1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun * ide-floppy IOCTLs handling.
4*4882a593Smuzhiyun */
5*4882a593Smuzhiyun
6*4882a593Smuzhiyun #include <linux/kernel.h>
7*4882a593Smuzhiyun #include <linux/ide.h>
8*4882a593Smuzhiyun #include <linux/compat.h>
9*4882a593Smuzhiyun #include <linux/cdrom.h>
10*4882a593Smuzhiyun #include <linux/mutex.h>
11*4882a593Smuzhiyun
12*4882a593Smuzhiyun #include <asm/unaligned.h>
13*4882a593Smuzhiyun
14*4882a593Smuzhiyun #include <scsi/scsi_ioctl.h>
15*4882a593Smuzhiyun
16*4882a593Smuzhiyun #include "ide-floppy.h"
17*4882a593Smuzhiyun
18*4882a593Smuzhiyun /*
19*4882a593Smuzhiyun * Obtain the list of formattable capacities.
20*4882a593Smuzhiyun * Very similar to ide_floppy_get_capacity, except that we push the capacity
21*4882a593Smuzhiyun * descriptors to userland, instead of our own structures.
22*4882a593Smuzhiyun *
23*4882a593Smuzhiyun * Userland gives us the following structure:
24*4882a593Smuzhiyun *
25*4882a593Smuzhiyun * struct idefloppy_format_capacities {
26*4882a593Smuzhiyun * int nformats;
27*4882a593Smuzhiyun * struct {
28*4882a593Smuzhiyun * int nblocks;
29*4882a593Smuzhiyun * int blocksize;
30*4882a593Smuzhiyun * } formats[];
31*4882a593Smuzhiyun * };
32*4882a593Smuzhiyun *
33*4882a593Smuzhiyun * userland initializes nformats to the number of allocated formats[] records.
34*4882a593Smuzhiyun * On exit we set nformats to the number of records we've actually initialized.
35*4882a593Smuzhiyun */
36*4882a593Smuzhiyun
37*4882a593Smuzhiyun static DEFINE_MUTEX(ide_floppy_ioctl_mutex);
ide_floppy_get_format_capacities(ide_drive_t * drive,struct ide_atapi_pc * pc,int __user * arg)38*4882a593Smuzhiyun static int ide_floppy_get_format_capacities(ide_drive_t *drive,
39*4882a593Smuzhiyun struct ide_atapi_pc *pc,
40*4882a593Smuzhiyun int __user *arg)
41*4882a593Smuzhiyun {
42*4882a593Smuzhiyun struct ide_disk_obj *floppy = drive->driver_data;
43*4882a593Smuzhiyun int i, blocks, length, u_array_size, u_index;
44*4882a593Smuzhiyun int __user *argp;
45*4882a593Smuzhiyun u8 pc_buf[256], header_len, desc_cnt;
46*4882a593Smuzhiyun
47*4882a593Smuzhiyun if (get_user(u_array_size, arg))
48*4882a593Smuzhiyun return -EFAULT;
49*4882a593Smuzhiyun
50*4882a593Smuzhiyun if (u_array_size <= 0)
51*4882a593Smuzhiyun return -EINVAL;
52*4882a593Smuzhiyun
53*4882a593Smuzhiyun ide_floppy_create_read_capacity_cmd(pc);
54*4882a593Smuzhiyun
55*4882a593Smuzhiyun if (ide_queue_pc_tail(drive, floppy->disk, pc, pc_buf, pc->req_xfer)) {
56*4882a593Smuzhiyun printk(KERN_ERR "ide-floppy: Can't get floppy parameters\n");
57*4882a593Smuzhiyun return -EIO;
58*4882a593Smuzhiyun }
59*4882a593Smuzhiyun
60*4882a593Smuzhiyun header_len = pc_buf[3];
61*4882a593Smuzhiyun desc_cnt = header_len / 8; /* capacity descriptor of 8 bytes */
62*4882a593Smuzhiyun
63*4882a593Smuzhiyun u_index = 0;
64*4882a593Smuzhiyun argp = arg + 1;
65*4882a593Smuzhiyun
66*4882a593Smuzhiyun /*
67*4882a593Smuzhiyun * We always skip the first capacity descriptor. That's the current
68*4882a593Smuzhiyun * capacity. We are interested in the remaining descriptors, the
69*4882a593Smuzhiyun * formattable capacities.
70*4882a593Smuzhiyun */
71*4882a593Smuzhiyun for (i = 1; i < desc_cnt; i++) {
72*4882a593Smuzhiyun unsigned int desc_start = 4 + i*8;
73*4882a593Smuzhiyun
74*4882a593Smuzhiyun if (u_index >= u_array_size)
75*4882a593Smuzhiyun break; /* User-supplied buffer too small */
76*4882a593Smuzhiyun
77*4882a593Smuzhiyun blocks = be32_to_cpup((__be32 *)&pc_buf[desc_start]);
78*4882a593Smuzhiyun length = be16_to_cpup((__be16 *)&pc_buf[desc_start + 6]);
79*4882a593Smuzhiyun
80*4882a593Smuzhiyun if (put_user(blocks, argp))
81*4882a593Smuzhiyun return -EFAULT;
82*4882a593Smuzhiyun
83*4882a593Smuzhiyun ++argp;
84*4882a593Smuzhiyun
85*4882a593Smuzhiyun if (put_user(length, argp))
86*4882a593Smuzhiyun return -EFAULT;
87*4882a593Smuzhiyun
88*4882a593Smuzhiyun ++argp;
89*4882a593Smuzhiyun
90*4882a593Smuzhiyun ++u_index;
91*4882a593Smuzhiyun }
92*4882a593Smuzhiyun
93*4882a593Smuzhiyun if (put_user(u_index, arg))
94*4882a593Smuzhiyun return -EFAULT;
95*4882a593Smuzhiyun
96*4882a593Smuzhiyun return 0;
97*4882a593Smuzhiyun }
98*4882a593Smuzhiyun
ide_floppy_create_format_unit_cmd(struct ide_atapi_pc * pc,u8 * buf,int b,int l,int flags)99*4882a593Smuzhiyun static void ide_floppy_create_format_unit_cmd(struct ide_atapi_pc *pc,
100*4882a593Smuzhiyun u8 *buf, int b, int l,
101*4882a593Smuzhiyun int flags)
102*4882a593Smuzhiyun {
103*4882a593Smuzhiyun ide_init_pc(pc);
104*4882a593Smuzhiyun pc->c[0] = GPCMD_FORMAT_UNIT;
105*4882a593Smuzhiyun pc->c[1] = 0x17;
106*4882a593Smuzhiyun
107*4882a593Smuzhiyun memset(buf, 0, 12);
108*4882a593Smuzhiyun buf[1] = 0xA2;
109*4882a593Smuzhiyun /* Default format list header, u8 1: FOV/DCRT/IMM bits set */
110*4882a593Smuzhiyun
111*4882a593Smuzhiyun if (flags & 1) /* Verify bit on... */
112*4882a593Smuzhiyun buf[1] ^= 0x20; /* ... turn off DCRT bit */
113*4882a593Smuzhiyun buf[3] = 8;
114*4882a593Smuzhiyun
115*4882a593Smuzhiyun put_unaligned(cpu_to_be32(b), (unsigned int *)(&buf[4]));
116*4882a593Smuzhiyun put_unaligned(cpu_to_be32(l), (unsigned int *)(&buf[8]));
117*4882a593Smuzhiyun pc->req_xfer = 12;
118*4882a593Smuzhiyun pc->flags |= PC_FLAG_WRITING;
119*4882a593Smuzhiyun }
120*4882a593Smuzhiyun
ide_floppy_get_sfrp_bit(ide_drive_t * drive,struct ide_atapi_pc * pc)121*4882a593Smuzhiyun static int ide_floppy_get_sfrp_bit(ide_drive_t *drive, struct ide_atapi_pc *pc)
122*4882a593Smuzhiyun {
123*4882a593Smuzhiyun struct ide_disk_obj *floppy = drive->driver_data;
124*4882a593Smuzhiyun u8 buf[20];
125*4882a593Smuzhiyun
126*4882a593Smuzhiyun drive->atapi_flags &= ~IDE_AFLAG_SRFP;
127*4882a593Smuzhiyun
128*4882a593Smuzhiyun ide_floppy_create_mode_sense_cmd(pc, IDEFLOPPY_CAPABILITIES_PAGE);
129*4882a593Smuzhiyun pc->flags |= PC_FLAG_SUPPRESS_ERROR;
130*4882a593Smuzhiyun
131*4882a593Smuzhiyun if (ide_queue_pc_tail(drive, floppy->disk, pc, buf, pc->req_xfer))
132*4882a593Smuzhiyun return 1;
133*4882a593Smuzhiyun
134*4882a593Smuzhiyun if (buf[8 + 2] & 0x40)
135*4882a593Smuzhiyun drive->atapi_flags |= IDE_AFLAG_SRFP;
136*4882a593Smuzhiyun
137*4882a593Smuzhiyun return 0;
138*4882a593Smuzhiyun }
139*4882a593Smuzhiyun
ide_floppy_format_unit(ide_drive_t * drive,struct ide_atapi_pc * pc,int __user * arg)140*4882a593Smuzhiyun static int ide_floppy_format_unit(ide_drive_t *drive, struct ide_atapi_pc *pc,
141*4882a593Smuzhiyun int __user *arg)
142*4882a593Smuzhiyun {
143*4882a593Smuzhiyun struct ide_disk_obj *floppy = drive->driver_data;
144*4882a593Smuzhiyun u8 buf[12];
145*4882a593Smuzhiyun int blocks, length, flags, err = 0;
146*4882a593Smuzhiyun
147*4882a593Smuzhiyun if (floppy->openers > 1) {
148*4882a593Smuzhiyun /* Don't format if someone is using the disk */
149*4882a593Smuzhiyun drive->dev_flags &= ~IDE_DFLAG_FORMAT_IN_PROGRESS;
150*4882a593Smuzhiyun return -EBUSY;
151*4882a593Smuzhiyun }
152*4882a593Smuzhiyun
153*4882a593Smuzhiyun drive->dev_flags |= IDE_DFLAG_FORMAT_IN_PROGRESS;
154*4882a593Smuzhiyun
155*4882a593Smuzhiyun /*
156*4882a593Smuzhiyun * Send ATAPI_FORMAT_UNIT to the drive.
157*4882a593Smuzhiyun *
158*4882a593Smuzhiyun * Userland gives us the following structure:
159*4882a593Smuzhiyun *
160*4882a593Smuzhiyun * struct idefloppy_format_command {
161*4882a593Smuzhiyun * int nblocks;
162*4882a593Smuzhiyun * int blocksize;
163*4882a593Smuzhiyun * int flags;
164*4882a593Smuzhiyun * } ;
165*4882a593Smuzhiyun *
166*4882a593Smuzhiyun * flags is a bitmask, currently, the only defined flag is:
167*4882a593Smuzhiyun *
168*4882a593Smuzhiyun * 0x01 - verify media after format.
169*4882a593Smuzhiyun */
170*4882a593Smuzhiyun if (get_user(blocks, arg) ||
171*4882a593Smuzhiyun get_user(length, arg+1) ||
172*4882a593Smuzhiyun get_user(flags, arg+2)) {
173*4882a593Smuzhiyun err = -EFAULT;
174*4882a593Smuzhiyun goto out;
175*4882a593Smuzhiyun }
176*4882a593Smuzhiyun
177*4882a593Smuzhiyun ide_floppy_get_sfrp_bit(drive, pc);
178*4882a593Smuzhiyun ide_floppy_create_format_unit_cmd(pc, buf, blocks, length, flags);
179*4882a593Smuzhiyun
180*4882a593Smuzhiyun if (ide_queue_pc_tail(drive, floppy->disk, pc, buf, pc->req_xfer))
181*4882a593Smuzhiyun err = -EIO;
182*4882a593Smuzhiyun
183*4882a593Smuzhiyun out:
184*4882a593Smuzhiyun if (err)
185*4882a593Smuzhiyun drive->dev_flags &= ~IDE_DFLAG_FORMAT_IN_PROGRESS;
186*4882a593Smuzhiyun return err;
187*4882a593Smuzhiyun }
188*4882a593Smuzhiyun
189*4882a593Smuzhiyun /*
190*4882a593Smuzhiyun * Get ATAPI_FORMAT_UNIT progress indication.
191*4882a593Smuzhiyun *
192*4882a593Smuzhiyun * Userland gives a pointer to an int. The int is set to a progress
193*4882a593Smuzhiyun * indicator 0-65536, with 65536=100%.
194*4882a593Smuzhiyun *
195*4882a593Smuzhiyun * If the drive does not support format progress indication, we just check
196*4882a593Smuzhiyun * the dsc bit, and return either 0 or 65536.
197*4882a593Smuzhiyun */
198*4882a593Smuzhiyun
ide_floppy_get_format_progress(ide_drive_t * drive,struct ide_atapi_pc * pc,int __user * arg)199*4882a593Smuzhiyun static int ide_floppy_get_format_progress(ide_drive_t *drive,
200*4882a593Smuzhiyun struct ide_atapi_pc *pc,
201*4882a593Smuzhiyun int __user *arg)
202*4882a593Smuzhiyun {
203*4882a593Smuzhiyun struct ide_disk_obj *floppy = drive->driver_data;
204*4882a593Smuzhiyun u8 sense_buf[18];
205*4882a593Smuzhiyun int progress_indication = 0x10000;
206*4882a593Smuzhiyun
207*4882a593Smuzhiyun if (drive->atapi_flags & IDE_AFLAG_SRFP) {
208*4882a593Smuzhiyun ide_create_request_sense_cmd(drive, pc);
209*4882a593Smuzhiyun if (ide_queue_pc_tail(drive, floppy->disk, pc, sense_buf,
210*4882a593Smuzhiyun pc->req_xfer))
211*4882a593Smuzhiyun return -EIO;
212*4882a593Smuzhiyun
213*4882a593Smuzhiyun if (floppy->sense_key == 2 &&
214*4882a593Smuzhiyun floppy->asc == 4 &&
215*4882a593Smuzhiyun floppy->ascq == 4)
216*4882a593Smuzhiyun progress_indication = floppy->progress_indication;
217*4882a593Smuzhiyun
218*4882a593Smuzhiyun /* Else assume format_unit has finished, and we're at 0x10000 */
219*4882a593Smuzhiyun } else {
220*4882a593Smuzhiyun ide_hwif_t *hwif = drive->hwif;
221*4882a593Smuzhiyun unsigned long flags;
222*4882a593Smuzhiyun u8 stat;
223*4882a593Smuzhiyun
224*4882a593Smuzhiyun local_irq_save(flags);
225*4882a593Smuzhiyun stat = hwif->tp_ops->read_status(hwif);
226*4882a593Smuzhiyun local_irq_restore(flags);
227*4882a593Smuzhiyun
228*4882a593Smuzhiyun progress_indication = ((stat & ATA_DSC) == 0) ? 0 : 0x10000;
229*4882a593Smuzhiyun }
230*4882a593Smuzhiyun
231*4882a593Smuzhiyun if (put_user(progress_indication, arg))
232*4882a593Smuzhiyun return -EFAULT;
233*4882a593Smuzhiyun
234*4882a593Smuzhiyun return 0;
235*4882a593Smuzhiyun }
236*4882a593Smuzhiyun
ide_floppy_lockdoor(ide_drive_t * drive,struct ide_atapi_pc * pc,unsigned long arg,unsigned int cmd)237*4882a593Smuzhiyun static int ide_floppy_lockdoor(ide_drive_t *drive, struct ide_atapi_pc *pc,
238*4882a593Smuzhiyun unsigned long arg, unsigned int cmd)
239*4882a593Smuzhiyun {
240*4882a593Smuzhiyun struct ide_disk_obj *floppy = drive->driver_data;
241*4882a593Smuzhiyun struct gendisk *disk = floppy->disk;
242*4882a593Smuzhiyun int prevent = (arg && cmd != CDROMEJECT) ? 1 : 0;
243*4882a593Smuzhiyun
244*4882a593Smuzhiyun if (floppy->openers > 1)
245*4882a593Smuzhiyun return -EBUSY;
246*4882a593Smuzhiyun
247*4882a593Smuzhiyun ide_set_media_lock(drive, disk, prevent);
248*4882a593Smuzhiyun
249*4882a593Smuzhiyun if (cmd == CDROMEJECT)
250*4882a593Smuzhiyun ide_do_start_stop(drive, disk, 2);
251*4882a593Smuzhiyun
252*4882a593Smuzhiyun return 0;
253*4882a593Smuzhiyun }
254*4882a593Smuzhiyun
ide_floppy_format_ioctl(ide_drive_t * drive,struct ide_atapi_pc * pc,fmode_t mode,unsigned int cmd,void __user * argp)255*4882a593Smuzhiyun static int ide_floppy_format_ioctl(ide_drive_t *drive, struct ide_atapi_pc *pc,
256*4882a593Smuzhiyun fmode_t mode, unsigned int cmd,
257*4882a593Smuzhiyun void __user *argp)
258*4882a593Smuzhiyun {
259*4882a593Smuzhiyun switch (cmd) {
260*4882a593Smuzhiyun case IDEFLOPPY_IOCTL_FORMAT_SUPPORTED:
261*4882a593Smuzhiyun return 0;
262*4882a593Smuzhiyun case IDEFLOPPY_IOCTL_FORMAT_GET_CAPACITY:
263*4882a593Smuzhiyun return ide_floppy_get_format_capacities(drive, pc, argp);
264*4882a593Smuzhiyun case IDEFLOPPY_IOCTL_FORMAT_START:
265*4882a593Smuzhiyun if (!(mode & FMODE_WRITE))
266*4882a593Smuzhiyun return -EPERM;
267*4882a593Smuzhiyun return ide_floppy_format_unit(drive, pc, (int __user *)argp);
268*4882a593Smuzhiyun case IDEFLOPPY_IOCTL_FORMAT_GET_PROGRESS:
269*4882a593Smuzhiyun return ide_floppy_get_format_progress(drive, pc, argp);
270*4882a593Smuzhiyun default:
271*4882a593Smuzhiyun return -ENOTTY;
272*4882a593Smuzhiyun }
273*4882a593Smuzhiyun }
274*4882a593Smuzhiyun
ide_floppy_ioctl(ide_drive_t * drive,struct block_device * bdev,fmode_t mode,unsigned int cmd,unsigned long arg)275*4882a593Smuzhiyun int ide_floppy_ioctl(ide_drive_t *drive, struct block_device *bdev,
276*4882a593Smuzhiyun fmode_t mode, unsigned int cmd, unsigned long arg)
277*4882a593Smuzhiyun {
278*4882a593Smuzhiyun struct ide_atapi_pc pc;
279*4882a593Smuzhiyun void __user *argp = (void __user *)arg;
280*4882a593Smuzhiyun int err;
281*4882a593Smuzhiyun
282*4882a593Smuzhiyun mutex_lock(&ide_floppy_ioctl_mutex);
283*4882a593Smuzhiyun if (cmd == CDROMEJECT || cmd == CDROM_LOCKDOOR) {
284*4882a593Smuzhiyun err = ide_floppy_lockdoor(drive, &pc, arg, cmd);
285*4882a593Smuzhiyun goto out;
286*4882a593Smuzhiyun }
287*4882a593Smuzhiyun
288*4882a593Smuzhiyun err = ide_floppy_format_ioctl(drive, &pc, mode, cmd, argp);
289*4882a593Smuzhiyun if (err != -ENOTTY)
290*4882a593Smuzhiyun goto out;
291*4882a593Smuzhiyun
292*4882a593Smuzhiyun /*
293*4882a593Smuzhiyun * skip SCSI_IOCTL_SEND_COMMAND (deprecated)
294*4882a593Smuzhiyun * and CDROM_SEND_PACKET (legacy) ioctls
295*4882a593Smuzhiyun */
296*4882a593Smuzhiyun if (cmd != CDROM_SEND_PACKET && cmd != SCSI_IOCTL_SEND_COMMAND)
297*4882a593Smuzhiyun err = scsi_cmd_blk_ioctl(bdev, mode, cmd, argp);
298*4882a593Smuzhiyun
299*4882a593Smuzhiyun if (err == -ENOTTY)
300*4882a593Smuzhiyun err = generic_ide_ioctl(drive, bdev, cmd, arg);
301*4882a593Smuzhiyun
302*4882a593Smuzhiyun out:
303*4882a593Smuzhiyun mutex_unlock(&ide_floppy_ioctl_mutex);
304*4882a593Smuzhiyun return err;
305*4882a593Smuzhiyun }
306*4882a593Smuzhiyun
307*4882a593Smuzhiyun #ifdef CONFIG_COMPAT
ide_floppy_compat_ioctl(ide_drive_t * drive,struct block_device * bdev,fmode_t mode,unsigned int cmd,unsigned long arg)308*4882a593Smuzhiyun int ide_floppy_compat_ioctl(ide_drive_t *drive, struct block_device *bdev,
309*4882a593Smuzhiyun fmode_t mode, unsigned int cmd, unsigned long arg)
310*4882a593Smuzhiyun {
311*4882a593Smuzhiyun struct ide_atapi_pc pc;
312*4882a593Smuzhiyun void __user *argp = compat_ptr(arg);
313*4882a593Smuzhiyun int err;
314*4882a593Smuzhiyun
315*4882a593Smuzhiyun mutex_lock(&ide_floppy_ioctl_mutex);
316*4882a593Smuzhiyun if (cmd == CDROMEJECT || cmd == CDROM_LOCKDOOR) {
317*4882a593Smuzhiyun err = ide_floppy_lockdoor(drive, &pc, arg, cmd);
318*4882a593Smuzhiyun goto out;
319*4882a593Smuzhiyun }
320*4882a593Smuzhiyun
321*4882a593Smuzhiyun err = ide_floppy_format_ioctl(drive, &pc, mode, cmd, argp);
322*4882a593Smuzhiyun if (err != -ENOTTY)
323*4882a593Smuzhiyun goto out;
324*4882a593Smuzhiyun
325*4882a593Smuzhiyun /*
326*4882a593Smuzhiyun * skip SCSI_IOCTL_SEND_COMMAND (deprecated)
327*4882a593Smuzhiyun * and CDROM_SEND_PACKET (legacy) ioctls
328*4882a593Smuzhiyun */
329*4882a593Smuzhiyun if (cmd != CDROM_SEND_PACKET && cmd != SCSI_IOCTL_SEND_COMMAND)
330*4882a593Smuzhiyun err = scsi_cmd_blk_ioctl(bdev, mode, cmd, argp);
331*4882a593Smuzhiyun
332*4882a593Smuzhiyun if (err == -ENOTTY)
333*4882a593Smuzhiyun err = generic_ide_ioctl(drive, bdev, cmd, arg);
334*4882a593Smuzhiyun
335*4882a593Smuzhiyun out:
336*4882a593Smuzhiyun mutex_unlock(&ide_floppy_ioctl_mutex);
337*4882a593Smuzhiyun return err;
338*4882a593Smuzhiyun }
339*4882a593Smuzhiyun #endif
340