Change the kernel dev_t, representing a pointer to a specinfo structure,
[dragonfly.git] / sys / dev / disk / isp / isp_freebsd.c
1 /* $FreeBSD: src/sys/dev/isp/isp_freebsd.c,v 1.32.2.20 2002/10/11 18:49:25 mjacob Exp $ */
2 /* $DragonFly: src/sys/dev/disk/isp/isp_freebsd.c,v 1.16 2006/09/10 01:26:33 dillon Exp $ */
3 /*
4  * Platform (FreeBSD) dependent common attachment code for Qlogic adapters.
5  *
6  * Copyright (c) 1997, 1998, 1999, 2000, 2001 by Matthew Jacob
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice immediately at the beginning of the file, without modification,
13  *    this list of conditions, and the following disclaimer.
14  * 2. The name of the author may not be used to endorse or promote products
15  *    derived from this software without specific prior written permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR
21  * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  */
29 #include <sys/unistd.h>
30 #include <sys/kthread.h>
31 #include <sys/conf.h>
32 #include <sys/device.h>
33 #include <sys/ioccom.h>
34 #include <machine/stdarg.h>     /* for use by isp_prt below */
35
36 #include "isp_ioctl.h"
37 #include "isp_freebsd.h"
38
39 static d_ioctl_t ispioctl;
40 static void isp_intr_enable(void *);
41 static void isp_cam_async(void *, u_int32_t, struct cam_path *, void *);
42 static void isp_poll(struct cam_sim *);
43 static timeout_t isp_watchdog;
44 static void isp_kthread(void *);
45 static void isp_action(struct cam_sim *, union ccb *);
46
47
48 #define ISP_CDEV_MAJOR  248
49 static struct dev_ops isp_ops = {
50         { "isp", ISP_CDEV_MAJOR, D_TAPE },
51         .d_open =       nullopen,
52         .d_close =      nullclose,
53         .d_ioctl =      ispioctl,
54 };
55
56 static struct ispsoftc *isplist = NULL;
57
58 void
59 isp_attach(struct ispsoftc *isp)
60 {
61         int primary, secondary;
62         struct ccb_setasync csa;
63         struct cam_devq *devq;
64         struct cam_sim *sim;
65         struct cam_path *path;
66
67         /*
68          * Establish (in case of 12X0) which bus is the primary.
69          */
70
71         primary = 0;
72         secondary = 1;
73
74         /*
75          * Create the device queue for our SIM(s).
76          */
77         devq = cam_simq_alloc(isp->isp_maxcmds);
78         if (devq == NULL) {
79                 return;
80         }
81
82         /*
83          * Construct our SIM entry.
84          */
85         ISPLOCK_2_CAMLOCK(isp);
86         sim = cam_sim_alloc(isp_action, isp_poll, "isp", isp,
87             device_get_unit(isp->isp_dev), 1, isp->isp_maxcmds, devq);
88         cam_simq_release(devq);         /* leaves 1 ref due to cam_sim_alloc */
89         if (sim == NULL) {
90                 CAMLOCK_2_ISPLOCK(isp);
91                 return;
92         }
93         CAMLOCK_2_ISPLOCK(isp);
94
95         isp->isp_osinfo.ehook.ich_func = isp_intr_enable;
96         isp->isp_osinfo.ehook.ich_arg = isp;
97         isp->isp_osinfo.ehook.ich_desc = "isp";
98         ISPLOCK_2_CAMLOCK(isp);
99         if (config_intrhook_establish(&isp->isp_osinfo.ehook) != 0) {
100                 cam_sim_free(sim);
101                 CAMLOCK_2_ISPLOCK(isp);
102                 isp_prt(isp, ISP_LOGERR,
103                     "could not establish interrupt enable hook");
104                 return;
105         }
106
107         if (xpt_bus_register(sim, primary) != CAM_SUCCESS) {
108                 cam_sim_free(sim);
109                 CAMLOCK_2_ISPLOCK(isp);
110                 return;
111         }
112
113         if (xpt_create_path(&path, NULL, cam_sim_path(sim),
114             CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
115                 xpt_bus_deregister(cam_sim_path(sim));
116                 cam_sim_free(sim);
117                 config_intrhook_disestablish(&isp->isp_osinfo.ehook);
118                 CAMLOCK_2_ISPLOCK(isp);
119                 return;
120         }
121
122         xpt_setup_ccb(&csa.ccb_h, path, 5);
123         csa.ccb_h.func_code = XPT_SASYNC_CB;
124         csa.event_enable = AC_LOST_DEVICE;
125         csa.callback = isp_cam_async;
126         csa.callback_arg = sim;
127         xpt_action((union ccb *)&csa);
128         CAMLOCK_2_ISPLOCK(isp);
129         isp->isp_sim = sim;
130         isp->isp_path = path;
131         /*
132          * Create a kernel thread for fibre channel instances. We
133          * don't have dual channel FC cards.
134          */
135         if (IS_FC(isp)) {
136                 ISPLOCK_2_CAMLOCK(isp);
137                 if (kthread_create(isp_kthread, isp, &isp->isp_osinfo.kthread,
138                     "%s: fc_thrd", device_get_nameunit(isp->isp_dev))) {
139                         xpt_bus_deregister(cam_sim_path(sim));
140                         cam_sim_free(sim);
141                         config_intrhook_disestablish(&isp->isp_osinfo.ehook);
142                         CAMLOCK_2_ISPLOCK(isp);
143                         isp_prt(isp, ISP_LOGERR, "could not create kthread");
144                         return;
145                 }
146                 CAMLOCK_2_ISPLOCK(isp);
147         }
148
149
150         /*
151          * If we have a second channel, construct SIM entry for that.
152          */
153         if (IS_DUALBUS(isp)) {
154                 ISPLOCK_2_CAMLOCK(isp);
155                 sim = cam_sim_alloc(isp_action, isp_poll, "isp", isp,
156                     device_get_unit(isp->isp_dev), 1, isp->isp_maxcmds, devq);
157                 if (sim == NULL) {
158                         xpt_bus_deregister(cam_sim_path(isp->isp_sim));
159                         xpt_free_path(isp->isp_path);
160                         config_intrhook_disestablish(&isp->isp_osinfo.ehook);
161                         return;
162                 }
163                 if (xpt_bus_register(sim, secondary) != CAM_SUCCESS) {
164                         xpt_bus_deregister(cam_sim_path(isp->isp_sim));
165                         xpt_free_path(isp->isp_path);
166                         cam_sim_free(sim);
167                         config_intrhook_disestablish(&isp->isp_osinfo.ehook);
168                         CAMLOCK_2_ISPLOCK(isp);
169                         return;
170                 }
171
172                 if (xpt_create_path(&path, NULL, cam_sim_path(sim),
173                     CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
174                         xpt_bus_deregister(cam_sim_path(isp->isp_sim));
175                         xpt_free_path(isp->isp_path);
176                         xpt_bus_deregister(cam_sim_path(sim));
177                         cam_sim_free(sim);
178                         config_intrhook_disestablish(&isp->isp_osinfo.ehook);
179                         CAMLOCK_2_ISPLOCK(isp);
180                         return;
181                 }
182
183                 xpt_setup_ccb(&csa.ccb_h, path, 5);
184                 csa.ccb_h.func_code = XPT_SASYNC_CB;
185                 csa.event_enable = AC_LOST_DEVICE;
186                 csa.callback = isp_cam_async;
187                 csa.callback_arg = sim;
188                 xpt_action((union ccb *)&csa);
189                 CAMLOCK_2_ISPLOCK(isp);
190                 isp->isp_sim2 = sim;
191                 isp->isp_path2 = path;
192         }
193         /*
194          * Create device nodes
195          */
196         dev_ops_add(&isp_ops, -1, device_get_unit(isp->isp_dev));
197         make_dev(&isp_ops, device_get_unit(isp->isp_dev), UID_ROOT,
198             GID_OPERATOR, 0600, "%s", device_get_nameunit(isp->isp_dev));
199
200         if (isp->isp_role != ISP_ROLE_NONE) {
201                 isp->isp_state = ISP_RUNSTATE;
202         }
203         if (isplist == NULL) {
204                 isplist = isp;
205         } else {
206                 struct ispsoftc *tmp = isplist;
207                 while (tmp->isp_osinfo.next) {
208                         tmp = tmp->isp_osinfo.next;
209                 }
210                 tmp->isp_osinfo.next = isp;
211         }
212
213 }
214
215 static INLINE void
216 isp_freeze_loopdown(struct ispsoftc *isp, char *msg)
217 {
218         if (isp->isp_osinfo.simqfrozen == 0) {
219                 isp_prt(isp, ISP_LOGDEBUG0, "%s: freeze simq (loopdown)", msg);
220                 isp->isp_osinfo.simqfrozen |= SIMQFRZ_LOOPDOWN;
221                 ISPLOCK_2_CAMLOCK(isp);
222                 xpt_freeze_simq(isp->isp_sim, 1);
223                 CAMLOCK_2_ISPLOCK(isp);
224         } else {
225                 isp_prt(isp, ISP_LOGDEBUG0, "%s: mark frozen (loopdown)", msg);
226                 isp->isp_osinfo.simqfrozen |= SIMQFRZ_LOOPDOWN;
227         }
228 }
229
230 static int
231 ispioctl(struct dev_ioctl_args *ap)
232 {
233         cdev_t dev = ap->a_head.a_dev;
234         struct ispsoftc *isp;
235         int retval = ENOTTY;
236
237         isp = isplist;
238         while (isp) {
239                 if (minor(dev) == device_get_unit(isp->isp_dev)) {
240                         break;
241                 }
242                 isp = isp->isp_osinfo.next;
243         }
244         if (isp == NULL)
245                 return (ENXIO);
246         
247         switch (ap->a_cmd) {
248 #ifdef  ISP_FW_CRASH_DUMP
249         case ISP_GET_FW_CRASH_DUMP:
250         {
251                 u_int16_t *ptr = FCPARAM(isp)->isp_dump_data;
252                 size_t sz;
253
254                 retval = 0;
255                 if (IS_2200(isp))
256                         sz = QLA2200_RISC_IMAGE_DUMP_SIZE;
257                 else
258                         sz = QLA2300_RISC_IMAGE_DUMP_SIZE;
259                 ISP_LOCK(isp);
260                 if (ptr && *ptr) {
261                         void *uaddr = *((void **) addr);
262                         if (copyout(ptr, uaddr, sz)) {
263                                 retval = EFAULT;
264                         } else {
265                                 *ptr = 0;
266                         }
267                 } else {
268                         retval = ENXIO;
269                 }
270                 ISP_UNLOCK(isp);
271                 break;
272         }
273
274         case ISP_FORCE_CRASH_DUMP:
275                 ISP_LOCK(isp);
276                 isp_freeze_loopdown(isp, "ispioctl(ISP_FORCE_CRASH_DUMP)");
277                 isp_fw_dump(isp);
278                 isp_reinit(isp);
279                 ISP_UNLOCK(isp);
280                 retval = 0;
281                 break;
282 #endif
283         case ISP_SDBLEV:
284         {
285                 int olddblev = isp->isp_dblev;
286                 isp->isp_dblev = *(int *)ap->a_data;
287                 *(int *)ap->a_data = olddblev;
288                 retval = 0;
289                 break;
290         }
291         case ISP_RESETHBA:
292                 ISP_LOCK(isp);
293                 isp_reinit(isp);
294                 ISP_UNLOCK(isp);
295                 retval = 0;
296                 break;
297         case ISP_RESCAN:
298                 if (IS_FC(isp)) {
299                         ISP_LOCK(isp);
300                         if (isp_fc_runstate(isp, 5 * 1000000)) {
301                                 retval = EIO;
302                         } else {
303                                 retval = 0;
304                         }
305                         ISP_UNLOCK(isp);
306                 }
307                 break;
308         case ISP_FC_LIP:
309                 if (IS_FC(isp)) {
310                         ISP_LOCK(isp);
311                         if (isp_control(isp, ISPCTL_SEND_LIP, 0)) {
312                                 retval = EIO;
313                         } else {
314                                 retval = 0;
315                         }
316                         ISP_UNLOCK(isp);
317                 }
318                 break;
319         case ISP_FC_GETDINFO:
320         {
321                 struct isp_fc_device *ifc = (struct isp_fc_device *) ap->a_data;
322                 struct lportdb *lp;
323
324                 if (ifc->loopid < 0 || ifc->loopid >= MAX_FC_TARG) {
325                         retval = EINVAL;
326                         break;
327                 }
328                 ISP_LOCK(isp);
329                 lp = &FCPARAM(isp)->portdb[ifc->loopid];
330                 if (lp->valid) {
331                         ifc->loopid = lp->loopid;
332                         ifc->portid = lp->portid;
333                         ifc->node_wwn = lp->node_wwn;
334                         ifc->port_wwn = lp->port_wwn;
335                         retval = 0;
336                 } else {
337                         retval = ENODEV;
338                 }
339                 ISP_UNLOCK(isp);
340                 break;
341         }
342         case ISP_GET_STATS:
343         {
344                 isp_stats_t *sp = (isp_stats_t *) ap->a_data;
345
346                 MEMZERO(sp, sizeof (*sp));
347                 sp->isp_stat_version = ISP_STATS_VERSION;
348                 sp->isp_type = isp->isp_type;
349                 sp->isp_revision = isp->isp_revision;
350                 ISP_LOCK(isp);
351                 sp->isp_stats[ISP_INTCNT] = isp->isp_intcnt;
352                 sp->isp_stats[ISP_INTBOGUS] = isp->isp_intbogus;
353                 sp->isp_stats[ISP_INTMBOXC] = isp->isp_intmboxc;
354                 sp->isp_stats[ISP_INGOASYNC] = isp->isp_intoasync;
355                 sp->isp_stats[ISP_RSLTCCMPLT] = isp->isp_rsltccmplt;
356                 sp->isp_stats[ISP_FPHCCMCPLT] = isp->isp_fphccmplt;
357                 sp->isp_stats[ISP_RSCCHIWAT] = isp->isp_rscchiwater;
358                 sp->isp_stats[ISP_FPCCHIWAT] = isp->isp_fpcchiwater;
359                 ISP_UNLOCK(isp);
360                 retval = 0;
361                 break;
362         }
363         case ISP_CLR_STATS:
364                 ISP_LOCK(isp);
365                 isp->isp_intcnt = 0;
366                 isp->isp_intbogus = 0;
367                 isp->isp_intmboxc = 0;
368                 isp->isp_intoasync = 0;
369                 isp->isp_rsltccmplt = 0;
370                 isp->isp_fphccmplt = 0;
371                 isp->isp_rscchiwater = 0;
372                 isp->isp_fpcchiwater = 0;
373                 ISP_UNLOCK(isp);
374                 retval = 0;
375                 break;
376         case ISP_FC_GETHINFO:
377         {
378                 struct isp_hba_device *hba = (struct isp_hba_device *) ap->a_data;
379                 MEMZERO(hba, sizeof (*hba));
380                 ISP_LOCK(isp);
381                 hba->fc_speed = FCPARAM(isp)->isp_gbspeed;
382                 hba->fc_scsi_supported = 1;
383                 hba->fc_topology = FCPARAM(isp)->isp_topo + 1;
384                 hba->fc_loopid = FCPARAM(isp)->isp_loopid;
385                 hba->active_node_wwn = FCPARAM(isp)->isp_nodewwn;
386                 hba->active_port_wwn = FCPARAM(isp)->isp_portwwn;
387                 ISP_UNLOCK(isp);
388                 retval = 0;
389                 break;
390         }
391         case ISP_GET_FC_PARAM:
392         {
393                 struct isp_fc_param *f = (struct isp_fc_param *) ap->a_data;
394
395                 if (!IS_FC(isp)) {
396                         retval = EINVAL;
397                         break;
398                 }
399                 f->parameter = 0;
400                 if (strcmp(f->param_name, "framelength") == 0) {
401                         f->parameter = FCPARAM(isp)->isp_maxfrmlen;
402                         retval = 0;
403                         break;
404                 }
405                 if (strcmp(f->param_name, "exec_throttle") == 0) {
406                         f->parameter = FCPARAM(isp)->isp_execthrottle;
407                         retval = 0;
408                         break;
409                 }
410                 if (strcmp(f->param_name, "fullduplex") == 0) {
411                         if (FCPARAM(isp)->isp_fwoptions & ICBOPT_FULL_DUPLEX)
412                                 f->parameter = 1;
413                         retval = 0;
414                         break;
415                 }
416                 if (strcmp(f->param_name, "loopid") == 0) {
417                         f->parameter = FCPARAM(isp)->isp_loopid;
418                         retval = 0;
419                         break;
420                 }
421                 retval = EINVAL;
422                 break;
423         }
424         case ISP_SET_FC_PARAM:
425         {
426                 struct isp_fc_param *f = (struct isp_fc_param *) ap->a_data;
427                 u_int32_t param = f->parameter;
428
429                 if (!IS_FC(isp)) {
430                         retval = EINVAL;
431                         break;
432                 }
433                 f->parameter = 0;
434                 if (strcmp(f->param_name, "framelength") == 0) {
435                         if (param != 512 && param != 1024 && param != 1024) {
436                                 retval = EINVAL;
437                                 break;
438                         }
439                         FCPARAM(isp)->isp_maxfrmlen = param;
440                         retval = 0;
441                         break;
442                 }
443                 if (strcmp(f->param_name, "exec_throttle") == 0) {
444                         if (param < 16 || param > 255) {
445                                 retval = EINVAL;
446                                 break;
447                         }
448                         FCPARAM(isp)->isp_execthrottle = param;
449                         retval = 0;
450                         break;
451                 }
452                 if (strcmp(f->param_name, "fullduplex") == 0) {
453                         if (param != 0 && param != 1) {
454                                 retval = EINVAL;
455                                 break;
456                         }
457                         if (param) {
458                                 FCPARAM(isp)->isp_fwoptions |=
459                                     ICBOPT_FULL_DUPLEX;
460                         } else {
461                                 FCPARAM(isp)->isp_fwoptions &=
462                                     ~ICBOPT_FULL_DUPLEX;
463                         }
464                         retval = 0;
465                         break;
466                 }
467                 if (strcmp(f->param_name, "loopid") == 0) {
468                         if (param < 0 || param > 125) {
469                                 retval = EINVAL;
470                                 break;
471                         }
472                         FCPARAM(isp)->isp_loopid = param;
473                         retval = 0;
474                         break;
475                 }
476                 retval = EINVAL;
477                 break;
478         }
479         default:
480                 break;
481         }
482         return (retval);
483 }
484
485 static void
486 isp_intr_enable(void *arg)
487 {
488         struct ispsoftc *isp = arg;
489         if (isp->isp_role != ISP_ROLE_NONE) {
490                 ENABLE_INTS(isp);
491         }
492         /* Release our hook so that the boot can continue. */
493         config_intrhook_disestablish(&isp->isp_osinfo.ehook);
494 }
495
496 /*
497  * Put the target mode functions here, because some are inlines
498  */
499
500 #ifdef  ISP_TARGET_MODE
501
502 static INLINE int is_lun_enabled(struct ispsoftc *, int, lun_id_t);
503 static INLINE int are_any_luns_enabled(struct ispsoftc *, int);
504 static INLINE tstate_t *get_lun_statep(struct ispsoftc *, int, lun_id_t);
505 static INLINE void rls_lun_statep(struct ispsoftc *, tstate_t *);
506 static INLINE int isp_psema_sig_rqe(struct ispsoftc *, int);
507 static INLINE int isp_cv_wait_timed_rqe(struct ispsoftc *, int, int);
508 static INLINE void isp_cv_signal_rqe(struct ispsoftc *, int, int);
509 static INLINE void isp_vsema_rqe(struct ispsoftc *, int);
510 static INLINE atio_private_data_t *isp_get_atpd(struct ispsoftc *, int);
511 static cam_status
512 create_lun_state(struct ispsoftc *, int, struct cam_path *, tstate_t **);
513 static void destroy_lun_state(struct ispsoftc *, tstate_t *);
514 static void isp_en_lun(struct ispsoftc *, union ccb *);
515 static cam_status isp_abort_tgt_ccb(struct ispsoftc *, union ccb *);
516 static timeout_t isp_refire_putback_atio;
517 static void isp_complete_ctio(union ccb *);
518 static void isp_target_putback_atio(union ccb *);
519 static cam_status isp_target_start_ctio(struct ispsoftc *, union ccb *);
520 static int isp_handle_platform_atio(struct ispsoftc *, at_entry_t *);
521 static int isp_handle_platform_atio2(struct ispsoftc *, at2_entry_t *);
522 static int isp_handle_platform_ctio(struct ispsoftc *, void *);
523 static int isp_handle_platform_notify_scsi(struct ispsoftc *, in_entry_t *);
524 static int isp_handle_platform_notify_fc(struct ispsoftc *, in_fcentry_t *);
525
526 static INLINE int
527 is_lun_enabled(struct ispsoftc *isp, int bus, lun_id_t lun)
528 {
529         tstate_t *tptr;
530         tptr = isp->isp_osinfo.lun_hash[LUN_HASH_FUNC(isp, bus, lun)];
531         if (tptr == NULL) {
532                 return (0);
533         }
534         do {
535                 if (tptr->lun == (lun_id_t) lun && tptr->bus == bus) {
536                         return (1);
537                 }
538         } while ((tptr = tptr->next) != NULL);
539         return (0);
540 }
541
542 static INLINE int
543 are_any_luns_enabled(struct ispsoftc *isp, int port)
544 {
545         int lo, hi;
546         if (IS_DUALBUS(isp)) {
547                 lo = (port * (LUN_HASH_SIZE >> 1));
548                 hi = lo + (LUN_HASH_SIZE >> 1);
549         } else {
550                 lo = 0;
551                 hi = LUN_HASH_SIZE;
552         }
553         for (lo = 0; lo < hi; lo++) {
554                 if (isp->isp_osinfo.lun_hash[lo]) {
555                         return (1);
556                 }
557         }
558         return (0);
559 }
560
561 static INLINE tstate_t *
562 get_lun_statep(struct ispsoftc *isp, int bus, lun_id_t lun)
563 {
564         tstate_t *tptr = NULL;
565
566         if (lun == CAM_LUN_WILDCARD) {
567                 if (isp->isp_osinfo.tmflags[bus] & TM_WILDCARD_ENABLED) {
568                         tptr = &isp->isp_osinfo.tsdflt[bus];
569                         tptr->hold++;
570                         return (tptr);
571                 }
572         } else {
573                 tptr = isp->isp_osinfo.lun_hash[LUN_HASH_FUNC(isp, bus, lun)];
574                 if (tptr == NULL) {
575                         return (NULL);
576                 }
577         }
578
579         do {
580                 if (tptr->lun == lun && tptr->bus == bus) {
581                         tptr->hold++;
582                         return (tptr);
583                 }
584         } while ((tptr = tptr->next) != NULL);
585         return (tptr);
586 }
587
588 static __inline void
589 rls_lun_statep(struct ispsoftc *isp, tstate_t *tptr)
590 {
591         if (tptr->hold)
592                 tptr->hold--;
593 }
594
595 static __inline int
596 isp_psema_sig_rqe(struct ispsoftc *isp, int bus)
597 {
598         while (isp->isp_osinfo.tmflags[bus] & TM_BUSY) {
599                 isp->isp_osinfo.tmflags[bus] |= TM_WANTED;
600                 if (tsleep(&isp->isp_osinfo.tmflags[bus], PCATCH, "i0", 0)) {
601                         return (-1);
602                 }
603                 isp->isp_osinfo.tmflags[bus] |= TM_BUSY;
604         }
605         return (0);
606 }
607
608 static __inline int
609 isp_cv_wait_timed_rqe(struct ispsoftc *isp, int bus, int timo)
610 {
611         if (tsleep(&isp->isp_osinfo.rstatus[bus], 0, "qt1", timo)) {
612                 return (-1);
613         }
614         return (0);
615 }
616
617 static __inline void
618 isp_cv_signal_rqe(struct ispsoftc *isp, int bus, int status)
619 {
620         isp->isp_osinfo.rstatus[bus] = status;
621         wakeup(&isp->isp_osinfo.rstatus[bus]);
622 }
623
624 static __inline void
625 isp_vsema_rqe(struct ispsoftc *isp, int bus)
626 {
627         if (isp->isp_osinfo.tmflags[bus] & TM_WANTED) {
628                 isp->isp_osinfo.tmflags[bus] &= ~TM_WANTED;
629                 wakeup(&isp->isp_osinfo.tmflags[bus]);
630         }
631         isp->isp_osinfo.tmflags[bus] &= ~TM_BUSY;
632 }
633
634 static __inline atio_private_data_t *
635 isp_get_atpd(struct ispsoftc *isp, int tag)
636 {
637         atio_private_data_t *atp;
638         for (atp = isp->isp_osinfo.atpdp;
639             atp < &isp->isp_osinfo.atpdp[ATPDPSIZE]; atp++) {
640                 if (atp->tag == tag)
641                         return (atp);
642         }
643         return (NULL);
644 }
645
646 static cam_status
647 create_lun_state(struct ispsoftc *isp, int bus,
648     struct cam_path *path, tstate_t **rslt)
649 {
650         cam_status status;
651         lun_id_t lun;
652         int hfx;
653         tstate_t *tptr, *new;
654
655         lun = xpt_path_lun_id(path);
656         if (lun < 0) {
657                 return (CAM_LUN_INVALID);
658         }
659         if (is_lun_enabled(isp, bus, lun)) {
660                 return (CAM_LUN_ALRDY_ENA);
661         }
662         new = kmalloc(sizeof (tstate_t), M_DEVBUF, M_WAITOK | M_ZERO);
663         status = xpt_create_path(&new->owner, NULL, xpt_path_path_id(path),
664             xpt_path_target_id(path), xpt_path_lun_id(path));
665         if (status != CAM_REQ_CMP) {
666                 kfree(new, M_DEVBUF);
667                 return (status);
668         }
669         new->bus = bus;
670         new->lun = lun;
671         SLIST_INIT(&new->atios);
672         SLIST_INIT(&new->inots);
673         new->hold = 1;
674
675         hfx = LUN_HASH_FUNC(isp, new->bus, new->lun);
676         tptr = isp->isp_osinfo.lun_hash[hfx];
677         if (tptr == NULL) {
678                 isp->isp_osinfo.lun_hash[hfx] = new;
679         } else {
680                 while (tptr->next)
681                         tptr = tptr->next;
682                 tptr->next = new;
683         }
684         *rslt = new;
685         return (CAM_REQ_CMP);
686 }
687
688 static INLINE void
689 destroy_lun_state(struct ispsoftc *isp, tstate_t *tptr)
690 {
691         int hfx;
692         tstate_t *lw, *pw;
693
694         hfx = LUN_HASH_FUNC(isp, tptr->bus, tptr->lun);
695         if (tptr->hold) {
696                 return;
697         }
698         pw = isp->isp_osinfo.lun_hash[hfx];
699         if (pw == NULL) {
700                 return;
701         } else if (pw->lun == tptr->lun && pw->bus == tptr->bus) {
702                 isp->isp_osinfo.lun_hash[hfx] = pw->next;
703         } else {
704                 lw = pw;
705                 pw = lw->next;
706                 while (pw) {
707                         if (pw->lun == tptr->lun && pw->bus == tptr->bus) {
708                                 lw->next = pw->next;
709                                 break;
710                         }
711                         lw = pw;
712                         pw = pw->next;
713                 }
714                 if (pw == NULL) {
715                         return;
716                 }
717         }
718         kfree(tptr, M_DEVBUF);
719 }
720
721 /*
722  * we enter with our locks held.
723  */
724 static void
725 isp_en_lun(struct ispsoftc *isp, union ccb *ccb)
726 {
727         const char lfmt[] = "Lun now %sabled for target mode on channel %d";
728         struct ccb_en_lun *cel = &ccb->cel;
729         tstate_t *tptr;
730         u_int16_t rstat;
731         int bus, cmd, av, wildcard;
732         lun_id_t lun;
733         target_id_t tgt;
734
735
736         bus = XS_CHANNEL(ccb) & 0x1;
737         tgt = ccb->ccb_h.target_id;
738         lun = ccb->ccb_h.target_lun;
739
740         /*
741          * Do some sanity checking first.
742          */
743
744         if ((lun != CAM_LUN_WILDCARD) &&
745             (lun < 0 || lun >= (lun_id_t) isp->isp_maxluns)) {
746                 ccb->ccb_h.status = CAM_LUN_INVALID;
747                 return;
748         }
749
750         if (IS_SCSI(isp)) {
751                 sdparam *sdp = isp->isp_param;
752                 sdp += bus;
753                 if (tgt != CAM_TARGET_WILDCARD &&
754                     tgt != sdp->isp_initiator_id) {
755                         ccb->ccb_h.status = CAM_TID_INVALID;
756                         return;
757                 }
758         } else {
759                 if (tgt != CAM_TARGET_WILDCARD &&
760                     tgt != FCPARAM(isp)->isp_iid) {
761                         ccb->ccb_h.status = CAM_TID_INVALID;
762                         return;
763                 }
764                 /*
765                  * This is as a good a place as any to check f/w capabilities.
766                  */
767                 if ((FCPARAM(isp)->isp_fwattr & ISP_FW_ATTR_TMODE) == 0) {
768                         isp_prt(isp, ISP_LOGERR,
769                             "firmware does not support target mode");
770                         ccb->ccb_h.status = CAM_FUNC_NOTAVAIL;
771                         return;
772                 }
773                 /*
774                  * XXX: We *could* handle non-SCCLUN f/w, but we'd have to
775                  * XXX: dorks with our already fragile enable/disable code.
776                  */
777                 if ((FCPARAM(isp)->isp_fwattr & ISP_FW_ATTR_SCCLUN) == 0) {
778                         isp_prt(isp, ISP_LOGERR,
779                             "firmware not SCCLUN capable");
780                 }
781         }
782
783         if (tgt == CAM_TARGET_WILDCARD) {
784                 if (lun == CAM_LUN_WILDCARD) {
785                         wildcard = 1;
786                 } else {
787                         ccb->ccb_h.status = CAM_LUN_INVALID;
788                         return;
789                 }
790         } else {
791                 wildcard = 0;
792         }
793
794         /*
795          * Next check to see whether this is a target/lun wildcard action.
796          *
797          * If so, we know that we can accept commands for luns that haven't
798          * been enabled yet and send them upstream. Otherwise, we have to
799          * handle them locally (if we see them at all).
800          */
801
802         if (wildcard) {
803                 tptr = &isp->isp_osinfo.tsdflt[bus];
804                 if (cel->enable) {
805                         if (isp->isp_osinfo.tmflags[bus] &
806                             TM_WILDCARD_ENABLED) {
807                                 ccb->ccb_h.status = CAM_LUN_ALRDY_ENA;
808                                 return;
809                         }
810                         ccb->ccb_h.status =
811                             xpt_create_path(&tptr->owner, NULL,
812                             xpt_path_path_id(ccb->ccb_h.path),
813                             xpt_path_target_id(ccb->ccb_h.path),
814                             xpt_path_lun_id(ccb->ccb_h.path));
815                         if (ccb->ccb_h.status != CAM_REQ_CMP) {
816                                 return;
817                         }
818                         SLIST_INIT(&tptr->atios);
819                         SLIST_INIT(&tptr->inots);
820                         isp->isp_osinfo.tmflags[bus] |= TM_WILDCARD_ENABLED;
821                 } else {
822                         if ((isp->isp_osinfo.tmflags[bus] &
823                             TM_WILDCARD_ENABLED) == 0) {
824                                 ccb->ccb_h.status = CAM_REQ_CMP;
825                                 return;
826                         }
827                         if (tptr->hold) {
828                                 ccb->ccb_h.status = CAM_SCSI_BUSY;
829                                 return;
830                         }
831                         xpt_free_path(tptr->owner);
832                         isp->isp_osinfo.tmflags[bus] &= ~TM_WILDCARD_ENABLED;
833                 }
834         }
835
836         /*
837          * Now check to see whether this bus needs to be
838          * enabled/disabled with respect to target mode.
839          */
840         av = bus << 31;
841         if (cel->enable && !(isp->isp_osinfo.tmflags[bus] & TM_TMODE_ENABLED)) {
842                 av |= ENABLE_TARGET_FLAG;
843                 av = isp_control(isp, ISPCTL_TOGGLE_TMODE, &av);
844                 if (av) {
845                         ccb->ccb_h.status = CAM_FUNC_NOTAVAIL;
846                         if (wildcard) {
847                                 isp->isp_osinfo.tmflags[bus] &=
848                                     ~TM_WILDCARD_ENABLED;
849                                 xpt_free_path(tptr->owner);
850                         }
851                         return;
852                 }
853                 isp->isp_osinfo.tmflags[bus] |= TM_TMODE_ENABLED;
854                 isp_prt(isp, ISP_LOGINFO,
855                     "Target Mode enabled on channel %d", bus);
856         } else if (cel->enable == 0 &&
857             (isp->isp_osinfo.tmflags[bus] & TM_TMODE_ENABLED) && wildcard) {
858                 if (are_any_luns_enabled(isp, bus)) {
859                         ccb->ccb_h.status = CAM_SCSI_BUSY;
860                         return;
861                 }
862                 av = isp_control(isp, ISPCTL_TOGGLE_TMODE, &av);
863                 if (av) {
864                         ccb->ccb_h.status = CAM_FUNC_NOTAVAIL;
865                         return;
866                 }
867                 isp->isp_osinfo.tmflags[bus] &= ~TM_TMODE_ENABLED;
868                 isp_prt(isp, ISP_LOGINFO,
869                     "Target Mode disabled on channel %d", bus);
870         }
871
872         if (wildcard) {
873                 ccb->ccb_h.status = CAM_REQ_CMP;
874                 return;
875         }
876
877         if (cel->enable) {
878                 ccb->ccb_h.status =
879                     create_lun_state(isp, bus, ccb->ccb_h.path, &tptr);
880                 if (ccb->ccb_h.status != CAM_REQ_CMP) {
881                         return;
882                 }
883         } else {
884                 tptr = get_lun_statep(isp, bus, lun);
885                 if (tptr == NULL) {
886                         ccb->ccb_h.status = CAM_LUN_INVALID;
887                         return;
888                 }
889         }
890
891         if (isp_psema_sig_rqe(isp, bus)) {
892                 rls_lun_statep(isp, tptr);
893                 if (cel->enable)
894                         destroy_lun_state(isp, tptr);
895                 ccb->ccb_h.status = CAM_REQ_CMP_ERR;
896                 return;
897         }
898
899         if (cel->enable) {
900                 u_int32_t seq = isp->isp_osinfo.rollinfo++;
901                 int c, n, ulun = lun;
902
903                 cmd = RQSTYPE_ENABLE_LUN;
904                 c = DFLT_CMND_CNT;
905                 n = DFLT_INOT_CNT;
906                 if (IS_FC(isp) && lun != 0) {
907                         cmd = RQSTYPE_MODIFY_LUN;
908                         n = 0;
909                         /*
910                          * For SCC firmware, we only deal with setting
911                          * (enabling or modifying) lun 0.
912                          */
913                         ulun = 0;
914                 }
915                 rstat = LUN_ERR;
916                 if (isp_lun_cmd(isp, cmd, bus, tgt, ulun, c, n, seq)) {
917                         xpt_print_path(ccb->ccb_h.path);
918                         isp_prt(isp, ISP_LOGWARN, "isp_lun_cmd failed");
919                         goto out;
920                 }
921                 if (isp_cv_wait_timed_rqe(isp, bus, 30 * hz)) {
922                         xpt_print_path(ccb->ccb_h.path);
923                         isp_prt(isp, ISP_LOGERR,
924                             "wait for ENABLE/MODIFY LUN timed out");
925                         goto out;
926                 }
927                 rstat = isp->isp_osinfo.rstatus[bus];
928                 if (rstat != LUN_OK) {
929                         xpt_print_path(ccb->ccb_h.path);
930                         isp_prt(isp, ISP_LOGERR,
931                             "ENABLE/MODIFY LUN returned 0x%x", rstat);
932                         goto out;
933                 }
934         } else {
935                 int c, n, ulun = lun;
936                 u_int32_t seq;
937
938                 rstat = LUN_ERR;
939                 seq = isp->isp_osinfo.rollinfo++;
940                 cmd = -RQSTYPE_MODIFY_LUN;
941
942                 c = DFLT_CMND_CNT;
943                 n = DFLT_INOT_CNT;
944                 if (IS_FC(isp) && lun != 0) {
945                         n = 0;
946                         /*
947                          * For SCC firmware, we only deal with setting
948                          * (enabling or modifying) lun 0.
949                          */
950                         ulun = 0;
951                 }
952                 if (isp_lun_cmd(isp, cmd, bus, tgt, ulun, c, n, seq)) {
953                         xpt_print_path(ccb->ccb_h.path);
954                         isp_prt(isp, ISP_LOGERR, "isp_lun_cmd failed");
955                         goto out;
956                 }
957                 if (isp_cv_wait_timed_rqe(isp, bus, 30 * hz)) {
958                         xpt_print_path(ccb->ccb_h.path);
959                         isp_prt(isp, ISP_LOGERR,
960                             "wait for MODIFY LUN timed out");
961                         goto out;
962                 }
963                 rstat = isp->isp_osinfo.rstatus[bus];
964                 if (rstat != LUN_OK) {
965                         xpt_print_path(ccb->ccb_h.path);
966                         isp_prt(isp, ISP_LOGERR,
967                             "MODIFY LUN returned 0x%x", rstat);
968                         goto out;
969                 }
970                 if (IS_FC(isp) && lun) {
971                         goto out;
972                 }
973
974                 seq = isp->isp_osinfo.rollinfo++;
975
976                 rstat = LUN_ERR;
977                 cmd = -RQSTYPE_ENABLE_LUN;
978                 if (isp_lun_cmd(isp, cmd, bus, tgt, lun, 0, 0, seq)) {
979                         xpt_print_path(ccb->ccb_h.path);
980                         isp_prt(isp, ISP_LOGERR, "isp_lun_cmd failed");
981                         goto out;
982                 }
983                 if (isp_cv_wait_timed_rqe(isp, bus, 30 * hz)) {
984                         xpt_print_path(ccb->ccb_h.path);
985                         isp_prt(isp, ISP_LOGERR,
986                              "wait for DISABLE LUN timed out");
987                         goto out;
988                 }
989                 rstat = isp->isp_osinfo.rstatus[bus];
990                 if (rstat != LUN_OK) {
991                         xpt_print_path(ccb->ccb_h.path);
992                         isp_prt(isp, ISP_LOGWARN,
993                             "DISABLE LUN returned 0x%x", rstat);
994                         goto out;
995                 }
996                 if (are_any_luns_enabled(isp, bus) == 0) {
997                         av = isp_control(isp, ISPCTL_TOGGLE_TMODE, &av);
998                         if (av) {
999                                 isp_prt(isp, ISP_LOGWARN,
1000                                     "disable target mode on channel %d failed",
1001                                     bus);
1002                                 goto out;
1003                         }
1004                         isp->isp_osinfo.tmflags[bus] &= ~TM_TMODE_ENABLED;
1005                         xpt_print_path(ccb->ccb_h.path);
1006                         isp_prt(isp, ISP_LOGINFO,
1007                             "Target Mode disabled on channel %d", bus);
1008                 }
1009         }
1010
1011 out:
1012         isp_vsema_rqe(isp, bus);
1013
1014         if (rstat != LUN_OK) {
1015                 xpt_print_path(ccb->ccb_h.path);
1016                 isp_prt(isp, ISP_LOGWARN,
1017                     "lun %sable failed", (cel->enable) ? "en" : "dis");
1018                 ccb->ccb_h.status = CAM_REQ_CMP_ERR;
1019                 rls_lun_statep(isp, tptr);
1020                 if (cel->enable)
1021                         destroy_lun_state(isp, tptr);
1022         } else {
1023                 xpt_print_path(ccb->ccb_h.path);
1024                 isp_prt(isp, ISP_LOGINFO, lfmt,
1025                     (cel->enable) ? "en" : "dis", bus);
1026                 rls_lun_statep(isp, tptr);
1027                 if (cel->enable == 0) {
1028                         destroy_lun_state(isp, tptr);
1029                 }
1030                 ccb->ccb_h.status = CAM_REQ_CMP;
1031         }
1032 }
1033
1034 static cam_status
1035 isp_abort_tgt_ccb(struct ispsoftc *isp, union ccb *ccb)
1036 {
1037         tstate_t *tptr;
1038         struct ccb_hdr_slist *lp;
1039         struct ccb_hdr *curelm;
1040         int found;
1041         union ccb *accb = ccb->cab.abort_ccb;
1042
1043         if (accb->ccb_h.target_id != CAM_TARGET_WILDCARD) {
1044                 if (IS_FC(isp) && (accb->ccb_h.target_id != 
1045                     ((fcparam *) isp->isp_param)->isp_loopid)) {
1046                         return (CAM_PATH_INVALID);
1047                 } else if (IS_SCSI(isp) && (accb->ccb_h.target_id != 
1048                     ((sdparam *) isp->isp_param)->isp_initiator_id)) {
1049                         return (CAM_PATH_INVALID);
1050                 }
1051         }
1052         tptr = get_lun_statep(isp, XS_CHANNEL(ccb), accb->ccb_h.target_lun);
1053         if (tptr == NULL) {
1054                 return (CAM_PATH_INVALID);
1055         }
1056         if (accb->ccb_h.func_code == XPT_ACCEPT_TARGET_IO) {
1057                 lp = &tptr->atios;
1058         } else if (accb->ccb_h.func_code == XPT_IMMED_NOTIFY) {
1059                 lp = &tptr->inots;
1060         } else {
1061                 rls_lun_statep(isp, tptr);
1062                 return (CAM_UA_ABORT);
1063         }
1064         curelm = SLIST_FIRST(lp);
1065         found = 0;
1066         if (curelm == &accb->ccb_h) {
1067                 found = 1;
1068                 SLIST_REMOVE_HEAD(lp, sim_links.sle);
1069         } else {
1070                 while(curelm != NULL) {
1071                         struct ccb_hdr *nextelm;
1072
1073                         nextelm = SLIST_NEXT(curelm, sim_links.sle);
1074                         if (nextelm == &accb->ccb_h) {
1075                                 found = 1;
1076                                 SLIST_NEXT(curelm, sim_links.sle) =
1077                                     SLIST_NEXT(nextelm, sim_links.sle);
1078                                 break;
1079                         }
1080                         curelm = nextelm;
1081                 }
1082         }
1083         rls_lun_statep(isp, tptr);
1084         if (found) {
1085                 accb->ccb_h.status = CAM_REQ_ABORTED;
1086                 return (CAM_REQ_CMP);
1087         }
1088         return(CAM_PATH_INVALID);
1089 }
1090
1091 static cam_status
1092 isp_target_start_ctio(struct ispsoftc *isp, union ccb *ccb)
1093 {
1094         void *qe;
1095         struct ccb_scsiio *cso = &ccb->csio;
1096         u_int16_t *hp, save_handle;
1097         u_int16_t nxti, optr;
1098         u_int8_t local[QENTRY_LEN];
1099
1100
1101         if (isp_getrqentry(isp, &nxti, &optr, &qe)) {
1102                 xpt_print_path(ccb->ccb_h.path);
1103                 printf("Request Queue Overflow in isp_target_start_ctio\n");
1104                 return (CAM_RESRC_UNAVAIL);
1105         }
1106         bzero(local, QENTRY_LEN);
1107
1108         /*
1109          * We're either moving data or completing a command here.
1110          */
1111
1112         if (IS_FC(isp)) {
1113                 atio_private_data_t *atp;
1114                 ct2_entry_t *cto = (ct2_entry_t *) local;
1115
1116                 cto->ct_header.rqs_entry_type = RQSTYPE_CTIO2;
1117                 cto->ct_header.rqs_entry_count = 1;
1118                 cto->ct_iid = cso->init_id;
1119                 if ((FCPARAM(isp)->isp_fwattr & ISP_FW_ATTR_SCCLUN) == 0) {
1120                         cto->ct_lun = ccb->ccb_h.target_lun;
1121                 }
1122
1123                 atp = isp_get_atpd(isp, cso->tag_id);
1124                 if (atp == NULL) {
1125                         isp_prt(isp, ISP_LOGERR,
1126                             "cannot find private data adjunct for tag %x",
1127                             cso->tag_id);
1128                         return (-1);
1129                 }
1130
1131                 cto->ct_rxid = cso->tag_id;
1132                 if (cso->dxfer_len == 0) {
1133                         cto->ct_flags |= CT2_FLAG_MODE1 | CT2_NO_DATA;
1134                         if (ccb->ccb_h.flags & CAM_SEND_STATUS) {
1135                                 cto->ct_flags |= CT2_SENDSTATUS;
1136                                 cto->rsp.m1.ct_scsi_status = cso->scsi_status;
1137                                 cto->ct_resid =
1138                                     atp->orig_datalen - atp->bytes_xfered;
1139                                 if (cto->ct_resid < 0) {
1140                                         cto->rsp.m1.ct_scsi_status |=
1141                                             CT2_DATA_OVER;
1142                                 } else if (cto->ct_resid > 0) {
1143                                         cto->rsp.m1.ct_scsi_status |=
1144                                             CT2_DATA_UNDER;
1145                                 }
1146                         }
1147                         if ((ccb->ccb_h.flags & CAM_SEND_SENSE) != 0) {
1148                                 int m = min(cso->sense_len, MAXRESPLEN);
1149                                 bcopy(&cso->sense_data, cto->rsp.m1.ct_resp, m);
1150                                 cto->rsp.m1.ct_senselen = m;
1151                                 cto->rsp.m1.ct_scsi_status |= CT2_SNSLEN_VALID;
1152                         }
1153                 } else {
1154                         cto->ct_flags |= CT2_FLAG_MODE0;
1155                         if ((cso->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1156                                 cto->ct_flags |= CT2_DATA_IN;
1157                         } else {
1158                                 cto->ct_flags |= CT2_DATA_OUT;
1159                         }
1160                         cto->ct_reloff = atp->bytes_xfered;
1161                         if ((ccb->ccb_h.flags & CAM_SEND_STATUS) != 0) {
1162                                 cto->ct_flags |= CT2_SENDSTATUS;
1163                                 cto->rsp.m0.ct_scsi_status = cso->scsi_status;
1164                                 cto->ct_resid =
1165                                     atp->orig_datalen -
1166                                     (atp->bytes_xfered + cso->dxfer_len);
1167                                 if (cto->ct_resid < 0) {
1168                                         cto->rsp.m0.ct_scsi_status |=
1169                                             CT2_DATA_OVER;
1170                                 } else if (cto->ct_resid > 0) {
1171                                         cto->rsp.m0.ct_scsi_status |=
1172                                             CT2_DATA_UNDER;
1173                                 }
1174                         } else {
1175                                 atp->last_xframt = cso->dxfer_len;
1176                         }
1177                         /*
1178                          * If we're sending data and status back together,
1179                          * we can't also send back sense data as well.
1180                          */
1181                         ccb->ccb_h.flags &= ~CAM_SEND_SENSE;
1182                 }
1183
1184                 if (cto->ct_flags & CT2_SENDSTATUS) {
1185                         isp_prt(isp, ISP_LOGTDEBUG0,
1186                             "CTIO2[%x] STATUS %x origd %u curd %u resid %u",
1187                             cto->ct_rxid, cso->scsi_status, atp->orig_datalen,
1188                             cso->dxfer_len, cto->ct_resid);
1189                         cto->ct_flags |= CT2_CCINCR;
1190                         atp->state = ATPD_STATE_LAST_CTIO;
1191                 } else
1192                         atp->state = ATPD_STATE_CTIO;
1193                 cto->ct_timeout = 10;
1194                 hp = &cto->ct_syshandle;
1195         } else {
1196                 ct_entry_t *cto = (ct_entry_t *) local;
1197
1198                 cto->ct_header.rqs_entry_type = RQSTYPE_CTIO;
1199                 cto->ct_header.rqs_entry_count = 1;
1200                 cto->ct_iid = cso->init_id;
1201                 cto->ct_iid |= XS_CHANNEL(ccb) << 7;
1202                 cto->ct_tgt = ccb->ccb_h.target_id;
1203                 cto->ct_lun = ccb->ccb_h.target_lun;
1204                 cto->ct_fwhandle = AT_GET_HANDLE(cso->tag_id);
1205                 if (AT_HAS_TAG(cso->tag_id)) {
1206                         cto->ct_tag_val = (u_int8_t) AT_GET_TAG(cso->tag_id);
1207                         cto->ct_flags |= CT_TQAE;
1208                 }
1209                 if (ccb->ccb_h.flags & CAM_DIS_DISCONNECT) {
1210                         cto->ct_flags |= CT_NODISC;
1211                 }
1212                 if (cso->dxfer_len == 0) {
1213                         cto->ct_flags |= CT_NO_DATA;
1214                 } else if ((cso->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1215                         cto->ct_flags |= CT_DATA_IN;
1216                 } else {
1217                         cto->ct_flags |= CT_DATA_OUT;
1218                 }
1219                 if (ccb->ccb_h.flags & CAM_SEND_STATUS) {
1220                         cto->ct_flags |= CT_SENDSTATUS|CT_CCINCR;
1221                         cto->ct_scsi_status = cso->scsi_status;
1222                         cto->ct_resid = cso->resid;
1223                         isp_prt(isp, ISP_LOGTDEBUG0,
1224                             "CTIO[%x] SCSI STATUS 0x%x resid %d tag_id %x",
1225                             cto->ct_fwhandle, cso->scsi_status, cso->resid,
1226                             cso->tag_id);
1227                 }
1228                 ccb->ccb_h.flags &= ~CAM_SEND_SENSE;
1229                 cto->ct_timeout = 10;
1230                 hp = &cto->ct_syshandle;
1231         }
1232
1233         if (isp_save_xs(isp, (XS_T *)ccb, hp)) {
1234                 xpt_print_path(ccb->ccb_h.path);
1235                 printf("No XFLIST pointers for isp_target_start_ctio\n");
1236                 return (CAM_RESRC_UNAVAIL);
1237         }
1238
1239
1240         /*
1241          * Call the dma setup routines for this entry (and any subsequent
1242          * CTIOs) if there's data to move, and then tell the f/w it's got
1243          * new things to play with. As with isp_start's usage of DMA setup,
1244          * any swizzling is done in the machine dependent layer. Because
1245          * of this, we put the request onto the queue area first in native
1246          * format.
1247          */
1248
1249         save_handle = *hp;
1250
1251         switch (ISP_DMASETUP(isp, cso, (ispreq_t *) local, &nxti, optr)) {
1252         case CMD_QUEUED:
1253                 ISP_ADD_REQUEST(isp, nxti);
1254                 return (CAM_REQ_INPROG);
1255
1256         case CMD_EAGAIN:
1257                 ccb->ccb_h.status = CAM_RESRC_UNAVAIL;
1258                 isp_destroy_handle(isp, save_handle);
1259                 return (CAM_RESRC_UNAVAIL);
1260
1261         default:
1262                 isp_destroy_handle(isp, save_handle);
1263                 return (XS_ERR(ccb));
1264         }
1265 }
1266
1267 static void
1268 isp_refire_putback_atio(void *arg)
1269 {
1270         crit_enter();
1271         isp_target_putback_atio(arg);
1272         crit_exit();
1273 }
1274
1275 static void
1276 isp_target_putback_atio(union ccb *ccb)
1277 {
1278         struct ispsoftc *isp;
1279         struct ccb_scsiio *cso;
1280         u_int16_t nxti, optr;
1281         void *qe;
1282
1283         isp = XS_ISP(ccb);
1284
1285         if (isp_getrqentry(isp, &nxti, &optr, &qe)) {
1286                 (void) timeout(isp_refire_putback_atio, ccb, 10);
1287                 isp_prt(isp, ISP_LOGWARN,
1288                     "isp_target_putback_atio: Request Queue Overflow"); 
1289                 return;
1290         }
1291         bzero(qe, QENTRY_LEN);
1292         cso = &ccb->csio;
1293         if (IS_FC(isp)) {
1294                 at2_entry_t local, *at = &local;
1295                 MEMZERO(at, sizeof (at2_entry_t));
1296                 at->at_header.rqs_entry_type = RQSTYPE_ATIO2;
1297                 at->at_header.rqs_entry_count = 1;
1298                 if ((FCPARAM(isp)->isp_fwattr & ISP_FW_ATTR_SCCLUN) != 0) {
1299                         at->at_scclun = (uint16_t) ccb->ccb_h.target_lun;
1300                 } else {
1301                         at->at_lun = (uint8_t) ccb->ccb_h.target_lun;
1302                 }
1303                 at->at_status = CT_OK;
1304                 at->at_rxid = cso->tag_id;
1305                 at->at_iid = cso->ccb_h.target_id;
1306                 isp_put_atio2(isp, at, qe);
1307         } else {
1308                 at_entry_t local, *at = &local;
1309                 MEMZERO(at, sizeof (at_entry_t));
1310                 at->at_header.rqs_entry_type = RQSTYPE_ATIO;
1311                 at->at_header.rqs_entry_count = 1;
1312                 at->at_iid = cso->init_id;
1313                 at->at_iid |= XS_CHANNEL(ccb) << 7;
1314                 at->at_tgt = cso->ccb_h.target_id;
1315                 at->at_lun = cso->ccb_h.target_lun;
1316                 at->at_status = CT_OK;
1317                 at->at_tag_val = AT_GET_TAG(cso->tag_id);
1318                 at->at_handle = AT_GET_HANDLE(cso->tag_id);
1319                 isp_put_atio(isp, at, qe);
1320         }
1321         ISP_TDQE(isp, "isp_target_putback_atio", (int) optr, qe);
1322         ISP_ADD_REQUEST(isp, nxti);
1323         isp_complete_ctio(ccb);
1324 }
1325
1326 static void
1327 isp_complete_ctio(union ccb *ccb)
1328 {
1329         if ((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_INPROG) {
1330                 ccb->ccb_h.status |= CAM_REQ_CMP;
1331         }
1332         ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
1333         xpt_done(ccb);
1334 }
1335
1336 /*
1337  * Handle ATIO stuff that the generic code can't.
1338  * This means handling CDBs.
1339  */
1340
1341 static int
1342 isp_handle_platform_atio(struct ispsoftc *isp, at_entry_t *aep)
1343 {
1344         tstate_t *tptr;
1345         int status, bus, iswildcard;
1346         struct ccb_accept_tio *atiop;
1347
1348         /*
1349          * The firmware status (except for the QLTM_SVALID bit)
1350          * indicates why this ATIO was sent to us.
1351          *
1352          * If QLTM_SVALID is set, the firware has recommended Sense Data.
1353          *
1354          * If the DISCONNECTS DISABLED bit is set in the flags field,
1355          * we're still connected on the SCSI bus.
1356          */
1357         status = aep->at_status;
1358         if ((status & ~QLTM_SVALID) == AT_PHASE_ERROR) {
1359                 /*
1360                  * Bus Phase Sequence error. We should have sense data
1361                  * suggested by the f/w. I'm not sure quite yet what
1362                  * to do about this for CAM.
1363                  */
1364                 isp_prt(isp, ISP_LOGWARN, "PHASE ERROR");
1365                 isp_endcmd(isp, aep, SCSI_STATUS_BUSY, 0);
1366                 return (0);
1367         }
1368         if ((status & ~QLTM_SVALID) != AT_CDB) {
1369                 isp_prt(isp, ISP_LOGWARN, "bad atio (0x%x) leaked to platform",
1370                     status);
1371                 isp_endcmd(isp, aep, SCSI_STATUS_BUSY, 0);
1372                 return (0);
1373         }
1374
1375         bus = GET_BUS_VAL(aep->at_iid);
1376         tptr = get_lun_statep(isp, bus, aep->at_lun);
1377         if (tptr == NULL) {
1378                 tptr = get_lun_statep(isp, bus, CAM_LUN_WILDCARD);
1379                 iswildcard = 1;
1380         } else {
1381                 iswildcard = 0;
1382         }
1383
1384         if (tptr == NULL) {
1385                 /*
1386                  * Because we can't autofeed sense data back with
1387                  * a command for parallel SCSI, we can't give back
1388                  * a CHECK CONDITION. We'll give back a BUSY status
1389                  * instead. This works out okay because the only
1390                  * time we should, in fact, get this, is in the
1391                  * case that somebody configured us without the
1392                  * blackhole driver, so they get what they deserve.
1393                  */
1394                 isp_endcmd(isp, aep, SCSI_STATUS_BUSY, 0);
1395                 return (0);
1396         }
1397
1398         atiop = (struct ccb_accept_tio *) SLIST_FIRST(&tptr->atios);
1399         if (atiop == NULL) {
1400                 /*
1401                  * Because we can't autofeed sense data back with
1402                  * a command for parallel SCSI, we can't give back
1403                  * a CHECK CONDITION. We'll give back a QUEUE FULL status
1404                  * instead. This works out okay because the only time we
1405                  * should, in fact, get this, is in the case that we've
1406                  * run out of ATIOS.
1407                  */
1408                 xpt_print_path(tptr->owner);
1409                 isp_prt(isp, ISP_LOGWARN,
1410                     "no ATIOS for lun %d from initiator %d on channel %d",
1411                     aep->at_lun, GET_IID_VAL(aep->at_iid), bus);
1412                 if (aep->at_flags & AT_TQAE)
1413                         isp_endcmd(isp, aep, SCSI_STATUS_QUEUE_FULL, 0);
1414                 else
1415                         isp_endcmd(isp, aep, SCSI_STATUS_BUSY, 0);
1416                 rls_lun_statep(isp, tptr);
1417                 return (0);
1418         }
1419         SLIST_REMOVE_HEAD(&tptr->atios, sim_links.sle);
1420         if (iswildcard) {
1421                 atiop->ccb_h.target_id = aep->at_tgt;
1422                 atiop->ccb_h.target_lun = aep->at_lun;
1423         }
1424         if (aep->at_flags & AT_NODISC) {
1425                 atiop->ccb_h.flags = CAM_DIS_DISCONNECT;
1426         } else {
1427                 atiop->ccb_h.flags = 0;
1428         }
1429
1430         if (status & QLTM_SVALID) {
1431                 size_t amt = imin(QLTM_SENSELEN, sizeof (atiop->sense_data));
1432                 atiop->sense_len = amt;
1433                 MEMCPY(&atiop->sense_data, aep->at_sense, amt);
1434         } else {
1435                 atiop->sense_len = 0;
1436         }
1437
1438         atiop->init_id = GET_IID_VAL(aep->at_iid);
1439         atiop->cdb_len = aep->at_cdblen;
1440         MEMCPY(atiop->cdb_io.cdb_bytes, aep->at_cdb, aep->at_cdblen);
1441         atiop->ccb_h.status = CAM_CDB_RECVD;
1442         /*
1443          * Construct a tag 'id' based upon tag value (which may be 0..255)
1444          * and the handle (which we have to preserve).
1445          */
1446         AT_MAKE_TAGID(atiop->tag_id, aep);
1447         if (aep->at_flags & AT_TQAE) {
1448                 atiop->tag_action = aep->at_tag_type;
1449                 atiop->ccb_h.status |= CAM_TAG_ACTION_VALID;
1450         }
1451         xpt_done((union ccb*)atiop);
1452         isp_prt(isp, ISP_LOGTDEBUG0,
1453             "ATIO[%x] CDB=0x%x bus %d iid%d->lun%d tag 0x%x ttype 0x%x %s",
1454             aep->at_handle, aep->at_cdb[0] & 0xff, GET_BUS_VAL(aep->at_iid),
1455             GET_IID_VAL(aep->at_iid), aep->at_lun, aep->at_tag_val & 0xff,
1456             aep->at_tag_type, (aep->at_flags & AT_NODISC)?
1457             "nondisc" : "disconnecting");
1458         rls_lun_statep(isp, tptr);
1459         return (0);
1460 }
1461
1462 static int
1463 isp_handle_platform_atio2(struct ispsoftc *isp, at2_entry_t *aep)
1464 {
1465         lun_id_t lun;
1466         tstate_t *tptr;
1467         struct ccb_accept_tio *atiop;
1468         atio_private_data_t *atp;
1469
1470         /*
1471          * The firmware status (except for the QLTM_SVALID bit)
1472          * indicates why this ATIO was sent to us.
1473          *
1474          * If QLTM_SVALID is set, the firware has recommended Sense Data.
1475          */
1476         if ((aep->at_status & ~QLTM_SVALID) != AT_CDB) {
1477                 isp_prt(isp, ISP_LOGWARN,
1478                     "bogus atio (0x%x) leaked to platform", aep->at_status);
1479                 isp_endcmd(isp, aep, SCSI_STATUS_BUSY, 0);
1480                 return (0);
1481         }
1482
1483         if ((FCPARAM(isp)->isp_fwattr & ISP_FW_ATTR_SCCLUN) != 0) {
1484                 lun = aep->at_scclun;
1485         } else {
1486                 lun = aep->at_lun;
1487         }
1488         tptr = get_lun_statep(isp, 0, lun);
1489         if (tptr == NULL) {
1490                 isp_prt(isp, ISP_LOGWARN, "no state pointer for lun %d", lun);
1491                 tptr = get_lun_statep(isp, 0, CAM_LUN_WILDCARD);
1492         }
1493
1494         if (tptr == NULL) {
1495                 /*
1496                  * What we'd like to know is whether or not we have a listener
1497                  * upstream that really hasn't configured yet. If we do, then
1498                  * we can give a more sensible reply here. If not, then we can
1499                  * reject this out of hand.
1500                  *
1501                  * Choices for what to send were
1502                  *
1503                  *      Not Ready, Unit Not Self-Configured Yet
1504                  *      (0x2,0x3e,0x00)
1505                  *
1506                  * for the former and
1507                  *
1508                  *      Illegal Request, Logical Unit Not Supported
1509                  *      (0x5,0x25,0x00)
1510                  *
1511                  * for the latter.
1512                  *
1513                  * We used to decide whether there was at least one listener
1514                  * based upon whether the black hole driver was configured.
1515                  * However, recent config(8) changes have made this hard to do
1516                  * at this time.
1517                  *
1518                  */
1519                 isp_endcmd(isp, aep, SCSI_STATUS_BUSY, 0);
1520                 return (0);
1521         }
1522
1523         atp = isp_get_atpd(isp, 0);
1524         atiop = (struct ccb_accept_tio *) SLIST_FIRST(&tptr->atios);
1525         if (atiop == NULL || atp == NULL) {
1526                 /*
1527                  * Because we can't autofeed sense data back with
1528                  * a command for parallel SCSI, we can't give back
1529                  * a CHECK CONDITION. We'll give back a QUEUE FULL status
1530                  * instead. This works out okay because the only time we
1531                  * should, in fact, get this, is in the case that we've
1532                  * run out of ATIOS.
1533                  */
1534                 xpt_print_path(tptr->owner);
1535                 isp_prt(isp, ISP_LOGWARN,
1536                     "no %s for lun %d from initiator %d",
1537                     (atp == NULL && atiop == NULL)? "ATIO2s *or* ATPS" :
1538                     ((atp == NULL)? "ATPs" : "ATIO2s"), lun, aep->at_iid);
1539                 rls_lun_statep(isp, tptr);
1540                 isp_endcmd(isp, aep, SCSI_STATUS_QUEUE_FULL, 0);
1541                 return (0);
1542         }
1543         atp->state = ATPD_STATE_ATIO;
1544         SLIST_REMOVE_HEAD(&tptr->atios, sim_links.sle);
1545         tptr->atio_count--;
1546         isp_prt(isp, ISP_LOGTDEBUG0, "Take FREE ATIO2 lun %d, count now %d",
1547             lun, tptr->atio_count);
1548
1549         if (tptr == &isp->isp_osinfo.tsdflt[0]) {
1550                 atiop->ccb_h.target_id =
1551                     ((fcparam *)isp->isp_param)->isp_loopid;
1552                 atiop->ccb_h.target_lun = lun;
1553         }
1554         /*
1555          * We don't get 'suggested' sense data as we do with SCSI cards.
1556          */
1557         atiop->sense_len = 0;
1558
1559         atiop->init_id = aep->at_iid;
1560         atiop->cdb_len = ATIO2_CDBLEN;
1561         MEMCPY(atiop->cdb_io.cdb_bytes, aep->at_cdb, ATIO2_CDBLEN);
1562         atiop->ccb_h.status = CAM_CDB_RECVD;
1563         atiop->tag_id = aep->at_rxid;
1564         switch (aep->at_taskflags & ATIO2_TC_ATTR_MASK) {
1565         case ATIO2_TC_ATTR_SIMPLEQ:
1566                 atiop->tag_action = MSG_SIMPLE_Q_TAG;
1567                 break;
1568         case ATIO2_TC_ATTR_HEADOFQ:
1569                 atiop->tag_action = MSG_HEAD_OF_Q_TAG;
1570                 break;
1571         case ATIO2_TC_ATTR_ORDERED:
1572                 atiop->tag_action = MSG_ORDERED_Q_TAG;
1573                 break;
1574         case ATIO2_TC_ATTR_ACAQ:                /* ?? */
1575         case ATIO2_TC_ATTR_UNTAGGED:
1576         default:
1577                 atiop->tag_action = 0;
1578                 break;
1579         }
1580         atiop->ccb_h.flags = CAM_TAG_ACTION_VALID;
1581
1582         atp->tag = atiop->tag_id;
1583         atp->lun = lun;
1584         atp->orig_datalen = aep->at_datalen;
1585         atp->last_xframt = 0;
1586         atp->bytes_xfered = 0;
1587         atp->state = ATPD_STATE_CAM;
1588         xpt_done((union ccb*)atiop);
1589
1590         isp_prt(isp, ISP_LOGTDEBUG0,
1591             "ATIO2[%x] CDB=0x%x iid%d->lun%d tattr 0x%x datalen %u",
1592             aep->at_rxid, aep->at_cdb[0] & 0xff, aep->at_iid,
1593             lun, aep->at_taskflags, aep->at_datalen);
1594         rls_lun_statep(isp, tptr);
1595         return (0);
1596 }
1597
1598 static int
1599 isp_handle_platform_ctio(struct ispsoftc *isp, void *arg)
1600 {
1601         union ccb *ccb;
1602         int sentstatus, ok, notify_cam, resid = 0;
1603         u_int16_t tval;
1604
1605         /*
1606          * CTIO and CTIO2 are close enough....
1607          */
1608
1609         ccb = (union ccb *) isp_find_xs(isp, ((ct_entry_t *)arg)->ct_syshandle);
1610         KASSERT((ccb != NULL), ("null ccb in isp_handle_platform_ctio"));
1611         isp_destroy_handle(isp, ((ct_entry_t *)arg)->ct_syshandle);
1612
1613         if (IS_FC(isp)) {
1614                 ct2_entry_t *ct = arg;
1615                 atio_private_data_t *atp = isp_get_atpd(isp, ct->ct_rxid);
1616                 if (atp == NULL) {
1617                         isp_prt(isp, ISP_LOGERR,
1618                             "cannot find adjunct for %x after I/O",
1619                             ct->ct_rxid);
1620                         return (0);
1621                 }
1622                 sentstatus = ct->ct_flags & CT2_SENDSTATUS;
1623                 ok = (ct->ct_status & ~QLTM_SVALID) == CT_OK;
1624                 if (ok && sentstatus && (ccb->ccb_h.flags & CAM_SEND_SENSE)) {
1625                         ccb->ccb_h.status |= CAM_SENT_SENSE;
1626                 }
1627                 notify_cam = ct->ct_header.rqs_seqno & 0x1;
1628                 if ((ct->ct_flags & CT2_DATAMASK) != CT2_NO_DATA) {
1629                         resid = ct->ct_resid;
1630                         atp->bytes_xfered += (atp->last_xframt - resid);
1631                         atp->last_xframt = 0;
1632                 }
1633                 if (sentstatus || !ok) {
1634                         atp->tag = 0;
1635                 }
1636                 isp_prt(isp, ok? ISP_LOGTDEBUG0 : ISP_LOGWARN,
1637                     "CTIO2[%x] sts 0x%x flg 0x%x sns %d resid %d %s",
1638                     ct->ct_rxid, ct->ct_status, ct->ct_flags,
1639                     (ccb->ccb_h.status & CAM_SENT_SENSE) != 0,
1640                     resid, sentstatus? "FIN" : "MID");
1641                 tval = ct->ct_rxid;
1642
1643                 /* XXX: should really come after isp_complete_ctio */
1644                 atp->state = ATPD_STATE_PDON;
1645         } else {
1646                 ct_entry_t *ct = arg;
1647                 sentstatus = ct->ct_flags & CT_SENDSTATUS;
1648                 ok = (ct->ct_status  & ~QLTM_SVALID) == CT_OK;
1649                 /*
1650                  * We *ought* to be able to get back to the original ATIO
1651                  * here, but for some reason this gets lost. It's just as
1652                  * well because it's squirrelled away as part of periph
1653                  * private data.
1654                  *
1655                  * We can live without it as long as we continue to use
1656                  * the auto-replenish feature for CTIOs.
1657                  */
1658                 notify_cam = ct->ct_header.rqs_seqno & 0x1;
1659                 if (ct->ct_status & QLTM_SVALID) {
1660                         char *sp = (char *)ct;
1661                         sp += CTIO_SENSE_OFFSET;
1662                         ccb->csio.sense_len =
1663                             min(sizeof (ccb->csio.sense_data), QLTM_SENSELEN);
1664                         MEMCPY(&ccb->csio.sense_data, sp, ccb->csio.sense_len);
1665                         ccb->ccb_h.status |= CAM_AUTOSNS_VALID;
1666                 }
1667                 if ((ct->ct_flags & CT_DATAMASK) != CT_NO_DATA) {
1668                         resid = ct->ct_resid;
1669                 }
1670                 isp_prt(isp, ISP_LOGTDEBUG0,
1671                     "CTIO[%x] tag %x iid %d lun %d sts %x flg %x resid %d %s",
1672                     ct->ct_fwhandle, ct->ct_tag_val, ct->ct_iid, ct->ct_lun,
1673                     ct->ct_status, ct->ct_flags, resid,
1674                     sentstatus? "FIN" : "MID");
1675                 tval = ct->ct_fwhandle;
1676         }
1677         ccb->csio.resid += resid;
1678
1679         /*
1680          * We're here either because intermediate data transfers are done
1681          * and/or the final status CTIO (which may have joined with a
1682          * Data Transfer) is done.
1683          *
1684          * In any case, for this platform, the upper layers figure out
1685          * what to do next, so all we do here is collect status and
1686          * pass information along. Any DMA handles have already been
1687          * freed.
1688          */
1689         if (notify_cam == 0) {
1690                 isp_prt(isp, ISP_LOGTDEBUG0, "  INTER CTIO[0x%x] done", tval);
1691                 return (0);
1692         }
1693
1694         isp_prt(isp, ISP_LOGTDEBUG0, "%s CTIO[0x%x] done",
1695             (sentstatus)? "  FINAL " : "MIDTERM ", tval);
1696
1697         if (!ok) {
1698                 isp_target_putback_atio(ccb);
1699         } else {
1700                 isp_complete_ctio(ccb);
1701
1702         }
1703         return (0);
1704 }
1705
1706 static int
1707 isp_handle_platform_notify_scsi(struct ispsoftc *isp, in_entry_t *inp)
1708 {
1709         return (0);     /* XXXX */
1710 }
1711
1712 static int
1713 isp_handle_platform_notify_fc(struct ispsoftc *isp, in_fcentry_t *inp)
1714 {
1715
1716         switch (inp->in_status) {
1717         case IN_PORT_LOGOUT:
1718                 isp_prt(isp, ISP_LOGWARN, "port logout of iid %d",
1719                    inp->in_iid);
1720                 break;
1721         case IN_PORT_CHANGED:
1722                 isp_prt(isp, ISP_LOGWARN, "port changed for iid %d",
1723                    inp->in_iid);
1724                 break;
1725         case IN_GLOBAL_LOGO:
1726                 isp_prt(isp, ISP_LOGINFO, "all ports logged out");
1727                 break;
1728         case IN_ABORT_TASK:
1729         {
1730                 atio_private_data_t *atp = isp_get_atpd(isp, inp->in_seqid);
1731                 struct ccb_immed_notify *inot = NULL;
1732
1733                 if (atp) {
1734                         tstate_t *tptr = get_lun_statep(isp, 0, atp->lun);
1735                         if (tptr) {
1736                                 inot = (struct ccb_immed_notify *)
1737                                     SLIST_FIRST(&tptr->inots);
1738                                 if (inot) {
1739                                         SLIST_REMOVE_HEAD(&tptr->inots,
1740                                             sim_links.sle);
1741                                 }
1742                         }
1743                         isp_prt(isp, ISP_LOGWARN,
1744                            "abort task RX_ID %x IID %d state %d",
1745                            inp->in_seqid, inp->in_iid, atp->state);
1746                 } else {
1747                         isp_prt(isp, ISP_LOGWARN,
1748                            "abort task RX_ID %x from iid %d, state unknown",
1749                            inp->in_seqid, inp->in_iid);
1750                 }
1751                 if (inot) {
1752                         inot->initiator_id = inp->in_iid;
1753                         inot->sense_len = 0;
1754                         inot->message_args[0] = MSG_ABORT_TAG;
1755                         inot->message_args[1] = inp->in_seqid & 0xff;
1756                         inot->message_args[2] = (inp->in_seqid >> 8) & 0xff;
1757                         inot->ccb_h.status = CAM_MESSAGE_RECV|CAM_DEV_QFRZN;
1758                         xpt_done((union ccb *)inot);
1759                 }
1760                 break;
1761         }
1762         default:
1763                 break;
1764         }
1765         return (0);
1766 }
1767 #endif
1768
1769 static void
1770 isp_cam_async(void *cbarg, u_int32_t code, struct cam_path *path, void *arg)
1771 {
1772         struct cam_sim *sim;
1773         struct ispsoftc *isp;
1774
1775         sim = (struct cam_sim *)cbarg;
1776         isp = (struct ispsoftc *) cam_sim_softc(sim);
1777         switch (code) {
1778         case AC_LOST_DEVICE:
1779                 if (IS_SCSI(isp)) {
1780                         u_int16_t oflags, nflags;
1781                         sdparam *sdp = isp->isp_param;
1782                         int tgt;
1783
1784                         tgt = xpt_path_target_id(path);
1785                         if (tgt >= 0) {
1786                                 sdp += cam_sim_bus(sim);
1787                                 ISP_LOCK(isp);
1788                                 nflags = sdp->isp_devparam[tgt].nvrm_flags;
1789 #ifndef ISP_TARGET_MODE
1790                                 nflags &= DPARM_SAFE_DFLT;
1791                                 if (isp->isp_loaded_fw) {
1792                                         nflags |= DPARM_NARROW | DPARM_ASYNC;
1793                                 }
1794 #else
1795                                 nflags = DPARM_DEFAULT;
1796 #endif
1797                                 oflags = sdp->isp_devparam[tgt].goal_flags;
1798                                 sdp->isp_devparam[tgt].goal_flags = nflags;
1799                                 sdp->isp_devparam[tgt].dev_update = 1;
1800                                 isp->isp_update |= (1 << cam_sim_bus(sim));
1801                                 (void) isp_control(isp,
1802                                     ISPCTL_UPDATE_PARAMS, NULL);
1803                                 sdp->isp_devparam[tgt].goal_flags = oflags;
1804                                 ISP_UNLOCK(isp);
1805                         }
1806                 }
1807                 break;
1808         default:
1809                 isp_prt(isp, ISP_LOGWARN, "isp_cam_async: Code 0x%x", code);
1810                 break;
1811         }
1812 }
1813
1814 static void
1815 isp_poll(struct cam_sim *sim)
1816 {
1817         struct ispsoftc *isp = cam_sim_softc(sim);
1818         u_int16_t isr, sema, mbox;
1819
1820         ISP_LOCK(isp);
1821         if (ISP_READ_ISR(isp, &isr, &sema, &mbox)) {
1822                 isp_intr(isp, isr, sema, mbox);
1823         }
1824         ISP_UNLOCK(isp);
1825 }
1826
1827
1828 static void
1829 isp_watchdog(void *arg)
1830 {
1831         XS_T *xs = arg;
1832         struct ispsoftc *isp = XS_ISP(xs);
1833         u_int32_t handle;
1834         int iok;
1835
1836         /*
1837          * We've decided this command is dead. Make sure we're not trying
1838          * to kill a command that's already dead by getting it's handle and
1839          * and seeing whether it's still alive.
1840          */
1841         ISP_LOCK(isp);
1842         iok = isp->isp_osinfo.intsok;
1843         isp->isp_osinfo.intsok = 0;
1844         handle = isp_find_handle(isp, xs);
1845         if (handle) {
1846                 u_int16_t isr, sema, mbox;
1847
1848                 if (XS_CMD_DONE_P(xs)) {
1849                         isp_prt(isp, ISP_LOGDEBUG1,
1850                             "watchdog found done cmd (handle 0x%x)", handle);
1851                         ISP_UNLOCK(isp);
1852                         return;
1853                 }
1854
1855                 if (XS_CMD_WDOG_P(xs)) {
1856                         isp_prt(isp, ISP_LOGDEBUG2,
1857                             "recursive watchdog (handle 0x%x)", handle);
1858                         ISP_UNLOCK(isp);
1859                         return;
1860                 }
1861
1862                 XS_CMD_S_WDOG(xs);
1863                 if (ISP_READ_ISR(isp, &isr, &sema, &mbox)) {
1864                         isp_intr(isp, isr, sema, mbox);
1865                 }
1866                 if (XS_CMD_DONE_P(xs)) {
1867                         isp_prt(isp, ISP_LOGDEBUG2,
1868                             "watchdog cleanup for handle 0x%x", handle);
1869                         xpt_done((union ccb *) xs);
1870                 } else if (XS_CMD_GRACE_P(xs)) {
1871                         /*
1872                          * Make sure the command is *really* dead before we
1873                          * release the handle (and DMA resources) for reuse.
1874                          */
1875                         (void) isp_control(isp, ISPCTL_ABORT_CMD, arg);
1876
1877                         /*
1878                          * After this point, the comamnd is really dead.
1879                          */
1880                         if (XS_XFRLEN(xs)) {
1881                                 ISP_DMAFREE(isp, xs, handle);
1882                         } 
1883                         isp_destroy_handle(isp, handle);
1884                         xpt_print_path(xs->ccb_h.path);
1885                         isp_prt(isp, ISP_LOGWARN,
1886                             "watchdog timeout for handle 0x%x", handle);
1887                         XS_SETERR(xs, CAM_CMD_TIMEOUT);
1888                         XS_CMD_C_WDOG(xs);
1889                         isp_done(xs);
1890                 } else {
1891                         u_int16_t nxti, optr;
1892                         ispreq_t local, *mp= &local, *qe;
1893
1894                         XS_CMD_C_WDOG(xs);
1895                         callout_reset(&xs->ccb_h.timeout_ch, hz,
1896                                       isp_watchdog, xs);
1897                         if (isp_getrqentry(isp, &nxti, &optr, (void **) &qe)) {
1898                                 ISP_UNLOCK(isp);
1899                                 return;
1900                         }
1901                         XS_CMD_S_GRACE(xs);
1902                         MEMZERO((void *) mp, sizeof (*mp));
1903                         mp->req_header.rqs_entry_count = 1;
1904                         mp->req_header.rqs_entry_type = RQSTYPE_MARKER;
1905                         mp->req_modifier = SYNC_ALL;
1906                         mp->req_target = XS_CHANNEL(xs) << 7;
1907                         isp_put_request(isp, mp, qe);
1908                         ISP_ADD_REQUEST(isp, nxti);
1909                 }
1910         } else {
1911                 isp_prt(isp, ISP_LOGDEBUG2, "watchdog with no command");
1912         }
1913         isp->isp_osinfo.intsok = iok;
1914         ISP_UNLOCK(isp);
1915 }
1916
1917 static void
1918 isp_kthread(void *arg)
1919 {
1920         struct ispsoftc *isp = arg;
1921
1922         crit_enter();
1923         isp->isp_osinfo.intsok = 1;
1924
1925         /*
1926          * The first loop is for our usage where we have yet to have
1927          * gotten good fibre channel state.
1928          */
1929         for (;;) {
1930                 int wasfrozen;
1931
1932                 isp_prt(isp, ISP_LOGDEBUG0, "kthread: checking FC state");
1933                 while (isp_fc_runstate(isp, 2 * 1000000) != 0) {
1934                         isp_prt(isp, ISP_LOGDEBUG0, "kthread: FC state ungood");
1935                         if (FCPARAM(isp)->isp_fwstate != FW_READY ||
1936                             FCPARAM(isp)->isp_loopstate < LOOP_PDB_RCVD) {
1937                                 if (FCPARAM(isp)->loop_seen_once == 0 ||
1938                                     isp->isp_osinfo.ktmature == 0) {
1939                                         break;
1940                                 }
1941                         }
1942                         tsleep(isp_kthread, 0, "isp_fcthrd", hz);
1943
1944                 }
1945
1946                 /*
1947                  * Even if we didn't get good loop state we may be
1948                  * unfreezing the SIMQ so that we can kill off
1949                  * commands (if we've never seen loop before, for example).
1950                  */
1951                 isp->isp_osinfo.ktmature = 1;
1952                 wasfrozen = isp->isp_osinfo.simqfrozen & SIMQFRZ_LOOPDOWN;
1953                 isp->isp_osinfo.simqfrozen &= ~SIMQFRZ_LOOPDOWN;
1954                 if (wasfrozen && isp->isp_osinfo.simqfrozen == 0) {
1955                         isp_prt(isp, ISP_LOGDEBUG0, "kthread: releasing simq");
1956                         ISPLOCK_2_CAMLOCK(isp);
1957                         xpt_release_simq(isp->isp_sim, 1);
1958                         CAMLOCK_2_ISPLOCK(isp);
1959                 }
1960                 tsleep(&isp->isp_osinfo.kthread, 0, "isp_fc_worker", 0);
1961                 isp_prt(isp, ISP_LOGDEBUG0, "kthread: waiting until called");
1962         }
1963 }
1964
1965 static void
1966 isp_action(struct cam_sim *sim, union ccb *ccb)
1967 {
1968         int bus, tgt, error;
1969         struct ispsoftc *isp;
1970         struct ccb_trans_settings *cts;
1971
1972         CAM_DEBUG(ccb->ccb_h.path, CAM_DEBUG_TRACE, ("isp_action\n"));
1973         
1974         isp = (struct ispsoftc *)cam_sim_softc(sim);
1975         ccb->ccb_h.sim_priv.entries[0].field = 0;
1976         ccb->ccb_h.sim_priv.entries[1].ptr = isp;
1977         if (isp->isp_state != ISP_RUNSTATE &&
1978             ccb->ccb_h.func_code == XPT_SCSI_IO) {
1979                 CAMLOCK_2_ISPLOCK(isp);
1980                 isp_init(isp);
1981                 if (isp->isp_state != ISP_INITSTATE) {
1982                         ISP_UNLOCK(isp);
1983                         /*
1984                          * Lie. Say it was a selection timeout.
1985                          */
1986                         ccb->ccb_h.status = CAM_SEL_TIMEOUT | CAM_DEV_QFRZN;
1987                         xpt_freeze_devq(ccb->ccb_h.path, 1);
1988                         xpt_done(ccb);
1989                         return;
1990                 }
1991                 isp->isp_state = ISP_RUNSTATE;
1992                 ISPLOCK_2_CAMLOCK(isp);
1993         }
1994         isp_prt(isp, ISP_LOGDEBUG2, "isp_action code %x", ccb->ccb_h.func_code);
1995
1996
1997         switch (ccb->ccb_h.func_code) {
1998         case XPT_SCSI_IO:       /* Execute the requested I/O operation */
1999                 /*
2000                  * Do a couple of preliminary checks...
2001                  */
2002                 if ((ccb->ccb_h.flags & CAM_CDB_POINTER) != 0) {
2003                         if ((ccb->ccb_h.flags & CAM_CDB_PHYS) != 0) {
2004                                 ccb->ccb_h.status = CAM_REQ_INVALID;
2005                                 xpt_done(ccb);
2006                                 break;
2007                         }
2008                 }
2009 #ifdef  DIAGNOSTIC
2010                 if (ccb->ccb_h.target_id > (ISP_MAX_TARGETS(isp) - 1)) {
2011                         ccb->ccb_h.status = CAM_PATH_INVALID;
2012                 } else if (ccb->ccb_h.target_lun > (ISP_MAX_LUNS(isp) - 1)) {
2013                         ccb->ccb_h.status = CAM_PATH_INVALID;
2014                 }
2015                 if (ccb->ccb_h.status == CAM_PATH_INVALID) {
2016                         isp_prt(isp, ISP_LOGERR,
2017                             "invalid tgt/lun (%d.%d) in XPT_SCSI_IO",
2018                             ccb->ccb_h.target_id, ccb->ccb_h.target_lun);
2019                         xpt_done(ccb);
2020                         break;
2021                 }
2022 #endif
2023                 ((struct ccb_scsiio *) ccb)->scsi_status = SCSI_STATUS_OK;
2024                 CAMLOCK_2_ISPLOCK(isp);
2025                 error = isp_start((XS_T *) ccb);
2026                 switch (error) {
2027                 case CMD_QUEUED:
2028                         ccb->ccb_h.status |= CAM_SIM_QUEUED;
2029                         if (ccb->ccb_h.timeout != CAM_TIME_INFINITY) {
2030                                 u_int64_t ticks = (u_int64_t) hz;
2031                                 if (ccb->ccb_h.timeout == CAM_TIME_DEFAULT)
2032                                         ticks = 60 * 1000 * ticks;
2033                                 else
2034                                         ticks = ccb->ccb_h.timeout * hz;
2035                                 ticks = ((ticks + 999) / 1000) + hz + hz;
2036                                 if (ticks >= 0x80000000) {
2037                                         isp_prt(isp, ISP_LOGERR,
2038                                             "timeout overflow");
2039                                         ticks = 0x7fffffff;
2040                                 }
2041                                 callout_reset(&ccb->ccb_h.timeout_ch, ticks,
2042                                     isp_watchdog, ccb);
2043                         }
2044                         ISPLOCK_2_CAMLOCK(isp);
2045                         break;
2046                 case CMD_RQLATER:
2047                         /*
2048                          * This can only happen for Fibre Channel
2049                          */
2050                         KASSERT((IS_FC(isp)), ("CMD_RQLATER for FC only"));
2051                         if (FCPARAM(isp)->loop_seen_once == 0 &&
2052                             isp->isp_osinfo.ktmature) {
2053                                 ISPLOCK_2_CAMLOCK(isp);
2054                                 XS_SETERR(ccb, CAM_SEL_TIMEOUT);
2055                                 xpt_done(ccb);
2056                                 break;
2057                         }
2058                         wakeup(&isp->isp_osinfo.kthread);
2059                         isp_freeze_loopdown(isp, "isp_action(RQLATER)");
2060                         isp->isp_osinfo.simqfrozen |= SIMQFRZ_LOOPDOWN;
2061                         XS_SETERR(ccb, CAM_REQUEUE_REQ);
2062                         ISPLOCK_2_CAMLOCK(isp);
2063                         xpt_done(ccb);
2064                         break;
2065                 case CMD_EAGAIN:
2066                         XS_SETERR(ccb, CAM_REQUEUE_REQ);
2067                         ISPLOCK_2_CAMLOCK(isp);
2068                         xpt_done(ccb);
2069                         break;
2070                 case CMD_COMPLETE:
2071                         isp_done((struct ccb_scsiio *) ccb);
2072                         ISPLOCK_2_CAMLOCK(isp);
2073                         break;
2074                 default:
2075                         isp_prt(isp, ISP_LOGERR,
2076                             "What's this? 0x%x at %d in file %s",
2077                             error, __LINE__, __FILE__);
2078                         XS_SETERR(ccb, CAM_REQ_CMP_ERR);
2079                         xpt_done(ccb);
2080                         ISPLOCK_2_CAMLOCK(isp);
2081                 }
2082                 break;
2083
2084 #ifdef  ISP_TARGET_MODE
2085         case XPT_EN_LUN:                /* Enable LUN as a target */
2086         {
2087                 int iok;
2088                 CAMLOCK_2_ISPLOCK(isp);
2089                 iok = isp->isp_osinfo.intsok;
2090                 isp->isp_osinfo.intsok = 0;
2091                 isp_en_lun(isp, ccb);
2092                 isp->isp_osinfo.intsok = iok;
2093                 ISPLOCK_2_CAMLOCK(isp);
2094                 xpt_done(ccb);
2095                 break;
2096         }
2097         case XPT_NOTIFY_ACK:            /* recycle notify ack */
2098         case XPT_IMMED_NOTIFY:          /* Add Immediate Notify Resource */
2099         case XPT_ACCEPT_TARGET_IO:      /* Add Accept Target IO Resource */
2100         {
2101                 tstate_t *tptr =
2102                     get_lun_statep(isp, XS_CHANNEL(ccb), ccb->ccb_h.target_lun);
2103                 if (tptr == NULL) {
2104                         ccb->ccb_h.status = CAM_LUN_INVALID;
2105                         xpt_done(ccb);
2106                         break;
2107                 }
2108                 ccb->ccb_h.sim_priv.entries[0].field = 0;
2109                 ccb->ccb_h.sim_priv.entries[1].ptr = isp;
2110                 ccb->ccb_h.flags = 0;
2111
2112                 CAMLOCK_2_ISPLOCK(isp);
2113                 if (ccb->ccb_h.func_code == XPT_ACCEPT_TARGET_IO) {
2114                         /*
2115                          * Note that the command itself may not be done-
2116                          * it may not even have had the first CTIO sent.
2117                          */
2118                         tptr->atio_count++;
2119                         isp_prt(isp, ISP_LOGTDEBUG0,
2120                             "Put FREE ATIO2, lun %d, count now %d",
2121                             ccb->ccb_h.target_lun, tptr->atio_count);
2122                         SLIST_INSERT_HEAD(&tptr->atios, &ccb->ccb_h,
2123                             sim_links.sle);
2124                 } else if (ccb->ccb_h.func_code == XPT_IMMED_NOTIFY) {
2125                         SLIST_INSERT_HEAD(&tptr->inots, &ccb->ccb_h,
2126                             sim_links.sle);
2127                 } else {
2128                         ;
2129                 }
2130                 rls_lun_statep(isp, tptr);
2131                 ccb->ccb_h.status = CAM_REQ_INPROG;
2132                 ISPLOCK_2_CAMLOCK(isp);
2133                 break;
2134         }
2135         case XPT_CONT_TARGET_IO:
2136         {
2137                 CAMLOCK_2_ISPLOCK(isp);
2138                 ccb->ccb_h.status = isp_target_start_ctio(isp, ccb);
2139                 if (ccb->ccb_h.status != CAM_REQ_INPROG) {
2140                         isp_prt(isp, ISP_LOGWARN,
2141                             "XPT_CONT_TARGET_IO: status 0x%x",
2142                             ccb->ccb_h.status);
2143                         XS_SETERR(ccb, CAM_REQUEUE_REQ);
2144                         ISPLOCK_2_CAMLOCK(isp);
2145                         xpt_done(ccb);
2146                 } else {
2147                         ISPLOCK_2_CAMLOCK(isp);
2148                         ccb->ccb_h.status |= CAM_SIM_QUEUED;
2149                 }
2150                 break;
2151         }
2152 #endif
2153         case XPT_RESET_DEV:             /* BDR the specified SCSI device */
2154
2155                 bus = cam_sim_bus(xpt_path_sim(ccb->ccb_h.path));
2156                 tgt = ccb->ccb_h.target_id;
2157                 tgt |= (bus << 16);
2158
2159                 CAMLOCK_2_ISPLOCK(isp);
2160                 error = isp_control(isp, ISPCTL_RESET_DEV, &tgt);
2161                 ISPLOCK_2_CAMLOCK(isp);
2162                 if (error) {
2163                         ccb->ccb_h.status = CAM_REQ_CMP_ERR;
2164                 } else {
2165                         ccb->ccb_h.status = CAM_REQ_CMP;
2166                 }
2167                 xpt_done(ccb);
2168                 break;
2169         case XPT_ABORT:                 /* Abort the specified CCB */
2170         {
2171                 union ccb *accb = ccb->cab.abort_ccb;
2172                 CAMLOCK_2_ISPLOCK(isp);
2173                 switch (accb->ccb_h.func_code) {
2174 #ifdef  ISP_TARGET_MODE
2175                 case XPT_ACCEPT_TARGET_IO:
2176                 case XPT_IMMED_NOTIFY:
2177                         ccb->ccb_h.status = isp_abort_tgt_ccb(isp, ccb);
2178                         break;
2179                 case XPT_CONT_TARGET_IO:
2180                         isp_prt(isp, ISP_LOGERR, "cannot abort CTIOs yet");
2181                         ccb->ccb_h.status = CAM_UA_ABORT;
2182                         break;
2183 #endif
2184                 case XPT_SCSI_IO:
2185                         error = isp_control(isp, ISPCTL_ABORT_CMD, ccb);
2186                         if (error) {
2187                                 ccb->ccb_h.status = CAM_UA_ABORT;
2188                         } else {
2189                                 ccb->ccb_h.status = CAM_REQ_CMP;
2190                         }
2191                         break;
2192                 default:
2193                         ccb->ccb_h.status = CAM_REQ_INVALID;
2194                         break;
2195                 }
2196                 ISPLOCK_2_CAMLOCK(isp);
2197                 xpt_done(ccb);
2198                 break;
2199         }
2200 #define IS_CURRENT_SETTINGS(c)  (c->flags & CCB_TRANS_CURRENT_SETTINGS)
2201         case XPT_SET_TRAN_SETTINGS:     /* Nexus Settings */
2202                 cts = &ccb->cts;
2203                 if (!IS_CURRENT_SETTINGS(cts)) {
2204                         ccb->ccb_h.status = CAM_REQ_INVALID;
2205                         xpt_done(ccb);
2206                         break;
2207                 }
2208                 tgt = cts->ccb_h.target_id;
2209                 CAMLOCK_2_ISPLOCK(isp);
2210                 if (IS_SCSI(isp)) {
2211                         sdparam *sdp = isp->isp_param;
2212                         u_int16_t *dptr;
2213
2214                         bus = cam_sim_bus(xpt_path_sim(cts->ccb_h.path));
2215
2216                         sdp += bus;
2217                         /*
2218                          * We always update (internally) from goal_flags
2219                          * so any request to change settings just gets
2220                          * vectored to that location.
2221                          */
2222                         dptr = &sdp->isp_devparam[tgt].goal_flags;
2223
2224                         /*
2225                          * Note that these operations affect the
2226                          * the goal flags (goal_flags)- not
2227                          * the current state flags. Then we mark
2228                          * things so that the next operation to
2229                          * this HBA will cause the update to occur.
2230                          */
2231                         if (cts->valid & CCB_TRANS_DISC_VALID) {
2232                                 if ((cts->flags & CCB_TRANS_DISC_ENB) != 0) {
2233                                         *dptr |= DPARM_DISC;
2234                                 } else {
2235                                         *dptr &= ~DPARM_DISC;
2236                                 }
2237                         }
2238                         if (cts->valid & CCB_TRANS_TQ_VALID) {
2239                                 if ((cts->flags & CCB_TRANS_TAG_ENB) != 0) {
2240                                         *dptr |= DPARM_TQING;
2241                                 } else {
2242                                         *dptr &= ~DPARM_TQING;
2243                                 }
2244                         }
2245                         if (cts->valid & CCB_TRANS_BUS_WIDTH_VALID) {
2246                                 switch (cts->bus_width) {
2247                                 case MSG_EXT_WDTR_BUS_16_BIT:
2248                                         *dptr |= DPARM_WIDE;
2249                                         break;
2250                                 default:
2251                                         *dptr &= ~DPARM_WIDE;
2252                                 }
2253                         }
2254                         /*
2255                          * Any SYNC RATE of nonzero and SYNC_OFFSET
2256                          * of nonzero will cause us to go to the
2257                          * selected (from NVRAM) maximum value for
2258                          * this device. At a later point, we'll
2259                          * allow finer control.
2260                          */
2261                         if ((cts->valid & CCB_TRANS_SYNC_RATE_VALID) &&
2262                             (cts->valid & CCB_TRANS_SYNC_OFFSET_VALID) &&
2263                             (cts->sync_offset > 0)) {
2264                                 *dptr |= DPARM_SYNC;
2265                         } else {
2266                                 *dptr &= ~DPARM_SYNC;
2267                         }
2268                         *dptr |= DPARM_SAFE_DFLT;
2269                         isp_prt(isp, ISP_LOGDEBUG0,
2270                             "SET bus %d targ %d to flags %x off %x per %x",
2271                             bus, tgt, sdp->isp_devparam[tgt].goal_flags,
2272                             sdp->isp_devparam[tgt].goal_offset,
2273                             sdp->isp_devparam[tgt].goal_period);
2274                         sdp->isp_devparam[tgt].dev_update = 1;
2275                         isp->isp_update |= (1 << bus);
2276                 }
2277                 ISPLOCK_2_CAMLOCK(isp);
2278                 ccb->ccb_h.status = CAM_REQ_CMP;
2279                 xpt_done(ccb);
2280                 break;
2281         case XPT_GET_TRAN_SETTINGS:
2282                 cts = &ccb->cts;
2283                 tgt = cts->ccb_h.target_id;
2284                 CAMLOCK_2_ISPLOCK(isp);
2285                 if (IS_FC(isp)) {
2286                         /*
2287                          * a lot of normal SCSI things don't make sense.
2288                          */
2289                         cts->flags = CCB_TRANS_TAG_ENB | CCB_TRANS_DISC_ENB;
2290                         cts->valid = CCB_TRANS_DISC_VALID | CCB_TRANS_TQ_VALID;
2291                         /*
2292                          * How do you measure the width of a high
2293                          * speed serial bus? Well, in bytes.
2294                          *
2295                          * Offset and period make no sense, though, so we set
2296                          * (above) a 'base' transfer speed to be gigabit.
2297                          */
2298                         cts->bus_width = MSG_EXT_WDTR_BUS_8_BIT;
2299                 } else {
2300                         sdparam *sdp = isp->isp_param;
2301                         int bus = cam_sim_bus(xpt_path_sim(cts->ccb_h.path));
2302                         u_int16_t dval, pval, oval;
2303
2304                         sdp += bus;
2305
2306                         if (IS_CURRENT_SETTINGS(cts)) {
2307                                 sdp->isp_devparam[tgt].dev_refresh = 1;
2308                                 isp->isp_update |= (1 << bus);
2309                                 (void) isp_control(isp, ISPCTL_UPDATE_PARAMS,
2310                                     NULL);
2311                                 dval = sdp->isp_devparam[tgt].actv_flags;
2312                                 oval = sdp->isp_devparam[tgt].actv_offset;
2313                                 pval = sdp->isp_devparam[tgt].actv_period;
2314                         } else {
2315                                 dval = sdp->isp_devparam[tgt].nvrm_flags;
2316                                 oval = sdp->isp_devparam[tgt].nvrm_offset;
2317                                 pval = sdp->isp_devparam[tgt].nvrm_period;
2318                         }
2319
2320                         cts->flags &= ~(CCB_TRANS_DISC_ENB|CCB_TRANS_TAG_ENB);
2321
2322                         if (dval & DPARM_DISC) {
2323                                 cts->flags |= CCB_TRANS_DISC_ENB;
2324                         }
2325                         if (dval & DPARM_TQING) {
2326                                 cts->flags |= CCB_TRANS_TAG_ENB;
2327                         }
2328                         if (dval & DPARM_WIDE) {
2329                                 cts->bus_width = MSG_EXT_WDTR_BUS_16_BIT;
2330                         } else {
2331                                 cts->bus_width = MSG_EXT_WDTR_BUS_8_BIT;
2332                         }
2333                         cts->valid = CCB_TRANS_BUS_WIDTH_VALID |
2334                             CCB_TRANS_DISC_VALID | CCB_TRANS_TQ_VALID;
2335
2336                         if ((dval & DPARM_SYNC) && oval != 0) {
2337                                 cts->sync_period = pval;
2338                                 cts->sync_offset = oval;
2339                                 cts->valid |=
2340                                     CCB_TRANS_SYNC_RATE_VALID |
2341                                     CCB_TRANS_SYNC_OFFSET_VALID;
2342                         }
2343                         isp_prt(isp, ISP_LOGDEBUG0,
2344                             "GET %s bus %d targ %d to flags %x off %x per %x",
2345                             IS_CURRENT_SETTINGS(cts)? "ACTIVE" : "NVRAM",
2346                             bus, tgt, dval, oval, pval);
2347                 }
2348                 ISPLOCK_2_CAMLOCK(isp);
2349                 ccb->ccb_h.status = CAM_REQ_CMP;
2350                 xpt_done(ccb);
2351                 break;
2352
2353         case XPT_CALC_GEOMETRY:
2354         {
2355                 struct ccb_calc_geometry *ccg;
2356                 u_int32_t secs_per_cylinder;
2357                 u_int32_t size_mb;
2358
2359                 ccg = &ccb->ccg;
2360                 if (ccg->block_size == 0) {
2361                         isp_prt(isp, ISP_LOGERR,
2362                             "%d.%d XPT_CALC_GEOMETRY block size 0?",
2363                             ccg->ccb_h.target_id, ccg->ccb_h.target_lun);
2364                         ccb->ccb_h.status = CAM_REQ_INVALID;
2365                         xpt_done(ccb);
2366                         break;
2367                 }
2368                 size_mb = ccg->volume_size /((1024L * 1024L) / ccg->block_size);
2369                 if (size_mb > 1024) {
2370                         ccg->heads = 255;
2371                         ccg->secs_per_track = 63;
2372                 } else {
2373                         ccg->heads = 64;
2374                         ccg->secs_per_track = 32;
2375                 }
2376                 secs_per_cylinder = ccg->heads * ccg->secs_per_track;
2377                 ccg->cylinders = ccg->volume_size / secs_per_cylinder;
2378                 ccb->ccb_h.status = CAM_REQ_CMP;
2379                 xpt_done(ccb);
2380                 break;
2381         }
2382         case XPT_RESET_BUS:             /* Reset the specified bus */
2383                 bus = cam_sim_bus(sim);
2384                 CAMLOCK_2_ISPLOCK(isp);
2385                 error = isp_control(isp, ISPCTL_RESET_BUS, &bus);
2386                 ISPLOCK_2_CAMLOCK(isp);
2387                 if (error)
2388                         ccb->ccb_h.status = CAM_REQ_CMP_ERR;
2389                 else {
2390                         if (cam_sim_bus(sim) && isp->isp_path2 != NULL)
2391                                 xpt_async(AC_BUS_RESET, isp->isp_path2, NULL);
2392                         else if (isp->isp_path != NULL)
2393                                 xpt_async(AC_BUS_RESET, isp->isp_path, NULL);
2394                         ccb->ccb_h.status = CAM_REQ_CMP;
2395                 }
2396                 xpt_done(ccb);
2397                 break;
2398
2399         case XPT_TERM_IO:               /* Terminate the I/O process */
2400                 ccb->ccb_h.status = CAM_REQ_INVALID;
2401                 xpt_done(ccb);
2402                 break;
2403
2404         case XPT_PATH_INQ:              /* Path routing inquiry */
2405         {
2406                 struct ccb_pathinq *cpi = &ccb->cpi;
2407
2408                 cpi->version_num = 1;
2409 #ifdef  ISP_TARGET_MODE
2410                 cpi->target_sprt = PIT_PROCESSOR | PIT_DISCONNECT | PIT_TERM_IO;
2411 #else
2412                 cpi->target_sprt = 0;
2413 #endif
2414                 cpi->hba_eng_cnt = 0;
2415                 cpi->max_target = ISP_MAX_TARGETS(isp) - 1;
2416                 cpi->max_lun = ISP_MAX_LUNS(isp) - 1;
2417                 cpi->bus_id = cam_sim_bus(sim);
2418                 if (IS_FC(isp)) {
2419                         cpi->hba_misc = PIM_NOBUSRESET;
2420                         /*
2421                          * Because our loop ID can shift from time to time,
2422                          * make our initiator ID out of range of our bus.
2423                          */
2424                         cpi->initiator_id = cpi->max_target + 1;
2425
2426                         /*
2427                          * Set base transfer capabilities for Fibre Channel.
2428                          * Technically not correct because we don't know
2429                          * what media we're running on top of- but we'll
2430                          * look good if we always say 100MB/s.
2431                          */
2432                         if (FCPARAM(isp)->isp_gbspeed == 2)
2433                                 cpi->base_transfer_speed = 200000;
2434                         else
2435                                 cpi->base_transfer_speed = 100000;
2436                         cpi->hba_inquiry = PI_TAG_ABLE;
2437                 } else {
2438                         sdparam *sdp = isp->isp_param;
2439                         sdp += cam_sim_bus(xpt_path_sim(cpi->ccb_h.path));
2440                         cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16;
2441                         cpi->hba_misc = 0;
2442                         cpi->initiator_id = sdp->isp_initiator_id;
2443                         cpi->base_transfer_speed = 3300;
2444                 }
2445                 strncpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN);
2446                 strncpy(cpi->hba_vid, "Qlogic", HBA_IDLEN);
2447                 strncpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN);
2448                 cpi->unit_number = cam_sim_unit(sim);
2449                 cpi->ccb_h.status = CAM_REQ_CMP;
2450                 xpt_done(ccb);
2451                 break;
2452         }
2453         default:
2454                 ccb->ccb_h.status = CAM_REQ_INVALID;
2455                 xpt_done(ccb);
2456                 break;
2457         }
2458 }
2459
2460 #define ISPDDB  (CAM_DEBUG_INFO|CAM_DEBUG_TRACE|CAM_DEBUG_CDB)
2461 void
2462 isp_done(struct ccb_scsiio *sccb)
2463 {
2464         struct ispsoftc *isp = XS_ISP(sccb);
2465
2466         if (XS_NOERR(sccb))
2467                 XS_SETERR(sccb, CAM_REQ_CMP);
2468
2469         if ((sccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_CMP &&
2470             (sccb->scsi_status != SCSI_STATUS_OK)) {
2471                 sccb->ccb_h.status &= ~CAM_STATUS_MASK;
2472                 if ((sccb->scsi_status == SCSI_STATUS_CHECK_COND) && 
2473                     (sccb->ccb_h.status & CAM_AUTOSNS_VALID) == 0) {
2474                         sccb->ccb_h.status |= CAM_AUTOSENSE_FAIL;
2475                 } else {
2476                         sccb->ccb_h.status |= CAM_SCSI_STATUS_ERROR;
2477                 }
2478         }
2479
2480         sccb->ccb_h.status &= ~CAM_SIM_QUEUED;
2481         if ((sccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_CMP) {
2482                 if ((sccb->ccb_h.status & CAM_DEV_QFRZN) == 0) {
2483                         sccb->ccb_h.status |= CAM_DEV_QFRZN;
2484                         xpt_freeze_devq(sccb->ccb_h.path, 1);
2485                         isp_prt(isp, ISP_LOGDEBUG0,
2486                             "freeze devq %d.%d cam sts %x scsi sts %x",
2487                             sccb->ccb_h.target_id, sccb->ccb_h.target_lun,
2488                             sccb->ccb_h.status, sccb->scsi_status);
2489                 }
2490         }
2491
2492         if ((CAM_DEBUGGED(sccb->ccb_h.path, ISPDDB)) &&
2493             (sccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_CMP) {
2494                 xpt_print_path(sccb->ccb_h.path);
2495                 isp_prt(isp, ISP_LOGINFO, 
2496                     "cam completion status 0x%x", sccb->ccb_h.status);
2497         }
2498
2499         XS_CMD_S_DONE(sccb);
2500         if (XS_CMD_WDOG_P(sccb) == 0) {
2501                 callout_stop(&sccb->ccb_h.timeout_ch);
2502                 if (XS_CMD_GRACE_P(sccb)) {
2503                         isp_prt(isp, ISP_LOGDEBUG2,
2504                             "finished command on borrowed time");
2505                 }
2506                 XS_CMD_S_CLEAR(sccb);
2507                 ISPLOCK_2_CAMLOCK(isp);
2508                 xpt_done((union ccb *) sccb);
2509                 CAMLOCK_2_ISPLOCK(isp);
2510         }
2511 }
2512
2513 int
2514 isp_async(struct ispsoftc *isp, ispasync_t cmd, void *arg)
2515 {
2516         int bus, rv = 0;
2517         switch (cmd) {
2518         case ISPASYNC_NEW_TGT_PARAMS:
2519         {
2520                 int flags, tgt;
2521                 sdparam *sdp = isp->isp_param;
2522                 struct ccb_trans_settings cts;
2523                 struct cam_path *tmppath;
2524
2525                 bzero(&cts, sizeof (struct ccb_trans_settings));
2526
2527                 tgt = *((int *)arg);
2528                 bus = (tgt >> 16) & 0xffff;
2529                 tgt &= 0xffff;
2530                 sdp += bus;
2531                 ISPLOCK_2_CAMLOCK(isp);
2532                 if (xpt_create_path(&tmppath, NULL,
2533                     cam_sim_path(bus? isp->isp_sim2 : isp->isp_sim),
2534                     tgt, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
2535                         CAMLOCK_2_ISPLOCK(isp);
2536                         isp_prt(isp, ISP_LOGWARN,
2537                             "isp_async cannot make temp path for %d.%d",
2538                             tgt, bus);
2539                         rv = -1;
2540                         break;
2541                 }
2542                 CAMLOCK_2_ISPLOCK(isp);
2543                 flags = sdp->isp_devparam[tgt].actv_flags;
2544                 cts.flags = CCB_TRANS_CURRENT_SETTINGS;
2545                 cts.valid = CCB_TRANS_DISC_VALID | CCB_TRANS_TQ_VALID;
2546                 if (flags & DPARM_DISC) {
2547                         cts.flags |= CCB_TRANS_DISC_ENB;
2548                 }
2549                 if (flags & DPARM_TQING) {
2550                         cts.flags |= CCB_TRANS_TAG_ENB;
2551                 }
2552                 cts.valid |= CCB_TRANS_BUS_WIDTH_VALID;
2553                 cts.bus_width = (flags & DPARM_WIDE)?
2554                     MSG_EXT_WDTR_BUS_8_BIT : MSG_EXT_WDTR_BUS_16_BIT;
2555                 cts.sync_period = sdp->isp_devparam[tgt].actv_period;
2556                 cts.sync_offset = sdp->isp_devparam[tgt].actv_offset;
2557                 if (flags & DPARM_SYNC) {
2558                         cts.valid |=
2559                             CCB_TRANS_SYNC_RATE_VALID |
2560                             CCB_TRANS_SYNC_OFFSET_VALID;
2561                 }
2562                 isp_prt(isp, ISP_LOGDEBUG2,
2563                     "NEW_TGT_PARAMS bus %d tgt %d period %x offset %x flags %x",
2564                     bus, tgt, sdp->isp_devparam[tgt].actv_period,
2565                     sdp->isp_devparam[tgt].actv_offset, flags);
2566                 xpt_setup_ccb(&cts.ccb_h, tmppath, 1);
2567                 ISPLOCK_2_CAMLOCK(isp);
2568                 xpt_async(AC_TRANSFER_NEG, tmppath, &cts);
2569                 xpt_free_path(tmppath);
2570                 CAMLOCK_2_ISPLOCK(isp);
2571                 break;
2572         }
2573         case ISPASYNC_BUS_RESET:
2574                 bus = *((int *)arg);
2575                 isp_prt(isp, ISP_LOGINFO, "SCSI bus reset on bus %d detected",
2576                     bus);
2577                 if (bus > 0 && isp->isp_path2) {
2578                         ISPLOCK_2_CAMLOCK(isp);
2579                         xpt_async(AC_BUS_RESET, isp->isp_path2, NULL);
2580                         CAMLOCK_2_ISPLOCK(isp);
2581                 } else if (isp->isp_path) {
2582                         ISPLOCK_2_CAMLOCK(isp);
2583                         xpt_async(AC_BUS_RESET, isp->isp_path, NULL);
2584                         CAMLOCK_2_ISPLOCK(isp);
2585                 }
2586                 break;
2587         case ISPASYNC_LIP:
2588                 if (isp->isp_path) {
2589                         isp_freeze_loopdown(isp, "ISPASYNC_LIP");
2590                 }
2591                 isp_prt(isp, ISP_LOGINFO, "LIP Received");
2592                 break;
2593         case ISPASYNC_LOOP_RESET:
2594                 if (isp->isp_path) {
2595                         isp_freeze_loopdown(isp, "ISPASYNC_LOOP_RESET");
2596                 }
2597                 isp_prt(isp, ISP_LOGINFO, "Loop Reset Received");
2598                 break;
2599         case ISPASYNC_LOOP_DOWN:
2600                 if (isp->isp_path) {
2601                         isp_freeze_loopdown(isp, "ISPASYNC_LOOP_DOWN");
2602                 }
2603                 isp_prt(isp, ISP_LOGINFO, "Loop DOWN");
2604                 break;
2605         case ISPASYNC_LOOP_UP:
2606                 /*
2607                  * Now we just note that Loop has come up. We don't
2608                  * actually do anything because we're waiting for a
2609                  * Change Notify before activating the FC cleanup
2610                  * thread to look at the state of the loop again.
2611                  */
2612                 isp_prt(isp, ISP_LOGINFO, "Loop UP");
2613                 break;
2614         case ISPASYNC_PROMENADE:
2615         {
2616                 const char *fmt = "Target %d (Loop 0x%x) Port ID 0x%x "
2617                     "(role %s) %s\n Port WWN 0x%08x%08x\n Node WWN 0x%08x%08x";
2618                 static const char *roles[4] = {
2619                     "(none)", "Target", "Initiator", "Target/Initiator"
2620                 };
2621                 fcparam *fcp = isp->isp_param;
2622                 int tgt = *((int *) arg);
2623                 struct lportdb *lp = &fcp->portdb[tgt]; 
2624
2625                 isp_prt(isp, ISP_LOGINFO, fmt, tgt, lp->loopid, lp->portid,
2626                     roles[lp->roles & 0x3],
2627                     (lp->valid)? "Arrived" : "Departed",
2628                     (u_int32_t) (lp->port_wwn >> 32),
2629                     (u_int32_t) (lp->port_wwn & 0xffffffffLL),
2630                     (u_int32_t) (lp->node_wwn >> 32),
2631                     (u_int32_t) (lp->node_wwn & 0xffffffffLL));
2632
2633                 break;
2634         }
2635         case ISPASYNC_CHANGE_NOTIFY:
2636                 if (arg == ISPASYNC_CHANGE_PDB) {
2637                         isp_prt(isp, ISP_LOGINFO,
2638                             "Port Database Changed");
2639                 } else if (arg == ISPASYNC_CHANGE_SNS) {
2640                         isp_prt(isp, ISP_LOGINFO,
2641                             "Name Server Database Changed");
2642                 }
2643                 wakeup(&isp->isp_osinfo.kthread);
2644                 break;
2645         case ISPASYNC_FABRIC_DEV:
2646         {
2647                 int target, base, lim;
2648                 fcparam *fcp = isp->isp_param;
2649                 struct lportdb *lp = NULL;
2650                 struct lportdb *clp = (struct lportdb *) arg;
2651                 char *pt;
2652
2653                 switch (clp->port_type) {
2654                 case 1:
2655                         pt = "   N_Port";
2656                         break;
2657                 case 2:
2658                         pt = "  NL_Port";
2659                         break;
2660                 case 3:
2661                         pt = "F/NL_Port";
2662                         break;
2663                 case 0x7f:
2664                         pt = "  Nx_Port";
2665                         break;
2666                 case 0x81:
2667                         pt = "  F_port";
2668                         break;
2669                 case 0x82:
2670                         pt = "  FL_Port";
2671                         break;
2672                 case 0x84:
2673                         pt = "   E_port";
2674                         break;
2675                 default:
2676                         pt = " ";
2677                         break;
2678                 }
2679
2680                 isp_prt(isp, ISP_LOGINFO,
2681                     "%s Fabric Device @ PortID 0x%x", pt, clp->portid);
2682
2683                 /*
2684                  * If we don't have an initiator role we bail.
2685                  *
2686                  * We just use ISPASYNC_FABRIC_DEV for announcement purposes.
2687                  */
2688
2689                 if ((isp->isp_role & ISP_ROLE_INITIATOR) == 0) {
2690                         break;
2691                 }
2692
2693                 /*
2694                  * Is this entry for us? If so, we bail.
2695                  */
2696
2697                 if (fcp->isp_portid == clp->portid) {
2698                         break;
2699                 }
2700
2701                 /*
2702                  * Else, the default policy is to find room for it in
2703                  * our local port database. Later, when we execute
2704                  * the call to isp_pdb_sync either this newly arrived
2705                  * or already logged in device will be (re)announced.
2706                  */
2707
2708                 if (fcp->isp_topo == TOPO_FL_PORT)
2709                         base = FC_SNS_ID+1;
2710                 else
2711                         base = 0;
2712
2713                 if (fcp->isp_topo == TOPO_N_PORT)
2714                         lim = 1;
2715                 else
2716                         lim = MAX_FC_TARG;
2717
2718                 /*
2719                  * Is it already in our list?
2720                  */
2721                 for (target = base; target < lim; target++) {
2722                         if (target >= FL_PORT_ID && target <= FC_SNS_ID) {
2723                                 continue;
2724                         }
2725                         lp = &fcp->portdb[target];
2726                         if (lp->port_wwn == clp->port_wwn &&
2727                             lp->node_wwn == clp->node_wwn) {
2728                                 lp->fabric_dev = 1;
2729                                 break;
2730                         }
2731                 }
2732                 if (target < lim) {
2733                         break;
2734                 }
2735                 for (target = base; target < lim; target++) {
2736                         if (target >= FL_PORT_ID && target <= FC_SNS_ID) {
2737                                 continue;
2738                         }
2739                         lp = &fcp->portdb[target];
2740                         if (lp->port_wwn == 0) {
2741                                 break;
2742                         }
2743                 }
2744                 if (target == lim) {
2745                         isp_prt(isp, ISP_LOGWARN,
2746                             "out of space for fabric devices");
2747                         break;
2748                 }
2749                 lp->port_type = clp->port_type;
2750                 lp->fc4_type = clp->fc4_type;
2751                 lp->node_wwn = clp->node_wwn;
2752                 lp->port_wwn = clp->port_wwn;
2753                 lp->portid = clp->portid;
2754                 lp->fabric_dev = 1;
2755                 break;
2756         }
2757 #ifdef  ISP_TARGET_MODE
2758         case ISPASYNC_TARGET_MESSAGE:
2759         {
2760                 tmd_msg_t *mp = arg;
2761                 isp_prt(isp, ISP_LOGALL,
2762                     "bus %d iid %d tgt %d lun %d ttype %x tval %x msg[0]=%x",
2763                     mp->nt_bus, (int) mp->nt_iid, (int) mp->nt_tgt,
2764                     (int) mp->nt_lun, mp->nt_tagtype, mp->nt_tagval,
2765                     mp->nt_msg[0]);
2766                 break;
2767         }
2768         case ISPASYNC_TARGET_EVENT:
2769         {
2770                 tmd_event_t *ep = arg;
2771                 isp_prt(isp, ISP_LOGALL,
2772                     "bus %d event code 0x%x", ep->ev_bus, ep->ev_event);
2773                 break;
2774         }
2775         case ISPASYNC_TARGET_ACTION:
2776                 switch (((isphdr_t *)arg)->rqs_entry_type) {
2777                 default:
2778                         isp_prt(isp, ISP_LOGWARN,
2779                            "event 0x%x for unhandled target action",
2780                             ((isphdr_t *)arg)->rqs_entry_type);
2781                         break;
2782                 case RQSTYPE_NOTIFY:
2783                         if (IS_SCSI(isp)) {
2784                                 rv = isp_handle_platform_notify_scsi(isp,
2785                                     (in_entry_t *) arg);
2786                         } else {
2787                                 rv = isp_handle_platform_notify_fc(isp,
2788                                     (in_fcentry_t *) arg);
2789                         }
2790                         break;
2791                 case RQSTYPE_ATIO:
2792                         rv = isp_handle_platform_atio(isp, (at_entry_t *) arg);
2793                         break;
2794                 case RQSTYPE_ATIO2:
2795                         rv = isp_handle_platform_atio2(isp, (at2_entry_t *)arg);
2796                         break;
2797                 case RQSTYPE_CTIO2:
2798                 case RQSTYPE_CTIO:
2799                         rv = isp_handle_platform_ctio(isp, arg);
2800                         break;
2801                 case RQSTYPE_ENABLE_LUN:
2802                 case RQSTYPE_MODIFY_LUN:
2803                         if (IS_DUALBUS(isp)) {
2804                                 bus =
2805                                     GET_BUS_VAL(((lun_entry_t *)arg)->le_rsvd);
2806                         } else {
2807                                 bus = 0;
2808                         }
2809                         isp_cv_signal_rqe(isp, bus,
2810                             ((lun_entry_t *)arg)->le_status);
2811                         break;
2812                 }
2813                 break;
2814 #endif
2815         case ISPASYNC_FW_CRASH:
2816         {
2817                 u_int16_t mbox1, mbox6;
2818                 mbox1 = ISP_READ(isp, OUTMAILBOX1);
2819                 if (IS_DUALBUS(isp)) { 
2820                         mbox6 = ISP_READ(isp, OUTMAILBOX6);
2821                 } else {
2822                         mbox6 = 0;
2823                 }
2824                 isp_prt(isp, ISP_LOGERR,
2825                     "Internal Firmware Error on bus %d @ RISC Address 0x%x",
2826                     mbox6, mbox1);
2827 #ifdef  ISP_FW_CRASH_DUMP
2828                 /*
2829                  * XXX: really need a thread to do this right.
2830                  */
2831                 if (IS_FC(isp)) {
2832                         FCPARAM(isp)->isp_fwstate = FW_CONFIG_WAIT;
2833                         FCPARAM(isp)->isp_loopstate = LOOP_NIL;
2834                         isp_freeze_loopdown(isp, "f/w crash");
2835                         isp_fw_dump(isp);
2836                 }
2837                 isp_reinit(isp);
2838                 isp_async(isp, ISPASYNC_FW_RESTARTED, NULL);
2839 #endif
2840                 break;
2841         }
2842         case ISPASYNC_UNHANDLED_RESPONSE:
2843                 break;
2844         default:
2845                 isp_prt(isp, ISP_LOGERR, "unknown isp_async event %d", cmd);
2846                 break;
2847         }
2848         return (rv);
2849 }
2850
2851
2852 /*
2853  * Locks are held before coming here.
2854  */
2855 void
2856 isp_uninit(struct ispsoftc *isp)
2857 {
2858         ISP_WRITE(isp, HCCR, HCCR_CMD_RESET);
2859         DISABLE_INTS(isp);
2860 }
2861
2862 void
2863 isp_prt(struct ispsoftc *isp, int level, const char *fmt, ...)
2864 {
2865         __va_list ap;
2866         if (level != ISP_LOGALL && (level & isp->isp_dblev) == 0) {
2867                 return;
2868         }
2869         printf("%s: ", device_get_nameunit(isp->isp_dev));
2870         __va_start(ap, fmt);
2871         vprintf(fmt, ap);
2872         __va_end(ap);
2873         printf("\n");
2874 }