1#![recursion_limit = "512"]
6
7use bitflags::bitflags;
8use fsverity_merkle::{FsVerityHasher, FsVerityHasherOptions};
9use linux_uapi::DM_UUID_LEN;
10use mundane::hash::{Digest, Hasher, Sha256, Sha512};
11use starnix_core::device::DeviceMode;
12use starnix_core::device::kobject::{Device, DeviceMetadata};
13use starnix_core::fs::sysfs::{BlockDeviceInfo, build_block_device_directory};
14use starnix_core::mm::memory::MemoryObject;
15use starnix_core::mm::{MemoryAccessor, MemoryAccessorExt, ProtectionFlags};
16use starnix_core::task::{CurrentTask, Kernel};
17use starnix_core::vfs::buffers::{InputBuffer, VecOutputBuffer};
18use starnix_core::vfs::{
19 FileHandle, FileObject, FileObjectState, FileOps, FsString, NamespaceNode, OutputBuffer,
20 default_ioctl, fileops_impl_dataless, fileops_impl_noop_sync, fileops_impl_seekable,
21 fileops_impl_seekless,
22};
23use starnix_ext::map_ext::EntryExt;
24use starnix_logging::{log_trace, track_stub};
25use starnix_sync::{FileOpsCore, LockEqualOrBefore, Locked, Mutex, Unlocked};
26use starnix_syscalls::{SUCCESS, SyscallArg, SyscallResult};
27use starnix_uapi::device_type::{DEVICE_MAPPER_MAJOR, DeviceType, LOOP_MAJOR};
28use starnix_uapi::errors::Errno;
29use starnix_uapi::open_flags::OpenFlags;
30use starnix_uapi::user_address::{UserCString, UserRef};
31use starnix_uapi::{
32 DM_ACTIVE_PRESENT_FLAG, DM_BUFFER_FULL_FLAG, DM_DEV_ARM_POLL, DM_DEV_CREATE, DM_DEV_REMOVE,
33 DM_DEV_RENAME, DM_DEV_SET_GEOMETRY, DM_DEV_STATUS, DM_DEV_SUSPEND, DM_DEV_WAIT,
34 DM_GET_TARGET_VERSION, DM_IMA_MEASUREMENT_FLAG, DM_INACTIVE_PRESENT_FLAG, DM_LIST_DEVICES,
35 DM_LIST_VERSIONS, DM_MAX_TYPE_NAME, DM_NAME_LEN, DM_NAME_LIST_FLAG_DOESNT_HAVE_UUID,
36 DM_NAME_LIST_FLAG_HAS_UUID, DM_READONLY_FLAG, DM_REMOVE_ALL, DM_STATUS_TABLE_FLAG,
37 DM_SUSPEND_FLAG, DM_TABLE_CLEAR, DM_TABLE_DEPS, DM_TABLE_LOAD, DM_TABLE_STATUS, DM_TARGET_MSG,
38 DM_UEVENT_GENERATED_FLAG, DM_VERSION, DM_VERSION_MAJOR, DM_VERSION_MINOR,
39 DM_VERSION_PATCHLEVEL, errno, error, uapi,
40};
41use std::collections::btree_map::{BTreeMap, Entry};
42use std::ops::Sub;
43use std::sync::Arc;
44
45const SECTOR_SIZE: u64 = 512;
46const DATA_SIZE: u32 = 305;
49const DM_VERITY_VERSION_MAJOR: u32 = 1;
51const DM_VERITY_VERSION_MINOR: u32 = 9;
52const DM_VERITY_VERSION_PATCHLEVEL: u32 = 0;
53
54bitflags! {
55 #[derive(Clone, Copy, Debug, Default, PartialEq, Eq, PartialOrd, Ord, Hash)]
56 struct DeviceMapperFlags: u32 {
57 const ACTIVE_PRESENT = DM_ACTIVE_PRESENT_FLAG;
58 const INACTIVE_PRESENT = DM_INACTIVE_PRESENT_FLAG;
59 const READONLY = DM_READONLY_FLAG;
60 const SUSPEND = DM_SUSPEND_FLAG;
61 const UEVENT_GENERATED = DM_UEVENT_GENERATED_FLAG;
62 const BUFFER_FULL = DM_BUFFER_FULL_FLAG;
63 const STATUS_TABLE = DM_STATUS_TABLE_FLAG;
64 const IMA_MEASUREMENT = DM_IMA_MEASUREMENT_FLAG;
65 const DM_NAME_LIST_HAS_UUID = DM_NAME_LIST_FLAG_HAS_UUID;
66 const DM_NAME_LIST_NO_UUID = DM_NAME_LIST_FLAG_DOESNT_HAVE_UUID;
67 }
68}
69
70pub fn device_mapper_init(locked: &mut Locked<Unlocked>, kernel: &Kernel) -> Result<(), Errno> {
71 kernel.device_registry.register_major(
72 locked,
73 "device-mapper".into(),
74 DeviceMode::Block,
75 DEVICE_MAPPER_MAJOR,
76 get_or_create_dm_device,
77 )?;
78 Ok(())
79}
80
81#[derive(Debug, Default)]
82pub struct DeviceMapperRegistry {
83 devices: Mutex<BTreeMap<u32, Arc<DmDevice>>>,
84}
85
86impl DeviceMapperRegistry {
87 fn get(&self, io: &uapi::dm_ioctl) -> Result<Arc<DmDevice>, Errno> {
89 if io.name != [0; DM_NAME_LEN as usize] {
90 if io.uuid != [0; DM_UUID_LEN as usize] || io.dev > 0 {
91 return error!(EINVAL);
92 } else {
93 return self.get_by_name(io.name);
94 }
95 }
96 if io.uuid != [0; DM_UUID_LEN as usize] {
97 if io.dev > 0 {
98 return error!(EINVAL);
99 } else {
100 return self.get_by_uuid(io.uuid);
101 }
102 }
103 let dev_minor = ((io.dev >> 12 & 0xffffff00) | (io.dev & 0xff)) as u32;
104 self.devices.lock().get(&dev_minor).ok_or_else(|| errno!(ENODEV)).cloned()
105 }
106
107 fn get_by_name(
108 &self,
109 name: [std::ffi::c_char; DM_NAME_LEN as usize],
110 ) -> Result<Arc<DmDevice>, Errno> {
111 let devices = self.devices.lock();
112 let entry = devices.iter().find(|(_, device)| {
113 let state = device.state.lock();
114 state.name == name
115 });
116 if let Some((_, device)) = entry { Ok(device.clone()) } else { error!(ENODEV) }
117 }
118
119 fn get_by_uuid(
120 &self,
121 uuid: [std::ffi::c_char; DM_UUID_LEN as usize],
122 ) -> Result<Arc<DmDevice>, Errno> {
123 let devices = self.devices.lock();
124 let entry = devices.iter().find(|(_, device)| {
125 let state = device.state.lock();
126 state.uuid == uuid
127 });
128 if let Some((_, device)) = entry { Ok(device.clone()) } else { error!(ENODEV) }
129 }
130
131 fn get_or_create_by_minor<L>(
132 &self,
133 locked: &mut Locked<L>,
134 current_task: &CurrentTask,
135 minor: u32,
136 ) -> Result<Arc<DmDevice>, Errno>
137 where
138 L: LockEqualOrBefore<FileOpsCore>,
139 {
140 self.devices
141 .lock()
142 .entry(minor)
143 .or_insert_with_fallible(|| DmDevice::new(locked, current_task, minor))
144 .cloned()
145 }
146
147 fn find<L>(
150 &self,
151 locked: &mut Locked<L>,
152 current_task: &CurrentTask,
153 ) -> Result<Arc<DmDevice>, Errno>
154 where
155 L: LockEqualOrBefore<FileOpsCore>,
156 {
157 let mut devices = self.devices.lock();
158 for minor in 0..u32::MAX {
159 match devices.entry(minor) {
160 Entry::Vacant(e) => {
161 let device = DmDevice::new(locked, current_task, minor)?;
162 e.insert(device.clone());
163 return Ok(device);
164 }
165 Entry::Occupied(_) => {}
166 }
167 }
168 error!(ENODEV)
169 }
170
171 fn remove<L>(
173 &self,
174 locked: &mut Locked<L>,
175 current_task: &CurrentTask,
176 devices: &mut BTreeMap<u32, Arc<DmDevice>>,
177 minor: u32,
178 k_device: &Option<Device>,
179 ) -> Result<(), Errno>
180 where
181 L: LockEqualOrBefore<FileOpsCore>,
182 {
183 devices.remove(&minor).ok_or_else(|| errno!(ENODEV))?;
184 let kernel = current_task.kernel();
185 let registry = &kernel.device_registry;
186 if let Some(dev) = &k_device {
187 registry.remove_device(locked, current_task, dev.clone());
188 } else {
189 return error!(EINVAL);
190 }
191 Ok(())
192 }
193}
194#[derive(Debug, Default)]
195pub struct DmDevice {
196 number: DeviceType,
197 state: Mutex<DmDeviceState>,
198}
199
200impl DmDevice {
201 fn new<L>(
202 locked: &mut Locked<L>,
203 current_task: &CurrentTask,
204 minor: u32,
205 ) -> Result<Arc<Self>, Errno>
206 where
207 L: LockEqualOrBefore<FileOpsCore>,
208 {
209 let kernel = current_task.kernel();
210 let registry = &kernel.device_registry;
211 let dm_device_name = FsString::from(format!("dm-{minor}"));
212 let virtual_block_class = registry.objects.virtual_block_class();
213 let device = Arc::new(Self {
214 number: DeviceType::new(DEVICE_MAPPER_MAJOR, minor),
215 ..Default::default()
216 });
217 let device_weak = Arc::<DmDevice>::downgrade(&device);
218 let k_device = registry.add_device(
219 locked,
220 current_task,
221 dm_device_name.as_ref(),
222 DeviceMetadata::new(
223 dm_device_name.clone(),
224 DeviceType::new(DEVICE_MAPPER_MAJOR, minor),
225 DeviceMode::Block,
226 ),
227 virtual_block_class,
228 |device, dir| build_block_device_directory(device, device_weak, dir),
229 )?;
230 {
231 let mut state = device.state.lock();
232 state.set_k_device(k_device);
233 }
234 Ok(device)
235 }
236
237 fn create_file_ops(self: &Arc<Self>) -> Box<dyn FileOps> {
238 let mut state = self.state.lock();
239 state.open_count += 1;
240 Box::new(DmDeviceFile { device: self.clone() })
241 }
242}
243
244impl BlockDeviceInfo for DmDevice {
245 fn size(&self) -> Result<usize, Errno> {
246 let state = self.state.lock();
247 if !state.suspended {
248 if let Some(active_table) = &state.active_table {
249 Ok(active_table.size())
250 } else {
251 Ok(0)
252 }
253 } else {
254 Ok(0)
255 }
256 }
257}
258struct DmDeviceFile {
259 device: Arc<DmDevice>,
260}
261
262fn verify_read(
263 buffer: &VecOutputBuffer,
264 args: &mut VerityTargetParams,
265 offset: usize,
266) -> Result<(), Errno> {
267 let (hasher, digest_size) = match args.base_args.hash_algorithm.as_str() {
268 "sha256" => {
269 let hasher = FsVerityHasher::Sha256(FsVerityHasherOptions::new_dmverity(
270 hex::decode(args.base_args.salt.clone()).unwrap(),
271 args.base_args.hash_block_size as usize,
272 ));
273 (hasher, <Sha256 as Hasher>::Digest::DIGEST_LEN)
274 }
275 "sha512" => {
276 let hasher = FsVerityHasher::Sha512(FsVerityHasherOptions::new_dmverity(
277 hex::decode(args.base_args.salt.clone()).unwrap(),
278 args.base_args.hash_block_size as usize,
279 ));
280 (hasher, <Sha512 as Hasher>::Digest::DIGEST_LEN)
281 }
282 _ => return error!(ENOTSUP),
283 };
284
285 let leaf_nodes: Vec<&[u8]> = args.hash_device.chunks(digest_size).collect();
286 let mut leaf_nodes_offset = offset;
287
288 for b in buffer.data().chunks(args.base_args.hash_block_size as usize) {
289 if hasher.hash_block(b)
290 != leaf_nodes[leaf_nodes_offset / args.base_args.hash_block_size as usize]
291 {
292 args.corrupted = true;
293 return error!(EINVAL);
294 }
295
296 leaf_nodes_offset += args.base_args.hash_block_size as usize;
297 }
298 Ok(())
299}
300
301impl FileOps for DmDeviceFile {
302 fileops_impl_seekable!();
303
304 fileops_impl_noop_sync!();
306
307 fn write(
308 &self,
309 _locked: &mut Locked<FileOpsCore>,
310 _file: &FileObject,
311 _current_task: &CurrentTask,
312 _offset: usize,
313 _data: &mut dyn InputBuffer,
314 ) -> Result<usize, Errno> {
315 error!(ENOTSUP)
316 }
317
318 fn read(
319 &self,
320 locked: &mut Locked<FileOpsCore>,
321 _file: &FileObject,
322 current_task: &CurrentTask,
323 offset: usize,
324 data: &mut dyn OutputBuffer,
325 ) -> Result<usize, Errno> {
326 let device = &self.device;
327 let mut state = device.state.lock();
328 if state.suspended {
329 track_stub!(TODO("https://fxbug.dev/338241090"), "Defer io for suspended devices.");
330 return Ok(0);
331 }
332 if let Some(active_table) = &mut state.active_table {
333 let mut bytes_read = 0;
334 let to_read = std::cmp::min(
335 data.available(),
336 active_table.size().checked_sub(offset).ok_or_else(|| errno!(EINVAL))?,
337 );
338 let mut buffer = VecOutputBuffer::new(to_read);
339 if active_table.targets.len() > 1 {
340 track_stub!(
341 TODO("https://fxbug.dev/339701082"),
342 "Support reads for multiple targets."
343 );
344 return error!(ENOTSUP);
345 }
346 let target = &mut active_table.targets[0];
347 let start = (target.sector_start * SECTOR_SIZE) as usize;
348 debug_assert!(start == 0);
349 let size = (target.length * SECTOR_SIZE) as usize;
350 if offset >= start && offset < start + size {
351 match &mut target.target_type {
352 TargetType::Verity(args) => {
353 if to_read % args.base_args.hash_block_size as usize != 0 {
354 return error!(EINVAL);
355 }
356 let read = args.block_device.read_at(
357 locked,
358 current_task,
359 offset - start,
360 &mut buffer,
361 )?;
362 bytes_read += read;
363 verify_read(&buffer, args, offset - start)?;
364 }
365 }
366 }
367 let read = data.write_all(buffer.data())?;
368 debug_assert!(read == bytes_read);
369 Ok(bytes_read)
370 } else {
371 Ok(0)
372 }
373 }
374
375 fn get_memory(
376 &self,
377 locked: &mut Locked<FileOpsCore>,
378 _file: &FileObject,
379 current_task: &CurrentTask,
380 length: Option<usize>,
381 prot: ProtectionFlags,
382 ) -> Result<Arc<MemoryObject>, Errno> {
383 let device = &self.device;
384 let state = device.state.lock();
385 if state.suspended {
386 track_stub!(TODO("https://fxbug.dev/338241090"), "Defer io for suspended devices.");
387 return error!(EINVAL);
388 }
389 if let Some(active_table) = &state.active_table {
390 if active_table.targets.len() > 1 {
391 track_stub!(
392 TODO("https://fxbug.dev/339701082"),
393 "Support pager-backed vmos for multiple targets."
394 );
395 return error!(ENOTSUP);
396 }
397 match &active_table.targets[0].target_type {
398 TargetType::Verity(args) => {
399 args.block_device.get_memory(locked, current_task, length, prot)
400 }
401 }
402 } else {
403 error!(EINVAL)
404 }
405 }
406
407 fn close(
408 self: Box<Self>,
409 _locked: &mut Locked<FileOpsCore>,
410 _file: &FileObjectState,
411 _current_task: &CurrentTask,
412 ) {
413 let mut state = self.device.state.lock();
414 state.open_count -= 1;
415 }
416}
417#[derive(Debug)]
418struct DmDeviceState {
419 version: [u32; 3],
420 target_count: u32,
421 open_count: u64,
422 name: [std::ffi::c_char; 128],
423 uuid: [std::ffi::c_char; 129],
424 active_table: Option<DmDeviceTable>,
425 inactive_table: Option<DmDeviceTable>,
426 flags: DeviceMapperFlags,
427 suspended: bool,
428 k_device: Option<Device>,
429}
430
431impl Default for DmDeviceState {
432 fn default() -> Self {
433 DmDeviceState {
434 version: [0; 3],
435 name: [0 as std::ffi::c_char; 128],
436 uuid: [0 as std::ffi::c_char; 129],
437 target_count: 0,
438 open_count: 0,
439 active_table: None,
440 inactive_table: None,
441 flags: DeviceMapperFlags::empty(),
442 suspended: false,
443 k_device: None,
444 }
445 }
446}
447
448impl DmDeviceState {
449 fn set_version(&mut self) {
450 self.version = [DM_VERSION_MAJOR, DM_VERSION_MINOR, DM_VERSION_PATCHLEVEL];
451 }
452
453 fn set_name(&mut self, name: [std::ffi::c_char; 128]) {
454 self.name = name;
455 }
456
457 fn set_uuid(&mut self, uuid: [std::ffi::c_char; 129]) {
458 self.uuid = uuid;
459 }
460
461 fn set_inactive_table(&mut self, inactive_table: DmDeviceTable) {
462 self.inactive_table = Some(inactive_table);
463 }
464
465 fn resume(&mut self) {
466 if let Some(inactive_table) = self.inactive_table.take() {
467 self.active_table = Some(inactive_table);
468 }
469 self.suspended = false;
470 }
471
472 fn remove(&mut self) {
473 self.active_table.take();
474 self.suspended = false;
475 }
476
477 fn set_target_count(&mut self, target_count: u32) {
478 self.target_count = target_count;
479 }
480
481 fn get_target_count(&self) -> u32 {
482 if let Some(_) = self.active_table { self.target_count } else { 0 }
483 }
484
485 fn add_flags(&mut self, flags: DeviceMapperFlags) {
486 self.flags |= flags;
487 }
488
489 fn get_flags(&self) -> DeviceMapperFlags {
490 let mut flags = DeviceMapperFlags::empty();
491 if let Some(active_table) = &self.active_table {
492 flags |= DeviceMapperFlags::ACTIVE_PRESENT;
493 if active_table.readonly {
494 flags |= DeviceMapperFlags::READONLY;
495 }
496 }
497 if let Some(_) = &self.inactive_table {
498 flags |= DeviceMapperFlags::INACTIVE_PRESENT;
499 }
500 if self.suspended {
501 flags |= DeviceMapperFlags::SUSPEND;
502 }
503 flags
504 }
505
506 fn suspend(&mut self) {
507 self.suspended = true;
508 }
509
510 fn set_k_device(&mut self, k_device: Device) {
511 self.k_device = Some(k_device);
512 }
513}
514#[derive(Debug, Clone)]
515struct DmDeviceTarget {
516 sector_start: u64,
517 length: u64,
518 status: i32,
519 name: [std::ffi::c_char; DM_MAX_TYPE_NAME as usize],
520 target_type: TargetType,
521}
522
523#[derive(Debug, Default, Clone)]
524pub struct DmDeviceTable {
525 targets: Vec<DmDeviceTarget>,
526 readonly: bool,
527}
528
529impl DmDeviceTable {
530 fn size(&self) -> usize {
531 let mut size = 0;
532 for target in &self.targets {
533 size += (SECTOR_SIZE * target.length) as usize;
534 }
535 size
536 }
537}
538
539struct DeviceMapper {
540 registry: Arc<DeviceMapperRegistry>,
541}
542
543impl DeviceMapper {
544 pub fn new(registry: Arc<DeviceMapperRegistry>) -> Self {
545 Self { registry: registry }
546 }
547}
548
549#[derive(Debug, Clone)]
550enum TargetType {
551 Verity(VerityTargetParams),
552}
553
554#[derive(Debug, Clone)]
555struct VerityTargetParams {
556 base_args: VerityTargetBaseArgs,
557 optional_args: VerityTargetOptionalArgs,
558 block_device: FileHandle,
559 hash_device: Vec<u8>,
560 corrupted: bool,
561}
562
563impl VerityTargetParams {
564 fn parameter_string(&self) -> String {
565 let base_string = format!(
566 "{} {} {} {:?} {:?} {:?} {:?} {} {} {}",
567 self.base_args.version,
568 self.base_args.block_device_path,
569 self.base_args.hash_device_path,
570 self.base_args.data_block_size,
571 self.base_args.hash_block_size,
572 self.base_args.num_data_blocks,
573 self.base_args.hash_start_block,
574 self.base_args.hash_algorithm,
575 self.base_args.root_digest,
576 self.base_args.salt
577 );
578 let mut optional_arg_count = 0;
579 let mut optional_string = String::new();
580 if self.optional_args.ignore_zero_blocks {
581 optional_arg_count += 1;
582 optional_string.push_str(" ignore_zero_blocks");
583 }
584 if self.optional_args.restart_on_corruption {
585 optional_arg_count += 1;
586 optional_string.push_str(" restart on corruption");
587 }
588 if optional_arg_count > 0 {
589 return format!("{base_string} {optional_arg_count}{optional_string}");
590 } else {
591 base_string
592 }
593 }
594}
595
596#[derive(Debug, Default, Clone)]
597struct VerityTargetOptionalArgs {
598 ignore_zero_blocks: bool,
599 restart_on_corruption: bool,
600}
601
602#[derive(Debug, Clone)]
603struct VerityTargetBaseArgs {
604 version: String,
605 block_device_path: String,
606 hash_device_path: String,
607 data_block_size: u64,
608 hash_block_size: u64,
609 num_data_blocks: u64,
610 hash_start_block: u64,
611 hash_algorithm: String,
612 root_digest: String,
613 salt: String,
614}
615
616fn open_device(
620 locked: &mut Locked<Unlocked>,
621 current_task: &CurrentTask,
622 device_path: String,
623) -> Result<(u64, FileHandle), Errno> {
624 let device_path_vec: Vec<&str> = device_path.split(":").collect();
625 if device_path_vec.len() == 1 {
626 let dev = current_task.open_file(locked, device_path.as_str().into(), OpenFlags::RDONLY)?;
627 let loop_device_vec: Vec<&str> = device_path.split("loop").collect();
628 let minor = loop_device_vec[1].parse::<u64>().unwrap();
629 Ok((minor, dev))
630 } else {
631 let minor = device_path_vec[1].parse::<u64>().unwrap();
632 let dev = current_task.open_file(
633 locked,
634 format!("/dev/loop{minor}").as_str().into(),
635 OpenFlags::RDONLY,
636 )?;
637 Ok((minor, dev))
638 }
639}
640
641fn size_of_merkle_tree_preceding_leaf_nodes(
642 leaf_nodes_size: u64,
643 hash_size: u64,
644 base_args: &VerityTargetBaseArgs,
645) -> u64 {
646 let mut total_size = 0;
647 let mut data_size = leaf_nodes_size;
648 while data_size > base_args.hash_block_size {
649 let num_hashes = data_size.div_ceil(base_args.hash_block_size);
650 let hashes_per_block = base_args.hash_block_size.div_ceil(hash_size);
651 let hash_blocks = num_hashes.div_ceil(hashes_per_block);
652 data_size = hash_blocks * base_args.hash_block_size;
653 total_size += data_size;
654 }
655 total_size
656}
657
658fn parse_parameter_string(
661 locked: &mut Locked<Unlocked>,
662 current_task: &CurrentTask,
663 target_type: &str,
664 parameter_str: String,
665) -> Result<TargetType, Errno> {
666 match target_type {
667 "verity" => {
668 let v: Vec<&str> = parameter_str.split(" ").collect();
669 let mut base_args = VerityTargetBaseArgs {
670 version: String::from(v[0]),
671 block_device_path: String::from(v[1]),
672 hash_device_path: String::from(v[2]),
673 data_block_size: v[3].parse::<u64>().unwrap(),
674 hash_block_size: v[4].parse::<u64>().unwrap(),
675 num_data_blocks: v[5].parse::<u64>().unwrap(),
676 hash_start_block: v[6].parse::<u64>().unwrap(),
677 hash_algorithm: String::from(v[7]),
678 root_digest: String::from(v[8]),
679 salt: String::from(v[9]),
680 };
681 let mut optional_args = VerityTargetOptionalArgs { ..Default::default() };
682
683 if v.len() > 10 {
684 let num_optional_args = v[10].parse::<u64>().unwrap();
685 if num_optional_args > 2 {
686 return error!(ENOTSUP);
687 }
688 for i in 0..num_optional_args {
689 if v[11 + i as usize] == "ignore_zero_blocks" {
690 optional_args.ignore_zero_blocks = true;
691 } else if v[11 + i as usize] == "restart_on_corruption" {
692 track_stub!(
693 TODO("https://fxbug.dev/338243823"),
694 "Support restart on corruption."
695 );
696 optional_args.restart_on_corruption = true;
697 } else {
698 return error!(ENOTSUP);
699 }
700 }
701 }
702
703 let (minor, block_device) =
704 open_device(locked, current_task, base_args.block_device_path)?;
705 base_args.block_device_path = format!("{LOOP_MAJOR}:{minor}");
706
707 let (minor, hash_device) = if base_args.hash_device_path == base_args.block_device_path
708 {
709 (minor, block_device.clone())
710 } else {
711 open_device(locked, current_task, base_args.hash_device_path)?
712 };
713 base_args.hash_device_path = format!("{LOOP_MAJOR}:{minor}");
714
715 let hash_size: u64 = match base_args.hash_algorithm.as_str() {
716 "sha256" => <Sha256 as Hasher>::Digest::DIGEST_LEN as u64,
717 "sha512" => <Sha512 as Hasher>::Digest::DIGEST_LEN as u64,
718 _ => return error!(ENOTSUP),
719 };
720
721 debug_assert!(base_args.hash_block_size > 0);
722 let data_size = base_args.num_data_blocks * base_args.data_block_size;
723 let num_hashes = data_size.div_ceil(base_args.hash_block_size);
724 let hashes_per_block = base_args.hash_block_size.div_ceil(hash_size);
725 let hash_blocks = num_hashes.div_ceil(hashes_per_block);
726 let leaf_nodes_size = hash_blocks * base_args.hash_block_size;
727 let mut buffer = VecOutputBuffer::new(leaf_nodes_size as usize);
728 let offset = base_args.hash_start_block * base_args.hash_block_size
729 + size_of_merkle_tree_preceding_leaf_nodes(leaf_nodes_size, hash_size, &base_args);
730 let bytes_read =
731 hash_device.read_at(locked, current_task, offset as usize, &mut buffer)?;
732 debug_assert!(bytes_read == leaf_nodes_size as usize);
733
734 Ok(TargetType::Verity(VerityTargetParams {
735 base_args: base_args,
736 optional_args: optional_args,
737 block_device,
738 hash_device: buffer.into(),
739 corrupted: false,
740 }))
741 }
742 _ => error!(ENOTSUP),
743 }
744}
745
746fn check_version_compatibility(major: u32, minor: u32) -> Result<(), Errno> {
747 if major != DM_VERSION_MAJOR || minor > DM_VERSION_MINOR {
751 return error!(EINVAL);
752 }
753 return Ok(());
754}
755
756impl FileOps for DeviceMapper {
757 fileops_impl_seekless!();
758 fileops_impl_dataless!();
759 fileops_impl_noop_sync!();
760
761 fn ioctl(
762 &self,
763 locked: &mut Locked<Unlocked>,
764 file: &FileObject,
765 current_task: &CurrentTask,
766 request: u32,
767 arg: SyscallArg,
768 ) -> Result<SyscallResult, Errno> {
769 let user_info = UserRef::<uapi::dm_ioctl>::from(arg);
770 let info_addr: starnix_uapi::user_address::UserAddress = user_info.addr();
771 let info = current_task.read_object(user_info)?;
772 let flags = DeviceMapperFlags::from_bits_truncate(info.flags);
773 match request {
774 DM_DEV_CREATE => {
775 if info.name == [0; DM_NAME_LEN as usize] || info.version == [0; 3] {
777 return error!(EINVAL);
778 }
779 let dm_device = self.registry.find(locked, current_task)?;
780 let mut state = dm_device.state.lock();
781 check_version_compatibility(info.version[0], info.version[1])?;
782 state.set_version();
783 state.set_name(info.name);
784 state.set_uuid(info.uuid);
785 let i = uapi::dm_ioctl {
786 name: state.name,
787 version: state.version,
788 uuid: state.uuid,
789 dev: dm_device.number.bits(),
790 data_size: DATA_SIZE,
791 data_start: 0,
792 ..Default::default()
793 };
794 log_trace!("DM_DEV_CREATE returned dm_ioctl: {:?}", i);
795 current_task.write_object(user_info, &i)?;
796 Ok(SUCCESS)
797 }
798 DM_TABLE_LOAD => {
799 let mut start_addr = (info_addr + info.data_start)?;
800 let mut num_targets = 0;
801 let dm_device = self.registry.get(&info)?;
802 let mut state = dm_device.state.lock();
803 let mut table = DmDeviceTable { ..Default::default() };
804 if flags.contains(DeviceMapperFlags::READONLY) {
805 table.readonly = true;
806 state.add_flags(DeviceMapperFlags::READONLY);
807 }
808 if info.target_count > 1 {
809 track_stub!(TODO("https://fxbug.dev/339701082"), "Support multiple targets.");
810 return error!(ENOTSUP);
811 }
812 track_stub!(
813 TODO("https://fxbug.dev/338245544"),
814 "Make sure targets are contiguous and non-overlapping"
815 );
816 while num_targets < info.target_count {
817 let target_ref = UserRef::<uapi::dm_target_spec>::new(start_addr);
818 let target = current_task.read_object(target_ref)?;
819 let parameter_cstring =
820 UserCString::new(current_task, target_ref.next()?.addr());
821 let parameters = current_task.read_c_string_to_vec(
822 parameter_cstring,
823 target.next as usize - std::mem::size_of::<uapi::dm_target_spec>(),
824 )?;
825 let target_type_addr = start_addr
826 .checked_add(
827 2 * std::mem::size_of::<u64>()
828 + std::mem::size_of::<u32>()
829 + std::mem::size_of::<i32>(),
830 )
831 .ok_or_else(|| errno!(EINVAL))?;
832 let target_type_cstring = UserCString::new(current_task, target_type_addr);
833 let target_type = current_task
834 .read_c_string_to_vec(target_type_cstring, DM_MAX_TYPE_NAME as usize)?;
835
836 let device_target = DmDeviceTarget {
837 sector_start: target.sector_start,
838 length: target.length,
839 status: target.status,
840 name: target.target_type,
841 target_type: parse_parameter_string(
842 locked,
843 current_task,
844 &target_type.to_string(),
845 parameters.to_string(),
846 )?,
847 };
848 table.targets.push(device_target);
849 num_targets += 1;
850 debug_assert!(target.next % 8 == 0);
851 start_addr = start_addr
852 .checked_add(target.next as usize)
853 .ok_or_else(|| errno!(EINVAL))?;
854 }
855
856 state.set_inactive_table(table);
858 state.set_target_count(num_targets);
859 let i = uapi::dm_ioctl {
860 name: state.name,
861 version: state.version,
862 uuid: state.uuid,
863 dev: dm_device.number.bits(),
864 data_size: DATA_SIZE,
865 data_start: 0,
866 flags: state.get_flags().bits(),
867 target_count: state.get_target_count(),
868 ..Default::default()
869 };
870 log_trace!("DM_TABLE_LOAD returned dm_ioctl: {:?}", i);
871 current_task.write_object(user_info, &i)?;
872 Ok(SUCCESS)
873 }
874 DM_DEV_SUSPEND => {
875 let dm_device = self.registry.get(&info)?;
876 let mut state = dm_device.state.lock();
877 if flags.contains(DeviceMapperFlags::SUSPEND) {
878 state.suspend();
879 } else {
880 state.resume();
881 }
882 let mut out_flags = state.get_flags();
883 if !flags.contains(DeviceMapperFlags::SUSPEND) {
884 out_flags |= DeviceMapperFlags::UEVENT_GENERATED;
885 }
886 let i = uapi::dm_ioctl {
887 name: state.name,
888 version: state.version,
889 uuid: state.uuid,
890 dev: dm_device.number.bits(),
891 data_size: DATA_SIZE,
892 data_start: 0,
893 flags: out_flags.bits(),
894 target_count: state.get_target_count(),
895 ..Default::default()
896 };
897 log_trace!("DM_DEV_SUSPEND returned dm_ioctl: {:?}", i);
898 current_task.write_object(user_info, &i)?;
899 Ok(SUCCESS)
900 }
901 DM_DEV_STATUS => {
902 let dm_device = self.registry.get(&info)?;
903 let state = dm_device.state.lock();
904 let i = uapi::dm_ioctl {
905 name: state.name,
906 version: state.version,
907 uuid: state.uuid,
908 dev: dm_device.number.bits(),
909 data_size: DATA_SIZE,
910 data_start: 0,
911 flags: state.get_flags().bits(),
912 target_count: state.get_target_count(),
913 ..Default::default()
914 };
915 log_trace!("DM_DEV_STATUS returned dm_ioctl: {:?}", i);
916 current_task.write_object(user_info, &i)?;
917 Ok(SUCCESS)
918 }
919 DM_DEV_REMOVE => {
920 let dm_device = self.registry.get(&info)?;
921 let mut devices = self.registry.devices.lock();
922 let mut state = dm_device.state.lock();
923 if state.open_count > 0 {
924 return error!(ENOTSUP);
925 }
926 self.registry.remove(
927 locked,
928 current_task,
929 &mut devices,
930 dm_device.number.minor(),
931 &state.k_device,
932 )?;
933 state.remove();
934 let i = uapi::dm_ioctl {
935 name: state.name,
936 version: state.version,
937 uuid: state.uuid,
938 dev: dm_device.number.bits(),
939 data_size: DATA_SIZE,
940 data_start: 0,
941 flags: (state.get_flags() | DeviceMapperFlags::UEVENT_GENERATED).bits(),
942 target_count: state.get_target_count(),
943 ..Default::default()
944 };
945 log_trace!("DM_DEV_REMOVE returned dm_ioctl: {:?}", i);
946 current_task.write_object(user_info, &i)?;
947 Ok(SUCCESS)
948 }
949 DM_LIST_DEVICES => {
950 if flags.contains(DeviceMapperFlags::DM_NAME_LIST_HAS_UUID)
951 || flags.contains(DeviceMapperFlags::DM_NAME_LIST_NO_UUID)
952 {
953 return error!(ENOTSUP);
954 }
955 let mut name_list_addr = user_info.next()?.addr();
956 let mut total_size = std::mem::size_of::<uapi::dm_ioctl>() as u32;
957 for (_, device) in self.registry.devices.lock().iter() {
958 let state = device.state.lock();
959 let dm_name_list = UserRef::<uapi::dm_name_list>::new(name_list_addr);
960 let name = state.name.iter().map(|v| *v as u8).collect::<Vec<u8>>();
961 let name_c_str = std::ffi::CStr::from_bytes_until_nul(name.as_slice())
962 .map_err(|_| errno!(EINVAL))?;
963 let mut name_vec_with_nul = name_c_str.to_bytes_with_nul().to_vec();
964 let mut size = (std::mem::size_of::<uapi::dm_name_list>() - 4
965 + name_vec_with_nul.len()) as u32;
966 let mut padding = 0;
967 if size % 8 != 0 {
968 padding = 8 - (size % 8);
969 size += padding;
970 };
971 size += 8;
973 let name_list = uapi::dm_name_list {
974 dev: device.number.bits(),
975 next: size,
976 ..Default::default()
977 };
978 if total_size + size > info.data_size {
979 let i = uapi::dm_ioctl {
980 data_size: DATA_SIZE,
981 data_start: std::mem::size_of::<uapi::dm_ioctl>() as u32,
982 flags: DeviceMapperFlags::BUFFER_FULL.bits(),
983 ..Default::default()
984 };
985 log_trace!("DM_LIST_DEVICES returned dm_ioctl: {:?}", i);
986 current_task.write_object(user_info, &i)?;
987 return Ok(SUCCESS);
988 }
989 total_size += size;
990 let mut name_addr = dm_name_list.next()?.addr();
991 name_addr = name_addr.sub(4 as usize)?;
992 current_task.write_object(dm_name_list, &name_list)?;
993 name_vec_with_nul.extend(vec![0; padding as usize + 8]);
994 current_task.write_memory(name_addr, name_vec_with_nul.as_slice())?;
995 name_list_addr =
996 name_list_addr.checked_add(size as usize).ok_or_else(|| errno!(EINVAL))?;
997 }
998 let i = uapi::dm_ioctl {
999 data_size: total_size,
1000 data_start: std::mem::size_of::<uapi::dm_ioctl>() as u32,
1001 ..Default::default()
1002 };
1003 log_trace!("DM_LIST_DEVICE returned dm_ioctl: {:?}", i);
1004 current_task.write_object(user_info, &i)?;
1005 Ok(SUCCESS)
1006 }
1007 DM_LIST_VERSIONS => {
1008 let version_list_addr = user_info.next()?.addr();
1009 let dm_versions_list = UserRef::<uapi::dm_target_versions>::new(version_list_addr);
1010 let name_c_str =
1011 std::ffi::CString::new(String::from("verity")).map_err(|_| errno!(EINVAL))?;
1012 let mut name_vec_with_nul = name_c_str.as_bytes_with_nul().to_vec();
1013 let mut size = (std::mem::size_of::<uapi::dm_target_versions>()
1014 + name_vec_with_nul.len()) as u32;
1015 let mut padding = 0;
1016 if size % 8 != 0 {
1017 padding = 8 - (size % 8);
1018 size += padding;
1019 };
1020 name_vec_with_nul.extend(vec![0; padding as usize]);
1021 if std::mem::size_of::<uapi::dm_ioctl>() as u32 + size > info.data_size {
1022 let i = uapi::dm_ioctl {
1023 data_size: DATA_SIZE,
1024 data_start: 0,
1025 flags: DeviceMapperFlags::BUFFER_FULL.bits(),
1026 ..Default::default()
1027 };
1028 log_trace!("DM_LIST_VERSIONS returned dm_ioctl: {:?}", i);
1029 current_task.write_object(user_info, &i)?;
1030 return Ok(SUCCESS);
1031 }
1032 let target_versions = uapi::dm_target_versions {
1033 next: size,
1034 version: [
1035 DM_VERITY_VERSION_MAJOR,
1036 DM_VERITY_VERSION_MINOR,
1037 DM_VERITY_VERSION_PATCHLEVEL,
1038 ],
1039 ..Default::default()
1040 };
1041 let name_addr = dm_versions_list.next()?.addr();
1042 current_task.write_object(dm_versions_list, &target_versions)?;
1043 current_task.write_memory(name_addr, name_vec_with_nul.as_slice())?;
1044
1045 let i = uapi::dm_ioctl {
1046 data_size: std::mem::size_of::<uapi::dm_ioctl>() as u32 + size,
1047 data_start: std::mem::size_of::<uapi::dm_ioctl>() as u32,
1048 ..Default::default()
1049 };
1050 log_trace!("DM_LIST_VERSIONS returned dm_ioctl: {:?}", i);
1051 current_task.write_object(user_info, &i)?;
1052 Ok(SUCCESS)
1053 }
1054 DM_TABLE_STATUS => {
1055 let dm_device = self.registry.get(&info)?;
1056 let state = dm_device.state.lock();
1057 let mut total_data_size = 0;
1058 let mut data_padding = 0;
1059 let mut target_spec_addr = user_info.next()?.addr();
1060 let mut out_flags = DeviceMapperFlags::empty();
1061 let space_for_data = info.data_size as usize
1062 - std::cmp::min(info.data_size as usize, std::mem::size_of::<uapi::dm_ioctl>());
1063 if let Some(active_table) = &state.active_table {
1064 for target in &active_table.targets {
1065 let target_spec_info =
1066 UserRef::<uapi::dm_target_spec>::new(target_spec_addr);
1067 let mut data_size = std::mem::size_of::<uapi::dm_target_spec>();
1068 if total_data_size + data_size - data_padding >= space_for_data {
1069 out_flags |= DeviceMapperFlags::BUFFER_FULL;
1070 break;
1071 }
1072 let data_addr = target_spec_info.next()?.addr();
1073 if flags.contains(DeviceMapperFlags::STATUS_TABLE) {
1074 match &target.target_type {
1075 TargetType::Verity(args) => {
1076 let param_str = std::ffi::CString::new(args.parameter_string())
1077 .map_err(|_| errno!(EINVAL))?;
1078 let mut args_bytes = param_str.into_bytes_with_nul();
1079 if args_bytes.len() % 8 != 0 {
1080 data_padding = 8 - args_bytes.len() % 8;
1081 args_bytes.extend(vec![0 as u8; data_padding]);
1082 }
1083 data_size += args_bytes.len();
1084 if total_data_size + data_size - data_padding >= space_for_data
1085 {
1086 out_flags |= DeviceMapperFlags::BUFFER_FULL;
1087 break;
1088 }
1089 current_task.write_memory(data_addr, args_bytes.as_slice())?;
1090 }
1091 }
1092 } else if flags.contains(DeviceMapperFlags::IMA_MEASUREMENT) {
1093 return error!(ENOTSUP);
1095 } else {
1096 match &target.target_type {
1097 TargetType::Verity(args) => {
1098 let status = if args.corrupted { "C" } else { "V" };
1099 let status_c_str = std::ffi::CString::new(String::from(status))
1100 .map_err(|_| errno!(EINVAL))?;
1101 let mut status_bytes = status_c_str.into_bytes_with_nul();
1102 if status_bytes.len() % 8 != 0 {
1103 data_padding = 8 - status_bytes.len() % 8;
1104 status_bytes.extend(vec![0 as u8; data_padding]);
1105 }
1106 data_size += status_bytes.len();
1107 if total_data_size + data_size - data_padding >= space_for_data
1108 {
1109 out_flags |= DeviceMapperFlags::BUFFER_FULL;
1110 break;
1111 }
1112 current_task
1113 .write_memory(data_addr, status_bytes.as_slice())?;
1114 }
1115 }
1116 }
1117 total_data_size += data_size;
1118 let target_spec = uapi::dm_target_spec {
1119 sector_start: target.sector_start,
1120 length: target.length,
1121 status: target.status,
1122 target_type: target.name,
1123 next: total_data_size as u32,
1124 };
1125 current_task.write_object(target_spec_info, &target_spec)?;
1126 target_spec_addr = target_spec_addr
1127 .checked_add(data_size)
1128 .ok_or_else(|| errno!(EINVAL))?;
1129 }
1130 } else {
1131 let i = uapi::dm_ioctl {
1132 name: state.name,
1133 version: state.version,
1134 uuid: state.uuid,
1135 dev: dm_device.number.bits(),
1136 data_size: DATA_SIZE,
1137 data_start: std::mem::size_of::<uapi::dm_ioctl>() as u32,
1138 flags: state.get_flags().bits(),
1139 ..Default::default()
1140 };
1141 log_trace!("DM_TABLE_STATUS returned dm_ioctl: {:?}", i);
1142 current_task.write_object(user_info, &i)?;
1143 return Ok(SUCCESS);
1144 }
1145 let total_size = if out_flags.contains(DeviceMapperFlags::BUFFER_FULL) {
1148 DATA_SIZE
1149 } else {
1150 (total_data_size + std::mem::size_of::<uapi::dm_ioctl>() - data_padding) as u32
1151 };
1152 out_flags |= state.get_flags();
1153
1154 let i = uapi::dm_ioctl {
1155 name: state.name,
1156 version: state.version,
1157 uuid: state.uuid,
1158 dev: dm_device.number.bits(),
1159 data_size: total_size,
1160 data_start: std::mem::size_of::<uapi::dm_ioctl>() as u32,
1161 flags: out_flags.bits(),
1162 ..Default::default()
1163 };
1164 log_trace!("DM_TABLE_STATUS returned dm_ioctl: {:?}", i);
1165 current_task.write_object(user_info, &i)?;
1166 Ok(SUCCESS)
1167 }
1168 DM_VERSION
1170 | DM_DEV_RENAME
1171 | DM_DEV_WAIT
1172 | DM_TABLE_CLEAR
1173 | DM_TABLE_DEPS
1174 | DM_REMOVE_ALL
1175 | DM_TARGET_MSG
1176 | DM_DEV_SET_GEOMETRY
1177 | DM_DEV_ARM_POLL
1178 | DM_GET_TARGET_VERSION => return error!(ENOTSUP),
1179 _ => default_ioctl(file, locked, current_task, request, arg),
1180 }
1181 }
1182}
1183
1184pub fn create_device_mapper(
1185 _locked: &mut Locked<FileOpsCore>,
1186 current_task: &CurrentTask,
1187 _id: DeviceType,
1188 _node: &NamespaceNode,
1189 _flags: OpenFlags,
1190) -> Result<Box<dyn FileOps>, Errno> {
1191 Ok(Box::new(DeviceMapper::new(current_task.kernel().expando.get::<DeviceMapperRegistry>())))
1192}
1193
1194fn get_or_create_dm_device(
1195 locked: &mut Locked<FileOpsCore>,
1196 current_task: &CurrentTask,
1197 id: DeviceType,
1198 _node: &NamespaceNode,
1199 _flags: OpenFlags,
1200) -> Result<Box<dyn FileOps>, Errno> {
1201 Ok(current_task
1202 .kernel()
1203 .expando
1204 .get::<DeviceMapperRegistry>()
1205 .get_or_create_by_minor(locked, current_task, id.minor())?
1206 .create_file_ops())
1207}