1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. 23 * 24 * Copyright 2013 Nexenta Systems, Inc. All rights reserved. 25 * Copyright (c) 2016 Andrey Sokolov 26 * Copyright 2016 Toomas Soome <tsoome@me.com> 27 */ 28 29 /* 30 * lofi (loopback file) driver - allows you to attach a file to a device, 31 * which can then be accessed through that device. The simple model is that 32 * you tell lofi to open a file, and then use the block device you get as 33 * you would any block device. lofi translates access to the block device 34 * into I/O on the underlying file. This is mostly useful for 35 * mounting images of filesystems. 36 * 37 * lofi is controlled through /dev/lofictl - this is the only device exported 38 * during attach, and is instance number 0. lofiadm communicates with lofi 39 * through ioctls on this device. When a file is attached to lofi, block and 40 * character devices are exported in /dev/lofi and /dev/rlofi. These devices 41 * are identified by lofi instance number, and the instance number is also used 42 * as the name in /dev/lofi. 43 * 44 * Virtual disks, or, labeled lofi, implements virtual disk support to 45 * support partition table and related tools. Such mappings will cause 46 * block and character devices to be exported in /dev/dsk and /dev/rdsk 47 * directories. 48 * 49 * To support virtual disks, the instance number space is divided to two 50 * parts, upper part for instance number and lower part for minor number 51 * space to identify partitions and slices. The virtual disk support is 52 * implemented by stacking cmlb module. For virtual disks, the partition 53 * related ioctl calls are routed to cmlb module. Compression and encryption 54 * is not supported for virtual disks. 55 * 56 * Mapped devices are tracked with state structures handled with 57 * ddi_soft_state(9F) for simplicity. 58 * 59 * A file attached to lofi is opened when attached and not closed until 60 * explicitly detached from lofi. This seems more sensible than deferring 61 * the open until the /dev/lofi device is opened, for a number of reasons. 62 * One is that any failure is likely to be noticed by the person (or script) 63 * running lofiadm. Another is that it would be a security problem if the 64 * file was replaced by another one after being added but before being opened. 65 * 66 * The only hard part about lofi is the ioctls. In order to support things 67 * like 'newfs' on a lofi device, it needs to support certain disk ioctls. 68 * So it has to fake disk geometry and partition information. More may need 69 * to be faked if your favorite utility doesn't work and you think it should 70 * (fdformat doesn't work because it really wants to know the type of floppy 71 * controller to talk to, and that didn't seem easy to fake. Or possibly even 72 * necessary, since we have mkfs_pcfs now). 73 * 74 * Normally, a lofi device cannot be detached if it is open (i.e. busy). To 75 * support simulation of hotplug events, an optional force flag is provided. 76 * If a lofi device is open when a force detach is requested, then the 77 * underlying file is closed and any subsequent operations return EIO. When the 78 * device is closed for the last time, it will be cleaned up at that time. In 79 * addition, the DKIOCSTATE ioctl will return DKIO_DEV_GONE when the device is 80 * detached but not removed. 81 * 82 * If detach was requested and lofi device is not open, we will perform 83 * unmap and remove the lofi instance. 84 * 85 * If the lofi device is open and the li_cleanup is set on ioctl request, 86 * we set ls_cleanup flag to notify the cleanup is requested, and the 87 * last lofi_close will perform the unmapping and this lofi instance will be 88 * removed. 89 * 90 * If the lofi device is open and the li_force is set on ioctl request, 91 * we set ls_cleanup flag to notify the cleanup is requested, 92 * we also set ls_vp_closereq to notify IO tasks to return EIO on new 93 * IO requests and wait in process IO count to become 0, indicating there 94 * are no more IO requests. Since ls_cleanup is set, the last lofi_close 95 * will perform unmap and this lofi instance will be removed. 96 * See also lofi_unmap_file() for details. 97 * 98 * Once ls_cleanup is set for the instance, we do not allow lofi_open() 99 * calls to succeed and can have last lofi_close() to remove the instance. 100 * 101 * Known problems: 102 * 103 * UFS logging. Mounting a UFS filesystem image "logging" 104 * works for basic copy testing but wedges during a build of ON through 105 * that image. Some deadlock in lufs holding the log mutex and then 106 * getting stuck on a buf. So for now, don't do that. 107 * 108 * Direct I/O. Since the filesystem data is being cached in the buffer 109 * cache, _and_ again in the underlying filesystem, it's tempting to 110 * enable direct I/O on the underlying file. Don't, because that deadlocks. 111 * I think to fix the cache-twice problem we might need filesystem support. 112 * 113 * Interesting things to do: 114 * 115 * Allow multiple files for each device. A poor-man's metadisk, basically. 116 * 117 * Pass-through ioctls on block devices. You can (though it's not 118 * documented), give lofi a block device as a file name. Then we shouldn't 119 * need to fake a geometry, however, it may be relevant if you're replacing 120 * metadisk, or using lofi to get crypto. 121 * It makes sense to do lofiadm -c aes -a /dev/dsk/c0t0d0s4 /dev/lofi/1 122 * and then in /etc/vfstab have an entry for /dev/lofi/1 as /export/home. 123 * In fact this even makes sense if you have lofi "above" metadisk. 124 * 125 * Encryption: 126 * Each lofi device can have its own symmetric key and cipher. 127 * They are passed to us by lofiadm(1m) in the correct format for use 128 * with the misc/kcf crypto_* routines. 129 * 130 * Each block has its own IV, that is calculated in lofi_blk_mech(), based 131 * on the "master" key held in the lsp and the block number of the buffer. 132 */ 133 134 #include <sys/types.h> 135 #include <netinet/in.h> 136 #include <sys/sysmacros.h> 137 #include <sys/uio.h> 138 #include <sys/kmem.h> 139 #include <sys/cred.h> 140 #include <sys/mman.h> 141 #include <sys/errno.h> 142 #include <sys/aio_req.h> 143 #include <sys/stat.h> 144 #include <sys/file.h> 145 #include <sys/modctl.h> 146 #include <sys/conf.h> 147 #include <sys/debug.h> 148 #include <sys/vnode.h> 149 #include <sys/lofi.h> 150 #include <sys/lofi_impl.h> /* for cache structure */ 151 #include <sys/fcntl.h> 152 #include <sys/pathname.h> 153 #include <sys/filio.h> 154 #include <sys/fdio.h> 155 #include <sys/open.h> 156 #include <sys/disp.h> 157 #include <vm/seg_map.h> 158 #include <sys/ddi.h> 159 #include <sys/sunddi.h> 160 #include <sys/zmod.h> 161 #include <sys/id_space.h> 162 #include <sys/mkdev.h> 163 #include <sys/crypto/common.h> 164 #include <sys/crypto/api.h> 165 #include <sys/rctl.h> 166 #include <sys/vtoc.h> 167 #include <sys/scsi/scsi.h> /* for DTYPE_DIRECT */ 168 #include <sys/scsi/impl/uscsi.h> 169 #include <sys/sysevent/dev.h> 170 #include <LzmaDec.h> 171 172 #define NBLOCKS_PROP_NAME "Nblocks" 173 #define SIZE_PROP_NAME "Size" 174 #define ZONE_PROP_NAME "zone" 175 176 #define SETUP_C_DATA(cd, buf, len) \ 177 (cd).cd_format = CRYPTO_DATA_RAW; \ 178 (cd).cd_offset = 0; \ 179 (cd).cd_miscdata = NULL; \ 180 (cd).cd_length = (len); \ 181 (cd).cd_raw.iov_base = (buf); \ 182 (cd).cd_raw.iov_len = (len); 183 184 #define UIO_CHECK(uio) \ 185 if (((uio)->uio_loffset % DEV_BSIZE) != 0 || \ 186 ((uio)->uio_resid % DEV_BSIZE) != 0) { \ 187 return (EINVAL); \ 188 } 189 190 #define LOFI_TIMEOUT 30 191 192 static void *lofi_statep; 193 static kmutex_t lofi_lock; /* state lock */ 194 static id_space_t *lofi_id; /* lofi ID values */ 195 static list_t lofi_list; 196 static zone_key_t lofi_zone_key; 197 198 /* 199 * Because lofi_taskq_nthreads limits the actual swamping of the device, the 200 * maxalloc parameter (lofi_taskq_maxalloc) should be tuned conservatively 201 * high. If we want to be assured that the underlying device is always busy, 202 * we must be sure that the number of bytes enqueued when the number of 203 * enqueued tasks exceeds maxalloc is sufficient to keep the device busy for 204 * the duration of the sleep time in taskq_ent_alloc(). That is, lofi should 205 * set maxalloc to be the maximum throughput (in bytes per second) of the 206 * underlying device divided by the minimum I/O size. We assume a realistic 207 * maximum throughput of one hundred megabytes per second; we set maxalloc on 208 * the lofi task queue to be 104857600 divided by DEV_BSIZE. 209 */ 210 static int lofi_taskq_maxalloc = 104857600 / DEV_BSIZE; 211 static int lofi_taskq_nthreads = 4; /* # of taskq threads per device */ 212 213 const char lofi_crypto_magic[6] = LOFI_CRYPTO_MAGIC; 214 215 /* 216 * To avoid decompressing data in a compressed segment multiple times 217 * when accessing small parts of a segment's data, we cache and reuse 218 * the uncompressed segment's data. 219 * 220 * A single cached segment is sufficient to avoid lots of duplicate 221 * segment decompress operations. A small cache size also reduces the 222 * memory footprint. 223 * 224 * lofi_max_comp_cache is the maximum number of decompressed data segments 225 * cached for each compressed lofi image. It can be set to 0 to disable 226 * caching. 227 */ 228 229 uint32_t lofi_max_comp_cache = 1; 230 231 static int gzip_decompress(void *src, size_t srclen, void *dst, 232 size_t *destlen, int level); 233 234 static int lzma_decompress(void *src, size_t srclen, void *dst, 235 size_t *dstlen, int level); 236 237 lofi_compress_info_t lofi_compress_table[LOFI_COMPRESS_FUNCTIONS] = { 238 {gzip_decompress, NULL, 6, "gzip"}, /* default */ 239 {gzip_decompress, NULL, 6, "gzip-6"}, 240 {gzip_decompress, NULL, 9, "gzip-9"}, 241 {lzma_decompress, NULL, 0, "lzma"} 242 }; 243 244 static void lofi_strategy_task(void *); 245 static int lofi_tg_rdwr(dev_info_t *, uchar_t, void *, diskaddr_t, 246 size_t, void *); 247 static int lofi_tg_getinfo(dev_info_t *, int, void *, void *); 248 249 struct cmlb_tg_ops lofi_tg_ops = { 250 TG_DK_OPS_VERSION_1, 251 lofi_tg_rdwr, 252 lofi_tg_getinfo 253 }; 254 255 /*ARGSUSED*/ 256 static void 257 *SzAlloc(void *p, size_t size) 258 { 259 return (kmem_alloc(size, KM_SLEEP)); 260 } 261 262 /*ARGSUSED*/ 263 static void 264 SzFree(void *p, void *address, size_t size) 265 { 266 kmem_free(address, size); 267 } 268 269 static ISzAlloc g_Alloc = { SzAlloc, SzFree }; 270 271 /* 272 * Free data referenced by the linked list of cached uncompressed 273 * segments. 274 */ 275 static void 276 lofi_free_comp_cache(struct lofi_state *lsp) 277 { 278 struct lofi_comp_cache *lc; 279 280 while ((lc = list_remove_head(&lsp->ls_comp_cache)) != NULL) { 281 kmem_free(lc->lc_data, lsp->ls_uncomp_seg_sz); 282 kmem_free(lc, sizeof (struct lofi_comp_cache)); 283 lsp->ls_comp_cache_count--; 284 } 285 ASSERT(lsp->ls_comp_cache_count == 0); 286 } 287 288 static int 289 is_opened(struct lofi_state *lsp) 290 { 291 int i; 292 boolean_t last = B_TRUE; 293 294 ASSERT(MUTEX_HELD(&lofi_lock)); 295 for (i = 0; i < LOFI_PART_MAX; i++) { 296 if (lsp->ls_open_lyr[i]) { 297 last = B_FALSE; 298 break; 299 } 300 } 301 302 for (i = 0; last && (i < OTYP_LYR); i++) { 303 if (lsp->ls_open_reg[i]) { 304 last = B_FALSE; 305 } 306 } 307 308 return (!last); 309 } 310 311 static void 312 lofi_set_cleanup(struct lofi_state *lsp) 313 { 314 ASSERT(MUTEX_HELD(&lofi_lock)); 315 316 lsp->ls_cleanup = B_TRUE; 317 318 /* wake up any threads waiting on dkiocstate */ 319 cv_broadcast(&lsp->ls_vp_cv); 320 } 321 322 static void 323 lofi_free_crypto(struct lofi_state *lsp) 324 { 325 ASSERT(MUTEX_HELD(&lofi_lock)); 326 327 if (lsp->ls_crypto_enabled) { 328 /* 329 * Clean up the crypto state so that it doesn't hang around 330 * in memory after we are done with it. 331 */ 332 if (lsp->ls_key.ck_data != NULL) { 333 bzero(lsp->ls_key.ck_data, 334 CRYPTO_BITS2BYTES(lsp->ls_key.ck_length)); 335 kmem_free(lsp->ls_key.ck_data, 336 CRYPTO_BITS2BYTES(lsp->ls_key.ck_length)); 337 lsp->ls_key.ck_data = NULL; 338 lsp->ls_key.ck_length = 0; 339 } 340 341 if (lsp->ls_mech.cm_param != NULL) { 342 kmem_free(lsp->ls_mech.cm_param, 343 lsp->ls_mech.cm_param_len); 344 lsp->ls_mech.cm_param = NULL; 345 lsp->ls_mech.cm_param_len = 0; 346 } 347 348 if (lsp->ls_iv_mech.cm_param != NULL) { 349 kmem_free(lsp->ls_iv_mech.cm_param, 350 lsp->ls_iv_mech.cm_param_len); 351 lsp->ls_iv_mech.cm_param = NULL; 352 lsp->ls_iv_mech.cm_param_len = 0; 353 } 354 355 mutex_destroy(&lsp->ls_crypto_lock); 356 } 357 } 358 359 /* ARGSUSED */ 360 static int 361 lofi_tg_rdwr(dev_info_t *dip, uchar_t cmd, void *bufaddr, diskaddr_t start, 362 size_t length, void *tg_cookie) 363 { 364 struct lofi_state *lsp; 365 buf_t *bp; 366 int instance; 367 int rv = 0; 368 369 instance = ddi_get_instance(dip); 370 if (instance == 0) /* control node does not have disk */ 371 return (ENXIO); 372 373 lsp = ddi_get_soft_state(lofi_statep, instance); 374 375 if (lsp == NULL) 376 return (ENXIO); 377 378 if (cmd != TG_READ && cmd != TG_WRITE) 379 return (EINVAL); 380 381 /* 382 * Make sure the mapping is set up by checking lsp->ls_vp_ready. 383 */ 384 mutex_enter(&lsp->ls_vp_lock); 385 while (lsp->ls_vp_ready == B_FALSE) 386 cv_wait(&lsp->ls_vp_cv, &lsp->ls_vp_lock); 387 mutex_exit(&lsp->ls_vp_lock); 388 389 if (P2PHASE(length, (1U << lsp->ls_lbshift)) != 0) { 390 /* We can only transfer whole blocks at a time! */ 391 return (EINVAL); 392 } 393 394 bp = getrbuf(KM_SLEEP); 395 396 if (cmd == TG_READ) { 397 bp->b_flags = B_READ; 398 } else { 399 if (lsp->ls_readonly == B_TRUE) { 400 freerbuf(bp); 401 return (EROFS); 402 } 403 bp->b_flags = B_WRITE; 404 } 405 406 bp->b_un.b_addr = bufaddr; 407 bp->b_bcount = length; 408 bp->b_lblkno = start; 409 bp->b_private = NULL; 410 bp->b_edev = lsp->ls_dev; 411 412 if (lsp->ls_kstat) { 413 mutex_enter(lsp->ls_kstat->ks_lock); 414 kstat_waitq_enter(KSTAT_IO_PTR(lsp->ls_kstat)); 415 mutex_exit(lsp->ls_kstat->ks_lock); 416 } 417 (void) taskq_dispatch(lsp->ls_taskq, lofi_strategy_task, bp, KM_SLEEP); 418 (void) biowait(bp); 419 420 rv = geterror(bp); 421 freerbuf(bp); 422 return (rv); 423 } 424 425 /* 426 * Get device geometry info for cmlb. 427 * 428 * We have mapped disk image as virtual block device and have to report 429 * physical/virtual geometry to cmlb. 430 * 431 * So we have two principal cases: 432 * 1. Uninitialised image without any existing labels, 433 * for this case we fabricate the data based on mapped image. 434 * 2. Image with existing label information. 435 * Since we have no information how the image was created (it may be 436 * dump from some physical device), we need to rely on label information 437 * from image, or we get "corrupted label" errors. 438 * NOTE: label can be MBR, MBR+SMI, GPT 439 */ 440 static int 441 lofi_tg_getinfo(dev_info_t *dip, int cmd, void *arg, void *tg_cookie) 442 { 443 struct lofi_state *lsp; 444 int instance; 445 int ashift; 446 447 _NOTE(ARGUNUSED(tg_cookie)); 448 instance = ddi_get_instance(dip); 449 if (instance == 0) /* control device has no storage */ 450 return (ENXIO); 451 452 lsp = ddi_get_soft_state(lofi_statep, instance); 453 454 if (lsp == NULL) 455 return (ENXIO); 456 457 /* 458 * Make sure the mapping is set up by checking lsp->ls_vp_ready. 459 * 460 * When mapping is created, new lofi instance is created and 461 * lofi_attach() will call cmlb_attach() as part of the procedure 462 * to set the mapping up. This chain of events will happen in 463 * the same thread. 464 * Since cmlb_attach() will call lofi_tg_getinfo to get 465 * capacity, we return error on that call if cookie is set, 466 * otherwise lofi_attach will be stuck as the mapping is not yet 467 * finalized and lofi is not yet ready. 468 * Note, such error is not fatal for cmlb, as the label setup 469 * will be finalized when cmlb_validate() is called. 470 */ 471 mutex_enter(&lsp->ls_vp_lock); 472 if (tg_cookie != NULL && lsp->ls_vp_ready == B_FALSE) { 473 mutex_exit(&lsp->ls_vp_lock); 474 return (ENXIO); 475 } 476 while (lsp->ls_vp_ready == B_FALSE) 477 cv_wait(&lsp->ls_vp_cv, &lsp->ls_vp_lock); 478 mutex_exit(&lsp->ls_vp_lock); 479 480 ashift = lsp->ls_lbshift; 481 482 switch (cmd) { 483 case TG_GETPHYGEOM: { 484 cmlb_geom_t *geomp = arg; 485 486 geomp->g_capacity = 487 (lsp->ls_vp_size - lsp->ls_crypto_offset) >> ashift; 488 geomp->g_nsect = lsp->ls_dkg.dkg_nsect; 489 geomp->g_nhead = lsp->ls_dkg.dkg_nhead; 490 geomp->g_acyl = lsp->ls_dkg.dkg_acyl; 491 geomp->g_ncyl = lsp->ls_dkg.dkg_ncyl; 492 geomp->g_secsize = (1U << ashift); 493 geomp->g_intrlv = lsp->ls_dkg.dkg_intrlv; 494 geomp->g_rpm = lsp->ls_dkg.dkg_rpm; 495 return (0); 496 } 497 498 case TG_GETCAPACITY: 499 *(diskaddr_t *)arg = 500 (lsp->ls_vp_size - lsp->ls_crypto_offset) >> ashift; 501 return (0); 502 503 case TG_GETBLOCKSIZE: 504 *(uint32_t *)arg = (1U << ashift); 505 return (0); 506 507 case TG_GETATTR: { 508 tg_attribute_t *tgattr = arg; 509 510 tgattr->media_is_writable = !lsp->ls_readonly; 511 tgattr->media_is_solid_state = B_FALSE; 512 tgattr->media_is_rotational = B_FALSE; 513 return (0); 514 } 515 516 default: 517 return (EINVAL); 518 } 519 } 520 521 static void 522 lofi_destroy(struct lofi_state *lsp, cred_t *credp) 523 { 524 int id = LOFI_MINOR2ID(getminor(lsp->ls_dev)); 525 int i; 526 527 ASSERT(MUTEX_HELD(&lofi_lock)); 528 529 /* 530 * Before we can start to release the other resources, 531 * make sure we have all tasks completed and taskq removed. 532 */ 533 if (lsp->ls_taskq != NULL) { 534 taskq_destroy(lsp->ls_taskq); 535 lsp->ls_taskq = NULL; 536 } 537 538 list_remove(&lofi_list, lsp); 539 540 lofi_free_crypto(lsp); 541 542 /* 543 * Free pre-allocated compressed buffers 544 */ 545 if (lsp->ls_comp_bufs != NULL) { 546 for (i = 0; i < lofi_taskq_nthreads; i++) { 547 if (lsp->ls_comp_bufs[i].bufsize > 0) 548 kmem_free(lsp->ls_comp_bufs[i].buf, 549 lsp->ls_comp_bufs[i].bufsize); 550 } 551 kmem_free(lsp->ls_comp_bufs, 552 sizeof (struct compbuf) * lofi_taskq_nthreads); 553 } 554 555 if (lsp->ls_vp != NULL) { 556 (void) VOP_PUTPAGE(lsp->ls_vp, 0, 0, B_INVAL, credp, NULL); 557 (void) VOP_CLOSE(lsp->ls_vp, lsp->ls_openflag, 558 1, 0, credp, NULL); 559 VN_RELE(lsp->ls_vp); 560 } 561 if (lsp->ls_stacked_vp != lsp->ls_vp) 562 VN_RELE(lsp->ls_stacked_vp); 563 lsp->ls_vp = lsp->ls_stacked_vp = NULL; 564 565 if (lsp->ls_kstat != NULL) { 566 kstat_delete(lsp->ls_kstat); 567 lsp->ls_kstat = NULL; 568 } 569 570 /* 571 * Free cached decompressed segment data 572 */ 573 lofi_free_comp_cache(lsp); 574 list_destroy(&lsp->ls_comp_cache); 575 576 if (lsp->ls_uncomp_seg_sz > 0) { 577 kmem_free(lsp->ls_comp_index_data, lsp->ls_comp_index_data_sz); 578 lsp->ls_uncomp_seg_sz = 0; 579 } 580 581 rctl_decr_lofi(lsp->ls_zone.zref_zone, 1); 582 zone_rele_ref(&lsp->ls_zone, ZONE_REF_LOFI); 583 584 mutex_destroy(&lsp->ls_comp_cache_lock); 585 mutex_destroy(&lsp->ls_comp_bufs_lock); 586 mutex_destroy(&lsp->ls_kstat_lock); 587 mutex_destroy(&lsp->ls_vp_lock); 588 cv_destroy(&lsp->ls_vp_cv); 589 lsp->ls_vp_ready = B_FALSE; 590 lsp->ls_vp_closereq = B_FALSE; 591 592 ASSERT(ddi_get_soft_state(lofi_statep, id) == lsp); 593 (void) ndi_devi_offline(lsp->ls_dip, NDI_DEVI_REMOVE); 594 id_free(lofi_id, id); 595 } 596 597 static void 598 lofi_free_dev(struct lofi_state *lsp) 599 { 600 ASSERT(MUTEX_HELD(&lofi_lock)); 601 602 if (lsp->ls_cmlbhandle != NULL) { 603 cmlb_invalidate(lsp->ls_cmlbhandle, 0); 604 cmlb_detach(lsp->ls_cmlbhandle, 0); 605 cmlb_free_handle(&lsp->ls_cmlbhandle); 606 lsp->ls_cmlbhandle = NULL; 607 } 608 (void) ddi_prop_remove_all(lsp->ls_dip); 609 ddi_remove_minor_node(lsp->ls_dip, NULL); 610 } 611 612 /*ARGSUSED*/ 613 static void 614 lofi_zone_shutdown(zoneid_t zoneid, void *arg) 615 { 616 struct lofi_state *lsp; 617 struct lofi_state *next; 618 619 mutex_enter(&lofi_lock); 620 621 for (lsp = list_head(&lofi_list); lsp != NULL; lsp = next) { 622 623 /* lofi_destroy() frees lsp */ 624 next = list_next(&lofi_list, lsp); 625 626 if (lsp->ls_zone.zref_zone->zone_id != zoneid) 627 continue; 628 629 /* 630 * No in-zone processes are running, but something has this 631 * open. It's either a global zone process, or a lofi 632 * mount. In either case we set ls_cleanup so the last 633 * user destroys the device. 634 */ 635 if (is_opened(lsp)) { 636 lofi_set_cleanup(lsp); 637 } else { 638 lofi_free_dev(lsp); 639 lofi_destroy(lsp, kcred); 640 } 641 } 642 643 mutex_exit(&lofi_lock); 644 } 645 646 /*ARGSUSED*/ 647 static int 648 lofi_open(dev_t *devp, int flag, int otyp, struct cred *credp) 649 { 650 int id; 651 minor_t part; 652 uint64_t mask; 653 diskaddr_t nblks; 654 diskaddr_t lba; 655 boolean_t ndelay; 656 657 struct lofi_state *lsp; 658 659 if (otyp >= OTYPCNT) 660 return (EINVAL); 661 662 ndelay = (flag & (FNDELAY | FNONBLOCK)) ? B_TRUE : B_FALSE; 663 664 /* 665 * lofiadm -a /dev/lofi/1 gets us here. 666 */ 667 if (mutex_owner(&lofi_lock) == curthread) 668 return (EINVAL); 669 670 mutex_enter(&lofi_lock); 671 672 id = LOFI_MINOR2ID(getminor(*devp)); 673 part = LOFI_PART(getminor(*devp)); 674 mask = (1U << part); 675 676 /* master control device */ 677 if (id == 0) { 678 mutex_exit(&lofi_lock); 679 return (0); 680 } 681 682 /* otherwise, the mapping should already exist */ 683 lsp = ddi_get_soft_state(lofi_statep, id); 684 if (lsp == NULL) { 685 mutex_exit(&lofi_lock); 686 return (EINVAL); 687 } 688 689 if (lsp->ls_cleanup == B_TRUE) { 690 mutex_exit(&lofi_lock); 691 return (ENXIO); 692 } 693 694 if (lsp->ls_vp == NULL) { 695 mutex_exit(&lofi_lock); 696 return (ENXIO); 697 } 698 699 if (lsp->ls_readonly && (flag & FWRITE)) { 700 mutex_exit(&lofi_lock); 701 return (EROFS); 702 } 703 704 if ((lsp->ls_open_excl) & (mask)) { 705 mutex_exit(&lofi_lock); 706 return (EBUSY); 707 } 708 709 if (flag & FEXCL) { 710 if (lsp->ls_open_lyr[part]) { 711 mutex_exit(&lofi_lock); 712 return (EBUSY); 713 } 714 for (int i = 0; i < OTYP_LYR; i++) { 715 if (lsp->ls_open_reg[i] & mask) { 716 mutex_exit(&lofi_lock); 717 return (EBUSY); 718 } 719 } 720 } 721 722 if (lsp->ls_cmlbhandle != NULL) { 723 if (cmlb_validate(lsp->ls_cmlbhandle, 0, 0) != 0) { 724 /* 725 * non-blocking opens are allowed to succeed to 726 * support format and fdisk to create partitioning. 727 */ 728 if (!ndelay) { 729 mutex_exit(&lofi_lock); 730 return (ENXIO); 731 } 732 } else if (cmlb_partinfo(lsp->ls_cmlbhandle, part, &nblks, &lba, 733 NULL, NULL, 0) == 0) { 734 if ((!nblks) && ((!ndelay) || (otyp != OTYP_CHR))) { 735 mutex_exit(&lofi_lock); 736 return (ENXIO); 737 } 738 } else if (!ndelay) { 739 mutex_exit(&lofi_lock); 740 return (ENXIO); 741 } 742 } 743 744 if (otyp == OTYP_LYR) { 745 lsp->ls_open_lyr[part]++; 746 } else { 747 lsp->ls_open_reg[otyp] |= mask; 748 } 749 if (flag & FEXCL) { 750 lsp->ls_open_excl |= mask; 751 } 752 753 mutex_exit(&lofi_lock); 754 return (0); 755 } 756 757 /*ARGSUSED*/ 758 static int 759 lofi_close(dev_t dev, int flag, int otyp, struct cred *credp) 760 { 761 minor_t part; 762 int id; 763 uint64_t mask; 764 struct lofi_state *lsp; 765 766 id = LOFI_MINOR2ID(getminor(dev)); 767 part = LOFI_PART(getminor(dev)); 768 mask = (1U << part); 769 770 mutex_enter(&lofi_lock); 771 lsp = ddi_get_soft_state(lofi_statep, id); 772 if (lsp == NULL) { 773 mutex_exit(&lofi_lock); 774 return (EINVAL); 775 } 776 777 if (id == 0) { 778 mutex_exit(&lofi_lock); 779 return (0); 780 } 781 782 if (lsp->ls_open_excl & mask) 783 lsp->ls_open_excl &= ~mask; 784 785 if (otyp == OTYP_LYR) { 786 lsp->ls_open_lyr[part]--; 787 } else { 788 lsp->ls_open_reg[otyp] &= ~mask; 789 } 790 791 /* 792 * If we forcibly closed the underlying device (li_force), or 793 * asked for cleanup (li_cleanup), finish up if we're the last 794 * out of the door. 795 */ 796 if (!is_opened(lsp) && 797 (lsp->ls_cleanup == B_TRUE || lsp->ls_vp == NULL)) { 798 lofi_free_dev(lsp); 799 lofi_destroy(lsp, credp); 800 } 801 802 mutex_exit(&lofi_lock); 803 return (0); 804 } 805 806 /* 807 * Sets the mechanism's initialization vector (IV) if one is needed. 808 * The IV is computed from the data block number. lsp->ls_mech is 809 * altered so that: 810 * lsp->ls_mech.cm_param_len is set to the IV len. 811 * lsp->ls_mech.cm_param is set to the IV. 812 */ 813 static int 814 lofi_blk_mech(struct lofi_state *lsp, longlong_t lblkno) 815 { 816 int ret; 817 crypto_data_t cdata; 818 char *iv; 819 size_t iv_len; 820 size_t min; 821 void *data; 822 size_t datasz; 823 824 ASSERT(MUTEX_HELD(&lsp->ls_crypto_lock)); 825 826 if (lsp == NULL) 827 return (CRYPTO_DEVICE_ERROR); 828 829 /* lsp->ls_mech.cm_param{_len} has already been set for static iv */ 830 if (lsp->ls_iv_type == IVM_NONE) { 831 return (CRYPTO_SUCCESS); 832 } 833 834 /* 835 * if kmem already alloced from previous call and it's the same size 836 * we need now, just recycle it; allocate new kmem only if we have to 837 */ 838 if (lsp->ls_mech.cm_param == NULL || 839 lsp->ls_mech.cm_param_len != lsp->ls_iv_len) { 840 iv_len = lsp->ls_iv_len; 841 iv = kmem_zalloc(iv_len, KM_SLEEP); 842 } else { 843 iv_len = lsp->ls_mech.cm_param_len; 844 iv = lsp->ls_mech.cm_param; 845 bzero(iv, iv_len); 846 } 847 848 switch (lsp->ls_iv_type) { 849 case IVM_ENC_BLKNO: 850 /* iv is not static, lblkno changes each time */ 851 data = &lblkno; 852 datasz = sizeof (lblkno); 853 break; 854 default: 855 data = 0; 856 datasz = 0; 857 break; 858 } 859 860 /* 861 * write blkno into the iv buffer padded on the left in case 862 * blkno ever grows bigger than its current longlong_t size 863 * or a variation other than blkno is used for the iv data 864 */ 865 min = MIN(datasz, iv_len); 866 bcopy(data, iv + (iv_len - min), min); 867 868 /* encrypt the data in-place to get the IV */ 869 SETUP_C_DATA(cdata, iv, iv_len); 870 871 ret = crypto_encrypt(&lsp->ls_iv_mech, &cdata, &lsp->ls_key, 872 NULL, NULL, NULL); 873 if (ret != CRYPTO_SUCCESS) { 874 cmn_err(CE_WARN, "failed to create iv for block %lld: (0x%x)", 875 lblkno, ret); 876 if (lsp->ls_mech.cm_param != iv) 877 kmem_free(iv, iv_len); 878 879 return (ret); 880 } 881 882 /* clean up the iv from the last computation */ 883 if (lsp->ls_mech.cm_param != NULL && lsp->ls_mech.cm_param != iv) 884 kmem_free(lsp->ls_mech.cm_param, lsp->ls_mech.cm_param_len); 885 886 lsp->ls_mech.cm_param_len = iv_len; 887 lsp->ls_mech.cm_param = iv; 888 889 return (CRYPTO_SUCCESS); 890 } 891 892 /* 893 * Performs encryption and decryption of a chunk of data of size "len", 894 * one DEV_BSIZE block at a time. "len" is assumed to be a multiple of 895 * DEV_BSIZE. 896 */ 897 static int 898 lofi_crypto(struct lofi_state *lsp, struct buf *bp, caddr_t plaintext, 899 caddr_t ciphertext, size_t len, boolean_t op_encrypt) 900 { 901 crypto_data_t cdata; 902 crypto_data_t wdata; 903 int ret; 904 longlong_t lblkno = bp->b_lblkno; 905 906 mutex_enter(&lsp->ls_crypto_lock); 907 908 /* 909 * though we could encrypt/decrypt entire "len" chunk of data, we need 910 * to break it into DEV_BSIZE pieces to capture blkno incrementing 911 */ 912 SETUP_C_DATA(cdata, plaintext, len); 913 cdata.cd_length = DEV_BSIZE; 914 if (ciphertext != NULL) { /* not in-place crypto */ 915 SETUP_C_DATA(wdata, ciphertext, len); 916 wdata.cd_length = DEV_BSIZE; 917 } 918 919 do { 920 ret = lofi_blk_mech(lsp, lblkno); 921 if (ret != CRYPTO_SUCCESS) 922 continue; 923 924 if (op_encrypt) { 925 ret = crypto_encrypt(&lsp->ls_mech, &cdata, 926 &lsp->ls_key, NULL, 927 ((ciphertext != NULL) ? &wdata : NULL), NULL); 928 } else { 929 ret = crypto_decrypt(&lsp->ls_mech, &cdata, 930 &lsp->ls_key, NULL, 931 ((ciphertext != NULL) ? &wdata : NULL), NULL); 932 } 933 934 cdata.cd_offset += DEV_BSIZE; 935 if (ciphertext != NULL) 936 wdata.cd_offset += DEV_BSIZE; 937 lblkno++; 938 } while (ret == CRYPTO_SUCCESS && cdata.cd_offset < len); 939 940 mutex_exit(&lsp->ls_crypto_lock); 941 942 if (ret != CRYPTO_SUCCESS) { 943 cmn_err(CE_WARN, "%s failed for block %lld: (0x%x)", 944 op_encrypt ? "crypto_encrypt()" : "crypto_decrypt()", 945 lblkno, ret); 946 } 947 948 return (ret); 949 } 950 951 #define RDWR_RAW 1 952 #define RDWR_BCOPY 2 953 954 static int 955 lofi_rdwr(caddr_t bufaddr, offset_t offset, struct buf *bp, 956 struct lofi_state *lsp, size_t len, int method, caddr_t bcopy_locn) 957 { 958 ssize_t resid; 959 int isread; 960 int error; 961 962 /* 963 * Handles reads/writes for both plain and encrypted lofi 964 * Note: offset is already shifted by lsp->ls_crypto_offset 965 * when it gets here. 966 */ 967 968 isread = bp->b_flags & B_READ; 969 if (isread) { 970 if (method == RDWR_BCOPY) { 971 /* DO NOT update bp->b_resid for bcopy */ 972 bcopy(bcopy_locn, bufaddr, len); 973 error = 0; 974 } else { /* RDWR_RAW */ 975 error = vn_rdwr(UIO_READ, lsp->ls_vp, bufaddr, len, 976 offset, UIO_SYSSPACE, 0, RLIM64_INFINITY, kcred, 977 &resid); 978 bp->b_resid = resid; 979 } 980 if (lsp->ls_crypto_enabled && error == 0) { 981 if (lofi_crypto(lsp, bp, bufaddr, NULL, len, 982 B_FALSE) != CRYPTO_SUCCESS) { 983 /* 984 * XXX: original code didn't set residual 985 * back to len because no error was expected 986 * from bcopy() if encryption is not enabled 987 */ 988 if (method != RDWR_BCOPY) 989 bp->b_resid = len; 990 error = EIO; 991 } 992 } 993 return (error); 994 } else { 995 void *iobuf = bufaddr; 996 997 if (lsp->ls_crypto_enabled) { 998 /* don't do in-place crypto to keep bufaddr intact */ 999 iobuf = kmem_alloc(len, KM_SLEEP); 1000 if (lofi_crypto(lsp, bp, bufaddr, iobuf, len, 1001 B_TRUE) != CRYPTO_SUCCESS) { 1002 kmem_free(iobuf, len); 1003 if (method != RDWR_BCOPY) 1004 bp->b_resid = len; 1005 return (EIO); 1006 } 1007 } 1008 if (method == RDWR_BCOPY) { 1009 /* DO NOT update bp->b_resid for bcopy */ 1010 bcopy(iobuf, bcopy_locn, len); 1011 error = 0; 1012 } else { /* RDWR_RAW */ 1013 error = vn_rdwr(UIO_WRITE, lsp->ls_vp, iobuf, len, 1014 offset, UIO_SYSSPACE, 0, RLIM64_INFINITY, kcred, 1015 &resid); 1016 bp->b_resid = resid; 1017 } 1018 if (lsp->ls_crypto_enabled) { 1019 kmem_free(iobuf, len); 1020 } 1021 return (error); 1022 } 1023 } 1024 1025 static int 1026 lofi_mapped_rdwr(caddr_t bufaddr, offset_t offset, struct buf *bp, 1027 struct lofi_state *lsp) 1028 { 1029 int error; 1030 offset_t alignedoffset, mapoffset; 1031 size_t xfersize; 1032 int isread; 1033 int smflags; 1034 caddr_t mapaddr; 1035 size_t len; 1036 enum seg_rw srw; 1037 int save_error; 1038 1039 /* 1040 * Note: offset is already shifted by lsp->ls_crypto_offset 1041 * when it gets here. 1042 */ 1043 if (lsp->ls_crypto_enabled) 1044 ASSERT(lsp->ls_vp_comp_size == lsp->ls_vp_size); 1045 1046 /* 1047 * segmap always gives us an 8K (MAXBSIZE) chunk, aligned on 1048 * an 8K boundary, but the buf transfer address may not be 1049 * aligned on more than a 512-byte boundary (we don't enforce 1050 * that even though we could). This matters since the initial 1051 * part of the transfer may not start at offset 0 within the 1052 * segmap'd chunk. So we have to compensate for that with 1053 * 'mapoffset'. Subsequent chunks always start off at the 1054 * beginning, and the last is capped by b_resid 1055 * 1056 * Visually, where "|" represents page map boundaries: 1057 * alignedoffset (mapaddr begins at this segmap boundary) 1058 * | offset (from beginning of file) 1059 * | | len 1060 * v v v 1061 * ===|====X========|====...======|========X====|==== 1062 * /-------------...---------------/ 1063 * ^ bp->b_bcount/bp->b_resid at start 1064 * /----/--------/----...------/--------/ 1065 * ^ ^ ^ ^ ^ 1066 * | | | | nth xfersize (<= MAXBSIZE) 1067 * | | 2nd thru n-1st xfersize (= MAXBSIZE) 1068 * | 1st xfersize (<= MAXBSIZE) 1069 * mapoffset (offset into 1st segmap, non-0 1st time, 0 thereafter) 1070 * 1071 * Notes: "alignedoffset" is "offset" rounded down to nearest 1072 * MAXBSIZE boundary. "len" is next page boundary of size 1073 * PAGESIZE after "alignedoffset". 1074 */ 1075 mapoffset = offset & MAXBOFFSET; 1076 alignedoffset = offset - mapoffset; 1077 bp->b_resid = bp->b_bcount; 1078 isread = bp->b_flags & B_READ; 1079 srw = isread ? S_READ : S_WRITE; 1080 do { 1081 xfersize = MIN(lsp->ls_vp_comp_size - offset, 1082 MIN(MAXBSIZE - mapoffset, bp->b_resid)); 1083 len = roundup(mapoffset + xfersize, PAGESIZE); 1084 mapaddr = segmap_getmapflt(segkmap, lsp->ls_vp, 1085 alignedoffset, MAXBSIZE, 1, srw); 1086 /* 1087 * Now fault in the pages. This lets us check 1088 * for errors before we reference mapaddr and 1089 * try to resolve the fault in bcopy (which would 1090 * panic instead). And this can easily happen, 1091 * particularly if you've lofi'd a file over NFS 1092 * and someone deletes the file on the server. 1093 */ 1094 error = segmap_fault(kas.a_hat, segkmap, mapaddr, 1095 len, F_SOFTLOCK, srw); 1096 if (error) { 1097 (void) segmap_release(segkmap, mapaddr, 0); 1098 if (FC_CODE(error) == FC_OBJERR) 1099 error = FC_ERRNO(error); 1100 else 1101 error = EIO; 1102 break; 1103 } 1104 /* error may be non-zero for encrypted lofi */ 1105 error = lofi_rdwr(bufaddr, 0, bp, lsp, xfersize, 1106 RDWR_BCOPY, mapaddr + mapoffset); 1107 if (error == 0) { 1108 bp->b_resid -= xfersize; 1109 bufaddr += xfersize; 1110 offset += xfersize; 1111 } 1112 smflags = 0; 1113 if (isread) { 1114 smflags |= SM_FREE; 1115 /* 1116 * If we're reading an entire page starting 1117 * at a page boundary, there's a good chance 1118 * we won't need it again. Put it on the 1119 * head of the freelist. 1120 */ 1121 if (mapoffset == 0 && xfersize == MAXBSIZE) 1122 smflags |= SM_DONTNEED; 1123 } else { 1124 /* 1125 * Write back good pages, it is okay to 1126 * always release asynchronous here as we'll 1127 * follow with VOP_FSYNC for B_SYNC buffers. 1128 */ 1129 if (error == 0) 1130 smflags |= SM_WRITE | SM_ASYNC; 1131 } 1132 (void) segmap_fault(kas.a_hat, segkmap, mapaddr, 1133 len, F_SOFTUNLOCK, srw); 1134 save_error = segmap_release(segkmap, mapaddr, smflags); 1135 if (error == 0) 1136 error = save_error; 1137 /* only the first map may start partial */ 1138 mapoffset = 0; 1139 alignedoffset += MAXBSIZE; 1140 } while ((error == 0) && (bp->b_resid > 0) && 1141 (offset < lsp->ls_vp_comp_size)); 1142 1143 return (error); 1144 } 1145 1146 /* 1147 * Check if segment seg_index is present in the decompressed segment 1148 * data cache. 1149 * 1150 * Returns a pointer to the decompressed segment data cache entry if 1151 * found, and NULL when decompressed data for this segment is not yet 1152 * cached. 1153 */ 1154 static struct lofi_comp_cache * 1155 lofi_find_comp_data(struct lofi_state *lsp, uint64_t seg_index) 1156 { 1157 struct lofi_comp_cache *lc; 1158 1159 ASSERT(MUTEX_HELD(&lsp->ls_comp_cache_lock)); 1160 1161 for (lc = list_head(&lsp->ls_comp_cache); lc != NULL; 1162 lc = list_next(&lsp->ls_comp_cache, lc)) { 1163 if (lc->lc_index == seg_index) { 1164 /* 1165 * Decompressed segment data was found in the 1166 * cache. 1167 * 1168 * The cache uses an LRU replacement strategy; 1169 * move the entry to head of list. 1170 */ 1171 list_remove(&lsp->ls_comp_cache, lc); 1172 list_insert_head(&lsp->ls_comp_cache, lc); 1173 return (lc); 1174 } 1175 } 1176 return (NULL); 1177 } 1178 1179 /* 1180 * Add the data for a decompressed segment at segment index 1181 * seg_index to the cache of the decompressed segments. 1182 * 1183 * Returns a pointer to the cache element structure in case 1184 * the data was added to the cache; returns NULL when the data 1185 * wasn't cached. 1186 */ 1187 static struct lofi_comp_cache * 1188 lofi_add_comp_data(struct lofi_state *lsp, uint64_t seg_index, 1189 uchar_t *data) 1190 { 1191 struct lofi_comp_cache *lc; 1192 1193 ASSERT(MUTEX_HELD(&lsp->ls_comp_cache_lock)); 1194 1195 while (lsp->ls_comp_cache_count > lofi_max_comp_cache) { 1196 lc = list_remove_tail(&lsp->ls_comp_cache); 1197 ASSERT(lc != NULL); 1198 kmem_free(lc->lc_data, lsp->ls_uncomp_seg_sz); 1199 kmem_free(lc, sizeof (struct lofi_comp_cache)); 1200 lsp->ls_comp_cache_count--; 1201 } 1202 1203 /* 1204 * Do not cache when disabled by tunable variable 1205 */ 1206 if (lofi_max_comp_cache == 0) 1207 return (NULL); 1208 1209 /* 1210 * When the cache has not yet reached the maximum allowed 1211 * number of segments, allocate a new cache element. 1212 * Otherwise the cache is full; reuse the last list element 1213 * (LRU) for caching the decompressed segment data. 1214 * 1215 * The cache element for the new decompressed segment data is 1216 * added to the head of the list. 1217 */ 1218 if (lsp->ls_comp_cache_count < lofi_max_comp_cache) { 1219 lc = kmem_alloc(sizeof (struct lofi_comp_cache), KM_SLEEP); 1220 lc->lc_data = NULL; 1221 list_insert_head(&lsp->ls_comp_cache, lc); 1222 lsp->ls_comp_cache_count++; 1223 } else { 1224 lc = list_remove_tail(&lsp->ls_comp_cache); 1225 if (lc == NULL) 1226 return (NULL); 1227 list_insert_head(&lsp->ls_comp_cache, lc); 1228 } 1229 1230 /* 1231 * Free old uncompressed segment data when reusing a cache 1232 * entry. 1233 */ 1234 if (lc->lc_data != NULL) 1235 kmem_free(lc->lc_data, lsp->ls_uncomp_seg_sz); 1236 1237 lc->lc_data = data; 1238 lc->lc_index = seg_index; 1239 return (lc); 1240 } 1241 1242 1243 /*ARGSUSED*/ 1244 static int 1245 gzip_decompress(void *src, size_t srclen, void *dst, 1246 size_t *dstlen, int level) 1247 { 1248 ASSERT(*dstlen >= srclen); 1249 1250 if (z_uncompress(dst, dstlen, src, srclen) != Z_OK) 1251 return (-1); 1252 return (0); 1253 } 1254 1255 #define LZMA_HEADER_SIZE (LZMA_PROPS_SIZE + 8) 1256 /*ARGSUSED*/ 1257 static int 1258 lzma_decompress(void *src, size_t srclen, void *dst, 1259 size_t *dstlen, int level) 1260 { 1261 size_t insizepure; 1262 void *actual_src; 1263 ELzmaStatus status; 1264 1265 insizepure = srclen - LZMA_HEADER_SIZE; 1266 actual_src = (void *)((Byte *)src + LZMA_HEADER_SIZE); 1267 1268 if (LzmaDecode((Byte *)dst, (size_t *)dstlen, 1269 (const Byte *)actual_src, &insizepure, 1270 (const Byte *)src, LZMA_PROPS_SIZE, LZMA_FINISH_ANY, &status, 1271 &g_Alloc) != SZ_OK) { 1272 return (-1); 1273 } 1274 return (0); 1275 } 1276 1277 /* 1278 * This is basically what strategy used to be before we found we 1279 * needed task queues. 1280 */ 1281 static void 1282 lofi_strategy_task(void *arg) 1283 { 1284 struct buf *bp = (struct buf *)arg; 1285 int error; 1286 int syncflag = 0; 1287 struct lofi_state *lsp; 1288 offset_t offset; 1289 caddr_t bufaddr; 1290 size_t len; 1291 size_t xfersize; 1292 boolean_t bufinited = B_FALSE; 1293 1294 lsp = ddi_get_soft_state(lofi_statep, 1295 LOFI_MINOR2ID(getminor(bp->b_edev))); 1296 1297 if (lsp == NULL) { 1298 error = ENXIO; 1299 goto errout; 1300 } 1301 if (lsp->ls_kstat) { 1302 mutex_enter(lsp->ls_kstat->ks_lock); 1303 kstat_waitq_to_runq(KSTAT_IO_PTR(lsp->ls_kstat)); 1304 mutex_exit(lsp->ls_kstat->ks_lock); 1305 } 1306 1307 mutex_enter(&lsp->ls_vp_lock); 1308 lsp->ls_vp_iocount++; 1309 mutex_exit(&lsp->ls_vp_lock); 1310 1311 bp_mapin(bp); 1312 bufaddr = bp->b_un.b_addr; 1313 offset = (bp->b_lblkno + (diskaddr_t)(uintptr_t)bp->b_private) 1314 << lsp->ls_lbshift; /* offset within file */ 1315 if (lsp->ls_crypto_enabled) { 1316 /* encrypted data really begins after crypto header */ 1317 offset += lsp->ls_crypto_offset; 1318 } 1319 len = bp->b_bcount; 1320 bufinited = B_TRUE; 1321 1322 if (lsp->ls_vp == NULL || lsp->ls_vp_closereq) { 1323 error = EIO; 1324 goto errout; 1325 } 1326 1327 /* 1328 * If we're writing and the buffer was not B_ASYNC 1329 * we'll follow up with a VOP_FSYNC() to force any 1330 * asynchronous I/O to stable storage. 1331 */ 1332 if (!(bp->b_flags & B_READ) && !(bp->b_flags & B_ASYNC)) 1333 syncflag = FSYNC; 1334 1335 /* 1336 * We used to always use vn_rdwr here, but we cannot do that because 1337 * we might decide to read or write from the the underlying 1338 * file during this call, which would be a deadlock because 1339 * we have the rw_lock. So instead we page, unless it's not 1340 * mapable or it's a character device or it's an encrypted lofi. 1341 */ 1342 if ((lsp->ls_vp->v_flag & VNOMAP) || (lsp->ls_vp->v_type == VCHR) || 1343 lsp->ls_crypto_enabled) { 1344 error = lofi_rdwr(bufaddr, offset, bp, lsp, len, RDWR_RAW, 1345 NULL); 1346 } else if (lsp->ls_uncomp_seg_sz == 0) { 1347 error = lofi_mapped_rdwr(bufaddr, offset, bp, lsp); 1348 } else { 1349 uchar_t *compressed_seg = NULL, *cmpbuf; 1350 uchar_t *uncompressed_seg = NULL; 1351 lofi_compress_info_t *li; 1352 size_t oblkcount; 1353 ulong_t seglen; 1354 uint64_t sblkno, eblkno, cmpbytes; 1355 uint64_t uncompressed_seg_index; 1356 struct lofi_comp_cache *lc; 1357 offset_t sblkoff, eblkoff; 1358 u_offset_t salign, ealign; 1359 u_offset_t sdiff; 1360 uint32_t comp_data_sz; 1361 uint64_t i; 1362 int j; 1363 1364 /* 1365 * From here on we're dealing primarily with compressed files 1366 */ 1367 ASSERT(!lsp->ls_crypto_enabled); 1368 1369 /* 1370 * Compressed files can only be read from and 1371 * not written to 1372 */ 1373 if (!(bp->b_flags & B_READ)) { 1374 bp->b_resid = bp->b_bcount; 1375 error = EROFS; 1376 goto done; 1377 } 1378 1379 ASSERT(lsp->ls_comp_algorithm_index >= 0); 1380 li = &lofi_compress_table[lsp->ls_comp_algorithm_index]; 1381 /* 1382 * Compute starting and ending compressed segment numbers 1383 * We use only bitwise operations avoiding division and 1384 * modulus because we enforce the compression segment size 1385 * to a power of 2 1386 */ 1387 sblkno = offset >> lsp->ls_comp_seg_shift; 1388 sblkoff = offset & (lsp->ls_uncomp_seg_sz - 1); 1389 eblkno = (offset + bp->b_bcount) >> lsp->ls_comp_seg_shift; 1390 eblkoff = (offset + bp->b_bcount) & (lsp->ls_uncomp_seg_sz - 1); 1391 1392 /* 1393 * Check the decompressed segment cache. 1394 * 1395 * The cache is used only when the requested data 1396 * is within a segment. Requests that cross 1397 * segment boundaries bypass the cache. 1398 */ 1399 if (sblkno == eblkno || 1400 (sblkno + 1 == eblkno && eblkoff == 0)) { 1401 /* 1402 * Request doesn't cross a segment boundary, 1403 * now check the cache. 1404 */ 1405 mutex_enter(&lsp->ls_comp_cache_lock); 1406 lc = lofi_find_comp_data(lsp, sblkno); 1407 if (lc != NULL) { 1408 /* 1409 * We've found the decompressed segment 1410 * data in the cache; reuse it. 1411 */ 1412 bcopy(lc->lc_data + sblkoff, bufaddr, 1413 bp->b_bcount); 1414 mutex_exit(&lsp->ls_comp_cache_lock); 1415 bp->b_resid = 0; 1416 error = 0; 1417 goto done; 1418 } 1419 mutex_exit(&lsp->ls_comp_cache_lock); 1420 } 1421 1422 /* 1423 * Align start offset to block boundary for segmap 1424 */ 1425 salign = lsp->ls_comp_seg_index[sblkno]; 1426 sdiff = salign & (DEV_BSIZE - 1); 1427 salign -= sdiff; 1428 if (eblkno >= (lsp->ls_comp_index_sz - 1)) { 1429 /* 1430 * We're dealing with the last segment of 1431 * the compressed file -- the size of this 1432 * segment *may not* be the same as the 1433 * segment size for the file 1434 */ 1435 eblkoff = (offset + bp->b_bcount) & 1436 (lsp->ls_uncomp_last_seg_sz - 1); 1437 ealign = lsp->ls_vp_comp_size; 1438 } else { 1439 ealign = lsp->ls_comp_seg_index[eblkno + 1]; 1440 } 1441 1442 /* 1443 * Preserve original request paramaters 1444 */ 1445 oblkcount = bp->b_bcount; 1446 1447 /* 1448 * Assign the calculated parameters 1449 */ 1450 comp_data_sz = ealign - salign; 1451 bp->b_bcount = comp_data_sz; 1452 1453 /* 1454 * Buffers to hold compressed segments are pre-allocated 1455 * on a per-thread basis. Find a pre-allocated buffer 1456 * that is not currently in use and mark it for use. 1457 */ 1458 mutex_enter(&lsp->ls_comp_bufs_lock); 1459 for (j = 0; j < lofi_taskq_nthreads; j++) { 1460 if (lsp->ls_comp_bufs[j].inuse == 0) { 1461 lsp->ls_comp_bufs[j].inuse = 1; 1462 break; 1463 } 1464 } 1465 1466 mutex_exit(&lsp->ls_comp_bufs_lock); 1467 ASSERT(j < lofi_taskq_nthreads); 1468 1469 /* 1470 * If the pre-allocated buffer size does not match 1471 * the size of the I/O request, re-allocate it with 1472 * the appropriate size 1473 */ 1474 if (lsp->ls_comp_bufs[j].bufsize < bp->b_bcount) { 1475 if (lsp->ls_comp_bufs[j].bufsize > 0) 1476 kmem_free(lsp->ls_comp_bufs[j].buf, 1477 lsp->ls_comp_bufs[j].bufsize); 1478 lsp->ls_comp_bufs[j].buf = kmem_alloc(bp->b_bcount, 1479 KM_SLEEP); 1480 lsp->ls_comp_bufs[j].bufsize = bp->b_bcount; 1481 } 1482 compressed_seg = lsp->ls_comp_bufs[j].buf; 1483 1484 /* 1485 * Map in the calculated number of blocks 1486 */ 1487 error = lofi_mapped_rdwr((caddr_t)compressed_seg, salign, 1488 bp, lsp); 1489 1490 bp->b_bcount = oblkcount; 1491 bp->b_resid = oblkcount; 1492 if (error != 0) 1493 goto done; 1494 1495 /* 1496 * decompress compressed blocks start 1497 */ 1498 cmpbuf = compressed_seg + sdiff; 1499 for (i = sblkno; i <= eblkno; i++) { 1500 ASSERT(i < lsp->ls_comp_index_sz - 1); 1501 uchar_t *useg; 1502 1503 /* 1504 * The last segment is special in that it is 1505 * most likely not going to be the same 1506 * (uncompressed) size as the other segments. 1507 */ 1508 if (i == (lsp->ls_comp_index_sz - 2)) { 1509 seglen = lsp->ls_uncomp_last_seg_sz; 1510 } else { 1511 seglen = lsp->ls_uncomp_seg_sz; 1512 } 1513 1514 /* 1515 * Each of the segment index entries contains 1516 * the starting block number for that segment. 1517 * The number of compressed bytes in a segment 1518 * is thus the difference between the starting 1519 * block number of this segment and the starting 1520 * block number of the next segment. 1521 */ 1522 cmpbytes = lsp->ls_comp_seg_index[i + 1] - 1523 lsp->ls_comp_seg_index[i]; 1524 1525 /* 1526 * The first byte in a compressed segment is a flag 1527 * that indicates whether this segment is compressed 1528 * at all. 1529 * 1530 * The variable 'useg' is used (instead of 1531 * uncompressed_seg) in this loop to keep a 1532 * reference to the uncompressed segment. 1533 * 1534 * N.B. If 'useg' is replaced with uncompressed_seg, 1535 * it leads to memory leaks and heap corruption in 1536 * corner cases where compressed segments lie 1537 * adjacent to uncompressed segments. 1538 */ 1539 if (*cmpbuf == UNCOMPRESSED) { 1540 useg = cmpbuf + SEGHDR; 1541 } else { 1542 if (uncompressed_seg == NULL) 1543 uncompressed_seg = 1544 kmem_alloc(lsp->ls_uncomp_seg_sz, 1545 KM_SLEEP); 1546 useg = uncompressed_seg; 1547 uncompressed_seg_index = i; 1548 1549 if (li->l_decompress((cmpbuf + SEGHDR), 1550 (cmpbytes - SEGHDR), uncompressed_seg, 1551 &seglen, li->l_level) != 0) { 1552 error = EIO; 1553 goto done; 1554 } 1555 } 1556 1557 /* 1558 * Determine how much uncompressed data we 1559 * have to copy and copy it 1560 */ 1561 xfersize = lsp->ls_uncomp_seg_sz - sblkoff; 1562 if (i == eblkno) 1563 xfersize -= (lsp->ls_uncomp_seg_sz - eblkoff); 1564 1565 bcopy((useg + sblkoff), bufaddr, xfersize); 1566 1567 cmpbuf += cmpbytes; 1568 bufaddr += xfersize; 1569 bp->b_resid -= xfersize; 1570 sblkoff = 0; 1571 1572 if (bp->b_resid == 0) 1573 break; 1574 } /* decompress compressed blocks ends */ 1575 1576 /* 1577 * Skip to done if there is no uncompressed data to cache 1578 */ 1579 if (uncompressed_seg == NULL) 1580 goto done; 1581 1582 /* 1583 * Add the data for the last decompressed segment to 1584 * the cache. 1585 * 1586 * In case the uncompressed segment data was added to (and 1587 * is referenced by) the cache, make sure we don't free it 1588 * here. 1589 */ 1590 mutex_enter(&lsp->ls_comp_cache_lock); 1591 if ((lc = lofi_add_comp_data(lsp, uncompressed_seg_index, 1592 uncompressed_seg)) != NULL) { 1593 uncompressed_seg = NULL; 1594 } 1595 mutex_exit(&lsp->ls_comp_cache_lock); 1596 1597 done: 1598 if (compressed_seg != NULL) { 1599 mutex_enter(&lsp->ls_comp_bufs_lock); 1600 lsp->ls_comp_bufs[j].inuse = 0; 1601 mutex_exit(&lsp->ls_comp_bufs_lock); 1602 } 1603 if (uncompressed_seg != NULL) 1604 kmem_free(uncompressed_seg, lsp->ls_uncomp_seg_sz); 1605 } /* end of handling compressed files */ 1606 1607 if ((error == 0) && (syncflag != 0)) 1608 error = VOP_FSYNC(lsp->ls_vp, syncflag, kcred, NULL); 1609 1610 errout: 1611 if (bufinited && lsp->ls_kstat) { 1612 size_t n_done = bp->b_bcount - bp->b_resid; 1613 kstat_io_t *kioptr; 1614 1615 mutex_enter(lsp->ls_kstat->ks_lock); 1616 kioptr = KSTAT_IO_PTR(lsp->ls_kstat); 1617 if (bp->b_flags & B_READ) { 1618 kioptr->nread += n_done; 1619 kioptr->reads++; 1620 } else { 1621 kioptr->nwritten += n_done; 1622 kioptr->writes++; 1623 } 1624 kstat_runq_exit(kioptr); 1625 mutex_exit(lsp->ls_kstat->ks_lock); 1626 } 1627 1628 mutex_enter(&lsp->ls_vp_lock); 1629 if (--lsp->ls_vp_iocount == 0) 1630 cv_broadcast(&lsp->ls_vp_cv); 1631 mutex_exit(&lsp->ls_vp_lock); 1632 1633 bioerror(bp, error); 1634 biodone(bp); 1635 } 1636 1637 static int 1638 lofi_strategy(struct buf *bp) 1639 { 1640 struct lofi_state *lsp; 1641 offset_t offset; 1642 minor_t part; 1643 diskaddr_t p_lba; 1644 diskaddr_t p_nblks; 1645 int shift; 1646 1647 /* 1648 * We cannot just do I/O here, because the current thread 1649 * _might_ end up back in here because the underlying filesystem 1650 * wants a buffer, which eventually gets into bio_recycle and 1651 * might call into lofi to write out a delayed-write buffer. 1652 * This is bad if the filesystem above lofi is the same as below. 1653 * 1654 * We could come up with a complex strategy using threads to 1655 * do the I/O asynchronously, or we could use task queues. task 1656 * queues were incredibly easy so they win. 1657 */ 1658 1659 lsp = ddi_get_soft_state(lofi_statep, 1660 LOFI_MINOR2ID(getminor(bp->b_edev))); 1661 part = LOFI_PART(getminor(bp->b_edev)); 1662 1663 if (lsp == NULL) { 1664 bioerror(bp, ENXIO); 1665 biodone(bp); 1666 return (0); 1667 } 1668 1669 /* Check if we are closing. */ 1670 mutex_enter(&lsp->ls_vp_lock); 1671 if (lsp->ls_vp == NULL || lsp->ls_vp_closereq) { 1672 mutex_exit(&lsp->ls_vp_lock); 1673 bioerror(bp, EIO); 1674 biodone(bp); 1675 return (0); 1676 } 1677 mutex_exit(&lsp->ls_vp_lock); 1678 1679 shift = lsp->ls_lbshift; 1680 p_lba = 0; 1681 p_nblks = lsp->ls_vp_size >> shift; 1682 1683 if (lsp->ls_cmlbhandle != NULL) { 1684 if (cmlb_partinfo(lsp->ls_cmlbhandle, part, &p_nblks, &p_lba, 1685 NULL, NULL, 0)) { 1686 bioerror(bp, ENXIO); 1687 biodone(bp); 1688 return (0); 1689 } 1690 } 1691 1692 /* start block past partition end? */ 1693 if (bp->b_lblkno > p_nblks) { 1694 bioerror(bp, ENXIO); 1695 biodone(bp); 1696 return (0); 1697 } 1698 1699 offset = (bp->b_lblkno+p_lba) << shift; /* offset within file */ 1700 1701 mutex_enter(&lsp->ls_vp_lock); 1702 if (lsp->ls_crypto_enabled) { 1703 /* encrypted data really begins after crypto header */ 1704 offset += lsp->ls_crypto_offset; 1705 } 1706 1707 /* make sure we will not pass the file or partition size */ 1708 if (offset == lsp->ls_vp_size || 1709 offset == (((p_lba + p_nblks) << shift) + lsp->ls_crypto_offset)) { 1710 /* EOF */ 1711 if ((bp->b_flags & B_READ) != 0) { 1712 bp->b_resid = bp->b_bcount; 1713 bioerror(bp, 0); 1714 } else { 1715 /* writes should fail */ 1716 bioerror(bp, ENXIO); 1717 } 1718 biodone(bp); 1719 mutex_exit(&lsp->ls_vp_lock); 1720 return (0); 1721 } 1722 if ((offset > lsp->ls_vp_size) || 1723 (offset > (((p_lba + p_nblks) << shift) + lsp->ls_crypto_offset)) || 1724 ((offset + bp->b_bcount) > ((p_lba + p_nblks) << shift))) { 1725 bioerror(bp, ENXIO); 1726 biodone(bp); 1727 mutex_exit(&lsp->ls_vp_lock); 1728 return (0); 1729 } 1730 1731 mutex_exit(&lsp->ls_vp_lock); 1732 1733 if (lsp->ls_kstat) { 1734 mutex_enter(lsp->ls_kstat->ks_lock); 1735 kstat_waitq_enter(KSTAT_IO_PTR(lsp->ls_kstat)); 1736 mutex_exit(lsp->ls_kstat->ks_lock); 1737 } 1738 bp->b_private = (void *)(uintptr_t)p_lba; /* partition start */ 1739 (void) taskq_dispatch(lsp->ls_taskq, lofi_strategy_task, bp, KM_SLEEP); 1740 return (0); 1741 } 1742 1743 /*ARGSUSED2*/ 1744 static int 1745 lofi_read(dev_t dev, struct uio *uio, struct cred *credp) 1746 { 1747 if (getminor(dev) == 0) 1748 return (EINVAL); 1749 UIO_CHECK(uio); 1750 return (physio(lofi_strategy, NULL, dev, B_READ, minphys, uio)); 1751 } 1752 1753 /*ARGSUSED2*/ 1754 static int 1755 lofi_write(dev_t dev, struct uio *uio, struct cred *credp) 1756 { 1757 if (getminor(dev) == 0) 1758 return (EINVAL); 1759 UIO_CHECK(uio); 1760 return (physio(lofi_strategy, NULL, dev, B_WRITE, minphys, uio)); 1761 } 1762 1763 /*ARGSUSED2*/ 1764 static int 1765 lofi_aread(dev_t dev, struct aio_req *aio, struct cred *credp) 1766 { 1767 if (getminor(dev) == 0) 1768 return (EINVAL); 1769 UIO_CHECK(aio->aio_uio); 1770 return (aphysio(lofi_strategy, anocancel, dev, B_READ, minphys, aio)); 1771 } 1772 1773 /*ARGSUSED2*/ 1774 static int 1775 lofi_awrite(dev_t dev, struct aio_req *aio, struct cred *credp) 1776 { 1777 if (getminor(dev) == 0) 1778 return (EINVAL); 1779 UIO_CHECK(aio->aio_uio); 1780 return (aphysio(lofi_strategy, anocancel, dev, B_WRITE, minphys, aio)); 1781 } 1782 1783 /*ARGSUSED*/ 1784 static int 1785 lofi_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result) 1786 { 1787 struct lofi_state *lsp; 1788 dev_t dev = (dev_t)arg; 1789 int instance; 1790 1791 instance = LOFI_MINOR2ID(getminor(dev)); 1792 switch (infocmd) { 1793 case DDI_INFO_DEVT2DEVINFO: 1794 lsp = ddi_get_soft_state(lofi_statep, instance); 1795 if (lsp == NULL) 1796 return (DDI_FAILURE); 1797 *result = lsp->ls_dip; 1798 return (DDI_SUCCESS); 1799 case DDI_INFO_DEVT2INSTANCE: 1800 *result = (void *) (intptr_t)instance; 1801 return (DDI_SUCCESS); 1802 } 1803 return (DDI_FAILURE); 1804 } 1805 1806 static int 1807 lofi_create_minor_nodes(struct lofi_state *lsp, boolean_t labeled) 1808 { 1809 int error = 0; 1810 int instance = ddi_get_instance(lsp->ls_dip); 1811 1812 if (labeled == B_TRUE) { 1813 cmlb_alloc_handle(&lsp->ls_cmlbhandle); 1814 error = cmlb_attach(lsp->ls_dip, &lofi_tg_ops, DTYPE_DIRECT, 1815 B_FALSE, B_FALSE, DDI_NT_BLOCK_CHAN, 1816 CMLB_CREATE_P0_MINOR_NODE, lsp->ls_cmlbhandle, (void *)1); 1817 1818 if (error != DDI_SUCCESS) { 1819 cmlb_free_handle(&lsp->ls_cmlbhandle); 1820 lsp->ls_cmlbhandle = NULL; 1821 error = ENXIO; 1822 } 1823 } else { 1824 /* create minor nodes */ 1825 error = ddi_create_minor_node(lsp->ls_dip, LOFI_BLOCK_NODE, 1826 S_IFBLK, LOFI_ID2MINOR(instance), DDI_PSEUDO, 0); 1827 if (error == DDI_SUCCESS) { 1828 error = ddi_create_minor_node(lsp->ls_dip, 1829 LOFI_CHAR_NODE, S_IFCHR, LOFI_ID2MINOR(instance), 1830 DDI_PSEUDO, 0); 1831 if (error != DDI_SUCCESS) { 1832 ddi_remove_minor_node(lsp->ls_dip, 1833 LOFI_BLOCK_NODE); 1834 error = ENXIO; 1835 } 1836 } else 1837 error = ENXIO; 1838 } 1839 return (error); 1840 } 1841 1842 static int 1843 lofi_zone_bind(struct lofi_state *lsp) 1844 { 1845 int error = 0; 1846 1847 mutex_enter(&curproc->p_lock); 1848 if ((error = rctl_incr_lofi(curproc, curproc->p_zone, 1)) != 0) { 1849 mutex_exit(&curproc->p_lock); 1850 return (error); 1851 } 1852 mutex_exit(&curproc->p_lock); 1853 1854 if (ddi_prop_update_string(DDI_DEV_T_NONE, lsp->ls_dip, ZONE_PROP_NAME, 1855 (char *)curproc->p_zone->zone_name) != DDI_PROP_SUCCESS) { 1856 rctl_decr_lofi(curproc->p_zone, 1); 1857 error = EINVAL; 1858 } else { 1859 zone_init_ref(&lsp->ls_zone); 1860 zone_hold_ref(curzone, &lsp->ls_zone, ZONE_REF_LOFI); 1861 } 1862 return (error); 1863 } 1864 1865 static void 1866 lofi_zone_unbind(struct lofi_state *lsp) 1867 { 1868 (void) ddi_prop_remove(DDI_DEV_T_NONE, lsp->ls_dip, ZONE_PROP_NAME); 1869 rctl_decr_lofi(curproc->p_zone, 1); 1870 zone_rele_ref(&lsp->ls_zone, ZONE_REF_LOFI); 1871 } 1872 1873 static int 1874 lofi_online_dev(dev_info_t *dip) 1875 { 1876 boolean_t labeled; 1877 int error; 1878 int instance = ddi_get_instance(dip); 1879 struct lofi_state *lsp; 1880 1881 labeled = B_FALSE; 1882 if (ddi_prop_exists(DDI_DEV_T_ANY, dip, DDI_PROP_DONTPASS, "labeled")) 1883 labeled = B_TRUE; 1884 1885 /* lsp alloc+init, soft state is freed in lofi_detach */ 1886 error = ddi_soft_state_zalloc(lofi_statep, instance); 1887 if (error == DDI_FAILURE) { 1888 return (ENOMEM); 1889 } 1890 1891 lsp = ddi_get_soft_state(lofi_statep, instance); 1892 lsp->ls_dip = dip; 1893 1894 if ((error = lofi_zone_bind(lsp)) != 0) 1895 goto err; 1896 1897 cv_init(&lsp->ls_vp_cv, NULL, CV_DRIVER, NULL); 1898 mutex_init(&lsp->ls_comp_cache_lock, NULL, MUTEX_DRIVER, NULL); 1899 mutex_init(&lsp->ls_comp_bufs_lock, NULL, MUTEX_DRIVER, NULL); 1900 mutex_init(&lsp->ls_kstat_lock, NULL, MUTEX_DRIVER, NULL); 1901 mutex_init(&lsp->ls_vp_lock, NULL, MUTEX_DRIVER, NULL); 1902 1903 if ((error = lofi_create_minor_nodes(lsp, labeled)) != 0) { 1904 lofi_zone_unbind(lsp); 1905 goto lerr; 1906 } 1907 1908 /* driver handles kernel-issued IOCTLs */ 1909 if (ddi_prop_create(DDI_DEV_T_NONE, dip, DDI_PROP_CANSLEEP, 1910 DDI_KERNEL_IOCTL, NULL, 0) != DDI_PROP_SUCCESS) { 1911 error = DDI_FAILURE; 1912 goto merr; 1913 } 1914 1915 lsp->ls_kstat = kstat_create_zone(LOFI_DRIVER_NAME, instance, 1916 NULL, "disk", KSTAT_TYPE_IO, 1, 0, getzoneid()); 1917 if (lsp->ls_kstat == NULL) { 1918 (void) ddi_prop_remove(DDI_DEV_T_NONE, lsp->ls_dip, 1919 DDI_KERNEL_IOCTL); 1920 error = ENOMEM; 1921 goto merr; 1922 } 1923 1924 lsp->ls_kstat->ks_lock = &lsp->ls_kstat_lock; 1925 kstat_zone_add(lsp->ls_kstat, GLOBAL_ZONEID); 1926 kstat_install(lsp->ls_kstat); 1927 return (DDI_SUCCESS); 1928 merr: 1929 if (lsp->ls_cmlbhandle != NULL) { 1930 cmlb_detach(lsp->ls_cmlbhandle, 0); 1931 cmlb_free_handle(&lsp->ls_cmlbhandle); 1932 } 1933 ddi_remove_minor_node(dip, NULL); 1934 lofi_zone_unbind(lsp); 1935 lerr: 1936 mutex_destroy(&lsp->ls_comp_cache_lock); 1937 mutex_destroy(&lsp->ls_comp_bufs_lock); 1938 mutex_destroy(&lsp->ls_kstat_lock); 1939 mutex_destroy(&lsp->ls_vp_lock); 1940 cv_destroy(&lsp->ls_vp_cv); 1941 err: 1942 ddi_soft_state_free(lofi_statep, instance); 1943 return (error); 1944 } 1945 1946 static int 1947 lofi_attach(dev_info_t *dip, ddi_attach_cmd_t cmd) 1948 { 1949 int rv; 1950 int instance = ddi_get_instance(dip); 1951 struct lofi_state *lsp; 1952 1953 if (cmd != DDI_ATTACH) 1954 return (DDI_FAILURE); 1955 1956 /* 1957 * Instance 0 is control instance, attaching control instance 1958 * will set the lofi up and ready. 1959 */ 1960 if (instance == 0) { 1961 rv = ddi_soft_state_zalloc(lofi_statep, 0); 1962 if (rv == DDI_FAILURE) { 1963 return (DDI_FAILURE); 1964 } 1965 lsp = ddi_get_soft_state(lofi_statep, instance); 1966 rv = ddi_create_minor_node(dip, LOFI_CTL_NODE, S_IFCHR, 0, 1967 DDI_PSEUDO, 0); 1968 if (rv == DDI_FAILURE) { 1969 ddi_soft_state_free(lofi_statep, 0); 1970 return (DDI_FAILURE); 1971 } 1972 /* driver handles kernel-issued IOCTLs */ 1973 if (ddi_prop_create(DDI_DEV_T_NONE, dip, DDI_PROP_CANSLEEP, 1974 DDI_KERNEL_IOCTL, NULL, 0) != DDI_PROP_SUCCESS) { 1975 ddi_remove_minor_node(dip, NULL); 1976 ddi_soft_state_free(lofi_statep, 0); 1977 return (DDI_FAILURE); 1978 } 1979 1980 zone_key_create(&lofi_zone_key, NULL, lofi_zone_shutdown, NULL); 1981 1982 lsp->ls_dip = dip; 1983 } else { 1984 if (lofi_online_dev(dip) == DDI_FAILURE) 1985 return (DDI_FAILURE); 1986 } 1987 1988 ddi_report_dev(dip); 1989 return (DDI_SUCCESS); 1990 } 1991 1992 static int 1993 lofi_detach(dev_info_t *dip, ddi_detach_cmd_t cmd) 1994 { 1995 struct lofi_state *lsp; 1996 int instance = ddi_get_instance(dip); 1997 1998 if (cmd != DDI_DETACH) 1999 return (DDI_FAILURE); 2000 2001 /* 2002 * If the instance is not 0, release state. 2003 * The instance 0 is control device, we can not detach it 2004 * before other instances are detached. 2005 */ 2006 if (instance != 0) { 2007 lsp = ddi_get_soft_state(lofi_statep, instance); 2008 if (lsp != NULL && lsp->ls_vp_ready == B_FALSE) { 2009 ddi_soft_state_free(lofi_statep, instance); 2010 return (DDI_SUCCESS); 2011 } else 2012 return (DDI_FAILURE); 2013 } 2014 mutex_enter(&lofi_lock); 2015 2016 if (!list_is_empty(&lofi_list)) { 2017 mutex_exit(&lofi_lock); 2018 return (DDI_FAILURE); 2019 } 2020 2021 ddi_remove_minor_node(dip, NULL); 2022 ddi_prop_remove_all(dip); 2023 2024 mutex_exit(&lofi_lock); 2025 2026 if (zone_key_delete(lofi_zone_key) != 0) 2027 cmn_err(CE_WARN, "failed to delete zone key"); 2028 2029 ddi_soft_state_free(lofi_statep, 0); 2030 2031 return (DDI_SUCCESS); 2032 } 2033 2034 /* 2035 * With the addition of encryption, we must be careful that encryption key is 2036 * wiped before kernel's data structures are freed so it cannot accidentally 2037 * slip out to userland through uninitialized data elsewhere. 2038 */ 2039 static void 2040 free_lofi_ioctl(struct lofi_ioctl *klip) 2041 { 2042 /* Make sure this encryption key doesn't stick around */ 2043 bzero(klip->li_key, sizeof (klip->li_key)); 2044 kmem_free(klip, sizeof (struct lofi_ioctl)); 2045 } 2046 2047 /* 2048 * These two functions simplify the rest of the ioctls that need to copyin/out 2049 * the lofi_ioctl structure. 2050 */ 2051 int 2052 copy_in_lofi_ioctl(const struct lofi_ioctl *ulip, struct lofi_ioctl **klipp, 2053 int flag) 2054 { 2055 struct lofi_ioctl *klip; 2056 int error; 2057 2058 klip = *klipp = kmem_alloc(sizeof (struct lofi_ioctl), KM_SLEEP); 2059 error = ddi_copyin(ulip, klip, sizeof (struct lofi_ioctl), flag); 2060 if (error) 2061 goto err; 2062 2063 /* ensure NULL termination */ 2064 klip->li_filename[MAXPATHLEN-1] = '\0'; 2065 klip->li_devpath[MAXPATHLEN-1] = '\0'; 2066 klip->li_algorithm[MAXALGLEN-1] = '\0'; 2067 klip->li_cipher[CRYPTO_MAX_MECH_NAME-1] = '\0'; 2068 klip->li_iv_cipher[CRYPTO_MAX_MECH_NAME-1] = '\0'; 2069 2070 if (klip->li_id > L_MAXMIN32) { 2071 error = EINVAL; 2072 goto err; 2073 } 2074 2075 return (0); 2076 2077 err: 2078 free_lofi_ioctl(klip); 2079 return (error); 2080 } 2081 2082 int 2083 copy_out_lofi_ioctl(const struct lofi_ioctl *klip, struct lofi_ioctl *ulip, 2084 int flag) 2085 { 2086 int error; 2087 2088 /* 2089 * NOTE: Do NOT copy the crypto_key_t "back" to userland. 2090 * This ensures that an attacker can't trivially find the 2091 * key for a mapping just by issuing the ioctl. 2092 * 2093 * It can still be found by poking around in kmem with mdb(1), 2094 * but there is no point in making it easy when the info isn't 2095 * of any use in this direction anyway. 2096 * 2097 * Either way we don't actually have the raw key stored in 2098 * a form that we can get it anyway, since we just used it 2099 * to create a ctx template and didn't keep "the original". 2100 */ 2101 error = ddi_copyout(klip, ulip, sizeof (struct lofi_ioctl), flag); 2102 if (error) 2103 return (EFAULT); 2104 return (0); 2105 } 2106 2107 static int 2108 lofi_access(struct lofi_state *lsp) 2109 { 2110 ASSERT(MUTEX_HELD(&lofi_lock)); 2111 if (INGLOBALZONE(curproc) || lsp->ls_zone.zref_zone == curzone) 2112 return (0); 2113 return (EPERM); 2114 } 2115 2116 /* 2117 * Find the lofi state for the given filename. We compare by vnode to 2118 * allow the global zone visibility into NGZ lofi nodes. 2119 */ 2120 static int 2121 file_to_lofi_nocheck(char *filename, boolean_t readonly, 2122 struct lofi_state **lspp) 2123 { 2124 struct lofi_state *lsp; 2125 vnode_t *vp = NULL; 2126 int err = 0; 2127 int rdfiles = 0; 2128 2129 ASSERT(MUTEX_HELD(&lofi_lock)); 2130 2131 if ((err = lookupname(filename, UIO_SYSSPACE, FOLLOW, 2132 NULLVPP, &vp)) != 0) 2133 goto out; 2134 2135 if (vp->v_type == VREG) { 2136 vnode_t *realvp; 2137 if (VOP_REALVP(vp, &realvp, NULL) == 0) { 2138 VN_HOLD(realvp); 2139 VN_RELE(vp); 2140 vp = realvp; 2141 } 2142 } 2143 2144 for (lsp = list_head(&lofi_list); lsp != NULL; 2145 lsp = list_next(&lofi_list, lsp)) { 2146 if (lsp->ls_vp == vp) { 2147 if (lspp != NULL) 2148 *lspp = lsp; 2149 if (lsp->ls_readonly) { 2150 rdfiles++; 2151 /* Skip if '-r' is specified */ 2152 if (readonly) 2153 continue; 2154 } 2155 goto out; 2156 } 2157 } 2158 2159 err = ENOENT; 2160 2161 /* 2162 * If a filename is given as an argument for lofi_unmap, we shouldn't 2163 * allow unmap if there are multiple read-only lofi devices associated 2164 * with this file. 2165 */ 2166 if (lspp != NULL) { 2167 if (rdfiles == 1) 2168 err = 0; 2169 else if (rdfiles > 1) 2170 err = EBUSY; 2171 } 2172 2173 out: 2174 if (vp != NULL) 2175 VN_RELE(vp); 2176 return (err); 2177 } 2178 2179 /* 2180 * Find the minor for the given filename, checking the zone can access 2181 * it. 2182 */ 2183 static int 2184 file_to_lofi(char *filename, boolean_t readonly, struct lofi_state **lspp) 2185 { 2186 int err = 0; 2187 2188 ASSERT(MUTEX_HELD(&lofi_lock)); 2189 2190 if ((err = file_to_lofi_nocheck(filename, readonly, lspp)) != 0) 2191 return (err); 2192 2193 if ((err = lofi_access(*lspp)) != 0) 2194 return (err); 2195 2196 return (0); 2197 } 2198 2199 /* 2200 * Fakes up a disk geometry based on the size of the file. This is needed 2201 * to support newfs on traditional lofi device, but also will provide 2202 * geometry hint for cmlb. 2203 */ 2204 static void 2205 fake_disk_geometry(struct lofi_state *lsp) 2206 { 2207 u_offset_t dsize = lsp->ls_vp_size - lsp->ls_crypto_offset; 2208 2209 /* dk_geom - see dkio(7I) */ 2210 /* 2211 * dkg_ncyl _could_ be set to one here (one big cylinder with gobs 2212 * of sectors), but that breaks programs like fdisk which want to 2213 * partition a disk by cylinder. With one cylinder, you can't create 2214 * an fdisk partition and put pcfs on it for testing (hard to pick 2215 * a number between one and one). 2216 * 2217 * The cheezy floppy test is an attempt to not have too few cylinders 2218 * for a small file, or so many on a big file that you waste space 2219 * for backup superblocks or cylinder group structures. 2220 */ 2221 bzero(&lsp->ls_dkg, sizeof (lsp->ls_dkg)); 2222 if (dsize < (2 * 1024 * 1024)) /* floppy? */ 2223 lsp->ls_dkg.dkg_ncyl = dsize / (100 * 1024); 2224 else 2225 lsp->ls_dkg.dkg_ncyl = dsize / (300 * 1024); 2226 /* in case file file is < 100k */ 2227 if (lsp->ls_dkg.dkg_ncyl == 0) 2228 lsp->ls_dkg.dkg_ncyl = 1; 2229 2230 lsp->ls_dkg.dkg_pcyl = lsp->ls_dkg.dkg_ncyl; 2231 lsp->ls_dkg.dkg_nhead = 1; 2232 lsp->ls_dkg.dkg_rpm = 7200; 2233 2234 lsp->ls_dkg.dkg_nsect = dsize / 2235 (lsp->ls_dkg.dkg_ncyl << lsp->ls_pbshift); 2236 } 2237 2238 /* 2239 * build vtoc - see dkio(7I) 2240 * 2241 * Fakes one big partition based on the size of the file. This is needed 2242 * because we allow newfs'ing the traditional lofi device and newfs will 2243 * do several disk ioctls to figure out the geometry and partition information. 2244 * It uses that information to determine the parameters to pass to mkfs. 2245 */ 2246 static void 2247 fake_disk_vtoc(struct lofi_state *lsp, struct vtoc *vt) 2248 { 2249 bzero(vt, sizeof (struct vtoc)); 2250 vt->v_sanity = VTOC_SANE; 2251 vt->v_version = V_VERSION; 2252 (void) strncpy(vt->v_volume, LOFI_DRIVER_NAME, 2253 sizeof (vt->v_volume)); 2254 vt->v_sectorsz = 1 << lsp->ls_pbshift; 2255 vt->v_nparts = 1; 2256 vt->v_part[0].p_tag = V_UNASSIGNED; 2257 2258 /* 2259 * A compressed file is read-only, other files can 2260 * be read-write 2261 */ 2262 if (lsp->ls_uncomp_seg_sz > 0) { 2263 vt->v_part[0].p_flag = V_UNMNT | V_RONLY; 2264 } else { 2265 vt->v_part[0].p_flag = V_UNMNT; 2266 } 2267 vt->v_part[0].p_start = (daddr_t)0; 2268 /* 2269 * The partition size cannot just be the number of sectors, because 2270 * that might not end on a cylinder boundary. And if that's the case, 2271 * newfs/mkfs will print a scary warning. So just figure the size 2272 * based on the number of cylinders and sectors/cylinder. 2273 */ 2274 vt->v_part[0].p_size = lsp->ls_dkg.dkg_pcyl * 2275 lsp->ls_dkg.dkg_nsect * lsp->ls_dkg.dkg_nhead; 2276 } 2277 2278 /* 2279 * build dk_cinfo - see dkio(7I) 2280 */ 2281 static void 2282 fake_disk_info(dev_t dev, struct dk_cinfo *ci) 2283 { 2284 bzero(ci, sizeof (struct dk_cinfo)); 2285 (void) strlcpy(ci->dki_cname, LOFI_DRIVER_NAME, sizeof (ci->dki_cname)); 2286 ci->dki_ctype = DKC_SCSI_CCS; 2287 (void) strlcpy(ci->dki_dname, LOFI_DRIVER_NAME, sizeof (ci->dki_dname)); 2288 ci->dki_unit = LOFI_MINOR2ID(getminor(dev)); 2289 ci->dki_partition = LOFI_PART(getminor(dev)); 2290 /* 2291 * newfs uses this to set maxcontig. Must not be < 16, or it 2292 * will be 0 when newfs multiplies it by DEV_BSIZE and divides 2293 * it by the block size. Then tunefs doesn't work because 2294 * maxcontig is 0. 2295 */ 2296 ci->dki_maxtransfer = 16; 2297 } 2298 2299 /* 2300 * map in a compressed file 2301 * 2302 * Read in the header and the index that follows. 2303 * 2304 * The header is as follows - 2305 * 2306 * Signature (name of the compression algorithm) 2307 * Compression segment size (a multiple of 512) 2308 * Number of index entries 2309 * Size of the last block 2310 * The array containing the index entries 2311 * 2312 * The header information is always stored in 2313 * network byte order on disk. 2314 */ 2315 static int 2316 lofi_map_compressed_file(struct lofi_state *lsp, char *buf) 2317 { 2318 uint32_t index_sz, header_len, i; 2319 ssize_t resid; 2320 enum uio_rw rw; 2321 char *tbuf = buf; 2322 int error; 2323 2324 /* The signature has already been read */ 2325 tbuf += sizeof (lsp->ls_comp_algorithm); 2326 bcopy(tbuf, &(lsp->ls_uncomp_seg_sz), sizeof (lsp->ls_uncomp_seg_sz)); 2327 lsp->ls_uncomp_seg_sz = ntohl(lsp->ls_uncomp_seg_sz); 2328 2329 /* 2330 * The compressed segment size must be a power of 2 2331 */ 2332 if (lsp->ls_uncomp_seg_sz < DEV_BSIZE || 2333 !ISP2(lsp->ls_uncomp_seg_sz)) 2334 return (EINVAL); 2335 2336 for (i = 0; !((lsp->ls_uncomp_seg_sz >> i) & 1); i++) 2337 ; 2338 2339 lsp->ls_comp_seg_shift = i; 2340 2341 tbuf += sizeof (lsp->ls_uncomp_seg_sz); 2342 bcopy(tbuf, &(lsp->ls_comp_index_sz), sizeof (lsp->ls_comp_index_sz)); 2343 lsp->ls_comp_index_sz = ntohl(lsp->ls_comp_index_sz); 2344 2345 tbuf += sizeof (lsp->ls_comp_index_sz); 2346 bcopy(tbuf, &(lsp->ls_uncomp_last_seg_sz), 2347 sizeof (lsp->ls_uncomp_last_seg_sz)); 2348 lsp->ls_uncomp_last_seg_sz = ntohl(lsp->ls_uncomp_last_seg_sz); 2349 2350 /* 2351 * Compute the total size of the uncompressed data 2352 * for use in fake_disk_geometry and other calculations. 2353 * Disk geometry has to be faked with respect to the 2354 * actual uncompressed data size rather than the 2355 * compressed file size. 2356 */ 2357 lsp->ls_vp_size = 2358 (u_offset_t)(lsp->ls_comp_index_sz - 2) * lsp->ls_uncomp_seg_sz 2359 + lsp->ls_uncomp_last_seg_sz; 2360 2361 /* 2362 * Index size is rounded up to DEV_BSIZE for ease 2363 * of segmapping 2364 */ 2365 index_sz = sizeof (*lsp->ls_comp_seg_index) * lsp->ls_comp_index_sz; 2366 header_len = sizeof (lsp->ls_comp_algorithm) + 2367 sizeof (lsp->ls_uncomp_seg_sz) + 2368 sizeof (lsp->ls_comp_index_sz) + 2369 sizeof (lsp->ls_uncomp_last_seg_sz); 2370 lsp->ls_comp_offbase = header_len + index_sz; 2371 2372 index_sz += header_len; 2373 index_sz = roundup(index_sz, DEV_BSIZE); 2374 2375 lsp->ls_comp_index_data = kmem_alloc(index_sz, KM_SLEEP); 2376 lsp->ls_comp_index_data_sz = index_sz; 2377 2378 /* 2379 * Read in the index -- this has a side-effect 2380 * of reading in the header as well 2381 */ 2382 rw = UIO_READ; 2383 error = vn_rdwr(rw, lsp->ls_vp, lsp->ls_comp_index_data, index_sz, 2384 0, UIO_SYSSPACE, 0, RLIM64_INFINITY, kcred, &resid); 2385 2386 if (error != 0) 2387 return (error); 2388 2389 /* Skip the header, this is where the index really begins */ 2390 lsp->ls_comp_seg_index = 2391 /*LINTED*/ 2392 (uint64_t *)(lsp->ls_comp_index_data + header_len); 2393 2394 /* 2395 * Now recompute offsets in the index to account for 2396 * the header length 2397 */ 2398 for (i = 0; i < lsp->ls_comp_index_sz; i++) { 2399 lsp->ls_comp_seg_index[i] = lsp->ls_comp_offbase + 2400 BE_64(lsp->ls_comp_seg_index[i]); 2401 } 2402 2403 return (error); 2404 } 2405 2406 static int 2407 lofi_init_crypto(struct lofi_state *lsp, struct lofi_ioctl *klip) 2408 { 2409 struct crypto_meta chead; 2410 char buf[DEV_BSIZE]; 2411 ssize_t resid; 2412 char *marker; 2413 int error; 2414 int ret; 2415 int i; 2416 2417 if (!klip->li_crypto_enabled) 2418 return (0); 2419 2420 /* 2421 * All current algorithms have a max of 448 bits. 2422 */ 2423 if (klip->li_iv_len > CRYPTO_BITS2BYTES(512)) 2424 return (EINVAL); 2425 2426 if (CRYPTO_BITS2BYTES(klip->li_key_len) > sizeof (klip->li_key)) 2427 return (EINVAL); 2428 2429 lsp->ls_crypto_enabled = klip->li_crypto_enabled; 2430 2431 mutex_init(&lsp->ls_crypto_lock, NULL, MUTEX_DRIVER, NULL); 2432 2433 lsp->ls_mech.cm_type = crypto_mech2id(klip->li_cipher); 2434 if (lsp->ls_mech.cm_type == CRYPTO_MECH_INVALID) { 2435 cmn_err(CE_WARN, "invalid cipher %s requested for %s", 2436 klip->li_cipher, klip->li_filename); 2437 return (EINVAL); 2438 } 2439 2440 /* this is just initialization here */ 2441 lsp->ls_mech.cm_param = NULL; 2442 lsp->ls_mech.cm_param_len = 0; 2443 2444 lsp->ls_iv_type = klip->li_iv_type; 2445 lsp->ls_iv_mech.cm_type = crypto_mech2id(klip->li_iv_cipher); 2446 if (lsp->ls_iv_mech.cm_type == CRYPTO_MECH_INVALID) { 2447 cmn_err(CE_WARN, "invalid iv cipher %s requested" 2448 " for %s", klip->li_iv_cipher, klip->li_filename); 2449 return (EINVAL); 2450 } 2451 2452 /* iv mech must itself take a null iv */ 2453 lsp->ls_iv_mech.cm_param = NULL; 2454 lsp->ls_iv_mech.cm_param_len = 0; 2455 lsp->ls_iv_len = klip->li_iv_len; 2456 2457 /* 2458 * Create ctx using li_cipher & the raw li_key after checking 2459 * that it isn't a weak key. 2460 */ 2461 lsp->ls_key.ck_format = CRYPTO_KEY_RAW; 2462 lsp->ls_key.ck_length = klip->li_key_len; 2463 lsp->ls_key.ck_data = kmem_alloc( 2464 CRYPTO_BITS2BYTES(lsp->ls_key.ck_length), KM_SLEEP); 2465 bcopy(klip->li_key, lsp->ls_key.ck_data, 2466 CRYPTO_BITS2BYTES(lsp->ls_key.ck_length)); 2467 2468 ret = crypto_key_check(&lsp->ls_mech, &lsp->ls_key); 2469 if (ret != CRYPTO_SUCCESS) { 2470 cmn_err(CE_WARN, "weak key check failed for cipher " 2471 "%s on file %s (0x%x)", klip->li_cipher, 2472 klip->li_filename, ret); 2473 return (EINVAL); 2474 } 2475 2476 error = vn_rdwr(UIO_READ, lsp->ls_vp, buf, DEV_BSIZE, 2477 CRYOFF, UIO_SYSSPACE, 0, RLIM64_INFINITY, kcred, &resid); 2478 if (error != 0) 2479 return (error); 2480 2481 /* 2482 * This is the case where the header in the lofi image is already 2483 * initialized to indicate it is encrypted. 2484 */ 2485 if (strncmp(buf, lofi_crypto_magic, sizeof (lofi_crypto_magic)) == 0) { 2486 /* 2487 * The encryption header information is laid out this way: 2488 * 6 bytes: hex "CFLOFI" 2489 * 2 bytes: version = 0 ... for now 2490 * 96 bytes: reserved1 (not implemented yet) 2491 * 4 bytes: data_sector = 2 ... for now 2492 * more... not implemented yet 2493 */ 2494 2495 marker = buf; 2496 2497 /* copy the magic */ 2498 bcopy(marker, lsp->ls_crypto.magic, 2499 sizeof (lsp->ls_crypto.magic)); 2500 marker += sizeof (lsp->ls_crypto.magic); 2501 2502 /* read the encryption version number */ 2503 bcopy(marker, &(lsp->ls_crypto.version), 2504 sizeof (lsp->ls_crypto.version)); 2505 lsp->ls_crypto.version = ntohs(lsp->ls_crypto.version); 2506 marker += sizeof (lsp->ls_crypto.version); 2507 2508 /* read a chunk of reserved data */ 2509 bcopy(marker, lsp->ls_crypto.reserved1, 2510 sizeof (lsp->ls_crypto.reserved1)); 2511 marker += sizeof (lsp->ls_crypto.reserved1); 2512 2513 /* read block number where encrypted data begins */ 2514 bcopy(marker, &(lsp->ls_crypto.data_sector), 2515 sizeof (lsp->ls_crypto.data_sector)); 2516 lsp->ls_crypto.data_sector = ntohl(lsp->ls_crypto.data_sector); 2517 marker += sizeof (lsp->ls_crypto.data_sector); 2518 2519 /* and ignore the rest until it is implemented */ 2520 2521 lsp->ls_crypto_offset = lsp->ls_crypto.data_sector * DEV_BSIZE; 2522 return (0); 2523 } 2524 2525 /* 2526 * We've requested encryption, but no magic was found, so it must be 2527 * a new image. 2528 */ 2529 2530 for (i = 0; i < sizeof (struct crypto_meta); i++) { 2531 if (buf[i] != '\0') 2532 return (EINVAL); 2533 } 2534 2535 marker = buf; 2536 bcopy(lofi_crypto_magic, marker, sizeof (lofi_crypto_magic)); 2537 marker += sizeof (lofi_crypto_magic); 2538 chead.version = htons(LOFI_CRYPTO_VERSION); 2539 bcopy(&(chead.version), marker, sizeof (chead.version)); 2540 marker += sizeof (chead.version); 2541 marker += sizeof (chead.reserved1); 2542 chead.data_sector = htonl(LOFI_CRYPTO_DATA_SECTOR); 2543 bcopy(&(chead.data_sector), marker, sizeof (chead.data_sector)); 2544 2545 /* write the header */ 2546 error = vn_rdwr(UIO_WRITE, lsp->ls_vp, buf, DEV_BSIZE, 2547 CRYOFF, UIO_SYSSPACE, 0, RLIM64_INFINITY, kcred, &resid); 2548 if (error != 0) 2549 return (error); 2550 2551 /* fix things up so it looks like we read this info */ 2552 bcopy(lofi_crypto_magic, lsp->ls_crypto.magic, 2553 sizeof (lofi_crypto_magic)); 2554 lsp->ls_crypto.version = LOFI_CRYPTO_VERSION; 2555 lsp->ls_crypto.data_sector = LOFI_CRYPTO_DATA_SECTOR; 2556 lsp->ls_crypto_offset = lsp->ls_crypto.data_sector * DEV_BSIZE; 2557 return (0); 2558 } 2559 2560 /* 2561 * Check to see if the passed in signature is a valid one. If it is 2562 * valid, return the index into lofi_compress_table. 2563 * 2564 * Return -1 if it is invalid 2565 */ 2566 static int 2567 lofi_compress_select(const char *signature) 2568 { 2569 int i; 2570 2571 for (i = 0; i < LOFI_COMPRESS_FUNCTIONS; i++) { 2572 if (strcmp(lofi_compress_table[i].l_name, signature) == 0) 2573 return (i); 2574 } 2575 2576 return (-1); 2577 } 2578 2579 static int 2580 lofi_init_compress(struct lofi_state *lsp) 2581 { 2582 char buf[DEV_BSIZE]; 2583 int compress_index; 2584 ssize_t resid; 2585 int error; 2586 2587 error = vn_rdwr(UIO_READ, lsp->ls_vp, buf, DEV_BSIZE, 0, UIO_SYSSPACE, 2588 0, RLIM64_INFINITY, kcred, &resid); 2589 2590 if (error != 0) 2591 return (error); 2592 2593 if ((compress_index = lofi_compress_select(buf)) == -1) 2594 return (0); 2595 2596 /* compression and encryption are mutually exclusive */ 2597 if (lsp->ls_crypto_enabled) 2598 return (ENOTSUP); 2599 2600 /* initialize compression info for compressed lofi */ 2601 lsp->ls_comp_algorithm_index = compress_index; 2602 (void) strlcpy(lsp->ls_comp_algorithm, 2603 lofi_compress_table[compress_index].l_name, 2604 sizeof (lsp->ls_comp_algorithm)); 2605 2606 /* Finally setup per-thread pre-allocated buffers */ 2607 lsp->ls_comp_bufs = kmem_zalloc(lofi_taskq_nthreads * 2608 sizeof (struct compbuf), KM_SLEEP); 2609 2610 return (lofi_map_compressed_file(lsp, buf)); 2611 } 2612 2613 /* 2614 * Allocate new or proposed id from lofi_id. 2615 * 2616 * Special cases for proposed id: 2617 * 0: not allowed, 0 is id for control device. 2618 * -1: allocate first usable id from lofi_id. 2619 * any other value is proposed value from userland 2620 * 2621 * returns DDI_SUCCESS or errno. 2622 */ 2623 static int 2624 lofi_alloc_id(int *idp) 2625 { 2626 int id, error = DDI_SUCCESS; 2627 2628 if (*idp == -1) { 2629 id = id_allocff_nosleep(lofi_id); 2630 if (id == -1) { 2631 error = EAGAIN; 2632 goto err; 2633 } 2634 } else if (*idp == 0) { 2635 error = EINVAL; 2636 goto err; 2637 } else if (*idp > ((1 << (L_BITSMINOR - LOFI_CMLB_SHIFT)) - 1)) { 2638 error = ERANGE; 2639 goto err; 2640 } else { 2641 if (ddi_get_soft_state(lofi_statep, *idp) != NULL) { 2642 error = EEXIST; 2643 goto err; 2644 } 2645 2646 id = id_alloc_specific_nosleep(lofi_id, *idp); 2647 if (id == -1) { 2648 error = EAGAIN; 2649 goto err; 2650 } 2651 } 2652 *idp = id; 2653 err: 2654 return (error); 2655 } 2656 2657 static int 2658 lofi_create_dev(struct lofi_ioctl *klip) 2659 { 2660 dev_info_t *parent, *child; 2661 struct lofi_state *lsp = NULL; 2662 char namebuf[MAXNAMELEN]; 2663 int error, circ; 2664 2665 /* get control device */ 2666 lsp = ddi_get_soft_state(lofi_statep, 0); 2667 parent = ddi_get_parent(lsp->ls_dip); 2668 2669 if ((error = lofi_alloc_id((int *)&klip->li_id))) 2670 return (error); 2671 2672 (void) snprintf(namebuf, sizeof (namebuf), LOFI_DRIVER_NAME "@%d", 2673 klip->li_id); 2674 2675 ndi_devi_enter(parent, &circ); 2676 child = ndi_devi_findchild(parent, namebuf); 2677 ndi_devi_exit(parent, circ); 2678 2679 if (child == NULL) { 2680 child = ddi_add_child(parent, LOFI_DRIVER_NAME, 2681 (pnode_t)DEVI_SID_NODEID, klip->li_id); 2682 if ((error = ddi_prop_update_int(DDI_DEV_T_NONE, child, 2683 "instance", klip->li_id)) != DDI_PROP_SUCCESS) 2684 goto err; 2685 2686 if (klip->li_labeled == B_TRUE) { 2687 if ((error = ddi_prop_create(DDI_DEV_T_NONE, child, 2688 DDI_PROP_CANSLEEP, "labeled", 0, 0)) 2689 != DDI_PROP_SUCCESS) 2690 goto err; 2691 } 2692 2693 if ((error = ndi_devi_online(child, NDI_ONLINE_ATTACH)) 2694 != NDI_SUCCESS) 2695 goto err; 2696 } else { 2697 id_free(lofi_id, klip->li_id); 2698 error = EEXIST; 2699 return (error); 2700 } 2701 2702 goto done; 2703 2704 err: 2705 ddi_prop_remove_all(child); 2706 (void) ndi_devi_offline(child, NDI_DEVI_REMOVE); 2707 id_free(lofi_id, klip->li_id); 2708 done: 2709 2710 return (error); 2711 } 2712 2713 static void 2714 lofi_create_inquiry(struct lofi_state *lsp, struct scsi_inquiry *inq) 2715 { 2716 char *p = NULL; 2717 2718 (void) strlcpy(inq->inq_vid, LOFI_DRIVER_NAME, sizeof (inq->inq_vid)); 2719 2720 mutex_enter(&lsp->ls_vp_lock); 2721 if (lsp->ls_vp != NULL) 2722 p = strrchr(lsp->ls_vp->v_path, '/'); 2723 if (p != NULL) 2724 (void) strncpy(inq->inq_pid, p + 1, sizeof (inq->inq_pid)); 2725 mutex_exit(&lsp->ls_vp_lock); 2726 (void) strlcpy(inq->inq_revision, "1.0", sizeof (inq->inq_revision)); 2727 } 2728 2729 /* 2730 * copy devlink name from event cache 2731 */ 2732 static void 2733 lofi_copy_devpath(struct lofi_ioctl *klip) 2734 { 2735 int error; 2736 char namebuf[MAXNAMELEN], *str; 2737 clock_t ticks; 2738 nvlist_t *nvl = NULL; 2739 2740 if (klip->li_labeled == B_TRUE) 2741 klip->li_devpath[0] = '\0'; 2742 else { 2743 /* no need to wait for messages */ 2744 (void) snprintf(klip->li_devpath, sizeof (klip->li_devpath), 2745 "/dev/" LOFI_CHAR_NAME "/%d", klip->li_id); 2746 return; 2747 } 2748 2749 (void) snprintf(namebuf, sizeof (namebuf), "%d", klip->li_id); 2750 ticks = ddi_get_lbolt() + LOFI_TIMEOUT * drv_usectohz(1000000); 2751 2752 mutex_enter(&lofi_devlink_cache.ln_lock); 2753 error = nvlist_lookup_nvlist(lofi_devlink_cache.ln_data, namebuf, &nvl); 2754 while (error != 0) { 2755 error = cv_timedwait(&lofi_devlink_cache.ln_cv, 2756 &lofi_devlink_cache.ln_lock, ticks); 2757 if (error == -1) 2758 break; 2759 error = nvlist_lookup_nvlist(lofi_devlink_cache.ln_data, 2760 namebuf, &nvl); 2761 } 2762 2763 if (nvl != NULL) { 2764 if (nvlist_lookup_string(nvl, DEV_NAME, &str) == 0) { 2765 (void) strlcpy(klip->li_devpath, str, 2766 sizeof (klip->li_devpath)); 2767 } 2768 } 2769 mutex_exit(&lofi_devlink_cache.ln_lock); 2770 } 2771 2772 /* 2773 * map a file to a minor number. Return the minor number. 2774 */ 2775 static int 2776 lofi_map_file(dev_t dev, struct lofi_ioctl *ulip, int pickminor, 2777 int *rvalp, struct cred *credp, int ioctl_flag) 2778 { 2779 int id = -1; 2780 struct lofi_state *lsp = NULL; 2781 struct lofi_ioctl *klip; 2782 int error; 2783 struct vnode *vp = NULL; 2784 vattr_t vattr; 2785 int flag; 2786 char namebuf[MAXNAMELEN]; 2787 2788 error = copy_in_lofi_ioctl(ulip, &klip, ioctl_flag); 2789 if (error != 0) 2790 return (error); 2791 2792 mutex_enter(&lofi_lock); 2793 2794 if (file_to_lofi_nocheck(klip->li_filename, klip->li_readonly, 2795 NULL) == 0) { 2796 error = EBUSY; 2797 goto err; 2798 } 2799 2800 flag = FREAD | FWRITE | FOFFMAX | FEXCL; 2801 error = vn_open(klip->li_filename, UIO_SYSSPACE, flag, 0, &vp, 0, 0); 2802 if (error) { 2803 /* try read-only */ 2804 flag &= ~FWRITE; 2805 error = vn_open(klip->li_filename, UIO_SYSSPACE, flag, 0, 2806 &vp, 0, 0); 2807 if (error) 2808 goto err; 2809 } 2810 2811 if (!V_ISLOFIABLE(vp->v_type)) { 2812 error = EINVAL; 2813 goto err; 2814 } 2815 2816 vattr.va_mask = AT_SIZE; 2817 error = VOP_GETATTR(vp, &vattr, 0, credp, NULL); 2818 if (error) 2819 goto err; 2820 2821 /* the file needs to be a multiple of the block size */ 2822 if ((vattr.va_size % DEV_BSIZE) != 0) { 2823 error = EINVAL; 2824 goto err; 2825 } 2826 2827 if (pickminor) { 2828 klip->li_id = (uint32_t)-1; 2829 } 2830 if ((error = lofi_create_dev(klip)) != 0) 2831 goto err; 2832 2833 id = klip->li_id; 2834 lsp = ddi_get_soft_state(lofi_statep, id); 2835 if (lsp == NULL) 2836 goto err; 2837 2838 /* 2839 * from this point lofi_destroy() is used to clean up on error 2840 * make sure the basic data is set 2841 */ 2842 list_insert_tail(&lofi_list, lsp); 2843 lsp->ls_dev = makedevice(getmajor(dev), LOFI_ID2MINOR(id)); 2844 2845 list_create(&lsp->ls_comp_cache, sizeof (struct lofi_comp_cache), 2846 offsetof(struct lofi_comp_cache, lc_list)); 2847 2848 /* 2849 * save open mode so file can be closed properly and vnode counts 2850 * updated correctly. 2851 */ 2852 lsp->ls_openflag = flag; 2853 2854 lsp->ls_vp = vp; 2855 lsp->ls_stacked_vp = vp; 2856 2857 lsp->ls_vp_size = vattr.va_size; 2858 lsp->ls_vp_comp_size = lsp->ls_vp_size; 2859 2860 /* 2861 * Try to handle stacked lofs vnodes. 2862 */ 2863 if (vp->v_type == VREG) { 2864 vnode_t *realvp; 2865 2866 if (VOP_REALVP(vp, &realvp, NULL) == 0) { 2867 /* 2868 * We need to use the realvp for uniqueness 2869 * checking, but keep the stacked vp for 2870 * LOFI_GET_FILENAME display. 2871 */ 2872 VN_HOLD(realvp); 2873 lsp->ls_vp = realvp; 2874 } 2875 } 2876 2877 lsp->ls_lbshift = highbit(DEV_BSIZE) - 1; 2878 lsp->ls_pbshift = lsp->ls_lbshift; 2879 2880 lsp->ls_readonly = klip->li_readonly; 2881 lsp->ls_uncomp_seg_sz = 0; 2882 lsp->ls_comp_algorithm[0] = '\0'; 2883 lsp->ls_crypto_offset = 0; 2884 2885 (void) snprintf(namebuf, sizeof (namebuf), "%s_taskq_%d", 2886 LOFI_DRIVER_NAME, id); 2887 lsp->ls_taskq = taskq_create_proc(namebuf, lofi_taskq_nthreads, 2888 minclsyspri, 1, lofi_taskq_maxalloc, curzone->zone_zsched, 0); 2889 2890 if ((error = lofi_init_crypto(lsp, klip)) != 0) 2891 goto err; 2892 2893 if ((error = lofi_init_compress(lsp)) != 0) 2894 goto err; 2895 2896 fake_disk_geometry(lsp); 2897 2898 /* For unlabeled lofi add Nblocks and Size */ 2899 if (klip->li_labeled == B_FALSE) { 2900 error = ddi_prop_update_int64(lsp->ls_dev, lsp->ls_dip, 2901 SIZE_PROP_NAME, lsp->ls_vp_size - lsp->ls_crypto_offset); 2902 if (error != DDI_PROP_SUCCESS) { 2903 error = EINVAL; 2904 goto err; 2905 } 2906 error = ddi_prop_update_int64(lsp->ls_dev, lsp->ls_dip, 2907 NBLOCKS_PROP_NAME, 2908 (lsp->ls_vp_size - lsp->ls_crypto_offset) / DEV_BSIZE); 2909 if (error != DDI_PROP_SUCCESS) { 2910 error = EINVAL; 2911 goto err; 2912 } 2913 } 2914 2915 /* 2916 * Notify we are ready to rock. 2917 */ 2918 mutex_enter(&lsp->ls_vp_lock); 2919 lsp->ls_vp_ready = B_TRUE; 2920 cv_broadcast(&lsp->ls_vp_cv); 2921 mutex_exit(&lsp->ls_vp_lock); 2922 mutex_exit(&lofi_lock); 2923 2924 lofi_copy_devpath(klip); 2925 2926 if (rvalp) 2927 *rvalp = id; 2928 (void) copy_out_lofi_ioctl(klip, ulip, ioctl_flag); 2929 free_lofi_ioctl(klip); 2930 return (0); 2931 2932 err: 2933 if (lsp != NULL) { 2934 lofi_destroy(lsp, credp); 2935 } else { 2936 if (vp != NULL) { 2937 (void) VOP_PUTPAGE(vp, 0, 0, B_INVAL, credp, NULL); 2938 (void) VOP_CLOSE(vp, flag, 1, 0, credp, NULL); 2939 VN_RELE(vp); 2940 } 2941 } 2942 2943 mutex_exit(&lofi_lock); 2944 free_lofi_ioctl(klip); 2945 return (error); 2946 } 2947 2948 /* 2949 * unmap a file. 2950 */ 2951 static int 2952 lofi_unmap_file(struct lofi_ioctl *ulip, int byfilename, 2953 struct cred *credp, int ioctl_flag) 2954 { 2955 struct lofi_state *lsp; 2956 struct lofi_ioctl *klip; 2957 char namebuf[MAXNAMELEN]; 2958 int err; 2959 2960 err = copy_in_lofi_ioctl(ulip, &klip, ioctl_flag); 2961 if (err != 0) 2962 return (err); 2963 2964 mutex_enter(&lofi_lock); 2965 if (byfilename) { 2966 if ((err = file_to_lofi(klip->li_filename, klip->li_readonly, 2967 &lsp)) != 0) { 2968 goto done; 2969 } 2970 } else if (klip->li_id == 0) { 2971 err = ENXIO; 2972 goto done; 2973 } else { 2974 lsp = ddi_get_soft_state(lofi_statep, klip->li_id); 2975 } 2976 2977 if (lsp == NULL || lsp->ls_vp == NULL || lofi_access(lsp) != 0) { 2978 err = ENXIO; 2979 goto done; 2980 } 2981 2982 klip->li_id = LOFI_MINOR2ID(getminor(lsp->ls_dev)); 2983 (void) snprintf(namebuf, sizeof (namebuf), "%u", klip->li_id); 2984 2985 /* 2986 * If it's still held open, we'll do one of three things: 2987 * 2988 * If no flag is set, just return EBUSY. 2989 * 2990 * If the 'cleanup' flag is set, unmap and remove the device when 2991 * the last user finishes. 2992 * 2993 * If the 'force' flag is set, then we forcibly close the underlying 2994 * file. Subsequent operations will fail, and the DKIOCSTATE ioctl 2995 * will return DKIO_DEV_GONE. When the device is last closed, the 2996 * device will be cleaned up appropriately. 2997 * 2998 * This is complicated by the fact that we may have outstanding 2999 * dispatched I/Os. Rather than having a single mutex to serialize all 3000 * I/O, we keep a count of the number of outstanding I/O requests 3001 * (ls_vp_iocount), as well as a flag to indicate that no new I/Os 3002 * should be dispatched (ls_vp_closereq). 3003 * 3004 * We set the flag, wait for the number of outstanding I/Os to reach 0, 3005 * and then close the underlying vnode. 3006 */ 3007 if (is_opened(lsp)) { 3008 if (klip->li_force) { 3009 /* Mark the device for cleanup. */ 3010 lofi_set_cleanup(lsp); 3011 mutex_enter(&lsp->ls_vp_lock); 3012 lsp->ls_vp_closereq = B_TRUE; 3013 /* Wake up any threads waiting on dkiocstate. */ 3014 cv_broadcast(&lsp->ls_vp_cv); 3015 while (lsp->ls_vp_iocount > 0) 3016 cv_wait(&lsp->ls_vp_cv, &lsp->ls_vp_lock); 3017 mutex_exit(&lsp->ls_vp_lock); 3018 } else if (klip->li_cleanup) { 3019 lofi_set_cleanup(lsp); 3020 } else { 3021 err = EBUSY; 3022 } 3023 } else { 3024 lofi_free_dev(lsp); 3025 lofi_destroy(lsp, credp); 3026 } 3027 3028 /* Remove name from devlink cache */ 3029 mutex_enter(&lofi_devlink_cache.ln_lock); 3030 (void) nvlist_remove_all(lofi_devlink_cache.ln_data, namebuf); 3031 mutex_exit(&lofi_devlink_cache.ln_lock); 3032 done: 3033 mutex_exit(&lofi_lock); 3034 if (err == 0) 3035 (void) copy_out_lofi_ioctl(klip, ulip, ioctl_flag); 3036 free_lofi_ioctl(klip); 3037 return (err); 3038 } 3039 3040 /* 3041 * get the filename given the minor number, or the minor number given 3042 * the name. 3043 */ 3044 /*ARGSUSED*/ 3045 static int 3046 lofi_get_info(dev_t dev, struct lofi_ioctl *ulip, int which, 3047 struct cred *credp, int ioctl_flag) 3048 { 3049 struct lofi_ioctl *klip; 3050 struct lofi_state *lsp; 3051 int error; 3052 3053 error = copy_in_lofi_ioctl(ulip, &klip, ioctl_flag); 3054 if (error != 0) 3055 return (error); 3056 3057 switch (which) { 3058 case LOFI_GET_FILENAME: 3059 if (klip->li_id == 0) { 3060 free_lofi_ioctl(klip); 3061 return (EINVAL); 3062 } 3063 3064 mutex_enter(&lofi_lock); 3065 lsp = ddi_get_soft_state(lofi_statep, klip->li_id); 3066 if (lsp == NULL || lofi_access(lsp) != 0) { 3067 mutex_exit(&lofi_lock); 3068 free_lofi_ioctl(klip); 3069 return (ENXIO); 3070 } 3071 3072 /* 3073 * This may fail if, for example, we're trying to look 3074 * up a zoned NFS path from the global zone. 3075 */ 3076 if (vnodetopath(NULL, lsp->ls_stacked_vp, klip->li_filename, 3077 sizeof (klip->li_filename), CRED()) != 0) { 3078 (void) strlcpy(klip->li_filename, "?", 3079 sizeof (klip->li_filename)); 3080 } 3081 3082 klip->li_readonly = lsp->ls_readonly; 3083 klip->li_labeled = lsp->ls_cmlbhandle != NULL; 3084 3085 (void) strlcpy(klip->li_algorithm, lsp->ls_comp_algorithm, 3086 sizeof (klip->li_algorithm)); 3087 klip->li_crypto_enabled = lsp->ls_crypto_enabled; 3088 mutex_exit(&lofi_lock); 3089 3090 lofi_copy_devpath(klip); 3091 error = copy_out_lofi_ioctl(klip, ulip, ioctl_flag); 3092 free_lofi_ioctl(klip); 3093 return (error); 3094 case LOFI_GET_MINOR: 3095 mutex_enter(&lofi_lock); 3096 error = file_to_lofi(klip->li_filename, 3097 klip->li_readonly, &lsp); 3098 if (error != 0) { 3099 mutex_exit(&lofi_lock); 3100 free_lofi_ioctl(klip); 3101 return (error); 3102 } 3103 klip->li_id = LOFI_MINOR2ID(getminor(lsp->ls_dev)); 3104 3105 klip->li_readonly = lsp->ls_readonly; 3106 klip->li_labeled = lsp->ls_cmlbhandle != NULL; 3107 mutex_exit(&lofi_lock); 3108 3109 lofi_copy_devpath(klip); 3110 error = copy_out_lofi_ioctl(klip, ulip, ioctl_flag); 3111 3112 free_lofi_ioctl(klip); 3113 return (error); 3114 case LOFI_CHECK_COMPRESSED: 3115 mutex_enter(&lofi_lock); 3116 error = file_to_lofi(klip->li_filename, 3117 klip->li_readonly, &lsp); 3118 if (error != 0) { 3119 mutex_exit(&lofi_lock); 3120 free_lofi_ioctl(klip); 3121 return (error); 3122 } 3123 3124 klip->li_id = LOFI_MINOR2ID(getminor(lsp->ls_dev)); 3125 (void) strlcpy(klip->li_algorithm, lsp->ls_comp_algorithm, 3126 sizeof (klip->li_algorithm)); 3127 3128 mutex_exit(&lofi_lock); 3129 error = copy_out_lofi_ioctl(klip, ulip, ioctl_flag); 3130 free_lofi_ioctl(klip); 3131 return (error); 3132 default: 3133 free_lofi_ioctl(klip); 3134 return (EINVAL); 3135 } 3136 } 3137 3138 static int 3139 uscsi_is_inquiry(intptr_t arg, int flag, union scsi_cdb *cdb, 3140 struct uscsi_cmd *uscmd) 3141 { 3142 int rval; 3143 3144 #ifdef _MULTI_DATAMODEL 3145 switch (ddi_model_convert_from(flag & FMODELS)) { 3146 case DDI_MODEL_ILP32: { 3147 struct uscsi_cmd32 ucmd32; 3148 3149 if (ddi_copyin((void *)arg, &ucmd32, sizeof (ucmd32), flag)) { 3150 rval = EFAULT; 3151 goto err; 3152 } 3153 uscsi_cmd32touscsi_cmd((&ucmd32), uscmd); 3154 break; 3155 } 3156 case DDI_MODEL_NONE: 3157 if (ddi_copyin((void *)arg, uscmd, sizeof (*uscmd), flag)) { 3158 rval = EFAULT; 3159 goto err; 3160 } 3161 break; 3162 default: 3163 rval = EFAULT; 3164 goto err; 3165 } 3166 #else 3167 if (ddi_copyin((void *)arg, uscmd, sizeof (*uscmd), flag)) { 3168 rval = EFAULT; 3169 goto err; 3170 } 3171 #endif /* _MULTI_DATAMODEL */ 3172 if (ddi_copyin(uscmd->uscsi_cdb, cdb, uscmd->uscsi_cdblen, flag)) { 3173 rval = EFAULT; 3174 goto err; 3175 } 3176 if (cdb->scc_cmd == SCMD_INQUIRY) { 3177 return (0); 3178 } 3179 err: 3180 return (rval); 3181 } 3182 3183 static int 3184 lofi_ioctl(dev_t dev, int cmd, intptr_t arg, int flag, cred_t *credp, 3185 int *rvalp) 3186 { 3187 int error; 3188 enum dkio_state dkstate; 3189 struct lofi_state *lsp; 3190 int id; 3191 3192 id = LOFI_MINOR2ID(getminor(dev)); 3193 3194 /* lofi ioctls only apply to the master device */ 3195 if (id == 0) { 3196 struct lofi_ioctl *lip = (struct lofi_ioctl *)arg; 3197 3198 /* 3199 * the query command only need read-access - i.e., normal 3200 * users are allowed to do those on the ctl device as 3201 * long as they can open it read-only. 3202 */ 3203 switch (cmd) { 3204 case LOFI_MAP_FILE: 3205 if ((flag & FWRITE) == 0) 3206 return (EPERM); 3207 return (lofi_map_file(dev, lip, 1, rvalp, credp, flag)); 3208 case LOFI_MAP_FILE_MINOR: 3209 if ((flag & FWRITE) == 0) 3210 return (EPERM); 3211 return (lofi_map_file(dev, lip, 0, rvalp, credp, flag)); 3212 case LOFI_UNMAP_FILE: 3213 if ((flag & FWRITE) == 0) 3214 return (EPERM); 3215 return (lofi_unmap_file(lip, 1, credp, flag)); 3216 case LOFI_UNMAP_FILE_MINOR: 3217 if ((flag & FWRITE) == 0) 3218 return (EPERM); 3219 return (lofi_unmap_file(lip, 0, credp, flag)); 3220 case LOFI_GET_FILENAME: 3221 return (lofi_get_info(dev, lip, LOFI_GET_FILENAME, 3222 credp, flag)); 3223 case LOFI_GET_MINOR: 3224 return (lofi_get_info(dev, lip, LOFI_GET_MINOR, 3225 credp, flag)); 3226 3227 /* 3228 * This API made limited sense when this value was fixed 3229 * at LOFI_MAX_FILES. However, its use to iterate 3230 * across all possible devices in lofiadm means we don't 3231 * want to return L_MAXMIN, but the highest 3232 * *allocated* id. 3233 */ 3234 case LOFI_GET_MAXMINOR: 3235 id = 0; 3236 3237 mutex_enter(&lofi_lock); 3238 3239 for (lsp = list_head(&lofi_list); lsp != NULL; 3240 lsp = list_next(&lofi_list, lsp)) { 3241 int i; 3242 if (lofi_access(lsp) != 0) 3243 continue; 3244 3245 i = ddi_get_instance(lsp->ls_dip); 3246 if (i > id) 3247 id = i; 3248 } 3249 3250 mutex_exit(&lofi_lock); 3251 3252 error = ddi_copyout(&id, &lip->li_id, 3253 sizeof (id), flag); 3254 if (error) 3255 return (EFAULT); 3256 return (0); 3257 3258 case LOFI_CHECK_COMPRESSED: 3259 return (lofi_get_info(dev, lip, LOFI_CHECK_COMPRESSED, 3260 credp, flag)); 3261 default: 3262 return (EINVAL); 3263 } 3264 } 3265 3266 mutex_enter(&lofi_lock); 3267 lsp = ddi_get_soft_state(lofi_statep, id); 3268 if (lsp == NULL || lsp->ls_cleanup) { 3269 mutex_exit(&lofi_lock); 3270 return (ENXIO); 3271 } 3272 mutex_exit(&lofi_lock); 3273 3274 if (ddi_prop_exists(DDI_DEV_T_ANY, lsp->ls_dip, DDI_PROP_DONTPASS, 3275 "labeled") == 1) { 3276 error = cmlb_ioctl(lsp->ls_cmlbhandle, dev, cmd, arg, flag, 3277 credp, rvalp, 0); 3278 if (error != ENOTTY) 3279 return (error); 3280 } 3281 3282 /* 3283 * We explicitly allow DKIOCSTATE, but all other ioctls should fail with 3284 * EIO as if the device was no longer present. 3285 */ 3286 if (lsp->ls_vp == NULL && cmd != DKIOCSTATE) 3287 return (EIO); 3288 3289 /* these are for faking out utilities like newfs */ 3290 switch (cmd) { 3291 case DKIOCGMEDIAINFO: 3292 case DKIOCGMEDIAINFOEXT: { 3293 struct dk_minfo_ext media_info; 3294 int shift = lsp->ls_lbshift; 3295 int size; 3296 3297 if (cmd == DKIOCGMEDIAINFOEXT) { 3298 media_info.dki_pbsize = 1U << lsp->ls_pbshift; 3299 size = sizeof (struct dk_minfo_ext); 3300 } else { 3301 size = sizeof (struct dk_minfo); 3302 } 3303 3304 media_info.dki_media_type = DK_FIXED_DISK; 3305 media_info.dki_lbsize = 1U << shift; 3306 media_info.dki_capacity = 3307 (lsp->ls_vp_size - lsp->ls_crypto_offset) >> shift; 3308 3309 if (ddi_copyout(&media_info, (void *)arg, size, flag)) 3310 return (EFAULT); 3311 return (0); 3312 } 3313 case DKIOCREMOVABLE: { 3314 int i = 0; 3315 if (ddi_copyout(&i, (caddr_t)arg, sizeof (int), flag)) 3316 return (EFAULT); 3317 return (0); 3318 } 3319 3320 case DKIOCGVTOC: { 3321 struct vtoc vt; 3322 fake_disk_vtoc(lsp, &vt); 3323 3324 switch (ddi_model_convert_from(flag & FMODELS)) { 3325 case DDI_MODEL_ILP32: { 3326 struct vtoc32 vtoc32; 3327 3328 vtoctovtoc32(vt, vtoc32); 3329 if (ddi_copyout(&vtoc32, (void *)arg, 3330 sizeof (struct vtoc32), flag)) 3331 return (EFAULT); 3332 break; 3333 } 3334 3335 case DDI_MODEL_NONE: 3336 if (ddi_copyout(&vt, (void *)arg, 3337 sizeof (struct vtoc), flag)) 3338 return (EFAULT); 3339 break; 3340 } 3341 return (0); 3342 } 3343 case DKIOCINFO: { 3344 struct dk_cinfo ci; 3345 fake_disk_info(dev, &ci); 3346 if (ddi_copyout(&ci, (void *)arg, sizeof (ci), flag)) 3347 return (EFAULT); 3348 return (0); 3349 } 3350 case DKIOCG_VIRTGEOM: 3351 case DKIOCG_PHYGEOM: 3352 case DKIOCGGEOM: 3353 error = ddi_copyout(&lsp->ls_dkg, (void *)arg, 3354 sizeof (struct dk_geom), flag); 3355 if (error) 3356 return (EFAULT); 3357 return (0); 3358 case DKIOCSTATE: 3359 /* 3360 * Normally, lofi devices are always in the INSERTED state. If 3361 * a device is forcefully unmapped, then the device transitions 3362 * to the DKIO_DEV_GONE state. 3363 */ 3364 if (ddi_copyin((void *)arg, &dkstate, sizeof (dkstate), 3365 flag) != 0) 3366 return (EFAULT); 3367 3368 mutex_enter(&lsp->ls_vp_lock); 3369 while (((dkstate == DKIO_INSERTED && lsp->ls_vp != NULL) || 3370 (dkstate == DKIO_DEV_GONE && lsp->ls_vp == NULL)) && 3371 !lsp->ls_cleanup) { 3372 /* 3373 * By virtue of having the device open, we know that 3374 * 'lsp' will remain valid when we return. 3375 */ 3376 if (!cv_wait_sig(&lsp->ls_vp_cv, &lsp->ls_vp_lock)) { 3377 mutex_exit(&lsp->ls_vp_lock); 3378 return (EINTR); 3379 } 3380 } 3381 3382 dkstate = (!lsp->ls_cleanup && lsp->ls_vp != NULL ? 3383 DKIO_INSERTED : DKIO_DEV_GONE); 3384 mutex_exit(&lsp->ls_vp_lock); 3385 3386 if (ddi_copyout(&dkstate, (void *)arg, 3387 sizeof (dkstate), flag) != 0) 3388 return (EFAULT); 3389 return (0); 3390 case USCSICMD: { 3391 struct uscsi_cmd uscmd; 3392 union scsi_cdb cdb; 3393 3394 if (uscsi_is_inquiry(arg, flag, &cdb, &uscmd) == 0) { 3395 struct scsi_inquiry inq = {0}; 3396 3397 lofi_create_inquiry(lsp, &inq); 3398 if (ddi_copyout(&inq, uscmd.uscsi_bufaddr, 3399 uscmd.uscsi_buflen, flag) != 0) 3400 return (EFAULT); 3401 return (0); 3402 } else if (cdb.scc_cmd == SCMD_READ_CAPACITY) { 3403 struct scsi_capacity capacity; 3404 3405 capacity.capacity = 3406 BE_32((lsp->ls_vp_size - lsp->ls_crypto_offset) >> 3407 lsp->ls_lbshift); 3408 capacity.lbasize = BE_32(1 << lsp->ls_lbshift); 3409 if (ddi_copyout(&capacity, uscmd.uscsi_bufaddr, 3410 uscmd.uscsi_buflen, flag) != 0) 3411 return (EFAULT); 3412 return (0); 3413 } 3414 3415 uscmd.uscsi_rqstatus = 0xff; 3416 #ifdef _MULTI_DATAMODEL 3417 switch (ddi_model_convert_from(flag & FMODELS)) { 3418 case DDI_MODEL_ILP32: { 3419 struct uscsi_cmd32 ucmd32; 3420 uscsi_cmdtouscsi_cmd32((&uscmd), (&ucmd32)); 3421 if (ddi_copyout(&ucmd32, (void *)arg, sizeof (ucmd32), 3422 flag) != 0) 3423 return (EFAULT); 3424 break; 3425 } 3426 case DDI_MODEL_NONE: 3427 if (ddi_copyout(&uscmd, (void *)arg, sizeof (uscmd), 3428 flag) != 0) 3429 return (EFAULT); 3430 break; 3431 default: 3432 return (EFAULT); 3433 } 3434 #else 3435 if (ddi_copyout(&uscmd, (void *)arg, sizeof (uscmd), flag) != 0) 3436 return (EFAULT); 3437 #endif /* _MULTI_DATAMODEL */ 3438 return (0); 3439 } 3440 default: 3441 #ifdef DEBUG 3442 cmn_err(CE_WARN, "lofi_ioctl: %d is not implemented\n", cmd); 3443 #endif /* DEBUG */ 3444 return (ENOTTY); 3445 } 3446 } 3447 3448 static int 3449 lofi_prop_op(dev_t dev, dev_info_t *dip, ddi_prop_op_t prop_op, int mod_flags, 3450 char *name, caddr_t valuep, int *lengthp) 3451 { 3452 struct lofi_state *lsp; 3453 int rc; 3454 3455 lsp = ddi_get_soft_state(lofi_statep, ddi_get_instance(dip)); 3456 if (lsp == NULL) { 3457 return (ddi_prop_op(dev, dip, prop_op, mod_flags, 3458 name, valuep, lengthp)); 3459 } 3460 3461 rc = cmlb_prop_op(lsp->ls_cmlbhandle, dev, dip, prop_op, mod_flags, 3462 name, valuep, lengthp, LOFI_PART(getminor(dev)), NULL); 3463 if (rc == DDI_PROP_SUCCESS) 3464 return (rc); 3465 3466 return (ddi_prop_op(DDI_DEV_T_ANY, dip, prop_op, mod_flags, 3467 name, valuep, lengthp)); 3468 } 3469 3470 static struct cb_ops lofi_cb_ops = { 3471 lofi_open, /* open */ 3472 lofi_close, /* close */ 3473 lofi_strategy, /* strategy */ 3474 nodev, /* print */ 3475 nodev, /* dump */ 3476 lofi_read, /* read */ 3477 lofi_write, /* write */ 3478 lofi_ioctl, /* ioctl */ 3479 nodev, /* devmap */ 3480 nodev, /* mmap */ 3481 nodev, /* segmap */ 3482 nochpoll, /* poll */ 3483 lofi_prop_op, /* prop_op */ 3484 0, /* streamtab */ 3485 D_64BIT | D_NEW | D_MP, /* Driver compatibility flag */ 3486 CB_REV, 3487 lofi_aread, 3488 lofi_awrite 3489 }; 3490 3491 static struct dev_ops lofi_ops = { 3492 DEVO_REV, /* devo_rev, */ 3493 0, /* refcnt */ 3494 lofi_info, /* info */ 3495 nulldev, /* identify */ 3496 nulldev, /* probe */ 3497 lofi_attach, /* attach */ 3498 lofi_detach, /* detach */ 3499 nodev, /* reset */ 3500 &lofi_cb_ops, /* driver operations */ 3501 NULL, /* no bus operations */ 3502 NULL, /* power */ 3503 ddi_quiesce_not_needed, /* quiesce */ 3504 }; 3505 3506 static struct modldrv modldrv = { 3507 &mod_driverops, 3508 "loopback file driver", 3509 &lofi_ops, 3510 }; 3511 3512 static struct modlinkage modlinkage = { 3513 MODREV_1, 3514 &modldrv, 3515 NULL 3516 }; 3517 3518 int 3519 _init(void) 3520 { 3521 int error; 3522 3523 list_create(&lofi_list, sizeof (struct lofi_state), 3524 offsetof(struct lofi_state, ls_list)); 3525 3526 error = ddi_soft_state_init((void **)&lofi_statep, 3527 sizeof (struct lofi_state), 0); 3528 if (error) { 3529 list_destroy(&lofi_list); 3530 return (error); 3531 } 3532 3533 /* 3534 * The minor number is stored as id << LOFI_CMLB_SHIFT as 3535 * we need to reserve space for cmlb minor numbers. 3536 * This will leave out 4096 id values on 32bit kernel, which should 3537 * still suffice. 3538 */ 3539 lofi_id = id_space_create("lofi_id", 1, 3540 (1 << (L_BITSMINOR - LOFI_CMLB_SHIFT))); 3541 3542 if (lofi_id == NULL) { 3543 ddi_soft_state_fini((void **)&lofi_statep); 3544 list_destroy(&lofi_list); 3545 return (DDI_FAILURE); 3546 } 3547 3548 mutex_init(&lofi_lock, NULL, MUTEX_DRIVER, NULL); 3549 3550 error = mod_install(&modlinkage); 3551 3552 if (error) { 3553 id_space_destroy(lofi_id); 3554 mutex_destroy(&lofi_lock); 3555 ddi_soft_state_fini((void **)&lofi_statep); 3556 list_destroy(&lofi_list); 3557 } 3558 3559 return (error); 3560 } 3561 3562 int 3563 _fini(void) 3564 { 3565 int error; 3566 3567 mutex_enter(&lofi_lock); 3568 3569 if (!list_is_empty(&lofi_list)) { 3570 mutex_exit(&lofi_lock); 3571 return (EBUSY); 3572 } 3573 3574 mutex_exit(&lofi_lock); 3575 3576 error = mod_remove(&modlinkage); 3577 if (error) 3578 return (error); 3579 3580 mutex_destroy(&lofi_lock); 3581 id_space_destroy(lofi_id); 3582 ddi_soft_state_fini((void **)&lofi_statep); 3583 list_destroy(&lofi_list); 3584 3585 return (error); 3586 } 3587 3588 int 3589 _info(struct modinfo *modinfop) 3590 { 3591 return (mod_info(&modlinkage, modinfop)); 3592 } 3593