xref: /openbmc/linux/drivers/md/dm-ioctl.c (revision a36954f5)
1 /*
2  * Copyright (C) 2001, 2002 Sistina Software (UK) Limited.
3  * Copyright (C) 2004 - 2006 Red Hat, Inc. All rights reserved.
4  *
5  * This file is released under the GPL.
6  */
7 
8 #include "dm-core.h"
9 
10 #include <linux/module.h>
11 #include <linux/vmalloc.h>
12 #include <linux/miscdevice.h>
13 #include <linux/sched/mm.h>
14 #include <linux/init.h>
15 #include <linux/wait.h>
16 #include <linux/slab.h>
17 #include <linux/dm-ioctl.h>
18 #include <linux/hdreg.h>
19 #include <linux/compat.h>
20 
21 #include <linux/uaccess.h>
22 
23 #define DM_MSG_PREFIX "ioctl"
24 #define DM_DRIVER_EMAIL "dm-devel@redhat.com"
25 
26 /*-----------------------------------------------------------------
27  * The ioctl interface needs to be able to look up devices by
28  * name or uuid.
29  *---------------------------------------------------------------*/
30 struct hash_cell {
31 	struct list_head name_list;
32 	struct list_head uuid_list;
33 
34 	char *name;
35 	char *uuid;
36 	struct mapped_device *md;
37 	struct dm_table *new_map;
38 };
39 
40 struct vers_iter {
41     size_t param_size;
42     struct dm_target_versions *vers, *old_vers;
43     char *end;
44     uint32_t flags;
45 };
46 
47 
48 #define NUM_BUCKETS 64
49 #define MASK_BUCKETS (NUM_BUCKETS - 1)
50 static struct list_head _name_buckets[NUM_BUCKETS];
51 static struct list_head _uuid_buckets[NUM_BUCKETS];
52 
53 static void dm_hash_remove_all(bool keep_open_devices, bool mark_deferred, bool only_deferred);
54 
55 /*
56  * Guards access to both hash tables.
57  */
58 static DECLARE_RWSEM(_hash_lock);
59 
60 /*
61  * Protects use of mdptr to obtain hash cell name and uuid from mapped device.
62  */
63 static DEFINE_MUTEX(dm_hash_cells_mutex);
64 
65 static void init_buckets(struct list_head *buckets)
66 {
67 	unsigned int i;
68 
69 	for (i = 0; i < NUM_BUCKETS; i++)
70 		INIT_LIST_HEAD(buckets + i);
71 }
72 
73 static int dm_hash_init(void)
74 {
75 	init_buckets(_name_buckets);
76 	init_buckets(_uuid_buckets);
77 	return 0;
78 }
79 
80 static void dm_hash_exit(void)
81 {
82 	dm_hash_remove_all(false, false, false);
83 }
84 
85 /*-----------------------------------------------------------------
86  * Hash function:
87  * We're not really concerned with the str hash function being
88  * fast since it's only used by the ioctl interface.
89  *---------------------------------------------------------------*/
90 static unsigned int hash_str(const char *str)
91 {
92 	const unsigned int hash_mult = 2654435387U;
93 	unsigned int h = 0;
94 
95 	while (*str)
96 		h = (h + (unsigned int) *str++) * hash_mult;
97 
98 	return h & MASK_BUCKETS;
99 }
100 
101 /*-----------------------------------------------------------------
102  * Code for looking up a device by name
103  *---------------------------------------------------------------*/
104 static struct hash_cell *__get_name_cell(const char *str)
105 {
106 	struct hash_cell *hc;
107 	unsigned int h = hash_str(str);
108 
109 	list_for_each_entry (hc, _name_buckets + h, name_list)
110 		if (!strcmp(hc->name, str)) {
111 			dm_get(hc->md);
112 			return hc;
113 		}
114 
115 	return NULL;
116 }
117 
118 static struct hash_cell *__get_uuid_cell(const char *str)
119 {
120 	struct hash_cell *hc;
121 	unsigned int h = hash_str(str);
122 
123 	list_for_each_entry (hc, _uuid_buckets + h, uuid_list)
124 		if (!strcmp(hc->uuid, str)) {
125 			dm_get(hc->md);
126 			return hc;
127 		}
128 
129 	return NULL;
130 }
131 
132 static struct hash_cell *__get_dev_cell(uint64_t dev)
133 {
134 	struct mapped_device *md;
135 	struct hash_cell *hc;
136 
137 	md = dm_get_md(huge_decode_dev(dev));
138 	if (!md)
139 		return NULL;
140 
141 	hc = dm_get_mdptr(md);
142 	if (!hc) {
143 		dm_put(md);
144 		return NULL;
145 	}
146 
147 	return hc;
148 }
149 
150 /*-----------------------------------------------------------------
151  * Inserting, removing and renaming a device.
152  *---------------------------------------------------------------*/
153 static struct hash_cell *alloc_cell(const char *name, const char *uuid,
154 				    struct mapped_device *md)
155 {
156 	struct hash_cell *hc;
157 
158 	hc = kmalloc(sizeof(*hc), GFP_KERNEL);
159 	if (!hc)
160 		return NULL;
161 
162 	hc->name = kstrdup(name, GFP_KERNEL);
163 	if (!hc->name) {
164 		kfree(hc);
165 		return NULL;
166 	}
167 
168 	if (!uuid)
169 		hc->uuid = NULL;
170 
171 	else {
172 		hc->uuid = kstrdup(uuid, GFP_KERNEL);
173 		if (!hc->uuid) {
174 			kfree(hc->name);
175 			kfree(hc);
176 			return NULL;
177 		}
178 	}
179 
180 	INIT_LIST_HEAD(&hc->name_list);
181 	INIT_LIST_HEAD(&hc->uuid_list);
182 	hc->md = md;
183 	hc->new_map = NULL;
184 	return hc;
185 }
186 
187 static void free_cell(struct hash_cell *hc)
188 {
189 	if (hc) {
190 		kfree(hc->name);
191 		kfree(hc->uuid);
192 		kfree(hc);
193 	}
194 }
195 
196 /*
197  * The kdev_t and uuid of a device can never change once it is
198  * initially inserted.
199  */
200 static int dm_hash_insert(const char *name, const char *uuid, struct mapped_device *md)
201 {
202 	struct hash_cell *cell, *hc;
203 
204 	/*
205 	 * Allocate the new cells.
206 	 */
207 	cell = alloc_cell(name, uuid, md);
208 	if (!cell)
209 		return -ENOMEM;
210 
211 	/*
212 	 * Insert the cell into both hash tables.
213 	 */
214 	down_write(&_hash_lock);
215 	hc = __get_name_cell(name);
216 	if (hc) {
217 		dm_put(hc->md);
218 		goto bad;
219 	}
220 
221 	list_add(&cell->name_list, _name_buckets + hash_str(name));
222 
223 	if (uuid) {
224 		hc = __get_uuid_cell(uuid);
225 		if (hc) {
226 			list_del(&cell->name_list);
227 			dm_put(hc->md);
228 			goto bad;
229 		}
230 		list_add(&cell->uuid_list, _uuid_buckets + hash_str(uuid));
231 	}
232 	dm_get(md);
233 	mutex_lock(&dm_hash_cells_mutex);
234 	dm_set_mdptr(md, cell);
235 	mutex_unlock(&dm_hash_cells_mutex);
236 	up_write(&_hash_lock);
237 
238 	return 0;
239 
240  bad:
241 	up_write(&_hash_lock);
242 	free_cell(cell);
243 	return -EBUSY;
244 }
245 
246 static struct dm_table *__hash_remove(struct hash_cell *hc)
247 {
248 	struct dm_table *table;
249 	int srcu_idx;
250 
251 	/* remove from the dev hash */
252 	list_del(&hc->uuid_list);
253 	list_del(&hc->name_list);
254 	mutex_lock(&dm_hash_cells_mutex);
255 	dm_set_mdptr(hc->md, NULL);
256 	mutex_unlock(&dm_hash_cells_mutex);
257 
258 	table = dm_get_live_table(hc->md, &srcu_idx);
259 	if (table)
260 		dm_table_event(table);
261 	dm_put_live_table(hc->md, srcu_idx);
262 
263 	table = NULL;
264 	if (hc->new_map)
265 		table = hc->new_map;
266 	dm_put(hc->md);
267 	free_cell(hc);
268 
269 	return table;
270 }
271 
272 static void dm_hash_remove_all(bool keep_open_devices, bool mark_deferred, bool only_deferred)
273 {
274 	int i, dev_skipped;
275 	struct hash_cell *hc;
276 	struct mapped_device *md;
277 	struct dm_table *t;
278 
279 retry:
280 	dev_skipped = 0;
281 
282 	down_write(&_hash_lock);
283 
284 	for (i = 0; i < NUM_BUCKETS; i++) {
285 		list_for_each_entry(hc, _name_buckets + i, name_list) {
286 			md = hc->md;
287 			dm_get(md);
288 
289 			if (keep_open_devices &&
290 			    dm_lock_for_deletion(md, mark_deferred, only_deferred)) {
291 				dm_put(md);
292 				dev_skipped++;
293 				continue;
294 			}
295 
296 			t = __hash_remove(hc);
297 
298 			up_write(&_hash_lock);
299 
300 			if (t) {
301 				dm_sync_table(md);
302 				dm_table_destroy(t);
303 			}
304 			dm_put(md);
305 			if (likely(keep_open_devices))
306 				dm_destroy(md);
307 			else
308 				dm_destroy_immediate(md);
309 
310 			/*
311 			 * Some mapped devices may be using other mapped
312 			 * devices, so repeat until we make no further
313 			 * progress.  If a new mapped device is created
314 			 * here it will also get removed.
315 			 */
316 			goto retry;
317 		}
318 	}
319 
320 	up_write(&_hash_lock);
321 
322 	if (dev_skipped)
323 		DMWARN("remove_all left %d open device(s)", dev_skipped);
324 }
325 
326 /*
327  * Set the uuid of a hash_cell that isn't already set.
328  */
329 static void __set_cell_uuid(struct hash_cell *hc, char *new_uuid)
330 {
331 	mutex_lock(&dm_hash_cells_mutex);
332 	hc->uuid = new_uuid;
333 	mutex_unlock(&dm_hash_cells_mutex);
334 
335 	list_add(&hc->uuid_list, _uuid_buckets + hash_str(new_uuid));
336 }
337 
338 /*
339  * Changes the name of a hash_cell and returns the old name for
340  * the caller to free.
341  */
342 static char *__change_cell_name(struct hash_cell *hc, char *new_name)
343 {
344 	char *old_name;
345 
346 	/*
347 	 * Rename and move the name cell.
348 	 */
349 	list_del(&hc->name_list);
350 	old_name = hc->name;
351 
352 	mutex_lock(&dm_hash_cells_mutex);
353 	hc->name = new_name;
354 	mutex_unlock(&dm_hash_cells_mutex);
355 
356 	list_add(&hc->name_list, _name_buckets + hash_str(new_name));
357 
358 	return old_name;
359 }
360 
361 static struct mapped_device *dm_hash_rename(struct dm_ioctl *param,
362 					    const char *new)
363 {
364 	char *new_data, *old_name = NULL;
365 	struct hash_cell *hc;
366 	struct dm_table *table;
367 	struct mapped_device *md;
368 	unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0;
369 	int srcu_idx;
370 
371 	/*
372 	 * duplicate new.
373 	 */
374 	new_data = kstrdup(new, GFP_KERNEL);
375 	if (!new_data)
376 		return ERR_PTR(-ENOMEM);
377 
378 	down_write(&_hash_lock);
379 
380 	/*
381 	 * Is new free ?
382 	 */
383 	if (change_uuid)
384 		hc = __get_uuid_cell(new);
385 	else
386 		hc = __get_name_cell(new);
387 
388 	if (hc) {
389 		DMWARN("Unable to change %s on mapped device %s to one that "
390 		       "already exists: %s",
391 		       change_uuid ? "uuid" : "name",
392 		       param->name, new);
393 		dm_put(hc->md);
394 		up_write(&_hash_lock);
395 		kfree(new_data);
396 		return ERR_PTR(-EBUSY);
397 	}
398 
399 	/*
400 	 * Is there such a device as 'old' ?
401 	 */
402 	hc = __get_name_cell(param->name);
403 	if (!hc) {
404 		DMWARN("Unable to rename non-existent device, %s to %s%s",
405 		       param->name, change_uuid ? "uuid " : "", new);
406 		up_write(&_hash_lock);
407 		kfree(new_data);
408 		return ERR_PTR(-ENXIO);
409 	}
410 
411 	/*
412 	 * Does this device already have a uuid?
413 	 */
414 	if (change_uuid && hc->uuid) {
415 		DMWARN("Unable to change uuid of mapped device %s to %s "
416 		       "because uuid is already set to %s",
417 		       param->name, new, hc->uuid);
418 		dm_put(hc->md);
419 		up_write(&_hash_lock);
420 		kfree(new_data);
421 		return ERR_PTR(-EINVAL);
422 	}
423 
424 	if (change_uuid)
425 		__set_cell_uuid(hc, new_data);
426 	else
427 		old_name = __change_cell_name(hc, new_data);
428 
429 	/*
430 	 * Wake up any dm event waiters.
431 	 */
432 	table = dm_get_live_table(hc->md, &srcu_idx);
433 	if (table)
434 		dm_table_event(table);
435 	dm_put_live_table(hc->md, srcu_idx);
436 
437 	if (!dm_kobject_uevent(hc->md, KOBJ_CHANGE, param->event_nr))
438 		param->flags |= DM_UEVENT_GENERATED_FLAG;
439 
440 	md = hc->md;
441 	up_write(&_hash_lock);
442 	kfree(old_name);
443 
444 	return md;
445 }
446 
447 void dm_deferred_remove(void)
448 {
449 	dm_hash_remove_all(true, false, true);
450 }
451 
452 /*-----------------------------------------------------------------
453  * Implementation of the ioctl commands
454  *---------------------------------------------------------------*/
455 /*
456  * All the ioctl commands get dispatched to functions with this
457  * prototype.
458  */
459 typedef int (*ioctl_fn)(struct dm_ioctl *param, size_t param_size);
460 
461 static int remove_all(struct dm_ioctl *param, size_t param_size)
462 {
463 	dm_hash_remove_all(true, !!(param->flags & DM_DEFERRED_REMOVE), false);
464 	param->data_size = 0;
465 	return 0;
466 }
467 
468 /*
469  * Round up the ptr to an 8-byte boundary.
470  */
471 #define ALIGN_MASK 7
472 static inline void *align_ptr(void *ptr)
473 {
474 	return (void *) (((size_t) (ptr + ALIGN_MASK)) & ~ALIGN_MASK);
475 }
476 
477 /*
478  * Retrieves the data payload buffer from an already allocated
479  * struct dm_ioctl.
480  */
481 static void *get_result_buffer(struct dm_ioctl *param, size_t param_size,
482 			       size_t *len)
483 {
484 	param->data_start = align_ptr(param + 1) - (void *) param;
485 
486 	if (param->data_start < param_size)
487 		*len = param_size - param->data_start;
488 	else
489 		*len = 0;
490 
491 	return ((void *) param) + param->data_start;
492 }
493 
494 static int list_devices(struct dm_ioctl *param, size_t param_size)
495 {
496 	unsigned int i;
497 	struct hash_cell *hc;
498 	size_t len, needed = 0;
499 	struct gendisk *disk;
500 	struct dm_name_list *nl, *old_nl = NULL;
501 
502 	down_write(&_hash_lock);
503 
504 	/*
505 	 * Loop through all the devices working out how much
506 	 * space we need.
507 	 */
508 	for (i = 0; i < NUM_BUCKETS; i++) {
509 		list_for_each_entry (hc, _name_buckets + i, name_list) {
510 			needed += sizeof(struct dm_name_list);
511 			needed += strlen(hc->name) + 1;
512 			needed += ALIGN_MASK;
513 		}
514 	}
515 
516 	/*
517 	 * Grab our output buffer.
518 	 */
519 	nl = get_result_buffer(param, param_size, &len);
520 	if (len < needed) {
521 		param->flags |= DM_BUFFER_FULL_FLAG;
522 		goto out;
523 	}
524 	param->data_size = param->data_start + needed;
525 
526 	nl->dev = 0;	/* Flags no data */
527 
528 	/*
529 	 * Now loop through filling out the names.
530 	 */
531 	for (i = 0; i < NUM_BUCKETS; i++) {
532 		list_for_each_entry (hc, _name_buckets + i, name_list) {
533 			if (old_nl)
534 				old_nl->next = (uint32_t) ((void *) nl -
535 							   (void *) old_nl);
536 			disk = dm_disk(hc->md);
537 			nl->dev = huge_encode_dev(disk_devt(disk));
538 			nl->next = 0;
539 			strcpy(nl->name, hc->name);
540 
541 			old_nl = nl;
542 			nl = align_ptr(((void *) ++nl) + strlen(hc->name) + 1);
543 		}
544 	}
545 
546  out:
547 	up_write(&_hash_lock);
548 	return 0;
549 }
550 
551 static void list_version_get_needed(struct target_type *tt, void *needed_param)
552 {
553     size_t *needed = needed_param;
554 
555     *needed += sizeof(struct dm_target_versions);
556     *needed += strlen(tt->name);
557     *needed += ALIGN_MASK;
558 }
559 
560 static void list_version_get_info(struct target_type *tt, void *param)
561 {
562     struct vers_iter *info = param;
563 
564     /* Check space - it might have changed since the first iteration */
565     if ((char *)info->vers + sizeof(tt->version) + strlen(tt->name) + 1 >
566 	info->end) {
567 
568 	info->flags = DM_BUFFER_FULL_FLAG;
569 	return;
570     }
571 
572     if (info->old_vers)
573 	info->old_vers->next = (uint32_t) ((void *)info->vers -
574 					   (void *)info->old_vers);
575     info->vers->version[0] = tt->version[0];
576     info->vers->version[1] = tt->version[1];
577     info->vers->version[2] = tt->version[2];
578     info->vers->next = 0;
579     strcpy(info->vers->name, tt->name);
580 
581     info->old_vers = info->vers;
582     info->vers = align_ptr(((void *) ++info->vers) + strlen(tt->name) + 1);
583 }
584 
585 static int list_versions(struct dm_ioctl *param, size_t param_size)
586 {
587 	size_t len, needed = 0;
588 	struct dm_target_versions *vers;
589 	struct vers_iter iter_info;
590 
591 	/*
592 	 * Loop through all the devices working out how much
593 	 * space we need.
594 	 */
595 	dm_target_iterate(list_version_get_needed, &needed);
596 
597 	/*
598 	 * Grab our output buffer.
599 	 */
600 	vers = get_result_buffer(param, param_size, &len);
601 	if (len < needed) {
602 		param->flags |= DM_BUFFER_FULL_FLAG;
603 		goto out;
604 	}
605 	param->data_size = param->data_start + needed;
606 
607 	iter_info.param_size = param_size;
608 	iter_info.old_vers = NULL;
609 	iter_info.vers = vers;
610 	iter_info.flags = 0;
611 	iter_info.end = (char *)vers+len;
612 
613 	/*
614 	 * Now loop through filling out the names & versions.
615 	 */
616 	dm_target_iterate(list_version_get_info, &iter_info);
617 	param->flags |= iter_info.flags;
618 
619  out:
620 	return 0;
621 }
622 
623 static int check_name(const char *name)
624 {
625 	if (strchr(name, '/')) {
626 		DMWARN("invalid device name");
627 		return -EINVAL;
628 	}
629 
630 	return 0;
631 }
632 
633 /*
634  * On successful return, the caller must not attempt to acquire
635  * _hash_lock without first calling dm_put_live_table, because dm_table_destroy
636  * waits for this dm_put_live_table and could be called under this lock.
637  */
638 static struct dm_table *dm_get_inactive_table(struct mapped_device *md, int *srcu_idx)
639 {
640 	struct hash_cell *hc;
641 	struct dm_table *table = NULL;
642 
643 	/* increment rcu count, we don't care about the table pointer */
644 	dm_get_live_table(md, srcu_idx);
645 
646 	down_read(&_hash_lock);
647 	hc = dm_get_mdptr(md);
648 	if (!hc || hc->md != md) {
649 		DMWARN("device has been removed from the dev hash table.");
650 		goto out;
651 	}
652 
653 	table = hc->new_map;
654 
655 out:
656 	up_read(&_hash_lock);
657 
658 	return table;
659 }
660 
661 static struct dm_table *dm_get_live_or_inactive_table(struct mapped_device *md,
662 						      struct dm_ioctl *param,
663 						      int *srcu_idx)
664 {
665 	return (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) ?
666 		dm_get_inactive_table(md, srcu_idx) : dm_get_live_table(md, srcu_idx);
667 }
668 
669 /*
670  * Fills in a dm_ioctl structure, ready for sending back to
671  * userland.
672  */
673 static void __dev_status(struct mapped_device *md, struct dm_ioctl *param)
674 {
675 	struct gendisk *disk = dm_disk(md);
676 	struct dm_table *table;
677 	int srcu_idx;
678 
679 	param->flags &= ~(DM_SUSPEND_FLAG | DM_READONLY_FLAG |
680 			  DM_ACTIVE_PRESENT_FLAG | DM_INTERNAL_SUSPEND_FLAG);
681 
682 	if (dm_suspended_md(md))
683 		param->flags |= DM_SUSPEND_FLAG;
684 
685 	if (dm_suspended_internally_md(md))
686 		param->flags |= DM_INTERNAL_SUSPEND_FLAG;
687 
688 	if (dm_test_deferred_remove_flag(md))
689 		param->flags |= DM_DEFERRED_REMOVE;
690 
691 	param->dev = huge_encode_dev(disk_devt(disk));
692 
693 	/*
694 	 * Yes, this will be out of date by the time it gets back
695 	 * to userland, but it is still very useful for
696 	 * debugging.
697 	 */
698 	param->open_count = dm_open_count(md);
699 
700 	param->event_nr = dm_get_event_nr(md);
701 	param->target_count = 0;
702 
703 	table = dm_get_live_table(md, &srcu_idx);
704 	if (table) {
705 		if (!(param->flags & DM_QUERY_INACTIVE_TABLE_FLAG)) {
706 			if (get_disk_ro(disk))
707 				param->flags |= DM_READONLY_FLAG;
708 			param->target_count = dm_table_get_num_targets(table);
709 		}
710 
711 		param->flags |= DM_ACTIVE_PRESENT_FLAG;
712 	}
713 	dm_put_live_table(md, srcu_idx);
714 
715 	if (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) {
716 		int srcu_idx;
717 		table = dm_get_inactive_table(md, &srcu_idx);
718 		if (table) {
719 			if (!(dm_table_get_mode(table) & FMODE_WRITE))
720 				param->flags |= DM_READONLY_FLAG;
721 			param->target_count = dm_table_get_num_targets(table);
722 		}
723 		dm_put_live_table(md, srcu_idx);
724 	}
725 }
726 
727 static int dev_create(struct dm_ioctl *param, size_t param_size)
728 {
729 	int r, m = DM_ANY_MINOR;
730 	struct mapped_device *md;
731 
732 	r = check_name(param->name);
733 	if (r)
734 		return r;
735 
736 	if (param->flags & DM_PERSISTENT_DEV_FLAG)
737 		m = MINOR(huge_decode_dev(param->dev));
738 
739 	r = dm_create(m, &md);
740 	if (r)
741 		return r;
742 
743 	r = dm_hash_insert(param->name, *param->uuid ? param->uuid : NULL, md);
744 	if (r) {
745 		dm_put(md);
746 		dm_destroy(md);
747 		return r;
748 	}
749 
750 	param->flags &= ~DM_INACTIVE_PRESENT_FLAG;
751 
752 	__dev_status(md, param);
753 
754 	dm_put(md);
755 
756 	return 0;
757 }
758 
759 /*
760  * Always use UUID for lookups if it's present, otherwise use name or dev.
761  */
762 static struct hash_cell *__find_device_hash_cell(struct dm_ioctl *param)
763 {
764 	struct hash_cell *hc = NULL;
765 
766 	if (*param->uuid) {
767 		if (*param->name || param->dev)
768 			return NULL;
769 
770 		hc = __get_uuid_cell(param->uuid);
771 		if (!hc)
772 			return NULL;
773 	} else if (*param->name) {
774 		if (param->dev)
775 			return NULL;
776 
777 		hc = __get_name_cell(param->name);
778 		if (!hc)
779 			return NULL;
780 	} else if (param->dev) {
781 		hc = __get_dev_cell(param->dev);
782 		if (!hc)
783 			return NULL;
784 	} else
785 		return NULL;
786 
787 	/*
788 	 * Sneakily write in both the name and the uuid
789 	 * while we have the cell.
790 	 */
791 	strlcpy(param->name, hc->name, sizeof(param->name));
792 	if (hc->uuid)
793 		strlcpy(param->uuid, hc->uuid, sizeof(param->uuid));
794 	else
795 		param->uuid[0] = '\0';
796 
797 	if (hc->new_map)
798 		param->flags |= DM_INACTIVE_PRESENT_FLAG;
799 	else
800 		param->flags &= ~DM_INACTIVE_PRESENT_FLAG;
801 
802 	return hc;
803 }
804 
805 static struct mapped_device *find_device(struct dm_ioctl *param)
806 {
807 	struct hash_cell *hc;
808 	struct mapped_device *md = NULL;
809 
810 	down_read(&_hash_lock);
811 	hc = __find_device_hash_cell(param);
812 	if (hc)
813 		md = hc->md;
814 	up_read(&_hash_lock);
815 
816 	return md;
817 }
818 
819 static int dev_remove(struct dm_ioctl *param, size_t param_size)
820 {
821 	struct hash_cell *hc;
822 	struct mapped_device *md;
823 	int r;
824 	struct dm_table *t;
825 
826 	down_write(&_hash_lock);
827 	hc = __find_device_hash_cell(param);
828 
829 	if (!hc) {
830 		DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table.");
831 		up_write(&_hash_lock);
832 		return -ENXIO;
833 	}
834 
835 	md = hc->md;
836 
837 	/*
838 	 * Ensure the device is not open and nothing further can open it.
839 	 */
840 	r = dm_lock_for_deletion(md, !!(param->flags & DM_DEFERRED_REMOVE), false);
841 	if (r) {
842 		if (r == -EBUSY && param->flags & DM_DEFERRED_REMOVE) {
843 			up_write(&_hash_lock);
844 			dm_put(md);
845 			return 0;
846 		}
847 		DMDEBUG_LIMIT("unable to remove open device %s", hc->name);
848 		up_write(&_hash_lock);
849 		dm_put(md);
850 		return r;
851 	}
852 
853 	t = __hash_remove(hc);
854 	up_write(&_hash_lock);
855 
856 	if (t) {
857 		dm_sync_table(md);
858 		dm_table_destroy(t);
859 	}
860 
861 	param->flags &= ~DM_DEFERRED_REMOVE;
862 
863 	if (!dm_kobject_uevent(md, KOBJ_REMOVE, param->event_nr))
864 		param->flags |= DM_UEVENT_GENERATED_FLAG;
865 
866 	dm_put(md);
867 	dm_destroy(md);
868 	return 0;
869 }
870 
871 /*
872  * Check a string doesn't overrun the chunk of
873  * memory we copied from userland.
874  */
875 static int invalid_str(char *str, void *end)
876 {
877 	while ((void *) str < end)
878 		if (!*str++)
879 			return 0;
880 
881 	return -EINVAL;
882 }
883 
884 static int dev_rename(struct dm_ioctl *param, size_t param_size)
885 {
886 	int r;
887 	char *new_data = (char *) param + param->data_start;
888 	struct mapped_device *md;
889 	unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0;
890 
891 	if (new_data < param->data ||
892 	    invalid_str(new_data, (void *) param + param_size) || !*new_data ||
893 	    strlen(new_data) > (change_uuid ? DM_UUID_LEN - 1 : DM_NAME_LEN - 1)) {
894 		DMWARN("Invalid new mapped device name or uuid string supplied.");
895 		return -EINVAL;
896 	}
897 
898 	if (!change_uuid) {
899 		r = check_name(new_data);
900 		if (r)
901 			return r;
902 	}
903 
904 	md = dm_hash_rename(param, new_data);
905 	if (IS_ERR(md))
906 		return PTR_ERR(md);
907 
908 	__dev_status(md, param);
909 	dm_put(md);
910 
911 	return 0;
912 }
913 
914 static int dev_set_geometry(struct dm_ioctl *param, size_t param_size)
915 {
916 	int r = -EINVAL, x;
917 	struct mapped_device *md;
918 	struct hd_geometry geometry;
919 	unsigned long indata[4];
920 	char *geostr = (char *) param + param->data_start;
921 	char dummy;
922 
923 	md = find_device(param);
924 	if (!md)
925 		return -ENXIO;
926 
927 	if (geostr < param->data ||
928 	    invalid_str(geostr, (void *) param + param_size)) {
929 		DMWARN("Invalid geometry supplied.");
930 		goto out;
931 	}
932 
933 	x = sscanf(geostr, "%lu %lu %lu %lu%c", indata,
934 		   indata + 1, indata + 2, indata + 3, &dummy);
935 
936 	if (x != 4) {
937 		DMWARN("Unable to interpret geometry settings.");
938 		goto out;
939 	}
940 
941 	if (indata[0] > 65535 || indata[1] > 255 ||
942 	    indata[2] > 255 || indata[3] > ULONG_MAX) {
943 		DMWARN("Geometry exceeds range limits.");
944 		goto out;
945 	}
946 
947 	geometry.cylinders = indata[0];
948 	geometry.heads = indata[1];
949 	geometry.sectors = indata[2];
950 	geometry.start = indata[3];
951 
952 	r = dm_set_geometry(md, &geometry);
953 
954 	param->data_size = 0;
955 
956 out:
957 	dm_put(md);
958 	return r;
959 }
960 
961 static int do_suspend(struct dm_ioctl *param)
962 {
963 	int r = 0;
964 	unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG;
965 	struct mapped_device *md;
966 
967 	md = find_device(param);
968 	if (!md)
969 		return -ENXIO;
970 
971 	if (param->flags & DM_SKIP_LOCKFS_FLAG)
972 		suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG;
973 	if (param->flags & DM_NOFLUSH_FLAG)
974 		suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG;
975 
976 	if (!dm_suspended_md(md)) {
977 		r = dm_suspend(md, suspend_flags);
978 		if (r)
979 			goto out;
980 	}
981 
982 	__dev_status(md, param);
983 
984 out:
985 	dm_put(md);
986 
987 	return r;
988 }
989 
990 static int do_resume(struct dm_ioctl *param)
991 {
992 	int r = 0;
993 	unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG;
994 	struct hash_cell *hc;
995 	struct mapped_device *md;
996 	struct dm_table *new_map, *old_map = NULL;
997 
998 	down_write(&_hash_lock);
999 
1000 	hc = __find_device_hash_cell(param);
1001 	if (!hc) {
1002 		DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table.");
1003 		up_write(&_hash_lock);
1004 		return -ENXIO;
1005 	}
1006 
1007 	md = hc->md;
1008 
1009 	new_map = hc->new_map;
1010 	hc->new_map = NULL;
1011 	param->flags &= ~DM_INACTIVE_PRESENT_FLAG;
1012 
1013 	up_write(&_hash_lock);
1014 
1015 	/* Do we need to load a new map ? */
1016 	if (new_map) {
1017 		/* Suspend if it isn't already suspended */
1018 		if (param->flags & DM_SKIP_LOCKFS_FLAG)
1019 			suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG;
1020 		if (param->flags & DM_NOFLUSH_FLAG)
1021 			suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG;
1022 		if (!dm_suspended_md(md))
1023 			dm_suspend(md, suspend_flags);
1024 
1025 		old_map = dm_swap_table(md, new_map);
1026 		if (IS_ERR(old_map)) {
1027 			dm_sync_table(md);
1028 			dm_table_destroy(new_map);
1029 			dm_put(md);
1030 			return PTR_ERR(old_map);
1031 		}
1032 
1033 		if (dm_table_get_mode(new_map) & FMODE_WRITE)
1034 			set_disk_ro(dm_disk(md), 0);
1035 		else
1036 			set_disk_ro(dm_disk(md), 1);
1037 	}
1038 
1039 	if (dm_suspended_md(md)) {
1040 		r = dm_resume(md);
1041 		if (!r && !dm_kobject_uevent(md, KOBJ_CHANGE, param->event_nr))
1042 			param->flags |= DM_UEVENT_GENERATED_FLAG;
1043 	}
1044 
1045 	/*
1046 	 * Since dm_swap_table synchronizes RCU, nobody should be in
1047 	 * read-side critical section already.
1048 	 */
1049 	if (old_map)
1050 		dm_table_destroy(old_map);
1051 
1052 	if (!r)
1053 		__dev_status(md, param);
1054 
1055 	dm_put(md);
1056 	return r;
1057 }
1058 
1059 /*
1060  * Set or unset the suspension state of a device.
1061  * If the device already is in the requested state we just return its status.
1062  */
1063 static int dev_suspend(struct dm_ioctl *param, size_t param_size)
1064 {
1065 	if (param->flags & DM_SUSPEND_FLAG)
1066 		return do_suspend(param);
1067 
1068 	return do_resume(param);
1069 }
1070 
1071 /*
1072  * Copies device info back to user space, used by
1073  * the create and info ioctls.
1074  */
1075 static int dev_status(struct dm_ioctl *param, size_t param_size)
1076 {
1077 	struct mapped_device *md;
1078 
1079 	md = find_device(param);
1080 	if (!md)
1081 		return -ENXIO;
1082 
1083 	__dev_status(md, param);
1084 	dm_put(md);
1085 
1086 	return 0;
1087 }
1088 
1089 /*
1090  * Build up the status struct for each target
1091  */
1092 static void retrieve_status(struct dm_table *table,
1093 			    struct dm_ioctl *param, size_t param_size)
1094 {
1095 	unsigned int i, num_targets;
1096 	struct dm_target_spec *spec;
1097 	char *outbuf, *outptr;
1098 	status_type_t type;
1099 	size_t remaining, len, used = 0;
1100 	unsigned status_flags = 0;
1101 
1102 	outptr = outbuf = get_result_buffer(param, param_size, &len);
1103 
1104 	if (param->flags & DM_STATUS_TABLE_FLAG)
1105 		type = STATUSTYPE_TABLE;
1106 	else
1107 		type = STATUSTYPE_INFO;
1108 
1109 	/* Get all the target info */
1110 	num_targets = dm_table_get_num_targets(table);
1111 	for (i = 0; i < num_targets; i++) {
1112 		struct dm_target *ti = dm_table_get_target(table, i);
1113 		size_t l;
1114 
1115 		remaining = len - (outptr - outbuf);
1116 		if (remaining <= sizeof(struct dm_target_spec)) {
1117 			param->flags |= DM_BUFFER_FULL_FLAG;
1118 			break;
1119 		}
1120 
1121 		spec = (struct dm_target_spec *) outptr;
1122 
1123 		spec->status = 0;
1124 		spec->sector_start = ti->begin;
1125 		spec->length = ti->len;
1126 		strncpy(spec->target_type, ti->type->name,
1127 			sizeof(spec->target_type));
1128 
1129 		outptr += sizeof(struct dm_target_spec);
1130 		remaining = len - (outptr - outbuf);
1131 		if (remaining <= 0) {
1132 			param->flags |= DM_BUFFER_FULL_FLAG;
1133 			break;
1134 		}
1135 
1136 		/* Get the status/table string from the target driver */
1137 		if (ti->type->status) {
1138 			if (param->flags & DM_NOFLUSH_FLAG)
1139 				status_flags |= DM_STATUS_NOFLUSH_FLAG;
1140 			ti->type->status(ti, type, status_flags, outptr, remaining);
1141 		} else
1142 			outptr[0] = '\0';
1143 
1144 		l = strlen(outptr) + 1;
1145 		if (l == remaining) {
1146 			param->flags |= DM_BUFFER_FULL_FLAG;
1147 			break;
1148 		}
1149 
1150 		outptr += l;
1151 		used = param->data_start + (outptr - outbuf);
1152 
1153 		outptr = align_ptr(outptr);
1154 		spec->next = outptr - outbuf;
1155 	}
1156 
1157 	if (used)
1158 		param->data_size = used;
1159 
1160 	param->target_count = num_targets;
1161 }
1162 
1163 /*
1164  * Wait for a device to report an event
1165  */
1166 static int dev_wait(struct dm_ioctl *param, size_t param_size)
1167 {
1168 	int r = 0;
1169 	struct mapped_device *md;
1170 	struct dm_table *table;
1171 	int srcu_idx;
1172 
1173 	md = find_device(param);
1174 	if (!md)
1175 		return -ENXIO;
1176 
1177 	/*
1178 	 * Wait for a notification event
1179 	 */
1180 	if (dm_wait_event(md, param->event_nr)) {
1181 		r = -ERESTARTSYS;
1182 		goto out;
1183 	}
1184 
1185 	/*
1186 	 * The userland program is going to want to know what
1187 	 * changed to trigger the event, so we may as well tell
1188 	 * him and save an ioctl.
1189 	 */
1190 	__dev_status(md, param);
1191 
1192 	table = dm_get_live_or_inactive_table(md, param, &srcu_idx);
1193 	if (table)
1194 		retrieve_status(table, param, param_size);
1195 	dm_put_live_table(md, srcu_idx);
1196 
1197 out:
1198 	dm_put(md);
1199 
1200 	return r;
1201 }
1202 
1203 static inline fmode_t get_mode(struct dm_ioctl *param)
1204 {
1205 	fmode_t mode = FMODE_READ | FMODE_WRITE;
1206 
1207 	if (param->flags & DM_READONLY_FLAG)
1208 		mode = FMODE_READ;
1209 
1210 	return mode;
1211 }
1212 
1213 static int next_target(struct dm_target_spec *last, uint32_t next, void *end,
1214 		       struct dm_target_spec **spec, char **target_params)
1215 {
1216 	*spec = (struct dm_target_spec *) ((unsigned char *) last + next);
1217 	*target_params = (char *) (*spec + 1);
1218 
1219 	if (*spec < (last + 1))
1220 		return -EINVAL;
1221 
1222 	return invalid_str(*target_params, end);
1223 }
1224 
1225 static int populate_table(struct dm_table *table,
1226 			  struct dm_ioctl *param, size_t param_size)
1227 {
1228 	int r;
1229 	unsigned int i = 0;
1230 	struct dm_target_spec *spec = (struct dm_target_spec *) param;
1231 	uint32_t next = param->data_start;
1232 	void *end = (void *) param + param_size;
1233 	char *target_params;
1234 
1235 	if (!param->target_count) {
1236 		DMWARN("populate_table: no targets specified");
1237 		return -EINVAL;
1238 	}
1239 
1240 	for (i = 0; i < param->target_count; i++) {
1241 
1242 		r = next_target(spec, next, end, &spec, &target_params);
1243 		if (r) {
1244 			DMWARN("unable to find target");
1245 			return r;
1246 		}
1247 
1248 		r = dm_table_add_target(table, spec->target_type,
1249 					(sector_t) spec->sector_start,
1250 					(sector_t) spec->length,
1251 					target_params);
1252 		if (r) {
1253 			DMWARN("error adding target to table");
1254 			return r;
1255 		}
1256 
1257 		next = spec->next;
1258 	}
1259 
1260 	return dm_table_complete(table);
1261 }
1262 
1263 static bool is_valid_type(enum dm_queue_mode cur, enum dm_queue_mode new)
1264 {
1265 	if (cur == new ||
1266 	    (cur == DM_TYPE_BIO_BASED && new == DM_TYPE_DAX_BIO_BASED))
1267 		return true;
1268 
1269 	return false;
1270 }
1271 
1272 static int table_load(struct dm_ioctl *param, size_t param_size)
1273 {
1274 	int r;
1275 	struct hash_cell *hc;
1276 	struct dm_table *t, *old_map = NULL;
1277 	struct mapped_device *md;
1278 	struct target_type *immutable_target_type;
1279 
1280 	md = find_device(param);
1281 	if (!md)
1282 		return -ENXIO;
1283 
1284 	r = dm_table_create(&t, get_mode(param), param->target_count, md);
1285 	if (r)
1286 		goto err;
1287 
1288 	/* Protect md->type and md->queue against concurrent table loads. */
1289 	dm_lock_md_type(md);
1290 	r = populate_table(t, param, param_size);
1291 	if (r)
1292 		goto err_unlock_md_type;
1293 
1294 	immutable_target_type = dm_get_immutable_target_type(md);
1295 	if (immutable_target_type &&
1296 	    (immutable_target_type != dm_table_get_immutable_target_type(t)) &&
1297 	    !dm_table_get_wildcard_target(t)) {
1298 		DMWARN("can't replace immutable target type %s",
1299 		       immutable_target_type->name);
1300 		r = -EINVAL;
1301 		goto err_unlock_md_type;
1302 	}
1303 
1304 	if (dm_get_md_type(md) == DM_TYPE_NONE) {
1305 		/* Initial table load: acquire type of table. */
1306 		dm_set_md_type(md, dm_table_get_type(t));
1307 
1308 		/* setup md->queue to reflect md's type (may block) */
1309 		r = dm_setup_md_queue(md, t);
1310 		if (r) {
1311 			DMWARN("unable to set up device queue for new table.");
1312 			goto err_unlock_md_type;
1313 		}
1314 	} else if (!is_valid_type(dm_get_md_type(md), dm_table_get_type(t))) {
1315 		DMWARN("can't change device type after initial table load.");
1316 		r = -EINVAL;
1317 		goto err_unlock_md_type;
1318 	}
1319 
1320 	dm_unlock_md_type(md);
1321 
1322 	/* stage inactive table */
1323 	down_write(&_hash_lock);
1324 	hc = dm_get_mdptr(md);
1325 	if (!hc || hc->md != md) {
1326 		DMWARN("device has been removed from the dev hash table.");
1327 		up_write(&_hash_lock);
1328 		r = -ENXIO;
1329 		goto err_destroy_table;
1330 	}
1331 
1332 	if (hc->new_map)
1333 		old_map = hc->new_map;
1334 	hc->new_map = t;
1335 	up_write(&_hash_lock);
1336 
1337 	param->flags |= DM_INACTIVE_PRESENT_FLAG;
1338 	__dev_status(md, param);
1339 
1340 	if (old_map) {
1341 		dm_sync_table(md);
1342 		dm_table_destroy(old_map);
1343 	}
1344 
1345 	dm_put(md);
1346 
1347 	return 0;
1348 
1349 err_unlock_md_type:
1350 	dm_unlock_md_type(md);
1351 err_destroy_table:
1352 	dm_table_destroy(t);
1353 err:
1354 	dm_put(md);
1355 
1356 	return r;
1357 }
1358 
1359 static int table_clear(struct dm_ioctl *param, size_t param_size)
1360 {
1361 	struct hash_cell *hc;
1362 	struct mapped_device *md;
1363 	struct dm_table *old_map = NULL;
1364 
1365 	down_write(&_hash_lock);
1366 
1367 	hc = __find_device_hash_cell(param);
1368 	if (!hc) {
1369 		DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table.");
1370 		up_write(&_hash_lock);
1371 		return -ENXIO;
1372 	}
1373 
1374 	if (hc->new_map) {
1375 		old_map = hc->new_map;
1376 		hc->new_map = NULL;
1377 	}
1378 
1379 	param->flags &= ~DM_INACTIVE_PRESENT_FLAG;
1380 
1381 	__dev_status(hc->md, param);
1382 	md = hc->md;
1383 	up_write(&_hash_lock);
1384 	if (old_map) {
1385 		dm_sync_table(md);
1386 		dm_table_destroy(old_map);
1387 	}
1388 	dm_put(md);
1389 
1390 	return 0;
1391 }
1392 
1393 /*
1394  * Retrieves a list of devices used by a particular dm device.
1395  */
1396 static void retrieve_deps(struct dm_table *table,
1397 			  struct dm_ioctl *param, size_t param_size)
1398 {
1399 	unsigned int count = 0;
1400 	struct list_head *tmp;
1401 	size_t len, needed;
1402 	struct dm_dev_internal *dd;
1403 	struct dm_target_deps *deps;
1404 
1405 	deps = get_result_buffer(param, param_size, &len);
1406 
1407 	/*
1408 	 * Count the devices.
1409 	 */
1410 	list_for_each (tmp, dm_table_get_devices(table))
1411 		count++;
1412 
1413 	/*
1414 	 * Check we have enough space.
1415 	 */
1416 	needed = sizeof(*deps) + (sizeof(*deps->dev) * count);
1417 	if (len < needed) {
1418 		param->flags |= DM_BUFFER_FULL_FLAG;
1419 		return;
1420 	}
1421 
1422 	/*
1423 	 * Fill in the devices.
1424 	 */
1425 	deps->count = count;
1426 	count = 0;
1427 	list_for_each_entry (dd, dm_table_get_devices(table), list)
1428 		deps->dev[count++] = huge_encode_dev(dd->dm_dev->bdev->bd_dev);
1429 
1430 	param->data_size = param->data_start + needed;
1431 }
1432 
1433 static int table_deps(struct dm_ioctl *param, size_t param_size)
1434 {
1435 	struct mapped_device *md;
1436 	struct dm_table *table;
1437 	int srcu_idx;
1438 
1439 	md = find_device(param);
1440 	if (!md)
1441 		return -ENXIO;
1442 
1443 	__dev_status(md, param);
1444 
1445 	table = dm_get_live_or_inactive_table(md, param, &srcu_idx);
1446 	if (table)
1447 		retrieve_deps(table, param, param_size);
1448 	dm_put_live_table(md, srcu_idx);
1449 
1450 	dm_put(md);
1451 
1452 	return 0;
1453 }
1454 
1455 /*
1456  * Return the status of a device as a text string for each
1457  * target.
1458  */
1459 static int table_status(struct dm_ioctl *param, size_t param_size)
1460 {
1461 	struct mapped_device *md;
1462 	struct dm_table *table;
1463 	int srcu_idx;
1464 
1465 	md = find_device(param);
1466 	if (!md)
1467 		return -ENXIO;
1468 
1469 	__dev_status(md, param);
1470 
1471 	table = dm_get_live_or_inactive_table(md, param, &srcu_idx);
1472 	if (table)
1473 		retrieve_status(table, param, param_size);
1474 	dm_put_live_table(md, srcu_idx);
1475 
1476 	dm_put(md);
1477 
1478 	return 0;
1479 }
1480 
1481 /*
1482  * Process device-mapper dependent messages.  Messages prefixed with '@'
1483  * are processed by the DM core.  All others are delivered to the target.
1484  * Returns a number <= 1 if message was processed by device mapper.
1485  * Returns 2 if message should be delivered to the target.
1486  */
1487 static int message_for_md(struct mapped_device *md, unsigned argc, char **argv,
1488 			  char *result, unsigned maxlen)
1489 {
1490 	int r;
1491 
1492 	if (**argv != '@')
1493 		return 2; /* no '@' prefix, deliver to target */
1494 
1495 	if (!strcasecmp(argv[0], "@cancel_deferred_remove")) {
1496 		if (argc != 1) {
1497 			DMERR("Invalid arguments for @cancel_deferred_remove");
1498 			return -EINVAL;
1499 		}
1500 		return dm_cancel_deferred_remove(md);
1501 	}
1502 
1503 	r = dm_stats_message(md, argc, argv, result, maxlen);
1504 	if (r < 2)
1505 		return r;
1506 
1507 	DMERR("Unsupported message sent to DM core: %s", argv[0]);
1508 	return -EINVAL;
1509 }
1510 
1511 /*
1512  * Pass a message to the target that's at the supplied device offset.
1513  */
1514 static int target_message(struct dm_ioctl *param, size_t param_size)
1515 {
1516 	int r, argc;
1517 	char **argv;
1518 	struct mapped_device *md;
1519 	struct dm_table *table;
1520 	struct dm_target *ti;
1521 	struct dm_target_msg *tmsg = (void *) param + param->data_start;
1522 	size_t maxlen;
1523 	char *result = get_result_buffer(param, param_size, &maxlen);
1524 	int srcu_idx;
1525 
1526 	md = find_device(param);
1527 	if (!md)
1528 		return -ENXIO;
1529 
1530 	if (tmsg < (struct dm_target_msg *) param->data ||
1531 	    invalid_str(tmsg->message, (void *) param + param_size)) {
1532 		DMWARN("Invalid target message parameters.");
1533 		r = -EINVAL;
1534 		goto out;
1535 	}
1536 
1537 	r = dm_split_args(&argc, &argv, tmsg->message);
1538 	if (r) {
1539 		DMWARN("Failed to split target message parameters");
1540 		goto out;
1541 	}
1542 
1543 	if (!argc) {
1544 		DMWARN("Empty message received.");
1545 		goto out_argv;
1546 	}
1547 
1548 	r = message_for_md(md, argc, argv, result, maxlen);
1549 	if (r <= 1)
1550 		goto out_argv;
1551 
1552 	table = dm_get_live_table(md, &srcu_idx);
1553 	if (!table)
1554 		goto out_table;
1555 
1556 	if (dm_deleting_md(md)) {
1557 		r = -ENXIO;
1558 		goto out_table;
1559 	}
1560 
1561 	ti = dm_table_find_target(table, tmsg->sector);
1562 	if (!dm_target_is_valid(ti)) {
1563 		DMWARN("Target message sector outside device.");
1564 		r = -EINVAL;
1565 	} else if (ti->type->message)
1566 		r = ti->type->message(ti, argc, argv);
1567 	else {
1568 		DMWARN("Target type does not support messages");
1569 		r = -EINVAL;
1570 	}
1571 
1572  out_table:
1573 	dm_put_live_table(md, srcu_idx);
1574  out_argv:
1575 	kfree(argv);
1576  out:
1577 	if (r >= 0)
1578 		__dev_status(md, param);
1579 
1580 	if (r == 1) {
1581 		param->flags |= DM_DATA_OUT_FLAG;
1582 		if (dm_message_test_buffer_overflow(result, maxlen))
1583 			param->flags |= DM_BUFFER_FULL_FLAG;
1584 		else
1585 			param->data_size = param->data_start + strlen(result) + 1;
1586 		r = 0;
1587 	}
1588 
1589 	dm_put(md);
1590 	return r;
1591 }
1592 
1593 /*
1594  * The ioctl parameter block consists of two parts, a dm_ioctl struct
1595  * followed by a data buffer.  This flag is set if the second part,
1596  * which has a variable size, is not used by the function processing
1597  * the ioctl.
1598  */
1599 #define IOCTL_FLAGS_NO_PARAMS	1
1600 
1601 /*-----------------------------------------------------------------
1602  * Implementation of open/close/ioctl on the special char
1603  * device.
1604  *---------------------------------------------------------------*/
1605 static ioctl_fn lookup_ioctl(unsigned int cmd, int *ioctl_flags)
1606 {
1607 	static struct {
1608 		int cmd;
1609 		int flags;
1610 		ioctl_fn fn;
1611 	} _ioctls[] = {
1612 		{DM_VERSION_CMD, 0, NULL}, /* version is dealt with elsewhere */
1613 		{DM_REMOVE_ALL_CMD, IOCTL_FLAGS_NO_PARAMS, remove_all},
1614 		{DM_LIST_DEVICES_CMD, 0, list_devices},
1615 
1616 		{DM_DEV_CREATE_CMD, IOCTL_FLAGS_NO_PARAMS, dev_create},
1617 		{DM_DEV_REMOVE_CMD, IOCTL_FLAGS_NO_PARAMS, dev_remove},
1618 		{DM_DEV_RENAME_CMD, 0, dev_rename},
1619 		{DM_DEV_SUSPEND_CMD, IOCTL_FLAGS_NO_PARAMS, dev_suspend},
1620 		{DM_DEV_STATUS_CMD, IOCTL_FLAGS_NO_PARAMS, dev_status},
1621 		{DM_DEV_WAIT_CMD, 0, dev_wait},
1622 
1623 		{DM_TABLE_LOAD_CMD, 0, table_load},
1624 		{DM_TABLE_CLEAR_CMD, IOCTL_FLAGS_NO_PARAMS, table_clear},
1625 		{DM_TABLE_DEPS_CMD, 0, table_deps},
1626 		{DM_TABLE_STATUS_CMD, 0, table_status},
1627 
1628 		{DM_LIST_VERSIONS_CMD, 0, list_versions},
1629 
1630 		{DM_TARGET_MSG_CMD, 0, target_message},
1631 		{DM_DEV_SET_GEOMETRY_CMD, 0, dev_set_geometry}
1632 	};
1633 
1634 	if (unlikely(cmd >= ARRAY_SIZE(_ioctls)))
1635 		return NULL;
1636 
1637 	*ioctl_flags = _ioctls[cmd].flags;
1638 	return _ioctls[cmd].fn;
1639 }
1640 
1641 /*
1642  * As well as checking the version compatibility this always
1643  * copies the kernel interface version out.
1644  */
1645 static int check_version(unsigned int cmd, struct dm_ioctl __user *user)
1646 {
1647 	uint32_t version[3];
1648 	int r = 0;
1649 
1650 	if (copy_from_user(version, user->version, sizeof(version)))
1651 		return -EFAULT;
1652 
1653 	if ((DM_VERSION_MAJOR != version[0]) ||
1654 	    (DM_VERSION_MINOR < version[1])) {
1655 		DMWARN("ioctl interface mismatch: "
1656 		       "kernel(%u.%u.%u), user(%u.%u.%u), cmd(%d)",
1657 		       DM_VERSION_MAJOR, DM_VERSION_MINOR,
1658 		       DM_VERSION_PATCHLEVEL,
1659 		       version[0], version[1], version[2], cmd);
1660 		r = -EINVAL;
1661 	}
1662 
1663 	/*
1664 	 * Fill in the kernel version.
1665 	 */
1666 	version[0] = DM_VERSION_MAJOR;
1667 	version[1] = DM_VERSION_MINOR;
1668 	version[2] = DM_VERSION_PATCHLEVEL;
1669 	if (copy_to_user(user->version, version, sizeof(version)))
1670 		return -EFAULT;
1671 
1672 	return r;
1673 }
1674 
1675 #define DM_PARAMS_MALLOC	0x0001	/* Params allocated with kvmalloc() */
1676 #define DM_WIPE_BUFFER		0x0010	/* Wipe input buffer before returning from ioctl */
1677 
1678 static void free_params(struct dm_ioctl *param, size_t param_size, int param_flags)
1679 {
1680 	if (param_flags & DM_WIPE_BUFFER)
1681 		memset(param, 0, param_size);
1682 
1683 	if (param_flags & DM_PARAMS_MALLOC)
1684 		kvfree(param);
1685 }
1686 
1687 static int copy_params(struct dm_ioctl __user *user, struct dm_ioctl *param_kernel,
1688 		       int ioctl_flags,
1689 		       struct dm_ioctl **param, int *param_flags)
1690 {
1691 	struct dm_ioctl *dmi;
1692 	int secure_data;
1693 	const size_t minimum_data_size = offsetof(struct dm_ioctl, data);
1694 	unsigned noio_flag;
1695 
1696 	if (copy_from_user(param_kernel, user, minimum_data_size))
1697 		return -EFAULT;
1698 
1699 	if (param_kernel->data_size < minimum_data_size)
1700 		return -EINVAL;
1701 
1702 	secure_data = param_kernel->flags & DM_SECURE_DATA_FLAG;
1703 
1704 	*param_flags = secure_data ? DM_WIPE_BUFFER : 0;
1705 
1706 	if (ioctl_flags & IOCTL_FLAGS_NO_PARAMS) {
1707 		dmi = param_kernel;
1708 		dmi->data_size = minimum_data_size;
1709 		goto data_copied;
1710 	}
1711 
1712 	/*
1713 	 * Try to avoid low memory issues when a device is suspended.
1714 	 * Use kmalloc() rather than vmalloc() when we can.
1715 	 */
1716 	dmi = NULL;
1717 	noio_flag = memalloc_noio_save();
1718 	dmi = kvmalloc(param_kernel->data_size, GFP_KERNEL);
1719 	memalloc_noio_restore(noio_flag);
1720 
1721 	if (!dmi) {
1722 		if (secure_data && clear_user(user, param_kernel->data_size))
1723 			return -EFAULT;
1724 		return -ENOMEM;
1725 	}
1726 
1727 	*param_flags |= DM_PARAMS_MALLOC;
1728 
1729 	if (copy_from_user(dmi, user, param_kernel->data_size))
1730 		goto bad;
1731 
1732 data_copied:
1733 	/*
1734 	 * Abort if something changed the ioctl data while it was being copied.
1735 	 */
1736 	if (dmi->data_size != param_kernel->data_size) {
1737 		DMERR("rejecting ioctl: data size modified while processing parameters");
1738 		goto bad;
1739 	}
1740 
1741 	/* Wipe the user buffer so we do not return it to userspace */
1742 	if (secure_data && clear_user(user, param_kernel->data_size))
1743 		goto bad;
1744 
1745 	*param = dmi;
1746 	return 0;
1747 
1748 bad:
1749 	free_params(dmi, param_kernel->data_size, *param_flags);
1750 
1751 	return -EFAULT;
1752 }
1753 
1754 static int validate_params(uint cmd, struct dm_ioctl *param)
1755 {
1756 	/* Always clear this flag */
1757 	param->flags &= ~DM_BUFFER_FULL_FLAG;
1758 	param->flags &= ~DM_UEVENT_GENERATED_FLAG;
1759 	param->flags &= ~DM_SECURE_DATA_FLAG;
1760 	param->flags &= ~DM_DATA_OUT_FLAG;
1761 
1762 	/* Ignores parameters */
1763 	if (cmd == DM_REMOVE_ALL_CMD ||
1764 	    cmd == DM_LIST_DEVICES_CMD ||
1765 	    cmd == DM_LIST_VERSIONS_CMD)
1766 		return 0;
1767 
1768 	if (cmd == DM_DEV_CREATE_CMD) {
1769 		if (!*param->name) {
1770 			DMWARN("name not supplied when creating device");
1771 			return -EINVAL;
1772 		}
1773 	} else if (*param->uuid && *param->name) {
1774 		DMWARN("only supply one of name or uuid, cmd(%u)", cmd);
1775 		return -EINVAL;
1776 	}
1777 
1778 	/* Ensure strings are terminated */
1779 	param->name[DM_NAME_LEN - 1] = '\0';
1780 	param->uuid[DM_UUID_LEN - 1] = '\0';
1781 
1782 	return 0;
1783 }
1784 
1785 static int ctl_ioctl(uint command, struct dm_ioctl __user *user)
1786 {
1787 	int r = 0;
1788 	int ioctl_flags;
1789 	int param_flags;
1790 	unsigned int cmd;
1791 	struct dm_ioctl *uninitialized_var(param);
1792 	ioctl_fn fn = NULL;
1793 	size_t input_param_size;
1794 	struct dm_ioctl param_kernel;
1795 
1796 	/* only root can play with this */
1797 	if (!capable(CAP_SYS_ADMIN))
1798 		return -EACCES;
1799 
1800 	if (_IOC_TYPE(command) != DM_IOCTL)
1801 		return -ENOTTY;
1802 
1803 	cmd = _IOC_NR(command);
1804 
1805 	/*
1806 	 * Check the interface version passed in.  This also
1807 	 * writes out the kernel's interface version.
1808 	 */
1809 	r = check_version(cmd, user);
1810 	if (r)
1811 		return r;
1812 
1813 	/*
1814 	 * Nothing more to do for the version command.
1815 	 */
1816 	if (cmd == DM_VERSION_CMD)
1817 		return 0;
1818 
1819 	fn = lookup_ioctl(cmd, &ioctl_flags);
1820 	if (!fn) {
1821 		DMWARN("dm_ctl_ioctl: unknown command 0x%x", command);
1822 		return -ENOTTY;
1823 	}
1824 
1825 	/*
1826 	 * Copy the parameters into kernel space.
1827 	 */
1828 	r = copy_params(user, &param_kernel, ioctl_flags, &param, &param_flags);
1829 
1830 	if (r)
1831 		return r;
1832 
1833 	input_param_size = param->data_size;
1834 	r = validate_params(cmd, param);
1835 	if (r)
1836 		goto out;
1837 
1838 	param->data_size = offsetof(struct dm_ioctl, data);
1839 	r = fn(param, input_param_size);
1840 
1841 	if (unlikely(param->flags & DM_BUFFER_FULL_FLAG) &&
1842 	    unlikely(ioctl_flags & IOCTL_FLAGS_NO_PARAMS))
1843 		DMERR("ioctl %d tried to output some data but has IOCTL_FLAGS_NO_PARAMS set", cmd);
1844 
1845 	/*
1846 	 * Copy the results back to userland.
1847 	 */
1848 	if (!r && copy_to_user(user, param, param->data_size))
1849 		r = -EFAULT;
1850 
1851 out:
1852 	free_params(param, input_param_size, param_flags);
1853 	return r;
1854 }
1855 
1856 static long dm_ctl_ioctl(struct file *file, uint command, ulong u)
1857 {
1858 	return (long)ctl_ioctl(command, (struct dm_ioctl __user *)u);
1859 }
1860 
1861 #ifdef CONFIG_COMPAT
1862 static long dm_compat_ctl_ioctl(struct file *file, uint command, ulong u)
1863 {
1864 	return (long)dm_ctl_ioctl(file, command, (ulong) compat_ptr(u));
1865 }
1866 #else
1867 #define dm_compat_ctl_ioctl NULL
1868 #endif
1869 
1870 static const struct file_operations _ctl_fops = {
1871 	.open = nonseekable_open,
1872 	.unlocked_ioctl	 = dm_ctl_ioctl,
1873 	.compat_ioctl = dm_compat_ctl_ioctl,
1874 	.owner	 = THIS_MODULE,
1875 	.llseek  = noop_llseek,
1876 };
1877 
1878 static struct miscdevice _dm_misc = {
1879 	.minor		= MAPPER_CTRL_MINOR,
1880 	.name  		= DM_NAME,
1881 	.nodename	= DM_DIR "/" DM_CONTROL_NODE,
1882 	.fops  		= &_ctl_fops
1883 };
1884 
1885 MODULE_ALIAS_MISCDEV(MAPPER_CTRL_MINOR);
1886 MODULE_ALIAS("devname:" DM_DIR "/" DM_CONTROL_NODE);
1887 
1888 /*
1889  * Create misc character device and link to DM_DIR/control.
1890  */
1891 int __init dm_interface_init(void)
1892 {
1893 	int r;
1894 
1895 	r = dm_hash_init();
1896 	if (r)
1897 		return r;
1898 
1899 	r = misc_register(&_dm_misc);
1900 	if (r) {
1901 		DMERR("misc_register failed for control device");
1902 		dm_hash_exit();
1903 		return r;
1904 	}
1905 
1906 	DMINFO("%d.%d.%d%s initialised: %s", DM_VERSION_MAJOR,
1907 	       DM_VERSION_MINOR, DM_VERSION_PATCHLEVEL, DM_VERSION_EXTRA,
1908 	       DM_DRIVER_EMAIL);
1909 	return 0;
1910 }
1911 
1912 void dm_interface_exit(void)
1913 {
1914 	misc_deregister(&_dm_misc);
1915 	dm_hash_exit();
1916 }
1917 
1918 /**
1919  * dm_copy_name_and_uuid - Copy mapped device name & uuid into supplied buffers
1920  * @md: Pointer to mapped_device
1921  * @name: Buffer (size DM_NAME_LEN) for name
1922  * @uuid: Buffer (size DM_UUID_LEN) for uuid or empty string if uuid not defined
1923  */
1924 int dm_copy_name_and_uuid(struct mapped_device *md, char *name, char *uuid)
1925 {
1926 	int r = 0;
1927 	struct hash_cell *hc;
1928 
1929 	if (!md)
1930 		return -ENXIO;
1931 
1932 	mutex_lock(&dm_hash_cells_mutex);
1933 	hc = dm_get_mdptr(md);
1934 	if (!hc || hc->md != md) {
1935 		r = -ENXIO;
1936 		goto out;
1937 	}
1938 
1939 	if (name)
1940 		strcpy(name, hc->name);
1941 	if (uuid)
1942 		strcpy(uuid, hc->uuid ? : "");
1943 
1944 out:
1945 	mutex_unlock(&dm_hash_cells_mutex);
1946 
1947 	return r;
1948 }
1949