1 /* 2 * Copyright (C) 2001, 2002 Sistina Software (UK) Limited. 3 * Copyright (C) 2004 - 2006 Red Hat, Inc. All rights reserved. 4 * 5 * This file is released under the GPL. 6 */ 7 8 #include "dm-core.h" 9 #include "dm-ima.h" 10 #include <linux/module.h> 11 #include <linux/vmalloc.h> 12 #include <linux/miscdevice.h> 13 #include <linux/sched/mm.h> 14 #include <linux/init.h> 15 #include <linux/wait.h> 16 #include <linux/slab.h> 17 #include <linux/rbtree.h> 18 #include <linux/dm-ioctl.h> 19 #include <linux/hdreg.h> 20 #include <linux/compat.h> 21 22 #include <linux/uaccess.h> 23 #include <linux/ima.h> 24 25 #define DM_MSG_PREFIX "ioctl" 26 #define DM_DRIVER_EMAIL "dm-devel@redhat.com" 27 28 struct dm_file { 29 /* 30 * poll will wait until the global event number is greater than 31 * this value. 32 */ 33 volatile unsigned global_event_nr; 34 }; 35 36 /*----------------------------------------------------------------- 37 * The ioctl interface needs to be able to look up devices by 38 * name or uuid. 39 *---------------------------------------------------------------*/ 40 struct hash_cell { 41 struct rb_node name_node; 42 struct rb_node uuid_node; 43 bool name_set; 44 bool uuid_set; 45 46 char *name; 47 char *uuid; 48 struct mapped_device *md; 49 struct dm_table *new_map; 50 }; 51 52 struct vers_iter { 53 size_t param_size; 54 struct dm_target_versions *vers, *old_vers; 55 char *end; 56 uint32_t flags; 57 }; 58 59 60 static struct rb_root name_rb_tree = RB_ROOT; 61 static struct rb_root uuid_rb_tree = RB_ROOT; 62 63 static void dm_hash_remove_all(bool keep_open_devices, bool mark_deferred, bool only_deferred); 64 65 /* 66 * Guards access to both hash tables. 67 */ 68 static DECLARE_RWSEM(_hash_lock); 69 70 /* 71 * Protects use of mdptr to obtain hash cell name and uuid from mapped device. 72 */ 73 static DEFINE_MUTEX(dm_hash_cells_mutex); 74 75 static void dm_hash_exit(void) 76 { 77 dm_hash_remove_all(false, false, false); 78 } 79 80 /*----------------------------------------------------------------- 81 * Code for looking up a device by name 82 *---------------------------------------------------------------*/ 83 static struct hash_cell *__get_name_cell(const char *str) 84 { 85 struct rb_node *n = name_rb_tree.rb_node; 86 87 while (n) { 88 struct hash_cell *hc = container_of(n, struct hash_cell, name_node); 89 int c = strcmp(hc->name, str); 90 if (!c) { 91 dm_get(hc->md); 92 return hc; 93 } 94 n = c >= 0 ? n->rb_left : n->rb_right; 95 } 96 97 return NULL; 98 } 99 100 static struct hash_cell *__get_uuid_cell(const char *str) 101 { 102 struct rb_node *n = uuid_rb_tree.rb_node; 103 104 while (n) { 105 struct hash_cell *hc = container_of(n, struct hash_cell, uuid_node); 106 int c = strcmp(hc->uuid, str); 107 if (!c) { 108 dm_get(hc->md); 109 return hc; 110 } 111 n = c >= 0 ? n->rb_left : n->rb_right; 112 } 113 114 return NULL; 115 } 116 117 static void __unlink_name(struct hash_cell *hc) 118 { 119 if (hc->name_set) { 120 hc->name_set = false; 121 rb_erase(&hc->name_node, &name_rb_tree); 122 } 123 } 124 125 static void __unlink_uuid(struct hash_cell *hc) 126 { 127 if (hc->uuid_set) { 128 hc->uuid_set = false; 129 rb_erase(&hc->uuid_node, &uuid_rb_tree); 130 } 131 } 132 133 static void __link_name(struct hash_cell *new_hc) 134 { 135 struct rb_node **n, *parent; 136 137 __unlink_name(new_hc); 138 139 new_hc->name_set = true; 140 141 n = &name_rb_tree.rb_node; 142 parent = NULL; 143 144 while (*n) { 145 struct hash_cell *hc = container_of(*n, struct hash_cell, name_node); 146 int c = strcmp(hc->name, new_hc->name); 147 BUG_ON(!c); 148 parent = *n; 149 n = c >= 0 ? &hc->name_node.rb_left : &hc->name_node.rb_right; 150 } 151 152 rb_link_node(&new_hc->name_node, parent, n); 153 rb_insert_color(&new_hc->name_node, &name_rb_tree); 154 } 155 156 static void __link_uuid(struct hash_cell *new_hc) 157 { 158 struct rb_node **n, *parent; 159 160 __unlink_uuid(new_hc); 161 162 new_hc->uuid_set = true; 163 164 n = &uuid_rb_tree.rb_node; 165 parent = NULL; 166 167 while (*n) { 168 struct hash_cell *hc = container_of(*n, struct hash_cell, uuid_node); 169 int c = strcmp(hc->uuid, new_hc->uuid); 170 BUG_ON(!c); 171 parent = *n; 172 n = c > 0 ? &hc->uuid_node.rb_left : &hc->uuid_node.rb_right; 173 } 174 175 rb_link_node(&new_hc->uuid_node, parent, n); 176 rb_insert_color(&new_hc->uuid_node, &uuid_rb_tree); 177 } 178 179 static struct hash_cell *__get_dev_cell(uint64_t dev) 180 { 181 struct mapped_device *md; 182 struct hash_cell *hc; 183 184 md = dm_get_md(huge_decode_dev(dev)); 185 if (!md) 186 return NULL; 187 188 hc = dm_get_mdptr(md); 189 if (!hc) { 190 dm_put(md); 191 return NULL; 192 } 193 194 return hc; 195 } 196 197 /*----------------------------------------------------------------- 198 * Inserting, removing and renaming a device. 199 *---------------------------------------------------------------*/ 200 static struct hash_cell *alloc_cell(const char *name, const char *uuid, 201 struct mapped_device *md) 202 { 203 struct hash_cell *hc; 204 205 hc = kmalloc(sizeof(*hc), GFP_KERNEL); 206 if (!hc) 207 return NULL; 208 209 hc->name = kstrdup(name, GFP_KERNEL); 210 if (!hc->name) { 211 kfree(hc); 212 return NULL; 213 } 214 215 if (!uuid) 216 hc->uuid = NULL; 217 218 else { 219 hc->uuid = kstrdup(uuid, GFP_KERNEL); 220 if (!hc->uuid) { 221 kfree(hc->name); 222 kfree(hc); 223 return NULL; 224 } 225 } 226 227 hc->name_set = hc->uuid_set = false; 228 hc->md = md; 229 hc->new_map = NULL; 230 return hc; 231 } 232 233 static void free_cell(struct hash_cell *hc) 234 { 235 if (hc) { 236 kfree(hc->name); 237 kfree(hc->uuid); 238 kfree(hc); 239 } 240 } 241 242 /* 243 * The kdev_t and uuid of a device can never change once it is 244 * initially inserted. 245 */ 246 static int dm_hash_insert(const char *name, const char *uuid, struct mapped_device *md) 247 { 248 struct hash_cell *cell, *hc; 249 250 /* 251 * Allocate the new cells. 252 */ 253 cell = alloc_cell(name, uuid, md); 254 if (!cell) 255 return -ENOMEM; 256 257 /* 258 * Insert the cell into both hash tables. 259 */ 260 down_write(&_hash_lock); 261 hc = __get_name_cell(name); 262 if (hc) { 263 dm_put(hc->md); 264 goto bad; 265 } 266 267 __link_name(cell); 268 269 if (uuid) { 270 hc = __get_uuid_cell(uuid); 271 if (hc) { 272 __unlink_name(cell); 273 dm_put(hc->md); 274 goto bad; 275 } 276 __link_uuid(cell); 277 } 278 dm_get(md); 279 mutex_lock(&dm_hash_cells_mutex); 280 dm_set_mdptr(md, cell); 281 mutex_unlock(&dm_hash_cells_mutex); 282 up_write(&_hash_lock); 283 284 return 0; 285 286 bad: 287 up_write(&_hash_lock); 288 free_cell(cell); 289 return -EBUSY; 290 } 291 292 static struct dm_table *__hash_remove(struct hash_cell *hc) 293 { 294 struct dm_table *table; 295 int srcu_idx; 296 297 /* remove from the dev trees */ 298 __unlink_name(hc); 299 __unlink_uuid(hc); 300 mutex_lock(&dm_hash_cells_mutex); 301 dm_set_mdptr(hc->md, NULL); 302 mutex_unlock(&dm_hash_cells_mutex); 303 304 table = dm_get_live_table(hc->md, &srcu_idx); 305 if (table) 306 dm_table_event(table); 307 dm_put_live_table(hc->md, srcu_idx); 308 309 table = NULL; 310 if (hc->new_map) 311 table = hc->new_map; 312 dm_put(hc->md); 313 free_cell(hc); 314 315 return table; 316 } 317 318 static void dm_hash_remove_all(bool keep_open_devices, bool mark_deferred, bool only_deferred) 319 { 320 int dev_skipped; 321 struct rb_node *n; 322 struct hash_cell *hc; 323 struct mapped_device *md; 324 struct dm_table *t; 325 326 retry: 327 dev_skipped = 0; 328 329 down_write(&_hash_lock); 330 331 for (n = rb_first(&name_rb_tree); n; n = rb_next(n)) { 332 hc = container_of(n, struct hash_cell, name_node); 333 md = hc->md; 334 dm_get(md); 335 336 if (keep_open_devices && 337 dm_lock_for_deletion(md, mark_deferred, only_deferred)) { 338 dm_put(md); 339 dev_skipped++; 340 continue; 341 } 342 343 t = __hash_remove(hc); 344 345 up_write(&_hash_lock); 346 347 if (t) { 348 dm_sync_table(md); 349 dm_table_destroy(t); 350 } 351 dm_ima_measure_on_device_remove(md, true); 352 dm_put(md); 353 if (likely(keep_open_devices)) 354 dm_destroy(md); 355 else 356 dm_destroy_immediate(md); 357 358 /* 359 * Some mapped devices may be using other mapped 360 * devices, so repeat until we make no further 361 * progress. If a new mapped device is created 362 * here it will also get removed. 363 */ 364 goto retry; 365 } 366 367 up_write(&_hash_lock); 368 369 if (dev_skipped) 370 DMWARN("remove_all left %d open device(s)", dev_skipped); 371 } 372 373 /* 374 * Set the uuid of a hash_cell that isn't already set. 375 */ 376 static void __set_cell_uuid(struct hash_cell *hc, char *new_uuid) 377 { 378 mutex_lock(&dm_hash_cells_mutex); 379 hc->uuid = new_uuid; 380 mutex_unlock(&dm_hash_cells_mutex); 381 382 __link_uuid(hc); 383 } 384 385 /* 386 * Changes the name of a hash_cell and returns the old name for 387 * the caller to free. 388 */ 389 static char *__change_cell_name(struct hash_cell *hc, char *new_name) 390 { 391 char *old_name; 392 393 /* 394 * Rename and move the name cell. 395 */ 396 __unlink_name(hc); 397 old_name = hc->name; 398 399 mutex_lock(&dm_hash_cells_mutex); 400 hc->name = new_name; 401 mutex_unlock(&dm_hash_cells_mutex); 402 403 __link_name(hc); 404 405 return old_name; 406 } 407 408 static struct mapped_device *dm_hash_rename(struct dm_ioctl *param, 409 const char *new) 410 { 411 char *new_data, *old_name = NULL; 412 struct hash_cell *hc; 413 struct dm_table *table; 414 struct mapped_device *md; 415 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 416 int srcu_idx; 417 418 /* 419 * duplicate new. 420 */ 421 new_data = kstrdup(new, GFP_KERNEL); 422 if (!new_data) 423 return ERR_PTR(-ENOMEM); 424 425 down_write(&_hash_lock); 426 427 /* 428 * Is new free ? 429 */ 430 if (change_uuid) 431 hc = __get_uuid_cell(new); 432 else 433 hc = __get_name_cell(new); 434 435 if (hc) { 436 DMWARN("Unable to change %s on mapped device %s to one that " 437 "already exists: %s", 438 change_uuid ? "uuid" : "name", 439 param->name, new); 440 dm_put(hc->md); 441 up_write(&_hash_lock); 442 kfree(new_data); 443 return ERR_PTR(-EBUSY); 444 } 445 446 /* 447 * Is there such a device as 'old' ? 448 */ 449 hc = __get_name_cell(param->name); 450 if (!hc) { 451 DMWARN("Unable to rename non-existent device, %s to %s%s", 452 param->name, change_uuid ? "uuid " : "", new); 453 up_write(&_hash_lock); 454 kfree(new_data); 455 return ERR_PTR(-ENXIO); 456 } 457 458 /* 459 * Does this device already have a uuid? 460 */ 461 if (change_uuid && hc->uuid) { 462 DMWARN("Unable to change uuid of mapped device %s to %s " 463 "because uuid is already set to %s", 464 param->name, new, hc->uuid); 465 dm_put(hc->md); 466 up_write(&_hash_lock); 467 kfree(new_data); 468 return ERR_PTR(-EINVAL); 469 } 470 471 if (change_uuid) 472 __set_cell_uuid(hc, new_data); 473 else 474 old_name = __change_cell_name(hc, new_data); 475 476 /* 477 * Wake up any dm event waiters. 478 */ 479 table = dm_get_live_table(hc->md, &srcu_idx); 480 if (table) 481 dm_table_event(table); 482 dm_put_live_table(hc->md, srcu_idx); 483 484 if (!dm_kobject_uevent(hc->md, KOBJ_CHANGE, param->event_nr)) 485 param->flags |= DM_UEVENT_GENERATED_FLAG; 486 487 md = hc->md; 488 489 dm_ima_measure_on_device_rename(md); 490 491 up_write(&_hash_lock); 492 kfree(old_name); 493 494 return md; 495 } 496 497 void dm_deferred_remove(void) 498 { 499 dm_hash_remove_all(true, false, true); 500 } 501 502 /*----------------------------------------------------------------- 503 * Implementation of the ioctl commands 504 *---------------------------------------------------------------*/ 505 /* 506 * All the ioctl commands get dispatched to functions with this 507 * prototype. 508 */ 509 typedef int (*ioctl_fn)(struct file *filp, struct dm_ioctl *param, size_t param_size); 510 511 static int remove_all(struct file *filp, struct dm_ioctl *param, size_t param_size) 512 { 513 dm_hash_remove_all(true, !!(param->flags & DM_DEFERRED_REMOVE), false); 514 param->data_size = 0; 515 return 0; 516 } 517 518 /* 519 * Round up the ptr to an 8-byte boundary. 520 */ 521 #define ALIGN_MASK 7 522 static inline size_t align_val(size_t val) 523 { 524 return (val + ALIGN_MASK) & ~ALIGN_MASK; 525 } 526 static inline void *align_ptr(void *ptr) 527 { 528 return (void *)align_val((size_t)ptr); 529 } 530 531 /* 532 * Retrieves the data payload buffer from an already allocated 533 * struct dm_ioctl. 534 */ 535 static void *get_result_buffer(struct dm_ioctl *param, size_t param_size, 536 size_t *len) 537 { 538 param->data_start = align_ptr(param + 1) - (void *) param; 539 540 if (param->data_start < param_size) 541 *len = param_size - param->data_start; 542 else 543 *len = 0; 544 545 return ((void *) param) + param->data_start; 546 } 547 548 static bool filter_device(struct hash_cell *hc, const char *pfx_name, const char *pfx_uuid) 549 { 550 const char *val; 551 size_t val_len, pfx_len; 552 553 val = hc->name; 554 val_len = strlen(val); 555 pfx_len = strnlen(pfx_name, DM_NAME_LEN); 556 if (pfx_len > val_len) 557 return false; 558 if (memcmp(val, pfx_name, pfx_len)) 559 return false; 560 561 val = hc->uuid ? hc->uuid : ""; 562 val_len = strlen(val); 563 pfx_len = strnlen(pfx_uuid, DM_UUID_LEN); 564 if (pfx_len > val_len) 565 return false; 566 if (memcmp(val, pfx_uuid, pfx_len)) 567 return false; 568 569 return true; 570 } 571 572 static int list_devices(struct file *filp, struct dm_ioctl *param, size_t param_size) 573 { 574 struct rb_node *n; 575 struct hash_cell *hc; 576 size_t len, needed = 0; 577 struct gendisk *disk; 578 struct dm_name_list *orig_nl, *nl, *old_nl = NULL; 579 uint32_t *event_nr; 580 581 down_write(&_hash_lock); 582 583 /* 584 * Loop through all the devices working out how much 585 * space we need. 586 */ 587 for (n = rb_first(&name_rb_tree); n; n = rb_next(n)) { 588 hc = container_of(n, struct hash_cell, name_node); 589 if (!filter_device(hc, param->name, param->uuid)) 590 continue; 591 needed += align_val(offsetof(struct dm_name_list, name) + strlen(hc->name) + 1); 592 needed += align_val(sizeof(uint32_t) * 2); 593 if (param->flags & DM_UUID_FLAG && hc->uuid) 594 needed += align_val(strlen(hc->uuid) + 1); 595 } 596 597 /* 598 * Grab our output buffer. 599 */ 600 nl = orig_nl = get_result_buffer(param, param_size, &len); 601 if (len < needed || len < sizeof(nl->dev)) { 602 param->flags |= DM_BUFFER_FULL_FLAG; 603 goto out; 604 } 605 param->data_size = param->data_start + needed; 606 607 nl->dev = 0; /* Flags no data */ 608 609 /* 610 * Now loop through filling out the names. 611 */ 612 for (n = rb_first(&name_rb_tree); n; n = rb_next(n)) { 613 void *uuid_ptr; 614 hc = container_of(n, struct hash_cell, name_node); 615 if (!filter_device(hc, param->name, param->uuid)) 616 continue; 617 if (old_nl) 618 old_nl->next = (uint32_t) ((void *) nl - 619 (void *) old_nl); 620 disk = dm_disk(hc->md); 621 nl->dev = huge_encode_dev(disk_devt(disk)); 622 nl->next = 0; 623 strcpy(nl->name, hc->name); 624 625 old_nl = nl; 626 event_nr = align_ptr(nl->name + strlen(hc->name) + 1); 627 event_nr[0] = dm_get_event_nr(hc->md); 628 event_nr[1] = 0; 629 uuid_ptr = align_ptr(event_nr + 2); 630 if (param->flags & DM_UUID_FLAG) { 631 if (hc->uuid) { 632 event_nr[1] |= DM_NAME_LIST_FLAG_HAS_UUID; 633 strcpy(uuid_ptr, hc->uuid); 634 uuid_ptr = align_ptr(uuid_ptr + strlen(hc->uuid) + 1); 635 } else { 636 event_nr[1] |= DM_NAME_LIST_FLAG_DOESNT_HAVE_UUID; 637 } 638 } 639 nl = uuid_ptr; 640 } 641 /* 642 * If mismatch happens, security may be compromised due to buffer 643 * overflow, so it's better to crash. 644 */ 645 BUG_ON((char *)nl - (char *)orig_nl != needed); 646 647 out: 648 up_write(&_hash_lock); 649 return 0; 650 } 651 652 static void list_version_get_needed(struct target_type *tt, void *needed_param) 653 { 654 size_t *needed = needed_param; 655 656 *needed += sizeof(struct dm_target_versions); 657 *needed += strlen(tt->name); 658 *needed += ALIGN_MASK; 659 } 660 661 static void list_version_get_info(struct target_type *tt, void *param) 662 { 663 struct vers_iter *info = param; 664 665 /* Check space - it might have changed since the first iteration */ 666 if ((char *)info->vers + sizeof(tt->version) + strlen(tt->name) + 1 > 667 info->end) { 668 669 info->flags = DM_BUFFER_FULL_FLAG; 670 return; 671 } 672 673 if (info->old_vers) 674 info->old_vers->next = (uint32_t) ((void *)info->vers - 675 (void *)info->old_vers); 676 info->vers->version[0] = tt->version[0]; 677 info->vers->version[1] = tt->version[1]; 678 info->vers->version[2] = tt->version[2]; 679 info->vers->next = 0; 680 strcpy(info->vers->name, tt->name); 681 682 info->old_vers = info->vers; 683 info->vers = align_ptr(((void *) ++info->vers) + strlen(tt->name) + 1); 684 } 685 686 static int __list_versions(struct dm_ioctl *param, size_t param_size, const char *name) 687 { 688 size_t len, needed = 0; 689 struct dm_target_versions *vers; 690 struct vers_iter iter_info; 691 struct target_type *tt = NULL; 692 693 if (name) { 694 tt = dm_get_target_type(name); 695 if (!tt) 696 return -EINVAL; 697 } 698 699 /* 700 * Loop through all the devices working out how much 701 * space we need. 702 */ 703 if (!tt) 704 dm_target_iterate(list_version_get_needed, &needed); 705 else 706 list_version_get_needed(tt, &needed); 707 708 /* 709 * Grab our output buffer. 710 */ 711 vers = get_result_buffer(param, param_size, &len); 712 if (len < needed) { 713 param->flags |= DM_BUFFER_FULL_FLAG; 714 goto out; 715 } 716 param->data_size = param->data_start + needed; 717 718 iter_info.param_size = param_size; 719 iter_info.old_vers = NULL; 720 iter_info.vers = vers; 721 iter_info.flags = 0; 722 iter_info.end = (char *)vers+len; 723 724 /* 725 * Now loop through filling out the names & versions. 726 */ 727 if (!tt) 728 dm_target_iterate(list_version_get_info, &iter_info); 729 else 730 list_version_get_info(tt, &iter_info); 731 param->flags |= iter_info.flags; 732 733 out: 734 if (tt) 735 dm_put_target_type(tt); 736 return 0; 737 } 738 739 static int list_versions(struct file *filp, struct dm_ioctl *param, size_t param_size) 740 { 741 return __list_versions(param, param_size, NULL); 742 } 743 744 static int get_target_version(struct file *filp, struct dm_ioctl *param, size_t param_size) 745 { 746 return __list_versions(param, param_size, param->name); 747 } 748 749 static int check_name(const char *name) 750 { 751 if (strchr(name, '/')) { 752 DMWARN("invalid device name"); 753 return -EINVAL; 754 } 755 756 return 0; 757 } 758 759 /* 760 * On successful return, the caller must not attempt to acquire 761 * _hash_lock without first calling dm_put_live_table, because dm_table_destroy 762 * waits for this dm_put_live_table and could be called under this lock. 763 */ 764 static struct dm_table *dm_get_inactive_table(struct mapped_device *md, int *srcu_idx) 765 { 766 struct hash_cell *hc; 767 struct dm_table *table = NULL; 768 769 /* increment rcu count, we don't care about the table pointer */ 770 dm_get_live_table(md, srcu_idx); 771 772 down_read(&_hash_lock); 773 hc = dm_get_mdptr(md); 774 if (!hc || hc->md != md) { 775 DMWARN("device has been removed from the dev hash table."); 776 goto out; 777 } 778 779 table = hc->new_map; 780 781 out: 782 up_read(&_hash_lock); 783 784 return table; 785 } 786 787 static struct dm_table *dm_get_live_or_inactive_table(struct mapped_device *md, 788 struct dm_ioctl *param, 789 int *srcu_idx) 790 { 791 return (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) ? 792 dm_get_inactive_table(md, srcu_idx) : dm_get_live_table(md, srcu_idx); 793 } 794 795 /* 796 * Fills in a dm_ioctl structure, ready for sending back to 797 * userland. 798 */ 799 static void __dev_status(struct mapped_device *md, struct dm_ioctl *param) 800 { 801 struct gendisk *disk = dm_disk(md); 802 struct dm_table *table; 803 int srcu_idx; 804 805 param->flags &= ~(DM_SUSPEND_FLAG | DM_READONLY_FLAG | 806 DM_ACTIVE_PRESENT_FLAG | DM_INTERNAL_SUSPEND_FLAG); 807 808 if (dm_suspended_md(md)) 809 param->flags |= DM_SUSPEND_FLAG; 810 811 if (dm_suspended_internally_md(md)) 812 param->flags |= DM_INTERNAL_SUSPEND_FLAG; 813 814 if (dm_test_deferred_remove_flag(md)) 815 param->flags |= DM_DEFERRED_REMOVE; 816 817 param->dev = huge_encode_dev(disk_devt(disk)); 818 819 /* 820 * Yes, this will be out of date by the time it gets back 821 * to userland, but it is still very useful for 822 * debugging. 823 */ 824 param->open_count = dm_open_count(md); 825 826 param->event_nr = dm_get_event_nr(md); 827 param->target_count = 0; 828 829 table = dm_get_live_table(md, &srcu_idx); 830 if (table) { 831 if (!(param->flags & DM_QUERY_INACTIVE_TABLE_FLAG)) { 832 if (get_disk_ro(disk)) 833 param->flags |= DM_READONLY_FLAG; 834 param->target_count = dm_table_get_num_targets(table); 835 } 836 837 param->flags |= DM_ACTIVE_PRESENT_FLAG; 838 } 839 dm_put_live_table(md, srcu_idx); 840 841 if (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) { 842 int srcu_idx; 843 table = dm_get_inactive_table(md, &srcu_idx); 844 if (table) { 845 if (!(dm_table_get_mode(table) & FMODE_WRITE)) 846 param->flags |= DM_READONLY_FLAG; 847 param->target_count = dm_table_get_num_targets(table); 848 } 849 dm_put_live_table(md, srcu_idx); 850 } 851 } 852 853 static int dev_create(struct file *filp, struct dm_ioctl *param, size_t param_size) 854 { 855 int r, m = DM_ANY_MINOR; 856 struct mapped_device *md; 857 858 r = check_name(param->name); 859 if (r) 860 return r; 861 862 if (param->flags & DM_PERSISTENT_DEV_FLAG) 863 m = MINOR(huge_decode_dev(param->dev)); 864 865 r = dm_create(m, &md); 866 if (r) 867 return r; 868 869 r = dm_hash_insert(param->name, *param->uuid ? param->uuid : NULL, md); 870 if (r) { 871 dm_put(md); 872 dm_destroy(md); 873 return r; 874 } 875 876 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 877 878 __dev_status(md, param); 879 880 dm_put(md); 881 882 return 0; 883 } 884 885 /* 886 * Always use UUID for lookups if it's present, otherwise use name or dev. 887 */ 888 static struct hash_cell *__find_device_hash_cell(struct dm_ioctl *param) 889 { 890 struct hash_cell *hc = NULL; 891 892 if (*param->uuid) { 893 if (*param->name || param->dev) 894 return NULL; 895 896 hc = __get_uuid_cell(param->uuid); 897 if (!hc) 898 return NULL; 899 } else if (*param->name) { 900 if (param->dev) 901 return NULL; 902 903 hc = __get_name_cell(param->name); 904 if (!hc) 905 return NULL; 906 } else if (param->dev) { 907 hc = __get_dev_cell(param->dev); 908 if (!hc) 909 return NULL; 910 } else 911 return NULL; 912 913 /* 914 * Sneakily write in both the name and the uuid 915 * while we have the cell. 916 */ 917 strlcpy(param->name, hc->name, sizeof(param->name)); 918 if (hc->uuid) 919 strlcpy(param->uuid, hc->uuid, sizeof(param->uuid)); 920 else 921 param->uuid[0] = '\0'; 922 923 if (hc->new_map) 924 param->flags |= DM_INACTIVE_PRESENT_FLAG; 925 else 926 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 927 928 return hc; 929 } 930 931 static struct mapped_device *find_device(struct dm_ioctl *param) 932 { 933 struct hash_cell *hc; 934 struct mapped_device *md = NULL; 935 936 down_read(&_hash_lock); 937 hc = __find_device_hash_cell(param); 938 if (hc) 939 md = hc->md; 940 up_read(&_hash_lock); 941 942 return md; 943 } 944 945 static int dev_remove(struct file *filp, struct dm_ioctl *param, size_t param_size) 946 { 947 struct hash_cell *hc; 948 struct mapped_device *md; 949 int r; 950 struct dm_table *t; 951 952 down_write(&_hash_lock); 953 hc = __find_device_hash_cell(param); 954 955 if (!hc) { 956 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 957 up_write(&_hash_lock); 958 return -ENXIO; 959 } 960 961 md = hc->md; 962 963 /* 964 * Ensure the device is not open and nothing further can open it. 965 */ 966 r = dm_lock_for_deletion(md, !!(param->flags & DM_DEFERRED_REMOVE), false); 967 if (r) { 968 if (r == -EBUSY && param->flags & DM_DEFERRED_REMOVE) { 969 up_write(&_hash_lock); 970 dm_put(md); 971 return 0; 972 } 973 DMDEBUG_LIMIT("unable to remove open device %s", hc->name); 974 up_write(&_hash_lock); 975 dm_put(md); 976 return r; 977 } 978 979 t = __hash_remove(hc); 980 up_write(&_hash_lock); 981 982 if (t) { 983 dm_sync_table(md); 984 dm_table_destroy(t); 985 } 986 987 param->flags &= ~DM_DEFERRED_REMOVE; 988 989 dm_ima_measure_on_device_remove(md, false); 990 991 if (!dm_kobject_uevent(md, KOBJ_REMOVE, param->event_nr)) 992 param->flags |= DM_UEVENT_GENERATED_FLAG; 993 994 dm_put(md); 995 dm_destroy(md); 996 return 0; 997 } 998 999 /* 1000 * Check a string doesn't overrun the chunk of 1001 * memory we copied from userland. 1002 */ 1003 static int invalid_str(char *str, void *end) 1004 { 1005 while ((void *) str < end) 1006 if (!*str++) 1007 return 0; 1008 1009 return -EINVAL; 1010 } 1011 1012 static int dev_rename(struct file *filp, struct dm_ioctl *param, size_t param_size) 1013 { 1014 int r; 1015 char *new_data = (char *) param + param->data_start; 1016 struct mapped_device *md; 1017 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 1018 1019 if (new_data < param->data || 1020 invalid_str(new_data, (void *) param + param_size) || !*new_data || 1021 strlen(new_data) > (change_uuid ? DM_UUID_LEN - 1 : DM_NAME_LEN - 1)) { 1022 DMWARN("Invalid new mapped device name or uuid string supplied."); 1023 return -EINVAL; 1024 } 1025 1026 if (!change_uuid) { 1027 r = check_name(new_data); 1028 if (r) 1029 return r; 1030 } 1031 1032 md = dm_hash_rename(param, new_data); 1033 if (IS_ERR(md)) 1034 return PTR_ERR(md); 1035 1036 __dev_status(md, param); 1037 dm_put(md); 1038 1039 return 0; 1040 } 1041 1042 static int dev_set_geometry(struct file *filp, struct dm_ioctl *param, size_t param_size) 1043 { 1044 int r = -EINVAL, x; 1045 struct mapped_device *md; 1046 struct hd_geometry geometry; 1047 unsigned long indata[4]; 1048 char *geostr = (char *) param + param->data_start; 1049 char dummy; 1050 1051 md = find_device(param); 1052 if (!md) 1053 return -ENXIO; 1054 1055 if (geostr < param->data || 1056 invalid_str(geostr, (void *) param + param_size)) { 1057 DMWARN("Invalid geometry supplied."); 1058 goto out; 1059 } 1060 1061 x = sscanf(geostr, "%lu %lu %lu %lu%c", indata, 1062 indata + 1, indata + 2, indata + 3, &dummy); 1063 1064 if (x != 4) { 1065 DMWARN("Unable to interpret geometry settings."); 1066 goto out; 1067 } 1068 1069 if (indata[0] > 65535 || indata[1] > 255 || 1070 indata[2] > 255 || indata[3] > ULONG_MAX) { 1071 DMWARN("Geometry exceeds range limits."); 1072 goto out; 1073 } 1074 1075 geometry.cylinders = indata[0]; 1076 geometry.heads = indata[1]; 1077 geometry.sectors = indata[2]; 1078 geometry.start = indata[3]; 1079 1080 r = dm_set_geometry(md, &geometry); 1081 1082 param->data_size = 0; 1083 1084 out: 1085 dm_put(md); 1086 return r; 1087 } 1088 1089 static int do_suspend(struct dm_ioctl *param) 1090 { 1091 int r = 0; 1092 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 1093 struct mapped_device *md; 1094 1095 md = find_device(param); 1096 if (!md) 1097 return -ENXIO; 1098 1099 if (param->flags & DM_SKIP_LOCKFS_FLAG) 1100 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 1101 if (param->flags & DM_NOFLUSH_FLAG) 1102 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 1103 1104 if (!dm_suspended_md(md)) { 1105 r = dm_suspend(md, suspend_flags); 1106 if (r) 1107 goto out; 1108 } 1109 1110 __dev_status(md, param); 1111 1112 out: 1113 dm_put(md); 1114 1115 return r; 1116 } 1117 1118 static int do_resume(struct dm_ioctl *param) 1119 { 1120 int r = 0; 1121 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 1122 struct hash_cell *hc; 1123 struct mapped_device *md; 1124 struct dm_table *new_map, *old_map = NULL; 1125 1126 down_write(&_hash_lock); 1127 1128 hc = __find_device_hash_cell(param); 1129 if (!hc) { 1130 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1131 up_write(&_hash_lock); 1132 return -ENXIO; 1133 } 1134 1135 md = hc->md; 1136 1137 new_map = hc->new_map; 1138 hc->new_map = NULL; 1139 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 1140 1141 up_write(&_hash_lock); 1142 1143 /* Do we need to load a new map ? */ 1144 if (new_map) { 1145 /* Suspend if it isn't already suspended */ 1146 if (param->flags & DM_SKIP_LOCKFS_FLAG) 1147 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 1148 if (param->flags & DM_NOFLUSH_FLAG) 1149 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 1150 if (!dm_suspended_md(md)) 1151 dm_suspend(md, suspend_flags); 1152 1153 old_map = dm_swap_table(md, new_map); 1154 if (IS_ERR(old_map)) { 1155 dm_sync_table(md); 1156 dm_table_destroy(new_map); 1157 dm_put(md); 1158 return PTR_ERR(old_map); 1159 } 1160 1161 if (dm_table_get_mode(new_map) & FMODE_WRITE) 1162 set_disk_ro(dm_disk(md), 0); 1163 else 1164 set_disk_ro(dm_disk(md), 1); 1165 } 1166 1167 if (dm_suspended_md(md)) { 1168 r = dm_resume(md); 1169 if (!r) { 1170 dm_ima_measure_on_device_resume(md, new_map ? true : false); 1171 1172 if (!dm_kobject_uevent(md, KOBJ_CHANGE, param->event_nr)) 1173 param->flags |= DM_UEVENT_GENERATED_FLAG; 1174 } 1175 } 1176 1177 /* 1178 * Since dm_swap_table synchronizes RCU, nobody should be in 1179 * read-side critical section already. 1180 */ 1181 if (old_map) 1182 dm_table_destroy(old_map); 1183 1184 if (!r) 1185 __dev_status(md, param); 1186 1187 dm_put(md); 1188 return r; 1189 } 1190 1191 /* 1192 * Set or unset the suspension state of a device. 1193 * If the device already is in the requested state we just return its status. 1194 */ 1195 static int dev_suspend(struct file *filp, struct dm_ioctl *param, size_t param_size) 1196 { 1197 if (param->flags & DM_SUSPEND_FLAG) 1198 return do_suspend(param); 1199 1200 return do_resume(param); 1201 } 1202 1203 /* 1204 * Copies device info back to user space, used by 1205 * the create and info ioctls. 1206 */ 1207 static int dev_status(struct file *filp, struct dm_ioctl *param, size_t param_size) 1208 { 1209 struct mapped_device *md; 1210 1211 md = find_device(param); 1212 if (!md) 1213 return -ENXIO; 1214 1215 __dev_status(md, param); 1216 dm_put(md); 1217 1218 return 0; 1219 } 1220 1221 /* 1222 * Build up the status struct for each target 1223 */ 1224 static void retrieve_status(struct dm_table *table, 1225 struct dm_ioctl *param, size_t param_size) 1226 { 1227 unsigned int i, num_targets; 1228 struct dm_target_spec *spec; 1229 char *outbuf, *outptr; 1230 status_type_t type; 1231 size_t remaining, len, used = 0; 1232 unsigned status_flags = 0; 1233 1234 outptr = outbuf = get_result_buffer(param, param_size, &len); 1235 1236 if (param->flags & DM_STATUS_TABLE_FLAG) 1237 type = STATUSTYPE_TABLE; 1238 else if (param->flags & DM_IMA_MEASUREMENT_FLAG) 1239 type = STATUSTYPE_IMA; 1240 else 1241 type = STATUSTYPE_INFO; 1242 1243 /* Get all the target info */ 1244 num_targets = dm_table_get_num_targets(table); 1245 for (i = 0; i < num_targets; i++) { 1246 struct dm_target *ti = dm_table_get_target(table, i); 1247 size_t l; 1248 1249 remaining = len - (outptr - outbuf); 1250 if (remaining <= sizeof(struct dm_target_spec)) { 1251 param->flags |= DM_BUFFER_FULL_FLAG; 1252 break; 1253 } 1254 1255 spec = (struct dm_target_spec *) outptr; 1256 1257 spec->status = 0; 1258 spec->sector_start = ti->begin; 1259 spec->length = ti->len; 1260 strncpy(spec->target_type, ti->type->name, 1261 sizeof(spec->target_type) - 1); 1262 1263 outptr += sizeof(struct dm_target_spec); 1264 remaining = len - (outptr - outbuf); 1265 if (remaining <= 0) { 1266 param->flags |= DM_BUFFER_FULL_FLAG; 1267 break; 1268 } 1269 1270 /* Get the status/table string from the target driver */ 1271 if (ti->type->status) { 1272 if (param->flags & DM_NOFLUSH_FLAG) 1273 status_flags |= DM_STATUS_NOFLUSH_FLAG; 1274 ti->type->status(ti, type, status_flags, outptr, remaining); 1275 } else 1276 outptr[0] = '\0'; 1277 1278 l = strlen(outptr) + 1; 1279 if (l == remaining) { 1280 param->flags |= DM_BUFFER_FULL_FLAG; 1281 break; 1282 } 1283 1284 outptr += l; 1285 used = param->data_start + (outptr - outbuf); 1286 1287 outptr = align_ptr(outptr); 1288 spec->next = outptr - outbuf; 1289 } 1290 1291 if (used) 1292 param->data_size = used; 1293 1294 param->target_count = num_targets; 1295 } 1296 1297 /* 1298 * Wait for a device to report an event 1299 */ 1300 static int dev_wait(struct file *filp, struct dm_ioctl *param, size_t param_size) 1301 { 1302 int r = 0; 1303 struct mapped_device *md; 1304 struct dm_table *table; 1305 int srcu_idx; 1306 1307 md = find_device(param); 1308 if (!md) 1309 return -ENXIO; 1310 1311 /* 1312 * Wait for a notification event 1313 */ 1314 if (dm_wait_event(md, param->event_nr)) { 1315 r = -ERESTARTSYS; 1316 goto out; 1317 } 1318 1319 /* 1320 * The userland program is going to want to know what 1321 * changed to trigger the event, so we may as well tell 1322 * him and save an ioctl. 1323 */ 1324 __dev_status(md, param); 1325 1326 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1327 if (table) 1328 retrieve_status(table, param, param_size); 1329 dm_put_live_table(md, srcu_idx); 1330 1331 out: 1332 dm_put(md); 1333 1334 return r; 1335 } 1336 1337 /* 1338 * Remember the global event number and make it possible to poll 1339 * for further events. 1340 */ 1341 static int dev_arm_poll(struct file *filp, struct dm_ioctl *param, size_t param_size) 1342 { 1343 struct dm_file *priv = filp->private_data; 1344 1345 priv->global_event_nr = atomic_read(&dm_global_event_nr); 1346 1347 return 0; 1348 } 1349 1350 static inline fmode_t get_mode(struct dm_ioctl *param) 1351 { 1352 fmode_t mode = FMODE_READ | FMODE_WRITE; 1353 1354 if (param->flags & DM_READONLY_FLAG) 1355 mode = FMODE_READ; 1356 1357 return mode; 1358 } 1359 1360 static int next_target(struct dm_target_spec *last, uint32_t next, void *end, 1361 struct dm_target_spec **spec, char **target_params) 1362 { 1363 *spec = (struct dm_target_spec *) ((unsigned char *) last + next); 1364 *target_params = (char *) (*spec + 1); 1365 1366 if (*spec < (last + 1)) 1367 return -EINVAL; 1368 1369 return invalid_str(*target_params, end); 1370 } 1371 1372 static int populate_table(struct dm_table *table, 1373 struct dm_ioctl *param, size_t param_size) 1374 { 1375 int r; 1376 unsigned int i = 0; 1377 struct dm_target_spec *spec = (struct dm_target_spec *) param; 1378 uint32_t next = param->data_start; 1379 void *end = (void *) param + param_size; 1380 char *target_params; 1381 1382 if (!param->target_count) { 1383 DMWARN("populate_table: no targets specified"); 1384 return -EINVAL; 1385 } 1386 1387 for (i = 0; i < param->target_count; i++) { 1388 1389 r = next_target(spec, next, end, &spec, &target_params); 1390 if (r) { 1391 DMWARN("unable to find target"); 1392 return r; 1393 } 1394 1395 r = dm_table_add_target(table, spec->target_type, 1396 (sector_t) spec->sector_start, 1397 (sector_t) spec->length, 1398 target_params); 1399 if (r) { 1400 DMWARN("error adding target to table"); 1401 return r; 1402 } 1403 1404 next = spec->next; 1405 } 1406 1407 return dm_table_complete(table); 1408 } 1409 1410 static bool is_valid_type(enum dm_queue_mode cur, enum dm_queue_mode new) 1411 { 1412 if (cur == new || 1413 (cur == DM_TYPE_BIO_BASED && new == DM_TYPE_DAX_BIO_BASED)) 1414 return true; 1415 1416 return false; 1417 } 1418 1419 static int table_load(struct file *filp, struct dm_ioctl *param, size_t param_size) 1420 { 1421 int r; 1422 struct hash_cell *hc; 1423 struct dm_table *t, *old_map = NULL; 1424 struct mapped_device *md; 1425 struct target_type *immutable_target_type; 1426 1427 md = find_device(param); 1428 if (!md) 1429 return -ENXIO; 1430 1431 r = dm_table_create(&t, get_mode(param), param->target_count, md); 1432 if (r) 1433 goto err; 1434 1435 /* Protect md->type and md->queue against concurrent table loads. */ 1436 dm_lock_md_type(md); 1437 r = populate_table(t, param, param_size); 1438 if (r) 1439 goto err_unlock_md_type; 1440 1441 dm_ima_measure_on_table_load(t, STATUSTYPE_IMA); 1442 1443 immutable_target_type = dm_get_immutable_target_type(md); 1444 if (immutable_target_type && 1445 (immutable_target_type != dm_table_get_immutable_target_type(t)) && 1446 !dm_table_get_wildcard_target(t)) { 1447 DMWARN("can't replace immutable target type %s", 1448 immutable_target_type->name); 1449 r = -EINVAL; 1450 goto err_unlock_md_type; 1451 } 1452 1453 if (dm_get_md_type(md) == DM_TYPE_NONE) { 1454 /* setup md->queue to reflect md's type (may block) */ 1455 r = dm_setup_md_queue(md, t); 1456 if (r) { 1457 DMWARN("unable to set up device queue for new table."); 1458 goto err_unlock_md_type; 1459 } 1460 } else if (!is_valid_type(dm_get_md_type(md), dm_table_get_type(t))) { 1461 DMWARN("can't change device type (old=%u vs new=%u) after initial table load.", 1462 dm_get_md_type(md), dm_table_get_type(t)); 1463 r = -EINVAL; 1464 goto err_unlock_md_type; 1465 } 1466 1467 dm_unlock_md_type(md); 1468 1469 /* stage inactive table */ 1470 down_write(&_hash_lock); 1471 hc = dm_get_mdptr(md); 1472 if (!hc || hc->md != md) { 1473 DMWARN("device has been removed from the dev hash table."); 1474 up_write(&_hash_lock); 1475 r = -ENXIO; 1476 goto err_destroy_table; 1477 } 1478 1479 if (hc->new_map) 1480 old_map = hc->new_map; 1481 hc->new_map = t; 1482 up_write(&_hash_lock); 1483 1484 param->flags |= DM_INACTIVE_PRESENT_FLAG; 1485 __dev_status(md, param); 1486 1487 if (old_map) { 1488 dm_sync_table(md); 1489 dm_table_destroy(old_map); 1490 } 1491 1492 dm_put(md); 1493 1494 return 0; 1495 1496 err_unlock_md_type: 1497 dm_unlock_md_type(md); 1498 err_destroy_table: 1499 dm_table_destroy(t); 1500 err: 1501 dm_put(md); 1502 1503 return r; 1504 } 1505 1506 static int table_clear(struct file *filp, struct dm_ioctl *param, size_t param_size) 1507 { 1508 struct hash_cell *hc; 1509 struct mapped_device *md; 1510 struct dm_table *old_map = NULL; 1511 bool has_new_map = false; 1512 1513 down_write(&_hash_lock); 1514 1515 hc = __find_device_hash_cell(param); 1516 if (!hc) { 1517 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1518 up_write(&_hash_lock); 1519 return -ENXIO; 1520 } 1521 1522 if (hc->new_map) { 1523 old_map = hc->new_map; 1524 hc->new_map = NULL; 1525 has_new_map = true; 1526 } 1527 1528 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 1529 1530 __dev_status(hc->md, param); 1531 md = hc->md; 1532 up_write(&_hash_lock); 1533 if (old_map) { 1534 dm_sync_table(md); 1535 dm_table_destroy(old_map); 1536 } 1537 dm_ima_measure_on_table_clear(md, has_new_map); 1538 dm_put(md); 1539 1540 return 0; 1541 } 1542 1543 /* 1544 * Retrieves a list of devices used by a particular dm device. 1545 */ 1546 static void retrieve_deps(struct dm_table *table, 1547 struct dm_ioctl *param, size_t param_size) 1548 { 1549 unsigned int count = 0; 1550 struct list_head *tmp; 1551 size_t len, needed; 1552 struct dm_dev_internal *dd; 1553 struct dm_target_deps *deps; 1554 1555 deps = get_result_buffer(param, param_size, &len); 1556 1557 /* 1558 * Count the devices. 1559 */ 1560 list_for_each (tmp, dm_table_get_devices(table)) 1561 count++; 1562 1563 /* 1564 * Check we have enough space. 1565 */ 1566 needed = struct_size(deps, dev, count); 1567 if (len < needed) { 1568 param->flags |= DM_BUFFER_FULL_FLAG; 1569 return; 1570 } 1571 1572 /* 1573 * Fill in the devices. 1574 */ 1575 deps->count = count; 1576 count = 0; 1577 list_for_each_entry (dd, dm_table_get_devices(table), list) 1578 deps->dev[count++] = huge_encode_dev(dd->dm_dev->bdev->bd_dev); 1579 1580 param->data_size = param->data_start + needed; 1581 } 1582 1583 static int table_deps(struct file *filp, struct dm_ioctl *param, size_t param_size) 1584 { 1585 struct mapped_device *md; 1586 struct dm_table *table; 1587 int srcu_idx; 1588 1589 md = find_device(param); 1590 if (!md) 1591 return -ENXIO; 1592 1593 __dev_status(md, param); 1594 1595 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1596 if (table) 1597 retrieve_deps(table, param, param_size); 1598 dm_put_live_table(md, srcu_idx); 1599 1600 dm_put(md); 1601 1602 return 0; 1603 } 1604 1605 /* 1606 * Return the status of a device as a text string for each 1607 * target. 1608 */ 1609 static int table_status(struct file *filp, struct dm_ioctl *param, size_t param_size) 1610 { 1611 struct mapped_device *md; 1612 struct dm_table *table; 1613 int srcu_idx; 1614 1615 md = find_device(param); 1616 if (!md) 1617 return -ENXIO; 1618 1619 __dev_status(md, param); 1620 1621 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1622 if (table) 1623 retrieve_status(table, param, param_size); 1624 dm_put_live_table(md, srcu_idx); 1625 1626 dm_put(md); 1627 1628 return 0; 1629 } 1630 1631 /* 1632 * Process device-mapper dependent messages. Messages prefixed with '@' 1633 * are processed by the DM core. All others are delivered to the target. 1634 * Returns a number <= 1 if message was processed by device mapper. 1635 * Returns 2 if message should be delivered to the target. 1636 */ 1637 static int message_for_md(struct mapped_device *md, unsigned argc, char **argv, 1638 char *result, unsigned maxlen) 1639 { 1640 int r; 1641 1642 if (**argv != '@') 1643 return 2; /* no '@' prefix, deliver to target */ 1644 1645 if (!strcasecmp(argv[0], "@cancel_deferred_remove")) { 1646 if (argc != 1) { 1647 DMERR("Invalid arguments for @cancel_deferred_remove"); 1648 return -EINVAL; 1649 } 1650 return dm_cancel_deferred_remove(md); 1651 } 1652 1653 r = dm_stats_message(md, argc, argv, result, maxlen); 1654 if (r < 2) 1655 return r; 1656 1657 DMERR("Unsupported message sent to DM core: %s", argv[0]); 1658 return -EINVAL; 1659 } 1660 1661 /* 1662 * Pass a message to the target that's at the supplied device offset. 1663 */ 1664 static int target_message(struct file *filp, struct dm_ioctl *param, size_t param_size) 1665 { 1666 int r, argc; 1667 char **argv; 1668 struct mapped_device *md; 1669 struct dm_table *table; 1670 struct dm_target *ti; 1671 struct dm_target_msg *tmsg = (void *) param + param->data_start; 1672 size_t maxlen; 1673 char *result = get_result_buffer(param, param_size, &maxlen); 1674 int srcu_idx; 1675 1676 md = find_device(param); 1677 if (!md) 1678 return -ENXIO; 1679 1680 if (tmsg < (struct dm_target_msg *) param->data || 1681 invalid_str(tmsg->message, (void *) param + param_size)) { 1682 DMWARN("Invalid target message parameters."); 1683 r = -EINVAL; 1684 goto out; 1685 } 1686 1687 r = dm_split_args(&argc, &argv, tmsg->message); 1688 if (r) { 1689 DMWARN("Failed to split target message parameters"); 1690 goto out; 1691 } 1692 1693 if (!argc) { 1694 DMWARN("Empty message received."); 1695 r = -EINVAL; 1696 goto out_argv; 1697 } 1698 1699 r = message_for_md(md, argc, argv, result, maxlen); 1700 if (r <= 1) 1701 goto out_argv; 1702 1703 table = dm_get_live_table(md, &srcu_idx); 1704 if (!table) 1705 goto out_table; 1706 1707 if (dm_deleting_md(md)) { 1708 r = -ENXIO; 1709 goto out_table; 1710 } 1711 1712 ti = dm_table_find_target(table, tmsg->sector); 1713 if (!ti) { 1714 DMWARN("Target message sector outside device."); 1715 r = -EINVAL; 1716 } else if (ti->type->message) 1717 r = ti->type->message(ti, argc, argv, result, maxlen); 1718 else { 1719 DMWARN("Target type does not support messages"); 1720 r = -EINVAL; 1721 } 1722 1723 out_table: 1724 dm_put_live_table(md, srcu_idx); 1725 out_argv: 1726 kfree(argv); 1727 out: 1728 if (r >= 0) 1729 __dev_status(md, param); 1730 1731 if (r == 1) { 1732 param->flags |= DM_DATA_OUT_FLAG; 1733 if (dm_message_test_buffer_overflow(result, maxlen)) 1734 param->flags |= DM_BUFFER_FULL_FLAG; 1735 else 1736 param->data_size = param->data_start + strlen(result) + 1; 1737 r = 0; 1738 } 1739 1740 dm_put(md); 1741 return r; 1742 } 1743 1744 /* 1745 * The ioctl parameter block consists of two parts, a dm_ioctl struct 1746 * followed by a data buffer. This flag is set if the second part, 1747 * which has a variable size, is not used by the function processing 1748 * the ioctl. 1749 */ 1750 #define IOCTL_FLAGS_NO_PARAMS 1 1751 #define IOCTL_FLAGS_ISSUE_GLOBAL_EVENT 2 1752 1753 /*----------------------------------------------------------------- 1754 * Implementation of open/close/ioctl on the special char 1755 * device. 1756 *---------------------------------------------------------------*/ 1757 static ioctl_fn lookup_ioctl(unsigned int cmd, int *ioctl_flags) 1758 { 1759 static const struct { 1760 int cmd; 1761 int flags; 1762 ioctl_fn fn; 1763 } _ioctls[] = { 1764 {DM_VERSION_CMD, 0, NULL}, /* version is dealt with elsewhere */ 1765 {DM_REMOVE_ALL_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, remove_all}, 1766 {DM_LIST_DEVICES_CMD, 0, list_devices}, 1767 1768 {DM_DEV_CREATE_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_create}, 1769 {DM_DEV_REMOVE_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_remove}, 1770 {DM_DEV_RENAME_CMD, IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_rename}, 1771 {DM_DEV_SUSPEND_CMD, IOCTL_FLAGS_NO_PARAMS, dev_suspend}, 1772 {DM_DEV_STATUS_CMD, IOCTL_FLAGS_NO_PARAMS, dev_status}, 1773 {DM_DEV_WAIT_CMD, 0, dev_wait}, 1774 1775 {DM_TABLE_LOAD_CMD, 0, table_load}, 1776 {DM_TABLE_CLEAR_CMD, IOCTL_FLAGS_NO_PARAMS, table_clear}, 1777 {DM_TABLE_DEPS_CMD, 0, table_deps}, 1778 {DM_TABLE_STATUS_CMD, 0, table_status}, 1779 1780 {DM_LIST_VERSIONS_CMD, 0, list_versions}, 1781 1782 {DM_TARGET_MSG_CMD, 0, target_message}, 1783 {DM_DEV_SET_GEOMETRY_CMD, 0, dev_set_geometry}, 1784 {DM_DEV_ARM_POLL, IOCTL_FLAGS_NO_PARAMS, dev_arm_poll}, 1785 {DM_GET_TARGET_VERSION, 0, get_target_version}, 1786 }; 1787 1788 if (unlikely(cmd >= ARRAY_SIZE(_ioctls))) 1789 return NULL; 1790 1791 *ioctl_flags = _ioctls[cmd].flags; 1792 return _ioctls[cmd].fn; 1793 } 1794 1795 /* 1796 * As well as checking the version compatibility this always 1797 * copies the kernel interface version out. 1798 */ 1799 static int check_version(unsigned int cmd, struct dm_ioctl __user *user) 1800 { 1801 uint32_t version[3]; 1802 int r = 0; 1803 1804 if (copy_from_user(version, user->version, sizeof(version))) 1805 return -EFAULT; 1806 1807 if ((DM_VERSION_MAJOR != version[0]) || 1808 (DM_VERSION_MINOR < version[1])) { 1809 DMWARN("ioctl interface mismatch: " 1810 "kernel(%u.%u.%u), user(%u.%u.%u), cmd(%d)", 1811 DM_VERSION_MAJOR, DM_VERSION_MINOR, 1812 DM_VERSION_PATCHLEVEL, 1813 version[0], version[1], version[2], cmd); 1814 r = -EINVAL; 1815 } 1816 1817 /* 1818 * Fill in the kernel version. 1819 */ 1820 version[0] = DM_VERSION_MAJOR; 1821 version[1] = DM_VERSION_MINOR; 1822 version[2] = DM_VERSION_PATCHLEVEL; 1823 if (copy_to_user(user->version, version, sizeof(version))) 1824 return -EFAULT; 1825 1826 return r; 1827 } 1828 1829 #define DM_PARAMS_MALLOC 0x0001 /* Params allocated with kvmalloc() */ 1830 #define DM_WIPE_BUFFER 0x0010 /* Wipe input buffer before returning from ioctl */ 1831 1832 static void free_params(struct dm_ioctl *param, size_t param_size, int param_flags) 1833 { 1834 if (param_flags & DM_WIPE_BUFFER) 1835 memset(param, 0, param_size); 1836 1837 if (param_flags & DM_PARAMS_MALLOC) 1838 kvfree(param); 1839 } 1840 1841 static int copy_params(struct dm_ioctl __user *user, struct dm_ioctl *param_kernel, 1842 int ioctl_flags, struct dm_ioctl **param, int *param_flags) 1843 { 1844 struct dm_ioctl *dmi; 1845 int secure_data; 1846 const size_t minimum_data_size = offsetof(struct dm_ioctl, data); 1847 unsigned noio_flag; 1848 1849 if (copy_from_user(param_kernel, user, minimum_data_size)) 1850 return -EFAULT; 1851 1852 if (param_kernel->data_size < minimum_data_size) 1853 return -EINVAL; 1854 1855 secure_data = param_kernel->flags & DM_SECURE_DATA_FLAG; 1856 1857 *param_flags = secure_data ? DM_WIPE_BUFFER : 0; 1858 1859 if (ioctl_flags & IOCTL_FLAGS_NO_PARAMS) { 1860 dmi = param_kernel; 1861 dmi->data_size = minimum_data_size; 1862 goto data_copied; 1863 } 1864 1865 /* 1866 * Use __GFP_HIGH to avoid low memory issues when a device is 1867 * suspended and the ioctl is needed to resume it. 1868 * Use kmalloc() rather than vmalloc() when we can. 1869 */ 1870 dmi = NULL; 1871 noio_flag = memalloc_noio_save(); 1872 dmi = kvmalloc(param_kernel->data_size, GFP_KERNEL | __GFP_HIGH); 1873 memalloc_noio_restore(noio_flag); 1874 1875 if (!dmi) { 1876 if (secure_data && clear_user(user, param_kernel->data_size)) 1877 return -EFAULT; 1878 return -ENOMEM; 1879 } 1880 1881 *param_flags |= DM_PARAMS_MALLOC; 1882 1883 /* Copy from param_kernel (which was already copied from user) */ 1884 memcpy(dmi, param_kernel, minimum_data_size); 1885 1886 if (copy_from_user(&dmi->data, (char __user *)user + minimum_data_size, 1887 param_kernel->data_size - minimum_data_size)) 1888 goto bad; 1889 data_copied: 1890 /* Wipe the user buffer so we do not return it to userspace */ 1891 if (secure_data && clear_user(user, param_kernel->data_size)) 1892 goto bad; 1893 1894 *param = dmi; 1895 return 0; 1896 1897 bad: 1898 free_params(dmi, param_kernel->data_size, *param_flags); 1899 1900 return -EFAULT; 1901 } 1902 1903 static int validate_params(uint cmd, struct dm_ioctl *param) 1904 { 1905 /* Always clear this flag */ 1906 param->flags &= ~DM_BUFFER_FULL_FLAG; 1907 param->flags &= ~DM_UEVENT_GENERATED_FLAG; 1908 param->flags &= ~DM_SECURE_DATA_FLAG; 1909 param->flags &= ~DM_DATA_OUT_FLAG; 1910 1911 /* Ignores parameters */ 1912 if (cmd == DM_REMOVE_ALL_CMD || 1913 cmd == DM_LIST_DEVICES_CMD || 1914 cmd == DM_LIST_VERSIONS_CMD) 1915 return 0; 1916 1917 if (cmd == DM_DEV_CREATE_CMD) { 1918 if (!*param->name) { 1919 DMWARN("name not supplied when creating device"); 1920 return -EINVAL; 1921 } 1922 } else if (*param->uuid && *param->name) { 1923 DMWARN("only supply one of name or uuid, cmd(%u)", cmd); 1924 return -EINVAL; 1925 } 1926 1927 /* Ensure strings are terminated */ 1928 param->name[DM_NAME_LEN - 1] = '\0'; 1929 param->uuid[DM_UUID_LEN - 1] = '\0'; 1930 1931 return 0; 1932 } 1933 1934 static int ctl_ioctl(struct file *file, uint command, struct dm_ioctl __user *user) 1935 { 1936 int r = 0; 1937 int ioctl_flags; 1938 int param_flags; 1939 unsigned int cmd; 1940 struct dm_ioctl *param; 1941 ioctl_fn fn = NULL; 1942 size_t input_param_size; 1943 struct dm_ioctl param_kernel; 1944 1945 /* only root can play with this */ 1946 if (!capable(CAP_SYS_ADMIN)) 1947 return -EACCES; 1948 1949 if (_IOC_TYPE(command) != DM_IOCTL) 1950 return -ENOTTY; 1951 1952 cmd = _IOC_NR(command); 1953 1954 /* 1955 * Check the interface version passed in. This also 1956 * writes out the kernel's interface version. 1957 */ 1958 r = check_version(cmd, user); 1959 if (r) 1960 return r; 1961 1962 /* 1963 * Nothing more to do for the version command. 1964 */ 1965 if (cmd == DM_VERSION_CMD) 1966 return 0; 1967 1968 fn = lookup_ioctl(cmd, &ioctl_flags); 1969 if (!fn) { 1970 DMWARN("dm_ctl_ioctl: unknown command 0x%x", command); 1971 return -ENOTTY; 1972 } 1973 1974 /* 1975 * Copy the parameters into kernel space. 1976 */ 1977 r = copy_params(user, ¶m_kernel, ioctl_flags, ¶m, ¶m_flags); 1978 1979 if (r) 1980 return r; 1981 1982 input_param_size = param->data_size; 1983 r = validate_params(cmd, param); 1984 if (r) 1985 goto out; 1986 1987 param->data_size = offsetof(struct dm_ioctl, data); 1988 r = fn(file, param, input_param_size); 1989 1990 if (unlikely(param->flags & DM_BUFFER_FULL_FLAG) && 1991 unlikely(ioctl_flags & IOCTL_FLAGS_NO_PARAMS)) 1992 DMERR("ioctl %d tried to output some data but has IOCTL_FLAGS_NO_PARAMS set", cmd); 1993 1994 if (!r && ioctl_flags & IOCTL_FLAGS_ISSUE_GLOBAL_EVENT) 1995 dm_issue_global_event(); 1996 1997 /* 1998 * Copy the results back to userland. 1999 */ 2000 if (!r && copy_to_user(user, param, param->data_size)) 2001 r = -EFAULT; 2002 2003 out: 2004 free_params(param, input_param_size, param_flags); 2005 return r; 2006 } 2007 2008 static long dm_ctl_ioctl(struct file *file, uint command, ulong u) 2009 { 2010 return (long)ctl_ioctl(file, command, (struct dm_ioctl __user *)u); 2011 } 2012 2013 #ifdef CONFIG_COMPAT 2014 static long dm_compat_ctl_ioctl(struct file *file, uint command, ulong u) 2015 { 2016 return (long)dm_ctl_ioctl(file, command, (ulong) compat_ptr(u)); 2017 } 2018 #else 2019 #define dm_compat_ctl_ioctl NULL 2020 #endif 2021 2022 static int dm_open(struct inode *inode, struct file *filp) 2023 { 2024 int r; 2025 struct dm_file *priv; 2026 2027 r = nonseekable_open(inode, filp); 2028 if (unlikely(r)) 2029 return r; 2030 2031 priv = filp->private_data = kmalloc(sizeof(struct dm_file), GFP_KERNEL); 2032 if (!priv) 2033 return -ENOMEM; 2034 2035 priv->global_event_nr = atomic_read(&dm_global_event_nr); 2036 2037 return 0; 2038 } 2039 2040 static int dm_release(struct inode *inode, struct file *filp) 2041 { 2042 kfree(filp->private_data); 2043 return 0; 2044 } 2045 2046 static __poll_t dm_poll(struct file *filp, poll_table *wait) 2047 { 2048 struct dm_file *priv = filp->private_data; 2049 __poll_t mask = 0; 2050 2051 poll_wait(filp, &dm_global_eventq, wait); 2052 2053 if ((int)(atomic_read(&dm_global_event_nr) - priv->global_event_nr) > 0) 2054 mask |= EPOLLIN; 2055 2056 return mask; 2057 } 2058 2059 static const struct file_operations _ctl_fops = { 2060 .open = dm_open, 2061 .release = dm_release, 2062 .poll = dm_poll, 2063 .unlocked_ioctl = dm_ctl_ioctl, 2064 .compat_ioctl = dm_compat_ctl_ioctl, 2065 .owner = THIS_MODULE, 2066 .llseek = noop_llseek, 2067 }; 2068 2069 static struct miscdevice _dm_misc = { 2070 .minor = MAPPER_CTRL_MINOR, 2071 .name = DM_NAME, 2072 .nodename = DM_DIR "/" DM_CONTROL_NODE, 2073 .fops = &_ctl_fops 2074 }; 2075 2076 MODULE_ALIAS_MISCDEV(MAPPER_CTRL_MINOR); 2077 MODULE_ALIAS("devname:" DM_DIR "/" DM_CONTROL_NODE); 2078 2079 /* 2080 * Create misc character device and link to DM_DIR/control. 2081 */ 2082 int __init dm_interface_init(void) 2083 { 2084 int r; 2085 2086 r = misc_register(&_dm_misc); 2087 if (r) { 2088 DMERR("misc_register failed for control device"); 2089 return r; 2090 } 2091 2092 DMINFO("%d.%d.%d%s initialised: %s", DM_VERSION_MAJOR, 2093 DM_VERSION_MINOR, DM_VERSION_PATCHLEVEL, DM_VERSION_EXTRA, 2094 DM_DRIVER_EMAIL); 2095 return 0; 2096 } 2097 2098 void dm_interface_exit(void) 2099 { 2100 misc_deregister(&_dm_misc); 2101 dm_hash_exit(); 2102 } 2103 2104 /** 2105 * dm_copy_name_and_uuid - Copy mapped device name & uuid into supplied buffers 2106 * @md: Pointer to mapped_device 2107 * @name: Buffer (size DM_NAME_LEN) for name 2108 * @uuid: Buffer (size DM_UUID_LEN) for uuid or empty string if uuid not defined 2109 */ 2110 int dm_copy_name_and_uuid(struct mapped_device *md, char *name, char *uuid) 2111 { 2112 int r = 0; 2113 struct hash_cell *hc; 2114 2115 if (!md) 2116 return -ENXIO; 2117 2118 mutex_lock(&dm_hash_cells_mutex); 2119 hc = dm_get_mdptr(md); 2120 if (!hc || hc->md != md) { 2121 r = -ENXIO; 2122 goto out; 2123 } 2124 2125 if (name) 2126 strcpy(name, hc->name); 2127 if (uuid) 2128 strcpy(uuid, hc->uuid ? : ""); 2129 2130 out: 2131 mutex_unlock(&dm_hash_cells_mutex); 2132 2133 return r; 2134 } 2135 EXPORT_SYMBOL_GPL(dm_copy_name_and_uuid); 2136 2137 /** 2138 * dm_early_create - create a mapped device in early boot. 2139 * 2140 * @dmi: Contains main information of the device mapping to be created. 2141 * @spec_array: array of pointers to struct dm_target_spec. Describes the 2142 * mapping table of the device. 2143 * @target_params_array: array of strings with the parameters to a specific 2144 * target. 2145 * 2146 * Instead of having the struct dm_target_spec and the parameters for every 2147 * target embedded at the end of struct dm_ioctl (as performed in a normal 2148 * ioctl), pass them as arguments, so the caller doesn't need to serialize them. 2149 * The size of the spec_array and target_params_array is given by 2150 * @dmi->target_count. 2151 * This function is supposed to be called in early boot, so locking mechanisms 2152 * to protect against concurrent loads are not required. 2153 */ 2154 int __init dm_early_create(struct dm_ioctl *dmi, 2155 struct dm_target_spec **spec_array, 2156 char **target_params_array) 2157 { 2158 int r, m = DM_ANY_MINOR; 2159 struct dm_table *t, *old_map; 2160 struct mapped_device *md; 2161 unsigned int i; 2162 2163 if (!dmi->target_count) 2164 return -EINVAL; 2165 2166 r = check_name(dmi->name); 2167 if (r) 2168 return r; 2169 2170 if (dmi->flags & DM_PERSISTENT_DEV_FLAG) 2171 m = MINOR(huge_decode_dev(dmi->dev)); 2172 2173 /* alloc dm device */ 2174 r = dm_create(m, &md); 2175 if (r) 2176 return r; 2177 2178 /* hash insert */ 2179 r = dm_hash_insert(dmi->name, *dmi->uuid ? dmi->uuid : NULL, md); 2180 if (r) 2181 goto err_destroy_dm; 2182 2183 /* alloc table */ 2184 r = dm_table_create(&t, get_mode(dmi), dmi->target_count, md); 2185 if (r) 2186 goto err_hash_remove; 2187 2188 /* add targets */ 2189 for (i = 0; i < dmi->target_count; i++) { 2190 r = dm_table_add_target(t, spec_array[i]->target_type, 2191 (sector_t) spec_array[i]->sector_start, 2192 (sector_t) spec_array[i]->length, 2193 target_params_array[i]); 2194 if (r) { 2195 DMWARN("error adding target to table"); 2196 goto err_destroy_table; 2197 } 2198 } 2199 2200 /* finish table */ 2201 r = dm_table_complete(t); 2202 if (r) 2203 goto err_destroy_table; 2204 2205 /* setup md->queue to reflect md's type (may block) */ 2206 r = dm_setup_md_queue(md, t); 2207 if (r) { 2208 DMWARN("unable to set up device queue for new table."); 2209 goto err_destroy_table; 2210 } 2211 2212 /* Set new map */ 2213 dm_suspend(md, 0); 2214 old_map = dm_swap_table(md, t); 2215 if (IS_ERR(old_map)) { 2216 r = PTR_ERR(old_map); 2217 goto err_destroy_table; 2218 } 2219 set_disk_ro(dm_disk(md), !!(dmi->flags & DM_READONLY_FLAG)); 2220 2221 /* resume device */ 2222 r = dm_resume(md); 2223 if (r) 2224 goto err_destroy_table; 2225 2226 DMINFO("%s (%s) is ready", md->disk->disk_name, dmi->name); 2227 dm_put(md); 2228 return 0; 2229 2230 err_destroy_table: 2231 dm_table_destroy(t); 2232 err_hash_remove: 2233 (void) __hash_remove(__get_name_cell(dmi->name)); 2234 /* release reference from __get_name_cell */ 2235 dm_put(md); 2236 err_destroy_dm: 2237 dm_put(md); 2238 dm_destroy(md); 2239 return r; 2240 } 2241