netns xfrm: fix "ip xfrm state|policy count" misreport

[safe/jmp/linux-2.6] / block / bsg.c

diff --git a/block/bsg.c b/block/bsg.c
index 5fb9b0b..a9fd2d8 100644 (file)
--- a/block/bsg.c
+++ b/block/bsg.c
@@ -15,6 +15,7 @@
 #include <linux/blkdev.h>
 #include <linux/poll.h>
 #include <linux/cdev.h>
+#include <linux/jiffies.h>
 #include <linux/percpu.h>
 #include <linux/uio.h>
 #include <linux/idr.h>
@@ -42,11 +43,9 @@ struct bsg_device {
        int done_cmds;
        wait_queue_head_t wq_done;
        wait_queue_head_t wq_free;
-       char name[BUS_ID_SIZE];
+       char name[20];
        int max_queue;
        unsigned long flags;
-       struct blk_scsi_cmd_filter *cmd_filter;
-       mode_t *f_mode;
 };
 
 enum {
@@ -174,7 +173,8 @@ unlock:
 }
 
 static int blk_fill_sgv4_hdr_rq(struct request_queue *q, struct request *rq,
-                               struct sg_io_v4 *hdr, struct bsg_device *bd)
+                               struct sg_io_v4 *hdr, struct bsg_device *bd,
+                               fmode_t has_write_perm)
 {
        if (hdr->request_len > BLK_MAX_CDB) {
                rq->cmd = kzalloc(hdr->request_len, GFP_KERNEL);
@@ -187,8 +187,7 @@ static int blk_fill_sgv4_hdr_rq(struct request_queue *q, struct request *rq,
                return -EFAULT;
 
        if (hdr->subprotocol == BSG_SUB_PROTOCOL_SCSI_CMD) {
-               if (blk_cmd_filter_verify_command(bd->cmd_filter, rq->cmd,
-                                                bd->f_mode))
+               if (blk_verify_command(rq->cmd, has_write_perm))
                        return -EPERM;
        } else if (!capable(CAP_SYS_RAWIO))
                return -EPERM;
@@ -199,11 +198,13 @@ static int blk_fill_sgv4_hdr_rq(struct request_queue *q, struct request *rq,
        rq->cmd_len = hdr->request_len;
        rq->cmd_type = REQ_TYPE_BLOCK_PC;
 
-       rq->timeout = (hdr->timeout * HZ) / 1000;
+       rq->timeout = msecs_to_jiffies(hdr->timeout);
        if (!rq->timeout)
                rq->timeout = q->sg_timeout;
        if (!rq->timeout)
                rq->timeout = BLK_DEFAULT_SG_TIMEOUT;
+       if (rq->timeout < BLK_MIN_SG_TIMEOUT)
+               rq->timeout = BLK_MIN_SG_TIMEOUT;
 
        return 0;
 }
@@ -218,9 +219,6 @@ bsg_validate_sgv4_hdr(struct request_queue *q, struct sg_io_v4 *hdr, int *rw)
 
        if (hdr->guard != 'Q')
                return -EINVAL;
-       if (hdr->dout_xfer_len > (q->max_sectors << 9) ||
-           hdr->din_xfer_len > (q->max_sectors << 9))
-               return -EIO;
 
        switch (hdr->protocol) {
        case BSG_PROTOCOL_SCSI:
@@ -244,7 +242,8 @@ bsg_validate_sgv4_hdr(struct request_queue *q, struct sg_io_v4 *hdr, int *rw)
  * map sg_io_v4 to a request.
  */
 static struct request *
-bsg_map_hdr(struct bsg_device *bd, struct sg_io_v4 *hdr)
+bsg_map_hdr(struct bsg_device *bd, struct sg_io_v4 *hdr, fmode_t has_write_perm,
+           u8 *sense)
 {
        struct request_queue *q = bd->queue;
        struct request *rq, *next_rq = NULL;
@@ -266,7 +265,7 @@ bsg_map_hdr(struct bsg_device *bd, struct sg_io_v4 *hdr)
        rq = blk_get_request(q, rw, GFP_KERNEL);
        if (!rq)
                return ERR_PTR(-ENOMEM);
-       ret = blk_fill_sgv4_hdr_rq(q, rq, hdr, bd);
+       ret = blk_fill_sgv4_hdr_rq(q, rq, hdr, bd, has_write_perm);
        if (ret)
                goto out;
 
@@ -285,7 +284,8 @@ bsg_map_hdr(struct bsg_device *bd, struct sg_io_v4 *hdr)
                next_rq->cmd_type = rq->cmd_type;
 
                dxferp = (void*)(unsigned long)hdr->din_xferp;
-               ret =  blk_rq_map_user(q, next_rq, dxferp, hdr->din_xfer_len);
+               ret =  blk_rq_map_user(q, next_rq, NULL, dxferp,
+                                      hdr->din_xfer_len, GFP_KERNEL);
                if (ret)
                        goto out;
        }
@@ -300,10 +300,15 @@ bsg_map_hdr(struct bsg_device *bd, struct sg_io_v4 *hdr)
                dxfer_len = 0;
 
        if (dxfer_len) {
-               ret = blk_rq_map_user(q, rq, dxferp, dxfer_len);
+               ret = blk_rq_map_user(q, rq, NULL, dxferp, dxfer_len,
+                                     GFP_KERNEL);
                if (ret)
                        goto out;
        }
+
+       rq->sense = sense;
+       rq->sense_len = 0;
+
        return rq;
 out:
        if (rq->cmd != rq->__cmd)
@@ -346,8 +351,7 @@ static void bsg_rq_end_io(struct request *rq, int uptodate)
 static void bsg_add_command(struct bsg_device *bd, struct request_queue *q,
                            struct bsg_command *bc, struct request *rq)
 {
-       rq->sense = bc->sense;
-       rq->sense_len = 0;
+       int at_head = (0 == (bc->hdr.flags & BSG_FLAG_Q_AT_TAIL));
 
        /*
         * add bc command to busy queue and submit rq for io
@@ -364,7 +368,7 @@ static void bsg_add_command(struct bsg_device *bd, struct request_queue *q,
        dprintk("%s: queueing rq %p, bc %p\n", bd->name, rq, bc);
 
        rq->end_io_data = bc;
-       blk_execute_rq_nowait(q, NULL, rq, 1, bsg_rq_end_io);
+       blk_execute_rq_nowait(q, NULL, rq, at_head, bsg_rq_end_io);
 }
 
 static struct bsg_command *bsg_next_done_cmd(struct bsg_device *bd)
@@ -417,7 +421,7 @@ static int blk_complete_sgv4_hdr_rq(struct request *rq, struct sg_io_v4 *hdr,
 {
        int ret = 0;
 
-       dprintk("rq %p bio %p %u\n", rq, bio, rq->errors);
+       dprintk("rq %p bio %p 0x%x\n", rq, bio, rq->errors);
        /*
         * fill in all the output members
         */
@@ -442,14 +446,14 @@ static int blk_complete_sgv4_hdr_rq(struct request *rq, struct sg_io_v4 *hdr,
        }
 
        if (rq->next_rq) {
-               hdr->dout_resid = rq->data_len;
-               hdr->din_resid = rq->next_rq->data_len;
+               hdr->dout_resid = rq->resid_len;
+               hdr->din_resid = rq->next_rq->resid_len;
                blk_rq_unmap_user(bidi_bio);
                blk_put_request(rq->next_rq);
        } else if (rq_data_dir(rq) == READ)
-               hdr->din_resid = rq->data_len;
+               hdr->din_resid = rq->resid_len;
        else
-               hdr->dout_resid = rq->data_len;
+               hdr->dout_resid = rq->resid_len;
 
        /*
         * If the request generated a negative error number, return it
@@ -568,25 +572,6 @@ static inline void bsg_set_block(struct bsg_device *bd, struct file *file)
                set_bit(BSG_F_BLOCK, &bd->flags);
 }
 
-static void bsg_set_cmd_filter(struct bsg_device *bd,
-                          struct file *file)
-{
-       struct inode *inode;
-       struct gendisk *disk;
-
-       if (!file)
-               return;
-
-       inode = file->f_dentry->d_inode;
-       if (!inode)
-               return;
-
-       disk = inode->i_bdev->bd_disk;
-
-       bd->cmd_filter = &disk->cmd_filter;
-       bd->f_mode = &file->f_mode;
-}
-
 /*
  * Check if the error is a "real" error that we should return.
  */
@@ -608,7 +593,6 @@ bsg_read(struct file *file, char __user *buf, size_t count, loff_t *ppos)
        dprintk("%s: read %Zd bytes\n", bd->name, count);
 
        bsg_set_block(bd, file);
-       bsg_set_cmd_filter(bd, file);
 
        bytes_read = 0;
        ret = __bsg_read(buf, count, bd, NULL, &bytes_read);
@@ -621,7 +605,8 @@ bsg_read(struct file *file, char __user *buf, size_t count, loff_t *ppos)
 }
 
 static int __bsg_write(struct bsg_device *bd, const char __user *buf,
-                      size_t count, ssize_t *bytes_written)
+                      size_t count, ssize_t *bytes_written,
+                      fmode_t has_write_perm)
 {
        struct bsg_command *bc;
        struct request *rq;
@@ -652,7 +637,7 @@ static int __bsg_write(struct bsg_device *bd, const char __user *buf,
                /*
                 * get a request, fill in the blanks, and add to request queue
                 */
-               rq = bsg_map_hdr(bd, &bc->hdr);
+               rq = bsg_map_hdr(bd, &bc->hdr, has_write_perm, bc->sense);
                if (IS_ERR(rq)) {
                        ret = PTR_ERR(rq);
                        rq = NULL;
@@ -683,10 +668,11 @@ bsg_write(struct file *file, const char __user *buf, size_t count, loff_t *ppos)
        dprintk("%s: write %Zd bytes\n", bd->name, count);
 
        bsg_set_block(bd, file);
-       bsg_set_cmd_filter(bd, file);
 
        bytes_written = 0;
-       ret = __bsg_write(bd, buf, count, &bytes_written);
+       ret = __bsg_write(bd, buf, count, &bytes_written,
+                         file->f_mode & FMODE_WRITE);
+
        *ppos = bytes_written;
 
        /*
@@ -792,13 +778,12 @@ static struct bsg_device *bsg_add_device(struct inode *inode,
        bd->queue = rq;
 
        bsg_set_block(bd, file);
-       bsg_set_cmd_filter(bd, file);
 
        atomic_set(&bd->ref_count, 1);
        mutex_lock(&bsg_mutex);
        hlist_add_head(&bd->dev_list, bsg_dev_idx_hash(iminor(inode)));
 
-       strncpy(bd->name, rq->bsg_dev.class_dev->bus_id, sizeof(bd->name) - 1);
+       strncpy(bd->name, dev_name(rq->bsg_dev.class_dev), sizeof(bd->name) - 1);
        dprintk("bound to <%s>, max queue %d\n",
                format_dev_t(buf, inode->i_rdev), bd->max_queue);
 
@@ -933,24 +918,28 @@ static long bsg_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
        case SG_EMULATED_HOST:
        case SCSI_IOCTL_SEND_COMMAND: {
                void __user *uarg = (void __user *) arg;
-               return scsi_cmd_ioctl(file, bd->queue, NULL, cmd, uarg);
+               return scsi_cmd_ioctl(bd->queue, NULL, file->f_mode, cmd, uarg);
        }
        case SG_IO: {
                struct request *rq;
                struct bio *bio, *bidi_bio = NULL;
                struct sg_io_v4 hdr;
+               int at_head;
+               u8 sense[SCSI_SENSE_BUFFERSIZE];
 
                if (copy_from_user(&hdr, uarg, sizeof(hdr)))
                        return -EFAULT;
 
-               rq = bsg_map_hdr(bd, &hdr);
+               rq = bsg_map_hdr(bd, &hdr, file->f_mode & FMODE_WRITE, sense);
                if (IS_ERR(rq))
                        return PTR_ERR(rq);
 
                bio = rq->bio;
                if (rq->next_rq)
                        bidi_bio = rq->next_rq->bio;
-               blk_execute_rq(bd->queue, NULL, rq, 0);
+
+               at_head = (0 == (hdr.flags & BSG_FLAG_Q_AT_TAIL));
+               blk_execute_rq(bd->queue, NULL, rq, at_head);
                ret = blk_complete_sgv4_hdr_rq(rq, &hdr, bio, bidi_bio);
 
                if (copy_to_user(uarg, &hdr, sizeof(hdr)))
@@ -1009,7 +998,7 @@ int bsg_register_queue(struct request_queue *q, struct device *parent,
        if (name)
                devname = name;
        else
-               devname = parent->bus_id;
+               devname = dev_name(parent);
 
        /*
         * we need a proper transport to send commands, not a stacked device
@@ -1044,7 +1033,7 @@ int bsg_register_queue(struct request_queue *q, struct device *parent,
        bcd->release = release;
        kref_init(&bcd->ref);
        dev = MKDEV(bsg_major, bcd->minor);
-       class_dev = device_create(bsg_class, parent, dev, "%s", devname);
+       class_dev = device_create(bsg_class, parent, dev, NULL, "%s", devname);
        if (IS_ERR(class_dev)) {
                ret = PTR_ERR(class_dev);
                goto put_dev;
@@ -1074,6 +1063,11 @@ EXPORT_SYMBOL_GPL(bsg_register_queue);
 
 static struct cdev bsg_cdev;
 
+static char *bsg_devnode(struct device *dev, mode_t *mode)
+{
+       return kasprintf(GFP_KERNEL, "bsg/%s", dev_name(dev));
+}
+
 static int __init bsg_init(void)
 {
        int ret, i;
@@ -1094,6 +1088,7 @@ static int __init bsg_init(void)
                ret = PTR_ERR(bsg_class);
                goto destroy_kmemcache;
        }
+       bsg_class->devnode = bsg_devnode;
 
        ret = alloc_chrdev_region(&devid, 0, BSG_MAX_DEVS, "bsg");
        if (ret)