1 /* 2 * Copyright (C) 2001, 2002 Sistina Software (UK) Limited. 3 * Copyright (C) 2004 - 2006 Red Hat, Inc. All rights reserved. 4 * 5 * This file is released under the GPL. 6 */ 7 8 #include "dm.h" 9 10 #include <linux/module.h> 11 #include <linux/vmalloc.h> 12 #include <linux/miscdevice.h> 13 #include <linux/init.h> 14 #include <linux/wait.h> 15 #include <linux/slab.h> 16 #include <linux/dm-ioctl.h> 17 #include <linux/hdreg.h> 18 #include <linux/compat.h> 19 20 #include <asm/uaccess.h> 21 22 #define DM_MSG_PREFIX "ioctl" 23 #define DM_DRIVER_EMAIL "dm-devel@redhat.com" 24 25 /*----------------------------------------------------------------- 26 * The ioctl interface needs to be able to look up devices by 27 * name or uuid. 28 *---------------------------------------------------------------*/ 29 struct hash_cell { 30 struct list_head name_list; 31 struct list_head uuid_list; 32 33 char *name; 34 char *uuid; 35 struct mapped_device *md; 36 struct dm_table *new_map; 37 }; 38 39 struct vers_iter { 40 size_t param_size; 41 struct dm_target_versions *vers, *old_vers; 42 char *end; 43 uint32_t flags; 44 }; 45 46 47 #define NUM_BUCKETS 64 48 #define MASK_BUCKETS (NUM_BUCKETS - 1) 49 static struct list_head _name_buckets[NUM_BUCKETS]; 50 static struct list_head _uuid_buckets[NUM_BUCKETS]; 51 52 static void dm_hash_remove_all(int keep_open_devices); 53 54 /* 55 * Guards access to both hash tables. 56 */ 57 static DECLARE_RWSEM(_hash_lock); 58 59 /* 60 * Protects use of mdptr to obtain hash cell name and uuid from mapped device. 61 */ 62 static DEFINE_MUTEX(dm_hash_cells_mutex); 63 64 static void init_buckets(struct list_head *buckets) 65 { 66 unsigned int i; 67 68 for (i = 0; i < NUM_BUCKETS; i++) 69 INIT_LIST_HEAD(buckets + i); 70 } 71 72 static int dm_hash_init(void) 73 { 74 init_buckets(_name_buckets); 75 init_buckets(_uuid_buckets); 76 return 0; 77 } 78 79 static void dm_hash_exit(void) 80 { 81 dm_hash_remove_all(0); 82 } 83 84 /*----------------------------------------------------------------- 85 * Hash function: 86 * We're not really concerned with the str hash function being 87 * fast since it's only used by the ioctl interface. 88 *---------------------------------------------------------------*/ 89 static unsigned int hash_str(const char *str) 90 { 91 const unsigned int hash_mult = 2654435387U; 92 unsigned int h = 0; 93 94 while (*str) 95 h = (h + (unsigned int) *str++) * hash_mult; 96 97 return h & MASK_BUCKETS; 98 } 99 100 /*----------------------------------------------------------------- 101 * Code for looking up a device by name 102 *---------------------------------------------------------------*/ 103 static struct hash_cell *__get_name_cell(const char *str) 104 { 105 struct hash_cell *hc; 106 unsigned int h = hash_str(str); 107 108 list_for_each_entry (hc, _name_buckets + h, name_list) 109 if (!strcmp(hc->name, str)) { 110 dm_get(hc->md); 111 return hc; 112 } 113 114 return NULL; 115 } 116 117 static struct hash_cell *__get_uuid_cell(const char *str) 118 { 119 struct hash_cell *hc; 120 unsigned int h = hash_str(str); 121 122 list_for_each_entry (hc, _uuid_buckets + h, uuid_list) 123 if (!strcmp(hc->uuid, str)) { 124 dm_get(hc->md); 125 return hc; 126 } 127 128 return NULL; 129 } 130 131 static struct hash_cell *__get_dev_cell(uint64_t dev) 132 { 133 struct mapped_device *md; 134 struct hash_cell *hc; 135 136 md = dm_get_md(huge_decode_dev(dev)); 137 if (!md) 138 return NULL; 139 140 hc = dm_get_mdptr(md); 141 if (!hc) { 142 dm_put(md); 143 return NULL; 144 } 145 146 return hc; 147 } 148 149 /*----------------------------------------------------------------- 150 * Inserting, removing and renaming a device. 151 *---------------------------------------------------------------*/ 152 static struct hash_cell *alloc_cell(const char *name, const char *uuid, 153 struct mapped_device *md) 154 { 155 struct hash_cell *hc; 156 157 hc = kmalloc(sizeof(*hc), GFP_KERNEL); 158 if (!hc) 159 return NULL; 160 161 hc->name = kstrdup(name, GFP_KERNEL); 162 if (!hc->name) { 163 kfree(hc); 164 return NULL; 165 } 166 167 if (!uuid) 168 hc->uuid = NULL; 169 170 else { 171 hc->uuid = kstrdup(uuid, GFP_KERNEL); 172 if (!hc->uuid) { 173 kfree(hc->name); 174 kfree(hc); 175 return NULL; 176 } 177 } 178 179 INIT_LIST_HEAD(&hc->name_list); 180 INIT_LIST_HEAD(&hc->uuid_list); 181 hc->md = md; 182 hc->new_map = NULL; 183 return hc; 184 } 185 186 static void free_cell(struct hash_cell *hc) 187 { 188 if (hc) { 189 kfree(hc->name); 190 kfree(hc->uuid); 191 kfree(hc); 192 } 193 } 194 195 /* 196 * The kdev_t and uuid of a device can never change once it is 197 * initially inserted. 198 */ 199 static int dm_hash_insert(const char *name, const char *uuid, struct mapped_device *md) 200 { 201 struct hash_cell *cell, *hc; 202 203 /* 204 * Allocate the new cells. 205 */ 206 cell = alloc_cell(name, uuid, md); 207 if (!cell) 208 return -ENOMEM; 209 210 /* 211 * Insert the cell into both hash tables. 212 */ 213 down_write(&_hash_lock); 214 hc = __get_name_cell(name); 215 if (hc) { 216 dm_put(hc->md); 217 goto bad; 218 } 219 220 list_add(&cell->name_list, _name_buckets + hash_str(name)); 221 222 if (uuid) { 223 hc = __get_uuid_cell(uuid); 224 if (hc) { 225 list_del(&cell->name_list); 226 dm_put(hc->md); 227 goto bad; 228 } 229 list_add(&cell->uuid_list, _uuid_buckets + hash_str(uuid)); 230 } 231 dm_get(md); 232 mutex_lock(&dm_hash_cells_mutex); 233 dm_set_mdptr(md, cell); 234 mutex_unlock(&dm_hash_cells_mutex); 235 up_write(&_hash_lock); 236 237 return 0; 238 239 bad: 240 up_write(&_hash_lock); 241 free_cell(cell); 242 return -EBUSY; 243 } 244 245 static void __hash_remove(struct hash_cell *hc) 246 { 247 struct dm_table *table; 248 249 /* remove from the dev hash */ 250 list_del(&hc->uuid_list); 251 list_del(&hc->name_list); 252 mutex_lock(&dm_hash_cells_mutex); 253 dm_set_mdptr(hc->md, NULL); 254 mutex_unlock(&dm_hash_cells_mutex); 255 256 table = dm_get_live_table(hc->md); 257 if (table) { 258 dm_table_event(table); 259 dm_table_put(table); 260 } 261 262 if (hc->new_map) 263 dm_table_destroy(hc->new_map); 264 dm_put(hc->md); 265 free_cell(hc); 266 } 267 268 static void dm_hash_remove_all(int keep_open_devices) 269 { 270 int i, dev_skipped; 271 struct hash_cell *hc; 272 struct mapped_device *md; 273 274 retry: 275 dev_skipped = 0; 276 277 down_write(&_hash_lock); 278 279 for (i = 0; i < NUM_BUCKETS; i++) { 280 list_for_each_entry(hc, _name_buckets + i, name_list) { 281 md = hc->md; 282 dm_get(md); 283 284 if (keep_open_devices && dm_lock_for_deletion(md)) { 285 dm_put(md); 286 dev_skipped++; 287 continue; 288 } 289 290 __hash_remove(hc); 291 292 up_write(&_hash_lock); 293 294 dm_put(md); 295 if (likely(keep_open_devices)) 296 dm_destroy(md); 297 else 298 dm_destroy_immediate(md); 299 300 /* 301 * Some mapped devices may be using other mapped 302 * devices, so repeat until we make no further 303 * progress. If a new mapped device is created 304 * here it will also get removed. 305 */ 306 goto retry; 307 } 308 } 309 310 up_write(&_hash_lock); 311 312 if (dev_skipped) 313 DMWARN("remove_all left %d open device(s)", dev_skipped); 314 } 315 316 /* 317 * Set the uuid of a hash_cell that isn't already set. 318 */ 319 static void __set_cell_uuid(struct hash_cell *hc, char *new_uuid) 320 { 321 mutex_lock(&dm_hash_cells_mutex); 322 hc->uuid = new_uuid; 323 mutex_unlock(&dm_hash_cells_mutex); 324 325 list_add(&hc->uuid_list, _uuid_buckets + hash_str(new_uuid)); 326 } 327 328 /* 329 * Changes the name of a hash_cell and returns the old name for 330 * the caller to free. 331 */ 332 static char *__change_cell_name(struct hash_cell *hc, char *new_name) 333 { 334 char *old_name; 335 336 /* 337 * Rename and move the name cell. 338 */ 339 list_del(&hc->name_list); 340 old_name = hc->name; 341 342 mutex_lock(&dm_hash_cells_mutex); 343 hc->name = new_name; 344 mutex_unlock(&dm_hash_cells_mutex); 345 346 list_add(&hc->name_list, _name_buckets + hash_str(new_name)); 347 348 return old_name; 349 } 350 351 static struct mapped_device *dm_hash_rename(struct dm_ioctl *param, 352 const char *new) 353 { 354 char *new_data, *old_name = NULL; 355 struct hash_cell *hc; 356 struct dm_table *table; 357 struct mapped_device *md; 358 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 359 360 /* 361 * duplicate new. 362 */ 363 new_data = kstrdup(new, GFP_KERNEL); 364 if (!new_data) 365 return ERR_PTR(-ENOMEM); 366 367 down_write(&_hash_lock); 368 369 /* 370 * Is new free ? 371 */ 372 if (change_uuid) 373 hc = __get_uuid_cell(new); 374 else 375 hc = __get_name_cell(new); 376 377 if (hc) { 378 DMWARN("Unable to change %s on mapped device %s to one that " 379 "already exists: %s", 380 change_uuid ? "uuid" : "name", 381 param->name, new); 382 dm_put(hc->md); 383 up_write(&_hash_lock); 384 kfree(new_data); 385 return ERR_PTR(-EBUSY); 386 } 387 388 /* 389 * Is there such a device as 'old' ? 390 */ 391 hc = __get_name_cell(param->name); 392 if (!hc) { 393 DMWARN("Unable to rename non-existent device, %s to %s%s", 394 param->name, change_uuid ? "uuid " : "", new); 395 up_write(&_hash_lock); 396 kfree(new_data); 397 return ERR_PTR(-ENXIO); 398 } 399 400 /* 401 * Does this device already have a uuid? 402 */ 403 if (change_uuid && hc->uuid) { 404 DMWARN("Unable to change uuid of mapped device %s to %s " 405 "because uuid is already set to %s", 406 param->name, new, hc->uuid); 407 dm_put(hc->md); 408 up_write(&_hash_lock); 409 kfree(new_data); 410 return ERR_PTR(-EINVAL); 411 } 412 413 if (change_uuid) 414 __set_cell_uuid(hc, new_data); 415 else 416 old_name = __change_cell_name(hc, new_data); 417 418 /* 419 * Wake up any dm event waiters. 420 */ 421 table = dm_get_live_table(hc->md); 422 if (table) { 423 dm_table_event(table); 424 dm_table_put(table); 425 } 426 427 if (!dm_kobject_uevent(hc->md, KOBJ_CHANGE, param->event_nr)) 428 param->flags |= DM_UEVENT_GENERATED_FLAG; 429 430 md = hc->md; 431 up_write(&_hash_lock); 432 kfree(old_name); 433 434 return md; 435 } 436 437 /*----------------------------------------------------------------- 438 * Implementation of the ioctl commands 439 *---------------------------------------------------------------*/ 440 /* 441 * All the ioctl commands get dispatched to functions with this 442 * prototype. 443 */ 444 typedef int (*ioctl_fn)(struct dm_ioctl *param, size_t param_size); 445 446 static int remove_all(struct dm_ioctl *param, size_t param_size) 447 { 448 dm_hash_remove_all(1); 449 param->data_size = 0; 450 return 0; 451 } 452 453 /* 454 * Round up the ptr to an 8-byte boundary. 455 */ 456 #define ALIGN_MASK 7 457 static inline void *align_ptr(void *ptr) 458 { 459 return (void *) (((size_t) (ptr + ALIGN_MASK)) & ~ALIGN_MASK); 460 } 461 462 /* 463 * Retrieves the data payload buffer from an already allocated 464 * struct dm_ioctl. 465 */ 466 static void *get_result_buffer(struct dm_ioctl *param, size_t param_size, 467 size_t *len) 468 { 469 param->data_start = align_ptr(param + 1) - (void *) param; 470 471 if (param->data_start < param_size) 472 *len = param_size - param->data_start; 473 else 474 *len = 0; 475 476 return ((void *) param) + param->data_start; 477 } 478 479 static int list_devices(struct dm_ioctl *param, size_t param_size) 480 { 481 unsigned int i; 482 struct hash_cell *hc; 483 size_t len, needed = 0; 484 struct gendisk *disk; 485 struct dm_name_list *nl, *old_nl = NULL; 486 487 down_write(&_hash_lock); 488 489 /* 490 * Loop through all the devices working out how much 491 * space we need. 492 */ 493 for (i = 0; i < NUM_BUCKETS; i++) { 494 list_for_each_entry (hc, _name_buckets + i, name_list) { 495 needed += sizeof(struct dm_name_list); 496 needed += strlen(hc->name) + 1; 497 needed += ALIGN_MASK; 498 } 499 } 500 501 /* 502 * Grab our output buffer. 503 */ 504 nl = get_result_buffer(param, param_size, &len); 505 if (len < needed) { 506 param->flags |= DM_BUFFER_FULL_FLAG; 507 goto out; 508 } 509 param->data_size = param->data_start + needed; 510 511 nl->dev = 0; /* Flags no data */ 512 513 /* 514 * Now loop through filling out the names. 515 */ 516 for (i = 0; i < NUM_BUCKETS; i++) { 517 list_for_each_entry (hc, _name_buckets + i, name_list) { 518 if (old_nl) 519 old_nl->next = (uint32_t) ((void *) nl - 520 (void *) old_nl); 521 disk = dm_disk(hc->md); 522 nl->dev = huge_encode_dev(disk_devt(disk)); 523 nl->next = 0; 524 strcpy(nl->name, hc->name); 525 526 old_nl = nl; 527 nl = align_ptr(((void *) ++nl) + strlen(hc->name) + 1); 528 } 529 } 530 531 out: 532 up_write(&_hash_lock); 533 return 0; 534 } 535 536 static void list_version_get_needed(struct target_type *tt, void *needed_param) 537 { 538 size_t *needed = needed_param; 539 540 *needed += sizeof(struct dm_target_versions); 541 *needed += strlen(tt->name); 542 *needed += ALIGN_MASK; 543 } 544 545 static void list_version_get_info(struct target_type *tt, void *param) 546 { 547 struct vers_iter *info = param; 548 549 /* Check space - it might have changed since the first iteration */ 550 if ((char *)info->vers + sizeof(tt->version) + strlen(tt->name) + 1 > 551 info->end) { 552 553 info->flags = DM_BUFFER_FULL_FLAG; 554 return; 555 } 556 557 if (info->old_vers) 558 info->old_vers->next = (uint32_t) ((void *)info->vers - 559 (void *)info->old_vers); 560 info->vers->version[0] = tt->version[0]; 561 info->vers->version[1] = tt->version[1]; 562 info->vers->version[2] = tt->version[2]; 563 info->vers->next = 0; 564 strcpy(info->vers->name, tt->name); 565 566 info->old_vers = info->vers; 567 info->vers = align_ptr(((void *) ++info->vers) + strlen(tt->name) + 1); 568 } 569 570 static int list_versions(struct dm_ioctl *param, size_t param_size) 571 { 572 size_t len, needed = 0; 573 struct dm_target_versions *vers; 574 struct vers_iter iter_info; 575 576 /* 577 * Loop through all the devices working out how much 578 * space we need. 579 */ 580 dm_target_iterate(list_version_get_needed, &needed); 581 582 /* 583 * Grab our output buffer. 584 */ 585 vers = get_result_buffer(param, param_size, &len); 586 if (len < needed) { 587 param->flags |= DM_BUFFER_FULL_FLAG; 588 goto out; 589 } 590 param->data_size = param->data_start + needed; 591 592 iter_info.param_size = param_size; 593 iter_info.old_vers = NULL; 594 iter_info.vers = vers; 595 iter_info.flags = 0; 596 iter_info.end = (char *)vers+len; 597 598 /* 599 * Now loop through filling out the names & versions. 600 */ 601 dm_target_iterate(list_version_get_info, &iter_info); 602 param->flags |= iter_info.flags; 603 604 out: 605 return 0; 606 } 607 608 static int check_name(const char *name) 609 { 610 if (strchr(name, '/')) { 611 DMWARN("invalid device name"); 612 return -EINVAL; 613 } 614 615 return 0; 616 } 617 618 /* 619 * On successful return, the caller must not attempt to acquire 620 * _hash_lock without first calling dm_table_put, because dm_table_destroy 621 * waits for this dm_table_put and could be called under this lock. 622 */ 623 static struct dm_table *dm_get_inactive_table(struct mapped_device *md) 624 { 625 struct hash_cell *hc; 626 struct dm_table *table = NULL; 627 628 down_read(&_hash_lock); 629 hc = dm_get_mdptr(md); 630 if (!hc || hc->md != md) { 631 DMWARN("device has been removed from the dev hash table."); 632 goto out; 633 } 634 635 table = hc->new_map; 636 if (table) 637 dm_table_get(table); 638 639 out: 640 up_read(&_hash_lock); 641 642 return table; 643 } 644 645 static struct dm_table *dm_get_live_or_inactive_table(struct mapped_device *md, 646 struct dm_ioctl *param) 647 { 648 return (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) ? 649 dm_get_inactive_table(md) : dm_get_live_table(md); 650 } 651 652 /* 653 * Fills in a dm_ioctl structure, ready for sending back to 654 * userland. 655 */ 656 static void __dev_status(struct mapped_device *md, struct dm_ioctl *param) 657 { 658 struct gendisk *disk = dm_disk(md); 659 struct dm_table *table; 660 661 param->flags &= ~(DM_SUSPEND_FLAG | DM_READONLY_FLAG | 662 DM_ACTIVE_PRESENT_FLAG); 663 664 if (dm_suspended_md(md)) 665 param->flags |= DM_SUSPEND_FLAG; 666 667 param->dev = huge_encode_dev(disk_devt(disk)); 668 669 /* 670 * Yes, this will be out of date by the time it gets back 671 * to userland, but it is still very useful for 672 * debugging. 673 */ 674 param->open_count = dm_open_count(md); 675 676 param->event_nr = dm_get_event_nr(md); 677 param->target_count = 0; 678 679 table = dm_get_live_table(md); 680 if (table) { 681 if (!(param->flags & DM_QUERY_INACTIVE_TABLE_FLAG)) { 682 if (get_disk_ro(disk)) 683 param->flags |= DM_READONLY_FLAG; 684 param->target_count = dm_table_get_num_targets(table); 685 } 686 dm_table_put(table); 687 688 param->flags |= DM_ACTIVE_PRESENT_FLAG; 689 } 690 691 if (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) { 692 table = dm_get_inactive_table(md); 693 if (table) { 694 if (!(dm_table_get_mode(table) & FMODE_WRITE)) 695 param->flags |= DM_READONLY_FLAG; 696 param->target_count = dm_table_get_num_targets(table); 697 dm_table_put(table); 698 } 699 } 700 } 701 702 static int dev_create(struct dm_ioctl *param, size_t param_size) 703 { 704 int r, m = DM_ANY_MINOR; 705 struct mapped_device *md; 706 707 r = check_name(param->name); 708 if (r) 709 return r; 710 711 if (param->flags & DM_PERSISTENT_DEV_FLAG) 712 m = MINOR(huge_decode_dev(param->dev)); 713 714 r = dm_create(m, &md); 715 if (r) 716 return r; 717 718 r = dm_hash_insert(param->name, *param->uuid ? param->uuid : NULL, md); 719 if (r) { 720 dm_put(md); 721 dm_destroy(md); 722 return r; 723 } 724 725 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 726 727 __dev_status(md, param); 728 729 dm_put(md); 730 731 return 0; 732 } 733 734 /* 735 * Always use UUID for lookups if it's present, otherwise use name or dev. 736 */ 737 static struct hash_cell *__find_device_hash_cell(struct dm_ioctl *param) 738 { 739 struct hash_cell *hc = NULL; 740 741 if (*param->uuid) { 742 if (*param->name || param->dev) 743 return NULL; 744 745 hc = __get_uuid_cell(param->uuid); 746 if (!hc) 747 return NULL; 748 } else if (*param->name) { 749 if (param->dev) 750 return NULL; 751 752 hc = __get_name_cell(param->name); 753 if (!hc) 754 return NULL; 755 } else if (param->dev) { 756 hc = __get_dev_cell(param->dev); 757 if (!hc) 758 return NULL; 759 } else 760 return NULL; 761 762 /* 763 * Sneakily write in both the name and the uuid 764 * while we have the cell. 765 */ 766 strlcpy(param->name, hc->name, sizeof(param->name)); 767 if (hc->uuid) 768 strlcpy(param->uuid, hc->uuid, sizeof(param->uuid)); 769 else 770 param->uuid[0] = '\0'; 771 772 if (hc->new_map) 773 param->flags |= DM_INACTIVE_PRESENT_FLAG; 774 else 775 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 776 777 return hc; 778 } 779 780 static struct mapped_device *find_device(struct dm_ioctl *param) 781 { 782 struct hash_cell *hc; 783 struct mapped_device *md = NULL; 784 785 down_read(&_hash_lock); 786 hc = __find_device_hash_cell(param); 787 if (hc) 788 md = hc->md; 789 up_read(&_hash_lock); 790 791 return md; 792 } 793 794 static int dev_remove(struct dm_ioctl *param, size_t param_size) 795 { 796 struct hash_cell *hc; 797 struct mapped_device *md; 798 int r; 799 800 down_write(&_hash_lock); 801 hc = __find_device_hash_cell(param); 802 803 if (!hc) { 804 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 805 up_write(&_hash_lock); 806 return -ENXIO; 807 } 808 809 md = hc->md; 810 811 /* 812 * Ensure the device is not open and nothing further can open it. 813 */ 814 r = dm_lock_for_deletion(md); 815 if (r) { 816 DMDEBUG_LIMIT("unable to remove open device %s", hc->name); 817 up_write(&_hash_lock); 818 dm_put(md); 819 return r; 820 } 821 822 __hash_remove(hc); 823 up_write(&_hash_lock); 824 825 if (!dm_kobject_uevent(md, KOBJ_REMOVE, param->event_nr)) 826 param->flags |= DM_UEVENT_GENERATED_FLAG; 827 828 dm_put(md); 829 dm_destroy(md); 830 return 0; 831 } 832 833 /* 834 * Check a string doesn't overrun the chunk of 835 * memory we copied from userland. 836 */ 837 static int invalid_str(char *str, void *end) 838 { 839 while ((void *) str < end) 840 if (!*str++) 841 return 0; 842 843 return -EINVAL; 844 } 845 846 static int dev_rename(struct dm_ioctl *param, size_t param_size) 847 { 848 int r; 849 char *new_data = (char *) param + param->data_start; 850 struct mapped_device *md; 851 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 852 853 if (new_data < param->data || 854 invalid_str(new_data, (void *) param + param_size) || 855 strlen(new_data) > (change_uuid ? DM_UUID_LEN - 1 : DM_NAME_LEN - 1)) { 856 DMWARN("Invalid new mapped device name or uuid string supplied."); 857 return -EINVAL; 858 } 859 860 if (!change_uuid) { 861 r = check_name(new_data); 862 if (r) 863 return r; 864 } 865 866 md = dm_hash_rename(param, new_data); 867 if (IS_ERR(md)) 868 return PTR_ERR(md); 869 870 __dev_status(md, param); 871 dm_put(md); 872 873 return 0; 874 } 875 876 static int dev_set_geometry(struct dm_ioctl *param, size_t param_size) 877 { 878 int r = -EINVAL, x; 879 struct mapped_device *md; 880 struct hd_geometry geometry; 881 unsigned long indata[4]; 882 char *geostr = (char *) param + param->data_start; 883 char dummy; 884 885 md = find_device(param); 886 if (!md) 887 return -ENXIO; 888 889 if (geostr < param->data || 890 invalid_str(geostr, (void *) param + param_size)) { 891 DMWARN("Invalid geometry supplied."); 892 goto out; 893 } 894 895 x = sscanf(geostr, "%lu %lu %lu %lu%c", indata, 896 indata + 1, indata + 2, indata + 3, &dummy); 897 898 if (x != 4) { 899 DMWARN("Unable to interpret geometry settings."); 900 goto out; 901 } 902 903 if (indata[0] > 65535 || indata[1] > 255 || 904 indata[2] > 255 || indata[3] > ULONG_MAX) { 905 DMWARN("Geometry exceeds range limits."); 906 goto out; 907 } 908 909 geometry.cylinders = indata[0]; 910 geometry.heads = indata[1]; 911 geometry.sectors = indata[2]; 912 geometry.start = indata[3]; 913 914 r = dm_set_geometry(md, &geometry); 915 916 param->data_size = 0; 917 918 out: 919 dm_put(md); 920 return r; 921 } 922 923 static int do_suspend(struct dm_ioctl *param) 924 { 925 int r = 0; 926 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 927 struct mapped_device *md; 928 929 md = find_device(param); 930 if (!md) 931 return -ENXIO; 932 933 if (param->flags & DM_SKIP_LOCKFS_FLAG) 934 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 935 if (param->flags & DM_NOFLUSH_FLAG) 936 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 937 938 if (!dm_suspended_md(md)) { 939 r = dm_suspend(md, suspend_flags); 940 if (r) 941 goto out; 942 } 943 944 __dev_status(md, param); 945 946 out: 947 dm_put(md); 948 949 return r; 950 } 951 952 static int do_resume(struct dm_ioctl *param) 953 { 954 int r = 0; 955 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 956 struct hash_cell *hc; 957 struct mapped_device *md; 958 struct dm_table *new_map, *old_map = NULL; 959 960 down_write(&_hash_lock); 961 962 hc = __find_device_hash_cell(param); 963 if (!hc) { 964 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 965 up_write(&_hash_lock); 966 return -ENXIO; 967 } 968 969 md = hc->md; 970 971 new_map = hc->new_map; 972 hc->new_map = NULL; 973 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 974 975 up_write(&_hash_lock); 976 977 /* Do we need to load a new map ? */ 978 if (new_map) { 979 /* Suspend if it isn't already suspended */ 980 if (param->flags & DM_SKIP_LOCKFS_FLAG) 981 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 982 if (param->flags & DM_NOFLUSH_FLAG) 983 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 984 if (!dm_suspended_md(md)) 985 dm_suspend(md, suspend_flags); 986 987 old_map = dm_swap_table(md, new_map); 988 if (IS_ERR(old_map)) { 989 dm_table_destroy(new_map); 990 dm_put(md); 991 return PTR_ERR(old_map); 992 } 993 994 if (dm_table_get_mode(new_map) & FMODE_WRITE) 995 set_disk_ro(dm_disk(md), 0); 996 else 997 set_disk_ro(dm_disk(md), 1); 998 } 999 1000 if (dm_suspended_md(md)) { 1001 r = dm_resume(md); 1002 if (!r && !dm_kobject_uevent(md, KOBJ_CHANGE, param->event_nr)) 1003 param->flags |= DM_UEVENT_GENERATED_FLAG; 1004 } 1005 1006 if (old_map) 1007 dm_table_destroy(old_map); 1008 1009 if (!r) 1010 __dev_status(md, param); 1011 1012 dm_put(md); 1013 return r; 1014 } 1015 1016 /* 1017 * Set or unset the suspension state of a device. 1018 * If the device already is in the requested state we just return its status. 1019 */ 1020 static int dev_suspend(struct dm_ioctl *param, size_t param_size) 1021 { 1022 if (param->flags & DM_SUSPEND_FLAG) 1023 return do_suspend(param); 1024 1025 return do_resume(param); 1026 } 1027 1028 /* 1029 * Copies device info back to user space, used by 1030 * the create and info ioctls. 1031 */ 1032 static int dev_status(struct dm_ioctl *param, size_t param_size) 1033 { 1034 struct mapped_device *md; 1035 1036 md = find_device(param); 1037 if (!md) 1038 return -ENXIO; 1039 1040 __dev_status(md, param); 1041 dm_put(md); 1042 1043 return 0; 1044 } 1045 1046 /* 1047 * Build up the status struct for each target 1048 */ 1049 static void retrieve_status(struct dm_table *table, 1050 struct dm_ioctl *param, size_t param_size) 1051 { 1052 unsigned int i, num_targets; 1053 struct dm_target_spec *spec; 1054 char *outbuf, *outptr; 1055 status_type_t type; 1056 size_t remaining, len, used = 0; 1057 unsigned status_flags = 0; 1058 1059 outptr = outbuf = get_result_buffer(param, param_size, &len); 1060 1061 if (param->flags & DM_STATUS_TABLE_FLAG) 1062 type = STATUSTYPE_TABLE; 1063 else 1064 type = STATUSTYPE_INFO; 1065 1066 /* Get all the target info */ 1067 num_targets = dm_table_get_num_targets(table); 1068 for (i = 0; i < num_targets; i++) { 1069 struct dm_target *ti = dm_table_get_target(table, i); 1070 size_t l; 1071 1072 remaining = len - (outptr - outbuf); 1073 if (remaining <= sizeof(struct dm_target_spec)) { 1074 param->flags |= DM_BUFFER_FULL_FLAG; 1075 break; 1076 } 1077 1078 spec = (struct dm_target_spec *) outptr; 1079 1080 spec->status = 0; 1081 spec->sector_start = ti->begin; 1082 spec->length = ti->len; 1083 strncpy(spec->target_type, ti->type->name, 1084 sizeof(spec->target_type)); 1085 1086 outptr += sizeof(struct dm_target_spec); 1087 remaining = len - (outptr - outbuf); 1088 if (remaining <= 0) { 1089 param->flags |= DM_BUFFER_FULL_FLAG; 1090 break; 1091 } 1092 1093 /* Get the status/table string from the target driver */ 1094 if (ti->type->status) { 1095 if (param->flags & DM_NOFLUSH_FLAG) 1096 status_flags |= DM_STATUS_NOFLUSH_FLAG; 1097 ti->type->status(ti, type, status_flags, outptr, remaining); 1098 } else 1099 outptr[0] = '\0'; 1100 1101 l = strlen(outptr) + 1; 1102 if (l == remaining) { 1103 param->flags |= DM_BUFFER_FULL_FLAG; 1104 break; 1105 } 1106 1107 outptr += l; 1108 used = param->data_start + (outptr - outbuf); 1109 1110 outptr = align_ptr(outptr); 1111 spec->next = outptr - outbuf; 1112 } 1113 1114 if (used) 1115 param->data_size = used; 1116 1117 param->target_count = num_targets; 1118 } 1119 1120 /* 1121 * Wait for a device to report an event 1122 */ 1123 static int dev_wait(struct dm_ioctl *param, size_t param_size) 1124 { 1125 int r = 0; 1126 struct mapped_device *md; 1127 struct dm_table *table; 1128 1129 md = find_device(param); 1130 if (!md) 1131 return -ENXIO; 1132 1133 /* 1134 * Wait for a notification event 1135 */ 1136 if (dm_wait_event(md, param->event_nr)) { 1137 r = -ERESTARTSYS; 1138 goto out; 1139 } 1140 1141 /* 1142 * The userland program is going to want to know what 1143 * changed to trigger the event, so we may as well tell 1144 * him and save an ioctl. 1145 */ 1146 __dev_status(md, param); 1147 1148 table = dm_get_live_or_inactive_table(md, param); 1149 if (table) { 1150 retrieve_status(table, param, param_size); 1151 dm_table_put(table); 1152 } 1153 1154 out: 1155 dm_put(md); 1156 1157 return r; 1158 } 1159 1160 static inline fmode_t get_mode(struct dm_ioctl *param) 1161 { 1162 fmode_t mode = FMODE_READ | FMODE_WRITE; 1163 1164 if (param->flags & DM_READONLY_FLAG) 1165 mode = FMODE_READ; 1166 1167 return mode; 1168 } 1169 1170 static int next_target(struct dm_target_spec *last, uint32_t next, void *end, 1171 struct dm_target_spec **spec, char **target_params) 1172 { 1173 *spec = (struct dm_target_spec *) ((unsigned char *) last + next); 1174 *target_params = (char *) (*spec + 1); 1175 1176 if (*spec < (last + 1)) 1177 return -EINVAL; 1178 1179 return invalid_str(*target_params, end); 1180 } 1181 1182 static int populate_table(struct dm_table *table, 1183 struct dm_ioctl *param, size_t param_size) 1184 { 1185 int r; 1186 unsigned int i = 0; 1187 struct dm_target_spec *spec = (struct dm_target_spec *) param; 1188 uint32_t next = param->data_start; 1189 void *end = (void *) param + param_size; 1190 char *target_params; 1191 1192 if (!param->target_count) { 1193 DMWARN("populate_table: no targets specified"); 1194 return -EINVAL; 1195 } 1196 1197 for (i = 0; i < param->target_count; i++) { 1198 1199 r = next_target(spec, next, end, &spec, &target_params); 1200 if (r) { 1201 DMWARN("unable to find target"); 1202 return r; 1203 } 1204 1205 r = dm_table_add_target(table, spec->target_type, 1206 (sector_t) spec->sector_start, 1207 (sector_t) spec->length, 1208 target_params); 1209 if (r) { 1210 DMWARN("error adding target to table"); 1211 return r; 1212 } 1213 1214 next = spec->next; 1215 } 1216 1217 return dm_table_complete(table); 1218 } 1219 1220 static int table_load(struct dm_ioctl *param, size_t param_size) 1221 { 1222 int r; 1223 struct hash_cell *hc; 1224 struct dm_table *t; 1225 struct mapped_device *md; 1226 struct target_type *immutable_target_type; 1227 1228 md = find_device(param); 1229 if (!md) 1230 return -ENXIO; 1231 1232 r = dm_table_create(&t, get_mode(param), param->target_count, md); 1233 if (r) 1234 goto out; 1235 1236 r = populate_table(t, param, param_size); 1237 if (r) { 1238 dm_table_destroy(t); 1239 goto out; 1240 } 1241 1242 immutable_target_type = dm_get_immutable_target_type(md); 1243 if (immutable_target_type && 1244 (immutable_target_type != dm_table_get_immutable_target_type(t))) { 1245 DMWARN("can't replace immutable target type %s", 1246 immutable_target_type->name); 1247 dm_table_destroy(t); 1248 r = -EINVAL; 1249 goto out; 1250 } 1251 1252 /* Protect md->type and md->queue against concurrent table loads. */ 1253 dm_lock_md_type(md); 1254 if (dm_get_md_type(md) == DM_TYPE_NONE) 1255 /* Initial table load: acquire type of table. */ 1256 dm_set_md_type(md, dm_table_get_type(t)); 1257 else if (dm_get_md_type(md) != dm_table_get_type(t)) { 1258 DMWARN("can't change device type after initial table load."); 1259 dm_table_destroy(t); 1260 dm_unlock_md_type(md); 1261 r = -EINVAL; 1262 goto out; 1263 } 1264 1265 /* setup md->queue to reflect md's type (may block) */ 1266 r = dm_setup_md_queue(md); 1267 if (r) { 1268 DMWARN("unable to set up device queue for new table."); 1269 dm_table_destroy(t); 1270 dm_unlock_md_type(md); 1271 goto out; 1272 } 1273 dm_unlock_md_type(md); 1274 1275 /* stage inactive table */ 1276 down_write(&_hash_lock); 1277 hc = dm_get_mdptr(md); 1278 if (!hc || hc->md != md) { 1279 DMWARN("device has been removed from the dev hash table."); 1280 dm_table_destroy(t); 1281 up_write(&_hash_lock); 1282 r = -ENXIO; 1283 goto out; 1284 } 1285 1286 if (hc->new_map) 1287 dm_table_destroy(hc->new_map); 1288 hc->new_map = t; 1289 up_write(&_hash_lock); 1290 1291 param->flags |= DM_INACTIVE_PRESENT_FLAG; 1292 __dev_status(md, param); 1293 1294 out: 1295 dm_put(md); 1296 1297 return r; 1298 } 1299 1300 static int table_clear(struct dm_ioctl *param, size_t param_size) 1301 { 1302 struct hash_cell *hc; 1303 struct mapped_device *md; 1304 1305 down_write(&_hash_lock); 1306 1307 hc = __find_device_hash_cell(param); 1308 if (!hc) { 1309 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1310 up_write(&_hash_lock); 1311 return -ENXIO; 1312 } 1313 1314 if (hc->new_map) { 1315 dm_table_destroy(hc->new_map); 1316 hc->new_map = NULL; 1317 } 1318 1319 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 1320 1321 __dev_status(hc->md, param); 1322 md = hc->md; 1323 up_write(&_hash_lock); 1324 dm_put(md); 1325 1326 return 0; 1327 } 1328 1329 /* 1330 * Retrieves a list of devices used by a particular dm device. 1331 */ 1332 static void retrieve_deps(struct dm_table *table, 1333 struct dm_ioctl *param, size_t param_size) 1334 { 1335 unsigned int count = 0; 1336 struct list_head *tmp; 1337 size_t len, needed; 1338 struct dm_dev_internal *dd; 1339 struct dm_target_deps *deps; 1340 1341 deps = get_result_buffer(param, param_size, &len); 1342 1343 /* 1344 * Count the devices. 1345 */ 1346 list_for_each (tmp, dm_table_get_devices(table)) 1347 count++; 1348 1349 /* 1350 * Check we have enough space. 1351 */ 1352 needed = sizeof(*deps) + (sizeof(*deps->dev) * count); 1353 if (len < needed) { 1354 param->flags |= DM_BUFFER_FULL_FLAG; 1355 return; 1356 } 1357 1358 /* 1359 * Fill in the devices. 1360 */ 1361 deps->count = count; 1362 count = 0; 1363 list_for_each_entry (dd, dm_table_get_devices(table), list) 1364 deps->dev[count++] = huge_encode_dev(dd->dm_dev.bdev->bd_dev); 1365 1366 param->data_size = param->data_start + needed; 1367 } 1368 1369 static int table_deps(struct dm_ioctl *param, size_t param_size) 1370 { 1371 struct mapped_device *md; 1372 struct dm_table *table; 1373 1374 md = find_device(param); 1375 if (!md) 1376 return -ENXIO; 1377 1378 __dev_status(md, param); 1379 1380 table = dm_get_live_or_inactive_table(md, param); 1381 if (table) { 1382 retrieve_deps(table, param, param_size); 1383 dm_table_put(table); 1384 } 1385 1386 dm_put(md); 1387 1388 return 0; 1389 } 1390 1391 /* 1392 * Return the status of a device as a text string for each 1393 * target. 1394 */ 1395 static int table_status(struct dm_ioctl *param, size_t param_size) 1396 { 1397 struct mapped_device *md; 1398 struct dm_table *table; 1399 1400 md = find_device(param); 1401 if (!md) 1402 return -ENXIO; 1403 1404 __dev_status(md, param); 1405 1406 table = dm_get_live_or_inactive_table(md, param); 1407 if (table) { 1408 retrieve_status(table, param, param_size); 1409 dm_table_put(table); 1410 } 1411 1412 dm_put(md); 1413 1414 return 0; 1415 } 1416 1417 static bool buffer_test_overflow(char *result, unsigned maxlen) 1418 { 1419 return !maxlen || strlen(result) + 1 >= maxlen; 1420 } 1421 1422 /* 1423 * Process device-mapper dependent messages. 1424 * Returns a number <= 1 if message was processed by device mapper. 1425 * Returns 2 if message should be delivered to the target. 1426 */ 1427 static int message_for_md(struct mapped_device *md, unsigned argc, char **argv, 1428 char *result, unsigned maxlen) 1429 { 1430 return 2; 1431 } 1432 1433 /* 1434 * Pass a message to the target that's at the supplied device offset. 1435 */ 1436 static int target_message(struct dm_ioctl *param, size_t param_size) 1437 { 1438 int r, argc; 1439 char **argv; 1440 struct mapped_device *md; 1441 struct dm_table *table; 1442 struct dm_target *ti; 1443 struct dm_target_msg *tmsg = (void *) param + param->data_start; 1444 size_t maxlen; 1445 char *result = get_result_buffer(param, param_size, &maxlen); 1446 1447 md = find_device(param); 1448 if (!md) 1449 return -ENXIO; 1450 1451 if (tmsg < (struct dm_target_msg *) param->data || 1452 invalid_str(tmsg->message, (void *) param + param_size)) { 1453 DMWARN("Invalid target message parameters."); 1454 r = -EINVAL; 1455 goto out; 1456 } 1457 1458 r = dm_split_args(&argc, &argv, tmsg->message); 1459 if (r) { 1460 DMWARN("Failed to split target message parameters"); 1461 goto out; 1462 } 1463 1464 if (!argc) { 1465 DMWARN("Empty message received."); 1466 goto out_argv; 1467 } 1468 1469 r = message_for_md(md, argc, argv, result, maxlen); 1470 if (r <= 1) 1471 goto out_argv; 1472 1473 table = dm_get_live_table(md); 1474 if (!table) 1475 goto out_argv; 1476 1477 if (dm_deleting_md(md)) { 1478 r = -ENXIO; 1479 goto out_table; 1480 } 1481 1482 ti = dm_table_find_target(table, tmsg->sector); 1483 if (!dm_target_is_valid(ti)) { 1484 DMWARN("Target message sector outside device."); 1485 r = -EINVAL; 1486 } else if (ti->type->message) 1487 r = ti->type->message(ti, argc, argv); 1488 else { 1489 DMWARN("Target type does not support messages"); 1490 r = -EINVAL; 1491 } 1492 1493 out_table: 1494 dm_table_put(table); 1495 out_argv: 1496 kfree(argv); 1497 out: 1498 if (r >= 0) 1499 __dev_status(md, param); 1500 1501 if (r == 1) { 1502 param->flags |= DM_DATA_OUT_FLAG; 1503 if (buffer_test_overflow(result, maxlen)) 1504 param->flags |= DM_BUFFER_FULL_FLAG; 1505 else 1506 param->data_size = param->data_start + strlen(result) + 1; 1507 r = 0; 1508 } 1509 1510 dm_put(md); 1511 return r; 1512 } 1513 1514 /* 1515 * The ioctl parameter block consists of two parts, a dm_ioctl struct 1516 * followed by a data buffer. This flag is set if the second part, 1517 * which has a variable size, is not used by the function processing 1518 * the ioctl. 1519 */ 1520 #define IOCTL_FLAGS_NO_PARAMS 1 1521 1522 /*----------------------------------------------------------------- 1523 * Implementation of open/close/ioctl on the special char 1524 * device. 1525 *---------------------------------------------------------------*/ 1526 static ioctl_fn lookup_ioctl(unsigned int cmd, int *ioctl_flags) 1527 { 1528 static struct { 1529 int cmd; 1530 int flags; 1531 ioctl_fn fn; 1532 } _ioctls[] = { 1533 {DM_VERSION_CMD, 0, NULL}, /* version is dealt with elsewhere */ 1534 {DM_REMOVE_ALL_CMD, IOCTL_FLAGS_NO_PARAMS, remove_all}, 1535 {DM_LIST_DEVICES_CMD, 0, list_devices}, 1536 1537 {DM_DEV_CREATE_CMD, IOCTL_FLAGS_NO_PARAMS, dev_create}, 1538 {DM_DEV_REMOVE_CMD, IOCTL_FLAGS_NO_PARAMS, dev_remove}, 1539 {DM_DEV_RENAME_CMD, 0, dev_rename}, 1540 {DM_DEV_SUSPEND_CMD, IOCTL_FLAGS_NO_PARAMS, dev_suspend}, 1541 {DM_DEV_STATUS_CMD, IOCTL_FLAGS_NO_PARAMS, dev_status}, 1542 {DM_DEV_WAIT_CMD, 0, dev_wait}, 1543 1544 {DM_TABLE_LOAD_CMD, 0, table_load}, 1545 {DM_TABLE_CLEAR_CMD, IOCTL_FLAGS_NO_PARAMS, table_clear}, 1546 {DM_TABLE_DEPS_CMD, 0, table_deps}, 1547 {DM_TABLE_STATUS_CMD, 0, table_status}, 1548 1549 {DM_LIST_VERSIONS_CMD, 0, list_versions}, 1550 1551 {DM_TARGET_MSG_CMD, 0, target_message}, 1552 {DM_DEV_SET_GEOMETRY_CMD, 0, dev_set_geometry} 1553 }; 1554 1555 if (unlikely(cmd >= ARRAY_SIZE(_ioctls))) 1556 return NULL; 1557 1558 *ioctl_flags = _ioctls[cmd].flags; 1559 return _ioctls[cmd].fn; 1560 } 1561 1562 /* 1563 * As well as checking the version compatibility this always 1564 * copies the kernel interface version out. 1565 */ 1566 static int check_version(unsigned int cmd, struct dm_ioctl __user *user) 1567 { 1568 uint32_t version[3]; 1569 int r = 0; 1570 1571 if (copy_from_user(version, user->version, sizeof(version))) 1572 return -EFAULT; 1573 1574 if ((DM_VERSION_MAJOR != version[0]) || 1575 (DM_VERSION_MINOR < version[1])) { 1576 DMWARN("ioctl interface mismatch: " 1577 "kernel(%u.%u.%u), user(%u.%u.%u), cmd(%d)", 1578 DM_VERSION_MAJOR, DM_VERSION_MINOR, 1579 DM_VERSION_PATCHLEVEL, 1580 version[0], version[1], version[2], cmd); 1581 r = -EINVAL; 1582 } 1583 1584 /* 1585 * Fill in the kernel version. 1586 */ 1587 version[0] = DM_VERSION_MAJOR; 1588 version[1] = DM_VERSION_MINOR; 1589 version[2] = DM_VERSION_PATCHLEVEL; 1590 if (copy_to_user(user->version, version, sizeof(version))) 1591 return -EFAULT; 1592 1593 return r; 1594 } 1595 1596 #define DM_PARAMS_KMALLOC 0x0001 /* Params alloced with kmalloc */ 1597 #define DM_PARAMS_VMALLOC 0x0002 /* Params alloced with vmalloc */ 1598 #define DM_WIPE_BUFFER 0x0010 /* Wipe input buffer before returning from ioctl */ 1599 1600 static void free_params(struct dm_ioctl *param, size_t param_size, int param_flags) 1601 { 1602 if (param_flags & DM_WIPE_BUFFER) 1603 memset(param, 0, param_size); 1604 1605 if (param_flags & DM_PARAMS_KMALLOC) 1606 kfree(param); 1607 if (param_flags & DM_PARAMS_VMALLOC) 1608 vfree(param); 1609 } 1610 1611 static int copy_params(struct dm_ioctl __user *user, struct dm_ioctl *param_kernel, 1612 int ioctl_flags, 1613 struct dm_ioctl **param, int *param_flags) 1614 { 1615 struct dm_ioctl *dmi; 1616 int secure_data; 1617 const size_t minimum_data_size = sizeof(*param_kernel) - sizeof(param_kernel->data); 1618 1619 if (copy_from_user(param_kernel, user, minimum_data_size)) 1620 return -EFAULT; 1621 1622 if (param_kernel->data_size < minimum_data_size) 1623 return -EINVAL; 1624 1625 secure_data = param_kernel->flags & DM_SECURE_DATA_FLAG; 1626 1627 *param_flags = secure_data ? DM_WIPE_BUFFER : 0; 1628 1629 if (ioctl_flags & IOCTL_FLAGS_NO_PARAMS) { 1630 dmi = param_kernel; 1631 dmi->data_size = minimum_data_size; 1632 goto data_copied; 1633 } 1634 1635 /* 1636 * Try to avoid low memory issues when a device is suspended. 1637 * Use kmalloc() rather than vmalloc() when we can. 1638 */ 1639 dmi = NULL; 1640 if (param_kernel->data_size <= KMALLOC_MAX_SIZE) { 1641 dmi = kmalloc(param_kernel->data_size, GFP_NOIO | __GFP_NORETRY | __GFP_NOMEMALLOC | __GFP_NOWARN); 1642 if (dmi) 1643 *param_flags |= DM_PARAMS_KMALLOC; 1644 } 1645 1646 if (!dmi) { 1647 dmi = __vmalloc(param_kernel->data_size, GFP_NOIO | __GFP_REPEAT | __GFP_HIGH, PAGE_KERNEL); 1648 if (dmi) 1649 *param_flags |= DM_PARAMS_VMALLOC; 1650 } 1651 1652 if (!dmi) { 1653 if (secure_data && clear_user(user, param_kernel->data_size)) 1654 return -EFAULT; 1655 return -ENOMEM; 1656 } 1657 1658 if (copy_from_user(dmi, user, param_kernel->data_size)) 1659 goto bad; 1660 1661 data_copied: 1662 /* 1663 * Abort if something changed the ioctl data while it was being copied. 1664 */ 1665 if (dmi->data_size != param_kernel->data_size) { 1666 DMERR("rejecting ioctl: data size modified while processing parameters"); 1667 goto bad; 1668 } 1669 1670 /* Wipe the user buffer so we do not return it to userspace */ 1671 if (secure_data && clear_user(user, param_kernel->data_size)) 1672 goto bad; 1673 1674 *param = dmi; 1675 return 0; 1676 1677 bad: 1678 free_params(dmi, param_kernel->data_size, *param_flags); 1679 1680 return -EFAULT; 1681 } 1682 1683 static int validate_params(uint cmd, struct dm_ioctl *param) 1684 { 1685 /* Always clear this flag */ 1686 param->flags &= ~DM_BUFFER_FULL_FLAG; 1687 param->flags &= ~DM_UEVENT_GENERATED_FLAG; 1688 param->flags &= ~DM_SECURE_DATA_FLAG; 1689 param->flags &= ~DM_DATA_OUT_FLAG; 1690 1691 /* Ignores parameters */ 1692 if (cmd == DM_REMOVE_ALL_CMD || 1693 cmd == DM_LIST_DEVICES_CMD || 1694 cmd == DM_LIST_VERSIONS_CMD) 1695 return 0; 1696 1697 if ((cmd == DM_DEV_CREATE_CMD)) { 1698 if (!*param->name) { 1699 DMWARN("name not supplied when creating device"); 1700 return -EINVAL; 1701 } 1702 } else if ((*param->uuid && *param->name)) { 1703 DMWARN("only supply one of name or uuid, cmd(%u)", cmd); 1704 return -EINVAL; 1705 } 1706 1707 /* Ensure strings are terminated */ 1708 param->name[DM_NAME_LEN - 1] = '\0'; 1709 param->uuid[DM_UUID_LEN - 1] = '\0'; 1710 1711 return 0; 1712 } 1713 1714 static int ctl_ioctl(uint command, struct dm_ioctl __user *user) 1715 { 1716 int r = 0; 1717 int ioctl_flags; 1718 int param_flags; 1719 unsigned int cmd; 1720 struct dm_ioctl *uninitialized_var(param); 1721 ioctl_fn fn = NULL; 1722 size_t input_param_size; 1723 struct dm_ioctl param_kernel; 1724 1725 /* only root can play with this */ 1726 if (!capable(CAP_SYS_ADMIN)) 1727 return -EACCES; 1728 1729 if (_IOC_TYPE(command) != DM_IOCTL) 1730 return -ENOTTY; 1731 1732 cmd = _IOC_NR(command); 1733 1734 /* 1735 * Check the interface version passed in. This also 1736 * writes out the kernel's interface version. 1737 */ 1738 r = check_version(cmd, user); 1739 if (r) 1740 return r; 1741 1742 /* 1743 * Nothing more to do for the version command. 1744 */ 1745 if (cmd == DM_VERSION_CMD) 1746 return 0; 1747 1748 fn = lookup_ioctl(cmd, &ioctl_flags); 1749 if (!fn) { 1750 DMWARN("dm_ctl_ioctl: unknown command 0x%x", command); 1751 return -ENOTTY; 1752 } 1753 1754 /* 1755 * Copy the parameters into kernel space. 1756 */ 1757 r = copy_params(user, ¶m_kernel, ioctl_flags, ¶m, ¶m_flags); 1758 1759 if (r) 1760 return r; 1761 1762 input_param_size = param->data_size; 1763 r = validate_params(cmd, param); 1764 if (r) 1765 goto out; 1766 1767 param->data_size = sizeof(*param); 1768 r = fn(param, input_param_size); 1769 1770 if (unlikely(param->flags & DM_BUFFER_FULL_FLAG) && 1771 unlikely(ioctl_flags & IOCTL_FLAGS_NO_PARAMS)) 1772 DMERR("ioctl %d tried to output some data but has IOCTL_FLAGS_NO_PARAMS set", cmd); 1773 1774 /* 1775 * Copy the results back to userland. 1776 */ 1777 if (!r && copy_to_user(user, param, param->data_size)) 1778 r = -EFAULT; 1779 1780 out: 1781 free_params(param, input_param_size, param_flags); 1782 return r; 1783 } 1784 1785 static long dm_ctl_ioctl(struct file *file, uint command, ulong u) 1786 { 1787 return (long)ctl_ioctl(command, (struct dm_ioctl __user *)u); 1788 } 1789 1790 #ifdef CONFIG_COMPAT 1791 static long dm_compat_ctl_ioctl(struct file *file, uint command, ulong u) 1792 { 1793 return (long)dm_ctl_ioctl(file, command, (ulong) compat_ptr(u)); 1794 } 1795 #else 1796 #define dm_compat_ctl_ioctl NULL 1797 #endif 1798 1799 static const struct file_operations _ctl_fops = { 1800 .open = nonseekable_open, 1801 .unlocked_ioctl = dm_ctl_ioctl, 1802 .compat_ioctl = dm_compat_ctl_ioctl, 1803 .owner = THIS_MODULE, 1804 .llseek = noop_llseek, 1805 }; 1806 1807 static struct miscdevice _dm_misc = { 1808 .minor = MAPPER_CTRL_MINOR, 1809 .name = DM_NAME, 1810 .nodename = DM_DIR "/" DM_CONTROL_NODE, 1811 .fops = &_ctl_fops 1812 }; 1813 1814 MODULE_ALIAS_MISCDEV(MAPPER_CTRL_MINOR); 1815 MODULE_ALIAS("devname:" DM_DIR "/" DM_CONTROL_NODE); 1816 1817 /* 1818 * Create misc character device and link to DM_DIR/control. 1819 */ 1820 int __init dm_interface_init(void) 1821 { 1822 int r; 1823 1824 r = dm_hash_init(); 1825 if (r) 1826 return r; 1827 1828 r = misc_register(&_dm_misc); 1829 if (r) { 1830 DMERR("misc_register failed for control device"); 1831 dm_hash_exit(); 1832 return r; 1833 } 1834 1835 DMINFO("%d.%d.%d%s initialised: %s", DM_VERSION_MAJOR, 1836 DM_VERSION_MINOR, DM_VERSION_PATCHLEVEL, DM_VERSION_EXTRA, 1837 DM_DRIVER_EMAIL); 1838 return 0; 1839 } 1840 1841 void dm_interface_exit(void) 1842 { 1843 if (misc_deregister(&_dm_misc) < 0) 1844 DMERR("misc_deregister failed for control device"); 1845 1846 dm_hash_exit(); 1847 } 1848 1849 /** 1850 * dm_copy_name_and_uuid - Copy mapped device name & uuid into supplied buffers 1851 * @md: Pointer to mapped_device 1852 * @name: Buffer (size DM_NAME_LEN) for name 1853 * @uuid: Buffer (size DM_UUID_LEN) for uuid or empty string if uuid not defined 1854 */ 1855 int dm_copy_name_and_uuid(struct mapped_device *md, char *name, char *uuid) 1856 { 1857 int r = 0; 1858 struct hash_cell *hc; 1859 1860 if (!md) 1861 return -ENXIO; 1862 1863 mutex_lock(&dm_hash_cells_mutex); 1864 hc = dm_get_mdptr(md); 1865 if (!hc || hc->md != md) { 1866 r = -ENXIO; 1867 goto out; 1868 } 1869 1870 if (name) 1871 strcpy(name, hc->name); 1872 if (uuid) 1873 strcpy(uuid, hc->uuid ? : ""); 1874 1875 out: 1876 mutex_unlock(&dm_hash_cells_mutex); 1877 1878 return r; 1879 } 1880