OMAPDSS: VENC: fix NULL pointer dereference in DSS2 VENC sysfs debug attr on OMAP4
[zen-stable.git] / drivers / md / dm-ioctl.c
blob1ce84ed0b765a889b74b94674da2aff4ffe0fd1c
1 /*
2 * Copyright (C) 2001, 2002 Sistina Software (UK) Limited.
3 * Copyright (C) 2004 - 2006 Red Hat, Inc. All rights reserved.
5 * This file is released under the GPL.
6 */
8 #include "dm.h"
10 #include <linux/module.h>
11 #include <linux/vmalloc.h>
12 #include <linux/miscdevice.h>
13 #include <linux/init.h>
14 #include <linux/wait.h>
15 #include <linux/slab.h>
16 #include <linux/dm-ioctl.h>
17 #include <linux/hdreg.h>
18 #include <linux/compat.h>
20 #include <asm/uaccess.h>
22 #define DM_MSG_PREFIX "ioctl"
23 #define DM_DRIVER_EMAIL "dm-devel@redhat.com"
25 /*-----------------------------------------------------------------
26 * The ioctl interface needs to be able to look up devices by
27 * name or uuid.
28 *---------------------------------------------------------------*/
29 struct hash_cell {
30 struct list_head name_list;
31 struct list_head uuid_list;
33 char *name;
34 char *uuid;
35 struct mapped_device *md;
36 struct dm_table *new_map;
39 struct vers_iter {
40 size_t param_size;
41 struct dm_target_versions *vers, *old_vers;
42 char *end;
43 uint32_t flags;
47 #define NUM_BUCKETS 64
48 #define MASK_BUCKETS (NUM_BUCKETS - 1)
49 static struct list_head _name_buckets[NUM_BUCKETS];
50 static struct list_head _uuid_buckets[NUM_BUCKETS];
52 static void dm_hash_remove_all(int keep_open_devices);
55 * Guards access to both hash tables.
57 static DECLARE_RWSEM(_hash_lock);
60 * Protects use of mdptr to obtain hash cell name and uuid from mapped device.
62 static DEFINE_MUTEX(dm_hash_cells_mutex);
64 static void init_buckets(struct list_head *buckets)
66 unsigned int i;
68 for (i = 0; i < NUM_BUCKETS; i++)
69 INIT_LIST_HEAD(buckets + i);
72 static int dm_hash_init(void)
74 init_buckets(_name_buckets);
75 init_buckets(_uuid_buckets);
76 return 0;
79 static void dm_hash_exit(void)
81 dm_hash_remove_all(0);
84 /*-----------------------------------------------------------------
85 * Hash function:
86 * We're not really concerned with the str hash function being
87 * fast since it's only used by the ioctl interface.
88 *---------------------------------------------------------------*/
89 static unsigned int hash_str(const char *str)
91 const unsigned int hash_mult = 2654435387U;
92 unsigned int h = 0;
94 while (*str)
95 h = (h + (unsigned int) *str++) * hash_mult;
97 return h & MASK_BUCKETS;
100 /*-----------------------------------------------------------------
101 * Code for looking up a device by name
102 *---------------------------------------------------------------*/
103 static struct hash_cell *__get_name_cell(const char *str)
105 struct hash_cell *hc;
106 unsigned int h = hash_str(str);
108 list_for_each_entry (hc, _name_buckets + h, name_list)
109 if (!strcmp(hc->name, str)) {
110 dm_get(hc->md);
111 return hc;
114 return NULL;
117 static struct hash_cell *__get_uuid_cell(const char *str)
119 struct hash_cell *hc;
120 unsigned int h = hash_str(str);
122 list_for_each_entry (hc, _uuid_buckets + h, uuid_list)
123 if (!strcmp(hc->uuid, str)) {
124 dm_get(hc->md);
125 return hc;
128 return NULL;
131 static struct hash_cell *__get_dev_cell(uint64_t dev)
133 struct mapped_device *md;
134 struct hash_cell *hc;
136 md = dm_get_md(huge_decode_dev(dev));
137 if (!md)
138 return NULL;
140 hc = dm_get_mdptr(md);
141 if (!hc) {
142 dm_put(md);
143 return NULL;
146 return hc;
149 /*-----------------------------------------------------------------
150 * Inserting, removing and renaming a device.
151 *---------------------------------------------------------------*/
152 static struct hash_cell *alloc_cell(const char *name, const char *uuid,
153 struct mapped_device *md)
155 struct hash_cell *hc;
157 hc = kmalloc(sizeof(*hc), GFP_KERNEL);
158 if (!hc)
159 return NULL;
161 hc->name = kstrdup(name, GFP_KERNEL);
162 if (!hc->name) {
163 kfree(hc);
164 return NULL;
167 if (!uuid)
168 hc->uuid = NULL;
170 else {
171 hc->uuid = kstrdup(uuid, GFP_KERNEL);
172 if (!hc->uuid) {
173 kfree(hc->name);
174 kfree(hc);
175 return NULL;
179 INIT_LIST_HEAD(&hc->name_list);
180 INIT_LIST_HEAD(&hc->uuid_list);
181 hc->md = md;
182 hc->new_map = NULL;
183 return hc;
186 static void free_cell(struct hash_cell *hc)
188 if (hc) {
189 kfree(hc->name);
190 kfree(hc->uuid);
191 kfree(hc);
196 * The kdev_t and uuid of a device can never change once it is
197 * initially inserted.
199 static int dm_hash_insert(const char *name, const char *uuid, struct mapped_device *md)
201 struct hash_cell *cell, *hc;
204 * Allocate the new cells.
206 cell = alloc_cell(name, uuid, md);
207 if (!cell)
208 return -ENOMEM;
211 * Insert the cell into both hash tables.
213 down_write(&_hash_lock);
214 hc = __get_name_cell(name);
215 if (hc) {
216 dm_put(hc->md);
217 goto bad;
220 list_add(&cell->name_list, _name_buckets + hash_str(name));
222 if (uuid) {
223 hc = __get_uuid_cell(uuid);
224 if (hc) {
225 list_del(&cell->name_list);
226 dm_put(hc->md);
227 goto bad;
229 list_add(&cell->uuid_list, _uuid_buckets + hash_str(uuid));
231 dm_get(md);
232 mutex_lock(&dm_hash_cells_mutex);
233 dm_set_mdptr(md, cell);
234 mutex_unlock(&dm_hash_cells_mutex);
235 up_write(&_hash_lock);
237 return 0;
239 bad:
240 up_write(&_hash_lock);
241 free_cell(cell);
242 return -EBUSY;
245 static void __hash_remove(struct hash_cell *hc)
247 struct dm_table *table;
249 /* remove from the dev hash */
250 list_del(&hc->uuid_list);
251 list_del(&hc->name_list);
252 mutex_lock(&dm_hash_cells_mutex);
253 dm_set_mdptr(hc->md, NULL);
254 mutex_unlock(&dm_hash_cells_mutex);
256 table = dm_get_live_table(hc->md);
257 if (table) {
258 dm_table_event(table);
259 dm_table_put(table);
262 if (hc->new_map)
263 dm_table_destroy(hc->new_map);
264 dm_put(hc->md);
265 free_cell(hc);
268 static void dm_hash_remove_all(int keep_open_devices)
270 int i, dev_skipped;
271 struct hash_cell *hc;
272 struct mapped_device *md;
274 retry:
275 dev_skipped = 0;
277 down_write(&_hash_lock);
279 for (i = 0; i < NUM_BUCKETS; i++) {
280 list_for_each_entry(hc, _name_buckets + i, name_list) {
281 md = hc->md;
282 dm_get(md);
284 if (keep_open_devices && dm_lock_for_deletion(md)) {
285 dm_put(md);
286 dev_skipped++;
287 continue;
290 __hash_remove(hc);
292 up_write(&_hash_lock);
294 dm_put(md);
295 if (likely(keep_open_devices))
296 dm_destroy(md);
297 else
298 dm_destroy_immediate(md);
301 * Some mapped devices may be using other mapped
302 * devices, so repeat until we make no further
303 * progress. If a new mapped device is created
304 * here it will also get removed.
306 goto retry;
310 up_write(&_hash_lock);
312 if (dev_skipped)
313 DMWARN("remove_all left %d open device(s)", dev_skipped);
317 * Set the uuid of a hash_cell that isn't already set.
319 static void __set_cell_uuid(struct hash_cell *hc, char *new_uuid)
321 mutex_lock(&dm_hash_cells_mutex);
322 hc->uuid = new_uuid;
323 mutex_unlock(&dm_hash_cells_mutex);
325 list_add(&hc->uuid_list, _uuid_buckets + hash_str(new_uuid));
329 * Changes the name of a hash_cell and returns the old name for
330 * the caller to free.
332 static char *__change_cell_name(struct hash_cell *hc, char *new_name)
334 char *old_name;
337 * Rename and move the name cell.
339 list_del(&hc->name_list);
340 old_name = hc->name;
342 mutex_lock(&dm_hash_cells_mutex);
343 hc->name = new_name;
344 mutex_unlock(&dm_hash_cells_mutex);
346 list_add(&hc->name_list, _name_buckets + hash_str(new_name));
348 return old_name;
351 static struct mapped_device *dm_hash_rename(struct dm_ioctl *param,
352 const char *new)
354 char *new_data, *old_name = NULL;
355 struct hash_cell *hc;
356 struct dm_table *table;
357 struct mapped_device *md;
358 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0;
361 * duplicate new.
363 new_data = kstrdup(new, GFP_KERNEL);
364 if (!new_data)
365 return ERR_PTR(-ENOMEM);
367 down_write(&_hash_lock);
370 * Is new free ?
372 if (change_uuid)
373 hc = __get_uuid_cell(new);
374 else
375 hc = __get_name_cell(new);
377 if (hc) {
378 DMWARN("Unable to change %s on mapped device %s to one that "
379 "already exists: %s",
380 change_uuid ? "uuid" : "name",
381 param->name, new);
382 dm_put(hc->md);
383 up_write(&_hash_lock);
384 kfree(new_data);
385 return ERR_PTR(-EBUSY);
389 * Is there such a device as 'old' ?
391 hc = __get_name_cell(param->name);
392 if (!hc) {
393 DMWARN("Unable to rename non-existent device, %s to %s%s",
394 param->name, change_uuid ? "uuid " : "", new);
395 up_write(&_hash_lock);
396 kfree(new_data);
397 return ERR_PTR(-ENXIO);
401 * Does this device already have a uuid?
403 if (change_uuid && hc->uuid) {
404 DMWARN("Unable to change uuid of mapped device %s to %s "
405 "because uuid is already set to %s",
406 param->name, new, hc->uuid);
407 dm_put(hc->md);
408 up_write(&_hash_lock);
409 kfree(new_data);
410 return ERR_PTR(-EINVAL);
413 if (change_uuid)
414 __set_cell_uuid(hc, new_data);
415 else
416 old_name = __change_cell_name(hc, new_data);
419 * Wake up any dm event waiters.
421 table = dm_get_live_table(hc->md);
422 if (table) {
423 dm_table_event(table);
424 dm_table_put(table);
427 if (!dm_kobject_uevent(hc->md, KOBJ_CHANGE, param->event_nr))
428 param->flags |= DM_UEVENT_GENERATED_FLAG;
430 md = hc->md;
431 up_write(&_hash_lock);
432 kfree(old_name);
434 return md;
437 /*-----------------------------------------------------------------
438 * Implementation of the ioctl commands
439 *---------------------------------------------------------------*/
441 * All the ioctl commands get dispatched to functions with this
442 * prototype.
444 typedef int (*ioctl_fn)(struct dm_ioctl *param, size_t param_size);
446 static int remove_all(struct dm_ioctl *param, size_t param_size)
448 dm_hash_remove_all(1);
449 param->data_size = 0;
450 return 0;
454 * Round up the ptr to an 8-byte boundary.
456 #define ALIGN_MASK 7
457 static inline void *align_ptr(void *ptr)
459 return (void *) (((size_t) (ptr + ALIGN_MASK)) & ~ALIGN_MASK);
463 * Retrieves the data payload buffer from an already allocated
464 * struct dm_ioctl.
466 static void *get_result_buffer(struct dm_ioctl *param, size_t param_size,
467 size_t *len)
469 param->data_start = align_ptr(param + 1) - (void *) param;
471 if (param->data_start < param_size)
472 *len = param_size - param->data_start;
473 else
474 *len = 0;
476 return ((void *) param) + param->data_start;
479 static int list_devices(struct dm_ioctl *param, size_t param_size)
481 unsigned int i;
482 struct hash_cell *hc;
483 size_t len, needed = 0;
484 struct gendisk *disk;
485 struct dm_name_list *nl, *old_nl = NULL;
487 down_write(&_hash_lock);
490 * Loop through all the devices working out how much
491 * space we need.
493 for (i = 0; i < NUM_BUCKETS; i++) {
494 list_for_each_entry (hc, _name_buckets + i, name_list) {
495 needed += sizeof(struct dm_name_list);
496 needed += strlen(hc->name) + 1;
497 needed += ALIGN_MASK;
502 * Grab our output buffer.
504 nl = get_result_buffer(param, param_size, &len);
505 if (len < needed) {
506 param->flags |= DM_BUFFER_FULL_FLAG;
507 goto out;
509 param->data_size = param->data_start + needed;
511 nl->dev = 0; /* Flags no data */
514 * Now loop through filling out the names.
516 for (i = 0; i < NUM_BUCKETS; i++) {
517 list_for_each_entry (hc, _name_buckets + i, name_list) {
518 if (old_nl)
519 old_nl->next = (uint32_t) ((void *) nl -
520 (void *) old_nl);
521 disk = dm_disk(hc->md);
522 nl->dev = huge_encode_dev(disk_devt(disk));
523 nl->next = 0;
524 strcpy(nl->name, hc->name);
526 old_nl = nl;
527 nl = align_ptr(((void *) ++nl) + strlen(hc->name) + 1);
531 out:
532 up_write(&_hash_lock);
533 return 0;
536 static void list_version_get_needed(struct target_type *tt, void *needed_param)
538 size_t *needed = needed_param;
540 *needed += sizeof(struct dm_target_versions);
541 *needed += strlen(tt->name);
542 *needed += ALIGN_MASK;
545 static void list_version_get_info(struct target_type *tt, void *param)
547 struct vers_iter *info = param;
549 /* Check space - it might have changed since the first iteration */
550 if ((char *)info->vers + sizeof(tt->version) + strlen(tt->name) + 1 >
551 info->end) {
553 info->flags = DM_BUFFER_FULL_FLAG;
554 return;
557 if (info->old_vers)
558 info->old_vers->next = (uint32_t) ((void *)info->vers -
559 (void *)info->old_vers);
560 info->vers->version[0] = tt->version[0];
561 info->vers->version[1] = tt->version[1];
562 info->vers->version[2] = tt->version[2];
563 info->vers->next = 0;
564 strcpy(info->vers->name, tt->name);
566 info->old_vers = info->vers;
567 info->vers = align_ptr(((void *) ++info->vers) + strlen(tt->name) + 1);
570 static int list_versions(struct dm_ioctl *param, size_t param_size)
572 size_t len, needed = 0;
573 struct dm_target_versions *vers;
574 struct vers_iter iter_info;
577 * Loop through all the devices working out how much
578 * space we need.
580 dm_target_iterate(list_version_get_needed, &needed);
583 * Grab our output buffer.
585 vers = get_result_buffer(param, param_size, &len);
586 if (len < needed) {
587 param->flags |= DM_BUFFER_FULL_FLAG;
588 goto out;
590 param->data_size = param->data_start + needed;
592 iter_info.param_size = param_size;
593 iter_info.old_vers = NULL;
594 iter_info.vers = vers;
595 iter_info.flags = 0;
596 iter_info.end = (char *)vers+len;
599 * Now loop through filling out the names & versions.
601 dm_target_iterate(list_version_get_info, &iter_info);
602 param->flags |= iter_info.flags;
604 out:
605 return 0;
608 static int check_name(const char *name)
610 if (strchr(name, '/')) {
611 DMWARN("invalid device name");
612 return -EINVAL;
615 return 0;
619 * On successful return, the caller must not attempt to acquire
620 * _hash_lock without first calling dm_table_put, because dm_table_destroy
621 * waits for this dm_table_put and could be called under this lock.
623 static struct dm_table *dm_get_inactive_table(struct mapped_device *md)
625 struct hash_cell *hc;
626 struct dm_table *table = NULL;
628 down_read(&_hash_lock);
629 hc = dm_get_mdptr(md);
630 if (!hc || hc->md != md) {
631 DMWARN("device has been removed from the dev hash table.");
632 goto out;
635 table = hc->new_map;
636 if (table)
637 dm_table_get(table);
639 out:
640 up_read(&_hash_lock);
642 return table;
645 static struct dm_table *dm_get_live_or_inactive_table(struct mapped_device *md,
646 struct dm_ioctl *param)
648 return (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) ?
649 dm_get_inactive_table(md) : dm_get_live_table(md);
653 * Fills in a dm_ioctl structure, ready for sending back to
654 * userland.
656 static void __dev_status(struct mapped_device *md, struct dm_ioctl *param)
658 struct gendisk *disk = dm_disk(md);
659 struct dm_table *table;
661 param->flags &= ~(DM_SUSPEND_FLAG | DM_READONLY_FLAG |
662 DM_ACTIVE_PRESENT_FLAG);
664 if (dm_suspended_md(md))
665 param->flags |= DM_SUSPEND_FLAG;
667 param->dev = huge_encode_dev(disk_devt(disk));
670 * Yes, this will be out of date by the time it gets back
671 * to userland, but it is still very useful for
672 * debugging.
674 param->open_count = dm_open_count(md);
676 param->event_nr = dm_get_event_nr(md);
677 param->target_count = 0;
679 table = dm_get_live_table(md);
680 if (table) {
681 if (!(param->flags & DM_QUERY_INACTIVE_TABLE_FLAG)) {
682 if (get_disk_ro(disk))
683 param->flags |= DM_READONLY_FLAG;
684 param->target_count = dm_table_get_num_targets(table);
686 dm_table_put(table);
688 param->flags |= DM_ACTIVE_PRESENT_FLAG;
691 if (param->flags & DM_QUERY_INACTIVE_TABLE_FLAG) {
692 table = dm_get_inactive_table(md);
693 if (table) {
694 if (!(dm_table_get_mode(table) & FMODE_WRITE))
695 param->flags |= DM_READONLY_FLAG;
696 param->target_count = dm_table_get_num_targets(table);
697 dm_table_put(table);
702 static int dev_create(struct dm_ioctl *param, size_t param_size)
704 int r, m = DM_ANY_MINOR;
705 struct mapped_device *md;
707 r = check_name(param->name);
708 if (r)
709 return r;
711 if (param->flags & DM_PERSISTENT_DEV_FLAG)
712 m = MINOR(huge_decode_dev(param->dev));
714 r = dm_create(m, &md);
715 if (r)
716 return r;
718 r = dm_hash_insert(param->name, *param->uuid ? param->uuid : NULL, md);
719 if (r) {
720 dm_put(md);
721 dm_destroy(md);
722 return r;
725 param->flags &= ~DM_INACTIVE_PRESENT_FLAG;
727 __dev_status(md, param);
729 dm_put(md);
731 return 0;
735 * Always use UUID for lookups if it's present, otherwise use name or dev.
737 static struct hash_cell *__find_device_hash_cell(struct dm_ioctl *param)
739 struct hash_cell *hc = NULL;
741 if (*param->uuid) {
742 if (*param->name || param->dev)
743 return NULL;
745 hc = __get_uuid_cell(param->uuid);
746 if (!hc)
747 return NULL;
748 } else if (*param->name) {
749 if (param->dev)
750 return NULL;
752 hc = __get_name_cell(param->name);
753 if (!hc)
754 return NULL;
755 } else if (param->dev) {
756 hc = __get_dev_cell(param->dev);
757 if (!hc)
758 return NULL;
759 } else
760 return NULL;
763 * Sneakily write in both the name and the uuid
764 * while we have the cell.
766 strlcpy(param->name, hc->name, sizeof(param->name));
767 if (hc->uuid)
768 strlcpy(param->uuid, hc->uuid, sizeof(param->uuid));
769 else
770 param->uuid[0] = '\0';
772 if (hc->new_map)
773 param->flags |= DM_INACTIVE_PRESENT_FLAG;
774 else
775 param->flags &= ~DM_INACTIVE_PRESENT_FLAG;
777 return hc;
780 static struct mapped_device *find_device(struct dm_ioctl *param)
782 struct hash_cell *hc;
783 struct mapped_device *md = NULL;
785 down_read(&_hash_lock);
786 hc = __find_device_hash_cell(param);
787 if (hc)
788 md = hc->md;
789 up_read(&_hash_lock);
791 return md;
794 static int dev_remove(struct dm_ioctl *param, size_t param_size)
796 struct hash_cell *hc;
797 struct mapped_device *md;
798 int r;
800 down_write(&_hash_lock);
801 hc = __find_device_hash_cell(param);
803 if (!hc) {
804 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table.");
805 up_write(&_hash_lock);
806 return -ENXIO;
809 md = hc->md;
812 * Ensure the device is not open and nothing further can open it.
814 r = dm_lock_for_deletion(md);
815 if (r) {
816 DMDEBUG_LIMIT("unable to remove open device %s", hc->name);
817 up_write(&_hash_lock);
818 dm_put(md);
819 return r;
822 __hash_remove(hc);
823 up_write(&_hash_lock);
825 if (!dm_kobject_uevent(md, KOBJ_REMOVE, param->event_nr))
826 param->flags |= DM_UEVENT_GENERATED_FLAG;
828 dm_put(md);
829 dm_destroy(md);
830 return 0;
834 * Check a string doesn't overrun the chunk of
835 * memory we copied from userland.
837 static int invalid_str(char *str, void *end)
839 while ((void *) str < end)
840 if (!*str++)
841 return 0;
843 return -EINVAL;
846 static int dev_rename(struct dm_ioctl *param, size_t param_size)
848 int r;
849 char *new_data = (char *) param + param->data_start;
850 struct mapped_device *md;
851 unsigned change_uuid = (param->flags & DM_UUID_FLAG) ? 1 : 0;
853 if (new_data < param->data ||
854 invalid_str(new_data, (void *) param + param_size) ||
855 strlen(new_data) > (change_uuid ? DM_UUID_LEN - 1 : DM_NAME_LEN - 1)) {
856 DMWARN("Invalid new mapped device name or uuid string supplied.");
857 return -EINVAL;
860 if (!change_uuid) {
861 r = check_name(new_data);
862 if (r)
863 return r;
866 md = dm_hash_rename(param, new_data);
867 if (IS_ERR(md))
868 return PTR_ERR(md);
870 __dev_status(md, param);
871 dm_put(md);
873 return 0;
876 static int dev_set_geometry(struct dm_ioctl *param, size_t param_size)
878 int r = -EINVAL, x;
879 struct mapped_device *md;
880 struct hd_geometry geometry;
881 unsigned long indata[4];
882 char *geostr = (char *) param + param->data_start;
884 md = find_device(param);
885 if (!md)
886 return -ENXIO;
888 if (geostr < param->data ||
889 invalid_str(geostr, (void *) param + param_size)) {
890 DMWARN("Invalid geometry supplied.");
891 goto out;
894 x = sscanf(geostr, "%lu %lu %lu %lu", indata,
895 indata + 1, indata + 2, indata + 3);
897 if (x != 4) {
898 DMWARN("Unable to interpret geometry settings.");
899 goto out;
902 if (indata[0] > 65535 || indata[1] > 255 ||
903 indata[2] > 255 || indata[3] > ULONG_MAX) {
904 DMWARN("Geometry exceeds range limits.");
905 goto out;
908 geometry.cylinders = indata[0];
909 geometry.heads = indata[1];
910 geometry.sectors = indata[2];
911 geometry.start = indata[3];
913 r = dm_set_geometry(md, &geometry);
915 param->data_size = 0;
917 out:
918 dm_put(md);
919 return r;
922 static int do_suspend(struct dm_ioctl *param)
924 int r = 0;
925 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG;
926 struct mapped_device *md;
928 md = find_device(param);
929 if (!md)
930 return -ENXIO;
932 if (param->flags & DM_SKIP_LOCKFS_FLAG)
933 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG;
934 if (param->flags & DM_NOFLUSH_FLAG)
935 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG;
937 if (!dm_suspended_md(md)) {
938 r = dm_suspend(md, suspend_flags);
939 if (r)
940 goto out;
943 __dev_status(md, param);
945 out:
946 dm_put(md);
948 return r;
951 static int do_resume(struct dm_ioctl *param)
953 int r = 0;
954 unsigned suspend_flags = DM_SUSPEND_LOCKFS_FLAG;
955 struct hash_cell *hc;
956 struct mapped_device *md;
957 struct dm_table *new_map, *old_map = NULL;
959 down_write(&_hash_lock);
961 hc = __find_device_hash_cell(param);
962 if (!hc) {
963 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table.");
964 up_write(&_hash_lock);
965 return -ENXIO;
968 md = hc->md;
970 new_map = hc->new_map;
971 hc->new_map = NULL;
972 param->flags &= ~DM_INACTIVE_PRESENT_FLAG;
974 up_write(&_hash_lock);
976 /* Do we need to load a new map ? */
977 if (new_map) {
978 /* Suspend if it isn't already suspended */
979 if (param->flags & DM_SKIP_LOCKFS_FLAG)
980 suspend_flags &= ~DM_SUSPEND_LOCKFS_FLAG;
981 if (param->flags & DM_NOFLUSH_FLAG)
982 suspend_flags |= DM_SUSPEND_NOFLUSH_FLAG;
983 if (!dm_suspended_md(md))
984 dm_suspend(md, suspend_flags);
986 old_map = dm_swap_table(md, new_map);
987 if (IS_ERR(old_map)) {
988 dm_table_destroy(new_map);
989 dm_put(md);
990 return PTR_ERR(old_map);
993 if (dm_table_get_mode(new_map) & FMODE_WRITE)
994 set_disk_ro(dm_disk(md), 0);
995 else
996 set_disk_ro(dm_disk(md), 1);
999 if (dm_suspended_md(md)) {
1000 r = dm_resume(md);
1001 if (!r && !dm_kobject_uevent(md, KOBJ_CHANGE, param->event_nr))
1002 param->flags |= DM_UEVENT_GENERATED_FLAG;
1005 if (old_map)
1006 dm_table_destroy(old_map);
1008 if (!r)
1009 __dev_status(md, param);
1011 dm_put(md);
1012 return r;
1016 * Set or unset the suspension state of a device.
1017 * If the device already is in the requested state we just return its status.
1019 static int dev_suspend(struct dm_ioctl *param, size_t param_size)
1021 if (param->flags & DM_SUSPEND_FLAG)
1022 return do_suspend(param);
1024 return do_resume(param);
1028 * Copies device info back to user space, used by
1029 * the create and info ioctls.
1031 static int dev_status(struct dm_ioctl *param, size_t param_size)
1033 struct mapped_device *md;
1035 md = find_device(param);
1036 if (!md)
1037 return -ENXIO;
1039 __dev_status(md, param);
1040 dm_put(md);
1042 return 0;
1046 * Build up the status struct for each target
1048 static void retrieve_status(struct dm_table *table,
1049 struct dm_ioctl *param, size_t param_size)
1051 unsigned int i, num_targets;
1052 struct dm_target_spec *spec;
1053 char *outbuf, *outptr;
1054 status_type_t type;
1055 size_t remaining, len, used = 0;
1057 outptr = outbuf = get_result_buffer(param, param_size, &len);
1059 if (param->flags & DM_STATUS_TABLE_FLAG)
1060 type = STATUSTYPE_TABLE;
1061 else
1062 type = STATUSTYPE_INFO;
1064 /* Get all the target info */
1065 num_targets = dm_table_get_num_targets(table);
1066 for (i = 0; i < num_targets; i++) {
1067 struct dm_target *ti = dm_table_get_target(table, i);
1069 remaining = len - (outptr - outbuf);
1070 if (remaining <= sizeof(struct dm_target_spec)) {
1071 param->flags |= DM_BUFFER_FULL_FLAG;
1072 break;
1075 spec = (struct dm_target_spec *) outptr;
1077 spec->status = 0;
1078 spec->sector_start = ti->begin;
1079 spec->length = ti->len;
1080 strncpy(spec->target_type, ti->type->name,
1081 sizeof(spec->target_type));
1083 outptr += sizeof(struct dm_target_spec);
1084 remaining = len - (outptr - outbuf);
1085 if (remaining <= 0) {
1086 param->flags |= DM_BUFFER_FULL_FLAG;
1087 break;
1090 /* Get the status/table string from the target driver */
1091 if (ti->type->status) {
1092 if (ti->type->status(ti, type, outptr, remaining)) {
1093 param->flags |= DM_BUFFER_FULL_FLAG;
1094 break;
1096 } else
1097 outptr[0] = '\0';
1099 outptr += strlen(outptr) + 1;
1100 used = param->data_start + (outptr - outbuf);
1102 outptr = align_ptr(outptr);
1103 spec->next = outptr - outbuf;
1106 if (used)
1107 param->data_size = used;
1109 param->target_count = num_targets;
1113 * Wait for a device to report an event
1115 static int dev_wait(struct dm_ioctl *param, size_t param_size)
1117 int r = 0;
1118 struct mapped_device *md;
1119 struct dm_table *table;
1121 md = find_device(param);
1122 if (!md)
1123 return -ENXIO;
1126 * Wait for a notification event
1128 if (dm_wait_event(md, param->event_nr)) {
1129 r = -ERESTARTSYS;
1130 goto out;
1134 * The userland program is going to want to know what
1135 * changed to trigger the event, so we may as well tell
1136 * him and save an ioctl.
1138 __dev_status(md, param);
1140 table = dm_get_live_or_inactive_table(md, param);
1141 if (table) {
1142 retrieve_status(table, param, param_size);
1143 dm_table_put(table);
1146 out:
1147 dm_put(md);
1149 return r;
1152 static inline fmode_t get_mode(struct dm_ioctl *param)
1154 fmode_t mode = FMODE_READ | FMODE_WRITE;
1156 if (param->flags & DM_READONLY_FLAG)
1157 mode = FMODE_READ;
1159 return mode;
1162 static int next_target(struct dm_target_spec *last, uint32_t next, void *end,
1163 struct dm_target_spec **spec, char **target_params)
1165 *spec = (struct dm_target_spec *) ((unsigned char *) last + next);
1166 *target_params = (char *) (*spec + 1);
1168 if (*spec < (last + 1))
1169 return -EINVAL;
1171 return invalid_str(*target_params, end);
1174 static int populate_table(struct dm_table *table,
1175 struct dm_ioctl *param, size_t param_size)
1177 int r;
1178 unsigned int i = 0;
1179 struct dm_target_spec *spec = (struct dm_target_spec *) param;
1180 uint32_t next = param->data_start;
1181 void *end = (void *) param + param_size;
1182 char *target_params;
1184 if (!param->target_count) {
1185 DMWARN("populate_table: no targets specified");
1186 return -EINVAL;
1189 for (i = 0; i < param->target_count; i++) {
1191 r = next_target(spec, next, end, &spec, &target_params);
1192 if (r) {
1193 DMWARN("unable to find target");
1194 return r;
1197 r = dm_table_add_target(table, spec->target_type,
1198 (sector_t) spec->sector_start,
1199 (sector_t) spec->length,
1200 target_params);
1201 if (r) {
1202 DMWARN("error adding target to table");
1203 return r;
1206 next = spec->next;
1209 return dm_table_complete(table);
1212 static int table_load(struct dm_ioctl *param, size_t param_size)
1214 int r;
1215 struct hash_cell *hc;
1216 struct dm_table *t;
1217 struct mapped_device *md;
1218 struct target_type *immutable_target_type;
1220 md = find_device(param);
1221 if (!md)
1222 return -ENXIO;
1224 r = dm_table_create(&t, get_mode(param), param->target_count, md);
1225 if (r)
1226 goto out;
1228 r = populate_table(t, param, param_size);
1229 if (r) {
1230 dm_table_destroy(t);
1231 goto out;
1234 immutable_target_type = dm_get_immutable_target_type(md);
1235 if (immutable_target_type &&
1236 (immutable_target_type != dm_table_get_immutable_target_type(t))) {
1237 DMWARN("can't replace immutable target type %s",
1238 immutable_target_type->name);
1239 dm_table_destroy(t);
1240 r = -EINVAL;
1241 goto out;
1244 /* Protect md->type and md->queue against concurrent table loads. */
1245 dm_lock_md_type(md);
1246 if (dm_get_md_type(md) == DM_TYPE_NONE)
1247 /* Initial table load: acquire type of table. */
1248 dm_set_md_type(md, dm_table_get_type(t));
1249 else if (dm_get_md_type(md) != dm_table_get_type(t)) {
1250 DMWARN("can't change device type after initial table load.");
1251 dm_table_destroy(t);
1252 dm_unlock_md_type(md);
1253 r = -EINVAL;
1254 goto out;
1257 /* setup md->queue to reflect md's type (may block) */
1258 r = dm_setup_md_queue(md);
1259 if (r) {
1260 DMWARN("unable to set up device queue for new table.");
1261 dm_table_destroy(t);
1262 dm_unlock_md_type(md);
1263 goto out;
1265 dm_unlock_md_type(md);
1267 /* stage inactive table */
1268 down_write(&_hash_lock);
1269 hc = dm_get_mdptr(md);
1270 if (!hc || hc->md != md) {
1271 DMWARN("device has been removed from the dev hash table.");
1272 dm_table_destroy(t);
1273 up_write(&_hash_lock);
1274 r = -ENXIO;
1275 goto out;
1278 if (hc->new_map)
1279 dm_table_destroy(hc->new_map);
1280 hc->new_map = t;
1281 up_write(&_hash_lock);
1283 param->flags |= DM_INACTIVE_PRESENT_FLAG;
1284 __dev_status(md, param);
1286 out:
1287 dm_put(md);
1289 return r;
1292 static int table_clear(struct dm_ioctl *param, size_t param_size)
1294 struct hash_cell *hc;
1295 struct mapped_device *md;
1297 down_write(&_hash_lock);
1299 hc = __find_device_hash_cell(param);
1300 if (!hc) {
1301 DMDEBUG_LIMIT("device doesn't appear to be in the dev hash table.");
1302 up_write(&_hash_lock);
1303 return -ENXIO;
1306 if (hc->new_map) {
1307 dm_table_destroy(hc->new_map);
1308 hc->new_map = NULL;
1311 param->flags &= ~DM_INACTIVE_PRESENT_FLAG;
1313 __dev_status(hc->md, param);
1314 md = hc->md;
1315 up_write(&_hash_lock);
1316 dm_put(md);
1318 return 0;
1322 * Retrieves a list of devices used by a particular dm device.
1324 static void retrieve_deps(struct dm_table *table,
1325 struct dm_ioctl *param, size_t param_size)
1327 unsigned int count = 0;
1328 struct list_head *tmp;
1329 size_t len, needed;
1330 struct dm_dev_internal *dd;
1331 struct dm_target_deps *deps;
1333 deps = get_result_buffer(param, param_size, &len);
1336 * Count the devices.
1338 list_for_each (tmp, dm_table_get_devices(table))
1339 count++;
1342 * Check we have enough space.
1344 needed = sizeof(*deps) + (sizeof(*deps->dev) * count);
1345 if (len < needed) {
1346 param->flags |= DM_BUFFER_FULL_FLAG;
1347 return;
1351 * Fill in the devices.
1353 deps->count = count;
1354 count = 0;
1355 list_for_each_entry (dd, dm_table_get_devices(table), list)
1356 deps->dev[count++] = huge_encode_dev(dd->dm_dev.bdev->bd_dev);
1358 param->data_size = param->data_start + needed;
1361 static int table_deps(struct dm_ioctl *param, size_t param_size)
1363 struct mapped_device *md;
1364 struct dm_table *table;
1366 md = find_device(param);
1367 if (!md)
1368 return -ENXIO;
1370 __dev_status(md, param);
1372 table = dm_get_live_or_inactive_table(md, param);
1373 if (table) {
1374 retrieve_deps(table, param, param_size);
1375 dm_table_put(table);
1378 dm_put(md);
1380 return 0;
1384 * Return the status of a device as a text string for each
1385 * target.
1387 static int table_status(struct dm_ioctl *param, size_t param_size)
1389 struct mapped_device *md;
1390 struct dm_table *table;
1392 md = find_device(param);
1393 if (!md)
1394 return -ENXIO;
1396 __dev_status(md, param);
1398 table = dm_get_live_or_inactive_table(md, param);
1399 if (table) {
1400 retrieve_status(table, param, param_size);
1401 dm_table_put(table);
1404 dm_put(md);
1406 return 0;
1410 * Pass a message to the target that's at the supplied device offset.
1412 static int target_message(struct dm_ioctl *param, size_t param_size)
1414 int r, argc;
1415 char **argv;
1416 struct mapped_device *md;
1417 struct dm_table *table;
1418 struct dm_target *ti;
1419 struct dm_target_msg *tmsg = (void *) param + param->data_start;
1421 md = find_device(param);
1422 if (!md)
1423 return -ENXIO;
1425 if (tmsg < (struct dm_target_msg *) param->data ||
1426 invalid_str(tmsg->message, (void *) param + param_size)) {
1427 DMWARN("Invalid target message parameters.");
1428 r = -EINVAL;
1429 goto out;
1432 r = dm_split_args(&argc, &argv, tmsg->message);
1433 if (r) {
1434 DMWARN("Failed to split target message parameters");
1435 goto out;
1438 if (!argc) {
1439 DMWARN("Empty message received.");
1440 goto out_argv;
1443 table = dm_get_live_table(md);
1444 if (!table)
1445 goto out_argv;
1447 if (dm_deleting_md(md)) {
1448 r = -ENXIO;
1449 goto out_table;
1452 ti = dm_table_find_target(table, tmsg->sector);
1453 if (!dm_target_is_valid(ti)) {
1454 DMWARN("Target message sector outside device.");
1455 r = -EINVAL;
1456 } else if (ti->type->message)
1457 r = ti->type->message(ti, argc, argv);
1458 else {
1459 DMWARN("Target type does not support messages");
1460 r = -EINVAL;
1463 out_table:
1464 dm_table_put(table);
1465 out_argv:
1466 kfree(argv);
1467 out:
1468 param->data_size = 0;
1469 dm_put(md);
1470 return r;
1473 /*-----------------------------------------------------------------
1474 * Implementation of open/close/ioctl on the special char
1475 * device.
1476 *---------------------------------------------------------------*/
1477 static ioctl_fn lookup_ioctl(unsigned int cmd)
1479 static struct {
1480 int cmd;
1481 ioctl_fn fn;
1482 } _ioctls[] = {
1483 {DM_VERSION_CMD, NULL}, /* version is dealt with elsewhere */
1484 {DM_REMOVE_ALL_CMD, remove_all},
1485 {DM_LIST_DEVICES_CMD, list_devices},
1487 {DM_DEV_CREATE_CMD, dev_create},
1488 {DM_DEV_REMOVE_CMD, dev_remove},
1489 {DM_DEV_RENAME_CMD, dev_rename},
1490 {DM_DEV_SUSPEND_CMD, dev_suspend},
1491 {DM_DEV_STATUS_CMD, dev_status},
1492 {DM_DEV_WAIT_CMD, dev_wait},
1494 {DM_TABLE_LOAD_CMD, table_load},
1495 {DM_TABLE_CLEAR_CMD, table_clear},
1496 {DM_TABLE_DEPS_CMD, table_deps},
1497 {DM_TABLE_STATUS_CMD, table_status},
1499 {DM_LIST_VERSIONS_CMD, list_versions},
1501 {DM_TARGET_MSG_CMD, target_message},
1502 {DM_DEV_SET_GEOMETRY_CMD, dev_set_geometry}
1505 return (cmd >= ARRAY_SIZE(_ioctls)) ? NULL : _ioctls[cmd].fn;
1509 * As well as checking the version compatibility this always
1510 * copies the kernel interface version out.
1512 static int check_version(unsigned int cmd, struct dm_ioctl __user *user)
1514 uint32_t version[3];
1515 int r = 0;
1517 if (copy_from_user(version, user->version, sizeof(version)))
1518 return -EFAULT;
1520 if ((DM_VERSION_MAJOR != version[0]) ||
1521 (DM_VERSION_MINOR < version[1])) {
1522 DMWARN("ioctl interface mismatch: "
1523 "kernel(%u.%u.%u), user(%u.%u.%u), cmd(%d)",
1524 DM_VERSION_MAJOR, DM_VERSION_MINOR,
1525 DM_VERSION_PATCHLEVEL,
1526 version[0], version[1], version[2], cmd);
1527 r = -EINVAL;
1531 * Fill in the kernel version.
1533 version[0] = DM_VERSION_MAJOR;
1534 version[1] = DM_VERSION_MINOR;
1535 version[2] = DM_VERSION_PATCHLEVEL;
1536 if (copy_to_user(user->version, version, sizeof(version)))
1537 return -EFAULT;
1539 return r;
1542 static int copy_params(struct dm_ioctl __user *user, struct dm_ioctl **param)
1544 struct dm_ioctl tmp, *dmi;
1545 int secure_data;
1547 if (copy_from_user(&tmp, user, sizeof(tmp) - sizeof(tmp.data)))
1548 return -EFAULT;
1550 if (tmp.data_size < (sizeof(tmp) - sizeof(tmp.data)))
1551 return -EINVAL;
1553 secure_data = tmp.flags & DM_SECURE_DATA_FLAG;
1555 dmi = vmalloc(tmp.data_size);
1556 if (!dmi) {
1557 if (secure_data && clear_user(user, tmp.data_size))
1558 return -EFAULT;
1559 return -ENOMEM;
1562 if (copy_from_user(dmi, user, tmp.data_size))
1563 goto bad;
1565 /* Wipe the user buffer so we do not return it to userspace */
1566 if (secure_data && clear_user(user, tmp.data_size))
1567 goto bad;
1569 *param = dmi;
1570 return 0;
1572 bad:
1573 if (secure_data)
1574 memset(dmi, 0, tmp.data_size);
1575 vfree(dmi);
1576 return -EFAULT;
1579 static int validate_params(uint cmd, struct dm_ioctl *param)
1581 /* Always clear this flag */
1582 param->flags &= ~DM_BUFFER_FULL_FLAG;
1583 param->flags &= ~DM_UEVENT_GENERATED_FLAG;
1584 param->flags &= ~DM_SECURE_DATA_FLAG;
1586 /* Ignores parameters */
1587 if (cmd == DM_REMOVE_ALL_CMD ||
1588 cmd == DM_LIST_DEVICES_CMD ||
1589 cmd == DM_LIST_VERSIONS_CMD)
1590 return 0;
1592 if ((cmd == DM_DEV_CREATE_CMD)) {
1593 if (!*param->name) {
1594 DMWARN("name not supplied when creating device");
1595 return -EINVAL;
1597 } else if ((*param->uuid && *param->name)) {
1598 DMWARN("only supply one of name or uuid, cmd(%u)", cmd);
1599 return -EINVAL;
1602 /* Ensure strings are terminated */
1603 param->name[DM_NAME_LEN - 1] = '\0';
1604 param->uuid[DM_UUID_LEN - 1] = '\0';
1606 return 0;
1609 static int ctl_ioctl(uint command, struct dm_ioctl __user *user)
1611 int r = 0;
1612 int wipe_buffer;
1613 unsigned int cmd;
1614 struct dm_ioctl *uninitialized_var(param);
1615 ioctl_fn fn = NULL;
1616 size_t input_param_size;
1618 /* only root can play with this */
1619 if (!capable(CAP_SYS_ADMIN))
1620 return -EACCES;
1622 if (_IOC_TYPE(command) != DM_IOCTL)
1623 return -ENOTTY;
1625 cmd = _IOC_NR(command);
1628 * Check the interface version passed in. This also
1629 * writes out the kernel's interface version.
1631 r = check_version(cmd, user);
1632 if (r)
1633 return r;
1636 * Nothing more to do for the version command.
1638 if (cmd == DM_VERSION_CMD)
1639 return 0;
1641 fn = lookup_ioctl(cmd);
1642 if (!fn) {
1643 DMWARN("dm_ctl_ioctl: unknown command 0x%x", command);
1644 return -ENOTTY;
1648 * Trying to avoid low memory issues when a device is
1649 * suspended.
1651 current->flags |= PF_MEMALLOC;
1654 * Copy the parameters into kernel space.
1656 r = copy_params(user, &param);
1658 current->flags &= ~PF_MEMALLOC;
1660 if (r)
1661 return r;
1663 input_param_size = param->data_size;
1664 wipe_buffer = param->flags & DM_SECURE_DATA_FLAG;
1666 r = validate_params(cmd, param);
1667 if (r)
1668 goto out;
1670 param->data_size = sizeof(*param);
1671 r = fn(param, input_param_size);
1674 * Copy the results back to userland.
1676 if (!r && copy_to_user(user, param, param->data_size))
1677 r = -EFAULT;
1679 out:
1680 if (wipe_buffer)
1681 memset(param, 0, input_param_size);
1683 vfree(param);
1684 return r;
1687 static long dm_ctl_ioctl(struct file *file, uint command, ulong u)
1689 return (long)ctl_ioctl(command, (struct dm_ioctl __user *)u);
1692 #ifdef CONFIG_COMPAT
1693 static long dm_compat_ctl_ioctl(struct file *file, uint command, ulong u)
1695 return (long)dm_ctl_ioctl(file, command, (ulong) compat_ptr(u));
1697 #else
1698 #define dm_compat_ctl_ioctl NULL
1699 #endif
1701 static const struct file_operations _ctl_fops = {
1702 .open = nonseekable_open,
1703 .unlocked_ioctl = dm_ctl_ioctl,
1704 .compat_ioctl = dm_compat_ctl_ioctl,
1705 .owner = THIS_MODULE,
1706 .llseek = noop_llseek,
1709 static struct miscdevice _dm_misc = {
1710 .minor = MAPPER_CTRL_MINOR,
1711 .name = DM_NAME,
1712 .nodename = DM_DIR "/" DM_CONTROL_NODE,
1713 .fops = &_ctl_fops
1716 MODULE_ALIAS_MISCDEV(MAPPER_CTRL_MINOR);
1717 MODULE_ALIAS("devname:" DM_DIR "/" DM_CONTROL_NODE);
1720 * Create misc character device and link to DM_DIR/control.
1722 int __init dm_interface_init(void)
1724 int r;
1726 r = dm_hash_init();
1727 if (r)
1728 return r;
1730 r = misc_register(&_dm_misc);
1731 if (r) {
1732 DMERR("misc_register failed for control device");
1733 dm_hash_exit();
1734 return r;
1737 DMINFO("%d.%d.%d%s initialised: %s", DM_VERSION_MAJOR,
1738 DM_VERSION_MINOR, DM_VERSION_PATCHLEVEL, DM_VERSION_EXTRA,
1739 DM_DRIVER_EMAIL);
1740 return 0;
1743 void dm_interface_exit(void)
1745 if (misc_deregister(&_dm_misc) < 0)
1746 DMERR("misc_deregister failed for control device");
1748 dm_hash_exit();
1752 * dm_copy_name_and_uuid - Copy mapped device name & uuid into supplied buffers
1753 * @md: Pointer to mapped_device
1754 * @name: Buffer (size DM_NAME_LEN) for name
1755 * @uuid: Buffer (size DM_UUID_LEN) for uuid or empty string if uuid not defined
1757 int dm_copy_name_and_uuid(struct mapped_device *md, char *name, char *uuid)
1759 int r = 0;
1760 struct hash_cell *hc;
1762 if (!md)
1763 return -ENXIO;
1765 mutex_lock(&dm_hash_cells_mutex);
1766 hc = dm_get_mdptr(md);
1767 if (!hc || hc->md != md) {
1768 r = -ENXIO;
1769 goto out;
1772 if (name)
1773 strcpy(name, hc->name);
1774 if (uuid)
1775 strcpy(uuid, hc->uuid ? : "");
1777 out:
1778 mutex_unlock(&dm_hash_cells_mutex);
1780 return r;