Line data Source code
1 : /*
2 : * Changes:
3 : * Arnaldo Carvalho de Melo <acme@conectiva.com.br> 08/23/2000
4 : * - get rid of some verify_areas and use __copy*user and __get/put_user
5 : * for the ones that remain
6 : */
7 : #include <linux/module.h>
8 : #include <linux/blkdev.h>
9 : #include <linux/interrupt.h>
10 : #include <linux/errno.h>
11 : #include <linux/kernel.h>
12 : #include <linux/sched.h>
13 : #include <linux/mm.h>
14 : #include <linux/string.h>
15 : #include <asm/uaccess.h>
16 :
17 : #include <scsi/scsi.h>
18 : #include <scsi/scsi_cmnd.h>
19 : #include <scsi/scsi_device.h>
20 : #include <scsi/scsi_eh.h>
21 : #include <scsi/scsi_host.h>
22 : #include <scsi/scsi_ioctl.h>
23 : #include <scsi/sg.h>
24 : #include <scsi/scsi_dbg.h>
25 :
26 : #include "scsi_logging.h"
27 :
28 : #define NORMAL_RETRIES 5
29 : #define IOCTL_NORMAL_TIMEOUT (10 * HZ)
30 :
31 : #define MAX_BUF PAGE_SIZE
32 :
33 : /**
34 : * ioctl_probe -- return host identification
35 : * @host: host to identify
36 : * @buffer: userspace buffer for identification
37 : *
38 : * Return an identifying string at @buffer, if @buffer is non-NULL, filling
39 : * to the length stored at * (int *) @buffer.
40 : */
41 : static int ioctl_probe(struct Scsi_Host *host, void __user *buffer)
42 : {
43 0 : unsigned int len, slen;
44 0 : const char *string;
45 0 :
46 0 : if (buffer) {
47 0 : if (get_user(len, (unsigned int __user *) buffer))
48 0 : return -EFAULT;
49 0 :
50 0 : if (host->hostt->info)
51 0 : string = host->hostt->info(host);
52 : else
53 0 : string = host->hostt->name;
54 0 : if (string) {
55 0 : slen = strlen(string);
56 0 : if (len > slen)
57 0 : len = slen + 1;
58 0 : if (copy_to_user(buffer, string, len))
59 0 : return -EFAULT;
60 : }
61 : }
62 0 : return 1;
63 : }
64 :
65 : /*
66 :
67 : * The SCSI_IOCTL_SEND_COMMAND ioctl sends a command out to the SCSI host.
68 : * The IOCTL_NORMAL_TIMEOUT and NORMAL_RETRIES variables are used.
69 : *
70 : * dev is the SCSI device struct ptr, *(int *) arg is the length of the
71 : * input data, if any, not including the command string & counts,
72 : * *((int *)arg + 1) is the output buffer size in bytes.
73 : *
74 : * *(char *) ((int *) arg)[2] the actual command byte.
75 : *
76 : * Note that if more than MAX_BUF bytes are requested to be transferred,
77 : * the ioctl will fail with error EINVAL.
78 : *
79 : * This size *does not* include the initial lengths that were passed.
80 : *
81 : * The SCSI command is read from the memory location immediately after the
82 : * length words, and the input data is right after the command. The SCSI
83 : * routines know the command size based on the opcode decode.
84 : *
85 : * The output area is then filled in starting from the command byte.
86 : */
87 :
88 : static int ioctl_internal_command(struct scsi_device *sdev, char *cmd,
89 : int timeout, int retries)
90 : {
91 0 : int result;
92 0 : struct scsi_sense_hdr sshdr;
93 0 :
94 0 : SCSI_LOG_IOCTL(1, printk("Trying ioctl with scsi command %d\n", *cmd));
95 0 :
96 0 : result = scsi_execute_req(sdev, cmd, DMA_NONE, NULL, 0,
97 : &sshdr, timeout, retries, NULL);
98 :
99 : SCSI_LOG_IOCTL(2, printk("Ioctl returned 0x%x\n", result));
100 :
101 0 : if ((driver_byte(result) & DRIVER_SENSE) &&
102 : (scsi_sense_valid(&sshdr))) {
103 : switch (sshdr.sense_key) {
104 0 : case ILLEGAL_REQUEST:
105 0 : if (cmd[0] == ALLOW_MEDIUM_REMOVAL)
106 0 : sdev->lockable = 0;
107 : else
108 0 : printk(KERN_INFO "ioctl_internal_command: "
109 : "ILLEGAL REQUEST asc=0x%x ascq=0x%x\n",
110 : sshdr.asc, sshdr.ascq);
111 0 : break;
112 0 : case NOT_READY: /* This happens if there is no disc in drive */
113 0 : if (sdev->removable)
114 0 : break;
115 0 : case UNIT_ATTENTION:
116 0 : if (sdev->removable) {
117 0 : sdev->changed = 1;
118 0 : result = 0; /* This is no longer considered an error */
119 0 : break;
120 : }
121 0 : default: /* Fall through for non-removable media */
122 0 : sdev_printk(KERN_INFO, sdev,
123 0 : "ioctl_internal_command return code = %x\n",
124 : result);
125 0 : scsi_print_sense_hdr(" ", &sshdr);
126 0 : break;
127 : }
128 : }
129 :
130 : SCSI_LOG_IOCTL(2, printk("IOCTL Releasing command\n"));
131 0 : return result;
132 : }
133 :
134 : int scsi_set_medium_removal(struct scsi_device *sdev, char state)
135 : {
136 0 : char scsi_cmd[MAX_COMMAND_SIZE];
137 0 : int ret;
138 :
139 0 : if (!sdev->removable || !sdev->lockable)
140 0 : return 0;
141 :
142 0 : scsi_cmd[0] = ALLOW_MEDIUM_REMOVAL;
143 0 : scsi_cmd[1] = 0;
144 0 : scsi_cmd[2] = 0;
145 0 : scsi_cmd[3] = 0;
146 0 : scsi_cmd[4] = state;
147 0 : scsi_cmd[5] = 0;
148 :
149 0 : ret = ioctl_internal_command(sdev, scsi_cmd,
150 : IOCTL_NORMAL_TIMEOUT, NORMAL_RETRIES);
151 0 : if (ret == 0)
152 0 : sdev->locked = (state == SCSI_REMOVAL_PREVENT);
153 0 : return ret;
154 : }
155 : EXPORT_SYMBOL(scsi_set_medium_removal);
156 :
157 : /*
158 : * The scsi_ioctl_get_pci() function places into arg the value
159 : * pci_dev::slot_name (8 characters) for the PCI device (if any).
160 : * Returns: 0 on success
161 : * -ENXIO if there isn't a PCI device pointer
162 : * (could be because the SCSI driver hasn't been
163 : * updated yet, or because it isn't a SCSI
164 : * device)
165 : * any copy_to_user() error on failure there
166 : */
167 : static int scsi_ioctl_get_pci(struct scsi_device *sdev, void __user *arg)
168 : {
169 0 : struct device *dev = scsi_get_device(sdev->host);
170 0 : const char *name;
171 0 :
172 0 : if (!dev)
173 0 : return -ENXIO;
174 0 :
175 0 : name = dev_name(dev);
176 :
177 : /* compatibility with old ioctl which only returned
178 : * 20 characters */
179 0 : return copy_to_user(arg, name, min(strlen(name), (size_t)20))
180 : ? -EFAULT: 0;
181 : }
182 :
183 :
184 : /**
185 : * scsi_ioctl - Dispatch ioctl to scsi device
186 : * @sdev: scsi device receiving ioctl
187 : * @cmd: which ioctl is it
188 : * @arg: data associated with ioctl
189 : *
190 : * Description: The scsi_ioctl() function differs from most ioctls in that it
191 : * does not take a major/minor number as the dev field. Rather, it takes
192 : * a pointer to a &struct scsi_device.
193 : */
194 : int scsi_ioctl(struct scsi_device *sdev, int cmd, void __user *arg)
195 : {
196 0 : char scsi_cmd[MAX_COMMAND_SIZE];
197 0 :
198 0 : /* No idea how this happens.... */
199 0 : if (!sdev)
200 0 : return -ENXIO;
201 0 :
202 0 : /*
203 0 : * If we are in the middle of error recovery, don't let anyone
204 0 : * else try and use this device. Also, if error recovery fails, it
205 0 : * may try and take the device offline, in which case all further
206 0 : * access to the device is prohibited.
207 0 : */
208 0 : if (!scsi_block_when_processing_errors(sdev))
209 0 : return -ENODEV;
210 0 :
211 0 : /* Check for deprecated ioctls ... all the ioctls which don't
212 0 : * follow the new unique numbering scheme are deprecated */
213 0 : switch (cmd) {
214 0 : case SCSI_IOCTL_SEND_COMMAND:
215 0 : case SCSI_IOCTL_TEST_UNIT_READY:
216 0 : case SCSI_IOCTL_BENCHMARK_COMMAND:
217 0 : case SCSI_IOCTL_SYNC:
218 0 : case SCSI_IOCTL_START_UNIT:
219 0 : case SCSI_IOCTL_STOP_UNIT:
220 0 : printk(KERN_WARNING "program %s is using a deprecated SCSI "
221 : "ioctl, please convert it to SG_IO\n", current->comm);
222 0 : break;
223 0 : default:
224 0 : break;
225 0 : }
226 0 :
227 0 : switch (cmd) {
228 0 : case SCSI_IOCTL_GET_IDLUN:
229 0 : if (!access_ok(VERIFY_WRITE, arg, sizeof(struct scsi_idlun)))
230 0 : return -EFAULT;
231 :
232 0 : __put_user((sdev->id & 0xff)
233 0 : + ((sdev->lun & 0xff) << 8)
234 : + ((sdev->channel & 0xff) << 16)
235 : + ((sdev->host->host_no & 0xff) << 24),
236 : &((struct scsi_idlun __user *)arg)->dev_id);
237 0 : __put_user(sdev->host->unique_id,
238 0 : &((struct scsi_idlun __user *)arg)->host_unique_id);
239 0 : return 0;
240 0 : case SCSI_IOCTL_GET_BUS_NUMBER:
241 0 : return put_user(sdev->host->host_no, (int __user *)arg);
242 0 : case SCSI_IOCTL_PROBE_HOST:
243 0 : return ioctl_probe(sdev->host, arg);
244 0 : case SCSI_IOCTL_SEND_COMMAND:
245 0 : if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
246 0 : return -EACCES;
247 0 : return sg_scsi_ioctl(sdev->request_queue, NULL, 0, arg);
248 0 : case SCSI_IOCTL_DOORLOCK:
249 0 : return scsi_set_medium_removal(sdev, SCSI_REMOVAL_PREVENT);
250 0 : case SCSI_IOCTL_DOORUNLOCK:
251 0 : return scsi_set_medium_removal(sdev, SCSI_REMOVAL_ALLOW);
252 0 : case SCSI_IOCTL_TEST_UNIT_READY:
253 0 : return scsi_test_unit_ready(sdev, IOCTL_NORMAL_TIMEOUT,
254 0 : NORMAL_RETRIES, NULL);
255 0 : case SCSI_IOCTL_START_UNIT:
256 0 : scsi_cmd[0] = START_STOP;
257 0 : scsi_cmd[1] = 0;
258 0 : scsi_cmd[2] = scsi_cmd[3] = scsi_cmd[5] = 0;
259 0 : scsi_cmd[4] = 1;
260 0 : return ioctl_internal_command(sdev, scsi_cmd,
261 0 : START_STOP_TIMEOUT, NORMAL_RETRIES);
262 0 : case SCSI_IOCTL_STOP_UNIT:
263 0 : scsi_cmd[0] = START_STOP;
264 0 : scsi_cmd[1] = 0;
265 0 : scsi_cmd[2] = scsi_cmd[3] = scsi_cmd[5] = 0;
266 0 : scsi_cmd[4] = 0;
267 0 : return ioctl_internal_command(sdev, scsi_cmd,
268 0 : START_STOP_TIMEOUT, NORMAL_RETRIES);
269 0 : case SCSI_IOCTL_GET_PCI:
270 0 : return scsi_ioctl_get_pci(sdev, arg);
271 0 : default:
272 0 : if (sdev->host->hostt->ioctl)
273 0 : return sdev->host->hostt->ioctl(sdev, cmd, arg);
274 : }
275 0 : return -EINVAL;
276 : }
277 0 : EXPORT_SYMBOL(scsi_ioctl);
278 :
279 : /**
280 : * scsi_nonblockable_ioctl() - Handle SG_SCSI_RESET
281 : * @sdev: scsi device receiving ioctl
282 : * @cmd: Must be SC_SCSI_RESET
283 : * @arg: pointer to int containing SG_SCSI_RESET_{DEVICE,BUS,HOST}
284 : * @ndelay: file mode O_NDELAY flag
285 : */
286 : int scsi_nonblockable_ioctl(struct scsi_device *sdev, int cmd,
287 : void __user *arg, int ndelay)
288 0 : {
289 0 : int val, result;
290 0 :
291 0 : /* The first set of iocts may be executed even if we're doing
292 0 : * error processing, as long as the device was opened
293 0 : * non-blocking */
294 0 : if (ndelay) {
295 0 : if (scsi_host_in_recovery(sdev->host))
296 0 : return -ENODEV;
297 0 : } else if (!scsi_block_when_processing_errors(sdev))
298 0 : return -ENODEV;
299 :
300 0 : switch (cmd) {
301 0 : case SG_SCSI_RESET:
302 0 : result = get_user(val, (int __user *)arg);
303 0 : if (result)
304 0 : return result;
305 0 : if (val == SG_SCSI_RESET_NOTHING)
306 0 : return 0;
307 : switch (val) {
308 0 : case SG_SCSI_RESET_DEVICE:
309 0 : val = SCSI_TRY_RESET_DEVICE;
310 0 : break;
311 0 : case SG_SCSI_RESET_TARGET:
312 0 : val = SCSI_TRY_RESET_TARGET;
313 0 : break;
314 0 : case SG_SCSI_RESET_BUS:
315 0 : val = SCSI_TRY_RESET_BUS;
316 0 : break;
317 0 : case SG_SCSI_RESET_HOST:
318 0 : val = SCSI_TRY_RESET_HOST;
319 0 : break;
320 0 : default:
321 0 : return -EINVAL;
322 : }
323 0 : if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
324 0 : return -EACCES;
325 0 : return (scsi_reset_provider(sdev, val) ==
326 0 : SUCCESS) ? 0 : -EIO;
327 : }
328 0 : return -ENODEV;
329 : }
330 : EXPORT_SYMBOL(scsi_nonblockable_ioctl);
|