bpf: Prevent memory disambiguation attack
[linux/fpc-iii.git] / drivers / block / aoe / aoedev.c
blob697f735b07a435da967332511f9673258e6eee88
1 /* Copyright (c) 2013 Coraid, Inc. See COPYING for GPL terms. */
2 /*
3 * aoedev.c
4 * AoE device utility functions; maintains device list.
5 */
7 #include <linux/hdreg.h>
8 #include <linux/blkdev.h>
9 #include <linux/netdevice.h>
10 #include <linux/delay.h>
11 #include <linux/slab.h>
12 #include <linux/bitmap.h>
13 #include <linux/kdev_t.h>
14 #include <linux/moduleparam.h>
15 #include <linux/string.h>
16 #include "aoe.h"
18 static void freetgt(struct aoedev *d, struct aoetgt *t);
19 static void skbpoolfree(struct aoedev *d);
21 static int aoe_dyndevs = 1;
22 module_param(aoe_dyndevs, int, 0644);
23 MODULE_PARM_DESC(aoe_dyndevs, "Use dynamic minor numbers for devices.");
25 static struct aoedev *devlist;
26 static DEFINE_SPINLOCK(devlist_lock);
28 /* Because some systems will have one, many, or no
29 * - partitions,
30 * - slots per shelf,
31 * - or shelves,
32 * we need some flexibility in the way the minor numbers
33 * are allocated. So they are dynamic.
35 #define N_DEVS ((1U<<MINORBITS)/AOE_PARTITIONS)
37 static DEFINE_SPINLOCK(used_minors_lock);
38 static DECLARE_BITMAP(used_minors, N_DEVS);
40 static int
41 minor_get_dyn(ulong *sysminor)
43 ulong flags;
44 ulong n;
45 int error = 0;
47 spin_lock_irqsave(&used_minors_lock, flags);
48 n = find_first_zero_bit(used_minors, N_DEVS);
49 if (n < N_DEVS)
50 set_bit(n, used_minors);
51 else
52 error = -1;
53 spin_unlock_irqrestore(&used_minors_lock, flags);
55 *sysminor = n * AOE_PARTITIONS;
56 return error;
59 static int
60 minor_get_static(ulong *sysminor, ulong aoemaj, int aoemin)
62 ulong flags;
63 ulong n;
64 int error = 0;
65 enum {
66 /* for backwards compatibility when !aoe_dyndevs,
67 * a static number of supported slots per shelf */
68 NPERSHELF = 16,
71 if (aoemin >= NPERSHELF) {
72 pr_err("aoe: %s %d slots per shelf\n",
73 "static minor device numbers support only",
74 NPERSHELF);
75 error = -1;
76 goto out;
79 n = aoemaj * NPERSHELF + aoemin;
80 if (n >= N_DEVS) {
81 pr_err("aoe: %s with e%ld.%d\n",
82 "cannot use static minor device numbers",
83 aoemaj, aoemin);
84 error = -1;
85 goto out;
88 spin_lock_irqsave(&used_minors_lock, flags);
89 if (test_bit(n, used_minors)) {
90 pr_err("aoe: %s %lu\n",
91 "existing device already has static minor number",
92 n);
93 error = -1;
94 } else
95 set_bit(n, used_minors);
96 spin_unlock_irqrestore(&used_minors_lock, flags);
97 *sysminor = n * AOE_PARTITIONS;
98 out:
99 return error;
102 static int
103 minor_get(ulong *sysminor, ulong aoemaj, int aoemin)
105 if (aoe_dyndevs)
106 return minor_get_dyn(sysminor);
107 else
108 return minor_get_static(sysminor, aoemaj, aoemin);
111 static void
112 minor_free(ulong minor)
114 ulong flags;
116 minor /= AOE_PARTITIONS;
117 BUG_ON(minor >= N_DEVS);
119 spin_lock_irqsave(&used_minors_lock, flags);
120 BUG_ON(!test_bit(minor, used_minors));
121 clear_bit(minor, used_minors);
122 spin_unlock_irqrestore(&used_minors_lock, flags);
126 * Users who grab a pointer to the device with aoedev_by_aoeaddr
127 * automatically get a reference count and must be responsible
128 * for performing a aoedev_put. With the addition of async
129 * kthread processing I'm no longer confident that we can
130 * guarantee consistency in the face of device flushes.
132 * For the time being, we only bother to add extra references for
133 * frames sitting on the iocq. When the kthreads finish processing
134 * these frames, they will aoedev_put the device.
137 void
138 aoedev_put(struct aoedev *d)
140 ulong flags;
142 spin_lock_irqsave(&devlist_lock, flags);
143 d->ref--;
144 spin_unlock_irqrestore(&devlist_lock, flags);
147 static void
148 dummy_timer(struct timer_list *t)
150 struct aoedev *d;
152 d = from_timer(d, t, timer);
153 if (d->flags & DEVFL_TKILL)
154 return;
155 d->timer.expires = jiffies + HZ;
156 add_timer(&d->timer);
159 static void
160 aoe_failip(struct aoedev *d)
162 struct request *rq;
163 struct bio *bio;
164 unsigned long n;
166 aoe_failbuf(d, d->ip.buf);
168 rq = d->ip.rq;
169 if (rq == NULL)
170 return;
171 while ((bio = d->ip.nxbio)) {
172 bio->bi_status = BLK_STS_IOERR;
173 d->ip.nxbio = bio->bi_next;
174 n = (unsigned long) rq->special;
175 rq->special = (void *) --n;
177 if ((unsigned long) rq->special == 0)
178 aoe_end_request(d, rq, 0);
181 static void
182 downdev_frame(struct list_head *pos)
184 struct frame *f;
186 f = list_entry(pos, struct frame, head);
187 list_del(pos);
188 if (f->buf) {
189 f->buf->nframesout--;
190 aoe_failbuf(f->t->d, f->buf);
192 aoe_freetframe(f);
195 void
196 aoedev_downdev(struct aoedev *d)
198 struct aoetgt *t, **tt, **te;
199 struct list_head *head, *pos, *nx;
200 struct request *rq;
201 int i;
203 d->flags &= ~DEVFL_UP;
205 /* clean out active and to-be-retransmitted buffers */
206 for (i = 0; i < NFACTIVE; i++) {
207 head = &d->factive[i];
208 list_for_each_safe(pos, nx, head)
209 downdev_frame(pos);
211 head = &d->rexmitq;
212 list_for_each_safe(pos, nx, head)
213 downdev_frame(pos);
215 /* reset window dressings */
216 tt = d->targets;
217 te = tt + d->ntargets;
218 for (; tt < te && (t = *tt); tt++) {
219 aoecmd_wreset(t);
220 t->nout = 0;
223 /* clean out the in-process request (if any) */
224 aoe_failip(d);
226 /* fast fail all pending I/O */
227 if (d->blkq) {
228 while ((rq = blk_peek_request(d->blkq))) {
229 blk_start_request(rq);
230 aoe_end_request(d, rq, 1);
234 if (d->gd)
235 set_capacity(d->gd, 0);
238 /* return whether the user asked for this particular
239 * device to be flushed
241 static int
242 user_req(char *s, size_t slen, struct aoedev *d)
244 const char *p;
245 size_t lim;
247 if (!d->gd)
248 return 0;
249 p = kbasename(d->gd->disk_name);
250 lim = sizeof(d->gd->disk_name);
251 lim -= p - d->gd->disk_name;
252 if (slen < lim)
253 lim = slen;
255 return !strncmp(s, p, lim);
258 static void
259 freedev(struct aoedev *d)
261 struct aoetgt **t, **e;
262 int freeing = 0;
263 unsigned long flags;
265 spin_lock_irqsave(&d->lock, flags);
266 if (d->flags & DEVFL_TKILL
267 && !(d->flags & DEVFL_FREEING)) {
268 d->flags |= DEVFL_FREEING;
269 freeing = 1;
271 spin_unlock_irqrestore(&d->lock, flags);
272 if (!freeing)
273 return;
275 del_timer_sync(&d->timer);
276 if (d->gd) {
277 aoedisk_rm_debugfs(d);
278 aoedisk_rm_sysfs(d);
279 del_gendisk(d->gd);
280 put_disk(d->gd);
281 blk_cleanup_queue(d->blkq);
283 t = d->targets;
284 e = t + d->ntargets;
285 for (; t < e && *t; t++)
286 freetgt(d, *t);
287 if (d->bufpool)
288 mempool_destroy(d->bufpool);
289 skbpoolfree(d);
290 minor_free(d->sysminor);
292 spin_lock_irqsave(&d->lock, flags);
293 d->flags |= DEVFL_FREED;
294 spin_unlock_irqrestore(&d->lock, flags);
297 enum flush_parms {
298 NOT_EXITING = 0,
299 EXITING = 1,
302 static int
303 flush(const char __user *str, size_t cnt, int exiting)
305 ulong flags;
306 struct aoedev *d, **dd;
307 char buf[16];
308 int all = 0;
309 int specified = 0; /* flush a specific device */
310 unsigned int skipflags;
312 skipflags = DEVFL_GDALLOC | DEVFL_NEWSIZE | DEVFL_TKILL;
314 if (!exiting && cnt >= 3) {
315 if (cnt > sizeof buf)
316 cnt = sizeof buf;
317 if (copy_from_user(buf, str, cnt))
318 return -EFAULT;
319 all = !strncmp(buf, "all", 3);
320 if (!all)
321 specified = 1;
324 flush_scheduled_work();
325 /* pass one: without sleeping, do aoedev_downdev */
326 spin_lock_irqsave(&devlist_lock, flags);
327 for (d = devlist; d; d = d->next) {
328 spin_lock(&d->lock);
329 if (exiting) {
330 /* unconditionally take each device down */
331 } else if (specified) {
332 if (!user_req(buf, cnt, d))
333 goto cont;
334 } else if ((!all && (d->flags & DEVFL_UP))
335 || d->flags & skipflags
336 || d->nopen
337 || d->ref)
338 goto cont;
340 aoedev_downdev(d);
341 d->flags |= DEVFL_TKILL;
342 cont:
343 spin_unlock(&d->lock);
345 spin_unlock_irqrestore(&devlist_lock, flags);
347 /* pass two: call freedev, which might sleep,
348 * for aoedevs marked with DEVFL_TKILL
350 restart:
351 spin_lock_irqsave(&devlist_lock, flags);
352 for (d = devlist; d; d = d->next) {
353 spin_lock(&d->lock);
354 if (d->flags & DEVFL_TKILL
355 && !(d->flags & DEVFL_FREEING)) {
356 spin_unlock(&d->lock);
357 spin_unlock_irqrestore(&devlist_lock, flags);
358 freedev(d);
359 goto restart;
361 spin_unlock(&d->lock);
364 /* pass three: remove aoedevs marked with DEVFL_FREED */
365 for (dd = &devlist, d = *dd; d; d = *dd) {
366 struct aoedev *doomed = NULL;
368 spin_lock(&d->lock);
369 if (d->flags & DEVFL_FREED) {
370 *dd = d->next;
371 doomed = d;
372 } else {
373 dd = &d->next;
375 spin_unlock(&d->lock);
376 if (doomed)
377 kfree(doomed->targets);
378 kfree(doomed);
380 spin_unlock_irqrestore(&devlist_lock, flags);
382 return 0;
386 aoedev_flush(const char __user *str, size_t cnt)
388 return flush(str, cnt, NOT_EXITING);
391 /* This has been confirmed to occur once with Tms=3*1000 due to the
392 * driver changing link and not processing its transmit ring. The
393 * problem is hard enough to solve by returning an error that I'm
394 * still punting on "solving" this.
396 static void
397 skbfree(struct sk_buff *skb)
399 enum { Sms = 250, Tms = 30 * 1000};
400 int i = Tms / Sms;
402 if (skb == NULL)
403 return;
404 while (atomic_read(&skb_shinfo(skb)->dataref) != 1 && i-- > 0)
405 msleep(Sms);
406 if (i < 0) {
407 printk(KERN_ERR
408 "aoe: %s holds ref: %s\n",
409 skb->dev ? skb->dev->name : "netif",
410 "cannot free skb -- memory leaked.");
411 return;
413 skb->truesize -= skb->data_len;
414 skb_shinfo(skb)->nr_frags = skb->data_len = 0;
415 skb_trim(skb, 0);
416 dev_kfree_skb(skb);
419 static void
420 skbpoolfree(struct aoedev *d)
422 struct sk_buff *skb, *tmp;
424 skb_queue_walk_safe(&d->skbpool, skb, tmp)
425 skbfree(skb);
427 __skb_queue_head_init(&d->skbpool);
430 /* find it or allocate it */
431 struct aoedev *
432 aoedev_by_aoeaddr(ulong maj, int min, int do_alloc)
434 struct aoedev *d;
435 int i;
436 ulong flags;
437 ulong sysminor = 0;
439 spin_lock_irqsave(&devlist_lock, flags);
441 for (d=devlist; d; d=d->next)
442 if (d->aoemajor == maj && d->aoeminor == min) {
443 spin_lock(&d->lock);
444 if (d->flags & DEVFL_TKILL) {
445 spin_unlock(&d->lock);
446 d = NULL;
447 goto out;
449 d->ref++;
450 spin_unlock(&d->lock);
451 break;
453 if (d || !do_alloc || minor_get(&sysminor, maj, min) < 0)
454 goto out;
455 d = kcalloc(1, sizeof *d, GFP_ATOMIC);
456 if (!d)
457 goto out;
458 d->targets = kcalloc(NTARGETS, sizeof(*d->targets), GFP_ATOMIC);
459 if (!d->targets) {
460 kfree(d);
461 d = NULL;
462 goto out;
464 d->ntargets = NTARGETS;
465 INIT_WORK(&d->work, aoecmd_sleepwork);
466 spin_lock_init(&d->lock);
467 skb_queue_head_init(&d->skbpool);
468 timer_setup(&d->timer, dummy_timer, 0);
469 d->timer.expires = jiffies + HZ;
470 add_timer(&d->timer);
471 d->bufpool = NULL; /* defer to aoeblk_gdalloc */
472 d->tgt = d->targets;
473 d->ref = 1;
474 for (i = 0; i < NFACTIVE; i++)
475 INIT_LIST_HEAD(&d->factive[i]);
476 INIT_LIST_HEAD(&d->rexmitq);
477 d->sysminor = sysminor;
478 d->aoemajor = maj;
479 d->aoeminor = min;
480 d->rttavg = RTTAVG_INIT;
481 d->rttdev = RTTDEV_INIT;
482 d->next = devlist;
483 devlist = d;
484 out:
485 spin_unlock_irqrestore(&devlist_lock, flags);
486 return d;
489 static void
490 freetgt(struct aoedev *d, struct aoetgt *t)
492 struct frame *f;
493 struct list_head *pos, *nx, *head;
494 struct aoeif *ifp;
496 for (ifp = t->ifs; ifp < &t->ifs[NAOEIFS]; ++ifp) {
497 if (!ifp->nd)
498 break;
499 dev_put(ifp->nd);
502 head = &t->ffree;
503 list_for_each_safe(pos, nx, head) {
504 list_del(pos);
505 f = list_entry(pos, struct frame, head);
506 skbfree(f->skb);
507 kfree(f);
509 kfree(t);
512 void
513 aoedev_exit(void)
515 flush_scheduled_work();
516 flush(NULL, 0, EXITING);
519 int __init
520 aoedev_init(void)
522 return 0;