2 * Check decoding of ioctl SG_IO v4 commands.
4 * Copyright (c) 2017 Dmitry V. Levin <ldv@altlinux.org>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote products
16 * derived from this software without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 #ifdef HAVE_LINUX_BSG_H
34 # include <inttypes.h>
36 # include <sys/ioctl.h>
38 # include <linux/bsg.h>
40 # include "xlat/scsi_sg_commands.h"
46 printf("ioctl(-1, SG_IO, NULL) = -1 EBADF (%m)\n");
48 TAIL_ALLOC_OBJECT_CONST_PTR(struct sg_io_v4, sg_io);
49 fill_memory(sg_io, sizeof(*sg_io));
51 const void *const efault = sg_io + 1;
52 ioctl(-1, SG_IO, efault);
53 printf("ioctl(-1, SG_IO, %p) = -1 EBADF (%m)\n", efault);
55 ioctl(-1, SG_IO, sg_io);
56 printf("ioctl(-1, SG_IO, [%u]) = -1 EBADF (%m)\n", sg_io->guard);
58 TAIL_ALLOC_OBJECT_CONST_PTR(unsigned int, pguard);
59 *pguard = (unsigned char) 'Q';
60 ioctl(-1, SG_IO, pguard);
61 printf("ioctl(-1, SG_IO, {guard='Q', %p}) = -1 EBADF (%m)\n", pguard + 1);
63 sg_io->guard = (unsigned char) 'Q';
65 sg_io->subprotocol = 1;
68 sg_io->request = (kernel_ulong_t) 0xfacefeedfffffff1ULL;
69 sg_io->response = (kernel_ulong_t) 0xfacefeedfffffff2ULL;
70 sg_io->dout_xferp = (kernel_ulong_t) 0xfacefeedfffffff3ULL;
71 sg_io->din_xferp = (kernel_ulong_t) 0xfacefeedfffffff4ULL;
72 ioctl(-1, SG_IO, sg_io);
73 printf("ioctl(-1, SG_IO, {guard='Q'"
74 ", protocol=BSG_PROTOCOL_SCSI"
75 ", subprotocol=BSG_SUB_PROTOCOL_SCSI_TMF"
78 ", request_tag=%#" PRI__x64
80 ", request_priority=%u"
82 ", max_response_len=%u"
83 ", dout_iovec_count=%u"
85 ", din_iovec_count=%u"
89 ", flags=BSG_FLAG_Q_AT_TAIL|BSG_FLAG_Q_AT_HEAD|0xffffffcf"
90 ", usr_ptr=%#" PRI__x64
95 ", transport_status=%#x"
98 ", info=SG_INFO_CHECK|SG_INFO_DIRECT_IO|SG_INFO_MIXED_IO|0xfffffff8"
103 ", generated_tag=%#" PRI__x64 "}) = -1 EBADF (%m)\n",
105 (unsigned long long) (kernel_ulong_t) sg_io->request,
108 sg_io->request_priority,
109 sg_io->request_extra,
110 sg_io->max_response_len,
111 sg_io->dout_iovec_count,
112 sg_io->dout_xfer_len,
113 sg_io->din_iovec_count,
115 (unsigned long long) (kernel_ulong_t) sg_io->dout_xferp,
119 (unsigned long long) (kernel_ulong_t) sg_io->response,
120 (unsigned long long) (kernel_ulong_t) sg_io->din_xferp,
121 sg_io->driver_status,
122 sg_io->transport_status,
123 sg_io->device_status,
129 sg_io->generated_tag);
131 const struct iovec iov[] = {
133 .iov_base = (void *) efault - 2,
136 .iov_base = (void *) efault - 3,
140 const struct iovec *const t_iov = tail_memdup(iov, sizeof(iov));
141 sg_io->dout_iovec_count = ARRAY_SIZE(iov);
142 sg_io->dout_xfer_len = iov[0].iov_len + iov[1].iov_len - 1;
143 sg_io->dout_xferp = (unsigned long) t_iov;
145 sg_io->din_iovec_count = 0;
146 sg_io->din_xfer_len = 5;
147 sg_io->din_resid = 1;
148 sg_io->din_xferp = (unsigned long) efault -
149 (sg_io->dout_xfer_len - sg_io->din_resid);
151 sg_io->request_len = 3;
152 sg_io->request = (unsigned long) efault - sg_io->request_len;
153 sg_io->response_len = 2;
154 sg_io->response = (unsigned long) efault - sg_io->response_len;
159 ioctl(-1, SG_IO, sg_io);
160 printf("ioctl(-1, SG_IO, {guard='Q'"
161 ", protocol=BSG_PROTOCOL_SCSI"
162 ", subprotocol=BSG_SUB_PROTOCOL_SCSI_TMF"
164 ", request=\"\\x%x\\x%x\\x%x\""
165 ", request_tag=%#" PRI__x64
167 ", request_priority=%u"
169 ", max_response_len=%u"
170 ", dout_iovec_count=%u"
172 ", din_iovec_count=%u"
174 ", dout_xferp=[{iov_base=\"\\%o\\%o\", iov_len=%u}"
175 ", {iov_base=\"\\%o\\%o\\%o\", iov_len=%u}]"
176 ", timeout=%u, flags=BSG_FLAG_Q_AT_HEAD"
177 ", usr_ptr=%#" PRI__x64
179 ", response=\"\\x%x\\x%x\""
180 ", din_xferp=\"\\x%x\\x%x\\x%x\\x%x\""
181 ", driver_status=%#x"
182 ", transport_status=%#x"
183 ", device_status=%#x"
185 ", info=SG_INFO_CHECK"
190 ", generated_tag=%#" PRI__x64 "}) = -1 EBADF (%m)\n",
192 * (unsigned char *) ((unsigned long) sg_io->request + 0),
193 * (unsigned char *) ((unsigned long) sg_io->request + 1),
194 * (unsigned char *) ((unsigned long) sg_io->request + 2),
197 sg_io->request_priority,
198 sg_io->request_extra,
199 sg_io->max_response_len,
200 sg_io->dout_iovec_count,
201 sg_io->dout_xfer_len,
202 sg_io->din_iovec_count,
204 * (unsigned char *) (iov[0].iov_base + 0),
205 * (unsigned char *) (iov[0].iov_base + 1),
206 (unsigned int) iov[0].iov_len,
207 * (unsigned char *) (iov[1].iov_base + 0),
208 * (unsigned char *) (iov[1].iov_base + 1),
209 * (unsigned char *) (iov[1].iov_base + 2),
210 (unsigned int) iov[1].iov_len,
214 * (unsigned char *) ((unsigned long) sg_io->response + 0),
215 * (unsigned char *) ((unsigned long) sg_io->response + 1),
216 * (unsigned char *) ((unsigned long) sg_io->din_xferp + 0),
217 * (unsigned char *) ((unsigned long) sg_io->din_xferp + 1),
218 * (unsigned char *) ((unsigned long) sg_io->din_xferp + 2),
219 * (unsigned char *) ((unsigned long) sg_io->din_xferp + 3),
220 sg_io->driver_status,
221 sg_io->transport_status,
222 sg_io->device_status,
228 sg_io->generated_tag);
230 puts("+++ exited with 0 +++");
236 SKIP_MAIN_UNDEFINED("HAVE_LINUX_BSG_H")