/*
 * Copyright 2004-2011, Haiku, Inc. All Rights Reserved.
 * Copyright 2002-03, Thomas Kurschel. All rights reserved.
 *
 * Distributed under the terms of the MIT License.
 */


//!     Everything doing the real input/output stuff.


#include "scsi_periph_int.h"
#include <scsi.h>

#include <string.h>
#include <stdlib.h>

#include <AutoDeleter.h>
#include <kernel.h>
#include <syscall_restart.h>


static status_t
inquiry(scsi_periph_device_info *device, scsi_inquiry *inquiry)
{
        const scsi_res_inquiry *device_inquiry = NULL;
        size_t inquiryLength;

        if (gDeviceManager->get_attr_raw(device->node, SCSI_DEVICE_INQUIRY_ITEM,
                        (const void **)&device_inquiry, &inquiryLength, true) != B_OK)
                return B_ERROR;

        if (IS_USER_ADDRESS(inquiry)) {
                if (user_memcpy(&inquiry, device_inquiry,
                        min_c(inquiryLength, sizeof(scsi_inquiry))) != B_OK) {
                        return B_BAD_ADDRESS;
                }
        } else if (is_called_via_syscall()) {
                return B_BAD_ADDRESS;
        } else {
                memcpy(&inquiry, device_inquiry,
                        min_c(inquiryLength, sizeof(scsi_inquiry)));
        }
        return B_OK;
}


static status_t
vpd_page_inquiry(scsi_periph_device_info* device, scsi_ccb* ccb,
        uint8 page, void* data, uint16 length)
{
        SHOW_FLOW0(0, "");

        scsi_cmd_inquiry* cmd = (scsi_cmd_inquiry*)ccb->cdb;
        memset(cmd, 0, sizeof(scsi_cmd_inquiry));
        cmd->opcode = SCSI_OP_INQUIRY;
        cmd->lun = ccb->target_lun;
        cmd->evpd = 1;
        cmd->page_code = page;
        // the scsi_cmd_inquiry structure follows an older SCSI standard
        // which uses only 8 bits for allocation_length
        if (length > UINT8_MAX)
                return EINVAL;
        cmd->allocation_length = length;

        ccb->flags = SCSI_DIR_IN;
        ccb->cdb_length = sizeof(scsi_cmd_inquiry);
        ccb->sort = -1;
        ccb->timeout = device->std_timeout;

        ccb->data = (uint8*)data;
        ccb->data_length = length;
        ccb->sg_list = NULL;

        return periph_safe_exec(device, ccb);
}


status_t
vpd_page_get(scsi_periph_device_info* device, scsi_ccb* request,
        uint8 page, void* data, uint16 length)
{
        SHOW_FLOW0(0, "");

        if (page == SCSI_PAGE_SUPPORTED_VPD)
                return vpd_page_inquiry(device, request, page, data, length);

        const uint16 bufferLength = 252;
                // maximum word-aligned value that fits in a byte,
                // theoretical maximum is offsetof(scsi_page_list, pages) + UINT8_MAX;
        uint8 buffer[bufferLength];
        scsi_page_list* vpdPage = (scsi_page_list*)buffer;
        memset(vpdPage, 0, bufferLength);

        status_t status = vpd_page_inquiry(device, request,
                SCSI_PAGE_SUPPORTED_VPD, vpdPage, bufferLength);
        if (status != B_OK)
                return status;

        if (vpdPage->page_code != SCSI_PAGE_SUPPORTED_VPD)
                return B_ERROR;

        uint16 pageLength = min_c(vpdPage->page_length,
                bufferLength - offsetof(scsi_page_list, pages));
        for (uint16 i = 0; i < pageLength; i++) {
                if (vpdPage->pages[i] == page)
                        return vpd_page_inquiry(device, request, page, data, length);
        }

        return B_BAD_VALUE;
}



static status_t
prevent_allow(scsi_periph_device_info *device, bool prevent)
{
        scsi_cmd_prevent_allow cmd;

        SHOW_FLOW0(0, "");

        memset(&cmd, 0, sizeof(cmd));
        cmd.opcode = SCSI_OP_PREVENT_ALLOW;
        cmd.prevent = prevent;

        return periph_simple_exec(device, (uint8 *)&cmd, sizeof(cmd), NULL, 0,
                SCSI_DIR_NONE);
}


/*! Keep this in sync with scsi_raw driver!!! */
static status_t
raw_command(scsi_periph_device_info *device, raw_device_command *cmd)
{
        scsi_ccb *request;

        SHOW_FLOW0(0, "");

        request = device->scsi->alloc_ccb(device->scsi_device);
        if (request == NULL)
                return B_NO_MEMORY;

        request->flags = 0;
        bool dataIn = (cmd->flags & B_RAW_DEVICE_DATA_IN) != 0;
        bool dataOut = !dataIn && cmd->data_length != 0;

        void* buffer = cmd->data;
        MemoryDeleter bufferDeleter;
        if (buffer != NULL) {
                if (IS_USER_ADDRESS(buffer)) {
                        buffer = malloc(cmd->data_length);
                        if (buffer == NULL) {
                                device->scsi->free_ccb(request);
                                return B_NO_MEMORY;
                        }
                        bufferDeleter.SetTo(buffer);
                        if (dataOut
                                && user_memcpy(buffer, cmd->data, cmd->data_length) != B_OK) {
                                goto bad_address;
                        }
                } else {
                        if (is_called_via_syscall())
                                goto bad_address;
                }
        }

        if (dataIn)
                request->flags |= SCSI_DIR_IN;
        else if (dataOut)
                request->flags |= SCSI_DIR_OUT;
        else
                request->flags |= SCSI_DIR_NONE;

        request->data = (uint8*)buffer;
        request->sg_list = NULL;
        request->data_length = cmd->data_length;
        request->sort = -1;
        request->timeout = cmd->timeout;

        memcpy(request->cdb, cmd->command, SCSI_MAX_CDB_SIZE);
        request->cdb_length = cmd->command_length;

        device->scsi->sync_io(request);

        // TBD: should we call standard error handler here, or may the
        // actions done there (like starting the unit) confuse the application?

        cmd->cam_status = request->subsys_status;
        cmd->scsi_status = request->device_status;

        if ((request->subsys_status & SCSI_AUTOSNS_VALID) != 0
                && cmd->sense_data != NULL) {
                size_t length = min_c(cmd->sense_data_length,
                        (size_t)SCSI_MAX_SENSE_SIZE - request->sense_resid);
                if (IS_USER_ADDRESS(cmd->sense_data)) {
                        if (user_memcpy(cmd->sense_data, request->sense, length) != B_OK)
                                goto bad_address;
                } else if (is_called_via_syscall()) {
                        goto bad_address;
                } else {
                        memcpy(cmd->sense_data, request->sense, length);
                }
        }

        if (dataIn && user_memcpy(cmd->data, buffer, cmd->data_length) != B_OK)
                goto bad_address;

        if ((cmd->flags & B_RAW_DEVICE_REPORT_RESIDUAL) != 0) {
                // this is a bit strange, see Be's sample code where I pinched this from;
                // normally, residual means "number of unused bytes left"
                // but here, we have to return "number of used bytes", which is the opposite
                cmd->data_length = cmd->data_length - request->data_resid;
                cmd->sense_data_length = SCSI_MAX_SENSE_SIZE - request->sense_resid;
        }

        device->scsi->free_ccb(request);

        return B_OK;

bad_address:
        device->scsi->free_ccb(request);

        return B_BAD_ADDRESS;
}


/*! Universal read/write function */
static status_t
read_write(scsi_periph_device_info *device, scsi_ccb *request,
        io_operation *operation, uint64 offset, size_t originalNumBlocks,
        physical_entry* vecs, size_t vecCount, bool isWrite,
        size_t* _bytesTransferred)
{
        uint32 blockSize = device->block_size;
        size_t numBlocks = originalNumBlocks;
        uint32 pos = offset;
        err_res res;
        int retries = 0;

        do {
                size_t numBytes;
                bool isReadWrite10 = false;

                request->flags = isWrite ? SCSI_DIR_OUT : SCSI_DIR_IN;

                // io_operations are generated by a DMAResource and thus contain DMA
                // safe physical vectors
                if (operation != NULL)
                        request->flags |= SCSI_DMA_SAFE;

                // make sure we avoid 10 byte commands if they aren't supported
                if (!device->rw10_enabled || device->preferred_ccb_size == 6) {
                        // restricting transfer is OK - the block manager will
                        // take care of transferring the rest
                        if (numBlocks > 0x100)
                                numBlocks = 0x100;

                        // no way to break the 21 bit address limit
                        if (offset > 0x200000)
                                return B_BAD_VALUE;

                        // don't allow transfer cross the 24 bit address limit
                        // (I'm not sure whether this is allowed, but this way we
                        // are sure to not ask for trouble)
                        if (offset < 0x100000)
                                numBlocks = min_c(numBlocks, 0x100000 - pos);
                }

                numBytes = numBlocks * blockSize;
                if (numBlocks != originalNumBlocks)
                        panic("I/O operation would need to be cut.");

                request->data = NULL;
                request->sg_list = vecs;
                request->data_length = numBytes;
                request->sg_count = vecCount;
                request->io_operation = operation;
                request->sort = pos;
                request->timeout = device->std_timeout;
                // see whether daemon instructed us to post an ordered command;
                // reset flag after read
                SHOW_FLOW(3, "flag=%x, next_tag=%x, ordered: %s",
                        (int)request->flags, (int)device->next_tag_action,
                        (request->flags & SCSI_ORDERED_QTAG) != 0 ? "yes" : "no");

                // use shortest commands whenever possible
                if (offset + numBlocks < 0x200000LL && numBlocks <= 0x100) {
                        scsi_cmd_rw_6 *cmd = (scsi_cmd_rw_6 *)request->cdb;

                        isReadWrite10 = false;

                        memset(cmd, 0, sizeof(*cmd));
                        cmd->opcode = isWrite ? SCSI_OP_WRITE_6 : SCSI_OP_READ_6;
                        cmd->high_lba = (pos >> 16) & 0x1f;
                        cmd->mid_lba = (pos >> 8) & 0xff;
                        cmd->low_lba = pos & 0xff;
                        cmd->length = numBlocks;

                        request->cdb_length = sizeof(*cmd);
                } else if (offset + numBlocks < 0x100000000LL && numBlocks <= 0x10000) {
                        scsi_cmd_rw_10 *cmd = (scsi_cmd_rw_10 *)request->cdb;

                        isReadWrite10 = true;

                        memset(cmd, 0, sizeof(*cmd));
                        cmd->opcode = isWrite ? SCSI_OP_WRITE_10 : SCSI_OP_READ_10;
                        cmd->relative_address = 0;
                        cmd->force_unit_access = 0;
                        cmd->disable_page_out = 0;
                        cmd->lba = B_HOST_TO_BENDIAN_INT32(pos);
                        cmd->length = B_HOST_TO_BENDIAN_INT16(numBlocks);

                        request->cdb_length = sizeof(*cmd);
                } else if (offset + numBlocks < 0x100000000LL && numBlocks <= 0x10000000) {
                        scsi_cmd_rw_12 *cmd = (scsi_cmd_rw_12 *)request->cdb;

                        memset(cmd, 0, sizeof(*cmd));
                        cmd->opcode = isWrite ? SCSI_OP_WRITE_12 : SCSI_OP_READ_12;
                        cmd->relative_address = 0;
                        cmd->force_unit_access = 0;
                        cmd->disable_page_out = 0;
                        cmd->lba = B_HOST_TO_BENDIAN_INT32(pos);
                        cmd->length = B_HOST_TO_BENDIAN_INT32(numBlocks);

                        request->cdb_length = sizeof(*cmd);
                } else {
                        scsi_cmd_rw_16 *cmd = (scsi_cmd_rw_16 *)request->cdb;

                        memset(cmd, 0, sizeof(*cmd));
                        cmd->opcode = isWrite ? SCSI_OP_WRITE_16 : SCSI_OP_READ_16;
                        cmd->force_unit_access_non_volatile = 0;
                        cmd->force_unit_access = 0;
                        cmd->disable_page_out = 0;
                        cmd->lba = B_HOST_TO_BENDIAN_INT64(offset);
                        cmd->length = B_HOST_TO_BENDIAN_INT32(numBlocks);

                        request->cdb_length = sizeof(*cmd);
                }

                // TODO: last chance to detect errors that occured during concurrent accesses
                //status_t status = handle->pending_error;
                //if (status != B_OK)
                //      return status;

                ConditionVariableEntry entry;
                request->completion_cond.Add(&entry);

                device->scsi->async_io(request);

                entry.Wait();

                // ask generic peripheral layer what to do now
                res = periph_check_error(device, request);

                // TODO: bytes might have been transferred even in the error case!
                switch (res.action) {
                        case err_act_ok:
                                *_bytesTransferred = numBytes - request->data_resid;
                                break;

                        case err_act_start:
                                res = periph_send_start_stop(device, request, 1,
                                        device->removable);
                                if (res.action == err_act_ok)
                                        res.action = err_act_retry;
                                break;

                        case err_act_invalid_req:
                                // if this was a 10 byte command, the device probably doesn't
                                // support them, so disable them and retry
                                if (isReadWrite10) {
                                        atomic_and(&device->rw10_enabled, 0);
                                        res.action = err_act_retry;
                                } else
                                        res.action = err_act_fail;
                                break;
                }
        } while ((res.action == err_act_retry && retries++ < 3)
                || (res.action == err_act_many_retries && retries++ < 30));

        // peripheral layer only created "read" error, so we have to
        // map them to "write" errors if this was a write request
        if (res.error_code == B_DEV_READ_ERROR && isWrite)
                return B_DEV_WRITE_ERROR;

        return res.error_code;
}


// #pragma mark - public functions


status_t
periph_ioctl(scsi_periph_handle_info *handle, int op, void *buffer,
        size_t length)
{
        switch (op) {
                case B_GET_MEDIA_STATUS:
                {
                        status_t status = B_OK;
                        if (length < sizeof(status))
                                return B_BUFFER_OVERFLOW;

                        if (handle->device->removable)
                                status = periph_get_media_status(handle);

                        SHOW_FLOW(2, "%s", strerror(status));

                        if (IS_USER_ADDRESS(buffer)) {
                                if (user_memcpy(buffer, &status, sizeof(status_t)) != B_OK)
                                        return B_BAD_ADDRESS;
                        } else if (is_called_via_syscall()) {
                                return B_BAD_ADDRESS;
                        } else
                                *(status_t *)buffer = status;
                        return B_OK;
                }

                case B_GET_DEVICE_NAME:
                {
                        // TODO: this should be written as an attribute to the node
                        // Try driver further up first
                        if (handle->device->scsi->ioctl != NULL) {
                                status_t status = handle->device->scsi->ioctl(
                                        handle->device->scsi_device, op, buffer, length);
                                if (status == B_OK)
                                        return B_OK;
                        }

                        // If that fails, get SCSI vendor/product
                        const char* vendor;
                        if (gDeviceManager->get_attr_string(handle->device->node,
                                        SCSI_DEVICE_VENDOR_ITEM, &vendor, true) == B_OK) {
                                char name[B_FILE_NAME_LENGTH];
                                strlcpy(name, vendor, sizeof(name));

                                const char* product;
                                if (gDeviceManager->get_attr_string(handle->device->node,
                                                SCSI_DEVICE_PRODUCT_ITEM, &product, true) == B_OK) {
                                        strlcat(name, " ", sizeof(name));
                                        strlcat(name, product, sizeof(name));
                                }

                                return user_strlcpy((char*)buffer, name, length) >= 0
                                        ? B_OK : B_BAD_ADDRESS;
                        }
                        return B_ERROR;
                }

                case B_SCSI_INQUIRY:
                        if (length < sizeof(scsi_inquiry))
                                return B_BUFFER_OVERFLOW;
                        return inquiry(handle->device, (scsi_inquiry *)buffer);

                case B_SCSI_PREVENT_ALLOW:
                        bool result;
                        if (length < sizeof(result))
                                return B_BUFFER_OVERFLOW;
                        if (IS_USER_ADDRESS(buffer)) {
                                if (user_memcpy(&result, buffer, sizeof(result)) != B_OK)
                                        return B_BAD_ADDRESS;
                        } else if (is_called_via_syscall()) {
                                return B_BAD_ADDRESS;
                        } else
                                result = *(bool*)buffer;

                        return prevent_allow(handle->device, result);

                case B_RAW_DEVICE_COMMAND:
                {
                        raw_device_command command;
                        raw_device_command* commandBuffer;
                        if (length < sizeof(command))
                                return B_BUFFER_OVERFLOW;
                        if (IS_USER_ADDRESS(buffer)) {
                                if (user_memcpy(&command, buffer, sizeof(command)) != B_OK)
                                        return B_BAD_ADDRESS;
                                commandBuffer = &command;
                        } else if (is_called_via_syscall()) {
                                return B_BAD_ADDRESS;
                        } else {
                                commandBuffer = (raw_device_command*)buffer;
                        }
                        status_t status = raw_command(handle->device, commandBuffer);
                        if (status == B_OK && commandBuffer == &command) {
                                if (user_memcpy(buffer, &command, sizeof(command)) != B_OK)
                                        status = B_BAD_ADDRESS;
                        }
                        return status;
                }
                default:
                        if (handle->device->scsi->ioctl != NULL) {
                                return handle->device->scsi->ioctl(handle->device->scsi_device,
                                        op, buffer, length);
                        }

                        SHOW_ERROR(4, "Unknown ioctl: %x", op);
                        return B_DEV_INVALID_IOCTL;
        }
}


/*!     Kernel daemon - once in a minute, it sets a flag so that the next command
        is executed ordered; this way, we avoid starvation of SCSI commands inside
        the SCSI queuing system - the ordered command waits for all previous
        commands and thus no command can starve longer then a minute
*/
void
periph_sync_queue_daemon(void *arg, int iteration)
{
        scsi_periph_device_info *device = (scsi_periph_device_info *)arg;

        SHOW_FLOW0(3, "Setting ordered flag for next R/W access");
        atomic_or(&device->next_tag_action, SCSI_ORDERED_QTAG);
}


status_t
periph_read_write(scsi_periph_device_info *device, scsi_ccb *request,
        uint64 offset, size_t numBlocks, physical_entry* vecs, size_t vecCount,
        bool isWrite, size_t* _bytesTransferred)
{
        return read_write(device, request, NULL, offset, numBlocks, vecs, vecCount,
                isWrite, _bytesTransferred);
}


status_t
periph_io(scsi_periph_device_info *device, io_operation *operation,
        size_t* _bytesTransferred)
{
        const uint32 blockSize = device->block_size;
        if (blockSize == 0)
                return B_BAD_VALUE;

        // don't test rw10_enabled restrictions - this flag may get changed
        scsi_ccb *request = device->scsi->alloc_ccb(device->scsi_device);
        if (request == NULL)
                return B_NO_MEMORY;

        status_t status = read_write(device, request, operation,
                operation->Offset() / blockSize, operation->Length() / blockSize,
                (physical_entry *)operation->Vecs(), operation->VecCount(),
                operation->IsWrite(), _bytesTransferred);

        device->scsi->free_ccb(request);
        return status;
}