X-Git-Url: https://git.whamcloud.com/?a=blobdiff_plain;ds=sidebyside;f=libcfs%2Flibcfs%2Flinux%2Flinux-module.c;h=97dd9ed972645f5b13558a9a234becd642c98938;hb=ccabce23bd9e366c345c852f565766a799f61238;hp=6d841b402794597ba4bde97f27295b39efcb7ee7;hpb=f3b3e3f1b92f507816120a53bbfd0ab4887a7a98;p=fs%2Flustre-release.git diff --git a/libcfs/libcfs/linux/linux-module.c b/libcfs/libcfs/linux/linux-module.c index 6d841b4..97dd9ed 100644 --- a/libcfs/libcfs/linux/linux-module.c +++ b/libcfs/libcfs/linux/linux-module.c @@ -15,11 +15,7 @@ * * You should have received a copy of the GNU General Public License * version 2 along with this program; If not, see - * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. + * http://www.gnu.org/licenses/gpl-2.0.html * * GPL HEADER END */ @@ -27,7 +23,7 @@ * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * - * Copyright (c) 2012, Intel Corporation. + * Copyright (c) 2012, 2017, Intel Corporation. */ /* * This file is part of Lustre, http://www.lustre.org/ @@ -36,14 +32,64 @@ #define DEBUG_SUBSYSTEM S_LNET +#include #include -#define LNET_MINOR 240 +static inline size_t libcfs_ioctl_packlen(struct libcfs_ioctl_data *data) +{ + size_t len = sizeof(*data); + + len += (data->ioc_inllen1 + 7) & ~7; + len += (data->ioc_inllen2 + 7) & ~7; + return len; +} + +static bool libcfs_ioctl_is_invalid(struct libcfs_ioctl_data *data) +{ + if (data->ioc_hdr.ioc_len > BIT(30)) + return true; + + if (data->ioc_inllen1 > BIT(30)) + return true; + + if (data->ioc_inllen2 > BIT(30)) + return true; + + if (data->ioc_inlbuf1 && !data->ioc_inllen1) + return true; + + if (data->ioc_inlbuf2 && !data->ioc_inllen2) + return true; + + if (data->ioc_pbuf1 && !data->ioc_plen1) + return true; + + if (data->ioc_pbuf2 && !data->ioc_plen2) + return true; + + if (data->ioc_plen1 && !data->ioc_pbuf1) + return true; + + if (data->ioc_plen2 && !data->ioc_pbuf2) + return true; + + if (libcfs_ioctl_packlen(data) != data->ioc_hdr.ioc_len) + return true; + + if (data->ioc_inllen1 && + data->ioc_bulk[((data->ioc_inllen1 + 7) & ~7) + + data->ioc_inllen2 - 1] != '\0') + return true; + + return false; +} int libcfs_ioctl_data_adjust(struct libcfs_ioctl_data *data) { + ENTRY; + if (libcfs_ioctl_is_invalid(data)) { - CERROR("LNET: ioctl not correctly formatted\n"); + CERROR("libcfs ioctl: parameter not correctly formatted\n"); RETURN(-EINVAL); } @@ -52,91 +98,55 @@ int libcfs_ioctl_data_adjust(struct libcfs_ioctl_data *data) if (data->ioc_inllen2 != 0) data->ioc_inlbuf2 = &data->ioc_bulk[0] + - cfs_size_round(data->ioc_inllen1); + cfs_size_round(data->ioc_inllen1); RETURN(0); } -int libcfs_ioctl_getdata_len(const struct libcfs_ioctl_hdr __user *arg, - __u32 *len) +int libcfs_ioctl_getdata(struct libcfs_ioctl_hdr **hdr_pp, + struct libcfs_ioctl_hdr __user *uhdr) { - struct libcfs_ioctl_hdr hdr; + struct libcfs_ioctl_hdr hdr; + int err = 0; ENTRY; - if (copy_from_user(&hdr, arg, sizeof(hdr))) + if (copy_from_user(&hdr, uhdr, sizeof(hdr))) RETURN(-EFAULT); if (hdr.ioc_version != LIBCFS_IOCTL_VERSION && hdr.ioc_version != LIBCFS_IOCTL_VERSION2) { - CERROR("LNET: version mismatch expected %#x, got %#x\n", + CERROR("libcfs ioctl: version mismatch expected %#x, got %#x\n", LIBCFS_IOCTL_VERSION, hdr.ioc_version); RETURN(-EINVAL); } - *len = hdr.ioc_len; - - RETURN(0); -} - -int libcfs_ioctl_getdata(struct libcfs_ioctl_hdr *buf, __u32 buf_len, - const void __user *arg) -{ - ENTRY; - - if (copy_from_user(buf, arg, buf_len)) + if (hdr.ioc_len < sizeof(struct libcfs_ioctl_hdr)) { + CERROR("libcfs ioctl: user buffer too small for ioctl\n"); RETURN(-EINVAL); + } - RETURN(0); -} - -int libcfs_ioctl_popdata(void *arg, void *data, int size) -{ - if (copy_to_user((char *)arg, data, size)) - return -EFAULT; - return 0; -} + if (hdr.ioc_len > LIBCFS_IOC_DATA_MAX) { + CERROR("libcfs ioctl: user buffer is too large %d/%d\n", + hdr.ioc_len, LIBCFS_IOC_DATA_MAX); + RETURN(-EINVAL); + } -extern struct cfs_psdev_ops libcfs_psdev_ops; + LIBCFS_ALLOC(*hdr_pp, hdr.ioc_len); + if (*hdr_pp == NULL) + RETURN(-ENOMEM); -static int -libcfs_psdev_open(struct inode * inode, struct file * file) -{ - struct libcfs_device_userstate **pdu = NULL; - int rc = 0; - - if (!inode) - return (-EINVAL); - pdu = (struct libcfs_device_userstate **)&file->private_data; - if (libcfs_psdev_ops.p_open != NULL) - rc = libcfs_psdev_ops.p_open(0, (void *)pdu); - else - return (-EPERM); - return rc; -} + if (copy_from_user(*hdr_pp, uhdr, hdr.ioc_len)) + GOTO(failed, err = -EFAULT); -/* called when closing /dev/device */ -static int -libcfs_psdev_release(struct inode * inode, struct file * file) -{ - struct libcfs_device_userstate *pdu; - int rc = 0; - - if (!inode) - return (-EINVAL); - pdu = file->private_data; - if (libcfs_psdev_ops.p_close != NULL) - rc = libcfs_psdev_ops.p_close(0, (void *)pdu); - else - rc = -EPERM; - return rc; + RETURN(0); +failed: + LIBCFS_FREE(*hdr_pp, hdr.ioc_len); + RETURN(err); } -static long libcfs_ioctl(struct file *file, - unsigned int cmd, unsigned long arg) +static long +libcfs_psdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg) { - struct cfs_psdev_file pfile; - int rc = 0; - if (!capable(CAP_SYS_ADMIN)) return -EACCES; @@ -145,39 +155,19 @@ static long libcfs_ioctl(struct file *file, _IOC_NR(cmd) > IOC_LIBCFS_MAX_NR) { CDEBUG(D_IOCTL, "invalid ioctl ( type %d, nr %d, size %d )\n", _IOC_TYPE(cmd), _IOC_NR(cmd), _IOC_SIZE(cmd)); - return (-EINVAL); - } - - /* Handle platform-dependent IOC requests */ - switch (cmd) { - case IOC_LIBCFS_PANIC: - if (!cfs_capable(CFS_CAP_SYS_BOOT)) - return (-EPERM); - panic("debugctl-invoked panic"); - return (0); - case IOC_LIBCFS_MEMHOG: - if (!cfs_capable(CFS_CAP_SYS_ADMIN)) - return -EPERM; - /* go thought */ + return -EINVAL; } - pfile.off = 0; - pfile.private_data = file->private_data; - if (libcfs_psdev_ops.p_ioctl != NULL) - rc = libcfs_psdev_ops.p_ioctl(&pfile, cmd, (void *)arg); - else - rc = -EPERM; - return (rc); + return libcfs_ioctl(cmd, (void __user *)arg); } static struct file_operations libcfs_fops = { - unlocked_ioctl: libcfs_ioctl, - open : libcfs_psdev_open, - release : libcfs_psdev_release + .owner = THIS_MODULE, + .unlocked_ioctl = libcfs_psdev_ioctl, }; struct miscdevice libcfs_dev = { - LNET_MINOR, - "lnet", - &libcfs_fops + .minor = MISC_DYNAMIC_MINOR, + .name = "lnet", + .fops = &libcfs_fops };