block/scsi_ioctl.c at 4b46ca701bdcdc19fcf32823f9fcabf8236e4e78

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / block / scsi_ioctl.c
at 4b46ca701bdcdc19fcf32823f9fcabf8236e4e78 565 lines 14 kB view raw
wrap content
  1/*
  2 * Copyright (C) 2001 Jens Axboe <axboe@suse.de>
  3 *
  4 * This program is free software; you can redistribute it and/or modify
  5 * it under the terms of the GNU General Public License version 2 as
  6 * published by the Free Software Foundation.
  7 *
  8 * This program is distributed in the hope that it will be useful,
  9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 10 *
 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 12 * GNU General Public License for more details.
 13 *
 14 * You should have received a copy of the GNU General Public Licens
 15 * along with this program; if not, write to the Free Software
 16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-
 17 *
 18 */
 19#include <linux/kernel.h>
 20#include <linux/errno.h>
 21#include <linux/string.h>
 22#include <linux/module.h>
 23#include <linux/blkdev.h>
 24#include <linux/capability.h>
 25#include <linux/completion.h>
 26#include <linux/cdrom.h>
 27#include <linux/slab.h>
 28#include <linux/times.h>
 29#include <asm/uaccess.h>
 30
 31#include <scsi/scsi.h>
 32#include <scsi/scsi_ioctl.h>
 33#include <scsi/scsi_cmnd.h>
 34
 35/* Command group 3 is reserved and should never be used.  */
 36const unsigned char scsi_command_size_tbl[8] =
 37{
 38	6, 10, 10, 12,
 39	16, 12, 10, 10
 40};
 41EXPORT_SYMBOL(scsi_command_size_tbl);
 42
 43#include <scsi/sg.h>
 44
 45static int sg_get_version(int __user *p)
 46{
 47	static const int sg_version_num = 30527;
 48	return put_user(sg_version_num, p);
 49}
 50
 51static int scsi_get_idlun(struct request_queue *q, int __user *p)
 52{
 53	return put_user(0, p);
 54}
 55
 56static int scsi_get_bus(struct request_queue *q, int __user *p)
 57{
 58	return put_user(0, p);
 59}
 60
 61static int sg_get_timeout(struct request_queue *q)
 62{
 63	return q->sg_timeout / (HZ / USER_HZ);
 64}
 65
 66static int sg_set_timeout(struct request_queue *q, int __user *p)
 67{
 68	int timeout, err = get_user(timeout, p);
 69
 70	if (!err)
 71		q->sg_timeout = timeout * (HZ / USER_HZ);
 72
 73	return err;
 74}
 75
 76static int sg_get_reserved_size(struct request_queue *q, int __user *p)
 77{
 78	unsigned val = min(q->sg_reserved_size, q->max_sectors << 9);
 79
 80	return put_user(val, p);
 81}
 82
 83static int sg_set_reserved_size(struct request_queue *q, int __user *p)
 84{
 85	int size, err = get_user(size, p);
 86
 87	if (err)
 88		return err;
 89
 90	if (size < 0)
 91		return -EINVAL;
 92	if (size > (q->max_sectors << 9))
 93		size = q->max_sectors << 9;
 94
 95	q->sg_reserved_size = size;
 96	return 0;
 97}
 98
 99/*
100 * will always return that we are ATAPI even for a real SCSI drive, I'm not
101 * so sure this is worth doing anything about (why would you care??)
102 */
103static int sg_emulated_host(struct request_queue *q, int __user *p)
104{
105	return put_user(1, p);
106}
107
108static int blk_fill_sghdr_rq(struct request_queue *q, struct request *rq,
109			     struct sg_io_hdr *hdr, struct file *file)
110{
111	if (copy_from_user(rq->cmd, hdr->cmdp, hdr->cmd_len))
112		return -EFAULT;
113	if (blk_verify_command(file, rq->cmd))
114		return -EPERM;
115
116	/*
117	 * fill in request structure
118	 */
119	rq->cmd_len = hdr->cmd_len;
120	rq->cmd_type = REQ_TYPE_BLOCK_PC;
121
122	rq->timeout = msecs_to_jiffies(hdr->timeout);
123	if (!rq->timeout)
124		rq->timeout = q->sg_timeout;
125	if (!rq->timeout)
126		rq->timeout = BLK_DEFAULT_SG_TIMEOUT;
127
128	return 0;
129}
130
131/*
132 * unmap a request that was previously mapped to this sg_io_hdr. handles
133 * both sg and non-sg sg_io_hdr.
134 */
135static int blk_unmap_sghdr_rq(struct request *rq, struct sg_io_hdr *hdr)
136{
137	blk_rq_unmap_user(rq->bio);
138	blk_put_request(rq);
139	return 0;
140}
141
142static int blk_complete_sghdr_rq(struct request *rq, struct sg_io_hdr *hdr,
143				 struct bio *bio)
144{
145	int r, ret = 0;
146
147	/*
148	 * fill in all the output members
149	 */
150	hdr->status = rq->errors & 0xff;
151	hdr->masked_status = status_byte(rq->errors);
152	hdr->msg_status = msg_byte(rq->errors);
153	hdr->host_status = host_byte(rq->errors);
154	hdr->driver_status = driver_byte(rq->errors);
155	hdr->info = 0;
156	if (hdr->masked_status || hdr->host_status || hdr->driver_status)
157		hdr->info |= SG_INFO_CHECK;
158	hdr->resid = rq->data_len;
159	hdr->sb_len_wr = 0;
160
161	if (rq->sense_len && hdr->sbp) {
162		int len = min((unsigned int) hdr->mx_sb_len, rq->sense_len);
163
164		if (!copy_to_user(hdr->sbp, rq->sense, len))
165			hdr->sb_len_wr = len;
166		else
167			ret = -EFAULT;
168	}
169
170	rq->bio = bio;
171	r = blk_unmap_sghdr_rq(rq, hdr);
172	if (ret)
173		r = ret;
174
175	return r;
176}
177
178static int sg_io(struct file *file, struct request_queue *q,
179		struct gendisk *bd_disk, struct sg_io_hdr *hdr)
180{
181	unsigned long start_time;
182	int writing = 0, ret = 0;
183	struct request *rq;
184	char sense[SCSI_SENSE_BUFFERSIZE];
185	struct bio *bio;
186
187	if (hdr->interface_id != 'S')
188		return -EINVAL;
189	if (hdr->cmd_len > BLK_MAX_CDB)
190		return -EINVAL;
191
192	if (hdr->dxfer_len > (q->max_hw_sectors << 9))
193		return -EIO;
194
195	if (hdr->dxfer_len)
196		switch (hdr->dxfer_direction) {
197		default:
198			return -EINVAL;
199		case SG_DXFER_TO_DEV:
200			writing = 1;
201			break;
202		case SG_DXFER_TO_FROM_DEV:
203		case SG_DXFER_FROM_DEV:
204			break;
205		}
206
207	rq = blk_get_request(q, writing ? WRITE : READ, GFP_KERNEL);
208	if (!rq)
209		return -ENOMEM;
210
211	if (blk_fill_sghdr_rq(q, rq, hdr, file)) {
212		blk_put_request(rq);
213		return -EFAULT;
214	}
215
216	if (hdr->iovec_count) {
217		const int size = sizeof(struct sg_iovec) * hdr->iovec_count;
218		struct sg_iovec *iov;
219
220		iov = kmalloc(size, GFP_KERNEL);
221		if (!iov) {
222			ret = -ENOMEM;
223			goto out;
224		}
225
226		if (copy_from_user(iov, hdr->dxferp, size)) {
227			kfree(iov);
228			ret = -EFAULT;
229			goto out;
230		}
231
232		ret = blk_rq_map_user_iov(q, rq, iov, hdr->iovec_count,
233					  hdr->dxfer_len);
234		kfree(iov);
235	} else if (hdr->dxfer_len)
236		ret = blk_rq_map_user(q, rq, hdr->dxferp, hdr->dxfer_len);
237
238	if (ret)
239		goto out;
240
241	bio = rq->bio;
242	memset(sense, 0, sizeof(sense));
243	rq->sense = sense;
244	rq->sense_len = 0;
245	rq->retries = 0;
246
247	start_time = jiffies;
248
249	/* ignore return value. All information is passed back to caller
250	 * (if he doesn't check that is his problem).
251	 * N.B. a non-zero SCSI status is _not_ necessarily an error.
252	 */
253	blk_execute_rq(q, bd_disk, rq, 0);
254
255	hdr->duration = jiffies_to_msecs(jiffies - start_time);
256
257	return blk_complete_sghdr_rq(rq, hdr, bio);
258out:
259	blk_put_request(rq);
260	return ret;
261}
262
263/**
264 * sg_scsi_ioctl  --  handle deprecated SCSI_IOCTL_SEND_COMMAND ioctl
265 * @file:	file this ioctl operates on (optional)
266 * @q:		request queue to send scsi commands down
267 * @disk:	gendisk to operate on (option)
268 * @sic:	userspace structure describing the command to perform
269 *
270 * Send down the scsi command described by @sic to the device below
271 * the request queue @q.  If @file is non-NULL it's used to perform
272 * fine-grained permission checks that allow users to send down
273 * non-destructive SCSI commands.  If the caller has a struct gendisk
274 * available it should be passed in as @disk to allow the low level
275 * driver to use the information contained in it.  A non-NULL @disk
276 * is only allowed if the caller knows that the low level driver doesn't
277 * need it (e.g. in the scsi subsystem).
278 *
279 * Notes:
280 *   -  This interface is deprecated - users should use the SG_IO
281 *      interface instead, as this is a more flexible approach to
282 *      performing SCSI commands on a device.
283 *   -  The SCSI command length is determined by examining the 1st byte
284 *      of the given command. There is no way to override this.
285 *   -  Data transfers are limited to PAGE_SIZE
286 *   -  The length (x + y) must be at least OMAX_SB_LEN bytes long to
287 *      accommodate the sense buffer when an error occurs.
288 *      The sense buffer is truncated to OMAX_SB_LEN (16) bytes so that
289 *      old code will not be surprised.
290 *   -  If a Unix error occurs (e.g. ENOMEM) then the user will receive
291 *      a negative return and the Unix error code in 'errno'.
292 *      If the SCSI command succeeds then 0 is returned.
293 *      Positive numbers returned are the compacted SCSI error codes (4
294 *      bytes in one int) where the lowest byte is the SCSI status.
295 */
296#define OMAX_SB_LEN 16          /* For backward compatibility */
297int sg_scsi_ioctl(struct file *file, struct request_queue *q,
298		  struct gendisk *disk, struct scsi_ioctl_command __user *sic)
299{
300	struct request *rq;
301	int err;
302	unsigned int in_len, out_len, bytes, opcode, cmdlen;
303	char *buffer = NULL, sense[SCSI_SENSE_BUFFERSIZE];
304
305	if (!sic)
306		return -EINVAL;
307
308	/*
309	 * get in an out lengths, verify they don't exceed a page worth of data
310	 */
311	if (get_user(in_len, &sic->inlen))
312		return -EFAULT;
313	if (get_user(out_len, &sic->outlen))
314		return -EFAULT;
315	if (in_len > PAGE_SIZE || out_len > PAGE_SIZE)
316		return -EINVAL;
317	if (get_user(opcode, sic->data))
318		return -EFAULT;
319
320	bytes = max(in_len, out_len);
321	if (bytes) {
322		buffer = kzalloc(bytes, q->bounce_gfp | GFP_USER| __GFP_NOWARN);
323		if (!buffer)
324			return -ENOMEM;
325
326	}
327
328	rq = blk_get_request(q, in_len ? WRITE : READ, __GFP_WAIT);
329
330	cmdlen = COMMAND_SIZE(opcode);
331
332	/*
333	 * get command and data to send to device, if any
334	 */
335	err = -EFAULT;
336	rq->cmd_len = cmdlen;
337	if (copy_from_user(rq->cmd, sic->data, cmdlen))
338		goto error;
339
340	if (in_len && copy_from_user(buffer, sic->data + cmdlen, in_len))
341		goto error;
342
343	err = blk_verify_command(file, rq->cmd);
344	if (err)
345		goto error;
346
347	/* default.  possible overriden later */
348	rq->retries = 5;
349
350	switch (opcode) {
351	case SEND_DIAGNOSTIC:
352	case FORMAT_UNIT:
353		rq->timeout = FORMAT_UNIT_TIMEOUT;
354		rq->retries = 1;
355		break;
356	case START_STOP:
357		rq->timeout = START_STOP_TIMEOUT;
358		break;
359	case MOVE_MEDIUM:
360		rq->timeout = MOVE_MEDIUM_TIMEOUT;
361		break;
362	case READ_ELEMENT_STATUS:
363		rq->timeout = READ_ELEMENT_STATUS_TIMEOUT;
364		break;
365	case READ_DEFECT_DATA:
366		rq->timeout = READ_DEFECT_DATA_TIMEOUT;
367		rq->retries = 1;
368		break;
369	default:
370		rq->timeout = BLK_DEFAULT_SG_TIMEOUT;
371		break;
372	}
373
374	if (bytes && blk_rq_map_kern(q, rq, buffer, bytes, __GFP_WAIT)) {
375		err = DRIVER_ERROR << 24;
376		goto out;
377	}
378
379	memset(sense, 0, sizeof(sense));
380	rq->sense = sense;
381	rq->sense_len = 0;
382	rq->cmd_type = REQ_TYPE_BLOCK_PC;
383
384	blk_execute_rq(q, disk, rq, 0);
385
386out:
387	err = rq->errors & 0xff;	/* only 8 bit SCSI status */
388	if (err) {
389		if (rq->sense_len && rq->sense) {
390			bytes = (OMAX_SB_LEN > rq->sense_len) ?
391				rq->sense_len : OMAX_SB_LEN;
392			if (copy_to_user(sic->data, rq->sense, bytes))
393				err = -EFAULT;
394		}
395	} else {
396		if (copy_to_user(sic->data, buffer, out_len))
397			err = -EFAULT;
398	}
399	
400error:
401	kfree(buffer);
402	blk_put_request(rq);
403	return err;
404}
405EXPORT_SYMBOL_GPL(sg_scsi_ioctl);
406
407/* Send basic block requests */
408static int __blk_send_generic(struct request_queue *q, struct gendisk *bd_disk,
409			      int cmd, int data)
410{
411	struct request *rq;
412	int err;
413
414	rq = blk_get_request(q, WRITE, __GFP_WAIT);
415	rq->cmd_type = REQ_TYPE_BLOCK_PC;
416	rq->data = NULL;
417	rq->data_len = 0;
418	rq->extra_len = 0;
419	rq->timeout = BLK_DEFAULT_SG_TIMEOUT;
420	rq->cmd[0] = cmd;
421	rq->cmd[4] = data;
422	rq->cmd_len = 6;
423	err = blk_execute_rq(q, bd_disk, rq, 0);
424	blk_put_request(rq);
425
426	return err;
427}
428
429static inline int blk_send_start_stop(struct request_queue *q,
430				      struct gendisk *bd_disk, int data)
431{
432	return __blk_send_generic(q, bd_disk, GPCMD_START_STOP_UNIT, data);
433}
434
435int scsi_cmd_ioctl(struct file *file, struct request_queue *q,
436		   struct gendisk *bd_disk, unsigned int cmd, void __user *arg)
437{
438	int err;
439
440	if (!q || blk_get_queue(q))
441		return -ENXIO;
442
443	switch (cmd) {
444		/*
445		 * new sgv3 interface
446		 */
447		case SG_GET_VERSION_NUM:
448			err = sg_get_version(arg);
449			break;
450		case SCSI_IOCTL_GET_IDLUN:
451			err = scsi_get_idlun(q, arg);
452			break;
453		case SCSI_IOCTL_GET_BUS_NUMBER:
454			err = scsi_get_bus(q, arg);
455			break;
456		case SG_SET_TIMEOUT:
457			err = sg_set_timeout(q, arg);
458			break;
459		case SG_GET_TIMEOUT:
460			err = sg_get_timeout(q);
461			break;
462		case SG_GET_RESERVED_SIZE:
463			err = sg_get_reserved_size(q, arg);
464			break;
465		case SG_SET_RESERVED_SIZE:
466			err = sg_set_reserved_size(q, arg);
467			break;
468		case SG_EMULATED_HOST:
469			err = sg_emulated_host(q, arg);
470			break;
471		case SG_IO: {
472			struct sg_io_hdr hdr;
473
474			err = -EFAULT;
475			if (copy_from_user(&hdr, arg, sizeof(hdr)))
476				break;
477			err = sg_io(file, q, bd_disk, &hdr);
478			if (err == -EFAULT)
479				break;
480
481			if (copy_to_user(arg, &hdr, sizeof(hdr)))
482				err = -EFAULT;
483			break;
484		}
485		case CDROM_SEND_PACKET: {
486			struct cdrom_generic_command cgc;
487			struct sg_io_hdr hdr;
488
489			err = -EFAULT;
490			if (copy_from_user(&cgc, arg, sizeof(cgc)))
491				break;
492			cgc.timeout = clock_t_to_jiffies(cgc.timeout);
493			memset(&hdr, 0, sizeof(hdr));
494			hdr.interface_id = 'S';
495			hdr.cmd_len = sizeof(cgc.cmd);
496			hdr.dxfer_len = cgc.buflen;
497			err = 0;
498			switch (cgc.data_direction) {
499				case CGC_DATA_UNKNOWN:
500					hdr.dxfer_direction = SG_DXFER_UNKNOWN;
501					break;
502				case CGC_DATA_WRITE:
503					hdr.dxfer_direction = SG_DXFER_TO_DEV;
504					break;
505				case CGC_DATA_READ:
506					hdr.dxfer_direction = SG_DXFER_FROM_DEV;
507					break;
508				case CGC_DATA_NONE:
509					hdr.dxfer_direction = SG_DXFER_NONE;
510					break;
511				default:
512					err = -EINVAL;
513			}
514			if (err)
515				break;
516
517			hdr.dxferp = cgc.buffer;
518			hdr.sbp = cgc.sense;
519			if (hdr.sbp)
520				hdr.mx_sb_len = sizeof(struct request_sense);
521			hdr.timeout = jiffies_to_msecs(cgc.timeout);
522			hdr.cmdp = ((struct cdrom_generic_command __user*) arg)->cmd;
523			hdr.cmd_len = sizeof(cgc.cmd);
524
525			err = sg_io(file, q, bd_disk, &hdr);
526			if (err == -EFAULT)
527				break;
528
529			if (hdr.status)
530				err = -EIO;
531
532			cgc.stat = err;
533			cgc.buflen = hdr.resid;
534			if (copy_to_user(arg, &cgc, sizeof(cgc)))
535				err = -EFAULT;
536
537			break;
538		}
539
540		/*
541		 * old junk scsi send command ioctl
542		 */
543		case SCSI_IOCTL_SEND_COMMAND:
544			printk(KERN_WARNING "program %s is using a deprecated SCSI ioctl, please convert it to SG_IO\n", current->comm);
545			err = -EINVAL;
546			if (!arg)
547				break;
548
549			err = sg_scsi_ioctl(file, q, bd_disk, arg);
550			break;
551		case CDROMCLOSETRAY:
552			err = blk_send_start_stop(q, bd_disk, 0x03);
553			break;
554		case CDROMEJECT:
555			err = blk_send_start_stop(q, bd_disk, 0x02);
556			break;
557		default:
558			err = -ENOTTY;
559	}
560
561	blk_put_queue(q);
562	return err;
563}
564
565EXPORT_SYMBOL(scsi_cmd_ioctl);
Configure Feed

Configure Feed
