1 /* 2 * Copyright (C) 2001, 2002 Sistina Software (UK) Limited. 3 * Copyright (C) 2004 - 2006 Red Hat, Inc. All rights reserved. 4 * 5 * This file is released under the GPL. 6 */ 7 8 #include "dm-core.h" 9 10 #include <linux/module.h> 11 #include <linux/vmalloc.h> 12 #include <linux/miscdevice.h> 13 #include <linux/sched/mm.h> 14 #include <linux/init.h> 15 #include <linux/wait.h> 16 #include <linux/slab.h> 17 #include <linux/dm-ioctl.h> 18 #include <linux/hdreg.h> 19 #include <linux/compat.h> 20 21 #include <linux/uaccess.h> 22 23 #define DM_MSG_PREFIX "ioctl" 24 #define DM_DRIVER_EMAIL "dm-devel@redhat.com" 25 26 struct dm_file { 27 /* 28 * poll will wait until the global event number is greater than 29 * this value. 30 */ 31 volatile unsigned global_event_nr; 32 }; 33 34 /*----------------------------------------------------------------- 35 * The ioctl interface needs to be able to look up devices by 36 * name or uuid. 37 *---------------------------------------------------------------*/ 38 struct hash_cell { 39 struct list_head name_list; 40 struct list_head uuid_list; 41 42 char *name; 43 char *uuid; 44 struct mapped_device *md; 45 struct dm_table *new_map; 46 }; 47 48 struct vers_iter { 49 size_t param_size; 50 struct dm_target_versions *vers, *old_vers; 51 char *end; 52 uint32_t flags; 53 }; 54 55 56 #define NUM_BUCKETS 64 57 #define MASK_BUCKETS (NUM_BUCKETS - 1) 58 static struct list_head _name_buckets[NUM_BUCKETS]; 59 static struct list_head _uuid_buckets[NUM_BUCKETS]; 60 61 static void dm_hash_remove_all(bool keep_open_devices, bool mark_deferred, bool only_deferred); 62 63 /* 64 * Guards access to both hash tables. 65 */ 66 static DECLARE_RWSEM(_hash_lock); 67 68 /* 69 * Protects use of mdptr to obtain hash cell name and uuid from mapped device. 70 */ 71 static DEFINE_MUTEX(dm_hash_cells_mutex); 72 73 static void init_buckets(struct list_head *buckets) 74 { 75 unsigned int i; 76 77 for (i = 0; i < NUM_BUCKETS; i++) 78 INIT_LIST_HEAD(buckets + i); 79 } 80 81 static int dm_hash_init(void) 82 { 83 init_buckets(_name_buckets); 84 init_buckets(_uuid_buckets); 85 return 0; 86 } 87 88 static void dm_hash_exit(void) 89 { 90 dm_hash_remove_all(false, false, false); 91 } 92 93 /*----------------------------------------------------------------- 94 * Hash function: 95 * We're not really concerned with the str hash function being 96 * fast since it's only used by the ioctl interface. 97 *---------------------------------------------------------------*/ 98 static unsigned int hash_str(const char *str) 99 { 100 const unsigned int hash_mult = 2654435387U; 101 unsigned int h = 0; 102 103 while (*str) 104 h = (h + (unsigned int) *str++) * hash_mult; 105 106 return h & MASK_BUCKETS; 107 } 108 109 /*----------------------------------------------------------------- 110 * Code for looking up a device by name 111 *---------------------------------------------------------------*/ 112 static struct hash_cell *__get_name_cell(const char *str) 113 { 114 struct hash_cell *hc; 115 unsigned int h = hash_str(str); 116 117 list_for_each_entry (hc, _name_buckets + h, name_list) 118 if (!strcmp(hc->name, str)) { 119 dm_get(hc->md); 120 return hc; 121 } 122 123 return NULL; 124 } 125 126 static struct hash_cell *__get_uuid_cell(const char *str) 127 { 128 struct hash_cell *hc; 129 unsigned int h = hash_str(str); 130 131 list_for_each_entry (hc, _uuid_buckets + h, uuid_list) 132 if (!strcmp(hc->uuid, str)) { 133 dm_get(hc->md); 134 return hc; 135 } 136 137 return NULL; 138 } 139 140 static struct hash_cell *__get_dev_cell(uint64_t dev) 141 { 142 struct mapped_device *md; 143 struct hash_cell *hc; 144 145 md = dm_get_md(huge_decode_dev(dev)); 146 if (!md) 147 return NULL; 148 149 hc = dm_get_mdptr(md); 150 if (!hc) { 151 dm_put(md); 152 return NULL; 153 } 154 155 return hc; 156 } 157 158 /*----------------------------------------------------------------- 159 * Inserting, removing and renaming a device. 160 *---------------------------------------------------------------*/ 161 static struct hash_cell *alloc_cell(const char *name, const char *uuid, 162 struct mapped_device *md) 163 { 164 struct hash_cell *hc; 165 166 hc = kmalloc(sizeof(*hc), GFP_KERNEL); 167 if (!hc) 168 return NULL; 169 170 hc->name = kstrdup(name, GFP_KERNEL); 171 if (!hc->name) { 172 kfree(hc); 173 return NULL; 174 } 175 176 if (!uuid) 177 hc->uuid = NULL; 178 179 else { 180 hc->uuid = kstrdup(uuid, GFP_KERNEL); 181 if (!hc->uuid) { 182 kfree(hc->name); 183 kfree(hc); 184 return NULL; 185 } 186 } 187 188 INIT_LIST_HEAD(&hc->name_list); 189 INIT_LIST_HEAD(&hc->uuid_list); 190 hc->md = md; 191 hc->new_map = NULL; 192 return hc; 193 } 194 195 static void free_cell(struct hash_cell *hc) 196 { 197 if (hc) { 198 kfree(hc->name); 199 kfree(hc->uuid); 200 kfree(hc); 201 } 202 } 203 204 /* 205 * The kdev_t and uuid of a device can never change once it is 206 * initially inserted. 207 */ 208 static int dm_hash_insert(const char *name, const char *uuid, struct mapped_device *md) 209 { 210 struct hash_cell *cell, *hc; 211 212 /* 213 * Allocate the new cells. 214 */ 215 cell = alloc_cell(name, uuid, md); 216 if (!cell) 217 return -ENOMEM; 218 219 /* 220 * Insert the cell into both hash tables. 221 */ 222 down_write(&_hash_lock); 223 hc = __get_name_cell(name); 224 if (hc) { 225 dm_put(hc->md); 226 goto bad; 227 } 228 229 list_add(&cell->name_list, _name_buckets + hash_str(name)); 230 231 if (uuid) { 232 hc = __get_uuid_cell(uuid); 233 if (hc) { 234 list_del(&cell->name_list); 235 dm_put(hc->md); 236 goto bad; 237 } 238 list_add(&cell->uuid_list, _uuid_buckets + hash_str(uuid)); 239 } 240 dm_get(md); 241 mutex_lock(&dm_hash_cells_mutex); 242 dm_set_mdptr(md, cell); 243 mutex_unlock(&dm_hash_cells_mutex); 244 up_write(&_hash_lock); 245 246 return 0; 247 248 bad: 249 up_write(&_hash_lock); 250 free_cell(cell); 251 return -EBUSY; 252 } 253 254 static struct dm_table *__hash_remove(struct hash_cell *hc) 255 { 256 struct dm_table *table; 257 int srcu_idx; 258 259 /* remove from the dev hash */ 260 list_del(&hc->uuid_list); 261 list_del(&hc->name_list); 262 mutex_lock(&dm_hash_cells_mutex); 263 dm_set_mdptr(hc->md, NULL); 264 mutex_unlock(&dm_hash_cells_mutex); 265 266 table = dm_get_live_table(hc->md, &srcu_idx); 267 if (table) 268 dm_table_event(table); 269 dm_put_live_table(hc->md, srcu_idx); 270 271 table = NULL; 272 if (hc->new_map) 273 table = hc->new_map; 274 dm_put(hc->md); 275 free_cell(hc); 276 277 return table; 278 } 279 280 static void dm_hash_remove_all(bool keep_open_devices, bool mark_deferred, bool only_deferred) 281 { 282 int i, dev_skipped; 283 struct hash_cell *hc; 284 struct mapped_device *md; 285 struct dm_table *t; 286 287 retry: 288 dev_skipped = 0; 289 290 down_write(&_hash_lock); 291 292 for (i = 0; i < NUM_BUCKETS; i++) { 293 list_for_each_entry(hc, _name_buckets + i, name_list) { 294 md = hc->md; 295 dm_get(md); 296 297 if (keep_open_devices && 298 dm_lock_for_deletion(md, mark_deferred, only_deferred)) { 299 dm_put(md); 300 dev_skipped++; 301 continue; 302 } 303 304 t = __hash_remove(hc); 305 306 up_write(&_hash_lock); 307 308 if (t) { 309 dm_sync_table(md); 310 dm_table_destroy(t); 311 } 312 dm_put(md); 313 if (likely(keep_open_devices)) 314 dm_destroy(md); 315 else 316 dm_destroy_immediate(md); 317 318 /* 319 * Some mapped devices may be using other mapped 320 * devices, so repeat until we make no further 321 * progress. If a new mapped device is created 322 * here it will also get removed. 323 */ 324 goto retry; 325 } 326 } 327 328 up_write(&_hash_lock); 329 330 if (dev_skipped) 331 DMWARN("remove_all left %d open device(s)", dev_skipped); 332 } 333 334 /* 335 * Set the uuid of a hash_cell that isn't already set. 336 */ 337 static void __set_cell_uuid(struct hash_cell *hc, char *new_uuid) 338 { 339 mutex_lock(&dm_hash_cells_mutex); 340 hc->uuid = new_uuid; 341 mutex_unlock(&dm_hash_cells_mutex); 342 343 list_add(&hc->uuid_list, _uuid_buckets + hash_str(new_uuid)); 344 } 345 346 /* 347 * Changes the name of a hash_cell and returns the old name for 348 * the caller to free. 349 */ 350 static char *__change_cell_name(struct hash_cell *hc, char *new_name) 351 { 352 char *old_name; 353 354 /* 355 * Rename and move the name cell. 356 */ 357 list_del(&hc->name_list); 358 old_name = hc->name; 359 360 mutex_lock(&dm_hash_cells_mutex); 361 hc->name = new_name; 362 mutex_unlock(&dm_hash_cells_mutex); 363 364 list_add(&hc->name_list, _name_buckets + hash_str(new_name)); 365 366 return old_name; 367 } 368 369 static struct mapped_device *dm_hash_rename(struct dm_ioctl *param, 370 const char *new) 371 { 372 char *new_data, *old_name = NULL; 373 struct hash_cell *hc; 374 struct dm_table *table; 375 struct mapped_device *md; 376 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 377 int srcu_idx; 378 379 /* 380 * duplicate new. 381 */ 382 new_data = kstrdup(new, GFP_KERNEL); 383 if (!new_data) 384 return ERR_PTR(-ENOMEM); 385 386 down_write(&_hash_lock); 387 388 /* 389 * Is new free ? 390 */ 391 if (change_uuid) 392 hc = __get_uuid_cell(new); 393 else 394 hc = __get_name_cell(new); 395 396 if (hc) { 397 DMWARN("Unable to change %s on mapped device %s to one that " 398 "already exists: %s", 399 change_uuid ? "uuid" : "name", 400 param->name, new); 401 dm_put(hc->md); 402 up_write(&_hash_lock); 403 kfree(new_data); 404 return ERR_PTR(-EBUSY); 405 } 406 407 /* 408 * Is there such a device as 'old' ? 409 */ 410 hc = __get_name_cell(param->name); 411 if (!hc) { 412 DMWARN("Unable to rename non-existent device, %s to %s%s", 413 param->name, change_uuid ? "uuid " : "", new); 414 up_write(&_hash_lock); 415 kfree(new_data); 416 return ERR_PTR(-ENXIO); 417 } 418 419 /* 420 * Does this device already have a uuid? 421 */ 422 if (change_uuid && hc->uuid) { 423 DMWARN("Unable to change uuid of mapped device %s to %s " 424 "because uuid is already set to %s", 425 param->name, new, hc->uuid); 426 dm_put(hc->md); 427 up_write(&_hash_lock); 428 kfree(new_data); 429 return ERR_PTR(-EINVAL); 430 } 431 432 if (change_uuid) 433 __set_cell_uuid(hc, new_data); 434 else 435 old_name = __change_cell_name(hc, new_data); 436 437 /* 438 * Wake up any dm event waiters. 439 */ 440 table = dm_get_live_table(hc->md, &srcu_idx); 441 if (table) 442 dm_table_event(table); 443 dm_put_live_table(hc->md, srcu_idx); 444 445 if (!dm_kobject_uevent(hc->md, KOBJ_CHANGE, param->event_nr)) 446 param->flags |= DM_UEVENT_GENERATED_FLAG; 447 448 md = hc->md; 449 up_write(&_hash_lock); 450 kfree(old_name); 451 452 return md; 453 } 454 455 void dm_deferred_remove(void) 456 { 457 dm_hash_remove_all(true, false, true); 458 } 459 460 /*----------------------------------------------------------------- 461 * Implementation of the ioctl commands 462 *---------------------------------------------------------------*/ 463 /* 464 * All the ioctl commands get dispatched to functions with this 465 * prototype. 466 */ 467 typedef int (*ioctl_fn)(struct file *filp, struct dm_ioctl *param, size_t param_size); 468 469 static int remove_all(struct file *filp, struct dm_ioctl *param, size_t param_size) 470 { 471 dm_hash_remove_all(true, !!(param->flags & DM_DEFERRED_REMOVE), false); 472 param->data_size = 0; 473 return 0; 474 } 475 476 /* 477 * Round up the ptr to an 8-byte boundary. 478 */ 479 #define ALIGN_MASK 7 480 static inline size_t align_val(size_t val) 481 { 482 return (val + ALIGN_MASK) & ~ALIGN_MASK; 483 } 484 static inline void *align_ptr(void *ptr) 485 { 486 return (void *)align_val((size_t)ptr); 487 } 488 489 /* 490 * Retrieves the data payload buffer from an already allocated 491 * struct dm_ioctl. 492 */ 493 static void *get_result_buffer(struct dm_ioctl *param, size_t param_size, 494 size_t *len) 495 { 496 param->data_start = align_ptr(param + 1) - (void *) param; 497 498 if (param->data_start < param_size) 499 *len = param_size - param->data_start; 500 else 501 *len = 0; 502 503 return ((void *) param) + param->data_start; 504 } 505 506 static int list_devices(struct file *filp, struct dm_ioctl *param, size_t param_size) 507 { 508 unsigned int i; 509 struct hash_cell *hc; 510 size_t len, needed = 0; 511 struct gendisk *disk; 512 struct dm_name_list *orig_nl, *nl, *old_nl = NULL; 513 uint32_t *event_nr; 514 515 down_write(&_hash_lock); 516 517 /* 518 * Loop through all the devices working out how much 519 * space we need. 520 */ 521 for (i = 0; i < NUM_BUCKETS; i++) { 522 list_for_each_entry (hc, _name_buckets + i, name_list) { 523 needed += align_val(offsetof(struct dm_name_list, name) + strlen(hc->name) + 1); 524 needed += align_val(sizeof(uint32_t)); 525 } 526 } 527 528 /* 529 * Grab our output buffer. 530 */ 531 nl = orig_nl = get_result_buffer(param, param_size, &len); 532 if (len < needed) { 533 param->flags |= DM_BUFFER_FULL_FLAG; 534 goto out; 535 } 536 param->data_size = param->data_start + needed; 537 538 nl->dev = 0; /* Flags no data */ 539 540 /* 541 * Now loop through filling out the names. 542 */ 543 for (i = 0; i < NUM_BUCKETS; i++) { 544 list_for_each_entry (hc, _name_buckets + i, name_list) { 545 if (old_nl) 546 old_nl->next = (uint32_t) ((void *) nl - 547 (void *) old_nl); 548 disk = dm_disk(hc->md); 549 nl->dev = huge_encode_dev(disk_devt(disk)); 550 nl->next = 0; 551 strcpy(nl->name, hc->name); 552 553 old_nl = nl; 554 event_nr = align_ptr(nl->name + strlen(hc->name) + 1); 555 *event_nr = dm_get_event_nr(hc->md); 556 nl = align_ptr(event_nr + 1); 557 } 558 } 559 /* 560 * If mismatch happens, security may be compromised due to buffer 561 * overflow, so it's better to crash. 562 */ 563 BUG_ON((char *)nl - (char *)orig_nl != needed); 564 565 out: 566 up_write(&_hash_lock); 567 return 0; 568 } 569 570 static void list_version_get_needed(struct target_type *tt, void *needed_param) 571 { 572 size_t *needed = needed_param; 573 574 *needed += sizeof(struct dm_target_versions); 575 *needed += strlen(tt->name); 576 *needed += ALIGN_MASK; 577 } 578 579 static void list_version_get_info(struct target_type *tt, void *param) 580 { 581 struct vers_iter *info = param; 582 583 /* Check space - it might have changed since the first iteration */ 584 if ((char *)info->vers + sizeof(tt->version) + strlen(tt->name) + 1 > 585 info->end) { 586 587 info->flags = DM_BUFFER_FULL_FLAG; 588 return; 589 } 590 591 if (info->old_vers) 592 info->old_vers->next = (uint32_t) ((void *)info->vers - 593 (void *)info->old_vers); 594 info->vers->version[0] = tt->version[0]; 595 info->vers->version[1] = tt->version[1]; 596 info->vers->version[2] = tt->version[2]; 597 info->vers->next = 0; 598 strcpy(info->vers->name, tt->name); 599 600 info->old_vers = info->vers; 601 info->vers = align_ptr(((void *) ++info->vers) + strlen(tt->name) + 1); 602 } 603 604 static int list_versions(struct file *filp, struct dm_ioctl *param, size_t param_size) 605 { 606 size_t len, needed = 0; 607 struct dm_target_versions *vers; 608 struct vers_iter iter_info; 609 610 /* 611 * Loop through all the devices working out how much 612 * space we need. 613 */ 614 dm_target_iterate(list_version_get_needed, &needed); 615 616 /* 617 * Grab our output buffer. 618 */ 619 vers = get_result_buffer(param, param_size, &len); 620 if (len < needed) { 621 param->flags |= DM_BUFFER_FULL_FLAG; 622 goto out; 623 } 624 param->data_size = param->data_start + needed; 625 626 iter_info.param_size = param_size; 627 iter_info.old_vers = NULL; 628 iter_info.vers = vers; 629 iter_info.flags = 0; 630 iter_info.end = (char *)vers+len; 631 632 /* 633 * Now loop through filling out the names & versions. 634 */ 635 dm_target_iterate(list_version_get_info, &iter_info); 636 param->flags |= iter_info.flags; 637 638 out: 639 return 0; 640 } 641 642 static int check_name(const char *name) 643 { 644 if (strchr(name, '/')) { 645 DMWARN("invalid device name"); 646 return -EINVAL; 647 } 648 649 return 0; 650 } 651 652 /* 653 * On successful return, the caller must not attempt to acquire 654 * _hash_lock without first calling dm_put_live_table, because dm_table_destroy 655 * waits for this dm_put_live_table and could be called under this lock. 656 */ 657 static struct dm_table *dm_get_inactive_table(struct mapped_device *md, int *srcu_idx) 658 { 659 struct hash_cell *hc; 660 struct dm_table *table = NULL; 661 662 /* increment rcu count, we don't care about the table pointer */ 663 dm_get_live_table(md, srcu_idx); 664 665 down_read(&_hash_lock); 666 hc = dm_get_mdptr(md); 667 if (!hc || hc->md != md) { 668 DMWARN("device has been removed from the dev hash table."); 669 goto out; 670 } 671 672 table = hc->new_map; 673 674 out: 675 up_read(&_hash_lock); 676 677 return table; 678 } 679 680 static struct dm_table *dm_get_live_or_inactive_table(struct mapped_device *md, 681 struct dm_ioctl *param, 682 int *srcu_idx) 683 { 684 return (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) ? 685 dm_get_inactive_table(md, srcu_idx) : dm_get_live_table(md, srcu_idx); 686 } 687 688 /* 689 * Fills in a dm_ioctl structure, ready for sending back to 690 * userland. 691 */ 692 static void __dev_status(struct mapped_device *md, struct dm_ioctl *param) 693 { 694 struct gendisk *disk = dm_disk(md); 695 struct dm_table *table; 696 int srcu_idx; 697 698 param->flags &= ~(DM_SUSPEND_FLAG | DM_READONLY_FLAG | 699 DM_ACTIVE_PRESENT_FLAG | DM_INTERNAL_SUSPEND_FLAG); 700 701 if (dm_suspended_md(md)) 702 param->flags |= DM_SUSPEND_FLAG; 703 704 if (dm_suspended_internally_md(md)) 705 param->flags |= DM_INTERNAL_SUSPEND_FLAG; 706 707 if (dm_test_deferred_remove_flag(md)) 708 param->flags |= DM_DEFERRED_REMOVE; 709 710 param->dev = huge_encode_dev(disk_devt(disk)); 711 712 /* 713 * Yes, this will be out of date by the time it gets back 714 * to userland, but it is still very useful for 715 * debugging. 716 */ 717 param->open_count = dm_open_count(md); 718 719 param->event_nr = dm_get_event_nr(md); 720 param->target_count = 0; 721 722 table = dm_get_live_table(md, &srcu_idx); 723 if (table) { 724 if (!(param->flags & DM_QUERY_INACTIVE_TABLE_FLAG)) { 725 if (get_disk_ro(disk)) 726 param->flags |= DM_READONLY_FLAG; 727 param->target_count = dm_table_get_num_targets(table); 728 } 729 730 param->flags |= DM_ACTIVE_PRESENT_FLAG; 731 } 732 dm_put_live_table(md, srcu_idx); 733 734 if (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) { 735 int srcu_idx; 736 table = dm_get_inactive_table(md, &srcu_idx); 737 if (table) { 738 if (!(dm_table_get_mode(table) & FMODE_WRITE)) 739 param->flags |= DM_READONLY_FLAG; 740 param->target_count = dm_table_get_num_targets(table); 741 } 742 dm_put_live_table(md, srcu_idx); 743 } 744 } 745 746 static int dev_create(struct file *filp, struct dm_ioctl *param, size_t param_size) 747 { 748 int r, m = DM_ANY_MINOR; 749 struct mapped_device *md; 750 751 r = check_name(param->name); 752 if (r) 753 return r; 754 755 if (param->flags & DM_PERSISTENT_DEV_FLAG) 756 m = MINOR(huge_decode_dev(param->dev)); 757 758 r = dm_create(m, &md); 759 if (r) 760 return r; 761 762 r = dm_hash_insert(param->name, *param->uuid ? param->uuid : NULL, md); 763 if (r) { 764 dm_put(md); 765 dm_destroy(md); 766 return r; 767 } 768 769 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 770 771 __dev_status(md, param); 772 773 dm_put(md); 774 775 return 0; 776 } 777 778 /* 779 * Always use UUID for lookups if it's present, otherwise use name or dev. 780 */ 781 static struct hash_cell *__find_device_hash_cell(struct dm_ioctl *param) 782 { 783 struct hash_cell *hc = NULL; 784 785 if (*param->uuid) { 786 if (*param->name || param->dev) 787 return NULL; 788 789 hc = __get_uuid_cell(param->uuid); 790 if (!hc) 791 return NULL; 792 } else if (*param->name) { 793 if (param->dev) 794 return NULL; 795 796 hc = __get_name_cell(param->name); 797 if (!hc) 798 return NULL; 799 } else if (param->dev) { 800 hc = __get_dev_cell(param->dev); 801 if (!hc) 802 return NULL; 803 } else 804 return NULL; 805 806 /* 807 * Sneakily write in both the name and the uuid 808 * while we have the cell. 809 */ 810 strlcpy(param->name, hc->name, sizeof(param->name)); 811 if (hc->uuid) 812 strlcpy(param->uuid, hc->uuid, sizeof(param->uuid)); 813 else 814 param->uuid[0] = '\0'; 815 816 if (hc->new_map) 817 param->flags |= DM_INACTIVE_PRESENT_FLAG; 818 else 819 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 820 821 return hc; 822 } 823 824 static struct mapped_device *find_device(struct dm_ioctl *param) 825 { 826 struct hash_cell *hc; 827 struct mapped_device *md = NULL; 828 829 down_read(&_hash_lock); 830 hc = __find_device_hash_cell(param); 831 if (hc) 832 md = hc->md; 833 up_read(&_hash_lock); 834 835 return md; 836 } 837 838 static int dev_remove(struct file *filp, struct dm_ioctl *param, size_t param_size) 839 { 840 struct hash_cell *hc; 841 struct mapped_device *md; 842 int r; 843 struct dm_table *t; 844 845 down_write(&_hash_lock); 846 hc = __find_device_hash_cell(param); 847 848 if (!hc) { 849 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 850 up_write(&_hash_lock); 851 return -ENXIO; 852 } 853 854 md = hc->md; 855 856 /* 857 * Ensure the device is not open and nothing further can open it. 858 */ 859 r = dm_lock_for_deletion(md, !!(param->flags & DM_DEFERRED_REMOVE), false); 860 if (r) { 861 if (r == -EBUSY && param->flags & DM_DEFERRED_REMOVE) { 862 up_write(&_hash_lock); 863 dm_put(md); 864 return 0; 865 } 866 DMDEBUG_LIMIT("unable to remove open device %s", hc->name); 867 up_write(&_hash_lock); 868 dm_put(md); 869 return r; 870 } 871 872 t = __hash_remove(hc); 873 up_write(&_hash_lock); 874 875 if (t) { 876 dm_sync_table(md); 877 dm_table_destroy(t); 878 } 879 880 param->flags &= ~DM_DEFERRED_REMOVE; 881 882 if (!dm_kobject_uevent(md, KOBJ_REMOVE, param->event_nr)) 883 param->flags |= DM_UEVENT_GENERATED_FLAG; 884 885 dm_put(md); 886 dm_destroy(md); 887 return 0; 888 } 889 890 /* 891 * Check a string doesn't overrun the chunk of 892 * memory we copied from userland. 893 */ 894 static int invalid_str(char *str, void *end) 895 { 896 while ((void *) str < end) 897 if (!*str++) 898 return 0; 899 900 return -EINVAL; 901 } 902 903 static int dev_rename(struct file *filp, struct dm_ioctl *param, size_t param_size) 904 { 905 int r; 906 char *new_data = (char *) param + param->data_start; 907 struct mapped_device *md; 908 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 909 910 if (new_data < param->data || 911 invalid_str(new_data, (void *) param + param_size) || !*new_data || 912 strlen(new_data) > (change_uuid ? DM_UUID_LEN - 1 : DM_NAME_LEN - 1)) { 913 DMWARN("Invalid new mapped device name or uuid string supplied."); 914 return -EINVAL; 915 } 916 917 if (!change_uuid) { 918 r = check_name(new_data); 919 if (r) 920 return r; 921 } 922 923 md = dm_hash_rename(param, new_data); 924 if (IS_ERR(md)) 925 return PTR_ERR(md); 926 927 __dev_status(md, param); 928 dm_put(md); 929 930 return 0; 931 } 932 933 static int dev_set_geometry(struct file *filp, struct dm_ioctl *param, size_t param_size) 934 { 935 int r = -EINVAL, x; 936 struct mapped_device *md; 937 struct hd_geometry geometry; 938 unsigned long indata[4]; 939 char *geostr = (char *) param + param->data_start; 940 char dummy; 941 942 md = find_device(param); 943 if (!md) 944 return -ENXIO; 945 946 if (geostr < param->data || 947 invalid_str(geostr, (void *) param + param_size)) { 948 DMWARN("Invalid geometry supplied."); 949 goto out; 950 } 951 952 x = sscanf(geostr, "%lu %lu %lu %lu%c", indata, 953 indata + 1, indata + 2, indata + 3, &dummy); 954 955 if (x != 4) { 956 DMWARN("Unable to interpret geometry settings."); 957 goto out; 958 } 959 960 if (indata[0] > 65535 || indata[1] > 255 || 961 indata[2] > 255 || indata[3] > ULONG_MAX) { 962 DMWARN("Geometry exceeds range limits."); 963 goto out; 964 } 965 966 geometry.cylinders = indata[0]; 967 geometry.heads = indata[1]; 968 geometry.sectors = indata[2]; 969 geometry.start = indata[3]; 970 971 r = dm_set_geometry(md, &geometry); 972 973 param->data_size = 0; 974 975 out: 976 dm_put(md); 977 return r; 978 } 979 980 static int do_suspend(struct dm_ioctl *param) 981 { 982 int r = 0; 983 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 984 struct mapped_device *md; 985 986 md = find_device(param); 987 if (!md) 988 return -ENXIO; 989 990 if (param->flags & DM_SKIP_LOCKFS_FLAG) 991 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 992 if (param->flags & DM_NOFLUSH_FLAG) 993 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 994 995 if (!dm_suspended_md(md)) { 996 r = dm_suspend(md, suspend_flags); 997 if (r) 998 goto out; 999 } 1000 1001 __dev_status(md, param); 1002 1003 out: 1004 dm_put(md); 1005 1006 return r; 1007 } 1008 1009 static int do_resume(struct dm_ioctl *param) 1010 { 1011 int r = 0; 1012 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 1013 struct hash_cell *hc; 1014 struct mapped_device *md; 1015 struct dm_table *new_map, *old_map = NULL; 1016 1017 down_write(&_hash_lock); 1018 1019 hc = __find_device_hash_cell(param); 1020 if (!hc) { 1021 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1022 up_write(&_hash_lock); 1023 return -ENXIO; 1024 } 1025 1026 md = hc->md; 1027 1028 new_map = hc->new_map; 1029 hc->new_map = NULL; 1030 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 1031 1032 up_write(&_hash_lock); 1033 1034 /* Do we need to load a new map ? */ 1035 if (new_map) { 1036 /* Suspend if it isn't already suspended */ 1037 if (param->flags & DM_SKIP_LOCKFS_FLAG) 1038 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 1039 if (param->flags & DM_NOFLUSH_FLAG) 1040 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 1041 if (!dm_suspended_md(md)) 1042 dm_suspend(md, suspend_flags); 1043 1044 old_map = dm_swap_table(md, new_map); 1045 if (IS_ERR(old_map)) { 1046 dm_sync_table(md); 1047 dm_table_destroy(new_map); 1048 dm_put(md); 1049 return PTR_ERR(old_map); 1050 } 1051 1052 if (dm_table_get_mode(new_map) & FMODE_WRITE) 1053 set_disk_ro(dm_disk(md), 0); 1054 else 1055 set_disk_ro(dm_disk(md), 1); 1056 } 1057 1058 if (dm_suspended_md(md)) { 1059 r = dm_resume(md); 1060 if (!r && !dm_kobject_uevent(md, KOBJ_CHANGE, param->event_nr)) 1061 param->flags |= DM_UEVENT_GENERATED_FLAG; 1062 } 1063 1064 /* 1065 * Since dm_swap_table synchronizes RCU, nobody should be in 1066 * read-side critical section already. 1067 */ 1068 if (old_map) 1069 dm_table_destroy(old_map); 1070 1071 if (!r) 1072 __dev_status(md, param); 1073 1074 dm_put(md); 1075 return r; 1076 } 1077 1078 /* 1079 * Set or unset the suspension state of a device. 1080 * If the device already is in the requested state we just return its status. 1081 */ 1082 static int dev_suspend(struct file *filp, struct dm_ioctl *param, size_t param_size) 1083 { 1084 if (param->flags & DM_SUSPEND_FLAG) 1085 return do_suspend(param); 1086 1087 return do_resume(param); 1088 } 1089 1090 /* 1091 * Copies device info back to user space, used by 1092 * the create and info ioctls. 1093 */ 1094 static int dev_status(struct file *filp, struct dm_ioctl *param, size_t param_size) 1095 { 1096 struct mapped_device *md; 1097 1098 md = find_device(param); 1099 if (!md) 1100 return -ENXIO; 1101 1102 __dev_status(md, param); 1103 dm_put(md); 1104 1105 return 0; 1106 } 1107 1108 /* 1109 * Build up the status struct for each target 1110 */ 1111 static void retrieve_status(struct dm_table *table, 1112 struct dm_ioctl *param, size_t param_size) 1113 { 1114 unsigned int i, num_targets; 1115 struct dm_target_spec *spec; 1116 char *outbuf, *outptr; 1117 status_type_t type; 1118 size_t remaining, len, used = 0; 1119 unsigned status_flags = 0; 1120 1121 outptr = outbuf = get_result_buffer(param, param_size, &len); 1122 1123 if (param->flags & DM_STATUS_TABLE_FLAG) 1124 type = STATUSTYPE_TABLE; 1125 else 1126 type = STATUSTYPE_INFO; 1127 1128 /* Get all the target info */ 1129 num_targets = dm_table_get_num_targets(table); 1130 for (i = 0; i < num_targets; i++) { 1131 struct dm_target *ti = dm_table_get_target(table, i); 1132 size_t l; 1133 1134 remaining = len - (outptr - outbuf); 1135 if (remaining <= sizeof(struct dm_target_spec)) { 1136 param->flags |= DM_BUFFER_FULL_FLAG; 1137 break; 1138 } 1139 1140 spec = (struct dm_target_spec *) outptr; 1141 1142 spec->status = 0; 1143 spec->sector_start = ti->begin; 1144 spec->length = ti->len; 1145 strncpy(spec->target_type, ti->type->name, 1146 sizeof(spec->target_type)); 1147 1148 outptr += sizeof(struct dm_target_spec); 1149 remaining = len - (outptr - outbuf); 1150 if (remaining <= 0) { 1151 param->flags |= DM_BUFFER_FULL_FLAG; 1152 break; 1153 } 1154 1155 /* Get the status/table string from the target driver */ 1156 if (ti->type->status) { 1157 if (param->flags & DM_NOFLUSH_FLAG) 1158 status_flags |= DM_STATUS_NOFLUSH_FLAG; 1159 ti->type->status(ti, type, status_flags, outptr, remaining); 1160 } else 1161 outptr[0] = '\0'; 1162 1163 l = strlen(outptr) + 1; 1164 if (l == remaining) { 1165 param->flags |= DM_BUFFER_FULL_FLAG; 1166 break; 1167 } 1168 1169 outptr += l; 1170 used = param->data_start + (outptr - outbuf); 1171 1172 outptr = align_ptr(outptr); 1173 spec->next = outptr - outbuf; 1174 } 1175 1176 if (used) 1177 param->data_size = used; 1178 1179 param->target_count = num_targets; 1180 } 1181 1182 /* 1183 * Wait for a device to report an event 1184 */ 1185 static int dev_wait(struct file *filp, struct dm_ioctl *param, size_t param_size) 1186 { 1187 int r = 0; 1188 struct mapped_device *md; 1189 struct dm_table *table; 1190 int srcu_idx; 1191 1192 md = find_device(param); 1193 if (!md) 1194 return -ENXIO; 1195 1196 /* 1197 * Wait for a notification event 1198 */ 1199 if (dm_wait_event(md, param->event_nr)) { 1200 r = -ERESTARTSYS; 1201 goto out; 1202 } 1203 1204 /* 1205 * The userland program is going to want to know what 1206 * changed to trigger the event, so we may as well tell 1207 * him and save an ioctl. 1208 */ 1209 __dev_status(md, param); 1210 1211 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1212 if (table) 1213 retrieve_status(table, param, param_size); 1214 dm_put_live_table(md, srcu_idx); 1215 1216 out: 1217 dm_put(md); 1218 1219 return r; 1220 } 1221 1222 /* 1223 * Remember the global event number and make it possible to poll 1224 * for further events. 1225 */ 1226 static int dev_arm_poll(struct file *filp, struct dm_ioctl *param, size_t param_size) 1227 { 1228 struct dm_file *priv = filp->private_data; 1229 1230 priv->global_event_nr = atomic_read(&dm_global_event_nr); 1231 1232 return 0; 1233 } 1234 1235 static inline fmode_t get_mode(struct dm_ioctl *param) 1236 { 1237 fmode_t mode = FMODE_READ | FMODE_WRITE; 1238 1239 if (param->flags & DM_READONLY_FLAG) 1240 mode = FMODE_READ; 1241 1242 return mode; 1243 } 1244 1245 static int next_target(struct dm_target_spec *last, uint32_t next, void *end, 1246 struct dm_target_spec **spec, char **target_params) 1247 { 1248 *spec = (struct dm_target_spec *) ((unsigned char *) last + next); 1249 *target_params = (char *) (*spec + 1); 1250 1251 if (*spec < (last + 1)) 1252 return -EINVAL; 1253 1254 return invalid_str(*target_params, end); 1255 } 1256 1257 static int populate_table(struct dm_table *table, 1258 struct dm_ioctl *param, size_t param_size) 1259 { 1260 int r; 1261 unsigned int i = 0; 1262 struct dm_target_spec *spec = (struct dm_target_spec *) param; 1263 uint32_t next = param->data_start; 1264 void *end = (void *) param + param_size; 1265 char *target_params; 1266 1267 if (!param->target_count) { 1268 DMWARN("populate_table: no targets specified"); 1269 return -EINVAL; 1270 } 1271 1272 for (i = 0; i < param->target_count; i++) { 1273 1274 r = next_target(spec, next, end, &spec, &target_params); 1275 if (r) { 1276 DMWARN("unable to find target"); 1277 return r; 1278 } 1279 1280 r = dm_table_add_target(table, spec->target_type, 1281 (sector_t) spec->sector_start, 1282 (sector_t) spec->length, 1283 target_params); 1284 if (r) { 1285 DMWARN("error adding target to table"); 1286 return r; 1287 } 1288 1289 next = spec->next; 1290 } 1291 1292 return dm_table_complete(table); 1293 } 1294 1295 static bool is_valid_type(enum dm_queue_mode cur, enum dm_queue_mode new) 1296 { 1297 if (cur == new || 1298 (cur == DM_TYPE_BIO_BASED && new == DM_TYPE_DAX_BIO_BASED)) 1299 return true; 1300 1301 return false; 1302 } 1303 1304 static int table_load(struct file *filp, struct dm_ioctl *param, size_t param_size) 1305 { 1306 int r; 1307 struct hash_cell *hc; 1308 struct dm_table *t, *old_map = NULL; 1309 struct mapped_device *md; 1310 struct target_type *immutable_target_type; 1311 1312 md = find_device(param); 1313 if (!md) 1314 return -ENXIO; 1315 1316 r = dm_table_create(&t, get_mode(param), param->target_count, md); 1317 if (r) 1318 goto err; 1319 1320 /* Protect md->type and md->queue against concurrent table loads. */ 1321 dm_lock_md_type(md); 1322 r = populate_table(t, param, param_size); 1323 if (r) 1324 goto err_unlock_md_type; 1325 1326 immutable_target_type = dm_get_immutable_target_type(md); 1327 if (immutable_target_type && 1328 (immutable_target_type != dm_table_get_immutable_target_type(t)) && 1329 !dm_table_get_wildcard_target(t)) { 1330 DMWARN("can't replace immutable target type %s", 1331 immutable_target_type->name); 1332 r = -EINVAL; 1333 goto err_unlock_md_type; 1334 } 1335 1336 if (dm_get_md_type(md) == DM_TYPE_NONE) { 1337 /* Initial table load: acquire type of table. */ 1338 dm_set_md_type(md, dm_table_get_type(t)); 1339 1340 /* setup md->queue to reflect md's type (may block) */ 1341 r = dm_setup_md_queue(md, t); 1342 if (r) { 1343 DMWARN("unable to set up device queue for new table."); 1344 goto err_unlock_md_type; 1345 } 1346 } else if (!is_valid_type(dm_get_md_type(md), dm_table_get_type(t))) { 1347 DMWARN("can't change device type (old=%u vs new=%u) after initial table load.", 1348 dm_get_md_type(md), dm_table_get_type(t)); 1349 r = -EINVAL; 1350 goto err_unlock_md_type; 1351 } 1352 1353 dm_unlock_md_type(md); 1354 1355 /* stage inactive table */ 1356 down_write(&_hash_lock); 1357 hc = dm_get_mdptr(md); 1358 if (!hc || hc->md != md) { 1359 DMWARN("device has been removed from the dev hash table."); 1360 up_write(&_hash_lock); 1361 r = -ENXIO; 1362 goto err_destroy_table; 1363 } 1364 1365 if (hc->new_map) 1366 old_map = hc->new_map; 1367 hc->new_map = t; 1368 up_write(&_hash_lock); 1369 1370 param->flags |= DM_INACTIVE_PRESENT_FLAG; 1371 __dev_status(md, param); 1372 1373 if (old_map) { 1374 dm_sync_table(md); 1375 dm_table_destroy(old_map); 1376 } 1377 1378 dm_put(md); 1379 1380 return 0; 1381 1382 err_unlock_md_type: 1383 dm_unlock_md_type(md); 1384 err_destroy_table: 1385 dm_table_destroy(t); 1386 err: 1387 dm_put(md); 1388 1389 return r; 1390 } 1391 1392 static int table_clear(struct file *filp, struct dm_ioctl *param, size_t param_size) 1393 { 1394 struct hash_cell *hc; 1395 struct mapped_device *md; 1396 struct dm_table *old_map = NULL; 1397 1398 down_write(&_hash_lock); 1399 1400 hc = __find_device_hash_cell(param); 1401 if (!hc) { 1402 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1403 up_write(&_hash_lock); 1404 return -ENXIO; 1405 } 1406 1407 if (hc->new_map) { 1408 old_map = hc->new_map; 1409 hc->new_map = NULL; 1410 } 1411 1412 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 1413 1414 __dev_status(hc->md, param); 1415 md = hc->md; 1416 up_write(&_hash_lock); 1417 if (old_map) { 1418 dm_sync_table(md); 1419 dm_table_destroy(old_map); 1420 } 1421 dm_put(md); 1422 1423 return 0; 1424 } 1425 1426 /* 1427 * Retrieves a list of devices used by a particular dm device. 1428 */ 1429 static void retrieve_deps(struct dm_table *table, 1430 struct dm_ioctl *param, size_t param_size) 1431 { 1432 unsigned int count = 0; 1433 struct list_head *tmp; 1434 size_t len, needed; 1435 struct dm_dev_internal *dd; 1436 struct dm_target_deps *deps; 1437 1438 deps = get_result_buffer(param, param_size, &len); 1439 1440 /* 1441 * Count the devices. 1442 */ 1443 list_for_each (tmp, dm_table_get_devices(table)) 1444 count++; 1445 1446 /* 1447 * Check we have enough space. 1448 */ 1449 needed = sizeof(*deps) + (sizeof(*deps->dev) * count); 1450 if (len < needed) { 1451 param->flags |= DM_BUFFER_FULL_FLAG; 1452 return; 1453 } 1454 1455 /* 1456 * Fill in the devices. 1457 */ 1458 deps->count = count; 1459 count = 0; 1460 list_for_each_entry (dd, dm_table_get_devices(table), list) 1461 deps->dev[count++] = huge_encode_dev(dd->dm_dev->bdev->bd_dev); 1462 1463 param->data_size = param->data_start + needed; 1464 } 1465 1466 static int table_deps(struct file *filp, struct dm_ioctl *param, size_t param_size) 1467 { 1468 struct mapped_device *md; 1469 struct dm_table *table; 1470 int srcu_idx; 1471 1472 md = find_device(param); 1473 if (!md) 1474 return -ENXIO; 1475 1476 __dev_status(md, param); 1477 1478 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1479 if (table) 1480 retrieve_deps(table, param, param_size); 1481 dm_put_live_table(md, srcu_idx); 1482 1483 dm_put(md); 1484 1485 return 0; 1486 } 1487 1488 /* 1489 * Return the status of a device as a text string for each 1490 * target. 1491 */ 1492 static int table_status(struct file *filp, struct dm_ioctl *param, size_t param_size) 1493 { 1494 struct mapped_device *md; 1495 struct dm_table *table; 1496 int srcu_idx; 1497 1498 md = find_device(param); 1499 if (!md) 1500 return -ENXIO; 1501 1502 __dev_status(md, param); 1503 1504 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1505 if (table) 1506 retrieve_status(table, param, param_size); 1507 dm_put_live_table(md, srcu_idx); 1508 1509 dm_put(md); 1510 1511 return 0; 1512 } 1513 1514 /* 1515 * Process device-mapper dependent messages. Messages prefixed with '@' 1516 * are processed by the DM core. All others are delivered to the target. 1517 * Returns a number <= 1 if message was processed by device mapper. 1518 * Returns 2 if message should be delivered to the target. 1519 */ 1520 static int message_for_md(struct mapped_device *md, unsigned argc, char **argv, 1521 char *result, unsigned maxlen) 1522 { 1523 int r; 1524 1525 if (**argv != '@') 1526 return 2; /* no '@' prefix, deliver to target */ 1527 1528 if (!strcasecmp(argv[0], "@cancel_deferred_remove")) { 1529 if (argc != 1) { 1530 DMERR("Invalid arguments for @cancel_deferred_remove"); 1531 return -EINVAL; 1532 } 1533 return dm_cancel_deferred_remove(md); 1534 } 1535 1536 r = dm_stats_message(md, argc, argv, result, maxlen); 1537 if (r < 2) 1538 return r; 1539 1540 DMERR("Unsupported message sent to DM core: %s", argv[0]); 1541 return -EINVAL; 1542 } 1543 1544 /* 1545 * Pass a message to the target that's at the supplied device offset. 1546 */ 1547 static int target_message(struct file *filp, struct dm_ioctl *param, size_t param_size) 1548 { 1549 int r, argc; 1550 char **argv; 1551 struct mapped_device *md; 1552 struct dm_table *table; 1553 struct dm_target *ti; 1554 struct dm_target_msg *tmsg = (void *) param + param->data_start; 1555 size_t maxlen; 1556 char *result = get_result_buffer(param, param_size, &maxlen); 1557 int srcu_idx; 1558 1559 md = find_device(param); 1560 if (!md) 1561 return -ENXIO; 1562 1563 if (tmsg < (struct dm_target_msg *) param->data || 1564 invalid_str(tmsg->message, (void *) param + param_size)) { 1565 DMWARN("Invalid target message parameters."); 1566 r = -EINVAL; 1567 goto out; 1568 } 1569 1570 r = dm_split_args(&argc, &argv, tmsg->message); 1571 if (r) { 1572 DMWARN("Failed to split target message parameters"); 1573 goto out; 1574 } 1575 1576 if (!argc) { 1577 DMWARN("Empty message received."); 1578 goto out_argv; 1579 } 1580 1581 r = message_for_md(md, argc, argv, result, maxlen); 1582 if (r <= 1) 1583 goto out_argv; 1584 1585 table = dm_get_live_table(md, &srcu_idx); 1586 if (!table) 1587 goto out_table; 1588 1589 if (dm_deleting_md(md)) { 1590 r = -ENXIO; 1591 goto out_table; 1592 } 1593 1594 ti = dm_table_find_target(table, tmsg->sector); 1595 if (!dm_target_is_valid(ti)) { 1596 DMWARN("Target message sector outside device."); 1597 r = -EINVAL; 1598 } else if (ti->type->message) 1599 r = ti->type->message(ti, argc, argv, result, maxlen); 1600 else { 1601 DMWARN("Target type does not support messages"); 1602 r = -EINVAL; 1603 } 1604 1605 out_table: 1606 dm_put_live_table(md, srcu_idx); 1607 out_argv: 1608 kfree(argv); 1609 out: 1610 if (r >= 0) 1611 __dev_status(md, param); 1612 1613 if (r == 1) { 1614 param->flags |= DM_DATA_OUT_FLAG; 1615 if (dm_message_test_buffer_overflow(result, maxlen)) 1616 param->flags |= DM_BUFFER_FULL_FLAG; 1617 else 1618 param->data_size = param->data_start + strlen(result) + 1; 1619 r = 0; 1620 } 1621 1622 dm_put(md); 1623 return r; 1624 } 1625 1626 /* 1627 * The ioctl parameter block consists of two parts, a dm_ioctl struct 1628 * followed by a data buffer. This flag is set if the second part, 1629 * which has a variable size, is not used by the function processing 1630 * the ioctl. 1631 */ 1632 #define IOCTL_FLAGS_NO_PARAMS 1 1633 #define IOCTL_FLAGS_ISSUE_GLOBAL_EVENT 2 1634 1635 /*----------------------------------------------------------------- 1636 * Implementation of open/close/ioctl on the special char 1637 * device. 1638 *---------------------------------------------------------------*/ 1639 static ioctl_fn lookup_ioctl(unsigned int cmd, int *ioctl_flags) 1640 { 1641 static const struct { 1642 int cmd; 1643 int flags; 1644 ioctl_fn fn; 1645 } _ioctls[] = { 1646 {DM_VERSION_CMD, 0, NULL}, /* version is dealt with elsewhere */ 1647 {DM_REMOVE_ALL_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, remove_all}, 1648 {DM_LIST_DEVICES_CMD, 0, list_devices}, 1649 1650 {DM_DEV_CREATE_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_create}, 1651 {DM_DEV_REMOVE_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_remove}, 1652 {DM_DEV_RENAME_CMD, IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_rename}, 1653 {DM_DEV_SUSPEND_CMD, IOCTL_FLAGS_NO_PARAMS, dev_suspend}, 1654 {DM_DEV_STATUS_CMD, IOCTL_FLAGS_NO_PARAMS, dev_status}, 1655 {DM_DEV_WAIT_CMD, 0, dev_wait}, 1656 1657 {DM_TABLE_LOAD_CMD, 0, table_load}, 1658 {DM_TABLE_CLEAR_CMD, IOCTL_FLAGS_NO_PARAMS, table_clear}, 1659 {DM_TABLE_DEPS_CMD, 0, table_deps}, 1660 {DM_TABLE_STATUS_CMD, 0, table_status}, 1661 1662 {DM_LIST_VERSIONS_CMD, 0, list_versions}, 1663 1664 {DM_TARGET_MSG_CMD, 0, target_message}, 1665 {DM_DEV_SET_GEOMETRY_CMD, 0, dev_set_geometry}, 1666 {DM_DEV_ARM_POLL, IOCTL_FLAGS_NO_PARAMS, dev_arm_poll}, 1667 }; 1668 1669 if (unlikely(cmd >= ARRAY_SIZE(_ioctls))) 1670 return NULL; 1671 1672 *ioctl_flags = _ioctls[cmd].flags; 1673 return _ioctls[cmd].fn; 1674 } 1675 1676 /* 1677 * As well as checking the version compatibility this always 1678 * copies the kernel interface version out. 1679 */ 1680 static int check_version(unsigned int cmd, struct dm_ioctl __user *user) 1681 { 1682 uint32_t version[3]; 1683 int r = 0; 1684 1685 if (copy_from_user(version, user->version, sizeof(version))) 1686 return -EFAULT; 1687 1688 if ((DM_VERSION_MAJOR != version[0]) || 1689 (DM_VERSION_MINOR < version[1])) { 1690 DMWARN("ioctl interface mismatch: " 1691 "kernel(%u.%u.%u), user(%u.%u.%u), cmd(%d)", 1692 DM_VERSION_MAJOR, DM_VERSION_MINOR, 1693 DM_VERSION_PATCHLEVEL, 1694 version[0], version[1], version[2], cmd); 1695 r = -EINVAL; 1696 } 1697 1698 /* 1699 * Fill in the kernel version. 1700 */ 1701 version[0] = DM_VERSION_MAJOR; 1702 version[1] = DM_VERSION_MINOR; 1703 version[2] = DM_VERSION_PATCHLEVEL; 1704 if (copy_to_user(user->version, version, sizeof(version))) 1705 return -EFAULT; 1706 1707 return r; 1708 } 1709 1710 #define DM_PARAMS_MALLOC 0x0001 /* Params allocated with kvmalloc() */ 1711 #define DM_WIPE_BUFFER 0x0010 /* Wipe input buffer before returning from ioctl */ 1712 1713 static void free_params(struct dm_ioctl *param, size_t param_size, int param_flags) 1714 { 1715 if (param_flags & DM_WIPE_BUFFER) 1716 memset(param, 0, param_size); 1717 1718 if (param_flags & DM_PARAMS_MALLOC) 1719 kvfree(param); 1720 } 1721 1722 static int copy_params(struct dm_ioctl __user *user, struct dm_ioctl *param_kernel, 1723 int ioctl_flags, 1724 struct dm_ioctl **param, int *param_flags) 1725 { 1726 struct dm_ioctl *dmi; 1727 int secure_data; 1728 const size_t minimum_data_size = offsetof(struct dm_ioctl, data); 1729 unsigned noio_flag; 1730 1731 if (copy_from_user(param_kernel, user, minimum_data_size)) 1732 return -EFAULT; 1733 1734 if (param_kernel->data_size < minimum_data_size) 1735 return -EINVAL; 1736 1737 secure_data = param_kernel->flags & DM_SECURE_DATA_FLAG; 1738 1739 *param_flags = secure_data ? DM_WIPE_BUFFER : 0; 1740 1741 if (ioctl_flags & IOCTL_FLAGS_NO_PARAMS) { 1742 dmi = param_kernel; 1743 dmi->data_size = minimum_data_size; 1744 goto data_copied; 1745 } 1746 1747 /* 1748 * Use __GFP_HIGH to avoid low memory issues when a device is 1749 * suspended and the ioctl is needed to resume it. 1750 * Use kmalloc() rather than vmalloc() when we can. 1751 */ 1752 dmi = NULL; 1753 noio_flag = memalloc_noio_save(); 1754 dmi = kvmalloc(param_kernel->data_size, GFP_KERNEL | __GFP_HIGH); 1755 memalloc_noio_restore(noio_flag); 1756 1757 if (!dmi) { 1758 if (secure_data && clear_user(user, param_kernel->data_size)) 1759 return -EFAULT; 1760 return -ENOMEM; 1761 } 1762 1763 *param_flags |= DM_PARAMS_MALLOC; 1764 1765 if (copy_from_user(dmi, user, param_kernel->data_size)) 1766 goto bad; 1767 1768 data_copied: 1769 /* 1770 * Abort if something changed the ioctl data while it was being copied. 1771 */ 1772 if (dmi->data_size != param_kernel->data_size) { 1773 DMERR("rejecting ioctl: data size modified while processing parameters"); 1774 goto bad; 1775 } 1776 1777 /* Wipe the user buffer so we do not return it to userspace */ 1778 if (secure_data && clear_user(user, param_kernel->data_size)) 1779 goto bad; 1780 1781 *param = dmi; 1782 return 0; 1783 1784 bad: 1785 free_params(dmi, param_kernel->data_size, *param_flags); 1786 1787 return -EFAULT; 1788 } 1789 1790 static int validate_params(uint cmd, struct dm_ioctl *param) 1791 { 1792 /* Always clear this flag */ 1793 param->flags &= ~DM_BUFFER_FULL_FLAG; 1794 param->flags &= ~DM_UEVENT_GENERATED_FLAG; 1795 param->flags &= ~DM_SECURE_DATA_FLAG; 1796 param->flags &= ~DM_DATA_OUT_FLAG; 1797 1798 /* Ignores parameters */ 1799 if (cmd == DM_REMOVE_ALL_CMD || 1800 cmd == DM_LIST_DEVICES_CMD || 1801 cmd == DM_LIST_VERSIONS_CMD) 1802 return 0; 1803 1804 if (cmd == DM_DEV_CREATE_CMD) { 1805 if (!*param->name) { 1806 DMWARN("name not supplied when creating device"); 1807 return -EINVAL; 1808 } 1809 } else if (*param->uuid && *param->name) { 1810 DMWARN("only supply one of name or uuid, cmd(%u)", cmd); 1811 return -EINVAL; 1812 } 1813 1814 /* Ensure strings are terminated */ 1815 param->name[DM_NAME_LEN - 1] = '\0'; 1816 param->uuid[DM_UUID_LEN - 1] = '\0'; 1817 1818 return 0; 1819 } 1820 1821 static int ctl_ioctl(struct file *file, uint command, struct dm_ioctl __user *user) 1822 { 1823 int r = 0; 1824 int ioctl_flags; 1825 int param_flags; 1826 unsigned int cmd; 1827 struct dm_ioctl *uninitialized_var(param); 1828 ioctl_fn fn = NULL; 1829 size_t input_param_size; 1830 struct dm_ioctl param_kernel; 1831 1832 /* only root can play with this */ 1833 if (!capable(CAP_SYS_ADMIN)) 1834 return -EACCES; 1835 1836 if (_IOC_TYPE(command) != DM_IOCTL) 1837 return -ENOTTY; 1838 1839 cmd = _IOC_NR(command); 1840 1841 /* 1842 * Check the interface version passed in. This also 1843 * writes out the kernel's interface version. 1844 */ 1845 r = check_version(cmd, user); 1846 if (r) 1847 return r; 1848 1849 /* 1850 * Nothing more to do for the version command. 1851 */ 1852 if (cmd == DM_VERSION_CMD) 1853 return 0; 1854 1855 fn = lookup_ioctl(cmd, &ioctl_flags); 1856 if (!fn) { 1857 DMWARN("dm_ctl_ioctl: unknown command 0x%x", command); 1858 return -ENOTTY; 1859 } 1860 1861 /* 1862 * Copy the parameters into kernel space. 1863 */ 1864 r = copy_params(user, ¶m_kernel, ioctl_flags, ¶m, ¶m_flags); 1865 1866 if (r) 1867 return r; 1868 1869 input_param_size = param->data_size; 1870 r = validate_params(cmd, param); 1871 if (r) 1872 goto out; 1873 1874 param->data_size = offsetof(struct dm_ioctl, data); 1875 r = fn(file, param, input_param_size); 1876 1877 if (unlikely(param->flags & DM_BUFFER_FULL_FLAG) && 1878 unlikely(ioctl_flags & IOCTL_FLAGS_NO_PARAMS)) 1879 DMERR("ioctl %d tried to output some data but has IOCTL_FLAGS_NO_PARAMS set", cmd); 1880 1881 if (!r && ioctl_flags & IOCTL_FLAGS_ISSUE_GLOBAL_EVENT) 1882 dm_issue_global_event(); 1883 1884 /* 1885 * Copy the results back to userland. 1886 */ 1887 if (!r && copy_to_user(user, param, param->data_size)) 1888 r = -EFAULT; 1889 1890 out: 1891 free_params(param, input_param_size, param_flags); 1892 return r; 1893 } 1894 1895 static long dm_ctl_ioctl(struct file *file, uint command, ulong u) 1896 { 1897 return (long)ctl_ioctl(file, command, (struct dm_ioctl __user *)u); 1898 } 1899 1900 #ifdef CONFIG_COMPAT 1901 static long dm_compat_ctl_ioctl(struct file *file, uint command, ulong u) 1902 { 1903 return (long)dm_ctl_ioctl(file, command, (ulong) compat_ptr(u)); 1904 } 1905 #else 1906 #define dm_compat_ctl_ioctl NULL 1907 #endif 1908 1909 static int dm_open(struct inode *inode, struct file *filp) 1910 { 1911 int r; 1912 struct dm_file *priv; 1913 1914 r = nonseekable_open(inode, filp); 1915 if (unlikely(r)) 1916 return r; 1917 1918 priv = filp->private_data = kmalloc(sizeof(struct dm_file), GFP_KERNEL); 1919 if (!priv) 1920 return -ENOMEM; 1921 1922 priv->global_event_nr = atomic_read(&dm_global_event_nr); 1923 1924 return 0; 1925 } 1926 1927 static int dm_release(struct inode *inode, struct file *filp) 1928 { 1929 kfree(filp->private_data); 1930 return 0; 1931 } 1932 1933 static __poll_t dm_poll(struct file *filp, poll_table *wait) 1934 { 1935 struct dm_file *priv = filp->private_data; 1936 __poll_t mask = 0; 1937 1938 poll_wait(filp, &dm_global_eventq, wait); 1939 1940 if ((int)(atomic_read(&dm_global_event_nr) - priv->global_event_nr) > 0) 1941 mask |= EPOLLIN; 1942 1943 return mask; 1944 } 1945 1946 static const struct file_operations _ctl_fops = { 1947 .open = dm_open, 1948 .release = dm_release, 1949 .poll = dm_poll, 1950 .unlocked_ioctl = dm_ctl_ioctl, 1951 .compat_ioctl = dm_compat_ctl_ioctl, 1952 .owner = THIS_MODULE, 1953 .llseek = noop_llseek, 1954 }; 1955 1956 static struct miscdevice _dm_misc = { 1957 .minor = MAPPER_CTRL_MINOR, 1958 .name = DM_NAME, 1959 .nodename = DM_DIR "/" DM_CONTROL_NODE, 1960 .fops = &_ctl_fops 1961 }; 1962 1963 MODULE_ALIAS_MISCDEV(MAPPER_CTRL_MINOR); 1964 MODULE_ALIAS("devname:" DM_DIR "/" DM_CONTROL_NODE); 1965 1966 /* 1967 * Create misc character device and link to DM_DIR/control. 1968 */ 1969 int __init dm_interface_init(void) 1970 { 1971 int r; 1972 1973 r = dm_hash_init(); 1974 if (r) 1975 return r; 1976 1977 r = misc_register(&_dm_misc); 1978 if (r) { 1979 DMERR("misc_register failed for control device"); 1980 dm_hash_exit(); 1981 return r; 1982 } 1983 1984 DMINFO("%d.%d.%d%s initialised: %s", DM_VERSION_MAJOR, 1985 DM_VERSION_MINOR, DM_VERSION_PATCHLEVEL, DM_VERSION_EXTRA, 1986 DM_DRIVER_EMAIL); 1987 return 0; 1988 } 1989 1990 void dm_interface_exit(void) 1991 { 1992 misc_deregister(&_dm_misc); 1993 dm_hash_exit(); 1994 } 1995 1996 /** 1997 * dm_copy_name_and_uuid - Copy mapped device name & uuid into supplied buffers 1998 * @md: Pointer to mapped_device 1999 * @name: Buffer (size DM_NAME_LEN) for name 2000 * @uuid: Buffer (size DM_UUID_LEN) for uuid or empty string if uuid not defined 2001 */ 2002 int dm_copy_name_and_uuid(struct mapped_device *md, char *name, char *uuid) 2003 { 2004 int r = 0; 2005 struct hash_cell *hc; 2006 2007 if (!md) 2008 return -ENXIO; 2009 2010 mutex_lock(&dm_hash_cells_mutex); 2011 hc = dm_get_mdptr(md); 2012 if (!hc || hc->md != md) { 2013 r = -ENXIO; 2014 goto out; 2015 } 2016 2017 if (name) 2018 strcpy(name, hc->name); 2019 if (uuid) 2020 strcpy(uuid, hc->uuid ? : ""); 2021 2022 out: 2023 mutex_unlock(&dm_hash_cells_mutex); 2024 2025 return r; 2026 } 2027