drivers/block/scsi_ioctl.c at 77b2555b52a894a2e39a42e43d993df875c46a6a

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / drivers / block / scsi_ioctl.c
at 77b2555b52a894a2e39a42e43d993df875c46a6a 588 lines 14 kB view raw
wrap content
  1/*
  2 * Copyright (C) 2001 Jens Axboe <axboe@suse.de>
  3 *
  4 * This program is free software; you can redistribute it and/or modify
  5 * it under the terms of the GNU General Public License version 2 as
  6 * published by the Free Software Foundation.
  7 *
  8 * This program is distributed in the hope that it will be useful,
  9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 10 *
 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 12 * GNU General Public License for more details.
 13 *
 14 * You should have received a copy of the GNU General Public Licens
 15 * along with this program; if not, write to the Free Software
 16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-
 17 *
 18 */
 19#include <linux/kernel.h>
 20#include <linux/errno.h>
 21#include <linux/string.h>
 22#include <linux/module.h>
 23#include <linux/blkdev.h>
 24#include <linux/completion.h>
 25#include <linux/cdrom.h>
 26#include <linux/slab.h>
 27#include <linux/times.h>
 28#include <asm/uaccess.h>
 29
 30#include <scsi/scsi.h>
 31#include <scsi/scsi_ioctl.h>
 32#include <scsi/scsi_cmnd.h>
 33
 34/* Command group 3 is reserved and should never be used.  */
 35const unsigned char scsi_command_size[8] =
 36{
 37	6, 10, 10, 12,
 38	16, 12, 10, 10
 39};
 40
 41EXPORT_SYMBOL(scsi_command_size);
 42
 43#define BLK_DEFAULT_TIMEOUT	(60 * HZ)
 44
 45#include <scsi/sg.h>
 46
 47static int sg_get_version(int __user *p)
 48{
 49	static int sg_version_num = 30527;
 50	return put_user(sg_version_num, p);
 51}
 52
 53static int scsi_get_idlun(request_queue_t *q, int __user *p)
 54{
 55	return put_user(0, p);
 56}
 57
 58static int scsi_get_bus(request_queue_t *q, int __user *p)
 59{
 60	return put_user(0, p);
 61}
 62
 63static int sg_get_timeout(request_queue_t *q)
 64{
 65	return q->sg_timeout / (HZ / USER_HZ);
 66}
 67
 68static int sg_set_timeout(request_queue_t *q, int __user *p)
 69{
 70	int timeout, err = get_user(timeout, p);
 71
 72	if (!err)
 73		q->sg_timeout = timeout * (HZ / USER_HZ);
 74
 75	return err;
 76}
 77
 78static int sg_get_reserved_size(request_queue_t *q, int __user *p)
 79{
 80	return put_user(q->sg_reserved_size, p);
 81}
 82
 83static int sg_set_reserved_size(request_queue_t *q, int __user *p)
 84{
 85	int size, err = get_user(size, p);
 86
 87	if (err)
 88		return err;
 89
 90	if (size < 0)
 91		return -EINVAL;
 92	if (size > (q->max_sectors << 9))
 93		size = q->max_sectors << 9;
 94
 95	q->sg_reserved_size = size;
 96	return 0;
 97}
 98
 99/*
100 * will always return that we are ATAPI even for a real SCSI drive, I'm not
101 * so sure this is worth doing anything about (why would you care??)
102 */
103static int sg_emulated_host(request_queue_t *q, int __user *p)
104{
105	return put_user(1, p);
106}
107
108#define CMD_READ_SAFE	0x01
109#define CMD_WRITE_SAFE	0x02
110#define CMD_WARNED	0x04
111#define safe_for_read(cmd)	[cmd] = CMD_READ_SAFE
112#define safe_for_write(cmd)	[cmd] = CMD_WRITE_SAFE
113
114static int verify_command(struct file *file, unsigned char *cmd)
115{
116	static unsigned char cmd_type[256] = {
117
118		/* Basic read-only commands */
119		safe_for_read(TEST_UNIT_READY),
120		safe_for_read(REQUEST_SENSE),
121		safe_for_read(READ_6),
122		safe_for_read(READ_10),
123		safe_for_read(READ_12),
124		safe_for_read(READ_16),
125		safe_for_read(READ_BUFFER),
126		safe_for_read(READ_DEFECT_DATA),
127		safe_for_read(READ_LONG),
128		safe_for_read(INQUIRY),
129		safe_for_read(MODE_SENSE),
130		safe_for_read(MODE_SENSE_10),
131		safe_for_read(LOG_SENSE),
132		safe_for_read(START_STOP),
133		safe_for_read(GPCMD_VERIFY_10),
134		safe_for_read(VERIFY_16),
135
136		/* Audio CD commands */
137		safe_for_read(GPCMD_PLAY_CD),
138		safe_for_read(GPCMD_PLAY_AUDIO_10),
139		safe_for_read(GPCMD_PLAY_AUDIO_MSF),
140		safe_for_read(GPCMD_PLAY_AUDIO_TI),
141		safe_for_read(GPCMD_PAUSE_RESUME),
142
143		/* CD/DVD data reading */
144		safe_for_read(GPCMD_READ_BUFFER_CAPACITY),
145		safe_for_read(GPCMD_READ_CD),
146		safe_for_read(GPCMD_READ_CD_MSF),
147		safe_for_read(GPCMD_READ_DISC_INFO),
148		safe_for_read(GPCMD_READ_CDVD_CAPACITY),
149		safe_for_read(GPCMD_READ_DVD_STRUCTURE),
150		safe_for_read(GPCMD_READ_HEADER),
151		safe_for_read(GPCMD_READ_TRACK_RZONE_INFO),
152		safe_for_read(GPCMD_READ_SUBCHANNEL),
153		safe_for_read(GPCMD_READ_TOC_PMA_ATIP),
154		safe_for_read(GPCMD_REPORT_KEY),
155		safe_for_read(GPCMD_SCAN),
156		safe_for_read(GPCMD_GET_CONFIGURATION),
157		safe_for_read(GPCMD_READ_FORMAT_CAPACITIES),
158		safe_for_read(GPCMD_GET_EVENT_STATUS_NOTIFICATION),
159		safe_for_read(GPCMD_GET_PERFORMANCE),
160		safe_for_read(GPCMD_SEEK),
161		safe_for_read(GPCMD_STOP_PLAY_SCAN),
162
163		/* Basic writing commands */
164		safe_for_write(WRITE_6),
165		safe_for_write(WRITE_10),
166		safe_for_write(WRITE_VERIFY),
167		safe_for_write(WRITE_12),
168		safe_for_write(WRITE_VERIFY_12),
169		safe_for_write(WRITE_16),
170		safe_for_write(WRITE_LONG),
171		safe_for_write(ERASE),
172		safe_for_write(GPCMD_MODE_SELECT_10),
173		safe_for_write(MODE_SELECT),
174		safe_for_write(LOG_SELECT),
175		safe_for_write(GPCMD_BLANK),
176		safe_for_write(GPCMD_CLOSE_TRACK),
177		safe_for_write(GPCMD_FLUSH_CACHE),
178		safe_for_write(GPCMD_FORMAT_UNIT),
179		safe_for_write(GPCMD_REPAIR_RZONE_TRACK),
180		safe_for_write(GPCMD_RESERVE_RZONE_TRACK),
181		safe_for_write(GPCMD_SEND_DVD_STRUCTURE),
182		safe_for_write(GPCMD_SEND_EVENT),
183		safe_for_write(GPCMD_SEND_KEY),
184		safe_for_write(GPCMD_SEND_OPC),
185		safe_for_write(GPCMD_SEND_CUE_SHEET),
186		safe_for_write(GPCMD_SET_SPEED),
187		safe_for_write(GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL),
188		safe_for_write(GPCMD_LOAD_UNLOAD),
189		safe_for_write(GPCMD_SET_STREAMING),
190	};
191	unsigned char type = cmd_type[cmd[0]];
192
193	/* Anybody who can open the device can do a read-safe command */
194	if (type & CMD_READ_SAFE)
195		return 0;
196
197	/* Write-safe commands just require a writable open.. */
198	if (type & CMD_WRITE_SAFE) {
199		if (file->f_mode & FMODE_WRITE)
200			return 0;
201	}
202
203	if (!type) {
204		cmd_type[cmd[0]] = CMD_WARNED;
205		printk(KERN_WARNING "scsi: unknown opcode 0x%02x\n", cmd[0]);
206	}
207
208	/* And root can do any command.. */
209	if (capable(CAP_SYS_RAWIO))
210		return 0;
211
212	/* Otherwise fail it with an "Operation not permitted" */
213	return -EPERM;
214}
215
216static int sg_io(struct file *file, request_queue_t *q,
217		struct gendisk *bd_disk, struct sg_io_hdr *hdr)
218{
219	unsigned long start_time;
220	int writing = 0, ret = 0;
221	struct request *rq;
222	struct bio *bio;
223	char sense[SCSI_SENSE_BUFFERSIZE];
224	unsigned char cmd[BLK_MAX_CDB];
225
226	if (hdr->interface_id != 'S')
227		return -EINVAL;
228	if (hdr->cmd_len > BLK_MAX_CDB)
229		return -EINVAL;
230	if (copy_from_user(cmd, hdr->cmdp, hdr->cmd_len))
231		return -EFAULT;
232	if (verify_command(file, cmd))
233		return -EPERM;
234
235	if (hdr->dxfer_len > (q->max_sectors << 9))
236		return -EIO;
237
238	if (hdr->dxfer_len)
239		switch (hdr->dxfer_direction) {
240		default:
241			return -EINVAL;
242		case SG_DXFER_TO_FROM_DEV:
243		case SG_DXFER_TO_DEV:
244			writing = 1;
245			break;
246		case SG_DXFER_FROM_DEV:
247			break;
248		}
249
250	rq = blk_get_request(q, writing ? WRITE : READ, GFP_KERNEL);
251	if (!rq)
252		return -ENOMEM;
253
254	if (hdr->iovec_count) {
255		const int size = sizeof(struct sg_iovec) * hdr->iovec_count;
256		struct sg_iovec *iov;
257
258		iov = kmalloc(size, GFP_KERNEL);
259		if (!iov) {
260			ret = -ENOMEM;
261			goto out;
262		}
263
264		if (copy_from_user(iov, hdr->dxferp, size)) {
265			kfree(iov);
266			ret = -EFAULT;
267			goto out;
268		}
269
270		ret = blk_rq_map_user_iov(q, rq, iov, hdr->iovec_count);
271		kfree(iov);
272	} else if (hdr->dxfer_len)
273		ret = blk_rq_map_user(q, rq, hdr->dxferp, hdr->dxfer_len);
274
275	if (ret)
276		goto out;
277
278	/*
279	 * fill in request structure
280	 */
281	rq->cmd_len = hdr->cmd_len;
282	memcpy(rq->cmd, cmd, hdr->cmd_len);
283	if (sizeof(rq->cmd) != hdr->cmd_len)
284		memset(rq->cmd + hdr->cmd_len, 0, sizeof(rq->cmd) - hdr->cmd_len);
285
286	memset(sense, 0, sizeof(sense));
287	rq->sense = sense;
288	rq->sense_len = 0;
289
290	rq->flags |= REQ_BLOCK_PC;
291	bio = rq->bio;
292
293	/*
294	 * bounce this after holding a reference to the original bio, it's
295	 * needed for proper unmapping
296	 */
297	if (rq->bio)
298		blk_queue_bounce(q, &rq->bio);
299
300	rq->timeout = (hdr->timeout * HZ) / 1000;
301	if (!rq->timeout)
302		rq->timeout = q->sg_timeout;
303	if (!rq->timeout)
304		rq->timeout = BLK_DEFAULT_TIMEOUT;
305
306	start_time = jiffies;
307
308	/* ignore return value. All information is passed back to caller
309	 * (if he doesn't check that is his problem).
310	 * N.B. a non-zero SCSI status is _not_ necessarily an error.
311	 */
312	blk_execute_rq(q, bd_disk, rq, 0);
313
314	/* write to all output members */
315	hdr->status = 0xff & rq->errors;
316	hdr->masked_status = status_byte(rq->errors);
317	hdr->msg_status = msg_byte(rq->errors);
318	hdr->host_status = host_byte(rq->errors);
319	hdr->driver_status = driver_byte(rq->errors);
320	hdr->info = 0;
321	if (hdr->masked_status || hdr->host_status || hdr->driver_status)
322		hdr->info |= SG_INFO_CHECK;
323	hdr->resid = rq->data_len;
324	hdr->duration = ((jiffies - start_time) * 1000) / HZ;
325	hdr->sb_len_wr = 0;
326
327	if (rq->sense_len && hdr->sbp) {
328		int len = min((unsigned int) hdr->mx_sb_len, rq->sense_len);
329
330		if (!copy_to_user(hdr->sbp, rq->sense, len))
331			hdr->sb_len_wr = len;
332	}
333
334	if (blk_rq_unmap_user(bio, hdr->dxfer_len))
335		ret = -EFAULT;
336
337	/* may not have succeeded, but output values written to control
338	 * structure (struct sg_io_hdr).  */
339out:
340	blk_put_request(rq);
341	return ret;
342}
343
344#define OMAX_SB_LEN 16          /* For backward compatibility */
345
346static int sg_scsi_ioctl(struct file *file, request_queue_t *q,
347			 struct gendisk *bd_disk, Scsi_Ioctl_Command __user *sic)
348{
349	struct request *rq;
350	int err;
351	unsigned int in_len, out_len, bytes, opcode, cmdlen;
352	char *buffer = NULL, sense[SCSI_SENSE_BUFFERSIZE];
353
354	/*
355	 * get in an out lengths, verify they don't exceed a page worth of data
356	 */
357	if (get_user(in_len, &sic->inlen))
358		return -EFAULT;
359	if (get_user(out_len, &sic->outlen))
360		return -EFAULT;
361	if (in_len > PAGE_SIZE || out_len > PAGE_SIZE)
362		return -EINVAL;
363	if (get_user(opcode, sic->data))
364		return -EFAULT;
365
366	bytes = max(in_len, out_len);
367	if (bytes) {
368		buffer = kmalloc(bytes, q->bounce_gfp | GFP_USER| __GFP_NOWARN);
369		if (!buffer)
370			return -ENOMEM;
371
372		memset(buffer, 0, bytes);
373	}
374
375	rq = blk_get_request(q, in_len ? WRITE : READ, __GFP_WAIT);
376
377	cmdlen = COMMAND_SIZE(opcode);
378
379	/*
380	 * get command and data to send to device, if any
381	 */
382	err = -EFAULT;
383	rq->cmd_len = cmdlen;
384	if (copy_from_user(rq->cmd, sic->data, cmdlen))
385		goto error;
386
387	if (copy_from_user(buffer, sic->data + cmdlen, in_len))
388		goto error;
389
390	err = verify_command(file, rq->cmd);
391	if (err)
392		goto error;
393
394	switch (opcode) {
395		case SEND_DIAGNOSTIC:
396		case FORMAT_UNIT:
397			rq->timeout = FORMAT_UNIT_TIMEOUT;
398			break;
399		case START_STOP:
400			rq->timeout = START_STOP_TIMEOUT;
401			break;
402		case MOVE_MEDIUM:
403			rq->timeout = MOVE_MEDIUM_TIMEOUT;
404			break;
405		case READ_ELEMENT_STATUS:
406			rq->timeout = READ_ELEMENT_STATUS_TIMEOUT;
407			break;
408		case READ_DEFECT_DATA:
409			rq->timeout = READ_DEFECT_DATA_TIMEOUT;
410			break;
411		default:
412			rq->timeout = BLK_DEFAULT_TIMEOUT;
413			break;
414	}
415
416	memset(sense, 0, sizeof(sense));
417	rq->sense = sense;
418	rq->sense_len = 0;
419
420	rq->data = buffer;
421	rq->data_len = bytes;
422	rq->flags |= REQ_BLOCK_PC;
423
424	blk_execute_rq(q, bd_disk, rq, 0);
425	err = rq->errors & 0xff;	/* only 8 bit SCSI status */
426	if (err) {
427		if (rq->sense_len && rq->sense) {
428			bytes = (OMAX_SB_LEN > rq->sense_len) ?
429				rq->sense_len : OMAX_SB_LEN;
430			if (copy_to_user(sic->data, rq->sense, bytes))
431				err = -EFAULT;
432		}
433	} else {
434		if (copy_to_user(sic->data, buffer, out_len))
435			err = -EFAULT;
436	}
437	
438error:
439	kfree(buffer);
440	blk_put_request(rq);
441	return err;
442}
443
444int scsi_cmd_ioctl(struct file *file, struct gendisk *bd_disk, unsigned int cmd, void __user *arg)
445{
446	request_queue_t *q;
447	struct request *rq;
448	int close = 0, err;
449
450	q = bd_disk->queue;
451	if (!q)
452		return -ENXIO;
453
454	if (blk_get_queue(q))
455		return -ENXIO;
456
457	switch (cmd) {
458		/*
459		 * new sgv3 interface
460		 */
461		case SG_GET_VERSION_NUM:
462			err = sg_get_version(arg);
463			break;
464		case SCSI_IOCTL_GET_IDLUN:
465			err = scsi_get_idlun(q, arg);
466			break;
467		case SCSI_IOCTL_GET_BUS_NUMBER:
468			err = scsi_get_bus(q, arg);
469			break;
470		case SG_SET_TIMEOUT:
471			err = sg_set_timeout(q, arg);
472			break;
473		case SG_GET_TIMEOUT:
474			err = sg_get_timeout(q);
475			break;
476		case SG_GET_RESERVED_SIZE:
477			err = sg_get_reserved_size(q, arg);
478			break;
479		case SG_SET_RESERVED_SIZE:
480			err = sg_set_reserved_size(q, arg);
481			break;
482		case SG_EMULATED_HOST:
483			err = sg_emulated_host(q, arg);
484			break;
485		case SG_IO: {
486			struct sg_io_hdr hdr;
487
488			err = -EFAULT;
489			if (copy_from_user(&hdr, arg, sizeof(hdr)))
490				break;
491			err = sg_io(file, q, bd_disk, &hdr);
492			if (err == -EFAULT)
493				break;
494
495			if (copy_to_user(arg, &hdr, sizeof(hdr)))
496				err = -EFAULT;
497			break;
498		}
499		case CDROM_SEND_PACKET: {
500			struct cdrom_generic_command cgc;
501			struct sg_io_hdr hdr;
502
503			err = -EFAULT;
504			if (copy_from_user(&cgc, arg, sizeof(cgc)))
505				break;
506			cgc.timeout = clock_t_to_jiffies(cgc.timeout);
507			memset(&hdr, 0, sizeof(hdr));
508			hdr.interface_id = 'S';
509			hdr.cmd_len = sizeof(cgc.cmd);
510			hdr.dxfer_len = cgc.buflen;
511			err = 0;
512			switch (cgc.data_direction) {
513				case CGC_DATA_UNKNOWN:
514					hdr.dxfer_direction = SG_DXFER_UNKNOWN;
515					break;
516				case CGC_DATA_WRITE:
517					hdr.dxfer_direction = SG_DXFER_TO_DEV;
518					break;
519				case CGC_DATA_READ:
520					hdr.dxfer_direction = SG_DXFER_FROM_DEV;
521					break;
522				case CGC_DATA_NONE:
523					hdr.dxfer_direction = SG_DXFER_NONE;
524					break;
525				default:
526					err = -EINVAL;
527			}
528			if (err)
529				break;
530
531			hdr.dxferp = cgc.buffer;
532			hdr.sbp = cgc.sense;
533			if (hdr.sbp)
534				hdr.mx_sb_len = sizeof(struct request_sense);
535			hdr.timeout = cgc.timeout;
536			hdr.cmdp = ((struct cdrom_generic_command __user*) arg)->cmd;
537			hdr.cmd_len = sizeof(cgc.cmd);
538
539			err = sg_io(file, q, bd_disk, &hdr);
540			if (err == -EFAULT)
541				break;
542
543			if (hdr.status)
544				err = -EIO;
545
546			cgc.stat = err;
547			cgc.buflen = hdr.resid;
548			if (copy_to_user(arg, &cgc, sizeof(cgc)))
549				err = -EFAULT;
550
551			break;
552		}
553
554		/*
555		 * old junk scsi send command ioctl
556		 */
557		case SCSI_IOCTL_SEND_COMMAND:
558			printk(KERN_WARNING "program %s is using a deprecated SCSI ioctl, please convert it to SG_IO\n", current->comm);
559			err = -EINVAL;
560			if (!arg)
561				break;
562
563			err = sg_scsi_ioctl(file, q, bd_disk, arg);
564			break;
565		case CDROMCLOSETRAY:
566			close = 1;
567		case CDROMEJECT:
568			rq = blk_get_request(q, WRITE, __GFP_WAIT);
569			rq->flags |= REQ_BLOCK_PC;
570			rq->data = NULL;
571			rq->data_len = 0;
572			rq->timeout = BLK_DEFAULT_TIMEOUT;
573			memset(rq->cmd, 0, sizeof(rq->cmd));
574			rq->cmd[0] = GPCMD_START_STOP_UNIT;
575			rq->cmd[4] = 0x02 + (close != 0);
576			rq->cmd_len = 6;
577			err = blk_execute_rq(q, bd_disk, rq, 0);
578			blk_put_request(rq);
579			break;
580		default:
581			err = -ENOTTY;
582	}
583
584	blk_put_queue(q);
585	return err;
586}
587
588EXPORT_SYMBOL(scsi_cmd_ioctl);
Configure Feed

Configure Feed
