Re: [PATCH] drivers/block/scsi_ioctl.c, Video DVD playback support

[Jens Axboe <axboe@suse.de>]

On Mon, Jan 24 2005, Elias da Silva wrote:
> > On Sat, Jan 22 2005, Elias da Silva wrote:
> > > Attached patch fixes a problem of reading Video DVDs
> > > through the cdrom_ioctl interface. VMware is among
> > > the prominent victims.
> > > 
> > > The bug was introduced in kernel version 2.6.8 in the
> > > function verify_command().
> > 
> > It's not a bug, add write permission to the device for the user using
> > the drive.
> Hi.
> 
> The device already has write permission for the user using the
> drive... and this is not the point.
> 
> The point is
> 	a. the user (program) wants to read a protected DVD,
> 
> 	b. the user has permission to read the device,
> 
> 	c. since kernel 2.6.8 the user can't use his right to read a
> 	DVD media, because according to verify_command() he is forced
> 	to open the device with RW mode instead of RONLY.

Right, it's an unfortunate side effect of the command table.

> This is true for protected media because of the authentication
> process needed between "host" 	and DVD device. IMHO,
> the classification of the opcodes
> 
> 	a. GPCMD_SEND_KEY and
> 	b. GPCMD_SET_STREAMING
> 
> as only "save for write" is wrong.

You need to explain why you think that is so, since this is the core of
the argument. The only thing I can say is that perhaps SEND_KEY should
even be root only, since it has a fairly large scope. It's really a
device exclusive type situation, where is a user has exclusive access to
the device it would be ok to issue a SEND_KEY but otherwise not. It's
not clearly a read vs write thing. It's impossible to shoe-horn a more
complicated permission model on top of something as silly as read vs
write.

> Furthermore, if you use
> 	a. cdrom_ioctl (..., DVD_AUTH,...) instead of
> 	b. cdrom_ioctl (..., CDROM_SEND_PACKET,...)
> 	-> scsi_cmd_ioctl()-> sg_io()-> verify_command()
> 
> the same authentication procedure works as expected on a
> RONLY opened device!

DVD_AUTH by-passes scsi_ioctl.c, so yes.

> Please rethink your decisions introduced with verify_command()
> and make for example VMware work _again_ with Video DVDs.

It's not my decisions. The problem is that it is policy, and it has to
be restrictive to be safe.

-- 
Jens Axboe