Re: [PATCH] SG_IO block filter whitelist missing MMC SET READ AHEAD command

[Jens Axboe <jens.axboe@oracle.com>]

(apologies to Monty who will receive this email twice)

> Hi Jens,
> 
> I have another request for the block filter SG_IO command whitelist,
> specifically the MMC streaming command set SET READ AHEAD command.
> The command applies only to MMC CDROM/DVDROM drives with the streaming
> optional feature set.  The command is useful to cdparanoia in that it
> allows explicit cache control side effects that are, on many drives,
> cdparanoia's most efficient way to flush/disable the media cache on
> cdrom drives. I am aware of no reason why it should not be accessible
> from usespace.
> 
> Also note that the command is already fully accessible through the
> SCSI-native version of the SG_IO ioctl as well as the traditional SG
> interface.  The command is only being refused on block devices.  That
> means that on a typical stock distro, the command is available through
> /dev/sg* but not /dev/scd* although both are typically available and
> accessible.  Filtering the command is not providing any protection,
> only a confusing inconsistency.
> 
> For convenience's sake, trivial patch below.
> 
> diff -ru linux-2.6.26.3/block/scsi_ioctl.c
> linux-2.6.26.3-monty/block/scsi_ioctl.c
> --- linux-2.6.26.3/block/scsi_ioctl.c   2008-08-20 14:11:37.000000000 -0400
> +++ linux-2.6.26.3-monty/block/scsi_ioctl.c     2008-08-22
> 04:17:56.194248000 -0400
> @@ -188,6 +188,7 @@
>                safe_for_write(GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL),
>                safe_for_write(GPCMD_LOAD_UNLOAD),
>                safe_for_write(GPCMD_SET_STREAMING),
> +               safe_for_write(GPCMD_SET_READ_AHEAD),
>        };
>        unsigned char type = cmd_type[cmd[0]];

Looks harmless enough to me, I've adapted your patch for current -git.
Note that with 2.6.27, you can actually modify the command table at
runtime as well. But we should still have sane defaults.

-- 
Jens Axboe