1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
23 *
24 * Copyright 2013 Nexenta Systems, Inc. All rights reserved.
25 * Copyright (c) 2016 Andrey Sokolov
26 * Copyright 2016 Toomas Soome <tsoome@me.com>
27 * Copyright 2019 Joyent, Inc.
28 */
29
30 /*
31 * lofi (loopback file) driver - allows you to attach a file to a device,
32 * which can then be accessed through that device. The simple model is that
33 * you tell lofi to open a file, and then use the block device you get as
34 * you would any block device. lofi translates access to the block device
35 * into I/O on the underlying file. This is mostly useful for
36 * mounting images of filesystems.
37 *
38 * lofi is controlled through /dev/lofictl - this is the only device exported
39 * during attach, and is instance number 0. lofiadm communicates with lofi
40 * through ioctls on this device. When a file is attached to lofi, block and
41 * character devices are exported in /dev/lofi and /dev/rlofi. These devices
42 * are identified by lofi instance number, and the instance number is also used
43 * as the name in /dev/lofi.
44 *
45 * Virtual disks, or, labeled lofi, implements virtual disk support to
46 * support partition table and related tools. Such mappings will cause
47 * block and character devices to be exported in /dev/dsk and /dev/rdsk
48 * directories.
49 *
50 * To support virtual disks, the instance number space is divided to two
51 * parts, upper part for instance number and lower part for minor number
52 * space to identify partitions and slices. The virtual disk support is
53 * implemented by stacking cmlb module. For virtual disks, the partition
54 * related ioctl calls are routed to cmlb module. Compression and encryption
55 * is not supported for virtual disks.
56 *
57 * Mapped devices are tracked with state structures handled with
58 * ddi_soft_state(9F) for simplicity.
59 *
60 * A file attached to lofi is opened when attached and not closed until
61 * explicitly detached from lofi. This seems more sensible than deferring
62 * the open until the /dev/lofi device is opened, for a number of reasons.
63 * One is that any failure is likely to be noticed by the person (or script)
64 * running lofiadm. Another is that it would be a security problem if the
65 * file was replaced by another one after being added but before being opened.
66 *
67 * The only hard part about lofi is the ioctls. In order to support things
68 * like 'newfs' on a lofi device, it needs to support certain disk ioctls.
69 * So it has to fake disk geometry and partition information. More may need
70 * to be faked if your favorite utility doesn't work and you think it should
71 * (fdformat doesn't work because it really wants to know the type of floppy
72 * controller to talk to, and that didn't seem easy to fake. Or possibly even
73 * necessary, since we have mkfs_pcfs now).
74 *
75 * Normally, a lofi device cannot be detached if it is open (i.e. busy). To
76 * support simulation of hotplug events, an optional force flag is provided.
77 * If a lofi device is open when a force detach is requested, then the
78 * underlying file is closed and any subsequent operations return EIO. When the
79 * device is closed for the last time, it will be cleaned up at that time. In
80 * addition, the DKIOCSTATE ioctl will return DKIO_DEV_GONE when the device is
81 * detached but not removed.
82 *
83 * If detach was requested and lofi device is not open, we will perform
84 * unmap and remove the lofi instance.
85 *
86 * If the lofi device is open and the li_cleanup is set on ioctl request,
87 * we set ls_cleanup flag to notify the cleanup is requested, and the
88 * last lofi_close will perform the unmapping and this lofi instance will be
89 * removed.
90 *
91 * If the lofi device is open and the li_force is set on ioctl request,
92 * we set ls_cleanup flag to notify the cleanup is requested,
93 * we also set ls_vp_closereq to notify IO tasks to return EIO on new
94 * IO requests and wait in process IO count to become 0, indicating there
95 * are no more IO requests. Since ls_cleanup is set, the last lofi_close
96 * will perform unmap and this lofi instance will be removed.
97 * See also lofi_unmap_file() for details.
98 *
99 * Once ls_cleanup is set for the instance, we do not allow lofi_open()
100 * calls to succeed and can have last lofi_close() to remove the instance.
101 *
102 * Known problems:
103 *
104 * UFS logging. Mounting a UFS filesystem image "logging"
105 * works for basic copy testing but wedges during a build of ON through
106 * that image. Some deadlock in lufs holding the log mutex and then
107 * getting stuck on a buf. So for now, don't do that.
108 *
109 * Direct I/O. Since the filesystem data is being cached in the buffer
110 * cache, _and_ again in the underlying filesystem, it's tempting to
111 * enable direct I/O on the underlying file. Don't, because that deadlocks.
112 * I think to fix the cache-twice problem we might need filesystem support.
113 *
114 * Interesting things to do:
115 *
116 * Allow multiple files for each device. A poor-man's metadisk, basically.
117 *
118 * Pass-through ioctls on block devices. You can (though it's not
119 * documented), give lofi a block device as a file name. Then we shouldn't
120 * need to fake a geometry, however, it may be relevant if you're replacing
121 * metadisk, or using lofi to get crypto.
122 * It makes sense to do lofiadm -c aes -a /dev/dsk/c0t0d0s4 /dev/lofi/1
123 * and then in /etc/vfstab have an entry for /dev/lofi/1 as /export/home.
124 * In fact this even makes sense if you have lofi "above" metadisk.
125 *
126 * Encryption:
127 * Each lofi device can have its own symmetric key and cipher.
128 * They are passed to us by lofiadm(1m) in the correct format for use
129 * with the misc/kcf crypto_* routines.
130 *
131 * Each block has its own IV, that is calculated in lofi_blk_mech(), based
132 * on the "master" key held in the lsp and the block number of the buffer.
133 */
134
135 #include <sys/types.h>
136 #include <netinet/in.h>
137 #include <sys/sysmacros.h>
138 #include <sys/uio.h>
139 #include <sys/kmem.h>
140 #include <sys/cred.h>
141 #include <sys/mman.h>
142 #include <sys/errno.h>
143 #include <sys/aio_req.h>
144 #include <sys/stat.h>
145 #include <sys/file.h>
146 #include <sys/modctl.h>
147 #include <sys/conf.h>
148 #include <sys/debug.h>
149 #include <sys/vnode.h>
150 #include <sys/lofi.h>
151 #include <sys/lofi_impl.h> /* for cache structure */
152 #include <sys/fcntl.h>
153 #include <sys/pathname.h>
154 #include <sys/filio.h>
155 #include <sys/fdio.h>
156 #include <sys/open.h>
157 #include <sys/disp.h>
158 #include <vm/seg_map.h>
159 #include <sys/ddi.h>
160 #include <sys/sunddi.h>
161 #include <sys/zmod.h>
162 #include <sys/id_space.h>
163 #include <sys/mkdev.h>
164 #include <sys/crypto/common.h>
165 #include <sys/crypto/api.h>
166 #include <sys/rctl.h>
167 #include <sys/vtoc.h>
168 #include <sys/scsi/scsi.h> /* for DTYPE_DIRECT */
169 #include <sys/scsi/impl/uscsi.h>
170 #include <sys/sysevent/dev.h>
171 #include <LzmaDec.h>
172
173 #define NBLOCKS_PROP_NAME "Nblocks"
174 #define SIZE_PROP_NAME "Size"
175 #define ZONE_PROP_NAME "zone"
176
177 #define SETUP_C_DATA(cd, buf, len) \
178 (cd).cd_format = CRYPTO_DATA_RAW; \
179 (cd).cd_offset = 0; \
180 (cd).cd_miscdata = NULL; \
181 (cd).cd_length = (len); \
182 (cd).cd_raw.iov_base = (buf); \
183 (cd).cd_raw.iov_len = (len);
184
185 #define UIO_CHECK(uio) \
186 if (((uio)->uio_loffset % DEV_BSIZE) != 0 || \
187 ((uio)->uio_resid % DEV_BSIZE) != 0) { \
188 return (EINVAL); \
189 }
190
191 #define LOFI_TIMEOUT 30
192
193 static void *lofi_statep;
194 static kmutex_t lofi_lock; /* state lock */
195 static id_space_t *lofi_id; /* lofi ID values */
196 static list_t lofi_list;
197 static zone_key_t lofi_zone_key;
198
199 /*
200 * Because lofi_taskq_nthreads limits the actual swamping of the device, the
201 * maxalloc parameter (lofi_taskq_maxalloc) should be tuned conservatively
202 * high. If we want to be assured that the underlying device is always busy,
203 * we must be sure that the number of bytes enqueued when the number of
204 * enqueued tasks exceeds maxalloc is sufficient to keep the device busy for
205 * the duration of the sleep time in taskq_ent_alloc(). That is, lofi should
206 * set maxalloc to be the maximum throughput (in bytes per second) of the
207 * underlying device divided by the minimum I/O size. We assume a realistic
208 * maximum throughput of one hundred megabytes per second; we set maxalloc on
209 * the lofi task queue to be 104857600 divided by DEV_BSIZE.
210 */
211 static int lofi_taskq_maxalloc = 104857600 / DEV_BSIZE;
212 static int lofi_taskq_nthreads = 4; /* # of taskq threads per device */
213
214 const char lofi_crypto_magic[6] = LOFI_CRYPTO_MAGIC;
215
216 /*
217 * To avoid decompressing data in a compressed segment multiple times
218 * when accessing small parts of a segment's data, we cache and reuse
219 * the uncompressed segment's data.
220 *
221 * A single cached segment is sufficient to avoid lots of duplicate
222 * segment decompress operations. A small cache size also reduces the
223 * memory footprint.
224 *
225 * lofi_max_comp_cache is the maximum number of decompressed data segments
226 * cached for each compressed lofi image. It can be set to 0 to disable
227 * caching.
228 */
229
230 uint32_t lofi_max_comp_cache = 1;
231
232 static int gzip_decompress(void *src, size_t srclen, void *dst,
233 size_t *destlen, int level);
234
235 static int lzma_decompress(void *src, size_t srclen, void *dst,
236 size_t *dstlen, int level);
237
238 lofi_compress_info_t lofi_compress_table[LOFI_COMPRESS_FUNCTIONS] = {
239 {gzip_decompress, NULL, 6, "gzip"}, /* default */
240 {gzip_decompress, NULL, 6, "gzip-6"},
241 {gzip_decompress, NULL, 9, "gzip-9"},
242 {lzma_decompress, NULL, 0, "lzma"}
243 };
244
245 static void lofi_strategy_task(void *);
246 static int lofi_tg_rdwr(dev_info_t *, uchar_t, void *, diskaddr_t,
247 size_t, void *);
248 static int lofi_tg_getinfo(dev_info_t *, int, void *, void *);
249
250 struct cmlb_tg_ops lofi_tg_ops = {
251 TG_DK_OPS_VERSION_1,
252 lofi_tg_rdwr,
253 lofi_tg_getinfo
254 };
255
256 /*ARGSUSED*/
257 static void
258 *SzAlloc(void *p, size_t size)
259 {
260 return (kmem_alloc(size, KM_SLEEP));
261 }
262
263 /*ARGSUSED*/
264 static void
265 SzFree(void *p, void *address, size_t size)
266 {
267 kmem_free(address, size);
268 }
269
270 static ISzAlloc g_Alloc = { SzAlloc, SzFree };
271
272 /*
273 * Free data referenced by the linked list of cached uncompressed
274 * segments.
275 */
276 static void
277 lofi_free_comp_cache(struct lofi_state *lsp)
278 {
279 struct lofi_comp_cache *lc;
280
281 while ((lc = list_remove_head(&lsp->ls_comp_cache)) != NULL) {
282 kmem_free(lc->lc_data, lsp->ls_uncomp_seg_sz);
283 kmem_free(lc, sizeof (struct lofi_comp_cache));
284 lsp->ls_comp_cache_count--;
285 }
286 ASSERT(lsp->ls_comp_cache_count == 0);
287 }
288
289 static int
290 is_opened(struct lofi_state *lsp)
291 {
292 int i;
293 boolean_t last = B_TRUE;
294
295 ASSERT(MUTEX_HELD(&lofi_lock));
296 for (i = 0; i < LOFI_PART_MAX; i++) {
297 if (lsp->ls_open_lyr[i]) {
298 last = B_FALSE;
299 break;
300 }
301 }
302
303 for (i = 0; last && (i < OTYP_LYR); i++) {
304 if (lsp->ls_open_reg[i]) {
305 last = B_FALSE;
306 }
307 }
308
309 return (!last);
310 }
311
312 static void
313 lofi_set_cleanup(struct lofi_state *lsp)
314 {
315 ASSERT(MUTEX_HELD(&lofi_lock));
316
317 lsp->ls_cleanup = B_TRUE;
318
319 /* wake up any threads waiting on dkiocstate */
320 cv_broadcast(&lsp->ls_vp_cv);
321 }
322
323 static void
324 lofi_free_crypto(struct lofi_state *lsp)
325 {
326 ASSERT(MUTEX_HELD(&lofi_lock));
327
328 if (lsp->ls_crypto_enabled) {
329 /*
330 * Clean up the crypto state so that it doesn't hang around
331 * in memory after we are done with it.
332 */
333 if (lsp->ls_key.ck_data != NULL) {
334 bzero(lsp->ls_key.ck_data,
335 CRYPTO_BITS2BYTES(lsp->ls_key.ck_length));
336 kmem_free(lsp->ls_key.ck_data,
337 CRYPTO_BITS2BYTES(lsp->ls_key.ck_length));
338 lsp->ls_key.ck_data = NULL;
339 lsp->ls_key.ck_length = 0;
340 }
341
342 if (lsp->ls_mech.cm_param != NULL) {
343 kmem_free(lsp->ls_mech.cm_param,
344 lsp->ls_mech.cm_param_len);
345 lsp->ls_mech.cm_param = NULL;
346 lsp->ls_mech.cm_param_len = 0;
347 }
348
349 if (lsp->ls_iv_mech.cm_param != NULL) {
350 kmem_free(lsp->ls_iv_mech.cm_param,
351 lsp->ls_iv_mech.cm_param_len);
352 lsp->ls_iv_mech.cm_param = NULL;
353 lsp->ls_iv_mech.cm_param_len = 0;
354 }
355
356 mutex_destroy(&lsp->ls_crypto_lock);
357 }
358 }
359
360 /* ARGSUSED */
361 static int
362 lofi_tg_rdwr(dev_info_t *dip, uchar_t cmd, void *bufaddr, diskaddr_t start,
363 size_t length, void *tg_cookie)
364 {
365 struct lofi_state *lsp;
366 buf_t *bp;
367 int instance;
368 int rv = 0;
369
370 instance = ddi_get_instance(dip);
371 if (instance == 0) /* control node does not have disk */
372 return (ENXIO);
373
374 lsp = ddi_get_soft_state(lofi_statep, instance);
375
376 if (lsp == NULL)
377 return (ENXIO);
378
379 if (cmd != TG_READ && cmd != TG_WRITE)
380 return (EINVAL);
381
382 /*
383 * Make sure the mapping is set up by checking lsp->ls_vp_ready.
384 */
385 mutex_enter(&lsp->ls_vp_lock);
386 while (lsp->ls_vp_ready == B_FALSE)
387 cv_wait(&lsp->ls_vp_cv, &lsp->ls_vp_lock);
388 mutex_exit(&lsp->ls_vp_lock);
389
390 if (P2PHASE(length, (1U << lsp->ls_lbshift)) != 0) {
391 /* We can only transfer whole blocks at a time! */
392 return (EINVAL);
393 }
394
395 bp = getrbuf(KM_SLEEP);
396
397 if (cmd == TG_READ) {
398 bp->b_flags = B_READ;
399 } else {
400 if (lsp->ls_readonly == B_TRUE) {
401 freerbuf(bp);
402 return (EROFS);
403 }
404 bp->b_flags = B_WRITE;
405 }
406
407 bp->b_un.b_addr = bufaddr;
408 bp->b_bcount = length;
409 bp->b_lblkno = start;
410 bp->b_private = NULL;
411 bp->b_edev = lsp->ls_dev;
412
413 if (lsp->ls_kstat) {
414 mutex_enter(lsp->ls_kstat->ks_lock);
415 kstat_waitq_enter(KSTAT_IO_PTR(lsp->ls_kstat));
416 mutex_exit(lsp->ls_kstat->ks_lock);
417 }
418 (void) taskq_dispatch(lsp->ls_taskq, lofi_strategy_task, bp, KM_SLEEP);
419 (void) biowait(bp);
420
421 rv = geterror(bp);
422 freerbuf(bp);
423 return (rv);
424 }
425
426 /*
427 * Get device geometry info for cmlb.
428 *
429 * We have mapped disk image as virtual block device and have to report
430 * physical/virtual geometry to cmlb.
431 *
432 * So we have two principal cases:
433 * 1. Uninitialised image without any existing labels,
434 * for this case we fabricate the data based on mapped image.
435 * 2. Image with existing label information.
436 * Since we have no information how the image was created (it may be
437 * dump from some physical device), we need to rely on label information
438 * from image, or we get "corrupted label" errors.
439 * NOTE: label can be MBR, MBR+SMI, GPT
440 */
441 static int
442 lofi_tg_getinfo(dev_info_t *dip, int cmd, void *arg, void *tg_cookie)
443 {
444 struct lofi_state *lsp;
445 int instance;
446 int ashift;
447
448 _NOTE(ARGUNUSED(tg_cookie));
449 instance = ddi_get_instance(dip);
450 if (instance == 0) /* control device has no storage */
451 return (ENXIO);
452
453 lsp = ddi_get_soft_state(lofi_statep, instance);
454
455 if (lsp == NULL)
456 return (ENXIO);
457
458 /*
459 * Make sure the mapping is set up by checking lsp->ls_vp_ready.
460 *
461 * When mapping is created, new lofi instance is created and
462 * lofi_attach() will call cmlb_attach() as part of the procedure
463 * to set the mapping up. This chain of events will happen in
464 * the same thread.
465 * Since cmlb_attach() will call lofi_tg_getinfo to get
466 * capacity, we return error on that call if cookie is set,
467 * otherwise lofi_attach will be stuck as the mapping is not yet
468 * finalized and lofi is not yet ready.
469 * Note, such error is not fatal for cmlb, as the label setup
470 * will be finalized when cmlb_validate() is called.
471 */
472 mutex_enter(&lsp->ls_vp_lock);
473 if (tg_cookie != NULL && lsp->ls_vp_ready == B_FALSE) {
474 mutex_exit(&lsp->ls_vp_lock);
475 return (ENXIO);
476 }
477 while (lsp->ls_vp_ready == B_FALSE)
478 cv_wait(&lsp->ls_vp_cv, &lsp->ls_vp_lock);
479 mutex_exit(&lsp->ls_vp_lock);
480
481 ashift = lsp->ls_lbshift;
482
483 switch (cmd) {
484 case TG_GETPHYGEOM: {
485 cmlb_geom_t *geomp = arg;
486
487 geomp->g_capacity =
488 (lsp->ls_vp_size - lsp->ls_crypto_offset) >> ashift;
489 geomp->g_nsect = lsp->ls_dkg.dkg_nsect;
490 geomp->g_nhead = lsp->ls_dkg.dkg_nhead;
491 geomp->g_acyl = lsp->ls_dkg.dkg_acyl;
492 geomp->g_ncyl = lsp->ls_dkg.dkg_ncyl;
493 geomp->g_secsize = (1U << ashift);
494 geomp->g_intrlv = lsp->ls_dkg.dkg_intrlv;
495 geomp->g_rpm = lsp->ls_dkg.dkg_rpm;
496 return (0);
497 }
498
499 case TG_GETCAPACITY:
500 *(diskaddr_t *)arg =
501 (lsp->ls_vp_size - lsp->ls_crypto_offset) >> ashift;
502 return (0);
503
504 case TG_GETBLOCKSIZE:
505 *(uint32_t *)arg = (1U << ashift);
506 return (0);
507
508 case TG_GETATTR: {
509 tg_attribute_t *tgattr = arg;
510
511 tgattr->media_is_writable = !lsp->ls_readonly;
512 tgattr->media_is_solid_state = B_FALSE;
513 tgattr->media_is_rotational = B_FALSE;
514 return (0);
515 }
516
517 default:
518 return (EINVAL);
519 }
520 }
521
522 static void
523 lofi_destroy(struct lofi_state *lsp, cred_t *credp)
524 {
525 int id = LOFI_MINOR2ID(getminor(lsp->ls_dev));
526 int i;
527
528 ASSERT(MUTEX_HELD(&lofi_lock));
529
530 /*
531 * Before we can start to release the other resources,
532 * make sure we have all tasks completed and taskq removed.
533 */
534 if (lsp->ls_taskq != NULL) {
535 taskq_destroy(lsp->ls_taskq);
536 lsp->ls_taskq = NULL;
537 }
538
539 list_remove(&lofi_list, lsp);
540
541 lofi_free_crypto(lsp);
542
543 /*
544 * Free pre-allocated compressed buffers
545 */
546 if (lsp->ls_comp_bufs != NULL) {
547 for (i = 0; i < lofi_taskq_nthreads; i++) {
548 if (lsp->ls_comp_bufs[i].bufsize > 0)
549 kmem_free(lsp->ls_comp_bufs[i].buf,
550 lsp->ls_comp_bufs[i].bufsize);
551 }
552 kmem_free(lsp->ls_comp_bufs,
553 sizeof (struct compbuf) * lofi_taskq_nthreads);
554 }
555
556 if (lsp->ls_vp != NULL) {
557 (void) VOP_PUTPAGE(lsp->ls_vp, 0, 0, B_FREE, credp, NULL);
558 (void) VOP_CLOSE(lsp->ls_vp, lsp->ls_openflag,
559 1, 0, credp, NULL);
560 VN_RELE(lsp->ls_vp);
561 }
562 if (lsp->ls_stacked_vp != lsp->ls_vp)
563 VN_RELE(lsp->ls_stacked_vp);
564 lsp->ls_vp = lsp->ls_stacked_vp = NULL;
565
566 if (lsp->ls_kstat != NULL) {
567 kstat_delete(lsp->ls_kstat);
568 lsp->ls_kstat = NULL;
569 }
570
571 /*
572 * Free cached decompressed segment data
573 */
574 lofi_free_comp_cache(lsp);
575 list_destroy(&lsp->ls_comp_cache);
576
577 if (lsp->ls_uncomp_seg_sz > 0) {
578 kmem_free(lsp->ls_comp_index_data, lsp->ls_comp_index_data_sz);
579 lsp->ls_uncomp_seg_sz = 0;
580 }
581
582 rctl_decr_lofi(lsp->ls_zone.zref_zone, 1);
583 zone_rele_ref(&lsp->ls_zone, ZONE_REF_LOFI);
584
585 mutex_destroy(&lsp->ls_comp_cache_lock);
586 mutex_destroy(&lsp->ls_comp_bufs_lock);
587 mutex_destroy(&lsp->ls_kstat_lock);
588 mutex_destroy(&lsp->ls_vp_lock);
589 cv_destroy(&lsp->ls_vp_cv);
590 lsp->ls_vp_ready = B_FALSE;
591 lsp->ls_vp_closereq = B_FALSE;
592
593 ASSERT(ddi_get_soft_state(lofi_statep, id) == lsp);
594 (void) ndi_devi_offline(lsp->ls_dip, NDI_DEVI_REMOVE);
595 id_free(lofi_id, id);
596 }
597
598 static void
599 lofi_free_dev(struct lofi_state *lsp)
600 {
601 ASSERT(MUTEX_HELD(&lofi_lock));
602
603 if (lsp->ls_cmlbhandle != NULL) {
604 cmlb_invalidate(lsp->ls_cmlbhandle, 0);
605 cmlb_detach(lsp->ls_cmlbhandle, 0);
606 cmlb_free_handle(&lsp->ls_cmlbhandle);
607 lsp->ls_cmlbhandle = NULL;
608 }
609 (void) ddi_prop_remove_all(lsp->ls_dip);
610 ddi_remove_minor_node(lsp->ls_dip, NULL);
611 }
612
613 /*ARGSUSED*/
614 static void
615 lofi_zone_shutdown(zoneid_t zoneid, void *arg)
616 {
617 struct lofi_state *lsp;
618 struct lofi_state *next;
619
620 mutex_enter(&lofi_lock);
621
622 for (lsp = list_head(&lofi_list); lsp != NULL; lsp = next) {
623
624 /* lofi_destroy() frees lsp */
625 next = list_next(&lofi_list, lsp);
626
627 if (lsp->ls_zone.zref_zone->zone_id != zoneid)
628 continue;
629
630 /*
631 * No in-zone processes are running, but something has this
632 * open. It's either a global zone process, or a lofi
633 * mount. In either case we set ls_cleanup so the last
634 * user destroys the device.
635 */
636 if (is_opened(lsp)) {
637 lofi_set_cleanup(lsp);
638 } else {
639 lofi_free_dev(lsp);
640 lofi_destroy(lsp, kcred);
641 }
642 }
643
644 mutex_exit(&lofi_lock);
645 }
646
647 /*ARGSUSED*/
648 static int
649 lofi_open(dev_t *devp, int flag, int otyp, struct cred *credp)
650 {
651 int id;
652 minor_t part;
653 uint64_t mask;
654 diskaddr_t nblks;
655 diskaddr_t lba;
656 boolean_t ndelay;
657
658 struct lofi_state *lsp;
659
660 if (otyp >= OTYPCNT)
661 return (EINVAL);
662
663 ndelay = (flag & (FNDELAY | FNONBLOCK)) ? B_TRUE : B_FALSE;
664
665 /*
666 * lofiadm -a /dev/lofi/1 gets us here.
667 */
668 if (mutex_owner(&lofi_lock) == curthread)
669 return (EINVAL);
670
671 mutex_enter(&lofi_lock);
672
673 id = LOFI_MINOR2ID(getminor(*devp));
674 part = LOFI_PART(getminor(*devp));
675 mask = (1U << part);
676
677 /* master control device */
678 if (id == 0) {
679 mutex_exit(&lofi_lock);
680 return (0);
681 }
682
683 /* otherwise, the mapping should already exist */
684 lsp = ddi_get_soft_state(lofi_statep, id);
685 if (lsp == NULL) {
686 mutex_exit(&lofi_lock);
687 return (EINVAL);
688 }
689
690 if (lsp->ls_cleanup == B_TRUE) {
691 mutex_exit(&lofi_lock);
692 return (ENXIO);
693 }
694
695 if (lsp->ls_vp == NULL) {
696 mutex_exit(&lofi_lock);
697 return (ENXIO);
698 }
699
700 if (lsp->ls_readonly && (flag & FWRITE)) {
701 mutex_exit(&lofi_lock);
702 return (EROFS);
703 }
704
705 if ((lsp->ls_open_excl) & (mask)) {
706 mutex_exit(&lofi_lock);
707 return (EBUSY);
708 }
709
710 if (flag & FEXCL) {
711 if (lsp->ls_open_lyr[part]) {
712 mutex_exit(&lofi_lock);
713 return (EBUSY);
714 }
715 for (int i = 0; i < OTYP_LYR; i++) {
716 if (lsp->ls_open_reg[i] & mask) {
717 mutex_exit(&lofi_lock);
718 return (EBUSY);
719 }
720 }
721 }
722
723 if (lsp->ls_cmlbhandle != NULL) {
724 if (cmlb_validate(lsp->ls_cmlbhandle, 0, 0) != 0) {
725 /*
726 * non-blocking opens are allowed to succeed to
727 * support format and fdisk to create partitioning.
728 */
729 if (!ndelay) {
730 mutex_exit(&lofi_lock);
731 return (ENXIO);
732 }
733 } else if (cmlb_partinfo(lsp->ls_cmlbhandle, part, &nblks, &lba,
734 NULL, NULL, 0) == 0) {
735 if ((!nblks) && ((!ndelay) || (otyp != OTYP_CHR))) {
736 mutex_exit(&lofi_lock);
737 return (ENXIO);
738 }
739 } else if (!ndelay) {
740 mutex_exit(&lofi_lock);
741 return (ENXIO);
742 }
743 }
744
745 if (otyp == OTYP_LYR) {
746 lsp->ls_open_lyr[part]++;
747 } else {
748 lsp->ls_open_reg[otyp] |= mask;
749 }
750 if (flag & FEXCL) {
751 lsp->ls_open_excl |= mask;
752 }
753
754 mutex_exit(&lofi_lock);
755 return (0);
756 }
757
758 /*ARGSUSED*/
759 static int
760 lofi_close(dev_t dev, int flag, int otyp, struct cred *credp)
761 {
762 minor_t part;
763 int id;
764 uint64_t mask;
765 struct lofi_state *lsp;
766
767 id = LOFI_MINOR2ID(getminor(dev));
768 part = LOFI_PART(getminor(dev));
769 mask = (1U << part);
770
771 mutex_enter(&lofi_lock);
772 lsp = ddi_get_soft_state(lofi_statep, id);
773 if (lsp == NULL) {
774 mutex_exit(&lofi_lock);
775 return (EINVAL);
776 }
777
778 if (id == 0) {
779 mutex_exit(&lofi_lock);
780 return (0);
781 }
782
783 if (lsp->ls_open_excl & mask)
784 lsp->ls_open_excl &= ~mask;
785
786 if (otyp == OTYP_LYR) {
787 lsp->ls_open_lyr[part]--;
788 } else {
789 lsp->ls_open_reg[otyp] &= ~mask;
790 }
791
792 /*
793 * If we forcibly closed the underlying device (li_force), or
794 * asked for cleanup (li_cleanup), finish up if we're the last
795 * out of the door.
796 */
797 if (!is_opened(lsp) &&
798 (lsp->ls_cleanup == B_TRUE || lsp->ls_vp == NULL)) {
799 lofi_free_dev(lsp);
800 lofi_destroy(lsp, credp);
801 }
802
803 mutex_exit(&lofi_lock);
804 return (0);
805 }
806
807 /*
808 * Sets the mechanism's initialization vector (IV) if one is needed.
809 * The IV is computed from the data block number. lsp->ls_mech is
810 * altered so that:
811 * lsp->ls_mech.cm_param_len is set to the IV len.
812 * lsp->ls_mech.cm_param is set to the IV.
813 */
814 static int
815 lofi_blk_mech(struct lofi_state *lsp, longlong_t lblkno)
816 {
817 int ret;
818 crypto_data_t cdata;
819 char *iv;
820 size_t iv_len;
821 size_t min;
822 void *data;
823 size_t datasz;
824
825 ASSERT(MUTEX_HELD(&lsp->ls_crypto_lock));
826
827 if (lsp == NULL)
828 return (CRYPTO_DEVICE_ERROR);
829
830 /* lsp->ls_mech.cm_param{_len} has already been set for static iv */
831 if (lsp->ls_iv_type == IVM_NONE) {
832 return (CRYPTO_SUCCESS);
833 }
834
835 /*
836 * if kmem already alloced from previous call and it's the same size
837 * we need now, just recycle it; allocate new kmem only if we have to
838 */
839 if (lsp->ls_mech.cm_param == NULL ||
840 lsp->ls_mech.cm_param_len != lsp->ls_iv_len) {
841 iv_len = lsp->ls_iv_len;
842 iv = kmem_zalloc(iv_len, KM_SLEEP);
843 } else {
844 iv_len = lsp->ls_mech.cm_param_len;
845 iv = lsp->ls_mech.cm_param;
846 bzero(iv, iv_len);
847 }
848
849 switch (lsp->ls_iv_type) {
850 case IVM_ENC_BLKNO:
851 /* iv is not static, lblkno changes each time */
852 data = &lblkno;
853 datasz = sizeof (lblkno);
854 break;
855 default:
856 data = 0;
857 datasz = 0;
858 break;
859 }
860
861 /*
862 * write blkno into the iv buffer padded on the left in case
863 * blkno ever grows bigger than its current longlong_t size
864 * or a variation other than blkno is used for the iv data
865 */
866 min = MIN(datasz, iv_len);
867 bcopy(data, iv + (iv_len - min), min);
868
869 /* encrypt the data in-place to get the IV */
870 SETUP_C_DATA(cdata, iv, iv_len);
871
872 ret = crypto_encrypt(&lsp->ls_iv_mech, &cdata, &lsp->ls_key,
873 NULL, NULL, NULL);
874 if (ret != CRYPTO_SUCCESS) {
875 cmn_err(CE_WARN, "failed to create iv for block %lld: (0x%x)",
876 lblkno, ret);
877 if (lsp->ls_mech.cm_param != iv)
878 kmem_free(iv, iv_len);
879
880 return (ret);
881 }
882
883 /* clean up the iv from the last computation */
884 if (lsp->ls_mech.cm_param != NULL && lsp->ls_mech.cm_param != iv)
885 kmem_free(lsp->ls_mech.cm_param, lsp->ls_mech.cm_param_len);
886
887 lsp->ls_mech.cm_param_len = iv_len;
888 lsp->ls_mech.cm_param = iv;
889
890 return (CRYPTO_SUCCESS);
891 }
892
893 /*
894 * Performs encryption and decryption of a chunk of data of size "len",
895 * one DEV_BSIZE block at a time. "len" is assumed to be a multiple of
896 * DEV_BSIZE.
897 */
898 static int
899 lofi_crypto(struct lofi_state *lsp, struct buf *bp, caddr_t plaintext,
900 caddr_t ciphertext, size_t len, boolean_t op_encrypt)
901 {
902 crypto_data_t cdata;
903 crypto_data_t wdata;
904 int ret;
905 longlong_t lblkno = bp->b_lblkno;
906
907 mutex_enter(&lsp->ls_crypto_lock);
908
909 /*
910 * though we could encrypt/decrypt entire "len" chunk of data, we need
911 * to break it into DEV_BSIZE pieces to capture blkno incrementing
912 */
913 SETUP_C_DATA(cdata, plaintext, len);
914 cdata.cd_length = DEV_BSIZE;
915 if (ciphertext != NULL) { /* not in-place crypto */
916 SETUP_C_DATA(wdata, ciphertext, len);
917 wdata.cd_length = DEV_BSIZE;
918 }
919
920 do {
921 ret = lofi_blk_mech(lsp, lblkno);
922 if (ret != CRYPTO_SUCCESS)
923 continue;
924
925 if (op_encrypt) {
926 ret = crypto_encrypt(&lsp->ls_mech, &cdata,
927 &lsp->ls_key, NULL,
928 ((ciphertext != NULL) ? &wdata : NULL), NULL);
929 } else {
930 ret = crypto_decrypt(&lsp->ls_mech, &cdata,
931 &lsp->ls_key, NULL,
932 ((ciphertext != NULL) ? &wdata : NULL), NULL);
933 }
934
935 cdata.cd_offset += DEV_BSIZE;
936 if (ciphertext != NULL)
937 wdata.cd_offset += DEV_BSIZE;
938 lblkno++;
939 } while (ret == CRYPTO_SUCCESS && cdata.cd_offset < len);
940
941 mutex_exit(&lsp->ls_crypto_lock);
942
943 if (ret != CRYPTO_SUCCESS) {
944 cmn_err(CE_WARN, "%s failed for block %lld: (0x%x)",
945 op_encrypt ? "crypto_encrypt()" : "crypto_decrypt()",
946 lblkno, ret);
947 }
948
949 return (ret);
950 }
951
952 #define RDWR_RAW 1
953 #define RDWR_BCOPY 2
954
955 static int
956 lofi_rdwr(caddr_t bufaddr, offset_t offset, struct buf *bp,
957 struct lofi_state *lsp, size_t len, int method, caddr_t bcopy_locn)
958 {
959 ssize_t resid;
960 int isread;
961 int error;
962
963 /*
964 * Handles reads/writes for both plain and encrypted lofi
965 * Note: offset is already shifted by lsp->ls_crypto_offset
966 * when it gets here.
967 */
968
969 isread = bp->b_flags & B_READ;
970 if (isread) {
971 if (method == RDWR_BCOPY) {
972 /* DO NOT update bp->b_resid for bcopy */
973 bcopy(bcopy_locn, bufaddr, len);
974 error = 0;
975 } else { /* RDWR_RAW */
976 error = vn_rdwr(UIO_READ, lsp->ls_vp, bufaddr, len,
977 offset, UIO_SYSSPACE, 0, RLIM64_INFINITY, kcred,
978 &resid);
979 bp->b_resid = resid;
980 }
981 if (lsp->ls_crypto_enabled && error == 0) {
982 if (lofi_crypto(lsp, bp, bufaddr, NULL, len,
983 B_FALSE) != CRYPTO_SUCCESS) {
984 /*
985 * XXX: original code didn't set residual
986 * back to len because no error was expected
987 * from bcopy() if encryption is not enabled
988 */
989 if (method != RDWR_BCOPY)
990 bp->b_resid = len;
991 error = EIO;
992 }
993 }
994 return (error);
995 } else {
996 void *iobuf = bufaddr;
997
998 if (lsp->ls_crypto_enabled) {
999 /* don't do in-place crypto to keep bufaddr intact */
1000 iobuf = kmem_alloc(len, KM_SLEEP);
1001 if (lofi_crypto(lsp, bp, bufaddr, iobuf, len,
1002 B_TRUE) != CRYPTO_SUCCESS) {
1003 kmem_free(iobuf, len);
1004 if (method != RDWR_BCOPY)
1005 bp->b_resid = len;
1006 return (EIO);
1007 }
1008 }
1009 if (method == RDWR_BCOPY) {
1010 /* DO NOT update bp->b_resid for bcopy */
1011 bcopy(iobuf, bcopy_locn, len);
1012 error = 0;
1013 } else { /* RDWR_RAW */
1014 error = vn_rdwr(UIO_WRITE, lsp->ls_vp, iobuf, len,
1015 offset, UIO_SYSSPACE, 0, RLIM64_INFINITY, kcred,
1016 &resid);
1017 bp->b_resid = resid;
1018 }
1019 if (lsp->ls_crypto_enabled) {
1020 kmem_free(iobuf, len);
1021 }
1022 return (error);
1023 }
1024 }
1025
1026 static int
1027 lofi_mapped_rdwr(caddr_t bufaddr, offset_t offset, struct buf *bp,
1028 struct lofi_state *lsp)
1029 {
1030 int error;
1031 offset_t alignedoffset, mapoffset;
1032 size_t xfersize;
1033 int isread;
1034 int smflags;
1035 caddr_t mapaddr;
1036 size_t len;
1037 enum seg_rw srw;
1038 int save_error;
1039
1040 /*
1041 * Note: offset is already shifted by lsp->ls_crypto_offset
1042 * when it gets here.
1043 */
1044 if (lsp->ls_crypto_enabled)
1045 ASSERT(lsp->ls_vp_comp_size == lsp->ls_vp_size);
1046
1047 /*
1048 * segmap always gives us an 8K (MAXBSIZE) chunk, aligned on
1049 * an 8K boundary, but the buf transfer address may not be
1050 * aligned on more than a 512-byte boundary (we don't enforce
1051 * that even though we could). This matters since the initial
1052 * part of the transfer may not start at offset 0 within the
1053 * segmap'd chunk. So we have to compensate for that with
1054 * 'mapoffset'. Subsequent chunks always start off at the
1055 * beginning, and the last is capped by b_resid
1056 *
1057 * Visually, where "|" represents page map boundaries:
1058 * alignedoffset (mapaddr begins at this segmap boundary)
1059 * | offset (from beginning of file)
1060 * | | len
1061 * v v v
1062 * ===|====X========|====...======|========X====|====
1063 * /-------------...---------------/
1064 * ^ bp->b_bcount/bp->b_resid at start
1065 * /----/--------/----...------/--------/
1066 * ^ ^ ^ ^ ^
1067 * | | | | nth xfersize (<= MAXBSIZE)
1068 * | | 2nd thru n-1st xfersize (= MAXBSIZE)
1069 * | 1st xfersize (<= MAXBSIZE)
1070 * mapoffset (offset into 1st segmap, non-0 1st time, 0 thereafter)
1071 *
1072 * Notes: "alignedoffset" is "offset" rounded down to nearest
1073 * MAXBSIZE boundary. "len" is next page boundary of size
1074 * PAGESIZE after "alignedoffset".
1075 */
1076 mapoffset = offset & MAXBOFFSET;
1077 alignedoffset = offset - mapoffset;
1078 bp->b_resid = bp->b_bcount;
1079 isread = bp->b_flags & B_READ;
1080 srw = isread ? S_READ : S_WRITE;
1081 do {
1082 xfersize = MIN(lsp->ls_vp_comp_size - offset,
1083 MIN(MAXBSIZE - mapoffset, bp->b_resid));
1084 len = roundup(mapoffset + xfersize, PAGESIZE);
1085 mapaddr = segmap_getmapflt(segkmap, lsp->ls_vp,
1086 alignedoffset, MAXBSIZE, 1, srw);
1087 /*
1088 * Now fault in the pages. This lets us check
1089 * for errors before we reference mapaddr and
1090 * try to resolve the fault in bcopy (which would
1091 * panic instead). And this can easily happen,
1092 * particularly if you've lofi'd a file over NFS
1093 * and someone deletes the file on the server.
1094 */
1095 error = segmap_fault(kas.a_hat, segkmap, mapaddr,
1096 len, F_SOFTLOCK, srw);
1097 if (error) {
1098 (void) segmap_release(segkmap, mapaddr, 0);
1099 if (FC_CODE(error) == FC_OBJERR)
1100 error = FC_ERRNO(error);
1101 else
1102 error = EIO;
1103 break;
1104 }
1105 /* error may be non-zero for encrypted lofi */
1106 error = lofi_rdwr(bufaddr, 0, bp, lsp, xfersize,
1107 RDWR_BCOPY, mapaddr + mapoffset);
1108 if (error == 0) {
1109 bp->b_resid -= xfersize;
1110 bufaddr += xfersize;
1111 offset += xfersize;
1112 }
1113 smflags = 0;
1114 if (isread) {
1115 smflags |= SM_FREE;
1116 /*
1117 * If we're reading an entire page starting
1118 * at a page boundary, there's a good chance
1119 * we won't need it again. Put it on the
1120 * head of the freelist.
1121 */
1122 if (mapoffset == 0 && xfersize == MAXBSIZE)
1123 smflags |= SM_DONTNEED;
1124 } else {
1125 /*
1126 * Write back good pages, it is okay to
1127 * always release asynchronous here as we'll
1128 * follow with VOP_FSYNC for B_SYNC buffers.
1129 */
1130 if (error == 0)
1131 smflags |= SM_WRITE | SM_ASYNC;
1132 }
1133 (void) segmap_fault(kas.a_hat, segkmap, mapaddr,
1134 len, F_SOFTUNLOCK, srw);
1135 save_error = segmap_release(segkmap, mapaddr, smflags);
1136 if (error == 0)
1137 error = save_error;
1138 /* only the first map may start partial */
1139 mapoffset = 0;
1140 alignedoffset += MAXBSIZE;
1141 } while ((error == 0) && (bp->b_resid > 0) &&
1142 (offset < lsp->ls_vp_comp_size));
1143
1144 return (error);
1145 }
1146
1147 /*
1148 * Check if segment seg_index is present in the decompressed segment
1149 * data cache.
1150 *
1151 * Returns a pointer to the decompressed segment data cache entry if
1152 * found, and NULL when decompressed data for this segment is not yet
1153 * cached.
1154 */
1155 static struct lofi_comp_cache *
1156 lofi_find_comp_data(struct lofi_state *lsp, uint64_t seg_index)
1157 {
1158 struct lofi_comp_cache *lc;
1159
1160 ASSERT(MUTEX_HELD(&lsp->ls_comp_cache_lock));
1161
1162 for (lc = list_head(&lsp->ls_comp_cache); lc != NULL;
1163 lc = list_next(&lsp->ls_comp_cache, lc)) {
1164 if (lc->lc_index == seg_index) {
1165 /*
1166 * Decompressed segment data was found in the
1167 * cache.
1168 *
1169 * The cache uses an LRU replacement strategy;
1170 * move the entry to head of list.
1171 */
1172 list_remove(&lsp->ls_comp_cache, lc);
1173 list_insert_head(&lsp->ls_comp_cache, lc);
1174 return (lc);
1175 }
1176 }
1177 return (NULL);
1178 }
1179
1180 /*
1181 * Add the data for a decompressed segment at segment index
1182 * seg_index to the cache of the decompressed segments.
1183 *
1184 * Returns a pointer to the cache element structure in case
1185 * the data was added to the cache; returns NULL when the data
1186 * wasn't cached.
1187 */
1188 static struct lofi_comp_cache *
1189 lofi_add_comp_data(struct lofi_state *lsp, uint64_t seg_index,
1190 uchar_t *data)
1191 {
1192 struct lofi_comp_cache *lc;
1193
1194 ASSERT(MUTEX_HELD(&lsp->ls_comp_cache_lock));
1195
1196 while (lsp->ls_comp_cache_count > lofi_max_comp_cache) {
1197 lc = list_remove_tail(&lsp->ls_comp_cache);
1198 ASSERT(lc != NULL);
1199 kmem_free(lc->lc_data, lsp->ls_uncomp_seg_sz);
1200 kmem_free(lc, sizeof (struct lofi_comp_cache));
1201 lsp->ls_comp_cache_count--;
1202 }
1203
1204 /*
1205 * Do not cache when disabled by tunable variable
1206 */
1207 if (lofi_max_comp_cache == 0)
1208 return (NULL);
1209
1210 /*
1211 * When the cache has not yet reached the maximum allowed
1212 * number of segments, allocate a new cache element.
1213 * Otherwise the cache is full; reuse the last list element
1214 * (LRU) for caching the decompressed segment data.
1215 *
1216 * The cache element for the new decompressed segment data is
1217 * added to the head of the list.
1218 */
1219 if (lsp->ls_comp_cache_count < lofi_max_comp_cache) {
1220 lc = kmem_alloc(sizeof (struct lofi_comp_cache), KM_SLEEP);
1221 lc->lc_data = NULL;
1222 list_insert_head(&lsp->ls_comp_cache, lc);
1223 lsp->ls_comp_cache_count++;
1224 } else {
1225 lc = list_remove_tail(&lsp->ls_comp_cache);
1226 if (lc == NULL)
1227 return (NULL);
1228 list_insert_head(&lsp->ls_comp_cache, lc);
1229 }
1230
1231 /*
1232 * Free old uncompressed segment data when reusing a cache
1233 * entry.
1234 */
1235 if (lc->lc_data != NULL)
1236 kmem_free(lc->lc_data, lsp->ls_uncomp_seg_sz);
1237
1238 lc->lc_data = data;
1239 lc->lc_index = seg_index;
1240 return (lc);
1241 }
1242
1243
1244 /*ARGSUSED*/
1245 static int
1246 gzip_decompress(void *src, size_t srclen, void *dst,
1247 size_t *dstlen, int level)
1248 {
1249 ASSERT(*dstlen >= srclen);
1250
1251 if (z_uncompress(dst, dstlen, src, srclen) != Z_OK)
1252 return (-1);
1253 return (0);
1254 }
1255
1256 #define LZMA_HEADER_SIZE (LZMA_PROPS_SIZE + 8)
1257 /*ARGSUSED*/
1258 static int
1259 lzma_decompress(void *src, size_t srclen, void *dst,
1260 size_t *dstlen, int level)
1261 {
1262 size_t insizepure;
1263 void *actual_src;
1264 ELzmaStatus status;
1265
1266 insizepure = srclen - LZMA_HEADER_SIZE;
1267 actual_src = (void *)((Byte *)src + LZMA_HEADER_SIZE);
1268
1269 if (LzmaDecode((Byte *)dst, (size_t *)dstlen,
1270 (const Byte *)actual_src, &insizepure,
1271 (const Byte *)src, LZMA_PROPS_SIZE, LZMA_FINISH_ANY, &status,
1272 &g_Alloc) != SZ_OK) {
1273 return (-1);
1274 }
1275 return (0);
1276 }
1277
1278 /*
1279 * This is basically what strategy used to be before we found we
1280 * needed task queues.
1281 */
1282 static void
1283 lofi_strategy_task(void *arg)
1284 {
1285 struct buf *bp = (struct buf *)arg;
1286 int error;
1287 int syncflag = 0;
1288 struct lofi_state *lsp;
1289 offset_t offset;
1290 caddr_t bufaddr;
1291 size_t len;
1292 size_t xfersize;
1293 boolean_t bufinited = B_FALSE;
1294
1295 lsp = ddi_get_soft_state(lofi_statep,
1296 LOFI_MINOR2ID(getminor(bp->b_edev)));
1297
1298 if (lsp == NULL) {
1299 error = ENXIO;
1300 goto errout;
1301 }
1302 if (lsp->ls_kstat) {
1303 mutex_enter(lsp->ls_kstat->ks_lock);
1304 kstat_waitq_to_runq(KSTAT_IO_PTR(lsp->ls_kstat));
1305 mutex_exit(lsp->ls_kstat->ks_lock);
1306 }
1307
1308 mutex_enter(&lsp->ls_vp_lock);
1309 lsp->ls_vp_iocount++;
1310 mutex_exit(&lsp->ls_vp_lock);
1311
1312 bp_mapin(bp);
1313 bufaddr = bp->b_un.b_addr;
1314 offset = (bp->b_lblkno + (diskaddr_t)(uintptr_t)bp->b_private)
1315 << lsp->ls_lbshift; /* offset within file */
1316 if (lsp->ls_crypto_enabled) {
1317 /* encrypted data really begins after crypto header */
1318 offset += lsp->ls_crypto_offset;
1319 }
1320 len = bp->b_bcount;
1321 bufinited = B_TRUE;
1322
1323 if (lsp->ls_vp == NULL || lsp->ls_vp_closereq) {
1324 error = EIO;
1325 goto errout;
1326 }
1327
1328 /*
1329 * If we're writing and the buffer was not B_ASYNC
1330 * we'll follow up with a VOP_FSYNC() to force any
1331 * asynchronous I/O to stable storage.
1332 */
1333 if (!(bp->b_flags & B_READ) && !(bp->b_flags & B_ASYNC))
1334 syncflag = FSYNC;
1335
1336 /*
1337 * We used to always use vn_rdwr here, but we cannot do that because
1338 * we might decide to read or write from the the underlying
1339 * file during this call, which would be a deadlock because
1340 * we have the rw_lock. So instead we page, unless it's not
1341 * mapable or it's a character device or it's an encrypted lofi.
1342 */
1343 if ((lsp->ls_vp->v_flag & VNOMAP) || (lsp->ls_vp->v_type == VCHR) ||
1344 lsp->ls_crypto_enabled) {
1345 error = lofi_rdwr(bufaddr, offset, bp, lsp, len, RDWR_RAW,
1346 NULL);
1347 } else if (lsp->ls_uncomp_seg_sz == 0) {
1348 error = lofi_mapped_rdwr(bufaddr, offset, bp, lsp);
1349 } else {
1350 uchar_t *compressed_seg = NULL, *cmpbuf;
1351 uchar_t *uncompressed_seg = NULL;
1352 lofi_compress_info_t *li;
1353 size_t oblkcount;
1354 ulong_t seglen;
1355 uint64_t sblkno, eblkno, cmpbytes;
1356 uint64_t uncompressed_seg_index;
1357 struct lofi_comp_cache *lc;
1358 offset_t sblkoff, eblkoff;
1359 u_offset_t salign, ealign;
1360 u_offset_t sdiff;
1361 uint32_t comp_data_sz;
1362 uint64_t i;
1363 int j;
1364
1365 /*
1366 * From here on we're dealing primarily with compressed files
1367 */
1368 ASSERT(!lsp->ls_crypto_enabled);
1369
1370 /*
1371 * Compressed files can only be read from and
1372 * not written to
1373 */
1374 if (!(bp->b_flags & B_READ)) {
1375 bp->b_resid = bp->b_bcount;
1376 error = EROFS;
1377 goto done;
1378 }
1379
1380 ASSERT(lsp->ls_comp_algorithm_index >= 0);
1381 li = &lofi_compress_table[lsp->ls_comp_algorithm_index];
1382 /*
1383 * Compute starting and ending compressed segment numbers
1384 * We use only bitwise operations avoiding division and
1385 * modulus because we enforce the compression segment size
1386 * to a power of 2
1387 */
1388 sblkno = offset >> lsp->ls_comp_seg_shift;
1389 sblkoff = offset & (lsp->ls_uncomp_seg_sz - 1);
1390 eblkno = (offset + bp->b_bcount) >> lsp->ls_comp_seg_shift;
1391 eblkoff = (offset + bp->b_bcount) & (lsp->ls_uncomp_seg_sz - 1);
1392
1393 /*
1394 * Check the decompressed segment cache.
1395 *
1396 * The cache is used only when the requested data
1397 * is within a segment. Requests that cross
1398 * segment boundaries bypass the cache.
1399 */
1400 if (sblkno == eblkno ||
1401 (sblkno + 1 == eblkno && eblkoff == 0)) {
1402 /*
1403 * Request doesn't cross a segment boundary,
1404 * now check the cache.
1405 */
1406 mutex_enter(&lsp->ls_comp_cache_lock);
1407 lc = lofi_find_comp_data(lsp, sblkno);
1408 if (lc != NULL) {
1409 /*
1410 * We've found the decompressed segment
1411 * data in the cache; reuse it.
1412 */
1413 bcopy(lc->lc_data + sblkoff, bufaddr,
1414 bp->b_bcount);
1415 mutex_exit(&lsp->ls_comp_cache_lock);
1416 bp->b_resid = 0;
1417 error = 0;
1418 goto done;
1419 }
1420 mutex_exit(&lsp->ls_comp_cache_lock);
1421 }
1422
1423 /*
1424 * Align start offset to block boundary for segmap
1425 */
1426 salign = lsp->ls_comp_seg_index[sblkno];
1427 sdiff = salign & (DEV_BSIZE - 1);
1428 salign -= sdiff;
1429 if (eblkno >= (lsp->ls_comp_index_sz - 1)) {
1430 /*
1431 * We're dealing with the last segment of
1432 * the compressed file -- the size of this
1433 * segment *may not* be the same as the
1434 * segment size for the file
1435 */
1436 eblkoff = (offset + bp->b_bcount) &
1437 (lsp->ls_uncomp_last_seg_sz - 1);
1438 ealign = lsp->ls_vp_comp_size;
1439 } else {
1440 ealign = lsp->ls_comp_seg_index[eblkno + 1];
1441 }
1442
1443 /*
1444 * Preserve original request paramaters
1445 */
1446 oblkcount = bp->b_bcount;
1447
1448 /*
1449 * Assign the calculated parameters
1450 */
1451 comp_data_sz = ealign - salign;
1452 bp->b_bcount = comp_data_sz;
1453
1454 /*
1455 * Buffers to hold compressed segments are pre-allocated
1456 * on a per-thread basis. Find a pre-allocated buffer
1457 * that is not currently in use and mark it for use.
1458 */
1459 mutex_enter(&lsp->ls_comp_bufs_lock);
1460 for (j = 0; j < lofi_taskq_nthreads; j++) {
1461 if (lsp->ls_comp_bufs[j].inuse == 0) {
1462 lsp->ls_comp_bufs[j].inuse = 1;
1463 break;
1464 }
1465 }
1466
1467 mutex_exit(&lsp->ls_comp_bufs_lock);
1468 ASSERT(j < lofi_taskq_nthreads);
1469
1470 /*
1471 * If the pre-allocated buffer size does not match
1472 * the size of the I/O request, re-allocate it with
1473 * the appropriate size
1474 */
1475 if (lsp->ls_comp_bufs[j].bufsize < bp->b_bcount) {
1476 if (lsp->ls_comp_bufs[j].bufsize > 0)
1477 kmem_free(lsp->ls_comp_bufs[j].buf,
1478 lsp->ls_comp_bufs[j].bufsize);
1479 lsp->ls_comp_bufs[j].buf = kmem_alloc(bp->b_bcount,
1480 KM_SLEEP);
1481 lsp->ls_comp_bufs[j].bufsize = bp->b_bcount;
1482 }
1483 compressed_seg = lsp->ls_comp_bufs[j].buf;
1484
1485 /*
1486 * Map in the calculated number of blocks
1487 */
1488 error = lofi_mapped_rdwr((caddr_t)compressed_seg, salign,
1489 bp, lsp);
1490
1491 bp->b_bcount = oblkcount;
1492 bp->b_resid = oblkcount;
1493 if (error != 0)
1494 goto done;
1495
1496 /*
1497 * decompress compressed blocks start
1498 */
1499 cmpbuf = compressed_seg + sdiff;
1500 for (i = sblkno; i <= eblkno; i++) {
1501 ASSERT(i < lsp->ls_comp_index_sz - 1);
1502 uchar_t *useg;
1503
1504 /*
1505 * The last segment is special in that it is
1506 * most likely not going to be the same
1507 * (uncompressed) size as the other segments.
1508 */
1509 if (i == (lsp->ls_comp_index_sz - 2)) {
1510 seglen = lsp->ls_uncomp_last_seg_sz;
1511 } else {
1512 seglen = lsp->ls_uncomp_seg_sz;
1513 }
1514
1515 /*
1516 * Each of the segment index entries contains
1517 * the starting block number for that segment.
1518 * The number of compressed bytes in a segment
1519 * is thus the difference between the starting
1520 * block number of this segment and the starting
1521 * block number of the next segment.
1522 */
1523 cmpbytes = lsp->ls_comp_seg_index[i + 1] -
1524 lsp->ls_comp_seg_index[i];
1525
1526 /*
1527 * The first byte in a compressed segment is a flag
1528 * that indicates whether this segment is compressed
1529 * at all.
1530 *
1531 * The variable 'useg' is used (instead of
1532 * uncompressed_seg) in this loop to keep a
1533 * reference to the uncompressed segment.
1534 *
1535 * N.B. If 'useg' is replaced with uncompressed_seg,
1536 * it leads to memory leaks and heap corruption in
1537 * corner cases where compressed segments lie
1538 * adjacent to uncompressed segments.
1539 */
1540 if (*cmpbuf == UNCOMPRESSED) {
1541 useg = cmpbuf + SEGHDR;
1542 } else {
1543 if (uncompressed_seg == NULL)
1544 uncompressed_seg =
1545 kmem_alloc(lsp->ls_uncomp_seg_sz,
1546 KM_SLEEP);
1547 useg = uncompressed_seg;
1548 uncompressed_seg_index = i;
1549
1550 if (li->l_decompress((cmpbuf + SEGHDR),
1551 (cmpbytes - SEGHDR), uncompressed_seg,
1552 &seglen, li->l_level) != 0) {
1553 error = EIO;
1554 goto done;
1555 }
1556 }
1557
1558 /*
1559 * Determine how much uncompressed data we
1560 * have to copy and copy it
1561 */
1562 xfersize = lsp->ls_uncomp_seg_sz - sblkoff;
1563 if (i == eblkno)
1564 xfersize -= (lsp->ls_uncomp_seg_sz - eblkoff);
1565
1566 bcopy((useg + sblkoff), bufaddr, xfersize);
1567
1568 cmpbuf += cmpbytes;
1569 bufaddr += xfersize;
1570 bp->b_resid -= xfersize;
1571 sblkoff = 0;
1572
1573 if (bp->b_resid == 0)
1574 break;
1575 } /* decompress compressed blocks ends */
1576
1577 /*
1578 * Skip to done if there is no uncompressed data to cache
1579 */
1580 if (uncompressed_seg == NULL)
1581 goto done;
1582
1583 /*
1584 * Add the data for the last decompressed segment to
1585 * the cache.
1586 *
1587 * In case the uncompressed segment data was added to (and
1588 * is referenced by) the cache, make sure we don't free it
1589 * here.
1590 */
1591 mutex_enter(&lsp->ls_comp_cache_lock);
1592 if ((lc = lofi_add_comp_data(lsp, uncompressed_seg_index,
1593 uncompressed_seg)) != NULL) {
1594 uncompressed_seg = NULL;
1595 }
1596 mutex_exit(&lsp->ls_comp_cache_lock);
1597
1598 done:
1599 if (compressed_seg != NULL) {
1600 mutex_enter(&lsp->ls_comp_bufs_lock);
1601 lsp->ls_comp_bufs[j].inuse = 0;
1602 mutex_exit(&lsp->ls_comp_bufs_lock);
1603 }
1604 if (uncompressed_seg != NULL)
1605 kmem_free(uncompressed_seg, lsp->ls_uncomp_seg_sz);
1606 } /* end of handling compressed files */
1607
1608 if ((error == 0) && (syncflag != 0))
1609 error = VOP_FSYNC(lsp->ls_vp, syncflag, kcred, NULL);
1610
1611 errout:
1612 if (bufinited && lsp->ls_kstat) {
1613 size_t n_done = bp->b_bcount - bp->b_resid;
1614 kstat_io_t *kioptr;
1615
1616 mutex_enter(lsp->ls_kstat->ks_lock);
1617 kioptr = KSTAT_IO_PTR(lsp->ls_kstat);
1618 if (bp->b_flags & B_READ) {
1619 kioptr->nread += n_done;
1620 kioptr->reads++;
1621 } else {
1622 kioptr->nwritten += n_done;
1623 kioptr->writes++;
1624 }
1625 kstat_runq_exit(kioptr);
1626 mutex_exit(lsp->ls_kstat->ks_lock);
1627 }
1628
1629 mutex_enter(&lsp->ls_vp_lock);
1630 if (--lsp->ls_vp_iocount == 0)
1631 cv_broadcast(&lsp->ls_vp_cv);
1632 mutex_exit(&lsp->ls_vp_lock);
1633
1634 bioerror(bp, error);
1635 biodone(bp);
1636 }
1637
1638 static int
1639 lofi_strategy(struct buf *bp)
1640 {
1641 struct lofi_state *lsp;
1642 offset_t offset;
1643 minor_t part;
1644 diskaddr_t p_lba;
1645 diskaddr_t p_nblks;
1646 int shift;
1647
1648 /*
1649 * We cannot just do I/O here, because the current thread
1650 * _might_ end up back in here because the underlying filesystem
1651 * wants a buffer, which eventually gets into bio_recycle and
1652 * might call into lofi to write out a delayed-write buffer.
1653 * This is bad if the filesystem above lofi is the same as below.
1654 *
1655 * We could come up with a complex strategy using threads to
1656 * do the I/O asynchronously, or we could use task queues. task
1657 * queues were incredibly easy so they win.
1658 */
1659
1660 lsp = ddi_get_soft_state(lofi_statep,
1661 LOFI_MINOR2ID(getminor(bp->b_edev)));
1662 part = LOFI_PART(getminor(bp->b_edev));
1663
1664 if (lsp == NULL) {
1665 bioerror(bp, ENXIO);
1666 biodone(bp);
1667 return (0);
1668 }
1669
1670 /* Check if we are closing. */
1671 mutex_enter(&lsp->ls_vp_lock);
1672 if (lsp->ls_vp == NULL || lsp->ls_vp_closereq) {
1673 mutex_exit(&lsp->ls_vp_lock);
1674 bioerror(bp, EIO);
1675 biodone(bp);
1676 return (0);
1677 }
1678 mutex_exit(&lsp->ls_vp_lock);
1679
1680 shift = lsp->ls_lbshift;
1681 p_lba = 0;
1682 p_nblks = lsp->ls_vp_size >> shift;
1683
1684 if (lsp->ls_cmlbhandle != NULL) {
1685 if (cmlb_partinfo(lsp->ls_cmlbhandle, part, &p_nblks, &p_lba,
1686 NULL, NULL, 0)) {
1687 bioerror(bp, ENXIO);
1688 biodone(bp);
1689 return (0);
1690 }
1691 }
1692
1693 /* start block past partition end? */
1694 if (bp->b_lblkno > p_nblks) {
1695 bioerror(bp, ENXIO);
1696 biodone(bp);
1697 return (0);
1698 }
1699
1700 offset = (bp->b_lblkno+p_lba) << shift; /* offset within file */
1701
1702 mutex_enter(&lsp->ls_vp_lock);
1703 if (lsp->ls_crypto_enabled) {
1704 /* encrypted data really begins after crypto header */
1705 offset += lsp->ls_crypto_offset;
1706 }
1707
1708 /* make sure we will not pass the file or partition size */
1709 if (offset == lsp->ls_vp_size ||
1710 offset == (((p_lba + p_nblks) << shift) + lsp->ls_crypto_offset)) {
1711 /* EOF */
1712 if ((bp->b_flags & B_READ) != 0) {
1713 bp->b_resid = bp->b_bcount;
1714 bioerror(bp, 0);
1715 } else {
1716 /* writes should fail */
1717 bioerror(bp, ENXIO);
1718 }
1719 biodone(bp);
1720 mutex_exit(&lsp->ls_vp_lock);
1721 return (0);
1722 }
1723 if ((offset > lsp->ls_vp_size) ||
1724 (offset > (((p_lba + p_nblks) << shift) + lsp->ls_crypto_offset)) ||
1725 ((offset + bp->b_bcount) > ((p_lba + p_nblks) << shift))) {
1726 bioerror(bp, ENXIO);
1727 biodone(bp);
1728 mutex_exit(&lsp->ls_vp_lock);
1729 return (0);
1730 }
1731
1732 mutex_exit(&lsp->ls_vp_lock);
1733
1734 if (lsp->ls_kstat) {
1735 mutex_enter(lsp->ls_kstat->ks_lock);
1736 kstat_waitq_enter(KSTAT_IO_PTR(lsp->ls_kstat));
1737 mutex_exit(lsp->ls_kstat->ks_lock);
1738 }
1739 bp->b_private = (void *)(uintptr_t)p_lba; /* partition start */
1740 (void) taskq_dispatch(lsp->ls_taskq, lofi_strategy_task, bp, KM_SLEEP);
1741 return (0);
1742 }
1743
1744 /*ARGSUSED2*/
1745 static int
1746 lofi_read(dev_t dev, struct uio *uio, struct cred *credp)
1747 {
1748 if (getminor(dev) == 0)
1749 return (EINVAL);
1750 UIO_CHECK(uio);
1751 return (physio(lofi_strategy, NULL, dev, B_READ, minphys, uio));
1752 }
1753
1754 /*ARGSUSED2*/
1755 static int
1756 lofi_write(dev_t dev, struct uio *uio, struct cred *credp)
1757 {
1758 if (getminor(dev) == 0)
1759 return (EINVAL);
1760 UIO_CHECK(uio);
1761 return (physio(lofi_strategy, NULL, dev, B_WRITE, minphys, uio));
1762 }
1763
1764 /*ARGSUSED2*/
1765 static int
1766 lofi_aread(dev_t dev, struct aio_req *aio, struct cred *credp)
1767 {
1768 if (getminor(dev) == 0)
1769 return (EINVAL);
1770 UIO_CHECK(aio->aio_uio);
1771 return (aphysio(lofi_strategy, anocancel, dev, B_READ, minphys, aio));
1772 }
1773
1774 /*ARGSUSED2*/
1775 static int
1776 lofi_awrite(dev_t dev, struct aio_req *aio, struct cred *credp)
1777 {
1778 if (getminor(dev) == 0)
1779 return (EINVAL);
1780 UIO_CHECK(aio->aio_uio);
1781 return (aphysio(lofi_strategy, anocancel, dev, B_WRITE, minphys, aio));
1782 }
1783
1784 /*ARGSUSED*/
1785 static int
1786 lofi_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result)
1787 {
1788 struct lofi_state *lsp;
1789 dev_t dev = (dev_t)arg;
1790 int instance;
1791
1792 instance = LOFI_MINOR2ID(getminor(dev));
1793 switch (infocmd) {
1794 case DDI_INFO_DEVT2DEVINFO:
1795 lsp = ddi_get_soft_state(lofi_statep, instance);
1796 if (lsp == NULL)
1797 return (DDI_FAILURE);
1798 *result = lsp->ls_dip;
1799 return (DDI_SUCCESS);
1800 case DDI_INFO_DEVT2INSTANCE:
1801 *result = (void *) (intptr_t)instance;
1802 return (DDI_SUCCESS);
1803 }
1804 return (DDI_FAILURE);
1805 }
1806
1807 static int
1808 lofi_create_minor_nodes(struct lofi_state *lsp, boolean_t labeled)
1809 {
1810 int error = 0;
1811 int instance = ddi_get_instance(lsp->ls_dip);
1812
1813 if (labeled == B_TRUE) {
1814 cmlb_alloc_handle(&lsp->ls_cmlbhandle);
1815 error = cmlb_attach(lsp->ls_dip, &lofi_tg_ops, DTYPE_DIRECT,
1816 B_FALSE, B_FALSE, DDI_NT_BLOCK_CHAN,
1817 CMLB_CREATE_P0_MINOR_NODE, lsp->ls_cmlbhandle, (void *)1);
1818
1819 if (error != DDI_SUCCESS) {
1820 cmlb_free_handle(&lsp->ls_cmlbhandle);
1821 lsp->ls_cmlbhandle = NULL;
1822 error = ENXIO;
1823 }
1824 } else {
1825 /* create minor nodes */
1826 error = ddi_create_minor_node(lsp->ls_dip, LOFI_BLOCK_NODE,
1827 S_IFBLK, LOFI_ID2MINOR(instance), DDI_PSEUDO, 0);
1828 if (error == DDI_SUCCESS) {
1829 error = ddi_create_minor_node(lsp->ls_dip,
1830 LOFI_CHAR_NODE, S_IFCHR, LOFI_ID2MINOR(instance),
1831 DDI_PSEUDO, 0);
1832 if (error != DDI_SUCCESS) {
1833 ddi_remove_minor_node(lsp->ls_dip,
1834 LOFI_BLOCK_NODE);
1835 error = ENXIO;
1836 }
1837 } else
1838 error = ENXIO;
1839 }
1840 return (error);
1841 }
1842
1843 static int
1844 lofi_zone_bind(struct lofi_state *lsp)
1845 {
1846 int error = 0;
1847
1848 mutex_enter(&curproc->p_lock);
1849 if ((error = rctl_incr_lofi(curproc, curproc->p_zone, 1)) != 0) {
1850 mutex_exit(&curproc->p_lock);
1851 return (error);
1852 }
1853 mutex_exit(&curproc->p_lock);
1854
1855 if (ddi_prop_update_string(DDI_DEV_T_NONE, lsp->ls_dip, ZONE_PROP_NAME,
1856 (char *)curproc->p_zone->zone_name) != DDI_PROP_SUCCESS) {
1857 rctl_decr_lofi(curproc->p_zone, 1);
1858 error = EINVAL;
1859 } else {
1860 zone_init_ref(&lsp->ls_zone);
1861 zone_hold_ref(curzone, &lsp->ls_zone, ZONE_REF_LOFI);
1862 }
1863 return (error);
1864 }
1865
1866 static void
1867 lofi_zone_unbind(struct lofi_state *lsp)
1868 {
1869 (void) ddi_prop_remove(DDI_DEV_T_NONE, lsp->ls_dip, ZONE_PROP_NAME);
1870 rctl_decr_lofi(curproc->p_zone, 1);
1871 zone_rele_ref(&lsp->ls_zone, ZONE_REF_LOFI);
1872 }
1873
1874 static int
1875 lofi_online_dev(dev_info_t *dip)
1876 {
1877 boolean_t labeled;
1878 int error;
1879 int instance = ddi_get_instance(dip);
1880 struct lofi_state *lsp;
1881
1882 labeled = B_FALSE;
1883 if (ddi_prop_exists(DDI_DEV_T_ANY, dip, DDI_PROP_DONTPASS, "labeled"))
1884 labeled = B_TRUE;
1885
1886 /* lsp alloc+init, soft state is freed in lofi_detach */
1887 error = ddi_soft_state_zalloc(lofi_statep, instance);
1888 if (error == DDI_FAILURE) {
1889 return (ENOMEM);
1890 }
1891
1892 lsp = ddi_get_soft_state(lofi_statep, instance);
1893 lsp->ls_dip = dip;
1894
1895 if ((error = lofi_zone_bind(lsp)) != 0)
1896 goto err;
1897
1898 cv_init(&lsp->ls_vp_cv, NULL, CV_DRIVER, NULL);
1899 mutex_init(&lsp->ls_comp_cache_lock, NULL, MUTEX_DRIVER, NULL);
1900 mutex_init(&lsp->ls_comp_bufs_lock, NULL, MUTEX_DRIVER, NULL);
1901 mutex_init(&lsp->ls_kstat_lock, NULL, MUTEX_DRIVER, NULL);
1902 mutex_init(&lsp->ls_vp_lock, NULL, MUTEX_DRIVER, NULL);
1903
1904 if ((error = lofi_create_minor_nodes(lsp, labeled)) != 0) {
1905 lofi_zone_unbind(lsp);
1906 goto lerr;
1907 }
1908
1909 /* driver handles kernel-issued IOCTLs */
1910 if (ddi_prop_create(DDI_DEV_T_NONE, dip, DDI_PROP_CANSLEEP,
1911 DDI_KERNEL_IOCTL, NULL, 0) != DDI_PROP_SUCCESS) {
1912 error = DDI_FAILURE;
1913 goto merr;
1914 }
1915
1916 lsp->ls_kstat = kstat_create_zone(LOFI_DRIVER_NAME, instance,
1917 NULL, "disk", KSTAT_TYPE_IO, 1, 0, getzoneid());
1918 if (lsp->ls_kstat == NULL) {
1919 (void) ddi_prop_remove(DDI_DEV_T_NONE, lsp->ls_dip,
1920 DDI_KERNEL_IOCTL);
1921 error = ENOMEM;
1922 goto merr;
1923 }
1924
1925 lsp->ls_kstat->ks_lock = &lsp->ls_kstat_lock;
1926 kstat_zone_add(lsp->ls_kstat, GLOBAL_ZONEID);
1927 kstat_install(lsp->ls_kstat);
1928 return (DDI_SUCCESS);
1929 merr:
1930 if (lsp->ls_cmlbhandle != NULL) {
1931 cmlb_detach(lsp->ls_cmlbhandle, 0);
1932 cmlb_free_handle(&lsp->ls_cmlbhandle);
1933 }
1934 ddi_remove_minor_node(dip, NULL);
1935 lofi_zone_unbind(lsp);
1936 lerr:
1937 mutex_destroy(&lsp->ls_comp_cache_lock);
1938 mutex_destroy(&lsp->ls_comp_bufs_lock);
1939 mutex_destroy(&lsp->ls_kstat_lock);
1940 mutex_destroy(&lsp->ls_vp_lock);
1941 cv_destroy(&lsp->ls_vp_cv);
1942 err:
1943 ddi_soft_state_free(lofi_statep, instance);
1944 return (error);
1945 }
1946
1947 static int
1948 lofi_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
1949 {
1950 int rv;
1951 int instance = ddi_get_instance(dip);
1952 struct lofi_state *lsp;
1953
1954 if (cmd != DDI_ATTACH)
1955 return (DDI_FAILURE);
1956
1957 /*
1958 * Instance 0 is control instance, attaching control instance
1959 * will set the lofi up and ready.
1960 */
1961 if (instance == 0) {
1962 rv = ddi_soft_state_zalloc(lofi_statep, 0);
1963 if (rv == DDI_FAILURE) {
1964 return (DDI_FAILURE);
1965 }
1966 lsp = ddi_get_soft_state(lofi_statep, instance);
1967 rv = ddi_create_minor_node(dip, LOFI_CTL_NODE, S_IFCHR, 0,
1968 DDI_PSEUDO, 0);
1969 if (rv == DDI_FAILURE) {
1970 ddi_soft_state_free(lofi_statep, 0);
1971 return (DDI_FAILURE);
1972 }
1973 /* driver handles kernel-issued IOCTLs */
1974 if (ddi_prop_create(DDI_DEV_T_NONE, dip, DDI_PROP_CANSLEEP,
1975 DDI_KERNEL_IOCTL, NULL, 0) != DDI_PROP_SUCCESS) {
1976 ddi_remove_minor_node(dip, NULL);
1977 ddi_soft_state_free(lofi_statep, 0);
1978 return (DDI_FAILURE);
1979 }
1980
1981 zone_key_create(&lofi_zone_key, NULL, lofi_zone_shutdown, NULL);
1982
1983 lsp->ls_dip = dip;
1984 } else {
1985 if (lofi_online_dev(dip) == DDI_FAILURE)
1986 return (DDI_FAILURE);
1987 }
1988
1989 ddi_report_dev(dip);
1990 return (DDI_SUCCESS);
1991 }
1992
1993 static int
1994 lofi_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
1995 {
1996 struct lofi_state *lsp;
1997 int instance = ddi_get_instance(dip);
1998
1999 if (cmd != DDI_DETACH)
2000 return (DDI_FAILURE);
2001
2002 /*
2003 * If the instance is not 0, release state.
2004 * The instance 0 is control device, we can not detach it
2005 * before other instances are detached.
2006 */
2007 if (instance != 0) {
2008 lsp = ddi_get_soft_state(lofi_statep, instance);
2009 if (lsp != NULL && lsp->ls_vp_ready == B_FALSE) {
2010 ddi_soft_state_free(lofi_statep, instance);
2011 return (DDI_SUCCESS);
2012 } else
2013 return (DDI_FAILURE);
2014 }
2015 mutex_enter(&lofi_lock);
2016
2017 if (!list_is_empty(&lofi_list)) {
2018 mutex_exit(&lofi_lock);
2019 return (DDI_FAILURE);
2020 }
2021
2022 ddi_remove_minor_node(dip, NULL);
2023 ddi_prop_remove_all(dip);
2024
2025 mutex_exit(&lofi_lock);
2026
2027 if (zone_key_delete(lofi_zone_key) != 0)
2028 cmn_err(CE_WARN, "failed to delete zone key");
2029
2030 ddi_soft_state_free(lofi_statep, 0);
2031
2032 return (DDI_SUCCESS);
2033 }
2034
2035 /*
2036 * With the addition of encryption, we must be careful that encryption key is
2037 * wiped before kernel's data structures are freed so it cannot accidentally
2038 * slip out to userland through uninitialized data elsewhere.
2039 */
2040 static void
2041 free_lofi_ioctl(struct lofi_ioctl *klip)
2042 {
2043 /* Make sure this encryption key doesn't stick around */
2044 bzero(klip->li_key, sizeof (klip->li_key));
2045 kmem_free(klip, sizeof (struct lofi_ioctl));
2046 }
2047
2048 /*
2049 * These two functions simplify the rest of the ioctls that need to copyin/out
2050 * the lofi_ioctl structure.
2051 */
2052 int
2053 copy_in_lofi_ioctl(const struct lofi_ioctl *ulip, struct lofi_ioctl **klipp,
2054 int flag)
2055 {
2056 struct lofi_ioctl *klip;
2057 int error;
2058
2059 klip = *klipp = kmem_alloc(sizeof (struct lofi_ioctl), KM_SLEEP);
2060 error = ddi_copyin(ulip, klip, sizeof (struct lofi_ioctl), flag);
2061 if (error)
2062 goto err;
2063
2064 /* ensure NULL termination */
2065 klip->li_filename[MAXPATHLEN-1] = '\0';
2066 klip->li_devpath[MAXPATHLEN-1] = '\0';
2067 klip->li_algorithm[MAXALGLEN-1] = '\0';
2068 klip->li_cipher[CRYPTO_MAX_MECH_NAME-1] = '\0';
2069 klip->li_iv_cipher[CRYPTO_MAX_MECH_NAME-1] = '\0';
2070
2071 if (klip->li_id > L_MAXMIN32) {
2072 error = EINVAL;
2073 goto err;
2074 }
2075
2076 return (0);
2077
2078 err:
2079 free_lofi_ioctl(klip);
2080 return (error);
2081 }
2082
2083 int
2084 copy_out_lofi_ioctl(const struct lofi_ioctl *klip, struct lofi_ioctl *ulip,
2085 int flag)
2086 {
2087 int error;
2088
2089 /*
2090 * NOTE: Do NOT copy the crypto_key_t "back" to userland.
2091 * This ensures that an attacker can't trivially find the
2092 * key for a mapping just by issuing the ioctl.
2093 *
2094 * It can still be found by poking around in kmem with mdb(1),
2095 * but there is no point in making it easy when the info isn't
2096 * of any use in this direction anyway.
2097 *
2098 * Either way we don't actually have the raw key stored in
2099 * a form that we can get it anyway, since we just used it
2100 * to create a ctx template and didn't keep "the original".
2101 */
2102 error = ddi_copyout(klip, ulip, sizeof (struct lofi_ioctl), flag);
2103 if (error)
2104 return (EFAULT);
2105 return (0);
2106 }
2107
2108 static int
2109 lofi_access(struct lofi_state *lsp)
2110 {
2111 ASSERT(MUTEX_HELD(&lofi_lock));
2112 if (INGLOBALZONE(curproc) || lsp->ls_zone.zref_zone == curzone)
2113 return (0);
2114 return (EPERM);
2115 }
2116
2117 /*
2118 * Find the lofi state for the given filename. We compare by vnode to
2119 * allow the global zone visibility into NGZ lofi nodes.
2120 */
2121 static int
2122 file_to_lofi_nocheck(char *filename, boolean_t readonly,
2123 struct lofi_state **lspp)
2124 {
2125 struct lofi_state *lsp;
2126 vnode_t *vp = NULL;
2127 int err = 0;
2128 int rdfiles = 0;
2129
2130 ASSERT(MUTEX_HELD(&lofi_lock));
2131
2132 if ((err = lookupname(filename, UIO_SYSSPACE, FOLLOW,
2133 NULLVPP, &vp)) != 0)
2134 goto out;
2135
2136 if (vp->v_type == VREG) {
2137 vnode_t *realvp;
2138 if (VOP_REALVP(vp, &realvp, NULL) == 0) {
2139 VN_HOLD(realvp);
2140 VN_RELE(vp);
2141 vp = realvp;
2142 }
2143 }
2144
2145 for (lsp = list_head(&lofi_list); lsp != NULL;
2146 lsp = list_next(&lofi_list, lsp)) {
2147 if (lsp->ls_vp == vp) {
2148 if (lspp != NULL)
2149 *lspp = lsp;
2150 if (lsp->ls_readonly) {
2151 rdfiles++;
2152 /* Skip if '-r' is specified */
2153 if (readonly)
2154 continue;
2155 }
2156 goto out;
2157 }
2158 }
2159
2160 err = ENOENT;
2161
2162 /*
2163 * If a filename is given as an argument for lofi_unmap, we shouldn't
2164 * allow unmap if there are multiple read-only lofi devices associated
2165 * with this file.
2166 */
2167 if (lspp != NULL) {
2168 if (rdfiles == 1)
2169 err = 0;
2170 else if (rdfiles > 1)
2171 err = EBUSY;
2172 }
2173
2174 out:
2175 if (vp != NULL)
2176 VN_RELE(vp);
2177 return (err);
2178 }
2179
2180 /*
2181 * Find the minor for the given filename, checking the zone can access
2182 * it.
2183 */
2184 static int
2185 file_to_lofi(char *filename, boolean_t readonly, struct lofi_state **lspp)
2186 {
2187 int err = 0;
2188
2189 ASSERT(MUTEX_HELD(&lofi_lock));
2190
2191 if ((err = file_to_lofi_nocheck(filename, readonly, lspp)) != 0)
2192 return (err);
2193
2194 if ((err = lofi_access(*lspp)) != 0)
2195 return (err);
2196
2197 return (0);
2198 }
2199
2200 /*
2201 * Fakes up a disk geometry based on the size of the file. This is needed
2202 * to support newfs on traditional lofi device, but also will provide
2203 * geometry hint for cmlb.
2204 */
2205 static void
2206 fake_disk_geometry(struct lofi_state *lsp)
2207 {
2208 u_offset_t dsize = lsp->ls_vp_size - lsp->ls_crypto_offset;
2209
2210 /* dk_geom - see dkio(7I) */
2211 /*
2212 * dkg_ncyl _could_ be set to one here (one big cylinder with gobs
2213 * of sectors), but that breaks programs like fdisk which want to
2214 * partition a disk by cylinder. With one cylinder, you can't create
2215 * an fdisk partition and put pcfs on it for testing (hard to pick
2216 * a number between one and one).
2217 *
2218 * The cheezy floppy test is an attempt to not have too few cylinders
2219 * for a small file, or so many on a big file that you waste space
2220 * for backup superblocks or cylinder group structures.
2221 */
2222 bzero(&lsp->ls_dkg, sizeof (lsp->ls_dkg));
2223 if (dsize < (2 * 1024 * 1024)) /* floppy? */
2224 lsp->ls_dkg.dkg_ncyl = dsize / (100 * 1024);
2225 else
2226 lsp->ls_dkg.dkg_ncyl = dsize / (300 * 1024);
2227 /* in case file file is < 100k */
2228 if (lsp->ls_dkg.dkg_ncyl == 0)
2229 lsp->ls_dkg.dkg_ncyl = 1;
2230
2231 lsp->ls_dkg.dkg_pcyl = lsp->ls_dkg.dkg_ncyl;
2232 lsp->ls_dkg.dkg_nhead = 1;
2233 lsp->ls_dkg.dkg_rpm = 7200;
2234
2235 lsp->ls_dkg.dkg_nsect = dsize /
2236 (lsp->ls_dkg.dkg_ncyl << lsp->ls_pbshift);
2237 }
2238
2239 /*
2240 * build vtoc - see dkio(7I)
2241 *
2242 * Fakes one big partition based on the size of the file. This is needed
2243 * because we allow newfs'ing the traditional lofi device and newfs will
2244 * do several disk ioctls to figure out the geometry and partition information.
2245 * It uses that information to determine the parameters to pass to mkfs.
2246 */
2247 static void
2248 fake_disk_vtoc(struct lofi_state *lsp, struct vtoc *vt)
2249 {
2250 bzero(vt, sizeof (struct vtoc));
2251 vt->v_sanity = VTOC_SANE;
2252 vt->v_version = V_VERSION;
2253 (void) strncpy(vt->v_volume, LOFI_DRIVER_NAME,
2254 sizeof (vt->v_volume));
2255 vt->v_sectorsz = 1 << lsp->ls_pbshift;
2256 vt->v_nparts = 1;
2257 vt->v_part[0].p_tag = V_UNASSIGNED;
2258
2259 /*
2260 * A compressed file is read-only, other files can
2261 * be read-write
2262 */
2263 if (lsp->ls_uncomp_seg_sz > 0) {
2264 vt->v_part[0].p_flag = V_UNMNT | V_RONLY;
2265 } else {
2266 vt->v_part[0].p_flag = V_UNMNT;
2267 }
2268 vt->v_part[0].p_start = (daddr_t)0;
2269 /*
2270 * The partition size cannot just be the number of sectors, because
2271 * that might not end on a cylinder boundary. And if that's the case,
2272 * newfs/mkfs will print a scary warning. So just figure the size
2273 * based on the number of cylinders and sectors/cylinder.
2274 */
2275 vt->v_part[0].p_size = lsp->ls_dkg.dkg_pcyl *
2276 lsp->ls_dkg.dkg_nsect * lsp->ls_dkg.dkg_nhead;
2277 }
2278
2279 /*
2280 * build dk_cinfo - see dkio(7I)
2281 */
2282 static void
2283 fake_disk_info(dev_t dev, struct dk_cinfo *ci)
2284 {
2285 bzero(ci, sizeof (struct dk_cinfo));
2286 (void) strlcpy(ci->dki_cname, LOFI_DRIVER_NAME, sizeof (ci->dki_cname));
2287 ci->dki_ctype = DKC_SCSI_CCS;
2288 (void) strlcpy(ci->dki_dname, LOFI_DRIVER_NAME, sizeof (ci->dki_dname));
2289 ci->dki_unit = LOFI_MINOR2ID(getminor(dev));
2290 ci->dki_partition = LOFI_PART(getminor(dev));
2291 /*
2292 * newfs uses this to set maxcontig. Must not be < 16, or it
2293 * will be 0 when newfs multiplies it by DEV_BSIZE and divides
2294 * it by the block size. Then tunefs doesn't work because
2295 * maxcontig is 0.
2296 */
2297 ci->dki_maxtransfer = 16;
2298 }
2299
2300 /*
2301 * map in a compressed file
2302 *
2303 * Read in the header and the index that follows.
2304 *
2305 * The header is as follows -
2306 *
2307 * Signature (name of the compression algorithm)
2308 * Compression segment size (a multiple of 512)
2309 * Number of index entries
2310 * Size of the last block
2311 * The array containing the index entries
2312 *
2313 * The header information is always stored in
2314 * network byte order on disk.
2315 */
2316 static int
2317 lofi_map_compressed_file(struct lofi_state *lsp, char *buf)
2318 {
2319 uint32_t index_sz, header_len, i;
2320 ssize_t resid;
2321 enum uio_rw rw;
2322 char *tbuf = buf;
2323 int error;
2324
2325 /* The signature has already been read */
2326 tbuf += sizeof (lsp->ls_comp_algorithm);
2327 bcopy(tbuf, &(lsp->ls_uncomp_seg_sz), sizeof (lsp->ls_uncomp_seg_sz));
2328 lsp->ls_uncomp_seg_sz = ntohl(lsp->ls_uncomp_seg_sz);
2329
2330 /*
2331 * The compressed segment size must be a power of 2
2332 */
2333 if (lsp->ls_uncomp_seg_sz < DEV_BSIZE ||
2334 !ISP2(lsp->ls_uncomp_seg_sz))
2335 return (EINVAL);
2336
2337 for (i = 0; !((lsp->ls_uncomp_seg_sz >> i) & 1); i++)
2338 ;
2339
2340 lsp->ls_comp_seg_shift = i;
2341
2342 tbuf += sizeof (lsp->ls_uncomp_seg_sz);
2343 bcopy(tbuf, &(lsp->ls_comp_index_sz), sizeof (lsp->ls_comp_index_sz));
2344 lsp->ls_comp_index_sz = ntohl(lsp->ls_comp_index_sz);
2345
2346 tbuf += sizeof (lsp->ls_comp_index_sz);
2347 bcopy(tbuf, &(lsp->ls_uncomp_last_seg_sz),
2348 sizeof (lsp->ls_uncomp_last_seg_sz));
2349 lsp->ls_uncomp_last_seg_sz = ntohl(lsp->ls_uncomp_last_seg_sz);
2350
2351 /*
2352 * Compute the total size of the uncompressed data
2353 * for use in fake_disk_geometry and other calculations.
2354 * Disk geometry has to be faked with respect to the
2355 * actual uncompressed data size rather than the
2356 * compressed file size.
2357 */
2358 lsp->ls_vp_size =
2359 (u_offset_t)(lsp->ls_comp_index_sz - 2) * lsp->ls_uncomp_seg_sz
2360 + lsp->ls_uncomp_last_seg_sz;
2361
2362 /*
2363 * Index size is rounded up to DEV_BSIZE for ease
2364 * of segmapping
2365 */
2366 index_sz = sizeof (*lsp->ls_comp_seg_index) * lsp->ls_comp_index_sz;
2367 header_len = sizeof (lsp->ls_comp_algorithm) +
2368 sizeof (lsp->ls_uncomp_seg_sz) +
2369 sizeof (lsp->ls_comp_index_sz) +
2370 sizeof (lsp->ls_uncomp_last_seg_sz);
2371 lsp->ls_comp_offbase = header_len + index_sz;
2372
2373 index_sz += header_len;
2374 index_sz = roundup(index_sz, DEV_BSIZE);
2375
2376 lsp->ls_comp_index_data = kmem_alloc(index_sz, KM_SLEEP);
2377 lsp->ls_comp_index_data_sz = index_sz;
2378
2379 /*
2380 * Read in the index -- this has a side-effect
2381 * of reading in the header as well
2382 */
2383 rw = UIO_READ;
2384 error = vn_rdwr(rw, lsp->ls_vp, lsp->ls_comp_index_data, index_sz,
2385 0, UIO_SYSSPACE, 0, RLIM64_INFINITY, kcred, &resid);
2386
2387 if (error != 0)
2388 return (error);
2389
2390 /* Skip the header, this is where the index really begins */
2391 lsp->ls_comp_seg_index =
2392 /*LINTED*/
2393 (uint64_t *)(lsp->ls_comp_index_data + header_len);
2394
2395 /*
2396 * Now recompute offsets in the index to account for
2397 * the header length
2398 */
2399 for (i = 0; i < lsp->ls_comp_index_sz; i++) {
2400 lsp->ls_comp_seg_index[i] = lsp->ls_comp_offbase +
2401 BE_64(lsp->ls_comp_seg_index[i]);
2402 }
2403
2404 return (error);
2405 }
2406
2407 static int
2408 lofi_init_crypto(struct lofi_state *lsp, struct lofi_ioctl *klip)
2409 {
2410 struct crypto_meta chead;
2411 char buf[DEV_BSIZE];
2412 ssize_t resid;
2413 char *marker;
2414 int error;
2415 int ret;
2416 int i;
2417
2418 if (!klip->li_crypto_enabled)
2419 return (0);
2420
2421 /*
2422 * All current algorithms have a max of 448 bits.
2423 */
2424 if (klip->li_iv_len > CRYPTO_BITS2BYTES(512))
2425 return (EINVAL);
2426
2427 if (CRYPTO_BITS2BYTES(klip->li_key_len) > sizeof (klip->li_key))
2428 return (EINVAL);
2429
2430 lsp->ls_crypto_enabled = klip->li_crypto_enabled;
2431
2432 mutex_init(&lsp->ls_crypto_lock, NULL, MUTEX_DRIVER, NULL);
2433
2434 lsp->ls_mech.cm_type = crypto_mech2id(klip->li_cipher);
2435 if (lsp->ls_mech.cm_type == CRYPTO_MECH_INVALID) {
2436 cmn_err(CE_WARN, "invalid cipher %s requested for %s",
2437 klip->li_cipher, klip->li_filename);
2438 return (EINVAL);
2439 }
2440
2441 /* this is just initialization here */
2442 lsp->ls_mech.cm_param = NULL;
2443 lsp->ls_mech.cm_param_len = 0;
2444
2445 lsp->ls_iv_type = klip->li_iv_type;
2446 lsp->ls_iv_mech.cm_type = crypto_mech2id(klip->li_iv_cipher);
2447 if (lsp->ls_iv_mech.cm_type == CRYPTO_MECH_INVALID) {
2448 cmn_err(CE_WARN, "invalid iv cipher %s requested"
2449 " for %s", klip->li_iv_cipher, klip->li_filename);
2450 return (EINVAL);
2451 }
2452
2453 /* iv mech must itself take a null iv */
2454 lsp->ls_iv_mech.cm_param = NULL;
2455 lsp->ls_iv_mech.cm_param_len = 0;
2456 lsp->ls_iv_len = klip->li_iv_len;
2457
2458 /*
2459 * Create ctx using li_cipher & the raw li_key after checking
2460 * that it isn't a weak key.
2461 */
2462 lsp->ls_key.ck_format = CRYPTO_KEY_RAW;
2463 lsp->ls_key.ck_length = klip->li_key_len;
2464 lsp->ls_key.ck_data = kmem_alloc(
2465 CRYPTO_BITS2BYTES(lsp->ls_key.ck_length), KM_SLEEP);
2466 bcopy(klip->li_key, lsp->ls_key.ck_data,
2467 CRYPTO_BITS2BYTES(lsp->ls_key.ck_length));
2468
2469 ret = crypto_key_check(&lsp->ls_mech, &lsp->ls_key);
2470 if (ret != CRYPTO_SUCCESS) {
2471 cmn_err(CE_WARN, "weak key check failed for cipher "
2472 "%s on file %s (0x%x)", klip->li_cipher,
2473 klip->li_filename, ret);
2474 return (EINVAL);
2475 }
2476
2477 error = vn_rdwr(UIO_READ, lsp->ls_vp, buf, DEV_BSIZE,
2478 CRYOFF, UIO_SYSSPACE, 0, RLIM64_INFINITY, kcred, &resid);
2479 if (error != 0)
2480 return (error);
2481
2482 /*
2483 * This is the case where the header in the lofi image is already
2484 * initialized to indicate it is encrypted.
2485 */
2486 if (strncmp(buf, lofi_crypto_magic, sizeof (lofi_crypto_magic)) == 0) {
2487 /*
2488 * The encryption header information is laid out this way:
2489 * 6 bytes: hex "CFLOFI"
2490 * 2 bytes: version = 0 ... for now
2491 * 96 bytes: reserved1 (not implemented yet)
2492 * 4 bytes: data_sector = 2 ... for now
2493 * more... not implemented yet
2494 */
2495
2496 marker = buf;
2497
2498 /* copy the magic */
2499 bcopy(marker, lsp->ls_crypto.magic,
2500 sizeof (lsp->ls_crypto.magic));
2501 marker += sizeof (lsp->ls_crypto.magic);
2502
2503 /* read the encryption version number */
2504 bcopy(marker, &(lsp->ls_crypto.version),
2505 sizeof (lsp->ls_crypto.version));
2506 lsp->ls_crypto.version = ntohs(lsp->ls_crypto.version);
2507 marker += sizeof (lsp->ls_crypto.version);
2508
2509 /* read a chunk of reserved data */
2510 bcopy(marker, lsp->ls_crypto.reserved1,
2511 sizeof (lsp->ls_crypto.reserved1));
2512 marker += sizeof (lsp->ls_crypto.reserved1);
2513
2514 /* read block number where encrypted data begins */
2515 bcopy(marker, &(lsp->ls_crypto.data_sector),
2516 sizeof (lsp->ls_crypto.data_sector));
2517 lsp->ls_crypto.data_sector = ntohl(lsp->ls_crypto.data_sector);
2518 marker += sizeof (lsp->ls_crypto.data_sector);
2519
2520 /* and ignore the rest until it is implemented */
2521
2522 lsp->ls_crypto_offset = lsp->ls_crypto.data_sector * DEV_BSIZE;
2523 return (0);
2524 }
2525
2526 /*
2527 * We've requested encryption, but no magic was found, so it must be
2528 * a new image.
2529 */
2530
2531 for (i = 0; i < sizeof (struct crypto_meta); i++) {
2532 if (buf[i] != '\0')
2533 return (EINVAL);
2534 }
2535
2536 marker = buf;
2537 bcopy(lofi_crypto_magic, marker, sizeof (lofi_crypto_magic));
2538 marker += sizeof (lofi_crypto_magic);
2539 chead.version = htons(LOFI_CRYPTO_VERSION);
2540 bcopy(&(chead.version), marker, sizeof (chead.version));
2541 marker += sizeof (chead.version);
2542 marker += sizeof (chead.reserved1);
2543 chead.data_sector = htonl(LOFI_CRYPTO_DATA_SECTOR);
2544 bcopy(&(chead.data_sector), marker, sizeof (chead.data_sector));
2545
2546 /* write the header */
2547 error = vn_rdwr(UIO_WRITE, lsp->ls_vp, buf, DEV_BSIZE,
2548 CRYOFF, UIO_SYSSPACE, 0, RLIM64_INFINITY, kcred, &resid);
2549 if (error != 0)
2550 return (error);
2551
2552 /* fix things up so it looks like we read this info */
2553 bcopy(lofi_crypto_magic, lsp->ls_crypto.magic,
2554 sizeof (lofi_crypto_magic));
2555 lsp->ls_crypto.version = LOFI_CRYPTO_VERSION;
2556 lsp->ls_crypto.data_sector = LOFI_CRYPTO_DATA_SECTOR;
2557 lsp->ls_crypto_offset = lsp->ls_crypto.data_sector * DEV_BSIZE;
2558 return (0);
2559 }
2560
2561 /*
2562 * Check to see if the passed in signature is a valid one. If it is
2563 * valid, return the index into lofi_compress_table.
2564 *
2565 * Return -1 if it is invalid
2566 */
2567 static int
2568 lofi_compress_select(const char *signature)
2569 {
2570 int i;
2571
2572 for (i = 0; i < LOFI_COMPRESS_FUNCTIONS; i++) {
2573 if (strcmp(lofi_compress_table[i].l_name, signature) == 0)
2574 return (i);
2575 }
2576
2577 return (-1);
2578 }
2579
2580 static int
2581 lofi_init_compress(struct lofi_state *lsp)
2582 {
2583 char buf[DEV_BSIZE];
2584 int compress_index;
2585 ssize_t resid;
2586 int error;
2587
2588 error = vn_rdwr(UIO_READ, lsp->ls_vp, buf, DEV_BSIZE, 0, UIO_SYSSPACE,
2589 0, RLIM64_INFINITY, kcred, &resid);
2590
2591 if (error != 0)
2592 return (error);
2593
2594 if ((compress_index = lofi_compress_select(buf)) == -1)
2595 return (0);
2596
2597 /* compression and encryption are mutually exclusive */
2598 if (lsp->ls_crypto_enabled)
2599 return (ENOTSUP);
2600
2601 /* initialize compression info for compressed lofi */
2602 lsp->ls_comp_algorithm_index = compress_index;
2603 (void) strlcpy(lsp->ls_comp_algorithm,
2604 lofi_compress_table[compress_index].l_name,
2605 sizeof (lsp->ls_comp_algorithm));
2606
2607 /* Finally setup per-thread pre-allocated buffers */
2608 lsp->ls_comp_bufs = kmem_zalloc(lofi_taskq_nthreads *
2609 sizeof (struct compbuf), KM_SLEEP);
2610
2611 return (lofi_map_compressed_file(lsp, buf));
2612 }
2613
2614 /*
2615 * Allocate new or proposed id from lofi_id.
2616 *
2617 * Special cases for proposed id:
2618 * 0: not allowed, 0 is id for control device.
2619 * -1: allocate first usable id from lofi_id.
2620 * any other value is proposed value from userland
2621 *
2622 * returns DDI_SUCCESS or errno.
2623 */
2624 static int
2625 lofi_alloc_id(int *idp)
2626 {
2627 int id, error = DDI_SUCCESS;
2628
2629 if (*idp == -1) {
2630 id = id_allocff_nosleep(lofi_id);
2631 if (id == -1) {
2632 error = EAGAIN;
2633 goto err;
2634 }
2635 } else if (*idp == 0) {
2636 error = EINVAL;
2637 goto err;
2638 } else if (*idp > ((1 << (L_BITSMINOR - LOFI_CMLB_SHIFT)) - 1)) {
2639 error = ERANGE;
2640 goto err;
2641 } else {
2642 if (ddi_get_soft_state(lofi_statep, *idp) != NULL) {
2643 error = EEXIST;
2644 goto err;
2645 }
2646
2647 id = id_alloc_specific_nosleep(lofi_id, *idp);
2648 if (id == -1) {
2649 error = EAGAIN;
2650 goto err;
2651 }
2652 }
2653 *idp = id;
2654 err:
2655 return (error);
2656 }
2657
2658 static int
2659 lofi_create_dev(struct lofi_ioctl *klip)
2660 {
2661 dev_info_t *parent, *child;
2662 struct lofi_state *lsp = NULL;
2663 char namebuf[MAXNAMELEN];
2664 int error, circ;
2665
2666 /* get control device */
2667 lsp = ddi_get_soft_state(lofi_statep, 0);
2668 parent = ddi_get_parent(lsp->ls_dip);
2669
2670 if ((error = lofi_alloc_id((int *)&klip->li_id)))
2671 return (error);
2672
2673 (void) snprintf(namebuf, sizeof (namebuf), LOFI_DRIVER_NAME "@%d",
2674 klip->li_id);
2675
2676 ndi_devi_enter(parent, &circ);
2677 child = ndi_devi_findchild(parent, namebuf);
2678 ndi_devi_exit(parent, circ);
2679
2680 if (child == NULL) {
2681 child = ddi_add_child(parent, LOFI_DRIVER_NAME,
2682 (pnode_t)DEVI_SID_NODEID, klip->li_id);
2683 if ((error = ddi_prop_update_int(DDI_DEV_T_NONE, child,
2684 "instance", klip->li_id)) != DDI_PROP_SUCCESS)
2685 goto err;
2686
2687 if (klip->li_labeled == B_TRUE) {
2688 if ((error = ddi_prop_create(DDI_DEV_T_NONE, child,
2689 DDI_PROP_CANSLEEP, "labeled", 0, 0))
2690 != DDI_PROP_SUCCESS)
2691 goto err;
2692 }
2693
2694 if ((error = ndi_devi_online(child, NDI_ONLINE_ATTACH))
2695 != NDI_SUCCESS)
2696 goto err;
2697 } else {
2698 id_free(lofi_id, klip->li_id);
2699 error = EEXIST;
2700 return (error);
2701 }
2702
2703 goto done;
2704
2705 err:
2706 ddi_prop_remove_all(child);
2707 (void) ndi_devi_offline(child, NDI_DEVI_REMOVE);
2708 id_free(lofi_id, klip->li_id);
2709 done:
2710
2711 return (error);
2712 }
2713
2714 static void
2715 lofi_create_inquiry(struct lofi_state *lsp, struct scsi_inquiry *inq)
2716 {
2717 char *p = NULL;
2718
2719 (void) strlcpy(inq->inq_vid, LOFI_DRIVER_NAME, sizeof (inq->inq_vid));
2720
2721 mutex_enter(&lsp->ls_vp_lock);
2722 if (lsp->ls_vp != NULL)
2723 p = strrchr(lsp->ls_vp->v_path, '/');
2724 if (p != NULL)
2725 (void) strncpy(inq->inq_pid, p + 1, sizeof (inq->inq_pid));
2726 mutex_exit(&lsp->ls_vp_lock);
2727 (void) strlcpy(inq->inq_revision, "1.0", sizeof (inq->inq_revision));
2728 }
2729
2730 /*
2731 * copy devlink name from event cache
2732 */
2733 static void
2734 lofi_copy_devpath(struct lofi_ioctl *klip)
2735 {
2736 int error;
2737 char namebuf[MAXNAMELEN], *str;
2738 clock_t ticks;
2739 nvlist_t *nvl = NULL;
2740
2741 if (klip->li_labeled == B_TRUE)
2742 klip->li_devpath[0] = '\0';
2743 else {
2744 /* no need to wait for messages */
2745 (void) snprintf(klip->li_devpath, sizeof (klip->li_devpath),
2746 "/dev/" LOFI_CHAR_NAME "/%d", klip->li_id);
2747 return;
2748 }
2749
2750 (void) snprintf(namebuf, sizeof (namebuf), "%d", klip->li_id);
2751 ticks = ddi_get_lbolt() + LOFI_TIMEOUT * drv_usectohz(1000000);
2752
2753 mutex_enter(&lofi_devlink_cache.ln_lock);
2754 error = nvlist_lookup_nvlist(lofi_devlink_cache.ln_data, namebuf, &nvl);
2755 while (error != 0) {
2756 error = cv_timedwait(&lofi_devlink_cache.ln_cv,
2757 &lofi_devlink_cache.ln_lock, ticks);
2758 if (error == -1)
2759 break;
2760 error = nvlist_lookup_nvlist(lofi_devlink_cache.ln_data,
2761 namebuf, &nvl);
2762 }
2763
2764 if (nvl != NULL) {
2765 if (nvlist_lookup_string(nvl, DEV_NAME, &str) == 0) {
2766 (void) strlcpy(klip->li_devpath, str,
2767 sizeof (klip->li_devpath));
2768 }
2769 }
2770 mutex_exit(&lofi_devlink_cache.ln_lock);
2771 }
2772
2773 /*
2774 * map a file to a minor number. Return the minor number.
2775 */
2776 static int
2777 lofi_map_file(dev_t dev, struct lofi_ioctl *ulip, int pickminor,
2778 int *rvalp, struct cred *credp, int ioctl_flag)
2779 {
2780 int id = -1;
2781 struct lofi_state *lsp = NULL;
2782 struct lofi_ioctl *klip;
2783 int error;
2784 struct vnode *vp = NULL;
2785 vattr_t vattr;
2786 int flag;
2787 char namebuf[MAXNAMELEN];
2788
2789 error = copy_in_lofi_ioctl(ulip, &klip, ioctl_flag);
2790 if (error != 0)
2791 return (error);
2792
2793 mutex_enter(&lofi_lock);
2794
2795 if (file_to_lofi_nocheck(klip->li_filename, klip->li_readonly,
2796 NULL) == 0) {
2797 error = EBUSY;
2798 goto err;
2799 }
2800
2801 flag = FREAD | FWRITE | FOFFMAX | FEXCL;
2802 error = vn_open(klip->li_filename, UIO_SYSSPACE, flag, 0, &vp, 0, 0);
2803 if (error) {
2804 /* try read-only */
2805 flag &= ~FWRITE;
2806 error = vn_open(klip->li_filename, UIO_SYSSPACE, flag, 0,
2807 &vp, 0, 0);
2808 if (error)
2809 goto err;
2810 }
2811
2812 if (!V_ISLOFIABLE(vp->v_type)) {
2813 error = EINVAL;
2814 goto err;
2815 }
2816
2817 vattr.va_mask = AT_SIZE;
2818 error = VOP_GETATTR(vp, &vattr, 0, credp, NULL);
2819 if (error)
2820 goto err;
2821
2822 /* the file needs to be a multiple of the block size */
2823 if ((vattr.va_size % DEV_BSIZE) != 0) {
2824 error = EINVAL;
2825 goto err;
2826 }
2827
2828 if (pickminor) {
2829 klip->li_id = (uint32_t)-1;
2830 }
2831 if ((error = lofi_create_dev(klip)) != 0)
2832 goto err;
2833
2834 id = klip->li_id;
2835 lsp = ddi_get_soft_state(lofi_statep, id);
2836 if (lsp == NULL)
2837 goto err;
2838
2839 /*
2840 * from this point lofi_destroy() is used to clean up on error
2841 * make sure the basic data is set
2842 */
2843 list_insert_tail(&lofi_list, lsp);
2844 lsp->ls_dev = makedevice(getmajor(dev), LOFI_ID2MINOR(id));
2845
2846 list_create(&lsp->ls_comp_cache, sizeof (struct lofi_comp_cache),
2847 offsetof(struct lofi_comp_cache, lc_list));
2848
2849 /*
2850 * save open mode so file can be closed properly and vnode counts
2851 * updated correctly.
2852 */
2853 lsp->ls_openflag = flag;
2854
2855 lsp->ls_vp = vp;
2856 lsp->ls_stacked_vp = vp;
2857
2858 lsp->ls_vp_size = vattr.va_size;
2859 lsp->ls_vp_comp_size = lsp->ls_vp_size;
2860
2861 /*
2862 * Try to handle stacked lofs vnodes.
2863 */
2864 if (vp->v_type == VREG) {
2865 vnode_t *realvp;
2866
2867 if (VOP_REALVP(vp, &realvp, NULL) == 0) {
2868 /*
2869 * We need to use the realvp for uniqueness
2870 * checking, but keep the stacked vp for
2871 * LOFI_GET_FILENAME display.
2872 */
2873 VN_HOLD(realvp);
2874 lsp->ls_vp = realvp;
2875 }
2876 }
2877
2878 lsp->ls_lbshift = highbit(DEV_BSIZE) - 1;
2879 lsp->ls_pbshift = lsp->ls_lbshift;
2880
2881 lsp->ls_readonly = klip->li_readonly;
2882 lsp->ls_uncomp_seg_sz = 0;
2883 lsp->ls_comp_algorithm[0] = '\0';
2884 lsp->ls_crypto_offset = 0;
2885
2886 (void) snprintf(namebuf, sizeof (namebuf), "%s_taskq_%d",
2887 LOFI_DRIVER_NAME, id);
2888 lsp->ls_taskq = taskq_create_proc(namebuf, lofi_taskq_nthreads,
2889 minclsyspri, 1, lofi_taskq_maxalloc, curzone->zone_zsched, 0);
2890
2891 if ((error = lofi_init_crypto(lsp, klip)) != 0)
2892 goto err;
2893
2894 if ((error = lofi_init_compress(lsp)) != 0)
2895 goto err;
2896
2897 fake_disk_geometry(lsp);
2898
2899 /* For unlabeled lofi add Nblocks and Size */
2900 if (klip->li_labeled == B_FALSE) {
2901 error = ddi_prop_update_int64(lsp->ls_dev, lsp->ls_dip,
2902 SIZE_PROP_NAME, lsp->ls_vp_size - lsp->ls_crypto_offset);
2903 if (error != DDI_PROP_SUCCESS) {
2904 error = EINVAL;
2905 goto err;
2906 }
2907 error = ddi_prop_update_int64(lsp->ls_dev, lsp->ls_dip,
2908 NBLOCKS_PROP_NAME,
2909 (lsp->ls_vp_size - lsp->ls_crypto_offset) / DEV_BSIZE);
2910 if (error != DDI_PROP_SUCCESS) {
2911 error = EINVAL;
2912 goto err;
2913 }
2914 }
2915
2916 /*
2917 * Notify we are ready to rock.
2918 */
2919 mutex_enter(&lsp->ls_vp_lock);
2920 lsp->ls_vp_ready = B_TRUE;
2921 cv_broadcast(&lsp->ls_vp_cv);
2922 mutex_exit(&lsp->ls_vp_lock);
2923 mutex_exit(&lofi_lock);
2924
2925 lofi_copy_devpath(klip);
2926
2927 if (rvalp)
2928 *rvalp = id;
2929 (void) copy_out_lofi_ioctl(klip, ulip, ioctl_flag);
2930 free_lofi_ioctl(klip);
2931 return (0);
2932
2933 err:
2934 if (lsp != NULL) {
2935 lofi_destroy(lsp, credp);
2936 } else {
2937 if (vp != NULL) {
2938 (void) VOP_PUTPAGE(vp, 0, 0, B_FREE, credp, NULL);
2939 (void) VOP_CLOSE(vp, flag, 1, 0, credp, NULL);
2940 VN_RELE(vp);
2941 }
2942 }
2943
2944 mutex_exit(&lofi_lock);
2945 free_lofi_ioctl(klip);
2946 return (error);
2947 }
2948
2949 /*
2950 * unmap a file.
2951 */
2952 static int
2953 lofi_unmap_file(struct lofi_ioctl *ulip, int byfilename,
2954 struct cred *credp, int ioctl_flag)
2955 {
2956 struct lofi_state *lsp;
2957 struct lofi_ioctl *klip;
2958 char namebuf[MAXNAMELEN];
2959 int err;
2960
2961 err = copy_in_lofi_ioctl(ulip, &klip, ioctl_flag);
2962 if (err != 0)
2963 return (err);
2964
2965 mutex_enter(&lofi_lock);
2966 if (byfilename) {
2967 if ((err = file_to_lofi(klip->li_filename, klip->li_readonly,
2968 &lsp)) != 0) {
2969 goto done;
2970 }
2971 } else if (klip->li_id == 0) {
2972 err = ENXIO;
2973 goto done;
2974 } else {
2975 lsp = ddi_get_soft_state(lofi_statep, klip->li_id);
2976 }
2977
2978 if (lsp == NULL || lsp->ls_vp == NULL || lofi_access(lsp) != 0) {
2979 err = ENXIO;
2980 goto done;
2981 }
2982
2983 klip->li_id = LOFI_MINOR2ID(getminor(lsp->ls_dev));
2984 (void) snprintf(namebuf, sizeof (namebuf), "%u", klip->li_id);
2985
2986 /*
2987 * If it's still held open, we'll do one of three things:
2988 *
2989 * If no flag is set, just return EBUSY.
2990 *
2991 * If the 'cleanup' flag is set, unmap and remove the device when
2992 * the last user finishes.
2993 *
2994 * If the 'force' flag is set, then we forcibly close the underlying
2995 * file. Subsequent operations will fail, and the DKIOCSTATE ioctl
2996 * will return DKIO_DEV_GONE. When the device is last closed, the
2997 * device will be cleaned up appropriately.
2998 *
2999 * This is complicated by the fact that we may have outstanding
3000 * dispatched I/Os. Rather than having a single mutex to serialize all
3001 * I/O, we keep a count of the number of outstanding I/O requests
3002 * (ls_vp_iocount), as well as a flag to indicate that no new I/Os
3003 * should be dispatched (ls_vp_closereq).
3004 *
3005 * We set the flag, wait for the number of outstanding I/Os to reach 0,
3006 * and then close the underlying vnode.
3007 */
3008 if (is_opened(lsp)) {
3009 if (klip->li_force) {
3010 /* Mark the device for cleanup. */
3011 lofi_set_cleanup(lsp);
3012 mutex_enter(&lsp->ls_vp_lock);
3013 lsp->ls_vp_closereq = B_TRUE;
3014 /* Wake up any threads waiting on dkiocstate. */
3015 cv_broadcast(&lsp->ls_vp_cv);
3016 while (lsp->ls_vp_iocount > 0)
3017 cv_wait(&lsp->ls_vp_cv, &lsp->ls_vp_lock);
3018 mutex_exit(&lsp->ls_vp_lock);
3019 } else if (klip->li_cleanup) {
3020 lofi_set_cleanup(lsp);
3021 } else {
3022 err = EBUSY;
3023 }
3024 } else {
3025 lofi_free_dev(lsp);
3026 lofi_destroy(lsp, credp);
3027 }
3028
3029 /* Remove name from devlink cache */
3030 mutex_enter(&lofi_devlink_cache.ln_lock);
3031 (void) nvlist_remove_all(lofi_devlink_cache.ln_data, namebuf);
3032 mutex_exit(&lofi_devlink_cache.ln_lock);
3033 done:
3034 mutex_exit(&lofi_lock);
3035 if (err == 0)
3036 (void) copy_out_lofi_ioctl(klip, ulip, ioctl_flag);
3037 free_lofi_ioctl(klip);
3038 return (err);
3039 }
3040
3041 /*
3042 * get the filename given the minor number, or the minor number given
3043 * the name.
3044 */
3045 /*ARGSUSED*/
3046 static int
3047 lofi_get_info(dev_t dev, struct lofi_ioctl *ulip, int which,
3048 struct cred *credp, int ioctl_flag)
3049 {
3050 struct lofi_ioctl *klip;
3051 struct lofi_state *lsp;
3052 int error;
3053
3054 error = copy_in_lofi_ioctl(ulip, &klip, ioctl_flag);
3055 if (error != 0)
3056 return (error);
3057
3058 switch (which) {
3059 case LOFI_GET_FILENAME:
3060 if (klip->li_id == 0) {
3061 free_lofi_ioctl(klip);
3062 return (EINVAL);
3063 }
3064
3065 mutex_enter(&lofi_lock);
3066 lsp = ddi_get_soft_state(lofi_statep, klip->li_id);
3067 if (lsp == NULL || lofi_access(lsp) != 0) {
3068 mutex_exit(&lofi_lock);
3069 free_lofi_ioctl(klip);
3070 return (ENXIO);
3071 }
3072
3073 /*
3074 * This may fail if, for example, we're trying to look
3075 * up a zoned NFS path from the global zone.
3076 */
3077 if (vnodetopath(NULL, lsp->ls_stacked_vp, klip->li_filename,
3078 sizeof (klip->li_filename), CRED()) != 0) {
3079 (void) strlcpy(klip->li_filename, "?",
3080 sizeof (klip->li_filename));
3081 }
3082
3083 klip->li_readonly = lsp->ls_readonly;
3084 klip->li_labeled = lsp->ls_cmlbhandle != NULL;
3085
3086 (void) strlcpy(klip->li_algorithm, lsp->ls_comp_algorithm,
3087 sizeof (klip->li_algorithm));
3088 klip->li_crypto_enabled = lsp->ls_crypto_enabled;
3089 mutex_exit(&lofi_lock);
3090
3091 lofi_copy_devpath(klip);
3092 error = copy_out_lofi_ioctl(klip, ulip, ioctl_flag);
3093 free_lofi_ioctl(klip);
3094 return (error);
3095 case LOFI_GET_MINOR:
3096 mutex_enter(&lofi_lock);
3097 error = file_to_lofi(klip->li_filename,
3098 klip->li_readonly, &lsp);
3099 if (error != 0) {
3100 mutex_exit(&lofi_lock);
3101 free_lofi_ioctl(klip);
3102 return (error);
3103 }
3104 klip->li_id = LOFI_MINOR2ID(getminor(lsp->ls_dev));
3105
3106 klip->li_readonly = lsp->ls_readonly;
3107 klip->li_labeled = lsp->ls_cmlbhandle != NULL;
3108 mutex_exit(&lofi_lock);
3109
3110 lofi_copy_devpath(klip);
3111 error = copy_out_lofi_ioctl(klip, ulip, ioctl_flag);
3112
3113 free_lofi_ioctl(klip);
3114 return (error);
3115 case LOFI_CHECK_COMPRESSED:
3116 mutex_enter(&lofi_lock);
3117 error = file_to_lofi(klip->li_filename,
3118 klip->li_readonly, &lsp);
3119 if (error != 0) {
3120 mutex_exit(&lofi_lock);
3121 free_lofi_ioctl(klip);
3122 return (error);
3123 }
3124
3125 klip->li_id = LOFI_MINOR2ID(getminor(lsp->ls_dev));
3126 (void) strlcpy(klip->li_algorithm, lsp->ls_comp_algorithm,
3127 sizeof (klip->li_algorithm));
3128
3129 mutex_exit(&lofi_lock);
3130 error = copy_out_lofi_ioctl(klip, ulip, ioctl_flag);
3131 free_lofi_ioctl(klip);
3132 return (error);
3133 default:
3134 free_lofi_ioctl(klip);
3135 return (EINVAL);
3136 }
3137 }
3138
3139 static int
3140 uscsi_is_inquiry(intptr_t arg, int flag, union scsi_cdb *cdb,
3141 struct uscsi_cmd *uscmd)
3142 {
3143 int rval;
3144
3145 #ifdef _MULTI_DATAMODEL
3146 switch (ddi_model_convert_from(flag & FMODELS)) {
3147 case DDI_MODEL_ILP32: {
3148 struct uscsi_cmd32 ucmd32;
3149
3150 if (ddi_copyin((void *)arg, &ucmd32, sizeof (ucmd32), flag)) {
3151 rval = EFAULT;
3152 goto err;
3153 }
3154 uscsi_cmd32touscsi_cmd((&ucmd32), uscmd);
3155 break;
3156 }
3157 case DDI_MODEL_NONE:
3158 if (ddi_copyin((void *)arg, uscmd, sizeof (*uscmd), flag)) {
3159 rval = EFAULT;
3160 goto err;
3161 }
3162 break;
3163 default:
3164 rval = EFAULT;
3165 goto err;
3166 }
3167 #else
3168 if (ddi_copyin((void *)arg, uscmd, sizeof (*uscmd), flag)) {
3169 rval = EFAULT;
3170 goto err;
3171 }
3172 #endif /* _MULTI_DATAMODEL */
3173 if (ddi_copyin(uscmd->uscsi_cdb, cdb, uscmd->uscsi_cdblen, flag)) {
3174 rval = EFAULT;
3175 goto err;
3176 }
3177 if (cdb->scc_cmd == SCMD_INQUIRY) {
3178 return (0);
3179 }
3180 err:
3181 return (rval);
3182 }
3183
3184 static int
3185 lofi_ioctl(dev_t dev, int cmd, intptr_t arg, int flag, cred_t *credp,
3186 int *rvalp)
3187 {
3188 int error;
3189 enum dkio_state dkstate;
3190 struct lofi_state *lsp;
3191 int id;
3192
3193 id = LOFI_MINOR2ID(getminor(dev));
3194
3195 /* lofi ioctls only apply to the master device */
3196 if (id == 0) {
3197 struct lofi_ioctl *lip = (struct lofi_ioctl *)arg;
3198
3199 /*
3200 * the query command only need read-access - i.e., normal
3201 * users are allowed to do those on the ctl device as
3202 * long as they can open it read-only.
3203 */
3204 switch (cmd) {
3205 case LOFI_MAP_FILE:
3206 if ((flag & FWRITE) == 0)
3207 return (EPERM);
3208 return (lofi_map_file(dev, lip, 1, rvalp, credp, flag));
3209 case LOFI_MAP_FILE_MINOR:
3210 if ((flag & FWRITE) == 0)
3211 return (EPERM);
3212 return (lofi_map_file(dev, lip, 0, rvalp, credp, flag));
3213 case LOFI_UNMAP_FILE:
3214 if ((flag & FWRITE) == 0)
3215 return (EPERM);
3216 return (lofi_unmap_file(lip, 1, credp, flag));
3217 case LOFI_UNMAP_FILE_MINOR:
3218 if ((flag & FWRITE) == 0)
3219 return (EPERM);
3220 return (lofi_unmap_file(lip, 0, credp, flag));
3221 case LOFI_GET_FILENAME:
3222 return (lofi_get_info(dev, lip, LOFI_GET_FILENAME,
3223 credp, flag));
3224 case LOFI_GET_MINOR:
3225 return (lofi_get_info(dev, lip, LOFI_GET_MINOR,
3226 credp, flag));
3227
3228 /*
3229 * This API made limited sense when this value was fixed
3230 * at LOFI_MAX_FILES. However, its use to iterate
3231 * across all possible devices in lofiadm means we don't
3232 * want to return L_MAXMIN, but the highest
3233 * *allocated* id.
3234 */
3235 case LOFI_GET_MAXMINOR:
3236 id = 0;
3237
3238 mutex_enter(&lofi_lock);
3239
3240 for (lsp = list_head(&lofi_list); lsp != NULL;
3241 lsp = list_next(&lofi_list, lsp)) {
3242 int i;
3243 if (lofi_access(lsp) != 0)
3244 continue;
3245
3246 i = ddi_get_instance(lsp->ls_dip);
3247 if (i > id)
3248 id = i;
3249 }
3250
3251 mutex_exit(&lofi_lock);
3252
3253 error = ddi_copyout(&id, &lip->li_id,
3254 sizeof (id), flag);
3255 if (error)
3256 return (EFAULT);
3257 return (0);
3258
3259 case LOFI_CHECK_COMPRESSED:
3260 return (lofi_get_info(dev, lip, LOFI_CHECK_COMPRESSED,
3261 credp, flag));
3262 default:
3263 return (EINVAL);
3264 }
3265 }
3266
3267 mutex_enter(&lofi_lock);
3268 lsp = ddi_get_soft_state(lofi_statep, id);
3269 if (lsp == NULL || lsp->ls_cleanup) {
3270 mutex_exit(&lofi_lock);
3271 return (ENXIO);
3272 }
3273 mutex_exit(&lofi_lock);
3274
3275 if (ddi_prop_exists(DDI_DEV_T_ANY, lsp->ls_dip, DDI_PROP_DONTPASS,
3276 "labeled") == 1) {
3277 error = cmlb_ioctl(lsp->ls_cmlbhandle, dev, cmd, arg, flag,
3278 credp, rvalp, 0);
3279 if (error != ENOTTY)
3280 return (error);
3281 }
3282
3283 /*
3284 * We explicitly allow DKIOCSTATE, but all other ioctls should fail with
3285 * EIO as if the device was no longer present.
3286 */
3287 if (lsp->ls_vp == NULL && cmd != DKIOCSTATE)
3288 return (EIO);
3289
3290 /* these are for faking out utilities like newfs */
3291 switch (cmd) {
3292 case DKIOCGMEDIAINFO:
3293 case DKIOCGMEDIAINFOEXT: {
3294 struct dk_minfo_ext media_info;
3295 int shift = lsp->ls_lbshift;
3296 int size;
3297
3298 if (cmd == DKIOCGMEDIAINFOEXT) {
3299 media_info.dki_pbsize = 1U << lsp->ls_pbshift;
3300 size = sizeof (struct dk_minfo_ext);
3301 } else {
3302 size = sizeof (struct dk_minfo);
3303 }
3304
3305 media_info.dki_media_type = DK_FIXED_DISK;
3306 media_info.dki_lbsize = 1U << shift;
3307 media_info.dki_capacity =
3308 (lsp->ls_vp_size - lsp->ls_crypto_offset) >> shift;
3309
3310 if (ddi_copyout(&media_info, (void *)arg, size, flag))
3311 return (EFAULT);
3312 return (0);
3313 }
3314 case DKIOCREMOVABLE: {
3315 int i = 0;
3316 if (ddi_copyout(&i, (caddr_t)arg, sizeof (int), flag))
3317 return (EFAULT);
3318 return (0);
3319 }
3320
3321 case DKIOCGVTOC: {
3322 struct vtoc vt;
3323 fake_disk_vtoc(lsp, &vt);
3324
3325 switch (ddi_model_convert_from(flag & FMODELS)) {
3326 case DDI_MODEL_ILP32: {
3327 struct vtoc32 vtoc32;
3328
3329 vtoctovtoc32(vt, vtoc32);
3330 if (ddi_copyout(&vtoc32, (void *)arg,
3331 sizeof (struct vtoc32), flag))
3332 return (EFAULT);
3333 break;
3334 }
3335
3336 case DDI_MODEL_NONE:
3337 if (ddi_copyout(&vt, (void *)arg,
3338 sizeof (struct vtoc), flag))
3339 return (EFAULT);
3340 break;
3341 }
3342 return (0);
3343 }
3344 case DKIOCINFO: {
3345 struct dk_cinfo ci;
3346 fake_disk_info(dev, &ci);
3347 if (ddi_copyout(&ci, (void *)arg, sizeof (ci), flag))
3348 return (EFAULT);
3349 return (0);
3350 }
3351 case DKIOCG_VIRTGEOM:
3352 case DKIOCG_PHYGEOM:
3353 case DKIOCGGEOM:
3354 error = ddi_copyout(&lsp->ls_dkg, (void *)arg,
3355 sizeof (struct dk_geom), flag);
3356 if (error)
3357 return (EFAULT);
3358 return (0);
3359 case DKIOCSTATE:
3360 /*
3361 * Normally, lofi devices are always in the INSERTED state. If
3362 * a device is forcefully unmapped, then the device transitions
3363 * to the DKIO_DEV_GONE state.
3364 */
3365 if (ddi_copyin((void *)arg, &dkstate, sizeof (dkstate),
3366 flag) != 0)
3367 return (EFAULT);
3368
3369 mutex_enter(&lsp->ls_vp_lock);
3370 while (((dkstate == DKIO_INSERTED && lsp->ls_vp != NULL) ||
3371 (dkstate == DKIO_DEV_GONE && lsp->ls_vp == NULL)) &&
3372 !lsp->ls_cleanup) {
3373 /*
3374 * By virtue of having the device open, we know that
3375 * 'lsp' will remain valid when we return.
3376 */
3377 if (!cv_wait_sig(&lsp->ls_vp_cv, &lsp->ls_vp_lock)) {
3378 mutex_exit(&lsp->ls_vp_lock);
3379 return (EINTR);
3380 }
3381 }
3382
3383 dkstate = (!lsp->ls_cleanup && lsp->ls_vp != NULL ?
3384 DKIO_INSERTED : DKIO_DEV_GONE);
3385 mutex_exit(&lsp->ls_vp_lock);
3386
3387 if (ddi_copyout(&dkstate, (void *)arg,
3388 sizeof (dkstate), flag) != 0)
3389 return (EFAULT);
3390 return (0);
3391 case USCSICMD: {
3392 struct uscsi_cmd uscmd;
3393 union scsi_cdb cdb;
3394
3395 if (uscsi_is_inquiry(arg, flag, &cdb, &uscmd) == 0) {
3396 struct scsi_inquiry inq = {0};
3397
3398 lofi_create_inquiry(lsp, &inq);
3399 if (ddi_copyout(&inq, uscmd.uscsi_bufaddr,
3400 uscmd.uscsi_buflen, flag) != 0)
3401 return (EFAULT);
3402 return (0);
3403 } else if (cdb.scc_cmd == SCMD_READ_CAPACITY) {
3404 struct scsi_capacity capacity;
3405
3406 capacity.capacity =
3407 BE_32((lsp->ls_vp_size - lsp->ls_crypto_offset) >>
3408 lsp->ls_lbshift);
3409 capacity.lbasize = BE_32(1 << lsp->ls_lbshift);
3410 if (ddi_copyout(&capacity, uscmd.uscsi_bufaddr,
3411 uscmd.uscsi_buflen, flag) != 0)
3412 return (EFAULT);
3413 return (0);
3414 }
3415
3416 uscmd.uscsi_rqstatus = 0xff;
3417 #ifdef _MULTI_DATAMODEL
3418 switch (ddi_model_convert_from(flag & FMODELS)) {
3419 case DDI_MODEL_ILP32: {
3420 struct uscsi_cmd32 ucmd32;
3421 uscsi_cmdtouscsi_cmd32((&uscmd), (&ucmd32));
3422 if (ddi_copyout(&ucmd32, (void *)arg, sizeof (ucmd32),
3423 flag) != 0)
3424 return (EFAULT);
3425 break;
3426 }
3427 case DDI_MODEL_NONE:
3428 if (ddi_copyout(&uscmd, (void *)arg, sizeof (uscmd),
3429 flag) != 0)
3430 return (EFAULT);
3431 break;
3432 default:
3433 return (EFAULT);
3434 }
3435 #else
3436 if (ddi_copyout(&uscmd, (void *)arg, sizeof (uscmd), flag) != 0)
3437 return (EFAULT);
3438 #endif /* _MULTI_DATAMODEL */
3439 return (0);
3440 }
3441 default:
3442 #ifdef DEBUG
3443 cmn_err(CE_WARN, "lofi_ioctl: %d is not implemented\n", cmd);
3444 #endif /* DEBUG */
3445 return (ENOTTY);
3446 }
3447 }
3448
3449 static int
3450 lofi_prop_op(dev_t dev, dev_info_t *dip, ddi_prop_op_t prop_op, int mod_flags,
3451 char *name, caddr_t valuep, int *lengthp)
3452 {
3453 struct lofi_state *lsp;
3454 int rc;
3455
3456 lsp = ddi_get_soft_state(lofi_statep, ddi_get_instance(dip));
3457 if (lsp == NULL) {
3458 return (ddi_prop_op(dev, dip, prop_op, mod_flags,
3459 name, valuep, lengthp));
3460 }
3461
3462 rc = cmlb_prop_op(lsp->ls_cmlbhandle, dev, dip, prop_op, mod_flags,
3463 name, valuep, lengthp, LOFI_PART(getminor(dev)), NULL);
3464 if (rc == DDI_PROP_SUCCESS)
3465 return (rc);
3466
3467 return (ddi_prop_op(DDI_DEV_T_ANY, dip, prop_op, mod_flags,
3468 name, valuep, lengthp));
3469 }
3470
3471 static struct cb_ops lofi_cb_ops = {
3472 lofi_open, /* open */
3473 lofi_close, /* close */
3474 lofi_strategy, /* strategy */
3475 nodev, /* print */
3476 nodev, /* dump */
3477 lofi_read, /* read */
3478 lofi_write, /* write */
3479 lofi_ioctl, /* ioctl */
3480 nodev, /* devmap */
3481 nodev, /* mmap */
3482 nodev, /* segmap */
3483 nochpoll, /* poll */
3484 lofi_prop_op, /* prop_op */
3485 0, /* streamtab */
3486 D_64BIT | D_NEW | D_MP, /* Driver compatibility flag */
3487 CB_REV,
3488 lofi_aread,
3489 lofi_awrite
3490 };
3491
3492 static struct dev_ops lofi_ops = {
3493 DEVO_REV, /* devo_rev, */
3494 0, /* refcnt */
3495 lofi_info, /* info */
3496 nulldev, /* identify */
3497 nulldev, /* probe */
3498 lofi_attach, /* attach */
3499 lofi_detach, /* detach */
3500 nodev, /* reset */
3501 &lofi_cb_ops, /* driver operations */
3502 NULL, /* no bus operations */
3503 NULL, /* power */
3504 ddi_quiesce_not_needed, /* quiesce */
3505 };
3506
3507 static struct modldrv modldrv = {
3508 &mod_driverops,
3509 "loopback file driver",
3510 &lofi_ops,
3511 };
3512
3513 static struct modlinkage modlinkage = {
3514 MODREV_1,
3515 &modldrv,
3516 NULL
3517 };
3518
3519 int
3520 _init(void)
3521 {
3522 int error;
3523
3524 list_create(&lofi_list, sizeof (struct lofi_state),
3525 offsetof(struct lofi_state, ls_list));
3526
3527 error = ddi_soft_state_init((void **)&lofi_statep,
3528 sizeof (struct lofi_state), 0);
3529 if (error) {
3530 list_destroy(&lofi_list);
3531 return (error);
3532 }
3533
3534 /*
3535 * The minor number is stored as id << LOFI_CMLB_SHIFT as
3536 * we need to reserve space for cmlb minor numbers.
3537 * This will leave out 4096 id values on 32bit kernel, which should
3538 * still suffice.
3539 */
3540 lofi_id = id_space_create("lofi_id", 1,
3541 (1 << (L_BITSMINOR - LOFI_CMLB_SHIFT)));
3542
3543 if (lofi_id == NULL) {
3544 ddi_soft_state_fini((void **)&lofi_statep);
3545 list_destroy(&lofi_list);
3546 return (DDI_FAILURE);
3547 }
3548
3549 mutex_init(&lofi_lock, NULL, MUTEX_DRIVER, NULL);
3550
3551 error = mod_install(&modlinkage);
3552
3553 if (error) {
3554 id_space_destroy(lofi_id);
3555 mutex_destroy(&lofi_lock);
3556 ddi_soft_state_fini((void **)&lofi_statep);
3557 list_destroy(&lofi_list);
3558 }
3559
3560 return (error);
3561 }
3562
3563 int
3564 _fini(void)
3565 {
3566 int error;
3567
3568 mutex_enter(&lofi_lock);
3569
3570 if (!list_is_empty(&lofi_list)) {
3571 mutex_exit(&lofi_lock);
3572 return (EBUSY);
3573 }
3574
3575 mutex_exit(&lofi_lock);
3576
3577 error = mod_remove(&modlinkage);
3578 if (error)
3579 return (error);
3580
3581 mutex_destroy(&lofi_lock);
3582 id_space_destroy(lofi_id);
3583 ddi_soft_state_fini((void **)&lofi_statep);
3584 list_destroy(&lofi_list);
3585
3586 return (error);
3587 }
3588
3589 int
3590 _info(struct modinfo *modinfop)
3591 {
3592 return (mod_info(&modlinkage, modinfop));
3593 }