1 /*
2 * Check decoding of ioctl SG_IO v4 commands.
3 *
4 * Copyright (c) 2017-2018 Dmitry V. Levin <ldv@strace.io>
5 * Copyright (c) 2017-2021 The strace developers.
6 * All rights reserved.
7 *
8 * SPDX-License-Identifier: GPL-2.0-or-later
9 */
10
11 #include "tests.h"
12 #include <inttypes.h>
13 #include <stdio.h>
14 #include <sys/ioctl.h>
15 #include <sys/uio.h>
16 #include <linux/bsg.h>
17 #define XLAT_MACROS_ONLY
18 # include "xlat/scsi_sg_commands.h"
19 #undef XLAT_MACROS_ONLY
20
21 int
22 main(void)
23 {
24 ioctl(-1, SG_IO, 0);
25 printf("ioctl(-1, SG_IO, NULL) = -1 EBADF (%m)\n");
26
27 TAIL_ALLOC_OBJECT_CONST_PTR(struct sg_io_v4, sg_io);
28 fill_memory(sg_io, sizeof(*sg_io));
29
30 const void *const efault = sg_io + 1;
31 ioctl(-1, SG_IO, efault);
32 printf("ioctl(-1, SG_IO, %p) = -1 EBADF (%m)\n", efault);
33
34 ioctl(-1, SG_IO, sg_io);
35 printf("ioctl(-1, SG_IO, [%u]) = -1 EBADF (%m)\n", sg_io->guard);
36
37 TAIL_ALLOC_OBJECT_CONST_PTR(unsigned int, pguard);
38 *pguard = (unsigned char) 'Q';
39 ioctl(-1, SG_IO, pguard);
40 printf("ioctl(-1, SG_IO, {guard='Q', %p}) = -1 EBADF (%m)\n", pguard + 1);
41
42 sg_io->guard = (unsigned char) 'Q';
43 sg_io->protocol = 0;
44 sg_io->subprotocol = 1;
45 sg_io->flags = -1U;
46 sg_io->info = -1U;
47 sg_io->request = (kernel_ulong_t) 0xfacefeedfffffff1ULL;
48 sg_io->response = (kernel_ulong_t) 0xfacefeedfffffff2ULL;
49 sg_io->dout_xferp = (kernel_ulong_t) 0xfacefeedfffffff3ULL;
50 sg_io->din_xferp = (kernel_ulong_t) 0xfacefeedfffffff4ULL;
51 ioctl(-1, SG_IO, sg_io);
52 printf("ioctl(-1, SG_IO, {guard='Q'"
53 ", protocol=BSG_PROTOCOL_SCSI"
54 ", subprotocol=BSG_SUB_PROTOCOL_SCSI_TMF"
55 ", request_len=%u"
56 ", request=%#llx"
57 ", request_tag=%#" PRI__x64
58 ", request_attr=%u"
59 ", request_priority=%u"
60 ", request_extra=%u"
61 ", max_response_len=%u"
62 ", dout_iovec_count=%u"
63 ", dout_xfer_len=%u"
64 ", din_iovec_count=%u"
65 ", din_xfer_len=%u"
66 ", dout_xferp=%#llx"
67 ", timeout=%u"
68 ", flags=BSG_FLAG_Q_AT_TAIL|BSG_FLAG_Q_AT_HEAD|0xffffffcf"
69 ", usr_ptr=%#" PRI__x64
70 ", response_len=%u"
71 ", response=%#llx"
72 ", din_xferp=%#llx"
73 ", driver_status=%#x"
74 ", transport_status=%#x"
75 ", device_status=%#x"
76 ", retry_delay=%u"
77 ", info=SG_INFO_CHECK|SG_INFO_DIRECT_IO|SG_INFO_MIXED_IO|0xfffffff8"
78 ", duration=%u"
79 ", response_len=%u"
80 ", din_resid=%d"
81 ", dout_resid=%d"
82 ", generated_tag=%#" PRI__x64 "}) = -1 EBADF (%m)\n",
83 sg_io->request_len,
84 (unsigned long long) (kernel_ulong_t) sg_io->request,
85 sg_io->request_tag,
86 sg_io->request_attr,
87 sg_io->request_priority,
88 sg_io->request_extra,
89 sg_io->max_response_len,
90 sg_io->dout_iovec_count,
91 sg_io->dout_xfer_len,
92 sg_io->din_iovec_count,
93 sg_io->din_xfer_len,
94 (unsigned long long) (kernel_ulong_t) sg_io->dout_xferp,
95 sg_io->timeout,
96 sg_io->usr_ptr,
97 sg_io->response_len,
98 (unsigned long long) (kernel_ulong_t) sg_io->response,
99 (unsigned long long) (kernel_ulong_t) sg_io->din_xferp,
100 sg_io->driver_status,
101 sg_io->transport_status,
102 sg_io->device_status,
103 sg_io->retry_delay,
104 sg_io->duration,
105 sg_io->response_len,
106 sg_io->din_resid,
107 sg_io->dout_resid,
108 sg_io->generated_tag);
109
110 const struct iovec iov[] = {
111 {
112 .iov_base = (void *) efault - 2,
113 .iov_len = 2
114 }, {
115 .iov_base = (void *) efault - 3,
116 .iov_len = 4
117 }
118 };
119 const struct iovec *const t_iov = tail_memdup(iov, sizeof(iov));
120 sg_io->dout_iovec_count = ARRAY_SIZE(iov);
121 sg_io->dout_xfer_len = iov[0].iov_len + iov[1].iov_len - 1;
122 sg_io->dout_xferp = (unsigned long) t_iov;
123
124 sg_io->din_iovec_count = 0;
125 sg_io->din_xfer_len = 5;
126 sg_io->din_resid = 1;
127 sg_io->din_xferp = (unsigned long) efault -
128 (sg_io->dout_xfer_len - sg_io->din_resid);
129
130 sg_io->request_len = 3;
131 sg_io->request = (unsigned long) efault - sg_io->request_len;
132 sg_io->response_len = 2;
133 sg_io->response = (unsigned long) efault - sg_io->response_len;
134
135 sg_io->flags = 0x20;
136 sg_io->info = 1;
137
138 ioctl(-1, SG_IO, sg_io);
139 printf("ioctl(-1, SG_IO, {guard='Q'"
140 ", protocol=BSG_PROTOCOL_SCSI"
141 ", subprotocol=BSG_SUB_PROTOCOL_SCSI_TMF"
142 ", request_len=%u"
143 ", request=\"\\x%x\\x%x\\x%x\""
144 ", request_tag=%#" PRI__x64
145 ", request_attr=%u"
146 ", request_priority=%u"
147 ", request_extra=%u"
148 ", max_response_len=%u"
149 ", dout_iovec_count=%u"
150 ", dout_xfer_len=%u"
151 ", din_iovec_count=%u"
152 ", din_xfer_len=%u"
153 ", dout_xferp=[{iov_base=\"\\%o\\%o\", iov_len=%u}"
154 ", {iov_base=\"\\%o\\%o\\%o\", iov_len=%u}]"
155 ", timeout=%u, flags=BSG_FLAG_Q_AT_HEAD"
156 ", usr_ptr=%#" PRI__x64
157 ", response_len=%u"
158 ", response=\"\\x%x\\x%x\""
159 ", din_xferp=\"\\x%x\\x%x\\x%x\\x%x\""
160 ", driver_status=%#x"
161 ", transport_status=%#x"
162 ", device_status=%#x"
163 ", retry_delay=%u"
164 ", info=SG_INFO_CHECK"
165 ", duration=%u"
166 ", response_len=%u"
167 ", din_resid=%d"
168 ", dout_resid=%d"
169 ", generated_tag=%#" PRI__x64 "}) = -1 EBADF (%m)\n",
170 sg_io->request_len,
171 *(unsigned char *) ((unsigned long) sg_io->request + 0),
172 *(unsigned char *) ((unsigned long) sg_io->request + 1),
173 *(unsigned char *) ((unsigned long) sg_io->request + 2),
174 sg_io->request_tag,
175 sg_io->request_attr,
176 sg_io->request_priority,
177 sg_io->request_extra,
178 sg_io->max_response_len,
179 sg_io->dout_iovec_count,
180 sg_io->dout_xfer_len,
181 sg_io->din_iovec_count,
182 sg_io->din_xfer_len,
183 *(unsigned char *) (iov[0].iov_base + 0),
184 *(unsigned char *) (iov[0].iov_base + 1),
185 (unsigned int) iov[0].iov_len,
186 *(unsigned char *) (iov[1].iov_base + 0),
187 *(unsigned char *) (iov[1].iov_base + 1),
188 *(unsigned char *) (iov[1].iov_base + 2),
189 (unsigned int) iov[1].iov_len,
190 sg_io->timeout,
191 sg_io->usr_ptr,
192 sg_io->response_len,
193 *(unsigned char *) ((unsigned long) sg_io->response + 0),
194 *(unsigned char *) ((unsigned long) sg_io->response + 1),
195 *(unsigned char *) ((unsigned long) sg_io->din_xferp + 0),
196 *(unsigned char *) ((unsigned long) sg_io->din_xferp + 1),
197 *(unsigned char *) ((unsigned long) sg_io->din_xferp + 2),
198 *(unsigned char *) ((unsigned long) sg_io->din_xferp + 3),
199 sg_io->driver_status,
200 sg_io->transport_status,
201 sg_io->device_status,
202 sg_io->retry_delay,
203 sg_io->duration,
204 sg_io->response_len,
205 sg_io->din_resid,
206 sg_io->dout_resid,
207 sg_io->generated_tag);
208
209 puts("+++ exited with 0 +++");
210 return 0;
211 }