = (struct cd_softc *)periph->softc;
3095
3096         cdb = ccb->csio.cdb_io.cdb_bytes;
3097
3098         if ((ccb->ccb_h.flags & CAM_CDB_POINTER)
3099          || ((cdb[0] != MODE_SENSE_6)
3100           && (cdb[0] != MODE_SELECT_6)))
3101                 return (0);
3102
3103         /*
3104          * Because there is no convenient place to stash the overall
3105          * cd_mode_params structure pointer, we have to grab it like this.
3106          * This means that ALL MODE_SENSE and MODE_SELECT requests in the
3107          * cd(4) driver MUST go through cdgetmode() and cdsetmode()!
3108          *
3109          * XXX It would be nice if, at some point, we could increase the
3110          * number of available peripheral private pointers.  Both pointers
3111          * are currently used in most every peripheral driver.
3112          */
3113         found = 0;
3114
3115         STAILQ_FOREACH(params, &softc->mode_queue, links) {
3116                 if (params->mode_buf == ccb->csio.data_ptr) {
3117                         found = 1;
3118                         break;
3119                 }
3120         }
3121
3122         /*
3123          * This shouldn't happen.  All mode sense and mode select
3124          * operations in the cd(4) driver MUST go through cdgetmode() and
3125          * cdsetmode()!
3126          */
3127         if (found == 0) {
3128                 xpt_print_path(periph->path);
3129                 printf("mode buffer not found in mode queue!\n");
3130                 return (0);
3131         }
3132
3133         params->cdb_size = 10;
3134         softc->minimum_command_size = 10;
3135         xpt_print_path(ccb->ccb_h.path);
3136         printf("%s(6) failed, increasing minimum CDB size to 10 bytes\n",
3137                (cdb[0] == MODE_SENSE_6) ? "MODE_SENSE" : "MODE_SELECT");
3138
3139         if (cdb[0] == MODE_SENSE_6) {
3140                 struct scsi_mode_sense_10 ms10;
3141                 struct scsi_mode_sense_6 *ms6;
3142                 int len;
3143
3144                 ms6 = (struct scsi_mode_sense_6 *)cdb;
3145
3146                 bzero(&ms10, sizeof(ms10));
3147                 ms10.opcode = MODE_SENSE_10;
3148                 ms10.byte2 = ms6->byte2;
3149                 ms10.page = ms6->page;
3150
3151                 /*
3152                  * 10 byte mode header, block descriptor,
3153                  * sizeof(union cd_pages)
3154                  */
3155                 len = sizeof(struct cd_mode_data_10);
3156                 ccb->csio.dxfer_len = len;
3157
3158                 scsi_ulto2b(len, ms10.length);
3159                 ms10.control = ms6->control;
3160                 bcopy(&ms10, cdb, 10);
3161                 ccb->csio.cdb_len = 10;
3162         } else {
3163                 struct scsi_mode_select_10 ms10;
3164                 struct scsi_mode_select_6 *ms6;
3165                 struct scsi_mode_header_6 *header6;
3166                 struct scsi_mode_header_10 *header10;
3167                 struct scsi_mode_page_header *page_header;
3168                 int blk_desc_len, page_num, page_size, len;
3169
3170                 ms6 = (struct scsi_mode_select_6 *)cdb;
3171
3172                 bzero(&ms10, sizeof(ms10));
3173                 ms10.opcode = MODE_SELECT_10;
3174                 ms10.byte2 = ms6->byte2;
3175
3176                 header6 = (struct scsi_mode_header_6 *)params->mode_buf;
3177                 header10 = (struct scsi_mode_header_10 *)params->mode_buf;
3178
3179                 page_header = find_mode_page_6(header6);
3180                 page_num = page_header->page_code;
3181
3182                 blk_desc_len = header6->blk_desc_len;
3183
3184                 page_size = cdgetpagesize(page_num);
3185
3186                 if (page_size != (page_header->page_length +
3187                     sizeof(*page_header)))
3188                         page_size = page_header->page_length +
3189                                 sizeof(*page_header);
3190
3191                 len = sizeof(*header10) + blk_desc_len + page_size;
3192
3193                 len = min(params->alloc_len, len);
3194
3195                 /*
3196                  * Since the 6 byte parameter header is shorter than the 10
3197                  * byte parameter header, we need to copy the actual mode
3198                  * page data, and the block descriptor, if any, so things wind
3199                  * up in the right place.  The regions will overlap, but
3200                  * bcopy() does the right thing.
3201                  */
3202                 bcopy(params->mode_buf + sizeof(*header6),
3203                       params->mode_buf + sizeof(*header10),
3204                       len - sizeof(*header10));
3205
3206                 /* Make sure these fields are set correctly. */
3207                 scsi_ulto2b(0, header10->data_length);
3208                 header10->medium_type = 0;
3209                 scsi_ulto2b(blk_desc_len, header10->blk_desc_len);
3210
3211                 ccb->csio.dxfer_len = len;
3212
3213                 scsi_ulto2b(len, ms10.length);
3214                 ms10.control = ms6->control;
3215                 bcopy(&ms10, cdb, 10);
3216                 ccb->csio.cdb_len = 10;
3217         }
3218
3219         frozen = (ccb->ccb_h.status & CAM_DEV_QFRZN) != 0;
3220         ccb->ccb_h.status = CAM_REQUEUE_REQ;
3221         xpt_action(ccb);
3222         if (frozen) {
3223                 cam_release_devq(ccb->ccb_h.path,
3224                                  /*relsim_flags*/0,
3225                                  /*openings*/0,
3226                                  /*timeout*/0,
3227                                  /*getcount_only*/0);
3228         }
3229
3230         return (ERESTART);
3231 }
3232
3233 static int
3234 cderror(union ccb *ccb, u_int32_t cam_flags, u_int32_t sense_flags)
3235 {
3236         struct cd_softc *softc;
3237         struct cam_periph *periph;
3238         int error;
3239
3240         periph = xpt_path_periph(ccb->ccb_h.path);
3241         softc = (struct cd_softc *)periph->softc;
3242
3243         error = 0;
3244
3245         /*
3246          * We use a status of CAM_REQ_INVALID as shorthand -- if a 6 byte
3247          * CDB comes back with this particular error, try transforming it
3248          * into the 10 byte version.
3249          */
3250         if ((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_INVALID) {
3251                 error = cd6byteworkaround(ccb);
3252         } else if (((ccb->ccb_h.status & CAM_STATUS_MASK) ==
3253                      CAM_SCSI_STATUS_ERROR)
3254          && (ccb->ccb_h.status & CAM_AUTOSNS_VALID)
3255          && (ccb->csio.scsi_status == SCSI_STATUS_CHECK_COND)
3256          && ((ccb->ccb_h.flags & CAM_SENSE_PHYS) == 0)
3257          && ((ccb->ccb_h.flags & CAM_SENSE_PTR) == 0)) {
3258                 int sense_key, error_code, asc, ascq;
3259
3260                 scsi_extract_sense(&ccb->csio.sense_data,
3261                                    &error_code, &sense_key, &asc, &ascq);
3262                 if (sense_key == SSD_KEY_ILLEGAL_REQUEST)
3263                         error = cd6byteworkaround(ccb);
3264         }
3265
3266         if (error == ERESTART)
3267                 return (error);
3268
3269         /*
3270          * XXX
3271          * Until we have a better way of doing pack validation,
3272          * don't treat UAs as errors.
3273          */
3274         sense_flags |= SF_RETRY_UA;
3275         return (cam_periph_error(ccb, cam_flags, sense_flags, 
3276                                  &softc->saved_ccb));
3277 }
3278
3279 /*
3280  * Read table of contents
3281  */
3282 static int 
3283 cdreadtoc(struct cam_periph *periph, u_int32_t mode, u_int32_t start, 
3284           u_int8_t *data, u_int32_t len, u_int32_t sense_flags)
3285 {
3286         struct scsi_read_toc *scsi_cmd;
3287         u_int32_t ntoc;
3288         struct ccb_scsiio *csio;
3289         union ccb *ccb;
3290         int error;
3291
3292         ntoc = len;
3293         error = 0;
3294
3295         ccb = cdgetccb(periph, /* priority */ 1);
3296
3297         csio = &ccb->csio;
3298
3299         cam_fill_csio(csio, 
3300                       /* retries */ 1, 
3301                       /* cbfcnp */ cddone, 
3302                       /* flags */ CAM_DIR_IN,
3303                       /* tag_action */ MSG_SIMPLE_Q_TAG,
3304                       /* data_ptr */ data,
3305                       /* dxfer_len */ len,
3306                       /* sense_len */ SSD_FULL_SIZE,
3307                       sizeof(struct scsi_read_toc),
3308                       /* timeout */ 50000);
3309
3310         scsi_cmd = (struct scsi_read_toc *)&csio->cdb_io.cdb_bytes;
3311         bzero (scsi_cmd, sizeof(*scsi_cmd));
3312
3313         if (mode == CD_MSF_FORMAT)
3314                 scsi_cmd->byte2 |= CD_MSF;
3315         scsi_cmd->from_track = start;
3316         /* scsi_ulto2b(ntoc, (u_int8_t *)scsi_cmd->data_len); */
3317         scsi_cmd->data_len[0] = (ntoc) >> 8;
3318         scsi_cmd->data_len[1] = (ntoc) & 0xff;
3319
3320         scsi_cmd->op_code = READ_TOC;
3321
3322         error = cdrunccb(ccb, cderror, /*cam_flags*/0,
3323                          /*sense_flags*/SF_RETRY_UA | SF_RETRY_SELTO |
3324                          sense_flags);
3325
3326         xpt_release_ccb(ccb);
3327
3328         return(error);
3329 }
3330
3331 static int
3332 cdreadsubchannel(struct cam_periph *periph, u_int32_t mode, 
3333                  u_int32_t format, int track, 
3334                  struct cd_sub_channel_info *data, u_int32_t len) 
3335 {
3336         struct scsi_read_subchannel *scsi_cmd;
3337         struct ccb_scsiio *csio;
3338         union ccb *ccb;
3339         int error;
3340
3341         error = 0;
3342
3343         ccb = cdgetccb(periph, /* priority */ 1);
3344
3345         csio = &ccb->csio;
3346
3347         cam_fill_csio(csio, 
3348                       /* retries */ 1, 
3349                       /* cbfcnp */ cddone, 
3350                       /* flags */ CAM_DIR_IN,
3351                       /* tag_action */ MSG_SIMPLE_Q_TAG,
3352                       /* data_ptr */ (u_int8_t *)data,
3353                       /* dxfer_len */ len,
3354                       /* sense_len */ SSD_FULL_SIZE,
3355                       sizeof(struct scsi_read_subchannel),
3356                       /* timeout */ 50000);
3357
3358         scsi_cmd = (struct scsi_read_subchannel *)&csio->cdb_io.cdb_bytes;
3359         bzero (scsi_cmd, sizeof(*scsi_cmd));
3360
3361         scsi_cmd->op_code = READ_SUBCHANNEL;
3362         if (mode == CD_MSF_FORMAT)
3363                 scsi_cmd->byte1 |= CD_MSF;
3364         scsi_cmd->byte2 = SRS_SUBQ;
3365         scsi_cmd->subchan_format = format;
3366         scsi_cmd->track = track;
3367         scsi_ulto2b(len, (u_int8_t *)scsi_cmd->data_len);
3368         scsi_cmd->control = 0;
3369
3370         error = cdrunccb(ccb, cderror, /*cam_flags*/0,
3371                          /*sense_flags*/SF_RETRY_UA|SF_RETRY_SELTO);
3372
3373         xpt_release_ccb(ccb);
3374
3375         return(error);
3376 }
3377
3378 /*
3379  * All MODE_SENSE requests in the cd(4) driver MUST go through this
3380  * routine.  See comments in cd6byteworkaround() for details.
3381  */
3382 static int
3383 cdgetmode(struct cam_periph *periph, struct cd_mode_params *data,
3384           u_int32_t page)
3385 {
3386         struct ccb_scsiio *csio;
3387         struct cd_softc *softc;
3388         union ccb *ccb;
3389         int param_len;
3390         int error;
3391
3392         softc = (struct cd_softc *)periph->softc;
3393
3394         ccb = cdgetccb(periph, /* priority */ 1);
3395
3396         csio = &ccb->csio;
3397
3398         data->cdb_size = softc->minimum_command_size;
3399         if (data->cdb_size < 10)
3400                 param_len = sizeof(struct cd_mode_data);
3401         else
3402                 param_len = sizeof(struct cd_mode_data_10);
3403
3404         /* Don't say we've got more room than we actually allocated */
3405         param_len = min(param_len, data->alloc_len);
3406
3407         scsi_mode_sense_len(csio,
3408                             /* retries */ 1,
3409                             /* cbfcnp */ cddone,
3410                             /* tag_action */ MSG_SIMPLE_Q_TAG,
3411                             /* dbd */ 0,
3412                             /* page_code */ SMS_PAGE_CTRL_CURRENT,
3413                             /* page */ page,
3414                             /* param_buf */ data->mode_buf,
3415                             /* param_len */ param_len,
3416                             /* minimum_cmd_size */ softc->minimum_command_size,
3417                             /* sense_len */ SSD_FULL_SIZE,
3418                             /* timeout */ 50000);
3419
3420         /*
3421          * It would be nice not to have to do this, but there's no
3422          * available pointer in the CCB that would allow us to stuff the
3423          * mode params structure in there and retrieve it in
3424          * cd6byteworkaround(), so we can set the cdb size.  The cdb size
3425          * lets the caller know what CDB size we ended up using, so they
3426          * can find the actual mode page offset.
3427          */
3428         STAILQ_INSERT_TAIL(&softc->mode_queue, data, links);
3429
3430         error = cdrunccb(ccb, cderror, /*cam_flags*/0,
3431                          /*sense_flags*/SF_RETRY_UA|SF_RETRY_SELTO);
3432
3433         xpt_release_ccb(ccb);
3434
3435         STAILQ_REMOVE(&softc->mode_queue, data, cd_mode_params, links);
3436
3437         /*
3438          * This is a bit of belt-and-suspenders checking, but if we run
3439          * into a situation where the target sends back multiple block
3440          * descriptors, we might not have enough space in the buffer to
3441          * see the whole mode page.  Better to return an error than
3442          * potentially access memory beyond our malloced region.
3443          */
3444         if (error == 0) {
3445                 u_int32_t data_len;
3446
3447                 if (data->cdb_size == 10) {
3448                         struct scsi_mode_header_10 *hdr10;
3449
3450                         hdr10 = (struct scsi_mode_header_10 *)data->mode_buf;
3451                         data_len = scsi_2btoul(hdr10->data_length);
3452                         data_len += sizeof(hdr10->data_length);
3453                 } else {
3454                         struct scsi_mode_header_6 *hdr6;
3455
3456                         hdr6 = (struct scsi_mode_header_6 *)data->mode_buf;
3457                         data_len = hdr6->data_length;
3458                         data_len += sizeof(hdr6->data_length);
3459                 }
3460
3461                 /*
3462                  * Complain if there is more mode data available than we
3463                  * allocated space for.  This could potentially happen if
3464                  * we miscalculated the page length for some reason, if the
3465                  * drive returns multiple block descriptors, or if it sets
3466                  * the data length incorrectly.
3467                  */
3468                 if (data_len > data->alloc_len) {
3469                         xpt_print_path(periph->path);
3470                         printf("allocated modepage %d length %d < returned "
3471                                "length %d\n", page, data->alloc_len, data_len);
3472
3473                         error = ENOSPC;
3474                 }
3475         }
3476         return (error);
3477 }
3478
3479 /*
3480  * All MODE_SELECT requests in the cd(4) driver MUST go through this
3481  * routine.  See comments in cd6byteworkaround() for details.
3482  */
3483 static int
3484 cdsetmode(struct cam_periph *periph, struct cd_mode_params *data)
3485 {
3486         struct ccb_scsiio *csio;
3487         struct cd_softc *softc;
3488         union ccb *ccb;
3489         int cdb_size, param_len;
3490         int error;
3491
3492         softc = (struct cd_softc *)periph->softc;
3493
3494         ccb = cdgetccb(periph, /* priority */ 1);
3495
3496         csio = &ccb->csio;
3497
3498         error = 0;
3499
3500         /*
3501          * If the data is formatted for the 10 byte version of the mode
3502          * select parameter list, we need to use the 10 byte CDB.
3503          * Otherwise, we use whatever the stored minimum command size.
3504          */
3505         if (data->cdb_size == 10)
3506                 cdb_size = data->cdb_size;
3507         else
3508                 cdb_size = softc->minimum_command_size;
3509
3510         if (cdb_size >= 10) {
3511                 struct scsi_mode_header_10 *mode_header;
3512                 u_int32_t data_len;
3513
3514                 mode_header = (struct scsi_mode_header_10 *)data->mode_buf;
3515
3516                 data_len = scsi_2btoul(mode_header->data_length);
3517
3518                 scsi_ulto2b(0, mode_header->data_length);
3519                 /*
3520                  * SONY drives do not allow a mode select with a medium_type
3521                  * value that has just been returned by a mode sense; use a
3522                  * medium_type of 0 (Default) instead.
3523                  */
3524                 mode_header->medium_type = 0;
3525
3526                 /*
3527                  * Pass back whatever the drive passed to us, plus the size
3528                  * of the data length field.
3529                  */
3530                 param_len = data_len + sizeof(mode_header->data_length);
3531
3532         } else {
3533                 struct scsi_mode_header_6 *mode_header;
3534
3535                 mode_header = (struct scsi_mode_header_6 *)data->mode_buf;
3536
3537                 param_len = mode_header->data_length + 1;
3538
3539                 mode_header->data_length = 0;
3540                 /*
3541                  * SONY drives do not allow a mode select with a medium_type
3542                  * value that has just been returned by a mode sense; use a
3543                  * medium_type of 0 (Default) instead.
3544                  */
3545                 mode_header->medium_type = 0;
3546         }
3547
3548         /* Don't say we've got more room than we actually allocated */
3549         param_len = min(param_len, data->alloc_len);
3550
3551         scsi_mode_select_len(csio,
3552                              /* retries */ 1,
3553                              /* cbfcnp */ cddone,
3554                              /* tag_action */ MSG_SIMPLE_Q_TAG,
3555                              /* scsi_page_fmt */ 1,
3556                              /* save_pages */ 0,
3557                              /* param_buf */ data->mode_buf,
3558                              /* param_len */ param_len,
3559                              /* minimum_cmd_size */ cdb_size,
3560                              /* sense_len */ SSD_FULL_SIZE,
3561                              /* timeout */ 50000);
3562
3563         /* See comments in cdgetmode() and cd6byteworkaround(). */
3564         STAILQ_INSERT_TAIL(&softc->mode_queue, data, links);
3565
3566         error = cdrunccb(ccb, cderror, /*cam_flags*/0,
3567                          /*sense_flags*/SF_RETRY_UA | SF_RETRY_SELTO);
3568
3569         xpt_release_ccb(ccb);
3570
3571         STAILQ_REMOVE(&softc->mode_queue, data, cd_mode_params, links);
3572
3573         return (error);
3574 }
3575
3576   
3577
3578 static int