1 /* 2 * Copyright (C) 2001, 2002 Sistina Software (UK) Limited. 3 * Copyright (C) 2004 - 2006 Red Hat, Inc. All rights reserved. 4 * 5 * This file is released under the GPL. 6 */ 7 8 #include "dm-core.h" 9 10 #include <linux/module.h> 11 #include <linux/vmalloc.h> 12 #include <linux/miscdevice.h> 13 #include <linux/sched/mm.h> 14 #include <linux/init.h> 15 #include <linux/wait.h> 16 #include <linux/slab.h> 17 #include <linux/dm-ioctl.h> 18 #include <linux/hdreg.h> 19 #include <linux/compat.h> 20 21 #include <linux/uaccess.h> 22 23 #define DM_MSG_PREFIX "ioctl" 24 #define DM_DRIVER_EMAIL "dm-devel@redhat.com" 25 26 /*----------------------------------------------------------------- 27 * The ioctl interface needs to be able to look up devices by 28 * name or uuid. 29 *---------------------------------------------------------------*/ 30 struct hash_cell { 31 struct list_head name_list; 32 struct list_head uuid_list; 33 34 char *name; 35 char *uuid; 36 struct mapped_device *md; 37 struct dm_table *new_map; 38 }; 39 40 struct vers_iter { 41 size_t param_size; 42 struct dm_target_versions *vers, *old_vers; 43 char *end; 44 uint32_t flags; 45 }; 46 47 48 #define NUM_BUCKETS 64 49 #define MASK_BUCKETS (NUM_BUCKETS - 1) 50 static struct list_head _name_buckets[NUM_BUCKETS]; 51 static struct list_head _uuid_buckets[NUM_BUCKETS]; 52 53 static void dm_hash_remove_all(bool keep_open_devices, bool mark_deferred, bool only_deferred); 54 55 /* 56 * Guards access to both hash tables. 57 */ 58 static DECLARE_RWSEM(_hash_lock); 59 60 /* 61 * Protects use of mdptr to obtain hash cell name and uuid from mapped device. 62 */ 63 static DEFINE_MUTEX(dm_hash_cells_mutex); 64 65 static void init_buckets(struct list_head *buckets) 66 { 67 unsigned int i; 68 69 for (i = 0; i < NUM_BUCKETS; i++) 70 INIT_LIST_HEAD(buckets + i); 71 } 72 73 static int dm_hash_init(void) 74 { 75 init_buckets(_name_buckets); 76 init_buckets(_uuid_buckets); 77 return 0; 78 } 79 80 static void dm_hash_exit(void) 81 { 82 dm_hash_remove_all(false, false, false); 83 } 84 85 /*----------------------------------------------------------------- 86 * Hash function: 87 * We're not really concerned with the str hash function being 88 * fast since it's only used by the ioctl interface. 89 *---------------------------------------------------------------*/ 90 static unsigned int hash_str(const char *str) 91 { 92 const unsigned int hash_mult = 2654435387U; 93 unsigned int h = 0; 94 95 while (*str) 96 h = (h + (unsigned int) *str++) * hash_mult; 97 98 return h & MASK_BUCKETS; 99 } 100 101 /*----------------------------------------------------------------- 102 * Code for looking up a device by name 103 *---------------------------------------------------------------*/ 104 static struct hash_cell *__get_name_cell(const char *str) 105 { 106 struct hash_cell *hc; 107 unsigned int h = hash_str(str); 108 109 list_for_each_entry (hc, _name_buckets + h, name_list) 110 if (!strcmp(hc->name, str)) { 111 dm_get(hc->md); 112 return hc; 113 } 114 115 return NULL; 116 } 117 118 static struct hash_cell *__get_uuid_cell(const char *str) 119 { 120 struct hash_cell *hc; 121 unsigned int h = hash_str(str); 122 123 list_for_each_entry (hc, _uuid_buckets + h, uuid_list) 124 if (!strcmp(hc->uuid, str)) { 125 dm_get(hc->md); 126 return hc; 127 } 128 129 return NULL; 130 } 131 132 static struct hash_cell *__get_dev_cell(uint64_t dev) 133 { 134 struct mapped_device *md; 135 struct hash_cell *hc; 136 137 md = dm_get_md(huge_decode_dev(dev)); 138 if (!md) 139 return NULL; 140 141 hc = dm_get_mdptr(md); 142 if (!hc) { 143 dm_put(md); 144 return NULL; 145 } 146 147 return hc; 148 } 149 150 /*----------------------------------------------------------------- 151 * Inserting, removing and renaming a device. 152 *---------------------------------------------------------------*/ 153 static struct hash_cell *alloc_cell(const char *name, const char *uuid, 154 struct mapped_device *md) 155 { 156 struct hash_cell *hc; 157 158 hc = kmalloc(sizeof(*hc), GFP_KERNEL); 159 if (!hc) 160 return NULL; 161 162 hc->name = kstrdup(name, GFP_KERNEL); 163 if (!hc->name) { 164 kfree(hc); 165 return NULL; 166 } 167 168 if (!uuid) 169 hc->uuid = NULL; 170 171 else { 172 hc->uuid = kstrdup(uuid, GFP_KERNEL); 173 if (!hc->uuid) { 174 kfree(hc->name); 175 kfree(hc); 176 return NULL; 177 } 178 } 179 180 INIT_LIST_HEAD(&hc->name_list); 181 INIT_LIST_HEAD(&hc->uuid_list); 182 hc->md = md; 183 hc->new_map = NULL; 184 return hc; 185 } 186 187 static void free_cell(struct hash_cell *hc) 188 { 189 if (hc) { 190 kfree(hc->name); 191 kfree(hc->uuid); 192 kfree(hc); 193 } 194 } 195 196 /* 197 * The kdev_t and uuid of a device can never change once it is 198 * initially inserted. 199 */ 200 static int dm_hash_insert(const char *name, const char *uuid, struct mapped_device *md) 201 { 202 struct hash_cell *cell, *hc; 203 204 /* 205 * Allocate the new cells. 206 */ 207 cell = alloc_cell(name, uuid, md); 208 if (!cell) 209 return -ENOMEM; 210 211 /* 212 * Insert the cell into both hash tables. 213 */ 214 down_write(&_hash_lock); 215 hc = __get_name_cell(name); 216 if (hc) { 217 dm_put(hc->md); 218 goto bad; 219 } 220 221 list_add(&cell->name_list, _name_buckets + hash_str(name)); 222 223 if (uuid) { 224 hc = __get_uuid_cell(uuid); 225 if (hc) { 226 list_del(&cell->name_list); 227 dm_put(hc->md); 228 goto bad; 229 } 230 list_add(&cell->uuid_list, _uuid_buckets + hash_str(uuid)); 231 } 232 dm_get(md); 233 mutex_lock(&dm_hash_cells_mutex); 234 dm_set_mdptr(md, cell); 235 mutex_unlock(&dm_hash_cells_mutex); 236 up_write(&_hash_lock); 237 238 return 0; 239 240 bad: 241 up_write(&_hash_lock); 242 free_cell(cell); 243 return -EBUSY; 244 } 245 246 static struct dm_table *__hash_remove(struct hash_cell *hc) 247 { 248 struct dm_table *table; 249 int srcu_idx; 250 251 /* remove from the dev hash */ 252 list_del(&hc->uuid_list); 253 list_del(&hc->name_list); 254 mutex_lock(&dm_hash_cells_mutex); 255 dm_set_mdptr(hc->md, NULL); 256 mutex_unlock(&dm_hash_cells_mutex); 257 258 table = dm_get_live_table(hc->md, &srcu_idx); 259 if (table) 260 dm_table_event(table); 261 dm_put_live_table(hc->md, srcu_idx); 262 263 table = NULL; 264 if (hc->new_map) 265 table = hc->new_map; 266 dm_put(hc->md); 267 free_cell(hc); 268 269 return table; 270 } 271 272 static void dm_hash_remove_all(bool keep_open_devices, bool mark_deferred, bool only_deferred) 273 { 274 int i, dev_skipped; 275 struct hash_cell *hc; 276 struct mapped_device *md; 277 struct dm_table *t; 278 279 retry: 280 dev_skipped = 0; 281 282 down_write(&_hash_lock); 283 284 for (i = 0; i < NUM_BUCKETS; i++) { 285 list_for_each_entry(hc, _name_buckets + i, name_list) { 286 md = hc->md; 287 dm_get(md); 288 289 if (keep_open_devices && 290 dm_lock_for_deletion(md, mark_deferred, only_deferred)) { 291 dm_put(md); 292 dev_skipped++; 293 continue; 294 } 295 296 t = __hash_remove(hc); 297 298 up_write(&_hash_lock); 299 300 if (t) { 301 dm_sync_table(md); 302 dm_table_destroy(t); 303 } 304 dm_put(md); 305 if (likely(keep_open_devices)) 306 dm_destroy(md); 307 else 308 dm_destroy_immediate(md); 309 310 /* 311 * Some mapped devices may be using other mapped 312 * devices, so repeat until we make no further 313 * progress. If a new mapped device is created 314 * here it will also get removed. 315 */ 316 goto retry; 317 } 318 } 319 320 up_write(&_hash_lock); 321 322 if (dev_skipped) 323 DMWARN("remove_all left %d open device(s)", dev_skipped); 324 } 325 326 /* 327 * Set the uuid of a hash_cell that isn't already set. 328 */ 329 static void __set_cell_uuid(struct hash_cell *hc, char *new_uuid) 330 { 331 mutex_lock(&dm_hash_cells_mutex); 332 hc->uuid = new_uuid; 333 mutex_unlock(&dm_hash_cells_mutex); 334 335 list_add(&hc->uuid_list, _uuid_buckets + hash_str(new_uuid)); 336 } 337 338 /* 339 * Changes the name of a hash_cell and returns the old name for 340 * the caller to free. 341 */ 342 static char *__change_cell_name(struct hash_cell *hc, char *new_name) 343 { 344 char *old_name; 345 346 /* 347 * Rename and move the name cell. 348 */ 349 list_del(&hc->name_list); 350 old_name = hc->name; 351 352 mutex_lock(&dm_hash_cells_mutex); 353 hc->name = new_name; 354 mutex_unlock(&dm_hash_cells_mutex); 355 356 list_add(&hc->name_list, _name_buckets + hash_str(new_name)); 357 358 return old_name; 359 } 360 361 static struct mapped_device *dm_hash_rename(struct dm_ioctl *param, 362 const char *new) 363 { 364 char *new_data, *old_name = NULL; 365 struct hash_cell *hc; 366 struct dm_table *table; 367 struct mapped_device *md; 368 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 369 int srcu_idx; 370 371 /* 372 * duplicate new. 373 */ 374 new_data = kstrdup(new, GFP_KERNEL); 375 if (!new_data) 376 return ERR_PTR(-ENOMEM); 377 378 down_write(&_hash_lock); 379 380 /* 381 * Is new free ? 382 */ 383 if (change_uuid) 384 hc = __get_uuid_cell(new); 385 else 386 hc = __get_name_cell(new); 387 388 if (hc) { 389 DMWARN("Unable to change %s on mapped device %s to one that " 390 "already exists: %s", 391 change_uuid ? "uuid" : "name", 392 param->name, new); 393 dm_put(hc->md); 394 up_write(&_hash_lock); 395 kfree(new_data); 396 return ERR_PTR(-EBUSY); 397 } 398 399 /* 400 * Is there such a device as 'old' ? 401 */ 402 hc = __get_name_cell(param->name); 403 if (!hc) { 404 DMWARN("Unable to rename non-existent device, %s to %s%s", 405 param->name, change_uuid ? "uuid " : "", new); 406 up_write(&_hash_lock); 407 kfree(new_data); 408 return ERR_PTR(-ENXIO); 409 } 410 411 /* 412 * Does this device already have a uuid? 413 */ 414 if (change_uuid && hc->uuid) { 415 DMWARN("Unable to change uuid of mapped device %s to %s " 416 "because uuid is already set to %s", 417 param->name, new, hc->uuid); 418 dm_put(hc->md); 419 up_write(&_hash_lock); 420 kfree(new_data); 421 return ERR_PTR(-EINVAL); 422 } 423 424 if (change_uuid) 425 __set_cell_uuid(hc, new_data); 426 else 427 old_name = __change_cell_name(hc, new_data); 428 429 /* 430 * Wake up any dm event waiters. 431 */ 432 table = dm_get_live_table(hc->md, &srcu_idx); 433 if (table) 434 dm_table_event(table); 435 dm_put_live_table(hc->md, srcu_idx); 436 437 if (!dm_kobject_uevent(hc->md, KOBJ_CHANGE, param->event_nr)) 438 param->flags |= DM_UEVENT_GENERATED_FLAG; 439 440 md = hc->md; 441 up_write(&_hash_lock); 442 kfree(old_name); 443 444 return md; 445 } 446 447 void dm_deferred_remove(void) 448 { 449 dm_hash_remove_all(true, false, true); 450 } 451 452 /*----------------------------------------------------------------- 453 * Implementation of the ioctl commands 454 *---------------------------------------------------------------*/ 455 /* 456 * All the ioctl commands get dispatched to functions with this 457 * prototype. 458 */ 459 typedef int (*ioctl_fn)(struct dm_ioctl *param, size_t param_size); 460 461 static int remove_all(struct dm_ioctl *param, size_t param_size) 462 { 463 dm_hash_remove_all(true, !!(param->flags & DM_DEFERRED_REMOVE), false); 464 param->data_size = 0; 465 return 0; 466 } 467 468 /* 469 * Round up the ptr to an 8-byte boundary. 470 */ 471 #define ALIGN_MASK 7 472 static inline void *align_ptr(void *ptr) 473 { 474 return (void *) (((size_t) (ptr + ALIGN_MASK)) & ~ALIGN_MASK); 475 } 476 477 /* 478 * Retrieves the data payload buffer from an already allocated 479 * struct dm_ioctl. 480 */ 481 static void *get_result_buffer(struct dm_ioctl *param, size_t param_size, 482 size_t *len) 483 { 484 param->data_start = align_ptr(param + 1) - (void *) param; 485 486 if (param->data_start < param_size) 487 *len = param_size - param->data_start; 488 else 489 *len = 0; 490 491 return ((void *) param) + param->data_start; 492 } 493 494 static int list_devices(struct dm_ioctl *param, size_t param_size) 495 { 496 unsigned int i; 497 struct hash_cell *hc; 498 size_t len, needed = 0; 499 struct gendisk *disk; 500 struct dm_name_list *nl, *old_nl = NULL; 501 502 down_write(&_hash_lock); 503 504 /* 505 * Loop through all the devices working out how much 506 * space we need. 507 */ 508 for (i = 0; i < NUM_BUCKETS; i++) { 509 list_for_each_entry (hc, _name_buckets + i, name_list) { 510 needed += sizeof(struct dm_name_list); 511 needed += strlen(hc->name) + 1; 512 needed += ALIGN_MASK; 513 } 514 } 515 516 /* 517 * Grab our output buffer. 518 */ 519 nl = get_result_buffer(param, param_size, &len); 520 if (len < needed) { 521 param->flags |= DM_BUFFER_FULL_FLAG; 522 goto out; 523 } 524 param->data_size = param->data_start + needed; 525 526 nl->dev = 0; /* Flags no data */ 527 528 /* 529 * Now loop through filling out the names. 530 */ 531 for (i = 0; i < NUM_BUCKETS; i++) { 532 list_for_each_entry (hc, _name_buckets + i, name_list) { 533 if (old_nl) 534 old_nl->next = (uint32_t) ((void *) nl - 535 (void *) old_nl); 536 disk = dm_disk(hc->md); 537 nl->dev = huge_encode_dev(disk_devt(disk)); 538 nl->next = 0; 539 strcpy(nl->name, hc->name); 540 541 old_nl = nl; 542 nl = align_ptr(((void *) ++nl) + strlen(hc->name) + 1); 543 } 544 } 545 546 out: 547 up_write(&_hash_lock); 548 return 0; 549 } 550 551 static void list_version_get_needed(struct target_type *tt, void *needed_param) 552 { 553 size_t *needed = needed_param; 554 555 *needed += sizeof(struct dm_target_versions); 556 *needed += strlen(tt->name); 557 *needed += ALIGN_MASK; 558 } 559 560 static void list_version_get_info(struct target_type *tt, void *param) 561 { 562 struct vers_iter *info = param; 563 564 /* Check space - it might have changed since the first iteration */ 565 if ((char *)info->vers + sizeof(tt->version) + strlen(tt->name) + 1 > 566 info->end) { 567 568 info->flags = DM_BUFFER_FULL_FLAG; 569 return; 570 } 571 572 if (info->old_vers) 573 info->old_vers->next = (uint32_t) ((void *)info->vers - 574 (void *)info->old_vers); 575 info->vers->version[0] = tt->version[0]; 576 info->vers->version[1] = tt->version[1]; 577 info->vers->version[2] = tt->version[2]; 578 info->vers->next = 0; 579 strcpy(info->vers->name, tt->name); 580 581 info->old_vers = info->vers; 582 info->vers = align_ptr(((void *) ++info->vers) + strlen(tt->name) + 1); 583 } 584 585 static int list_versions(struct dm_ioctl *param, size_t param_size) 586 { 587 size_t len, needed = 0; 588 struct dm_target_versions *vers; 589 struct vers_iter iter_info; 590 591 /* 592 * Loop through all the devices working out how much 593 * space we need. 594 */ 595 dm_target_iterate(list_version_get_needed, &needed); 596 597 /* 598 * Grab our output buffer. 599 */ 600 vers = get_result_buffer(param, param_size, &len); 601 if (len < needed) { 602 param->flags |= DM_BUFFER_FULL_FLAG; 603 goto out; 604 } 605 param->data_size = param->data_start + needed; 606 607 iter_info.param_size = param_size; 608 iter_info.old_vers = NULL; 609 iter_info.vers = vers; 610 iter_info.flags = 0; 611 iter_info.end = (char *)vers+len; 612 613 /* 614 * Now loop through filling out the names & versions. 615 */ 616 dm_target_iterate(list_version_get_info, &iter_info); 617 param->flags |= iter_info.flags; 618 619 out: 620 return 0; 621 } 622 623 static int check_name(const char *name) 624 { 625 if (strchr(name, '/')) { 626 DMWARN("invalid device name"); 627 return -EINVAL; 628 } 629 630 return 0; 631 } 632 633 /* 634 * On successful return, the caller must not attempt to acquire 635 * _hash_lock without first calling dm_put_live_table, because dm_table_destroy 636 * waits for this dm_put_live_table and could be called under this lock. 637 */ 638 static struct dm_table *dm_get_inactive_table(struct mapped_device *md, int *srcu_idx) 639 { 640 struct hash_cell *hc; 641 struct dm_table *table = NULL; 642 643 /* increment rcu count, we don't care about the table pointer */ 644 dm_get_live_table(md, srcu_idx); 645 646 down_read(&_hash_lock); 647 hc = dm_get_mdptr(md); 648 if (!hc || hc->md != md) { 649 DMWARN("device has been removed from the dev hash table."); 650 goto out; 651 } 652 653 table = hc->new_map; 654 655 out: 656 up_read(&_hash_lock); 657 658 return table; 659 } 660 661 static struct dm_table *dm_get_live_or_inactive_table(struct mapped_device *md, 662 struct dm_ioctl *param, 663 int *srcu_idx) 664 { 665 return (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) ? 666 dm_get_inactive_table(md, srcu_idx) : dm_get_live_table(md, srcu_idx); 667 } 668 669 /* 670 * Fills in a dm_ioctl structure, ready for sending back to 671 * userland. 672 */ 673 static void __dev_status(struct mapped_device *md, struct dm_ioctl *param) 674 { 675 struct gendisk *disk = dm_disk(md); 676 struct dm_table *table; 677 int srcu_idx; 678 679 param->flags &= ~(DM_SUSPEND_FLAG | DM_READONLY_FLAG | 680 DM_ACTIVE_PRESENT_FLAG | DM_INTERNAL_SUSPEND_FLAG); 681 682 if (dm_suspended_md(md)) 683 param->flags |= DM_SUSPEND_FLAG; 684 685 if (dm_suspended_internally_md(md)) 686 param->flags |= DM_INTERNAL_SUSPEND_FLAG; 687 688 if (dm_test_deferred_remove_flag(md)) 689 param->flags |= DM_DEFERRED_REMOVE; 690 691 param->dev = huge_encode_dev(disk_devt(disk)); 692 693 /* 694 * Yes, this will be out of date by the time it gets back 695 * to userland, but it is still very useful for 696 * debugging. 697 */ 698 param->open_count = dm_open_count(md); 699 700 param->event_nr = dm_get_event_nr(md); 701 param->target_count = 0; 702 703 table = dm_get_live_table(md, &srcu_idx); 704 if (table) { 705 if (!(param->flags & DM_QUERY_INACTIVE_TABLE_FLAG)) { 706 if (get_disk_ro(disk)) 707 param->flags |= DM_READONLY_FLAG; 708 param->target_count = dm_table_get_num_targets(table); 709 } 710 711 param->flags |= DM_ACTIVE_PRESENT_FLAG; 712 } 713 dm_put_live_table(md, srcu_idx); 714 715 if (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) { 716 int srcu_idx; 717 table = dm_get_inactive_table(md, &srcu_idx); 718 if (table) { 719 if (!(dm_table_get_mode(table) & FMODE_WRITE)) 720 param->flags |= DM_READONLY_FLAG; 721 param->target_count = dm_table_get_num_targets(table); 722 } 723 dm_put_live_table(md, srcu_idx); 724 } 725 } 726 727 static int dev_create(struct dm_ioctl *param, size_t param_size) 728 { 729 int r, m = DM_ANY_MINOR; 730 struct mapped_device *md; 731 732 r = check_name(param->name); 733 if (r) 734 return r; 735 736 if (param->flags & DM_PERSISTENT_DEV_FLAG) 737 m = MINOR(huge_decode_dev(param->dev)); 738 739 r = dm_create(m, &md); 740 if (r) 741 return r; 742 743 r = dm_hash_insert(param->name, *param->uuid ? param->uuid : NULL, md); 744 if (r) { 745 dm_put(md); 746 dm_destroy(md); 747 return r; 748 } 749 750 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 751 752 __dev_status(md, param); 753 754 dm_put(md); 755 756 return 0; 757 } 758 759 /* 760 * Always use UUID for lookups if it's present, otherwise use name or dev. 761 */ 762 static struct hash_cell *__find_device_hash_cell(struct dm_ioctl *param) 763 { 764 struct hash_cell *hc = NULL; 765 766 if (*param->uuid) { 767 if (*param->name || param->dev) 768 return NULL; 769 770 hc = __get_uuid_cell(param->uuid); 771 if (!hc) 772 return NULL; 773 } else if (*param->name) { 774 if (param->dev) 775 return NULL; 776 777 hc = __get_name_cell(param->name); 778 if (!hc) 779 return NULL; 780 } else if (param->dev) { 781 hc = __get_dev_cell(param->dev); 782 if (!hc) 783 return NULL; 784 } else 785 return NULL; 786 787 /* 788 * Sneakily write in both the name and the uuid 789 * while we have the cell. 790 */ 791 strlcpy(param->name, hc->name, sizeof(param->name)); 792 if (hc->uuid) 793 strlcpy(param->uuid, hc->uuid, sizeof(param->uuid)); 794 else 795 param->uuid[0] = '\0'; 796 797 if (hc->new_map) 798 param->flags |= DM_INACTIVE_PRESENT_FLAG; 799 else 800 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 801 802 return hc; 803 } 804 805 static struct mapped_device *find_device(struct dm_ioctl *param) 806 { 807 struct hash_cell *hc; 808 struct mapped_device *md = NULL; 809 810 down_read(&_hash_lock); 811 hc = __find_device_hash_cell(param); 812 if (hc) 813 md = hc->md; 814 up_read(&_hash_lock); 815 816 return md; 817 } 818 819 static int dev_remove(struct dm_ioctl *param, size_t param_size) 820 { 821 struct hash_cell *hc; 822 struct mapped_device *md; 823 int r; 824 struct dm_table *t; 825 826 down_write(&_hash_lock); 827 hc = __find_device_hash_cell(param); 828 829 if (!hc) { 830 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 831 up_write(&_hash_lock); 832 return -ENXIO; 833 } 834 835 md = hc->md; 836 837 /* 838 * Ensure the device is not open and nothing further can open it. 839 */ 840 r = dm_lock_for_deletion(md, !!(param->flags & DM_DEFERRED_REMOVE), false); 841 if (r) { 842 if (r == -EBUSY && param->flags & DM_DEFERRED_REMOVE) { 843 up_write(&_hash_lock); 844 dm_put(md); 845 return 0; 846 } 847 DMDEBUG_LIMIT("unable to remove open device %s", hc->name); 848 up_write(&_hash_lock); 849 dm_put(md); 850 return r; 851 } 852 853 t = __hash_remove(hc); 854 up_write(&_hash_lock); 855 856 if (t) { 857 dm_sync_table(md); 858 dm_table_destroy(t); 859 } 860 861 param->flags &= ~DM_DEFERRED_REMOVE; 862 863 if (!dm_kobject_uevent(md, KOBJ_REMOVE, param->event_nr)) 864 param->flags |= DM_UEVENT_GENERATED_FLAG; 865 866 dm_put(md); 867 dm_destroy(md); 868 return 0; 869 } 870 871 /* 872 * Check a string doesn't overrun the chunk of 873 * memory we copied from userland. 874 */ 875 static int invalid_str(char *str, void *end) 876 { 877 while ((void *) str < end) 878 if (!*str++) 879 return 0; 880 881 return -EINVAL; 882 } 883 884 static int dev_rename(struct dm_ioctl *param, size_t param_size) 885 { 886 int r; 887 char *new_data = (char *) param + param->data_start; 888 struct mapped_device *md; 889 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 890 891 if (new_data < param->data || 892 invalid_str(new_data, (void *) param + param_size) || !*new_data || 893 strlen(new_data) > (change_uuid ? DM_UUID_LEN - 1 : DM_NAME_LEN - 1)) { 894 DMWARN("Invalid new mapped device name or uuid string supplied."); 895 return -EINVAL; 896 } 897 898 if (!change_uuid) { 899 r = check_name(new_data); 900 if (r) 901 return r; 902 } 903 904 md = dm_hash_rename(param, new_data); 905 if (IS_ERR(md)) 906 return PTR_ERR(md); 907 908 __dev_status(md, param); 909 dm_put(md); 910 911 return 0; 912 } 913 914 static int dev_set_geometry(struct dm_ioctl *param, size_t param_size) 915 { 916 int r = -EINVAL, x; 917 struct mapped_device *md; 918 struct hd_geometry geometry; 919 unsigned long indata[4]; 920 char *geostr = (char *) param + param->data_start; 921 char dummy; 922 923 md = find_device(param); 924 if (!md) 925 return -ENXIO; 926 927 if (geostr < param->data || 928 invalid_str(geostr, (void *) param + param_size)) { 929 DMWARN("Invalid geometry supplied."); 930 goto out; 931 } 932 933 x = sscanf(geostr, "%lu %lu %lu %lu%c", indata, 934 indata + 1, indata + 2, indata + 3, &dummy); 935 936 if (x != 4) { 937 DMWARN("Unable to interpret geometry settings."); 938 goto out; 939 } 940 941 if (indata[0] > 65535 || indata[1] > 255 || 942 indata[2] > 255 || indata[3] > ULONG_MAX) { 943 DMWARN("Geometry exceeds range limits."); 944 goto out; 945 } 946 947 geometry.cylinders = indata[0]; 948 geometry.heads = indata[1]; 949 geometry.sectors = indata[2]; 950 geometry.start = indata[3]; 951 952 r = dm_set_geometry(md, &geometry); 953 954 param->data_size = 0; 955 956 out: 957 dm_put(md); 958 return r; 959 } 960 961 static int do_suspend(struct dm_ioctl *param) 962 { 963 int r = 0; 964 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 965 struct mapped_device *md; 966 967 md = find_device(param); 968 if (!md) 969 return -ENXIO; 970 971 if (param->flags & DM_SKIP_LOCKFS_FLAG) 972 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 973 if (param->flags & DM_NOFLUSH_FLAG) 974 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 975 976 if (!dm_suspended_md(md)) { 977 r = dm_suspend(md, suspend_flags); 978 if (r) 979 goto out; 980 } 981 982 __dev_status(md, param); 983 984 out: 985 dm_put(md); 986 987 return r; 988 } 989 990 static int do_resume(struct dm_ioctl *param) 991 { 992 int r = 0; 993 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 994 struct hash_cell *hc; 995 struct mapped_device *md; 996 struct dm_table *new_map, *old_map = NULL; 997 998 down_write(&_hash_lock); 999 1000 hc = __find_device_hash_cell(param); 1001 if (!hc) { 1002 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1003 up_write(&_hash_lock); 1004 return -ENXIO; 1005 } 1006 1007 md = hc->md; 1008 1009 new_map = hc->new_map; 1010 hc->new_map = NULL; 1011 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 1012 1013 up_write(&_hash_lock); 1014 1015 /* Do we need to load a new map ? */ 1016 if (new_map) { 1017 /* Suspend if it isn't already suspended */ 1018 if (param->flags & DM_SKIP_LOCKFS_FLAG) 1019 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 1020 if (param->flags & DM_NOFLUSH_FLAG) 1021 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 1022 if (!dm_suspended_md(md)) 1023 dm_suspend(md, suspend_flags); 1024 1025 old_map = dm_swap_table(md, new_map); 1026 if (IS_ERR(old_map)) { 1027 dm_sync_table(md); 1028 dm_table_destroy(new_map); 1029 dm_put(md); 1030 return PTR_ERR(old_map); 1031 } 1032 1033 if (dm_table_get_mode(new_map) & FMODE_WRITE) 1034 set_disk_ro(dm_disk(md), 0); 1035 else 1036 set_disk_ro(dm_disk(md), 1); 1037 } 1038 1039 if (dm_suspended_md(md)) { 1040 r = dm_resume(md); 1041 if (!r && !dm_kobject_uevent(md, KOBJ_CHANGE, param->event_nr)) 1042 param->flags |= DM_UEVENT_GENERATED_FLAG; 1043 } 1044 1045 /* 1046 * Since dm_swap_table synchronizes RCU, nobody should be in 1047 * read-side critical section already. 1048 */ 1049 if (old_map) 1050 dm_table_destroy(old_map); 1051 1052 if (!r) 1053 __dev_status(md, param); 1054 1055 dm_put(md); 1056 return r; 1057 } 1058 1059 /* 1060 * Set or unset the suspension state of a device. 1061 * If the device already is in the requested state we just return its status. 1062 */ 1063 static int dev_suspend(struct dm_ioctl *param, size_t param_size) 1064 { 1065 if (param->flags & DM_SUSPEND_FLAG) 1066 return do_suspend(param); 1067 1068 return do_resume(param); 1069 } 1070 1071 /* 1072 * Copies device info back to user space, used by 1073 * the create and info ioctls. 1074 */ 1075 static int dev_status(struct dm_ioctl *param, size_t param_size) 1076 { 1077 struct mapped_device *md; 1078 1079 md = find_device(param); 1080 if (!md) 1081 return -ENXIO; 1082 1083 __dev_status(md, param); 1084 dm_put(md); 1085 1086 return 0; 1087 } 1088 1089 /* 1090 * Build up the status struct for each target 1091 */ 1092 static void retrieve_status(struct dm_table *table, 1093 struct dm_ioctl *param, size_t param_size) 1094 { 1095 unsigned int i, num_targets; 1096 struct dm_target_spec *spec; 1097 char *outbuf, *outptr; 1098 status_type_t type; 1099 size_t remaining, len, used = 0; 1100 unsigned status_flags = 0; 1101 1102 outptr = outbuf = get_result_buffer(param, param_size, &len); 1103 1104 if (param->flags & DM_STATUS_TABLE_FLAG) 1105 type = STATUSTYPE_TABLE; 1106 else 1107 type = STATUSTYPE_INFO; 1108 1109 /* Get all the target info */ 1110 num_targets = dm_table_get_num_targets(table); 1111 for (i = 0; i < num_targets; i++) { 1112 struct dm_target *ti = dm_table_get_target(table, i); 1113 size_t l; 1114 1115 remaining = len - (outptr - outbuf); 1116 if (remaining <= sizeof(struct dm_target_spec)) { 1117 param->flags |= DM_BUFFER_FULL_FLAG; 1118 break; 1119 } 1120 1121 spec = (struct dm_target_spec *) outptr; 1122 1123 spec->status = 0; 1124 spec->sector_start = ti->begin; 1125 spec->length = ti->len; 1126 strncpy(spec->target_type, ti->type->name, 1127 sizeof(spec->target_type)); 1128 1129 outptr += sizeof(struct dm_target_spec); 1130 remaining = len - (outptr - outbuf); 1131 if (remaining <= 0) { 1132 param->flags |= DM_BUFFER_FULL_FLAG; 1133 break; 1134 } 1135 1136 /* Get the status/table string from the target driver */ 1137 if (ti->type->status) { 1138 if (param->flags & DM_NOFLUSH_FLAG) 1139 status_flags |= DM_STATUS_NOFLUSH_FLAG; 1140 ti->type->status(ti, type, status_flags, outptr, remaining); 1141 } else 1142 outptr[0] = '\0'; 1143 1144 l = strlen(outptr) + 1; 1145 if (l == remaining) { 1146 param->flags |= DM_BUFFER_FULL_FLAG; 1147 break; 1148 } 1149 1150 outptr += l; 1151 used = param->data_start + (outptr - outbuf); 1152 1153 outptr = align_ptr(outptr); 1154 spec->next = outptr - outbuf; 1155 } 1156 1157 if (used) 1158 param->data_size = used; 1159 1160 param->target_count = num_targets; 1161 } 1162 1163 /* 1164 * Wait for a device to report an event 1165 */ 1166 static int dev_wait(struct dm_ioctl *param, size_t param_size) 1167 { 1168 int r = 0; 1169 struct mapped_device *md; 1170 struct dm_table *table; 1171 int srcu_idx; 1172 1173 md = find_device(param); 1174 if (!md) 1175 return -ENXIO; 1176 1177 /* 1178 * Wait for a notification event 1179 */ 1180 if (dm_wait_event(md, param->event_nr)) { 1181 r = -ERESTARTSYS; 1182 goto out; 1183 } 1184 1185 /* 1186 * The userland program is going to want to know what 1187 * changed to trigger the event, so we may as well tell 1188 * him and save an ioctl. 1189 */ 1190 __dev_status(md, param); 1191 1192 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1193 if (table) 1194 retrieve_status(table, param, param_size); 1195 dm_put_live_table(md, srcu_idx); 1196 1197 out: 1198 dm_put(md); 1199 1200 return r; 1201 } 1202 1203 static inline fmode_t get_mode(struct dm_ioctl *param) 1204 { 1205 fmode_t mode = FMODE_READ | FMODE_WRITE; 1206 1207 if (param->flags & DM_READONLY_FLAG) 1208 mode = FMODE_READ; 1209 1210 return mode; 1211 } 1212 1213 static int next_target(struct dm_target_spec *last, uint32_t next, void *end, 1214 struct dm_target_spec **spec, char **target_params) 1215 { 1216 *spec = (struct dm_target_spec *) ((unsigned char *) last + next); 1217 *target_params = (char *) (*spec + 1); 1218 1219 if (*spec < (last + 1)) 1220 return -EINVAL; 1221 1222 return invalid_str(*target_params, end); 1223 } 1224 1225 static int populate_table(struct dm_table *table, 1226 struct dm_ioctl *param, size_t param_size) 1227 { 1228 int r; 1229 unsigned int i = 0; 1230 struct dm_target_spec *spec = (struct dm_target_spec *) param; 1231 uint32_t next = param->data_start; 1232 void *end = (void *) param + param_size; 1233 char *target_params; 1234 1235 if (!param->target_count) { 1236 DMWARN("populate_table: no targets specified"); 1237 return -EINVAL; 1238 } 1239 1240 for (i = 0; i < param->target_count; i++) { 1241 1242 r = next_target(spec, next, end, &spec, &target_params); 1243 if (r) { 1244 DMWARN("unable to find target"); 1245 return r; 1246 } 1247 1248 r = dm_table_add_target(table, spec->target_type, 1249 (sector_t) spec->sector_start, 1250 (sector_t) spec->length, 1251 target_params); 1252 if (r) { 1253 DMWARN("error adding target to table"); 1254 return r; 1255 } 1256 1257 next = spec->next; 1258 } 1259 1260 return dm_table_complete(table); 1261 } 1262 1263 static bool is_valid_type(enum dm_queue_mode cur, enum dm_queue_mode new) 1264 { 1265 if (cur == new || 1266 (cur == DM_TYPE_BIO_BASED && new == DM_TYPE_DAX_BIO_BASED)) 1267 return true; 1268 1269 return false; 1270 } 1271 1272 static int table_load(struct dm_ioctl *param, size_t param_size) 1273 { 1274 int r; 1275 struct hash_cell *hc; 1276 struct dm_table *t, *old_map = NULL; 1277 struct mapped_device *md; 1278 struct target_type *immutable_target_type; 1279 1280 md = find_device(param); 1281 if (!md) 1282 return -ENXIO; 1283 1284 r = dm_table_create(&t, get_mode(param), param->target_count, md); 1285 if (r) 1286 goto err; 1287 1288 /* Protect md->type and md->queue against concurrent table loads. */ 1289 dm_lock_md_type(md); 1290 r = populate_table(t, param, param_size); 1291 if (r) 1292 goto err_unlock_md_type; 1293 1294 immutable_target_type = dm_get_immutable_target_type(md); 1295 if (immutable_target_type && 1296 (immutable_target_type != dm_table_get_immutable_target_type(t)) && 1297 !dm_table_get_wildcard_target(t)) { 1298 DMWARN("can't replace immutable target type %s", 1299 immutable_target_type->name); 1300 r = -EINVAL; 1301 goto err_unlock_md_type; 1302 } 1303 1304 if (dm_get_md_type(md) == DM_TYPE_NONE) { 1305 /* Initial table load: acquire type of table. */ 1306 dm_set_md_type(md, dm_table_get_type(t)); 1307 1308 /* setup md->queue to reflect md's type (may block) */ 1309 r = dm_setup_md_queue(md, t); 1310 if (r) { 1311 DMWARN("unable to set up device queue for new table."); 1312 goto err_unlock_md_type; 1313 } 1314 } else if (!is_valid_type(dm_get_md_type(md), dm_table_get_type(t))) { 1315 DMWARN("can't change device type after initial table load."); 1316 r = -EINVAL; 1317 goto err_unlock_md_type; 1318 } 1319 1320 dm_unlock_md_type(md); 1321 1322 /* stage inactive table */ 1323 down_write(&_hash_lock); 1324 hc = dm_get_mdptr(md); 1325 if (!hc || hc->md != md) { 1326 DMWARN("device has been removed from the dev hash table."); 1327 up_write(&_hash_lock); 1328 r = -ENXIO; 1329 goto err_destroy_table; 1330 } 1331 1332 if (hc->new_map) 1333 old_map = hc->new_map; 1334 hc->new_map = t; 1335 up_write(&_hash_lock); 1336 1337 param->flags |= DM_INACTIVE_PRESENT_FLAG; 1338 __dev_status(md, param); 1339 1340 if (old_map) { 1341 dm_sync_table(md); 1342 dm_table_destroy(old_map); 1343 } 1344 1345 dm_put(md); 1346 1347 return 0; 1348 1349 err_unlock_md_type: 1350 dm_unlock_md_type(md); 1351 err_destroy_table: 1352 dm_table_destroy(t); 1353 err: 1354 dm_put(md); 1355 1356 return r; 1357 } 1358 1359 static int table_clear(struct dm_ioctl *param, size_t param_size) 1360 { 1361 struct hash_cell *hc; 1362 struct mapped_device *md; 1363 struct dm_table *old_map = NULL; 1364 1365 down_write(&_hash_lock); 1366 1367 hc = __find_device_hash_cell(param); 1368 if (!hc) { 1369 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1370 up_write(&_hash_lock); 1371 return -ENXIO; 1372 } 1373 1374 if (hc->new_map) { 1375 old_map = hc->new_map; 1376 hc->new_map = NULL; 1377 } 1378 1379 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 1380 1381 __dev_status(hc->md, param); 1382 md = hc->md; 1383 up_write(&_hash_lock); 1384 if (old_map) { 1385 dm_sync_table(md); 1386 dm_table_destroy(old_map); 1387 } 1388 dm_put(md); 1389 1390 return 0; 1391 } 1392 1393 /* 1394 * Retrieves a list of devices used by a particular dm device. 1395 */ 1396 static void retrieve_deps(struct dm_table *table, 1397 struct dm_ioctl *param, size_t param_size) 1398 { 1399 unsigned int count = 0; 1400 struct list_head *tmp; 1401 size_t len, needed; 1402 struct dm_dev_internal *dd; 1403 struct dm_target_deps *deps; 1404 1405 deps = get_result_buffer(param, param_size, &len); 1406 1407 /* 1408 * Count the devices. 1409 */ 1410 list_for_each (tmp, dm_table_get_devices(table)) 1411 count++; 1412 1413 /* 1414 * Check we have enough space. 1415 */ 1416 needed = sizeof(*deps) + (sizeof(*deps->dev) * count); 1417 if (len < needed) { 1418 param->flags |= DM_BUFFER_FULL_FLAG; 1419 return; 1420 } 1421 1422 /* 1423 * Fill in the devices. 1424 */ 1425 deps->count = count; 1426 count = 0; 1427 list_for_each_entry (dd, dm_table_get_devices(table), list) 1428 deps->dev[count++] = huge_encode_dev(dd->dm_dev->bdev->bd_dev); 1429 1430 param->data_size = param->data_start + needed; 1431 } 1432 1433 static int table_deps(struct dm_ioctl *param, size_t param_size) 1434 { 1435 struct mapped_device *md; 1436 struct dm_table *table; 1437 int srcu_idx; 1438 1439 md = find_device(param); 1440 if (!md) 1441 return -ENXIO; 1442 1443 __dev_status(md, param); 1444 1445 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1446 if (table) 1447 retrieve_deps(table, param, param_size); 1448 dm_put_live_table(md, srcu_idx); 1449 1450 dm_put(md); 1451 1452 return 0; 1453 } 1454 1455 /* 1456 * Return the status of a device as a text string for each 1457 * target. 1458 */ 1459 static int table_status(struct dm_ioctl *param, size_t param_size) 1460 { 1461 struct mapped_device *md; 1462 struct dm_table *table; 1463 int srcu_idx; 1464 1465 md = find_device(param); 1466 if (!md) 1467 return -ENXIO; 1468 1469 __dev_status(md, param); 1470 1471 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1472 if (table) 1473 retrieve_status(table, param, param_size); 1474 dm_put_live_table(md, srcu_idx); 1475 1476 dm_put(md); 1477 1478 return 0; 1479 } 1480 1481 /* 1482 * Process device-mapper dependent messages. Messages prefixed with '@' 1483 * are processed by the DM core. All others are delivered to the target. 1484 * Returns a number <= 1 if message was processed by device mapper. 1485 * Returns 2 if message should be delivered to the target. 1486 */ 1487 static int message_for_md(struct mapped_device *md, unsigned argc, char **argv, 1488 char *result, unsigned maxlen) 1489 { 1490 int r; 1491 1492 if (**argv != '@') 1493 return 2; /* no '@' prefix, deliver to target */ 1494 1495 if (!strcasecmp(argv[0], "@cancel_deferred_remove")) { 1496 if (argc != 1) { 1497 DMERR("Invalid arguments for @cancel_deferred_remove"); 1498 return -EINVAL; 1499 } 1500 return dm_cancel_deferred_remove(md); 1501 } 1502 1503 r = dm_stats_message(md, argc, argv, result, maxlen); 1504 if (r < 2) 1505 return r; 1506 1507 DMERR("Unsupported message sent to DM core: %s", argv[0]); 1508 return -EINVAL; 1509 } 1510 1511 /* 1512 * Pass a message to the target that's at the supplied device offset. 1513 */ 1514 static int target_message(struct dm_ioctl *param, size_t param_size) 1515 { 1516 int r, argc; 1517 char **argv; 1518 struct mapped_device *md; 1519 struct dm_table *table; 1520 struct dm_target *ti; 1521 struct dm_target_msg *tmsg = (void *) param + param->data_start; 1522 size_t maxlen; 1523 char *result = get_result_buffer(param, param_size, &maxlen); 1524 int srcu_idx; 1525 1526 md = find_device(param); 1527 if (!md) 1528 return -ENXIO; 1529 1530 if (tmsg < (struct dm_target_msg *) param->data || 1531 invalid_str(tmsg->message, (void *) param + param_size)) { 1532 DMWARN("Invalid target message parameters."); 1533 r = -EINVAL; 1534 goto out; 1535 } 1536 1537 r = dm_split_args(&argc, &argv, tmsg->message); 1538 if (r) { 1539 DMWARN("Failed to split target message parameters"); 1540 goto out; 1541 } 1542 1543 if (!argc) { 1544 DMWARN("Empty message received."); 1545 goto out_argv; 1546 } 1547 1548 r = message_for_md(md, argc, argv, result, maxlen); 1549 if (r <= 1) 1550 goto out_argv; 1551 1552 table = dm_get_live_table(md, &srcu_idx); 1553 if (!table) 1554 goto out_table; 1555 1556 if (dm_deleting_md(md)) { 1557 r = -ENXIO; 1558 goto out_table; 1559 } 1560 1561 ti = dm_table_find_target(table, tmsg->sector); 1562 if (!dm_target_is_valid(ti)) { 1563 DMWARN("Target message sector outside device."); 1564 r = -EINVAL; 1565 } else if (ti->type->message) 1566 r = ti->type->message(ti, argc, argv); 1567 else { 1568 DMWARN("Target type does not support messages"); 1569 r = -EINVAL; 1570 } 1571 1572 out_table: 1573 dm_put_live_table(md, srcu_idx); 1574 out_argv: 1575 kfree(argv); 1576 out: 1577 if (r >= 0) 1578 __dev_status(md, param); 1579 1580 if (r == 1) { 1581 param->flags |= DM_DATA_OUT_FLAG; 1582 if (dm_message_test_buffer_overflow(result, maxlen)) 1583 param->flags |= DM_BUFFER_FULL_FLAG; 1584 else 1585 param->data_size = param->data_start + strlen(result) + 1; 1586 r = 0; 1587 } 1588 1589 dm_put(md); 1590 return r; 1591 } 1592 1593 /* 1594 * The ioctl parameter block consists of two parts, a dm_ioctl struct 1595 * followed by a data buffer. This flag is set if the second part, 1596 * which has a variable size, is not used by the function processing 1597 * the ioctl. 1598 */ 1599 #define IOCTL_FLAGS_NO_PARAMS 1 1600 1601 /*----------------------------------------------------------------- 1602 * Implementation of open/close/ioctl on the special char 1603 * device. 1604 *---------------------------------------------------------------*/ 1605 static ioctl_fn lookup_ioctl(unsigned int cmd, int *ioctl_flags) 1606 { 1607 static struct { 1608 int cmd; 1609 int flags; 1610 ioctl_fn fn; 1611 } _ioctls[] = { 1612 {DM_VERSION_CMD, 0, NULL}, /* version is dealt with elsewhere */ 1613 {DM_REMOVE_ALL_CMD, IOCTL_FLAGS_NO_PARAMS, remove_all}, 1614 {DM_LIST_DEVICES_CMD, 0, list_devices}, 1615 1616 {DM_DEV_CREATE_CMD, IOCTL_FLAGS_NO_PARAMS, dev_create}, 1617 {DM_DEV_REMOVE_CMD, IOCTL_FLAGS_NO_PARAMS, dev_remove}, 1618 {DM_DEV_RENAME_CMD, 0, dev_rename}, 1619 {DM_DEV_SUSPEND_CMD, IOCTL_FLAGS_NO_PARAMS, dev_suspend}, 1620 {DM_DEV_STATUS_CMD, IOCTL_FLAGS_NO_PARAMS, dev_status}, 1621 {DM_DEV_WAIT_CMD, 0, dev_wait}, 1622 1623 {DM_TABLE_LOAD_CMD, 0, table_load}, 1624 {DM_TABLE_CLEAR_CMD, IOCTL_FLAGS_NO_PARAMS, table_clear}, 1625 {DM_TABLE_DEPS_CMD, 0, table_deps}, 1626 {DM_TABLE_STATUS_CMD, 0, table_status}, 1627 1628 {DM_LIST_VERSIONS_CMD, 0, list_versions}, 1629 1630 {DM_TARGET_MSG_CMD, 0, target_message}, 1631 {DM_DEV_SET_GEOMETRY_CMD, 0, dev_set_geometry} 1632 }; 1633 1634 if (unlikely(cmd >= ARRAY_SIZE(_ioctls))) 1635 return NULL; 1636 1637 *ioctl_flags = _ioctls[cmd].flags; 1638 return _ioctls[cmd].fn; 1639 } 1640 1641 /* 1642 * As well as checking the version compatibility this always 1643 * copies the kernel interface version out. 1644 */ 1645 static int check_version(unsigned int cmd, struct dm_ioctl __user *user) 1646 { 1647 uint32_t version[3]; 1648 int r = 0; 1649 1650 if (copy_from_user(version, user->version, sizeof(version))) 1651 return -EFAULT; 1652 1653 if ((DM_VERSION_MAJOR != version[0]) || 1654 (DM_VERSION_MINOR < version[1])) { 1655 DMWARN("ioctl interface mismatch: " 1656 "kernel(%u.%u.%u), user(%u.%u.%u), cmd(%d)", 1657 DM_VERSION_MAJOR, DM_VERSION_MINOR, 1658 DM_VERSION_PATCHLEVEL, 1659 version[0], version[1], version[2], cmd); 1660 r = -EINVAL; 1661 } 1662 1663 /* 1664 * Fill in the kernel version. 1665 */ 1666 version[0] = DM_VERSION_MAJOR; 1667 version[1] = DM_VERSION_MINOR; 1668 version[2] = DM_VERSION_PATCHLEVEL; 1669 if (copy_to_user(user->version, version, sizeof(version))) 1670 return -EFAULT; 1671 1672 return r; 1673 } 1674 1675 #define DM_PARAMS_MALLOC 0x0001 /* Params allocated with kvmalloc() */ 1676 #define DM_WIPE_BUFFER 0x0010 /* Wipe input buffer before returning from ioctl */ 1677 1678 static void free_params(struct dm_ioctl *param, size_t param_size, int param_flags) 1679 { 1680 if (param_flags & DM_WIPE_BUFFER) 1681 memset(param, 0, param_size); 1682 1683 if (param_flags & DM_PARAMS_MALLOC) 1684 kvfree(param); 1685 } 1686 1687 static int copy_params(struct dm_ioctl __user *user, struct dm_ioctl *param_kernel, 1688 int ioctl_flags, 1689 struct dm_ioctl **param, int *param_flags) 1690 { 1691 struct dm_ioctl *dmi; 1692 int secure_data; 1693 const size_t minimum_data_size = offsetof(struct dm_ioctl, data); 1694 unsigned noio_flag; 1695 1696 if (copy_from_user(param_kernel, user, minimum_data_size)) 1697 return -EFAULT; 1698 1699 if (param_kernel->data_size < minimum_data_size) 1700 return -EINVAL; 1701 1702 secure_data = param_kernel->flags & DM_SECURE_DATA_FLAG; 1703 1704 *param_flags = secure_data ? DM_WIPE_BUFFER : 0; 1705 1706 if (ioctl_flags & IOCTL_FLAGS_NO_PARAMS) { 1707 dmi = param_kernel; 1708 dmi->data_size = minimum_data_size; 1709 goto data_copied; 1710 } 1711 1712 /* 1713 * Try to avoid low memory issues when a device is suspended. 1714 * Use kmalloc() rather than vmalloc() when we can. 1715 */ 1716 dmi = NULL; 1717 noio_flag = memalloc_noio_save(); 1718 dmi = kvmalloc(param_kernel->data_size, GFP_KERNEL); 1719 memalloc_noio_restore(noio_flag); 1720 1721 if (!dmi) { 1722 if (secure_data && clear_user(user, param_kernel->data_size)) 1723 return -EFAULT; 1724 return -ENOMEM; 1725 } 1726 1727 *param_flags |= DM_PARAMS_MALLOC; 1728 1729 if (copy_from_user(dmi, user, param_kernel->data_size)) 1730 goto bad; 1731 1732 data_copied: 1733 /* 1734 * Abort if something changed the ioctl data while it was being copied. 1735 */ 1736 if (dmi->data_size != param_kernel->data_size) { 1737 DMERR("rejecting ioctl: data size modified while processing parameters"); 1738 goto bad; 1739 } 1740 1741 /* Wipe the user buffer so we do not return it to userspace */ 1742 if (secure_data && clear_user(user, param_kernel->data_size)) 1743 goto bad; 1744 1745 *param = dmi; 1746 return 0; 1747 1748 bad: 1749 free_params(dmi, param_kernel->data_size, *param_flags); 1750 1751 return -EFAULT; 1752 } 1753 1754 static int validate_params(uint cmd, struct dm_ioctl *param) 1755 { 1756 /* Always clear this flag */ 1757 param->flags &= ~DM_BUFFER_FULL_FLAG; 1758 param->flags &= ~DM_UEVENT_GENERATED_FLAG; 1759 param->flags &= ~DM_SECURE_DATA_FLAG; 1760 param->flags &= ~DM_DATA_OUT_FLAG; 1761 1762 /* Ignores parameters */ 1763 if (cmd == DM_REMOVE_ALL_CMD || 1764 cmd == DM_LIST_DEVICES_CMD || 1765 cmd == DM_LIST_VERSIONS_CMD) 1766 return 0; 1767 1768 if (cmd == DM_DEV_CREATE_CMD) { 1769 if (!*param->name) { 1770 DMWARN("name not supplied when creating device"); 1771 return -EINVAL; 1772 } 1773 } else if (*param->uuid && *param->name) { 1774 DMWARN("only supply one of name or uuid, cmd(%u)", cmd); 1775 return -EINVAL; 1776 } 1777 1778 /* Ensure strings are terminated */ 1779 param->name[DM_NAME_LEN - 1] = '\0'; 1780 param->uuid[DM_UUID_LEN - 1] = '\0'; 1781 1782 return 0; 1783 } 1784 1785 static int ctl_ioctl(uint command, struct dm_ioctl __user *user) 1786 { 1787 int r = 0; 1788 int ioctl_flags; 1789 int param_flags; 1790 unsigned int cmd; 1791 struct dm_ioctl *uninitialized_var(param); 1792 ioctl_fn fn = NULL; 1793 size_t input_param_size; 1794 struct dm_ioctl param_kernel; 1795 1796 /* only root can play with this */ 1797 if (!capable(CAP_SYS_ADMIN)) 1798 return -EACCES; 1799 1800 if (_IOC_TYPE(command) != DM_IOCTL) 1801 return -ENOTTY; 1802 1803 cmd = _IOC_NR(command); 1804 1805 /* 1806 * Check the interface version passed in. This also 1807 * writes out the kernel's interface version. 1808 */ 1809 r = check_version(cmd, user); 1810 if (r) 1811 return r; 1812 1813 /* 1814 * Nothing more to do for the version command. 1815 */ 1816 if (cmd == DM_VERSION_CMD) 1817 return 0; 1818 1819 fn = lookup_ioctl(cmd, &ioctl_flags); 1820 if (!fn) { 1821 DMWARN("dm_ctl_ioctl: unknown command 0x%x", command); 1822 return -ENOTTY; 1823 } 1824 1825 /* 1826 * Copy the parameters into kernel space. 1827 */ 1828 r = copy_params(user, ¶m_kernel, ioctl_flags, ¶m, ¶m_flags); 1829 1830 if (r) 1831 return r; 1832 1833 input_param_size = param->data_size; 1834 r = validate_params(cmd, param); 1835 if (r) 1836 goto out; 1837 1838 param->data_size = offsetof(struct dm_ioctl, data); 1839 r = fn(param, input_param_size); 1840 1841 if (unlikely(param->flags & DM_BUFFER_FULL_FLAG) && 1842 unlikely(ioctl_flags & IOCTL_FLAGS_NO_PARAMS)) 1843 DMERR("ioctl %d tried to output some data but has IOCTL_FLAGS_NO_PARAMS set", cmd); 1844 1845 /* 1846 * Copy the results back to userland. 1847 */ 1848 if (!r && copy_to_user(user, param, param->data_size)) 1849 r = -EFAULT; 1850 1851 out: 1852 free_params(param, input_param_size, param_flags); 1853 return r; 1854 } 1855 1856 static long dm_ctl_ioctl(struct file *file, uint command, ulong u) 1857 { 1858 return (long)ctl_ioctl(command, (struct dm_ioctl __user *)u); 1859 } 1860 1861 #ifdef CONFIG_COMPAT 1862 static long dm_compat_ctl_ioctl(struct file *file, uint command, ulong u) 1863 { 1864 return (long)dm_ctl_ioctl(file, command, (ulong) compat_ptr(u)); 1865 } 1866 #else 1867 #define dm_compat_ctl_ioctl NULL 1868 #endif 1869 1870 static const struct file_operations _ctl_fops = { 1871 .open = nonseekable_open, 1872 .unlocked_ioctl = dm_ctl_ioctl, 1873 .compat_ioctl = dm_compat_ctl_ioctl, 1874 .owner = THIS_MODULE, 1875 .llseek = noop_llseek, 1876 }; 1877 1878 static struct miscdevice _dm_misc = { 1879 .minor = MAPPER_CTRL_MINOR, 1880 .name = DM_NAME, 1881 .nodename = DM_DIR "/" DM_CONTROL_NODE, 1882 .fops = &_ctl_fops 1883 }; 1884 1885 MODULE_ALIAS_MISCDEV(MAPPER_CTRL_MINOR); 1886 MODULE_ALIAS("devname:" DM_DIR "/" DM_CONTROL_NODE); 1887 1888 /* 1889 * Create misc character device and link to DM_DIR/control. 1890 */ 1891 int __init dm_interface_init(void) 1892 { 1893 int r; 1894 1895 r = dm_hash_init(); 1896 if (r) 1897 return r; 1898 1899 r = misc_register(&_dm_misc); 1900 if (r) { 1901 DMERR("misc_register failed for control device"); 1902 dm_hash_exit(); 1903 return r; 1904 } 1905 1906 DMINFO("%d.%d.%d%s initialised: %s", DM_VERSION_MAJOR, 1907 DM_VERSION_MINOR, DM_VERSION_PATCHLEVEL, DM_VERSION_EXTRA, 1908 DM_DRIVER_EMAIL); 1909 return 0; 1910 } 1911 1912 void dm_interface_exit(void) 1913 { 1914 misc_deregister(&_dm_misc); 1915 dm_hash_exit(); 1916 } 1917 1918 /** 1919 * dm_copy_name_and_uuid - Copy mapped device name & uuid into supplied buffers 1920 * @md: Pointer to mapped_device 1921 * @name: Buffer (size DM_NAME_LEN) for name 1922 * @uuid: Buffer (size DM_UUID_LEN) for uuid or empty string if uuid not defined 1923 */ 1924 int dm_copy_name_and_uuid(struct mapped_device *md, char *name, char *uuid) 1925 { 1926 int r = 0; 1927 struct hash_cell *hc; 1928 1929 if (!md) 1930 return -ENXIO; 1931 1932 mutex_lock(&dm_hash_cells_mutex); 1933 hc = dm_get_mdptr(md); 1934 if (!hc || hc->md != md) { 1935 r = -ENXIO; 1936 goto out; 1937 } 1938 1939 if (name) 1940 strcpy(name, hc->name); 1941 if (uuid) 1942 strcpy(uuid, hc->uuid ? : ""); 1943 1944 out: 1945 mutex_unlock(&dm_hash_cells_mutex); 1946 1947 return r; 1948 } 1949