1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2001, 2002 Sistina Software (UK) Limited. 4 * Copyright (C) 2004 - 2006 Red Hat, Inc. All rights reserved. 5 * 6 * This file is released under the GPL. 7 */ 8 9 #include "dm-core.h" 10 #include "dm-ima.h" 11 #include <linux/module.h> 12 #include <linux/vmalloc.h> 13 #include <linux/miscdevice.h> 14 #include <linux/sched/mm.h> 15 #include <linux/init.h> 16 #include <linux/wait.h> 17 #include <linux/slab.h> 18 #include <linux/rbtree.h> 19 #include <linux/dm-ioctl.h> 20 #include <linux/hdreg.h> 21 #include <linux/compat.h> 22 #include <linux/nospec.h> 23 24 #include <linux/uaccess.h> 25 #include <linux/ima.h> 26 27 #define DM_MSG_PREFIX "ioctl" 28 #define DM_DRIVER_EMAIL "dm-devel@lists.linux.dev" 29 30 struct dm_file { 31 /* 32 * poll will wait until the global event number is greater than 33 * this value. 34 */ 35 volatile unsigned int global_event_nr; 36 }; 37 38 /* 39 *--------------------------------------------------------------- 40 * The ioctl interface needs to be able to look up devices by 41 * name or uuid. 42 *--------------------------------------------------------------- 43 */ 44 struct hash_cell { 45 struct rb_node name_node; 46 struct rb_node uuid_node; 47 bool name_set; 48 bool uuid_set; 49 50 char *name; 51 char *uuid; 52 struct mapped_device *md; 53 struct dm_table *new_map; 54 }; 55 56 struct vers_iter { 57 size_t param_size; 58 struct dm_target_versions *vers, *old_vers; 59 char *end; 60 uint32_t flags; 61 }; 62 63 64 static struct rb_root name_rb_tree = RB_ROOT; 65 static struct rb_root uuid_rb_tree = RB_ROOT; 66 67 #define DM_REMOVE_KEEP_OPEN_DEVICES 1 68 #define DM_REMOVE_MARK_DEFERRED 2 69 #define DM_REMOVE_ONLY_DEFERRED 4 70 #define DM_REMOVE_INTERRUPTIBLE 8 71 static int dm_hash_remove_all(unsigned flags); 72 73 /* 74 * Guards access to both hash tables. 75 */ 76 static DECLARE_RWSEM(_hash_lock); 77 78 /* 79 * Protects use of mdptr to obtain hash cell name and uuid from mapped device. 80 */ 81 static DEFINE_MUTEX(dm_hash_cells_mutex); 82 83 static void dm_hash_exit(void) 84 { 85 dm_hash_remove_all(0); 86 } 87 88 /* 89 *--------------------------------------------------------------- 90 * Code for looking up a device by name 91 *--------------------------------------------------------------- 92 */ 93 static struct hash_cell *__get_name_cell(const char *str) 94 { 95 struct rb_node *n = name_rb_tree.rb_node; 96 97 while (n) { 98 struct hash_cell *hc = container_of(n, struct hash_cell, name_node); 99 int c; 100 101 c = strcmp(hc->name, str); 102 if (!c) { 103 dm_get(hc->md); 104 return hc; 105 } 106 n = c >= 0 ? n->rb_left : n->rb_right; 107 } 108 109 return NULL; 110 } 111 112 static struct hash_cell *__get_uuid_cell(const char *str) 113 { 114 struct rb_node *n = uuid_rb_tree.rb_node; 115 116 while (n) { 117 struct hash_cell *hc = container_of(n, struct hash_cell, uuid_node); 118 int c; 119 120 c = strcmp(hc->uuid, str); 121 if (!c) { 122 dm_get(hc->md); 123 return hc; 124 } 125 n = c >= 0 ? n->rb_left : n->rb_right; 126 } 127 128 return NULL; 129 } 130 131 static void __unlink_name(struct hash_cell *hc) 132 { 133 if (hc->name_set) { 134 hc->name_set = false; 135 rb_erase(&hc->name_node, &name_rb_tree); 136 } 137 } 138 139 static void __unlink_uuid(struct hash_cell *hc) 140 { 141 if (hc->uuid_set) { 142 hc->uuid_set = false; 143 rb_erase(&hc->uuid_node, &uuid_rb_tree); 144 } 145 } 146 147 static void __link_name(struct hash_cell *new_hc) 148 { 149 struct rb_node **n, *parent; 150 151 __unlink_name(new_hc); 152 153 new_hc->name_set = true; 154 155 n = &name_rb_tree.rb_node; 156 parent = NULL; 157 158 while (*n) { 159 struct hash_cell *hc = container_of(*n, struct hash_cell, name_node); 160 int c; 161 162 c = strcmp(hc->name, new_hc->name); 163 BUG_ON(!c); 164 parent = *n; 165 n = c >= 0 ? &hc->name_node.rb_left : &hc->name_node.rb_right; 166 } 167 168 rb_link_node(&new_hc->name_node, parent, n); 169 rb_insert_color(&new_hc->name_node, &name_rb_tree); 170 } 171 172 static void __link_uuid(struct hash_cell *new_hc) 173 { 174 struct rb_node **n, *parent; 175 176 __unlink_uuid(new_hc); 177 178 new_hc->uuid_set = true; 179 180 n = &uuid_rb_tree.rb_node; 181 parent = NULL; 182 183 while (*n) { 184 struct hash_cell *hc = container_of(*n, struct hash_cell, uuid_node); 185 int c; 186 187 c = strcmp(hc->uuid, new_hc->uuid); 188 BUG_ON(!c); 189 parent = *n; 190 n = c > 0 ? &hc->uuid_node.rb_left : &hc->uuid_node.rb_right; 191 } 192 193 rb_link_node(&new_hc->uuid_node, parent, n); 194 rb_insert_color(&new_hc->uuid_node, &uuid_rb_tree); 195 } 196 197 static struct hash_cell *__get_dev_cell(uint64_t dev) 198 { 199 struct mapped_device *md; 200 struct hash_cell *hc; 201 202 md = dm_get_md(huge_decode_dev(dev)); 203 if (!md) 204 return NULL; 205 206 hc = dm_get_mdptr(md); 207 if (!hc) { 208 dm_put(md); 209 return NULL; 210 } 211 212 return hc; 213 } 214 215 /* 216 *--------------------------------------------------------------- 217 * Inserting, removing and renaming a device. 218 *--------------------------------------------------------------- 219 */ 220 static struct hash_cell *alloc_cell(const char *name, const char *uuid, 221 struct mapped_device *md) 222 { 223 struct hash_cell *hc; 224 225 hc = kmalloc_obj(*hc); 226 if (!hc) 227 return NULL; 228 229 hc->name = kstrdup(name, GFP_KERNEL); 230 if (!hc->name) { 231 kfree(hc); 232 return NULL; 233 } 234 235 if (!uuid) 236 hc->uuid = NULL; 237 238 else { 239 hc->uuid = kstrdup(uuid, GFP_KERNEL); 240 if (!hc->uuid) { 241 kfree(hc->name); 242 kfree(hc); 243 return NULL; 244 } 245 } 246 247 hc->name_set = hc->uuid_set = false; 248 hc->md = md; 249 hc->new_map = NULL; 250 return hc; 251 } 252 253 static void free_cell(struct hash_cell *hc) 254 { 255 if (hc) { 256 kfree(hc->name); 257 kfree(hc->uuid); 258 kfree(hc); 259 } 260 } 261 262 /* 263 * The kdev_t and uuid of a device can never change once it is 264 * initially inserted. 265 */ 266 static int dm_hash_insert(const char *name, const char *uuid, struct mapped_device *md) 267 { 268 struct hash_cell *cell, *hc; 269 270 /* 271 * Allocate the new cells. 272 */ 273 cell = alloc_cell(name, uuid, md); 274 if (!cell) 275 return -ENOMEM; 276 277 /* 278 * Insert the cell into both hash tables. 279 */ 280 down_write(&_hash_lock); 281 hc = __get_name_cell(name); 282 if (hc) { 283 dm_put(hc->md); 284 goto bad; 285 } 286 287 __link_name(cell); 288 289 if (uuid) { 290 hc = __get_uuid_cell(uuid); 291 if (hc) { 292 __unlink_name(cell); 293 dm_put(hc->md); 294 goto bad; 295 } 296 __link_uuid(cell); 297 } 298 dm_get(md); 299 mutex_lock(&dm_hash_cells_mutex); 300 dm_set_mdptr(md, cell); 301 mutex_unlock(&dm_hash_cells_mutex); 302 up_write(&_hash_lock); 303 304 return 0; 305 306 bad: 307 up_write(&_hash_lock); 308 free_cell(cell); 309 return -EBUSY; 310 } 311 312 static struct dm_table *__hash_remove(struct hash_cell *hc) 313 { 314 struct dm_table *table; 315 int srcu_idx; 316 317 lockdep_assert_held(&_hash_lock); 318 319 /* remove from the dev trees */ 320 __unlink_name(hc); 321 __unlink_uuid(hc); 322 mutex_lock(&dm_hash_cells_mutex); 323 dm_set_mdptr(hc->md, NULL); 324 mutex_unlock(&dm_hash_cells_mutex); 325 326 table = dm_get_live_table(hc->md, &srcu_idx); 327 if (table) 328 dm_table_event(table); 329 dm_put_live_table(hc->md, srcu_idx); 330 331 table = NULL; 332 if (hc->new_map) 333 table = hc->new_map; 334 dm_put(hc->md); 335 free_cell(hc); 336 337 return table; 338 } 339 340 static int dm_hash_remove_all(unsigned flags) 341 { 342 int dev_skipped; 343 struct rb_node *n; 344 struct hash_cell *hc; 345 struct mapped_device *md; 346 struct dm_table *t; 347 348 retry: 349 dev_skipped = 0; 350 351 down_write(&_hash_lock); 352 353 for (n = rb_first(&name_rb_tree); n; n = rb_next(n)) { 354 if (flags & DM_REMOVE_INTERRUPTIBLE && fatal_signal_pending(current)) { 355 up_write(&_hash_lock); 356 return -EINTR; 357 } 358 359 hc = container_of(n, struct hash_cell, name_node); 360 md = hc->md; 361 dm_get(md); 362 363 if (flags & DM_REMOVE_KEEP_OPEN_DEVICES && 364 dm_lock_for_deletion(md, !!(flags & DM_REMOVE_MARK_DEFERRED), !!(flags & DM_REMOVE_ONLY_DEFERRED))) { 365 dm_put(md); 366 dev_skipped++; 367 continue; 368 } 369 370 t = __hash_remove(hc); 371 372 up_write(&_hash_lock); 373 374 if (t) { 375 dm_sync_table(md); 376 dm_table_destroy(t); 377 } 378 dm_ima_measure_on_device_remove(md, true); 379 dm_put(md); 380 if (likely(flags & DM_REMOVE_KEEP_OPEN_DEVICES)) 381 dm_destroy(md); 382 else 383 dm_destroy_immediate(md); 384 385 /* 386 * Some mapped devices may be using other mapped 387 * devices, so repeat until we make no further 388 * progress. If a new mapped device is created 389 * here it will also get removed. 390 */ 391 goto retry; 392 } 393 394 up_write(&_hash_lock); 395 396 if (dev_skipped && !(flags & DM_REMOVE_ONLY_DEFERRED)) 397 DMWARN("remove_all left %d open device(s)", dev_skipped); 398 399 return 0; 400 } 401 402 /* 403 * Set the uuid of a hash_cell that isn't already set. 404 */ 405 static void __set_cell_uuid(struct hash_cell *hc, char *new_uuid) 406 { 407 mutex_lock(&dm_hash_cells_mutex); 408 hc->uuid = new_uuid; 409 mutex_unlock(&dm_hash_cells_mutex); 410 411 __link_uuid(hc); 412 } 413 414 /* 415 * Changes the name of a hash_cell and returns the old name for 416 * the caller to free. 417 */ 418 static char *__change_cell_name(struct hash_cell *hc, char *new_name) 419 { 420 char *old_name; 421 422 /* 423 * Rename and move the name cell. 424 */ 425 __unlink_name(hc); 426 old_name = hc->name; 427 428 mutex_lock(&dm_hash_cells_mutex); 429 hc->name = new_name; 430 mutex_unlock(&dm_hash_cells_mutex); 431 432 __link_name(hc); 433 434 return old_name; 435 } 436 437 static struct mapped_device *dm_hash_rename(struct dm_ioctl *param, 438 const char *new) 439 { 440 char *new_data, *old_name = NULL; 441 struct hash_cell *hc; 442 struct dm_table *table; 443 struct mapped_device *md; 444 unsigned int change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 445 int srcu_idx; 446 447 /* 448 * duplicate new. 449 */ 450 new_data = kstrdup(new, GFP_KERNEL); 451 if (!new_data) 452 return ERR_PTR(-ENOMEM); 453 454 down_write(&_hash_lock); 455 456 /* 457 * Is new free ? 458 */ 459 if (change_uuid) 460 hc = __get_uuid_cell(new); 461 else 462 hc = __get_name_cell(new); 463 464 if (hc) { 465 DMERR("Unable to change %s on mapped device %s to one that already exists: %s", 466 change_uuid ? "uuid" : "name", 467 param->name, new); 468 dm_put(hc->md); 469 up_write(&_hash_lock); 470 kfree(new_data); 471 return ERR_PTR(-EBUSY); 472 } 473 474 /* 475 * Is there such a device as 'old' ? 476 */ 477 hc = __get_name_cell(param->name); 478 if (!hc) { 479 DMERR("Unable to rename non-existent device, %s to %s%s", 480 param->name, change_uuid ? "uuid " : "", new); 481 up_write(&_hash_lock); 482 kfree(new_data); 483 return ERR_PTR(-ENXIO); 484 } 485 486 /* 487 * Does this device already have a uuid? 488 */ 489 if (change_uuid && hc->uuid) { 490 DMERR("Unable to change uuid of mapped device %s to %s " 491 "because uuid is already set to %s", 492 param->name, new, hc->uuid); 493 dm_put(hc->md); 494 up_write(&_hash_lock); 495 kfree(new_data); 496 return ERR_PTR(-EINVAL); 497 } 498 499 if (change_uuid) 500 __set_cell_uuid(hc, new_data); 501 else 502 old_name = __change_cell_name(hc, new_data); 503 504 /* 505 * Wake up any dm event waiters. 506 */ 507 table = dm_get_live_table(hc->md, &srcu_idx); 508 if (table) 509 dm_table_event(table); 510 dm_put_live_table(hc->md, srcu_idx); 511 512 if (!dm_kobject_uevent(hc->md, KOBJ_CHANGE, param->event_nr, false)) 513 param->flags |= DM_UEVENT_GENERATED_FLAG; 514 515 md = hc->md; 516 517 dm_ima_measure_on_device_rename(md); 518 519 up_write(&_hash_lock); 520 kfree(old_name); 521 522 return md; 523 } 524 525 void dm_deferred_remove(void) 526 { 527 dm_hash_remove_all(DM_REMOVE_KEEP_OPEN_DEVICES | DM_REMOVE_ONLY_DEFERRED); 528 } 529 530 /* 531 *--------------------------------------------------------------- 532 * Implementation of the ioctl commands 533 *--------------------------------------------------------------- 534 */ 535 /* 536 * All the ioctl commands get dispatched to functions with this 537 * prototype. 538 */ 539 typedef int (*ioctl_fn)(struct file *filp, struct dm_ioctl *param, size_t param_size); 540 541 static int remove_all(struct file *filp, struct dm_ioctl *param, size_t param_size) 542 { 543 int r; 544 int flags = DM_REMOVE_KEEP_OPEN_DEVICES | DM_REMOVE_INTERRUPTIBLE; 545 if (param->flags & DM_DEFERRED_REMOVE) 546 flags |= DM_REMOVE_MARK_DEFERRED; 547 r = dm_hash_remove_all(flags); 548 param->data_size = 0; 549 return r; 550 } 551 552 /* 553 * Round up the ptr to an 8-byte boundary. 554 */ 555 #define ALIGN_MASK 7 556 static inline size_t align_val(size_t val) 557 { 558 return (val + ALIGN_MASK) & ~ALIGN_MASK; 559 } 560 static inline void *align_ptr(void *ptr) 561 { 562 return (void *)align_val((size_t)ptr); 563 } 564 565 /* 566 * Retrieves the data payload buffer from an already allocated 567 * struct dm_ioctl. 568 */ 569 static void *get_result_buffer(struct dm_ioctl *param, size_t param_size, 570 size_t *len) 571 { 572 param->data_start = align_ptr(param + 1) - (void *) param; 573 574 if (param->data_start < param_size) 575 *len = param_size - param->data_start; 576 else 577 *len = 0; 578 579 return ((void *) param) + param->data_start; 580 } 581 582 static bool filter_device(struct hash_cell *hc, const char *pfx_name, const char *pfx_uuid) 583 { 584 const char *val; 585 size_t val_len, pfx_len; 586 587 val = hc->name; 588 val_len = strlen(val); 589 pfx_len = strnlen(pfx_name, DM_NAME_LEN); 590 if (pfx_len > val_len) 591 return false; 592 if (memcmp(val, pfx_name, pfx_len)) 593 return false; 594 595 val = hc->uuid ? hc->uuid : ""; 596 val_len = strlen(val); 597 pfx_len = strnlen(pfx_uuid, DM_UUID_LEN); 598 if (pfx_len > val_len) 599 return false; 600 if (memcmp(val, pfx_uuid, pfx_len)) 601 return false; 602 603 return true; 604 } 605 606 static int list_devices(struct file *filp, struct dm_ioctl *param, size_t param_size) 607 { 608 struct rb_node *n; 609 struct hash_cell *hc; 610 size_t len, needed = 0; 611 struct gendisk *disk; 612 struct dm_name_list *orig_nl, *nl, *old_nl = NULL; 613 uint32_t *event_nr; 614 615 down_write(&_hash_lock); 616 617 /* 618 * Loop through all the devices working out how much 619 * space we need. 620 */ 621 for (n = rb_first(&name_rb_tree); n; n = rb_next(n)) { 622 hc = container_of(n, struct hash_cell, name_node); 623 if (!filter_device(hc, param->name, param->uuid)) 624 continue; 625 needed += align_val(offsetof(struct dm_name_list, name) + strlen(hc->name) + 1); 626 needed += align_val(sizeof(uint32_t) * 2); 627 if (param->flags & DM_UUID_FLAG && hc->uuid) 628 needed += align_val(strlen(hc->uuid) + 1); 629 } 630 631 /* 632 * Grab our output buffer. 633 */ 634 nl = orig_nl = get_result_buffer(param, param_size, &len); 635 if (len < needed || len < sizeof(nl->dev)) { 636 param->flags |= DM_BUFFER_FULL_FLAG; 637 goto out; 638 } 639 param->data_size = param->data_start + needed; 640 641 nl->dev = 0; /* Flags no data */ 642 643 /* 644 * Now loop through filling out the names. 645 */ 646 for (n = rb_first(&name_rb_tree); n; n = rb_next(n)) { 647 void *uuid_ptr; 648 649 hc = container_of(n, struct hash_cell, name_node); 650 if (!filter_device(hc, param->name, param->uuid)) 651 continue; 652 if (old_nl) 653 old_nl->next = (uint32_t) ((void *) nl - 654 (void *) old_nl); 655 disk = dm_disk(hc->md); 656 nl->dev = huge_encode_dev(disk_devt(disk)); 657 nl->next = 0; 658 strcpy(nl->name, hc->name); 659 660 old_nl = nl; 661 event_nr = align_ptr(nl->name + strlen(hc->name) + 1); 662 event_nr[0] = dm_get_event_nr(hc->md); 663 event_nr[1] = 0; 664 uuid_ptr = align_ptr(event_nr + 2); 665 if (param->flags & DM_UUID_FLAG) { 666 if (hc->uuid) { 667 event_nr[1] |= DM_NAME_LIST_FLAG_HAS_UUID; 668 strcpy(uuid_ptr, hc->uuid); 669 uuid_ptr = align_ptr(uuid_ptr + strlen(hc->uuid) + 1); 670 } else { 671 event_nr[1] |= DM_NAME_LIST_FLAG_DOESNT_HAVE_UUID; 672 } 673 } 674 nl = uuid_ptr; 675 } 676 /* 677 * If mismatch happens, security may be compromised due to buffer 678 * overflow, so it's better to crash. 679 */ 680 BUG_ON((char *)nl - (char *)orig_nl != needed); 681 682 out: 683 up_write(&_hash_lock); 684 return 0; 685 } 686 687 static void list_version_get_needed(struct target_type *tt, void *needed_param) 688 { 689 size_t *needed = needed_param; 690 691 *needed += sizeof(struct dm_target_versions); 692 *needed += strlen(tt->name) + 1; 693 *needed += ALIGN_MASK; 694 } 695 696 static void list_version_get_info(struct target_type *tt, void *param) 697 { 698 struct vers_iter *info = param; 699 700 /* Check space - it might have changed since the first iteration */ 701 if ((char *)info->vers + sizeof(tt->version) + strlen(tt->name) + 1 > info->end) { 702 info->flags = DM_BUFFER_FULL_FLAG; 703 return; 704 } 705 706 if (info->old_vers) 707 info->old_vers->next = (uint32_t) ((void *)info->vers - (void *)info->old_vers); 708 709 info->vers->version[0] = tt->version[0]; 710 info->vers->version[1] = tt->version[1]; 711 info->vers->version[2] = tt->version[2]; 712 info->vers->next = 0; 713 strcpy(info->vers->name, tt->name); 714 715 info->old_vers = info->vers; 716 info->vers = align_ptr((void *)(info->vers + 1) + strlen(tt->name) + 1); 717 } 718 719 static int __list_versions(struct dm_ioctl *param, size_t param_size, const char *name) 720 { 721 size_t len, needed = 0; 722 struct dm_target_versions *vers; 723 struct vers_iter iter_info; 724 struct target_type *tt = NULL; 725 726 if (name) { 727 tt = dm_get_target_type(name); 728 if (!tt) 729 return -EINVAL; 730 } 731 732 /* 733 * Loop through all the devices working out how much 734 * space we need. 735 */ 736 if (!tt) 737 dm_target_iterate(list_version_get_needed, &needed); 738 else 739 list_version_get_needed(tt, &needed); 740 741 /* 742 * Grab our output buffer. 743 */ 744 vers = get_result_buffer(param, param_size, &len); 745 if (len < needed) { 746 param->flags |= DM_BUFFER_FULL_FLAG; 747 goto out; 748 } 749 param->data_size = param->data_start + needed; 750 751 iter_info.param_size = param_size; 752 iter_info.old_vers = NULL; 753 iter_info.vers = vers; 754 iter_info.flags = 0; 755 iter_info.end = (char *)vers + needed; 756 757 /* 758 * Now loop through filling out the names & versions. 759 */ 760 if (!tt) 761 dm_target_iterate(list_version_get_info, &iter_info); 762 else 763 list_version_get_info(tt, &iter_info); 764 param->flags |= iter_info.flags; 765 766 out: 767 if (tt) 768 dm_put_target_type(tt); 769 return 0; 770 } 771 772 static int list_versions(struct file *filp, struct dm_ioctl *param, size_t param_size) 773 { 774 return __list_versions(param, param_size, NULL); 775 } 776 777 static int get_target_version(struct file *filp, struct dm_ioctl *param, size_t param_size) 778 { 779 return __list_versions(param, param_size, param->name); 780 } 781 782 static int check_name(const char *name) 783 { 784 if (strchr(name, '/')) { 785 DMERR("device name cannot contain '/'"); 786 return -EINVAL; 787 } 788 789 if (strcmp(name, DM_CONTROL_NODE) == 0 || 790 strcmp(name, ".") == 0 || 791 strcmp(name, "..") == 0) { 792 DMERR("device name cannot be \"%s\", \".\", or \"..\"", DM_CONTROL_NODE); 793 return -EINVAL; 794 } 795 796 return 0; 797 } 798 799 /* 800 * On successful return, the caller must not attempt to acquire 801 * _hash_lock without first calling dm_put_live_table, because dm_table_destroy 802 * waits for this dm_put_live_table and could be called under this lock. 803 */ 804 static struct dm_table *dm_get_inactive_table(struct mapped_device *md, int *srcu_idx) 805 { 806 struct hash_cell *hc; 807 struct dm_table *table = NULL; 808 809 /* increment rcu count, we don't care about the table pointer */ 810 dm_get_live_table(md, srcu_idx); 811 812 down_read(&_hash_lock); 813 hc = dm_get_mdptr(md); 814 if (!hc) { 815 DMERR("device has been removed from the dev hash table."); 816 goto out; 817 } 818 819 table = hc->new_map; 820 821 out: 822 up_read(&_hash_lock); 823 824 return table; 825 } 826 827 static struct dm_table *dm_get_live_or_inactive_table(struct mapped_device *md, 828 struct dm_ioctl *param, 829 int *srcu_idx) 830 { 831 return (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) ? 832 dm_get_inactive_table(md, srcu_idx) : dm_get_live_table(md, srcu_idx); 833 } 834 835 /* 836 * Fills in a dm_ioctl structure, ready for sending back to 837 * userland. 838 */ 839 static void __dev_status(struct mapped_device *md, struct dm_ioctl *param) 840 { 841 struct gendisk *disk = dm_disk(md); 842 struct dm_table *table; 843 int srcu_idx; 844 845 param->flags &= ~(DM_SUSPEND_FLAG | DM_READONLY_FLAG | 846 DM_ACTIVE_PRESENT_FLAG | DM_INTERNAL_SUSPEND_FLAG); 847 848 if (dm_suspended_md(md)) 849 param->flags |= DM_SUSPEND_FLAG; 850 851 if (dm_suspended_internally_md(md)) 852 param->flags |= DM_INTERNAL_SUSPEND_FLAG; 853 854 if (dm_test_deferred_remove_flag(md)) 855 param->flags |= DM_DEFERRED_REMOVE; 856 857 param->dev = huge_encode_dev(disk_devt(disk)); 858 859 /* 860 * Yes, this will be out of date by the time it gets back 861 * to userland, but it is still very useful for 862 * debugging. 863 */ 864 param->open_count = dm_open_count(md); 865 866 param->event_nr = dm_get_event_nr(md); 867 param->target_count = 0; 868 869 table = dm_get_live_table(md, &srcu_idx); 870 if (table) { 871 if (!(param->flags & DM_QUERY_INACTIVE_TABLE_FLAG)) { 872 if (get_disk_ro(disk)) 873 param->flags |= DM_READONLY_FLAG; 874 param->target_count = table->num_targets; 875 } 876 877 param->flags |= DM_ACTIVE_PRESENT_FLAG; 878 } 879 dm_put_live_table(md, srcu_idx); 880 881 if (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) { 882 int srcu_idx; 883 884 table = dm_get_inactive_table(md, &srcu_idx); 885 if (table) { 886 if (!(dm_table_get_mode(table) & BLK_OPEN_WRITE)) 887 param->flags |= DM_READONLY_FLAG; 888 param->target_count = table->num_targets; 889 } 890 dm_put_live_table(md, srcu_idx); 891 } 892 } 893 894 static int dev_create(struct file *filp, struct dm_ioctl *param, size_t param_size) 895 { 896 int r, m = DM_ANY_MINOR; 897 struct mapped_device *md; 898 899 r = check_name(param->name); 900 if (r) 901 return r; 902 903 if (param->flags & DM_PERSISTENT_DEV_FLAG) 904 m = MINOR(huge_decode_dev(param->dev)); 905 906 r = dm_create(m, &md); 907 if (r) 908 return r; 909 910 r = dm_hash_insert(param->name, *param->uuid ? param->uuid : NULL, md); 911 if (r) { 912 dm_put(md); 913 dm_destroy(md); 914 return r; 915 } 916 917 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 918 919 __dev_status(md, param); 920 921 dm_put(md); 922 923 return 0; 924 } 925 926 /* 927 * Always use UUID for lookups if it's present, otherwise use name or dev. 928 */ 929 static struct hash_cell *__find_device_hash_cell(struct dm_ioctl *param) 930 { 931 struct hash_cell *hc = NULL; 932 933 if (*param->uuid) { 934 if (*param->name || param->dev) { 935 DMERR("Invalid ioctl structure: uuid %s, name %s, dev %llx", 936 param->uuid, param->name, (unsigned long long)param->dev); 937 return NULL; 938 } 939 940 hc = __get_uuid_cell(param->uuid); 941 if (!hc) 942 return NULL; 943 } else if (*param->name) { 944 if (param->dev) { 945 DMERR("Invalid ioctl structure: name %s, dev %llx", 946 param->name, (unsigned long long)param->dev); 947 return NULL; 948 } 949 950 hc = __get_name_cell(param->name); 951 if (!hc) 952 return NULL; 953 } else if (param->dev) { 954 hc = __get_dev_cell(param->dev); 955 if (!hc) 956 return NULL; 957 } else 958 return NULL; 959 960 /* 961 * Sneakily write in both the name and the uuid 962 * while we have the cell. 963 */ 964 strscpy(param->name, hc->name, sizeof(param->name)); 965 if (hc->uuid) 966 strscpy(param->uuid, hc->uuid, sizeof(param->uuid)); 967 else 968 param->uuid[0] = '\0'; 969 970 if (hc->new_map) 971 param->flags |= DM_INACTIVE_PRESENT_FLAG; 972 else 973 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 974 975 return hc; 976 } 977 978 static struct mapped_device *find_device(struct dm_ioctl *param) 979 { 980 struct hash_cell *hc; 981 struct mapped_device *md = NULL; 982 983 down_read(&_hash_lock); 984 hc = __find_device_hash_cell(param); 985 if (hc) 986 md = hc->md; 987 up_read(&_hash_lock); 988 989 return md; 990 } 991 992 static int dev_remove(struct file *filp, struct dm_ioctl *param, size_t param_size) 993 { 994 struct hash_cell *hc; 995 struct mapped_device *md; 996 int r; 997 struct dm_table *t; 998 999 down_write(&_hash_lock); 1000 hc = __find_device_hash_cell(param); 1001 1002 if (!hc) { 1003 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1004 up_write(&_hash_lock); 1005 return -ENXIO; 1006 } 1007 1008 md = hc->md; 1009 1010 /* 1011 * Ensure the device is not open and nothing further can open it. 1012 */ 1013 r = dm_lock_for_deletion(md, !!(param->flags & DM_DEFERRED_REMOVE), false); 1014 if (r) { 1015 if (r == -EBUSY && param->flags & DM_DEFERRED_REMOVE) { 1016 up_write(&_hash_lock); 1017 dm_put(md); 1018 return 0; 1019 } 1020 DMDEBUG_LIMIT("unable to remove open device %s", hc->name); 1021 up_write(&_hash_lock); 1022 dm_put(md); 1023 return r; 1024 } 1025 1026 t = __hash_remove(hc); 1027 up_write(&_hash_lock); 1028 1029 if (t) { 1030 dm_sync_table(md); 1031 dm_table_destroy(t); 1032 } 1033 1034 param->flags &= ~DM_DEFERRED_REMOVE; 1035 1036 dm_ima_measure_on_device_remove(md, false); 1037 1038 if (!dm_kobject_uevent(md, KOBJ_REMOVE, param->event_nr, false)) 1039 param->flags |= DM_UEVENT_GENERATED_FLAG; 1040 1041 dm_put(md); 1042 dm_destroy(md); 1043 return 0; 1044 } 1045 1046 /* 1047 * Check a string doesn't overrun the chunk of 1048 * memory we copied from userland. 1049 */ 1050 static int invalid_str(char *str, void *end) 1051 { 1052 while ((void *) str < end) 1053 if (!*str++) 1054 return 0; 1055 1056 return -EINVAL; 1057 } 1058 1059 static int dev_rename(struct file *filp, struct dm_ioctl *param, size_t param_size) 1060 { 1061 int r; 1062 char *new_data = (char *) param + param->data_start; 1063 struct mapped_device *md; 1064 unsigned int change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0; 1065 1066 if (new_data < param->data || 1067 invalid_str(new_data, (void *) param + param_size) || !*new_data || 1068 strlen(new_data) > (change_uuid ? DM_UUID_LEN - 1 : DM_NAME_LEN - 1)) { 1069 DMERR("Invalid new mapped device name or uuid string supplied."); 1070 return -EINVAL; 1071 } 1072 1073 if (!change_uuid) { 1074 r = check_name(new_data); 1075 if (r) 1076 return r; 1077 } 1078 1079 md = dm_hash_rename(param, new_data); 1080 if (IS_ERR(md)) 1081 return PTR_ERR(md); 1082 1083 __dev_status(md, param); 1084 dm_put(md); 1085 1086 return 0; 1087 } 1088 1089 static int dev_set_geometry(struct file *filp, struct dm_ioctl *param, size_t param_size) 1090 { 1091 int r = -EINVAL, x; 1092 struct mapped_device *md; 1093 struct hd_geometry geometry; 1094 unsigned long indata[4]; 1095 char *geostr = (char *) param + param->data_start; 1096 char dummy; 1097 1098 md = find_device(param); 1099 if (!md) 1100 return -ENXIO; 1101 1102 if (geostr < param->data || 1103 invalid_str(geostr, (void *) param + param_size)) { 1104 DMERR("Invalid geometry supplied."); 1105 goto out; 1106 } 1107 1108 x = sscanf(geostr, "%lu %lu %lu %lu%c", indata, 1109 indata + 1, indata + 2, indata + 3, &dummy); 1110 1111 if (x != 4) { 1112 DMERR("Unable to interpret geometry settings."); 1113 goto out; 1114 } 1115 1116 if (indata[0] > 65535 || indata[1] > 255 || indata[2] > 255) { 1117 DMERR("Geometry exceeds range limits."); 1118 goto out; 1119 } 1120 1121 geometry.cylinders = indata[0]; 1122 geometry.heads = indata[1]; 1123 geometry.sectors = indata[2]; 1124 geometry.start = indata[3]; 1125 1126 r = dm_set_geometry(md, &geometry); 1127 1128 param->data_size = 0; 1129 1130 out: 1131 dm_put(md); 1132 return r; 1133 } 1134 1135 static int do_suspend(struct dm_ioctl *param) 1136 { 1137 int r = 0; 1138 unsigned int suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 1139 struct mapped_device *md; 1140 1141 md = find_device(param); 1142 if (!md) 1143 return -ENXIO; 1144 1145 if (param->flags & DM_SKIP_LOCKFS_FLAG) 1146 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 1147 if (param->flags & DM_NOFLUSH_FLAG) 1148 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 1149 1150 if (!dm_suspended_md(md)) { 1151 r = dm_suspend(md, suspend_flags); 1152 if (r) 1153 goto out; 1154 } 1155 1156 __dev_status(md, param); 1157 1158 out: 1159 dm_put(md); 1160 1161 return r; 1162 } 1163 1164 static int do_resume(struct dm_ioctl *param) 1165 { 1166 int r = 0; 1167 unsigned int suspend_flags = DM_SUSPEND_LOCKFS_FLAG; 1168 struct hash_cell *hc; 1169 struct mapped_device *md; 1170 struct dm_table *new_map, *old_map = NULL; 1171 bool need_resize_uevent = false; 1172 1173 down_write(&_hash_lock); 1174 1175 hc = __find_device_hash_cell(param); 1176 if (!hc) { 1177 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1178 up_write(&_hash_lock); 1179 return -ENXIO; 1180 } 1181 1182 md = hc->md; 1183 1184 new_map = hc->new_map; 1185 hc->new_map = NULL; 1186 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 1187 1188 up_write(&_hash_lock); 1189 1190 /* Do we need to load a new map ? */ 1191 if (new_map) { 1192 sector_t old_size, new_size; 1193 1194 /* Suspend if it isn't already suspended */ 1195 if (param->flags & DM_SKIP_LOCKFS_FLAG) 1196 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG; 1197 if (param->flags & DM_NOFLUSH_FLAG) 1198 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG; 1199 if (!dm_suspended_md(md)) { 1200 r = dm_suspend(md, suspend_flags); 1201 if (r) { 1202 down_write(&_hash_lock); 1203 hc = dm_get_mdptr(md); 1204 if (hc && !hc->new_map) { 1205 hc->new_map = new_map; 1206 new_map = NULL; 1207 } else { 1208 r = -ENXIO; 1209 } 1210 up_write(&_hash_lock); 1211 if (new_map) { 1212 dm_sync_table(md); 1213 dm_table_destroy(new_map); 1214 } 1215 dm_put(md); 1216 return r; 1217 } 1218 } 1219 1220 old_size = dm_get_size(md); 1221 old_map = dm_swap_table(md, new_map); 1222 if (IS_ERR(old_map)) { 1223 dm_sync_table(md); 1224 dm_table_destroy(new_map); 1225 dm_put(md); 1226 return PTR_ERR(old_map); 1227 } 1228 new_size = dm_get_size(md); 1229 if (old_size && new_size && old_size != new_size) 1230 need_resize_uevent = true; 1231 1232 if (dm_table_get_mode(new_map) & BLK_OPEN_WRITE) 1233 set_disk_ro(dm_disk(md), 0); 1234 else 1235 set_disk_ro(dm_disk(md), 1); 1236 } 1237 1238 if (dm_suspended_md(md)) { 1239 r = dm_resume(md); 1240 if (!r) { 1241 dm_ima_measure_on_device_resume(md, new_map ? true : false); 1242 1243 if (!dm_kobject_uevent(md, KOBJ_CHANGE, param->event_nr, need_resize_uevent)) 1244 param->flags |= DM_UEVENT_GENERATED_FLAG; 1245 } 1246 } 1247 1248 /* 1249 * Since dm_swap_table synchronizes RCU, nobody should be in 1250 * read-side critical section already. 1251 */ 1252 if (old_map) 1253 dm_table_destroy(old_map); 1254 1255 if (!r) 1256 __dev_status(md, param); 1257 1258 dm_put(md); 1259 return r; 1260 } 1261 1262 /* 1263 * Set or unset the suspension state of a device. 1264 * If the device already is in the requested state we just return its status. 1265 */ 1266 static int dev_suspend(struct file *filp, struct dm_ioctl *param, size_t param_size) 1267 { 1268 if (param->flags & DM_SUSPEND_FLAG) 1269 return do_suspend(param); 1270 1271 return do_resume(param); 1272 } 1273 1274 /* 1275 * Copies device info back to user space, used by 1276 * the create and info ioctls. 1277 */ 1278 static int dev_status(struct file *filp, struct dm_ioctl *param, size_t param_size) 1279 { 1280 struct mapped_device *md; 1281 1282 md = find_device(param); 1283 if (!md) 1284 return -ENXIO; 1285 1286 __dev_status(md, param); 1287 dm_put(md); 1288 1289 return 0; 1290 } 1291 1292 /* 1293 * Build up the status struct for each target 1294 */ 1295 static void retrieve_status(struct dm_table *table, 1296 struct dm_ioctl *param, size_t param_size) 1297 { 1298 unsigned int i, num_targets; 1299 struct dm_target_spec *spec; 1300 char *outbuf, *outptr; 1301 status_type_t type; 1302 size_t remaining, len, used = 0; 1303 unsigned int status_flags = 0; 1304 1305 outptr = outbuf = get_result_buffer(param, param_size, &len); 1306 1307 if (param->flags & DM_STATUS_TABLE_FLAG) 1308 type = STATUSTYPE_TABLE; 1309 else if (param->flags & DM_IMA_MEASUREMENT_FLAG) 1310 type = STATUSTYPE_IMA; 1311 else 1312 type = STATUSTYPE_INFO; 1313 1314 /* Get all the target info */ 1315 num_targets = table->num_targets; 1316 for (i = 0; i < num_targets; i++) { 1317 struct dm_target *ti = dm_table_get_target(table, i); 1318 size_t l; 1319 1320 remaining = len - (outptr - outbuf); 1321 if (remaining <= sizeof(struct dm_target_spec)) { 1322 param->flags |= DM_BUFFER_FULL_FLAG; 1323 break; 1324 } 1325 1326 spec = (struct dm_target_spec *) outptr; 1327 1328 spec->status = 0; 1329 spec->sector_start = ti->begin; 1330 spec->length = ti->len; 1331 strscpy_pad(spec->target_type, ti->type->name, 1332 sizeof(spec->target_type)); 1333 1334 outptr += sizeof(struct dm_target_spec); 1335 remaining = len - (outptr - outbuf); 1336 if (remaining <= 0) { 1337 param->flags |= DM_BUFFER_FULL_FLAG; 1338 break; 1339 } 1340 1341 /* Get the status/table string from the target driver */ 1342 if (ti->type->status) { 1343 if (param->flags & DM_NOFLUSH_FLAG) 1344 status_flags |= DM_STATUS_NOFLUSH_FLAG; 1345 ti->type->status(ti, type, status_flags, outptr, remaining); 1346 } else 1347 outptr[0] = '\0'; 1348 1349 l = strlen(outptr) + 1; 1350 if (l == remaining) { 1351 param->flags |= DM_BUFFER_FULL_FLAG; 1352 break; 1353 } 1354 1355 outptr += l; 1356 used = param->data_start + (outptr - outbuf); 1357 1358 outptr = align_ptr(outptr); 1359 if (!outptr || outptr > outbuf + len) { 1360 param->flags |= DM_BUFFER_FULL_FLAG; 1361 break; 1362 } 1363 spec->next = outptr - outbuf; 1364 } 1365 1366 if (used) 1367 param->data_size = used; 1368 1369 param->target_count = num_targets; 1370 } 1371 1372 /* 1373 * Wait for a device to report an event 1374 */ 1375 static int dev_wait(struct file *filp, struct dm_ioctl *param, size_t param_size) 1376 { 1377 int r = 0; 1378 struct mapped_device *md; 1379 struct dm_table *table; 1380 int srcu_idx; 1381 1382 md = find_device(param); 1383 if (!md) 1384 return -ENXIO; 1385 1386 /* 1387 * Wait for a notification event 1388 */ 1389 if (dm_wait_event(md, param->event_nr)) { 1390 r = -ERESTARTSYS; 1391 goto out; 1392 } 1393 1394 /* 1395 * The userland program is going to want to know what 1396 * changed to trigger the event, so we may as well tell 1397 * him and save an ioctl. 1398 */ 1399 __dev_status(md, param); 1400 1401 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1402 if (table) 1403 retrieve_status(table, param, param_size); 1404 dm_put_live_table(md, srcu_idx); 1405 1406 out: 1407 dm_put(md); 1408 1409 return r; 1410 } 1411 1412 /* 1413 * Remember the global event number and make it possible to poll 1414 * for further events. 1415 */ 1416 static int dev_arm_poll(struct file *filp, struct dm_ioctl *param, size_t param_size) 1417 { 1418 struct dm_file *priv = filp->private_data; 1419 1420 priv->global_event_nr = atomic_read(&dm_global_event_nr); 1421 1422 return 0; 1423 } 1424 1425 static inline blk_mode_t get_mode(struct dm_ioctl *param) 1426 { 1427 blk_mode_t mode = BLK_OPEN_READ | BLK_OPEN_WRITE; 1428 1429 if (param->flags & DM_READONLY_FLAG) 1430 mode = BLK_OPEN_READ; 1431 1432 return mode; 1433 } 1434 1435 static int next_target(struct dm_target_spec *last, uint32_t next, const char *end, 1436 struct dm_target_spec **spec, char **target_params) 1437 { 1438 static_assert(__alignof__(struct dm_target_spec) <= 8, 1439 "struct dm_target_spec must not require more than 8-byte alignment"); 1440 1441 /* 1442 * Number of bytes remaining, starting with last. This is always 1443 * sizeof(struct dm_target_spec) or more, as otherwise *last was 1444 * out of bounds already. 1445 */ 1446 size_t remaining = end - (char *)last; 1447 1448 /* 1449 * There must be room for both the next target spec and the 1450 * NUL-terminator of the target itself. 1451 */ 1452 if (remaining - sizeof(struct dm_target_spec) <= next) { 1453 DMERR("Target spec extends beyond end of parameters"); 1454 return -EINVAL; 1455 } 1456 1457 if (next % __alignof__(struct dm_target_spec)) { 1458 DMERR("Next dm_target_spec (offset %u) is not %zu-byte aligned", 1459 next, __alignof__(struct dm_target_spec)); 1460 return -EINVAL; 1461 } 1462 1463 *spec = (struct dm_target_spec *) ((unsigned char *) last + next); 1464 *target_params = (char *) (*spec + 1); 1465 1466 return 0; 1467 } 1468 1469 static int populate_table(struct dm_table *table, 1470 struct dm_ioctl *param, size_t param_size) 1471 { 1472 int r; 1473 unsigned int i = 0; 1474 struct dm_target_spec *spec = (struct dm_target_spec *) param; 1475 uint32_t next = param->data_start; 1476 const char *const end = (const char *) param + param_size; 1477 char *target_params; 1478 size_t min_size = sizeof(struct dm_ioctl); 1479 1480 if (!param->target_count) { 1481 DMERR("%s: no targets specified", __func__); 1482 return -EINVAL; 1483 } 1484 1485 for (i = 0; i < param->target_count; i++) { 1486 const char *nul_terminator; 1487 1488 if (next < min_size) { 1489 DMERR("%s: next target spec (offset %u) overlaps %s", 1490 __func__, next, i ? "previous target" : "'struct dm_ioctl'"); 1491 return -EINVAL; 1492 } 1493 1494 r = next_target(spec, next, end, &spec, &target_params); 1495 if (r) { 1496 DMERR("unable to find target"); 1497 return r; 1498 } 1499 1500 nul_terminator = memchr(target_params, 0, (size_t)(end - target_params)); 1501 if (nul_terminator == NULL) { 1502 DMERR("%s: target parameters not NUL-terminated", __func__); 1503 return -EINVAL; 1504 } 1505 1506 /* Add 1 for NUL terminator */ 1507 min_size = (size_t)(nul_terminator - (const char *)spec) + 1; 1508 1509 r = dm_table_add_target(table, spec->target_type, 1510 (sector_t) spec->sector_start, 1511 (sector_t) spec->length, 1512 target_params); 1513 if (r) { 1514 DMERR("error adding target to table"); 1515 return r; 1516 } 1517 1518 next = spec->next; 1519 } 1520 1521 return dm_table_complete(table); 1522 } 1523 1524 static bool is_valid_type(enum dm_queue_mode cur, enum dm_queue_mode new) 1525 { 1526 if (cur == new || 1527 (cur == DM_TYPE_BIO_BASED && new == DM_TYPE_DAX_BIO_BASED)) 1528 return true; 1529 1530 return false; 1531 } 1532 1533 static int table_load(struct file *filp, struct dm_ioctl *param, size_t param_size) 1534 { 1535 int r; 1536 struct hash_cell *hc; 1537 struct dm_table *t, *old_map = NULL; 1538 struct mapped_device *md; 1539 struct target_type *immutable_target_type; 1540 1541 md = find_device(param); 1542 if (!md) 1543 return -ENXIO; 1544 1545 r = dm_table_create(&t, get_mode(param), param->target_count, md); 1546 if (r) 1547 goto err; 1548 1549 /* Protect md->type and md->queue against concurrent table loads. */ 1550 dm_lock_md_type(md); 1551 r = populate_table(t, param, param_size); 1552 if (r) 1553 goto err_unlock_md_type; 1554 1555 dm_ima_measure_on_table_load(t, STATUSTYPE_IMA); 1556 1557 immutable_target_type = dm_get_immutable_target_type(md); 1558 if (immutable_target_type && 1559 (immutable_target_type != dm_table_get_immutable_target_type(t)) && 1560 !dm_table_get_wildcard_target(t)) { 1561 DMERR("can't replace immutable target type %s", 1562 immutable_target_type->name); 1563 r = -EINVAL; 1564 goto err_unlock_md_type; 1565 } 1566 1567 if (dm_get_md_type(md) == DM_TYPE_NONE) { 1568 /* setup md->queue to reflect md's type (may block) */ 1569 r = dm_setup_md_queue(md, t); 1570 if (r) { 1571 DMERR("unable to set up device queue for new table."); 1572 goto err_unlock_md_type; 1573 } 1574 } else if (!is_valid_type(dm_get_md_type(md), dm_table_get_type(t))) { 1575 DMERR("can't change device type (old=%u vs new=%u) after initial table load.", 1576 dm_get_md_type(md), dm_table_get_type(t)); 1577 r = -EINVAL; 1578 goto err_unlock_md_type; 1579 } 1580 1581 dm_unlock_md_type(md); 1582 1583 /* stage inactive table */ 1584 down_write(&_hash_lock); 1585 hc = dm_get_mdptr(md); 1586 if (!hc) { 1587 DMERR("device has been removed from the dev hash table."); 1588 up_write(&_hash_lock); 1589 r = -ENXIO; 1590 goto err_destroy_table; 1591 } 1592 1593 if (hc->new_map) 1594 old_map = hc->new_map; 1595 hc->new_map = t; 1596 up_write(&_hash_lock); 1597 1598 param->flags |= DM_INACTIVE_PRESENT_FLAG; 1599 __dev_status(md, param); 1600 1601 if (old_map) { 1602 dm_sync_table(md); 1603 dm_table_destroy(old_map); 1604 } 1605 1606 dm_put(md); 1607 1608 return 0; 1609 1610 err_unlock_md_type: 1611 dm_unlock_md_type(md); 1612 err_destroy_table: 1613 dm_table_destroy(t); 1614 err: 1615 dm_put(md); 1616 1617 return r; 1618 } 1619 1620 static int table_clear(struct file *filp, struct dm_ioctl *param, size_t param_size) 1621 { 1622 struct hash_cell *hc; 1623 struct mapped_device *md; 1624 struct dm_table *old_map = NULL; 1625 bool has_new_map = false; 1626 1627 down_write(&_hash_lock); 1628 1629 hc = __find_device_hash_cell(param); 1630 if (!hc) { 1631 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table."); 1632 up_write(&_hash_lock); 1633 return -ENXIO; 1634 } 1635 1636 if (hc->new_map) { 1637 old_map = hc->new_map; 1638 hc->new_map = NULL; 1639 has_new_map = true; 1640 } 1641 1642 md = hc->md; 1643 up_write(&_hash_lock); 1644 1645 param->flags &= ~DM_INACTIVE_PRESENT_FLAG; 1646 __dev_status(md, param); 1647 1648 if (old_map) { 1649 dm_sync_table(md); 1650 dm_table_destroy(old_map); 1651 } 1652 dm_ima_measure_on_table_clear(md, has_new_map); 1653 dm_put(md); 1654 1655 return 0; 1656 } 1657 1658 /* 1659 * Retrieves a list of devices used by a particular dm device. 1660 */ 1661 static void retrieve_deps(struct dm_table *table, 1662 struct dm_ioctl *param, size_t param_size) 1663 { 1664 unsigned int count = 0; 1665 struct list_head *tmp; 1666 size_t len, needed; 1667 struct dm_dev_internal *dd; 1668 struct dm_target_deps *deps; 1669 1670 deps = get_result_buffer(param, param_size, &len); 1671 1672 /* 1673 * Count the devices. 1674 */ 1675 list_for_each(tmp, dm_table_get_devices(table)) 1676 count++; 1677 1678 /* 1679 * Check we have enough space. 1680 */ 1681 needed = struct_size(deps, dev, count); 1682 if (len < needed) { 1683 param->flags |= DM_BUFFER_FULL_FLAG; 1684 return; 1685 } 1686 1687 /* 1688 * Fill in the devices. 1689 */ 1690 deps->count = count; 1691 count = 0; 1692 list_for_each_entry(dd, dm_table_get_devices(table), list) 1693 deps->dev[count++] = huge_encode_dev(dd->dm_dev->bdev->bd_dev); 1694 1695 param->data_size = param->data_start + needed; 1696 } 1697 1698 static int table_deps(struct file *filp, struct dm_ioctl *param, size_t param_size) 1699 { 1700 struct mapped_device *md; 1701 struct dm_table *table; 1702 int srcu_idx; 1703 1704 md = find_device(param); 1705 if (!md) 1706 return -ENXIO; 1707 1708 __dev_status(md, param); 1709 1710 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1711 if (table) 1712 retrieve_deps(table, param, param_size); 1713 dm_put_live_table(md, srcu_idx); 1714 1715 dm_put(md); 1716 1717 return 0; 1718 } 1719 1720 /* 1721 * Return the status of a device as a text string for each 1722 * target. 1723 */ 1724 static int table_status(struct file *filp, struct dm_ioctl *param, size_t param_size) 1725 { 1726 struct mapped_device *md; 1727 struct dm_table *table; 1728 int srcu_idx; 1729 1730 md = find_device(param); 1731 if (!md) 1732 return -ENXIO; 1733 1734 __dev_status(md, param); 1735 1736 table = dm_get_live_or_inactive_table(md, param, &srcu_idx); 1737 if (table) 1738 retrieve_status(table, param, param_size); 1739 dm_put_live_table(md, srcu_idx); 1740 1741 dm_put(md); 1742 1743 return 0; 1744 } 1745 1746 /* 1747 * Process device-mapper dependent messages. Messages prefixed with '@' 1748 * are processed by the DM core. All others are delivered to the target. 1749 * Returns a number <= 1 if message was processed by device mapper. 1750 * Returns 2 if message should be delivered to the target. 1751 */ 1752 static int message_for_md(struct mapped_device *md, unsigned int argc, char **argv, 1753 char *result, unsigned int maxlen) 1754 { 1755 int r; 1756 1757 if (**argv != '@') 1758 return 2; /* no '@' prefix, deliver to target */ 1759 1760 if (!strcasecmp(argv[0], "@cancel_deferred_remove")) { 1761 if (argc != 1) { 1762 DMERR("Invalid arguments for @cancel_deferred_remove"); 1763 return -EINVAL; 1764 } 1765 return dm_cancel_deferred_remove(md); 1766 } 1767 1768 r = dm_stats_message(md, argc, argv, result, maxlen); 1769 if (r < 2) 1770 return r; 1771 1772 DMERR("Unsupported message sent to DM core: %s", argv[0]); 1773 return -EINVAL; 1774 } 1775 1776 /* 1777 * Pass a message to the target that's at the supplied device offset. 1778 */ 1779 static int target_message(struct file *filp, struct dm_ioctl *param, size_t param_size) 1780 { 1781 int r, argc; 1782 char **argv; 1783 struct mapped_device *md; 1784 struct dm_table *table; 1785 struct dm_target *ti; 1786 struct dm_target_msg *tmsg = (void *) param + param->data_start; 1787 size_t maxlen; 1788 char *result = get_result_buffer(param, param_size, &maxlen); 1789 int srcu_idx; 1790 1791 md = find_device(param); 1792 if (!md) 1793 return -ENXIO; 1794 1795 if (tmsg < (struct dm_target_msg *) param->data || 1796 invalid_str(tmsg->message, (void *) param + param_size)) { 1797 DMERR("Invalid target message parameters."); 1798 r = -EINVAL; 1799 goto out; 1800 } 1801 1802 r = dm_split_args(&argc, &argv, tmsg->message); 1803 if (r) { 1804 DMERR("Failed to split target message parameters"); 1805 goto out; 1806 } 1807 1808 if (!argc) { 1809 DMERR("Empty message received."); 1810 r = -EINVAL; 1811 goto out_argv; 1812 } 1813 1814 r = message_for_md(md, argc, argv, result, maxlen); 1815 if (r <= 1) 1816 goto out_argv; 1817 1818 table = dm_get_live_table(md, &srcu_idx); 1819 if (!table) 1820 goto out_table; 1821 1822 if (dm_deleting_md(md)) { 1823 r = -ENXIO; 1824 goto out_table; 1825 } 1826 1827 ti = dm_table_find_target(table, tmsg->sector); 1828 if (!ti) { 1829 DMERR("Target message sector outside device."); 1830 r = -EINVAL; 1831 } else if (ti->type->message) 1832 r = ti->type->message(ti, argc, argv, result, maxlen); 1833 else { 1834 DMERR("Target type does not support messages"); 1835 r = -EINVAL; 1836 } 1837 1838 out_table: 1839 dm_put_live_table(md, srcu_idx); 1840 out_argv: 1841 kfree(argv); 1842 out: 1843 if (r >= 0) 1844 __dev_status(md, param); 1845 1846 if (r == 1) { 1847 param->flags |= DM_DATA_OUT_FLAG; 1848 if (dm_message_test_buffer_overflow(result, maxlen)) 1849 param->flags |= DM_BUFFER_FULL_FLAG; 1850 else 1851 param->data_size = param->data_start + strlen(result) + 1; 1852 r = 0; 1853 } 1854 1855 dm_put(md); 1856 return r; 1857 } 1858 1859 /* 1860 * The ioctl parameter block consists of two parts, a dm_ioctl struct 1861 * followed by a data buffer. This flag is set if the second part, 1862 * which has a variable size, is not used by the function processing 1863 * the ioctl. 1864 */ 1865 #define IOCTL_FLAGS_NO_PARAMS 1 1866 #define IOCTL_FLAGS_ISSUE_GLOBAL_EVENT 2 1867 1868 /* 1869 *--------------------------------------------------------------- 1870 * Implementation of open/close/ioctl on the special char device. 1871 *--------------------------------------------------------------- 1872 */ 1873 static ioctl_fn lookup_ioctl(unsigned int cmd, int *ioctl_flags) 1874 { 1875 static const struct { 1876 int cmd; 1877 int flags; 1878 ioctl_fn fn; 1879 } _ioctls[] = { 1880 {DM_VERSION_CMD, 0, NULL}, /* version is dealt with elsewhere */ 1881 {DM_REMOVE_ALL_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, remove_all}, 1882 {DM_LIST_DEVICES_CMD, 0, list_devices}, 1883 1884 {DM_DEV_CREATE_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_create}, 1885 {DM_DEV_REMOVE_CMD, IOCTL_FLAGS_NO_PARAMS | IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_remove}, 1886 {DM_DEV_RENAME_CMD, IOCTL_FLAGS_ISSUE_GLOBAL_EVENT, dev_rename}, 1887 {DM_DEV_SUSPEND_CMD, IOCTL_FLAGS_NO_PARAMS, dev_suspend}, 1888 {DM_DEV_STATUS_CMD, IOCTL_FLAGS_NO_PARAMS, dev_status}, 1889 {DM_DEV_WAIT_CMD, 0, dev_wait}, 1890 1891 {DM_TABLE_LOAD_CMD, 0, table_load}, 1892 {DM_TABLE_CLEAR_CMD, IOCTL_FLAGS_NO_PARAMS, table_clear}, 1893 {DM_TABLE_DEPS_CMD, 0, table_deps}, 1894 {DM_TABLE_STATUS_CMD, 0, table_status}, 1895 1896 {DM_LIST_VERSIONS_CMD, 0, list_versions}, 1897 1898 {DM_TARGET_MSG_CMD, 0, target_message}, 1899 {DM_DEV_SET_GEOMETRY_CMD, 0, dev_set_geometry}, 1900 {DM_DEV_ARM_POLL_CMD, IOCTL_FLAGS_NO_PARAMS, dev_arm_poll}, 1901 {DM_GET_TARGET_VERSION_CMD, 0, get_target_version}, 1902 {DM_MPATH_PROBE_PATHS_CMD, 0, NULL}, /* block device ioctl */ 1903 }; 1904 1905 if (unlikely(cmd >= ARRAY_SIZE(_ioctls))) 1906 return NULL; 1907 1908 cmd = array_index_nospec(cmd, ARRAY_SIZE(_ioctls)); 1909 *ioctl_flags = _ioctls[cmd].flags; 1910 return _ioctls[cmd].fn; 1911 } 1912 1913 /* 1914 * As well as checking the version compatibility this always 1915 * copies the kernel interface version out. 1916 */ 1917 static int check_version(unsigned int cmd, struct dm_ioctl __user *user, 1918 struct dm_ioctl *kernel_params) 1919 { 1920 int r = 0; 1921 1922 /* Make certain version is first member of dm_ioctl struct */ 1923 BUILD_BUG_ON(offsetof(struct dm_ioctl, version) != 0); 1924 1925 if (copy_from_user(kernel_params->version, user->version, sizeof(kernel_params->version))) 1926 return -EFAULT; 1927 1928 if ((kernel_params->version[0] != DM_VERSION_MAJOR) || 1929 (kernel_params->version[1] > DM_VERSION_MINOR)) { 1930 DMERR_LIMIT("ioctl interface mismatch: kernel(%u.%u.%u), user(%u.%u.%u), cmd(%d)", 1931 DM_VERSION_MAJOR, DM_VERSION_MINOR, 1932 DM_VERSION_PATCHLEVEL, 1933 kernel_params->version[0], 1934 kernel_params->version[1], 1935 kernel_params->version[2], 1936 cmd); 1937 r = -EINVAL; 1938 } 1939 1940 /* 1941 * Fill in the kernel version. 1942 */ 1943 kernel_params->version[0] = DM_VERSION_MAJOR; 1944 kernel_params->version[1] = DM_VERSION_MINOR; 1945 kernel_params->version[2] = DM_VERSION_PATCHLEVEL; 1946 if (copy_to_user(user->version, kernel_params->version, sizeof(kernel_params->version))) 1947 return -EFAULT; 1948 1949 return r; 1950 } 1951 1952 #define DM_PARAMS_MALLOC 0x0001 /* Params allocated with kvmalloc() */ 1953 #define DM_WIPE_BUFFER 0x0010 /* Wipe input buffer before returning from ioctl */ 1954 1955 static void free_params(struct dm_ioctl *param, size_t param_size, int param_flags) 1956 { 1957 if (param_flags & DM_WIPE_BUFFER) 1958 memset(param, 0, param_size); 1959 1960 if (param_flags & DM_PARAMS_MALLOC) 1961 kvfree(param); 1962 } 1963 1964 static int copy_params(struct dm_ioctl __user *user, struct dm_ioctl *param_kernel, 1965 int ioctl_flags, struct dm_ioctl **param, int *param_flags) 1966 { 1967 struct dm_ioctl *dmi; 1968 int secure_data; 1969 const size_t minimum_data_size = offsetof(struct dm_ioctl, data); 1970 1971 /* check_version() already copied version from userspace, avoid TOCTOU */ 1972 if (copy_from_user((char *)param_kernel + sizeof(param_kernel->version), 1973 (char __user *)user + sizeof(param_kernel->version), 1974 minimum_data_size - sizeof(param_kernel->version))) 1975 return -EFAULT; 1976 1977 if (unlikely(param_kernel->data_size < minimum_data_size) || 1978 unlikely(param_kernel->data_size > DM_MAX_TARGETS * DM_MAX_TARGET_PARAMS)) { 1979 DMERR_LIMIT("Invalid data size in the ioctl structure: %u", 1980 param_kernel->data_size); 1981 return -EINVAL; 1982 } 1983 1984 secure_data = param_kernel->flags & DM_SECURE_DATA_FLAG; 1985 1986 *param_flags = secure_data ? DM_WIPE_BUFFER : 0; 1987 1988 if (ioctl_flags & IOCTL_FLAGS_NO_PARAMS) { 1989 dmi = param_kernel; 1990 dmi->data_size = minimum_data_size; 1991 goto data_copied; 1992 } 1993 1994 /* 1995 * Use __GFP_HIGH to avoid low memory issues when a device is 1996 * suspended and the ioctl is needed to resume it. 1997 * Use kmalloc() rather than vmalloc() when we can. 1998 */ 1999 dmi = NULL; 2000 dmi = kvmalloc(param_kernel->data_size, GFP_NOIO | __GFP_HIGH); 2001 2002 if (!dmi) { 2003 if (secure_data && clear_user(user, param_kernel->data_size)) 2004 return -EFAULT; 2005 return -ENOMEM; 2006 } 2007 2008 *param_flags |= DM_PARAMS_MALLOC; 2009 2010 /* Copy from param_kernel (which was already copied from user) */ 2011 memcpy(dmi, param_kernel, minimum_data_size); 2012 2013 if (copy_from_user(&dmi->data, (char __user *)user + minimum_data_size, 2014 param_kernel->data_size - minimum_data_size)) 2015 goto bad; 2016 data_copied: 2017 /* Wipe the user buffer so we do not return it to userspace */ 2018 if (secure_data && clear_user(user, param_kernel->data_size)) 2019 goto bad; 2020 2021 *param = dmi; 2022 return 0; 2023 2024 bad: 2025 free_params(dmi, param_kernel->data_size, *param_flags); 2026 2027 return -EFAULT; 2028 } 2029 2030 static int validate_params(uint cmd, struct dm_ioctl *param) 2031 { 2032 /* Always clear this flag */ 2033 param->flags &= ~DM_BUFFER_FULL_FLAG; 2034 param->flags &= ~DM_UEVENT_GENERATED_FLAG; 2035 param->flags &= ~DM_SECURE_DATA_FLAG; 2036 param->flags &= ~DM_DATA_OUT_FLAG; 2037 2038 /* Ignores parameters */ 2039 if (cmd == DM_REMOVE_ALL_CMD || 2040 cmd == DM_LIST_DEVICES_CMD || 2041 cmd == DM_LIST_VERSIONS_CMD) 2042 return 0; 2043 2044 if (cmd == DM_DEV_CREATE_CMD) { 2045 if (!*param->name) { 2046 DMERR("name not supplied when creating device"); 2047 return -EINVAL; 2048 } 2049 } else if (*param->uuid && *param->name) { 2050 DMERR("only supply one of name or uuid, cmd(%u)", cmd); 2051 return -EINVAL; 2052 } 2053 2054 /* Ensure strings are terminated */ 2055 param->name[DM_NAME_LEN - 1] = '\0'; 2056 param->uuid[DM_UUID_LEN - 1] = '\0'; 2057 2058 return 0; 2059 } 2060 2061 static int ctl_ioctl(struct file *file, uint command, struct dm_ioctl __user *user) 2062 { 2063 int r = 0; 2064 int ioctl_flags; 2065 int param_flags; 2066 unsigned int cmd; 2067 struct dm_ioctl *param; 2068 ioctl_fn fn = NULL; 2069 size_t input_param_size; 2070 struct dm_ioctl param_kernel; 2071 2072 /* only root can play with this */ 2073 if (!capable(CAP_SYS_ADMIN)) 2074 return -EACCES; 2075 2076 if (_IOC_TYPE(command) != DM_IOCTL) 2077 return -ENOTTY; 2078 2079 cmd = _IOC_NR(command); 2080 2081 /* 2082 * Check the interface version passed in. This also 2083 * writes out the kernel's interface version. 2084 */ 2085 r = check_version(cmd, user, ¶m_kernel); 2086 if (r) 2087 return r; 2088 2089 /* 2090 * Nothing more to do for the version command. 2091 */ 2092 if (cmd == DM_VERSION_CMD) 2093 return 0; 2094 2095 fn = lookup_ioctl(cmd, &ioctl_flags); 2096 if (!fn) { 2097 DMERR("dm_ctl_ioctl: unknown command 0x%x", command); 2098 return -ENOTTY; 2099 } 2100 2101 /* 2102 * Copy the parameters into kernel space. 2103 */ 2104 r = copy_params(user, ¶m_kernel, ioctl_flags, ¶m, ¶m_flags); 2105 2106 if (r) 2107 return r; 2108 2109 input_param_size = param->data_size; 2110 r = validate_params(cmd, param); 2111 if (r) 2112 goto out; 2113 2114 param->data_size = offsetof(struct dm_ioctl, data); 2115 r = fn(file, param, input_param_size); 2116 2117 if (unlikely(param->flags & DM_BUFFER_FULL_FLAG) && 2118 unlikely(ioctl_flags & IOCTL_FLAGS_NO_PARAMS)) 2119 DMERR("ioctl %d tried to output some data but has IOCTL_FLAGS_NO_PARAMS set", cmd); 2120 2121 if (!r && ioctl_flags & IOCTL_FLAGS_ISSUE_GLOBAL_EVENT) 2122 dm_issue_global_event(); 2123 2124 /* 2125 * Copy the results back to userland. 2126 */ 2127 if (!r && copy_to_user(user, param, param->data_size)) 2128 r = -EFAULT; 2129 2130 out: 2131 free_params(param, input_param_size, param_flags); 2132 return r; 2133 } 2134 2135 static long dm_ctl_ioctl(struct file *file, uint command, ulong u) 2136 { 2137 return (long)ctl_ioctl(file, command, (struct dm_ioctl __user *)u); 2138 } 2139 2140 #ifdef CONFIG_COMPAT 2141 static long dm_compat_ctl_ioctl(struct file *file, uint command, ulong u) 2142 { 2143 return (long)dm_ctl_ioctl(file, command, (ulong) compat_ptr(u)); 2144 } 2145 #else 2146 #define dm_compat_ctl_ioctl NULL 2147 #endif 2148 2149 static int dm_open(struct inode *inode, struct file *filp) 2150 { 2151 int r; 2152 struct dm_file *priv; 2153 2154 r = nonseekable_open(inode, filp); 2155 if (unlikely(r)) 2156 return r; 2157 2158 priv = filp->private_data = kmalloc_obj(struct dm_file); 2159 if (!priv) 2160 return -ENOMEM; 2161 2162 priv->global_event_nr = atomic_read(&dm_global_event_nr); 2163 2164 return 0; 2165 } 2166 2167 static int dm_release(struct inode *inode, struct file *filp) 2168 { 2169 kfree(filp->private_data); 2170 return 0; 2171 } 2172 2173 static __poll_t dm_poll(struct file *filp, poll_table *wait) 2174 { 2175 struct dm_file *priv = filp->private_data; 2176 __poll_t mask = 0; 2177 2178 poll_wait(filp, &dm_global_eventq, wait); 2179 2180 if ((int)(atomic_read(&dm_global_event_nr) - priv->global_event_nr) > 0) 2181 mask |= EPOLLIN; 2182 2183 return mask; 2184 } 2185 2186 static const struct file_operations _ctl_fops = { 2187 .open = dm_open, 2188 .release = dm_release, 2189 .poll = dm_poll, 2190 .unlocked_ioctl = dm_ctl_ioctl, 2191 .compat_ioctl = dm_compat_ctl_ioctl, 2192 .owner = THIS_MODULE, 2193 .llseek = noop_llseek, 2194 }; 2195 2196 static struct miscdevice _dm_misc = { 2197 .minor = MAPPER_CTRL_MINOR, 2198 .name = DM_NAME, 2199 .nodename = DM_DIR "/" DM_CONTROL_NODE, 2200 .fops = &_ctl_fops 2201 }; 2202 2203 MODULE_ALIAS_MISCDEV(MAPPER_CTRL_MINOR); 2204 MODULE_ALIAS("devname:" DM_DIR "/" DM_CONTROL_NODE); 2205 2206 /* 2207 * Create misc character device and link to DM_DIR/control. 2208 */ 2209 int __init dm_interface_init(void) 2210 { 2211 int r; 2212 2213 r = misc_register(&_dm_misc); 2214 if (r) { 2215 DMERR("misc_register failed for control device"); 2216 return r; 2217 } 2218 2219 DMINFO("%d.%d.%d%s initialised: %s", DM_VERSION_MAJOR, 2220 DM_VERSION_MINOR, DM_VERSION_PATCHLEVEL, DM_VERSION_EXTRA, 2221 DM_DRIVER_EMAIL); 2222 return 0; 2223 } 2224 2225 void dm_interface_exit(void) 2226 { 2227 misc_deregister(&_dm_misc); 2228 dm_hash_exit(); 2229 } 2230 2231 /** 2232 * dm_copy_name_and_uuid - Copy mapped device name & uuid into supplied buffers 2233 * @md: Pointer to mapped_device 2234 * @name: Buffer (size DM_NAME_LEN) for name 2235 * @uuid: Buffer (size DM_UUID_LEN) for uuid or empty string if uuid not defined 2236 */ 2237 int dm_copy_name_and_uuid(struct mapped_device *md, char *name, char *uuid) 2238 { 2239 int r = 0; 2240 struct hash_cell *hc; 2241 2242 if (!md) 2243 return -ENXIO; 2244 2245 mutex_lock(&dm_hash_cells_mutex); 2246 hc = dm_get_mdptr(md); 2247 if (!hc) { 2248 r = -ENXIO; 2249 goto out; 2250 } 2251 2252 if (name) 2253 strcpy(name, hc->name); 2254 if (uuid) 2255 strcpy(uuid, hc->uuid ? : ""); 2256 2257 out: 2258 mutex_unlock(&dm_hash_cells_mutex); 2259 2260 return r; 2261 } 2262 EXPORT_SYMBOL_GPL(dm_copy_name_and_uuid); 2263 2264 /** 2265 * dm_early_create - create a mapped device in early boot. 2266 * 2267 * @dmi: Contains main information of the device mapping to be created. 2268 * @spec_array: array of pointers to struct dm_target_spec. Describes the 2269 * mapping table of the device. 2270 * @target_params_array: array of strings with the parameters to a specific 2271 * target. 2272 * 2273 * Instead of having the struct dm_target_spec and the parameters for every 2274 * target embedded at the end of struct dm_ioctl (as performed in a normal 2275 * ioctl), pass them as arguments, so the caller doesn't need to serialize them. 2276 * The size of the spec_array and target_params_array is given by 2277 * @dmi->target_count. 2278 * This function is supposed to be called in early boot, so locking mechanisms 2279 * to protect against concurrent loads are not required. 2280 */ 2281 int __init dm_early_create(struct dm_ioctl *dmi, 2282 struct dm_target_spec **spec_array, 2283 char **target_params_array) 2284 { 2285 int r, m = DM_ANY_MINOR; 2286 struct dm_table *t, *old_map; 2287 struct mapped_device *md; 2288 unsigned int i; 2289 2290 if (!dmi->target_count) 2291 return -EINVAL; 2292 2293 r = check_name(dmi->name); 2294 if (r) 2295 return r; 2296 2297 if (dmi->flags & DM_PERSISTENT_DEV_FLAG) 2298 m = MINOR(huge_decode_dev(dmi->dev)); 2299 2300 /* alloc dm device */ 2301 r = dm_create(m, &md); 2302 if (r) 2303 return r; 2304 2305 /* hash insert */ 2306 r = dm_hash_insert(dmi->name, *dmi->uuid ? dmi->uuid : NULL, md); 2307 if (r) 2308 goto err_destroy_dm; 2309 2310 /* alloc table */ 2311 r = dm_table_create(&t, get_mode(dmi), dmi->target_count, md); 2312 if (r) 2313 goto err_hash_remove; 2314 2315 /* add targets */ 2316 for (i = 0; i < dmi->target_count; i++) { 2317 r = dm_table_add_target(t, spec_array[i]->target_type, 2318 (sector_t) spec_array[i]->sector_start, 2319 (sector_t) spec_array[i]->length, 2320 target_params_array[i]); 2321 if (r) { 2322 DMERR("error adding target to table"); 2323 goto err_destroy_table; 2324 } 2325 } 2326 2327 /* finish table */ 2328 r = dm_table_complete(t); 2329 if (r) 2330 goto err_destroy_table; 2331 2332 /* setup md->queue to reflect md's type (may block) */ 2333 r = dm_setup_md_queue(md, t); 2334 if (r) { 2335 DMERR("unable to set up device queue for new table."); 2336 goto err_destroy_table; 2337 } 2338 2339 /* Set new map */ 2340 dm_suspend(md, 0); 2341 old_map = dm_swap_table(md, t); 2342 if (IS_ERR(old_map)) { 2343 r = PTR_ERR(old_map); 2344 goto err_destroy_table; 2345 } 2346 set_disk_ro(dm_disk(md), !!(dmi->flags & DM_READONLY_FLAG)); 2347 2348 /* resume device */ 2349 r = dm_resume(md); 2350 if (r) 2351 goto err_destroy_table; 2352 2353 DMINFO("%s (%s) is ready", md->disk->disk_name, dmi->name); 2354 dm_put(md); 2355 return 0; 2356 2357 err_destroy_table: 2358 dm_table_destroy(t); 2359 err_hash_remove: 2360 down_write(&_hash_lock); 2361 (void) __hash_remove(__get_name_cell(dmi->name)); 2362 up_write(&_hash_lock); 2363 /* release reference from __get_name_cell */ 2364 dm_put(md); 2365 err_destroy_dm: 2366 dm_put(md); 2367 dm_destroy(md); 2368 return r; 2369 } 2370