FreeBSD/Linux Kernel Cross Reference
sys/geom/geom_bsd.c
1 /*-
2 * Copyright (c) 2002 Poul-Henning Kamp
3 * Copyright (c) 2002 Networks Associates Technology, Inc.
4 * All rights reserved.
5 *
6 * This software was developed for the FreeBSD Project by Poul-Henning Kamp
7 * and NAI Labs, the Security Research Division of Network Associates, Inc.
8 * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
9 * DARPA CHATS research program.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The names of the authors may not be used to endorse or promote
20 * products derived from this software without specific prior written
21 * permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 /*
37 * This is the method for dealing with BSD disklabels. It has been
38 * extensively (by my standards at least) commented, in the vain hope that
39 * it will serve as the source in future copy&paste operations.
40 */
41
42 #include <sys/cdefs.h>
43 __FBSDID("$FreeBSD: releng/10.4/sys/geom/geom_bsd.c 322860 2017-08-24 21:44:23Z mckusick $");
44
45 #include <sys/param.h>
46 #include <sys/endian.h>
47 #include <sys/systm.h>
48 #include <sys/sysctl.h>
49 #include <sys/kernel.h>
50 #include <sys/fcntl.h>
51 #include <sys/conf.h>
52 #include <sys/bio.h>
53 #include <sys/malloc.h>
54 #include <sys/lock.h>
55 #include <sys/mutex.h>
56 #include <sys/md5.h>
57 #include <sys/errno.h>
58 #include <sys/disklabel.h>
59 #include <sys/gpt.h>
60 #include <sys/proc.h>
61 #include <sys/sbuf.h>
62 #include <sys/uuid.h>
63 #include <geom/geom.h>
64 #include <geom/geom_slice.h>
65
66 FEATURE(geom_bsd, "GEOM BSD disklabels support");
67
68 #define BSD_CLASS_NAME "BSD"
69
70 #define ALPHA_LABEL_OFFSET 64
71 #define HISTORIC_LABEL_OFFSET 512
72
73 #define LABELSIZE (148 + 16 * MAXPARTITIONS)
74
75 static void g_bsd_hotwrite(void *arg, int flag);
76 /*
77 * Our private data about one instance. All the rest is handled by the
78 * slice code and stored in its softc, so this is just the stuff
79 * specific to BSD disklabels.
80 */
81 struct g_bsd_softc {
82 off_t labeloffset;
83 off_t mbroffset;
84 off_t rawoffset;
85 struct disklabel ondisk;
86 u_char label[LABELSIZE];
87 u_char labelsum[16];
88 };
89
90 /*
91 * Modify our slicer to match proposed disklabel, if possible.
92 * This is where we make sure we don't do something stupid.
93 */
94 static int
95 g_bsd_modify(struct g_geom *gp, u_char *label)
96 {
97 int i, error;
98 struct partition *ppp;
99 struct g_slicer *gsp;
100 struct g_consumer *cp;
101 struct g_bsd_softc *ms;
102 u_int secsize, u;
103 off_t rawoffset, o;
104 struct disklabel dl;
105 MD5_CTX md5sum;
106
107 g_topology_assert();
108 gsp = gp->softc;
109 ms = gsp->softc;
110
111 error = bsd_disklabel_le_dec(label, &dl, MAXPARTITIONS);
112 if (error) {
113 return (error);
114 }
115
116 /* Get dimensions of our device. */
117 cp = LIST_FIRST(&gp->consumer);
118 secsize = cp->provider->sectorsize;
119
120 /* ... or a smaller sector size. */
121 if (dl.d_secsize < secsize) {
122 return (EINVAL);
123 }
124
125 /* ... or a non-multiple sector size. */
126 if (dl.d_secsize % secsize != 0) {
127 return (EINVAL);
128 }
129
130 /* Historical braindamage... */
131 rawoffset = (off_t)dl.d_partitions[RAW_PART].p_offset * dl.d_secsize;
132
133 for (i = 0; i < dl.d_npartitions; i++) {
134 ppp = &dl.d_partitions[i];
135 if (ppp->p_size == 0)
136 continue;
137 o = (off_t)ppp->p_offset * dl.d_secsize;
138
139 if (o < rawoffset)
140 rawoffset = 0;
141 }
142
143 if (rawoffset != 0 && (off_t)rawoffset != ms->mbroffset)
144 printf("WARNING: %s expected rawoffset %jd, found %jd\n",
145 gp->name,
146 (intmax_t)ms->mbroffset/dl.d_secsize,
147 (intmax_t)rawoffset/dl.d_secsize);
148
149 /* Don't munge open partitions. */
150 for (i = 0; i < dl.d_npartitions; i++) {
151 ppp = &dl.d_partitions[i];
152
153 o = (off_t)ppp->p_offset * dl.d_secsize;
154 if (o == 0)
155 o = rawoffset;
156 error = g_slice_config(gp, i, G_SLICE_CONFIG_CHECK,
157 o - rawoffset,
158 (off_t)ppp->p_size * dl.d_secsize,
159 dl.d_secsize,
160 "%s%c", gp->name, 'a' + i);
161 if (error)
162 return (error);
163 }
164
165 /* Look good, go for it... */
166 for (u = 0; u < gsp->nslice; u++) {
167 ppp = &dl.d_partitions[u];
168 o = (off_t)ppp->p_offset * dl.d_secsize;
169 if (o == 0)
170 o = rawoffset;
171 g_slice_config(gp, u, G_SLICE_CONFIG_SET,
172 o - rawoffset,
173 (off_t)ppp->p_size * dl.d_secsize,
174 dl.d_secsize,
175 "%s%c", gp->name, 'a' + u);
176 }
177
178 /* Update our softc */
179 ms->ondisk = dl;
180 if (label != ms->label)
181 bcopy(label, ms->label, LABELSIZE);
182 ms->rawoffset = rawoffset;
183
184 /*
185 * In order to avoid recursively attaching to the same
186 * on-disk label (it's usually visible through the 'c'
187 * partition) we calculate an MD5 and ask if other BSD's
188 * below us love that label. If they do, we don't.
189 */
190 MD5Init(&md5sum);
191 MD5Update(&md5sum, ms->label, sizeof(ms->label));
192 MD5Final(ms->labelsum, &md5sum);
193
194 return (0);
195 }
196
197 /*
198 * This is an internal helper function, called multiple times from the taste
199 * function to try to locate a disklabel on the disk. More civilized formats
200 * will not need this, as there is only one possible place on disk to look
201 * for the magic spot.
202 */
203
204 static int
205 g_bsd_try(struct g_geom *gp, struct g_slicer *gsp, struct g_consumer *cp, int secsize, struct g_bsd_softc *ms, off_t offset)
206 {
207 int error;
208 u_char *buf;
209 struct disklabel *dl;
210 off_t secoff;
211
212 /*
213 * We need to read entire aligned sectors, and we assume that the
214 * disklabel does not span sectors, so one sector is enough.
215 */
216 secoff = offset % secsize;
217 buf = g_read_data(cp, offset - secoff, secsize, NULL);
218 if (buf == NULL)
219 return (ENOENT);
220
221 /* Decode into our native format. */
222 dl = &ms->ondisk;
223 error = bsd_disklabel_le_dec(buf + secoff, dl, MAXPARTITIONS);
224 if (!error)
225 bcopy(buf + secoff, ms->label, LABELSIZE);
226
227 /* Remember to free the buffer g_read_data() gave us. */
228 g_free(buf);
229
230 ms->labeloffset = offset;
231 return (error);
232 }
233
234 /*
235 * This function writes the current label to disk, possibly updating
236 * the alpha SRM checksum.
237 */
238
239 static int
240 g_bsd_writelabel(struct g_geom *gp, u_char *bootcode)
241 {
242 off_t secoff;
243 u_int secsize;
244 struct g_consumer *cp;
245 struct g_slicer *gsp;
246 struct g_bsd_softc *ms;
247 u_char *buf;
248 uint64_t sum;
249 int error, i;
250
251 gsp = gp->softc;
252 ms = gsp->softc;
253 cp = LIST_FIRST(&gp->consumer);
254 /* Get sector size, we need it to read data. */
255 secsize = cp->provider->sectorsize;
256 secoff = ms->labeloffset % secsize;
257 if (bootcode == NULL) {
258 buf = g_read_data(cp, ms->labeloffset - secoff, secsize, &error);
259 if (buf == NULL)
260 return (error);
261 bcopy(ms->label, buf + secoff, sizeof(ms->label));
262 } else {
263 buf = bootcode;
264 bcopy(ms->label, buf + ms->labeloffset, sizeof(ms->label));
265 }
266 if (ms->labeloffset == ALPHA_LABEL_OFFSET) {
267 sum = 0;
268 for (i = 0; i < 63; i++)
269 sum += le64dec(buf + i * 8);
270 le64enc(buf + 504, sum);
271 }
272 if (bootcode == NULL) {
273 error = g_write_data(cp, ms->labeloffset - secoff, buf, secsize);
274 g_free(buf);
275 } else {
276 error = g_write_data(cp, 0, bootcode, BBSIZE);
277 }
278 return(error);
279 }
280
281 /*
282 * If the user tries to overwrite our disklabel through an open partition
283 * or via a magicwrite config call, we end up here and try to prevent
284 * footshooting as best we can.
285 */
286 static void
287 g_bsd_hotwrite(void *arg, int flag)
288 {
289 struct bio *bp;
290 struct g_geom *gp;
291 struct g_slicer *gsp;
292 struct g_slice *gsl;
293 struct g_bsd_softc *ms;
294 u_char *p;
295 int error;
296
297 g_topology_assert();
298 /*
299 * We should never get canceled, because that would amount to a removal
300 * of the geom while there was outstanding I/O requests.
301 */
302 KASSERT(flag != EV_CANCEL, ("g_bsd_hotwrite cancelled"));
303 bp = arg;
304 gp = bp->bio_to->geom;
305 gsp = gp->softc;
306 ms = gsp->softc;
307 gsl = &gsp->slices[bp->bio_to->index];
308 p = (u_char*)bp->bio_data + ms->labeloffset -
309 (bp->bio_offset + gsl->offset);
310 error = g_bsd_modify(gp, p);
311 if (error) {
312 g_io_deliver(bp, EPERM);
313 return;
314 }
315 g_slice_finish_hot(bp);
316 }
317
318 static int
319 g_bsd_start(struct bio *bp)
320 {
321 struct g_geom *gp;
322 struct g_bsd_softc *ms;
323 struct g_slicer *gsp;
324
325 gp = bp->bio_to->geom;
326 gsp = gp->softc;
327 ms = gsp->softc;
328 if (bp->bio_cmd == BIO_GETATTR) {
329 if (g_handleattr(bp, "BSD::labelsum", ms->labelsum,
330 sizeof(ms->labelsum)))
331 return (1);
332 }
333 return (0);
334 }
335
336 /*
337 * Dump configuration information in XML format.
338 * Notice that the function is called once for the geom and once for each
339 * consumer and provider. We let g_slice_dumpconf() do most of the work.
340 */
341 static void
342 g_bsd_dumpconf(struct sbuf *sb, const char *indent, struct g_geom *gp, struct g_consumer *cp, struct g_provider *pp)
343 {
344 struct g_bsd_softc *ms;
345 struct g_slicer *gsp;
346
347 gsp = gp->softc;
348 ms = gsp->softc;
349 g_slice_dumpconf(sb, indent, gp, cp, pp);
350 if (indent != NULL && pp == NULL && cp == NULL) {
351 sbuf_printf(sb, "%s<labeloffset>%jd</labeloffset>\n",
352 indent, (intmax_t)ms->labeloffset);
353 sbuf_printf(sb, "%s<rawoffset>%jd</rawoffset>\n",
354 indent, (intmax_t)ms->rawoffset);
355 sbuf_printf(sb, "%s<mbroffset>%jd</mbroffset>\n",
356 indent, (intmax_t)ms->mbroffset);
357 } else if (pp != NULL) {
358 if (indent == NULL)
359 sbuf_printf(sb, " ty %d",
360 ms->ondisk.d_partitions[pp->index].p_fstype);
361 else
362 sbuf_printf(sb, "%s<type>%d</type>\n", indent,
363 ms->ondisk.d_partitions[pp->index].p_fstype);
364 }
365 }
366
367 /*
368 * The taste function is called from the event-handler, with the topology
369 * lock already held and a provider to examine. The flags are unused.
370 *
371 * If flags == G_TF_NORMAL, the idea is to take a bite of the provider and
372 * if we find valid, consistent magic on it, build a geom on it.
373 *
374 * There may be cases where the operator would like to put a BSD-geom on
375 * providers which do not meet all of the requirements. This can be done
376 * by instead passing the G_TF_INSIST flag, which will override these
377 * checks.
378 *
379 * The final flags value is G_TF_TRANSPARENT, which instructs the method
380 * to put a geom on top of the provider and configure it to be as transparent
381 * as possible. This is not really relevant to the BSD method and therefore
382 * not implemented here.
383 */
384
385 static struct uuid freebsd_slice = GPT_ENT_TYPE_FREEBSD;
386
387 static struct g_geom *
388 g_bsd_taste(struct g_class *mp, struct g_provider *pp, int flags)
389 {
390 struct g_geom *gp;
391 struct g_consumer *cp;
392 int error, i;
393 struct g_bsd_softc *ms;
394 u_int secsize;
395 struct g_slicer *gsp;
396 u_char hash[16];
397 MD5_CTX md5sum;
398 struct uuid uuid;
399
400 g_trace(G_T_TOPOLOGY, "bsd_taste(%s,%s)", mp->name, pp->name);
401 g_topology_assert();
402
403 /* We don't implement transparent inserts. */
404 if (flags == G_TF_TRANSPARENT)
405 return (NULL);
406
407 /*
408 * BSD labels are a subclass of the general "slicing" topology so
409 * a lot of the work can be done by the common "slice" code.
410 * Create a geom with space for MAXPARTITIONS providers, one consumer
411 * and a softc structure for us. Specify the provider to attach
412 * the consumer to and our "start" routine for special requests.
413 * The provider is opened with mode (1,0,0) so we can do reads
414 * from it.
415 */
416 gp = g_slice_new(mp, MAXPARTITIONS, pp, &cp, &ms,
417 sizeof(*ms), g_bsd_start);
418 if (gp == NULL)
419 return (NULL);
420
421 /* Get the geom_slicer softc from the geom. */
422 gsp = gp->softc;
423
424 /*
425 * The do...while loop here allows us to have multiple escapes
426 * using a simple "break". This improves code clarity without
427 * ending up in deep nesting and without using goto or come from.
428 */
429 do {
430 /*
431 * If the provider is an MBR we will only auto attach
432 * to type 165 slices in the G_TF_NORMAL case. We will
433 * attach to any other type.
434 */
435 error = g_getattr("MBR::type", cp, &i);
436 if (!error) {
437 if (i != 165 && flags == G_TF_NORMAL)
438 break;
439 error = g_getattr("MBR::offset", cp, &ms->mbroffset);
440 if (error)
441 break;
442 }
443
444 /* Same thing if we are inside a PC98 */
445 error = g_getattr("PC98::type", cp, &i);
446 if (!error) {
447 if (i != 0xc494 && flags == G_TF_NORMAL)
448 break;
449 error = g_getattr("PC98::offset", cp, &ms->mbroffset);
450 if (error)
451 break;
452 }
453
454 /* Same thing if we are inside a GPT */
455 error = g_getattr("GPT::type", cp, &uuid);
456 if (!error) {
457 if (memcmp(&uuid, &freebsd_slice, sizeof(uuid)) != 0 &&
458 flags == G_TF_NORMAL)
459 break;
460 }
461
462 /* Get sector size, we need it to read data. */
463 secsize = cp->provider->sectorsize;
464 if (secsize < 512)
465 break;
466
467 /* First look for a label at the start of the second sector. */
468 error = g_bsd_try(gp, gsp, cp, secsize, ms, secsize);
469
470 /*
471 * If sector size is not 512 the label still can be at
472 * offset 512, not at the start of the second sector. At least
473 * it's true for labels created by the FreeBSD's bsdlabel(8).
474 */
475 if (error && secsize != HISTORIC_LABEL_OFFSET)
476 error = g_bsd_try(gp, gsp, cp, secsize, ms,
477 HISTORIC_LABEL_OFFSET);
478
479 /* Next, look for alpha labels */
480 if (error)
481 error = g_bsd_try(gp, gsp, cp, secsize, ms,
482 ALPHA_LABEL_OFFSET);
483
484 /* If we didn't find a label, punt. */
485 if (error)
486 break;
487
488 /*
489 * In order to avoid recursively attaching to the same
490 * on-disk label (it's usually visible through the 'c'
491 * partition) we calculate an MD5 and ask if other BSD's
492 * below us love that label. If they do, we don't.
493 */
494 MD5Init(&md5sum);
495 MD5Update(&md5sum, ms->label, sizeof(ms->label));
496 MD5Final(ms->labelsum, &md5sum);
497
498 error = g_getattr("BSD::labelsum", cp, &hash);
499 if (!error && !bcmp(ms->labelsum, hash, sizeof(hash)))
500 break;
501
502 /*
503 * Process the found disklabel, and modify our "slice"
504 * instance to match it, if possible.
505 */
506 error = g_bsd_modify(gp, ms->label);
507 } while (0);
508
509 /* Success or failure, we can close our provider now. */
510 g_access(cp, -1, 0, 0);
511
512 /* If we have configured any providers, return the new geom. */
513 if (gsp->nprovider > 0) {
514 g_slice_conf_hot(gp, 0, ms->labeloffset, LABELSIZE,
515 G_SLICE_HOT_ALLOW, G_SLICE_HOT_DENY, G_SLICE_HOT_CALL);
516 gsp->hot = g_bsd_hotwrite;
517 return (gp);
518 }
519 /*
520 * ...else push the "self-destruct" button, by spoiling our own
521 * consumer. This triggers a call to g_slice_spoiled which will
522 * dismantle what was setup.
523 */
524 g_slice_spoiled(cp);
525 return (NULL);
526 }
527
528 struct h0h0 {
529 struct g_geom *gp;
530 struct g_bsd_softc *ms;
531 u_char *label;
532 int error;
533 };
534
535 static void
536 g_bsd_callconfig(void *arg, int flag)
537 {
538 struct h0h0 *hp;
539
540 hp = arg;
541 hp->error = g_bsd_modify(hp->gp, hp->label);
542 if (!hp->error)
543 hp->error = g_bsd_writelabel(hp->gp, NULL);
544 }
545
546 /*
547 * NB! curthread is user process which GCTL'ed.
548 */
549 static void
550 g_bsd_config(struct gctl_req *req, struct g_class *mp, char const *verb)
551 {
552 u_char *label;
553 int error;
554 struct h0h0 h0h0;
555 struct g_geom *gp;
556 struct g_slicer *gsp;
557 struct g_consumer *cp;
558 struct g_bsd_softc *ms;
559
560 g_topology_assert();
561 gp = gctl_get_geom(req, mp, "geom");
562 if (gp == NULL)
563 return;
564 cp = LIST_FIRST(&gp->consumer);
565 gsp = gp->softc;
566 ms = gsp->softc;
567 if (!strcmp(verb, "read mbroffset")) {
568 gctl_set_param_err(req, "mbroffset", &ms->mbroffset,
569 sizeof(ms->mbroffset));
570 return;
571 } else if (!strcmp(verb, "write label")) {
572 label = gctl_get_paraml(req, "label", LABELSIZE);
573 if (label == NULL)
574 return;
575 h0h0.gp = gp;
576 h0h0.ms = gsp->softc;
577 h0h0.label = label;
578 h0h0.error = -1;
579 /* XXX: Does this reference register with our selfdestruct code ? */
580 error = g_access(cp, 1, 1, 1);
581 if (error) {
582 gctl_error(req, "could not access consumer");
583 return;
584 }
585 g_bsd_callconfig(&h0h0, 0);
586 error = h0h0.error;
587 g_access(cp, -1, -1, -1);
588 } else if (!strcmp(verb, "write bootcode")) {
589 label = gctl_get_paraml(req, "bootcode", BBSIZE);
590 if (label == NULL)
591 return;
592 /* XXX: Does this reference register with our selfdestruct code ? */
593 error = g_access(cp, 1, 1, 1);
594 if (error) {
595 gctl_error(req, "could not access consumer");
596 return;
597 }
598 error = g_bsd_writelabel(gp, label);
599 g_access(cp, -1, -1, -1);
600 } else {
601 gctl_error(req, "Unknown verb parameter");
602 }
603
604 return;
605 }
606
607 /* Finally, register with GEOM infrastructure. */
608 static struct g_class g_bsd_class = {
609 .name = BSD_CLASS_NAME,
610 .version = G_VERSION,
611 .taste = g_bsd_taste,
612 .ctlreq = g_bsd_config,
613 .dumpconf = g_bsd_dumpconf,
614 };
615
616 DECLARE_GEOM_CLASS(g_bsd_class, g_bsd);
Cache object: 50eed0cc7615518f52368dd9d2bf00fd
|