[linux.git] / block / cmd-filter.c

/*
 * Copyright 2004 Peter M. Jones <[email protected]>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public Licens
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-
 *
 */

#include <linux/list.h>
#include <linux/genhd.h>
#include <linux/spinlock.h>
#include <linux/capability.h>
#include <linux/bitops.h>

#include <scsi/scsi.h>
#include <linux/cdrom.h>

int blk_verify_command(struct blk_cmd_filter *filter,
		       unsigned char *cmd, int has_write_perm)
{
	/* root can do any command. */
	if (capable(CAP_SYS_RAWIO))
		return 0;

	/* if there's no filter set, assume we're filtering everything out */
	if (!filter)
		return -EPERM;

	/* Anybody who can open the device can do a read-safe command */
	if (test_bit(cmd[0], filter->read_ok))
		return 0;

	/* Write-safe commands require a writable open */
	if (test_bit(cmd[0], filter->write_ok) && has_write_perm)
		return 0;

	return -EPERM;
}
EXPORT_SYMBOL(blk_verify_command);

/* and now, the sysfs stuff */
static ssize_t rcf_cmds_show(struct blk_cmd_filter *filter, char *page,
			     int rw)
{
	char *npage = page;
	unsigned long *okbits;
	int i;

	if (rw == READ)
		okbits = filter->read_ok;
	else
		okbits = filter->write_ok;

	for (i = 0; i < BLK_SCSI_MAX_CMDS; i++) {
		if (test_bit(i, okbits)) {
			npage += sprintf(npage, "0x%02x", i);
			if (i < BLK_SCSI_MAX_CMDS - 1)
				sprintf(npage++, " ");
		}
	}

	if (npage != page)
		npage += sprintf(npage, "\n");

	return npage - page;
}

static ssize_t rcf_readcmds_show(struct blk_cmd_filter *filter, char *page)
{
	return rcf_cmds_show(filter, page, READ);
}

static ssize_t rcf_writecmds_show(struct blk_cmd_filter *filter,
				 char *page)
{
	return rcf_cmds_show(filter, page, WRITE);
}

static ssize_t rcf_cmds_store(struct blk_cmd_filter *filter,
			      const char *page, size_t count, int rw)
{
	unsigned long okbits[BLK_SCSI_CMD_PER_LONG], *target_okbits;
	int cmd, set;
	char *p, *status;

	if (rw == READ) {
		memcpy(&okbits, filter->read_ok, sizeof(okbits));
		target_okbits = filter->read_ok;
	} else {
		memcpy(&okbits, filter->write_ok, sizeof(okbits));
		target_okbits = filter->write_ok;
	}

	while ((p = strsep((char **)&page, " ")) != NULL) {
		set = 1;

		if (p[0] == '+') {
			p++;
		} else if (p[0] == '-') {
			set = 0;
			p++;
		}

		cmd = simple_strtol(p, &status, 16);

		/* either of these cases means invalid input, so do nothing. */
		if ((status == p) || cmd >= BLK_SCSI_MAX_CMDS)
			return -EINVAL;

		if (set)
			__set_bit(cmd, okbits);
		else
			__clear_bit(cmd, okbits);
	}

	memcpy(target_okbits, okbits, sizeof(okbits));
	return count;
}

static ssize_t rcf_readcmds_store(struct blk_cmd_filter *filter,
				  const char *page, size_t count)
{
	return rcf_cmds_store(filter, page, count, READ);
}

static ssize_t rcf_writecmds_store(struct blk_cmd_filter *filter,
				   const char *page, size_t count)
{
	return rcf_cmds_store(filter, page, count, WRITE);
}

struct rcf_sysfs_entry {
	struct attribute attr;
	ssize_t (*show)(struct blk_cmd_filter *, char *);
	ssize_t (*store)(struct blk_cmd_filter *, const char *, size_t);
};

static struct rcf_sysfs_entry rcf_readcmds_entry = {
	.attr = { .name = "read_table", .mode = S_IRUGO | S_IWUSR },
	.show = rcf_readcmds_show,
	.store = rcf_readcmds_store,
};

static struct rcf_sysfs_entry rcf_writecmds_entry = {
	.attr = {.name = "write_table", .mode = S_IRUGO | S_IWUSR },
	.show = rcf_writecmds_show,
	.store = rcf_writecmds_store,
};

static struct attribute *default_attrs[] = {
	&rcf_readcmds_entry.attr,
	&rcf_writecmds_entry.attr,
	NULL,
};

#define to_rcf(atr) container_of((atr), struct rcf_sysfs_entry, attr)

static ssize_t
rcf_attr_show(struct kobject *kobj, struct attribute *attr, char *page)
{
	struct rcf_sysfs_entry *entry = to_rcf(attr);
	struct blk_cmd_filter *filter;

	filter = container_of(kobj, struct blk_cmd_filter, kobj);
	if (entry->show)
		return entry->show(filter, page);

	return 0;
}

static ssize_t
rcf_attr_store(struct kobject *kobj, struct attribute *attr,
			const char *page, size_t length)
{
	struct rcf_sysfs_entry *entry = to_rcf(attr);
	struct blk_cmd_filter *filter;

	if (!capable(CAP_SYS_RAWIO))
		return -EPERM;

	if (!entry->store)
		return -EINVAL;

	filter = container_of(kobj, struct blk_cmd_filter, kobj);
	return entry->store(filter, page, length);
}

static struct sysfs_ops rcf_sysfs_ops = {
	.show = rcf_attr_show,
	.store = rcf_attr_store,
};

static struct kobj_type rcf_ktype = {
	.sysfs_ops = &rcf_sysfs_ops,
	.default_attrs = default_attrs,
};

int blk_register_filter(struct gendisk *disk)
{
	int ret;
	struct blk_cmd_filter *filter = &disk->queue->cmd_filter;
	struct kobject *parent = kobject_get(disk->holder_dir->parent);

	if (!parent)
		return -ENODEV;

	ret = kobject_init_and_add(&filter->kobj, &rcf_ktype, parent,
				   "%s", "cmd_filter");

	if (ret < 0)
		return ret;

	return 0;
}
EXPORT_SYMBOL(blk_register_filter);

void blk_unregister_filter(struct gendisk *disk)
{
	struct blk_cmd_filter *filter = &disk->queue->cmd_filter;

	kobject_put(&filter->kobj);
	kobject_put(disk->holder_dir->parent);
}
EXPORT_SYMBOL(blk_unregister_filter);
Commit	Line	Data
0b07de85 AG	1	/*
	2	* Copyright 2004 Peter M. Jones <[email protected]>
	3	*
	4	* This program is free software; you can redistribute it and/or modify
	5	* it under the terms of the GNU General Public License version 2 as
	6	* published by the Free Software Foundation.
	7	*
	8	* This program is distributed in the hope that it will be useful,
	9	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	10	*
	11	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	* GNU General Public License for more details.
	13	*
	14	* You should have received a copy of the GNU General Public Licens
	15	* along with this program; if not, write to the Free Software
	16	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-
	17	*
	18	*/
	19
	20	#include <linux/list.h>
	21	#include <linux/genhd.h>
	22	#include <linux/spinlock.h>
0b07de85 AG	23	#include <linux/capability.h>
	24	#include <linux/bitops.h>
	25
	26	#include <scsi/scsi.h>
	27	#include <linux/cdrom.h>
	28
4beab5c6	29	int blk_verify_command(struct blk_cmd_filter *filter,
abf54393	30	unsigned char *cmd, int has_write_perm)
0b07de85 AG	31	{
	32	/* root can do any command. */
	33	if (capable(CAP_SYS_RAWIO))
	34	return 0;
	35
	36	/* if there's no filter set, assume we're filtering everything out */
	37	if (!filter)
	38	return -EPERM;
	39
	40	/* Anybody who can open the device can do a read-safe command */
	41	if (test_bit(cmd[0], filter->read_ok))
	42	return 0;
	43
	44	/* Write-safe commands require a writable open */
abf54393	45	if (test_bit(cmd[0], filter->write_ok) && has_write_perm)
0b07de85 AG	46	return 0;
	47
	48	return -EPERM;
	49	}
0b07de85 AG	50	EXPORT_SYMBOL(blk_verify_command);
	51
	52	/* and now, the sysfs stuff */
4beab5c6	53	static ssize_t rcf_cmds_show(struct blk_cmd_filter filter, char page,
0b07de85 AG	54	int rw)
	55	{
	56	char *npage = page;
	57	unsigned long *okbits;
	58	int i;
	59
	60	if (rw == READ)
	61	okbits = filter->read_ok;
	62	else
	63	okbits = filter->write_ok;
	64
	65	for (i = 0; i < BLK_SCSI_MAX_CMDS; i++) {
	66	if (test_bit(i, okbits)) {
a4a77897	67	npage += sprintf(npage, "0x%02x", i);
0b07de85 AG	68	if (i < BLK_SCSI_MAX_CMDS - 1)
	69	sprintf(npage++, " ");
	70	}
	71	}
	72
	73	if (npage != page)
	74	npage += sprintf(npage, "\n");
	75
	76	return npage - page;
	77	}
	78
4beab5c6	79	static ssize_t rcf_readcmds_show(struct blk_cmd_filter filter, char page)
0b07de85 AG	80	{
	81	return rcf_cmds_show(filter, page, READ);
	82	}
	83
4beab5c6	84	static ssize_t rcf_writecmds_show(struct blk_cmd_filter *filter,
0b07de85 AG	85	char *page)
	86	{
	87	return rcf_cmds_show(filter, page, WRITE);
	88	}
	89
4beab5c6	90	static ssize_t rcf_cmds_store(struct blk_cmd_filter *filter,
0b07de85 AG	91	const char *page, size_t count, int rw)
0b07de85 AG	92	{
0b07de85	93	unsigned long okbits[BLK_SCSI_CMD_PER_LONG], *target_okbits;
a4a77897 AG	94	int cmd, set;
	95	char p, status;
	96
	97	if (rw == READ) {
	98	memcpy(&okbits, filter->read_ok, sizeof(okbits));
	99	target_okbits = filter->read_ok;
	100	} else {
	101	memcpy(&okbits, filter->write_ok, sizeof(okbits));
	102	target_okbits = filter->write_ok;
	103	}
	104
	105	while ((p = strsep((char **)&page, " ")) != NULL) {
	106	set = 1;
	107
	108	if (p[0] == '+') {
	109	p++;
	110	} else if (p[0] == '-') {
	111	set = 0;
	112	p++;
	113	}
	114
	115	cmd = simple_strtol(p, &status, 16);
	116
0b07de85	117	/* either of these cases means invalid input, so do nothing. */
a4a77897	118	if ((status == p) \|\| cmd >= BLK_SCSI_MAX_CMDS)
0b07de85 AG	119	return -EINVAL;
0b07de85 AG	120
a4a77897 AG	121	if (set)
	122	__set_bit(cmd, okbits);
	123	else
	124	__clear_bit(cmd, okbits);
0b07de85 AG	125	}
0b07de85 AG	126
a4a77897	127	memcpy(target_okbits, okbits, sizeof(okbits));
0b07de85 AG	128	return count;
	129	}
	130
4beab5c6	131	static ssize_t rcf_readcmds_store(struct blk_cmd_filter *filter,
0b07de85 AG	132	const char *page, size_t count)
	133	{
	134	return rcf_cmds_store(filter, page, count, READ);
	135	}
	136
4beab5c6	137	static ssize_t rcf_writecmds_store(struct blk_cmd_filter *filter,
0b07de85 AG	138	const char *page, size_t count)
	139	{
	140	return rcf_cmds_store(filter, page, count, WRITE);
	141	}
	142
	143	struct rcf_sysfs_entry {
	144	struct attribute attr;
4beab5c6 FT	145	ssize_t (show)(struct blk_cmd_filter , char *);
4beab5c6 FT	146	ssize_t (store)(struct blk_cmd_filter , const char *, size_t);
0b07de85 AG	147	};
	148
	149	static struct rcf_sysfs_entry rcf_readcmds_entry = {
	150	.attr = { .name = "read_table", .mode = S_IRUGO \| S_IWUSR },
	151	.show = rcf_readcmds_show,
	152	.store = rcf_readcmds_store,
	153	};
	154
	155	static struct rcf_sysfs_entry rcf_writecmds_entry = {
	156	.attr = {.name = "write_table", .mode = S_IRUGO \| S_IWUSR },
	157	.show = rcf_writecmds_show,
	158	.store = rcf_writecmds_store,
	159	};
	160
	161	static struct attribute *default_attrs[] = {
	162	&rcf_readcmds_entry.attr,
	163	&rcf_writecmds_entry.attr,
	164	NULL,
	165	};
	166
	167	#define to_rcf(atr) container_of((atr), struct rcf_sysfs_entry, attr)
	168
	169	static ssize_t
	170	rcf_attr_show(struct kobject kobj, struct attribute attr, char *page)
	171	{
	172	struct rcf_sysfs_entry *entry = to_rcf(attr);
4beab5c6	173	struct blk_cmd_filter *filter;
0b07de85	174
4beab5c6	175	filter = container_of(kobj, struct blk_cmd_filter, kobj);
0b07de85 AG	176	if (entry->show)
	177	return entry->show(filter, page);
	178
	179	return 0;
	180	}
	181
	182	static ssize_t
	183	rcf_attr_store(struct kobject kobj, struct attribute attr,
	184	const char *page, size_t length)
	185	{
	186	struct rcf_sysfs_entry *entry = to_rcf(attr);
4beab5c6	187	struct blk_cmd_filter *filter;
0b07de85 AG	188
	189	if (!capable(CAP_SYS_RAWIO))
	190	return -EPERM;
	191
	192	if (!entry->store)
	193	return -EINVAL;
	194
4beab5c6	195	filter = container_of(kobj, struct blk_cmd_filter, kobj);
0b07de85 AG	196	return entry->store(filter, page, length);
	197	}
	198
	199	static struct sysfs_ops rcf_sysfs_ops = {
	200	.show = rcf_attr_show,
	201	.store = rcf_attr_store,
	202	};
	203
	204	static struct kobj_type rcf_ktype = {
	205	.sysfs_ops = &rcf_sysfs_ops,
	206	.default_attrs = default_attrs,
	207	};
	208
0b07de85 AG	209	int blk_register_filter(struct gendisk *disk)
	210	{
	211	int ret;
4beab5c6	212	struct blk_cmd_filter *filter = &disk->queue->cmd_filter;
0b07de85 AG	213	struct kobject *parent = kobject_get(disk->holder_dir->parent);
	214
	215	if (!parent)
	216	return -ENODEV;
	217
	218	ret = kobject_init_and_add(&filter->kobj, &rcf_ktype, parent,
abf54393	219	"%s", "cmd_filter");
0b07de85 AG	220
	221	if (ret < 0)
	222	return ret;
	223
0b07de85 AG	224	return 0;
0b07de85 AG	225	}
bb23b431	226	EXPORT_SYMBOL(blk_register_filter);
0b07de85 AG	227
	228	void blk_unregister_filter(struct gendisk *disk)
	229	{
4beab5c6	230	struct blk_cmd_filter *filter = &disk->queue->cmd_filter;
0b07de85 AG	231
	232	kobject_put(&filter->kobj);
	233	kobject_put(disk->holder_dir->parent);
	234	}
bb23b431	235	EXPORT_SYMBOL(blk_unregister_filter);