sg: restore command permission for TYPE_SCANNER
authorFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Sat, 26 Jul 2008 09:03:24 +0000 (18:03 +0900)
committerJens Axboe <jens.axboe@oracle.com>
Wed, 27 Aug 2008 07:50:19 +0000 (09:50 +0200)
sg allowed any command for TYPE_SCANNER. The cmd_filter patchset
doesn't. We can't change sg's permission since it might break the
existing software.

Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
drivers/scsi/sg.c

index 9d28b9f74d90c83598b25e6c03056f395497cdb6..661f9f21650a57f6361650ec5b685bb01d595da9 100644 (file)
@@ -217,6 +217,18 @@ static int sg_last_dev(void);
 #define SZ_SG_IOVEC sizeof(sg_iovec_t)
 #define SZ_SG_REQ_INFO sizeof(sg_req_info_t)
 
+static int sg_allow_access(struct file *filp, unsigned char *cmd)
+{
+       struct sg_fd *sfp = (struct sg_fd *)filp->private_data;
+       struct request_queue *q = sfp->parentdp->device->request_queue;
+
+       if (sfp->parentdp->device->type == TYPE_SCANNER)
+               return 0;
+
+       return blk_verify_command(&q->cmd_filter,
+                                 cmd, filp->f_mode & FMODE_WRITE);
+}
+
 static int
 sg_open(struct inode *inode, struct file *filp)
 {
@@ -641,7 +653,6 @@ sg_new_write(Sg_fd *sfp, struct file *file, const char __user *buf,
        unsigned char cmnd[MAX_COMMAND_SIZE];
        int timeout;
        unsigned long ul_timeout;
-       struct request_queue *q;
 
        if (count < SZ_SG_IO_HDR)
                return -EINVAL;
@@ -690,9 +701,7 @@ sg_new_write(Sg_fd *sfp, struct file *file, const char __user *buf,
                sg_remove_request(sfp, srp);
                return -EFAULT;
        }
-       q = sfp->parentdp->device->request_queue;
-       if (read_only && blk_verify_command(&q->cmd_filter, cmnd,
-                                           file->f_mode & FMODE_WRITE)) {
+       if (read_only && sg_allow_access(file, cmnd)) {
                sg_remove_request(sfp, srp);
                return -EPERM;
        }
@@ -1061,14 +1070,11 @@ sg_ioctl(struct inode *inode, struct file *filp,
                        return -ENODEV;
                if (read_only) {
                        unsigned char opcode = WRITE_6;
-                       struct request_queue *q = sdp->device->request_queue;
                        Scsi_Ioctl_Command __user *siocp = p;
 
                        if (copy_from_user(&opcode, siocp->data, 1))
                                return -EFAULT;
-                       if (blk_verify_command(&q->cmd_filter,
-                                              &opcode,
-                                              filp->f_mode & FMODE_WRITE))
+                       if (sg_allow_access(filp, &opcode))
                                return -EPERM;
                }
                return sg_scsi_ioctl(filp, sdp->device->request_queue, NULL, p);