1 /* 2 * linux/drivers/block/loop.c 3 * 4 * Written by Theodore Ts'o, 3/29/93 5 * 6 * Copyright 1993 by Theodore Ts'o. Redistribution of this file is 7 * permitted under the GNU General Public License. 8 * 9 * DES encryption plus some minor changes by Werner Almesberger, 30-MAY-1993 10 * more DES encryption plus IDEA encryption by Nicholas J. Leon, June 20, 1996 11 * 12 * Modularized and updated for 1.1.16 kernel - Mitch Dsouza 28th May 1994 13 * Adapted for 1.3.59 kernel - Andries Brouwer, 1 Feb 1996 14 * 15 * Fixed do_loop_request() re-entrancy - Vincent.Renardias@waw.com Mar 20, 1997 16 * 17 * Added devfs support - Richard Gooch <rgooch@atnf.csiro.au> 16-Jan-1998 18 * 19 * Handle sparse backing files correctly - Kenn Humborg, Jun 28, 1998 20 * 21 * Loadable modules and other fixes by AK, 1998 22 * 23 * Make real block number available to downstream transfer functions, enables 24 * CBC (and relatives) mode encryption requiring unique IVs per data block. 25 * Reed H. Petty, rhp@draper.net 26 * 27 * Maximum number of loop devices now dynamic via max_loop module parameter. 28 * Russell Kroll <rkroll@exploits.org> 19990701 29 * 30 * Maximum number of loop devices when compiled-in now selectable by passing 31 * max_loop=<1-255> to the kernel on boot. 32 * Erik I. Bolsø, <eriki@himolde.no>, Oct 31, 1999 33 * 34 * Completely rewrite request handling to be make_request_fn style and 35 * non blocking, pushing work to a helper thread. Lots of fixes from 36 * Al Viro too. 37 * Jens Axboe <axboe@suse.de>, Nov 2000 38 * 39 * Support up to 256 loop devices 40 * Heinz Mauelshagen <mge@sistina.com>, Feb 2002 41 * 42 * Support for falling back on the write file operation when the address space 43 * operations write_begin is not available on the backing filesystem. 44 * Anton Altaparmakov, 16 Feb 2005 45 * 46 * Still To Fix: 47 * - Advisory locking is ignored here. 48 * - Should use an own CAP_* category instead of CAP_SYS_ADMIN 49 * 50 */ 51 52 #include <linux/module.h> 53 #include <linux/moduleparam.h> 54 #include <linux/sched.h> 55 #include <linux/fs.h> 56 #include <linux/file.h> 57 #include <linux/stat.h> 58 #include <linux/errno.h> 59 #include <linux/major.h> 60 #include <linux/wait.h> 61 #include <linux/blkdev.h> 62 #include <linux/blkpg.h> 63 #include <linux/init.h> 64 #include <linux/swap.h> 65 #include <linux/slab.h> 66 #include <linux/loop.h> 67 #include <linux/compat.h> 68 #include <linux/suspend.h> 69 #include <linux/freezer.h> 70 #include <linux/mutex.h> 71 #include <linux/writeback.h> 72 #include <linux/buffer_head.h> /* for invalidate_bdev() */ 73 #include <linux/completion.h> 74 #include <linux/highmem.h> 75 #include <linux/kthread.h> 76 #include <linux/splice.h> 77 78 #include <asm/uaccess.h> 79 80 static DEFINE_MUTEX(loop_mutex); 81 static LIST_HEAD(loop_devices); 82 static DEFINE_MUTEX(loop_devices_mutex); 83 84 static int max_part; 85 static int part_shift; 86 87 /* 88 * Transfer functions 89 */ 90 static int transfer_none(struct loop_device *lo, int cmd, 91 struct page *raw_page, unsigned raw_off, 92 struct page *loop_page, unsigned loop_off, 93 int size, sector_t real_block) 94 { 95 char *raw_buf = kmap_atomic(raw_page, KM_USER0) + raw_off; 96 char *loop_buf = kmap_atomic(loop_page, KM_USER1) + loop_off; 97 98 if (cmd == READ) 99 memcpy(loop_buf, raw_buf, size); 100 else 101 memcpy(raw_buf, loop_buf, size); 102 103 kunmap_atomic(raw_buf, KM_USER0); 104 kunmap_atomic(loop_buf, KM_USER1); 105 cond_resched(); 106 return 0; 107 } 108 109 static int transfer_xor(struct loop_device *lo, int cmd, 110 struct page *raw_page, unsigned raw_off, 111 struct page *loop_page, unsigned loop_off, 112 int size, sector_t real_block) 113 { 114 char *raw_buf = kmap_atomic(raw_page, KM_USER0) + raw_off; 115 char *loop_buf = kmap_atomic(loop_page, KM_USER1) + loop_off; 116 char *in, *out, *key; 117 int i, keysize; 118 119 if (cmd == READ) { 120 in = raw_buf; 121 out = loop_buf; 122 } else { 123 in = loop_buf; 124 out = raw_buf; 125 } 126 127 key = lo->lo_encrypt_key; 128 keysize = lo->lo_encrypt_key_size; 129 for (i = 0; i < size; i++) 130 *out++ = *in++ ^ key[(i & 511) % keysize]; 131 132 kunmap_atomic(raw_buf, KM_USER0); 133 kunmap_atomic(loop_buf, KM_USER1); 134 cond_resched(); 135 return 0; 136 } 137 138 static int xor_init(struct loop_device *lo, const struct loop_info64 *info) 139 { 140 if (unlikely(info->lo_encrypt_key_size <= 0)) 141 return -EINVAL; 142 return 0; 143 } 144 145 static struct loop_func_table none_funcs = { 146 .number = LO_CRYPT_NONE, 147 .transfer = transfer_none, 148 }; 149 150 static struct loop_func_table xor_funcs = { 151 .number = LO_CRYPT_XOR, 152 .transfer = transfer_xor, 153 .init = xor_init 154 }; 155 156 /* xfer_funcs[0] is special - its release function is never called */ 157 static struct loop_func_table *xfer_funcs[MAX_LO_CRYPT] = { 158 &none_funcs, 159 &xor_funcs 160 }; 161 162 static loff_t get_loop_size(struct loop_device *lo, struct file *file) 163 { 164 loff_t size, offset, loopsize; 165 166 /* Compute loopsize in bytes */ 167 size = i_size_read(file->f_mapping->host); 168 offset = lo->lo_offset; 169 loopsize = size - offset; 170 if (lo->lo_sizelimit > 0 && lo->lo_sizelimit < loopsize) 171 loopsize = lo->lo_sizelimit; 172 173 /* 174 * Unfortunately, if we want to do I/O on the device, 175 * the number of 512-byte sectors has to fit into a sector_t. 176 */ 177 return loopsize >> 9; 178 } 179 180 static int 181 figure_loop_size(struct loop_device *lo) 182 { 183 loff_t size = get_loop_size(lo, lo->lo_backing_file); 184 sector_t x = (sector_t)size; 185 186 if (unlikely((loff_t)x != size)) 187 return -EFBIG; 188 189 set_capacity(lo->lo_disk, x); 190 return 0; 191 } 192 193 static inline int 194 lo_do_transfer(struct loop_device *lo, int cmd, 195 struct page *rpage, unsigned roffs, 196 struct page *lpage, unsigned loffs, 197 int size, sector_t rblock) 198 { 199 if (unlikely(!lo->transfer)) 200 return 0; 201 202 return lo->transfer(lo, cmd, rpage, roffs, lpage, loffs, size, rblock); 203 } 204 205 /** 206 * do_lo_send_aops - helper for writing data to a loop device 207 * 208 * This is the fast version for backing filesystems which implement the address 209 * space operations write_begin and write_end. 210 */ 211 static int do_lo_send_aops(struct loop_device *lo, struct bio_vec *bvec, 212 loff_t pos, struct page *unused) 213 { 214 struct file *file = lo->lo_backing_file; /* kudos to NFsckingS */ 215 struct address_space *mapping = file->f_mapping; 216 pgoff_t index; 217 unsigned offset, bv_offs; 218 int len, ret; 219 220 mutex_lock(&mapping->host->i_mutex); 221 index = pos >> PAGE_CACHE_SHIFT; 222 offset = pos & ((pgoff_t)PAGE_CACHE_SIZE - 1); 223 bv_offs = bvec->bv_offset; 224 len = bvec->bv_len; 225 while (len > 0) { 226 sector_t IV; 227 unsigned size, copied; 228 int transfer_result; 229 struct page *page; 230 void *fsdata; 231 232 IV = ((sector_t)index << (PAGE_CACHE_SHIFT - 9))+(offset >> 9); 233 size = PAGE_CACHE_SIZE - offset; 234 if (size > len) 235 size = len; 236 237 ret = pagecache_write_begin(file, mapping, pos, size, 0, 238 &page, &fsdata); 239 if (ret) 240 goto fail; 241 242 file_update_time(file); 243 244 transfer_result = lo_do_transfer(lo, WRITE, page, offset, 245 bvec->bv_page, bv_offs, size, IV); 246 copied = size; 247 if (unlikely(transfer_result)) 248 copied = 0; 249 250 ret = pagecache_write_end(file, mapping, pos, size, copied, 251 page, fsdata); 252 if (ret < 0 || ret != copied) 253 goto fail; 254 255 if (unlikely(transfer_result)) 256 goto fail; 257 258 bv_offs += copied; 259 len -= copied; 260 offset = 0; 261 index++; 262 pos += copied; 263 } 264 ret = 0; 265 out: 266 mutex_unlock(&mapping->host->i_mutex); 267 return ret; 268 fail: 269 ret = -1; 270 goto out; 271 } 272 273 /** 274 * __do_lo_send_write - helper for writing data to a loop device 275 * 276 * This helper just factors out common code between do_lo_send_direct_write() 277 * and do_lo_send_write(). 278 */ 279 static int __do_lo_send_write(struct file *file, 280 u8 *buf, const int len, loff_t pos) 281 { 282 ssize_t bw; 283 mm_segment_t old_fs = get_fs(); 284 285 set_fs(get_ds()); 286 bw = file->f_op->write(file, buf, len, &pos); 287 set_fs(old_fs); 288 if (likely(bw == len)) 289 return 0; 290 printk(KERN_ERR "loop: Write error at byte offset %llu, length %i.\n", 291 (unsigned long long)pos, len); 292 if (bw >= 0) 293 bw = -EIO; 294 return bw; 295 } 296 297 /** 298 * do_lo_send_direct_write - helper for writing data to a loop device 299 * 300 * This is the fast, non-transforming version for backing filesystems which do 301 * not implement the address space operations write_begin and write_end. 302 * It uses the write file operation which should be present on all writeable 303 * filesystems. 304 */ 305 static int do_lo_send_direct_write(struct loop_device *lo, 306 struct bio_vec *bvec, loff_t pos, struct page *page) 307 { 308 ssize_t bw = __do_lo_send_write(lo->lo_backing_file, 309 kmap(bvec->bv_page) + bvec->bv_offset, 310 bvec->bv_len, pos); 311 kunmap(bvec->bv_page); 312 cond_resched(); 313 return bw; 314 } 315 316 /** 317 * do_lo_send_write - helper for writing data to a loop device 318 * 319 * This is the slow, transforming version for filesystems which do not 320 * implement the address space operations write_begin and write_end. It 321 * uses the write file operation which should be present on all writeable 322 * filesystems. 323 * 324 * Using fops->write is slower than using aops->{prepare,commit}_write in the 325 * transforming case because we need to double buffer the data as we cannot do 326 * the transformations in place as we do not have direct access to the 327 * destination pages of the backing file. 328 */ 329 static int do_lo_send_write(struct loop_device *lo, struct bio_vec *bvec, 330 loff_t pos, struct page *page) 331 { 332 int ret = lo_do_transfer(lo, WRITE, page, 0, bvec->bv_page, 333 bvec->bv_offset, bvec->bv_len, pos >> 9); 334 if (likely(!ret)) 335 return __do_lo_send_write(lo->lo_backing_file, 336 page_address(page), bvec->bv_len, 337 pos); 338 printk(KERN_ERR "loop: Transfer error at byte offset %llu, " 339 "length %i.\n", (unsigned long long)pos, bvec->bv_len); 340 if (ret > 0) 341 ret = -EIO; 342 return ret; 343 } 344 345 static int lo_send(struct loop_device *lo, struct bio *bio, loff_t pos) 346 { 347 int (*do_lo_send)(struct loop_device *, struct bio_vec *, loff_t, 348 struct page *page); 349 struct bio_vec *bvec; 350 struct page *page = NULL; 351 int i, ret = 0; 352 353 do_lo_send = do_lo_send_aops; 354 if (!(lo->lo_flags & LO_FLAGS_USE_AOPS)) { 355 do_lo_send = do_lo_send_direct_write; 356 if (lo->transfer != transfer_none) { 357 page = alloc_page(GFP_NOIO | __GFP_HIGHMEM); 358 if (unlikely(!page)) 359 goto fail; 360 kmap(page); 361 do_lo_send = do_lo_send_write; 362 } 363 } 364 bio_for_each_segment(bvec, bio, i) { 365 ret = do_lo_send(lo, bvec, pos, page); 366 if (ret < 0) 367 break; 368 pos += bvec->bv_len; 369 } 370 if (page) { 371 kunmap(page); 372 __free_page(page); 373 } 374 out: 375 return ret; 376 fail: 377 printk(KERN_ERR "loop: Failed to allocate temporary page for write.\n"); 378 ret = -ENOMEM; 379 goto out; 380 } 381 382 struct lo_read_data { 383 struct loop_device *lo; 384 struct page *page; 385 unsigned offset; 386 int bsize; 387 }; 388 389 static int 390 lo_splice_actor(struct pipe_inode_info *pipe, struct pipe_buffer *buf, 391 struct splice_desc *sd) 392 { 393 struct lo_read_data *p = sd->u.data; 394 struct loop_device *lo = p->lo; 395 struct page *page = buf->page; 396 sector_t IV; 397 int size, ret; 398 399 ret = buf->ops->confirm(pipe, buf); 400 if (unlikely(ret)) 401 return ret; 402 403 IV = ((sector_t) page->index << (PAGE_CACHE_SHIFT - 9)) + 404 (buf->offset >> 9); 405 size = sd->len; 406 if (size > p->bsize) 407 size = p->bsize; 408 409 if (lo_do_transfer(lo, READ, page, buf->offset, p->page, p->offset, size, IV)) { 410 printk(KERN_ERR "loop: transfer error block %ld\n", 411 page->index); 412 size = -EINVAL; 413 } 414 415 flush_dcache_page(p->page); 416 417 if (size > 0) 418 p->offset += size; 419 420 return size; 421 } 422 423 static int 424 lo_direct_splice_actor(struct pipe_inode_info *pipe, struct splice_desc *sd) 425 { 426 return __splice_from_pipe(pipe, sd, lo_splice_actor); 427 } 428 429 static int 430 do_lo_receive(struct loop_device *lo, 431 struct bio_vec *bvec, int bsize, loff_t pos) 432 { 433 struct lo_read_data cookie; 434 struct splice_desc sd; 435 struct file *file; 436 long retval; 437 438 cookie.lo = lo; 439 cookie.page = bvec->bv_page; 440 cookie.offset = bvec->bv_offset; 441 cookie.bsize = bsize; 442 443 sd.len = 0; 444 sd.total_len = bvec->bv_len; 445 sd.flags = 0; 446 sd.pos = pos; 447 sd.u.data = &cookie; 448 449 file = lo->lo_backing_file; 450 retval = splice_direct_to_actor(file, &sd, lo_direct_splice_actor); 451 452 if (retval < 0) 453 return retval; 454 455 return 0; 456 } 457 458 static int 459 lo_receive(struct loop_device *lo, struct bio *bio, int bsize, loff_t pos) 460 { 461 struct bio_vec *bvec; 462 int i, ret = 0; 463 464 bio_for_each_segment(bvec, bio, i) { 465 ret = do_lo_receive(lo, bvec, bsize, pos); 466 if (ret < 0) 467 break; 468 pos += bvec->bv_len; 469 } 470 return ret; 471 } 472 473 static int do_bio_filebacked(struct loop_device *lo, struct bio *bio) 474 { 475 loff_t pos; 476 int ret; 477 478 pos = ((loff_t) bio->bi_sector << 9) + lo->lo_offset; 479 480 if (bio_rw(bio) == WRITE) { 481 bool barrier = !!(bio->bi_rw & REQ_HARDBARRIER); 482 struct file *file = lo->lo_backing_file; 483 484 if (barrier) { 485 if (unlikely(!file->f_op->fsync)) { 486 ret = -EOPNOTSUPP; 487 goto out; 488 } 489 490 ret = vfs_fsync(file, 0); 491 if (unlikely(ret)) { 492 ret = -EIO; 493 goto out; 494 } 495 } 496 497 ret = lo_send(lo, bio, pos); 498 499 if (barrier && !ret) { 500 ret = vfs_fsync(file, 0); 501 if (unlikely(ret)) 502 ret = -EIO; 503 } 504 } else 505 ret = lo_receive(lo, bio, lo->lo_blocksize, pos); 506 507 out: 508 return ret; 509 } 510 511 /* 512 * Add bio to back of pending list 513 */ 514 static void loop_add_bio(struct loop_device *lo, struct bio *bio) 515 { 516 bio_list_add(&lo->lo_bio_list, bio); 517 } 518 519 /* 520 * Grab first pending buffer 521 */ 522 static struct bio *loop_get_bio(struct loop_device *lo) 523 { 524 return bio_list_pop(&lo->lo_bio_list); 525 } 526 527 static int loop_make_request(struct request_queue *q, struct bio *old_bio) 528 { 529 struct loop_device *lo = q->queuedata; 530 int rw = bio_rw(old_bio); 531 532 if (rw == READA) 533 rw = READ; 534 535 BUG_ON(!lo || (rw != READ && rw != WRITE)); 536 537 spin_lock_irq(&lo->lo_lock); 538 if (lo->lo_state != Lo_bound) 539 goto out; 540 if (unlikely(rw == WRITE && (lo->lo_flags & LO_FLAGS_READ_ONLY))) 541 goto out; 542 loop_add_bio(lo, old_bio); 543 wake_up(&lo->lo_event); 544 spin_unlock_irq(&lo->lo_lock); 545 return 0; 546 547 out: 548 spin_unlock_irq(&lo->lo_lock); 549 bio_io_error(old_bio); 550 return 0; 551 } 552 553 /* 554 * kick off io on the underlying address space 555 */ 556 static void loop_unplug(struct request_queue *q) 557 { 558 struct loop_device *lo = q->queuedata; 559 560 queue_flag_clear_unlocked(QUEUE_FLAG_PLUGGED, q); 561 blk_run_address_space(lo->lo_backing_file->f_mapping); 562 } 563 564 struct switch_request { 565 struct file *file; 566 struct completion wait; 567 }; 568 569 static void do_loop_switch(struct loop_device *, struct switch_request *); 570 571 static inline void loop_handle_bio(struct loop_device *lo, struct bio *bio) 572 { 573 if (unlikely(!bio->bi_bdev)) { 574 do_loop_switch(lo, bio->bi_private); 575 bio_put(bio); 576 } else { 577 int ret = do_bio_filebacked(lo, bio); 578 bio_endio(bio, ret); 579 } 580 } 581 582 /* 583 * worker thread that handles reads/writes to file backed loop devices, 584 * to avoid blocking in our make_request_fn. it also does loop decrypting 585 * on reads for block backed loop, as that is too heavy to do from 586 * b_end_io context where irqs may be disabled. 587 * 588 * Loop explanation: loop_clr_fd() sets lo_state to Lo_rundown before 589 * calling kthread_stop(). Therefore once kthread_should_stop() is 590 * true, make_request will not place any more requests. Therefore 591 * once kthread_should_stop() is true and lo_bio is NULL, we are 592 * done with the loop. 593 */ 594 static int loop_thread(void *data) 595 { 596 struct loop_device *lo = data; 597 struct bio *bio; 598 599 set_user_nice(current, -20); 600 601 while (!kthread_should_stop() || !bio_list_empty(&lo->lo_bio_list)) { 602 603 wait_event_interruptible(lo->lo_event, 604 !bio_list_empty(&lo->lo_bio_list) || 605 kthread_should_stop()); 606 607 if (bio_list_empty(&lo->lo_bio_list)) 608 continue; 609 spin_lock_irq(&lo->lo_lock); 610 bio = loop_get_bio(lo); 611 spin_unlock_irq(&lo->lo_lock); 612 613 BUG_ON(!bio); 614 loop_handle_bio(lo, bio); 615 } 616 617 return 0; 618 } 619 620 /* 621 * loop_switch performs the hard work of switching a backing store. 622 * First it needs to flush existing IO, it does this by sending a magic 623 * BIO down the pipe. The completion of this BIO does the actual switch. 624 */ 625 static int loop_switch(struct loop_device *lo, struct file *file) 626 { 627 struct switch_request w; 628 struct bio *bio = bio_alloc(GFP_KERNEL, 0); 629 if (!bio) 630 return -ENOMEM; 631 init_completion(&w.wait); 632 w.file = file; 633 bio->bi_private = &w; 634 bio->bi_bdev = NULL; 635 loop_make_request(lo->lo_queue, bio); 636 wait_for_completion(&w.wait); 637 return 0; 638 } 639 640 /* 641 * Helper to flush the IOs in loop, but keeping loop thread running 642 */ 643 static int loop_flush(struct loop_device *lo) 644 { 645 /* loop not yet configured, no running thread, nothing to flush */ 646 if (!lo->lo_thread) 647 return 0; 648 649 return loop_switch(lo, NULL); 650 } 651 652 /* 653 * Do the actual switch; called from the BIO completion routine 654 */ 655 static void do_loop_switch(struct loop_device *lo, struct switch_request *p) 656 { 657 struct file *file = p->file; 658 struct file *old_file = lo->lo_backing_file; 659 struct address_space *mapping; 660 661 /* if no new file, only flush of queued bios requested */ 662 if (!file) 663 goto out; 664 665 mapping = file->f_mapping; 666 mapping_set_gfp_mask(old_file->f_mapping, lo->old_gfp_mask); 667 lo->lo_backing_file = file; 668 lo->lo_blocksize = S_ISBLK(mapping->host->i_mode) ? 669 mapping->host->i_bdev->bd_block_size : PAGE_SIZE; 670 lo->old_gfp_mask = mapping_gfp_mask(mapping); 671 mapping_set_gfp_mask(mapping, lo->old_gfp_mask & ~(__GFP_IO|__GFP_FS)); 672 out: 673 complete(&p->wait); 674 } 675 676 677 /* 678 * loop_change_fd switched the backing store of a loopback device to 679 * a new file. This is useful for operating system installers to free up 680 * the original file and in High Availability environments to switch to 681 * an alternative location for the content in case of server meltdown. 682 * This can only work if the loop device is used read-only, and if the 683 * new backing store is the same size and type as the old backing store. 684 */ 685 static int loop_change_fd(struct loop_device *lo, struct block_device *bdev, 686 unsigned int arg) 687 { 688 struct file *file, *old_file; 689 struct inode *inode; 690 int error; 691 692 error = -ENXIO; 693 if (lo->lo_state != Lo_bound) 694 goto out; 695 696 /* the loop device has to be read-only */ 697 error = -EINVAL; 698 if (!(lo->lo_flags & LO_FLAGS_READ_ONLY)) 699 goto out; 700 701 error = -EBADF; 702 file = fget(arg); 703 if (!file) 704 goto out; 705 706 inode = file->f_mapping->host; 707 old_file = lo->lo_backing_file; 708 709 error = -EINVAL; 710 711 if (!S_ISREG(inode->i_mode) && !S_ISBLK(inode->i_mode)) 712 goto out_putf; 713 714 /* size of the new backing store needs to be the same */ 715 if (get_loop_size(lo, file) != get_loop_size(lo, old_file)) 716 goto out_putf; 717 718 /* and ... switch */ 719 error = loop_switch(lo, file); 720 if (error) 721 goto out_putf; 722 723 fput(old_file); 724 if (max_part > 0) 725 ioctl_by_bdev(bdev, BLKRRPART, 0); 726 return 0; 727 728 out_putf: 729 fput(file); 730 out: 731 return error; 732 } 733 734 static inline int is_loop_device(struct file *file) 735 { 736 struct inode *i = file->f_mapping->host; 737 738 return i && S_ISBLK(i->i_mode) && MAJOR(i->i_rdev) == LOOP_MAJOR; 739 } 740 741 static int loop_set_fd(struct loop_device *lo, fmode_t mode, 742 struct block_device *bdev, unsigned int arg) 743 { 744 struct file *file, *f; 745 struct inode *inode; 746 struct address_space *mapping; 747 unsigned lo_blocksize; 748 int lo_flags = 0; 749 int error; 750 loff_t size; 751 752 /* This is safe, since we have a reference from open(). */ 753 __module_get(THIS_MODULE); 754 755 error = -EBADF; 756 file = fget(arg); 757 if (!file) 758 goto out; 759 760 error = -EBUSY; 761 if (lo->lo_state != Lo_unbound) 762 goto out_putf; 763 764 /* Avoid recursion */ 765 f = file; 766 while (is_loop_device(f)) { 767 struct loop_device *l; 768 769 if (f->f_mapping->host->i_bdev == bdev) 770 goto out_putf; 771 772 l = f->f_mapping->host->i_bdev->bd_disk->private_data; 773 if (l->lo_state == Lo_unbound) { 774 error = -EINVAL; 775 goto out_putf; 776 } 777 f = l->lo_backing_file; 778 } 779 780 mapping = file->f_mapping; 781 inode = mapping->host; 782 783 if (!(file->f_mode & FMODE_WRITE)) 784 lo_flags |= LO_FLAGS_READ_ONLY; 785 786 error = -EINVAL; 787 if (S_ISREG(inode->i_mode) || S_ISBLK(inode->i_mode)) { 788 const struct address_space_operations *aops = mapping->a_ops; 789 790 if (aops->write_begin) 791 lo_flags |= LO_FLAGS_USE_AOPS; 792 if (!(lo_flags & LO_FLAGS_USE_AOPS) && !file->f_op->write) 793 lo_flags |= LO_FLAGS_READ_ONLY; 794 795 lo_blocksize = S_ISBLK(inode->i_mode) ? 796 inode->i_bdev->bd_block_size : PAGE_SIZE; 797 798 error = 0; 799 } else { 800 goto out_putf; 801 } 802 803 size = get_loop_size(lo, file); 804 805 if ((loff_t)(sector_t)size != size) { 806 error = -EFBIG; 807 goto out_putf; 808 } 809 810 if (!(mode & FMODE_WRITE)) 811 lo_flags |= LO_FLAGS_READ_ONLY; 812 813 set_device_ro(bdev, (lo_flags & LO_FLAGS_READ_ONLY) != 0); 814 815 lo->lo_blocksize = lo_blocksize; 816 lo->lo_device = bdev; 817 lo->lo_flags = lo_flags; 818 lo->lo_backing_file = file; 819 lo->transfer = transfer_none; 820 lo->ioctl = NULL; 821 lo->lo_sizelimit = 0; 822 lo->old_gfp_mask = mapping_gfp_mask(mapping); 823 mapping_set_gfp_mask(mapping, lo->old_gfp_mask & ~(__GFP_IO|__GFP_FS)); 824 825 bio_list_init(&lo->lo_bio_list); 826 827 /* 828 * set queue make_request_fn, and add limits based on lower level 829 * device 830 */ 831 blk_queue_make_request(lo->lo_queue, loop_make_request); 832 lo->lo_queue->queuedata = lo; 833 lo->lo_queue->unplug_fn = loop_unplug; 834 835 if (!(lo_flags & LO_FLAGS_READ_ONLY) && file->f_op->fsync) 836 blk_queue_ordered(lo->lo_queue, QUEUE_ORDERED_DRAIN); 837 838 set_capacity(lo->lo_disk, size); 839 bd_set_size(bdev, size << 9); 840 /* let user-space know about the new size */ 841 kobject_uevent(&disk_to_dev(bdev->bd_disk)->kobj, KOBJ_CHANGE); 842 843 set_blocksize(bdev, lo_blocksize); 844 845 lo->lo_thread = kthread_create(loop_thread, lo, "loop%d", 846 lo->lo_number); 847 if (IS_ERR(lo->lo_thread)) { 848 error = PTR_ERR(lo->lo_thread); 849 goto out_clr; 850 } 851 lo->lo_state = Lo_bound; 852 wake_up_process(lo->lo_thread); 853 if (max_part > 0) 854 ioctl_by_bdev(bdev, BLKRRPART, 0); 855 return 0; 856 857 out_clr: 858 lo->lo_thread = NULL; 859 lo->lo_device = NULL; 860 lo->lo_backing_file = NULL; 861 lo->lo_flags = 0; 862 set_capacity(lo->lo_disk, 0); 863 invalidate_bdev(bdev); 864 bd_set_size(bdev, 0); 865 kobject_uevent(&disk_to_dev(bdev->bd_disk)->kobj, KOBJ_CHANGE); 866 mapping_set_gfp_mask(mapping, lo->old_gfp_mask); 867 lo->lo_state = Lo_unbound; 868 out_putf: 869 fput(file); 870 out: 871 /* This is safe: open() is still holding a reference. */ 872 module_put(THIS_MODULE); 873 return error; 874 } 875 876 static int 877 loop_release_xfer(struct loop_device *lo) 878 { 879 int err = 0; 880 struct loop_func_table *xfer = lo->lo_encryption; 881 882 if (xfer) { 883 if (xfer->release) 884 err = xfer->release(lo); 885 lo->transfer = NULL; 886 lo->lo_encryption = NULL; 887 module_put(xfer->owner); 888 } 889 return err; 890 } 891 892 static int 893 loop_init_xfer(struct loop_device *lo, struct loop_func_table *xfer, 894 const struct loop_info64 *i) 895 { 896 int err = 0; 897 898 if (xfer) { 899 struct module *owner = xfer->owner; 900 901 if (!try_module_get(owner)) 902 return -EINVAL; 903 if (xfer->init) 904 err = xfer->init(lo, i); 905 if (err) 906 module_put(owner); 907 else 908 lo->lo_encryption = xfer; 909 } 910 return err; 911 } 912 913 static int loop_clr_fd(struct loop_device *lo, struct block_device *bdev) 914 { 915 struct file *filp = lo->lo_backing_file; 916 gfp_t gfp = lo->old_gfp_mask; 917 918 if (lo->lo_state != Lo_bound) 919 return -ENXIO; 920 921 if (lo->lo_refcnt > 1) /* we needed one fd for the ioctl */ 922 return -EBUSY; 923 924 if (filp == NULL) 925 return -EINVAL; 926 927 spin_lock_irq(&lo->lo_lock); 928 lo->lo_state = Lo_rundown; 929 spin_unlock_irq(&lo->lo_lock); 930 931 kthread_stop(lo->lo_thread); 932 933 lo->lo_queue->unplug_fn = NULL; 934 lo->lo_backing_file = NULL; 935 936 loop_release_xfer(lo); 937 lo->transfer = NULL; 938 lo->ioctl = NULL; 939 lo->lo_device = NULL; 940 lo->lo_encryption = NULL; 941 lo->lo_offset = 0; 942 lo->lo_sizelimit = 0; 943 lo->lo_encrypt_key_size = 0; 944 lo->lo_flags = 0; 945 lo->lo_thread = NULL; 946 memset(lo->lo_encrypt_key, 0, LO_KEY_SIZE); 947 memset(lo->lo_crypt_name, 0, LO_NAME_SIZE); 948 memset(lo->lo_file_name, 0, LO_NAME_SIZE); 949 if (bdev) 950 invalidate_bdev(bdev); 951 set_capacity(lo->lo_disk, 0); 952 if (bdev) { 953 bd_set_size(bdev, 0); 954 /* let user-space know about this change */ 955 kobject_uevent(&disk_to_dev(bdev->bd_disk)->kobj, KOBJ_CHANGE); 956 } 957 mapping_set_gfp_mask(filp->f_mapping, gfp); 958 lo->lo_state = Lo_unbound; 959 /* This is safe: open() is still holding a reference. */ 960 module_put(THIS_MODULE); 961 if (max_part > 0 && bdev) 962 ioctl_by_bdev(bdev, BLKRRPART, 0); 963 mutex_unlock(&lo->lo_ctl_mutex); 964 /* 965 * Need not hold lo_ctl_mutex to fput backing file. 966 * Calling fput holding lo_ctl_mutex triggers a circular 967 * lock dependency possibility warning as fput can take 968 * bd_mutex which is usually taken before lo_ctl_mutex. 969 */ 970 fput(filp); 971 return 0; 972 } 973 974 static int 975 loop_set_status(struct loop_device *lo, const struct loop_info64 *info) 976 { 977 int err; 978 struct loop_func_table *xfer; 979 uid_t uid = current_uid(); 980 981 if (lo->lo_encrypt_key_size && 982 lo->lo_key_owner != uid && 983 !capable(CAP_SYS_ADMIN)) 984 return -EPERM; 985 if (lo->lo_state != Lo_bound) 986 return -ENXIO; 987 if ((unsigned int) info->lo_encrypt_key_size > LO_KEY_SIZE) 988 return -EINVAL; 989 990 err = loop_release_xfer(lo); 991 if (err) 992 return err; 993 994 if (info->lo_encrypt_type) { 995 unsigned int type = info->lo_encrypt_type; 996 997 if (type >= MAX_LO_CRYPT) 998 return -EINVAL; 999 xfer = xfer_funcs[type]; 1000 if (xfer == NULL) 1001 return -EINVAL; 1002 } else 1003 xfer = NULL; 1004 1005 err = loop_init_xfer(lo, xfer, info); 1006 if (err) 1007 return err; 1008 1009 if (lo->lo_offset != info->lo_offset || 1010 lo->lo_sizelimit != info->lo_sizelimit) { 1011 lo->lo_offset = info->lo_offset; 1012 lo->lo_sizelimit = info->lo_sizelimit; 1013 if (figure_loop_size(lo)) 1014 return -EFBIG; 1015 } 1016 1017 memcpy(lo->lo_file_name, info->lo_file_name, LO_NAME_SIZE); 1018 memcpy(lo->lo_crypt_name, info->lo_crypt_name, LO_NAME_SIZE); 1019 lo->lo_file_name[LO_NAME_SIZE-1] = 0; 1020 lo->lo_crypt_name[LO_NAME_SIZE-1] = 0; 1021 1022 if (!xfer) 1023 xfer = &none_funcs; 1024 lo->transfer = xfer->transfer; 1025 lo->ioctl = xfer->ioctl; 1026 1027 if ((lo->lo_flags & LO_FLAGS_AUTOCLEAR) != 1028 (info->lo_flags & LO_FLAGS_AUTOCLEAR)) 1029 lo->lo_flags ^= LO_FLAGS_AUTOCLEAR; 1030 1031 lo->lo_encrypt_key_size = info->lo_encrypt_key_size; 1032 lo->lo_init[0] = info->lo_init[0]; 1033 lo->lo_init[1] = info->lo_init[1]; 1034 if (info->lo_encrypt_key_size) { 1035 memcpy(lo->lo_encrypt_key, info->lo_encrypt_key, 1036 info->lo_encrypt_key_size); 1037 lo->lo_key_owner = uid; 1038 } 1039 1040 return 0; 1041 } 1042 1043 static int 1044 loop_get_status(struct loop_device *lo, struct loop_info64 *info) 1045 { 1046 struct file *file = lo->lo_backing_file; 1047 struct kstat stat; 1048 int error; 1049 1050 if (lo->lo_state != Lo_bound) 1051 return -ENXIO; 1052 error = vfs_getattr(file->f_path.mnt, file->f_path.dentry, &stat); 1053 if (error) 1054 return error; 1055 memset(info, 0, sizeof(*info)); 1056 info->lo_number = lo->lo_number; 1057 info->lo_device = huge_encode_dev(stat.dev); 1058 info->lo_inode = stat.ino; 1059 info->lo_rdevice = huge_encode_dev(lo->lo_device ? stat.rdev : stat.dev); 1060 info->lo_offset = lo->lo_offset; 1061 info->lo_sizelimit = lo->lo_sizelimit; 1062 info->lo_flags = lo->lo_flags; 1063 memcpy(info->lo_file_name, lo->lo_file_name, LO_NAME_SIZE); 1064 memcpy(info->lo_crypt_name, lo->lo_crypt_name, LO_NAME_SIZE); 1065 info->lo_encrypt_type = 1066 lo->lo_encryption ? lo->lo_encryption->number : 0; 1067 if (lo->lo_encrypt_key_size && capable(CAP_SYS_ADMIN)) { 1068 info->lo_encrypt_key_size = lo->lo_encrypt_key_size; 1069 memcpy(info->lo_encrypt_key, lo->lo_encrypt_key, 1070 lo->lo_encrypt_key_size); 1071 } 1072 return 0; 1073 } 1074 1075 static void 1076 loop_info64_from_old(const struct loop_info *info, struct loop_info64 *info64) 1077 { 1078 memset(info64, 0, sizeof(*info64)); 1079 info64->lo_number = info->lo_number; 1080 info64->lo_device = info->lo_device; 1081 info64->lo_inode = info->lo_inode; 1082 info64->lo_rdevice = info->lo_rdevice; 1083 info64->lo_offset = info->lo_offset; 1084 info64->lo_sizelimit = 0; 1085 info64->lo_encrypt_type = info->lo_encrypt_type; 1086 info64->lo_encrypt_key_size = info->lo_encrypt_key_size; 1087 info64->lo_flags = info->lo_flags; 1088 info64->lo_init[0] = info->lo_init[0]; 1089 info64->lo_init[1] = info->lo_init[1]; 1090 if (info->lo_encrypt_type == LO_CRYPT_CRYPTOAPI) 1091 memcpy(info64->lo_crypt_name, info->lo_name, LO_NAME_SIZE); 1092 else 1093 memcpy(info64->lo_file_name, info->lo_name, LO_NAME_SIZE); 1094 memcpy(info64->lo_encrypt_key, info->lo_encrypt_key, LO_KEY_SIZE); 1095 } 1096 1097 static int 1098 loop_info64_to_old(const struct loop_info64 *info64, struct loop_info *info) 1099 { 1100 memset(info, 0, sizeof(*info)); 1101 info->lo_number = info64->lo_number; 1102 info->lo_device = info64->lo_device; 1103 info->lo_inode = info64->lo_inode; 1104 info->lo_rdevice = info64->lo_rdevice; 1105 info->lo_offset = info64->lo_offset; 1106 info->lo_encrypt_type = info64->lo_encrypt_type; 1107 info->lo_encrypt_key_size = info64->lo_encrypt_key_size; 1108 info->lo_flags = info64->lo_flags; 1109 info->lo_init[0] = info64->lo_init[0]; 1110 info->lo_init[1] = info64->lo_init[1]; 1111 if (info->lo_encrypt_type == LO_CRYPT_CRYPTOAPI) 1112 memcpy(info->lo_name, info64->lo_crypt_name, LO_NAME_SIZE); 1113 else 1114 memcpy(info->lo_name, info64->lo_file_name, LO_NAME_SIZE); 1115 memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, LO_KEY_SIZE); 1116 1117 /* error in case values were truncated */ 1118 if (info->lo_device != info64->lo_device || 1119 info->lo_rdevice != info64->lo_rdevice || 1120 info->lo_inode != info64->lo_inode || 1121 info->lo_offset != info64->lo_offset) 1122 return -EOVERFLOW; 1123 1124 return 0; 1125 } 1126 1127 static int 1128 loop_set_status_old(struct loop_device *lo, const struct loop_info __user *arg) 1129 { 1130 struct loop_info info; 1131 struct loop_info64 info64; 1132 1133 if (copy_from_user(&info, arg, sizeof (struct loop_info))) 1134 return -EFAULT; 1135 loop_info64_from_old(&info, &info64); 1136 return loop_set_status(lo, &info64); 1137 } 1138 1139 static int 1140 loop_set_status64(struct loop_device *lo, const struct loop_info64 __user *arg) 1141 { 1142 struct loop_info64 info64; 1143 1144 if (copy_from_user(&info64, arg, sizeof (struct loop_info64))) 1145 return -EFAULT; 1146 return loop_set_status(lo, &info64); 1147 } 1148 1149 static int 1150 loop_get_status_old(struct loop_device *lo, struct loop_info __user *arg) { 1151 struct loop_info info; 1152 struct loop_info64 info64; 1153 int err = 0; 1154 1155 if (!arg) 1156 err = -EINVAL; 1157 if (!err) 1158 err = loop_get_status(lo, &info64); 1159 if (!err) 1160 err = loop_info64_to_old(&info64, &info); 1161 if (!err && copy_to_user(arg, &info, sizeof(info))) 1162 err = -EFAULT; 1163 1164 return err; 1165 } 1166 1167 static int 1168 loop_get_status64(struct loop_device *lo, struct loop_info64 __user *arg) { 1169 struct loop_info64 info64; 1170 int err = 0; 1171 1172 if (!arg) 1173 err = -EINVAL; 1174 if (!err) 1175 err = loop_get_status(lo, &info64); 1176 if (!err && copy_to_user(arg, &info64, sizeof(info64))) 1177 err = -EFAULT; 1178 1179 return err; 1180 } 1181 1182 static int loop_set_capacity(struct loop_device *lo, struct block_device *bdev) 1183 { 1184 int err; 1185 sector_t sec; 1186 loff_t sz; 1187 1188 err = -ENXIO; 1189 if (unlikely(lo->lo_state != Lo_bound)) 1190 goto out; 1191 err = figure_loop_size(lo); 1192 if (unlikely(err)) 1193 goto out; 1194 sec = get_capacity(lo->lo_disk); 1195 /* the width of sector_t may be narrow for bit-shift */ 1196 sz = sec; 1197 sz <<= 9; 1198 mutex_lock(&bdev->bd_mutex); 1199 bd_set_size(bdev, sz); 1200 /* let user-space know about the new size */ 1201 kobject_uevent(&disk_to_dev(bdev->bd_disk)->kobj, KOBJ_CHANGE); 1202 mutex_unlock(&bdev->bd_mutex); 1203 1204 out: 1205 return err; 1206 } 1207 1208 static int lo_ioctl(struct block_device *bdev, fmode_t mode, 1209 unsigned int cmd, unsigned long arg) 1210 { 1211 struct loop_device *lo = bdev->bd_disk->private_data; 1212 int err; 1213 1214 mutex_lock_nested(&lo->lo_ctl_mutex, 1); 1215 switch (cmd) { 1216 case LOOP_SET_FD: 1217 err = loop_set_fd(lo, mode, bdev, arg); 1218 break; 1219 case LOOP_CHANGE_FD: 1220 err = loop_change_fd(lo, bdev, arg); 1221 break; 1222 case LOOP_CLR_FD: 1223 /* loop_clr_fd would have unlocked lo_ctl_mutex on success */ 1224 err = loop_clr_fd(lo, bdev); 1225 if (!err) 1226 goto out_unlocked; 1227 break; 1228 case LOOP_SET_STATUS: 1229 err = loop_set_status_old(lo, (struct loop_info __user *) arg); 1230 break; 1231 case LOOP_GET_STATUS: 1232 err = loop_get_status_old(lo, (struct loop_info __user *) arg); 1233 break; 1234 case LOOP_SET_STATUS64: 1235 err = loop_set_status64(lo, (struct loop_info64 __user *) arg); 1236 break; 1237 case LOOP_GET_STATUS64: 1238 err = loop_get_status64(lo, (struct loop_info64 __user *) arg); 1239 break; 1240 case LOOP_SET_CAPACITY: 1241 err = -EPERM; 1242 if ((mode & FMODE_WRITE) || capable(CAP_SYS_ADMIN)) 1243 err = loop_set_capacity(lo, bdev); 1244 break; 1245 default: 1246 err = lo->ioctl ? lo->ioctl(lo, cmd, arg) : -EINVAL; 1247 } 1248 mutex_unlock(&lo->lo_ctl_mutex); 1249 1250 out_unlocked: 1251 return err; 1252 } 1253 1254 #ifdef CONFIG_COMPAT 1255 struct compat_loop_info { 1256 compat_int_t lo_number; /* ioctl r/o */ 1257 compat_dev_t lo_device; /* ioctl r/o */ 1258 compat_ulong_t lo_inode; /* ioctl r/o */ 1259 compat_dev_t lo_rdevice; /* ioctl r/o */ 1260 compat_int_t lo_offset; 1261 compat_int_t lo_encrypt_type; 1262 compat_int_t lo_encrypt_key_size; /* ioctl w/o */ 1263 compat_int_t lo_flags; /* ioctl r/o */ 1264 char lo_name[LO_NAME_SIZE]; 1265 unsigned char lo_encrypt_key[LO_KEY_SIZE]; /* ioctl w/o */ 1266 compat_ulong_t lo_init[2]; 1267 char reserved[4]; 1268 }; 1269 1270 /* 1271 * Transfer 32-bit compatibility structure in userspace to 64-bit loop info 1272 * - noinlined to reduce stack space usage in main part of driver 1273 */ 1274 static noinline int 1275 loop_info64_from_compat(const struct compat_loop_info __user *arg, 1276 struct loop_info64 *info64) 1277 { 1278 struct compat_loop_info info; 1279 1280 if (copy_from_user(&info, arg, sizeof(info))) 1281 return -EFAULT; 1282 1283 memset(info64, 0, sizeof(*info64)); 1284 info64->lo_number = info.lo_number; 1285 info64->lo_device = info.lo_device; 1286 info64->lo_inode = info.lo_inode; 1287 info64->lo_rdevice = info.lo_rdevice; 1288 info64->lo_offset = info.lo_offset; 1289 info64->lo_sizelimit = 0; 1290 info64->lo_encrypt_type = info.lo_encrypt_type; 1291 info64->lo_encrypt_key_size = info.lo_encrypt_key_size; 1292 info64->lo_flags = info.lo_flags; 1293 info64->lo_init[0] = info.lo_init[0]; 1294 info64->lo_init[1] = info.lo_init[1]; 1295 if (info.lo_encrypt_type == LO_CRYPT_CRYPTOAPI) 1296 memcpy(info64->lo_crypt_name, info.lo_name, LO_NAME_SIZE); 1297 else 1298 memcpy(info64->lo_file_name, info.lo_name, LO_NAME_SIZE); 1299 memcpy(info64->lo_encrypt_key, info.lo_encrypt_key, LO_KEY_SIZE); 1300 return 0; 1301 } 1302 1303 /* 1304 * Transfer 64-bit loop info to 32-bit compatibility structure in userspace 1305 * - noinlined to reduce stack space usage in main part of driver 1306 */ 1307 static noinline int 1308 loop_info64_to_compat(const struct loop_info64 *info64, 1309 struct compat_loop_info __user *arg) 1310 { 1311 struct compat_loop_info info; 1312 1313 memset(&info, 0, sizeof(info)); 1314 info.lo_number = info64->lo_number; 1315 info.lo_device = info64->lo_device; 1316 info.lo_inode = info64->lo_inode; 1317 info.lo_rdevice = info64->lo_rdevice; 1318 info.lo_offset = info64->lo_offset; 1319 info.lo_encrypt_type = info64->lo_encrypt_type; 1320 info.lo_encrypt_key_size = info64->lo_encrypt_key_size; 1321 info.lo_flags = info64->lo_flags; 1322 info.lo_init[0] = info64->lo_init[0]; 1323 info.lo_init[1] = info64->lo_init[1]; 1324 if (info.lo_encrypt_type == LO_CRYPT_CRYPTOAPI) 1325 memcpy(info.lo_name, info64->lo_crypt_name, LO_NAME_SIZE); 1326 else 1327 memcpy(info.lo_name, info64->lo_file_name, LO_NAME_SIZE); 1328 memcpy(info.lo_encrypt_key, info64->lo_encrypt_key, LO_KEY_SIZE); 1329 1330 /* error in case values were truncated */ 1331 if (info.lo_device != info64->lo_device || 1332 info.lo_rdevice != info64->lo_rdevice || 1333 info.lo_inode != info64->lo_inode || 1334 info.lo_offset != info64->lo_offset || 1335 info.lo_init[0] != info64->lo_init[0] || 1336 info.lo_init[1] != info64->lo_init[1]) 1337 return -EOVERFLOW; 1338 1339 if (copy_to_user(arg, &info, sizeof(info))) 1340 return -EFAULT; 1341 return 0; 1342 } 1343 1344 static int 1345 loop_set_status_compat(struct loop_device *lo, 1346 const struct compat_loop_info __user *arg) 1347 { 1348 struct loop_info64 info64; 1349 int ret; 1350 1351 ret = loop_info64_from_compat(arg, &info64); 1352 if (ret < 0) 1353 return ret; 1354 return loop_set_status(lo, &info64); 1355 } 1356 1357 static int 1358 loop_get_status_compat(struct loop_device *lo, 1359 struct compat_loop_info __user *arg) 1360 { 1361 struct loop_info64 info64; 1362 int err = 0; 1363 1364 if (!arg) 1365 err = -EINVAL; 1366 if (!err) 1367 err = loop_get_status(lo, &info64); 1368 if (!err) 1369 err = loop_info64_to_compat(&info64, arg); 1370 return err; 1371 } 1372 1373 static int lo_compat_ioctl(struct block_device *bdev, fmode_t mode, 1374 unsigned int cmd, unsigned long arg) 1375 { 1376 struct loop_device *lo = bdev->bd_disk->private_data; 1377 int err; 1378 1379 switch(cmd) { 1380 case LOOP_SET_STATUS: 1381 mutex_lock(&lo->lo_ctl_mutex); 1382 err = loop_set_status_compat( 1383 lo, (const struct compat_loop_info __user *) arg); 1384 mutex_unlock(&lo->lo_ctl_mutex); 1385 break; 1386 case LOOP_GET_STATUS: 1387 mutex_lock(&lo->lo_ctl_mutex); 1388 err = loop_get_status_compat( 1389 lo, (struct compat_loop_info __user *) arg); 1390 mutex_unlock(&lo->lo_ctl_mutex); 1391 break; 1392 case LOOP_SET_CAPACITY: 1393 case LOOP_CLR_FD: 1394 case LOOP_GET_STATUS64: 1395 case LOOP_SET_STATUS64: 1396 arg = (unsigned long) compat_ptr(arg); 1397 case LOOP_SET_FD: 1398 case LOOP_CHANGE_FD: 1399 err = lo_ioctl(bdev, mode, cmd, arg); 1400 break; 1401 default: 1402 err = -ENOIOCTLCMD; 1403 break; 1404 } 1405 return err; 1406 } 1407 #endif 1408 1409 static int lo_open(struct block_device *bdev, fmode_t mode) 1410 { 1411 struct loop_device *lo = bdev->bd_disk->private_data; 1412 1413 mutex_lock(&loop_mutex); 1414 mutex_lock(&lo->lo_ctl_mutex); 1415 lo->lo_refcnt++; 1416 mutex_unlock(&lo->lo_ctl_mutex); 1417 mutex_unlock(&loop_mutex); 1418 1419 return 0; 1420 } 1421 1422 static int lo_release(struct gendisk *disk, fmode_t mode) 1423 { 1424 struct loop_device *lo = disk->private_data; 1425 int err; 1426 1427 mutex_lock(&loop_mutex); 1428 mutex_lock(&lo->lo_ctl_mutex); 1429 1430 if (--lo->lo_refcnt) 1431 goto out; 1432 1433 if (lo->lo_flags & LO_FLAGS_AUTOCLEAR) { 1434 /* 1435 * In autoclear mode, stop the loop thread 1436 * and remove configuration after last close. 1437 */ 1438 err = loop_clr_fd(lo, NULL); 1439 if (!err) 1440 goto out_unlocked; 1441 } else { 1442 /* 1443 * Otherwise keep thread (if running) and config, 1444 * but flush possible ongoing bios in thread. 1445 */ 1446 loop_flush(lo); 1447 } 1448 1449 out: 1450 mutex_unlock(&lo->lo_ctl_mutex); 1451 out_unlocked: 1452 mutex_unlock(&loop_mutex); 1453 return 0; 1454 } 1455 1456 static const struct block_device_operations lo_fops = { 1457 .owner = THIS_MODULE, 1458 .open = lo_open, 1459 .release = lo_release, 1460 .ioctl = lo_ioctl, 1461 #ifdef CONFIG_COMPAT 1462 .compat_ioctl = lo_compat_ioctl, 1463 #endif 1464 }; 1465 1466 /* 1467 * And now the modules code and kernel interface. 1468 */ 1469 static int max_loop; 1470 module_param(max_loop, int, 0); 1471 MODULE_PARM_DESC(max_loop, "Maximum number of loop devices"); 1472 module_param(max_part, int, 0); 1473 MODULE_PARM_DESC(max_part, "Maximum number of partitions per loop device"); 1474 MODULE_LICENSE("GPL"); 1475 MODULE_ALIAS_BLOCKDEV_MAJOR(LOOP_MAJOR); 1476 1477 int loop_register_transfer(struct loop_func_table *funcs) 1478 { 1479 unsigned int n = funcs->number; 1480 1481 if (n >= MAX_LO_CRYPT || xfer_funcs[n]) 1482 return -EINVAL; 1483 xfer_funcs[n] = funcs; 1484 return 0; 1485 } 1486 1487 int loop_unregister_transfer(int number) 1488 { 1489 unsigned int n = number; 1490 struct loop_device *lo; 1491 struct loop_func_table *xfer; 1492 1493 if (n == 0 || n >= MAX_LO_CRYPT || (xfer = xfer_funcs[n]) == NULL) 1494 return -EINVAL; 1495 1496 xfer_funcs[n] = NULL; 1497 1498 list_for_each_entry(lo, &loop_devices, lo_list) { 1499 mutex_lock(&lo->lo_ctl_mutex); 1500 1501 if (lo->lo_encryption == xfer) 1502 loop_release_xfer(lo); 1503 1504 mutex_unlock(&lo->lo_ctl_mutex); 1505 } 1506 1507 return 0; 1508 } 1509 1510 EXPORT_SYMBOL(loop_register_transfer); 1511 EXPORT_SYMBOL(loop_unregister_transfer); 1512 1513 static struct loop_device *loop_alloc(int i) 1514 { 1515 struct loop_device *lo; 1516 struct gendisk *disk; 1517 1518 lo = kzalloc(sizeof(*lo), GFP_KERNEL); 1519 if (!lo) 1520 goto out; 1521 1522 lo->lo_queue = blk_alloc_queue(GFP_KERNEL); 1523 if (!lo->lo_queue) 1524 goto out_free_dev; 1525 1526 disk = lo->lo_disk = alloc_disk(1 << part_shift); 1527 if (!disk) 1528 goto out_free_queue; 1529 1530 mutex_init(&lo->lo_ctl_mutex); 1531 lo->lo_number = i; 1532 lo->lo_thread = NULL; 1533 init_waitqueue_head(&lo->lo_event); 1534 spin_lock_init(&lo->lo_lock); 1535 disk->major = LOOP_MAJOR; 1536 disk->first_minor = i << part_shift; 1537 disk->fops = &lo_fops; 1538 disk->private_data = lo; 1539 disk->queue = lo->lo_queue; 1540 sprintf(disk->disk_name, "loop%d", i); 1541 return lo; 1542 1543 out_free_queue: 1544 blk_cleanup_queue(lo->lo_queue); 1545 out_free_dev: 1546 kfree(lo); 1547 out: 1548 return NULL; 1549 } 1550 1551 static void loop_free(struct loop_device *lo) 1552 { 1553 blk_cleanup_queue(lo->lo_queue); 1554 put_disk(lo->lo_disk); 1555 list_del(&lo->lo_list); 1556 kfree(lo); 1557 } 1558 1559 static struct loop_device *loop_init_one(int i) 1560 { 1561 struct loop_device *lo; 1562 1563 list_for_each_entry(lo, &loop_devices, lo_list) { 1564 if (lo->lo_number == i) 1565 return lo; 1566 } 1567 1568 lo = loop_alloc(i); 1569 if (lo) { 1570 add_disk(lo->lo_disk); 1571 list_add_tail(&lo->lo_list, &loop_devices); 1572 } 1573 return lo; 1574 } 1575 1576 static void loop_del_one(struct loop_device *lo) 1577 { 1578 del_gendisk(lo->lo_disk); 1579 loop_free(lo); 1580 } 1581 1582 static struct kobject *loop_probe(dev_t dev, int *part, void *data) 1583 { 1584 struct loop_device *lo; 1585 struct kobject *kobj; 1586 1587 mutex_lock(&loop_devices_mutex); 1588 lo = loop_init_one(dev & MINORMASK); 1589 kobj = lo ? get_disk(lo->lo_disk) : ERR_PTR(-ENOMEM); 1590 mutex_unlock(&loop_devices_mutex); 1591 1592 *part = 0; 1593 return kobj; 1594 } 1595 1596 static int __init loop_init(void) 1597 { 1598 int i, nr; 1599 unsigned long range; 1600 struct loop_device *lo, *next; 1601 1602 /* 1603 * loop module now has a feature to instantiate underlying device 1604 * structure on-demand, provided that there is an access dev node. 1605 * However, this will not work well with user space tool that doesn't 1606 * know about such "feature". In order to not break any existing 1607 * tool, we do the following: 1608 * 1609 * (1) if max_loop is specified, create that many upfront, and this 1610 * also becomes a hard limit. 1611 * (2) if max_loop is not specified, create 8 loop device on module 1612 * load, user can further extend loop device by create dev node 1613 * themselves and have kernel automatically instantiate actual 1614 * device on-demand. 1615 */ 1616 1617 part_shift = 0; 1618 if (max_part > 0) 1619 part_shift = fls(max_part); 1620 1621 if (max_loop > 1UL << (MINORBITS - part_shift)) 1622 return -EINVAL; 1623 1624 if (max_loop) { 1625 nr = max_loop; 1626 range = max_loop; 1627 } else { 1628 nr = 8; 1629 range = 1UL << (MINORBITS - part_shift); 1630 } 1631 1632 if (register_blkdev(LOOP_MAJOR, "loop")) 1633 return -EIO; 1634 1635 for (i = 0; i < nr; i++) { 1636 lo = loop_alloc(i); 1637 if (!lo) 1638 goto Enomem; 1639 list_add_tail(&lo->lo_list, &loop_devices); 1640 } 1641 1642 /* point of no return */ 1643 1644 list_for_each_entry(lo, &loop_devices, lo_list) 1645 add_disk(lo->lo_disk); 1646 1647 blk_register_region(MKDEV(LOOP_MAJOR, 0), range, 1648 THIS_MODULE, loop_probe, NULL, NULL); 1649 1650 printk(KERN_INFO "loop: module loaded\n"); 1651 return 0; 1652 1653 Enomem: 1654 printk(KERN_INFO "loop: out of memory\n"); 1655 1656 list_for_each_entry_safe(lo, next, &loop_devices, lo_list) 1657 loop_free(lo); 1658 1659 unregister_blkdev(LOOP_MAJOR, "loop"); 1660 return -ENOMEM; 1661 } 1662 1663 static void __exit loop_exit(void) 1664 { 1665 unsigned long range; 1666 struct loop_device *lo, *next; 1667 1668 range = max_loop ? max_loop : 1UL << (MINORBITS - part_shift); 1669 1670 list_for_each_entry_safe(lo, next, &loop_devices, lo_list) 1671 loop_del_one(lo); 1672 1673 blk_unregister_region(MKDEV(LOOP_MAJOR, 0), range); 1674 unregister_blkdev(LOOP_MAJOR, "loop"); 1675 } 1676 1677 module_init(loop_init); 1678 module_exit(loop_exit); 1679 1680 #ifndef MODULE 1681 static int __init max_loop_setup(char *str) 1682 { 1683 max_loop = simple_strtol(str, NULL, 0); 1684 return 1; 1685 } 1686 1687 __setup("max_loop=", max_loop_setup); 1688 #endif 1689