Linux v2.6.15-rc7
[pohmelfs.git] / Documentation / DocBook / libata.tmpl
blobd260d92089ade348879bda74b2bf9ae48714d110
1 <?xml version="1.0" encoding="UTF-8"?>
2 <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" []>
5 <book id="libataDevGuide">
6 <bookinfo>
7 <title>libATA Developer's Guide</title>
9 <authorgroup>
10 <author>
11 <firstname>Jeff</firstname>
12 <surname>Garzik</surname>
13 </author>
14 </authorgroup>
16 <copyright>
17 <year>2003-2005</year>
18 <holder>Jeff Garzik</holder>
19 </copyright>
21 <legalnotice>
22 <para>
23 The contents of this file are subject to the Open
24 Software License version 1.1 that can be found at
25 <ulink url="http://www.opensource.org/licenses/osl-1.1.txt">http://www.opensource.org/licenses/osl-1.1.txt</ulink> and is included herein
26 by reference.
27 </para>
29 <para>
30 Alternatively, the contents of this file may be used under the terms
31 of the GNU General Public License version 2 (the "GPL") as distributed
32 in the kernel source COPYING file, in which case the provisions of
33 the GPL are applicable instead of the above. If you wish to allow
34 the use of your version of this file only under the terms of the
35 GPL and not to allow others to use your version of this file under
36 the OSL, indicate your decision by deleting the provisions above and
37 replace them with the notice and other provisions required by the GPL.
38 If you do not delete the provisions above, a recipient may use your
39 version of this file under either the OSL or the GPL.
40 </para>
42 </legalnotice>
43 </bookinfo>
45 <toc></toc>
47 <chapter id="libataIntroduction">
48 <title>Introduction</title>
49 <para>
50 libATA is a library used inside the Linux kernel to support ATA host
51 controllers and devices. libATA provides an ATA driver API, class
52 transports for ATA and ATAPI devices, and SCSI&lt;-&gt;ATA translation
53 for ATA devices according to the T10 SAT specification.
54 </para>
55 <para>
56 This Guide documents the libATA driver API, library functions, library
57 internals, and a couple sample ATA low-level drivers.
58 </para>
59 </chapter>
61 <chapter id="libataDriverApi">
62 <title>libata Driver API</title>
63 <para>
64 struct ata_port_operations is defined for every low-level libata
65 hardware driver, and it controls how the low-level driver
66 interfaces with the ATA and SCSI layers.
67 </para>
68 <para>
69 FIS-based drivers will hook into the system with ->qc_prep() and
70 ->qc_issue() high-level hooks. Hardware which behaves in a manner
71 similar to PCI IDE hardware may utilize several generic helpers,
72 defining at a bare minimum the bus I/O addresses of the ATA shadow
73 register blocks.
74 </para>
75 <sect1>
76 <title>struct ata_port_operations</title>
78 <sect2><title>Disable ATA port</title>
79 <programlisting>
80 void (*port_disable) (struct ata_port *);
81 </programlisting>
83 <para>
84 Called from ata_bus_probe() and ata_bus_reset() error paths,
85 as well as when unregistering from the SCSI module (rmmod, hot
86 unplug).
87 This function should do whatever needs to be done to take the
88 port out of use. In most cases, ata_port_disable() can be used
89 as this hook.
90 </para>
91 <para>
92 Called from ata_bus_probe() on a failed probe.
93 Called from ata_bus_reset() on a failed bus reset.
94 Called from ata_scsi_release().
95 </para>
97 </sect2>
99 <sect2><title>Post-IDENTIFY device configuration</title>
100 <programlisting>
101 void (*dev_config) (struct ata_port *, struct ata_device *);
102 </programlisting>
104 <para>
105 Called after IDENTIFY [PACKET] DEVICE is issued to each device
106 found. Typically used to apply device-specific fixups prior to
107 issue of SET FEATURES - XFER MODE, and prior to operation.
108 </para>
109 <para>
110 Called by ata_device_add() after ata_dev_identify() determines
111 a device is present.
112 </para>
113 <para>
114 This entry may be specified as NULL in ata_port_operations.
115 </para>
117 </sect2>
119 <sect2><title>Set PIO/DMA mode</title>
120 <programlisting>
121 void (*set_piomode) (struct ata_port *, struct ata_device *);
122 void (*set_dmamode) (struct ata_port *, struct ata_device *);
123 void (*post_set_mode) (struct ata_port *ap);
124 </programlisting>
126 <para>
127 Hooks called prior to the issue of SET FEATURES - XFER MODE
128 command. dev->pio_mode is guaranteed to be valid when
129 ->set_piomode() is called, and dev->dma_mode is guaranteed to be
130 valid when ->set_dmamode() is called. ->post_set_mode() is
131 called unconditionally, after the SET FEATURES - XFER MODE
132 command completes successfully.
133 </para>
135 <para>
136 ->set_piomode() is always called (if present), but
137 ->set_dma_mode() is only called if DMA is possible.
138 </para>
140 </sect2>
142 <sect2><title>Taskfile read/write</title>
143 <programlisting>
144 void (*tf_load) (struct ata_port *ap, struct ata_taskfile *tf);
145 void (*tf_read) (struct ata_port *ap, struct ata_taskfile *tf);
146 </programlisting>
148 <para>
149 ->tf_load() is called to load the given taskfile into hardware
150 registers / DMA buffers. ->tf_read() is called to read the
151 hardware registers / DMA buffers, to obtain the current set of
152 taskfile register values.
153 Most drivers for taskfile-based hardware (PIO or MMIO) use
154 ata_tf_load() and ata_tf_read() for these hooks.
155 </para>
157 </sect2>
159 <sect2><title>ATA command execute</title>
160 <programlisting>
161 void (*exec_command)(struct ata_port *ap, struct ata_taskfile *tf);
162 </programlisting>
164 <para>
165 causes an ATA command, previously loaded with
166 ->tf_load(), to be initiated in hardware.
167 Most drivers for taskfile-based hardware use ata_exec_command()
168 for this hook.
169 </para>
171 </sect2>
173 <sect2><title>Per-cmd ATAPI DMA capabilities filter</title>
174 <programlisting>
175 int (*check_atapi_dma) (struct ata_queued_cmd *qc);
176 </programlisting>
178 <para>
179 Allow low-level driver to filter ATA PACKET commands, returning a status
180 indicating whether or not it is OK to use DMA for the supplied PACKET
181 command.
182 </para>
183 <para>
184 This hook may be specified as NULL, in which case libata will
185 assume that atapi dma can be supported.
186 </para>
188 </sect2>
190 <sect2><title>Read specific ATA shadow registers</title>
191 <programlisting>
192 u8 (*check_status)(struct ata_port *ap);
193 u8 (*check_altstatus)(struct ata_port *ap);
194 u8 (*check_err)(struct ata_port *ap);
195 </programlisting>
197 <para>
198 Reads the Status/AltStatus/Error ATA shadow register from
199 hardware. On some hardware, reading the Status register has
200 the side effect of clearing the interrupt condition.
201 Most drivers for taskfile-based hardware use
202 ata_check_status() for this hook.
203 </para>
204 <para>
205 Note that because this is called from ata_device_add(), at
206 least a dummy function that clears device interrupts must be
207 provided for all drivers, even if the controller doesn't
208 actually have a taskfile status register.
209 </para>
211 </sect2>
213 <sect2><title>Select ATA device on bus</title>
214 <programlisting>
215 void (*dev_select)(struct ata_port *ap, unsigned int device);
216 </programlisting>
218 <para>
219 Issues the low-level hardware command(s) that causes one of N
220 hardware devices to be considered 'selected' (active and
221 available for use) on the ATA bus. This generally has no
222 meaning on FIS-based devices.
223 </para>
224 <para>
225 Most drivers for taskfile-based hardware use
226 ata_std_dev_select() for this hook. Controllers which do not
227 support second drives on a port (such as SATA contollers) will
228 use ata_noop_dev_select().
229 </para>
231 </sect2>
233 <sect2><title>Reset ATA bus</title>
234 <programlisting>
235 void (*phy_reset) (struct ata_port *ap);
236 </programlisting>
238 <para>
239 The very first step in the probe phase. Actions vary depending
240 on the bus type, typically. After waking up the device and probing
241 for device presence (PATA and SATA), typically a soft reset
242 (SRST) will be performed. Drivers typically use the helper
243 functions ata_bus_reset() or sata_phy_reset() for this hook.
244 Many SATA drivers use sata_phy_reset() or call it from within
245 their own phy_reset() functions.
246 </para>
248 </sect2>
250 <sect2><title>Control PCI IDE BMDMA engine</title>
251 <programlisting>
252 void (*bmdma_setup) (struct ata_queued_cmd *qc);
253 void (*bmdma_start) (struct ata_queued_cmd *qc);
254 void (*bmdma_stop) (struct ata_port *ap);
255 u8 (*bmdma_status) (struct ata_port *ap);
256 </programlisting>
258 <para>
259 When setting up an IDE BMDMA transaction, these hooks arm
260 (->bmdma_setup), fire (->bmdma_start), and halt (->bmdma_stop)
261 the hardware's DMA engine. ->bmdma_status is used to read the standard
262 PCI IDE DMA Status register.
263 </para>
265 <para>
266 These hooks are typically either no-ops, or simply not implemented, in
267 FIS-based drivers.
268 </para>
269 <para>
270 Most legacy IDE drivers use ata_bmdma_setup() for the bmdma_setup()
271 hook. ata_bmdma_setup() will write the pointer to the PRD table to
272 the IDE PRD Table Address register, enable DMA in the DMA Command
273 register, and call exec_command() to begin the transfer.
274 </para>
275 <para>
276 Most legacy IDE drivers use ata_bmdma_start() for the bmdma_start()
277 hook. ata_bmdma_start() will write the ATA_DMA_START flag to the DMA
278 Command register.
279 </para>
280 <para>
281 Many legacy IDE drivers use ata_bmdma_stop() for the bmdma_stop()
282 hook. ata_bmdma_stop() clears the ATA_DMA_START flag in the DMA
283 command register.
284 </para>
285 <para>
286 Many legacy IDE drivers use ata_bmdma_status() as the bmdma_status() hook.
287 </para>
289 </sect2>
291 <sect2><title>High-level taskfile hooks</title>
292 <programlisting>
293 void (*qc_prep) (struct ata_queued_cmd *qc);
294 int (*qc_issue) (struct ata_queued_cmd *qc);
295 </programlisting>
297 <para>
298 Higher-level hooks, these two hooks can potentially supercede
299 several of the above taskfile/DMA engine hooks. ->qc_prep is
300 called after the buffers have been DMA-mapped, and is typically
301 used to populate the hardware's DMA scatter-gather table.
302 Most drivers use the standard ata_qc_prep() helper function, but
303 more advanced drivers roll their own.
304 </para>
305 <para>
306 ->qc_issue is used to make a command active, once the hardware
307 and S/G tables have been prepared. IDE BMDMA drivers use the
308 helper function ata_qc_issue_prot() for taskfile protocol-based
309 dispatch. More advanced drivers implement their own ->qc_issue.
310 </para>
311 <para>
312 ata_qc_issue_prot() calls ->tf_load(), ->bmdma_setup(), and
313 ->bmdma_start() as necessary to initiate a transfer.
314 </para>
316 </sect2>
318 <sect2><title>Timeout (error) handling</title>
319 <programlisting>
320 void (*eng_timeout) (struct ata_port *ap);
321 </programlisting>
323 <para>
324 This is a high level error handling function, called from the
325 error handling thread, when a command times out. Most newer
326 hardware will implement its own error handling code here. IDE BMDMA
327 drivers may use the helper function ata_eng_timeout().
328 </para>
330 </sect2>
332 <sect2><title>Hardware interrupt handling</title>
333 <programlisting>
334 irqreturn_t (*irq_handler)(int, void *, struct pt_regs *);
335 void (*irq_clear) (struct ata_port *);
336 </programlisting>
338 <para>
339 ->irq_handler is the interrupt handling routine registered with
340 the system, by libata. ->irq_clear is called during probe just
341 before the interrupt handler is registered, to be sure hardware
342 is quiet.
343 </para>
344 <para>
345 The second argument, dev_instance, should be cast to a pointer
346 to struct ata_host_set.
347 </para>
348 <para>
349 Most legacy IDE drivers use ata_interrupt() for the
350 irq_handler hook, which scans all ports in the host_set,
351 determines which queued command was active (if any), and calls
352 ata_host_intr(ap,qc).
353 </para>
354 <para>
355 Most legacy IDE drivers use ata_bmdma_irq_clear() for the
356 irq_clear() hook, which simply clears the interrupt and error
357 flags in the DMA status register.
358 </para>
360 </sect2>
362 <sect2><title>SATA phy read/write</title>
363 <programlisting>
364 u32 (*scr_read) (struct ata_port *ap, unsigned int sc_reg);
365 void (*scr_write) (struct ata_port *ap, unsigned int sc_reg,
366 u32 val);
367 </programlisting>
369 <para>
370 Read and write standard SATA phy registers. Currently only used
371 if ->phy_reset hook called the sata_phy_reset() helper function.
372 sc_reg is one of SCR_STATUS, SCR_CONTROL, SCR_ERROR, or SCR_ACTIVE.
373 </para>
375 </sect2>
377 <sect2><title>Init and shutdown</title>
378 <programlisting>
379 int (*port_start) (struct ata_port *ap);
380 void (*port_stop) (struct ata_port *ap);
381 void (*host_stop) (struct ata_host_set *host_set);
382 </programlisting>
384 <para>
385 ->port_start() is called just after the data structures for each
386 port are initialized. Typically this is used to alloc per-port
387 DMA buffers / tables / rings, enable DMA engines, and similar
388 tasks. Some drivers also use this entry point as a chance to
389 allocate driver-private memory for ap->private_data.
390 </para>
391 <para>
392 Many drivers use ata_port_start() as this hook or call
393 it from their own port_start() hooks. ata_port_start()
394 allocates space for a legacy IDE PRD table and returns.
395 </para>
396 <para>
397 ->port_stop() is called after ->host_stop(). It's sole function
398 is to release DMA/memory resources, now that they are no longer
399 actively being used. Many drivers also free driver-private
400 data from port at this time.
401 </para>
402 <para>
403 Many drivers use ata_port_stop() as this hook, which frees the
404 PRD table.
405 </para>
406 <para>
407 ->host_stop() is called after all ->port_stop() calls
408 have completed. The hook must finalize hardware shutdown, release DMA
409 and other resources, etc.
410 This hook may be specified as NULL, in which case it is not called.
411 </para>
413 </sect2>
415 </sect1>
416 </chapter>
418 <chapter id="libataEH">
419 <title>Error handling</title>
421 <para>
422 This chapter describes how errors are handled under libata.
423 Readers are advised to read SCSI EH
424 (Documentation/scsi/scsi_eh.txt) and ATA exceptions doc first.
425 </para>
427 <sect1><title>Origins of commands</title>
428 <para>
429 In libata, a command is represented with struct ata_queued_cmd
430 or qc. qc's are preallocated during port initialization and
431 repetitively used for command executions. Currently only one
432 qc is allocated per port but yet-to-be-merged NCQ branch
433 allocates one for each tag and maps each qc to NCQ tag 1-to-1.
434 </para>
435 <para>
436 libata commands can originate from two sources - libata itself
437 and SCSI midlayer. libata internal commands are used for
438 initialization and error handling. All normal blk requests
439 and commands for SCSI emulation are passed as SCSI commands
440 through queuecommand callback of SCSI host template.
441 </para>
442 </sect1>
444 <sect1><title>How commands are issued</title>
446 <variablelist>
448 <varlistentry><term>Internal commands</term>
449 <listitem>
450 <para>
451 First, qc is allocated and initialized using
452 ata_qc_new_init(). Although ata_qc_new_init() doesn't
453 implement any wait or retry mechanism when qc is not
454 available, internal commands are currently issued only during
455 initialization and error recovery, so no other command is
456 active and allocation is guaranteed to succeed.
457 </para>
458 <para>
459 Once allocated qc's taskfile is initialized for the command to
460 be executed. qc currently has two mechanisms to notify
461 completion. One is via qc->complete_fn() callback and the
462 other is completion qc->waiting. qc->complete_fn() callback
463 is the asynchronous path used by normal SCSI translated
464 commands and qc->waiting is the synchronous (issuer sleeps in
465 process context) path used by internal commands.
466 </para>
467 <para>
468 Once initialization is complete, host_set lock is acquired
469 and the qc is issued.
470 </para>
471 </listitem>
472 </varlistentry>
474 <varlistentry><term>SCSI commands</term>
475 <listitem>
476 <para>
477 All libata drivers use ata_scsi_queuecmd() as
478 hostt->queuecommand callback. scmds can either be simulated
479 or translated. No qc is involved in processing a simulated
480 scmd. The result is computed right away and the scmd is
481 completed.
482 </para>
483 <para>
484 For a translated scmd, ata_qc_new_init() is invoked to
485 allocate a qc and the scmd is translated into the qc. SCSI
486 midlayer's completion notification function pointer is stored
487 into qc->scsidone.
488 </para>
489 <para>
490 qc->complete_fn() callback is used for completion
491 notification. ATA commands use ata_scsi_qc_complete() while
492 ATAPI commands use atapi_qc_complete(). Both functions end up
493 calling qc->scsidone to notify upper layer when the qc is
494 finished. After translation is completed, the qc is issued
495 with ata_qc_issue().
496 </para>
497 <para>
498 Note that SCSI midlayer invokes hostt->queuecommand while
499 holding host_set lock, so all above occur while holding
500 host_set lock.
501 </para>
502 </listitem>
503 </varlistentry>
505 </variablelist>
506 </sect1>
508 <sect1><title>How commands are processed</title>
509 <para>
510 Depending on which protocol and which controller are used,
511 commands are processed differently. For the purpose of
512 discussion, a controller which uses taskfile interface and all
513 standard callbacks is assumed.
514 </para>
515 <para>
516 Currently 6 ATA command protocols are used. They can be
517 sorted into the following four categories according to how
518 they are processed.
519 </para>
521 <variablelist>
522 <varlistentry><term>ATA NO DATA or DMA</term>
523 <listitem>
524 <para>
525 ATA_PROT_NODATA and ATA_PROT_DMA fall into this category.
526 These types of commands don't require any software
527 intervention once issued. Device will raise interrupt on
528 completion.
529 </para>
530 </listitem>
531 </varlistentry>
533 <varlistentry><term>ATA PIO</term>
534 <listitem>
535 <para>
536 ATA_PROT_PIO is in this category. libata currently
537 implements PIO with polling. ATA_NIEN bit is set to turn
538 off interrupt and pio_task on ata_wq performs polling and
540 </para>
541 </listitem>
542 </varlistentry>
544 <varlistentry><term>ATAPI NODATA or DMA</term>
545 <listitem>
546 <para>
547 ATA_PROT_ATAPI_NODATA and ATA_PROT_ATAPI_DMA are in this
548 category. packet_task is used to poll BSY bit after
549 issuing PACKET command. Once BSY is turned off by the
550 device, packet_task transfers CDB and hands off processing
551 to interrupt handler.
552 </para>
553 </listitem>
554 </varlistentry>
556 <varlistentry><term>ATAPI PIO</term>
557 <listitem>
558 <para>
559 ATA_PROT_ATAPI is in this category. ATA_NIEN bit is set
560 and, as in ATAPI NODATA or DMA, packet_task submits cdb.
561 However, after submitting cdb, further processing (data
562 transfer) is handed off to pio_task.
563 </para>
564 </listitem>
565 </varlistentry>
566 </variablelist>
567 </sect1>
569 <sect1><title>How commands are completed</title>
570 <para>
571 Once issued, all qc's are either completed with
572 ata_qc_complete() or time out. For commands which are handled
573 by interrupts, ata_host_intr() invokes ata_qc_complete(), and,
574 for PIO tasks, pio_task invokes ata_qc_complete(). In error
575 cases, packet_task may also complete commands.
576 </para>
577 <para>
578 ata_qc_complete() does the following.
579 </para>
581 <orderedlist>
583 <listitem>
584 <para>
585 DMA memory is unmapped.
586 </para>
587 </listitem>
589 <listitem>
590 <para>
591 ATA_QCFLAG_ACTIVE is clared from qc->flags.
592 </para>
593 </listitem>
595 <listitem>
596 <para>
597 qc->complete_fn() callback is invoked. If the return value of
598 the callback is not zero. Completion is short circuited and
599 ata_qc_complete() returns.
600 </para>
601 </listitem>
603 <listitem>
604 <para>
605 __ata_qc_complete() is called, which does
606 <orderedlist>
608 <listitem>
609 <para>
610 qc->flags is cleared to zero.
611 </para>
612 </listitem>
614 <listitem>
615 <para>
616 ap->active_tag and qc->tag are poisoned.
617 </para>
618 </listitem>
620 <listitem>
621 <para>
622 qc->waiting is claread &amp; completed (in that order).
623 </para>
624 </listitem>
626 <listitem>
627 <para>
628 qc is deallocated by clearing appropriate bit in ap->qactive.
629 </para>
630 </listitem>
632 </orderedlist>
633 </para>
634 </listitem>
636 </orderedlist>
638 <para>
639 So, it basically notifies upper layer and deallocates qc. One
640 exception is short-circuit path in #3 which is used by
641 atapi_qc_complete().
642 </para>
643 <para>
644 For all non-ATAPI commands, whether it fails or not, almost
645 the same code path is taken and very little error handling
646 takes place. A qc is completed with success status if it
647 succeeded, with failed status otherwise.
648 </para>
649 <para>
650 However, failed ATAPI commands require more handling as
651 REQUEST SENSE is needed to acquire sense data. If an ATAPI
652 command fails, ata_qc_complete() is invoked with error status,
653 which in turn invokes atapi_qc_complete() via
654 qc->complete_fn() callback.
655 </para>
656 <para>
657 This makes atapi_qc_complete() set scmd->result to
658 SAM_STAT_CHECK_CONDITION, complete the scmd and return 1. As
659 the sense data is empty but scmd->result is CHECK CONDITION,
660 SCSI midlayer will invoke EH for the scmd, and returning 1
661 makes ata_qc_complete() to return without deallocating the qc.
662 This leads us to ata_scsi_error() with partially completed qc.
663 </para>
665 </sect1>
667 <sect1><title>ata_scsi_error()</title>
668 <para>
669 ata_scsi_error() is the current hostt->eh_strategy_handler()
670 for libata. As discussed above, this will be entered in two
671 cases - timeout and ATAPI error completion. This function
672 calls low level libata driver's eng_timeout() callback, the
673 standard callback for which is ata_eng_timeout(). It checks
674 if a qc is active and calls ata_qc_timeout() on the qc if so.
675 Actual error handling occurs in ata_qc_timeout().
676 </para>
677 <para>
678 If EH is invoked for timeout, ata_qc_timeout() stops BMDMA and
679 completes the qc. Note that as we're currently in EH, we
680 cannot call scsi_done. As described in SCSI EH doc, a
681 recovered scmd should be either retried with
682 scsi_queue_insert() or finished with scsi_finish_command().
683 Here, we override qc->scsidone with scsi_finish_command() and
684 calls ata_qc_complete().
685 </para>
686 <para>
687 If EH is invoked due to a failed ATAPI qc, the qc here is
688 completed but not deallocated. The purpose of this
689 half-completion is to use the qc as place holder to make EH
690 code reach this place. This is a bit hackish, but it works.
691 </para>
692 <para>
693 Once control reaches here, the qc is deallocated by invoking
694 __ata_qc_complete() explicitly. Then, internal qc for REQUEST
695 SENSE is issued. Once sense data is acquired, scmd is
696 finished by directly invoking scsi_finish_command() on the
697 scmd. Note that as we already have completed and deallocated
698 the qc which was associated with the scmd, we don't need
699 to/cannot call ata_qc_complete() again.
700 </para>
702 </sect1>
704 <sect1><title>Problems with the current EH</title>
706 <itemizedlist>
708 <listitem>
709 <para>
710 Error representation is too crude. Currently any and all
711 error conditions are represented with ATA STATUS and ERROR
712 registers. Errors which aren't ATA device errors are treated
713 as ATA device errors by setting ATA_ERR bit. Better error
714 descriptor which can properly represent ATA and other
715 errors/exceptions is needed.
716 </para>
717 </listitem>
719 <listitem>
720 <para>
721 When handling timeouts, no action is taken to make device
722 forget about the timed out command and ready for new commands.
723 </para>
724 </listitem>
726 <listitem>
727 <para>
728 EH handling via ata_scsi_error() is not properly protected
729 from usual command processing. On EH entrance, the device is
730 not in quiescent state. Timed out commands may succeed or
731 fail any time. pio_task and atapi_task may still be running.
732 </para>
733 </listitem>
735 <listitem>
736 <para>
737 Too weak error recovery. Devices / controllers causing HSM
738 mismatch errors and other errors quite often require reset to
739 return to known state. Also, advanced error handling is
740 necessary to support features like NCQ and hotplug.
741 </para>
742 </listitem>
744 <listitem>
745 <para>
746 ATA errors are directly handled in the interrupt handler and
747 PIO errors in pio_task. This is problematic for advanced
748 error handling for the following reasons.
749 </para>
750 <para>
751 First, advanced error handling often requires context and
752 internal qc execution.
753 </para>
754 <para>
755 Second, even a simple failure (say, CRC error) needs
756 information gathering and could trigger complex error handling
757 (say, resetting &amp; reconfiguring). Having multiple code
758 paths to gather information, enter EH and trigger actions
759 makes life painful.
760 </para>
761 <para>
762 Third, scattered EH code makes implementing low level drivers
763 difficult. Low level drivers override libata callbacks. If
764 EH is scattered over several places, each affected callbacks
765 should perform its part of error handling. This can be error
766 prone and painful.
767 </para>
768 </listitem>
770 </itemizedlist>
771 </sect1>
772 </chapter>
774 <chapter id="libataExt">
775 <title>libata Library</title>
776 !Edrivers/scsi/libata-core.c
777 </chapter>
779 <chapter id="libataInt">
780 <title>libata Core Internals</title>
781 !Idrivers/scsi/libata-core.c
782 </chapter>
784 <chapter id="libataScsiInt">
785 <title>libata SCSI translation/emulation</title>
786 !Edrivers/scsi/libata-scsi.c
787 !Idrivers/scsi/libata-scsi.c
788 </chapter>
790 <chapter id="ataExceptions">
791 <title>ATA errors &amp; exceptions</title>
793 <para>
794 This chapter tries to identify what error/exception conditions exist
795 for ATA/ATAPI devices and describe how they should be handled in
796 implementation-neutral way.
797 </para>
799 <para>
800 The term 'error' is used to describe conditions where either an
801 explicit error condition is reported from device or a command has
802 timed out.
803 </para>
805 <para>
806 The term 'exception' is either used to describe exceptional
807 conditions which are not errors (say, power or hotplug events), or
808 to describe both errors and non-error exceptional conditions. Where
809 explicit distinction between error and exception is necessary, the
810 term 'non-error exception' is used.
811 </para>
813 <sect1 id="excat">
814 <title>Exception categories</title>
815 <para>
816 Exceptions are described primarily with respect to legacy
817 taskfile + bus master IDE interface. If a controller provides
818 other better mechanism for error reporting, mapping those into
819 categories described below shouldn't be difficult.
820 </para>
822 <para>
823 In the following sections, two recovery actions - reset and
824 reconfiguring transport - are mentioned. These are described
825 further in <xref linkend="exrec"/>.
826 </para>
828 <sect2 id="excatHSMviolation">
829 <title>HSM violation</title>
830 <para>
831 This error is indicated when STATUS value doesn't match HSM
832 requirement during issuing or excution any ATA/ATAPI command.
833 </para>
835 <itemizedlist>
836 <title>Examples</title>
838 <listitem>
839 <para>
840 ATA_STATUS doesn't contain !BSY &amp;&amp; DRDY &amp;&amp; !DRQ while trying
841 to issue a command.
842 </para>
843 </listitem>
845 <listitem>
846 <para>
847 !BSY &amp;&amp; !DRQ during PIO data transfer.
848 </para>
849 </listitem>
851 <listitem>
852 <para>
853 DRQ on command completion.
854 </para>
855 </listitem>
857 <listitem>
858 <para>
859 !BSY &amp;&amp; ERR after CDB tranfer starts but before the
860 last byte of CDB is transferred. ATA/ATAPI standard states
861 that &quot;The device shall not terminate the PACKET command
862 with an error before the last byte of the command packet has
863 been written&quot; in the error outputs description of PACKET
864 command and the state diagram doesn't include such
865 transitions.
866 </para>
867 </listitem>
869 </itemizedlist>
871 <para>
872 In these cases, HSM is violated and not much information
873 regarding the error can be acquired from STATUS or ERROR
874 register. IOW, this error can be anything - driver bug,
875 faulty device, controller and/or cable.
876 </para>
878 <para>
879 As HSM is violated, reset is necessary to restore known state.
880 Reconfiguring transport for lower speed might be helpful too
881 as transmission errors sometimes cause this kind of errors.
882 </para>
883 </sect2>
885 <sect2 id="excatDevErr">
886 <title>ATA/ATAPI device error (non-NCQ / non-CHECK CONDITION)</title>
888 <para>
889 These are errors detected and reported by ATA/ATAPI devices
890 indicating device problems. For this type of errors, STATUS
891 and ERROR register values are valid and describe error
892 condition. Note that some of ATA bus errors are detected by
893 ATA/ATAPI devices and reported using the same mechanism as
894 device errors. Those cases are described later in this
895 section.
896 </para>
898 <para>
899 For ATA commands, this type of errors are indicated by !BSY
900 &amp;&amp; ERR during command execution and on completion.
901 </para>
903 <para>For ATAPI commands,</para>
905 <itemizedlist>
907 <listitem>
908 <para>
909 !BSY &amp;&amp; ERR &amp;&amp; ABRT right after issuing PACKET
910 indicates that PACKET command is not supported and falls in
911 this category.
912 </para>
913 </listitem>
915 <listitem>
916 <para>
917 !BSY &amp;&amp; ERR(==CHK) &amp;&amp; !ABRT after the last
918 byte of CDB is transferred indicates CHECK CONDITION and
919 doesn't fall in this category.
920 </para>
921 </listitem>
923 <listitem>
924 <para>
925 !BSY &amp;&amp; ERR(==CHK) &amp;&amp; ABRT after the last byte
926 of CDB is transferred *probably* indicates CHECK CONDITION and
927 doesn't fall in this category.
928 </para>
929 </listitem>
931 </itemizedlist>
933 <para>
934 Of errors detected as above, the followings are not ATA/ATAPI
935 device errors but ATA bus errors and should be handled
936 according to <xref linkend="excatATAbusErr"/>.
937 </para>
939 <variablelist>
941 <varlistentry>
942 <term>CRC error during data transfer</term>
943 <listitem>
944 <para>
945 This is indicated by ICRC bit in the ERROR register and
946 means that corruption occurred during data transfer. Upto
947 ATA/ATAPI-7, the standard specifies that this bit is only
948 applicable to UDMA transfers but ATA/ATAPI-8 draft revision
949 1f says that the bit may be applicable to multiword DMA and
950 PIO.
951 </para>
952 </listitem>
953 </varlistentry>
955 <varlistentry>
956 <term>ABRT error during data transfer or on completion</term>
957 <listitem>
958 <para>
959 Upto ATA/ATAPI-7, the standard specifies that ABRT could be
960 set on ICRC errors and on cases where a device is not able
961 to complete a command. Combined with the fact that MWDMA
962 and PIO transfer errors aren't allowed to use ICRC bit upto
963 ATA/ATAPI-7, it seems to imply that ABRT bit alone could
964 indicate tranfer errors.
965 </para>
966 <para>
967 However, ATA/ATAPI-8 draft revision 1f removes the part
968 that ICRC errors can turn on ABRT. So, this is kind of
969 gray area. Some heuristics are needed here.
970 </para>
971 </listitem>
972 </varlistentry>
974 </variablelist>
976 <para>
977 ATA/ATAPI device errors can be further categorized as follows.
978 </para>
980 <variablelist>
982 <varlistentry>
983 <term>Media errors</term>
984 <listitem>
985 <para>
986 This is indicated by UNC bit in the ERROR register. ATA
987 devices reports UNC error only after certain number of
988 retries cannot recover the data, so there's nothing much
989 else to do other than notifying upper layer.
990 </para>
991 <para>
992 READ and WRITE commands report CHS or LBA of the first
993 failed sector but ATA/ATAPI standard specifies that the
994 amount of transferred data on error completion is
995 indeterminate, so we cannot assume that sectors preceding
996 the failed sector have been transferred and thus cannot
997 complete those sectors successfully as SCSI does.
998 </para>
999 </listitem>
1000 </varlistentry>
1002 <varlistentry>
1003 <term>Media changed / media change requested error</term>
1004 <listitem>
1005 <para>
1006 &lt;&lt;TODO: fill here&gt;&gt;
1007 </para>
1008 </listitem>
1009 </varlistentry>
1011 <varlistentry><term>Address error</term>
1012 <listitem>
1013 <para>
1014 This is indicated by IDNF bit in the ERROR register.
1015 Report to upper layer.
1016 </para>
1017 </listitem>
1018 </varlistentry>
1020 <varlistentry><term>Other errors</term>
1021 <listitem>
1022 <para>
1023 This can be invalid command or parameter indicated by ABRT
1024 ERROR bit or some other error condition. Note that ABRT
1025 bit can indicate a lot of things including ICRC and Address
1026 errors. Heuristics needed.
1027 </para>
1028 </listitem>
1029 </varlistentry>
1031 </variablelist>
1033 <para>
1034 Depending on commands, not all STATUS/ERROR bits are
1035 applicable. These non-applicable bits are marked with
1036 &quot;na&quot; in the output descriptions but upto ATA/ATAPI-7
1037 no definition of &quot;na&quot; can be found. However,
1038 ATA/ATAPI-8 draft revision 1f describes &quot;N/A&quot; as
1039 follows.
1040 </para>
1042 <blockquote>
1043 <variablelist>
1044 <varlistentry><term>3.2.3.3a N/A</term>
1045 <listitem>
1046 <para>
1047 A keyword the indicates a field has no defined value in
1048 this standard and should not be checked by the host or
1049 device. N/A fields should be cleared to zero.
1050 </para>
1051 </listitem>
1052 </varlistentry>
1053 </variablelist>
1054 </blockquote>
1056 <para>
1057 So, it seems reasonable to assume that &quot;na&quot; bits are
1058 cleared to zero by devices and thus need no explicit masking.
1059 </para>
1061 </sect2>
1063 <sect2 id="excatATAPIcc">
1064 <title>ATAPI device CHECK CONDITION</title>
1066 <para>
1067 ATAPI device CHECK CONDITION error is indicated by set CHK bit
1068 (ERR bit) in the STATUS register after the last byte of CDB is
1069 transferred for a PACKET command. For this kind of errors,
1070 sense data should be acquired to gather information regarding
1071 the errors. REQUEST SENSE packet command should be used to
1072 acquire sense data.
1073 </para>
1075 <para>
1076 Once sense data is acquired, this type of errors can be
1077 handled similary to other SCSI errors. Note that sense data
1078 may indicate ATA bus error (e.g. Sense Key 04h HARDWARE ERROR
1079 &amp;&amp; ASC/ASCQ 47h/00h SCSI PARITY ERROR). In such
1080 cases, the error should be considered as an ATA bus error and
1081 handled according to <xref linkend="excatATAbusErr"/>.
1082 </para>
1084 </sect2>
1086 <sect2 id="excatNCQerr">
1087 <title>ATA device error (NCQ)</title>
1089 <para>
1090 NCQ command error is indicated by cleared BSY and set ERR bit
1091 during NCQ command phase (one or more NCQ commands
1092 outstanding). Although STATUS and ERROR registers will
1093 contain valid values describing the error, READ LOG EXT is
1094 required to clear the error condition, determine which command
1095 has failed and acquire more information.
1096 </para>
1098 <para>
1099 READ LOG EXT Log Page 10h reports which tag has failed and
1100 taskfile register values describing the error. With this
1101 information the failed command can be handled as a normal ATA
1102 command error as in <xref linkend="excatDevErr"/> and all
1103 other in-flight commands must be retried. Note that this
1104 retry should not be counted - it's likely that commands
1105 retried this way would have completed normally if it were not
1106 for the failed command.
1107 </para>
1109 <para>
1110 Note that ATA bus errors can be reported as ATA device NCQ
1111 errors. This should be handled as described in <xref
1112 linkend="excatATAbusErr"/>.
1113 </para>
1115 <para>
1116 If READ LOG EXT Log Page 10h fails or reports NQ, we're
1117 thoroughly screwed. This condition should be treated
1118 according to <xref linkend="excatHSMviolation"/>.
1119 </para>
1121 </sect2>
1123 <sect2 id="excatATAbusErr">
1124 <title>ATA bus error</title>
1126 <para>
1127 ATA bus error means that data corruption occurred during
1128 transmission over ATA bus (SATA or PATA). This type of errors
1129 can be indicated by
1130 </para>
1132 <itemizedlist>
1134 <listitem>
1135 <para>
1136 ICRC or ABRT error as described in <xref linkend="excatDevErr"/>.
1137 </para>
1138 </listitem>
1140 <listitem>
1141 <para>
1142 Controller-specific error completion with error information
1143 indicating transmission error.
1144 </para>
1145 </listitem>
1147 <listitem>
1148 <para>
1149 On some controllers, command timeout. In this case, there may
1150 be a mechanism to determine that the timeout is due to
1151 transmission error.
1152 </para>
1153 </listitem>
1155 <listitem>
1156 <para>
1157 Unknown/random errors, timeouts and all sorts of weirdities.
1158 </para>
1159 </listitem>
1161 </itemizedlist>
1163 <para>
1164 As described above, transmission errors can cause wide variety
1165 of symptoms ranging from device ICRC error to random device
1166 lockup, and, for many cases, there is no way to tell if an
1167 error condition is due to transmission error or not;
1168 therefore, it's necessary to employ some kind of heuristic
1169 when dealing with errors and timeouts. For example,
1170 encountering repetitive ABRT errors for known supported
1171 command is likely to indicate ATA bus error.
1172 </para>
1174 <para>
1175 Once it's determined that ATA bus errors have possibly
1176 occurred, lowering ATA bus transmission speed is one of
1177 actions which may alleviate the problem. See <xref
1178 linkend="exrecReconf"/> for more information.
1179 </para>
1181 </sect2>
1183 <sect2 id="excatPCIbusErr">
1184 <title>PCI bus error</title>
1186 <para>
1187 Data corruption or other failures during transmission over PCI
1188 (or other system bus). For standard BMDMA, this is indicated
1189 by Error bit in the BMDMA Status register. This type of
1190 errors must be logged as it indicates something is very wrong
1191 with the system. Resetting host controller is recommended.
1192 </para>
1194 </sect2>
1196 <sect2 id="excatLateCompletion">
1197 <title>Late completion</title>
1199 <para>
1200 This occurs when timeout occurs and the timeout handler finds
1201 out that the timed out command has completed successfully or
1202 with error. This is usually caused by lost interrupts. This
1203 type of errors must be logged. Resetting host controller is
1204 recommended.
1205 </para>
1207 </sect2>
1209 <sect2 id="excatUnknown">
1210 <title>Unknown error (timeout)</title>
1212 <para>
1213 This is when timeout occurs and the command is still
1214 processing or the host and device are in unknown state. When
1215 this occurs, HSM could be in any valid or invalid state. To
1216 bring the device to known state and make it forget about the
1217 timed out command, resetting is necessary. The timed out
1218 command may be retried.
1219 </para>
1221 <para>
1222 Timeouts can also be caused by transmission errors. Refer to
1223 <xref linkend="excatATAbusErr"/> for more details.
1224 </para>
1226 </sect2>
1228 <sect2 id="excatHoplugPM">
1229 <title>Hotplug and power management exceptions</title>
1231 <para>
1232 &lt;&lt;TODO: fill here&gt;&gt;
1233 </para>
1235 </sect2>
1237 </sect1>
1239 <sect1 id="exrec">
1240 <title>EH recovery actions</title>
1242 <para>
1243 This section discusses several important recovery actions.
1244 </para>
1246 <sect2 id="exrecClr">
1247 <title>Clearing error condition</title>
1249 <para>
1250 Many controllers require its error registers to be cleared by
1251 error handler. Different controllers may have different
1252 requirements.
1253 </para>
1255 <para>
1256 For SATA, it's strongly recommended to clear at least SError
1257 register during error handling.
1258 </para>
1259 </sect2>
1261 <sect2 id="exrecRst">
1262 <title>Reset</title>
1264 <para>
1265 During EH, resetting is necessary in the following cases.
1266 </para>
1268 <itemizedlist>
1270 <listitem>
1271 <para>
1272 HSM is in unknown or invalid state
1273 </para>
1274 </listitem>
1276 <listitem>
1277 <para>
1278 HBA is in unknown or invalid state
1279 </para>
1280 </listitem>
1282 <listitem>
1283 <para>
1284 EH needs to make HBA/device forget about in-flight commands
1285 </para>
1286 </listitem>
1288 <listitem>
1289 <para>
1290 HBA/device behaves weirdly
1291 </para>
1292 </listitem>
1294 </itemizedlist>
1296 <para>
1297 Resetting during EH might be a good idea regardless of error
1298 condition to improve EH robustness. Whether to reset both or
1299 either one of HBA and device depends on situation but the
1300 following scheme is recommended.
1301 </para>
1303 <itemizedlist>
1305 <listitem>
1306 <para>
1307 When it's known that HBA is in ready state but ATA/ATAPI
1308 device in in unknown state, reset only device.
1309 </para>
1310 </listitem>
1312 <listitem>
1313 <para>
1314 If HBA is in unknown state, reset both HBA and device.
1315 </para>
1316 </listitem>
1318 </itemizedlist>
1320 <para>
1321 HBA resetting is implementation specific. For a controller
1322 complying to taskfile/BMDMA PCI IDE, stopping active DMA
1323 transaction may be sufficient iff BMDMA state is the only HBA
1324 context. But even mostly taskfile/BMDMA PCI IDE complying
1325 controllers may have implementation specific requirements and
1326 mechanism to reset themselves. This must be addressed by
1327 specific drivers.
1328 </para>
1330 <para>
1331 OTOH, ATA/ATAPI standard describes in detail ways to reset
1332 ATA/ATAPI devices.
1333 </para>
1335 <variablelist>
1337 <varlistentry><term>PATA hardware reset</term>
1338 <listitem>
1339 <para>
1340 This is hardware initiated device reset signalled with
1341 asserted PATA RESET- signal. There is no standard way to
1342 initiate hardware reset from software although some
1343 hardware provides registers that allow driver to directly
1344 tweak the RESET- signal.
1345 </para>
1346 </listitem>
1347 </varlistentry>
1349 <varlistentry><term>Software reset</term>
1350 <listitem>
1351 <para>
1352 This is achieved by turning CONTROL SRST bit on for at
1353 least 5us. Both PATA and SATA support it but, in case of
1354 SATA, this may require controller-specific support as the
1355 second Register FIS to clear SRST should be transmitted
1356 while BSY bit is still set. Note that on PATA, this resets
1357 both master and slave devices on a channel.
1358 </para>
1359 </listitem>
1360 </varlistentry>
1362 <varlistentry><term>EXECUTE DEVICE DIAGNOSTIC command</term>
1363 <listitem>
1364 <para>
1365 Although ATA/ATAPI standard doesn't describe exactly, EDD
1366 implies some level of resetting, possibly similar level
1367 with software reset. Host-side EDD protocol can be handled
1368 with normal command processing and most SATA controllers
1369 should be able to handle EDD's just like other commands.
1370 As in software reset, EDD affects both devices on a PATA
1371 bus.
1372 </para>
1373 <para>
1374 Although EDD does reset devices, this doesn't suit error
1375 handling as EDD cannot be issued while BSY is set and it's
1376 unclear how it will act when device is in unknown/weird
1377 state.
1378 </para>
1379 </listitem>
1380 </varlistentry>
1382 <varlistentry><term>ATAPI DEVICE RESET command</term>
1383 <listitem>
1384 <para>
1385 This is very similar to software reset except that reset
1386 can be restricted to the selected device without affecting
1387 the other device sharing the cable.
1388 </para>
1389 </listitem>
1390 </varlistentry>
1392 <varlistentry><term>SATA phy reset</term>
1393 <listitem>
1394 <para>
1395 This is the preferred way of resetting a SATA device. In
1396 effect, it's identical to PATA hardware reset. Note that
1397 this can be done with the standard SCR Control register.
1398 As such, it's usually easier to implement than software
1399 reset.
1400 </para>
1401 </listitem>
1402 </varlistentry>
1404 </variablelist>
1406 <para>
1407 One more thing to consider when resetting devices is that
1408 resetting clears certain configuration parameters and they
1409 need to be set to their previous or newly adjusted values
1410 after reset.
1411 </para>
1413 <para>
1414 Parameters affected are.
1415 </para>
1417 <itemizedlist>
1419 <listitem>
1420 <para>
1421 CHS set up with INITIALIZE DEVICE PARAMETERS (seldomly used)
1422 </para>
1423 </listitem>
1425 <listitem>
1426 <para>
1427 Parameters set with SET FEATURES including transfer mode setting
1428 </para>
1429 </listitem>
1431 <listitem>
1432 <para>
1433 Block count set with SET MULTIPLE MODE
1434 </para>
1435 </listitem>
1437 <listitem>
1438 <para>
1439 Other parameters (SET MAX, MEDIA LOCK...)
1440 </para>
1441 </listitem>
1443 </itemizedlist>
1445 <para>
1446 ATA/ATAPI standard specifies that some parameters must be
1447 maintained across hardware or software reset, but doesn't
1448 strictly specify all of them. Always reconfiguring needed
1449 parameters after reset is required for robustness. Note that
1450 this also applies when resuming from deep sleep (power-off).
1451 </para>
1453 <para>
1454 Also, ATA/ATAPI standard requires that IDENTIFY DEVICE /
1455 IDENTIFY PACKET DEVICE is issued after any configuration
1456 parameter is updated or a hardware reset and the result used
1457 for further operation. OS driver is required to implement
1458 revalidation mechanism to support this.
1459 </para>
1461 </sect2>
1463 <sect2 id="exrecReconf">
1464 <title>Reconfigure transport</title>
1466 <para>
1467 For both PATA and SATA, a lot of corners are cut for cheap
1468 connectors, cables or controllers and it's quite common to see
1469 high transmission error rate. This can be mitigated by
1470 lowering transmission speed.
1471 </para>
1473 <para>
1474 The following is a possible scheme Jeff Garzik suggested.
1475 </para>
1477 <blockquote>
1478 <para>
1479 If more than $N (3?) transmission errors happen in 15 minutes,
1480 </para>
1481 <itemizedlist>
1482 <listitem>
1483 <para>
1484 if SATA, decrease SATA PHY speed. if speed cannot be decreased,
1485 </para>
1486 </listitem>
1487 <listitem>
1488 <para>
1489 decrease UDMA xfer speed. if at UDMA0, switch to PIO4,
1490 </para>
1491 </listitem>
1492 <listitem>
1493 <para>
1494 decrease PIO xfer speed. if at PIO3, complain, but continue
1495 </para>
1496 </listitem>
1497 </itemizedlist>
1498 </blockquote>
1500 </sect2>
1502 </sect1>
1504 </chapter>
1506 <chapter id="PiixInt">
1507 <title>ata_piix Internals</title>
1508 !Idrivers/scsi/ata_piix.c
1509 </chapter>
1511 <chapter id="SILInt">
1512 <title>sata_sil Internals</title>
1513 !Idrivers/scsi/sata_sil.c
1514 </chapter>
1516 <chapter id="libataThanks">
1517 <title>Thanks</title>
1518 <para>
1519 The bulk of the ATA knowledge comes thanks to long conversations with
1520 Andre Hedrick (www.linux-ide.org), and long hours pondering the ATA
1521 and SCSI specifications.
1522 </para>
1523 <para>
1524 Thanks to Alan Cox for pointing out similarities
1525 between SATA and SCSI, and in general for motivation to hack on
1526 libata.
1527 </para>
1528 <para>
1529 libata's device detection
1530 method, ata_pio_devchk, and in general all the early probing was
1531 based on extensive study of Hale Landis's probe/reset code in his
1532 ATADRVR driver (www.ata-atapi.com).
1533 </para>
1534 </chapter>
1536 </book>