Avoid reading past buffer when calling GETACL
[zen-stable.git] / fs / coda / psdev.c
blob8f616e0e252c3b9ba66c9af8a1b6c8e27e4ccd7d
1 /*
2 * An implementation of a loadable kernel mode driver providing
3 * multiple kernel/user space bidirectional communications links.
5 * Author: Alan Cox <alan@lxorguk.ukuu.org.uk>
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
12 * Adapted to become the Linux 2.0 Coda pseudo device
13 * Peter Braam <braam@maths.ox.ac.uk>
14 * Michael Callahan <mjc@emmy.smith.edu>
16 * Changes for Linux 2.1
17 * Copyright (c) 1997 Carnegie-Mellon University
20 #include <linux/module.h>
21 #include <linux/errno.h>
22 #include <linux/kernel.h>
23 #include <linux/major.h>
24 #include <linux/time.h>
25 #include <linux/sched.h>
26 #include <linux/slab.h>
27 #include <linux/ioport.h>
28 #include <linux/fcntl.h>
29 #include <linux/delay.h>
30 #include <linux/skbuff.h>
31 #include <linux/proc_fs.h>
32 #include <linux/vmalloc.h>
33 #include <linux/fs.h>
34 #include <linux/file.h>
35 #include <linux/poll.h>
36 #include <linux/init.h>
37 #include <linux/list.h>
38 #include <linux/mutex.h>
39 #include <linux/device.h>
40 #include <asm/io.h>
41 #include <asm/system.h>
42 #include <asm/poll.h>
43 #include <asm/uaccess.h>
45 #include <linux/coda.h>
46 #include <linux/coda_psdev.h>
48 #include "coda_linux.h"
50 #include "coda_int.h"
52 /* statistics */
53 int coda_hard; /* allows signals during upcalls */
54 unsigned long coda_timeout = 30; /* .. secs, then signals will dequeue */
57 struct venus_comm coda_comms[MAX_CODADEVS];
58 static struct class *coda_psdev_class;
61 * Device operations
64 static unsigned int coda_psdev_poll(struct file *file, poll_table * wait)
66 struct venus_comm *vcp = (struct venus_comm *) file->private_data;
67 unsigned int mask = POLLOUT | POLLWRNORM;
69 poll_wait(file, &vcp->vc_waitq, wait);
70 mutex_lock(&vcp->vc_mutex);
71 if (!list_empty(&vcp->vc_pending))
72 mask |= POLLIN | POLLRDNORM;
73 mutex_unlock(&vcp->vc_mutex);
75 return mask;
78 static long coda_psdev_ioctl(struct file * filp, unsigned int cmd, unsigned long arg)
80 unsigned int data;
82 switch(cmd) {
83 case CIOC_KERNEL_VERSION:
84 data = CODA_KERNEL_VERSION;
85 return put_user(data, (int __user *) arg);
86 default:
87 return -ENOTTY;
90 return 0;
94 * Receive a message written by Venus to the psdev
97 static ssize_t coda_psdev_write(struct file *file, const char __user *buf,
98 size_t nbytes, loff_t *off)
100 struct venus_comm *vcp = (struct venus_comm *) file->private_data;
101 struct upc_req *req = NULL;
102 struct upc_req *tmp;
103 struct list_head *lh;
104 struct coda_in_hdr hdr;
105 ssize_t retval = 0, count = 0;
106 int error;
108 /* Peek at the opcode, uniquefier */
109 if (copy_from_user(&hdr, buf, 2 * sizeof(u_long)))
110 return -EFAULT;
112 if (DOWNCALL(hdr.opcode)) {
113 union outputArgs *dcbuf;
114 int size = sizeof(*dcbuf);
116 if ( nbytes < sizeof(struct coda_out_hdr) ) {
117 printk("coda_downcall opc %d uniq %d, not enough!\n",
118 hdr.opcode, hdr.unique);
119 count = nbytes;
120 goto out;
122 if ( nbytes > size ) {
123 printk("Coda: downcall opc %d, uniq %d, too much!",
124 hdr.opcode, hdr.unique);
125 nbytes = size;
127 CODA_ALLOC(dcbuf, union outputArgs *, nbytes);
128 if (copy_from_user(dcbuf, buf, nbytes)) {
129 CODA_FREE(dcbuf, nbytes);
130 retval = -EFAULT;
131 goto out;
134 /* what downcall errors does Venus handle ? */
135 error = coda_downcall(vcp, hdr.opcode, dcbuf);
137 CODA_FREE(dcbuf, nbytes);
138 if (error) {
139 printk("psdev_write: coda_downcall error: %d\n", error);
140 retval = error;
141 goto out;
143 count = nbytes;
144 goto out;
147 /* Look for the message on the processing queue. */
148 mutex_lock(&vcp->vc_mutex);
149 list_for_each(lh, &vcp->vc_processing) {
150 tmp = list_entry(lh, struct upc_req , uc_chain);
151 if (tmp->uc_unique == hdr.unique) {
152 req = tmp;
153 list_del(&req->uc_chain);
154 break;
157 mutex_unlock(&vcp->vc_mutex);
159 if (!req) {
160 printk("psdev_write: msg (%d, %d) not found\n",
161 hdr.opcode, hdr.unique);
162 retval = -ESRCH;
163 goto out;
166 /* move data into response buffer. */
167 if (req->uc_outSize < nbytes) {
168 printk("psdev_write: too much cnt: %d, cnt: %ld, opc: %d, uniq: %d.\n",
169 req->uc_outSize, (long)nbytes, hdr.opcode, hdr.unique);
170 nbytes = req->uc_outSize; /* don't have more space! */
172 if (copy_from_user(req->uc_data, buf, nbytes)) {
173 req->uc_flags |= CODA_REQ_ABORT;
174 wake_up(&req->uc_sleep);
175 retval = -EFAULT;
176 goto out;
179 /* adjust outsize. is this useful ?? */
180 req->uc_outSize = nbytes;
181 req->uc_flags |= CODA_REQ_WRITE;
182 count = nbytes;
184 /* Convert filedescriptor into a file handle */
185 if (req->uc_opcode == CODA_OPEN_BY_FD) {
186 struct coda_open_by_fd_out *outp =
187 (struct coda_open_by_fd_out *)req->uc_data;
188 if (!outp->oh.result)
189 outp->fh = fget(outp->fd);
192 wake_up(&req->uc_sleep);
193 out:
194 return(count ? count : retval);
198 * Read a message from the kernel to Venus
201 static ssize_t coda_psdev_read(struct file * file, char __user * buf,
202 size_t nbytes, loff_t *off)
204 DECLARE_WAITQUEUE(wait, current);
205 struct venus_comm *vcp = (struct venus_comm *) file->private_data;
206 struct upc_req *req;
207 ssize_t retval = 0, count = 0;
209 if (nbytes == 0)
210 return 0;
212 mutex_lock(&vcp->vc_mutex);
214 add_wait_queue(&vcp->vc_waitq, &wait);
215 set_current_state(TASK_INTERRUPTIBLE);
217 while (list_empty(&vcp->vc_pending)) {
218 if (file->f_flags & O_NONBLOCK) {
219 retval = -EAGAIN;
220 break;
222 if (signal_pending(current)) {
223 retval = -ERESTARTSYS;
224 break;
226 mutex_unlock(&vcp->vc_mutex);
227 schedule();
228 mutex_lock(&vcp->vc_mutex);
231 set_current_state(TASK_RUNNING);
232 remove_wait_queue(&vcp->vc_waitq, &wait);
234 if (retval)
235 goto out;
237 req = list_entry(vcp->vc_pending.next, struct upc_req,uc_chain);
238 list_del(&req->uc_chain);
240 /* Move the input args into userspace */
241 count = req->uc_inSize;
242 if (nbytes < req->uc_inSize) {
243 printk ("psdev_read: Venus read %ld bytes of %d in message\n",
244 (long)nbytes, req->uc_inSize);
245 count = nbytes;
248 if (copy_to_user(buf, req->uc_data, count))
249 retval = -EFAULT;
251 /* If request was not a signal, enqueue and don't free */
252 if (!(req->uc_flags & CODA_REQ_ASYNC)) {
253 req->uc_flags |= CODA_REQ_READ;
254 list_add_tail(&(req->uc_chain), &vcp->vc_processing);
255 goto out;
258 CODA_FREE(req->uc_data, sizeof(struct coda_in_hdr));
259 kfree(req);
260 out:
261 mutex_unlock(&vcp->vc_mutex);
262 return (count ? count : retval);
265 static int coda_psdev_open(struct inode * inode, struct file * file)
267 struct venus_comm *vcp;
268 int idx, err;
270 idx = iminor(inode);
271 if (idx < 0 || idx >= MAX_CODADEVS)
272 return -ENODEV;
274 err = -EBUSY;
275 vcp = &coda_comms[idx];
276 mutex_lock(&vcp->vc_mutex);
278 if (!vcp->vc_inuse) {
279 vcp->vc_inuse++;
281 INIT_LIST_HEAD(&vcp->vc_pending);
282 INIT_LIST_HEAD(&vcp->vc_processing);
283 init_waitqueue_head(&vcp->vc_waitq);
284 vcp->vc_sb = NULL;
285 vcp->vc_seq = 0;
287 file->private_data = vcp;
288 err = 0;
291 mutex_unlock(&vcp->vc_mutex);
292 return err;
296 static int coda_psdev_release(struct inode * inode, struct file * file)
298 struct venus_comm *vcp = (struct venus_comm *) file->private_data;
299 struct upc_req *req, *tmp;
301 if (!vcp || !vcp->vc_inuse ) {
302 printk("psdev_release: Not open.\n");
303 return -1;
306 mutex_lock(&vcp->vc_mutex);
308 /* Wakeup clients so they can return. */
309 list_for_each_entry_safe(req, tmp, &vcp->vc_pending, uc_chain) {
310 list_del(&req->uc_chain);
312 /* Async requests need to be freed here */
313 if (req->uc_flags & CODA_REQ_ASYNC) {
314 CODA_FREE(req->uc_data, sizeof(struct coda_in_hdr));
315 kfree(req);
316 continue;
318 req->uc_flags |= CODA_REQ_ABORT;
319 wake_up(&req->uc_sleep);
322 list_for_each_entry_safe(req, tmp, &vcp->vc_processing, uc_chain) {
323 list_del(&req->uc_chain);
325 req->uc_flags |= CODA_REQ_ABORT;
326 wake_up(&req->uc_sleep);
329 file->private_data = NULL;
330 vcp->vc_inuse--;
331 mutex_unlock(&vcp->vc_mutex);
332 return 0;
336 static const struct file_operations coda_psdev_fops = {
337 .owner = THIS_MODULE,
338 .read = coda_psdev_read,
339 .write = coda_psdev_write,
340 .poll = coda_psdev_poll,
341 .unlocked_ioctl = coda_psdev_ioctl,
342 .open = coda_psdev_open,
343 .release = coda_psdev_release,
344 .llseek = noop_llseek,
347 static int init_coda_psdev(void)
349 int i, err = 0;
350 if (register_chrdev(CODA_PSDEV_MAJOR, "coda", &coda_psdev_fops)) {
351 printk(KERN_ERR "coda_psdev: unable to get major %d\n",
352 CODA_PSDEV_MAJOR);
353 return -EIO;
355 coda_psdev_class = class_create(THIS_MODULE, "coda");
356 if (IS_ERR(coda_psdev_class)) {
357 err = PTR_ERR(coda_psdev_class);
358 goto out_chrdev;
360 for (i = 0; i < MAX_CODADEVS; i++) {
361 mutex_init(&(&coda_comms[i])->vc_mutex);
362 device_create(coda_psdev_class, NULL,
363 MKDEV(CODA_PSDEV_MAJOR, i), NULL, "cfs%d", i);
365 coda_sysctl_init();
366 goto out;
368 out_chrdev:
369 unregister_chrdev(CODA_PSDEV_MAJOR, "coda");
370 out:
371 return err;
374 MODULE_AUTHOR("Jan Harkes, Peter J. Braam");
375 MODULE_DESCRIPTION("Coda Distributed File System VFS interface");
376 MODULE_ALIAS_CHARDEV_MAJOR(CODA_PSDEV_MAJOR);
377 MODULE_LICENSE("GPL");
378 MODULE_VERSION("6.6");
380 static int __init init_coda(void)
382 int status;
383 int i;
385 status = coda_init_inodecache();
386 if (status)
387 goto out2;
388 status = init_coda_psdev();
389 if ( status ) {
390 printk("Problem (%d) in init_coda_psdev\n", status);
391 goto out1;
394 status = register_filesystem(&coda_fs_type);
395 if (status) {
396 printk("coda: failed to register filesystem!\n");
397 goto out;
399 return 0;
400 out:
401 for (i = 0; i < MAX_CODADEVS; i++)
402 device_destroy(coda_psdev_class, MKDEV(CODA_PSDEV_MAJOR, i));
403 class_destroy(coda_psdev_class);
404 unregister_chrdev(CODA_PSDEV_MAJOR, "coda");
405 coda_sysctl_clean();
406 out1:
407 coda_destroy_inodecache();
408 out2:
409 return status;
412 static void __exit exit_coda(void)
414 int err, i;
416 err = unregister_filesystem(&coda_fs_type);
417 if ( err != 0 ) {
418 printk("coda: failed to unregister filesystem\n");
420 for (i = 0; i < MAX_CODADEVS; i++)
421 device_destroy(coda_psdev_class, MKDEV(CODA_PSDEV_MAJOR, i));
422 class_destroy(coda_psdev_class);
423 unregister_chrdev(CODA_PSDEV_MAJOR, "coda");
424 coda_sysctl_clean();
425 coda_destroy_inodecache();
428 module_init(init_coda);
429 module_exit(exit_coda);