1 // SPDX-License-Identifier: GPL-2.0 2 #include <linux/async.h> 3 #include <linux/delay.h> 4 #include <linux/dirent.h> 5 #include <linux/export.h> 6 #include <linux/fcntl.h> 7 #include <linux/file.h> 8 #include <linux/fs.h> 9 #include <linux/hex.h> 10 #include <linux/init.h> 11 #include <linux/init_syscalls.h> 12 #include <linux/kstrtox.h> 13 #include <linux/memblock.h> 14 #include <linux/mm.h> 15 #include <linux/namei.h> 16 #include <linux/overflow.h> 17 #include <linux/security.h> 18 #include <linux/slab.h> 19 #include <linux/string.h> 20 #include <linux/syscalls.h> 21 #include <linux/types.h> 22 #include <linux/umh.h> 23 #include <linux/utime.h> 24 25 #include <asm/byteorder.h> 26 27 #include "do_mounts.h" 28 #include "initramfs_internal.h" 29 30 static __initdata bool csum_present; 31 static __initdata u32 io_csum; 32 33 static ssize_t __init xwrite(struct file *file, const unsigned char *p, 34 size_t count, loff_t *pos) 35 { 36 ssize_t out = 0; 37 38 /* sys_write only can write MAX_RW_COUNT aka 2G-4K bytes at most */ 39 while (count) { 40 ssize_t rv = kernel_write(file, p, count, pos); 41 42 if (rv < 0) { 43 if (rv == -EINTR || rv == -EAGAIN) 44 continue; 45 return out ? out : rv; 46 } else if (rv == 0) 47 break; 48 49 if (csum_present) { 50 ssize_t i; 51 52 for (i = 0; i < rv; i++) 53 io_csum += p[i]; 54 } 55 56 p += rv; 57 out += rv; 58 count -= rv; 59 } 60 61 return out; 62 } 63 64 static __initdata char *message; 65 static void __init error(char *x) 66 { 67 if (!message) 68 message = x; 69 } 70 71 #define panic_show_mem(fmt, ...) \ 72 ({ show_mem(); panic(fmt, ##__VA_ARGS__); }) 73 74 /* link hash */ 75 76 #define N_ALIGN(len) ((((len) + 1) & ~3) + 2) 77 78 static __initdata struct hash { 79 int ino, minor, major; 80 umode_t mode; 81 struct hash *next; 82 char name[N_ALIGN(PATH_MAX)]; 83 } *head[32]; 84 static __initdata bool hardlink_seen; 85 86 static inline int hash(int major, int minor, int ino) 87 { 88 unsigned long tmp = ino + minor + (major << 3); 89 tmp += tmp >> 5; 90 return tmp & 31; 91 } 92 93 static char __init *find_link(int major, int minor, int ino, 94 umode_t mode, char *name) 95 { 96 struct hash **p, *q; 97 for (p = head + hash(major, minor, ino); *p; p = &(*p)->next) { 98 if ((*p)->ino != ino) 99 continue; 100 if ((*p)->minor != minor) 101 continue; 102 if ((*p)->major != major) 103 continue; 104 if (((*p)->mode ^ mode) & S_IFMT) 105 continue; 106 return (*p)->name; 107 } 108 q = kmalloc_obj(struct hash); 109 if (!q) 110 panic_show_mem("can't allocate link hash entry"); 111 q->major = major; 112 q->minor = minor; 113 q->ino = ino; 114 q->mode = mode; 115 strscpy(q->name, name); 116 q->next = NULL; 117 *p = q; 118 hardlink_seen = true; 119 return NULL; 120 } 121 122 static void __init free_hash(void) 123 { 124 struct hash **p, *q; 125 for (p = head; hardlink_seen && p < head + 32; p++) { 126 while (*p) { 127 q = *p; 128 *p = q->next; 129 kfree(q); 130 } 131 } 132 hardlink_seen = false; 133 } 134 135 #ifdef CONFIG_INITRAMFS_PRESERVE_MTIME 136 static void __init do_utime(char *filename, time64_t mtime) 137 { 138 struct timespec64 t[2] = { { .tv_sec = mtime }, { .tv_sec = mtime } }; 139 init_utimes(filename, t); 140 } 141 142 static void __init do_utime_path(const struct path *path, time64_t mtime) 143 { 144 struct timespec64 t[2] = { { .tv_sec = mtime }, { .tv_sec = mtime } }; 145 vfs_utimes(path, t); 146 } 147 148 static __initdata LIST_HEAD(dir_list); 149 struct dir_entry { 150 struct list_head list; 151 time64_t mtime; 152 char name[]; 153 }; 154 155 static void __init dir_add(const char *name, size_t nlen, time64_t mtime) 156 { 157 struct dir_entry *de; 158 159 de = kmalloc_flex(*de, name, nlen); 160 if (!de) 161 panic_show_mem("can't allocate dir_entry buffer"); 162 INIT_LIST_HEAD(&de->list); 163 strscpy(de->name, name, nlen); 164 de->mtime = mtime; 165 list_add(&de->list, &dir_list); 166 } 167 168 static void __init dir_utime(void) 169 { 170 struct dir_entry *de, *tmp; 171 list_for_each_entry_safe(de, tmp, &dir_list, list) { 172 list_del(&de->list); 173 do_utime(de->name, de->mtime); 174 kfree(de); 175 } 176 } 177 #else 178 static void __init do_utime(char *filename, time64_t mtime) {} 179 static void __init do_utime_path(const struct path *path, time64_t mtime) {} 180 static void __init dir_add(const char *name, size_t nlen, time64_t mtime) {} 181 static void __init dir_utime(void) {} 182 #endif 183 184 static __initdata time64_t mtime; 185 186 /* cpio header parsing */ 187 188 static __initdata unsigned long ino, major, minor, nlink; 189 static __initdata umode_t mode; 190 static __initdata unsigned long body_len, name_len; 191 static __initdata uid_t uid; 192 static __initdata gid_t gid; 193 static __initdata unsigned rdev; 194 static __initdata u32 hdr_csum; 195 196 static int __init parse_header(char *s) 197 { 198 __be32 header[13]; 199 int ret; 200 201 ret = hex2bin((u8 *)header, s + 6, sizeof(header)); 202 if (ret) { 203 error("damaged header"); 204 return ret; 205 } 206 207 ino = be32_to_cpu(header[0]); 208 mode = be32_to_cpu(header[1]); 209 uid = be32_to_cpu(header[2]); 210 gid = be32_to_cpu(header[3]); 211 nlink = be32_to_cpu(header[4]); 212 mtime = be32_to_cpu(header[5]); /* breaks in y2106 */ 213 body_len = be32_to_cpu(header[6]); 214 major = be32_to_cpu(header[7]); 215 minor = be32_to_cpu(header[8]); 216 rdev = new_encode_dev(MKDEV(be32_to_cpu(header[9]), be32_to_cpu(header[10]))); 217 name_len = be32_to_cpu(header[11]); 218 hdr_csum = be32_to_cpu(header[12]); 219 return 0; 220 } 221 222 /* Finite-state machine */ 223 224 static __initdata enum state { 225 Start, 226 Collect, 227 GotHeader, 228 SkipIt, 229 GotName, 230 CopyFile, 231 GotSymlink, 232 Reset 233 } state, next_state; 234 235 static __initdata char *victim; 236 static unsigned long byte_count __initdata; 237 static __initdata loff_t this_header, next_header; 238 239 static inline void __init eat(unsigned n) 240 { 241 victim += n; 242 this_header += n; 243 byte_count -= n; 244 } 245 246 static __initdata char *collected; 247 static long remains __initdata; 248 static __initdata char *collect; 249 250 static void __init read_into(char *buf, unsigned size, enum state next) 251 { 252 if (byte_count >= size) { 253 collected = victim; 254 eat(size); 255 state = next; 256 } else { 257 collect = collected = buf; 258 remains = size; 259 next_state = next; 260 state = Collect; 261 } 262 } 263 264 static __initdata char *header_buf, *symlink_buf, *name_buf; 265 266 static int __init do_start(void) 267 { 268 read_into(header_buf, CPIO_HDRLEN, GotHeader); 269 return 0; 270 } 271 272 static int __init do_collect(void) 273 { 274 unsigned long n = remains; 275 if (byte_count < n) 276 n = byte_count; 277 memcpy(collect, victim, n); 278 eat(n); 279 collect += n; 280 if ((remains -= n) != 0) 281 return 1; 282 state = next_state; 283 return 0; 284 } 285 286 static int __init do_header(void) 287 { 288 if (!memcmp(collected, "070701", 6)) { 289 csum_present = false; 290 } else if (!memcmp(collected, "070702", 6)) { 291 csum_present = true; 292 } else { 293 if (memcmp(collected, "070707", 6) == 0) 294 error("incorrect cpio method used: use -H newc option"); 295 else 296 error("no cpio magic"); 297 return 1; 298 } 299 if (parse_header(collected)) 300 return 1; 301 next_header = this_header + N_ALIGN(name_len) + body_len; 302 next_header = (next_header + 3) & ~3; 303 state = SkipIt; 304 if (name_len <= 0 || name_len > PATH_MAX) 305 return 0; 306 if (S_ISLNK(mode)) { 307 if (body_len > PATH_MAX) 308 return 0; 309 collect = collected = symlink_buf; 310 remains = N_ALIGN(name_len) + body_len; 311 next_state = GotSymlink; 312 state = Collect; 313 return 0; 314 } 315 if (S_ISREG(mode) || !body_len) 316 read_into(name_buf, N_ALIGN(name_len), GotName); 317 return 0; 318 } 319 320 static int __init do_skip(void) 321 { 322 if (this_header + byte_count < next_header) { 323 eat(byte_count); 324 return 1; 325 } else { 326 eat(next_header - this_header); 327 state = next_state; 328 return 0; 329 } 330 } 331 332 static int __init do_reset(void) 333 { 334 while (byte_count && *victim == '\0') 335 eat(1); 336 if (byte_count && (this_header & 3)) 337 error("broken padding"); 338 return 1; 339 } 340 341 static void __init clean_path(char *path, umode_t fmode) 342 { 343 struct kstat st; 344 345 if (!init_stat(path, &st, AT_SYMLINK_NOFOLLOW) && 346 (st.mode ^ fmode) & S_IFMT) { 347 if (S_ISDIR(st.mode)) 348 init_rmdir(path); 349 else 350 init_unlink(path); 351 } 352 } 353 354 static int __init maybe_link(void) 355 { 356 if (nlink >= 2) { 357 char *old = find_link(major, minor, ino, mode, collected); 358 if (old) { 359 clean_path(collected, 0); 360 return (init_link(old, collected) < 0) ? -1 : 1; 361 } 362 } 363 return 0; 364 } 365 366 static __initdata struct file *wfile; 367 static __initdata loff_t wfile_pos; 368 369 static int __init do_name(void) 370 { 371 state = SkipIt; 372 next_state = Reset; 373 374 /* name_len > 0 && name_len <= PATH_MAX checked in do_header */ 375 if (collected[name_len - 1] != '\0') { 376 pr_err("initramfs name without nulterm: %.*s\n", 377 (int)name_len, collected); 378 error("malformed archive"); 379 return 1; 380 } 381 382 if (strcmp(collected, "TRAILER!!!") == 0) { 383 free_hash(); 384 return 0; 385 } 386 clean_path(collected, mode); 387 if (S_ISREG(mode)) { 388 int ml = maybe_link(); 389 if (ml >= 0) { 390 int openflags = O_WRONLY|O_CREAT|O_LARGEFILE; 391 if (ml != 1) 392 openflags |= O_TRUNC; 393 wfile = filp_open(collected, openflags, mode); 394 if (IS_ERR(wfile)) 395 return 0; 396 wfile_pos = 0; 397 io_csum = 0; 398 399 vfs_fchown(wfile, uid, gid); 400 vfs_fchmod(wfile, mode); 401 if (body_len) 402 vfs_truncate(&wfile->f_path, body_len); 403 state = CopyFile; 404 } 405 } else if (S_ISDIR(mode)) { 406 init_mkdir(collected, mode); 407 init_chown(collected, uid, gid, 0); 408 init_chmod(collected, mode); 409 dir_add(collected, name_len, mtime); 410 } else if (S_ISBLK(mode) || S_ISCHR(mode) || 411 S_ISFIFO(mode) || S_ISSOCK(mode)) { 412 if (maybe_link() == 0) { 413 init_mknod(collected, mode, rdev); 414 init_chown(collected, uid, gid, 0); 415 init_chmod(collected, mode); 416 do_utime(collected, mtime); 417 } 418 } 419 return 0; 420 } 421 422 static int __init do_copy(void) 423 { 424 if (byte_count >= body_len) { 425 if (xwrite(wfile, victim, body_len, &wfile_pos) != body_len) 426 error("write error"); 427 428 do_utime_path(&wfile->f_path, mtime); 429 fput(wfile); 430 if (csum_present && io_csum != hdr_csum) 431 error("bad data checksum"); 432 eat(body_len); 433 state = SkipIt; 434 return 0; 435 } else { 436 if (xwrite(wfile, victim, byte_count, &wfile_pos) != byte_count) 437 error("write error"); 438 body_len -= byte_count; 439 eat(byte_count); 440 return 1; 441 } 442 } 443 444 static int __init do_symlink(void) 445 { 446 if (collected[name_len - 1] != '\0') { 447 pr_err("initramfs symlink without nulterm: %.*s\n", 448 (int)name_len, collected); 449 error("malformed archive"); 450 return 1; 451 } 452 collected[N_ALIGN(name_len) + body_len] = '\0'; 453 clean_path(collected, 0); 454 init_symlink(collected + N_ALIGN(name_len), collected); 455 init_chown(collected, uid, gid, AT_SYMLINK_NOFOLLOW); 456 do_utime(collected, mtime); 457 state = SkipIt; 458 next_state = Reset; 459 return 0; 460 } 461 462 static __initdata int (*actions[])(void) = { 463 [Start] = do_start, 464 [Collect] = do_collect, 465 [GotHeader] = do_header, 466 [SkipIt] = do_skip, 467 [GotName] = do_name, 468 [CopyFile] = do_copy, 469 [GotSymlink] = do_symlink, 470 [Reset] = do_reset, 471 }; 472 473 static long __init write_buffer(char *buf, unsigned long len) 474 { 475 byte_count = len; 476 victim = buf; 477 478 while (!actions[state]()) 479 ; 480 return len - byte_count; 481 } 482 483 static long __init flush_buffer(void *bufv, unsigned long len) 484 { 485 char *buf = bufv; 486 long written; 487 long origLen = len; 488 if (message) 489 return -1; 490 while ((written = write_buffer(buf, len)) < len && !message) { 491 char c = buf[written]; 492 if (c == '0') { 493 buf += written; 494 len -= written; 495 state = Start; 496 } else if (c == 0) { 497 buf += written; 498 len -= written; 499 state = Reset; 500 } else 501 error("junk within compressed archive"); 502 } 503 return origLen; 504 } 505 506 static unsigned long my_inptr __initdata; /* index of next byte to be processed in inbuf */ 507 508 #include <linux/decompress/generic.h> 509 510 /** 511 * unpack_to_rootfs - decompress and extract an initramfs archive 512 * @buf: input initramfs archive to extract 513 * @len: length of initramfs data to process 514 * 515 * Returns: NULL for success or an error message string 516 * 517 * This symbol shouldn't be used externally. It's available for unit tests. 518 */ 519 char * __init unpack_to_rootfs(char *buf, unsigned long len) 520 { 521 long written; 522 decompress_fn decompress; 523 const char *compress_name; 524 struct { 525 char header[CPIO_HDRLEN]; 526 char symlink[PATH_MAX + N_ALIGN(PATH_MAX) + 1]; 527 char name[N_ALIGN(PATH_MAX)]; 528 } *bufs = kmalloc_obj(*bufs); 529 530 if (!bufs) 531 panic_show_mem("can't allocate buffers"); 532 533 header_buf = bufs->header; 534 symlink_buf = bufs->symlink; 535 name_buf = bufs->name; 536 537 state = Start; 538 this_header = 0; 539 message = NULL; 540 while (!message && len) { 541 loff_t saved_offset = this_header; 542 if (*buf == '0' && !(this_header & 3)) { 543 state = Start; 544 written = write_buffer(buf, len); 545 buf += written; 546 len -= written; 547 continue; 548 } 549 if (!*buf) { 550 buf++; 551 len--; 552 this_header++; 553 continue; 554 } 555 this_header = 0; 556 decompress = decompress_method(buf, len, &compress_name); 557 pr_debug("Detected %s compressed data\n", compress_name); 558 if (decompress) { 559 int res = decompress(buf, len, NULL, flush_buffer, NULL, 560 &my_inptr, error); 561 if (res) 562 error("decompressor failed"); 563 } else if (compress_name) { 564 pr_err("compression method %s not configured\n", 565 compress_name); 566 error("decompressor failed"); 567 } else 568 error("invalid magic at start of compressed archive"); 569 if (state != Reset) 570 error("junk at the end of compressed archive"); 571 this_header = saved_offset + my_inptr; 572 buf += my_inptr; 573 len -= my_inptr; 574 } 575 dir_utime(); 576 /* free any hardlink state collected without optional TRAILER!!! */ 577 free_hash(); 578 kfree(bufs); 579 return message; 580 } 581 582 static int __initdata do_retain_initrd; 583 584 static int __init retain_initrd_param(char *str) 585 { 586 if (*str) 587 return 0; 588 do_retain_initrd = 1; 589 return 1; 590 } 591 __setup("retain_initrd", retain_initrd_param); 592 593 #ifdef CONFIG_ARCH_HAS_KEEPINITRD 594 static int __init keepinitrd_setup(char *__unused) 595 { 596 do_retain_initrd = 1; 597 return 1; 598 } 599 __setup("keepinitrd", keepinitrd_setup); 600 #endif 601 602 static bool __initdata initramfs_async = true; 603 static int __init initramfs_async_setup(char *str) 604 { 605 return kstrtobool(str, &initramfs_async) == 0; 606 } 607 __setup("initramfs_async=", initramfs_async_setup); 608 609 extern char __initramfs_start[]; 610 extern unsigned long __initramfs_size; 611 #include <linux/initrd.h> 612 #include <linux/kexec.h> 613 614 static BIN_ATTR(initrd, 0440, sysfs_bin_attr_simple_read, NULL, 0); 615 616 void __init reserve_initrd_mem(void) 617 { 618 phys_addr_t start; 619 unsigned long size; 620 621 /* Ignore the virtul address computed during device tree parsing */ 622 initrd_start = initrd_end = 0; 623 624 if (!phys_initrd_size) 625 return; 626 /* 627 * Round the memory region to page boundaries as per free_initrd_mem() 628 * This allows us to detect whether the pages overlapping the initrd 629 * are in use, but more importantly, reserves the entire set of pages 630 * as we don't want these pages allocated for other purposes. 631 */ 632 start = round_down(phys_initrd_start, PAGE_SIZE); 633 size = phys_initrd_size + (phys_initrd_start - start); 634 size = round_up(size, PAGE_SIZE); 635 636 if (!memblock_is_region_memory(start, size)) { 637 pr_err("INITRD: 0x%08llx+0x%08lx is not a memory region", 638 (u64)start, size); 639 goto disable; 640 } 641 642 if (memblock_is_region_reserved(start, size)) { 643 pr_err("INITRD: 0x%08llx+0x%08lx overlaps in-use memory region\n", 644 (u64)start, size); 645 goto disable; 646 } 647 648 memblock_reserve(start, size); 649 /* Now convert initrd to virtual addresses */ 650 initrd_start = (unsigned long)__va(phys_initrd_start); 651 initrd_end = initrd_start + phys_initrd_size; 652 initrd_below_start_ok = 1; 653 654 return; 655 disable: 656 pr_cont(" - disabling initrd\n"); 657 initrd_start = 0; 658 initrd_end = 0; 659 } 660 661 void __weak __init free_initrd_mem(unsigned long start, unsigned long end) 662 { 663 free_reserved_area((void *)start, (void *)end, POISON_FREE_INITMEM, 664 "initrd"); 665 } 666 667 #ifdef CONFIG_CRASH_RESERVE 668 static bool __init kexec_free_initrd(void) 669 { 670 unsigned long crashk_start = (unsigned long)__va(crashk_res.start); 671 unsigned long crashk_end = (unsigned long)__va(crashk_res.end); 672 673 /* 674 * If the initrd region is overlapped with crashkernel reserved region, 675 * free only memory that is not part of crashkernel region. 676 */ 677 if (initrd_start >= crashk_end || initrd_end <= crashk_start) 678 return false; 679 680 /* 681 * Initialize initrd memory region since the kexec boot does not do. 682 */ 683 memset((void *)initrd_start, 0, initrd_end - initrd_start); 684 if (initrd_start < crashk_start) 685 free_initrd_mem(initrd_start, crashk_start); 686 if (initrd_end > crashk_end) 687 free_initrd_mem(crashk_end, initrd_end); 688 return true; 689 } 690 #else 691 static inline bool kexec_free_initrd(void) 692 { 693 return false; 694 } 695 #endif /* CONFIG_KEXEC_CORE */ 696 697 #ifdef CONFIG_BLK_DEV_RAM 698 static void __init populate_initrd_image(char *err) 699 { 700 ssize_t written; 701 struct file *file; 702 loff_t pos = 0; 703 704 printk(KERN_INFO "rootfs image is not initramfs (%s); looks like an initrd\n", 705 err); 706 file = filp_open("/initrd.image", O_WRONLY|O_CREAT|O_LARGEFILE, 0700); 707 if (IS_ERR(file)) 708 return; 709 710 written = xwrite(file, (char *)initrd_start, initrd_end - initrd_start, 711 &pos); 712 if (written != initrd_end - initrd_start) 713 pr_err("/initrd.image: incomplete write (%zd != %ld)\n", 714 written, initrd_end - initrd_start); 715 fput(file); 716 } 717 #endif /* CONFIG_BLK_DEV_RAM */ 718 719 static void __init do_populate_rootfs(void *unused, async_cookie_t cookie) 720 { 721 /* Load the built in initramfs */ 722 char *err = unpack_to_rootfs(__initramfs_start, __initramfs_size); 723 if (err) 724 panic_show_mem("%s", err); /* Failed to decompress INTERNAL initramfs */ 725 726 if (!initrd_start || IS_ENABLED(CONFIG_INITRAMFS_FORCE)) 727 goto done; 728 729 if (IS_ENABLED(CONFIG_BLK_DEV_RAM)) 730 printk(KERN_INFO "Trying to unpack rootfs image as initramfs...\n"); 731 else 732 printk(KERN_INFO "Unpacking initramfs...\n"); 733 734 err = unpack_to_rootfs((char *)initrd_start, initrd_end - initrd_start); 735 if (err) { 736 #ifdef CONFIG_BLK_DEV_RAM 737 populate_initrd_image(err); 738 #else 739 printk(KERN_EMERG "Initramfs unpacking failed: %s\n", err); 740 #endif 741 } 742 743 done: 744 security_initramfs_populated(); 745 746 /* 747 * If the initrd region is overlapped with crashkernel reserved region, 748 * free only memory that is not part of crashkernel region. 749 */ 750 if (!do_retain_initrd && initrd_start && !kexec_free_initrd()) { 751 free_initrd_mem(initrd_start, initrd_end); 752 } else if (do_retain_initrd && initrd_start) { 753 bin_attr_initrd.size = initrd_end - initrd_start; 754 bin_attr_initrd.private = (void *)initrd_start; 755 if (sysfs_create_bin_file(firmware_kobj, &bin_attr_initrd)) 756 pr_err("Failed to create initrd sysfs file"); 757 } 758 initrd_start = 0; 759 initrd_end = 0; 760 761 init_flush_fput(); 762 } 763 764 static ASYNC_DOMAIN_EXCLUSIVE(initramfs_domain); 765 static async_cookie_t initramfs_cookie; 766 767 void wait_for_initramfs(void) 768 { 769 if (!initramfs_cookie) { 770 /* 771 * Something before rootfs_initcall wants to access 772 * the filesystem/initramfs. Probably a bug. Make a 773 * note, avoid deadlocking the machine, and let the 774 * caller's access fail as it used to. 775 */ 776 pr_warn_once("wait_for_initramfs() called before rootfs_initcalls\n"); 777 return; 778 } 779 async_synchronize_cookie_domain(initramfs_cookie + 1, &initramfs_domain); 780 } 781 EXPORT_SYMBOL_GPL(wait_for_initramfs); 782 783 static int __init populate_rootfs(void) 784 { 785 initramfs_cookie = async_schedule_domain(do_populate_rootfs, NULL, 786 &initramfs_domain); 787 usermodehelper_enable(); 788 if (!initramfs_async) 789 wait_for_initramfs(); 790 return 0; 791 } 792 rootfs_initcall(populate_rootfs); 793