1 /*
2 * Copyright (c) International Business Machines Corp., 2006
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
12 * the GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17 *
18 * Author: Artem Bityutskiy (Битюцкий Артём)
19 */
20
21 /*
22 * This file includes implementation of UBI character device operations.
23 *
24 * There are two kinds of character devices in UBI: UBI character devices and
25 * UBI volume character devices. UBI character devices allow users to
26 * manipulate whole volumes: create, remove, and re-size them. Volume character
27 * devices provide volume I/O capabilities.
28 *
29 * Major and minor numbers are assigned dynamically to both UBI and volume
30 * character devices.
31 *
32 * Well, there is the third kind of character devices - the UBI control
33 * character device, which allows to manipulate by UBI devices - create and
34 * delete them. In other words, it is used for attaching and detaching MTD
35 * devices.
36 */
37
38 #include <linux/module.h>
39 #include <linux/stat.h>
40 #include <linux/slab.h>
41 #include <linux/ioctl.h>
42 #include <linux/capability.h>
43 #include <linux/uaccess.h>
44 #include <linux/compat.h>
45 #include <linux/math64.h>
46 #include <mtd/ubi-user.h>
47 #include "ubi.h"
48
49 /**
50 * get_exclusive - get exclusive access to an UBI volume.
51 * @desc: volume descriptor
52 *
53 * This function changes UBI volume open mode to "exclusive". Returns previous
54 * mode value (positive integer) in case of success and a negative error code
55 * in case of failure.
56 */
get_exclusive(struct ubi_volume_desc * desc)57 static int get_exclusive(struct ubi_volume_desc *desc)
58 {
59 int users, err;
60 struct ubi_volume *vol = desc->vol;
61
62 spin_lock(&vol->ubi->volumes_lock);
63 users = vol->readers + vol->writers + vol->exclusive;
64 ubi_assert(users > 0);
65 if (users > 1) {
66 dbg_err("%d users for volume %d", users, vol->vol_id);
67 err = -EBUSY;
68 } else {
69 vol->readers = vol->writers = 0;
70 vol->exclusive = 1;
71 err = desc->mode;
72 desc->mode = UBI_EXCLUSIVE;
73 }
74 spin_unlock(&vol->ubi->volumes_lock);
75
76 return err;
77 }
78
79 /**
80 * revoke_exclusive - revoke exclusive mode.
81 * @desc: volume descriptor
82 * @mode: new mode to switch to
83 */
revoke_exclusive(struct ubi_volume_desc * desc,int mode)84 static void revoke_exclusive(struct ubi_volume_desc *desc, int mode)
85 {
86 struct ubi_volume *vol = desc->vol;
87
88 spin_lock(&vol->ubi->volumes_lock);
89 ubi_assert(vol->readers == 0 && vol->writers == 0);
90 ubi_assert(vol->exclusive == 1 && desc->mode == UBI_EXCLUSIVE);
91 vol->exclusive = 0;
92 if (mode == UBI_READONLY)
93 vol->readers = 1;
94 else if (mode == UBI_READWRITE)
95 vol->writers = 1;
96 else
97 vol->exclusive = 1;
98 spin_unlock(&vol->ubi->volumes_lock);
99
100 desc->mode = mode;
101 }
102
vol_cdev_open(struct inode * inode,struct file * file)103 static int vol_cdev_open(struct inode *inode, struct file *file)
104 {
105 struct ubi_volume_desc *desc;
106 int vol_id = iminor(inode) - 1, mode, ubi_num;
107
108 ubi_num = ubi_major2num(imajor(inode));
109 if (ubi_num < 0)
110 return ubi_num;
111
112 if (file->f_mode & FMODE_WRITE)
113 mode = UBI_READWRITE;
114 else
115 mode = UBI_READONLY;
116
117 dbg_gen("open device %d, volume %d, mode %d",
118 ubi_num, vol_id, mode);
119
120 desc = ubi_open_volume(ubi_num, vol_id, mode);
121 if (IS_ERR(desc))
122 return PTR_ERR(desc);
123
124 file->private_data = desc;
125 return 0;
126 }
127
vol_cdev_release(struct inode * inode,struct file * file)128 static int vol_cdev_release(struct inode *inode, struct file *file)
129 {
130 struct ubi_volume_desc *desc = file->private_data;
131 struct ubi_volume *vol = desc->vol;
132
133 dbg_gen("release device %d, volume %d, mode %d",
134 vol->ubi->ubi_num, vol->vol_id, desc->mode);
135
136 if (vol->updating) {
137 ubi_warn("update of volume %d not finished, volume is damaged",
138 vol->vol_id);
139 ubi_assert(!vol->changing_leb);
140 vol->updating = 0;
141 vfree(vol->upd_buf);
142 } else if (vol->changing_leb) {
143 dbg_gen("only %lld of %lld bytes received for atomic LEB change"
144 " for volume %d:%d, cancel", vol->upd_received,
145 vol->upd_bytes, vol->ubi->ubi_num, vol->vol_id);
146 vol->changing_leb = 0;
147 vfree(vol->upd_buf);
148 }
149
150 ubi_close_volume(desc);
151 return 0;
152 }
153
vol_cdev_llseek(struct file * file,loff_t offset,int origin)154 static loff_t vol_cdev_llseek(struct file *file, loff_t offset, int origin)
155 {
156 struct ubi_volume_desc *desc = file->private_data;
157 struct ubi_volume *vol = desc->vol;
158 loff_t new_offset;
159
160 if (vol->updating) {
161 /* Update is in progress, seeking is prohibited */
162 dbg_err("updating");
163 return -EBUSY;
164 }
165
166 switch (origin) {
167 case 0: /* SEEK_SET */
168 new_offset = offset;
169 break;
170 case 1: /* SEEK_CUR */
171 new_offset = file->f_pos + offset;
172 break;
173 case 2: /* SEEK_END */
174 new_offset = vol->used_bytes + offset;
175 break;
176 default:
177 return -EINVAL;
178 }
179
180 if (new_offset < 0 || new_offset > vol->used_bytes) {
181 dbg_err("bad seek %lld", new_offset);
182 return -EINVAL;
183 }
184
185 dbg_gen("seek volume %d, offset %lld, origin %d, new offset %lld",
186 vol->vol_id, offset, origin, new_offset);
187
188 file->f_pos = new_offset;
189 return new_offset;
190 }
191
vol_cdev_fsync(struct file * file,loff_t start,loff_t end,int datasync)192 static int vol_cdev_fsync(struct file *file, loff_t start, loff_t end, int datasync)
193 {
194 struct ubi_volume_desc *desc = file->private_data;
195 struct ubi_device *ubi = desc->vol->ubi;
196 struct inode *inode = file->f_path.dentry->d_inode;
197 int err;
198 mutex_lock(&inode->i_mutex);
199 err = ubi_sync(ubi->ubi_num);
200 mutex_unlock(&inode->i_mutex);
201 return err;
202 }
203
204
vol_cdev_read(struct file * file,__user char * buf,size_t count,loff_t * offp)205 static ssize_t vol_cdev_read(struct file *file, __user char *buf, size_t count,
206 loff_t *offp)
207 {
208 struct ubi_volume_desc *desc = file->private_data;
209 struct ubi_volume *vol = desc->vol;
210 struct ubi_device *ubi = vol->ubi;
211 int err, lnum, off, len, tbuf_size;
212 size_t count_save = count;
213 void *tbuf;
214
215 dbg_gen("read %zd bytes from offset %lld of volume %d",
216 count, *offp, vol->vol_id);
217
218 if (vol->updating) {
219 dbg_err("updating");
220 return -EBUSY;
221 }
222 if (vol->upd_marker) {
223 dbg_err("damaged volume, update marker is set");
224 return -EBADF;
225 }
226 if (*offp == vol->used_bytes || count == 0)
227 return 0;
228
229 if (vol->corrupted)
230 dbg_gen("read from corrupted volume %d", vol->vol_id);
231
232 if (*offp + count > vol->used_bytes)
233 count_save = count = vol->used_bytes - *offp;
234
235 tbuf_size = vol->usable_leb_size;
236 if (count < tbuf_size)
237 tbuf_size = ALIGN(count, ubi->min_io_size);
238 tbuf = vmalloc(tbuf_size);
239 if (!tbuf)
240 return -ENOMEM;
241
242 len = count > tbuf_size ? tbuf_size : count;
243 lnum = div_u64_rem(*offp, vol->usable_leb_size, &off);
244
245 do {
246 cond_resched();
247
248 if (off + len >= vol->usable_leb_size)
249 len = vol->usable_leb_size - off;
250
251 err = ubi_eba_read_leb(ubi, vol, lnum, tbuf, off, len, 0);
252 if (err)
253 break;
254
255 off += len;
256 if (off == vol->usable_leb_size) {
257 lnum += 1;
258 off -= vol->usable_leb_size;
259 }
260
261 count -= len;
262 *offp += len;
263
264 err = copy_to_user(buf, tbuf, len);
265 if (err) {
266 err = -EFAULT;
267 break;
268 }
269
270 buf += len;
271 len = count > tbuf_size ? tbuf_size : count;
272 } while (count);
273
274 vfree(tbuf);
275 return err ? err : count_save - count;
276 }
277
278 /*
279 * This function allows to directly write to dynamic UBI volumes, without
280 * issuing the volume update operation.
281 */
vol_cdev_direct_write(struct file * file,const char __user * buf,size_t count,loff_t * offp)282 static ssize_t vol_cdev_direct_write(struct file *file, const char __user *buf,
283 size_t count, loff_t *offp)
284 {
285 struct ubi_volume_desc *desc = file->private_data;
286 struct ubi_volume *vol = desc->vol;
287 struct ubi_device *ubi = vol->ubi;
288 int lnum, off, len, tbuf_size, err = 0;
289 size_t count_save = count;
290 char *tbuf;
291
292 if (!vol->direct_writes)
293 return -EPERM;
294
295 dbg_gen("requested: write %zd bytes to offset %lld of volume %u",
296 count, *offp, vol->vol_id);
297
298 if (vol->vol_type == UBI_STATIC_VOLUME)
299 return -EROFS;
300
301 lnum = div_u64_rem(*offp, vol->usable_leb_size, &off);
302 if (off & (ubi->min_io_size - 1)) {
303 dbg_err("unaligned position");
304 return -EINVAL;
305 }
306
307 if (*offp + count > vol->used_bytes)
308 count_save = count = vol->used_bytes - *offp;
309
310 /* We can write only in fractions of the minimum I/O unit */
311 if (count & (ubi->min_io_size - 1)) {
312 dbg_err("unaligned write length");
313 return -EINVAL;
314 }
315
316 tbuf_size = vol->usable_leb_size;
317 if (count < tbuf_size)
318 tbuf_size = ALIGN(count, ubi->min_io_size);
319 tbuf = vmalloc(tbuf_size);
320 if (!tbuf)
321 return -ENOMEM;
322
323 len = count > tbuf_size ? tbuf_size : count;
324
325 while (count) {
326 cond_resched();
327
328 if (off + len >= vol->usable_leb_size)
329 len = vol->usable_leb_size - off;
330
331 err = copy_from_user(tbuf, buf, len);
332 if (err) {
333 err = -EFAULT;
334 break;
335 }
336
337 err = ubi_eba_write_leb(ubi, vol, lnum, tbuf, off, len,
338 UBI_UNKNOWN);
339 if (err)
340 break;
341
342 off += len;
343 if (off == vol->usable_leb_size) {
344 lnum += 1;
345 off -= vol->usable_leb_size;
346 }
347
348 count -= len;
349 *offp += len;
350 buf += len;
351 len = count > tbuf_size ? tbuf_size : count;
352 }
353
354 vfree(tbuf);
355 return err ? err : count_save - count;
356 }
357
vol_cdev_write(struct file * file,const char __user * buf,size_t count,loff_t * offp)358 static ssize_t vol_cdev_write(struct file *file, const char __user *buf,
359 size_t count, loff_t *offp)
360 {
361 int err = 0;
362 struct ubi_volume_desc *desc = file->private_data;
363 struct ubi_volume *vol = desc->vol;
364 struct ubi_device *ubi = vol->ubi;
365
366 if (!vol->updating && !vol->changing_leb)
367 return vol_cdev_direct_write(file, buf, count, offp);
368
369 if (vol->updating)
370 err = ubi_more_update_data(ubi, vol, buf, count);
371 else
372 err = ubi_more_leb_change_data(ubi, vol, buf, count);
373
374 if (err < 0) {
375 ubi_err("cannot accept more %zd bytes of data, error %d",
376 count, err);
377 return err;
378 }
379
380 if (err) {
381 /*
382 * The operation is finished, @err contains number of actually
383 * written bytes.
384 */
385 count = err;
386
387 if (vol->changing_leb) {
388 revoke_exclusive(desc, UBI_READWRITE);
389 return count;
390 }
391
392 err = ubi_check_volume(ubi, vol->vol_id);
393 if (err < 0)
394 return err;
395
396 if (err) {
397 ubi_warn("volume %d on UBI device %d is corrupted",
398 vol->vol_id, ubi->ubi_num);
399 vol->corrupted = 1;
400 }
401 vol->checked = 1;
402 ubi_volume_notify(ubi, vol, UBI_VOLUME_UPDATED);
403 revoke_exclusive(desc, UBI_READWRITE);
404 }
405
406 return count;
407 }
408
vol_cdev_ioctl(struct file * file,unsigned int cmd,unsigned long arg)409 static long vol_cdev_ioctl(struct file *file, unsigned int cmd,
410 unsigned long arg)
411 {
412 int err = 0;
413 struct ubi_volume_desc *desc = file->private_data;
414 struct ubi_volume *vol = desc->vol;
415 struct ubi_device *ubi = vol->ubi;
416 void __user *argp = (void __user *)arg;
417
418 switch (cmd) {
419 /* Volume update command */
420 case UBI_IOCVOLUP:
421 {
422 int64_t bytes, rsvd_bytes;
423
424 if (!capable(CAP_SYS_RESOURCE)) {
425 err = -EPERM;
426 break;
427 }
428
429 err = copy_from_user(&bytes, argp, sizeof(int64_t));
430 if (err) {
431 err = -EFAULT;
432 break;
433 }
434
435 if (desc->mode == UBI_READONLY) {
436 err = -EROFS;
437 break;
438 }
439
440 rsvd_bytes = (long long)vol->reserved_pebs *
441 ubi->leb_size-vol->data_pad;
442 if (bytes < 0 || bytes > rsvd_bytes) {
443 err = -EINVAL;
444 break;
445 }
446
447 err = get_exclusive(desc);
448 if (err < 0)
449 break;
450
451 err = ubi_start_update(ubi, vol, bytes);
452 if (bytes == 0)
453 revoke_exclusive(desc, UBI_READWRITE);
454 break;
455 }
456
457 /* Atomic logical eraseblock change command */
458 case UBI_IOCEBCH:
459 {
460 struct ubi_leb_change_req req;
461
462 err = copy_from_user(&req, argp,
463 sizeof(struct ubi_leb_change_req));
464 if (err) {
465 err = -EFAULT;
466 break;
467 }
468
469 if (desc->mode == UBI_READONLY ||
470 vol->vol_type == UBI_STATIC_VOLUME) {
471 err = -EROFS;
472 break;
473 }
474
475 /* Validate the request */
476 err = -EINVAL;
477 if (req.lnum < 0 || req.lnum >= vol->reserved_pebs ||
478 req.bytes < 0 || req.lnum >= vol->usable_leb_size)
479 break;
480 if (req.dtype != UBI_LONGTERM && req.dtype != UBI_SHORTTERM &&
481 req.dtype != UBI_UNKNOWN)
482 break;
483
484 err = get_exclusive(desc);
485 if (err < 0)
486 break;
487
488 err = ubi_start_leb_change(ubi, vol, &req);
489 if (req.bytes == 0)
490 revoke_exclusive(desc, UBI_READWRITE);
491 break;
492 }
493
494 /* Logical eraseblock erasure command */
495 case UBI_IOCEBER:
496 {
497 int32_t lnum;
498
499 err = get_user(lnum, (__user int32_t *)argp);
500 if (err) {
501 err = -EFAULT;
502 break;
503 }
504
505 if (desc->mode == UBI_READONLY ||
506 vol->vol_type == UBI_STATIC_VOLUME) {
507 err = -EROFS;
508 break;
509 }
510
511 if (lnum < 0 || lnum >= vol->reserved_pebs) {
512 err = -EINVAL;
513 break;
514 }
515
516 dbg_gen("erase LEB %d:%d", vol->vol_id, lnum);
517 err = ubi_eba_unmap_leb(ubi, vol, lnum);
518 if (err)
519 break;
520
521 err = ubi_wl_flush(ubi);
522 break;
523 }
524
525 /* Logical eraseblock map command */
526 case UBI_IOCEBMAP:
527 {
528 struct ubi_map_req req;
529
530 err = copy_from_user(&req, argp, sizeof(struct ubi_map_req));
531 if (err) {
532 err = -EFAULT;
533 break;
534 }
535 err = ubi_leb_map(desc, req.lnum, req.dtype);
536 break;
537 }
538
539 /* Logical eraseblock un-map command */
540 case UBI_IOCEBUNMAP:
541 {
542 int32_t lnum;
543
544 err = get_user(lnum, (__user int32_t *)argp);
545 if (err) {
546 err = -EFAULT;
547 break;
548 }
549 err = ubi_leb_unmap(desc, lnum);
550 break;
551 }
552
553 /* Check if logical eraseblock is mapped command */
554 case UBI_IOCEBISMAP:
555 {
556 int32_t lnum;
557
558 err = get_user(lnum, (__user int32_t *)argp);
559 if (err) {
560 err = -EFAULT;
561 break;
562 }
563 err = ubi_is_mapped(desc, lnum);
564 break;
565 }
566
567 /* Set volume property command */
568 case UBI_IOCSETVOLPROP:
569 {
570 struct ubi_set_vol_prop_req req;
571
572 err = copy_from_user(&req, argp,
573 sizeof(struct ubi_set_vol_prop_req));
574 if (err) {
575 err = -EFAULT;
576 break;
577 }
578 switch (req.property) {
579 case UBI_VOL_PROP_DIRECT_WRITE:
580 mutex_lock(&ubi->device_mutex);
581 desc->vol->direct_writes = !!req.value;
582 mutex_unlock(&ubi->device_mutex);
583 break;
584 default:
585 err = -EINVAL;
586 break;
587 }
588 break;
589 }
590
591 default:
592 err = -ENOTTY;
593 break;
594 }
595 return err;
596 }
597
598 /**
599 * verify_mkvol_req - verify volume creation request.
600 * @ubi: UBI device description object
601 * @req: the request to check
602 *
603 * This function zero if the request is correct, and %-EINVAL if not.
604 */
verify_mkvol_req(const struct ubi_device * ubi,const struct ubi_mkvol_req * req)605 static int verify_mkvol_req(const struct ubi_device *ubi,
606 const struct ubi_mkvol_req *req)
607 {
608 int n, err = -EINVAL;
609
610 if (req->bytes < 0 || req->alignment < 0 || req->vol_type < 0 ||
611 req->name_len < 0)
612 goto bad;
613
614 if ((req->vol_id < 0 || req->vol_id >= ubi->vtbl_slots) &&
615 req->vol_id != UBI_VOL_NUM_AUTO)
616 goto bad;
617
618 if (req->alignment == 0)
619 goto bad;
620
621 if (req->bytes == 0)
622 goto bad;
623
624 if (req->vol_type != UBI_DYNAMIC_VOLUME &&
625 req->vol_type != UBI_STATIC_VOLUME)
626 goto bad;
627
628 if (req->alignment > ubi->leb_size)
629 goto bad;
630
631 n = req->alignment & (ubi->min_io_size - 1);
632 if (req->alignment != 1 && n)
633 goto bad;
634
635 if (!req->name[0] || !req->name_len)
636 goto bad;
637
638 if (req->name_len > UBI_VOL_NAME_MAX) {
639 err = -ENAMETOOLONG;
640 goto bad;
641 }
642
643 n = strnlen(req->name, req->name_len + 1);
644 if (n != req->name_len)
645 goto bad;
646
647 return 0;
648
649 bad:
650 dbg_err("bad volume creation request");
651 ubi_dbg_dump_mkvol_req(req);
652 return err;
653 }
654
655 /**
656 * verify_rsvol_req - verify volume re-size request.
657 * @ubi: UBI device description object
658 * @req: the request to check
659 *
660 * This function returns zero if the request is correct, and %-EINVAL if not.
661 */
verify_rsvol_req(const struct ubi_device * ubi,const struct ubi_rsvol_req * req)662 static int verify_rsvol_req(const struct ubi_device *ubi,
663 const struct ubi_rsvol_req *req)
664 {
665 if (req->bytes <= 0)
666 return -EINVAL;
667
668 if (req->vol_id < 0 || req->vol_id >= ubi->vtbl_slots)
669 return -EINVAL;
670
671 return 0;
672 }
673
674 /**
675 * rename_volumes - rename UBI volumes.
676 * @ubi: UBI device description object
677 * @req: volumes re-name request
678 *
679 * This is a helper function for the volume re-name IOCTL which validates the
680 * the request, opens the volume and calls corresponding volumes management
681 * function. Returns zero in case of success and a negative error code in case
682 * of failure.
683 */
rename_volumes(struct ubi_device * ubi,struct ubi_rnvol_req * req)684 static int rename_volumes(struct ubi_device *ubi,
685 struct ubi_rnvol_req *req)
686 {
687 int i, n, err;
688 struct list_head rename_list;
689 struct ubi_rename_entry *re, *re1;
690
691 if (req->count < 0 || req->count > UBI_MAX_RNVOL)
692 return -EINVAL;
693
694 if (req->count == 0)
695 return 0;
696
697 /* Validate volume IDs and names in the request */
698 for (i = 0; i < req->count; i++) {
699 if (req->ents[i].vol_id < 0 ||
700 req->ents[i].vol_id >= ubi->vtbl_slots)
701 return -EINVAL;
702 if (req->ents[i].name_len < 0)
703 return -EINVAL;
704 if (req->ents[i].name_len > UBI_VOL_NAME_MAX)
705 return -ENAMETOOLONG;
706 req->ents[i].name[req->ents[i].name_len] = '\0';
707 n = strlen(req->ents[i].name);
708 if (n != req->ents[i].name_len)
709 err = -EINVAL;
710 }
711
712 /* Make sure volume IDs and names are unique */
713 for (i = 0; i < req->count - 1; i++) {
714 for (n = i + 1; n < req->count; n++) {
715 if (req->ents[i].vol_id == req->ents[n].vol_id) {
716 dbg_err("duplicated volume id %d",
717 req->ents[i].vol_id);
718 return -EINVAL;
719 }
720 if (!strcmp(req->ents[i].name, req->ents[n].name)) {
721 dbg_err("duplicated volume name \"%s\"",
722 req->ents[i].name);
723 return -EINVAL;
724 }
725 }
726 }
727
728 /* Create the re-name list */
729 INIT_LIST_HEAD(&rename_list);
730 for (i = 0; i < req->count; i++) {
731 int vol_id = req->ents[i].vol_id;
732 int name_len = req->ents[i].name_len;
733 const char *name = req->ents[i].name;
734
735 re = kzalloc(sizeof(struct ubi_rename_entry), GFP_KERNEL);
736 if (!re) {
737 err = -ENOMEM;
738 goto out_free;
739 }
740
741 re->desc = ubi_open_volume(ubi->ubi_num, vol_id, UBI_EXCLUSIVE);
742 if (IS_ERR(re->desc)) {
743 err = PTR_ERR(re->desc);
744 dbg_err("cannot open volume %d, error %d", vol_id, err);
745 kfree(re);
746 goto out_free;
747 }
748
749 /* Skip this re-naming if the name does not really change */
750 if (re->desc->vol->name_len == name_len &&
751 !memcmp(re->desc->vol->name, name, name_len)) {
752 ubi_close_volume(re->desc);
753 kfree(re);
754 continue;
755 }
756
757 re->new_name_len = name_len;
758 memcpy(re->new_name, name, name_len);
759 list_add_tail(&re->list, &rename_list);
760 dbg_msg("will rename volume %d from \"%s\" to \"%s\"",
761 vol_id, re->desc->vol->name, name);
762 }
763
764 if (list_empty(&rename_list))
765 return 0;
766
767 /* Find out the volumes which have to be removed */
768 list_for_each_entry(re, &rename_list, list) {
769 struct ubi_volume_desc *desc;
770 int no_remove_needed = 0;
771
772 /*
773 * Volume @re->vol_id is going to be re-named to
774 * @re->new_name, while its current name is @name. If a volume
775 * with name @re->new_name currently exists, it has to be
776 * removed, unless it is also re-named in the request (@req).
777 */
778 list_for_each_entry(re1, &rename_list, list) {
779 if (re->new_name_len == re1->desc->vol->name_len &&
780 !memcmp(re->new_name, re1->desc->vol->name,
781 re1->desc->vol->name_len)) {
782 no_remove_needed = 1;
783 break;
784 }
785 }
786
787 if (no_remove_needed)
788 continue;
789
790 /*
791 * It seems we need to remove volume with name @re->new_name,
792 * if it exists.
793 */
794 desc = ubi_open_volume_nm(ubi->ubi_num, re->new_name,
795 UBI_EXCLUSIVE);
796 if (IS_ERR(desc)) {
797 err = PTR_ERR(desc);
798 if (err == -ENODEV)
799 /* Re-naming into a non-existing volume name */
800 continue;
801
802 /* The volume exists but busy, or an error occurred */
803 dbg_err("cannot open volume \"%s\", error %d",
804 re->new_name, err);
805 goto out_free;
806 }
807
808 re1 = kzalloc(sizeof(struct ubi_rename_entry), GFP_KERNEL);
809 if (!re1) {
810 err = -ENOMEM;
811 ubi_close_volume(desc);
812 goto out_free;
813 }
814
815 re1->remove = 1;
816 re1->desc = desc;
817 list_add(&re1->list, &rename_list);
818 dbg_msg("will remove volume %d, name \"%s\"",
819 re1->desc->vol->vol_id, re1->desc->vol->name);
820 }
821
822 mutex_lock(&ubi->device_mutex);
823 err = ubi_rename_volumes(ubi, &rename_list);
824 mutex_unlock(&ubi->device_mutex);
825
826 out_free:
827 list_for_each_entry_safe(re, re1, &rename_list, list) {
828 ubi_close_volume(re->desc);
829 list_del(&re->list);
830 kfree(re);
831 }
832 return err;
833 }
834
ubi_cdev_ioctl(struct file * file,unsigned int cmd,unsigned long arg)835 static long ubi_cdev_ioctl(struct file *file, unsigned int cmd,
836 unsigned long arg)
837 {
838 int err = 0;
839 struct ubi_device *ubi;
840 struct ubi_volume_desc *desc;
841 void __user *argp = (void __user *)arg;
842
843 if (!capable(CAP_SYS_RESOURCE))
844 return -EPERM;
845
846 ubi = ubi_get_by_major(imajor(file->f_mapping->host));
847 if (!ubi)
848 return -ENODEV;
849
850 switch (cmd) {
851 /* Create volume command */
852 case UBI_IOCMKVOL:
853 {
854 struct ubi_mkvol_req req;
855
856 dbg_gen("create volume");
857 err = copy_from_user(&req, argp, sizeof(struct ubi_mkvol_req));
858 if (err) {
859 err = -EFAULT;
860 break;
861 }
862
863 err = verify_mkvol_req(ubi, &req);
864 if (err)
865 break;
866
867 mutex_lock(&ubi->device_mutex);
868 err = ubi_create_volume(ubi, &req);
869 mutex_unlock(&ubi->device_mutex);
870 if (err)
871 break;
872
873 err = put_user(req.vol_id, (__user int32_t *)argp);
874 if (err)
875 err = -EFAULT;
876
877 break;
878 }
879
880 /* Remove volume command */
881 case UBI_IOCRMVOL:
882 {
883 int vol_id;
884
885 dbg_gen("remove volume");
886 err = get_user(vol_id, (__user int32_t *)argp);
887 if (err) {
888 err = -EFAULT;
889 break;
890 }
891
892 desc = ubi_open_volume(ubi->ubi_num, vol_id, UBI_EXCLUSIVE);
893 if (IS_ERR(desc)) {
894 err = PTR_ERR(desc);
895 break;
896 }
897
898 mutex_lock(&ubi->device_mutex);
899 err = ubi_remove_volume(desc, 0);
900 mutex_unlock(&ubi->device_mutex);
901
902 /*
903 * The volume is deleted (unless an error occurred), and the
904 * 'struct ubi_volume' object will be freed when
905 * 'ubi_close_volume()' will call 'put_device()'.
906 */
907 ubi_close_volume(desc);
908 break;
909 }
910
911 /* Re-size volume command */
912 case UBI_IOCRSVOL:
913 {
914 int pebs;
915 struct ubi_rsvol_req req;
916
917 dbg_gen("re-size volume");
918 err = copy_from_user(&req, argp, sizeof(struct ubi_rsvol_req));
919 if (err) {
920 err = -EFAULT;
921 break;
922 }
923
924 err = verify_rsvol_req(ubi, &req);
925 if (err)
926 break;
927
928 desc = ubi_open_volume(ubi->ubi_num, req.vol_id, UBI_EXCLUSIVE);
929 if (IS_ERR(desc)) {
930 err = PTR_ERR(desc);
931 break;
932 }
933
934 pebs = div_u64(req.bytes + desc->vol->usable_leb_size - 1,
935 desc->vol->usable_leb_size);
936
937 mutex_lock(&ubi->device_mutex);
938 err = ubi_resize_volume(desc, pebs);
939 mutex_unlock(&ubi->device_mutex);
940 ubi_close_volume(desc);
941 break;
942 }
943
944 /* Re-name volumes command */
945 case UBI_IOCRNVOL:
946 {
947 struct ubi_rnvol_req *req;
948
949 dbg_msg("re-name volumes");
950 req = kmalloc(sizeof(struct ubi_rnvol_req), GFP_KERNEL);
951 if (!req) {
952 err = -ENOMEM;
953 break;
954 };
955
956 err = copy_from_user(req, argp, sizeof(struct ubi_rnvol_req));
957 if (err) {
958 err = -EFAULT;
959 kfree(req);
960 break;
961 }
962
963 err = rename_volumes(ubi, req);
964 kfree(req);
965 break;
966 }
967
968 default:
969 err = -ENOTTY;
970 break;
971 }
972
973 ubi_put_device(ubi);
974 return err;
975 }
976
ctrl_cdev_ioctl(struct file * file,unsigned int cmd,unsigned long arg)977 static long ctrl_cdev_ioctl(struct file *file, unsigned int cmd,
978 unsigned long arg)
979 {
980 int err = 0;
981 void __user *argp = (void __user *)arg;
982
983 if (!capable(CAP_SYS_RESOURCE))
984 return -EPERM;
985
986 switch (cmd) {
987 /* Attach an MTD device command */
988 case UBI_IOCATT:
989 {
990 struct ubi_attach_req req;
991 struct mtd_info *mtd;
992
993 dbg_gen("attach MTD device");
994 err = copy_from_user(&req, argp, sizeof(struct ubi_attach_req));
995 if (err) {
996 err = -EFAULT;
997 break;
998 }
999
1000 if (req.mtd_num < 0 ||
1001 (req.ubi_num < 0 && req.ubi_num != UBI_DEV_NUM_AUTO)) {
1002 err = -EINVAL;
1003 break;
1004 }
1005
1006 mtd = get_mtd_device(NULL, req.mtd_num);
1007 if (IS_ERR(mtd)) {
1008 err = PTR_ERR(mtd);
1009 break;
1010 }
1011
1012 /*
1013 * Note, further request verification is done by
1014 * 'ubi_attach_mtd_dev()'.
1015 */
1016 mutex_lock(&ubi_devices_mutex);
1017 err = ubi_attach_mtd_dev(mtd, req.ubi_num, req.vid_hdr_offset);
1018 mutex_unlock(&ubi_devices_mutex);
1019 if (err < 0)
1020 put_mtd_device(mtd);
1021 else
1022 /* @err contains UBI device number */
1023 err = put_user(err, (__user int32_t *)argp);
1024
1025 break;
1026 }
1027
1028 /* Detach an MTD device command */
1029 case UBI_IOCDET:
1030 {
1031 int ubi_num;
1032
1033 dbg_gen("dettach MTD device");
1034 err = get_user(ubi_num, (__user int32_t *)argp);
1035 if (err) {
1036 err = -EFAULT;
1037 break;
1038 }
1039
1040 mutex_lock(&ubi_devices_mutex);
1041 err = ubi_detach_mtd_dev(ubi_num, 0);
1042 mutex_unlock(&ubi_devices_mutex);
1043 break;
1044 }
1045
1046 default:
1047 err = -ENOTTY;
1048 break;
1049 }
1050
1051 return err;
1052 }
1053
1054 #ifdef CONFIG_COMPAT
vol_cdev_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1055 static long vol_cdev_compat_ioctl(struct file *file, unsigned int cmd,
1056 unsigned long arg)
1057 {
1058 unsigned long translated_arg = (unsigned long)compat_ptr(arg);
1059
1060 return vol_cdev_ioctl(file, cmd, translated_arg);
1061 }
1062
ubi_cdev_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1063 static long ubi_cdev_compat_ioctl(struct file *file, unsigned int cmd,
1064 unsigned long arg)
1065 {
1066 unsigned long translated_arg = (unsigned long)compat_ptr(arg);
1067
1068 return ubi_cdev_ioctl(file, cmd, translated_arg);
1069 }
1070
ctrl_cdev_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1071 static long ctrl_cdev_compat_ioctl(struct file *file, unsigned int cmd,
1072 unsigned long arg)
1073 {
1074 unsigned long translated_arg = (unsigned long)compat_ptr(arg);
1075
1076 return ctrl_cdev_ioctl(file, cmd, translated_arg);
1077 }
1078 #else
1079 #define vol_cdev_compat_ioctl NULL
1080 #define ubi_cdev_compat_ioctl NULL
1081 #define ctrl_cdev_compat_ioctl NULL
1082 #endif
1083
1084 /* UBI volume character device operations */
1085 const struct file_operations ubi_vol_cdev_operations = {
1086 .owner = THIS_MODULE,
1087 .open = vol_cdev_open,
1088 .release = vol_cdev_release,
1089 .llseek = vol_cdev_llseek,
1090 .read = vol_cdev_read,
1091 .write = vol_cdev_write,
1092 .fsync = vol_cdev_fsync,
1093 .unlocked_ioctl = vol_cdev_ioctl,
1094 .compat_ioctl = vol_cdev_compat_ioctl,
1095 };
1096
1097 /* UBI character device operations */
1098 const struct file_operations ubi_cdev_operations = {
1099 .owner = THIS_MODULE,
1100 .llseek = no_llseek,
1101 .unlocked_ioctl = ubi_cdev_ioctl,
1102 .compat_ioctl = ubi_cdev_compat_ioctl,
1103 };
1104
1105 /* UBI control character device operations */
1106 const struct file_operations ubi_ctrl_cdev_operations = {
1107 .owner = THIS_MODULE,
1108 .unlocked_ioctl = ctrl_cdev_ioctl,
1109 .compat_ioctl = ctrl_cdev_compat_ioctl,
1110 .llseek = no_llseek,
1111 };
1112