1 /* linux/drivers/cdrom/cdrom.c
2    Copyright (c) 1996, 1997 David A. van Leeuwen.
3    Copyright (c) 1997, 1998 Erik Andersen <andersee@debian.org>
4    Copyright (c) 1998, 1999 Jens Axboe <axboe@image.dk>
5 
6    May be copied or modified under the terms of the GNU General Public
7    License.  See linux/COPYING for more information.
8 
9    Uniform CD-ROM driver for Linux.
10    See Documentation/cdrom/cdrom-standard.rst for usage information.
11 
12    The routines in the file provide a uniform interface between the
13    software that uses CD-ROMs and the various low-level drivers that
14    actually talk to the hardware. Suggestions are welcome.
15    Patches that work are more welcome though.  ;-)
16 
17  To Do List:
18  ----------------------------------
19 
20  -- Modify sysctl/proc interface. I plan on having one directory per
21  drive, with entries for outputing general drive information, and sysctl
22  based tunable parameters such as whether the tray should auto-close for
23  that drive. Suggestions (or patches) for this welcome!
24 
25 
26  Revision History
27  ----------------------------------
28  1.00  Date Unknown -- David van Leeuwen <david@tm.tno.nl>
29  -- Initial version by David A. van Leeuwen. I don't have a detailed
30   changelog for the 1.x series, David?
31 
32 2.00  Dec  2, 1997 -- Erik Andersen <andersee@debian.org>
33   -- New maintainer! As David A. van Leeuwen has been too busy to actively
34   maintain and improve this driver, I am now carrying on the torch. If
35   you have a problem with this driver, please feel free to contact me.
36 
37   -- Added (rudimentary) sysctl interface. I realize this is really weak
38   right now, and is _very_ badly implemented. It will be improved...
39 
40   -- Modified CDROM_DISC_STATUS so that it is now incorporated into
41   the Uniform CD-ROM driver via the cdrom_count_tracks function.
42   The cdrom_count_tracks function helps resolve some of the false
43   assumptions of the CDROM_DISC_STATUS ioctl, and is also used to check
44   for the correct media type when mounting or playing audio from a CD.
45 
46   -- Remove the calls to verify_area and only use the copy_from_user and
47   copy_to_user stuff, since these calls now provide their own memory
48   checking with the 2.1.x kernels.
49 
50   -- Major update to return codes so that errors from low-level drivers
51   are passed on through (thanks to Gerd Knorr for pointing out this
52   problem).
53 
54   -- Made it so if a function isn't implemented in a low-level driver,
55   ENOSYS is now returned instead of EINVAL.
56 
57   -- Simplified some complex logic so that the source code is easier to read.
58 
59   -- Other stuff I probably forgot to mention (lots of changes).
60 
61 2.01 to 2.11 Dec 1997-Jan 1998
62   -- TO-DO!  Write changelogs for 2.01 to 2.12.
63 
64 2.12  Jan  24, 1998 -- Erik Andersen <andersee@debian.org>
65   -- Fixed a bug in the IOCTL_IN and IOCTL_OUT macros.  It turns out that
66   copy_*_user does not return EFAULT on error, but instead returns the number
67   of bytes not copied.  I was returning whatever non-zero stuff came back from
68   the copy_*_user functions directly, which would result in strange errors.
69 
70 2.13  July 17, 1998 -- Erik Andersen <andersee@debian.org>
71   -- Fixed a bug in CDROM_SELECT_SPEED where you couldn't lower the speed
72   of the drive.  Thanks to Tobias Ringstr|m <tori@prosolvia.se> for pointing
73   this out and providing a simple fix.
74   -- Fixed the procfs-unload-module bug with the fill_inode procfs callback.
75   thanks to Andrea Arcangeli
76   -- Fixed it so that the /proc entry now also shows up when cdrom is
77   compiled into the kernel.  Before it only worked when loaded as a module.
78 
79   2.14 August 17, 1998 -- Erik Andersen <andersee@debian.org>
80   -- Fixed a bug in cdrom_media_changed and handling of reporting that
81   the media had changed for devices that _don't_ implement media_changed.
82   Thanks to Grant R. Guenther <grant@torque.net> for spotting this bug.
83   -- Made a few things more pedanticly correct.
84 
85 2.50 Oct 19, 1998 - Jens Axboe <axboe@image.dk>
86   -- New maintainers! Erik was too busy to continue the work on the driver,
87   so now Chris Zwilling <chris@cloudnet.com> and Jens Axboe <axboe@image.dk>
88   will do their best to follow in his footsteps
89 
90   2.51 Dec 20, 1998 - Jens Axboe <axboe@image.dk>
91   -- Check if drive is capable of doing what we ask before blindly changing
92   cdi->options in various ioctl.
93   -- Added version to proc entry.
94 
95   2.52 Jan 16, 1999 - Jens Axboe <axboe@image.dk>
96   -- Fixed an error in open_for_data where we would sometimes not return
97   the correct error value. Thanks Huba Gaspar <huba@softcell.hu>.
98   -- Fixed module usage count - usage was based on /proc/sys/dev
99   instead of /proc/sys/dev/cdrom. This could lead to an oops when other
100   modules had entries in dev. Feb 02 - real bug was in sysctl.c where
101   dev would be removed even though it was used. cdrom.c just illuminated
102   that bug.
103 
104   2.53 Feb 22, 1999 - Jens Axboe <axboe@image.dk>
105   -- Fixup of several ioctl calls, in particular CDROM_SET_OPTIONS has
106   been "rewritten" because capabilities and options aren't in sync. They
107   should be...
108   -- Added CDROM_LOCKDOOR ioctl. Locks the door and keeps it that way.
109   -- Added CDROM_RESET ioctl.
110   -- Added CDROM_DEBUG ioctl. Enable debug messages on-the-fly.
111   -- Added CDROM_GET_CAPABILITY ioctl. This relieves userspace programs
112   from parsing /proc/sys/dev/cdrom/info.
113 
114   2.54 Mar 15, 1999 - Jens Axboe <axboe@image.dk>
115   -- Check capability mask from low level driver when counting tracks as
116   per suggestion from Corey J. Scotts <cstotts@blue.weeg.uiowa.edu>.
117 
118   2.55 Apr 25, 1999 - Jens Axboe <axboe@image.dk>
119   -- autoclose was mistakenly checked against CDC_OPEN_TRAY instead of
120   CDC_CLOSE_TRAY.
121   -- proc info didn't mask against capabilities mask.
122 
123   3.00 Aug 5, 1999 - Jens Axboe <axboe@image.dk>
124   -- Unified audio ioctl handling across CD-ROM drivers. A lot of the
125   code was duplicated before. Drives that support the generic packet
126   interface are now being fed packets from here instead.
127   -- First attempt at adding support for MMC2 commands - for DVD and
128   CD-R(W) drives. Only the DVD parts are in now - the interface used is
129   the same as for the audio ioctls.
130   -- ioctl cleanups. if a drive couldn't play audio, it didn't get
131   a change to perform device specific ioctls as well.
132   -- Defined CDROM_CAN(CDC_XXX) for checking the capabilities.
133   -- Put in sysctl files for autoclose, autoeject, check_media, debug,
134   and lock.
135   -- /proc/sys/dev/cdrom/info has been updated to also contain info about
136   CD-Rx and DVD capabilities.
137   -- Now default to checking media type.
138   -- CDROM_SEND_PACKET ioctl added. The infrastructure was in place for
139   doing this anyway, with the generic_packet addition.
140 
141   3.01 Aug 6, 1999 - Jens Axboe <axboe@image.dk>
142   -- Fix up the sysctl handling so that the option flags get set
143   correctly.
144   -- Fix up ioctl handling so the device specific ones actually get
145   called :).
146 
147   3.02 Aug 8, 1999 - Jens Axboe <axboe@image.dk>
148   -- Fixed volume control on SCSI drives (or others with longer audio
149   page).
150   -- Fixed a couple of DVD minors. Thanks to Andrew T. Veliath
151   <andrewtv@usa.net> for telling me and for having defined the various
152   DVD structures and ioctls in the first place! He designed the original
153   DVD patches for ide-cd and while I rearranged and unified them, the
154   interface is still the same.
155 
156   3.03 Sep 1, 1999 - Jens Axboe <axboe@image.dk>
157   -- Moved the rest of the audio ioctls from the CD-ROM drivers here. Only
158   CDROMREADTOCENTRY and CDROMREADTOCHDR are left.
159   -- Moved the CDROMREADxxx ioctls in here.
160   -- Defined the cdrom_get_last_written and cdrom_get_next_block as ioctls
161   and exported functions.
162   -- Erik Andersen <andersen@xmission.com> modified all SCMD_ commands
163   to now read GPCMD_ for the new generic packet interface. All low level
164   drivers are updated as well.
165   -- Various other cleanups.
166 
167   3.04 Sep 12, 1999 - Jens Axboe <axboe@image.dk>
168   -- Fixed a couple of possible memory leaks (if an operation failed and
169   we didn't free the buffer before returning the error).
170   -- Integrated Uniform CD Changer handling from Richard Sharman
171   <rsharman@pobox.com>.
172   -- Defined CD_DVD and CD_CHANGER log levels.
173   -- Fixed the CDROMREADxxx ioctls.
174   -- CDROMPLAYTRKIND uses the GPCMD_PLAY_AUDIO_MSF command - too few
175   drives supported it. We lose the index part, however.
176   -- Small modifications to accommodate opens of /dev/hdc1, required
177   for ide-cd to handle multisession discs.
178   -- Export cdrom_mode_sense and cdrom_mode_select.
179   -- init_cdrom_command() for setting up a cgc command.
180 
181   3.05 Oct 24, 1999 - Jens Axboe <axboe@image.dk>
182   -- Changed the interface for CDROM_SEND_PACKET. Before it was virtually
183   impossible to send the drive data in a sensible way.
184   -- Lowered stack usage in mmc_ioctl(), dvd_read_disckey(), and
185   dvd_read_manufact.
186   -- Added setup of write mode for packet writing.
187   -- Fixed CDDA ripping with cdda2wav - accept much larger requests of
188   number of frames and split the reads in blocks of 8.
189 
190   3.06 Dec 13, 1999 - Jens Axboe <axboe@image.dk>
191   -- Added support for changing the region of DVD drives.
192   -- Added sense data to generic command.
193 
194   3.07 Feb 2, 2000 - Jens Axboe <axboe@suse.de>
195   -- Do same "read header length" trick in cdrom_get_disc_info() as
196   we do in cdrom_get_track_info() -- some drive don't obey specs and
197   fail if they can't supply the full Mt Fuji size table.
198   -- Deleted stuff related to setting up write modes. It has a different
199   home now.
200   -- Clear header length in mode_select unconditionally.
201   -- Removed the register_disk() that was added, not needed here.
202 
203   3.08 May 1, 2000 - Jens Axboe <axboe@suse.de>
204   -- Fix direction flag in setup_send_key and setup_report_key. This
205   gave some SCSI adapters problems.
206   -- Always return -EROFS for write opens
207   -- Convert to module_init/module_exit style init and remove some
208   of the #ifdef MODULE stuff
209   -- Fix several dvd errors - DVD_LU_SEND_ASF should pass agid,
210   DVD_HOST_SEND_RPC_STATE did not set buffer size in cdb, and
211   dvd_do_auth passed uninitialized data to drive because init_cdrom_command
212   did not clear a 0 sized buffer.
213 
214   3.09 May 12, 2000 - Jens Axboe <axboe@suse.de>
215   -- Fix Video-CD on SCSI drives that don't support READ_CD command. In
216   that case switch block size and issue plain READ_10 again, then switch
217   back.
218 
219   3.10 Jun 10, 2000 - Jens Axboe <axboe@suse.de>
220   -- Fix volume control on CD's - old SCSI-II drives now use their own
221   code, as doing MODE6 stuff in here is really not my intention.
222   -- Use READ_DISC_INFO for more reliable end-of-disc.
223 
224   3.11 Jun 12, 2000 - Jens Axboe <axboe@suse.de>
225   -- Fix bug in getting rpc phase 2 region info.
226   -- Reinstate "correct" CDROMPLAYTRKIND
227 
228    3.12 Oct 18, 2000 - Jens Axboe <axboe@suse.de>
229   -- Use quiet bit on packet commands not known to work
230 
231    3.20 Dec 17, 2003 - Jens Axboe <axboe@suse.de>
232   -- Various fixes and lots of cleanups not listed :-)
233   -- Locking fixes
234   -- Mt Rainier support
235   -- DVD-RAM write open fixes
236 
237   Nov 5 2001, Aug 8 2002. Modified by Andy Polyakov
238   <appro@fy.chalmers.se> to support MMC-3 compliant DVD+RW units.
239 
240   Modified by Nigel Kukard <nkukard@lbsd.net> - support DVD+RW
241   2.4.x patch by Andy Polyakov <appro@fy.chalmers.se>
242 
243 -------------------------------------------------------------------------*/
244 
245 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
246 
247 #define REVISION "Revision: 3.20"
248 #define VERSION "Id: cdrom.c 3.20 2003/12/17"
249 
250 /* I use an error-log mask to give fine grain control over the type of
251    messages dumped to the system logs.  The available masks include: */
252 #define CD_NOTHING      0x0
253 #define CD_WARNING	0x1
254 #define CD_REG_UNREG	0x2
255 #define CD_DO_IOCTL	0x4
256 #define CD_OPEN		0x8
257 #define CD_CLOSE	0x10
258 #define CD_COUNT_TRACKS 0x20
259 #define CD_CHANGER	0x40
260 #define CD_DVD		0x80
261 
262 /* Define this to remove _all_ the debugging messages */
263 /* #define ERRLOGMASK CD_NOTHING */
264 #define ERRLOGMASK CD_WARNING
265 /* #define ERRLOGMASK (CD_WARNING|CD_OPEN|CD_COUNT_TRACKS|CD_CLOSE) */
266 /* #define ERRLOGMASK (CD_WARNING|CD_REG_UNREG|CD_DO_IOCTL|CD_OPEN|CD_CLOSE|CD_COUNT_TRACKS) */
267 
268 #include <linux/atomic.h>
269 #include <linux/module.h>
270 #include <linux/fs.h>
271 #include <linux/major.h>
272 #include <linux/types.h>
273 #include <linux/errno.h>
274 #include <linux/kernel.h>
275 #include <linux/mm.h>
276 #include <linux/slab.h>
277 #include <linux/cdrom.h>
278 #include <linux/sysctl.h>
279 #include <linux/proc_fs.h>
280 #include <linux/blkpg.h>
281 #include <linux/init.h>
282 #include <linux/fcntl.h>
283 #include <linux/blkdev.h>
284 #include <linux/times.h>
285 #include <linux/uaccess.h>
286 #include <scsi/scsi_common.h>
287 #include <scsi/scsi_request.h>
288 
289 /* used to tell the module to turn on full debugging messages */
290 static bool debug;
291 /* default compatibility mode */
292 static bool autoclose=1;
293 static bool autoeject;
294 static bool lockdoor = 1;
295 /* will we ever get to use this... sigh. */
296 static bool check_media_type;
297 /* automatically restart mrw format */
298 static bool mrw_format_restart = 1;
299 module_param(debug, bool, 0);
300 module_param(autoclose, bool, 0);
301 module_param(autoeject, bool, 0);
302 module_param(lockdoor, bool, 0);
303 module_param(check_media_type, bool, 0);
304 module_param(mrw_format_restart, bool, 0);
305 
306 static DEFINE_MUTEX(cdrom_mutex);
307 
308 static const char *mrw_format_status[] = {
309 	"not mrw",
310 	"bgformat inactive",
311 	"bgformat active",
312 	"mrw complete",
313 };
314 
315 static const char *mrw_address_space[] = { "DMA", "GAA" };
316 
317 #if (ERRLOGMASK != CD_NOTHING)
318 #define cd_dbg(type, fmt, ...)				\
319 do {							\
320 	if ((ERRLOGMASK & type) || debug == 1)		\
321 		pr_debug(fmt, ##__VA_ARGS__);		\
322 } while (0)
323 #else
324 #define cd_dbg(type, fmt, ...)				\
325 do {							\
326 	if (0 && (ERRLOGMASK & type) || debug == 1)	\
327 		pr_debug(fmt, ##__VA_ARGS__);		\
328 } while (0)
329 #endif
330 
331 /* The (cdo->capability & ~cdi->mask & CDC_XXX) construct was used in
332    a lot of places. This macro makes the code more clear. */
333 #define CDROM_CAN(type) (cdi->ops->capability & ~cdi->mask & (type))
334 
335 /*
336  * Another popular OS uses 7 seconds as the hard timeout for default
337  * commands, so it is a good choice for us as well.
338  */
339 #define CDROM_DEF_TIMEOUT	(7 * HZ)
340 
341 /* Not-exported routines. */
342 
343 static void cdrom_sysctl_register(void);
344 
345 static LIST_HEAD(cdrom_list);
346 
cdrom_dummy_generic_packet(struct cdrom_device_info * cdi,struct packet_command * cgc)347 int cdrom_dummy_generic_packet(struct cdrom_device_info *cdi,
348 			       struct packet_command *cgc)
349 {
350 	if (cgc->sshdr) {
351 		cgc->sshdr->sense_key = 0x05;
352 		cgc->sshdr->asc = 0x20;
353 		cgc->sshdr->ascq = 0x00;
354 	}
355 
356 	cgc->stat = -EIO;
357 	return -EIO;
358 }
359 EXPORT_SYMBOL(cdrom_dummy_generic_packet);
360 
cdrom_flush_cache(struct cdrom_device_info * cdi)361 static int cdrom_flush_cache(struct cdrom_device_info *cdi)
362 {
363 	struct packet_command cgc;
364 
365 	init_cdrom_command(&cgc, NULL, 0, CGC_DATA_NONE);
366 	cgc.cmd[0] = GPCMD_FLUSH_CACHE;
367 
368 	cgc.timeout = 5 * 60 * HZ;
369 
370 	return cdi->ops->generic_packet(cdi, &cgc);
371 }
372 
373 /* requires CD R/RW */
cdrom_get_disc_info(struct cdrom_device_info * cdi,disc_information * di)374 static int cdrom_get_disc_info(struct cdrom_device_info *cdi,
375 			       disc_information *di)
376 {
377 	const struct cdrom_device_ops *cdo = cdi->ops;
378 	struct packet_command cgc;
379 	int ret, buflen;
380 
381 	/* set up command and get the disc info */
382 	init_cdrom_command(&cgc, di, sizeof(*di), CGC_DATA_READ);
383 	cgc.cmd[0] = GPCMD_READ_DISC_INFO;
384 	cgc.cmd[8] = cgc.buflen = 2;
385 	cgc.quiet = 1;
386 
387 	ret = cdo->generic_packet(cdi, &cgc);
388 	if (ret)
389 		return ret;
390 
391 	/* not all drives have the same disc_info length, so requeue
392 	 * packet with the length the drive tells us it can supply
393 	 */
394 	buflen = be16_to_cpu(di->disc_information_length) +
395 		sizeof(di->disc_information_length);
396 
397 	if (buflen > sizeof(disc_information))
398 		buflen = sizeof(disc_information);
399 
400 	cgc.cmd[8] = cgc.buflen = buflen;
401 	ret = cdo->generic_packet(cdi, &cgc);
402 	if (ret)
403 		return ret;
404 
405 	/* return actual fill size */
406 	return buflen;
407 }
408 
409 /* This macro makes sure we don't have to check on cdrom_device_ops
410  * existence in the run-time routines below. Change_capability is a
411  * hack to have the capability flags defined const, while we can still
412  * change it here without gcc complaining at every line.
413  */
414 #define ENSURE(cdo, call, bits)					\
415 do {								\
416 	if (cdo->call == NULL)					\
417 		WARN_ON_ONCE((cdo)->capability & (bits));	\
418 } while (0)
419 
420 /*
421  * the first prototypes used 0x2c as the page code for the mrw mode page,
422  * subsequently this was changed to 0x03. probe the one used by this drive
423  */
cdrom_mrw_probe_pc(struct cdrom_device_info * cdi)424 static int cdrom_mrw_probe_pc(struct cdrom_device_info *cdi)
425 {
426 	struct packet_command cgc;
427 	char buffer[16];
428 
429 	init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
430 
431 	cgc.timeout = HZ;
432 	cgc.quiet = 1;
433 
434 	if (!cdrom_mode_sense(cdi, &cgc, MRW_MODE_PC, 0)) {
435 		cdi->mrw_mode_page = MRW_MODE_PC;
436 		return 0;
437 	} else if (!cdrom_mode_sense(cdi, &cgc, MRW_MODE_PC_PRE1, 0)) {
438 		cdi->mrw_mode_page = MRW_MODE_PC_PRE1;
439 		return 0;
440 	}
441 
442 	return 1;
443 }
444 
cdrom_is_mrw(struct cdrom_device_info * cdi,int * write)445 static int cdrom_is_mrw(struct cdrom_device_info *cdi, int *write)
446 {
447 	struct packet_command cgc;
448 	struct mrw_feature_desc *mfd;
449 	unsigned char buffer[16];
450 	int ret;
451 
452 	*write = 0;
453 
454 	init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
455 
456 	cgc.cmd[0] = GPCMD_GET_CONFIGURATION;
457 	cgc.cmd[3] = CDF_MRW;
458 	cgc.cmd[8] = sizeof(buffer);
459 	cgc.quiet = 1;
460 
461 	if ((ret = cdi->ops->generic_packet(cdi, &cgc)))
462 		return ret;
463 
464 	mfd = (struct mrw_feature_desc *)&buffer[sizeof(struct feature_header)];
465 	if (be16_to_cpu(mfd->feature_code) != CDF_MRW)
466 		return 1;
467 	*write = mfd->write;
468 
469 	if ((ret = cdrom_mrw_probe_pc(cdi))) {
470 		*write = 0;
471 		return ret;
472 	}
473 
474 	return 0;
475 }
476 
cdrom_mrw_bgformat(struct cdrom_device_info * cdi,int cont)477 static int cdrom_mrw_bgformat(struct cdrom_device_info *cdi, int cont)
478 {
479 	struct packet_command cgc;
480 	unsigned char buffer[12];
481 	int ret;
482 
483 	pr_info("%sstarting format\n", cont ? "Re" : "");
484 
485 	/*
486 	 * FmtData bit set (bit 4), format type is 1
487 	 */
488 	init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_WRITE);
489 	cgc.cmd[0] = GPCMD_FORMAT_UNIT;
490 	cgc.cmd[1] = (1 << 4) | 1;
491 
492 	cgc.timeout = 5 * 60 * HZ;
493 
494 	/*
495 	 * 4 byte format list header, 8 byte format list descriptor
496 	 */
497 	buffer[1] = 1 << 1;
498 	buffer[3] = 8;
499 
500 	/*
501 	 * nr_blocks field
502 	 */
503 	buffer[4] = 0xff;
504 	buffer[5] = 0xff;
505 	buffer[6] = 0xff;
506 	buffer[7] = 0xff;
507 
508 	buffer[8] = 0x24 << 2;
509 	buffer[11] = cont;
510 
511 	ret = cdi->ops->generic_packet(cdi, &cgc);
512 	if (ret)
513 		pr_info("bgformat failed\n");
514 
515 	return ret;
516 }
517 
cdrom_mrw_bgformat_susp(struct cdrom_device_info * cdi,int immed)518 static int cdrom_mrw_bgformat_susp(struct cdrom_device_info *cdi, int immed)
519 {
520 	struct packet_command cgc;
521 
522 	init_cdrom_command(&cgc, NULL, 0, CGC_DATA_NONE);
523 	cgc.cmd[0] = GPCMD_CLOSE_TRACK;
524 
525 	/*
526 	 * Session = 1, Track = 0
527 	 */
528 	cgc.cmd[1] = !!immed;
529 	cgc.cmd[2] = 1 << 1;
530 
531 	cgc.timeout = 5 * 60 * HZ;
532 
533 	return cdi->ops->generic_packet(cdi, &cgc);
534 }
535 
cdrom_mrw_exit(struct cdrom_device_info * cdi)536 static int cdrom_mrw_exit(struct cdrom_device_info *cdi)
537 {
538 	disc_information di;
539 	int ret;
540 
541 	ret = cdrom_get_disc_info(cdi, &di);
542 	if (ret < 0 || ret < (int)offsetof(typeof(di),disc_type))
543 		return 1;
544 
545 	ret = 0;
546 	if (di.mrw_status == CDM_MRW_BGFORMAT_ACTIVE) {
547 		pr_info("issuing MRW background format suspend\n");
548 		ret = cdrom_mrw_bgformat_susp(cdi, 0);
549 	}
550 
551 	if (!ret && cdi->media_written)
552 		ret = cdrom_flush_cache(cdi);
553 
554 	return ret;
555 }
556 
cdrom_mrw_set_lba_space(struct cdrom_device_info * cdi,int space)557 static int cdrom_mrw_set_lba_space(struct cdrom_device_info *cdi, int space)
558 {
559 	struct packet_command cgc;
560 	struct mode_page_header *mph;
561 	char buffer[16];
562 	int ret, offset, size;
563 
564 	init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
565 
566 	cgc.buffer = buffer;
567 	cgc.buflen = sizeof(buffer);
568 
569 	ret = cdrom_mode_sense(cdi, &cgc, cdi->mrw_mode_page, 0);
570 	if (ret)
571 		return ret;
572 
573 	mph = (struct mode_page_header *)buffer;
574 	offset = be16_to_cpu(mph->desc_length);
575 	size = be16_to_cpu(mph->mode_data_length) + 2;
576 
577 	buffer[offset + 3] = space;
578 	cgc.buflen = size;
579 
580 	ret = cdrom_mode_select(cdi, &cgc);
581 	if (ret)
582 		return ret;
583 
584 	pr_info("%s: mrw address space %s selected\n",
585 		cdi->name, mrw_address_space[space]);
586 	return 0;
587 }
588 
register_cdrom(struct gendisk * disk,struct cdrom_device_info * cdi)589 int register_cdrom(struct gendisk *disk, struct cdrom_device_info *cdi)
590 {
591 	static char banner_printed;
592 	const struct cdrom_device_ops *cdo = cdi->ops;
593 
594 	cd_dbg(CD_OPEN, "entering register_cdrom\n");
595 
596 	if (cdo->open == NULL || cdo->release == NULL)
597 		return -EINVAL;
598 	if (!banner_printed) {
599 		pr_info("Uniform CD-ROM driver " REVISION "\n");
600 		banner_printed = 1;
601 		cdrom_sysctl_register();
602 	}
603 
604 	cdi->disk = disk;
605 	disk->cdi = cdi;
606 
607 	ENSURE(cdo, drive_status, CDC_DRIVE_STATUS);
608 	if (cdo->check_events == NULL)
609 		WARN_ON_ONCE(cdo->capability & (CDC_MEDIA_CHANGED | CDC_SELECT_DISC));
610 	ENSURE(cdo, tray_move, CDC_CLOSE_TRAY | CDC_OPEN_TRAY);
611 	ENSURE(cdo, lock_door, CDC_LOCK);
612 	ENSURE(cdo, select_speed, CDC_SELECT_SPEED);
613 	ENSURE(cdo, get_last_session, CDC_MULTI_SESSION);
614 	ENSURE(cdo, get_mcn, CDC_MCN);
615 	ENSURE(cdo, reset, CDC_RESET);
616 	ENSURE(cdo, generic_packet, CDC_GENERIC_PACKET);
617 	cdi->mc_flags = 0;
618 	cdi->options = CDO_USE_FFLAGS;
619 
620 	if (autoclose == 1 && CDROM_CAN(CDC_CLOSE_TRAY))
621 		cdi->options |= (int) CDO_AUTO_CLOSE;
622 	if (autoeject == 1 && CDROM_CAN(CDC_OPEN_TRAY))
623 		cdi->options |= (int) CDO_AUTO_EJECT;
624 	if (lockdoor == 1)
625 		cdi->options |= (int) CDO_LOCK;
626 	if (check_media_type == 1)
627 		cdi->options |= (int) CDO_CHECK_TYPE;
628 
629 	if (CDROM_CAN(CDC_MRW_W))
630 		cdi->exit = cdrom_mrw_exit;
631 
632 	if (cdi->disk)
633 		cdi->cdda_method = CDDA_BPC_FULL;
634 	else
635 		cdi->cdda_method = CDDA_OLD;
636 
637 	WARN_ON(!cdo->generic_packet);
638 
639 	cd_dbg(CD_REG_UNREG, "drive \"/dev/%s\" registered\n", cdi->name);
640 	mutex_lock(&cdrom_mutex);
641 	list_add(&cdi->list, &cdrom_list);
642 	mutex_unlock(&cdrom_mutex);
643 	return 0;
644 }
645 #undef ENSURE
646 
unregister_cdrom(struct cdrom_device_info * cdi)647 void unregister_cdrom(struct cdrom_device_info *cdi)
648 {
649 	cd_dbg(CD_OPEN, "entering unregister_cdrom\n");
650 
651 	mutex_lock(&cdrom_mutex);
652 	list_del(&cdi->list);
653 	mutex_unlock(&cdrom_mutex);
654 
655 	if (cdi->exit)
656 		cdi->exit(cdi);
657 
658 	cd_dbg(CD_REG_UNREG, "drive \"/dev/%s\" unregistered\n", cdi->name);
659 }
660 
cdrom_get_media_event(struct cdrom_device_info * cdi,struct media_event_desc * med)661 int cdrom_get_media_event(struct cdrom_device_info *cdi,
662 			  struct media_event_desc *med)
663 {
664 	struct packet_command cgc;
665 	unsigned char buffer[8];
666 	struct event_header *eh = (struct event_header *)buffer;
667 
668 	init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
669 	cgc.cmd[0] = GPCMD_GET_EVENT_STATUS_NOTIFICATION;
670 	cgc.cmd[1] = 1;		/* IMMED */
671 	cgc.cmd[4] = 1 << 4;	/* media event */
672 	cgc.cmd[8] = sizeof(buffer);
673 	cgc.quiet = 1;
674 
675 	if (cdi->ops->generic_packet(cdi, &cgc))
676 		return 1;
677 
678 	if (be16_to_cpu(eh->data_len) < sizeof(*med))
679 		return 1;
680 
681 	if (eh->nea || eh->notification_class != 0x4)
682 		return 1;
683 
684 	memcpy(med, &buffer[sizeof(*eh)], sizeof(*med));
685 	return 0;
686 }
687 
cdrom_get_random_writable(struct cdrom_device_info * cdi,struct rwrt_feature_desc * rfd)688 static int cdrom_get_random_writable(struct cdrom_device_info *cdi,
689 			      struct rwrt_feature_desc *rfd)
690 {
691 	struct packet_command cgc;
692 	char buffer[24];
693 	int ret;
694 
695 	init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
696 
697 	cgc.cmd[0] = GPCMD_GET_CONFIGURATION;	/* often 0x46 */
698 	cgc.cmd[3] = CDF_RWRT;			/* often 0x0020 */
699 	cgc.cmd[8] = sizeof(buffer);		/* often 0x18 */
700 	cgc.quiet = 1;
701 
702 	if ((ret = cdi->ops->generic_packet(cdi, &cgc)))
703 		return ret;
704 
705 	memcpy(rfd, &buffer[sizeof(struct feature_header)], sizeof (*rfd));
706 	return 0;
707 }
708 
cdrom_has_defect_mgt(struct cdrom_device_info * cdi)709 static int cdrom_has_defect_mgt(struct cdrom_device_info *cdi)
710 {
711 	struct packet_command cgc;
712 	char buffer[16];
713 	__be16 *feature_code;
714 	int ret;
715 
716 	init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
717 
718 	cgc.cmd[0] = GPCMD_GET_CONFIGURATION;
719 	cgc.cmd[3] = CDF_HWDM;
720 	cgc.cmd[8] = sizeof(buffer);
721 	cgc.quiet = 1;
722 
723 	if ((ret = cdi->ops->generic_packet(cdi, &cgc)))
724 		return ret;
725 
726 	feature_code = (__be16 *) &buffer[sizeof(struct feature_header)];
727 	if (be16_to_cpu(*feature_code) == CDF_HWDM)
728 		return 0;
729 
730 	return 1;
731 }
732 
733 
cdrom_is_random_writable(struct cdrom_device_info * cdi,int * write)734 static int cdrom_is_random_writable(struct cdrom_device_info *cdi, int *write)
735 {
736 	struct rwrt_feature_desc rfd;
737 	int ret;
738 
739 	*write = 0;
740 
741 	if ((ret = cdrom_get_random_writable(cdi, &rfd)))
742 		return ret;
743 
744 	if (CDF_RWRT == be16_to_cpu(rfd.feature_code))
745 		*write = 1;
746 
747 	return 0;
748 }
749 
cdrom_media_erasable(struct cdrom_device_info * cdi)750 static int cdrom_media_erasable(struct cdrom_device_info *cdi)
751 {
752 	disc_information di;
753 	int ret;
754 
755 	ret = cdrom_get_disc_info(cdi, &di);
756 	if (ret < 0 || ret < offsetof(typeof(di), n_first_track))
757 		return -1;
758 
759 	return di.erasable;
760 }
761 
762 /*
763  * FIXME: check RO bit
764  */
cdrom_dvdram_open_write(struct cdrom_device_info * cdi)765 static int cdrom_dvdram_open_write(struct cdrom_device_info *cdi)
766 {
767 	int ret = cdrom_media_erasable(cdi);
768 
769 	/*
770 	 * allow writable open if media info read worked and media is
771 	 * erasable, _or_ if it fails since not all drives support it
772 	 */
773 	if (!ret)
774 		return 1;
775 
776 	return 0;
777 }
778 
cdrom_mrw_open_write(struct cdrom_device_info * cdi)779 static int cdrom_mrw_open_write(struct cdrom_device_info *cdi)
780 {
781 	disc_information di;
782 	int ret;
783 
784 	/*
785 	 * always reset to DMA lba space on open
786 	 */
787 	if (cdrom_mrw_set_lba_space(cdi, MRW_LBA_DMA)) {
788 		pr_err("failed setting lba address space\n");
789 		return 1;
790 	}
791 
792 	ret = cdrom_get_disc_info(cdi, &di);
793 	if (ret < 0 || ret < offsetof(typeof(di),disc_type))
794 		return 1;
795 
796 	if (!di.erasable)
797 		return 1;
798 
799 	/*
800 	 * mrw_status
801 	 * 0	-	not MRW formatted
802 	 * 1	-	MRW bgformat started, but not running or complete
803 	 * 2	-	MRW bgformat in progress
804 	 * 3	-	MRW formatting complete
805 	 */
806 	ret = 0;
807 	pr_info("open: mrw_status '%s'\n", mrw_format_status[di.mrw_status]);
808 	if (!di.mrw_status)
809 		ret = 1;
810 	else if (di.mrw_status == CDM_MRW_BGFORMAT_INACTIVE &&
811 			mrw_format_restart)
812 		ret = cdrom_mrw_bgformat(cdi, 1);
813 
814 	return ret;
815 }
816 
mo_open_write(struct cdrom_device_info * cdi)817 static int mo_open_write(struct cdrom_device_info *cdi)
818 {
819 	struct packet_command cgc;
820 	char buffer[255];
821 	int ret;
822 
823 	init_cdrom_command(&cgc, &buffer, 4, CGC_DATA_READ);
824 	cgc.quiet = 1;
825 
826 	/*
827 	 * obtain write protect information as per
828 	 * drivers/scsi/sd.c:sd_read_write_protect_flag
829 	 */
830 
831 	ret = cdrom_mode_sense(cdi, &cgc, GPMODE_ALL_PAGES, 0);
832 	if (ret)
833 		ret = cdrom_mode_sense(cdi, &cgc, GPMODE_VENDOR_PAGE, 0);
834 	if (ret) {
835 		cgc.buflen = 255;
836 		ret = cdrom_mode_sense(cdi, &cgc, GPMODE_ALL_PAGES, 0);
837 	}
838 
839 	/* drive gave us no info, let the user go ahead */
840 	if (ret)
841 		return 0;
842 
843 	return buffer[3] & 0x80;
844 }
845 
cdrom_ram_open_write(struct cdrom_device_info * cdi)846 static int cdrom_ram_open_write(struct cdrom_device_info *cdi)
847 {
848 	struct rwrt_feature_desc rfd;
849 	int ret;
850 
851 	if ((ret = cdrom_has_defect_mgt(cdi)))
852 		return ret;
853 
854 	if ((ret = cdrom_get_random_writable(cdi, &rfd)))
855 		return ret;
856 	else if (CDF_RWRT == be16_to_cpu(rfd.feature_code))
857 		ret = !rfd.curr;
858 
859 	cd_dbg(CD_OPEN, "can open for random write\n");
860 	return ret;
861 }
862 
cdrom_mmc3_profile(struct cdrom_device_info * cdi)863 static void cdrom_mmc3_profile(struct cdrom_device_info *cdi)
864 {
865 	struct packet_command cgc;
866 	char buffer[32];
867 	int ret, mmc3_profile;
868 
869 	init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
870 
871 	cgc.cmd[0] = GPCMD_GET_CONFIGURATION;
872 	cgc.cmd[1] = 0;
873 	cgc.cmd[2] = cgc.cmd[3] = 0;		/* Starting Feature Number */
874 	cgc.cmd[8] = sizeof(buffer);		/* Allocation Length */
875 	cgc.quiet = 1;
876 
877 	if ((ret = cdi->ops->generic_packet(cdi, &cgc)))
878 		mmc3_profile = 0xffff;
879 	else
880 		mmc3_profile = (buffer[6] << 8) | buffer[7];
881 
882 	cdi->mmc3_profile = mmc3_profile;
883 }
884 
cdrom_is_dvd_rw(struct cdrom_device_info * cdi)885 static int cdrom_is_dvd_rw(struct cdrom_device_info *cdi)
886 {
887 	switch (cdi->mmc3_profile) {
888 	case 0x12:	/* DVD-RAM	*/
889 	case 0x1A:	/* DVD+RW	*/
890 	case 0x43:	/* BD-RE	*/
891 		return 0;
892 	default:
893 		return 1;
894 	}
895 }
896 
897 /*
898  * returns 0 for ok to open write, non-0 to disallow
899  */
cdrom_open_write(struct cdrom_device_info * cdi)900 static int cdrom_open_write(struct cdrom_device_info *cdi)
901 {
902 	int mrw, mrw_write, ram_write;
903 	int ret = 1;
904 
905 	mrw = 0;
906 	if (!cdrom_is_mrw(cdi, &mrw_write))
907 		mrw = 1;
908 
909 	if (CDROM_CAN(CDC_MO_DRIVE))
910 		ram_write = 1;
911 	else
912 		(void) cdrom_is_random_writable(cdi, &ram_write);
913 
914 	if (mrw)
915 		cdi->mask &= ~CDC_MRW;
916 	else
917 		cdi->mask |= CDC_MRW;
918 
919 	if (mrw_write)
920 		cdi->mask &= ~CDC_MRW_W;
921 	else
922 		cdi->mask |= CDC_MRW_W;
923 
924 	if (ram_write)
925 		cdi->mask &= ~CDC_RAM;
926 	else
927 		cdi->mask |= CDC_RAM;
928 
929 	if (CDROM_CAN(CDC_MRW_W))
930 		ret = cdrom_mrw_open_write(cdi);
931 	else if (CDROM_CAN(CDC_DVD_RAM))
932 		ret = cdrom_dvdram_open_write(cdi);
933  	else if (CDROM_CAN(CDC_RAM) &&
934  		 !CDROM_CAN(CDC_CD_R|CDC_CD_RW|CDC_DVD|CDC_DVD_R|CDC_MRW|CDC_MO_DRIVE))
935  		ret = cdrom_ram_open_write(cdi);
936 	else if (CDROM_CAN(CDC_MO_DRIVE))
937 		ret = mo_open_write(cdi);
938 	else if (!cdrom_is_dvd_rw(cdi))
939 		ret = 0;
940 
941 	return ret;
942 }
943 
cdrom_dvd_rw_close_write(struct cdrom_device_info * cdi)944 static void cdrom_dvd_rw_close_write(struct cdrom_device_info *cdi)
945 {
946 	struct packet_command cgc;
947 
948 	if (cdi->mmc3_profile != 0x1a) {
949 		cd_dbg(CD_CLOSE, "%s: No DVD+RW\n", cdi->name);
950 		return;
951 	}
952 
953 	if (!cdi->media_written) {
954 		cd_dbg(CD_CLOSE, "%s: DVD+RW media clean\n", cdi->name);
955 		return;
956 	}
957 
958 	pr_info("%s: dirty DVD+RW media, \"finalizing\"\n", cdi->name);
959 
960 	init_cdrom_command(&cgc, NULL, 0, CGC_DATA_NONE);
961 	cgc.cmd[0] = GPCMD_FLUSH_CACHE;
962 	cgc.timeout = 30*HZ;
963 	cdi->ops->generic_packet(cdi, &cgc);
964 
965 	init_cdrom_command(&cgc, NULL, 0, CGC_DATA_NONE);
966 	cgc.cmd[0] = GPCMD_CLOSE_TRACK;
967 	cgc.timeout = 3000*HZ;
968 	cgc.quiet = 1;
969 	cdi->ops->generic_packet(cdi, &cgc);
970 
971 	init_cdrom_command(&cgc, NULL, 0, CGC_DATA_NONE);
972 	cgc.cmd[0] = GPCMD_CLOSE_TRACK;
973 	cgc.cmd[2] = 2;	 /* Close session */
974 	cgc.quiet = 1;
975 	cgc.timeout = 3000*HZ;
976 	cdi->ops->generic_packet(cdi, &cgc);
977 
978 	cdi->media_written = 0;
979 }
980 
cdrom_close_write(struct cdrom_device_info * cdi)981 static int cdrom_close_write(struct cdrom_device_info *cdi)
982 {
983 #if 0
984 	return cdrom_flush_cache(cdi);
985 #else
986 	return 0;
987 #endif
988 }
989 
990 /* badly broken, I know. Is due for a fixup anytime. */
cdrom_count_tracks(struct cdrom_device_info * cdi,tracktype * tracks)991 static void cdrom_count_tracks(struct cdrom_device_info *cdi, tracktype *tracks)
992 {
993 	struct cdrom_tochdr header;
994 	struct cdrom_tocentry entry;
995 	int ret, i;
996 	tracks->data = 0;
997 	tracks->audio = 0;
998 	tracks->cdi = 0;
999 	tracks->xa = 0;
1000 	tracks->error = 0;
1001 	cd_dbg(CD_COUNT_TRACKS, "entering cdrom_count_tracks\n");
1002 
1003 	if (!CDROM_CAN(CDC_PLAY_AUDIO)) {
1004 		tracks->error = CDS_NO_INFO;
1005 		return;
1006 	}
1007 
1008 	/* Grab the TOC header so we can see how many tracks there are */
1009 	ret = cdi->ops->audio_ioctl(cdi, CDROMREADTOCHDR, &header);
1010 	if (ret) {
1011 		if (ret == -ENOMEDIUM)
1012 			tracks->error = CDS_NO_DISC;
1013 		else
1014 			tracks->error = CDS_NO_INFO;
1015 		return;
1016 	}
1017 	/* check what type of tracks are on this disc */
1018 	entry.cdte_format = CDROM_MSF;
1019 	for (i = header.cdth_trk0; i <= header.cdth_trk1; i++) {
1020 		entry.cdte_track = i;
1021 		if (cdi->ops->audio_ioctl(cdi, CDROMREADTOCENTRY, &entry)) {
1022 			tracks->error = CDS_NO_INFO;
1023 			return;
1024 		}
1025 		if (entry.cdte_ctrl & CDROM_DATA_TRACK) {
1026 			if (entry.cdte_format == 0x10)
1027 				tracks->cdi++;
1028 			else if (entry.cdte_format == 0x20)
1029 				tracks->xa++;
1030 			else
1031 				tracks->data++;
1032 		} else {
1033 			tracks->audio++;
1034 		}
1035 		cd_dbg(CD_COUNT_TRACKS, "track %d: format=%d, ctrl=%d\n",
1036 		       i, entry.cdte_format, entry.cdte_ctrl);
1037 	}
1038 	cd_dbg(CD_COUNT_TRACKS, "disc has %d tracks: %d=audio %d=data %d=Cd-I %d=XA\n",
1039 	       header.cdth_trk1, tracks->audio, tracks->data,
1040 	       tracks->cdi, tracks->xa);
1041 }
1042 
1043 static
open_for_data(struct cdrom_device_info * cdi)1044 int open_for_data(struct cdrom_device_info *cdi)
1045 {
1046 	int ret;
1047 	const struct cdrom_device_ops *cdo = cdi->ops;
1048 	tracktype tracks;
1049 	cd_dbg(CD_OPEN, "entering open_for_data\n");
1050 	/* Check if the driver can report drive status.  If it can, we
1051 	   can do clever things.  If it can't, well, we at least tried! */
1052 	if (cdo->drive_status != NULL) {
1053 		ret = cdo->drive_status(cdi, CDSL_CURRENT);
1054 		cd_dbg(CD_OPEN, "drive_status=%d\n", ret);
1055 		if (ret == CDS_TRAY_OPEN) {
1056 			cd_dbg(CD_OPEN, "the tray is open...\n");
1057 			/* can/may i close it? */
1058 			if (CDROM_CAN(CDC_CLOSE_TRAY) &&
1059 			    cdi->options & CDO_AUTO_CLOSE) {
1060 				cd_dbg(CD_OPEN, "trying to close the tray\n");
1061 				ret=cdo->tray_move(cdi,0);
1062 				if (ret) {
1063 					cd_dbg(CD_OPEN, "bummer. tried to close the tray but failed.\n");
1064 					/* Ignore the error from the low
1065 					level driver.  We don't care why it
1066 					couldn't close the tray.  We only care
1067 					that there is no disc in the drive,
1068 					since that is the _REAL_ problem here.*/
1069 					ret=-ENOMEDIUM;
1070 					goto clean_up_and_return;
1071 				}
1072 			} else {
1073 				cd_dbg(CD_OPEN, "bummer. this drive can't close the tray.\n");
1074 				ret=-ENOMEDIUM;
1075 				goto clean_up_and_return;
1076 			}
1077 			/* Ok, the door should be closed now.. Check again */
1078 			ret = cdo->drive_status(cdi, CDSL_CURRENT);
1079 			if ((ret == CDS_NO_DISC) || (ret==CDS_TRAY_OPEN)) {
1080 				cd_dbg(CD_OPEN, "bummer. the tray is still not closed.\n");
1081 				cd_dbg(CD_OPEN, "tray might not contain a medium\n");
1082 				ret=-ENOMEDIUM;
1083 				goto clean_up_and_return;
1084 			}
1085 			cd_dbg(CD_OPEN, "the tray is now closed\n");
1086 		}
1087 		/* the door should be closed now, check for the disc */
1088 		ret = cdo->drive_status(cdi, CDSL_CURRENT);
1089 		if (ret!=CDS_DISC_OK) {
1090 			ret = -ENOMEDIUM;
1091 			goto clean_up_and_return;
1092 		}
1093 	}
1094 	cdrom_count_tracks(cdi, &tracks);
1095 	if (tracks.error == CDS_NO_DISC) {
1096 		cd_dbg(CD_OPEN, "bummer. no disc.\n");
1097 		ret=-ENOMEDIUM;
1098 		goto clean_up_and_return;
1099 	}
1100 	/* CD-Players which don't use O_NONBLOCK, workman
1101 	 * for example, need bit CDO_CHECK_TYPE cleared! */
1102 	if (tracks.data==0) {
1103 		if (cdi->options & CDO_CHECK_TYPE) {
1104 		    /* give people a warning shot, now that CDO_CHECK_TYPE
1105 		       is the default case! */
1106 		    cd_dbg(CD_OPEN, "bummer. wrong media type.\n");
1107 		    cd_dbg(CD_WARNING, "pid %d must open device O_NONBLOCK!\n",
1108 			   (unsigned int)task_pid_nr(current));
1109 		    ret=-EMEDIUMTYPE;
1110 		    goto clean_up_and_return;
1111 		}
1112 		else {
1113 		    cd_dbg(CD_OPEN, "wrong media type, but CDO_CHECK_TYPE not set\n");
1114 		}
1115 	}
1116 
1117 	cd_dbg(CD_OPEN, "all seems well, opening the devicen");
1118 
1119 	/* all seems well, we can open the device */
1120 	ret = cdo->open(cdi, 0); /* open for data */
1121 	cd_dbg(CD_OPEN, "opening the device gave me %d\n", ret);
1122 	/* After all this careful checking, we shouldn't have problems
1123 	   opening the device, but we don't want the device locked if
1124 	   this somehow fails... */
1125 	if (ret) {
1126 		cd_dbg(CD_OPEN, "open device failed\n");
1127 		goto clean_up_and_return;
1128 	}
1129 	if (CDROM_CAN(CDC_LOCK) && (cdi->options & CDO_LOCK)) {
1130 			cdo->lock_door(cdi, 1);
1131 			cd_dbg(CD_OPEN, "door locked\n");
1132 	}
1133 	cd_dbg(CD_OPEN, "device opened successfully\n");
1134 	return ret;
1135 
1136 	/* Something failed.  Try to unlock the drive, because some drivers
1137 	(notably ide-cd) lock the drive after every command.  This produced
1138 	a nasty bug where after mount failed, the drive would remain locked!
1139 	This ensures that the drive gets unlocked after a mount fails.  This
1140 	is a goto to avoid bloating the driver with redundant code. */
1141 clean_up_and_return:
1142 	cd_dbg(CD_OPEN, "open failed\n");
1143 	if (CDROM_CAN(CDC_LOCK) && cdi->options & CDO_LOCK) {
1144 			cdo->lock_door(cdi, 0);
1145 			cd_dbg(CD_OPEN, "door unlocked\n");
1146 	}
1147 	return ret;
1148 }
1149 
1150 /* We use the open-option O_NONBLOCK to indicate that the
1151  * purpose of opening is only for subsequent ioctl() calls; no device
1152  * integrity checks are performed.
1153  *
1154  * We hope that all cd-player programs will adopt this convention. It
1155  * is in their own interest: device control becomes a lot easier
1156  * this way.
1157  */
cdrom_open(struct cdrom_device_info * cdi,struct block_device * bdev,fmode_t mode)1158 int cdrom_open(struct cdrom_device_info *cdi, struct block_device *bdev,
1159 	       fmode_t mode)
1160 {
1161 	int ret;
1162 
1163 	cd_dbg(CD_OPEN, "entering cdrom_open\n");
1164 
1165 	/* if this was a O_NONBLOCK open and we should honor the flags,
1166 	 * do a quick open without drive/disc integrity checks. */
1167 	cdi->use_count++;
1168 	if ((mode & FMODE_NDELAY) && (cdi->options & CDO_USE_FFLAGS)) {
1169 		ret = cdi->ops->open(cdi, 1);
1170 	} else {
1171 		ret = open_for_data(cdi);
1172 		if (ret)
1173 			goto err;
1174 		if (CDROM_CAN(CDC_GENERIC_PACKET))
1175 			cdrom_mmc3_profile(cdi);
1176 		if (mode & FMODE_WRITE) {
1177 			ret = -EROFS;
1178 			if (cdrom_open_write(cdi))
1179 				goto err_release;
1180 			if (!CDROM_CAN(CDC_RAM))
1181 				goto err_release;
1182 			ret = 0;
1183 			cdi->media_written = 0;
1184 		}
1185 	}
1186 
1187 	if (ret)
1188 		goto err;
1189 
1190 	cd_dbg(CD_OPEN, "Use count for \"/dev/%s\" now %d\n",
1191 	       cdi->name, cdi->use_count);
1192 	return 0;
1193 err_release:
1194 	if (CDROM_CAN(CDC_LOCK) && cdi->options & CDO_LOCK) {
1195 		cdi->ops->lock_door(cdi, 0);
1196 		cd_dbg(CD_OPEN, "door unlocked\n");
1197 	}
1198 	cdi->ops->release(cdi);
1199 err:
1200 	cdi->use_count--;
1201 	return ret;
1202 }
1203 
1204 /* This code is similar to that in open_for_data. The routine is called
1205    whenever an audio play operation is requested.
1206 */
check_for_audio_disc(struct cdrom_device_info * cdi,const struct cdrom_device_ops * cdo)1207 static int check_for_audio_disc(struct cdrom_device_info *cdi,
1208 				const struct cdrom_device_ops *cdo)
1209 {
1210         int ret;
1211 	tracktype tracks;
1212 	cd_dbg(CD_OPEN, "entering check_for_audio_disc\n");
1213 	if (!(cdi->options & CDO_CHECK_TYPE))
1214 		return 0;
1215 	if (cdo->drive_status != NULL) {
1216 		ret = cdo->drive_status(cdi, CDSL_CURRENT);
1217 		cd_dbg(CD_OPEN, "drive_status=%d\n", ret);
1218 		if (ret == CDS_TRAY_OPEN) {
1219 			cd_dbg(CD_OPEN, "the tray is open...\n");
1220 			/* can/may i close it? */
1221 			if (CDROM_CAN(CDC_CLOSE_TRAY) &&
1222 			    cdi->options & CDO_AUTO_CLOSE) {
1223 				cd_dbg(CD_OPEN, "trying to close the tray\n");
1224 				ret=cdo->tray_move(cdi,0);
1225 				if (ret) {
1226 					cd_dbg(CD_OPEN, "bummer. tried to close tray but failed.\n");
1227 					/* Ignore the error from the low
1228 					level driver.  We don't care why it
1229 					couldn't close the tray.  We only care
1230 					that there is no disc in the drive,
1231 					since that is the _REAL_ problem here.*/
1232 					return -ENOMEDIUM;
1233 				}
1234 			} else {
1235 				cd_dbg(CD_OPEN, "bummer. this driver can't close the tray.\n");
1236 				return -ENOMEDIUM;
1237 			}
1238 			/* Ok, the door should be closed now.. Check again */
1239 			ret = cdo->drive_status(cdi, CDSL_CURRENT);
1240 			if ((ret == CDS_NO_DISC) || (ret==CDS_TRAY_OPEN)) {
1241 				cd_dbg(CD_OPEN, "bummer. the tray is still not closed.\n");
1242 				return -ENOMEDIUM;
1243 			}
1244 			if (ret!=CDS_DISC_OK) {
1245 				cd_dbg(CD_OPEN, "bummer. disc isn't ready.\n");
1246 				return -EIO;
1247 			}
1248 			cd_dbg(CD_OPEN, "the tray is now closed\n");
1249 		}
1250 	}
1251 	cdrom_count_tracks(cdi, &tracks);
1252 	if (tracks.error)
1253 		return(tracks.error);
1254 
1255 	if (tracks.audio==0)
1256 		return -EMEDIUMTYPE;
1257 
1258 	return 0;
1259 }
1260 
cdrom_release(struct cdrom_device_info * cdi,fmode_t mode)1261 void cdrom_release(struct cdrom_device_info *cdi, fmode_t mode)
1262 {
1263 	const struct cdrom_device_ops *cdo = cdi->ops;
1264 	int opened_for_data;
1265 
1266 	cd_dbg(CD_CLOSE, "entering cdrom_release\n");
1267 
1268 	if (cdi->use_count > 0)
1269 		cdi->use_count--;
1270 
1271 	if (cdi->use_count == 0) {
1272 		cd_dbg(CD_CLOSE, "Use count for \"/dev/%s\" now zero\n",
1273 		       cdi->name);
1274 		cdrom_dvd_rw_close_write(cdi);
1275 
1276 		if ((cdo->capability & CDC_LOCK) && !cdi->keeplocked) {
1277 			cd_dbg(CD_CLOSE, "Unlocking door!\n");
1278 			cdo->lock_door(cdi, 0);
1279 		}
1280 	}
1281 
1282 	opened_for_data = !(cdi->options & CDO_USE_FFLAGS) ||
1283 		!(mode & FMODE_NDELAY);
1284 
1285 	/*
1286 	 * flush cache on last write release
1287 	 */
1288 	if (CDROM_CAN(CDC_RAM) && !cdi->use_count && cdi->for_data)
1289 		cdrom_close_write(cdi);
1290 
1291 	cdo->release(cdi);
1292 	if (cdi->use_count == 0) {      /* last process that closes dev*/
1293 		if (opened_for_data &&
1294 		    cdi->options & CDO_AUTO_EJECT && CDROM_CAN(CDC_OPEN_TRAY))
1295 			cdo->tray_move(cdi, 1);
1296 	}
1297 }
1298 
cdrom_read_mech_status(struct cdrom_device_info * cdi,struct cdrom_changer_info * buf)1299 static int cdrom_read_mech_status(struct cdrom_device_info *cdi,
1300 				  struct cdrom_changer_info *buf)
1301 {
1302 	struct packet_command cgc;
1303 	const struct cdrom_device_ops *cdo = cdi->ops;
1304 	int length;
1305 
1306 	/*
1307 	 * Sanyo changer isn't spec compliant (doesn't use regular change
1308 	 * LOAD_UNLOAD command, and it doesn't implement the mech status
1309 	 * command below
1310 	 */
1311 	if (cdi->sanyo_slot) {
1312 		buf->hdr.nslots = 3;
1313 		buf->hdr.curslot = cdi->sanyo_slot == 3 ? 0 : cdi->sanyo_slot;
1314 		for (length = 0; length < 3; length++) {
1315 			buf->slots[length].disc_present = 1;
1316 			buf->slots[length].change = 0;
1317 		}
1318 		return 0;
1319 	}
1320 
1321 	length = sizeof(struct cdrom_mechstat_header) +
1322 		 cdi->capacity * sizeof(struct cdrom_slot);
1323 
1324 	init_cdrom_command(&cgc, buf, length, CGC_DATA_READ);
1325 	cgc.cmd[0] = GPCMD_MECHANISM_STATUS;
1326 	cgc.cmd[8] = (length >> 8) & 0xff;
1327 	cgc.cmd[9] = length & 0xff;
1328 	return cdo->generic_packet(cdi, &cgc);
1329 }
1330 
cdrom_slot_status(struct cdrom_device_info * cdi,int slot)1331 static int cdrom_slot_status(struct cdrom_device_info *cdi, int slot)
1332 {
1333 	struct cdrom_changer_info *info;
1334 	int ret;
1335 
1336 	cd_dbg(CD_CHANGER, "entering cdrom_slot_status()\n");
1337 	if (cdi->sanyo_slot)
1338 		return CDS_NO_INFO;
1339 
1340 	info = kmalloc(sizeof(*info), GFP_KERNEL);
1341 	if (!info)
1342 		return -ENOMEM;
1343 
1344 	if ((ret = cdrom_read_mech_status(cdi, info)))
1345 		goto out_free;
1346 
1347 	if (info->slots[slot].disc_present)
1348 		ret = CDS_DISC_OK;
1349 	else
1350 		ret = CDS_NO_DISC;
1351 
1352 out_free:
1353 	kfree(info);
1354 	return ret;
1355 }
1356 
1357 /* Return the number of slots for an ATAPI/SCSI cdrom,
1358  * return 1 if not a changer.
1359  */
cdrom_number_of_slots(struct cdrom_device_info * cdi)1360 int cdrom_number_of_slots(struct cdrom_device_info *cdi)
1361 {
1362 	int status;
1363 	int nslots = 1;
1364 	struct cdrom_changer_info *info;
1365 
1366 	cd_dbg(CD_CHANGER, "entering cdrom_number_of_slots()\n");
1367 	/* cdrom_read_mech_status requires a valid value for capacity: */
1368 	cdi->capacity = 0;
1369 
1370 	info = kmalloc(sizeof(*info), GFP_KERNEL);
1371 	if (!info)
1372 		return -ENOMEM;
1373 
1374 	if ((status = cdrom_read_mech_status(cdi, info)) == 0)
1375 		nslots = info->hdr.nslots;
1376 
1377 	kfree(info);
1378 	return nslots;
1379 }
1380 
1381 
1382 /* If SLOT < 0, unload the current slot.  Otherwise, try to load SLOT. */
cdrom_load_unload(struct cdrom_device_info * cdi,int slot)1383 static int cdrom_load_unload(struct cdrom_device_info *cdi, int slot)
1384 {
1385 	struct packet_command cgc;
1386 
1387 	cd_dbg(CD_CHANGER, "entering cdrom_load_unload()\n");
1388 	if (cdi->sanyo_slot && slot < 0)
1389 		return 0;
1390 
1391 	init_cdrom_command(&cgc, NULL, 0, CGC_DATA_NONE);
1392 	cgc.cmd[0] = GPCMD_LOAD_UNLOAD;
1393 	cgc.cmd[4] = 2 + (slot >= 0);
1394 	cgc.cmd[8] = slot;
1395 	cgc.timeout = 60 * HZ;
1396 
1397 	/* The Sanyo 3 CD changer uses byte 7 of the
1398 	GPCMD_TEST_UNIT_READY to command to switch CDs instead of
1399 	using the GPCMD_LOAD_UNLOAD opcode. */
1400 	if (cdi->sanyo_slot && -1 < slot) {
1401 		cgc.cmd[0] = GPCMD_TEST_UNIT_READY;
1402 		cgc.cmd[7] = slot;
1403 		cgc.cmd[4] = cgc.cmd[8] = 0;
1404 		cdi->sanyo_slot = slot ? slot : 3;
1405 	}
1406 
1407 	return cdi->ops->generic_packet(cdi, &cgc);
1408 }
1409 
cdrom_select_disc(struct cdrom_device_info * cdi,int slot)1410 static int cdrom_select_disc(struct cdrom_device_info *cdi, int slot)
1411 {
1412 	struct cdrom_changer_info *info;
1413 	int curslot;
1414 	int ret;
1415 
1416 	cd_dbg(CD_CHANGER, "entering cdrom_select_disc()\n");
1417 	if (!CDROM_CAN(CDC_SELECT_DISC))
1418 		return -EDRIVE_CANT_DO_THIS;
1419 
1420 	if (cdi->ops->check_events)
1421 		cdi->ops->check_events(cdi, 0, slot);
1422 
1423 	if (slot == CDSL_NONE) {
1424 		/* set media changed bits, on both queues */
1425 		cdi->mc_flags = 0x3;
1426 		return cdrom_load_unload(cdi, -1);
1427 	}
1428 
1429 	info = kmalloc(sizeof(*info), GFP_KERNEL);
1430 	if (!info)
1431 		return -ENOMEM;
1432 
1433 	if ((ret = cdrom_read_mech_status(cdi, info))) {
1434 		kfree(info);
1435 		return ret;
1436 	}
1437 
1438 	curslot = info->hdr.curslot;
1439 	kfree(info);
1440 
1441 	if (cdi->use_count > 1 || cdi->keeplocked) {
1442 		if (slot == CDSL_CURRENT) {
1443 	    		return curslot;
1444 		} else {
1445 			return -EBUSY;
1446 		}
1447 	}
1448 
1449 	/* Specifying CDSL_CURRENT will attempt to load the currnet slot,
1450 	which is useful if it had been previously unloaded.
1451 	Whether it can or not, it returns the current slot.
1452 	Similarly,  if slot happens to be the current one, we still
1453 	try and load it. */
1454 	if (slot == CDSL_CURRENT)
1455 		slot = curslot;
1456 
1457 	/* set media changed bits on both queues */
1458 	cdi->mc_flags = 0x3;
1459 	if ((ret = cdrom_load_unload(cdi, slot)))
1460 		return ret;
1461 
1462 	return slot;
1463 }
1464 
1465 /*
1466  * As cdrom implements an extra ioctl consumer for media changed
1467  * event, it needs to buffer ->check_events() output, such that event
1468  * is not lost for both the usual VFS and ioctl paths.
1469  * cdi->{vfs|ioctl}_events are used to buffer pending events for each
1470  * path.
1471  *
1472  * XXX: Locking is non-existent.  cdi->ops->check_events() can be
1473  * called in parallel and buffering fields are accessed without any
1474  * exclusion.  The original media_changed code had the same problem.
1475  * It might be better to simply deprecate CDROM_MEDIA_CHANGED ioctl
1476  * and remove this cruft altogether.  It doesn't have much usefulness
1477  * at this point.
1478  */
cdrom_update_events(struct cdrom_device_info * cdi,unsigned int clearing)1479 static void cdrom_update_events(struct cdrom_device_info *cdi,
1480 				unsigned int clearing)
1481 {
1482 	unsigned int events;
1483 
1484 	events = cdi->ops->check_events(cdi, clearing, CDSL_CURRENT);
1485 	cdi->vfs_events |= events;
1486 	cdi->ioctl_events |= events;
1487 }
1488 
cdrom_check_events(struct cdrom_device_info * cdi,unsigned int clearing)1489 unsigned int cdrom_check_events(struct cdrom_device_info *cdi,
1490 				unsigned int clearing)
1491 {
1492 	unsigned int events;
1493 
1494 	cdrom_update_events(cdi, clearing);
1495 	events = cdi->vfs_events;
1496 	cdi->vfs_events = 0;
1497 	return events;
1498 }
1499 EXPORT_SYMBOL(cdrom_check_events);
1500 
1501 /* We want to make media_changed accessible to the user through an
1502  * ioctl. The main problem now is that we must double-buffer the
1503  * low-level implementation, to assure that the VFS and the user both
1504  * see a medium change once.
1505  */
1506 
1507 static
media_changed(struct cdrom_device_info * cdi,int queue)1508 int media_changed(struct cdrom_device_info *cdi, int queue)
1509 {
1510 	unsigned int mask = (1 << (queue & 1));
1511 	int ret = !!(cdi->mc_flags & mask);
1512 	bool changed;
1513 
1514 	if (!CDROM_CAN(CDC_MEDIA_CHANGED))
1515 		return ret;
1516 
1517 	/* changed since last call? */
1518 	BUG_ON(!queue);	/* shouldn't be called from VFS path */
1519 	cdrom_update_events(cdi, DISK_EVENT_MEDIA_CHANGE);
1520 	changed = cdi->ioctl_events & DISK_EVENT_MEDIA_CHANGE;
1521 	cdi->ioctl_events = 0;
1522 
1523 	if (changed) {
1524 		cdi->mc_flags = 0x3;    /* set bit on both queues */
1525 		ret |= 1;
1526 		cdi->media_written = 0;
1527 	}
1528 
1529 	cdi->mc_flags &= ~mask;         /* clear bit */
1530 	return ret;
1531 }
1532 
1533 /* Requests to the low-level drivers will /always/ be done in the
1534    following format convention:
1535 
1536    CDROM_LBA: all data-related requests.
1537    CDROM_MSF: all audio-related requests.
1538 
1539    However, a low-level implementation is allowed to refuse this
1540    request, and return information in its own favorite format.
1541 
1542    It doesn't make sense /at all/ to ask for a play_audio in LBA
1543    format, or ask for multi-session info in MSF format. However, for
1544    backward compatibility these format requests will be satisfied, but
1545    the requests to the low-level drivers will be sanitized in the more
1546    meaningful format indicated above.
1547  */
1548 
1549 static
sanitize_format(union cdrom_addr * addr,u_char * curr,u_char requested)1550 void sanitize_format(union cdrom_addr *addr,
1551 		     u_char * curr, u_char requested)
1552 {
1553 	if (*curr == requested)
1554 		return;                 /* nothing to be done! */
1555 	if (requested == CDROM_LBA) {
1556 		addr->lba = (int) addr->msf.frame +
1557 			75 * (addr->msf.second - 2 + 60 * addr->msf.minute);
1558 	} else {                        /* CDROM_MSF */
1559 		int lba = addr->lba;
1560 		addr->msf.frame = lba % 75;
1561 		lba /= 75;
1562 		lba += 2;
1563 		addr->msf.second = lba % 60;
1564 		addr->msf.minute = lba / 60;
1565 	}
1566 	*curr = requested;
1567 }
1568 
init_cdrom_command(struct packet_command * cgc,void * buf,int len,int type)1569 void init_cdrom_command(struct packet_command *cgc, void *buf, int len,
1570 			int type)
1571 {
1572 	memset(cgc, 0, sizeof(struct packet_command));
1573 	if (buf)
1574 		memset(buf, 0, len);
1575 	cgc->buffer = (char *) buf;
1576 	cgc->buflen = len;
1577 	cgc->data_direction = type;
1578 	cgc->timeout = CDROM_DEF_TIMEOUT;
1579 }
1580 
1581 /* DVD handling */
1582 
1583 #define copy_key(dest,src)	memcpy((dest), (src), sizeof(dvd_key))
1584 #define copy_chal(dest,src)	memcpy((dest), (src), sizeof(dvd_challenge))
1585 
setup_report_key(struct packet_command * cgc,unsigned agid,unsigned type)1586 static void setup_report_key(struct packet_command *cgc, unsigned agid, unsigned type)
1587 {
1588 	cgc->cmd[0] = GPCMD_REPORT_KEY;
1589 	cgc->cmd[10] = type | (agid << 6);
1590 	switch (type) {
1591 		case 0: case 8: case 5: {
1592 			cgc->buflen = 8;
1593 			break;
1594 		}
1595 		case 1: {
1596 			cgc->buflen = 16;
1597 			break;
1598 		}
1599 		case 2: case 4: {
1600 			cgc->buflen = 12;
1601 			break;
1602 		}
1603 	}
1604 	cgc->cmd[9] = cgc->buflen;
1605 	cgc->data_direction = CGC_DATA_READ;
1606 }
1607 
setup_send_key(struct packet_command * cgc,unsigned agid,unsigned type)1608 static void setup_send_key(struct packet_command *cgc, unsigned agid, unsigned type)
1609 {
1610 	cgc->cmd[0] = GPCMD_SEND_KEY;
1611 	cgc->cmd[10] = type | (agid << 6);
1612 	switch (type) {
1613 		case 1: {
1614 			cgc->buflen = 16;
1615 			break;
1616 		}
1617 		case 3: {
1618 			cgc->buflen = 12;
1619 			break;
1620 		}
1621 		case 6: {
1622 			cgc->buflen = 8;
1623 			break;
1624 		}
1625 	}
1626 	cgc->cmd[9] = cgc->buflen;
1627 	cgc->data_direction = CGC_DATA_WRITE;
1628 }
1629 
dvd_do_auth(struct cdrom_device_info * cdi,dvd_authinfo * ai)1630 static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai)
1631 {
1632 	int ret;
1633 	u_char buf[20];
1634 	struct packet_command cgc;
1635 	const struct cdrom_device_ops *cdo = cdi->ops;
1636 	rpc_state_t rpc_state;
1637 
1638 	memset(buf, 0, sizeof(buf));
1639 	init_cdrom_command(&cgc, buf, 0, CGC_DATA_READ);
1640 
1641 	switch (ai->type) {
1642 	/* LU data send */
1643 	case DVD_LU_SEND_AGID:
1644 		cd_dbg(CD_DVD, "entering DVD_LU_SEND_AGID\n");
1645 		cgc.quiet = 1;
1646 		setup_report_key(&cgc, ai->lsa.agid, 0);
1647 
1648 		if ((ret = cdo->generic_packet(cdi, &cgc)))
1649 			return ret;
1650 
1651 		ai->lsa.agid = buf[7] >> 6;
1652 		/* Returning data, let host change state */
1653 		break;
1654 
1655 	case DVD_LU_SEND_KEY1:
1656 		cd_dbg(CD_DVD, "entering DVD_LU_SEND_KEY1\n");
1657 		setup_report_key(&cgc, ai->lsk.agid, 2);
1658 
1659 		if ((ret = cdo->generic_packet(cdi, &cgc)))
1660 			return ret;
1661 
1662 		copy_key(ai->lsk.key, &buf[4]);
1663 		/* Returning data, let host change state */
1664 		break;
1665 
1666 	case DVD_LU_SEND_CHALLENGE:
1667 		cd_dbg(CD_DVD, "entering DVD_LU_SEND_CHALLENGE\n");
1668 		setup_report_key(&cgc, ai->lsc.agid, 1);
1669 
1670 		if ((ret = cdo->generic_packet(cdi, &cgc)))
1671 			return ret;
1672 
1673 		copy_chal(ai->lsc.chal, &buf[4]);
1674 		/* Returning data, let host change state */
1675 		break;
1676 
1677 	/* Post-auth key */
1678 	case DVD_LU_SEND_TITLE_KEY:
1679 		cd_dbg(CD_DVD, "entering DVD_LU_SEND_TITLE_KEY\n");
1680 		cgc.quiet = 1;
1681 		setup_report_key(&cgc, ai->lstk.agid, 4);
1682 		cgc.cmd[5] = ai->lstk.lba;
1683 		cgc.cmd[4] = ai->lstk.lba >> 8;
1684 		cgc.cmd[3] = ai->lstk.lba >> 16;
1685 		cgc.cmd[2] = ai->lstk.lba >> 24;
1686 
1687 		if ((ret = cdo->generic_packet(cdi, &cgc)))
1688 			return ret;
1689 
1690 		ai->lstk.cpm = (buf[4] >> 7) & 1;
1691 		ai->lstk.cp_sec = (buf[4] >> 6) & 1;
1692 		ai->lstk.cgms = (buf[4] >> 4) & 3;
1693 		copy_key(ai->lstk.title_key, &buf[5]);
1694 		/* Returning data, let host change state */
1695 		break;
1696 
1697 	case DVD_LU_SEND_ASF:
1698 		cd_dbg(CD_DVD, "entering DVD_LU_SEND_ASF\n");
1699 		setup_report_key(&cgc, ai->lsasf.agid, 5);
1700 
1701 		if ((ret = cdo->generic_packet(cdi, &cgc)))
1702 			return ret;
1703 
1704 		ai->lsasf.asf = buf[7] & 1;
1705 		break;
1706 
1707 	/* LU data receive (LU changes state) */
1708 	case DVD_HOST_SEND_CHALLENGE:
1709 		cd_dbg(CD_DVD, "entering DVD_HOST_SEND_CHALLENGE\n");
1710 		setup_send_key(&cgc, ai->hsc.agid, 1);
1711 		buf[1] = 0xe;
1712 		copy_chal(&buf[4], ai->hsc.chal);
1713 
1714 		if ((ret = cdo->generic_packet(cdi, &cgc)))
1715 			return ret;
1716 
1717 		ai->type = DVD_LU_SEND_KEY1;
1718 		break;
1719 
1720 	case DVD_HOST_SEND_KEY2:
1721 		cd_dbg(CD_DVD, "entering DVD_HOST_SEND_KEY2\n");
1722 		setup_send_key(&cgc, ai->hsk.agid, 3);
1723 		buf[1] = 0xa;
1724 		copy_key(&buf[4], ai->hsk.key);
1725 
1726 		if ((ret = cdo->generic_packet(cdi, &cgc))) {
1727 			ai->type = DVD_AUTH_FAILURE;
1728 			return ret;
1729 		}
1730 		ai->type = DVD_AUTH_ESTABLISHED;
1731 		break;
1732 
1733 	/* Misc */
1734 	case DVD_INVALIDATE_AGID:
1735 		cgc.quiet = 1;
1736 		cd_dbg(CD_DVD, "entering DVD_INVALIDATE_AGID\n");
1737 		setup_report_key(&cgc, ai->lsa.agid, 0x3f);
1738 		if ((ret = cdo->generic_packet(cdi, &cgc)))
1739 			return ret;
1740 		break;
1741 
1742 	/* Get region settings */
1743 	case DVD_LU_SEND_RPC_STATE:
1744 		cd_dbg(CD_DVD, "entering DVD_LU_SEND_RPC_STATE\n");
1745 		setup_report_key(&cgc, 0, 8);
1746 		memset(&rpc_state, 0, sizeof(rpc_state_t));
1747 		cgc.buffer = (char *) &rpc_state;
1748 
1749 		if ((ret = cdo->generic_packet(cdi, &cgc)))
1750 			return ret;
1751 
1752 		ai->lrpcs.type = rpc_state.type_code;
1753 		ai->lrpcs.vra = rpc_state.vra;
1754 		ai->lrpcs.ucca = rpc_state.ucca;
1755 		ai->lrpcs.region_mask = rpc_state.region_mask;
1756 		ai->lrpcs.rpc_scheme = rpc_state.rpc_scheme;
1757 		break;
1758 
1759 	/* Set region settings */
1760 	case DVD_HOST_SEND_RPC_STATE:
1761 		cd_dbg(CD_DVD, "entering DVD_HOST_SEND_RPC_STATE\n");
1762 		setup_send_key(&cgc, 0, 6);
1763 		buf[1] = 6;
1764 		buf[4] = ai->hrpcs.pdrc;
1765 
1766 		if ((ret = cdo->generic_packet(cdi, &cgc)))
1767 			return ret;
1768 		break;
1769 
1770 	default:
1771 		cd_dbg(CD_WARNING, "Invalid DVD key ioctl (%d)\n", ai->type);
1772 		return -ENOTTY;
1773 	}
1774 
1775 	return 0;
1776 }
1777 
dvd_read_physical(struct cdrom_device_info * cdi,dvd_struct * s,struct packet_command * cgc)1778 static int dvd_read_physical(struct cdrom_device_info *cdi, dvd_struct *s,
1779 				struct packet_command *cgc)
1780 {
1781 	unsigned char buf[21], *base;
1782 	struct dvd_layer *layer;
1783 	const struct cdrom_device_ops *cdo = cdi->ops;
1784 	int ret, layer_num = s->physical.layer_num;
1785 
1786 	if (layer_num >= DVD_LAYERS)
1787 		return -EINVAL;
1788 
1789 	init_cdrom_command(cgc, buf, sizeof(buf), CGC_DATA_READ);
1790 	cgc->cmd[0] = GPCMD_READ_DVD_STRUCTURE;
1791 	cgc->cmd[6] = layer_num;
1792 	cgc->cmd[7] = s->type;
1793 	cgc->cmd[9] = cgc->buflen & 0xff;
1794 
1795 	/*
1796 	 * refrain from reporting errors on non-existing layers (mainly)
1797 	 */
1798 	cgc->quiet = 1;
1799 
1800 	ret = cdo->generic_packet(cdi, cgc);
1801 	if (ret)
1802 		return ret;
1803 
1804 	base = &buf[4];
1805 	layer = &s->physical.layer[layer_num];
1806 
1807 	/*
1808 	 * place the data... really ugly, but at least we won't have to
1809 	 * worry about endianess in userspace.
1810 	 */
1811 	memset(layer, 0, sizeof(*layer));
1812 	layer->book_version = base[0] & 0xf;
1813 	layer->book_type = base[0] >> 4;
1814 	layer->min_rate = base[1] & 0xf;
1815 	layer->disc_size = base[1] >> 4;
1816 	layer->layer_type = base[2] & 0xf;
1817 	layer->track_path = (base[2] >> 4) & 1;
1818 	layer->nlayers = (base[2] >> 5) & 3;
1819 	layer->track_density = base[3] & 0xf;
1820 	layer->linear_density = base[3] >> 4;
1821 	layer->start_sector = base[5] << 16 | base[6] << 8 | base[7];
1822 	layer->end_sector = base[9] << 16 | base[10] << 8 | base[11];
1823 	layer->end_sector_l0 = base[13] << 16 | base[14] << 8 | base[15];
1824 	layer->bca = base[16] >> 7;
1825 
1826 	return 0;
1827 }
1828 
dvd_read_copyright(struct cdrom_device_info * cdi,dvd_struct * s,struct packet_command * cgc)1829 static int dvd_read_copyright(struct cdrom_device_info *cdi, dvd_struct *s,
1830 				struct packet_command *cgc)
1831 {
1832 	int ret;
1833 	u_char buf[8];
1834 	const struct cdrom_device_ops *cdo = cdi->ops;
1835 
1836 	init_cdrom_command(cgc, buf, sizeof(buf), CGC_DATA_READ);
1837 	cgc->cmd[0] = GPCMD_READ_DVD_STRUCTURE;
1838 	cgc->cmd[6] = s->copyright.layer_num;
1839 	cgc->cmd[7] = s->type;
1840 	cgc->cmd[8] = cgc->buflen >> 8;
1841 	cgc->cmd[9] = cgc->buflen & 0xff;
1842 
1843 	ret = cdo->generic_packet(cdi, cgc);
1844 	if (ret)
1845 		return ret;
1846 
1847 	s->copyright.cpst = buf[4];
1848 	s->copyright.rmi = buf[5];
1849 
1850 	return 0;
1851 }
1852 
dvd_read_disckey(struct cdrom_device_info * cdi,dvd_struct * s,struct packet_command * cgc)1853 static int dvd_read_disckey(struct cdrom_device_info *cdi, dvd_struct *s,
1854 				struct packet_command *cgc)
1855 {
1856 	int ret, size;
1857 	u_char *buf;
1858 	const struct cdrom_device_ops *cdo = cdi->ops;
1859 
1860 	size = sizeof(s->disckey.value) + 4;
1861 
1862 	buf = kmalloc(size, GFP_KERNEL);
1863 	if (!buf)
1864 		return -ENOMEM;
1865 
1866 	init_cdrom_command(cgc, buf, size, CGC_DATA_READ);
1867 	cgc->cmd[0] = GPCMD_READ_DVD_STRUCTURE;
1868 	cgc->cmd[7] = s->type;
1869 	cgc->cmd[8] = size >> 8;
1870 	cgc->cmd[9] = size & 0xff;
1871 	cgc->cmd[10] = s->disckey.agid << 6;
1872 
1873 	ret = cdo->generic_packet(cdi, cgc);
1874 	if (!ret)
1875 		memcpy(s->disckey.value, &buf[4], sizeof(s->disckey.value));
1876 
1877 	kfree(buf);
1878 	return ret;
1879 }
1880 
dvd_read_bca(struct cdrom_device_info * cdi,dvd_struct * s,struct packet_command * cgc)1881 static int dvd_read_bca(struct cdrom_device_info *cdi, dvd_struct *s,
1882 			struct packet_command *cgc)
1883 {
1884 	int ret, size = 4 + 188;
1885 	u_char *buf;
1886 	const struct cdrom_device_ops *cdo = cdi->ops;
1887 
1888 	buf = kmalloc(size, GFP_KERNEL);
1889 	if (!buf)
1890 		return -ENOMEM;
1891 
1892 	init_cdrom_command(cgc, buf, size, CGC_DATA_READ);
1893 	cgc->cmd[0] = GPCMD_READ_DVD_STRUCTURE;
1894 	cgc->cmd[7] = s->type;
1895 	cgc->cmd[9] = cgc->buflen & 0xff;
1896 
1897 	ret = cdo->generic_packet(cdi, cgc);
1898 	if (ret)
1899 		goto out;
1900 
1901 	s->bca.len = buf[0] << 8 | buf[1];
1902 	if (s->bca.len < 12 || s->bca.len > 188) {
1903 		cd_dbg(CD_WARNING, "Received invalid BCA length (%d)\n",
1904 		       s->bca.len);
1905 		ret = -EIO;
1906 		goto out;
1907 	}
1908 	memcpy(s->bca.value, &buf[4], s->bca.len);
1909 	ret = 0;
1910 out:
1911 	kfree(buf);
1912 	return ret;
1913 }
1914 
dvd_read_manufact(struct cdrom_device_info * cdi,dvd_struct * s,struct packet_command * cgc)1915 static int dvd_read_manufact(struct cdrom_device_info *cdi, dvd_struct *s,
1916 				struct packet_command *cgc)
1917 {
1918 	int ret = 0, size;
1919 	u_char *buf;
1920 	const struct cdrom_device_ops *cdo = cdi->ops;
1921 
1922 	size = sizeof(s->manufact.value) + 4;
1923 
1924 	buf = kmalloc(size, GFP_KERNEL);
1925 	if (!buf)
1926 		return -ENOMEM;
1927 
1928 	init_cdrom_command(cgc, buf, size, CGC_DATA_READ);
1929 	cgc->cmd[0] = GPCMD_READ_DVD_STRUCTURE;
1930 	cgc->cmd[7] = s->type;
1931 	cgc->cmd[8] = size >> 8;
1932 	cgc->cmd[9] = size & 0xff;
1933 
1934 	ret = cdo->generic_packet(cdi, cgc);
1935 	if (ret)
1936 		goto out;
1937 
1938 	s->manufact.len = buf[0] << 8 | buf[1];
1939 	if (s->manufact.len < 0) {
1940 		cd_dbg(CD_WARNING, "Received invalid manufacture info length (%d)\n",
1941 		       s->manufact.len);
1942 		ret = -EIO;
1943 	} else {
1944 		if (s->manufact.len > 2048) {
1945 			cd_dbg(CD_WARNING, "Received invalid manufacture info length (%d): truncating to 2048\n",
1946 			       s->manufact.len);
1947 			s->manufact.len = 2048;
1948 		}
1949 		memcpy(s->manufact.value, &buf[4], s->manufact.len);
1950 	}
1951 
1952 out:
1953 	kfree(buf);
1954 	return ret;
1955 }
1956 
dvd_read_struct(struct cdrom_device_info * cdi,dvd_struct * s,struct packet_command * cgc)1957 static int dvd_read_struct(struct cdrom_device_info *cdi, dvd_struct *s,
1958 				struct packet_command *cgc)
1959 {
1960 	switch (s->type) {
1961 	case DVD_STRUCT_PHYSICAL:
1962 		return dvd_read_physical(cdi, s, cgc);
1963 
1964 	case DVD_STRUCT_COPYRIGHT:
1965 		return dvd_read_copyright(cdi, s, cgc);
1966 
1967 	case DVD_STRUCT_DISCKEY:
1968 		return dvd_read_disckey(cdi, s, cgc);
1969 
1970 	case DVD_STRUCT_BCA:
1971 		return dvd_read_bca(cdi, s, cgc);
1972 
1973 	case DVD_STRUCT_MANUFACT:
1974 		return dvd_read_manufact(cdi, s, cgc);
1975 
1976 	default:
1977 		cd_dbg(CD_WARNING, ": Invalid DVD structure read requested (%d)\n",
1978 		       s->type);
1979 		return -EINVAL;
1980 	}
1981 }
1982 
cdrom_mode_sense(struct cdrom_device_info * cdi,struct packet_command * cgc,int page_code,int page_control)1983 int cdrom_mode_sense(struct cdrom_device_info *cdi,
1984 		     struct packet_command *cgc,
1985 		     int page_code, int page_control)
1986 {
1987 	const struct cdrom_device_ops *cdo = cdi->ops;
1988 
1989 	memset(cgc->cmd, 0, sizeof(cgc->cmd));
1990 
1991 	cgc->cmd[0] = GPCMD_MODE_SENSE_10;
1992 	cgc->cmd[2] = page_code | (page_control << 6);
1993 	cgc->cmd[7] = cgc->buflen >> 8;
1994 	cgc->cmd[8] = cgc->buflen & 0xff;
1995 	cgc->data_direction = CGC_DATA_READ;
1996 	return cdo->generic_packet(cdi, cgc);
1997 }
1998 
cdrom_mode_select(struct cdrom_device_info * cdi,struct packet_command * cgc)1999 int cdrom_mode_select(struct cdrom_device_info *cdi,
2000 		      struct packet_command *cgc)
2001 {
2002 	const struct cdrom_device_ops *cdo = cdi->ops;
2003 
2004 	memset(cgc->cmd, 0, sizeof(cgc->cmd));
2005 	memset(cgc->buffer, 0, 2);
2006 	cgc->cmd[0] = GPCMD_MODE_SELECT_10;
2007 	cgc->cmd[1] = 0x10;		/* PF */
2008 	cgc->cmd[7] = cgc->buflen >> 8;
2009 	cgc->cmd[8] = cgc->buflen & 0xff;
2010 	cgc->data_direction = CGC_DATA_WRITE;
2011 	return cdo->generic_packet(cdi, cgc);
2012 }
2013 
cdrom_read_subchannel(struct cdrom_device_info * cdi,struct cdrom_subchnl * subchnl,int mcn)2014 static int cdrom_read_subchannel(struct cdrom_device_info *cdi,
2015 				 struct cdrom_subchnl *subchnl, int mcn)
2016 {
2017 	const struct cdrom_device_ops *cdo = cdi->ops;
2018 	struct packet_command cgc;
2019 	char buffer[32];
2020 	int ret;
2021 
2022 	init_cdrom_command(&cgc, buffer, 16, CGC_DATA_READ);
2023 	cgc.cmd[0] = GPCMD_READ_SUBCHANNEL;
2024 	cgc.cmd[1] = subchnl->cdsc_format;/* MSF or LBA addressing */
2025 	cgc.cmd[2] = 0x40;  /* request subQ data */
2026 	cgc.cmd[3] = mcn ? 2 : 1;
2027 	cgc.cmd[8] = 16;
2028 
2029 	if ((ret = cdo->generic_packet(cdi, &cgc)))
2030 		return ret;
2031 
2032 	subchnl->cdsc_audiostatus = cgc.buffer[1];
2033 	subchnl->cdsc_ctrl = cgc.buffer[5] & 0xf;
2034 	subchnl->cdsc_trk = cgc.buffer[6];
2035 	subchnl->cdsc_ind = cgc.buffer[7];
2036 
2037 	if (subchnl->cdsc_format == CDROM_LBA) {
2038 		subchnl->cdsc_absaddr.lba = ((cgc.buffer[8] << 24) |
2039 						(cgc.buffer[9] << 16) |
2040 						(cgc.buffer[10] << 8) |
2041 						(cgc.buffer[11]));
2042 		subchnl->cdsc_reladdr.lba = ((cgc.buffer[12] << 24) |
2043 						(cgc.buffer[13] << 16) |
2044 						(cgc.buffer[14] << 8) |
2045 						(cgc.buffer[15]));
2046 	} else {
2047 		subchnl->cdsc_reladdr.msf.minute = cgc.buffer[13];
2048 		subchnl->cdsc_reladdr.msf.second = cgc.buffer[14];
2049 		subchnl->cdsc_reladdr.msf.frame = cgc.buffer[15];
2050 		subchnl->cdsc_absaddr.msf.minute = cgc.buffer[9];
2051 		subchnl->cdsc_absaddr.msf.second = cgc.buffer[10];
2052 		subchnl->cdsc_absaddr.msf.frame = cgc.buffer[11];
2053 	}
2054 
2055 	return 0;
2056 }
2057 
2058 /*
2059  * Specific READ_10 interface
2060  */
cdrom_read_cd(struct cdrom_device_info * cdi,struct packet_command * cgc,int lba,int blocksize,int nblocks)2061 static int cdrom_read_cd(struct cdrom_device_info *cdi,
2062 			 struct packet_command *cgc, int lba,
2063 			 int blocksize, int nblocks)
2064 {
2065 	const struct cdrom_device_ops *cdo = cdi->ops;
2066 
2067 	memset(&cgc->cmd, 0, sizeof(cgc->cmd));
2068 	cgc->cmd[0] = GPCMD_READ_10;
2069 	cgc->cmd[2] = (lba >> 24) & 0xff;
2070 	cgc->cmd[3] = (lba >> 16) & 0xff;
2071 	cgc->cmd[4] = (lba >>  8) & 0xff;
2072 	cgc->cmd[5] = lba & 0xff;
2073 	cgc->cmd[6] = (nblocks >> 16) & 0xff;
2074 	cgc->cmd[7] = (nblocks >>  8) & 0xff;
2075 	cgc->cmd[8] = nblocks & 0xff;
2076 	cgc->buflen = blocksize * nblocks;
2077 	return cdo->generic_packet(cdi, cgc);
2078 }
2079 
2080 /* very generic interface for reading the various types of blocks */
cdrom_read_block(struct cdrom_device_info * cdi,struct packet_command * cgc,int lba,int nblocks,int format,int blksize)2081 static int cdrom_read_block(struct cdrom_device_info *cdi,
2082 			    struct packet_command *cgc,
2083 			    int lba, int nblocks, int format, int blksize)
2084 {
2085 	const struct cdrom_device_ops *cdo = cdi->ops;
2086 
2087 	memset(&cgc->cmd, 0, sizeof(cgc->cmd));
2088 	cgc->cmd[0] = GPCMD_READ_CD;
2089 	/* expected sector size - cdda,mode1,etc. */
2090 	cgc->cmd[1] = format << 2;
2091 	/* starting address */
2092 	cgc->cmd[2] = (lba >> 24) & 0xff;
2093 	cgc->cmd[3] = (lba >> 16) & 0xff;
2094 	cgc->cmd[4] = (lba >>  8) & 0xff;
2095 	cgc->cmd[5] = lba & 0xff;
2096 	/* number of blocks */
2097 	cgc->cmd[6] = (nblocks >> 16) & 0xff;
2098 	cgc->cmd[7] = (nblocks >>  8) & 0xff;
2099 	cgc->cmd[8] = nblocks & 0xff;
2100 	cgc->buflen = blksize * nblocks;
2101 
2102 	/* set the header info returned */
2103 	switch (blksize) {
2104 	case CD_FRAMESIZE_RAW0	: cgc->cmd[9] = 0x58; break;
2105 	case CD_FRAMESIZE_RAW1	: cgc->cmd[9] = 0x78; break;
2106 	case CD_FRAMESIZE_RAW	: cgc->cmd[9] = 0xf8; break;
2107 	default			: cgc->cmd[9] = 0x10;
2108 	}
2109 
2110 	return cdo->generic_packet(cdi, cgc);
2111 }
2112 
cdrom_read_cdda_old(struct cdrom_device_info * cdi,__u8 __user * ubuf,int lba,int nframes)2113 static int cdrom_read_cdda_old(struct cdrom_device_info *cdi, __u8 __user *ubuf,
2114 			       int lba, int nframes)
2115 {
2116 	struct packet_command cgc;
2117 	int ret = 0;
2118 	int nr;
2119 
2120 	cdi->last_sense = 0;
2121 
2122 	memset(&cgc, 0, sizeof(cgc));
2123 
2124 	/*
2125 	 * start with will ra.nframes size, back down if alloc fails
2126 	 */
2127 	nr = nframes;
2128 	do {
2129 		cgc.buffer = kmalloc_array(nr, CD_FRAMESIZE_RAW, GFP_KERNEL);
2130 		if (cgc.buffer)
2131 			break;
2132 
2133 		nr >>= 1;
2134 	} while (nr);
2135 
2136 	if (!nr)
2137 		return -ENOMEM;
2138 
2139 	cgc.data_direction = CGC_DATA_READ;
2140 	while (nframes > 0) {
2141 		if (nr > nframes)
2142 			nr = nframes;
2143 
2144 		ret = cdrom_read_block(cdi, &cgc, lba, nr, 1, CD_FRAMESIZE_RAW);
2145 		if (ret)
2146 			break;
2147 		if (copy_to_user(ubuf, cgc.buffer, CD_FRAMESIZE_RAW * nr)) {
2148 			ret = -EFAULT;
2149 			break;
2150 		}
2151 		ubuf += CD_FRAMESIZE_RAW * nr;
2152 		nframes -= nr;
2153 		lba += nr;
2154 	}
2155 	kfree(cgc.buffer);
2156 	return ret;
2157 }
2158 
cdrom_read_cdda_bpc(struct cdrom_device_info * cdi,__u8 __user * ubuf,int lba,int nframes)2159 static int cdrom_read_cdda_bpc(struct cdrom_device_info *cdi, __u8 __user *ubuf,
2160 			       int lba, int nframes)
2161 {
2162 	struct request_queue *q = cdi->disk->queue;
2163 	struct request *rq;
2164 	struct scsi_request *req;
2165 	struct bio *bio;
2166 	unsigned int len;
2167 	int nr, ret = 0;
2168 
2169 	if (!q)
2170 		return -ENXIO;
2171 
2172 	if (!blk_queue_scsi_passthrough(q)) {
2173 		WARN_ONCE(true,
2174 			  "Attempt read CDDA info through a non-SCSI queue\n");
2175 		return -EINVAL;
2176 	}
2177 
2178 	cdi->last_sense = 0;
2179 
2180 	while (nframes) {
2181 		nr = nframes;
2182 		if (cdi->cdda_method == CDDA_BPC_SINGLE)
2183 			nr = 1;
2184 		if (nr * CD_FRAMESIZE_RAW > (queue_max_sectors(q) << 9))
2185 			nr = (queue_max_sectors(q) << 9) / CD_FRAMESIZE_RAW;
2186 
2187 		len = nr * CD_FRAMESIZE_RAW;
2188 
2189 		rq = blk_get_request(q, REQ_OP_SCSI_IN, 0);
2190 		if (IS_ERR(rq)) {
2191 			ret = PTR_ERR(rq);
2192 			break;
2193 		}
2194 		req = scsi_req(rq);
2195 
2196 		ret = blk_rq_map_user(q, rq, NULL, ubuf, len, GFP_KERNEL);
2197 		if (ret) {
2198 			blk_put_request(rq);
2199 			break;
2200 		}
2201 
2202 		req->cmd[0] = GPCMD_READ_CD;
2203 		req->cmd[1] = 1 << 2;
2204 		req->cmd[2] = (lba >> 24) & 0xff;
2205 		req->cmd[3] = (lba >> 16) & 0xff;
2206 		req->cmd[4] = (lba >>  8) & 0xff;
2207 		req->cmd[5] = lba & 0xff;
2208 		req->cmd[6] = (nr >> 16) & 0xff;
2209 		req->cmd[7] = (nr >>  8) & 0xff;
2210 		req->cmd[8] = nr & 0xff;
2211 		req->cmd[9] = 0xf8;
2212 
2213 		req->cmd_len = 12;
2214 		rq->timeout = 60 * HZ;
2215 		bio = rq->bio;
2216 
2217 		blk_execute_rq(q, cdi->disk, rq, 0);
2218 		if (scsi_req(rq)->result) {
2219 			struct scsi_sense_hdr sshdr;
2220 
2221 			ret = -EIO;
2222 			scsi_normalize_sense(req->sense, req->sense_len,
2223 					     &sshdr);
2224 			cdi->last_sense = sshdr.sense_key;
2225 		}
2226 
2227 		if (blk_rq_unmap_user(bio))
2228 			ret = -EFAULT;
2229 		blk_put_request(rq);
2230 
2231 		if (ret)
2232 			break;
2233 
2234 		nframes -= nr;
2235 		lba += nr;
2236 		ubuf += len;
2237 	}
2238 
2239 	return ret;
2240 }
2241 
cdrom_read_cdda(struct cdrom_device_info * cdi,__u8 __user * ubuf,int lba,int nframes)2242 static int cdrom_read_cdda(struct cdrom_device_info *cdi, __u8 __user *ubuf,
2243 			   int lba, int nframes)
2244 {
2245 	int ret;
2246 
2247 	if (cdi->cdda_method == CDDA_OLD)
2248 		return cdrom_read_cdda_old(cdi, ubuf, lba, nframes);
2249 
2250 retry:
2251 	/*
2252 	 * for anything else than success and io error, we need to retry
2253 	 */
2254 	ret = cdrom_read_cdda_bpc(cdi, ubuf, lba, nframes);
2255 	if (!ret || ret != -EIO)
2256 		return ret;
2257 
2258 	/*
2259 	 * I've seen drives get sense 4/8/3 udma crc errors on multi
2260 	 * frame dma, so drop to single frame dma if we need to
2261 	 */
2262 	if (cdi->cdda_method == CDDA_BPC_FULL && nframes > 1) {
2263 		pr_info("dropping to single frame dma\n");
2264 		cdi->cdda_method = CDDA_BPC_SINGLE;
2265 		goto retry;
2266 	}
2267 
2268 	/*
2269 	 * so we have an io error of some sort with multi frame dma. if the
2270 	 * condition wasn't a hardware error
2271 	 * problems, not for any error
2272 	 */
2273 	if (cdi->last_sense != 0x04 && cdi->last_sense != 0x0b)
2274 		return ret;
2275 
2276 	pr_info("dropping to old style cdda (sense=%x)\n", cdi->last_sense);
2277 	cdi->cdda_method = CDDA_OLD;
2278 	return cdrom_read_cdda_old(cdi, ubuf, lba, nframes);
2279 }
2280 
cdrom_multisession(struct cdrom_device_info * cdi,struct cdrom_multisession * info)2281 int cdrom_multisession(struct cdrom_device_info *cdi,
2282 		struct cdrom_multisession *info)
2283 {
2284 	u8 requested_format;
2285 	int ret;
2286 
2287 	if (!(cdi->ops->capability & CDC_MULTI_SESSION))
2288 		return -ENOSYS;
2289 
2290 	requested_format = info->addr_format;
2291 	if (requested_format != CDROM_MSF && requested_format != CDROM_LBA)
2292 		return -EINVAL;
2293 	info->addr_format = CDROM_LBA;
2294 
2295 	ret = cdi->ops->get_last_session(cdi, info);
2296 	if (!ret)
2297 		sanitize_format(&info->addr, &info->addr_format,
2298 				requested_format);
2299 	return ret;
2300 }
2301 EXPORT_SYMBOL_GPL(cdrom_multisession);
2302 
cdrom_ioctl_multisession(struct cdrom_device_info * cdi,void __user * argp)2303 static int cdrom_ioctl_multisession(struct cdrom_device_info *cdi,
2304 		void __user *argp)
2305 {
2306 	struct cdrom_multisession info;
2307 	int ret;
2308 
2309 	cd_dbg(CD_DO_IOCTL, "entering CDROMMULTISESSION\n");
2310 
2311 	if (copy_from_user(&info, argp, sizeof(info)))
2312 		return -EFAULT;
2313 	ret = cdrom_multisession(cdi, &info);
2314 	if (ret)
2315 		return ret;
2316 	if (copy_to_user(argp, &info, sizeof(info)))
2317 		return -EFAULT;
2318 
2319 	cd_dbg(CD_DO_IOCTL, "CDROMMULTISESSION successful\n");
2320 	return ret;
2321 }
2322 
cdrom_ioctl_eject(struct cdrom_device_info * cdi)2323 static int cdrom_ioctl_eject(struct cdrom_device_info *cdi)
2324 {
2325 	cd_dbg(CD_DO_IOCTL, "entering CDROMEJECT\n");
2326 
2327 	if (!CDROM_CAN(CDC_OPEN_TRAY))
2328 		return -ENOSYS;
2329 	if (cdi->use_count != 1 || cdi->keeplocked)
2330 		return -EBUSY;
2331 	if (CDROM_CAN(CDC_LOCK)) {
2332 		int ret = cdi->ops->lock_door(cdi, 0);
2333 		if (ret)
2334 			return ret;
2335 	}
2336 
2337 	return cdi->ops->tray_move(cdi, 1);
2338 }
2339 
cdrom_ioctl_closetray(struct cdrom_device_info * cdi)2340 static int cdrom_ioctl_closetray(struct cdrom_device_info *cdi)
2341 {
2342 	cd_dbg(CD_DO_IOCTL, "entering CDROMCLOSETRAY\n");
2343 
2344 	if (!CDROM_CAN(CDC_CLOSE_TRAY))
2345 		return -ENOSYS;
2346 	return cdi->ops->tray_move(cdi, 0);
2347 }
2348 
cdrom_ioctl_eject_sw(struct cdrom_device_info * cdi,unsigned long arg)2349 static int cdrom_ioctl_eject_sw(struct cdrom_device_info *cdi,
2350 		unsigned long arg)
2351 {
2352 	cd_dbg(CD_DO_IOCTL, "entering CDROMEJECT_SW\n");
2353 
2354 	if (!CDROM_CAN(CDC_OPEN_TRAY))
2355 		return -ENOSYS;
2356 	if (cdi->keeplocked)
2357 		return -EBUSY;
2358 
2359 	cdi->options &= ~(CDO_AUTO_CLOSE | CDO_AUTO_EJECT);
2360 	if (arg)
2361 		cdi->options |= CDO_AUTO_CLOSE | CDO_AUTO_EJECT;
2362 	return 0;
2363 }
2364 
cdrom_ioctl_media_changed(struct cdrom_device_info * cdi,unsigned long arg)2365 static int cdrom_ioctl_media_changed(struct cdrom_device_info *cdi,
2366 		unsigned long arg)
2367 {
2368 	struct cdrom_changer_info *info;
2369 	int ret;
2370 
2371 	cd_dbg(CD_DO_IOCTL, "entering CDROM_MEDIA_CHANGED\n");
2372 
2373 	if (!CDROM_CAN(CDC_MEDIA_CHANGED))
2374 		return -ENOSYS;
2375 
2376 	/* cannot select disc or select current disc */
2377 	if (!CDROM_CAN(CDC_SELECT_DISC) || arg == CDSL_CURRENT)
2378 		return media_changed(cdi, 1);
2379 
2380 	if (arg >= cdi->capacity)
2381 		return -EINVAL;
2382 
2383 	info = kmalloc(sizeof(*info), GFP_KERNEL);
2384 	if (!info)
2385 		return -ENOMEM;
2386 
2387 	ret = cdrom_read_mech_status(cdi, info);
2388 	if (!ret)
2389 		ret = info->slots[arg].change;
2390 	kfree(info);
2391 	return ret;
2392 }
2393 
cdrom_ioctl_set_options(struct cdrom_device_info * cdi,unsigned long arg)2394 static int cdrom_ioctl_set_options(struct cdrom_device_info *cdi,
2395 		unsigned long arg)
2396 {
2397 	cd_dbg(CD_DO_IOCTL, "entering CDROM_SET_OPTIONS\n");
2398 
2399 	/*
2400 	 * Options need to be in sync with capability.
2401 	 * Too late for that, so we have to check each one separately.
2402 	 */
2403 	switch (arg) {
2404 	case CDO_USE_FFLAGS:
2405 	case CDO_CHECK_TYPE:
2406 		break;
2407 	case CDO_LOCK:
2408 		if (!CDROM_CAN(CDC_LOCK))
2409 			return -ENOSYS;
2410 		break;
2411 	case 0:
2412 		return cdi->options;
2413 	/* default is basically CDO_[AUTO_CLOSE|AUTO_EJECT] */
2414 	default:
2415 		if (!CDROM_CAN(arg))
2416 			return -ENOSYS;
2417 	}
2418 	cdi->options |= (int) arg;
2419 	return cdi->options;
2420 }
2421 
cdrom_ioctl_clear_options(struct cdrom_device_info * cdi,unsigned long arg)2422 static int cdrom_ioctl_clear_options(struct cdrom_device_info *cdi,
2423 		unsigned long arg)
2424 {
2425 	cd_dbg(CD_DO_IOCTL, "entering CDROM_CLEAR_OPTIONS\n");
2426 
2427 	cdi->options &= ~(int) arg;
2428 	return cdi->options;
2429 }
2430 
cdrom_ioctl_select_speed(struct cdrom_device_info * cdi,unsigned long arg)2431 static int cdrom_ioctl_select_speed(struct cdrom_device_info *cdi,
2432 		unsigned long arg)
2433 {
2434 	cd_dbg(CD_DO_IOCTL, "entering CDROM_SELECT_SPEED\n");
2435 
2436 	if (!CDROM_CAN(CDC_SELECT_SPEED))
2437 		return -ENOSYS;
2438 	return cdi->ops->select_speed(cdi, arg);
2439 }
2440 
cdrom_ioctl_select_disc(struct cdrom_device_info * cdi,unsigned long arg)2441 static int cdrom_ioctl_select_disc(struct cdrom_device_info *cdi,
2442 		unsigned long arg)
2443 {
2444 	cd_dbg(CD_DO_IOCTL, "entering CDROM_SELECT_DISC\n");
2445 
2446 	if (!CDROM_CAN(CDC_SELECT_DISC))
2447 		return -ENOSYS;
2448 
2449 	if (arg != CDSL_CURRENT && arg != CDSL_NONE) {
2450 		if (arg >= cdi->capacity)
2451 			return -EINVAL;
2452 	}
2453 
2454 	/*
2455 	 * ->select_disc is a hook to allow a driver-specific way of
2456 	 * seleting disc.  However, since there is no equivalent hook for
2457 	 * cdrom_slot_status this may not actually be useful...
2458 	 */
2459 	if (cdi->ops->select_disc)
2460 		return cdi->ops->select_disc(cdi, arg);
2461 
2462 	cd_dbg(CD_CHANGER, "Using generic cdrom_select_disc()\n");
2463 	return cdrom_select_disc(cdi, arg);
2464 }
2465 
cdrom_ioctl_reset(struct cdrom_device_info * cdi,struct block_device * bdev)2466 static int cdrom_ioctl_reset(struct cdrom_device_info *cdi,
2467 		struct block_device *bdev)
2468 {
2469 	cd_dbg(CD_DO_IOCTL, "entering CDROM_RESET\n");
2470 
2471 	if (!capable(CAP_SYS_ADMIN))
2472 		return -EACCES;
2473 	if (!CDROM_CAN(CDC_RESET))
2474 		return -ENOSYS;
2475 	invalidate_bdev(bdev);
2476 	return cdi->ops->reset(cdi);
2477 }
2478 
cdrom_ioctl_lock_door(struct cdrom_device_info * cdi,unsigned long arg)2479 static int cdrom_ioctl_lock_door(struct cdrom_device_info *cdi,
2480 		unsigned long arg)
2481 {
2482 	cd_dbg(CD_DO_IOCTL, "%socking door\n", arg ? "L" : "Unl");
2483 
2484 	if (!CDROM_CAN(CDC_LOCK))
2485 		return -EDRIVE_CANT_DO_THIS;
2486 
2487 	cdi->keeplocked = arg ? 1 : 0;
2488 
2489 	/*
2490 	 * Don't unlock the door on multiple opens by default, but allow
2491 	 * root to do so.
2492 	 */
2493 	if (cdi->use_count != 1 && !arg && !capable(CAP_SYS_ADMIN))
2494 		return -EBUSY;
2495 	return cdi->ops->lock_door(cdi, arg);
2496 }
2497 
cdrom_ioctl_debug(struct cdrom_device_info * cdi,unsigned long arg)2498 static int cdrom_ioctl_debug(struct cdrom_device_info *cdi,
2499 		unsigned long arg)
2500 {
2501 	cd_dbg(CD_DO_IOCTL, "%sabling debug\n", arg ? "En" : "Dis");
2502 
2503 	if (!capable(CAP_SYS_ADMIN))
2504 		return -EACCES;
2505 	debug = arg ? 1 : 0;
2506 	return debug;
2507 }
2508 
cdrom_ioctl_get_capability(struct cdrom_device_info * cdi)2509 static int cdrom_ioctl_get_capability(struct cdrom_device_info *cdi)
2510 {
2511 	cd_dbg(CD_DO_IOCTL, "entering CDROM_GET_CAPABILITY\n");
2512 	return (cdi->ops->capability & ~cdi->mask);
2513 }
2514 
2515 /*
2516  * The following function is implemented, although very few audio
2517  * discs give Universal Product Code information, which should just be
2518  * the Medium Catalog Number on the box.  Note, that the way the code
2519  * is written on the CD is /not/ uniform across all discs!
2520  */
cdrom_ioctl_get_mcn(struct cdrom_device_info * cdi,void __user * argp)2521 static int cdrom_ioctl_get_mcn(struct cdrom_device_info *cdi,
2522 		void __user *argp)
2523 {
2524 	struct cdrom_mcn mcn;
2525 	int ret;
2526 
2527 	cd_dbg(CD_DO_IOCTL, "entering CDROM_GET_MCN\n");
2528 
2529 	if (!(cdi->ops->capability & CDC_MCN))
2530 		return -ENOSYS;
2531 	ret = cdi->ops->get_mcn(cdi, &mcn);
2532 	if (ret)
2533 		return ret;
2534 
2535 	if (copy_to_user(argp, &mcn, sizeof(mcn)))
2536 		return -EFAULT;
2537 	cd_dbg(CD_DO_IOCTL, "CDROM_GET_MCN successful\n");
2538 	return 0;
2539 }
2540 
cdrom_ioctl_drive_status(struct cdrom_device_info * cdi,unsigned long arg)2541 static int cdrom_ioctl_drive_status(struct cdrom_device_info *cdi,
2542 		unsigned long arg)
2543 {
2544 	cd_dbg(CD_DO_IOCTL, "entering CDROM_DRIVE_STATUS\n");
2545 
2546 	if (!(cdi->ops->capability & CDC_DRIVE_STATUS))
2547 		return -ENOSYS;
2548 	if (!CDROM_CAN(CDC_SELECT_DISC) ||
2549 	    (arg == CDSL_CURRENT || arg == CDSL_NONE))
2550 		return cdi->ops->drive_status(cdi, CDSL_CURRENT);
2551 	if (arg >= cdi->capacity)
2552 		return -EINVAL;
2553 	return cdrom_slot_status(cdi, arg);
2554 }
2555 
2556 /*
2557  * Ok, this is where problems start.  The current interface for the
2558  * CDROM_DISC_STATUS ioctl is flawed.  It makes the false assumption that
2559  * CDs are all CDS_DATA_1 or all CDS_AUDIO, etc.  Unfortunately, while this
2560  * is often the case, it is also very common for CDs to have some tracks
2561  * with data, and some tracks with audio.  Just because I feel like it,
2562  * I declare the following to be the best way to cope.  If the CD has ANY
2563  * data tracks on it, it will be returned as a data CD.  If it has any XA
2564  * tracks, I will return it as that.  Now I could simplify this interface
2565  * by combining these  returns with the above, but this more clearly
2566  * demonstrates the problem with the current interface.  Too bad this
2567  * wasn't designed to use bitmasks...         -Erik
2568  *
2569  * Well, now we have the option CDS_MIXED: a mixed-type CD.
2570  * User level programmers might feel the ioctl is not very useful.
2571  *					---david
2572  */
cdrom_ioctl_disc_status(struct cdrom_device_info * cdi)2573 static int cdrom_ioctl_disc_status(struct cdrom_device_info *cdi)
2574 {
2575 	tracktype tracks;
2576 
2577 	cd_dbg(CD_DO_IOCTL, "entering CDROM_DISC_STATUS\n");
2578 
2579 	cdrom_count_tracks(cdi, &tracks);
2580 	if (tracks.error)
2581 		return tracks.error;
2582 
2583 	/* Policy mode on */
2584 	if (tracks.audio > 0) {
2585 		if (!tracks.data && !tracks.cdi && !tracks.xa)
2586 			return CDS_AUDIO;
2587 		else
2588 			return CDS_MIXED;
2589 	}
2590 
2591 	if (tracks.cdi > 0)
2592 		return CDS_XA_2_2;
2593 	if (tracks.xa > 0)
2594 		return CDS_XA_2_1;
2595 	if (tracks.data > 0)
2596 		return CDS_DATA_1;
2597 	/* Policy mode off */
2598 
2599 	cd_dbg(CD_WARNING, "This disc doesn't have any tracks I recognize!\n");
2600 	return CDS_NO_INFO;
2601 }
2602 
cdrom_ioctl_changer_nslots(struct cdrom_device_info * cdi)2603 static int cdrom_ioctl_changer_nslots(struct cdrom_device_info *cdi)
2604 {
2605 	cd_dbg(CD_DO_IOCTL, "entering CDROM_CHANGER_NSLOTS\n");
2606 	return cdi->capacity;
2607 }
2608 
cdrom_ioctl_get_subchnl(struct cdrom_device_info * cdi,void __user * argp)2609 static int cdrom_ioctl_get_subchnl(struct cdrom_device_info *cdi,
2610 		void __user *argp)
2611 {
2612 	struct cdrom_subchnl q;
2613 	u8 requested, back;
2614 	int ret;
2615 
2616 	/* cd_dbg(CD_DO_IOCTL,"entering CDROMSUBCHNL\n");*/
2617 
2618 	if (copy_from_user(&q, argp, sizeof(q)))
2619 		return -EFAULT;
2620 
2621 	requested = q.cdsc_format;
2622 	if (requested != CDROM_MSF && requested != CDROM_LBA)
2623 		return -EINVAL;
2624 	q.cdsc_format = CDROM_MSF;
2625 
2626 	ret = cdi->ops->audio_ioctl(cdi, CDROMSUBCHNL, &q);
2627 	if (ret)
2628 		return ret;
2629 
2630 	back = q.cdsc_format; /* local copy */
2631 	sanitize_format(&q.cdsc_absaddr, &back, requested);
2632 	sanitize_format(&q.cdsc_reladdr, &q.cdsc_format, requested);
2633 
2634 	if (copy_to_user(argp, &q, sizeof(q)))
2635 		return -EFAULT;
2636 	/* cd_dbg(CD_DO_IOCTL, "CDROMSUBCHNL successful\n"); */
2637 	return 0;
2638 }
2639 
cdrom_ioctl_read_tochdr(struct cdrom_device_info * cdi,void __user * argp)2640 static int cdrom_ioctl_read_tochdr(struct cdrom_device_info *cdi,
2641 		void __user *argp)
2642 {
2643 	struct cdrom_tochdr header;
2644 	int ret;
2645 
2646 	/* cd_dbg(CD_DO_IOCTL, "entering CDROMREADTOCHDR\n"); */
2647 
2648 	if (copy_from_user(&header, argp, sizeof(header)))
2649 		return -EFAULT;
2650 
2651 	ret = cdi->ops->audio_ioctl(cdi, CDROMREADTOCHDR, &header);
2652 	if (ret)
2653 		return ret;
2654 
2655 	if (copy_to_user(argp, &header, sizeof(header)))
2656 		return -EFAULT;
2657 	/* cd_dbg(CD_DO_IOCTL, "CDROMREADTOCHDR successful\n"); */
2658 	return 0;
2659 }
2660 
cdrom_read_tocentry(struct cdrom_device_info * cdi,struct cdrom_tocentry * entry)2661 int cdrom_read_tocentry(struct cdrom_device_info *cdi,
2662 		struct cdrom_tocentry *entry)
2663 {
2664 	u8 requested_format = entry->cdte_format;
2665 	int ret;
2666 
2667 	if (requested_format != CDROM_MSF && requested_format != CDROM_LBA)
2668 		return -EINVAL;
2669 
2670 	/* make interface to low-level uniform */
2671 	entry->cdte_format = CDROM_MSF;
2672 	ret = cdi->ops->audio_ioctl(cdi, CDROMREADTOCENTRY, entry);
2673 	if (!ret)
2674 		sanitize_format(&entry->cdte_addr, &entry->cdte_format,
2675 				requested_format);
2676 	return ret;
2677 }
2678 EXPORT_SYMBOL_GPL(cdrom_read_tocentry);
2679 
cdrom_ioctl_read_tocentry(struct cdrom_device_info * cdi,void __user * argp)2680 static int cdrom_ioctl_read_tocentry(struct cdrom_device_info *cdi,
2681 		void __user *argp)
2682 {
2683 	struct cdrom_tocentry entry;
2684 	int ret;
2685 
2686 	if (copy_from_user(&entry, argp, sizeof(entry)))
2687 		return -EFAULT;
2688 	ret = cdrom_read_tocentry(cdi, &entry);
2689 	if (!ret && copy_to_user(argp, &entry, sizeof(entry)))
2690 		return -EFAULT;
2691 	return ret;
2692 }
2693 
cdrom_ioctl_play_msf(struct cdrom_device_info * cdi,void __user * argp)2694 static int cdrom_ioctl_play_msf(struct cdrom_device_info *cdi,
2695 		void __user *argp)
2696 {
2697 	struct cdrom_msf msf;
2698 
2699 	cd_dbg(CD_DO_IOCTL, "entering CDROMPLAYMSF\n");
2700 
2701 	if (!CDROM_CAN(CDC_PLAY_AUDIO))
2702 		return -ENOSYS;
2703 	if (copy_from_user(&msf, argp, sizeof(msf)))
2704 		return -EFAULT;
2705 	return cdi->ops->audio_ioctl(cdi, CDROMPLAYMSF, &msf);
2706 }
2707 
cdrom_ioctl_play_trkind(struct cdrom_device_info * cdi,void __user * argp)2708 static int cdrom_ioctl_play_trkind(struct cdrom_device_info *cdi,
2709 		void __user *argp)
2710 {
2711 	struct cdrom_ti ti;
2712 	int ret;
2713 
2714 	cd_dbg(CD_DO_IOCTL, "entering CDROMPLAYTRKIND\n");
2715 
2716 	if (!CDROM_CAN(CDC_PLAY_AUDIO))
2717 		return -ENOSYS;
2718 	if (copy_from_user(&ti, argp, sizeof(ti)))
2719 		return -EFAULT;
2720 
2721 	ret = check_for_audio_disc(cdi, cdi->ops);
2722 	if (ret)
2723 		return ret;
2724 	return cdi->ops->audio_ioctl(cdi, CDROMPLAYTRKIND, &ti);
2725 }
cdrom_ioctl_volctrl(struct cdrom_device_info * cdi,void __user * argp)2726 static int cdrom_ioctl_volctrl(struct cdrom_device_info *cdi,
2727 		void __user *argp)
2728 {
2729 	struct cdrom_volctrl volume;
2730 
2731 	cd_dbg(CD_DO_IOCTL, "entering CDROMVOLCTRL\n");
2732 
2733 	if (!CDROM_CAN(CDC_PLAY_AUDIO))
2734 		return -ENOSYS;
2735 	if (copy_from_user(&volume, argp, sizeof(volume)))
2736 		return -EFAULT;
2737 	return cdi->ops->audio_ioctl(cdi, CDROMVOLCTRL, &volume);
2738 }
2739 
cdrom_ioctl_volread(struct cdrom_device_info * cdi,void __user * argp)2740 static int cdrom_ioctl_volread(struct cdrom_device_info *cdi,
2741 		void __user *argp)
2742 {
2743 	struct cdrom_volctrl volume;
2744 	int ret;
2745 
2746 	cd_dbg(CD_DO_IOCTL, "entering CDROMVOLREAD\n");
2747 
2748 	if (!CDROM_CAN(CDC_PLAY_AUDIO))
2749 		return -ENOSYS;
2750 
2751 	ret = cdi->ops->audio_ioctl(cdi, CDROMVOLREAD, &volume);
2752 	if (ret)
2753 		return ret;
2754 
2755 	if (copy_to_user(argp, &volume, sizeof(volume)))
2756 		return -EFAULT;
2757 	return 0;
2758 }
2759 
cdrom_ioctl_audioctl(struct cdrom_device_info * cdi,unsigned int cmd)2760 static int cdrom_ioctl_audioctl(struct cdrom_device_info *cdi,
2761 		unsigned int cmd)
2762 {
2763 	int ret;
2764 
2765 	cd_dbg(CD_DO_IOCTL, "doing audio ioctl (start/stop/pause/resume)\n");
2766 
2767 	if (!CDROM_CAN(CDC_PLAY_AUDIO))
2768 		return -ENOSYS;
2769 	ret = check_for_audio_disc(cdi, cdi->ops);
2770 	if (ret)
2771 		return ret;
2772 	return cdi->ops->audio_ioctl(cdi, cmd, NULL);
2773 }
2774 
2775 /*
2776  * Required when we need to use READ_10 to issue other than 2048 block
2777  * reads
2778  */
cdrom_switch_blocksize(struct cdrom_device_info * cdi,int size)2779 static int cdrom_switch_blocksize(struct cdrom_device_info *cdi, int size)
2780 {
2781 	const struct cdrom_device_ops *cdo = cdi->ops;
2782 	struct packet_command cgc;
2783 	struct modesel_head mh;
2784 
2785 	memset(&mh, 0, sizeof(mh));
2786 	mh.block_desc_length = 0x08;
2787 	mh.block_length_med = (size >> 8) & 0xff;
2788 	mh.block_length_lo = size & 0xff;
2789 
2790 	memset(&cgc, 0, sizeof(cgc));
2791 	cgc.cmd[0] = 0x15;
2792 	cgc.cmd[1] = 1 << 4;
2793 	cgc.cmd[4] = 12;
2794 	cgc.buflen = sizeof(mh);
2795 	cgc.buffer = (char *) &mh;
2796 	cgc.data_direction = CGC_DATA_WRITE;
2797 	mh.block_desc_length = 0x08;
2798 	mh.block_length_med = (size >> 8) & 0xff;
2799 	mh.block_length_lo = size & 0xff;
2800 
2801 	return cdo->generic_packet(cdi, &cgc);
2802 }
2803 
cdrom_get_track_info(struct cdrom_device_info * cdi,__u16 track,__u8 type,track_information * ti)2804 static int cdrom_get_track_info(struct cdrom_device_info *cdi,
2805 				__u16 track, __u8 type, track_information *ti)
2806 {
2807 	const struct cdrom_device_ops *cdo = cdi->ops;
2808 	struct packet_command cgc;
2809 	int ret, buflen;
2810 
2811 	init_cdrom_command(&cgc, ti, 8, CGC_DATA_READ);
2812 	cgc.cmd[0] = GPCMD_READ_TRACK_RZONE_INFO;
2813 	cgc.cmd[1] = type & 3;
2814 	cgc.cmd[4] = (track & 0xff00) >> 8;
2815 	cgc.cmd[5] = track & 0xff;
2816 	cgc.cmd[8] = 8;
2817 	cgc.quiet = 1;
2818 
2819 	ret = cdo->generic_packet(cdi, &cgc);
2820 	if (ret)
2821 		return ret;
2822 
2823 	buflen = be16_to_cpu(ti->track_information_length) +
2824 		sizeof(ti->track_information_length);
2825 
2826 	if (buflen > sizeof(track_information))
2827 		buflen = sizeof(track_information);
2828 
2829 	cgc.cmd[8] = cgc.buflen = buflen;
2830 	ret = cdo->generic_packet(cdi, &cgc);
2831 	if (ret)
2832 		return ret;
2833 
2834 	/* return actual fill size */
2835 	return buflen;
2836 }
2837 
2838 /* return the last written block on the CD-R media. this is for the udf
2839    file system. */
cdrom_get_last_written(struct cdrom_device_info * cdi,long * last_written)2840 int cdrom_get_last_written(struct cdrom_device_info *cdi, long *last_written)
2841 {
2842 	struct cdrom_tocentry toc;
2843 	disc_information di;
2844 	track_information ti;
2845 	__u32 last_track;
2846 	int ret = -1, ti_size;
2847 
2848 	if (!CDROM_CAN(CDC_GENERIC_PACKET))
2849 		goto use_toc;
2850 
2851 	ret = cdrom_get_disc_info(cdi, &di);
2852 	if (ret < (int)(offsetof(typeof(di), last_track_lsb)
2853 			+ sizeof(di.last_track_lsb)))
2854 		goto use_toc;
2855 
2856 	/* if unit didn't return msb, it's zeroed by cdrom_get_disc_info */
2857 	last_track = (di.last_track_msb << 8) | di.last_track_lsb;
2858 	ti_size = cdrom_get_track_info(cdi, last_track, 1, &ti);
2859 	if (ti_size < (int)offsetof(typeof(ti), track_start))
2860 		goto use_toc;
2861 
2862 	/* if this track is blank, try the previous. */
2863 	if (ti.blank) {
2864 		if (last_track == 1)
2865 			goto use_toc;
2866 		last_track--;
2867 		ti_size = cdrom_get_track_info(cdi, last_track, 1, &ti);
2868 	}
2869 
2870 	if (ti_size < (int)(offsetof(typeof(ti), track_size)
2871 				+ sizeof(ti.track_size)))
2872 		goto use_toc;
2873 
2874 	/* if last recorded field is valid, return it. */
2875 	if (ti.lra_v && ti_size >= (int)(offsetof(typeof(ti), last_rec_address)
2876 				+ sizeof(ti.last_rec_address))) {
2877 		*last_written = be32_to_cpu(ti.last_rec_address);
2878 	} else {
2879 		/* make it up instead */
2880 		*last_written = be32_to_cpu(ti.track_start) +
2881 				be32_to_cpu(ti.track_size);
2882 		if (ti.free_blocks)
2883 			*last_written -= (be32_to_cpu(ti.free_blocks) + 7);
2884 	}
2885 	return 0;
2886 
2887 	/* this is where we end up if the drive either can't do a
2888 	   GPCMD_READ_DISC_INFO or GPCMD_READ_TRACK_RZONE_INFO or if
2889 	   it doesn't give enough information or fails. then we return
2890 	   the toc contents. */
2891 use_toc:
2892 	if (!CDROM_CAN(CDC_PLAY_AUDIO))
2893 		return -ENOSYS;
2894 
2895 	toc.cdte_format = CDROM_MSF;
2896 	toc.cdte_track = CDROM_LEADOUT;
2897 	if ((ret = cdi->ops->audio_ioctl(cdi, CDROMREADTOCENTRY, &toc)))
2898 		return ret;
2899 	sanitize_format(&toc.cdte_addr, &toc.cdte_format, CDROM_LBA);
2900 	*last_written = toc.cdte_addr.lba;
2901 	return 0;
2902 }
2903 
2904 /* return the next writable block. also for udf file system. */
cdrom_get_next_writable(struct cdrom_device_info * cdi,long * next_writable)2905 static int cdrom_get_next_writable(struct cdrom_device_info *cdi,
2906 				   long *next_writable)
2907 {
2908 	disc_information di;
2909 	track_information ti;
2910 	__u16 last_track;
2911 	int ret, ti_size;
2912 
2913 	if (!CDROM_CAN(CDC_GENERIC_PACKET))
2914 		goto use_last_written;
2915 
2916 	ret = cdrom_get_disc_info(cdi, &di);
2917 	if (ret < 0 || ret < offsetof(typeof(di), last_track_lsb)
2918 				+ sizeof(di.last_track_lsb))
2919 		goto use_last_written;
2920 
2921 	/* if unit didn't return msb, it's zeroed by cdrom_get_disc_info */
2922 	last_track = (di.last_track_msb << 8) | di.last_track_lsb;
2923 	ti_size = cdrom_get_track_info(cdi, last_track, 1, &ti);
2924 	if (ti_size < 0 || ti_size < offsetof(typeof(ti), track_start))
2925 		goto use_last_written;
2926 
2927 	/* if this track is blank, try the previous. */
2928 	if (ti.blank) {
2929 		if (last_track == 1)
2930 			goto use_last_written;
2931 		last_track--;
2932 		ti_size = cdrom_get_track_info(cdi, last_track, 1, &ti);
2933 		if (ti_size < 0)
2934 			goto use_last_written;
2935 	}
2936 
2937 	/* if next recordable address field is valid, use it. */
2938 	if (ti.nwa_v && ti_size >= offsetof(typeof(ti), next_writable)
2939 				+ sizeof(ti.next_writable)) {
2940 		*next_writable = be32_to_cpu(ti.next_writable);
2941 		return 0;
2942 	}
2943 
2944 use_last_written:
2945 	ret = cdrom_get_last_written(cdi, next_writable);
2946 	if (ret) {
2947 		*next_writable = 0;
2948 		return ret;
2949 	} else {
2950 		*next_writable += 7;
2951 		return 0;
2952 	}
2953 }
2954 
mmc_ioctl_cdrom_read_data(struct cdrom_device_info * cdi,void __user * arg,struct packet_command * cgc,int cmd)2955 static noinline int mmc_ioctl_cdrom_read_data(struct cdrom_device_info *cdi,
2956 					      void __user *arg,
2957 					      struct packet_command *cgc,
2958 					      int cmd)
2959 {
2960 	struct scsi_sense_hdr sshdr;
2961 	struct cdrom_msf msf;
2962 	int blocksize = 0, format = 0, lba;
2963 	int ret;
2964 
2965 	switch (cmd) {
2966 	case CDROMREADRAW:
2967 		blocksize = CD_FRAMESIZE_RAW;
2968 		break;
2969 	case CDROMREADMODE1:
2970 		blocksize = CD_FRAMESIZE;
2971 		format = 2;
2972 		break;
2973 	case CDROMREADMODE2:
2974 		blocksize = CD_FRAMESIZE_RAW0;
2975 		break;
2976 	}
2977 	if (copy_from_user(&msf, (struct cdrom_msf __user *)arg, sizeof(msf)))
2978 		return -EFAULT;
2979 	lba = msf_to_lba(msf.cdmsf_min0, msf.cdmsf_sec0, msf.cdmsf_frame0);
2980 	/* FIXME: we need upper bound checking, too!! */
2981 	if (lba < 0)
2982 		return -EINVAL;
2983 
2984 	cgc->buffer = kzalloc(blocksize, GFP_KERNEL);
2985 	if (cgc->buffer == NULL)
2986 		return -ENOMEM;
2987 
2988 	memset(&sshdr, 0, sizeof(sshdr));
2989 	cgc->sshdr = &sshdr;
2990 	cgc->data_direction = CGC_DATA_READ;
2991 	ret = cdrom_read_block(cdi, cgc, lba, 1, format, blocksize);
2992 	if (ret && sshdr.sense_key == 0x05 &&
2993 	    sshdr.asc == 0x20 &&
2994 	    sshdr.ascq == 0x00) {
2995 		/*
2996 		 * SCSI-II devices are not required to support
2997 		 * READ_CD, so let's try switching block size
2998 		 */
2999 		/* FIXME: switch back again... */
3000 		ret = cdrom_switch_blocksize(cdi, blocksize);
3001 		if (ret)
3002 			goto out;
3003 		cgc->sshdr = NULL;
3004 		ret = cdrom_read_cd(cdi, cgc, lba, blocksize, 1);
3005 		ret |= cdrom_switch_blocksize(cdi, blocksize);
3006 	}
3007 	if (!ret && copy_to_user(arg, cgc->buffer, blocksize))
3008 		ret = -EFAULT;
3009 out:
3010 	kfree(cgc->buffer);
3011 	return ret;
3012 }
3013 
mmc_ioctl_cdrom_read_audio(struct cdrom_device_info * cdi,void __user * arg)3014 static noinline int mmc_ioctl_cdrom_read_audio(struct cdrom_device_info *cdi,
3015 					       void __user *arg)
3016 {
3017 	struct cdrom_read_audio ra;
3018 	int lba;
3019 
3020 #ifdef CONFIG_COMPAT
3021 	if (in_compat_syscall()) {
3022 		struct compat_cdrom_read_audio {
3023 			union cdrom_addr	addr;
3024 			u8			addr_format;
3025 			compat_int_t		nframes;
3026 			compat_caddr_t		buf;
3027 		} ra32;
3028 
3029 		if (copy_from_user(&ra32, arg, sizeof(ra32)))
3030 			return -EFAULT;
3031 
3032 		ra = (struct cdrom_read_audio) {
3033 			.addr		= ra32.addr,
3034 			.addr_format	= ra32.addr_format,
3035 			.nframes	= ra32.nframes,
3036 			.buf		= compat_ptr(ra32.buf),
3037 		};
3038 	} else
3039 #endif
3040 	{
3041 		if (copy_from_user(&ra, (struct cdrom_read_audio __user *)arg,
3042 				   sizeof(ra)))
3043 			return -EFAULT;
3044 	}
3045 
3046 	if (ra.addr_format == CDROM_MSF)
3047 		lba = msf_to_lba(ra.addr.msf.minute,
3048 				 ra.addr.msf.second,
3049 				 ra.addr.msf.frame);
3050 	else if (ra.addr_format == CDROM_LBA)
3051 		lba = ra.addr.lba;
3052 	else
3053 		return -EINVAL;
3054 
3055 	/* FIXME: we need upper bound checking, too!! */
3056 	if (lba < 0 || ra.nframes <= 0 || ra.nframes > CD_FRAMES)
3057 		return -EINVAL;
3058 
3059 	return cdrom_read_cdda(cdi, ra.buf, lba, ra.nframes);
3060 }
3061 
mmc_ioctl_cdrom_subchannel(struct cdrom_device_info * cdi,void __user * arg)3062 static noinline int mmc_ioctl_cdrom_subchannel(struct cdrom_device_info *cdi,
3063 					       void __user *arg)
3064 {
3065 	int ret;
3066 	struct cdrom_subchnl q;
3067 	u_char requested, back;
3068 	if (copy_from_user(&q, (struct cdrom_subchnl __user *)arg, sizeof(q)))
3069 		return -EFAULT;
3070 	requested = q.cdsc_format;
3071 	if (!((requested == CDROM_MSF) ||
3072 	      (requested == CDROM_LBA)))
3073 		return -EINVAL;
3074 
3075 	ret = cdrom_read_subchannel(cdi, &q, 0);
3076 	if (ret)
3077 		return ret;
3078 	back = q.cdsc_format; /* local copy */
3079 	sanitize_format(&q.cdsc_absaddr, &back, requested);
3080 	sanitize_format(&q.cdsc_reladdr, &q.cdsc_format, requested);
3081 	if (copy_to_user((struct cdrom_subchnl __user *)arg, &q, sizeof(q)))
3082 		return -EFAULT;
3083 	/* cd_dbg(CD_DO_IOCTL, "CDROMSUBCHNL successful\n"); */
3084 	return 0;
3085 }
3086 
mmc_ioctl_cdrom_play_msf(struct cdrom_device_info * cdi,void __user * arg,struct packet_command * cgc)3087 static noinline int mmc_ioctl_cdrom_play_msf(struct cdrom_device_info *cdi,
3088 					     void __user *arg,
3089 					     struct packet_command *cgc)
3090 {
3091 	const struct cdrom_device_ops *cdo = cdi->ops;
3092 	struct cdrom_msf msf;
3093 	cd_dbg(CD_DO_IOCTL, "entering CDROMPLAYMSF\n");
3094 	if (copy_from_user(&msf, (struct cdrom_msf __user *)arg, sizeof(msf)))
3095 		return -EFAULT;
3096 	cgc->cmd[0] = GPCMD_PLAY_AUDIO_MSF;
3097 	cgc->cmd[3] = msf.cdmsf_min0;
3098 	cgc->cmd[4] = msf.cdmsf_sec0;
3099 	cgc->cmd[5] = msf.cdmsf_frame0;
3100 	cgc->cmd[6] = msf.cdmsf_min1;
3101 	cgc->cmd[7] = msf.cdmsf_sec1;
3102 	cgc->cmd[8] = msf.cdmsf_frame1;
3103 	cgc->data_direction = CGC_DATA_NONE;
3104 	return cdo->generic_packet(cdi, cgc);
3105 }
3106 
mmc_ioctl_cdrom_play_blk(struct cdrom_device_info * cdi,void __user * arg,struct packet_command * cgc)3107 static noinline int mmc_ioctl_cdrom_play_blk(struct cdrom_device_info *cdi,
3108 					     void __user *arg,
3109 					     struct packet_command *cgc)
3110 {
3111 	const struct cdrom_device_ops *cdo = cdi->ops;
3112 	struct cdrom_blk blk;
3113 	cd_dbg(CD_DO_IOCTL, "entering CDROMPLAYBLK\n");
3114 	if (copy_from_user(&blk, (struct cdrom_blk __user *)arg, sizeof(blk)))
3115 		return -EFAULT;
3116 	cgc->cmd[0] = GPCMD_PLAY_AUDIO_10;
3117 	cgc->cmd[2] = (blk.from >> 24) & 0xff;
3118 	cgc->cmd[3] = (blk.from >> 16) & 0xff;
3119 	cgc->cmd[4] = (blk.from >>  8) & 0xff;
3120 	cgc->cmd[5] = blk.from & 0xff;
3121 	cgc->cmd[7] = (blk.len >> 8) & 0xff;
3122 	cgc->cmd[8] = blk.len & 0xff;
3123 	cgc->data_direction = CGC_DATA_NONE;
3124 	return cdo->generic_packet(cdi, cgc);
3125 }
3126 
mmc_ioctl_cdrom_volume(struct cdrom_device_info * cdi,void __user * arg,struct packet_command * cgc,unsigned int cmd)3127 static noinline int mmc_ioctl_cdrom_volume(struct cdrom_device_info *cdi,
3128 					   void __user *arg,
3129 					   struct packet_command *cgc,
3130 					   unsigned int cmd)
3131 {
3132 	struct cdrom_volctrl volctrl;
3133 	unsigned char buffer[32];
3134 	char mask[sizeof(buffer)];
3135 	unsigned short offset;
3136 	int ret;
3137 
3138 	cd_dbg(CD_DO_IOCTL, "entering CDROMVOLUME\n");
3139 
3140 	if (copy_from_user(&volctrl, (struct cdrom_volctrl __user *)arg,
3141 			   sizeof(volctrl)))
3142 		return -EFAULT;
3143 
3144 	cgc->buffer = buffer;
3145 	cgc->buflen = 24;
3146 	ret = cdrom_mode_sense(cdi, cgc, GPMODE_AUDIO_CTL_PAGE, 0);
3147 	if (ret)
3148 		return ret;
3149 
3150 	/* originally the code depended on buffer[1] to determine
3151 	   how much data is available for transfer. buffer[1] is
3152 	   unfortunately ambigious and the only reliable way seem
3153 	   to be to simply skip over the block descriptor... */
3154 	offset = 8 + be16_to_cpu(*(__be16 *)(buffer + 6));
3155 
3156 	if (offset + 16 > sizeof(buffer))
3157 		return -E2BIG;
3158 
3159 	if (offset + 16 > cgc->buflen) {
3160 		cgc->buflen = offset + 16;
3161 		ret = cdrom_mode_sense(cdi, cgc,
3162 				       GPMODE_AUDIO_CTL_PAGE, 0);
3163 		if (ret)
3164 			return ret;
3165 	}
3166 
3167 	/* sanity check */
3168 	if ((buffer[offset] & 0x3f) != GPMODE_AUDIO_CTL_PAGE ||
3169 	    buffer[offset + 1] < 14)
3170 		return -EINVAL;
3171 
3172 	/* now we have the current volume settings. if it was only
3173 	   a CDROMVOLREAD, return these values */
3174 	if (cmd == CDROMVOLREAD) {
3175 		volctrl.channel0 = buffer[offset+9];
3176 		volctrl.channel1 = buffer[offset+11];
3177 		volctrl.channel2 = buffer[offset+13];
3178 		volctrl.channel3 = buffer[offset+15];
3179 		if (copy_to_user((struct cdrom_volctrl __user *)arg, &volctrl,
3180 				 sizeof(volctrl)))
3181 			return -EFAULT;
3182 		return 0;
3183 	}
3184 
3185 	/* get the volume mask */
3186 	cgc->buffer = mask;
3187 	ret = cdrom_mode_sense(cdi, cgc, GPMODE_AUDIO_CTL_PAGE, 1);
3188 	if (ret)
3189 		return ret;
3190 
3191 	buffer[offset + 9]  = volctrl.channel0 & mask[offset + 9];
3192 	buffer[offset + 11] = volctrl.channel1 & mask[offset + 11];
3193 	buffer[offset + 13] = volctrl.channel2 & mask[offset + 13];
3194 	buffer[offset + 15] = volctrl.channel3 & mask[offset + 15];
3195 
3196 	/* set volume */
3197 	cgc->buffer = buffer + offset - 8;
3198 	memset(cgc->buffer, 0, 8);
3199 	return cdrom_mode_select(cdi, cgc);
3200 }
3201 
mmc_ioctl_cdrom_start_stop(struct cdrom_device_info * cdi,struct packet_command * cgc,int cmd)3202 static noinline int mmc_ioctl_cdrom_start_stop(struct cdrom_device_info *cdi,
3203 					       struct packet_command *cgc,
3204 					       int cmd)
3205 {
3206 	const struct cdrom_device_ops *cdo = cdi->ops;
3207 	cd_dbg(CD_DO_IOCTL, "entering CDROMSTART/CDROMSTOP\n");
3208 	cgc->cmd[0] = GPCMD_START_STOP_UNIT;
3209 	cgc->cmd[1] = 1;
3210 	cgc->cmd[4] = (cmd == CDROMSTART) ? 1 : 0;
3211 	cgc->data_direction = CGC_DATA_NONE;
3212 	return cdo->generic_packet(cdi, cgc);
3213 }
3214 
mmc_ioctl_cdrom_pause_resume(struct cdrom_device_info * cdi,struct packet_command * cgc,int cmd)3215 static noinline int mmc_ioctl_cdrom_pause_resume(struct cdrom_device_info *cdi,
3216 						 struct packet_command *cgc,
3217 						 int cmd)
3218 {
3219 	const struct cdrom_device_ops *cdo = cdi->ops;
3220 	cd_dbg(CD_DO_IOCTL, "entering CDROMPAUSE/CDROMRESUME\n");
3221 	cgc->cmd[0] = GPCMD_PAUSE_RESUME;
3222 	cgc->cmd[8] = (cmd == CDROMRESUME) ? 1 : 0;
3223 	cgc->data_direction = CGC_DATA_NONE;
3224 	return cdo->generic_packet(cdi, cgc);
3225 }
3226 
mmc_ioctl_dvd_read_struct(struct cdrom_device_info * cdi,void __user * arg,struct packet_command * cgc)3227 static noinline int mmc_ioctl_dvd_read_struct(struct cdrom_device_info *cdi,
3228 					      void __user *arg,
3229 					      struct packet_command *cgc)
3230 {
3231 	int ret;
3232 	dvd_struct *s;
3233 	int size = sizeof(dvd_struct);
3234 
3235 	if (!CDROM_CAN(CDC_DVD))
3236 		return -ENOSYS;
3237 
3238 	s = memdup_user(arg, size);
3239 	if (IS_ERR(s))
3240 		return PTR_ERR(s);
3241 
3242 	cd_dbg(CD_DO_IOCTL, "entering DVD_READ_STRUCT\n");
3243 
3244 	ret = dvd_read_struct(cdi, s, cgc);
3245 	if (ret)
3246 		goto out;
3247 
3248 	if (copy_to_user(arg, s, size))
3249 		ret = -EFAULT;
3250 out:
3251 	kfree(s);
3252 	return ret;
3253 }
3254 
mmc_ioctl_dvd_auth(struct cdrom_device_info * cdi,void __user * arg)3255 static noinline int mmc_ioctl_dvd_auth(struct cdrom_device_info *cdi,
3256 				       void __user *arg)
3257 {
3258 	int ret;
3259 	dvd_authinfo ai;
3260 	if (!CDROM_CAN(CDC_DVD))
3261 		return -ENOSYS;
3262 	cd_dbg(CD_DO_IOCTL, "entering DVD_AUTH\n");
3263 	if (copy_from_user(&ai, (dvd_authinfo __user *)arg, sizeof(ai)))
3264 		return -EFAULT;
3265 	ret = dvd_do_auth(cdi, &ai);
3266 	if (ret)
3267 		return ret;
3268 	if (copy_to_user((dvd_authinfo __user *)arg, &ai, sizeof(ai)))
3269 		return -EFAULT;
3270 	return 0;
3271 }
3272 
mmc_ioctl_cdrom_next_writable(struct cdrom_device_info * cdi,void __user * arg)3273 static noinline int mmc_ioctl_cdrom_next_writable(struct cdrom_device_info *cdi,
3274 						  void __user *arg)
3275 {
3276 	int ret;
3277 	long next = 0;
3278 	cd_dbg(CD_DO_IOCTL, "entering CDROM_NEXT_WRITABLE\n");
3279 	ret = cdrom_get_next_writable(cdi, &next);
3280 	if (ret)
3281 		return ret;
3282 	if (copy_to_user((long __user *)arg, &next, sizeof(next)))
3283 		return -EFAULT;
3284 	return 0;
3285 }
3286 
mmc_ioctl_cdrom_last_written(struct cdrom_device_info * cdi,void __user * arg)3287 static noinline int mmc_ioctl_cdrom_last_written(struct cdrom_device_info *cdi,
3288 						 void __user *arg)
3289 {
3290 	int ret;
3291 	long last = 0;
3292 	cd_dbg(CD_DO_IOCTL, "entering CDROM_LAST_WRITTEN\n");
3293 	ret = cdrom_get_last_written(cdi, &last);
3294 	if (ret)
3295 		return ret;
3296 	if (in_compat_syscall())
3297 		return put_user(last, (__s32 __user *)arg);
3298 
3299 	return put_user(last, (long __user *)arg);
3300 }
3301 
mmc_ioctl(struct cdrom_device_info * cdi,unsigned int cmd,unsigned long arg)3302 static int mmc_ioctl(struct cdrom_device_info *cdi, unsigned int cmd,
3303 		     unsigned long arg)
3304 {
3305 	struct packet_command cgc;
3306 	void __user *userptr = (void __user *)arg;
3307 
3308 	memset(&cgc, 0, sizeof(cgc));
3309 
3310 	/* build a unified command and queue it through
3311 	   cdo->generic_packet() */
3312 	switch (cmd) {
3313 	case CDROMREADRAW:
3314 	case CDROMREADMODE1:
3315 	case CDROMREADMODE2:
3316 		return mmc_ioctl_cdrom_read_data(cdi, userptr, &cgc, cmd);
3317 	case CDROMREADAUDIO:
3318 		return mmc_ioctl_cdrom_read_audio(cdi, userptr);
3319 	case CDROMSUBCHNL:
3320 		return mmc_ioctl_cdrom_subchannel(cdi, userptr);
3321 	case CDROMPLAYMSF:
3322 		return mmc_ioctl_cdrom_play_msf(cdi, userptr, &cgc);
3323 	case CDROMPLAYBLK:
3324 		return mmc_ioctl_cdrom_play_blk(cdi, userptr, &cgc);
3325 	case CDROMVOLCTRL:
3326 	case CDROMVOLREAD:
3327 		return mmc_ioctl_cdrom_volume(cdi, userptr, &cgc, cmd);
3328 	case CDROMSTART:
3329 	case CDROMSTOP:
3330 		return mmc_ioctl_cdrom_start_stop(cdi, &cgc, cmd);
3331 	case CDROMPAUSE:
3332 	case CDROMRESUME:
3333 		return mmc_ioctl_cdrom_pause_resume(cdi, &cgc, cmd);
3334 	case DVD_READ_STRUCT:
3335 		return mmc_ioctl_dvd_read_struct(cdi, userptr, &cgc);
3336 	case DVD_AUTH:
3337 		return mmc_ioctl_dvd_auth(cdi, userptr);
3338 	case CDROM_NEXT_WRITABLE:
3339 		return mmc_ioctl_cdrom_next_writable(cdi, userptr);
3340 	case CDROM_LAST_WRITTEN:
3341 		return mmc_ioctl_cdrom_last_written(cdi, userptr);
3342 	}
3343 
3344 	return -ENOTTY;
3345 }
3346 
3347 /*
3348  * Just about every imaginable ioctl is supported in the Uniform layer
3349  * these days.
3350  * ATAPI / SCSI specific code now mainly resides in mmc_ioctl().
3351  */
cdrom_ioctl(struct cdrom_device_info * cdi,struct block_device * bdev,fmode_t mode,unsigned int cmd,unsigned long arg)3352 int cdrom_ioctl(struct cdrom_device_info *cdi, struct block_device *bdev,
3353 		fmode_t mode, unsigned int cmd, unsigned long arg)
3354 {
3355 	void __user *argp = (void __user *)arg;
3356 	int ret;
3357 
3358 	/*
3359 	 * Try the generic SCSI command ioctl's first.
3360 	 */
3361 	ret = scsi_cmd_blk_ioctl(bdev, mode, cmd, argp);
3362 	if (ret != -ENOTTY)
3363 		return ret;
3364 
3365 	switch (cmd) {
3366 	case CDROMMULTISESSION:
3367 		return cdrom_ioctl_multisession(cdi, argp);
3368 	case CDROMEJECT:
3369 		return cdrom_ioctl_eject(cdi);
3370 	case CDROMCLOSETRAY:
3371 		return cdrom_ioctl_closetray(cdi);
3372 	case CDROMEJECT_SW:
3373 		return cdrom_ioctl_eject_sw(cdi, arg);
3374 	case CDROM_MEDIA_CHANGED:
3375 		return cdrom_ioctl_media_changed(cdi, arg);
3376 	case CDROM_SET_OPTIONS:
3377 		return cdrom_ioctl_set_options(cdi, arg);
3378 	case CDROM_CLEAR_OPTIONS:
3379 		return cdrom_ioctl_clear_options(cdi, arg);
3380 	case CDROM_SELECT_SPEED:
3381 		return cdrom_ioctl_select_speed(cdi, arg);
3382 	case CDROM_SELECT_DISC:
3383 		return cdrom_ioctl_select_disc(cdi, arg);
3384 	case CDROMRESET:
3385 		return cdrom_ioctl_reset(cdi, bdev);
3386 	case CDROM_LOCKDOOR:
3387 		return cdrom_ioctl_lock_door(cdi, arg);
3388 	case CDROM_DEBUG:
3389 		return cdrom_ioctl_debug(cdi, arg);
3390 	case CDROM_GET_CAPABILITY:
3391 		return cdrom_ioctl_get_capability(cdi);
3392 	case CDROM_GET_MCN:
3393 		return cdrom_ioctl_get_mcn(cdi, argp);
3394 	case CDROM_DRIVE_STATUS:
3395 		return cdrom_ioctl_drive_status(cdi, arg);
3396 	case CDROM_DISC_STATUS:
3397 		return cdrom_ioctl_disc_status(cdi);
3398 	case CDROM_CHANGER_NSLOTS:
3399 		return cdrom_ioctl_changer_nslots(cdi);
3400 	}
3401 
3402 	/*
3403 	 * Use the ioctls that are implemented through the generic_packet()
3404 	 * interface. this may look at bit funny, but if -ENOTTY is
3405 	 * returned that particular ioctl is not implemented and we
3406 	 * let it go through the device specific ones.
3407 	 */
3408 	if (CDROM_CAN(CDC_GENERIC_PACKET)) {
3409 		ret = mmc_ioctl(cdi, cmd, arg);
3410 		if (ret != -ENOTTY)
3411 			return ret;
3412 	}
3413 
3414 	/*
3415 	 * Note: most of the cd_dbg() calls are commented out here,
3416 	 * because they fill up the sys log when CD players poll
3417 	 * the drive.
3418 	 */
3419 	switch (cmd) {
3420 	case CDROMSUBCHNL:
3421 		return cdrom_ioctl_get_subchnl(cdi, argp);
3422 	case CDROMREADTOCHDR:
3423 		return cdrom_ioctl_read_tochdr(cdi, argp);
3424 	case CDROMREADTOCENTRY:
3425 		return cdrom_ioctl_read_tocentry(cdi, argp);
3426 	case CDROMPLAYMSF:
3427 		return cdrom_ioctl_play_msf(cdi, argp);
3428 	case CDROMPLAYTRKIND:
3429 		return cdrom_ioctl_play_trkind(cdi, argp);
3430 	case CDROMVOLCTRL:
3431 		return cdrom_ioctl_volctrl(cdi, argp);
3432 	case CDROMVOLREAD:
3433 		return cdrom_ioctl_volread(cdi, argp);
3434 	case CDROMSTART:
3435 	case CDROMSTOP:
3436 	case CDROMPAUSE:
3437 	case CDROMRESUME:
3438 		return cdrom_ioctl_audioctl(cdi, cmd);
3439 	}
3440 
3441 	return -ENOSYS;
3442 }
3443 
3444 EXPORT_SYMBOL(cdrom_get_last_written);
3445 EXPORT_SYMBOL(register_cdrom);
3446 EXPORT_SYMBOL(unregister_cdrom);
3447 EXPORT_SYMBOL(cdrom_open);
3448 EXPORT_SYMBOL(cdrom_release);
3449 EXPORT_SYMBOL(cdrom_ioctl);
3450 EXPORT_SYMBOL(cdrom_number_of_slots);
3451 EXPORT_SYMBOL(cdrom_mode_select);
3452 EXPORT_SYMBOL(cdrom_mode_sense);
3453 EXPORT_SYMBOL(init_cdrom_command);
3454 EXPORT_SYMBOL(cdrom_get_media_event);
3455 
3456 #ifdef CONFIG_SYSCTL
3457 
3458 #define CDROM_STR_SIZE 1000
3459 
3460 static struct cdrom_sysctl_settings {
3461 	char	info[CDROM_STR_SIZE];	/* general info */
3462 	int	autoclose;		/* close tray upon mount, etc */
3463 	int	autoeject;		/* eject on umount */
3464 	int	debug;			/* turn on debugging messages */
3465 	int	lock;			/* lock the door on device open */
3466 	int	check;			/* check media type */
3467 } cdrom_sysctl_settings;
3468 
3469 enum cdrom_print_option {
3470 	CTL_NAME,
3471 	CTL_SPEED,
3472 	CTL_SLOTS,
3473 	CTL_CAPABILITY
3474 };
3475 
cdrom_print_info(const char * header,int val,char * info,int * pos,enum cdrom_print_option option)3476 static int cdrom_print_info(const char *header, int val, char *info,
3477 				int *pos, enum cdrom_print_option option)
3478 {
3479 	const int max_size = sizeof(cdrom_sysctl_settings.info);
3480 	struct cdrom_device_info *cdi;
3481 	int ret;
3482 
3483 	ret = scnprintf(info + *pos, max_size - *pos, header);
3484 	if (!ret)
3485 		return 1;
3486 
3487 	*pos += ret;
3488 
3489 	list_for_each_entry(cdi, &cdrom_list, list) {
3490 		switch (option) {
3491 		case CTL_NAME:
3492 			ret = scnprintf(info + *pos, max_size - *pos,
3493 					"\t%s", cdi->name);
3494 			break;
3495 		case CTL_SPEED:
3496 			ret = scnprintf(info + *pos, max_size - *pos,
3497 					"\t%d", cdi->speed);
3498 			break;
3499 		case CTL_SLOTS:
3500 			ret = scnprintf(info + *pos, max_size - *pos,
3501 					"\t%d", cdi->capacity);
3502 			break;
3503 		case CTL_CAPABILITY:
3504 			ret = scnprintf(info + *pos, max_size - *pos,
3505 					"\t%d", CDROM_CAN(val) != 0);
3506 			break;
3507 		default:
3508 			pr_info("invalid option%d\n", option);
3509 			return 1;
3510 		}
3511 		if (!ret)
3512 			return 1;
3513 		*pos += ret;
3514 	}
3515 
3516 	return 0;
3517 }
3518 
cdrom_sysctl_info(struct ctl_table * ctl,int write,void * buffer,size_t * lenp,loff_t * ppos)3519 static int cdrom_sysctl_info(struct ctl_table *ctl, int write,
3520                            void *buffer, size_t *lenp, loff_t *ppos)
3521 {
3522 	int pos;
3523 	char *info = cdrom_sysctl_settings.info;
3524 	const int max_size = sizeof(cdrom_sysctl_settings.info);
3525 
3526 	if (!*lenp || (*ppos && !write)) {
3527 		*lenp = 0;
3528 		return 0;
3529 	}
3530 
3531 	mutex_lock(&cdrom_mutex);
3532 
3533 	pos = sprintf(info, "CD-ROM information, " VERSION "\n");
3534 
3535 	if (cdrom_print_info("\ndrive name:\t", 0, info, &pos, CTL_NAME))
3536 		goto done;
3537 	if (cdrom_print_info("\ndrive speed:\t", 0, info, &pos, CTL_SPEED))
3538 		goto done;
3539 	if (cdrom_print_info("\ndrive # of slots:", 0, info, &pos, CTL_SLOTS))
3540 		goto done;
3541 	if (cdrom_print_info("\nCan close tray:\t",
3542 				CDC_CLOSE_TRAY, info, &pos, CTL_CAPABILITY))
3543 		goto done;
3544 	if (cdrom_print_info("\nCan open tray:\t",
3545 				CDC_OPEN_TRAY, info, &pos, CTL_CAPABILITY))
3546 		goto done;
3547 	if (cdrom_print_info("\nCan lock tray:\t",
3548 				CDC_LOCK, info, &pos, CTL_CAPABILITY))
3549 		goto done;
3550 	if (cdrom_print_info("\nCan change speed:",
3551 				CDC_SELECT_SPEED, info, &pos, CTL_CAPABILITY))
3552 		goto done;
3553 	if (cdrom_print_info("\nCan select disk:",
3554 				CDC_SELECT_DISC, info, &pos, CTL_CAPABILITY))
3555 		goto done;
3556 	if (cdrom_print_info("\nCan read multisession:",
3557 				CDC_MULTI_SESSION, info, &pos, CTL_CAPABILITY))
3558 		goto done;
3559 	if (cdrom_print_info("\nCan read MCN:\t",
3560 				CDC_MCN, info, &pos, CTL_CAPABILITY))
3561 		goto done;
3562 	if (cdrom_print_info("\nReports media changed:",
3563 				CDC_MEDIA_CHANGED, info, &pos, CTL_CAPABILITY))
3564 		goto done;
3565 	if (cdrom_print_info("\nCan play audio:\t",
3566 				CDC_PLAY_AUDIO, info, &pos, CTL_CAPABILITY))
3567 		goto done;
3568 	if (cdrom_print_info("\nCan write CD-R:\t",
3569 				CDC_CD_R, info, &pos, CTL_CAPABILITY))
3570 		goto done;
3571 	if (cdrom_print_info("\nCan write CD-RW:",
3572 				CDC_CD_RW, info, &pos, CTL_CAPABILITY))
3573 		goto done;
3574 	if (cdrom_print_info("\nCan read DVD:\t",
3575 				CDC_DVD, info, &pos, CTL_CAPABILITY))
3576 		goto done;
3577 	if (cdrom_print_info("\nCan write DVD-R:",
3578 				CDC_DVD_R, info, &pos, CTL_CAPABILITY))
3579 		goto done;
3580 	if (cdrom_print_info("\nCan write DVD-RAM:",
3581 				CDC_DVD_RAM, info, &pos, CTL_CAPABILITY))
3582 		goto done;
3583 	if (cdrom_print_info("\nCan read MRW:\t",
3584 				CDC_MRW, info, &pos, CTL_CAPABILITY))
3585 		goto done;
3586 	if (cdrom_print_info("\nCan write MRW:\t",
3587 				CDC_MRW_W, info, &pos, CTL_CAPABILITY))
3588 		goto done;
3589 	if (cdrom_print_info("\nCan write RAM:\t",
3590 				CDC_RAM, info, &pos, CTL_CAPABILITY))
3591 		goto done;
3592 	if (!scnprintf(info + pos, max_size - pos, "\n\n"))
3593 		goto done;
3594 doit:
3595 	mutex_unlock(&cdrom_mutex);
3596 	return proc_dostring(ctl, write, buffer, lenp, ppos);
3597 done:
3598 	pr_info("info buffer too small\n");
3599 	goto doit;
3600 }
3601 
3602 /* Unfortunately, per device settings are not implemented through
3603    procfs/sysctl yet. When they are, this will naturally disappear. For now
3604    just update all drives. Later this will become the template on which
3605    new registered drives will be based. */
cdrom_update_settings(void)3606 static void cdrom_update_settings(void)
3607 {
3608 	struct cdrom_device_info *cdi;
3609 
3610 	mutex_lock(&cdrom_mutex);
3611 	list_for_each_entry(cdi, &cdrom_list, list) {
3612 		if (autoclose && CDROM_CAN(CDC_CLOSE_TRAY))
3613 			cdi->options |= CDO_AUTO_CLOSE;
3614 		else if (!autoclose)
3615 			cdi->options &= ~CDO_AUTO_CLOSE;
3616 		if (autoeject && CDROM_CAN(CDC_OPEN_TRAY))
3617 			cdi->options |= CDO_AUTO_EJECT;
3618 		else if (!autoeject)
3619 			cdi->options &= ~CDO_AUTO_EJECT;
3620 		if (lockdoor && CDROM_CAN(CDC_LOCK))
3621 			cdi->options |= CDO_LOCK;
3622 		else if (!lockdoor)
3623 			cdi->options &= ~CDO_LOCK;
3624 		if (check_media_type)
3625 			cdi->options |= CDO_CHECK_TYPE;
3626 		else
3627 			cdi->options &= ~CDO_CHECK_TYPE;
3628 	}
3629 	mutex_unlock(&cdrom_mutex);
3630 }
3631 
cdrom_sysctl_handler(struct ctl_table * ctl,int write,void * buffer,size_t * lenp,loff_t * ppos)3632 static int cdrom_sysctl_handler(struct ctl_table *ctl, int write,
3633 				void *buffer, size_t *lenp, loff_t *ppos)
3634 {
3635 	int ret;
3636 
3637 	ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
3638 
3639 	if (write) {
3640 
3641 		/* we only care for 1 or 0. */
3642 		autoclose        = !!cdrom_sysctl_settings.autoclose;
3643 		autoeject        = !!cdrom_sysctl_settings.autoeject;
3644 		debug	         = !!cdrom_sysctl_settings.debug;
3645 		lockdoor         = !!cdrom_sysctl_settings.lock;
3646 		check_media_type = !!cdrom_sysctl_settings.check;
3647 
3648 		/* update the option flags according to the changes. we
3649 		   don't have per device options through sysctl yet,
3650 		   but we will have and then this will disappear. */
3651 		cdrom_update_settings();
3652 	}
3653 
3654         return ret;
3655 }
3656 
3657 /* Place files in /proc/sys/dev/cdrom */
3658 static struct ctl_table cdrom_table[] = {
3659 	{
3660 		.procname	= "info",
3661 		.data		= &cdrom_sysctl_settings.info,
3662 		.maxlen		= CDROM_STR_SIZE,
3663 		.mode		= 0444,
3664 		.proc_handler	= cdrom_sysctl_info,
3665 	},
3666 	{
3667 		.procname	= "autoclose",
3668 		.data		= &cdrom_sysctl_settings.autoclose,
3669 		.maxlen		= sizeof(int),
3670 		.mode		= 0644,
3671 		.proc_handler	= cdrom_sysctl_handler,
3672 	},
3673 	{
3674 		.procname	= "autoeject",
3675 		.data		= &cdrom_sysctl_settings.autoeject,
3676 		.maxlen		= sizeof(int),
3677 		.mode		= 0644,
3678 		.proc_handler	= cdrom_sysctl_handler,
3679 	},
3680 	{
3681 		.procname	= "debug",
3682 		.data		= &cdrom_sysctl_settings.debug,
3683 		.maxlen		= sizeof(int),
3684 		.mode		= 0644,
3685 		.proc_handler	= cdrom_sysctl_handler,
3686 	},
3687 	{
3688 		.procname	= "lock",
3689 		.data		= &cdrom_sysctl_settings.lock,
3690 		.maxlen		= sizeof(int),
3691 		.mode		= 0644,
3692 		.proc_handler	= cdrom_sysctl_handler,
3693 	},
3694 	{
3695 		.procname	= "check_media",
3696 		.data		= &cdrom_sysctl_settings.check,
3697 		.maxlen		= sizeof(int),
3698 		.mode		= 0644,
3699 		.proc_handler	= cdrom_sysctl_handler
3700 	},
3701 	{ }
3702 };
3703 
3704 static struct ctl_table cdrom_cdrom_table[] = {
3705 	{
3706 		.procname	= "cdrom",
3707 		.maxlen		= 0,
3708 		.mode		= 0555,
3709 		.child		= cdrom_table,
3710 	},
3711 	{ }
3712 };
3713 
3714 /* Make sure that /proc/sys/dev is there */
3715 static struct ctl_table cdrom_root_table[] = {
3716 	{
3717 		.procname	= "dev",
3718 		.maxlen		= 0,
3719 		.mode		= 0555,
3720 		.child		= cdrom_cdrom_table,
3721 	},
3722 	{ }
3723 };
3724 static struct ctl_table_header *cdrom_sysctl_header;
3725 
cdrom_sysctl_register(void)3726 static void cdrom_sysctl_register(void)
3727 {
3728 	static atomic_t initialized = ATOMIC_INIT(0);
3729 
3730 	if (!atomic_add_unless(&initialized, 1, 1))
3731 		return;
3732 
3733 	cdrom_sysctl_header = register_sysctl_table(cdrom_root_table);
3734 
3735 	/* set the defaults */
3736 	cdrom_sysctl_settings.autoclose = autoclose;
3737 	cdrom_sysctl_settings.autoeject = autoeject;
3738 	cdrom_sysctl_settings.debug = debug;
3739 	cdrom_sysctl_settings.lock = lockdoor;
3740 	cdrom_sysctl_settings.check = check_media_type;
3741 }
3742 
cdrom_sysctl_unregister(void)3743 static void cdrom_sysctl_unregister(void)
3744 {
3745 	if (cdrom_sysctl_header)
3746 		unregister_sysctl_table(cdrom_sysctl_header);
3747 }
3748 
3749 #else /* CONFIG_SYSCTL */
3750 
cdrom_sysctl_register(void)3751 static void cdrom_sysctl_register(void)
3752 {
3753 }
3754 
cdrom_sysctl_unregister(void)3755 static void cdrom_sysctl_unregister(void)
3756 {
3757 }
3758 
3759 #endif /* CONFIG_SYSCTL */
3760 
cdrom_init(void)3761 static int __init cdrom_init(void)
3762 {
3763 	cdrom_sysctl_register();
3764 
3765 	return 0;
3766 }
3767 
cdrom_exit(void)3768 static void __exit cdrom_exit(void)
3769 {
3770 	pr_info("Uniform CD-ROM driver unloaded\n");
3771 	cdrom_sysctl_unregister();
3772 }
3773 
3774 module_init(cdrom_init);
3775 module_exit(cdrom_exit);
3776 MODULE_LICENSE("GPL");
3777