1#![recursion_limit = "512"]
6
7use bitflags::bitflags;
8use fsverity_merkle::{FsVerityHasher, FsVerityHasherOptions};
9use linux_uapi::DM_UUID_LEN;
10use mundane::hash::{Digest, Hasher, Sha256, Sha512};
11use starnix_core::device::DeviceMode;
12use starnix_core::device::kobject::{Device, DeviceMetadata};
13use starnix_core::fs::sysfs::{BlockDeviceInfo, build_block_device_directory};
14use starnix_core::mm::memory::MemoryObject;
15use starnix_core::mm::{MemoryAccessor, MemoryAccessorExt, ProtectionFlags};
16use starnix_core::task::{CurrentTask, Kernel};
17use starnix_core::vfs::buffers::{InputBuffer, VecOutputBuffer};
18use starnix_core::vfs::{
19 FileHandle, FileObject, FileObjectState, FileOps, FsString, NamespaceNode, OutputBuffer,
20 default_ioctl, fileops_impl_dataless, fileops_impl_noop_sync, fileops_impl_seekable,
21 fileops_impl_seekless,
22};
23use starnix_ext::map_ext::EntryExt;
24use starnix_logging::{log_trace, track_stub};
25use starnix_sync::{FileOpsCore, LockEqualOrBefore, Locked, Mutex, Unlocked};
26use starnix_syscalls::{SUCCESS, SyscallArg, SyscallResult};
27use starnix_uapi::device_id::{DEVICE_MAPPER_MAJOR, DeviceId, LOOP_MAJOR};
28use starnix_uapi::errors::Errno;
29use starnix_uapi::open_flags::OpenFlags;
30use starnix_uapi::user_address::{UserCString, UserRef};
31use starnix_uapi::{
32 DM_ACTIVE_PRESENT_FLAG, DM_BUFFER_FULL_FLAG, DM_DEV_ARM_POLL, DM_DEV_CREATE, DM_DEV_REMOVE,
33 DM_DEV_RENAME, DM_DEV_SET_GEOMETRY, DM_DEV_STATUS, DM_DEV_SUSPEND, DM_DEV_WAIT,
34 DM_GET_TARGET_VERSION, DM_IMA_MEASUREMENT_FLAG, DM_INACTIVE_PRESENT_FLAG, DM_LIST_DEVICES,
35 DM_LIST_VERSIONS, DM_MAX_TYPE_NAME, DM_NAME_LEN, DM_NAME_LIST_FLAG_DOESNT_HAVE_UUID,
36 DM_NAME_LIST_FLAG_HAS_UUID, DM_READONLY_FLAG, DM_REMOVE_ALL, DM_STATUS_TABLE_FLAG,
37 DM_SUSPEND_FLAG, DM_TABLE_CLEAR, DM_TABLE_DEPS, DM_TABLE_LOAD, DM_TABLE_STATUS, DM_TARGET_MSG,
38 DM_UEVENT_GENERATED_FLAG, DM_VERSION, DM_VERSION_MAJOR, DM_VERSION_MINOR,
39 DM_VERSION_PATCHLEVEL, errno, error, uapi,
40};
41use std::collections::btree_map::{BTreeMap, Entry};
42use std::ops::Sub;
43use std::sync::Arc;
44
45const SECTOR_SIZE: u64 = 512;
46const DATA_SIZE: u32 = 305;
49const DM_VERITY_VERSION_MAJOR: u32 = 1;
51const DM_VERITY_VERSION_MINOR: u32 = 9;
52const DM_VERITY_VERSION_PATCHLEVEL: u32 = 0;
53
54bitflags! {
55 #[derive(Clone, Copy, Debug, Default, PartialEq, Eq, PartialOrd, Ord, Hash)]
56 struct DeviceMapperFlags: u32 {
57 const ACTIVE_PRESENT = DM_ACTIVE_PRESENT_FLAG;
58 const INACTIVE_PRESENT = DM_INACTIVE_PRESENT_FLAG;
59 const READONLY = DM_READONLY_FLAG;
60 const SUSPEND = DM_SUSPEND_FLAG;
61 const UEVENT_GENERATED = DM_UEVENT_GENERATED_FLAG;
62 const BUFFER_FULL = DM_BUFFER_FULL_FLAG;
63 const STATUS_TABLE = DM_STATUS_TABLE_FLAG;
64 const IMA_MEASUREMENT = DM_IMA_MEASUREMENT_FLAG;
65 const DM_NAME_LIST_HAS_UUID = DM_NAME_LIST_FLAG_HAS_UUID;
66 const DM_NAME_LIST_NO_UUID = DM_NAME_LIST_FLAG_DOESNT_HAVE_UUID;
67 }
68}
69
70pub fn device_mapper_init(locked: &mut Locked<Unlocked>, kernel: &Kernel) -> Result<(), Errno> {
71 kernel.device_registry.register_major(
72 locked,
73 "device-mapper".into(),
74 DeviceMode::Block,
75 DEVICE_MAPPER_MAJOR,
76 get_or_create_dm_device,
77 )?;
78 Ok(())
79}
80
81#[derive(Debug, Default)]
82pub struct DeviceMapperRegistry {
83 devices: Mutex<BTreeMap<u32, Arc<DmDevice>>>,
84}
85
86impl DeviceMapperRegistry {
87 fn get(&self, io: &uapi::dm_ioctl) -> Result<Arc<DmDevice>, Errno> {
89 if io.name != [0; DM_NAME_LEN as usize] {
90 if io.uuid != [0; DM_UUID_LEN as usize] || io.dev > 0 {
91 return error!(EINVAL);
92 } else {
93 return self.get_by_name(io.name);
94 }
95 }
96 if io.uuid != [0; DM_UUID_LEN as usize] {
97 if io.dev > 0 {
98 return error!(EINVAL);
99 } else {
100 return self.get_by_uuid(io.uuid);
101 }
102 }
103 let dev_minor = ((io.dev >> 12 & 0xffffff00) | (io.dev & 0xff)) as u32;
104 self.devices.lock().get(&dev_minor).ok_or_else(|| errno!(ENODEV)).cloned()
105 }
106
107 fn get_by_name(
108 &self,
109 name: [std::ffi::c_char; DM_NAME_LEN as usize],
110 ) -> Result<Arc<DmDevice>, Errno> {
111 let devices = self.devices.lock();
112 let entry = devices.iter().find(|(_, device)| {
113 let state = device.state.lock();
114 state.name == name
115 });
116 if let Some((_, device)) = entry { Ok(device.clone()) } else { error!(ENODEV) }
117 }
118
119 fn get_by_uuid(
120 &self,
121 uuid: [std::ffi::c_char; DM_UUID_LEN as usize],
122 ) -> Result<Arc<DmDevice>, Errno> {
123 let devices = self.devices.lock();
124 let entry = devices.iter().find(|(_, device)| {
125 let state = device.state.lock();
126 state.uuid == uuid
127 });
128 if let Some((_, device)) = entry { Ok(device.clone()) } else { error!(ENODEV) }
129 }
130
131 fn get_or_create_by_minor<L>(
132 &self,
133 locked: &mut Locked<L>,
134 current_task: &CurrentTask,
135 minor: u32,
136 ) -> Result<Arc<DmDevice>, Errno>
137 where
138 L: LockEqualOrBefore<FileOpsCore>,
139 {
140 self.devices
141 .lock()
142 .entry(minor)
143 .or_insert_with_fallible(|| DmDevice::new(locked, current_task, minor))
144 .cloned()
145 }
146
147 fn find<L>(
150 &self,
151 locked: &mut Locked<L>,
152 current_task: &CurrentTask,
153 ) -> Result<Arc<DmDevice>, Errno>
154 where
155 L: LockEqualOrBefore<FileOpsCore>,
156 {
157 let mut devices = self.devices.lock();
158 for minor in 0..u32::MAX {
159 match devices.entry(minor) {
160 Entry::Vacant(e) => {
161 let device = DmDevice::new(locked, current_task, minor)?;
162 e.insert(device.clone());
163 return Ok(device);
164 }
165 Entry::Occupied(_) => {}
166 }
167 }
168 error!(ENODEV)
169 }
170
171 fn remove<L>(
173 &self,
174 locked: &mut Locked<L>,
175 current_task: &CurrentTask,
176 devices: &mut BTreeMap<u32, Arc<DmDevice>>,
177 minor: u32,
178 k_device: &Option<Device>,
179 ) -> Result<(), Errno>
180 where
181 L: LockEqualOrBefore<FileOpsCore>,
182 {
183 devices.remove(&minor).ok_or_else(|| errno!(ENODEV))?;
184 let kernel = current_task.kernel();
185 let registry = &kernel.device_registry;
186 if let Some(dev) = &k_device {
187 registry.remove_device(locked, current_task, dev.clone());
188 } else {
189 return error!(EINVAL);
190 }
191 Ok(())
192 }
193}
194#[derive(Debug, Default)]
195pub struct DmDevice {
196 number: DeviceId,
197 state: Mutex<DmDeviceState>,
198}
199
200impl DmDevice {
201 fn new<L>(
202 locked: &mut Locked<L>,
203 current_task: &CurrentTask,
204 minor: u32,
205 ) -> Result<Arc<Self>, Errno>
206 where
207 L: LockEqualOrBefore<FileOpsCore>,
208 {
209 let kernel = current_task.kernel();
210 let registry = &kernel.device_registry;
211 let dm_device_name = FsString::from(format!("dm-{minor}"));
212 let virtual_block_class = registry.objects.virtual_block_class();
213 let device = Arc::new(Self {
214 number: DeviceId::new(DEVICE_MAPPER_MAJOR, minor),
215 ..Default::default()
216 });
217 let device_weak = Arc::<DmDevice>::downgrade(&device);
218 let k_device = registry.add_device(
219 locked,
220 current_task,
221 dm_device_name.as_ref(),
222 DeviceMetadata::new(
223 dm_device_name.clone(),
224 DeviceId::new(DEVICE_MAPPER_MAJOR, minor),
225 DeviceMode::Block,
226 ),
227 virtual_block_class,
228 |device, dir| build_block_device_directory(device, device_weak, dir),
229 )?;
230 {
231 let mut state = device.state.lock();
232 state.set_k_device(k_device);
233 }
234 Ok(device)
235 }
236
237 fn create_file_ops(self: &Arc<Self>) -> Box<dyn FileOps> {
238 let mut state = self.state.lock();
239 state.open_count += 1;
240 Box::new(DmDeviceFile { device: self.clone() })
241 }
242}
243
244impl BlockDeviceInfo for DmDevice {
245 fn size(&self) -> Result<usize, Errno> {
246 let state = self.state.lock();
247 if !state.suspended {
248 if let Some(active_table) = &state.active_table {
249 Ok(active_table.size())
250 } else {
251 Ok(0)
252 }
253 } else {
254 Ok(0)
255 }
256 }
257}
258struct DmDeviceFile {
259 device: Arc<DmDevice>,
260}
261
262fn verify_read(
263 buffer: &VecOutputBuffer,
264 args: &mut VerityTargetParams,
265 offset: usize,
266) -> Result<(), Errno> {
267 let (hasher, digest_size) = match args.base_args.hash_algorithm.as_str() {
268 "sha256" => {
269 let hasher = FsVerityHasher::Sha256(FsVerityHasherOptions::new_dmverity(
270 hex::decode(args.base_args.salt.clone()).unwrap(),
271 args.base_args.hash_block_size as usize,
272 ));
273 (hasher, <Sha256 as Hasher>::Digest::DIGEST_LEN)
274 }
275 "sha512" => {
276 let hasher = FsVerityHasher::Sha512(FsVerityHasherOptions::new_dmverity(
277 hex::decode(args.base_args.salt.clone()).unwrap(),
278 args.base_args.hash_block_size as usize,
279 ));
280 (hasher, <Sha512 as Hasher>::Digest::DIGEST_LEN)
281 }
282 _ => return error!(ENOTSUP),
283 };
284
285 let leaf_nodes: Vec<&[u8]> = args.hash_device.chunks(digest_size).collect();
286 let mut leaf_nodes_offset = offset;
287
288 for b in buffer.data().chunks(args.base_args.hash_block_size as usize) {
289 if hasher.hash_block(b)
290 != leaf_nodes[leaf_nodes_offset / args.base_args.hash_block_size as usize]
291 {
292 args.corrupted = true;
293 return error!(EINVAL);
294 }
295
296 leaf_nodes_offset += args.base_args.hash_block_size as usize;
297 }
298 Ok(())
299}
300
301impl FileOps for DmDeviceFile {
302 fileops_impl_seekable!();
303
304 fileops_impl_noop_sync!();
306
307 fn write(
308 &self,
309 _locked: &mut Locked<FileOpsCore>,
310 _file: &FileObject,
311 _current_task: &CurrentTask,
312 _offset: usize,
313 _data: &mut dyn InputBuffer,
314 ) -> Result<usize, Errno> {
315 error!(ENOTSUP)
316 }
317
318 fn read(
319 &self,
320 locked: &mut Locked<FileOpsCore>,
321 _file: &FileObject,
322 current_task: &CurrentTask,
323 offset: usize,
324 data: &mut dyn OutputBuffer,
325 ) -> Result<usize, Errno> {
326 let device = &self.device;
327 let mut state = device.state.lock();
328 if state.suspended {
329 track_stub!(TODO("https://fxbug.dev/338241090"), "Defer io for suspended devices.");
330 return Ok(0);
331 }
332 if let Some(active_table) = &mut state.active_table {
333 let mut bytes_read = 0;
334 let to_read = std::cmp::min(
335 data.available(),
336 active_table.size().checked_sub(offset).ok_or_else(|| errno!(EINVAL))?,
337 );
338 let mut buffer = VecOutputBuffer::new(to_read);
339 if active_table.targets.len() > 1 {
340 track_stub!(
341 TODO("https://fxbug.dev/339701082"),
342 "Support reads for multiple targets."
343 );
344 return error!(ENOTSUP);
345 }
346 let target = &mut active_table.targets[0];
347 let start = (target.sector_start * SECTOR_SIZE) as usize;
348 debug_assert!(start == 0);
349 let size = (target.length * SECTOR_SIZE) as usize;
350 if offset >= start && offset < start + size {
351 match &mut target.target_type {
352 TargetType::Verity(args) => {
353 if to_read % args.base_args.hash_block_size as usize != 0 {
354 return error!(EINVAL);
355 }
356 let read = args.block_device.ops().read(
357 locked,
358 &args.block_device,
359 current_task,
360 offset - start,
361 &mut buffer,
362 )?;
363 bytes_read += read;
364 verify_read(&buffer, args, offset - start)?;
365 }
366 }
367 }
368 let read = data.write_all(buffer.data())?;
369 debug_assert!(read == bytes_read);
370 Ok(bytes_read)
371 } else {
372 Ok(0)
373 }
374 }
375
376 fn get_memory(
377 &self,
378 locked: &mut Locked<FileOpsCore>,
379 _file: &FileObject,
380 current_task: &CurrentTask,
381 length: Option<usize>,
382 prot: ProtectionFlags,
383 ) -> Result<Arc<MemoryObject>, Errno> {
384 let device = &self.device;
385 let state = device.state.lock();
386 if state.suspended {
387 track_stub!(TODO("https://fxbug.dev/338241090"), "Defer io for suspended devices.");
388 return error!(EINVAL);
389 }
390 if let Some(active_table) = &state.active_table {
391 if active_table.targets.len() > 1 {
392 track_stub!(
393 TODO("https://fxbug.dev/339701082"),
394 "Support pager-backed vmos for multiple targets."
395 );
396 return error!(ENOTSUP);
397 }
398 match &active_table.targets[0].target_type {
399 TargetType::Verity(args) => args.block_device.ops().get_memory(
400 locked,
401 &args.block_device,
402 current_task,
403 length,
404 prot,
405 ),
406 }
407 } else {
408 error!(EINVAL)
409 }
410 }
411
412 fn close(
413 self: Box<Self>,
414 _locked: &mut Locked<FileOpsCore>,
415 _file: &FileObjectState,
416 _current_task: &CurrentTask,
417 ) {
418 let mut state = self.device.state.lock();
419 state.open_count -= 1;
420 }
421}
422#[derive(Debug)]
423struct DmDeviceState {
424 version: [u32; 3],
425 target_count: u32,
426 open_count: u64,
427 name: [std::ffi::c_char; 128],
428 uuid: [std::ffi::c_char; 129],
429 active_table: Option<DmDeviceTable>,
430 inactive_table: Option<DmDeviceTable>,
431 flags: DeviceMapperFlags,
432 suspended: bool,
433 k_device: Option<Device>,
434}
435
436impl Default for DmDeviceState {
437 fn default() -> Self {
438 DmDeviceState {
439 version: [0; 3],
440 name: [0 as std::ffi::c_char; 128],
441 uuid: [0 as std::ffi::c_char; 129],
442 target_count: 0,
443 open_count: 0,
444 active_table: None,
445 inactive_table: None,
446 flags: DeviceMapperFlags::empty(),
447 suspended: false,
448 k_device: None,
449 }
450 }
451}
452
453impl DmDeviceState {
454 fn set_version(&mut self) {
455 self.version = [DM_VERSION_MAJOR, DM_VERSION_MINOR, DM_VERSION_PATCHLEVEL];
456 }
457
458 fn set_name(&mut self, name: [std::ffi::c_char; 128]) {
459 self.name = name;
460 }
461
462 fn set_uuid(&mut self, uuid: [std::ffi::c_char; 129]) {
463 self.uuid = uuid;
464 }
465
466 fn set_inactive_table(&mut self, inactive_table: DmDeviceTable) {
467 self.inactive_table = Some(inactive_table);
468 }
469
470 fn resume(&mut self) {
471 if let Some(inactive_table) = self.inactive_table.take() {
472 self.active_table = Some(inactive_table);
473 }
474 self.suspended = false;
475 }
476
477 fn remove(&mut self) {
478 self.active_table.take();
479 self.suspended = false;
480 }
481
482 fn set_target_count(&mut self, target_count: u32) {
483 self.target_count = target_count;
484 }
485
486 fn get_target_count(&self) -> u32 {
487 if let Some(_) = self.active_table { self.target_count } else { 0 }
488 }
489
490 fn add_flags(&mut self, flags: DeviceMapperFlags) {
491 self.flags |= flags;
492 }
493
494 fn get_flags(&self) -> DeviceMapperFlags {
495 let mut flags = DeviceMapperFlags::empty();
496 if let Some(active_table) = &self.active_table {
497 flags |= DeviceMapperFlags::ACTIVE_PRESENT;
498 if active_table.readonly {
499 flags |= DeviceMapperFlags::READONLY;
500 }
501 }
502 if let Some(_) = &self.inactive_table {
503 flags |= DeviceMapperFlags::INACTIVE_PRESENT;
504 }
505 if self.suspended {
506 flags |= DeviceMapperFlags::SUSPEND;
507 }
508 flags
509 }
510
511 fn suspend(&mut self) {
512 self.suspended = true;
513 }
514
515 fn set_k_device(&mut self, k_device: Device) {
516 self.k_device = Some(k_device);
517 }
518}
519#[derive(Debug, Clone)]
520struct DmDeviceTarget {
521 sector_start: u64,
522 length: u64,
523 status: i32,
524 name: [std::ffi::c_char; DM_MAX_TYPE_NAME as usize],
525 target_type: TargetType,
526}
527
528#[derive(Debug, Default, Clone)]
529pub struct DmDeviceTable {
530 targets: Vec<DmDeviceTarget>,
531 readonly: bool,
532}
533
534impl DmDeviceTable {
535 fn size(&self) -> usize {
536 let mut size = 0;
537 for target in &self.targets {
538 size += (SECTOR_SIZE * target.length) as usize;
539 }
540 size
541 }
542}
543
544struct DeviceMapper {
545 registry: Arc<DeviceMapperRegistry>,
546}
547
548impl DeviceMapper {
549 pub fn new(registry: Arc<DeviceMapperRegistry>) -> Self {
550 Self { registry: registry }
551 }
552}
553
554#[derive(Debug, Clone)]
555enum TargetType {
556 Verity(VerityTargetParams),
557}
558
559#[derive(Debug, Clone)]
560struct VerityTargetParams {
561 base_args: VerityTargetBaseArgs,
562 optional_args: VerityTargetOptionalArgs,
563 block_device: FileHandle,
564 hash_device: Vec<u8>,
565 corrupted: bool,
566}
567
568impl VerityTargetParams {
569 fn parameter_string(&self) -> String {
570 let base_string = format!(
571 "{} {} {} {:?} {:?} {:?} {:?} {} {} {}",
572 self.base_args.version,
573 self.base_args.block_device_path,
574 self.base_args.hash_device_path,
575 self.base_args.data_block_size,
576 self.base_args.hash_block_size,
577 self.base_args.num_data_blocks,
578 self.base_args.hash_start_block,
579 self.base_args.hash_algorithm,
580 self.base_args.root_digest,
581 self.base_args.salt
582 );
583 let mut optional_arg_count = 0;
584 let mut optional_string = String::new();
585 if self.optional_args.ignore_zero_blocks {
586 optional_arg_count += 1;
587 optional_string.push_str(" ignore_zero_blocks");
588 }
589 if self.optional_args.restart_on_corruption {
590 optional_arg_count += 1;
591 optional_string.push_str(" restart on corruption");
592 }
593 if optional_arg_count > 0 {
594 return format!("{base_string} {optional_arg_count}{optional_string}");
595 } else {
596 base_string
597 }
598 }
599}
600
601#[derive(Debug, Default, Clone)]
602struct VerityTargetOptionalArgs {
603 ignore_zero_blocks: bool,
604 restart_on_corruption: bool,
605}
606
607#[derive(Debug, Clone)]
608struct VerityTargetBaseArgs {
609 version: String,
610 block_device_path: String,
611 hash_device_path: String,
612 data_block_size: u64,
613 hash_block_size: u64,
614 num_data_blocks: u64,
615 hash_start_block: u64,
616 hash_algorithm: String,
617 root_digest: String,
618 salt: String,
619}
620
621fn open_device(
625 locked: &mut Locked<Unlocked>,
626 current_task: &CurrentTask,
627 device_path: String,
628) -> Result<(u64, FileHandle), Errno> {
629 let device_path_vec: Vec<&str> = device_path.split(":").collect();
630 if device_path_vec.len() == 1 {
631 let dev = current_task.open_file(locked, device_path.as_str().into(), OpenFlags::RDONLY)?;
632 let loop_device_vec: Vec<&str> = device_path.split("loop").collect();
633 let minor = loop_device_vec[1].parse::<u64>().unwrap();
634 Ok((minor, dev))
635 } else {
636 let minor = device_path_vec[1].parse::<u64>().unwrap();
637 let dev = current_task.open_file(
638 locked,
639 format!("/dev/loop{minor}").as_str().into(),
640 OpenFlags::RDONLY,
641 )?;
642 Ok((minor, dev))
643 }
644}
645
646fn size_of_merkle_tree_preceding_leaf_nodes(
647 leaf_nodes_size: u64,
648 hash_size: u64,
649 base_args: &VerityTargetBaseArgs,
650) -> u64 {
651 let mut total_size = 0;
652 let mut data_size = leaf_nodes_size;
653 while data_size > base_args.hash_block_size {
654 let num_hashes = data_size.div_ceil(base_args.hash_block_size);
655 let hashes_per_block = base_args.hash_block_size.div_ceil(hash_size);
656 let hash_blocks = num_hashes.div_ceil(hashes_per_block);
657 data_size = hash_blocks * base_args.hash_block_size;
658 total_size += data_size;
659 }
660 total_size
661}
662
663fn parse_parameter_string(
666 locked: &mut Locked<Unlocked>,
667 current_task: &CurrentTask,
668 target_type: &str,
669 parameter_str: String,
670) -> Result<TargetType, Errno> {
671 match target_type {
672 "verity" => {
673 let v: Vec<&str> = parameter_str.split(" ").collect();
674 let mut base_args = VerityTargetBaseArgs {
675 version: String::from(v[0]),
676 block_device_path: String::from(v[1]),
677 hash_device_path: String::from(v[2]),
678 data_block_size: v[3].parse::<u64>().unwrap(),
679 hash_block_size: v[4].parse::<u64>().unwrap(),
680 num_data_blocks: v[5].parse::<u64>().unwrap(),
681 hash_start_block: v[6].parse::<u64>().unwrap(),
682 hash_algorithm: String::from(v[7]),
683 root_digest: String::from(v[8]),
684 salt: String::from(v[9]),
685 };
686 let mut optional_args = VerityTargetOptionalArgs { ..Default::default() };
687
688 if v.len() > 10 {
689 let num_optional_args = v[10].parse::<u64>().unwrap();
690 if num_optional_args > 2 {
691 return error!(ENOTSUP);
692 }
693 for i in 0..num_optional_args {
694 if v[11 + i as usize] == "ignore_zero_blocks" {
695 optional_args.ignore_zero_blocks = true;
696 } else if v[11 + i as usize] == "restart_on_corruption" {
697 track_stub!(
698 TODO("https://fxbug.dev/338243823"),
699 "Support restart on corruption."
700 );
701 optional_args.restart_on_corruption = true;
702 } else {
703 return error!(ENOTSUP);
704 }
705 }
706 }
707
708 let (minor, block_device) =
709 open_device(locked, current_task, base_args.block_device_path)?;
710 base_args.block_device_path = format!("{LOOP_MAJOR}:{minor}");
711
712 let (minor, hash_device) = if base_args.hash_device_path == base_args.block_device_path
713 {
714 (minor, block_device.clone())
715 } else {
716 open_device(locked, current_task, base_args.hash_device_path)?
717 };
718 base_args.hash_device_path = format!("{LOOP_MAJOR}:{minor}");
719
720 let hash_size: u64 = match base_args.hash_algorithm.as_str() {
721 "sha256" => <Sha256 as Hasher>::Digest::DIGEST_LEN as u64,
722 "sha512" => <Sha512 as Hasher>::Digest::DIGEST_LEN as u64,
723 _ => return error!(ENOTSUP),
724 };
725
726 debug_assert!(base_args.hash_block_size > 0);
727 let data_size = base_args.num_data_blocks * base_args.data_block_size;
728 let num_hashes = data_size.div_ceil(base_args.hash_block_size);
729 let hashes_per_block = base_args.hash_block_size.div_ceil(hash_size);
730 let hash_blocks = num_hashes.div_ceil(hashes_per_block);
731 let leaf_nodes_size = hash_blocks * base_args.hash_block_size;
732 let mut buffer = VecOutputBuffer::new(leaf_nodes_size as usize);
733 let offset = base_args.hash_start_block * base_args.hash_block_size
734 + size_of_merkle_tree_preceding_leaf_nodes(leaf_nodes_size, hash_size, &base_args);
735 let locked = locked.cast_locked::<FileOpsCore>();
736 let bytes_read = hash_device.ops().read(
737 locked,
738 &hash_device,
739 current_task,
740 offset as usize,
741 &mut buffer,
742 )?;
743 debug_assert!(bytes_read == leaf_nodes_size as usize);
744
745 Ok(TargetType::Verity(VerityTargetParams {
746 base_args: base_args,
747 optional_args: optional_args,
748 block_device,
749 hash_device: buffer.into(),
750 corrupted: false,
751 }))
752 }
753 _ => error!(ENOTSUP),
754 }
755}
756
757fn check_version_compatibility(major: u32, minor: u32) -> Result<(), Errno> {
758 if major != DM_VERSION_MAJOR || minor > DM_VERSION_MINOR {
762 return error!(EINVAL);
763 }
764 return Ok(());
765}
766
767impl FileOps for DeviceMapper {
768 fileops_impl_seekless!();
769 fileops_impl_dataless!();
770 fileops_impl_noop_sync!();
771
772 fn ioctl(
773 &self,
774 locked: &mut Locked<Unlocked>,
775 file: &FileObject,
776 current_task: &CurrentTask,
777 request: u32,
778 arg: SyscallArg,
779 ) -> Result<SyscallResult, Errno> {
780 let user_info = UserRef::<uapi::dm_ioctl>::from(arg);
781 let info_addr: starnix_uapi::user_address::UserAddress = user_info.addr();
782 let info = current_task.read_object(user_info)?;
783 let flags = DeviceMapperFlags::from_bits_truncate(info.flags);
784 match request {
785 DM_DEV_CREATE => {
786 if info.name == [0; DM_NAME_LEN as usize] || info.version == [0; 3] {
788 return error!(EINVAL);
789 }
790 let dm_device = self.registry.find(locked, current_task)?;
791 let mut state = dm_device.state.lock();
792 check_version_compatibility(info.version[0], info.version[1])?;
793 state.set_version();
794 state.set_name(info.name);
795 state.set_uuid(info.uuid);
796 let i = uapi::dm_ioctl {
797 name: state.name,
798 version: state.version,
799 uuid: state.uuid,
800 dev: dm_device.number.bits(),
801 data_size: DATA_SIZE,
802 data_start: 0,
803 ..Default::default()
804 };
805 log_trace!("DM_DEV_CREATE returned dm_ioctl: {:?}", i);
806 current_task.write_object(user_info, &i)?;
807 Ok(SUCCESS)
808 }
809 DM_TABLE_LOAD => {
810 let mut start_addr = (info_addr + info.data_start)?;
811 let mut num_targets = 0;
812 let dm_device = self.registry.get(&info)?;
813 let mut state = dm_device.state.lock();
814 let mut table = DmDeviceTable { ..Default::default() };
815 if flags.contains(DeviceMapperFlags::READONLY) {
816 table.readonly = true;
817 state.add_flags(DeviceMapperFlags::READONLY);
818 }
819 if info.target_count > 1 {
820 track_stub!(TODO("https://fxbug.dev/339701082"), "Support multiple targets.");
821 return error!(ENOTSUP);
822 }
823 track_stub!(
824 TODO("https://fxbug.dev/338245544"),
825 "Make sure targets are contiguous and non-overlapping"
826 );
827 while num_targets < info.target_count {
828 let target_ref = UserRef::<uapi::dm_target_spec>::new(start_addr);
829 let target = current_task.read_object(target_ref)?;
830 let parameter_cstring =
831 UserCString::new(current_task, target_ref.next()?.addr());
832 let parameters = current_task.read_c_string_to_vec(
833 parameter_cstring,
834 target.next as usize - std::mem::size_of::<uapi::dm_target_spec>(),
835 )?;
836 let target_type_addr = start_addr
837 .checked_add(
838 2 * std::mem::size_of::<u64>()
839 + std::mem::size_of::<u32>()
840 + std::mem::size_of::<i32>(),
841 )
842 .ok_or_else(|| errno!(EINVAL))?;
843 let target_type_cstring = UserCString::new(current_task, target_type_addr);
844 let target_type = current_task
845 .read_c_string_to_vec(target_type_cstring, DM_MAX_TYPE_NAME as usize)?;
846
847 let device_target = DmDeviceTarget {
848 sector_start: target.sector_start,
849 length: target.length,
850 status: target.status,
851 name: target.target_type,
852 target_type: parse_parameter_string(
853 locked,
854 current_task,
855 &target_type.to_string(),
856 parameters.to_string(),
857 )?,
858 };
859 table.targets.push(device_target);
860 num_targets += 1;
861 debug_assert!(target.next % 8 == 0);
862 start_addr = start_addr
863 .checked_add(target.next as usize)
864 .ok_or_else(|| errno!(EINVAL))?;
865 }
866
867 state.set_inactive_table(table);
869 state.set_target_count(num_targets);
870 let i = uapi::dm_ioctl {
871 name: state.name,
872 version: state.version,
873 uuid: state.uuid,
874 dev: dm_device.number.bits(),
875 data_size: DATA_SIZE,
876 data_start: 0,
877 flags: state.get_flags().bits(),
878 target_count: state.get_target_count(),
879 ..Default::default()
880 };
881 log_trace!("DM_TABLE_LOAD returned dm_ioctl: {:?}", i);
882 current_task.write_object(user_info, &i)?;
883 Ok(SUCCESS)
884 }
885 DM_DEV_SUSPEND => {
886 let dm_device = self.registry.get(&info)?;
887 let mut state = dm_device.state.lock();
888 if flags.contains(DeviceMapperFlags::SUSPEND) {
889 state.suspend();
890 } else {
891 state.resume();
892 }
893 let mut out_flags = state.get_flags();
894 if !flags.contains(DeviceMapperFlags::SUSPEND) {
895 out_flags |= DeviceMapperFlags::UEVENT_GENERATED;
896 }
897 let i = uapi::dm_ioctl {
898 name: state.name,
899 version: state.version,
900 uuid: state.uuid,
901 dev: dm_device.number.bits(),
902 data_size: DATA_SIZE,
903 data_start: 0,
904 flags: out_flags.bits(),
905 target_count: state.get_target_count(),
906 ..Default::default()
907 };
908 log_trace!("DM_DEV_SUSPEND returned dm_ioctl: {:?}", i);
909 current_task.write_object(user_info, &i)?;
910 Ok(SUCCESS)
911 }
912 DM_DEV_STATUS => {
913 let dm_device = self.registry.get(&info)?;
914 let state = dm_device.state.lock();
915 let i = uapi::dm_ioctl {
916 name: state.name,
917 version: state.version,
918 uuid: state.uuid,
919 dev: dm_device.number.bits(),
920 data_size: DATA_SIZE,
921 data_start: 0,
922 flags: state.get_flags().bits(),
923 target_count: state.get_target_count(),
924 ..Default::default()
925 };
926 log_trace!("DM_DEV_STATUS returned dm_ioctl: {:?}", i);
927 current_task.write_object(user_info, &i)?;
928 Ok(SUCCESS)
929 }
930 DM_DEV_REMOVE => {
931 let dm_device = self.registry.get(&info)?;
932 let mut devices = self.registry.devices.lock();
933 let mut state = dm_device.state.lock();
934 if state.open_count > 0 {
935 return error!(ENOTSUP);
936 }
937 self.registry.remove(
938 locked,
939 current_task,
940 &mut devices,
941 dm_device.number.minor(),
942 &state.k_device,
943 )?;
944 state.remove();
945 let i = uapi::dm_ioctl {
946 name: state.name,
947 version: state.version,
948 uuid: state.uuid,
949 dev: dm_device.number.bits(),
950 data_size: DATA_SIZE,
951 data_start: 0,
952 flags: (state.get_flags() | DeviceMapperFlags::UEVENT_GENERATED).bits(),
953 target_count: state.get_target_count(),
954 ..Default::default()
955 };
956 log_trace!("DM_DEV_REMOVE returned dm_ioctl: {:?}", i);
957 current_task.write_object(user_info, &i)?;
958 Ok(SUCCESS)
959 }
960 DM_LIST_DEVICES => {
961 if flags.contains(DeviceMapperFlags::DM_NAME_LIST_HAS_UUID)
962 || flags.contains(DeviceMapperFlags::DM_NAME_LIST_NO_UUID)
963 {
964 return error!(ENOTSUP);
965 }
966 let mut name_list_addr = user_info.next()?.addr();
967 let mut total_size = std::mem::size_of::<uapi::dm_ioctl>() as u32;
968 for (_, device) in self.registry.devices.lock().iter() {
969 let state = device.state.lock();
970 let dm_name_list = UserRef::<uapi::dm_name_list>::new(name_list_addr);
971 let name = state.name.iter().map(|v| *v as u8).collect::<Vec<u8>>();
972 let name_c_str = std::ffi::CStr::from_bytes_until_nul(name.as_slice())
973 .map_err(|_| errno!(EINVAL))?;
974 let mut name_vec_with_nul = name_c_str.to_bytes_with_nul().to_vec();
975 let mut size = (std::mem::size_of::<uapi::dm_name_list>() - 4
976 + name_vec_with_nul.len()) as u32;
977 let mut padding = 0;
978 if size % 8 != 0 {
979 padding = 8 - (size % 8);
980 size += padding;
981 };
982 size += 8;
984 let name_list = uapi::dm_name_list {
985 dev: device.number.bits(),
986 next: size,
987 ..Default::default()
988 };
989 if total_size + size > info.data_size {
990 let i = uapi::dm_ioctl {
991 data_size: DATA_SIZE,
992 data_start: std::mem::size_of::<uapi::dm_ioctl>() as u32,
993 flags: DeviceMapperFlags::BUFFER_FULL.bits(),
994 ..Default::default()
995 };
996 log_trace!("DM_LIST_DEVICES returned dm_ioctl: {:?}", i);
997 current_task.write_object(user_info, &i)?;
998 return Ok(SUCCESS);
999 }
1000 total_size += size;
1001 let mut name_addr = dm_name_list.next()?.addr();
1002 name_addr = name_addr.sub(4 as usize)?;
1003 current_task.write_object(dm_name_list, &name_list)?;
1004 name_vec_with_nul.extend(vec![0; padding as usize + 8]);
1005 current_task.write_memory(name_addr, name_vec_with_nul.as_slice())?;
1006 name_list_addr =
1007 name_list_addr.checked_add(size as usize).ok_or_else(|| errno!(EINVAL))?;
1008 }
1009 let i = uapi::dm_ioctl {
1010 data_size: total_size,
1011 data_start: std::mem::size_of::<uapi::dm_ioctl>() as u32,
1012 ..Default::default()
1013 };
1014 log_trace!("DM_LIST_DEVICE returned dm_ioctl: {:?}", i);
1015 current_task.write_object(user_info, &i)?;
1016 Ok(SUCCESS)
1017 }
1018 DM_LIST_VERSIONS => {
1019 let version_list_addr = user_info.next()?.addr();
1020 let dm_versions_list = UserRef::<uapi::dm_target_versions>::new(version_list_addr);
1021 let name_c_str =
1022 std::ffi::CString::new(String::from("verity")).map_err(|_| errno!(EINVAL))?;
1023 let mut name_vec_with_nul = name_c_str.as_bytes_with_nul().to_vec();
1024 let mut size = (std::mem::size_of::<uapi::dm_target_versions>()
1025 + name_vec_with_nul.len()) as u32;
1026 let mut padding = 0;
1027 if size % 8 != 0 {
1028 padding = 8 - (size % 8);
1029 size += padding;
1030 };
1031 name_vec_with_nul.extend(vec![0; padding as usize]);
1032 if std::mem::size_of::<uapi::dm_ioctl>() as u32 + size > info.data_size {
1033 let i = uapi::dm_ioctl {
1034 data_size: DATA_SIZE,
1035 data_start: 0,
1036 flags: DeviceMapperFlags::BUFFER_FULL.bits(),
1037 ..Default::default()
1038 };
1039 log_trace!("DM_LIST_VERSIONS returned dm_ioctl: {:?}", i);
1040 current_task.write_object(user_info, &i)?;
1041 return Ok(SUCCESS);
1042 }
1043 let target_versions = uapi::dm_target_versions {
1044 next: size,
1045 version: [
1046 DM_VERITY_VERSION_MAJOR,
1047 DM_VERITY_VERSION_MINOR,
1048 DM_VERITY_VERSION_PATCHLEVEL,
1049 ],
1050 ..Default::default()
1051 };
1052 let name_addr = dm_versions_list.next()?.addr();
1053 current_task.write_object(dm_versions_list, &target_versions)?;
1054 current_task.write_memory(name_addr, name_vec_with_nul.as_slice())?;
1055
1056 let i = uapi::dm_ioctl {
1057 data_size: std::mem::size_of::<uapi::dm_ioctl>() as u32 + size,
1058 data_start: std::mem::size_of::<uapi::dm_ioctl>() as u32,
1059 ..Default::default()
1060 };
1061 log_trace!("DM_LIST_VERSIONS returned dm_ioctl: {:?}", i);
1062 current_task.write_object(user_info, &i)?;
1063 Ok(SUCCESS)
1064 }
1065 DM_TABLE_STATUS => {
1066 let dm_device = self.registry.get(&info)?;
1067 let state = dm_device.state.lock();
1068 let mut total_data_size = 0;
1069 let mut data_padding = 0;
1070 let mut target_spec_addr = user_info.next()?.addr();
1071 let mut out_flags = DeviceMapperFlags::empty();
1072 let space_for_data = info.data_size as usize
1073 - std::cmp::min(info.data_size as usize, std::mem::size_of::<uapi::dm_ioctl>());
1074 if let Some(active_table) = &state.active_table {
1075 for target in &active_table.targets {
1076 let target_spec_info =
1077 UserRef::<uapi::dm_target_spec>::new(target_spec_addr);
1078 let mut data_size = std::mem::size_of::<uapi::dm_target_spec>();
1079 if total_data_size + data_size - data_padding >= space_for_data {
1080 out_flags |= DeviceMapperFlags::BUFFER_FULL;
1081 break;
1082 }
1083 let data_addr = target_spec_info.next()?.addr();
1084 if flags.contains(DeviceMapperFlags::STATUS_TABLE) {
1085 match &target.target_type {
1086 TargetType::Verity(args) => {
1087 let param_str = std::ffi::CString::new(args.parameter_string())
1088 .map_err(|_| errno!(EINVAL))?;
1089 let mut args_bytes = param_str.into_bytes_with_nul();
1090 if args_bytes.len() % 8 != 0 {
1091 data_padding = 8 - args_bytes.len() % 8;
1092 args_bytes.extend(vec![0 as u8; data_padding]);
1093 }
1094 data_size += args_bytes.len();
1095 if total_data_size + data_size - data_padding >= space_for_data
1096 {
1097 out_flags |= DeviceMapperFlags::BUFFER_FULL;
1098 break;
1099 }
1100 current_task.write_memory(data_addr, args_bytes.as_slice())?;
1101 }
1102 }
1103 } else if flags.contains(DeviceMapperFlags::IMA_MEASUREMENT) {
1104 return error!(ENOTSUP);
1106 } else {
1107 match &target.target_type {
1108 TargetType::Verity(args) => {
1109 let status = if args.corrupted { "C" } else { "V" };
1110 let status_c_str = std::ffi::CString::new(String::from(status))
1111 .map_err(|_| errno!(EINVAL))?;
1112 let mut status_bytes = status_c_str.into_bytes_with_nul();
1113 if status_bytes.len() % 8 != 0 {
1114 data_padding = 8 - status_bytes.len() % 8;
1115 status_bytes.extend(vec![0 as u8; data_padding]);
1116 }
1117 data_size += status_bytes.len();
1118 if total_data_size + data_size - data_padding >= space_for_data
1119 {
1120 out_flags |= DeviceMapperFlags::BUFFER_FULL;
1121 break;
1122 }
1123 current_task
1124 .write_memory(data_addr, status_bytes.as_slice())?;
1125 }
1126 }
1127 }
1128 total_data_size += data_size;
1129 let target_spec = uapi::dm_target_spec {
1130 sector_start: target.sector_start,
1131 length: target.length,
1132 status: target.status,
1133 target_type: target.name,
1134 next: total_data_size as u32,
1135 };
1136 current_task.write_object(target_spec_info, &target_spec)?;
1137 target_spec_addr = target_spec_addr
1138 .checked_add(data_size)
1139 .ok_or_else(|| errno!(EINVAL))?;
1140 }
1141 } else {
1142 let i = uapi::dm_ioctl {
1143 name: state.name,
1144 version: state.version,
1145 uuid: state.uuid,
1146 dev: dm_device.number.bits(),
1147 data_size: DATA_SIZE,
1148 data_start: std::mem::size_of::<uapi::dm_ioctl>() as u32,
1149 flags: state.get_flags().bits(),
1150 ..Default::default()
1151 };
1152 log_trace!("DM_TABLE_STATUS returned dm_ioctl: {:?}", i);
1153 current_task.write_object(user_info, &i)?;
1154 return Ok(SUCCESS);
1155 }
1156 let total_size = if out_flags.contains(DeviceMapperFlags::BUFFER_FULL) {
1159 DATA_SIZE
1160 } else {
1161 (total_data_size + std::mem::size_of::<uapi::dm_ioctl>() - data_padding) as u32
1162 };
1163 out_flags |= state.get_flags();
1164
1165 let i = uapi::dm_ioctl {
1166 name: state.name,
1167 version: state.version,
1168 uuid: state.uuid,
1169 dev: dm_device.number.bits(),
1170 data_size: total_size,
1171 data_start: std::mem::size_of::<uapi::dm_ioctl>() as u32,
1172 flags: out_flags.bits(),
1173 ..Default::default()
1174 };
1175 log_trace!("DM_TABLE_STATUS returned dm_ioctl: {:?}", i);
1176 current_task.write_object(user_info, &i)?;
1177 Ok(SUCCESS)
1178 }
1179 DM_VERSION
1181 | DM_DEV_RENAME
1182 | DM_DEV_WAIT
1183 | DM_TABLE_CLEAR
1184 | DM_TABLE_DEPS
1185 | DM_REMOVE_ALL
1186 | DM_TARGET_MSG
1187 | DM_DEV_SET_GEOMETRY
1188 | DM_DEV_ARM_POLL
1189 | DM_GET_TARGET_VERSION => return error!(ENOTSUP),
1190 _ => default_ioctl(file, locked, current_task, request, arg),
1191 }
1192 }
1193}
1194
1195pub fn create_device_mapper(
1196 _locked: &mut Locked<FileOpsCore>,
1197 current_task: &CurrentTask,
1198 _id: DeviceId,
1199 _node: &NamespaceNode,
1200 _flags: OpenFlags,
1201) -> Result<Box<dyn FileOps>, Errno> {
1202 Ok(Box::new(DeviceMapper::new(current_task.kernel().expando.get::<DeviceMapperRegistry>())))
1203}
1204
1205fn get_or_create_dm_device(
1206 locked: &mut Locked<FileOpsCore>,
1207 current_task: &CurrentTask,
1208 id: DeviceId,
1209 _node: &NamespaceNode,
1210 _flags: OpenFlags,
1211) -> Result<Box<dyn FileOps>, Errno> {
1212 Ok(current_task
1213 .kernel()
1214 .expando
1215 .get::<DeviceMapperRegistry>()
1216 .get_or_create_by_minor(locked, current_task, id.minor())?
1217 .create_file_ops())
1218}