[linux.git] / block / cmd-filter.c

/*
 * Copyright 2004 Peter M. Jones <[email protected]>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public Licens
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-
 *
 */

#include <linux/list.h>
#include <linux/genhd.h>
#include <linux/spinlock.h>
#include <linux/capability.h>
#include <linux/bitops.h>

#include <scsi/scsi.h>
#include <linux/cdrom.h>

int blk_verify_command(struct blk_cmd_filter *filter,
		       unsigned char *cmd, fmode_t has_write_perm)
{
	/* root can do any command. */
	if (capable(CAP_SYS_RAWIO))
		return 0;

	/* if there's no filter set, assume we're filtering everything out */
	if (!filter)
		return -EPERM;

	/* Anybody who can open the device can do a read-safe command */
	if (test_bit(cmd[0], filter->read_ok))
		return 0;

	/* Write-safe commands require a writable open */
	if (test_bit(cmd[0], filter->write_ok) && has_write_perm)
		return 0;

	return -EPERM;
}
EXPORT_SYMBOL(blk_verify_command);

#if 0
/* and now, the sysfs stuff */
static ssize_t rcf_cmds_show(struct blk_cmd_filter *filter, char *page,
			     int rw)
{
	char *npage = page;
	unsigned long *okbits;
	int i;

	if (rw == READ)
		okbits = filter->read_ok;
	else
		okbits = filter->write_ok;

	for (i = 0; i < BLK_SCSI_MAX_CMDS; i++) {
		if (test_bit(i, okbits)) {
			npage += sprintf(npage, "0x%02x", i);
			if (i < BLK_SCSI_MAX_CMDS - 1)
				sprintf(npage++, " ");
		}
	}

	if (npage != page)
		npage += sprintf(npage, "\n");

	return npage - page;
}

static ssize_t rcf_readcmds_show(struct blk_cmd_filter *filter, char *page)
{
	return rcf_cmds_show(filter, page, READ);
}

static ssize_t rcf_writecmds_show(struct blk_cmd_filter *filter,
				 char *page)
{
	return rcf_cmds_show(filter, page, WRITE);
}

static ssize_t rcf_cmds_store(struct blk_cmd_filter *filter,
			      const char *page, size_t count, int rw)
{
	unsigned long okbits[BLK_SCSI_CMD_PER_LONG], *target_okbits;
	int cmd, set;
	char *p, *status;

	if (rw == READ) {
		memcpy(&okbits, filter->read_ok, sizeof(okbits));
		target_okbits = filter->read_ok;
	} else {
		memcpy(&okbits, filter->write_ok, sizeof(okbits));
		target_okbits = filter->write_ok;
	}

	while ((p = strsep((char **)&page, " ")) != NULL) {
		set = 1;

		if (p[0] == '+') {
			p++;
		} else if (p[0] == '-') {
			set = 0;
			p++;
		}

		cmd = simple_strtol(p, &status, 16);

		/* either of these cases means invalid input, so do nothing. */
		if ((status == p) || cmd >= BLK_SCSI_MAX_CMDS)
			return -EINVAL;

		if (set)
			__set_bit(cmd, okbits);
		else
			__clear_bit(cmd, okbits);
	}

	memcpy(target_okbits, okbits, sizeof(okbits));
	return count;
}

static ssize_t rcf_readcmds_store(struct blk_cmd_filter *filter,
				  const char *page, size_t count)
{
	return rcf_cmds_store(filter, page, count, READ);
}

static ssize_t rcf_writecmds_store(struct blk_cmd_filter *filter,
				   const char *page, size_t count)
{
	return rcf_cmds_store(filter, page, count, WRITE);
}

struct rcf_sysfs_entry {
	struct attribute attr;
	ssize_t (*show)(struct blk_cmd_filter *, char *);
	ssize_t (*store)(struct blk_cmd_filter *, const char *, size_t);
};

static struct rcf_sysfs_entry rcf_readcmds_entry = {
	.attr = { .name = "read_table", .mode = S_IRUGO | S_IWUSR },
	.show = rcf_readcmds_show,
	.store = rcf_readcmds_store,
};

static struct rcf_sysfs_entry rcf_writecmds_entry = {
	.attr = {.name = "write_table", .mode = S_IRUGO | S_IWUSR },
	.show = rcf_writecmds_show,
	.store = rcf_writecmds_store,
};

static struct attribute *default_attrs[] = {
	&rcf_readcmds_entry.attr,
	&rcf_writecmds_entry.attr,
	NULL,
};

#define to_rcf(atr) container_of((atr), struct rcf_sysfs_entry, attr)

static ssize_t
rcf_attr_show(struct kobject *kobj, struct attribute *attr, char *page)
{
	struct rcf_sysfs_entry *entry = to_rcf(attr);
	struct blk_cmd_filter *filter;

	filter = container_of(kobj, struct blk_cmd_filter, kobj);
	if (entry->show)
		return entry->show(filter, page);

	return 0;
}

static ssize_t
rcf_attr_store(struct kobject *kobj, struct attribute *attr,
			const char *page, size_t length)
{
	struct rcf_sysfs_entry *entry = to_rcf(attr);
	struct blk_cmd_filter *filter;

	if (!capable(CAP_SYS_RAWIO))
		return -EPERM;

	if (!entry->store)
		return -EINVAL;

	filter = container_of(kobj, struct blk_cmd_filter, kobj);
	return entry->store(filter, page, length);
}

static struct sysfs_ops rcf_sysfs_ops = {
	.show = rcf_attr_show,
	.store = rcf_attr_store,
};

static struct kobj_type rcf_ktype = {
	.sysfs_ops = &rcf_sysfs_ops,
	.default_attrs = default_attrs,
};

int blk_register_filter(struct gendisk *disk)
{
	int ret;
	struct blk_cmd_filter *filter = &disk->queue->cmd_filter;

	ret = kobject_init_and_add(&filter->kobj, &rcf_ktype,
				   &disk_to_dev(disk)->kobj,
				   "%s", "cmd_filter");
	if (ret < 0)
		return ret;

	return 0;
}
EXPORT_SYMBOL(blk_register_filter);

void blk_unregister_filter(struct gendisk *disk)
{
	struct blk_cmd_filter *filter = &disk->queue->cmd_filter;

	kobject_put(&filter->kobj);
}
EXPORT_SYMBOL(blk_unregister_filter);
#endif
Commit	Line	Data
0b07de85 AG	1	/*
	2	* Copyright 2004 Peter M. Jones <[email protected]>
	3	*
	4	* This program is free software; you can redistribute it and/or modify
	5	* it under the terms of the GNU General Public License version 2 as
	6	* published by the Free Software Foundation.
	7	*
	8	* This program is distributed in the hope that it will be useful,
	9	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	10	*
	11	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	* GNU General Public License for more details.
	13	*
	14	* You should have received a copy of the GNU General Public Licens
	15	* along with this program; if not, write to the Free Software
	16	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-
	17	*
	18	*/
	19
	20	#include <linux/list.h>
	21	#include <linux/genhd.h>
	22	#include <linux/spinlock.h>
0b07de85 AG	23	#include <linux/capability.h>
	24	#include <linux/bitops.h>
	25
	26	#include <scsi/scsi.h>
	27	#include <linux/cdrom.h>
	28
4beab5c6	29	int blk_verify_command(struct blk_cmd_filter *filter,
aeb5d727	30	unsigned char *cmd, fmode_t has_write_perm)
0b07de85 AG	31	{
	32	/* root can do any command. */
	33	if (capable(CAP_SYS_RAWIO))
	34	return 0;
	35
	36	/* if there's no filter set, assume we're filtering everything out */
	37	if (!filter)
	38	return -EPERM;
	39
	40	/* Anybody who can open the device can do a read-safe command */
	41	if (test_bit(cmd[0], filter->read_ok))
	42	return 0;
	43
	44	/* Write-safe commands require a writable open */
abf54393	45	if (test_bit(cmd[0], filter->write_ok) && has_write_perm)
0b07de85 AG	46	return 0;
	47
	48	return -EPERM;
	49	}
0b07de85 AG	50	EXPORT_SYMBOL(blk_verify_command);
0b07de85 AG	51
2dc75d3c	52	#if 0
0b07de85	53	/* and now, the sysfs stuff */
4beab5c6	54	static ssize_t rcf_cmds_show(struct blk_cmd_filter filter, char page,
0b07de85 AG	55	int rw)
	56	{
	57	char *npage = page;
	58	unsigned long *okbits;
	59	int i;
	60
	61	if (rw == READ)
	62	okbits = filter->read_ok;
	63	else
	64	okbits = filter->write_ok;
	65
	66	for (i = 0; i < BLK_SCSI_MAX_CMDS; i++) {
	67	if (test_bit(i, okbits)) {
a4a77897	68	npage += sprintf(npage, "0x%02x", i);
0b07de85 AG	69	if (i < BLK_SCSI_MAX_CMDS - 1)
	70	sprintf(npage++, " ");
	71	}
	72	}
	73
	74	if (npage != page)
	75	npage += sprintf(npage, "\n");
	76
	77	return npage - page;
	78	}
	79
4beab5c6	80	static ssize_t rcf_readcmds_show(struct blk_cmd_filter filter, char page)
0b07de85 AG	81	{
	82	return rcf_cmds_show(filter, page, READ);
	83	}
	84
4beab5c6	85	static ssize_t rcf_writecmds_show(struct blk_cmd_filter *filter,
0b07de85 AG	86	char *page)
	87	{
	88	return rcf_cmds_show(filter, page, WRITE);
	89	}
	90
4beab5c6	91	static ssize_t rcf_cmds_store(struct blk_cmd_filter *filter,
0b07de85 AG	92	const char *page, size_t count, int rw)
0b07de85 AG	93	{
0b07de85	94	unsigned long okbits[BLK_SCSI_CMD_PER_LONG], *target_okbits;
a4a77897 AG	95	int cmd, set;
	96	char p, status;
	97
	98	if (rw == READ) {
	99	memcpy(&okbits, filter->read_ok, sizeof(okbits));
	100	target_okbits = filter->read_ok;
	101	} else {
	102	memcpy(&okbits, filter->write_ok, sizeof(okbits));
	103	target_okbits = filter->write_ok;
	104	}
	105
	106	while ((p = strsep((char **)&page, " ")) != NULL) {
	107	set = 1;
	108
	109	if (p[0] == '+') {
	110	p++;
	111	} else if (p[0] == '-') {
	112	set = 0;
	113	p++;
	114	}
	115
	116	cmd = simple_strtol(p, &status, 16);
	117
0b07de85	118	/* either of these cases means invalid input, so do nothing. */
a4a77897	119	if ((status == p) \|\| cmd >= BLK_SCSI_MAX_CMDS)
0b07de85 AG	120	return -EINVAL;
0b07de85 AG	121
a4a77897 AG	122	if (set)
	123	__set_bit(cmd, okbits);
	124	else
	125	__clear_bit(cmd, okbits);
0b07de85 AG	126	}
0b07de85 AG	127
a4a77897	128	memcpy(target_okbits, okbits, sizeof(okbits));
0b07de85 AG	129	return count;
	130	}
	131
4beab5c6	132	static ssize_t rcf_readcmds_store(struct blk_cmd_filter *filter,
0b07de85 AG	133	const char *page, size_t count)
	134	{
	135	return rcf_cmds_store(filter, page, count, READ);
	136	}
	137
4beab5c6	138	static ssize_t rcf_writecmds_store(struct blk_cmd_filter *filter,
0b07de85 AG	139	const char *page, size_t count)
	140	{
	141	return rcf_cmds_store(filter, page, count, WRITE);
	142	}
	143
	144	struct rcf_sysfs_entry {
	145	struct attribute attr;
4beab5c6 FT	146	ssize_t (show)(struct blk_cmd_filter , char *);
4beab5c6 FT	147	ssize_t (store)(struct blk_cmd_filter , const char *, size_t);
0b07de85 AG	148	};
	149
	150	static struct rcf_sysfs_entry rcf_readcmds_entry = {
	151	.attr = { .name = "read_table", .mode = S_IRUGO \| S_IWUSR },
	152	.show = rcf_readcmds_show,
	153	.store = rcf_readcmds_store,
	154	};
	155
	156	static struct rcf_sysfs_entry rcf_writecmds_entry = {
	157	.attr = {.name = "write_table", .mode = S_IRUGO \| S_IWUSR },
	158	.show = rcf_writecmds_show,
	159	.store = rcf_writecmds_store,
	160	};
	161
	162	static struct attribute *default_attrs[] = {
	163	&rcf_readcmds_entry.attr,
	164	&rcf_writecmds_entry.attr,
	165	NULL,
	166	};
	167
	168	#define to_rcf(atr) container_of((atr), struct rcf_sysfs_entry, attr)
	169
	170	static ssize_t
	171	rcf_attr_show(struct kobject kobj, struct attribute attr, char *page)
	172	{
	173	struct rcf_sysfs_entry *entry = to_rcf(attr);
4beab5c6	174	struct blk_cmd_filter *filter;
0b07de85	175
4beab5c6	176	filter = container_of(kobj, struct blk_cmd_filter, kobj);
0b07de85 AG	177	if (entry->show)
	178	return entry->show(filter, page);
	179
	180	return 0;
	181	}
	182
	183	static ssize_t
	184	rcf_attr_store(struct kobject kobj, struct attribute attr,
	185	const char *page, size_t length)
	186	{
	187	struct rcf_sysfs_entry *entry = to_rcf(attr);
4beab5c6	188	struct blk_cmd_filter *filter;
0b07de85 AG	189
	190	if (!capable(CAP_SYS_RAWIO))
	191	return -EPERM;
	192
	193	if (!entry->store)
	194	return -EINVAL;
	195
4beab5c6	196	filter = container_of(kobj, struct blk_cmd_filter, kobj);
0b07de85 AG	197	return entry->store(filter, page, length);
	198	}
	199
	200	static struct sysfs_ops rcf_sysfs_ops = {
	201	.show = rcf_attr_show,
	202	.store = rcf_attr_store,
	203	};
	204
	205	static struct kobj_type rcf_ktype = {
	206	.sysfs_ops = &rcf_sysfs_ops,
	207	.default_attrs = default_attrs,
	208	};
	209
0b07de85 AG	210	int blk_register_filter(struct gendisk *disk)
	211	{
	212	int ret;
4beab5c6	213	struct blk_cmd_filter *filter = &disk->queue->cmd_filter;
0b07de85	214
4c46501d TH	215	ret = kobject_init_and_add(&filter->kobj, &rcf_ktype,
4c46501d TH	216	&disk_to_dev(disk)->kobj,
abf54393	217	"%s", "cmd_filter");
0b07de85 AG	218	if (ret < 0)
	219	return ret;
	220
0b07de85 AG	221	return 0;
0b07de85 AG	222	}
bb23b431	223	EXPORT_SYMBOL(blk_register_filter);
0b07de85 AG	224
	225	void blk_unregister_filter(struct gendisk *disk)
	226	{
4beab5c6	227	struct blk_cmd_filter *filter = &disk->queue->cmd_filter;
0b07de85 AG	228
0b07de85 AG	229	kobject_put(&filter->kobj);
0b07de85	230	}
bb23b431	231	EXPORT_SYMBOL(blk_unregister_filter);
2dc75d3c	232	#endif