1 /*- 2 * Copyright (c) 2002 Poul-Henning Kamp 3 * Copyright (c) 2002 Networks Associates Technology, Inc. 4 * All rights reserved. 5 * 6 * This software was developed for the FreeBSD Project by Poul-Henning Kamp 7 * and NAI Labs, the Security Research Division of Network Associates, Inc. 8 * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 9 * DARPA CHATS research program. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. The names of the authors may not be used to endorse or promote 20 * products derived from this software without specific prior written 21 * permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/cdefs.h> 37 __FBSDID("$FreeBSD$"); 38 39 #include <sys/param.h> 40 #include <sys/systm.h> 41 #include <sys/malloc.h> 42 #include <sys/kernel.h> 43 #include <sys/conf.h> 44 #include <sys/ctype.h> 45 #include <sys/bio.h> 46 #include <sys/lock.h> 47 #include <sys/mutex.h> 48 #include <sys/proc.h> 49 #include <sys/errno.h> 50 #include <sys/time.h> 51 #include <sys/disk.h> 52 #include <sys/fcntl.h> 53 #include <sys/limits.h> 54 #include <geom/geom.h> 55 #include <geom/geom_int.h> 56 #include <machine/stdarg.h> 57 58 /* 59 * Use the consumer private field to reference a physdev alias (if any). 60 */ 61 #define cp_alias_dev private 62 63 static d_open_t g_dev_open; 64 static d_close_t g_dev_close; 65 static d_strategy_t g_dev_strategy; 66 static d_ioctl_t g_dev_ioctl; 67 68 static struct cdevsw g_dev_cdevsw = { 69 .d_version = D_VERSION, 70 .d_open = g_dev_open, 71 .d_close = g_dev_close, 72 .d_read = physread, 73 .d_write = physwrite, 74 .d_ioctl = g_dev_ioctl, 75 .d_strategy = g_dev_strategy, 76 .d_name = "g_dev", 77 .d_flags = D_DISK | D_TRACKCLOSE, 78 }; 79 80 static g_taste_t g_dev_taste; 81 static g_orphan_t g_dev_orphan; 82 static g_attrchanged_t g_dev_attrchanged; 83 84 static struct g_class g_dev_class = { 85 .name = "DEV", 86 .version = G_VERSION, 87 .taste = g_dev_taste, 88 .orphan = g_dev_orphan, 89 .attrchanged = g_dev_attrchanged 90 }; 91 92 void 93 g_dev_print(void) 94 { 95 struct g_geom *gp; 96 char const *p = ""; 97 98 LIST_FOREACH(gp, &g_dev_class.geom, geom) { 99 printf("%s%s", p, gp->name); 100 p = " "; 101 } 102 printf("\n"); 103 } 104 105 static void 106 g_dev_attrchanged(struct g_consumer *cp, const char *attr) 107 { 108 109 if (strcmp(attr, "GEOM::physpath") != 0) 110 return; 111 112 if (g_access(cp, 1, 0, 0) == 0) { 113 char *physpath; 114 int error, physpath_len; 115 116 physpath_len = MAXPATHLEN; 117 physpath = g_malloc(physpath_len, M_WAITOK|M_ZERO); 118 error = 119 g_io_getattr("GEOM::physpath", cp, &physpath_len, physpath); 120 g_access(cp, -1, 0, 0); 121 if (error == 0 && strlen(physpath) != 0) { 122 struct cdev *dev; 123 struct cdev *old_alias_dev; 124 struct cdev **alias_devp; 125 126 dev = cp->geom->softc; 127 old_alias_dev = cp->cp_alias_dev; 128 alias_devp = (struct cdev **)&cp->cp_alias_dev; 129 make_dev_physpath_alias(MAKEDEV_WAITOK, alias_devp, 130 dev, old_alias_dev, physpath); 131 } else if (cp->cp_alias_dev) { 132 destroy_dev((struct cdev *)cp->cp_alias_dev); 133 cp->cp_alias_dev = NULL; 134 } 135 g_free(physpath); 136 } 137 } 138 139 struct g_provider * 140 g_dev_getprovider(struct cdev *dev) 141 { 142 struct g_consumer *cp; 143 144 g_topology_assert(); 145 if (dev == NULL) 146 return (NULL); 147 if (dev->si_devsw != &g_dev_cdevsw) 148 return (NULL); 149 cp = dev->si_drv2; 150 return (cp->provider); 151 } 152 153 static struct g_geom * 154 g_dev_taste(struct g_class *mp, struct g_provider *pp, int insist __unused) 155 { 156 struct g_geom *gp; 157 struct g_consumer *cp; 158 int error, len; 159 struct cdev *dev, *adev; 160 char buf[64], *val; 161 162 g_trace(G_T_TOPOLOGY, "dev_taste(%s,%s)", mp->name, pp->name); 163 g_topology_assert(); 164 LIST_FOREACH(cp, &pp->consumers, consumers) 165 if (cp->geom->class == mp) 166 return (NULL); 167 gp = g_new_geomf(mp, pp->name); 168 cp = g_new_consumer(gp); 169 error = g_attach(cp, pp); 170 KASSERT(error == 0, 171 ("g_dev_taste(%s) failed to g_attach, err=%d", pp->name, error)); 172 error = make_dev_p(MAKEDEV_CHECKNAME | MAKEDEV_WAITOK, &dev, 173 &g_dev_cdevsw, NULL, UID_ROOT, GID_OPERATOR, 0640, "%s", gp->name); 174 if (error != 0) { 175 printf("%s: make_dev_p() failed (gp->name=%s, error=%d)\n", 176 __func__, gp->name, error); 177 g_detach(cp); 178 g_destroy_consumer(cp); 179 g_destroy_geom(gp); 180 return (NULL); 181 } 182 183 /* Search for device alias name and create it if found. */ 184 adev = NULL; 185 for (len = MIN(strlen(gp->name), sizeof(buf) - 15); len > 0; len--) { 186 snprintf(buf, sizeof(buf), "kern.devalias.%s", gp->name); 187 buf[14 + len] = 0; 188 val = getenv(buf); 189 if (val != NULL) { 190 snprintf(buf, sizeof(buf), "%s%s", 191 val, gp->name + len); 192 freeenv(val); 193 make_dev_alias_p(MAKEDEV_CHECKNAME | MAKEDEV_WAITOK, 194 &adev, dev, "%s", buf); 195 break; 196 } 197 } 198 199 if (pp->flags & G_PF_CANDELETE) 200 dev->si_flags |= SI_CANDELETE; 201 dev->si_iosize_max = MAXPHYS; 202 gp->softc = dev; 203 dev->si_drv1 = gp; 204 dev->si_drv2 = cp; 205 if (adev != NULL) { 206 if (pp->flags & G_PF_CANDELETE) 207 adev->si_flags |= SI_CANDELETE; 208 adev->si_iosize_max = MAXPHYS; 209 adev->si_drv1 = gp; 210 adev->si_drv2 = cp; 211 } 212 213 g_dev_attrchanged(cp, "GEOM::physpath"); 214 215 return (gp); 216 } 217 218 static int 219 g_dev_open(struct cdev *dev, int flags, int fmt, struct thread *td) 220 { 221 struct g_geom *gp; 222 struct g_consumer *cp; 223 int error, r, w, e; 224 225 gp = dev->si_drv1; 226 cp = dev->si_drv2; 227 if (gp == NULL || cp == NULL || gp->softc != dev) 228 return(ENXIO); /* g_dev_taste() not done yet */ 229 230 g_trace(G_T_ACCESS, "g_dev_open(%s, %d, %d, %p)", 231 gp->name, flags, fmt, td); 232 233 r = flags & FREAD ? 1 : 0; 234 w = flags & FWRITE ? 1 : 0; 235 #ifdef notyet 236 e = flags & O_EXCL ? 1 : 0; 237 #else 238 e = 0; 239 #endif 240 if (w) { 241 /* 242 * When running in very secure mode, do not allow 243 * opens for writing of any disks. 244 */ 245 error = securelevel_ge(td->td_ucred, 2); 246 if (error) 247 return (error); 248 } 249 g_topology_lock(); 250 if (dev->si_devsw == NULL) 251 error = ENXIO; /* We were orphaned */ 252 else 253 error = g_access(cp, r, w, e); 254 g_topology_unlock(); 255 return(error); 256 } 257 258 static int 259 g_dev_close(struct cdev *dev, int flags, int fmt, struct thread *td) 260 { 261 struct g_geom *gp; 262 struct g_consumer *cp; 263 int error, r, w, e, i; 264 265 gp = dev->si_drv1; 266 cp = dev->si_drv2; 267 if (gp == NULL || cp == NULL) 268 return(ENXIO); 269 g_trace(G_T_ACCESS, "g_dev_close(%s, %d, %d, %p)", 270 gp->name, flags, fmt, td); 271 r = flags & FREAD ? -1 : 0; 272 w = flags & FWRITE ? -1 : 0; 273 #ifdef notyet 274 e = flags & O_EXCL ? -1 : 0; 275 #else 276 e = 0; 277 #endif 278 g_topology_lock(); 279 if (dev->si_devsw == NULL) 280 error = ENXIO; /* We were orphaned */ 281 else 282 error = g_access(cp, r, w, e); 283 for (i = 0; i < 10 * hz;) { 284 if (cp->acr != 0 || cp->acw != 0) 285 break; 286 if (cp->nstart == cp->nend) 287 break; 288 pause("gdevwclose", hz / 10); 289 i += hz / 10; 290 } 291 if (cp->acr == 0 && cp->acw == 0 && cp->nstart != cp->nend) { 292 printf("WARNING: Final close of geom_dev(%s) %s %s\n", 293 gp->name, 294 "still has outstanding I/O after 10 seconds.", 295 "Completing close anyway, panic may happen later."); 296 } 297 g_topology_unlock(); 298 return (error); 299 } 300 301 /* 302 * XXX: Until we have unmessed the ioctl situation, there is a race against 303 * XXX: a concurrent orphanization. We cannot close it by holding topology 304 * XXX: since that would prevent us from doing our job, and stalling events 305 * XXX: will break (actually: stall) the BSD disklabel hacks. 306 */ 307 static int 308 g_dev_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag, struct thread *td) 309 { 310 struct g_geom *gp; 311 struct g_consumer *cp; 312 struct g_provider *pp; 313 struct g_kerneldump kd; 314 off_t offset, length, chunk; 315 int i, error; 316 u_int u; 317 318 gp = dev->si_drv1; 319 cp = dev->si_drv2; 320 pp = cp->provider; 321 322 error = 0; 323 KASSERT(cp->acr || cp->acw, 324 ("Consumer with zero access count in g_dev_ioctl")); 325 326 i = IOCPARM_LEN(cmd); 327 switch (cmd) { 328 case DIOCGSECTORSIZE: 329 *(u_int *)data = cp->provider->sectorsize; 330 if (*(u_int *)data == 0) 331 error = ENOENT; 332 break; 333 case DIOCGMEDIASIZE: 334 *(off_t *)data = cp->provider->mediasize; 335 if (*(off_t *)data == 0) 336 error = ENOENT; 337 break; 338 case DIOCGFWSECTORS: 339 error = g_io_getattr("GEOM::fwsectors", cp, &i, data); 340 if (error == 0 && *(u_int *)data == 0) 341 error = ENOENT; 342 break; 343 case DIOCGFWHEADS: 344 error = g_io_getattr("GEOM::fwheads", cp, &i, data); 345 if (error == 0 && *(u_int *)data == 0) 346 error = ENOENT; 347 break; 348 case DIOCGFRONTSTUFF: 349 error = g_io_getattr("GEOM::frontstuff", cp, &i, data); 350 break; 351 case DIOCSKERNELDUMP: 352 u = *((u_int *)data); 353 if (!u) { 354 set_dumper(NULL); 355 error = 0; 356 break; 357 } 358 kd.offset = 0; 359 kd.length = OFF_MAX; 360 i = sizeof kd; 361 error = g_io_getattr("GEOM::kerneldump", cp, &i, &kd); 362 if (!error) { 363 error = set_dumper(&kd.di); 364 if (!error) 365 dev->si_flags |= SI_DUMPDEV; 366 } 367 break; 368 case DIOCGFLUSH: 369 error = g_io_flush(cp); 370 break; 371 case DIOCGDELETE: 372 offset = ((off_t *)data)[0]; 373 length = ((off_t *)data)[1]; 374 if ((offset % cp->provider->sectorsize) != 0 || 375 (length % cp->provider->sectorsize) != 0 || length <= 0) { 376 printf("%s: offset=%jd length=%jd\n", __func__, offset, 377 length); 378 error = EINVAL; 379 break; 380 } 381 while (length > 0) { 382 chunk = length; 383 if (chunk > 65536 * cp->provider->sectorsize) 384 chunk = 65536 * cp->provider->sectorsize; 385 error = g_delete_data(cp, offset, chunk); 386 length -= chunk; 387 offset += chunk; 388 if (error) 389 break; 390 /* 391 * Since the request size is unbounded, the service 392 * time is likewise. We make this ioctl interruptible 393 * by checking for signals for each bio. 394 */ 395 if (SIGPENDING(td)) 396 break; 397 } 398 break; 399 case DIOCGIDENT: 400 error = g_io_getattr("GEOM::ident", cp, &i, data); 401 break; 402 case DIOCGPROVIDERNAME: 403 if (pp == NULL) 404 return (ENOENT); 405 strlcpy(data, pp->name, i); 406 break; 407 case DIOCGSTRIPESIZE: 408 *(off_t *)data = cp->provider->stripesize; 409 break; 410 case DIOCGSTRIPEOFFSET: 411 *(off_t *)data = cp->provider->stripeoffset; 412 break; 413 case DIOCGPHYSPATH: 414 error = g_io_getattr("GEOM::physpath", cp, &i, data); 415 if (error == 0 && *(char *)data == '\0') 416 error = ENOENT; 417 break; 418 default: 419 if (cp->provider->geom->ioctl != NULL) { 420 error = cp->provider->geom->ioctl(cp->provider, cmd, data, fflag, td); 421 } else { 422 error = ENOIOCTL; 423 } 424 } 425 426 return (error); 427 } 428 429 static void 430 g_dev_done(struct bio *bp2) 431 { 432 struct bio *bp; 433 434 bp = bp2->bio_parent; 435 bp->bio_error = bp2->bio_error; 436 if (bp->bio_error != 0) { 437 g_trace(G_T_BIO, "g_dev_done(%p) had error %d", 438 bp2, bp->bio_error); 439 bp->bio_flags |= BIO_ERROR; 440 } else { 441 g_trace(G_T_BIO, "g_dev_done(%p/%p) resid %ld completed %jd", 442 bp2, bp, bp->bio_resid, (intmax_t)bp2->bio_completed); 443 } 444 bp->bio_resid = bp->bio_length - bp2->bio_completed; 445 bp->bio_completed = bp2->bio_completed; 446 g_destroy_bio(bp2); 447 biodone(bp); 448 } 449 450 static void 451 g_dev_strategy(struct bio *bp) 452 { 453 struct g_consumer *cp; 454 struct bio *bp2; 455 struct cdev *dev; 456 457 KASSERT(bp->bio_cmd == BIO_READ || 458 bp->bio_cmd == BIO_WRITE || 459 bp->bio_cmd == BIO_DELETE, 460 ("Wrong bio_cmd bio=%p cmd=%d", bp, bp->bio_cmd)); 461 dev = bp->bio_dev; 462 cp = dev->si_drv2; 463 KASSERT(cp->acr || cp->acw, 464 ("Consumer with zero access count in g_dev_strategy")); 465 #ifdef INVARIANTS 466 if ((bp->bio_offset % cp->provider->sectorsize) != 0 || 467 (bp->bio_bcount % cp->provider->sectorsize) != 0) { 468 bp->bio_resid = bp->bio_bcount; 469 biofinish(bp, NULL, EINVAL); 470 return; 471 } 472 #endif 473 for (;;) { 474 /* 475 * XXX: This is not an ideal solution, but I belive it to 476 * XXX: deadlock safe, all things considered. 477 */ 478 bp2 = g_clone_bio(bp); 479 if (bp2 != NULL) 480 break; 481 pause("gdstrat", hz / 10); 482 } 483 KASSERT(bp2 != NULL, ("XXX: ENOMEM in a bad place")); 484 bp2->bio_done = g_dev_done; 485 g_trace(G_T_BIO, 486 "g_dev_strategy(%p/%p) offset %jd length %jd data %p cmd %d", 487 bp, bp2, (intmax_t)bp->bio_offset, (intmax_t)bp2->bio_length, 488 bp2->bio_data, bp2->bio_cmd); 489 g_io_request(bp2, cp); 490 KASSERT(cp->acr || cp->acw, 491 ("g_dev_strategy raced with g_dev_close and lost")); 492 493 } 494 495 /* 496 * g_dev_orphan() 497 * 498 * Called from below when the provider orphaned us. 499 * - Clear any dump settings. 500 * - Destroy the struct cdev *to prevent any more request from coming in. The 501 * provider is already marked with an error, so anything which comes in 502 * in the interrim will be returned immediately. 503 * - Wait for any outstanding I/O to finish. 504 * - Set our access counts to zero, whatever they were. 505 * - Detach and self-destruct. 506 */ 507 508 static void 509 g_dev_orphan(struct g_consumer *cp) 510 { 511 struct g_geom *gp; 512 struct cdev *dev; 513 514 g_topology_assert(); 515 gp = cp->geom; 516 dev = gp->softc; 517 g_trace(G_T_TOPOLOGY, "g_dev_orphan(%p(%s))", cp, gp->name); 518 519 /* Reset any dump-area set on this device */ 520 if (dev->si_flags & SI_DUMPDEV) 521 set_dumper(NULL); 522 523 /* Destroy the struct cdev *so we get no more requests */ 524 destroy_dev(dev); 525 526 /* Wait for the cows to come home */ 527 while (cp->nstart != cp->nend) 528 pause("gdevorphan", hz / 10); 529 530 if (cp->acr > 0 || cp->acw > 0 || cp->ace > 0) 531 g_access(cp, -cp->acr, -cp->acw, -cp->ace); 532 533 g_detach(cp); 534 g_destroy_consumer(cp); 535 g_destroy_geom(gp); 536 } 537 538 DECLARE_GEOM_CLASS(g_dev_class, g_dev); 539