1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2015 Google, Inc. 4 * 5 * Author: Sami Tolvanen <samitolvanen@google.com> 6 */ 7 8 #include "dm-verity-fec.h" 9 #include <linux/math64.h> 10 11 #define DM_MSG_PREFIX "verity-fec" 12 13 /* 14 * When correcting a block, the FEC implementation performs optimally when it 15 * can collect all the associated RS codewords at the same time. As each byte 16 * is part of a different codeword, there are '1 << data_dev_block_bits' 17 * codewords. Each buffer has space for the message bytes for 18 * '1 << DM_VERITY_FEC_BUF_RS_BITS' codewords, so that gives 19 * '1 << (data_dev_block_bits - DM_VERITY_FEC_BUF_RS_BITS)' buffers. 20 */ 21 static inline unsigned int fec_max_nbufs(struct dm_verity *v) 22 { 23 return 1 << (v->data_dev_block_bits - DM_VERITY_FEC_BUF_RS_BITS); 24 } 25 26 /* Loop over each allocated buffer. */ 27 #define fec_for_each_buffer(io, __i) \ 28 for (__i = 0; __i < (io)->nbufs; __i++) 29 30 /* Loop over each RS message in each allocated buffer. */ 31 /* To stop early, use 'goto', not 'break' (since this uses nested loops). */ 32 #define fec_for_each_buffer_rs_message(io, __i, __j) \ 33 fec_for_each_buffer(io, __i) \ 34 for (__j = 0; __j < 1 << DM_VERITY_FEC_BUF_RS_BITS; __j++) 35 36 /* 37 * Return a pointer to the current RS message when called inside 38 * fec_for_each_buffer_rs_message. 39 */ 40 static inline u8 *fec_buffer_rs_message(struct dm_verity *v, 41 struct dm_verity_fec_io *fio, 42 unsigned int i, unsigned int j) 43 { 44 return &fio->bufs[i][j * v->fec->rs_k]; 45 } 46 47 /* 48 * Decode all RS codewords whose message bytes were loaded into fio->bufs. Copy 49 * the corrected bytes into fio->output starting from out_pos. 50 */ 51 static int fec_decode_bufs(struct dm_verity *v, struct dm_verity_io *io, 52 struct dm_verity_fec_io *fio, u64 target_block, 53 unsigned int target_region, u64 index_in_region, 54 unsigned int out_pos, int neras) 55 { 56 int r = 0, corrected = 0, res; 57 struct dm_buffer *buf; 58 unsigned int n, i, j, parity_pos, to_copy; 59 uint16_t par_buf[DM_VERITY_FEC_MAX_ROOTS]; 60 u8 *par, *msg_buf; 61 u64 parity_block; 62 struct bio *bio = dm_bio_from_per_bio_data(io, v->ti->per_io_data_size); 63 64 /* 65 * Compute the index of the first parity block that will be needed and 66 * the starting position in that block. Then read that block. 67 * 68 * block_size is always a power of 2, but roots might not be. Note that 69 * when it's not, a codeword's parity bytes can span a block boundary. 70 */ 71 parity_block = ((index_in_region << v->data_dev_block_bits) + out_pos) * 72 v->fec->roots; 73 parity_pos = parity_block & (v->fec->block_size - 1); 74 parity_block >>= v->data_dev_block_bits; 75 par = dm_bufio_read_with_ioprio(v->fec->bufio, parity_block, &buf, 76 bio->bi_ioprio); 77 if (IS_ERR(par)) { 78 DMERR("%s: FEC %llu: parity read failed (block %llu): %ld", 79 v->data_dev->name, target_block, parity_block, 80 PTR_ERR(par)); 81 return PTR_ERR(par); 82 } 83 84 /* 85 * Decode the RS codewords whose message bytes are in bufs. Each RS 86 * codeword results in one corrected target byte and consumes fec->roots 87 * parity bytes. 88 */ 89 fec_for_each_buffer_rs_message(fio, n, i) { 90 msg_buf = fec_buffer_rs_message(v, fio, n, i); 91 92 /* 93 * Copy the next 'roots' parity bytes to 'par_buf', reading 94 * another parity block if needed. 95 */ 96 to_copy = min(v->fec->block_size - parity_pos, v->fec->roots); 97 for (j = 0; j < to_copy; j++) 98 par_buf[j] = par[parity_pos++]; 99 if (to_copy < v->fec->roots) { 100 parity_block++; 101 parity_pos = 0; 102 103 dm_bufio_release(buf); 104 par = dm_bufio_read_with_ioprio(v->fec->bufio, 105 parity_block, &buf, 106 bio->bi_ioprio); 107 if (IS_ERR(par)) { 108 DMERR("%s: FEC %llu: parity read failed (block %llu): %ld", 109 v->data_dev->name, target_block, 110 parity_block, PTR_ERR(par)); 111 return PTR_ERR(par); 112 } 113 for (; j < v->fec->roots; j++) 114 par_buf[j] = par[parity_pos++]; 115 } 116 117 /* Decode an RS codeword using the Reed-Solomon library. */ 118 res = decode_rs8(fio->rs, msg_buf, par_buf, v->fec->rs_k, 119 NULL, neras, fio->erasures, 0, NULL); 120 if (res < 0) { 121 r = res; 122 goto done; 123 } 124 corrected += res; 125 fio->output[out_pos++] = msg_buf[target_region]; 126 127 if (out_pos >= v->fec->block_size) 128 goto done; 129 } 130 done: 131 dm_bufio_release(buf); 132 133 if (r < 0 && neras) 134 DMERR_LIMIT("%s: FEC %llu: failed to correct: %d", 135 v->data_dev->name, target_block, r); 136 else if (r == 0) 137 DMWARN_LIMIT("%s: FEC %llu: corrected %d errors", 138 v->data_dev->name, target_block, corrected); 139 140 return r; 141 } 142 143 /* 144 * Locate data block erasures using verity hashes. 145 */ 146 static int fec_is_erasure(struct dm_verity *v, struct dm_verity_io *io, 147 const u8 *want_digest, const u8 *data) 148 { 149 if (unlikely(verity_hash(v, io, data, v->fec->block_size, 150 io->tmp_digest))) 151 return 0; 152 153 return memcmp(io->tmp_digest, want_digest, v->digest_size) != 0; 154 } 155 156 /* 157 * Read the message block at index @index_in_region within each of the 158 * @v->fec->rs_k regions and deinterleave their contents into @io->fec_io->bufs. 159 * 160 * @target_block gives the index of specific block within this sequence that is 161 * being corrected, relative to the start of all the FEC message blocks. 162 * 163 * @out_pos gives the current output position, i.e. the position in (each) block 164 * from which to start the deinterleaving. Deinterleaving continues until 165 * either end-of-block is reached or there's no more buffer space. 166 * 167 * If @neras is non-NULL, then also use verity hashes and the presence/absence 168 * of I/O errors to determine which of the message blocks in the sequence are 169 * likely to be incorrect. Write the number of such blocks to *@neras and the 170 * indices of the corresponding RS message bytes in [0, k - 1] to 171 * @io->fec_io->erasures, up to a limit of @v->fec->roots + 1 such blocks. 172 */ 173 static int fec_read_bufs(struct dm_verity *v, struct dm_verity_io *io, 174 u64 target_block, u64 index_in_region, 175 unsigned int out_pos, int *neras) 176 { 177 bool is_zero; 178 int i, j; 179 struct dm_buffer *buf; 180 struct dm_bufio_client *bufio; 181 struct dm_verity_fec_io *fio = io->fec_io; 182 u64 block; 183 u8 *bbuf; 184 u8 want_digest[HASH_MAX_DIGESTSIZE]; 185 unsigned int n, src_pos; 186 struct bio *bio = dm_bio_from_per_bio_data(io, v->ti->per_io_data_size); 187 188 if (neras) 189 *neras = 0; 190 191 if (WARN_ON(v->digest_size > sizeof(want_digest))) 192 return -EINVAL; 193 194 for (i = 0; i < v->fec->rs_k; i++) { 195 /* 196 * Read the block from region i. It contains the i'th message 197 * byte of the target block's RS codewords. 198 */ 199 block = i * v->fec->region_blocks + index_in_region; 200 bufio = v->fec->data_bufio; 201 202 if (block >= v->data_blocks) { 203 block -= v->data_blocks; 204 205 /* 206 * blocks outside the area were assumed to contain 207 * zeros when encoding data was generated 208 */ 209 if (unlikely(block >= v->fec->hash_blocks)) 210 continue; 211 212 block += v->hash_start; 213 bufio = v->bufio; 214 } 215 216 bbuf = dm_bufio_read_with_ioprio(bufio, block, &buf, bio->bi_ioprio); 217 if (IS_ERR(bbuf)) { 218 DMWARN_LIMIT("%s: FEC %llu: read failed (%llu): %ld", 219 v->data_dev->name, target_block, block, 220 PTR_ERR(bbuf)); 221 222 /* assume the block is corrupted */ 223 if (neras && *neras <= v->fec->roots) 224 fio->erasures[(*neras)++] = i; 225 226 continue; 227 } 228 229 /* locate erasures if the block is on the data device */ 230 if (bufio == v->fec->data_bufio && 231 verity_hash_for_block(v, io, block, want_digest, 232 &is_zero) == 0) { 233 /* skip known zero blocks entirely */ 234 if (is_zero) 235 goto done; 236 237 /* 238 * skip if we have already found the theoretical 239 * maximum number (i.e. fec->roots) of erasures 240 */ 241 if (neras && *neras <= v->fec->roots && 242 fec_is_erasure(v, io, want_digest, bbuf)) 243 fio->erasures[(*neras)++] = i; 244 } 245 246 /* 247 * Deinterleave the bytes of the block, starting from 'out_pos', 248 * into the i'th byte of the RS message buffers. Stop when 249 * end-of-block is reached or there are no more buffers. 250 */ 251 src_pos = out_pos; 252 fec_for_each_buffer_rs_message(fio, n, j) { 253 if (src_pos >= v->fec->block_size) 254 goto done; 255 fec_buffer_rs_message(v, fio, n, j)[i] = bbuf[src_pos++]; 256 } 257 done: 258 dm_bufio_release(buf); 259 } 260 return 0; 261 } 262 263 /* 264 * Allocate and initialize a struct dm_verity_fec_io to use for FEC for a bio. 265 * This runs the first time a block needs to be corrected for a bio. In the 266 * common case where no block needs to be corrected, this code never runs. 267 * 268 * This always succeeds, as all required allocations are done from mempools. 269 * Additional buffers are also allocated opportunistically to improve error 270 * correction performance, but these aren't required to succeed. 271 */ 272 static struct dm_verity_fec_io *fec_alloc_and_init_io(struct dm_verity *v) 273 { 274 const unsigned int max_nbufs = fec_max_nbufs(v); 275 struct dm_verity_fec *f = v->fec; 276 struct dm_verity_fec_io *fio; 277 unsigned int n; 278 279 fio = mempool_alloc(&f->fio_pool, GFP_NOIO); 280 fio->rs = mempool_alloc(&f->rs_pool, GFP_NOIO); 281 282 fio->bufs[0] = mempool_alloc(&f->prealloc_pool, GFP_NOIO); 283 284 /* try to allocate the maximum number of buffers */ 285 for (n = 1; n < max_nbufs; n++) { 286 fio->bufs[n] = kmem_cache_alloc(f->cache, GFP_NOWAIT); 287 /* we can manage with even one buffer if necessary */ 288 if (unlikely(!fio->bufs[n])) 289 break; 290 } 291 fio->nbufs = n; 292 293 fio->output = mempool_alloc(&f->output_pool, GFP_NOIO); 294 fio->level = 0; 295 return fio; 296 } 297 298 /* 299 * Initialize buffers and clear erasures. fec_read_bufs() assumes buffers are 300 * zeroed before deinterleaving. 301 */ 302 static void fec_init_bufs(struct dm_verity *v, struct dm_verity_fec_io *fio) 303 { 304 unsigned int n; 305 306 fec_for_each_buffer(fio, n) 307 memset(fio->bufs[n], 0, v->fec->rs_k << DM_VERITY_FEC_BUF_RS_BITS); 308 309 memset(fio->erasures, 0, sizeof(fio->erasures)); 310 } 311 312 /* 313 * Try to correct the message (data or hash) block at index @target_block. 314 * 315 * If @use_erasures is true, use verity hashes to locate erasures. This makes 316 * the error correction slower but up to twice as capable. 317 * 318 * On success, return 0 and write the corrected block to @fio->output. 0 is 319 * returned only if the digest of the corrected block matches @want_digest; this 320 * is critical to ensure that FEC can't cause dm-verity to return bad data. 321 */ 322 static int fec_decode(struct dm_verity *v, struct dm_verity_io *io, 323 struct dm_verity_fec_io *fio, u64 target_block, 324 const u8 *want_digest, bool use_erasures) 325 { 326 int r, neras = 0; 327 unsigned int target_region, out_pos; 328 u64 index_in_region; 329 330 /* 331 * Compute 'target_region', the index of the region the target block is 332 * in; and 'index_in_region', the index of the target block within its 333 * region. The latter value is also the index within its region of each 334 * message block that shares its RS codewords with the target block. 335 */ 336 target_region = div64_u64_rem(target_block, v->fec->region_blocks, 337 &index_in_region); 338 if (WARN_ON_ONCE(target_region >= v->fec->rs_k)) 339 /* target_block is out-of-bounds. Should never happen. */ 340 return -EIO; 341 342 for (out_pos = 0; out_pos < v->fec->block_size;) { 343 fec_init_bufs(v, fio); 344 345 r = fec_read_bufs(v, io, target_block, index_in_region, out_pos, 346 use_erasures ? &neras : NULL); 347 if (unlikely(r < 0)) 348 return r; 349 350 r = fec_decode_bufs(v, io, fio, target_block, target_region, 351 index_in_region, out_pos, neras); 352 if (r < 0) 353 return r; 354 355 out_pos += fio->nbufs << DM_VERITY_FEC_BUF_RS_BITS; 356 } 357 358 /* Always re-validate the corrected block against the expected hash */ 359 r = verity_hash(v, io, fio->output, v->fec->block_size, io->tmp_digest); 360 if (unlikely(r < 0)) 361 return r; 362 363 if (memcmp(io->tmp_digest, want_digest, v->digest_size)) { 364 DMERR_LIMIT("%s: FEC %llu: failed to correct (%d erasures)", 365 v->data_dev->name, target_block, neras); 366 return -EILSEQ; 367 } 368 369 return 0; 370 } 371 372 /* Correct errors in a block. Copies corrected block to dest. */ 373 int verity_fec_decode(struct dm_verity *v, struct dm_verity_io *io, 374 enum verity_block_type type, const u8 *want_digest, 375 sector_t block, u8 *dest) 376 { 377 int r; 378 struct dm_verity_fec_io *fio; 379 380 if (!verity_fec_is_enabled(v)) 381 return -EOPNOTSUPP; 382 383 fio = io->fec_io; 384 if (!fio) 385 fio = io->fec_io = fec_alloc_and_init_io(v); 386 387 if (fio->level) 388 return -EIO; 389 390 fio->level++; 391 392 if (type == DM_VERITY_BLOCK_TYPE_METADATA) 393 block = block - v->hash_start + v->data_blocks; 394 395 /* 396 * Locating erasures is slow, so attempt to recover the block without 397 * them first. Do a second attempt with erasures if the corruption is 398 * bad enough. 399 */ 400 r = fec_decode(v, io, fio, block, want_digest, false); 401 if (r < 0) { 402 r = fec_decode(v, io, fio, block, want_digest, true); 403 if (r < 0) 404 goto done; 405 } 406 407 memcpy(dest, fio->output, v->fec->block_size); 408 atomic64_inc(&v->fec->corrected); 409 410 done: 411 fio->level--; 412 return r; 413 } 414 415 /* 416 * Clean up per-bio data. 417 */ 418 void __verity_fec_finish_io(struct dm_verity_io *io) 419 { 420 unsigned int n; 421 struct dm_verity_fec *f = io->v->fec; 422 struct dm_verity_fec_io *fio = io->fec_io; 423 424 mempool_free(fio->rs, &f->rs_pool); 425 426 mempool_free(fio->bufs[0], &f->prealloc_pool); 427 428 for (n = 1; n < fio->nbufs; n++) 429 kmem_cache_free(f->cache, fio->bufs[n]); 430 431 mempool_free(fio->output, &f->output_pool); 432 433 mempool_free(fio, &f->fio_pool); 434 io->fec_io = NULL; 435 } 436 437 /* 438 * Append feature arguments and values to the status table. 439 */ 440 unsigned int verity_fec_status_table(struct dm_verity *v, unsigned int sz, 441 char *result, unsigned int maxlen) 442 { 443 if (!verity_fec_is_enabled(v)) 444 return sz; 445 446 DMEMIT(" " DM_VERITY_OPT_FEC_DEV " %s " 447 DM_VERITY_OPT_FEC_BLOCKS " %llu " 448 DM_VERITY_OPT_FEC_START " %llu " 449 DM_VERITY_OPT_FEC_ROOTS " %d", 450 v->fec->dev->name, 451 (unsigned long long)v->fec->blocks, 452 (unsigned long long)v->fec->start, 453 v->fec->roots); 454 455 return sz; 456 } 457 458 void verity_fec_dtr(struct dm_verity *v) 459 { 460 struct dm_verity_fec *f = v->fec; 461 462 if (!verity_fec_is_enabled(v)) 463 goto out; 464 465 mempool_exit(&f->fio_pool); 466 mempool_exit(&f->rs_pool); 467 mempool_exit(&f->prealloc_pool); 468 mempool_exit(&f->output_pool); 469 kmem_cache_destroy(f->cache); 470 471 if (!IS_ERR_OR_NULL(f->data_bufio)) 472 dm_bufio_client_destroy(f->data_bufio); 473 if (!IS_ERR_OR_NULL(f->bufio)) 474 dm_bufio_client_destroy(f->bufio); 475 476 if (f->dev) 477 dm_put_device(v->ti, f->dev); 478 out: 479 kfree(f); 480 v->fec = NULL; 481 } 482 483 static void *fec_rs_alloc(gfp_t gfp_mask, void *pool_data) 484 { 485 struct dm_verity *v = pool_data; 486 487 return init_rs_gfp(8, 0x11d, 0, 1, v->fec->roots, gfp_mask); 488 } 489 490 static void fec_rs_free(void *element, void *pool_data) 491 { 492 struct rs_control *rs = element; 493 494 if (rs) 495 free_rs(rs); 496 } 497 498 bool verity_is_fec_opt_arg(const char *arg_name) 499 { 500 return (!strcasecmp(arg_name, DM_VERITY_OPT_FEC_DEV) || 501 !strcasecmp(arg_name, DM_VERITY_OPT_FEC_BLOCKS) || 502 !strcasecmp(arg_name, DM_VERITY_OPT_FEC_START) || 503 !strcasecmp(arg_name, DM_VERITY_OPT_FEC_ROOTS)); 504 } 505 506 int verity_fec_parse_opt_args(struct dm_arg_set *as, struct dm_verity *v, 507 unsigned int *argc, const char *arg_name) 508 { 509 int r; 510 struct dm_target *ti = v->ti; 511 const char *arg_value; 512 unsigned long long num_ll; 513 unsigned char num_c; 514 char dummy; 515 516 if (!*argc) { 517 ti->error = "FEC feature arguments require a value"; 518 return -EINVAL; 519 } 520 521 arg_value = dm_shift_arg(as); 522 (*argc)--; 523 524 if (!strcasecmp(arg_name, DM_VERITY_OPT_FEC_DEV)) { 525 if (v->fec->dev) { 526 ti->error = "FEC device already specified"; 527 return -EINVAL; 528 } 529 r = dm_get_device(ti, arg_value, BLK_OPEN_READ, &v->fec->dev); 530 if (r) { 531 ti->error = "FEC device lookup failed"; 532 return r; 533 } 534 535 } else if (!strcasecmp(arg_name, DM_VERITY_OPT_FEC_BLOCKS)) { 536 if (sscanf(arg_value, "%llu%c", &num_ll, &dummy) != 1 || 537 ((sector_t)(num_ll << (v->data_dev_block_bits - SECTOR_SHIFT)) 538 >> (v->data_dev_block_bits - SECTOR_SHIFT) != num_ll)) { 539 ti->error = "Invalid " DM_VERITY_OPT_FEC_BLOCKS; 540 return -EINVAL; 541 } 542 v->fec->blocks = num_ll; 543 544 } else if (!strcasecmp(arg_name, DM_VERITY_OPT_FEC_START)) { 545 if (sscanf(arg_value, "%llu%c", &num_ll, &dummy) != 1 || 546 ((sector_t)(num_ll << (v->data_dev_block_bits - SECTOR_SHIFT)) >> 547 (v->data_dev_block_bits - SECTOR_SHIFT) != num_ll)) { 548 ti->error = "Invalid " DM_VERITY_OPT_FEC_START; 549 return -EINVAL; 550 } 551 v->fec->start = num_ll; 552 553 } else if (!strcasecmp(arg_name, DM_VERITY_OPT_FEC_ROOTS)) { 554 if (sscanf(arg_value, "%hhu%c", &num_c, &dummy) != 1 || !num_c || 555 num_c < DM_VERITY_FEC_MIN_ROOTS || 556 num_c > DM_VERITY_FEC_MAX_ROOTS) { 557 ti->error = "Invalid " DM_VERITY_OPT_FEC_ROOTS; 558 return -EINVAL; 559 } 560 v->fec->roots = num_c; 561 562 } else { 563 ti->error = "Unrecognized verity FEC feature request"; 564 return -EINVAL; 565 } 566 567 return 0; 568 } 569 570 /* 571 * Allocate dm_verity_fec for v->fec. Must be called before verity_fec_ctr. 572 */ 573 int verity_fec_ctr_alloc(struct dm_verity *v) 574 { 575 struct dm_verity_fec *f; 576 577 f = kzalloc_obj(struct dm_verity_fec); 578 if (!f) { 579 v->ti->error = "Cannot allocate FEC structure"; 580 return -ENOMEM; 581 } 582 v->fec = f; 583 584 return 0; 585 } 586 587 /* 588 * Validate arguments and preallocate memory. Must be called after arguments 589 * have been parsed using verity_fec_parse_opt_args. 590 */ 591 int verity_fec_ctr(struct dm_verity *v) 592 { 593 struct dm_verity_fec *f = v->fec; 594 struct dm_target *ti = v->ti; 595 u64 hash_blocks; 596 int ret; 597 598 if (!verity_fec_is_enabled(v)) { 599 verity_fec_dtr(v); 600 return 0; 601 } 602 603 /* 604 * FEC is computed over data blocks, possible metadata, and 605 * hash blocks. In other words, FEC covers total of fec_blocks 606 * blocks consisting of the following: 607 * 608 * data blocks | hash blocks | metadata (optional) 609 * 610 * We allow metadata after hash blocks to support a use case 611 * where all data is stored on the same device and FEC covers 612 * the entire area. 613 * 614 * If metadata is included, we require it to be available on the 615 * hash device after the hash blocks. 616 */ 617 618 hash_blocks = v->hash_end - v->hash_start; 619 620 /* 621 * Require matching block sizes for data and hash devices for 622 * simplicity. 623 */ 624 if (v->data_dev_block_bits != v->hash_dev_block_bits) { 625 ti->error = "Block sizes must match to use FEC"; 626 return -EINVAL; 627 } 628 f->block_size = 1 << v->data_dev_block_bits; 629 630 if (!f->roots) { 631 ti->error = "Missing " DM_VERITY_OPT_FEC_ROOTS; 632 return -EINVAL; 633 } 634 f->rs_k = DM_VERITY_FEC_RS_N - f->roots; 635 636 if (!f->blocks) { 637 ti->error = "Missing " DM_VERITY_OPT_FEC_BLOCKS; 638 return -EINVAL; 639 } 640 641 f->region_blocks = f->blocks; 642 if (sector_div(f->region_blocks, f->rs_k)) 643 f->region_blocks++; 644 645 /* 646 * Due to optional metadata, f->blocks can be larger than 647 * data_blocks and hash_blocks combined. 648 */ 649 if (f->blocks < v->data_blocks + hash_blocks || !f->region_blocks) { 650 ti->error = "Invalid " DM_VERITY_OPT_FEC_BLOCKS; 651 return -EINVAL; 652 } 653 654 /* 655 * Metadata is accessed through the hash device, so we require 656 * it to be large enough. 657 */ 658 f->hash_blocks = f->blocks - v->data_blocks; 659 if (dm_bufio_get_device_size(v->bufio) < 660 v->hash_start + f->hash_blocks) { 661 ti->error = "Hash device is too small for " 662 DM_VERITY_OPT_FEC_BLOCKS; 663 return -E2BIG; 664 } 665 666 f->bufio = dm_bufio_client_create(f->dev->bdev, f->block_size, 667 1, 0, NULL, NULL, 0); 668 if (IS_ERR(f->bufio)) { 669 ti->error = "Cannot initialize FEC bufio client"; 670 return PTR_ERR(f->bufio); 671 } 672 673 dm_bufio_set_sector_offset(f->bufio, f->start << (v->data_dev_block_bits - SECTOR_SHIFT)); 674 675 if (dm_bufio_get_device_size(f->bufio) < f->region_blocks * f->roots) { 676 ti->error = "FEC device is too small"; 677 return -E2BIG; 678 } 679 680 f->data_bufio = dm_bufio_client_create(v->data_dev->bdev, f->block_size, 681 1, 0, NULL, NULL, 0); 682 if (IS_ERR(f->data_bufio)) { 683 ti->error = "Cannot initialize FEC data bufio client"; 684 return PTR_ERR(f->data_bufio); 685 } 686 687 if (dm_bufio_get_device_size(f->data_bufio) < v->data_blocks) { 688 ti->error = "Data device is too small"; 689 return -E2BIG; 690 } 691 692 /* Preallocate some dm_verity_fec_io structures */ 693 ret = mempool_init_kmalloc_pool(&f->fio_pool, num_online_cpus(), 694 struct_size((struct dm_verity_fec_io *)0, 695 bufs, fec_max_nbufs(v))); 696 if (ret) { 697 ti->error = "Cannot allocate FEC IO pool"; 698 return ret; 699 } 700 701 /* Preallocate an rs_control structure for each worker thread */ 702 ret = mempool_init(&f->rs_pool, num_online_cpus(), fec_rs_alloc, 703 fec_rs_free, (void *) v); 704 if (ret) { 705 ti->error = "Cannot allocate RS pool"; 706 return ret; 707 } 708 709 f->cache = kmem_cache_create("dm_verity_fec_buffers", 710 f->rs_k << DM_VERITY_FEC_BUF_RS_BITS, 711 0, 0, NULL); 712 if (!f->cache) { 713 ti->error = "Cannot create FEC buffer cache"; 714 return -ENOMEM; 715 } 716 717 /* Preallocate one buffer for each thread */ 718 ret = mempool_init_slab_pool(&f->prealloc_pool, num_online_cpus(), 719 f->cache); 720 if (ret) { 721 ti->error = "Cannot allocate FEC buffer prealloc pool"; 722 return ret; 723 } 724 725 /* Preallocate an output buffer for each thread */ 726 ret = mempool_init_kmalloc_pool(&f->output_pool, num_online_cpus(), 727 f->block_size); 728 if (ret) { 729 ti->error = "Cannot allocate FEC output pool"; 730 return ret; 731 } 732 733 return 0; 734 } 735