*/
#define DEBUG_SUBSYSTEM S_LNET
+#define LNET_MAX_IOCTL_BUF_LEN (sizeof(struct lnet_ioctl_net_config) + \
+ sizeof(struct lnet_ioctl_config_data))
#include <libcfs/libcfs.h>
#include <libcfs/libcfs_crypto.h>
#include <lnet/lib-lnet.h>
+#include <lnet/lib-dlc.h>
#include <lnet/lnet.h>
+#include <lnet/nidstr.h>
#include "tracefile.h"
void
}
int
-kportal_memhog_alloc (struct libcfs_device_userstate *ldu, int npages, int flags)
+kportal_memhog_alloc(struct libcfs_device_userstate *ldu, int npages,
+ gfp_t flags)
{
struct page **level0p;
struct page **level1p;
}
static struct rw_semaphore ioctl_list_sem;
-static cfs_list_t ioctl_list;
+static struct list_head ioctl_list;
int libcfs_register_ioctl(struct libcfs_ioctl_handler *hand)
{
- int rc = 0;
+ int rc = 0;
down_write(&ioctl_list_sem);
- if (!cfs_list_empty(&hand->item))
- rc = -EBUSY;
- else
- cfs_list_add_tail(&hand->item, &ioctl_list);
+ if (!list_empty(&hand->item))
+ rc = -EBUSY;
+ else
+ list_add_tail(&hand->item, &ioctl_list);
up_write(&ioctl_list_sem);
- return rc;
+ return rc;
}
EXPORT_SYMBOL(libcfs_register_ioctl);
int libcfs_deregister_ioctl(struct libcfs_ioctl_handler *hand)
{
- int rc = 0;
+ int rc = 0;
down_write(&ioctl_list_sem);
- if (cfs_list_empty(&hand->item))
- rc = -ENOENT;
- else
- cfs_list_del_init(&hand->item);
+ if (list_empty(&hand->item))
+ rc = -ENOENT;
+ else
+ list_del_init(&hand->item);
up_write(&ioctl_list_sem);
- return rc;
+ return rc;
}
EXPORT_SYMBOL(libcfs_deregister_ioctl);
-static int libcfs_ioctl_int(struct cfs_psdev_file *pfile,unsigned long cmd,
- void *arg, struct libcfs_ioctl_data *data)
+static int libcfs_ioctl_handle(struct cfs_psdev_file *pfile, unsigned long cmd,
+ void *arg, struct libcfs_ioctl_hdr *hdr)
{
- int err = -EINVAL;
- ENTRY;
-
- switch (cmd) {
- case IOC_LIBCFS_CLEAR_DEBUG:
- libcfs_debug_clear_buffer();
- RETURN(0);
- /*
- * case IOC_LIBCFS_PANIC:
- * Handled in arch/cfs_module.c
- */
- case IOC_LIBCFS_MARK_DEBUG:
- if (data->ioc_inlbuf1 == NULL ||
- data->ioc_inlbuf1[data->ioc_inllen1 - 1] != '\0')
- RETURN(-EINVAL);
- libcfs_debug_mark_buffer(data->ioc_inlbuf1);
- RETURN(0);
-#if LWT_SUPPORT
- case IOC_LIBCFS_LWT_CONTROL:
- err = lwt_control ((data->ioc_flags & 1) != 0,
- (data->ioc_flags & 2) != 0);
- break;
-
- case IOC_LIBCFS_LWT_SNAPSHOT: {
- cfs_cycles_t now;
- int ncpu;
- int total_size;
-
- err = lwt_snapshot (&now, &ncpu, &total_size,
- data->ioc_pbuf1, data->ioc_plen1);
- data->ioc_u64[0] = now;
- data->ioc_u32[0] = ncpu;
- data->ioc_u32[1] = total_size;
-
- /* Hedge against broken user/kernel typedefs (e.g. cycles_t) */
- data->ioc_u32[2] = sizeof(lwt_event_t);
- data->ioc_u32[3] = offsetof(lwt_event_t, lwte_where);
-
- if (err == 0 &&
- libcfs_ioctl_popdata(arg, data, sizeof (*data)))
- err = -EFAULT;
- break;
- }
-
- case IOC_LIBCFS_LWT_LOOKUP_STRING:
- err = lwt_lookup_string (&data->ioc_count, data->ioc_pbuf1,
- data->ioc_pbuf2, data->ioc_plen2);
- if (err == 0 &&
- libcfs_ioctl_popdata(arg, data, sizeof (*data)))
- err = -EFAULT;
- break;
-#endif
- case IOC_LIBCFS_MEMHOG:
- if (pfile->private_data == NULL) {
- err = -EINVAL;
- } else {
- kportal_memhog_free(pfile->private_data);
- /* XXX The ioc_flags is not GFP flags now, need to be fixed */
- err = kportal_memhog_alloc(pfile->private_data,
- data->ioc_count,
- data->ioc_flags);
- if (err != 0)
- kportal_memhog_free(pfile->private_data);
- }
- break;
-
- case IOC_LIBCFS_PING_TEST: {
+ struct libcfs_ioctl_data *data = NULL;
+ int err;
+ ENTRY;
+
+ /* The libcfs_ioctl_data_adjust() function performs adjustment
+ * operations on the libcfs_ioctl_data structure to make
+ * it usable by the code. This doesn't need to be called
+ * for new data structures added. */
+ if (hdr->ioc_version == LIBCFS_IOCTL_VERSION) {
+ data = container_of(hdr, struct libcfs_ioctl_data, ioc_hdr);
+ err = libcfs_ioctl_data_adjust(data);
+ if (err != 0) {
+ RETURN(err);
+ }
+ }
+
+ switch (cmd) {
+ case IOC_LIBCFS_CLEAR_DEBUG:
+ libcfs_debug_clear_buffer();
+ RETURN(0);
+ /*
+ * case IOC_LIBCFS_PANIC:
+ * Handled in arch/cfs_module.c
+ */
+ case IOC_LIBCFS_MARK_DEBUG:
+ if (data->ioc_inlbuf1 == NULL ||
+ data->ioc_inlbuf1[data->ioc_inllen1 - 1] != '\0')
+ RETURN(-EINVAL);
+ libcfs_debug_mark_buffer(data->ioc_inlbuf1);
+ RETURN(0);
+ case IOC_LIBCFS_MEMHOG:
+ if (pfile->private_data == NULL) {
+ err = -EINVAL;
+ } else {
+ kportal_memhog_free(pfile->private_data);
+ /* XXX The ioc_flags is not GFP flags now, need to
+ * be fixed */
+ err = kportal_memhog_alloc(pfile->private_data,
+ data->ioc_count,
+ data->ioc_flags);
+ if (err != 0)
+ kportal_memhog_free(pfile->private_data);
+ }
+ break;
+
+ case IOC_LIBCFS_PING_TEST: {
extern void (kping_client)(struct libcfs_ioctl_data *);
void (*ping)(struct libcfs_ioctl_data *);
RETURN(0);
}
- default: {
- struct libcfs_ioctl_handler *hand;
- err = -EINVAL;
+ default: {
+ struct libcfs_ioctl_handler *hand;
+
+ err = -EINVAL;
down_read(&ioctl_list_sem);
- cfs_list_for_each_entry_typed(hand, &ioctl_list,
- struct libcfs_ioctl_handler, item) {
- err = hand->handle_ioctl(cmd, data);
- if (err != -EINVAL) {
- if (err == 0)
- err = libcfs_ioctl_popdata(arg,
- data, sizeof (*data));
- break;
- }
- }
+ list_for_each_entry(hand, &ioctl_list, item) {
+ err = hand->handle_ioctl(cmd, hdr);
+ if (err != -EINVAL) {
+ if (err == 0)
+ err = libcfs_ioctl_popdata(arg,
+ hdr, hdr->ioc_len);
+ break;
+ }
+ }
up_read(&ioctl_list_sem);
- break;
- }
- }
+ break;
+ }
+ }
- RETURN(err);
+ RETURN(err);
}
static int libcfs_ioctl(struct cfs_psdev_file *pfile,
unsigned long cmd, void *arg)
{
- char *buf;
- struct libcfs_ioctl_data *data;
+ struct libcfs_ioctl_hdr *hdr;
int err = 0;
+ __u32 buf_len;
ENTRY;
- LIBCFS_ALLOC_GFP(buf, 1024, GFP_IOFS);
- if (buf == NULL)
+ err = libcfs_ioctl_getdata_len(arg, &buf_len);
+ if (err != 0)
+ RETURN(err);
+
+ /*
+ * do a check here to restrict the size of the memory
+ * to allocate to guard against DoS attacks.
+ */
+ if (buf_len > LNET_MAX_IOCTL_BUF_LEN) {
+ CERROR("LNET: user buffer exceeds kernel buffer\n");
+ RETURN(-EINVAL);
+ }
+
+ LIBCFS_ALLOC_GFP(hdr, buf_len, GFP_IOFS);
+ if (hdr == NULL)
RETURN(-ENOMEM);
- /* 'cmd' and permissions get checked in our arch-specific caller */
- if (libcfs_ioctl_getdata(buf, buf + 800, (void *)arg)) {
- CERROR("PORTALS ioctl: data error\n");
- GOTO(out, err = -EINVAL);
- }
- data = (struct libcfs_ioctl_data *)buf;
+ /* 'cmd' and permissions get checked in our arch-specific caller */
+ if (libcfs_ioctl_getdata(hdr, buf_len, arg)) {
+ CERROR("LNET ioctl: data error\n");
+ GOTO(out, err = -EINVAL);
+ }
- err = libcfs_ioctl_int(pfile, cmd, arg, data);
+ err = libcfs_ioctl_handle(pfile, cmd, arg, hdr);
out:
- LIBCFS_FREE(buf, 1024);
- RETURN(err);
+ LIBCFS_FREE(hdr, buf_len);
+ RETURN(err);
}
init_rwsem(&cfs_tracefile_sem);
mutex_init(&cfs_trace_thread_mutex);
init_rwsem(&ioctl_list_sem);
- CFS_INIT_LIST_HEAD(&ioctl_list);
- cfs_waitq_init(&cfs_race_waitq);
+ INIT_LIST_HEAD(&ioctl_list);
+ init_waitqueue_head(&cfs_race_waitq);
rc = libcfs_debug_init(5 * 1024 * 1024);
if (rc < 0) {
if (rc != 0)
goto cleanup_debug;
-#if LWT_SUPPORT
- rc = lwt_init();
- if (rc != 0) {
- CERROR("lwt_init: error %d\n", rc);
- goto cleanup_debug;
- }
-#endif
rc = misc_register(&libcfs_dev);
if (rc) {
CERROR("misc_register: error %d\n", rc);
- goto cleanup_lwt;
+ goto cleanup_cpu;
}
rc = cfs_wi_startup();
CDEBUG (D_OTHER, "portals setup OK\n");
return 0;
- cleanup_crypto:
+cleanup_crypto:
cfs_crypto_unregister();
- cleanup_wi:
+cleanup_wi:
cfs_wi_shutdown();
- cleanup_deregister:
+cleanup_deregister:
misc_deregister(&libcfs_dev);
- cleanup_lwt:
-#if LWT_SUPPORT
- lwt_fini();
-#endif
- cleanup_debug:
+cleanup_cpu:
+ cfs_cpu_fini();
+cleanup_debug:
libcfs_debug_cleanup();
return rc;
}
remove_proc();
CDEBUG(D_MALLOC, "before Portals cleanup: kmem %d\n",
- cfs_atomic_read(&libcfs_kmemory));
+ atomic_read(&libcfs_kmemory));
if (cfs_sched_rehash != NULL) {
cfs_wi_sched_destroy(cfs_sched_rehash);
if (rc)
CERROR("misc_deregister error %d\n", rc);
-#if LWT_SUPPORT
- lwt_fini();
-#endif
cfs_cpu_fini();
- if (cfs_atomic_read(&libcfs_kmemory) != 0)
+ if (atomic_read(&libcfs_kmemory) != 0)
CERROR("Portals memory leaked: %d bytes\n",
- cfs_atomic_read(&libcfs_kmemory));
+ atomic_read(&libcfs_kmemory));
rc = libcfs_debug_cleanup();
if (rc)