search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[SCSI] gdth: Prevent negative offsets in ioctl CVE-2009-3080
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / fs / gfs2 / sys.c
blob446329728d5278174a3cfebee3827d0cd9cd2e06
1 /*
2 * Copyright (C) Sistina Software, Inc. 1997-2003 All rights reserved.
3 * Copyright (C) 2004-2006 Red Hat, Inc. All rights reserved.
4 *
5 * This copyrighted material is made available to anyone wishing to use,
6 * modify, copy, or redistribute it subject to the terms and conditions
7 * of the GNU General Public License version 2.
8 */
9
10 #include <linux/sched.h>
11 #include <linux/slab.h>
12 #include <linux/spinlock.h>
13 #include <linux/completion.h>
14 #include <linux/buffer_head.h>
15 #include <linux/module.h>
16 #include <linux/kobject.h>
17 #include <asm/uaccess.h>
18 #include <linux/gfs2_ondisk.h>
19 #include <linux/genhd.h>
20
21 #include "gfs2.h"
22 #include "incore.h"
23 #include "sys.h"
24 #include "super.h"
25 #include "glock.h"
26 #include "quota.h"
27 #include "util.h"
28 #include "glops.h"
29
30 struct gfs2_attr {
31 struct attribute attr;
32 ssize_t (*show)(struct gfs2_sbd *, char *);
33 ssize_t (*store)(struct gfs2_sbd *, const char *, size_t);
34 };
35
36 static ssize_t gfs2_attr_show(struct kobject *kobj, struct attribute *attr,
37 char *buf)
38 {
39 struct gfs2_sbd *sdp = container_of(kobj, struct gfs2_sbd, sd_kobj);
40 struct gfs2_attr *a = container_of(attr, struct gfs2_attr, attr);
41 return a->show ? a->show(sdp, buf) : 0;
42 }
43
44 static ssize_t gfs2_attr_store(struct kobject *kobj, struct attribute *attr,
45 const char *buf, size_t len)
46 {
47 struct gfs2_sbd *sdp = container_of(kobj, struct gfs2_sbd, sd_kobj);
48 struct gfs2_attr *a = container_of(attr, struct gfs2_attr, attr);
49 return a->store ? a->store(sdp, buf, len) : len;
50 }
51
52 static struct sysfs_ops gfs2_attr_ops = {
53 .show = gfs2_attr_show,
54 .store = gfs2_attr_store,
55 };
56
57
58 static struct kset *gfs2_kset;
59
60 static ssize_t id_show(struct gfs2_sbd *sdp, char *buf)
61 {
62 return snprintf(buf, PAGE_SIZE, "%u:%u\n",
63 MAJOR(sdp->sd_vfs->s_dev), MINOR(sdp->sd_vfs->s_dev));
64 }
65
66 static ssize_t fsname_show(struct gfs2_sbd *sdp, char *buf)
67 {
68 return snprintf(buf, PAGE_SIZE, "%s\n", sdp->sd_fsname);
69 }
70
71 static int gfs2_uuid_valid(const u8 *uuid)
72 {
73 int i;
74
75 for (i = 0; i < 16; i++) {
76 if (uuid[i])
77 return 1;
78 }
79 return 0;
80 }
81
82 static ssize_t uuid_show(struct gfs2_sbd *sdp, char *buf)
83 {
84 const u8 *uuid = sdp->sd_sb.sb_uuid;
85 buf[0] = '\0';
86 if (!gfs2_uuid_valid(uuid))
87 return 0;
88 return snprintf(buf, PAGE_SIZE, "%02X%02X%02X%02X-%02X%02X-"
89 "%02X%02X-%02X%02X-%02X%02X%02X%02X%02X%02X\n",
90 uuid[0], uuid[1], uuid[2], uuid[3], uuid[4], uuid[5],
91 uuid[6], uuid[7], uuid[8], uuid[9], uuid[10], uuid[11],
92 uuid[12], uuid[13], uuid[14], uuid[15]);
93 }
94
95 static ssize_t freeze_show(struct gfs2_sbd *sdp, char *buf)
96 {
97 unsigned int count;
98
99 mutex_lock(&sdp->sd_freeze_lock);
100 count = sdp->sd_freeze_count;
101 mutex_unlock(&sdp->sd_freeze_lock);
102
103 return snprintf(buf, PAGE_SIZE, "%u\n", count);
104 }
105
106 static ssize_t freeze_store(struct gfs2_sbd *sdp, const char *buf, size_t len)
107 {
108 ssize_t ret = len;
109 int error = 0;
110 int n = simple_strtol(buf, NULL, 0);
111
112 if (!capable(CAP_SYS_ADMIN))
113 return -EACCES;
114
115 switch (n) {
116 case 0:
117 gfs2_unfreeze_fs(sdp);
118 break;
119 case 1:
120 error = gfs2_freeze_fs(sdp);
121 break;
122 default:
123 ret = -EINVAL;
124 }
125
126 if (error)
127 fs_warn(sdp, "freeze %d error %d", n, error);
128
129 return ret;
130 }
131
132 static ssize_t withdraw_show(struct gfs2_sbd *sdp, char *buf)
133 {
134 unsigned int b = test_bit(SDF_SHUTDOWN, &sdp->sd_flags);
135 return snprintf(buf, PAGE_SIZE, "%u\n", b);
136 }
137
138 static ssize_t withdraw_store(struct gfs2_sbd *sdp, const char *buf, size_t len)
139 {
140 if (!capable(CAP_SYS_ADMIN))
141 return -EACCES;
142
143 if (simple_strtol(buf, NULL, 0) != 1)
144 return -EINVAL;
145
146 gfs2_lm_withdraw(sdp,
147 "GFS2: fsid=%s: withdrawing from cluster at user's request\n",
148 sdp->sd_fsname);
149 return len;
150 }
151
152 static ssize_t statfs_sync_store(struct gfs2_sbd *sdp, const char *buf,
153 size_t len)
154 {
155 if (!capable(CAP_SYS_ADMIN))
156 return -EACCES;
157
158 if (simple_strtol(buf, NULL, 0) != 1)
159 return -EINVAL;
160
161 gfs2_statfs_sync(sdp);
162 return len;
163 }
164
165 static ssize_t quota_sync_store(struct gfs2_sbd *sdp, const char *buf,
166 size_t len)
167 {
168 if (!capable(CAP_SYS_ADMIN))
169 return -EACCES;
170
171 if (simple_strtol(buf, NULL, 0) != 1)
172 return -EINVAL;
173
174 gfs2_quota_sync(sdp);
175 return len;
176 }
177
178 static ssize_t quota_refresh_user_store(struct gfs2_sbd *sdp, const char *buf,
179 size_t len)
180 {
181 u32 id;
182
183 if (!capable(CAP_SYS_ADMIN))
184 return -EACCES;
185
186 id = simple_strtoul(buf, NULL, 0);
187
188 gfs2_quota_refresh(sdp, 1, id);
189 return len;
190 }
191
192 static ssize_t quota_refresh_group_store(struct gfs2_sbd *sdp, const char *buf,
193 size_t len)
194 {
195 u32 id;
196
197 if (!capable(CAP_SYS_ADMIN))
198 return -EACCES;
199
200 id = simple_strtoul(buf, NULL, 0);
201
202 gfs2_quota_refresh(sdp, 0, id);
203 return len;
204 }
205
206 static ssize_t demote_rq_store(struct gfs2_sbd *sdp, const char *buf, size_t len)
207 {
208 struct gfs2_glock *gl;
209 const struct gfs2_glock_operations *glops;
210 unsigned int glmode;
211 unsigned int gltype;
212 unsigned long long glnum;
213 char mode[16];
214 int rv;
215
216 if (!capable(CAP_SYS_ADMIN))
217 return -EACCES;
218
219 rv = sscanf(buf, "%u:%llu %15s", &gltype, &glnum,
220 mode);
221 if (rv != 3)
222 return -EINVAL;
223
224 if (strcmp(mode, "EX") == 0)
225 glmode = LM_ST_UNLOCKED;
226 else if ((strcmp(mode, "CW") == 0) || (strcmp(mode, "DF") == 0))
227 glmode = LM_ST_DEFERRED;
228 else if ((strcmp(mode, "PR") == 0) || (strcmp(mode, "SH") == 0))
229 glmode = LM_ST_SHARED;
230 else
231 return -EINVAL;
232
233 if (gltype > LM_TYPE_JOURNAL)
234 return -EINVAL;
235 glops = gfs2_glops_list[gltype];
236 if (glops == NULL)
237 return -EINVAL;
238 rv = gfs2_glock_get(sdp, glnum, glops, 0, &gl);
239 if (rv)
240 return rv;
241 gfs2_glock_cb(gl, glmode);
242 gfs2_glock_put(gl);
243 return len;
244 }
245
246
247 #define GFS2_ATTR(name, mode, show, store) \
248 static struct gfs2_attr gfs2_attr_##name = __ATTR(name, mode, show, store)
249
250 GFS2_ATTR(id, 0444, id_show, NULL);
251 GFS2_ATTR(fsname, 0444, fsname_show, NULL);
252 GFS2_ATTR(uuid, 0444, uuid_show, NULL);
253 GFS2_ATTR(freeze, 0644, freeze_show, freeze_store);
254 GFS2_ATTR(withdraw, 0644, withdraw_show, withdraw_store);
255 GFS2_ATTR(statfs_sync, 0200, NULL, statfs_sync_store);
256 GFS2_ATTR(quota_sync, 0200, NULL, quota_sync_store);
257 GFS2_ATTR(quota_refresh_user, 0200, NULL, quota_refresh_user_store);
258 GFS2_ATTR(quota_refresh_group, 0200, NULL, quota_refresh_group_store);
259 GFS2_ATTR(demote_rq, 0200, NULL, demote_rq_store);
260
261 static struct attribute *gfs2_attrs[] = {
262 &gfs2_attr_id.attr,
263 &gfs2_attr_fsname.attr,
264 &gfs2_attr_uuid.attr,
265 &gfs2_attr_freeze.attr,
266 &gfs2_attr_withdraw.attr,
267 &gfs2_attr_statfs_sync.attr,
268 &gfs2_attr_quota_sync.attr,
269 &gfs2_attr_quota_refresh_user.attr,
270 &gfs2_attr_quota_refresh_group.attr,
271 &gfs2_attr_demote_rq.attr,
272 NULL,
273 };
274
275 static struct kobj_type gfs2_ktype = {
276 .default_attrs = gfs2_attrs,
277 .sysfs_ops = &gfs2_attr_ops,
278 };
279
280
281 /*
282 * lock_module. Originally from lock_dlm
283 */
284
285 static ssize_t proto_name_show(struct gfs2_sbd *sdp, char *buf)
286 {
287 const struct lm_lockops *ops = sdp->sd_lockstruct.ls_ops;
288 return sprintf(buf, "%s\n", ops->lm_proto_name);
289 }
290
291 static ssize_t block_show(struct gfs2_sbd *sdp, char *buf)
292 {
293 struct lm_lockstruct *ls = &sdp->sd_lockstruct;
294 ssize_t ret;
295 int val = 0;
296
297 if (test_bit(DFL_BLOCK_LOCKS, &ls->ls_flags))
298 val = 1;
299 ret = sprintf(buf, "%d\n", val);
300 return ret;
301 }
302
303 static ssize_t block_store(struct gfs2_sbd *sdp, const char *buf, size_t len)
304 {
305 struct lm_lockstruct *ls = &sdp->sd_lockstruct;
306 ssize_t ret = len;
307 int val;
308
309 val = simple_strtol(buf, NULL, 0);
310
311 if (val == 1)
312 set_bit(DFL_BLOCK_LOCKS, &ls->ls_flags);
313 else if (val == 0) {
314 clear_bit(DFL_BLOCK_LOCKS, &ls->ls_flags);
315 smp_mb__after_clear_bit();
316 gfs2_glock_thaw(sdp);
317 } else {
318 ret = -EINVAL;
319 }
320 return ret;
321 }
322
323 static ssize_t lkfirst_show(struct gfs2_sbd *sdp, char *buf)
324 {
325 struct lm_lockstruct *ls = &sdp->sd_lockstruct;
326 return sprintf(buf, "%d\n", ls->ls_first);
327 }
328
329 static ssize_t first_done_show(struct gfs2_sbd *sdp, char *buf)
330 {
331 struct lm_lockstruct *ls = &sdp->sd_lockstruct;
332 return sprintf(buf, "%d\n", ls->ls_first_done);
333 }
334
335 static ssize_t recover_store(struct gfs2_sbd *sdp, const char *buf, size_t len)
336 {
337 unsigned jid;
338 struct gfs2_jdesc *jd;
339 int rv;
340
341 rv = sscanf(buf, "%u", &jid);
342 if (rv != 1)
343 return -EINVAL;
344
345 rv = -ESHUTDOWN;
346 spin_lock(&sdp->sd_jindex_spin);
347 if (test_bit(SDF_NORECOVERY, &sdp->sd_flags))
348 goto out;
349 rv = -EBUSY;
350 if (sdp->sd_jdesc->jd_jid == jid)
351 goto out;
352 rv = -ENOENT;
353 list_for_each_entry(jd, &sdp->sd_jindex_list, jd_list) {
354 if (jd->jd_jid != jid)
355 continue;
356 rv = slow_work_enqueue(&jd->jd_work);
357 break;
358 }
359 out:
360 spin_unlock(&sdp->sd_jindex_spin);
361 return rv ? rv : len;
362 }
363
364 static ssize_t recover_done_show(struct gfs2_sbd *sdp, char *buf)
365 {
366 struct lm_lockstruct *ls = &sdp->sd_lockstruct;
367 return sprintf(buf, "%d\n", ls->ls_recover_jid_done);
368 }
369
370 static ssize_t recover_status_show(struct gfs2_sbd *sdp, char *buf)
371 {
372 struct lm_lockstruct *ls = &sdp->sd_lockstruct;
373 return sprintf(buf, "%d\n", ls->ls_recover_jid_status);
374 }
375
376 static ssize_t jid_show(struct gfs2_sbd *sdp, char *buf)
377 {
378 return sprintf(buf, "%u\n", sdp->sd_lockstruct.ls_jid);
379 }
380
381 #define GDLM_ATTR(_name,_mode,_show,_store) \
382 static struct gfs2_attr gdlm_attr_##_name = __ATTR(_name,_mode,_show,_store)
383
384 GDLM_ATTR(proto_name, 0444, proto_name_show, NULL);
385 GDLM_ATTR(block, 0644, block_show, block_store);
386 GDLM_ATTR(withdraw, 0644, withdraw_show, withdraw_store);
387 GDLM_ATTR(jid, 0444, jid_show, NULL);
388 GDLM_ATTR(first, 0444, lkfirst_show, NULL);
389 GDLM_ATTR(first_done, 0444, first_done_show, NULL);
390 GDLM_ATTR(recover, 0600, NULL, recover_store);
391 GDLM_ATTR(recover_done, 0444, recover_done_show, NULL);
392 GDLM_ATTR(recover_status, 0444, recover_status_show, NULL);
393
394 static struct attribute *lock_module_attrs[] = {
395 &gdlm_attr_proto_name.attr,
396 &gdlm_attr_block.attr,
397 &gdlm_attr_withdraw.attr,
398 &gdlm_attr_jid.attr,
399 &gdlm_attr_first.attr,
400 &gdlm_attr_first_done.attr,
401 &gdlm_attr_recover.attr,
402 &gdlm_attr_recover_done.attr,
403 &gdlm_attr_recover_status.attr,
404 NULL,
405 };
406
407 /*
408 * get and set struct gfs2_tune fields
409 */
410
411 static ssize_t quota_scale_show(struct gfs2_sbd *sdp, char *buf)
412 {
413 return snprintf(buf, PAGE_SIZE, "%u %u\n",
414 sdp->sd_tune.gt_quota_scale_num,
415 sdp->sd_tune.gt_quota_scale_den);
416 }
417
418 static ssize_t quota_scale_store(struct gfs2_sbd *sdp, const char *buf,
419 size_t len)
420 {
421 struct gfs2_tune *gt = &sdp->sd_tune;
422 unsigned int x, y;
423
424 if (!capable(CAP_SYS_ADMIN))
425 return -EACCES;
426
427 if (sscanf(buf, "%u %u", &x, &y) != 2 || !y)
428 return -EINVAL;
429
430 spin_lock(&gt->gt_spin);
431 gt->gt_quota_scale_num = x;
432 gt->gt_quota_scale_den = y;
433 spin_unlock(&gt->gt_spin);
434 return len;
435 }
436
437 static ssize_t tune_set(struct gfs2_sbd *sdp, unsigned int *field,
438 int check_zero, const char *buf, size_t len)
439 {
440 struct gfs2_tune *gt = &sdp->sd_tune;
441 unsigned int x;
442
443 if (!capable(CAP_SYS_ADMIN))
444 return -EACCES;
445
446 x = simple_strtoul(buf, NULL, 0);
447
448 if (check_zero && !x)
449 return -EINVAL;
450
451 spin_lock(&gt->gt_spin);
452 *field = x;
453 spin_unlock(&gt->gt_spin);
454 return len;
455 }
456
457 #define TUNE_ATTR_3(name, show, store) \
458 static struct gfs2_attr tune_attr_##name = __ATTR(name, 0644, show, store)
459
460 #define TUNE_ATTR_2(name, store) \
461 static ssize_t name##_show(struct gfs2_sbd *sdp, char *buf) \
462 { \
463 return snprintf(buf, PAGE_SIZE, "%u\n", sdp->sd_tune.gt_##name); \
464 } \
465 TUNE_ATTR_3(name, name##_show, store)
466
467 #define TUNE_ATTR(name, check_zero) \
468 static ssize_t name##_store(struct gfs2_sbd *sdp, const char *buf, size_t len)\
469 { \
470 return tune_set(sdp, &sdp->sd_tune.gt_##name, check_zero, buf, len); \
471 } \
472 TUNE_ATTR_2(name, name##_store)
473
474 TUNE_ATTR(incore_log_blocks, 0);
475 TUNE_ATTR(log_flush_secs, 0);
476 TUNE_ATTR(quota_warn_period, 0);
477 TUNE_ATTR(quota_quantum, 0);
478 TUNE_ATTR(max_readahead, 0);
479 TUNE_ATTR(complain_secs, 0);
480 TUNE_ATTR(statfs_slow, 0);
481 TUNE_ATTR(new_files_jdata, 0);
482 TUNE_ATTR(quota_simul_sync, 1);
483 TUNE_ATTR(stall_secs, 1);
484 TUNE_ATTR(statfs_quantum, 1);
485 TUNE_ATTR_3(quota_scale, quota_scale_show, quota_scale_store);
486
487 static struct attribute *tune_attrs[] = {
488 &tune_attr_incore_log_blocks.attr,
489 &tune_attr_log_flush_secs.attr,
490 &tune_attr_quota_warn_period.attr,
491 &tune_attr_quota_quantum.attr,
492 &tune_attr_max_readahead.attr,
493 &tune_attr_complain_secs.attr,
494 &tune_attr_statfs_slow.attr,
495 &tune_attr_quota_simul_sync.attr,
496 &tune_attr_stall_secs.attr,
497 &tune_attr_statfs_quantum.attr,
498 &tune_attr_quota_scale.attr,
499 &tune_attr_new_files_jdata.attr,
500 NULL,
501 };
502
503 static struct attribute_group tune_group = {
504 .name = "tune",
505 .attrs = tune_attrs,
506 };
507
508 static struct attribute_group lock_module_group = {
509 .name = "lock_module",
510 .attrs = lock_module_attrs,
511 };
512
513 int gfs2_sys_fs_add(struct gfs2_sbd *sdp)
514 {
515 struct super_block *sb = sdp->sd_vfs;
516 int error;
517 char ro[20];
518 char spectator[20];
519 char *envp[] = { ro, spectator, NULL };
520
521 sprintf(ro, "RDONLY=%d", (sb->s_flags & MS_RDONLY) ? 1 : 0);
522 sprintf(spectator, "SPECTATOR=%d", sdp->sd_args.ar_spectator ? 1 : 0);
523
524 sdp->sd_kobj.kset = gfs2_kset;
525 error = kobject_init_and_add(&sdp->sd_kobj, &gfs2_ktype, NULL,
526 "%s", sdp->sd_table_name);
527 if (error)
528 goto fail;
529
530 error = sysfs_create_group(&sdp->sd_kobj, &tune_group);
531 if (error)
532 goto fail_reg;
533
534 error = sysfs_create_group(&sdp->sd_kobj, &lock_module_group);
535 if (error)
536 goto fail_tune;
537
538 error = sysfs_create_link(&sdp->sd_kobj,
539 &disk_to_dev(sb->s_bdev->bd_disk)->kobj,
540 "device");
541 if (error)
542 goto fail_lock_module;
543
544 kobject_uevent_env(&sdp->sd_kobj, KOBJ_ADD, envp);
545 return 0;
546
547 fail_lock_module:
548 sysfs_remove_group(&sdp->sd_kobj, &lock_module_group);
549 fail_tune:
550 sysfs_remove_group(&sdp->sd_kobj, &tune_group);
551 fail_reg:
552 kobject_put(&sdp->sd_kobj);
553 fail:
554 fs_err(sdp, "error %d adding sysfs files", error);
555 return error;
556 }
557
558 void gfs2_sys_fs_del(struct gfs2_sbd *sdp)
559 {
560 sysfs_remove_link(&sdp->sd_kobj, "device");
561 sysfs_remove_group(&sdp->sd_kobj, &tune_group);
562 sysfs_remove_group(&sdp->sd_kobj, &lock_module_group);
563 kobject_put(&sdp->sd_kobj);
564 }
565
566 static int gfs2_uevent(struct kset *kset, struct kobject *kobj,
567 struct kobj_uevent_env *env)
568 {
569 struct gfs2_sbd *sdp = container_of(kobj, struct gfs2_sbd, sd_kobj);
570 const u8 *uuid = sdp->sd_sb.sb_uuid;
571
572 add_uevent_var(env, "LOCKTABLE=%s", sdp->sd_table_name);
573 add_uevent_var(env, "LOCKPROTO=%s", sdp->sd_proto_name);
574 if (!sdp->sd_args.ar_spectator)
575 add_uevent_var(env, "JOURNALID=%u", sdp->sd_lockstruct.ls_jid);
576 if (gfs2_uuid_valid(uuid)) {
577 add_uevent_var(env, "UUID=%02X%02X%02X%02X-%02X%02X-%02X%02X-"
578 "%02X%02X-%02X%02X%02X%02X%02X%02X",
579 uuid[0], uuid[1], uuid[2], uuid[3], uuid[4],
580 uuid[5], uuid[6], uuid[7], uuid[8], uuid[9],
581 uuid[10], uuid[11], uuid[12], uuid[13],
582 uuid[14], uuid[15]);
583 }
584 return 0;
585 }
586
587 static struct kset_uevent_ops gfs2_uevent_ops = {
588 .uevent = gfs2_uevent,
589 };
590
591 int gfs2_sys_init(void)
592 {
593 gfs2_kset = kset_create_and_add("gfs2", &gfs2_uevent_ops, fs_kobj);
594 if (!gfs2_kset)
595 return -ENOMEM;
596 return 0;
597 }
598
599 void gfs2_sys_uninit(void)
600 {
601 kset_unregister(gfs2_kset);
602 }
603
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree