1 /* 2 * Copyright (C) 2001, 2002 Sistina Software (UK) Limited. 3 * Copyright (C) 2004 - 2006 Red Hat, Inc. All rights reserved. 4 * 5 * This file is released under the GPL. 6 */ 7 8 #include "dm-core.h" 9 10 #include <linux/module.h> 11 #include <linux/vmalloc.h> 12 #include <linux/miscdevice.h> 13 #include <linux/sched/mm.h> 14 #include <linux/init.h> 15 #include <linux/wait.h> 16 #include <linux/slab.h> 17 #include <linux/dm-ioctl.h> 18 #include <linux/hdreg.h> 19 #include <linux/compat.h> 20 21 #include <linux/uaccess.h> 22 23 #define DM_MSG_PREFIX "ioctl" 24 #define DM_DRIVER_EMAIL "dm-devel@redhat.com" 25 26 struct dm_file { 27 /* 28 * poll will wait until the global event number is greater than 29 * this value. 30 */ 31 volatile unsigned global_event_nr; 32 }; 33 34 /*----------------------------------------------------------------- 35 * The ioctl interface needs to be able to look up devices by 36 * name or uuid. 37 *---------------------------------------------------------------*/ 38 struct hash_cell { 39 struct list_head name_list; 40 struct list_head uuid_list; 41 42 char *name; 43 char *uuid; 44 struct mapped_device *md; 45 struct dm_table *new_map; 46 }; 47 48 struct vers_iter { 49 size_t param_size; 50 struct dm_target_versions *vers, *old_vers; 51 char *end; 52 uint32_t flags; 53 }; 54 55 56 #define NUM_BUCKETS 64 57 #define MASK_BUCKETS (NUM_BUCKETS - 1) 58 static struct list_head _name_buckets[NUM_BUCKETS]; 59 static struct list_head _uuid_buckets[NUM_BUCKETS]; 60 61 static void dm_hash_remove_all(bool keep_open_devices, bool mark_deferred, bool only_deferred); 62 63 /* 64 * Guards access to both hash tables. 65 */ 66 static DECLARE_RWSEM(_hash_lock); 67 68 /* 69 * Protects use of mdptr to obtain hash cell name and uuid from mapped device. 70 */ 71 static DEFINE_MUTEX(dm_hash_cells_mutex); 72 73 static void init_buckets(struct list_head *buckets) 74 { 75 unsigned int i; 76 77 for (i = 0; i < NUM_BUCKETS; i++) 78 INIT_LIST_HEAD(buckets + i); 79 } 80 81 static int dm_hash_init(void) 82 { 83 init_buckets(_name_buckets); 84 init_buckets(_uuid_buckets); 85 return 0; 86 } 87 88 static void dm_hash_exit(void) 89 { 90 dm_hash_remove_all(false, false, false); 91 } 92 93 /*----------------------------------------------------------------- 94 * Hash function: 95 * We're not really concerned with the str hash function being 96 * fast since it's only used by the ioctl interface. 97 *---------------------------------------------------------------*/ 98 static unsigned int hash_str(const char *str) 99 { 100 const unsigned int hash_mult = 2654435387U; 101 unsigned int h = 0; 102 103 while (*str) 104 h = (h + (unsigned int) *str++) * hash_mult; 105 106 return h & MASK_BUCKETS; 107 } 108 109 /*----------------------------------------------------------------- 110 * Code for looking up a device by name 111 *---------------------------------------------------------------*/ 112 static struct hash_cell *__get_name_cell(const char *str) 113 { 114 struct hash_cell *hc; 115 unsigned int h = hash_str(str); 116 117 list_for_each_entry (hc, _name_buckets + h, name_list) 118 if (!strcmp(hc->name, str)) { 119 dm_get(hc->md); 120 return hc; 121 } 122 123 return NULL; 124 } 125 126 static struct hash_cell *__get_uuid_cell(const char *str) 127 { 128 struct hash_cell *hc; 129 unsigned int h = hash_str(str); 130 131 list_for_each_entry (hc, _uuid_buckets + h, uuid_list) 132 if (!strcmp(hc->uuid, str)) { 133 dm_get(hc->md); 134 return hc; 135 } 136 137 return NULL; 138 } 139 140 static struct hash_cell *__get_dev_cell(uint64_t dev) 141 { 142 struct mapped_device *md; 143 struct hash_cell *hc; 144 145 md = dm_get_md(huge_decode_dev(dev)); 146 if (!md) 147 return NULL; 148 149 hc = dm_get_mdptr(md); 150 if (!hc) { 151 dm_put(md); 152 return NULL; 153 } 154 155 return hc; 156 } 157 158 /*----------------------------------------------------------------- 159 * Inserting, removing and renaming a device. 160 *---------------------------------------------------------------*/ 161 static struct hash_cell *alloc_cell(const char *name, const char *uuid, 162 struct mapped_device *md) 163 { 164 struct hash_cell *hc; 165 166 hc = kmalloc(sizeof(*hc), GFP_KERNEL); 167 if (!hc) 168 return NULL; 169 170 hc->name = kstrdup(name, GFP_KERNEL); 171 if (!hc->name) { 172 kfree(hc); 173 return NULL; 174 } 175 176 if (!uuid) 177 hc->uuid = NULL; 178 179 else { 180 hc->uuid = kstrdup(uuid, GFP_KERNEL); 181 if (!hc->uuid) { 182 kfree(hc->name); 183 kfree(hc); 184 return NULL; 185 } 186 } 187 188 INIT_LIST_HEAD(&hc->name_list); 189 INIT_LIST_HEAD(&hc->uuid_list); 190 hc->md = md; 191 hc->new_map = NULL; 192 return hc; 193 } 194 195 static void free_cell(struct hash_cell *hc) 196 { 197 if (hc) { 198 kfree(hc->name); 199 kfree(hc->uuid); 200 kfree(hc); 201 } 202 } 203 204 /* 205 * The kdev_t and uuid of a device can never change once it is 206 * initially inserted. 207 */ 208 static int dm_hash_insert(const char *name, const char *uuid, struct mapped_device *md) 209 { 210 struct hash_cell *cell, *hc; 211 212 /* 213 * Allocate the new cells. 214 */ 215 cell = alloc_cell(name, uuid, md); 216 if (!cell) 217 return -ENOMEM; 218 219 /* 220 * Insert the cell into both hash tables. 221 */ 222 down_write(&_hash_lock); 223 hc = __get_name_cell(name); 224 if (hc) { 225 dm_put(hc->md); 226 goto bad; 227 } 228 229 list_add(&cell->name_list, _name_buckets + hash_str(name)); 230 231 if (uuid) { 232 hc = __get_uuid_cell(uuid); 233 if (hc) { 234 list_del(&cell->name_list); 235 dm_put(hc->md); 236 goto bad; 237 } 238 list_add(&cell->uuid_list, _uuid_buckets + hash_str(uuid)); 239 } 240 dm_get(md); 241 mutex_lock(&dm_hash_cells_mutex); 242 dm_set_mdptr(md, cell); 243 mutex_unlock(&dm_hash_cells_mutex); 244 up_write(&_hash_lock); 245 246 return 0; 247 248 bad: 249 up_write(&_hash_lock); 250 free_cell(cell); 251 return -EBUSY; 252 } 253 254 static struct dm_table *__hash_remove(struct hash_cell *hc) 255 { 256 struct dm_table *table; 257 int srcu_idx; 258 259 /* remove from the dev hash */ 260 list_del(&hc->uuid_list); 261 list_del(&hc->name_list); 262 mutex_lock(&dm_hash_cells_mutex); 263 dm_set_mdptr(hc->md, NULL); 264 mutex_unlock(&dm_hash_cells_mutex); 265 266 table = dm_get_live_table(hc->md, &srcu_idx); 267 if (table) 268 dm_table_event(table); 269 dm_put_live_table(hc->md, srcu_idx); 270 271 table = NULL; 272 if (hc->new_map) 273 table = hc->new_map; 274 dm_put(hc->md); 275 free_cell(hc); 276 277 return table; 278 } 279 280 static void dm_hash_remove_all(bool keep_open_devices, bool mark_deferred, bool only_deferred) 281 { 282 int i, dev_skipped; 283 struct hash_cell *hc; 284 struct mapped_device *md; 285 struct dm_table *t; 286 287 retry: 288 dev_skipped = 0; 289 290 down_write(&_hash_lock); 291 292 for (i = 0; i < NUM_BUCKETS; i++) { 293 list_for_each_entry(hc, _name_buckets + i, name_list) { 294 md = hc->md; 295 dm_get(md); 296 297 if (keep_open_devices && 298 dm_lock_for_deletion(md, mark_deferred, only_deferred)) { 299 dm_put(md); 300 dev_skipped++; 301 continue; 302 } 303 304 t = __hash_remove(hc); 305 306 up_write(&_hash_lock); 307 308 if (t) { 309 dm_sync_table(md); 310 dm_table_destroy(t); 311 } 312 dm_put(md); 313 if (likely(keep_open_devices)) 314 dm_destroy(md); 315 else 316 dm_destroy_immediate(md); 317 318 /* 319 * Some mapped devices may be using other mapped 320 * devices, so repeat until we make no further 321 * progress. If a new mapped device is created 322 * here it will also get removed. 323 */ 324 goto retry; 325 } 326 } 327 328 up_write(&_hash_lock); 329 330 if (dev_skipped) 331 DMWARN("remove_all left %d open device(s)", dev_skipped); 332 } 333 334 /* 335 * Set the uuid of a hash_cell that isn't already set. 336 */ 337 static void __set_cell_uuid(struct hash_cell *hc, char *new_uuid) 338 { 339 mutex_lock(&dm_hash_cells_mutex); 340 hc->uuid = new_uuid; 341 mutex_unlock(&dm_hash_cells_mutex); 342 343 list_add(&hc->uuid_list, _uuid_buckets + hash_str(new_uuid)); 344 } 345 346 /* 347 * Changes the name of a hash_cell and returns the old name for 348 * the caller to free. 349 */ 350 static char *__change_cell_name(struct hash_cell *hc, char *new_name) 351 { 352 char *old_name; 353 354 /* 355 * Rename and move the name cell. 356 */ 357 list_del(&hc->name_list); 358 old_name = hc->name; 359 360 mutex_lock(&dm_hash_cells_mutex); 361 hc->name = new_name; 362 mutex_unlock(&dm_hash_cells_mutex); 363 364 list_add(&hc->name_list, _name_buckets + hash_str(new_name)); 365 366 return old_name; 367 } 368 369 static struct mapped_device *dm_hash_rename(struct dm_ioctl *param, 370 const char *new) 371 { 372 char *new_data, *old_name = NULL; 373 struct hash_cell *hc; 374 struct dm_table *table; 375 struct mapped_device *md; 376 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 377 int srcu_idx; 378 379 /* 380 * duplicate new. 381 */ 382 new_data = kstrdup(new, GFP_KERNEL); 383 if (!new_data) 384 return ERR_PTR(-ENOMEM); 385 386 down_write(&_hash_lock); 387 388 /* 389 * Is new free ? 390 */ 391 if (change_uuid) 392 hc = __get_uuid_cell(new); 393 else 394 hc = __get_name_cell(new); 395 396 if (hc) { 397 DMWARN("Unable to change %s on mapped device %s to one that " 398 "already exists: %s", 399 change_uuid ? "uuid" : "name", 400 param->name, new); 401 dm_put(hc->md); 402 up_write(&_hash_lock); 403 kfree(new_data); 404 return ERR_PTR(-EBUSY); 405 } 406 407 /* 408 * Is there such a device as 'old' ? 409 */ 410 hc = __get_name_cell(param->name); 411 if (!hc) { 412 DMWARN("Unable to rename non-existent device, %s to %s%s", 413 param->name, change_uuid ? "uuid " : "", new); 414 up_write(&_hash_lock); 415 kfree(new_data); 416 return ERR_PTR(-ENXIO); 417 } 418 419 /* 420 * Does this device already have a uuid? 421 */ 422 if (change_uuid && hc->uuid) { 423 DMWARN("Unable to change uuid of mapped device %s to %s " 424 "because uuid is already set to %s", 425 param->name, new, hc->uuid); 426 dm_put(hc->md); 427 up_write(&_hash_lock); 428 kfree(new_data); 429 return ERR_PTR(-EINVAL); 430 } 431 432 if (change_uuid) 433 __set_cell_uuid(hc, new_data); 434 else 435 old_name = __change_cell_name(hc, new_data); 436 437 /* 438 * Wake up any dm event waiters. 439 */ 440 table = dm_get_live_table(hc->md, &srcu_idx); 441 if (table) 442 dm_table_event(table); 443 dm_put_live_table(hc->md, srcu_idx); 444 445 if (!dm_kobject_uevent(hc->md, KOBJ_CHANGE, param->event_nr)) 446 param->flags |= DM_UEVENT_GENERATED_FLAG; 447 448 md = hc->md; 449 up_write(&_hash_lock); 450 kfree(old_name); 451 452 return md; 453 } 454 455 void dm_deferred_remove(void) 456 { 457 dm_hash_remove_all(true, false, true); 458 } 459 460 /*----------------------------------------------------------------- 461 * Implementation of the ioctl commands 462 *---------------------------------------------------------------*/ 463 /* 464 * All the ioctl commands get dispatched to functions with this 465 * prototype. 466 */ 467 typedef int (*ioctl_fn)(struct file *filp, struct dm_ioctl *param, size_t param_size); 468 469 static int remove_all(struct file *filp, struct dm_ioctl *param, size_t param_size) 470 { 471 dm_hash_remove_all(true, !!(param->flags & DM_DEFERRED_REMOVE), false); 472 param->data_size = 0; 473 return 0; 474 } 475 476 /* 477 * Round up the ptr to an 8-byte boundary. 478 */ 479 #define ALIGN_MASK 7 480 static inline size_t align_val(size_t val) 481 { 482 return (val + ALIGN_MASK) & ~ALIGN_MASK; 483 } 484 static inline void *align_ptr(void *ptr) 485 { 486 return (void *)align_val((size_t)ptr); 487 } 488 489 /* 490 * Retrieves the data payload buffer from an already allocated 491 * struct dm_ioctl. 492 */ 493 static void *get_result_buffer(struct dm_ioctl *param, size_t param_size, 494 size_t *len) 495 { 496 param->data_start = align_ptr(param + 1) - (void *) param; 497 498 if (param->data_start < param_size) 499 *len = param_size - param->data_start; 500 else 501 *len = 0; 502 503 return ((void *) param) + param->data_start; 504 } 505 506 static int list_devices(struct file *filp, struct dm_ioctl *param, size_t param_size) 507 { 508 unsigned int i; 509 struct hash_cell *hc; 510 size_t len, needed = 0; 511 struct gendisk *disk; 512 struct dm_name_list *orig_nl, *nl, *old_nl = NULL; 513 uint32_t *event_nr; 514 515 down_write(&_hash_lock); 516 517 /* 518 * Loop through all the devices working out how much 519 * space we need. 520 */ 521 for (i = 0; i < NUM_BUCKETS; i++) { 522 list_for_each_entry (hc, _name_buckets + i, name_list) { 523 needed += align_val(offsetof(struct dm_name_list, name) + strlen(hc->name) + 1); 524 needed += align_val(sizeof(uint32_t)); 525 } 526 } 527 528 /* 529 * Grab our output buffer. 530 */ 531 nl = orig_nl = get_result_buffer(param, param_size, &len); 532 if (len < needed) { 533 param->flags |= DM_BUFFER_FULL_FLAG; 534 goto out; 535 } 536 param->data_size = param->data_start + needed; 537 538 nl->dev = 0; /* Flags no data */ 539 540 /* 541 * Now loop through filling out the names. 542 */ 543 for (i = 0; i < NUM_BUCKETS; i++) { 544 list_for_each_entry (hc, _name_buckets + i, name_list) { 545 if (old_nl) 546 old_nl->next = (uint32_t) ((void *) nl - 547 (void *) old_nl); 548 disk = dm_disk(hc->md); 549 nl->dev = huge_encode_dev(disk_devt(disk)); 550 nl->next = 0; 551 strcpy(nl->name, hc->name); 552 553 old_nl = nl; 554 event_nr = align_ptr(nl->name + strlen(hc->name) + 1); 555 *event_nr = dm_get_event_nr(hc->md); 556 nl = align_ptr(event_nr + 1); 557 } 558 } 559 /* 560 * If mismatch happens, security may be compromised due to buffer 561 * overflow, so it's better to crash. 562 */ 563 BUG_ON((char *)nl - (char *)orig_nl != needed); 564 565 out: 566 up_write(&_hash_lock); 567 return 0; 568 } 569 570 static void list_version_get_needed(struct target_type *tt, void *needed_param) 571 { 572 size_t *needed = needed_param; 573 574 *needed += sizeof(struct dm_target_versions); 575 *needed += strlen(tt->name); 576 *needed += ALIGN_MASK; 577 } 578 579 static void list_version_get_info(struct target_type *tt, void *param) 580 { 581 struct vers_iter *info = param; 582 583 /* Check space - it might have changed since the first iteration */ 584 if ((char *)info->vers + sizeof(tt->version) + strlen(tt->name) + 1 > 585 info->end) { 586 587 info->flags = DM_BUFFER_FULL_FLAG; 588 return; 589 } 590 591 if (info->old_vers) 592 info->old_vers->next = (uint32_t) ((void *)info->vers - 593 (void *)info->old_vers); 594 info->vers->version[0] = tt->version[0]; 595 info->vers->version[1] = tt->version[1]; 596 info->vers->version[2] = tt->version[2]; 597 info->vers->next = 0; 598 strcpy(info->vers->name, tt->name); 599 600 info->old_vers = info->vers; 601 info->vers = align_ptr(((void *) ++info->vers) + strlen(tt->name) + 1); 602 } 603 604 static int list_versions(struct file *filp, struct dm_ioctl *param, size_t param_size) 605 { 606 size_t len, needed = 0; 607 struct dm_target_versions *vers; 608 struct vers_iter iter_info; 609 610 /* 611 * Loop through all the devices working out how much 612 * space we need. 613 */ 614 dm_target_iterate(list_version_get_needed, &needed); 615 616 /* 617 * Grab our output buffer. 618 */ 619 vers = get_result_buffer(param, param_size, &len); 620 if (len < needed) { 621 param->flags |= DM_BUFFER_FULL_FLAG; 622 goto out; 623 } 624 param->data_size = param->data_start + needed; 625 626 iter_info.param_size = param_size; 627 iter_info.old_vers = NULL; 628 iter_info.vers = vers; 629 iter_info.flags = 0; 630 iter_info.end = (char *)vers+len; 631 632 /* 633 * Now loop through filling out the names & versions. 634 */ 635 dm_target_iterate(list_version_get_info, &iter_info); 636 param->flags |= iter_info.flags; 637 638 out: 639 return 0; 640 } 641 642 static int check_name(const char *name) 643 { 644 if (strchr(name, '/')) { 645 DMWARN("invalid device name"); 646 return -EINVAL; 647 } 648 649 return 0; 650 } 651 652 /* 653 * On successful return, the caller must not attempt to acquire 654 * _hash_lock without first calling dm_put_live_table, because dm_table_destroy 655 * waits for this dm_put_live_table and could be called under this lock. 656 */ 657 static struct dm_table *dm_get_inactive_table(struct mapped_device *md, int *srcu_idx) 658 { 659 struct hash_cell *hc; 660 struct dm_table *table = NULL; 661 662 /* increment rcu count, we don't care about the table pointer */ 663 dm_get_live_table(md, srcu_idx); 664 665 down_read(&_hash_lock); 666 hc = dm_get_mdptr(md); 667 if (!hc || hc->md != md) { 668 DMWARN("device has been removed from the dev hash table."); 669 goto out; 670 } 671 672 table = hc->new_map; 673 674 out: 675 up_read(&_hash_lock); 676 677 return table; 678 } 679 680 static struct dm_table *dm_get_live_or_inactive_table(struct mapped_device *md, 681 struct dm_ioctl *param, 682 int *srcu_idx) 683 { 684 return (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) ? 685 dm_get_inactive_table(md, srcu_idx) : dm_get_live_table(md, srcu_idx); 686 } 687 688 /* 689 * Fills in a dm_ioctl structure, ready for sending back to 690 * userland. 691 */ 692 static void __dev_status(struct mapped_device *md, struct dm_ioctl *param) 693 { 694 struct gendisk *disk = dm_disk(md); 695 struct dm_table *table; 696 int srcu_idx; 697 698 param->flags &= ~(DM_SUSPEND_FLAG | DM_READONLY_FLAG | 699 DM_ACTIVE_PRESENT_FLAG | DM_INTERNAL_SUSPEND_FLAG); 700 701 if (dm_suspended_md(md)) 702 param->flags |= DM_SUSPEND_FLAG; 703 704 if (dm_suspended_internally_md(md)) 705 param->flags |= DM_INTERNAL_SUSPEND_FLAG; 706 707 if (dm_test_deferred_remove_flag(md)) 708 param->flags |= DM_DEFERRED_REMOVE; 709 710 param->dev = huge_encode_dev(disk_devt(disk)); 711 712 /* 713 * Yes, this will be out of date by the time it gets back 714 * to userland, but it is still very useful for 715 * debugging. 716 */ 717 param->open_count = dm_open_count(md); 718 719 param->event_nr = dm_get_event_nr(md); 720 param->target_count = 0; 721 722 table = dm_get_live_table(md, &srcu_idx); 723 if (table) { 724 if (!(param->flags & DM_QUERY_INACTIVE_TABLE_FLAG)) { 725 if (get_disk_ro(disk)) 726 param->flags |= DM_READONLY_FLAG; 727 param->target_count = dm_table_get_num_targets(table); 728 } 729 730 param->flags |= DM_ACTIVE_PRESENT_FLAG; 731 } 732 dm_put_live_table(md, srcu_idx); 733 734 if (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) { 735 int srcu_idx; 736 table = dm_get_inactive_table(md, &srcu_idx); 737 if (table) { 738 if (!(dm_table_get_mode(table) & FMODE_WRITE)) 739 param->flags |= DM_READONLY_FLAG; 740 param->target_count = dm_table_get_num_targets(table); 741 } 742 dm_put_live_table(md, srcu_idx); 743 } 744 } 745 746 static int dev_create(struct file *filp, struct dm_ioctl *param, size_t param_size) 747 { 748 int r, m = DM_ANY_MINOR; 749 struct mapped_device *md; 750 751 r = check_name(param->name); 752 if (r) 753 return r; 754 755 if (param->flags & DM_PERSISTENT_DEV_FLAG) 756 m = MINOR(huge_decode_dev(param->dev)); 757 758 r = dm_create(m, &md); 759 if (r) 760 return r; 761 762 r = dm_hash_insert(param->name, *param->uuid ? param->uuid : NULL, md); 763 if (r) { 764 dm_put(md); 765 dm_destroy(md); 766 return r; 767 } 768 769 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 770 771 __dev_status(md, param); 772 773 dm_put(md); 774 775 return 0; 776 } 777 778 /* 779 * Always use UUID for lookups if it's present, otherwise use name or dev. 780 */ 781 static struct hash_cell *__find_device_hash_cell(struct dm_ioctl *param) 782 { 783 struct hash_cell *hc = NULL; 784 785 if (*param->uuid) { 786 if (*param->name || param->dev) 787 return NULL; 788 789 hc = __get_uuid_cell(param->uuid); 790 if (!hc) 791 return NULL; 792 } else if (*param->name) { 793 if (param->dev) 794 return NULL; 795 796 hc = __get_name_cell(param->name); 797 if (!hc) 798 return NULL; 799 } else if (param->dev) { 800 hc = __get_dev_cell(param->dev); 801 if (!hc) 802 return NULL; 803 } else 804 return NULL; 805 806 /* 807 * Sneakily write in both the name and the uuid 808 * while we have the cell. 809 */ 810 strlcpy(param->name, hc->name, sizeof(param->name)); 811 if (hc->uuid) 812 strlcpy(param->uuid, hc->uuid, sizeof(param->uuid)); 813 else 814 param->uuid[0] = '\0'; 815 816 if (hc->new_map) 817 param->flags |= DM_INACTIVE_PRESENT_FLAG; 818 else 819 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 820 821 return hc; 822 } 823 824 static struct mapped_device *find_device(struct dm_ioctl *param) 825 { 826 struct hash_cell *hc; 827 struct mapped_device *md = NULL; 828 829 down_read(&_hash_lock); 830 hc = __find_device_hash_cell(param); 831 if (hc) 832 md = hc->md; 833 up_read(&_hash_lock); 834 835 return md; 836 } 837 838 static int dev_remove(struct file *filp, struct dm_ioctl *param, size_t param_size) 839 { 840 struct hash_cell *hc; 841 struct mapped_device *md; 842 int r; 843 struct dm_table *t; 844 845 down_write(&_hash_lock); 846 hc = __find_device_hash_cell(param); 847 848 if (!hc) { 849 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 850 up_write(&_hash_lock); 851 return -ENXIO; 852 } 853 854 md = hc->md; 855 856 /* 857 * Ensure the device is not open and nothing further can open it. 858 */ 859 r = dm_lock_for_deletion(md, !!(param->flags & DM_DEFERRED_REMOVE), false); 860 if (r) { 861 if (r == -EBUSY && param->flags & DM_DEFERRED_REMOVE) { 862 up_write(&_hash_lock); 863 dm_put(md); 864 return 0; 865 } 866 DMDEBUG_LIMIT("unable to remove open device %s", hc->name); 867 up_write(&_hash_lock); 868 dm_put(md); 869 return r; 870 } 871 872 t = __hash_remove(hc); 873 up_write(&_hash_lock); 874 875 if (t) { 876 dm_sync_table(md); 877 dm_table_destroy(t); 878 } 879 880 param->flags &= ~DM_DEFERRED_REMOVE; 881 882 if (!dm_kobject_uevent(md, KOBJ_REMOVE, param->event_nr)) 883 param->flags |= DM_UEVENT_GENERATED_FLAG; 884 885 dm_put(md); 886 dm_destroy(md); 887 return 0; 888 } 889 890 /* 891 * Check a string doesn't overrun the chunk of 892 * memory we copied from userland. 893 */ 894 static int invalid_str(char *str, void *end) 895 { 896 while ((void *) str < end) 897 if (!*str++) 898 return 0; 899 900 return -EINVAL; 901 } 902 903 static int dev_rename(struct file *filp, struct dm_ioctl *param, size_t param_size) 904 { 905 int r; 906 char *new_data = (char *) param + param->data_start; 907 struct mapped_device *md; 908 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 909 910 if (new_data < param->data || 911 invalid_str(new_data, (void *) param + param_size) || !*new_data || 912 strlen(new_data) > (change_uuid ? DM_UUID_LEN - 1 : DM_NAME_LEN - 1)) { 913 DMWARN("Invalid new mapped device name or uuid string supplied."); 914 return -EINVAL; 915 } 916 917 if (!change_uuid) { 918 r = check_name(new_data); 919 if (r) 920 return r; 921 } 922 923 md = dm_hash_rename(param, new_data); 924 if (IS_ERR(md)) 925 return PTR_ERR(md); 926 927 __dev_status(md, param); 928 dm_put(md); 929 930 return 0; 931 } 932 933 static int dev_set_geometry(struct file *filp, struct dm_ioctl *param, size_t param_size) 934 { 935 int r = -EINVAL, x; 936 struct mapped_device *md; 937 struct hd_geometry geometry; 938 unsigned long indata[4]; 939 char *geostr = (char *) param + param->data_start; 940 char dummy; 941 942 md = find_device(param); 943 if (!md) 944 return -ENXIO; 945 946 if (geostr < param->data || 947 invalid_str(geostr, (void *) param + param_size)) { 948 DMWARN("Invalid geometry supplied."); 949 goto out; 950 } 951 952 x = sscanf(geostr, "%lu %lu %lu %lu%c", indata, 953 indata + 1, indata + 2, indata + 3, &dummy); 954 955 if (x != 4) { 956 DMWARN("Unable to interpret geometry settings."); 957 goto out; 958 } 959 960 if (indata[0] > 65535 || indata[1] > 255 || 961 indata[2] > 255 || indata[3] > ULONG_MAX) { 962 DMWARN("Geometry exceeds range limits."); 963 goto out; 964 } 965 966 geometry.cylinders = indata[0]; 967 geometry.heads = indata[1]; 968 geometry.sectors = indata[2]; 969 geometry.start = indata[3]; 970 971 r = dm_set_geometry(md, &geometry); 972 973 param->data_size = 0; 974 975 out: 976 dm_put(md); 977 return r; 978 } 979 980 static int do_suspend(struct dm_ioctl *param) 981 { 982 int r = 0; 983 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 984 struct mapped_device *md; 985 986 md = find_device(param); 987 if (!md) 988 return -ENXIO; 989 990 if (param->flags & DM_SKIP_LOCKFS_FLAG) 991 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 992 if (param->flags & DM_NOFLUSH_FLAG) 993 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 994 995 if (!dm_suspended_md(md)) { 996 r = dm_suspend(md, suspend_flags); 997 if (r) 998 goto out; 999 } 1000 1001 __dev_status(md, param); 1002 1003 out: 1004 dm_put(md); 1005 1006 return r; 1007 } 1008 1009 static int do_resume(struct dm_ioctl *param) 1010 { 1011 int r = 0; 1012 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 1013 struct hash_cell *hc; 1014 struct mapped_device *md; 1015 struct dm_table *new_map, *old_map = NULL; 1016 1017 down_write(&_hash_lock); 1018 1019 hc = __find_device_hash_cell(param); 1020 if (!hc) { 1021 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1022 up_write(&_hash_lock); 1023 return -ENXIO; 1024 } 1025 1026 md = hc->md; 1027 1028 new_map = hc->new_map; 1029 hc->new_map = NULL; 1030 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 1031 1032 up_write(&_hash_lock); 1033 1034 /* Do we need to load a new map ? */ 1035 if (new_map) { 1036 /* Suspend if it isn't already suspended */ 1037 if (param->flags & DM_SKIP_LOCKFS_FLAG) 1038 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 1039 if (param->flags & DM_NOFLUSH_FLAG) 1040 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 1041 if (!dm_suspended_md(md)) 1042 dm_suspend(md, suspend_flags); 1043 1044 old_map = dm_swap_table(md, new_map); 1045 if (IS_ERR(old_map)) { 1046 dm_sync_table(md); 1047 dm_table_destroy(new_map); 1048 dm_put(md); 1049 return PTR_ERR(old_map); 1050 } 1051 1052 if (dm_table_get_mode(new_map) & FMODE_WRITE) 1053 set_disk_ro(dm_disk(md), 0); 1054 else 1055 set_disk_ro(dm_disk(md), 1); 1056 } 1057 1058 if (dm_suspended_md(md)) { 1059 r = dm_resume(md); 1060 if (!r && !dm_kobject_uevent(md, KOBJ_CHANGE, param->event_nr)) 1061 param->flags |= DM_UEVENT_GENERATED_FLAG; 1062 } 1063 1064 /* 1065 * Since dm_swap_table synchronizes RCU, nobody should be in 1066 * read-side critical section already. 1067 */ 1068 if (old_map) 1069 dm_table_destroy(old_map); 1070 1071 if (!r) 1072 __dev_status(md, param); 1073 1074 dm_put(md); 1075 return r; 1076 } 1077 1078 /* 1079 * Set or unset the suspension state of a device. 1080 * If the device already is in the requested state we just return its status. 1081 */ 1082 static int dev_suspend(struct file *filp, struct dm_ioctl *param, size_t param_size) 1083 { 1084 if (param->flags & DM_SUSPEND_FLAG) 1085 return do_suspend(param); 1086 1087 return do_resume(param); 1088 } 1089 1090 /* 1091 * Copies device info back to user space, used by 1092 * the create and info ioctls. 1093 */ 1094 static int dev_status(struct file *filp, struct dm_ioctl *param, size_t param_size) 1095 { 1096 struct mapped_device *md; 1097 1098 md = find_device(param); 1099 if (!md) 1100 return -ENXIO; 1101 1102 __dev_status(md, param); 1103 dm_put(md); 1104 1105 return 0; 1106 } 1107 1108 /* 1109 * Build up the status struct for each target 1110 */ 1111 static void retrieve_status(struct dm_table *table, 1112 struct dm_ioctl *param, size_t param_size) 1113 { 1114 unsigned int i, num_targets; 1115 struct dm_target_spec *spec; 1116 char *outbuf, *outptr; 1117 status_type_t type; 1118 size_t remaining, len, used = 0; 1119 unsigned status_flags = 0; 1120 1121 outptr = outbuf = get_result_buffer(param, param_size, &len); 1122 1123 if (param->flags & DM_STATUS_TABLE_FLAG) 1124 type = STATUSTYPE_TABLE; 1125 else 1126 type = STATUSTYPE_INFO; 1127 1128 /* Get all the target info */ 1129 num_targets = dm_table_get_num_targets(table); 1130 for (i = 0; i < num_targets; i++) { 1131 struct dm_target *ti = dm_table_get_target(table, i); 1132 size_t l; 1133 1134 remaining = len - (outptr - outbuf); 1135 if (remaining <= sizeof(struct dm_target_spec)) { 1136 param->flags |= DM_BUFFER_FULL_FLAG; 1137 break; 1138 } 1139 1140 spec = (struct dm_target_spec *) outptr; 1141 1142 spec->status = 0; 1143 spec->sector_start = ti->begin; 1144 spec->length = ti->len; 1145 strncpy(spec->target_type, ti->type->name, 1146 sizeof(spec->target_type)); 1147 1148 outptr += sizeof(struct dm_target_spec); 1149 remaining = len - (outptr - outbuf); 1150 if (remaining <= 0) { 1151 param->flags |= DM_BUFFER_FULL_FLAG; 1152 break; 1153 } 1154 1155 /* Get the status/table string from the target driver */ 1156 if (ti->type->status) { 1157 if (param->flags & DM_NOFLUSH_FLAG) 1158 status_flags |= DM_STATUS_NOFLUSH_FLAG; 1159 ti->type->status(ti, type, status_flags, outptr, remaining); 1160 } else 1161 outptr[0] = '\0'; 1162 1163 l = strlen(outptr) + 1; 1164 if (l == remaining) { 1165 param->flags |= DM_BUFFER_FULL_FLAG; 1166 break; 1167 } 1168 1169 outptr += l; 1170 used = param->data_start + (outptr - outbuf); 1171 1172 outptr = align_ptr(outptr); 1173 spec->next = outptr - outbuf; 1174 } 1175 1176 if (used) 1177 param->data_size = used; 1178 1179 param->target_count = num_targets; 1180 } 1181 1182 /* 1183 * Wait for a device to report an event 1184 */ 1185 static int dev_wait(struct file *filp, struct dm_ioctl *param, size_t param_size) 1186 { 1187 int r = 0; 1188 struct mapped_device *md; 1189 struct dm_table *table; 1190 int srcu_idx; 1191 1192 md = find_device(param); 1193 if (!md) 1194 return -ENXIO; 1195 1196 /* 1197 * Wait for a notification event 1198 */ 1199 if (dm_wait_event(md, param->event_nr)) { 1200 r = -ERESTARTSYS; 1201 goto out; 1202 } 1203 1204 /* 1205 * The userland program is going to want to know what 1206 * changed to trigger the event, so we may as well tell 1207 * him and save an ioctl. 1208 */ 1209 __dev_status(md, param); 1210 1211 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1212 if (table) 1213 retrieve_status(table, param, param_size); 1214 dm_put_live_table(md, srcu_idx); 1215 1216 out: 1217 dm_put(md); 1218 1219 return r; 1220 } 1221 1222 /* 1223 * Remember the global event number and make it possible to poll 1224 * for further events. 1225 */ 1226 static int dev_arm_poll(struct file *filp, struct dm_ioctl *param, size_t param_size) 1227 { 1228 struct dm_file *priv = filp->private_data; 1229 1230 priv->global_event_nr = atomic_read(&dm_global_event_nr); 1231 1232 return 0; 1233 } 1234 1235 static inline fmode_t get_mode(struct dm_ioctl *param) 1236 { 1237 fmode_t mode = FMODE_READ | FMODE_WRITE; 1238 1239 if (param->flags & DM_READONLY_FLAG) 1240 mode = FMODE_READ; 1241 1242 return mode; 1243 } 1244 1245 static int next_target(struct dm_target_spec *last, uint32_t next, void *end, 1246 struct dm_target_spec **spec, char **target_params) 1247 { 1248 *spec = (struct dm_target_spec *) ((unsigned char *) last + next); 1249 *target_params = (char *) (*spec + 1); 1250 1251 if (*spec < (last + 1)) 1252 return -EINVAL; 1253 1254 return invalid_str(*target_params, end); 1255 } 1256 1257 static int populate_table(struct dm_table *table, 1258 struct dm_ioctl *param, size_t param_size) 1259 { 1260 int r; 1261 unsigned int i = 0; 1262 struct dm_target_spec *spec = (struct dm_target_spec *) param; 1263 uint32_t next = param->data_start; 1264 void *end = (void *) param + param_size; 1265 char *target_params; 1266 1267 if (!param->target_count) { 1268 DMWARN("populate_table: no targets specified"); 1269 return -EINVAL; 1270 } 1271 1272 for (i = 0; i < param->target_count; i++) { 1273 1274 r = next_target(spec, next, end, &spec, &target_params); 1275 if (r) { 1276 DMWARN("unable to find target"); 1277 return r; 1278 } 1279 1280 r = dm_table_add_target(table, spec->target_type, 1281 (sector_t) spec->sector_start, 1282 (sector_t) spec->length, 1283 target_params); 1284 if (r) { 1285 DMWARN("error adding target to table"); 1286 return r; 1287 } 1288 1289 next = spec->next; 1290 } 1291 1292 return dm_table_complete(table); 1293 } 1294 1295 static bool is_valid_type(enum dm_queue_mode cur, enum dm_queue_mode new) 1296 { 1297 if (cur == new || 1298 (cur == DM_TYPE_BIO_BASED && new == DM_TYPE_DAX_BIO_BASED)) 1299 return true; 1300 1301 return false; 1302 } 1303 1304 static int table_load(struct file *filp, struct dm_ioctl *param, size_t param_size) 1305 { 1306 int r; 1307 struct hash_cell *hc; 1308 struct dm_table *t, *old_map = NULL; 1309 struct mapped_device *md; 1310 struct target_type *immutable_target_type; 1311 1312 md = find_device(param); 1313 if (!md) 1314 return -ENXIO; 1315 1316 r = dm_table_create(&t, get_mode(param), param->target_count, md); 1317 if (r) 1318 goto err; 1319 1320 /* Protect md->type and md->queue against concurrent table loads. */ 1321 dm_lock_md_type(md); 1322 r = populate_table(t, param, param_size); 1323 if (r) 1324 goto err_unlock_md_type; 1325 1326 immutable_target_type = dm_get_immutable_target_type(md); 1327 if (immutable_target_type && 1328 (immutable_target_type != dm_table_get_immutable_target_type(t)) && 1329 !dm_table_get_wildcard_target(t)) { 1330 DMWARN("can't replace immutable target type %s", 1331 immutable_target_type->name); 1332 r = -EINVAL; 1333 goto err_unlock_md_type; 1334 } 1335 1336 if (dm_get_md_type(md) == DM_TYPE_NONE) { 1337 /* Initial table load: acquire type of table. */ 1338 dm_set_md_type(md, dm_table_get_type(t)); 1339 1340 /* setup md->queue to reflect md's type (may block) */ 1341 r = dm_setup_md_queue(md, t); 1342 if (r) { 1343 DMWARN("unable to set up device queue for new table."); 1344 goto err_unlock_md_type; 1345 } 1346 } else if (!is_valid_type(dm_get_md_type(md), dm_table_get_type(t))) { 1347 DMWARN("can't change device type after initial table load."); 1348 r = -EINVAL; 1349 goto err_unlock_md_type; 1350 } 1351 1352 dm_unlock_md_type(md); 1353 1354 /* stage inactive table */ 1355 down_write(&_hash_lock); 1356 hc = dm_get_mdptr(md); 1357 if (!hc || hc->md != md) { 1358 DMWARN("device has been removed from the dev hash table."); 1359 up_write(&_hash_lock); 1360 r = -ENXIO; 1361 goto err_destroy_table; 1362 } 1363 1364 if (hc->new_map) 1365 old_map = hc->new_map; 1366 hc->new_map = t; 1367 up_write(&_hash_lock); 1368 1369 param->flags |= DM_INACTIVE_PRESENT_FLAG; 1370 __dev_status(md, param); 1371 1372 if (old_map) { 1373 dm_sync_table(md); 1374 dm_table_destroy(old_map); 1375 } 1376 1377 dm_put(md); 1378 1379 return 0; 1380 1381 err_unlock_md_type: 1382 dm_unlock_md_type(md); 1383 err_destroy_table: 1384 dm_table_destroy(t); 1385 err: 1386 dm_put(md); 1387 1388 return r; 1389 } 1390 1391 static int table_clear(struct file *filp, struct dm_ioctl *param, size_t param_size) 1392 { 1393 struct hash_cell *hc; 1394 struct mapped_device *md; 1395 struct dm_table *old_map = NULL; 1396 1397 down_write(&_hash_lock); 1398 1399 hc = __find_device_hash_cell(param); 1400 if (!hc) { 1401 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1402 up_write(&_hash_lock); 1403 return -ENXIO; 1404 } 1405 1406 if (hc->new_map) { 1407 old_map = hc->new_map; 1408 hc->new_map = NULL; 1409 } 1410 1411 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 1412 1413 __dev_status(hc->md, param); 1414 md = hc->md; 1415 up_write(&_hash_lock); 1416 if (old_map) { 1417 dm_sync_table(md); 1418 dm_table_destroy(old_map); 1419 } 1420 dm_put(md); 1421 1422 return 0; 1423 } 1424 1425 /* 1426 * Retrieves a list of devices used by a particular dm device. 1427 */ 1428 static void retrieve_deps(struct dm_table *table, 1429 struct dm_ioctl *param, size_t param_size) 1430 { 1431 unsigned int count = 0; 1432 struct list_head *tmp; 1433 size_t len, needed; 1434 struct dm_dev_internal *dd; 1435 struct dm_target_deps *deps; 1436 1437 deps = get_result_buffer(param, param_size, &len); 1438 1439 /* 1440 * Count the devices. 1441 */ 1442 list_for_each (tmp, dm_table_get_devices(table)) 1443 count++; 1444 1445 /* 1446 * Check we have enough space. 1447 */ 1448 needed = sizeof(*deps) + (sizeof(*deps->dev) * count); 1449 if (len < needed) { 1450 param->flags |= DM_BUFFER_FULL_FLAG; 1451 return; 1452 } 1453 1454 /* 1455 * Fill in the devices. 1456 */ 1457 deps->count = count; 1458 count = 0; 1459 list_for_each_entry (dd, dm_table_get_devices(table), list) 1460 deps->dev[count++] = huge_encode_dev(dd->dm_dev->bdev->bd_dev); 1461 1462 param->data_size = param->data_start + needed; 1463 } 1464 1465 static int table_deps(struct file *filp, struct dm_ioctl *param, size_t param_size) 1466 { 1467 struct mapped_device *md; 1468 struct dm_table *table; 1469 int srcu_idx; 1470 1471 md = find_device(param); 1472 if (!md) 1473 return -ENXIO; 1474 1475 __dev_status(md, param); 1476 1477 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1478 if (table) 1479 retrieve_deps(table, param, param_size); 1480 dm_put_live_table(md, srcu_idx); 1481 1482 dm_put(md); 1483 1484 return 0; 1485 } 1486 1487 /* 1488 * Return the status of a device as a text string for each 1489 * target. 1490 */ 1491 static int table_status(struct file *filp, struct dm_ioctl *param, size_t param_size) 1492 { 1493 struct mapped_device *md; 1494 struct dm_table *table; 1495 int srcu_idx; 1496 1497 md = find_device(param); 1498 if (!md) 1499 return -ENXIO; 1500 1501 __dev_status(md, param); 1502 1503 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1504 if (table) 1505 retrieve_status(table, param, param_size); 1506 dm_put_live_table(md, srcu_idx); 1507 1508 dm_put(md); 1509 1510 return 0; 1511 } 1512 1513 /* 1514 * Process device-mapper dependent messages. Messages prefixed with '@' 1515 * are processed by the DM core. All others are delivered to the target. 1516 * Returns a number <= 1 if message was processed by device mapper. 1517 * Returns 2 if message should be delivered to the target. 1518 */ 1519 static int message_for_md(struct mapped_device *md, unsigned argc, char **argv, 1520 char *result, unsigned maxlen) 1521 { 1522 int r; 1523 1524 if (**argv != '@') 1525 return 2; /* no '@' prefix, deliver to target */ 1526 1527 if (!strcasecmp(argv[0], "@cancel_deferred_remove")) { 1528 if (argc != 1) { 1529 DMERR("Invalid arguments for @cancel_deferred_remove"); 1530 return -EINVAL; 1531 } 1532 return dm_cancel_deferred_remove(md); 1533 } 1534 1535 r = dm_stats_message(md, argc, argv, result, maxlen); 1536 if (r < 2) 1537 return r; 1538 1539 DMERR("Unsupported message sent to DM core: %s", argv[0]); 1540 return -EINVAL; 1541 } 1542 1543 /* 1544 * Pass a message to the target that's at the supplied device offset. 1545 */ 1546 static int target_message(struct file *filp, struct dm_ioctl *param, size_t param_size) 1547 { 1548 int r, argc; 1549 char **argv; 1550 struct mapped_device *md; 1551 struct dm_table *table; 1552 struct dm_target *ti; 1553 struct dm_target_msg *tmsg = (void *) param + param->data_start; 1554 size_t maxlen; 1555 char *result = get_result_buffer(param, param_size, &maxlen); 1556 int srcu_idx; 1557 1558 md = find_device(param); 1559 if (!md) 1560 return -ENXIO; 1561 1562 if (tmsg < (struct dm_target_msg *) param->data || 1563 invalid_str(tmsg->message, (void *) param + param_size)) { 1564 DMWARN("Invalid target message parameters."); 1565 r = -EINVAL; 1566 goto out; 1567 } 1568 1569 r = dm_split_args(&argc, &argv, tmsg->message); 1570 if (r) { 1571 DMWARN("Failed to split target message parameters"); 1572 goto out; 1573 } 1574 1575 if (!argc) { 1576 DMWARN("Empty message received."); 1577 goto out_argv; 1578 } 1579 1580 r = message_for_md(md, argc, argv, result, maxlen); 1581 if (r <= 1) 1582 goto out_argv; 1583 1584 table = dm_get_live_table(md, &srcu_idx); 1585 if (!table) 1586 goto out_table; 1587 1588 if (dm_deleting_md(md)) { 1589 r = -ENXIO; 1590 goto out_table; 1591 } 1592 1593 ti = dm_table_find_target(table, tmsg->sector); 1594 if (!dm_target_is_valid(ti)) { 1595 DMWARN("Target message sector outside device."); 1596 r = -EINVAL; 1597 } else if (ti->type->message) 1598 r = ti->type->message(ti, argc, argv); 1599 else { 1600 DMWARN("Target type does not support messages"); 1601 r = -EINVAL; 1602 } 1603 1604 out_table: 1605 dm_put_live_table(md, srcu_idx); 1606 out_argv: 1607 kfree(argv); 1608 out: 1609 if (r >= 0) 1610 __dev_status(md, param); 1611 1612 if (r == 1) { 1613 param->flags |= DM_DATA_OUT_FLAG; 1614 if (dm_message_test_buffer_overflow(result, maxlen)) 1615 param->flags |= DM_BUFFER_FULL_FLAG; 1616 else 1617 param->data_size = param->data_start + strlen(result) + 1; 1618 r = 0; 1619 } 1620 1621 dm_put(md); 1622 return r; 1623 } 1624 1625 /* 1626 * The ioctl parameter block consists of two parts, a dm_ioctl struct 1627 * followed by a data buffer. This flag is set if the second part, 1628 * which has a variable size, is not used by the function processing 1629 * the ioctl. 1630 */ 1631 #define IOCTL_FLAGS_NO_PARAMS 1 1632 #define IOCTL_FLAGS_ISSUE_GLOBAL_EVENT 2 1633 1634 /*----------------------------------------------------------------- 1635 * Implementation of open/close/ioctl on the special char 1636 * device. 1637 *---------------------------------------------------------------*/ 1638 static ioctl_fn lookup_ioctl(unsigned int cmd, int *ioctl_flags) 1639 { 1640 static const struct { 1641 int cmd; 1642 int flags; 1643 ioctl_fn fn; 1644 } _ioctls[] = { 1645 {DM_VERSION_CMD, 0, NULL}, /* version is dealt with elsewhere */ 1646 {DM_REMOVE_ALL_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, remove_all}, 1647 {DM_LIST_DEVICES_CMD, 0, list_devices}, 1648 1649 {DM_DEV_CREATE_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_create}, 1650 {DM_DEV_REMOVE_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_remove}, 1651 {DM_DEV_RENAME_CMD, IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_rename}, 1652 {DM_DEV_SUSPEND_CMD, IOCTL_FLAGS_NO_PARAMS, dev_suspend}, 1653 {DM_DEV_STATUS_CMD, IOCTL_FLAGS_NO_PARAMS, dev_status}, 1654 {DM_DEV_WAIT_CMD, 0, dev_wait}, 1655 1656 {DM_TABLE_LOAD_CMD, 0, table_load}, 1657 {DM_TABLE_CLEAR_CMD, IOCTL_FLAGS_NO_PARAMS, table_clear}, 1658 {DM_TABLE_DEPS_CMD, 0, table_deps}, 1659 {DM_TABLE_STATUS_CMD, 0, table_status}, 1660 1661 {DM_LIST_VERSIONS_CMD, 0, list_versions}, 1662 1663 {DM_TARGET_MSG_CMD, 0, target_message}, 1664 {DM_DEV_SET_GEOMETRY_CMD, 0, dev_set_geometry}, 1665 {DM_DEV_ARM_POLL, IOCTL_FLAGS_NO_PARAMS, dev_arm_poll}, 1666 }; 1667 1668 if (unlikely(cmd >= ARRAY_SIZE(_ioctls))) 1669 return NULL; 1670 1671 *ioctl_flags = _ioctls[cmd].flags; 1672 return _ioctls[cmd].fn; 1673 } 1674 1675 /* 1676 * As well as checking the version compatibility this always 1677 * copies the kernel interface version out. 1678 */ 1679 static int check_version(unsigned int cmd, struct dm_ioctl __user *user) 1680 { 1681 uint32_t version[3]; 1682 int r = 0; 1683 1684 if (copy_from_user(version, user->version, sizeof(version))) 1685 return -EFAULT; 1686 1687 if ((DM_VERSION_MAJOR != version[0]) || 1688 (DM_VERSION_MINOR < version[1])) { 1689 DMWARN("ioctl interface mismatch: " 1690 "kernel(%u.%u.%u), user(%u.%u.%u), cmd(%d)", 1691 DM_VERSION_MAJOR, DM_VERSION_MINOR, 1692 DM_VERSION_PATCHLEVEL, 1693 version[0], version[1], version[2], cmd); 1694 r = -EINVAL; 1695 } 1696 1697 /* 1698 * Fill in the kernel version. 1699 */ 1700 version[0] = DM_VERSION_MAJOR; 1701 version[1] = DM_VERSION_MINOR; 1702 version[2] = DM_VERSION_PATCHLEVEL; 1703 if (copy_to_user(user->version, version, sizeof(version))) 1704 return -EFAULT; 1705 1706 return r; 1707 } 1708 1709 #define DM_PARAMS_MALLOC 0x0001 /* Params allocated with kvmalloc() */ 1710 #define DM_WIPE_BUFFER 0x0010 /* Wipe input buffer before returning from ioctl */ 1711 1712 static void free_params(struct dm_ioctl *param, size_t param_size, int param_flags) 1713 { 1714 if (param_flags & DM_WIPE_BUFFER) 1715 memset(param, 0, param_size); 1716 1717 if (param_flags & DM_PARAMS_MALLOC) 1718 kvfree(param); 1719 } 1720 1721 static int copy_params(struct dm_ioctl __user *user, struct dm_ioctl *param_kernel, 1722 int ioctl_flags, 1723 struct dm_ioctl **param, int *param_flags) 1724 { 1725 struct dm_ioctl *dmi; 1726 int secure_data; 1727 const size_t minimum_data_size = offsetof(struct dm_ioctl, data); 1728 unsigned noio_flag; 1729 1730 if (copy_from_user(param_kernel, user, minimum_data_size)) 1731 return -EFAULT; 1732 1733 if (param_kernel->data_size < minimum_data_size) 1734 return -EINVAL; 1735 1736 secure_data = param_kernel->flags & DM_SECURE_DATA_FLAG; 1737 1738 *param_flags = secure_data ? DM_WIPE_BUFFER : 0; 1739 1740 if (ioctl_flags & IOCTL_FLAGS_NO_PARAMS) { 1741 dmi = param_kernel; 1742 dmi->data_size = minimum_data_size; 1743 goto data_copied; 1744 } 1745 1746 /* 1747 * Use __GFP_HIGH to avoid low memory issues when a device is 1748 * suspended and the ioctl is needed to resume it. 1749 * Use kmalloc() rather than vmalloc() when we can. 1750 */ 1751 dmi = NULL; 1752 noio_flag = memalloc_noio_save(); 1753 dmi = kvmalloc(param_kernel->data_size, GFP_KERNEL | __GFP_HIGH); 1754 memalloc_noio_restore(noio_flag); 1755 1756 if (!dmi) { 1757 if (secure_data && clear_user(user, param_kernel->data_size)) 1758 return -EFAULT; 1759 return -ENOMEM; 1760 } 1761 1762 *param_flags |= DM_PARAMS_MALLOC; 1763 1764 if (copy_from_user(dmi, user, param_kernel->data_size)) 1765 goto bad; 1766 1767 data_copied: 1768 /* 1769 * Abort if something changed the ioctl data while it was being copied. 1770 */ 1771 if (dmi->data_size != param_kernel->data_size) { 1772 DMERR("rejecting ioctl: data size modified while processing parameters"); 1773 goto bad; 1774 } 1775 1776 /* Wipe the user buffer so we do not return it to userspace */ 1777 if (secure_data && clear_user(user, param_kernel->data_size)) 1778 goto bad; 1779 1780 *param = dmi; 1781 return 0; 1782 1783 bad: 1784 free_params(dmi, param_kernel->data_size, *param_flags); 1785 1786 return -EFAULT; 1787 } 1788 1789 static int validate_params(uint cmd, struct dm_ioctl *param) 1790 { 1791 /* Always clear this flag */ 1792 param->flags &= ~DM_BUFFER_FULL_FLAG; 1793 param->flags &= ~DM_UEVENT_GENERATED_FLAG; 1794 param->flags &= ~DM_SECURE_DATA_FLAG; 1795 param->flags &= ~DM_DATA_OUT_FLAG; 1796 1797 /* Ignores parameters */ 1798 if (cmd == DM_REMOVE_ALL_CMD || 1799 cmd == DM_LIST_DEVICES_CMD || 1800 cmd == DM_LIST_VERSIONS_CMD) 1801 return 0; 1802 1803 if (cmd == DM_DEV_CREATE_CMD) { 1804 if (!*param->name) { 1805 DMWARN("name not supplied when creating device"); 1806 return -EINVAL; 1807 } 1808 } else if (*param->uuid && *param->name) { 1809 DMWARN("only supply one of name or uuid, cmd(%u)", cmd); 1810 return -EINVAL; 1811 } 1812 1813 /* Ensure strings are terminated */ 1814 param->name[DM_NAME_LEN - 1] = '\0'; 1815 param->uuid[DM_UUID_LEN - 1] = '\0'; 1816 1817 return 0; 1818 } 1819 1820 static int ctl_ioctl(struct file *file, uint command, struct dm_ioctl __user *user) 1821 { 1822 int r = 0; 1823 int ioctl_flags; 1824 int param_flags; 1825 unsigned int cmd; 1826 struct dm_ioctl *uninitialized_var(param); 1827 ioctl_fn fn = NULL; 1828 size_t input_param_size; 1829 struct dm_ioctl param_kernel; 1830 1831 /* only root can play with this */ 1832 if (!capable(CAP_SYS_ADMIN)) 1833 return -EACCES; 1834 1835 if (_IOC_TYPE(command) != DM_IOCTL) 1836 return -ENOTTY; 1837 1838 cmd = _IOC_NR(command); 1839 1840 /* 1841 * Check the interface version passed in. This also 1842 * writes out the kernel's interface version. 1843 */ 1844 r = check_version(cmd, user); 1845 if (r) 1846 return r; 1847 1848 /* 1849 * Nothing more to do for the version command. 1850 */ 1851 if (cmd == DM_VERSION_CMD) 1852 return 0; 1853 1854 fn = lookup_ioctl(cmd, &ioctl_flags); 1855 if (!fn) { 1856 DMWARN("dm_ctl_ioctl: unknown command 0x%x", command); 1857 return -ENOTTY; 1858 } 1859 1860 /* 1861 * Copy the parameters into kernel space. 1862 */ 1863 r = copy_params(user, ¶m_kernel, ioctl_flags, ¶m, ¶m_flags); 1864 1865 if (r) 1866 return r; 1867 1868 input_param_size = param->data_size; 1869 r = validate_params(cmd, param); 1870 if (r) 1871 goto out; 1872 1873 param->data_size = offsetof(struct dm_ioctl, data); 1874 r = fn(file, param, input_param_size); 1875 1876 if (unlikely(param->flags & DM_BUFFER_FULL_FLAG) && 1877 unlikely(ioctl_flags & IOCTL_FLAGS_NO_PARAMS)) 1878 DMERR("ioctl %d tried to output some data but has IOCTL_FLAGS_NO_PARAMS set", cmd); 1879 1880 if (!r && ioctl_flags & IOCTL_FLAGS_ISSUE_GLOBAL_EVENT) 1881 dm_issue_global_event(); 1882 1883 /* 1884 * Copy the results back to userland. 1885 */ 1886 if (!r && copy_to_user(user, param, param->data_size)) 1887 r = -EFAULT; 1888 1889 out: 1890 free_params(param, input_param_size, param_flags); 1891 return r; 1892 } 1893 1894 static long dm_ctl_ioctl(struct file *file, uint command, ulong u) 1895 { 1896 return (long)ctl_ioctl(file, command, (struct dm_ioctl __user *)u); 1897 } 1898 1899 #ifdef CONFIG_COMPAT 1900 static long dm_compat_ctl_ioctl(struct file *file, uint command, ulong u) 1901 { 1902 return (long)dm_ctl_ioctl(file, command, (ulong) compat_ptr(u)); 1903 } 1904 #else 1905 #define dm_compat_ctl_ioctl NULL 1906 #endif 1907 1908 static int dm_open(struct inode *inode, struct file *filp) 1909 { 1910 int r; 1911 struct dm_file *priv; 1912 1913 r = nonseekable_open(inode, filp); 1914 if (unlikely(r)) 1915 return r; 1916 1917 priv = filp->private_data = kmalloc(sizeof(struct dm_file), GFP_KERNEL); 1918 if (!priv) 1919 return -ENOMEM; 1920 1921 priv->global_event_nr = atomic_read(&dm_global_event_nr); 1922 1923 return 0; 1924 } 1925 1926 static int dm_release(struct inode *inode, struct file *filp) 1927 { 1928 kfree(filp->private_data); 1929 return 0; 1930 } 1931 1932 static __poll_t dm_poll(struct file *filp, poll_table *wait) 1933 { 1934 struct dm_file *priv = filp->private_data; 1935 __poll_t mask = 0; 1936 1937 poll_wait(filp, &dm_global_eventq, wait); 1938 1939 if ((int)(atomic_read(&dm_global_event_nr) - priv->global_event_nr) > 0) 1940 mask |= EPOLLIN; 1941 1942 return mask; 1943 } 1944 1945 static const struct file_operations _ctl_fops = { 1946 .open = dm_open, 1947 .release = dm_release, 1948 .poll = dm_poll, 1949 .unlocked_ioctl = dm_ctl_ioctl, 1950 .compat_ioctl = dm_compat_ctl_ioctl, 1951 .owner = THIS_MODULE, 1952 .llseek = noop_llseek, 1953 }; 1954 1955 static struct miscdevice _dm_misc = { 1956 .minor = MAPPER_CTRL_MINOR, 1957 .name = DM_NAME, 1958 .nodename = DM_DIR "/" DM_CONTROL_NODE, 1959 .fops = &_ctl_fops 1960 }; 1961 1962 MODULE_ALIAS_MISCDEV(MAPPER_CTRL_MINOR); 1963 MODULE_ALIAS("devname:" DM_DIR "/" DM_CONTROL_NODE); 1964 1965 /* 1966 * Create misc character device and link to DM_DIR/control. 1967 */ 1968 int __init dm_interface_init(void) 1969 { 1970 int r; 1971 1972 r = dm_hash_init(); 1973 if (r) 1974 return r; 1975 1976 r = misc_register(&_dm_misc); 1977 if (r) { 1978 DMERR("misc_register failed for control device"); 1979 dm_hash_exit(); 1980 return r; 1981 } 1982 1983 DMINFO("%d.%d.%d%s initialised: %s", DM_VERSION_MAJOR, 1984 DM_VERSION_MINOR, DM_VERSION_PATCHLEVEL, DM_VERSION_EXTRA, 1985 DM_DRIVER_EMAIL); 1986 return 0; 1987 } 1988 1989 void dm_interface_exit(void) 1990 { 1991 misc_deregister(&_dm_misc); 1992 dm_hash_exit(); 1993 } 1994 1995 /** 1996 * dm_copy_name_and_uuid - Copy mapped device name & uuid into supplied buffers 1997 * @md: Pointer to mapped_device 1998 * @name: Buffer (size DM_NAME_LEN) for name 1999 * @uuid: Buffer (size DM_UUID_LEN) for uuid or empty string if uuid not defined 2000 */ 2001 int dm_copy_name_and_uuid(struct mapped_device *md, char *name, char *uuid) 2002 { 2003 int r = 0; 2004 struct hash_cell *hc; 2005 2006 if (!md) 2007 return -ENXIO; 2008 2009 mutex_lock(&dm_hash_cells_mutex); 2010 hc = dm_get_mdptr(md); 2011 if (!hc || hc->md != md) { 2012 r = -ENXIO; 2013 goto out; 2014 } 2015 2016 if (name) 2017 strcpy(name, hc->name); 2018 if (uuid) 2019 strcpy(uuid, hc->uuid ? : ""); 2020 2021 out: 2022 mutex_unlock(&dm_hash_cells_mutex); 2023 2024 return r; 2025 } 2026