diff options
| author | Jonathan Gray <jsg@cvs.openbsd.org> | 2007-04-12 13:08:35 +0000 |
|---|---|---|
| committer | Jonathan Gray <jsg@cvs.openbsd.org> | 2007-04-12 13:08:35 +0000 |
| commit | 69cb75cef494e433fde117925351241a1e775a95 (patch) | |
| tree | 4a37534697dc71acc6f5ec7a6265744257117225 /sys | |
| parent | 106403582938f109a9743d3d9fabf185668938a6 (diff) | |
Do a security freeze lock like we do in wd(4) to deal with systems
that leave the security set on by default.
"looks sane" grange@, "looks ok" pascoe@, "put it in" dlg@
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/dev/ata/atascsi.c | 33 | ||||
| -rw-r--r-- | sys/dev/ata/atascsi.h | 3 |
2 files changed, 33 insertions, 3 deletions
diff --git a/sys/dev/ata/atascsi.c b/sys/dev/ata/atascsi.c index 265e71cfc36..8782a8f802a 100644 --- a/sys/dev/ata/atascsi.c +++ b/sys/dev/ata/atascsi.c @@ -1,4 +1,4 @@ -/* $OpenBSD: atascsi.c,v 1.39 2007/04/10 23:37:06 dlg Exp $ */ +/* $OpenBSD: atascsi.c,v 1.40 2007/04/12 13:08:34 jsg Exp $ */ /* * Copyright (c) 2007 David Gwynne <dlg@openbsd.org> @@ -77,6 +77,8 @@ int atascsi_disk_sync(struct scsi_xfer *); void atascsi_disk_sync_done(struct ata_xfer *); int atascsi_disk_sense(struct scsi_xfer *); +void atascsi_empty_done(struct ata_xfer *); + int atascsi_atapi_cmd(struct scsi_xfer *); void atascsi_atapi_cmd_done(struct ata_xfer *); @@ -148,7 +150,8 @@ int atascsi_probe(struct atascsi *as, int port) { struct ata_port *ap; - int type; + struct ata_xfer *xa; + int type, s; if (port > as->as_link.adapter_buswidth) return (ENXIO); @@ -173,6 +176,26 @@ atascsi_probe(struct atascsi *as, int port) as->as_ports[port] = ap; + s = splbio(); + xa = ata_get_xfer(ap, 1); + splx(s); + if (xa == NULL) + return (EBUSY); + + /* + * FREEZE LOCK the device so malicous users can't lock it on us. + * As there is no harm in issuing this to devices that don't + * support the security feature set we just send it, and don't bother + * checking if the device sends a command abort to tell us it doesn't + * support it + */ + xa->fis->command = ATA_C_SEC_FREEZE_LOCK; + xa->fis->flags = ATA_H2D_FLAGS_CMD; + xa->complete = atascsi_empty_done; + xa->flags = ATA_F_POLL | ATA_F_PIO; + xa->timeout = 1000; + ata_exec(as, xa); + return (0); } @@ -368,6 +391,12 @@ atascsi_disk_cmd(struct scsi_xfer *xs) } void +atascsi_empty_done(struct ata_xfer *xa) +{ + ata_put_xfer(xa); +} + +void atascsi_disk_cmd_done(struct ata_xfer *xa) { struct scsi_xfer *xs = xa->atascsi_private; diff --git a/sys/dev/ata/atascsi.h b/sys/dev/ata/atascsi.h index 13ab5e773d6..ffe2e882ff7 100644 --- a/sys/dev/ata/atascsi.h +++ b/sys/dev/ata/atascsi.h @@ -1,4 +1,4 @@ -/* $OpenBSD: atascsi.h,v 1.24 2007/04/10 07:57:21 jsg Exp $ */ +/* $OpenBSD: atascsi.h,v 1.25 2007/04/12 13:08:34 jsg Exp $ */ /* * Copyright (c) 2007 David Gwynne <dlg@openbsd.org> @@ -33,6 +33,7 @@ struct atascsi; #define ATA_C_FLUSH_CACHE 0xe7 #define ATA_C_FLUSH_CACHE_EXT 0xea /* lba48 */ #define ATA_C_IDENTIFY 0xec +#define ATA_C_SEC_FREEZE_LOCK 0xf5 struct ata_identify { u_int16_t config; /* 0 */ |