pmcraid: reject negative request size
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / fs / dcookies.c
bloba21cabdbd87b174c635b584e548fcfbd3d1d1679
1 /*
2 * dcookies.c
4 * Copyright 2002 John Levon <levon@movementarian.org>
6 * Persistent cookie-path mappings. These are used by
7 * profilers to convert a per-task EIP value into something
8 * non-transitory that can be processed at a later date.
9 * This is done by locking the dentry/vfsmnt pair in the
10 * kernel until released by the tasks needing the persistent
11 * objects. The tag is simply an unsigned long that refers
12 * to the pair and can be looked up from userspace.
15 #include <linux/syscalls.h>
16 #include <linux/module.h>
17 #include <linux/slab.h>
18 #include <linux/list.h>
19 #include <linux/mount.h>
20 #include <linux/capability.h>
21 #include <linux/dcache.h>
22 #include <linux/mm.h>
23 #include <linux/err.h>
24 #include <linux/errno.h>
25 #include <linux/dcookies.h>
26 #include <linux/mutex.h>
27 #include <linux/path.h>
28 #include <asm/uaccess.h>
30 /* The dcookies are allocated from a kmem_cache and
31 * hashed onto a small number of lists. None of the
32 * code here is particularly performance critical
34 struct dcookie_struct {
35 struct path path;
36 struct list_head hash_list;
39 static LIST_HEAD(dcookie_users);
40 static DEFINE_MUTEX(dcookie_mutex);
41 static struct kmem_cache *dcookie_cache __read_mostly;
42 static struct list_head *dcookie_hashtable __read_mostly;
43 static size_t hash_size __read_mostly;
45 static inline int is_live(void)
47 return !(list_empty(&dcookie_users));
51 /* The dentry is locked, its address will do for the cookie */
52 static inline unsigned long dcookie_value(struct dcookie_struct * dcs)
54 return (unsigned long)dcs->path.dentry;
58 static size_t dcookie_hash(unsigned long dcookie)
60 return (dcookie >> L1_CACHE_SHIFT) & (hash_size - 1);
64 static struct dcookie_struct * find_dcookie(unsigned long dcookie)
66 struct dcookie_struct *found = NULL;
67 struct dcookie_struct * dcs;
68 struct list_head * pos;
69 struct list_head * list;
71 list = dcookie_hashtable + dcookie_hash(dcookie);
73 list_for_each(pos, list) {
74 dcs = list_entry(pos, struct dcookie_struct, hash_list);
75 if (dcookie_value(dcs) == dcookie) {
76 found = dcs;
77 break;
81 return found;
85 static void hash_dcookie(struct dcookie_struct * dcs)
87 struct list_head * list = dcookie_hashtable + dcookie_hash(dcookie_value(dcs));
88 list_add(&dcs->hash_list, list);
92 static struct dcookie_struct *alloc_dcookie(struct path *path)
94 struct dcookie_struct *dcs = kmem_cache_alloc(dcookie_cache,
95 GFP_KERNEL);
96 struct dentry *d;
97 if (!dcs)
98 return NULL;
100 d = path->dentry;
101 spin_lock(&d->d_lock);
102 d->d_flags |= DCACHE_COOKIE;
103 spin_unlock(&d->d_lock);
105 dcs->path = *path;
106 path_get(path);
107 hash_dcookie(dcs);
108 return dcs;
112 /* This is the main kernel-side routine that retrieves the cookie
113 * value for a dentry/vfsmnt pair.
115 int get_dcookie(struct path *path, unsigned long *cookie)
117 int err = 0;
118 struct dcookie_struct * dcs;
120 mutex_lock(&dcookie_mutex);
122 if (!is_live()) {
123 err = -EINVAL;
124 goto out;
127 if (path->dentry->d_flags & DCACHE_COOKIE) {
128 dcs = find_dcookie((unsigned long)path->dentry);
129 } else {
130 dcs = alloc_dcookie(path);
131 if (!dcs) {
132 err = -ENOMEM;
133 goto out;
137 *cookie = dcookie_value(dcs);
139 out:
140 mutex_unlock(&dcookie_mutex);
141 return err;
145 /* And here is where the userspace process can look up the cookie value
146 * to retrieve the path.
148 SYSCALL_DEFINE(lookup_dcookie)(u64 cookie64, char __user * buf, size_t len)
150 unsigned long cookie = (unsigned long)cookie64;
151 int err = -EINVAL;
152 char * kbuf;
153 char * path;
154 size_t pathlen;
155 struct dcookie_struct * dcs;
157 /* we could leak path information to users
158 * without dir read permission without this
160 if (!capable(CAP_SYS_ADMIN))
161 return -EPERM;
163 mutex_lock(&dcookie_mutex);
165 if (!is_live()) {
166 err = -EINVAL;
167 goto out;
170 if (!(dcs = find_dcookie(cookie)))
171 goto out;
173 err = -ENOMEM;
174 kbuf = kmalloc(PAGE_SIZE, GFP_KERNEL);
175 if (!kbuf)
176 goto out;
178 /* FIXME: (deleted) ? */
179 path = d_path(&dcs->path, kbuf, PAGE_SIZE);
181 if (IS_ERR(path)) {
182 err = PTR_ERR(path);
183 goto out_free;
186 err = -ERANGE;
188 pathlen = kbuf + PAGE_SIZE - path;
189 if (pathlen <= len) {
190 err = pathlen;
191 if (copy_to_user(buf, path, pathlen))
192 err = -EFAULT;
195 out_free:
196 kfree(kbuf);
197 out:
198 mutex_unlock(&dcookie_mutex);
199 return err;
201 #ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
202 asmlinkage long SyS_lookup_dcookie(u64 cookie64, long buf, long len)
204 return SYSC_lookup_dcookie(cookie64, (char __user *) buf, (size_t) len);
206 SYSCALL_ALIAS(sys_lookup_dcookie, SyS_lookup_dcookie);
207 #endif
209 static int dcookie_init(void)
211 struct list_head * d;
212 unsigned int i, hash_bits;
213 int err = -ENOMEM;
215 dcookie_cache = kmem_cache_create("dcookie_cache",
216 sizeof(struct dcookie_struct),
217 0, 0, NULL);
219 if (!dcookie_cache)
220 goto out;
222 dcookie_hashtable = kmalloc(PAGE_SIZE, GFP_KERNEL);
223 if (!dcookie_hashtable)
224 goto out_kmem;
226 err = 0;
229 * Find the power-of-two list-heads that can fit into the allocation..
230 * We don't guarantee that "sizeof(struct list_head)" is necessarily
231 * a power-of-two.
233 hash_size = PAGE_SIZE / sizeof(struct list_head);
234 hash_bits = 0;
235 do {
236 hash_bits++;
237 } while ((hash_size >> hash_bits) != 0);
238 hash_bits--;
241 * Re-calculate the actual number of entries and the mask
242 * from the number of bits we can fit.
244 hash_size = 1UL << hash_bits;
246 /* And initialize the newly allocated array */
247 d = dcookie_hashtable;
248 i = hash_size;
249 do {
250 INIT_LIST_HEAD(d);
251 d++;
252 i--;
253 } while (i);
255 out:
256 return err;
257 out_kmem:
258 kmem_cache_destroy(dcookie_cache);
259 goto out;
263 static void free_dcookie(struct dcookie_struct * dcs)
265 struct dentry *d = dcs->path.dentry;
267 spin_lock(&d->d_lock);
268 d->d_flags &= ~DCACHE_COOKIE;
269 spin_unlock(&d->d_lock);
271 path_put(&dcs->path);
272 kmem_cache_free(dcookie_cache, dcs);
276 static void dcookie_exit(void)
278 struct list_head * list;
279 struct list_head * pos;
280 struct list_head * pos2;
281 struct dcookie_struct * dcs;
282 size_t i;
284 for (i = 0; i < hash_size; ++i) {
285 list = dcookie_hashtable + i;
286 list_for_each_safe(pos, pos2, list) {
287 dcs = list_entry(pos, struct dcookie_struct, hash_list);
288 list_del(&dcs->hash_list);
289 free_dcookie(dcs);
293 kfree(dcookie_hashtable);
294 kmem_cache_destroy(dcookie_cache);
298 struct dcookie_user {
299 struct list_head next;
302 struct dcookie_user * dcookie_register(void)
304 struct dcookie_user * user;
306 mutex_lock(&dcookie_mutex);
308 user = kmalloc(sizeof(struct dcookie_user), GFP_KERNEL);
309 if (!user)
310 goto out;
312 if (!is_live() && dcookie_init())
313 goto out_free;
315 list_add(&user->next, &dcookie_users);
317 out:
318 mutex_unlock(&dcookie_mutex);
319 return user;
320 out_free:
321 kfree(user);
322 user = NULL;
323 goto out;
327 void dcookie_unregister(struct dcookie_user * user)
329 mutex_lock(&dcookie_mutex);
331 list_del(&user->next);
332 kfree(user);
334 if (!is_live())
335 dcookie_exit();
337 mutex_unlock(&dcookie_mutex);
340 EXPORT_SYMBOL_GPL(dcookie_register);
341 EXPORT_SYMBOL_GPL(dcookie_unregister);
342 EXPORT_SYMBOL_GPL(get_dcookie);