[PATCH] Fix filp being passed through raw ioctl handler
[linux-2.6/verdex.git] / drivers / scsi / sr_ioctl.c
blob82d68fdb15484520abd80d1aa603d2395a86ad6b
1 #include <linux/kernel.h>
2 #include <linux/sched.h>
3 #include <linux/mm.h>
4 #include <linux/fs.h>
5 #include <linux/errno.h>
6 #include <linux/string.h>
7 #include <linux/blkdev.h>
8 #include <linux/blkpg.h>
9 #include <linux/cdrom.h>
10 #include <linux/delay.h>
11 #include <asm/io.h>
12 #include <asm/uaccess.h>
14 #include <scsi/scsi.h>
15 #include <scsi/scsi_dbg.h>
16 #include <scsi/scsi_device.h>
17 #include <scsi/scsi_eh.h>
18 #include <scsi/scsi_host.h>
19 #include <scsi/scsi_ioctl.h>
20 #include <scsi/scsi_request.h>
22 #include "sr.h"
24 #if 0
25 #define DEBUG
26 #endif
28 /* The sr_is_xa() seems to trigger firmware bugs with some drives :-(
29 * It is off by default and can be turned on with this module parameter */
30 static int xa_test = 0;
32 module_param(xa_test, int, S_IRUGO | S_IWUSR);
35 #define IOCTL_RETRIES 3
37 /* ATAPI drives don't have a SCMD_PLAYAUDIO_TI command. When these drives
38 are emulating a SCSI device via the idescsi module, they need to have
39 CDROMPLAYTRKIND commands translated into CDROMPLAYMSF commands for them */
41 static int sr_fake_playtrkind(struct cdrom_device_info *cdi, struct cdrom_ti *ti)
43 struct cdrom_tocentry trk0_te, trk1_te;
44 struct cdrom_tochdr tochdr;
45 struct packet_command cgc;
46 int ntracks, ret;
48 if ((ret = sr_audio_ioctl(cdi, CDROMREADTOCHDR, &tochdr)))
49 return ret;
51 ntracks = tochdr.cdth_trk1 - tochdr.cdth_trk0 + 1;
53 if (ti->cdti_trk1 == ntracks)
54 ti->cdti_trk1 = CDROM_LEADOUT;
55 else if (ti->cdti_trk1 != CDROM_LEADOUT)
56 ti->cdti_trk1 ++;
58 trk0_te.cdte_track = ti->cdti_trk0;
59 trk0_te.cdte_format = CDROM_MSF;
60 trk1_te.cdte_track = ti->cdti_trk1;
61 trk1_te.cdte_format = CDROM_MSF;
63 if ((ret = sr_audio_ioctl(cdi, CDROMREADTOCENTRY, &trk0_te)))
64 return ret;
65 if ((ret = sr_audio_ioctl(cdi, CDROMREADTOCENTRY, &trk1_te)))
66 return ret;
68 memset(&cgc, 0, sizeof(struct packet_command));
69 cgc.cmd[0] = GPCMD_PLAY_AUDIO_MSF;
70 cgc.cmd[3] = trk0_te.cdte_addr.msf.minute;
71 cgc.cmd[4] = trk0_te.cdte_addr.msf.second;
72 cgc.cmd[5] = trk0_te.cdte_addr.msf.frame;
73 cgc.cmd[6] = trk1_te.cdte_addr.msf.minute;
74 cgc.cmd[7] = trk1_te.cdte_addr.msf.second;
75 cgc.cmd[8] = trk1_te.cdte_addr.msf.frame;
76 cgc.data_direction = DMA_NONE;
77 cgc.timeout = IOCTL_TIMEOUT;
78 return sr_do_ioctl(cdi->handle, &cgc);
81 /* We do our own retries because we want to know what the specific
82 error code is. Normally the UNIT_ATTENTION code will automatically
83 clear after one error */
85 int sr_do_ioctl(Scsi_CD *cd, struct packet_command *cgc)
87 struct scsi_request *SRpnt;
88 struct scsi_device *SDev;
89 struct request *req;
90 int result, err = 0, retries = 0;
92 SDev = cd->device;
93 SRpnt = scsi_allocate_request(SDev, GFP_KERNEL);
94 if (!SRpnt) {
95 printk(KERN_ERR "Unable to allocate SCSI request in sr_do_ioctl");
96 err = -ENOMEM;
97 goto out;
99 SRpnt->sr_data_direction = cgc->data_direction;
101 retry:
102 if (!scsi_block_when_processing_errors(SDev)) {
103 err = -ENODEV;
104 goto out_free;
107 scsi_wait_req(SRpnt, cgc->cmd, cgc->buffer, cgc->buflen,
108 cgc->timeout, IOCTL_RETRIES);
110 req = SRpnt->sr_request;
111 if (SRpnt->sr_buffer && req->buffer && SRpnt->sr_buffer != req->buffer) {
112 memcpy(req->buffer, SRpnt->sr_buffer, SRpnt->sr_bufflen);
113 kfree(SRpnt->sr_buffer);
114 SRpnt->sr_buffer = req->buffer;
117 result = SRpnt->sr_result;
119 /* Minimal error checking. Ignore cases we know about, and report the rest. */
120 if (driver_byte(result) != 0) {
121 switch (SRpnt->sr_sense_buffer[2] & 0xf) {
122 case UNIT_ATTENTION:
123 SDev->changed = 1;
124 if (!cgc->quiet)
125 printk(KERN_INFO "%s: disc change detected.\n", cd->cdi.name);
126 if (retries++ < 10)
127 goto retry;
128 err = -ENOMEDIUM;
129 break;
130 case NOT_READY: /* This happens if there is no disc in drive */
131 if (SRpnt->sr_sense_buffer[12] == 0x04 &&
132 SRpnt->sr_sense_buffer[13] == 0x01) {
133 /* sense: Logical unit is in process of becoming ready */
134 if (!cgc->quiet)
135 printk(KERN_INFO "%s: CDROM not ready yet.\n", cd->cdi.name);
136 if (retries++ < 10) {
137 /* sleep 2 sec and try again */
138 ssleep(2);
139 goto retry;
140 } else {
141 /* 20 secs are enough? */
142 err = -ENOMEDIUM;
143 break;
146 if (!cgc->quiet)
147 printk(KERN_INFO "%s: CDROM not ready. Make sure there is a disc in the drive.\n", cd->cdi.name);
148 #ifdef DEBUG
149 scsi_print_req_sense("sr", SRpnt);
150 #endif
151 err = -ENOMEDIUM;
152 break;
153 case ILLEGAL_REQUEST:
154 err = -EIO;
155 if (SRpnt->sr_sense_buffer[12] == 0x20 &&
156 SRpnt->sr_sense_buffer[13] == 0x00)
157 /* sense: Invalid command operation code */
158 err = -EDRIVE_CANT_DO_THIS;
159 #ifdef DEBUG
160 __scsi_print_command(cgc->cmd);
161 scsi_print_req_sense("sr", SRpnt);
162 #endif
163 break;
164 default:
165 printk(KERN_ERR "%s: CDROM (ioctl) error, command: ", cd->cdi.name);
166 __scsi_print_command(cgc->cmd);
167 scsi_print_req_sense("sr", SRpnt);
168 err = -EIO;
172 if (cgc->sense)
173 memcpy(cgc->sense, SRpnt->sr_sense_buffer, sizeof(*cgc->sense));
175 /* Wake up a process waiting for device */
176 out_free:
177 scsi_release_request(SRpnt);
178 SRpnt = NULL;
179 out:
180 cgc->stat = err;
181 return err;
184 /* ---------------------------------------------------------------------- */
185 /* interface to cdrom.c */
187 static int test_unit_ready(Scsi_CD *cd)
189 struct packet_command cgc;
191 memset(&cgc, 0, sizeof(struct packet_command));
192 cgc.cmd[0] = GPCMD_TEST_UNIT_READY;
193 cgc.quiet = 1;
194 cgc.data_direction = DMA_NONE;
195 cgc.timeout = IOCTL_TIMEOUT;
196 return sr_do_ioctl(cd, &cgc);
199 int sr_tray_move(struct cdrom_device_info *cdi, int pos)
201 Scsi_CD *cd = cdi->handle;
202 struct packet_command cgc;
204 memset(&cgc, 0, sizeof(struct packet_command));
205 cgc.cmd[0] = GPCMD_START_STOP_UNIT;
206 cgc.cmd[4] = (pos == 0) ? 0x03 /* close */ : 0x02 /* eject */ ;
207 cgc.data_direction = DMA_NONE;
208 cgc.timeout = IOCTL_TIMEOUT;
209 return sr_do_ioctl(cd, &cgc);
212 int sr_lock_door(struct cdrom_device_info *cdi, int lock)
214 Scsi_CD *cd = cdi->handle;
216 return scsi_set_medium_removal(cd->device, lock ?
217 SCSI_REMOVAL_PREVENT : SCSI_REMOVAL_ALLOW);
220 int sr_drive_status(struct cdrom_device_info *cdi, int slot)
222 if (CDSL_CURRENT != slot) {
223 /* we have no changer support */
224 return -EINVAL;
226 if (0 == test_unit_ready(cdi->handle))
227 return CDS_DISC_OK;
229 return CDS_TRAY_OPEN;
232 int sr_disk_status(struct cdrom_device_info *cdi)
234 Scsi_CD *cd = cdi->handle;
235 struct cdrom_tochdr toc_h;
236 struct cdrom_tocentry toc_e;
237 int i, rc, have_datatracks = 0;
239 /* look for data tracks */
240 if (0 != (rc = sr_audio_ioctl(cdi, CDROMREADTOCHDR, &toc_h)))
241 return (rc == -ENOMEDIUM) ? CDS_NO_DISC : CDS_NO_INFO;
243 for (i = toc_h.cdth_trk0; i <= toc_h.cdth_trk1; i++) {
244 toc_e.cdte_track = i;
245 toc_e.cdte_format = CDROM_LBA;
246 if (sr_audio_ioctl(cdi, CDROMREADTOCENTRY, &toc_e))
247 return CDS_NO_INFO;
248 if (toc_e.cdte_ctrl & CDROM_DATA_TRACK) {
249 have_datatracks = 1;
250 break;
253 if (!have_datatracks)
254 return CDS_AUDIO;
256 if (cd->xa_flag)
257 return CDS_XA_2_1;
258 else
259 return CDS_DATA_1;
262 int sr_get_last_session(struct cdrom_device_info *cdi,
263 struct cdrom_multisession *ms_info)
265 Scsi_CD *cd = cdi->handle;
267 ms_info->addr.lba = cd->ms_offset;
268 ms_info->xa_flag = cd->xa_flag || cd->ms_offset > 0;
270 return 0;
273 /* primitive to determine whether we need to have GFP_DMA set based on
274 * the status of the unchecked_isa_dma flag in the host structure */
275 #define SR_GFP_DMA(cd) (((cd)->device->host->unchecked_isa_dma) ? GFP_DMA : 0)
277 int sr_get_mcn(struct cdrom_device_info *cdi, struct cdrom_mcn *mcn)
279 Scsi_CD *cd = cdi->handle;
280 struct packet_command cgc;
281 char *buffer = kmalloc(32, GFP_KERNEL | SR_GFP_DMA(cd));
282 int result;
284 if (!buffer)
285 return -ENOMEM;
287 memset(&cgc, 0, sizeof(struct packet_command));
288 cgc.cmd[0] = GPCMD_READ_SUBCHANNEL;
289 cgc.cmd[2] = 0x40; /* I do want the subchannel info */
290 cgc.cmd[3] = 0x02; /* Give me medium catalog number info */
291 cgc.cmd[8] = 24;
292 cgc.buffer = buffer;
293 cgc.buflen = 24;
294 cgc.data_direction = DMA_FROM_DEVICE;
295 cgc.timeout = IOCTL_TIMEOUT;
296 result = sr_do_ioctl(cd, &cgc);
298 memcpy(mcn->medium_catalog_number, buffer + 9, 13);
299 mcn->medium_catalog_number[13] = 0;
301 kfree(buffer);
302 return result;
305 int sr_reset(struct cdrom_device_info *cdi)
307 return 0;
310 int sr_select_speed(struct cdrom_device_info *cdi, int speed)
312 Scsi_CD *cd = cdi->handle;
313 struct packet_command cgc;
315 if (speed == 0)
316 speed = 0xffff; /* set to max */
317 else
318 speed *= 177; /* Nx to kbyte/s */
320 memset(&cgc, 0, sizeof(struct packet_command));
321 cgc.cmd[0] = GPCMD_SET_SPEED; /* SET CD SPEED */
322 cgc.cmd[2] = (speed >> 8) & 0xff; /* MSB for speed (in kbytes/sec) */
323 cgc.cmd[3] = speed & 0xff; /* LSB */
324 cgc.data_direction = DMA_NONE;
325 cgc.timeout = IOCTL_TIMEOUT;
327 if (sr_do_ioctl(cd, &cgc))
328 return -EIO;
329 return 0;
332 /* ----------------------------------------------------------------------- */
333 /* this is called by the generic cdrom driver. arg is a _kernel_ pointer, */
334 /* because the generic cdrom driver does the user access stuff for us. */
335 /* only cdromreadtochdr and cdromreadtocentry are left - for use with the */
336 /* sr_disk_status interface for the generic cdrom driver. */
338 int sr_audio_ioctl(struct cdrom_device_info *cdi, unsigned int cmd, void *arg)
340 Scsi_CD *cd = cdi->handle;
341 struct packet_command cgc;
342 int result;
343 unsigned char *buffer = kmalloc(32, GFP_KERNEL | SR_GFP_DMA(cd));
345 if (!buffer)
346 return -ENOMEM;
348 memset(&cgc, 0, sizeof(struct packet_command));
349 cgc.timeout = IOCTL_TIMEOUT;
351 switch (cmd) {
352 case CDROMREADTOCHDR:
354 struct cdrom_tochdr *tochdr = (struct cdrom_tochdr *) arg;
356 cgc.cmd[0] = GPCMD_READ_TOC_PMA_ATIP;
357 cgc.cmd[8] = 12; /* LSB of length */
358 cgc.buffer = buffer;
359 cgc.buflen = 12;
360 cgc.quiet = 1;
361 cgc.data_direction = DMA_FROM_DEVICE;
363 result = sr_do_ioctl(cd, &cgc);
365 tochdr->cdth_trk0 = buffer[2];
366 tochdr->cdth_trk1 = buffer[3];
368 break;
371 case CDROMREADTOCENTRY:
373 struct cdrom_tocentry *tocentry = (struct cdrom_tocentry *) arg;
375 cgc.cmd[0] = GPCMD_READ_TOC_PMA_ATIP;
376 cgc.cmd[1] |= (tocentry->cdte_format == CDROM_MSF) ? 0x02 : 0;
377 cgc.cmd[6] = tocentry->cdte_track;
378 cgc.cmd[8] = 12; /* LSB of length */
379 cgc.buffer = buffer;
380 cgc.buflen = 12;
381 cgc.data_direction = DMA_FROM_DEVICE;
383 result = sr_do_ioctl(cd, &cgc);
385 tocentry->cdte_ctrl = buffer[5] & 0xf;
386 tocentry->cdte_adr = buffer[5] >> 4;
387 tocentry->cdte_datamode = (tocentry->cdte_ctrl & 0x04) ? 1 : 0;
388 if (tocentry->cdte_format == CDROM_MSF) {
389 tocentry->cdte_addr.msf.minute = buffer[9];
390 tocentry->cdte_addr.msf.second = buffer[10];
391 tocentry->cdte_addr.msf.frame = buffer[11];
392 } else
393 tocentry->cdte_addr.lba = (((((buffer[8] << 8) + buffer[9]) << 8)
394 + buffer[10]) << 8) + buffer[11];
396 break;
399 case CDROMPLAYTRKIND: {
400 struct cdrom_ti* ti = (struct cdrom_ti*)arg;
402 cgc.cmd[0] = GPCMD_PLAYAUDIO_TI;
403 cgc.cmd[4] = ti->cdti_trk0;
404 cgc.cmd[5] = ti->cdti_ind0;
405 cgc.cmd[7] = ti->cdti_trk1;
406 cgc.cmd[8] = ti->cdti_ind1;
407 cgc.data_direction = DMA_NONE;
409 result = sr_do_ioctl(cd, &cgc);
410 if (result == -EDRIVE_CANT_DO_THIS)
411 result = sr_fake_playtrkind(cdi, ti);
413 break;
416 default:
417 result = -EINVAL;
420 #if 0
421 if (result)
422 printk("DEBUG: sr_audio: result for ioctl %x: %x\n", cmd, result);
423 #endif
425 kfree(buffer);
426 return result;
429 /* -----------------------------------------------------------------------
430 * a function to read all sorts of funny cdrom sectors using the READ_CD
431 * scsi-3 mmc command
433 * lba: linear block address
434 * format: 0 = data (anything)
435 * 1 = audio
436 * 2 = data (mode 1)
437 * 3 = data (mode 2)
438 * 4 = data (mode 2 form1)
439 * 5 = data (mode 2 form2)
440 * blksize: 2048 | 2336 | 2340 | 2352
443 static int sr_read_cd(Scsi_CD *cd, unsigned char *dest, int lba, int format, int blksize)
445 struct packet_command cgc;
447 #ifdef DEBUG
448 printk("%s: sr_read_cd lba=%d format=%d blksize=%d\n",
449 cd->cdi.name, lba, format, blksize);
450 #endif
452 memset(&cgc, 0, sizeof(struct packet_command));
453 cgc.cmd[0] = GPCMD_READ_CD; /* READ_CD */
454 cgc.cmd[1] = ((format & 7) << 2);
455 cgc.cmd[2] = (unsigned char) (lba >> 24) & 0xff;
456 cgc.cmd[3] = (unsigned char) (lba >> 16) & 0xff;
457 cgc.cmd[4] = (unsigned char) (lba >> 8) & 0xff;
458 cgc.cmd[5] = (unsigned char) lba & 0xff;
459 cgc.cmd[8] = 1;
460 switch (blksize) {
461 case 2336:
462 cgc.cmd[9] = 0x58;
463 break;
464 case 2340:
465 cgc.cmd[9] = 0x78;
466 break;
467 case 2352:
468 cgc.cmd[9] = 0xf8;
469 break;
470 default:
471 cgc.cmd[9] = 0x10;
472 break;
474 cgc.buffer = dest;
475 cgc.buflen = blksize;
476 cgc.data_direction = DMA_FROM_DEVICE;
477 cgc.timeout = IOCTL_TIMEOUT;
478 return sr_do_ioctl(cd, &cgc);
482 * read sectors with blocksizes other than 2048
485 static int sr_read_sector(Scsi_CD *cd, int lba, int blksize, unsigned char *dest)
487 struct packet_command cgc;
488 int rc;
490 /* we try the READ CD command first... */
491 if (cd->readcd_known) {
492 rc = sr_read_cd(cd, dest, lba, 0, blksize);
493 if (-EDRIVE_CANT_DO_THIS != rc)
494 return rc;
495 cd->readcd_known = 0;
496 printk("CDROM does'nt support READ CD (0xbe) command\n");
497 /* fall & retry the other way */
499 /* ... if this fails, we switch the blocksize using MODE SELECT */
500 if (blksize != cd->device->sector_size) {
501 if (0 != (rc = sr_set_blocklength(cd, blksize)))
502 return rc;
504 #ifdef DEBUG
505 printk("%s: sr_read_sector lba=%d blksize=%d\n", cd->cdi.name, lba, blksize);
506 #endif
508 memset(&cgc, 0, sizeof(struct packet_command));
509 cgc.cmd[0] = GPCMD_READ_10;
510 cgc.cmd[2] = (unsigned char) (lba >> 24) & 0xff;
511 cgc.cmd[3] = (unsigned char) (lba >> 16) & 0xff;
512 cgc.cmd[4] = (unsigned char) (lba >> 8) & 0xff;
513 cgc.cmd[5] = (unsigned char) lba & 0xff;
514 cgc.cmd[8] = 1;
515 cgc.buffer = dest;
516 cgc.buflen = blksize;
517 cgc.data_direction = DMA_FROM_DEVICE;
518 cgc.timeout = IOCTL_TIMEOUT;
519 rc = sr_do_ioctl(cd, &cgc);
521 return rc;
525 * read a sector in raw mode to check the sector format
526 * ret: 1 == mode2 (XA), 0 == mode1, <0 == error
529 int sr_is_xa(Scsi_CD *cd)
531 unsigned char *raw_sector;
532 int is_xa;
534 if (!xa_test)
535 return 0;
537 raw_sector = (unsigned char *) kmalloc(2048, GFP_KERNEL | SR_GFP_DMA(cd));
538 if (!raw_sector)
539 return -ENOMEM;
540 if (0 == sr_read_sector(cd, cd->ms_offset + 16,
541 CD_FRAMESIZE_RAW1, raw_sector)) {
542 is_xa = (raw_sector[3] == 0x02) ? 1 : 0;
543 } else {
544 /* read a raw sector failed for some reason. */
545 is_xa = -1;
547 kfree(raw_sector);
548 #ifdef DEBUG
549 printk("%s: sr_is_xa: %d\n", cd->cdi.name, is_xa);
550 #endif
551 return is_xa;
554 int sr_dev_ioctl(struct cdrom_device_info *cdi,
555 unsigned int cmd, unsigned long arg)
557 Scsi_CD *cd = cdi->handle;
558 int ret;
560 ret = scsi_nonblockable_ioctl(cd->device, cmd,
561 (void __user *)arg, NULL);
563 * ENODEV means that we didn't recognise the ioctl, or that we
564 * cannot execute it in the current device state. In either
565 * case fall through to scsi_ioctl, which will return ENDOEV again
566 * if it doesn't recognise the ioctl
568 if (ret != -ENODEV)
569 return ret;
570 return scsi_ioctl(cd->device, cmd, (void __user *)arg);