aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>2008-07-04 03:33:01 -0400
committerJens Axboe <jens.axboe@oracle.com>2008-07-04 03:52:14 -0400
commitfce5384755e8e0e56c5609d2972db4702990d592 (patch)
tree901ce009cd49d95870d74c82d6e0b368368d4531
parent62858dacc8dea55c5bdb474ccd8acb0657e23dd0 (diff)
cdrom: revert commit 22a9189 (cdrom: use kmalloced buffers instead of buffers on stack)
The commit 22a9189fd073db3d03a4cf8b8c098aa207602de1 (cdrom: use kmalloced buffers instead of buffers on stack) is introduced to use kmalloced buffers for packet commands to avoid stack corruption on non coherent platforms. SCSI cdrom uses blk_rq_map_kern, which properly avoids DMA on the stack by using the bounce buffers. IDE cdrom also has the mechnism to avoids DMA on the stack. So we don't need this extra complexitiy in cdrom.c, such as allocating just 8 bytes. The lower layers can handle it. Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de> Cc: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com> Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de> Cc: Tejun Heo <htejun@gmail.com> Cc: James Bottomley <James.Bottomley@HansenPartnership.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
-rw-r--r--drivers/cdrom/cdrom.c274
1 files changed, 93 insertions, 181 deletions
diff --git a/drivers/cdrom/cdrom.c b/drivers/cdrom/cdrom.c
index 69f26eb6415b..a5da35632651 100644
--- a/drivers/cdrom/cdrom.c
+++ b/drivers/cdrom/cdrom.c
@@ -461,37 +461,27 @@ int cdrom_get_media_event(struct cdrom_device_info *cdi,
461 struct media_event_desc *med) 461 struct media_event_desc *med)
462{ 462{
463 struct packet_command cgc; 463 struct packet_command cgc;
464 unsigned char *buffer; 464 unsigned char buffer[8];
465 struct event_header *eh; 465 struct event_header *eh = (struct event_header *) buffer;
466 int ret = 1;
467
468 buffer = kmalloc(8, GFP_KERNEL);
469 if (!buffer)
470 return -ENOMEM;
471 466
472 eh = (struct event_header *)buffer; 467 init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
473
474 init_cdrom_command(&cgc, buffer, 8, CGC_DATA_READ);
475 cgc.cmd[0] = GPCMD_GET_EVENT_STATUS_NOTIFICATION; 468 cgc.cmd[0] = GPCMD_GET_EVENT_STATUS_NOTIFICATION;
476 cgc.cmd[1] = 1; /* IMMED */ 469 cgc.cmd[1] = 1; /* IMMED */
477 cgc.cmd[4] = 1 << 4; /* media event */ 470 cgc.cmd[4] = 1 << 4; /* media event */
478 cgc.cmd[8] = 8; 471 cgc.cmd[8] = sizeof(buffer);
479 cgc.quiet = 1; 472 cgc.quiet = 1;
480 473
481 if (cdi->ops->generic_packet(cdi, &cgc)) 474 if (cdi->ops->generic_packet(cdi, &cgc))
482 goto err; 475 return 1;
483 476
484 if (be16_to_cpu(eh->data_len) < sizeof(*med)) 477 if (be16_to_cpu(eh->data_len) < sizeof(*med))
485 goto err; 478 return 1;
486 479
487 if (eh->nea || eh->notification_class != 0x4) 480 if (eh->nea || eh->notification_class != 0x4)
488 goto err; 481 return 1;
489 482
490 memcpy(med, buffer + sizeof(*eh), sizeof(*med)); 483 memcpy(med, &buffer[sizeof(*eh)], sizeof(*med));
491 ret = 0; 484 return 0;
492err:
493 kfree(buffer);
494 return ret;
495} 485}
496 486
497/* 487/*
@@ -501,82 +491,68 @@ err:
501static int cdrom_mrw_probe_pc(struct cdrom_device_info *cdi) 491static int cdrom_mrw_probe_pc(struct cdrom_device_info *cdi)
502{ 492{
503 struct packet_command cgc; 493 struct packet_command cgc;
504 char *buffer; 494 char buffer[16];
505 int ret = 1;
506
507 buffer = kmalloc(16, GFP_KERNEL);
508 if (!buffer)
509 return -ENOMEM;
510 495
511 init_cdrom_command(&cgc, buffer, 16, CGC_DATA_READ); 496 init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
512 497
513 cgc.timeout = HZ; 498 cgc.timeout = HZ;
514 cgc.quiet = 1; 499 cgc.quiet = 1;
515 500
516 if (!cdrom_mode_sense(cdi, &cgc, MRW_MODE_PC, 0)) { 501 if (!cdrom_mode_sense(cdi, &cgc, MRW_MODE_PC, 0)) {
517 cdi->mrw_mode_page = MRW_MODE_PC; 502 cdi->mrw_mode_page = MRW_MODE_PC;
518 ret = 0; 503 return 0;
519 } else if (!cdrom_mode_sense(cdi, &cgc, MRW_MODE_PC_PRE1, 0)) { 504 } else if (!cdrom_mode_sense(cdi, &cgc, MRW_MODE_PC_PRE1, 0)) {
520 cdi->mrw_mode_page = MRW_MODE_PC_PRE1; 505 cdi->mrw_mode_page = MRW_MODE_PC_PRE1;
521 ret = 0; 506 return 0;
522 } 507 }
523 kfree(buffer); 508
524 return ret; 509 return 1;
525} 510}
526 511
527static int cdrom_is_mrw(struct cdrom_device_info *cdi, int *write) 512static int cdrom_is_mrw(struct cdrom_device_info *cdi, int *write)
528{ 513{
529 struct packet_command cgc; 514 struct packet_command cgc;
530 struct mrw_feature_desc *mfd; 515 struct mrw_feature_desc *mfd;
531 unsigned char *buffer; 516 unsigned char buffer[16];
532 int ret; 517 int ret;
533 518
534 *write = 0; 519 *write = 0;
535 buffer = kmalloc(16, GFP_KERNEL);
536 if (!buffer)
537 return -ENOMEM;
538 520
539 init_cdrom_command(&cgc, buffer, 16, CGC_DATA_READ); 521 init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
540 522
541 cgc.cmd[0] = GPCMD_GET_CONFIGURATION; 523 cgc.cmd[0] = GPCMD_GET_CONFIGURATION;
542 cgc.cmd[3] = CDF_MRW; 524 cgc.cmd[3] = CDF_MRW;
543 cgc.cmd[8] = 16; 525 cgc.cmd[8] = sizeof(buffer);
544 cgc.quiet = 1; 526 cgc.quiet = 1;
545 527
546 if ((ret = cdi->ops->generic_packet(cdi, &cgc))) 528 if ((ret = cdi->ops->generic_packet(cdi, &cgc)))
547 goto err; 529 return ret;
548 530
549 mfd = (struct mrw_feature_desc *)&buffer[sizeof(struct feature_header)]; 531 mfd = (struct mrw_feature_desc *)&buffer[sizeof(struct feature_header)];
550 if (be16_to_cpu(mfd->feature_code) != CDF_MRW) { 532 if (be16_to_cpu(mfd->feature_code) != CDF_MRW)
551 ret = 1; 533 return 1;
552 goto err;
553 }
554 *write = mfd->write; 534 *write = mfd->write;
555 535
556 if ((ret = cdrom_mrw_probe_pc(cdi))) { 536 if ((ret = cdrom_mrw_probe_pc(cdi))) {
557 *write = 0; 537 *write = 0;
538 return ret;
558 } 539 }
559err: 540
560 kfree(buffer); 541 return 0;
561 return ret;
562} 542}
563 543
564static int cdrom_mrw_bgformat(struct cdrom_device_info *cdi, int cont) 544static int cdrom_mrw_bgformat(struct cdrom_device_info *cdi, int cont)
565{ 545{
566 struct packet_command cgc; 546 struct packet_command cgc;
567 unsigned char *buffer; 547 unsigned char buffer[12];
568 int ret; 548 int ret;
569 549
570 printk(KERN_INFO "cdrom: %sstarting format\n", cont ? "Re" : ""); 550 printk(KERN_INFO "cdrom: %sstarting format\n", cont ? "Re" : "");
571 551
572 buffer = kmalloc(12, GFP_KERNEL);
573 if (!buffer)
574 return -ENOMEM;
575
576 /* 552 /*
577 * FmtData bit set (bit 4), format type is 1 553 * FmtData bit set (bit 4), format type is 1
578 */ 554 */
579 init_cdrom_command(&cgc, buffer, 12, CGC_DATA_WRITE); 555 init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_WRITE);
580 cgc.cmd[0] = GPCMD_FORMAT_UNIT; 556 cgc.cmd[0] = GPCMD_FORMAT_UNIT;
581 cgc.cmd[1] = (1 << 4) | 1; 557 cgc.cmd[1] = (1 << 4) | 1;
582 558
@@ -603,7 +579,6 @@ static int cdrom_mrw_bgformat(struct cdrom_device_info *cdi, int cont)
603 if (ret) 579 if (ret)
604 printk(KERN_INFO "cdrom: bgformat failed\n"); 580 printk(KERN_INFO "cdrom: bgformat failed\n");
605 581
606 kfree(buffer);
607 return ret; 582 return ret;
608} 583}
609 584
@@ -663,17 +638,16 @@ static int cdrom_mrw_set_lba_space(struct cdrom_device_info *cdi, int space)
663{ 638{
664 struct packet_command cgc; 639 struct packet_command cgc;
665 struct mode_page_header *mph; 640 struct mode_page_header *mph;
666 char *buffer; 641 char buffer[16];
667 int ret, offset, size; 642 int ret, offset, size;
668 643
669 buffer = kmalloc(16, GFP_KERNEL); 644 init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
670 if (!buffer)
671 return -ENOMEM;
672 645
673 init_cdrom_command(&cgc, buffer, 16, CGC_DATA_READ); 646 cgc.buffer = buffer;
647 cgc.buflen = sizeof(buffer);
674 648
675 if ((ret = cdrom_mode_sense(cdi, &cgc, cdi->mrw_mode_page, 0))) 649 if ((ret = cdrom_mode_sense(cdi, &cgc, cdi->mrw_mode_page, 0)))
676 goto err; 650 return ret;
677 651
678 mph = (struct mode_page_header *) buffer; 652 mph = (struct mode_page_header *) buffer;
679 offset = be16_to_cpu(mph->desc_length); 653 offset = be16_to_cpu(mph->desc_length);
@@ -683,70 +657,55 @@ static int cdrom_mrw_set_lba_space(struct cdrom_device_info *cdi, int space)
683 cgc.buflen = size; 657 cgc.buflen = size;
684 658
685 if ((ret = cdrom_mode_select(cdi, &cgc))) 659 if ((ret = cdrom_mode_select(cdi, &cgc)))
686 goto err; 660 return ret;
687 661
688 printk(KERN_INFO "cdrom: %s: mrw address space %s selected\n", cdi->name, mrw_address_space[space]); 662 printk(KERN_INFO "cdrom: %s: mrw address space %s selected\n", cdi->name, mrw_address_space[space]);
689 ret = 0; 663 return 0;
690err:
691 kfree(buffer);
692 return ret;
693} 664}
694 665
695static int cdrom_get_random_writable(struct cdrom_device_info *cdi, 666static int cdrom_get_random_writable(struct cdrom_device_info *cdi,
696 struct rwrt_feature_desc *rfd) 667 struct rwrt_feature_desc *rfd)
697{ 668{
698 struct packet_command cgc; 669 struct packet_command cgc;
699 char *buffer; 670 char buffer[24];
700 int ret; 671 int ret;
701 672
702 buffer = kmalloc(24, GFP_KERNEL); 673 init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
703 if (!buffer)
704 return -ENOMEM;
705
706 init_cdrom_command(&cgc, buffer, 24, CGC_DATA_READ);
707 674
708 cgc.cmd[0] = GPCMD_GET_CONFIGURATION; /* often 0x46 */ 675 cgc.cmd[0] = GPCMD_GET_CONFIGURATION; /* often 0x46 */
709 cgc.cmd[3] = CDF_RWRT; /* often 0x0020 */ 676 cgc.cmd[3] = CDF_RWRT; /* often 0x0020 */
710 cgc.cmd[8] = 24; /* often 0x18 */ 677 cgc.cmd[8] = sizeof(buffer); /* often 0x18 */
711 cgc.quiet = 1; 678 cgc.quiet = 1;
712 679
713 if ((ret = cdi->ops->generic_packet(cdi, &cgc))) 680 if ((ret = cdi->ops->generic_packet(cdi, &cgc)))
714 goto err; 681 return ret;
715 682
716 memcpy(rfd, &buffer[sizeof(struct feature_header)], sizeof (*rfd)); 683 memcpy(rfd, &buffer[sizeof(struct feature_header)], sizeof (*rfd));
717 ret = 0; 684 return 0;
718err:
719 kfree(buffer);
720 return ret;
721} 685}
722 686
723static int cdrom_has_defect_mgt(struct cdrom_device_info *cdi) 687static int cdrom_has_defect_mgt(struct cdrom_device_info *cdi)
724{ 688{
725 struct packet_command cgc; 689 struct packet_command cgc;
726 char *buffer; 690 char buffer[16];
727 __be16 *feature_code; 691 __be16 *feature_code;
728 int ret; 692 int ret;
729 693
730 buffer = kmalloc(16, GFP_KERNEL); 694 init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
731 if (!buffer)
732 return -ENOMEM;
733
734 init_cdrom_command(&cgc, buffer, 16, CGC_DATA_READ);
735 695
736 cgc.cmd[0] = GPCMD_GET_CONFIGURATION; 696 cgc.cmd[0] = GPCMD_GET_CONFIGURATION;
737 cgc.cmd[3] = CDF_HWDM; 697 cgc.cmd[3] = CDF_HWDM;
738 cgc.cmd[8] = 16; 698 cgc.cmd[8] = sizeof(buffer);
739 cgc.quiet = 1; 699 cgc.quiet = 1;
740 700
741 if ((ret = cdi->ops->generic_packet(cdi, &cgc))) 701 if ((ret = cdi->ops->generic_packet(cdi, &cgc)))
742 goto err; 702 return ret;
743 703
744 feature_code = (__be16 *) &buffer[sizeof(struct feature_header)]; 704 feature_code = (__be16 *) &buffer[sizeof(struct feature_header)];
745 if (be16_to_cpu(*feature_code) == CDF_HWDM) 705 if (be16_to_cpu(*feature_code) == CDF_HWDM)
746 ret = 0; 706 return 0;
747err: 707
748 kfree(buffer); 708 return 1;
749 return ret;
750} 709}
751 710
752 711
@@ -837,14 +796,10 @@ static int cdrom_mrw_open_write(struct cdrom_device_info *cdi)
837static int mo_open_write(struct cdrom_device_info *cdi) 796static int mo_open_write(struct cdrom_device_info *cdi)
838{ 797{
839 struct packet_command cgc; 798 struct packet_command cgc;
840 char *buffer; 799 char buffer[255];
841 int ret; 800 int ret;
842 801
843 buffer = kmalloc(255, GFP_KERNEL); 802 init_cdrom_command(&cgc, &buffer, 4, CGC_DATA_READ);
844 if (!buffer)
845 return -ENOMEM;
846
847 init_cdrom_command(&cgc, buffer, 4, CGC_DATA_READ);
848 cgc.quiet = 1; 803 cgc.quiet = 1;
849 804
850 /* 805 /*
@@ -861,15 +816,10 @@ static int mo_open_write(struct cdrom_device_info *cdi)
861 } 816 }
862 817
863 /* drive gave us no info, let the user go ahead */ 818 /* drive gave us no info, let the user go ahead */
864 if (ret) { 819 if (ret)
865 ret = 0; 820 return 0;
866 goto err;
867 }
868 821
869 ret = buffer[3] & 0x80; 822 return buffer[3] & 0x80;
870err:
871 kfree(buffer);
872 return ret;
873} 823}
874 824
875static int cdrom_ram_open_write(struct cdrom_device_info *cdi) 825static int cdrom_ram_open_write(struct cdrom_device_info *cdi)
@@ -892,19 +842,15 @@ static int cdrom_ram_open_write(struct cdrom_device_info *cdi)
892static void cdrom_mmc3_profile(struct cdrom_device_info *cdi) 842static void cdrom_mmc3_profile(struct cdrom_device_info *cdi)
893{ 843{
894 struct packet_command cgc; 844 struct packet_command cgc;
895 char *buffer; 845 char buffer[32];
896 int ret, mmc3_profile; 846 int ret, mmc3_profile;
897 847
898 buffer = kmalloc(32, GFP_KERNEL); 848 init_cdrom_command(&cgc, buffer, sizeof(buffer), CGC_DATA_READ);
899 if (!buffer)
900 return;
901
902 init_cdrom_command(&cgc, buffer, 32, CGC_DATA_READ);
903 849
904 cgc.cmd[0] = GPCMD_GET_CONFIGURATION; 850 cgc.cmd[0] = GPCMD_GET_CONFIGURATION;
905 cgc.cmd[1] = 0; 851 cgc.cmd[1] = 0;
906 cgc.cmd[2] = cgc.cmd[3] = 0; /* Starting Feature Number */ 852 cgc.cmd[2] = cgc.cmd[3] = 0; /* Starting Feature Number */
907 cgc.cmd[8] = 32; /* Allocation Length */ 853 cgc.cmd[8] = sizeof(buffer); /* Allocation Length */
908 cgc.quiet = 1; 854 cgc.quiet = 1;
909 855
910 if ((ret = cdi->ops->generic_packet(cdi, &cgc))) 856 if ((ret = cdi->ops->generic_packet(cdi, &cgc)))
@@ -913,7 +859,6 @@ static void cdrom_mmc3_profile(struct cdrom_device_info *cdi)
913 mmc3_profile = (buffer[6] << 8) | buffer[7]; 859 mmc3_profile = (buffer[6] << 8) | buffer[7];
914 860
915 cdi->mmc3_profile = mmc3_profile; 861 cdi->mmc3_profile = mmc3_profile;
916 kfree(buffer);
917} 862}
918 863
919static int cdrom_is_dvd_rw(struct cdrom_device_info *cdi) 864static int cdrom_is_dvd_rw(struct cdrom_device_info *cdi)
@@ -1628,15 +1573,12 @@ static void setup_send_key(struct packet_command *cgc, unsigned agid, unsigned t
1628static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai) 1573static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai)
1629{ 1574{
1630 int ret; 1575 int ret;
1631 u_char *buf; 1576 u_char buf[20];
1632 struct packet_command cgc; 1577 struct packet_command cgc;
1633 struct cdrom_device_ops *cdo = cdi->ops; 1578 struct cdrom_device_ops *cdo = cdi->ops;
1634 rpc_state_t *rpc_state; 1579 rpc_state_t rpc_state;
1635
1636 buf = kzalloc(20, GFP_KERNEL);
1637 if (!buf)
1638 return -ENOMEM;
1639 1580
1581 memset(buf, 0, sizeof(buf));
1640 init_cdrom_command(&cgc, buf, 0, CGC_DATA_READ); 1582 init_cdrom_command(&cgc, buf, 0, CGC_DATA_READ);
1641 1583
1642 switch (ai->type) { 1584 switch (ai->type) {
@@ -1647,7 +1589,7 @@ static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai)
1647 setup_report_key(&cgc, ai->lsa.agid, 0); 1589 setup_report_key(&cgc, ai->lsa.agid, 0);
1648 1590
1649 if ((ret = cdo->generic_packet(cdi, &cgc))) 1591 if ((ret = cdo->generic_packet(cdi, &cgc)))
1650 goto err; 1592 return ret;
1651 1593
1652 ai->lsa.agid = buf[7] >> 6; 1594 ai->lsa.agid = buf[7] >> 6;
1653 /* Returning data, let host change state */ 1595 /* Returning data, let host change state */
@@ -1658,7 +1600,7 @@ static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai)
1658 setup_report_key(&cgc, ai->lsk.agid, 2); 1600 setup_report_key(&cgc, ai->lsk.agid, 2);
1659 1601
1660 if ((ret = cdo->generic_packet(cdi, &cgc))) 1602 if ((ret = cdo->generic_packet(cdi, &cgc)))
1661 goto err; 1603 return ret;
1662 1604
1663 copy_key(ai->lsk.key, &buf[4]); 1605 copy_key(ai->lsk.key, &buf[4]);
1664 /* Returning data, let host change state */ 1606 /* Returning data, let host change state */
@@ -1669,7 +1611,7 @@ static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai)
1669 setup_report_key(&cgc, ai->lsc.agid, 1); 1611 setup_report_key(&cgc, ai->lsc.agid, 1);
1670 1612
1671 if ((ret = cdo->generic_packet(cdi, &cgc))) 1613 if ((ret = cdo->generic_packet(cdi, &cgc)))
1672 goto err; 1614 return ret;
1673 1615
1674 copy_chal(ai->lsc.chal, &buf[4]); 1616 copy_chal(ai->lsc.chal, &buf[4]);
1675 /* Returning data, let host change state */ 1617 /* Returning data, let host change state */
@@ -1686,7 +1628,7 @@ static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai)
1686 cgc.cmd[2] = ai->lstk.lba >> 24; 1628 cgc.cmd[2] = ai->lstk.lba >> 24;
1687 1629
1688 if ((ret = cdo->generic_packet(cdi, &cgc))) 1630 if ((ret = cdo->generic_packet(cdi, &cgc)))
1689 goto err; 1631 return ret;
1690 1632
1691 ai->lstk.cpm = (buf[4] >> 7) & 1; 1633 ai->lstk.cpm = (buf[4] >> 7) & 1;
1692 ai->lstk.cp_sec = (buf[4] >> 6) & 1; 1634 ai->lstk.cp_sec = (buf[4] >> 6) & 1;
@@ -1700,7 +1642,7 @@ static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai)
1700 setup_report_key(&cgc, ai->lsasf.agid, 5); 1642 setup_report_key(&cgc, ai->lsasf.agid, 5);
1701 1643
1702 if ((ret = cdo->generic_packet(cdi, &cgc))) 1644 if ((ret = cdo->generic_packet(cdi, &cgc)))
1703 goto err; 1645 return ret;
1704 1646
1705 ai->lsasf.asf = buf[7] & 1; 1647 ai->lsasf.asf = buf[7] & 1;
1706 break; 1648 break;
@@ -1713,7 +1655,7 @@ static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai)
1713 copy_chal(&buf[4], ai->hsc.chal); 1655 copy_chal(&buf[4], ai->hsc.chal);
1714 1656
1715 if ((ret = cdo->generic_packet(cdi, &cgc))) 1657 if ((ret = cdo->generic_packet(cdi, &cgc)))
1716 goto err; 1658 return ret;
1717 1659
1718 ai->type = DVD_LU_SEND_KEY1; 1660 ai->type = DVD_LU_SEND_KEY1;
1719 break; 1661 break;
@@ -1726,7 +1668,7 @@ static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai)
1726 1668
1727 if ((ret = cdo->generic_packet(cdi, &cgc))) { 1669 if ((ret = cdo->generic_packet(cdi, &cgc))) {
1728 ai->type = DVD_AUTH_FAILURE; 1670 ai->type = DVD_AUTH_FAILURE;
1729 goto err; 1671 return ret;
1730 } 1672 }
1731 ai->type = DVD_AUTH_ESTABLISHED; 1673 ai->type = DVD_AUTH_ESTABLISHED;
1732 break; 1674 break;
@@ -1737,23 +1679,24 @@ static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai)
1737 cdinfo(CD_DVD, "entering DVD_INVALIDATE_AGID\n"); 1679 cdinfo(CD_DVD, "entering DVD_INVALIDATE_AGID\n");
1738 setup_report_key(&cgc, ai->lsa.agid, 0x3f); 1680 setup_report_key(&cgc, ai->lsa.agid, 0x3f);
1739 if ((ret = cdo->generic_packet(cdi, &cgc))) 1681 if ((ret = cdo->generic_packet(cdi, &cgc)))
1740 goto err; 1682 return ret;
1741 break; 1683 break;
1742 1684
1743 /* Get region settings */ 1685 /* Get region settings */
1744 case DVD_LU_SEND_RPC_STATE: 1686 case DVD_LU_SEND_RPC_STATE:
1745 cdinfo(CD_DVD, "entering DVD_LU_SEND_RPC_STATE\n"); 1687 cdinfo(CD_DVD, "entering DVD_LU_SEND_RPC_STATE\n");
1746 setup_report_key(&cgc, 0, 8); 1688 setup_report_key(&cgc, 0, 8);
1689 memset(&rpc_state, 0, sizeof(rpc_state_t));
1690 cgc.buffer = (char *) &rpc_state;
1747 1691
1748 if ((ret = cdo->generic_packet(cdi, &cgc))) 1692 if ((ret = cdo->generic_packet(cdi, &cgc)))
1749 goto err; 1693 return ret;
1750 1694
1751 rpc_state = (rpc_state_t *)buf; 1695 ai->lrpcs.type = rpc_state.type_code;
1752 ai->lrpcs.type = rpc_state->type_code; 1696 ai->lrpcs.vra = rpc_state.vra;
1753 ai->lrpcs.vra = rpc_state->vra; 1697 ai->lrpcs.ucca = rpc_state.ucca;
1754 ai->lrpcs.ucca = rpc_state->ucca; 1698 ai->lrpcs.region_mask = rpc_state.region_mask;
1755 ai->lrpcs.region_mask = rpc_state->region_mask; 1699 ai->lrpcs.rpc_scheme = rpc_state.rpc_scheme;
1756 ai->lrpcs.rpc_scheme = rpc_state->rpc_scheme;
1757 break; 1700 break;
1758 1701
1759 /* Set region settings */ 1702 /* Set region settings */
@@ -1764,23 +1707,20 @@ static int dvd_do_auth(struct cdrom_device_info *cdi, dvd_authinfo *ai)
1764 buf[4] = ai->hrpcs.pdrc; 1707 buf[4] = ai->hrpcs.pdrc;
1765 1708
1766 if ((ret = cdo->generic_packet(cdi, &cgc))) 1709 if ((ret = cdo->generic_packet(cdi, &cgc)))
1767 goto err; 1710 return ret;
1768 break; 1711 break;
1769 1712
1770 default: 1713 default:
1771 cdinfo(CD_WARNING, "Invalid DVD key ioctl (%d)\n", ai->type); 1714 cdinfo(CD_WARNING, "Invalid DVD key ioctl (%d)\n", ai->type);
1772 ret = -ENOTTY; 1715 return -ENOTTY;
1773 goto err;
1774 } 1716 }
1775 ret = 0; 1717
1776err: 1718 return 0;
1777 kfree(buf);
1778 return ret;
1779} 1719}
1780 1720
1781static int dvd_read_physical(struct cdrom_device_info *cdi, dvd_struct *s) 1721static int dvd_read_physical(struct cdrom_device_info *cdi, dvd_struct *s)
1782{ 1722{
1783 unsigned char *buf, *base; 1723 unsigned char buf[21], *base;
1784 struct dvd_layer *layer; 1724 struct dvd_layer *layer;
1785 struct packet_command cgc; 1725 struct packet_command cgc;
1786 struct cdrom_device_ops *cdo = cdi->ops; 1726 struct cdrom_device_ops *cdo = cdi->ops;
@@ -1789,11 +1729,7 @@ static int dvd_read_physical(struct cdrom_device_info *cdi, dvd_struct *s)
1789 if (layer_num >= DVD_LAYERS) 1729 if (layer_num >= DVD_LAYERS)
1790 return -EINVAL; 1730 return -EINVAL;
1791 1731
1792 buf = kmalloc(21, GFP_KERNEL); 1732 init_cdrom_command(&cgc, buf, sizeof(buf), CGC_DATA_READ);
1793 if (!buf)
1794 return -ENOMEM;
1795
1796 init_cdrom_command(&cgc, buf, 21, CGC_DATA_READ);
1797 cgc.cmd[0] = GPCMD_READ_DVD_STRUCTURE; 1733 cgc.cmd[0] = GPCMD_READ_DVD_STRUCTURE;
1798 cgc.cmd[6] = layer_num; 1734 cgc.cmd[6] = layer_num;
1799 cgc.cmd[7] = s->type; 1735 cgc.cmd[7] = s->type;
@@ -1805,7 +1741,7 @@ static int dvd_read_physical(struct cdrom_device_info *cdi, dvd_struct *s)
1805 cgc.quiet = 1; 1741 cgc.quiet = 1;
1806 1742
1807 if ((ret = cdo->generic_packet(cdi, &cgc))) 1743 if ((ret = cdo->generic_packet(cdi, &cgc)))
1808 goto err; 1744 return ret;
1809 1745
1810 base = &buf[4]; 1746 base = &buf[4];
1811 layer = &s->physical.layer[layer_num]; 1747 layer = &s->physical.layer[layer_num];
@@ -1829,24 +1765,17 @@ static int dvd_read_physical(struct cdrom_device_info *cdi, dvd_struct *s)
1829 layer->end_sector_l0 = base[13] << 16 | base[14] << 8 | base[15]; 1765 layer->end_sector_l0 = base[13] << 16 | base[14] << 8 | base[15];
1830 layer->bca = base[16] >> 7; 1766 layer->bca = base[16] >> 7;
1831 1767
1832 ret = 0; 1768 return 0;
1833err:
1834 kfree(buf);
1835 return ret;
1836} 1769}
1837 1770
1838static int dvd_read_copyright(struct cdrom_device_info *cdi, dvd_struct *s) 1771static int dvd_read_copyright(struct cdrom_device_info *cdi, dvd_struct *s)
1839{ 1772{
1840 int ret; 1773 int ret;
1841 u_char *buf; 1774 u_char buf[8];
1842 struct packet_command cgc; 1775 struct packet_command cgc;
1843 struct cdrom_device_ops *cdo = cdi->ops; 1776 struct cdrom_device_ops *cdo = cdi->ops;
1844 1777
1845 buf = kmalloc(8, GFP_KERNEL); 1778 init_cdrom_command(&cgc, buf, sizeof(buf), CGC_DATA_READ);
1846 if (!buf)
1847 return -ENOMEM;
1848
1849 init_cdrom_command(&cgc, buf, 8, CGC_DATA_READ);
1850 cgc.cmd[0] = GPCMD_READ_DVD_STRUCTURE; 1779 cgc.cmd[0] = GPCMD_READ_DVD_STRUCTURE;
1851 cgc.cmd[6] = s->copyright.layer_num; 1780 cgc.cmd[6] = s->copyright.layer_num;
1852 cgc.cmd[7] = s->type; 1781 cgc.cmd[7] = s->type;
@@ -1854,15 +1783,12 @@ static int dvd_read_copyright(struct cdrom_device_info *cdi, dvd_struct *s)
1854 cgc.cmd[9] = cgc.buflen & 0xff; 1783 cgc.cmd[9] = cgc.buflen & 0xff;
1855 1784
1856 if ((ret = cdo->generic_packet(cdi, &cgc))) 1785 if ((ret = cdo->generic_packet(cdi, &cgc)))
1857 goto err; 1786 return ret;
1858 1787
1859 s->copyright.cpst = buf[4]; 1788 s->copyright.cpst = buf[4];
1860 s->copyright.rmi = buf[5]; 1789 s->copyright.rmi = buf[5];
1861 1790
1862 ret = 0; 1791 return 0;
1863err:
1864 kfree(buf);
1865 return ret;
1866} 1792}
1867 1793
1868static int dvd_read_disckey(struct cdrom_device_info *cdi, dvd_struct *s) 1794static int dvd_read_disckey(struct cdrom_device_info *cdi, dvd_struct *s)
@@ -1894,33 +1820,26 @@ static int dvd_read_disckey(struct cdrom_device_info *cdi, dvd_struct *s)
1894static int dvd_read_bca(struct cdrom_device_info *cdi, dvd_struct *s) 1820static int dvd_read_bca(struct cdrom_device_info *cdi, dvd_struct *s)
1895{ 1821{
1896 int ret; 1822 int ret;
1897 u_char *buf; 1823 u_char buf[4 + 188];
1898 struct packet_command cgc; 1824 struct packet_command cgc;
1899 struct cdrom_device_ops *cdo = cdi->ops; 1825 struct cdrom_device_ops *cdo = cdi->ops;
1900 1826
1901 buf = kmalloc(4 + 188, GFP_KERNEL); 1827 init_cdrom_command(&cgc, buf, sizeof(buf), CGC_DATA_READ);
1902 if (!buf)
1903 return -ENOMEM;
1904
1905 init_cdrom_command(&cgc, buf, 4 + 188, CGC_DATA_READ);
1906 cgc.cmd[0] = GPCMD_READ_DVD_STRUCTURE; 1828 cgc.cmd[0] = GPCMD_READ_DVD_STRUCTURE;
1907 cgc.cmd[7] = s->type; 1829 cgc.cmd[7] = s->type;
1908 cgc.cmd[9] = cgc.buflen & 0xff; 1830 cgc.cmd[9] = cgc.buflen & 0xff;
1909 1831
1910 if ((ret = cdo->generic_packet(cdi, &cgc))) 1832 if ((ret = cdo->generic_packet(cdi, &cgc)))
1911 goto err; 1833 return ret;
1912 1834
1913 s->bca.len = buf[0] << 8 | buf[1]; 1835 s->bca.len = buf[0] << 8 | buf[1];
1914 if (s->bca.len < 12 || s->bca.len > 188) { 1836 if (s->bca.len < 12 || s->bca.len > 188) {
1915 cdinfo(CD_WARNING, "Received invalid BCA length (%d)\n", s->bca.len); 1837 cdinfo(CD_WARNING, "Received invalid BCA length (%d)\n", s->bca.len);
1916 ret = -EIO; 1838 return -EIO;
1917 goto err;
1918 } 1839 }
1919 memcpy(s->bca.value, &buf[4], s->bca.len); 1840 memcpy(s->bca.value, &buf[4], s->bca.len);
1920 ret = 0; 1841
1921err: 1842 return 0;
1922 kfree(buf);
1923 return ret;
1924} 1843}
1925 1844
1926static int dvd_read_manufact(struct cdrom_device_info *cdi, dvd_struct *s) 1845static int dvd_read_manufact(struct cdrom_device_info *cdi, dvd_struct *s)
@@ -2020,13 +1939,9 @@ static int cdrom_read_subchannel(struct cdrom_device_info *cdi,
2020{ 1939{
2021 struct cdrom_device_ops *cdo = cdi->ops; 1940 struct cdrom_device_ops *cdo = cdi->ops;
2022 struct packet_command cgc; 1941 struct packet_command cgc;
2023 char *buffer; 1942 char buffer[32];
2024 int ret; 1943 int ret;
2025 1944
2026 buffer = kmalloc(32, GFP_KERNEL);
2027 if (!buffer)
2028 return -ENOMEM;
2029
2030 init_cdrom_command(&cgc, buffer, 16, CGC_DATA_READ); 1945 init_cdrom_command(&cgc, buffer, 16, CGC_DATA_READ);
2031 cgc.cmd[0] = GPCMD_READ_SUBCHANNEL; 1946 cgc.cmd[0] = GPCMD_READ_SUBCHANNEL;
2032 cgc.cmd[1] = 2; /* MSF addressing */ 1947 cgc.cmd[1] = 2; /* MSF addressing */
@@ -2035,7 +1950,7 @@ static int cdrom_read_subchannel(struct cdrom_device_info *cdi,
2035 cgc.cmd[8] = 16; 1950 cgc.cmd[8] = 16;
2036 1951
2037 if ((ret = cdo->generic_packet(cdi, &cgc))) 1952 if ((ret = cdo->generic_packet(cdi, &cgc)))
2038 goto err; 1953 return ret;
2039 1954
2040 subchnl->cdsc_audiostatus = cgc.buffer[1]; 1955 subchnl->cdsc_audiostatus = cgc.buffer[1];
2041 subchnl->cdsc_format = CDROM_MSF; 1956 subchnl->cdsc_format = CDROM_MSF;
@@ -2050,10 +1965,7 @@ static int cdrom_read_subchannel(struct cdrom_device_info *cdi,
2050 subchnl->cdsc_absaddr.msf.second = cgc.buffer[10]; 1965 subchnl->cdsc_absaddr.msf.second = cgc.buffer[10];
2051 subchnl->cdsc_absaddr.msf.frame = cgc.buffer[11]; 1966 subchnl->cdsc_absaddr.msf.frame = cgc.buffer[11];
2052 1967
2053 ret = 0; 1968 return 0;
2054err:
2055 kfree(buffer);
2056 return ret;
2057} 1969}
2058 1970
2059/* 1971/*