lofi.c revision 6f02aa444eb77edda1b97ff8a1215c417932a62e
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* lofi (loopback file) driver - allows you to attach a file to a device,
* which can then be accessed through that device. The simple model is that
* you tell lofi to open a file, and then use the block device you get as
* you would any block device. lofi translates access to the block device
* into I/O on the underlying file. This is mostly useful for
* mounting images of filesystems.
*
* during attach, and is minor number 0. lofiadm communicates with lofi through
* ioctls on this device. When a file is attached to lofi, block and character
* are identified by their minor number, and the minor number is also used
* we'll have to divide the minor number space to identify fdisk partitions
* and slices, and the name will then be the minor number shifted down a
* few bits. Minor devices are tracked with state structures handled with
* ddi_soft_state(9F) for simplicity.
*
* A file attached to lofi is opened when attached and not closed until
* explicitly detached from lofi. This seems more sensible than deferring
* One is that any failure is likely to be noticed by the person (or script)
* running lofiadm. Another is that it would be a security problem if the
* file was replaced by another one after being added but before being opened.
*
* The only hard part about lofi is the ioctls. In order to support things
* like 'newfs' on a lofi device, it needs to support certain disk ioctls.
* So it has to fake disk geometry and partition information. More may need
* to be faked if your favorite utility doesn't work and you think it should
* (fdformat doesn't work because it really wants to know the type of floppy
* controller to talk to, and that didn't seem easy to fake. Or possibly even
* necessary, since we have mkfs_pcfs now).
*
* Normally, a lofi device cannot be detached if it is open (i.e. busy). To
* support simulation of hotplug events, an optional force flag is provided.
* If a lofi device is open when a force detach is requested, then the
* underlying file is closed and any subsequent operations return EIO. When the
* device is closed for the last time, it will be cleaned up at that time. In
* addition, the DKIOCSTATE ioctl will return DKIO_DEV_GONE when the device is
* detached but not removed.
*
* Known problems:
*
* UFS logging. Mounting a UFS filesystem image "logging"
* works for basic copy testing but wedges during a build of ON through
* that image. Some deadlock in lufs holding the log mutex and then
* getting stuck on a buf. So for now, don't do that.
*
* Direct I/O. Since the filesystem data is being cached in the buffer
* cache, _and_ again in the underlying filesystem, it's tempting to
* enable direct I/O on the underlying file. Don't, because that deadlocks.
* I think to fix the cache-twice problem we might need filesystem support.
*
* lofi on itself. The simple lock strategy (lofi_lock) precludes this
* because you'll be in lofi_ioctl, holding the lock when you open the
* file, which, if it's lofi, will grab lofi_lock. We prevent this for
* now, though not using ddi_soft_state(9F) would make it possible to
* do. Though it would still be silly.
*
* Interesting things to do:
*
* Allow multiple files for each device. A poor-man's metadisk, basically.
*
* Pass-through ioctls on block devices. You can (though it's not
* documented), give lofi a block device as a file name. Then we shouldn't
* need to fake a geometry. But this is also silly unless you're replacing
* metadisk.
*
* Encryption. tpm would like this. Apparently Windows 2000 has it, and
* so does Linux.
*/
#include <sys/sysmacros.h>
#include <sys/pathname.h>
#define NBLOCKS_PROP_NAME "Nblocks"
#define SIZE_PROP_NAME "Size"
static dev_info_t *lofi_dip;
static void *lofi_statep;
/*
* Because lofi_taskq_nthreads limits the actual swamping of the device, the
* maxalloc parameter (lofi_taskq_maxalloc) should be tuned conservatively
* high. If we want to be assured that the underlying device is always busy,
* we must be sure that the number of bytes enqueued when the number of
* enqueued tasks exceeds maxalloc is sufficient to keep the device busy for
* the duration of the sleep time in taskq_ent_alloc(). That is, lofi should
* set maxalloc to be the maximum throughput (in bytes per second) of the
* underlying device divided by the minimum I/O size. We assume a realistic
* maximum throughput of one hundred megabytes per second; we set maxalloc on
* the lofi task queue to be 104857600 divided by DEV_BSIZE.
*/
};
static int
lofi_busy(void)
{
/*
* We need to make sure no mappings exist - mod_remove won't
* help because the device isn't open.
*/
return (EBUSY);
}
}
return (0);
}
static int
{
}
static int
{
switch (otyp) {
case OTYP_CHR:
break;
case OTYP_BLK:
break;
case OTYP_LYR:
lsp->ls_lyr_open_count++;
break;
default:
return (-1);
}
return (0);
}
static void
{
switch (otyp) {
case OTYP_CHR:
lsp->ls_chr_open = 0;
break;
case OTYP_BLK:
lsp->ls_blk_open = 0;
break;
case OTYP_LYR:
lsp->ls_lyr_open_count--;
break;
default:
break;
}
}
static void
{
char namebuf[50];
}
}
if (lsp->ls_uncomp_seg_sz > 0) {
lsp->ls_uncomp_seg_sz = 0;
}
}
/*ARGSUSED*/
static int
{
struct lofi_state *lsp;
if (minor == 0) {
/* master control device */
/* must be opened exclusively */
return (EINVAL);
}
return (ENXIO);
}
return (EBUSY);
}
return (0);
}
/* otherwise, the mapping should already exist */
return (EINVAL);
}
return (ENXIO);
}
return (EINVAL);
}
return (0);
}
/*ARGSUSED*/
static int
{
struct lofi_state *lsp;
return (EINVAL);
}
/*
* If we forcibly closed the underlying device (li_force), or
* asked for cleanup (li_cleanup), finish up if we're the last
* out of the door.
*/
return (0);
}
static int
struct lofi_state *lsp)
{
int error;
int isread;
int smflags;
/*
* segmap always gives us an 8K (MAXBSIZE) chunk, aligned on
* an 8K boundary, but the buf transfer address may not be
* aligned on more than a 512-byte boundary (we don't enforce
* that even though we could). This matters since the initial
* part of the transfer may not start at offset 0 within the
* segmap'd chunk. So we have to compensate for that with
* 'mapoffset'. Subsequent chunks always start off at the
* beginning, and the last is capped by b_resid
*/
do {
/*
* Now fault in the pages. This lets us check
* for errors before we reference mapaddr and
* try to resolve the fault in bcopy (which would
* panic instead). And this can easily happen,
* particularly if you've lofi'd a file over NFS
* and someone deletes the file on the server.
*/
if (error) {
else
break;
}
smflags = 0;
if (isread) {
/*
* If we're reading an entire page starting
* at a page boundary, there's a good chance
* we won't need it again. Put it on the
* head of the freelist.
*/
smflags |= SM_DONTNEED;
} else {
}
/* only the first map may start partial */
mapoffset = 0;
return (error);
}
/*ARGSUSED*/
{
return (-1);
return (0);
}
/*
* This is basically what strategy used to be before we found we
* needed task queues.
*/
static void
lofi_strategy_task(void *arg)
{
int error;
struct lofi_state *lsp;
unsigned char *uncompressed_seg = NULL;
unsigned long seglen;
}
/*
* We used to always use vn_rdwr here, but we cannot do that because
* we might decide to read or write from the the underlying
* file during this call, which would be a deadlock because
* we have the rw_lock. So instead we page, unless it's not
* mapable or it's a character device.
*/
uint64_t i;
/*
* Handle uncompressed files with a regular read
*/
if (lsp->ls_uncomp_seg_sz == 0) {
goto done;
}
/*
* From here on we're dealing primarily with compressed files
*/
/*
* Compressed files can only be read from and
* not written to
*/
goto done;
}
/*
* Compute starting and ending compressed segment numbers
* We use only bitwise operations avoiding division and
* modulus because we enforce the compression segment size
* to a power of 2
*/
/*
* Align start offset to block boundary for segmap
*/
/*
* We're dealing with the last segment of
* the compressed file -- the size of this
* segment *may not* be the same as the
* segment size for the file
*/
} else {
}
/*
* Preserve original request paramaters
*/
/*
* Assign the calculated parameters
*/
/*
* Allocate fixed size memory blocks to hold compressed
* segments and one uncompressed segment since we
* uncompress segments one at a time
*/
/*
* Map in the calculated number of blocks
*/
if (error != 0)
goto done;
/*
* We have the compressed blocks, now uncompress them
*/
i++) {
/*
* Each of the segment index entries contains
* the starting block number for that segment.
* The number of compressed bytes in a segment
* is thus the difference between the starting
* block number of this segment and the starting
* block number of the next segment.
*/
if ((i == eblkno) &&
lsp->ls_comp_seg_index[i];
} else {
lsp->ls_comp_seg_index[i];
}
/*
* The first byte in a compressed segment is a flag
* that indicates whether this segment is compressed
* at all
*/
if (*cmpbuf == UNCOMPRESSED) {
} else {
goto done;
}
}
/*
* Determine how much uncompressed data we
* have to copy and copy it
*/
if (i == eblkno) {
- eblkoff);
else
xfersize -=
}
sblkoff = 0;
break;
}
} else {
else
}
done:
if (compressed_seg != NULL)
if (uncompressed_seg != NULL)
} else {
}
}
if (--lsp->ls_vp_iocount == 0)
}
static int
{
struct lofi_state *lsp;
/*
* We cannot just do I/O here, because the current thread
* _might_ end up back in here because the underlying filesystem
* wants a buffer, which eventually gets into bio_recycle and
* might call into lofi to write out a delayed-write buffer.
* This is bad if the filesystem above lofi is the same as below.
*
* We could come up with a complex strategy using threads to
* do the I/O asynchronously, or we could use task queues. task
* queues were incredibly easy so they win.
*/
return (0);
}
/* EOF */
} else {
/* writes should fail */
}
return (0);
}
return (0);
}
lsp->ls_vp_iocount++;
}
return (0);
}
/*ARGSUSED2*/
static int
{
return (EINVAL);
}
/*ARGSUSED2*/
static int
{
return (EINVAL);
}
/*ARGSUSED2*/
static int
{
return (EINVAL);
}
/*ARGSUSED2*/
static int
{
return (EINVAL);
}
/*ARGSUSED*/
static int
{
switch (infocmd) {
case DDI_INFO_DEVT2DEVINFO:
return (DDI_SUCCESS);
case DDI_INFO_DEVT2INSTANCE:
*result = 0;
return (DDI_SUCCESS);
}
return (DDI_FAILURE);
}
static int
{
int error;
if (cmd != DDI_ATTACH)
return (DDI_FAILURE);
if (error == DDI_FAILURE) {
return (DDI_FAILURE);
}
DDI_PSEUDO, NULL);
if (error == DDI_FAILURE) {
return (DDI_FAILURE);
}
/* driver handles kernel-issued IOCTLs */
return (DDI_FAILURE);
}
return (DDI_SUCCESS);
}
static int
{
if (cmd != DDI_DETACH)
return (DDI_FAILURE);
if (lofi_busy())
return (DDI_FAILURE);
return (DDI_SUCCESS);
}
/*
* the lofi_ioctl structure.
*/
struct lofi_ioctl *
{
struct lofi_ioctl *klip;
int error;
if (error) {
return (NULL);
}
/* make sure filename is always null-terminated */
/* validate minor number */
return (NULL);
}
return (klip);
}
int
int flag)
{
int error;
if (error)
return (EFAULT);
return (0);
}
void
{
}
/*
* Return the minor number 'filename' is mapped to, if it is.
*/
static int
file_to_minor(char *filename)
{
struct lofi_state *lsp;
continue;
return (minor);
}
return (0);
}
/*
* lofiadm does some validation, but since Joe Random (or crashme) could
* do our ioctls, we need to do some validation too.
*/
static int
valid_filename(const char *filename)
{
/* must be absolute path */
if (filename[0] != '/')
return (0);
/* must not be lofi */
return (0);
return (0);
return (1);
}
/*
* Fakes up a disk geometry, and one big partition, based on the size
* of the file. This is needed because we allow newfs'ing the device,
* and newfs will do several disk ioctls to figure out the geometry and
* partition information. It uses that information to determine the parameters
* to pass to mkfs. Geometry is pretty much irrelevant these days, but we
* have to support it.
*/
static void
{
/* dk_geom - see dkio(7I) */
/*
* dkg_ncyl _could_ be set to one here (one big cylinder with gobs
* of sectors), but that breaks programs like fdisk which want to
* partition a disk by cylinder. With one cylinder, you can't create
* an fdisk partition and put pcfs on it for testing (hard to pick
* a number between one and one).
*
* The cheezy floppy test is an attempt to not have too few cylinders
* for a small file, or so many on a big file that you waste space
* for backup superblocks or cylinder group structures.
*/
else
/* in case file file is < 100k */
/* vtoc - see dkio(7I) */
/*
* A compressed file is read-only, other files can
* be read-write
*/
if (lsp->ls_uncomp_seg_sz > 0) {
} else {
}
/*
* The partition size cannot just be the number of sectors, because
* that might not end on a cylinder boundary. And if that's the case,
*/
/* dk_cinfo - see dkio(7I) */
/*
* newfs uses this to set maxcontig. Must not be < 16, or it
* will be 0 when newfs multiplies it by DEV_BSIZE and divides
* it by the block size. Then tunefs doesn't work because
* maxcontig is 0.
*/
}
/*
* map in a compressed file
*
* Read in the header and the index that follows.
*
* The header is as follows -
*
* Signature (name of the compression algorithm)
* Compression segment size (a multiple of 512)
* Number of index entries
* Size of the last block
* The array containing the index entries
*
* The header information is always stored in
* network byte order on disk.
*/
static int
{
int error;
/* The signature has already been read */
/*
* The compressed segment size must be a power of 2
*/
return (EINVAL);
;
lsp->ls_comp_seg_shift = i;
sizeof (lsp->ls_uncomp_last_seg_sz));
/*
* Compute the total size of the uncompressed data
* for use in fake_disk_geometry and other calculations.
* Disk geometry has to be faked with respect to the
* actual uncompressed data size rather than the
* compressed file size.
*/
/*
* Index size is rounded up to a 512 byte boundary for ease
* of segmapping
*/
sizeof (lsp->ls_uncomp_seg_sz) +
sizeof (lsp->ls_comp_index_sz) +
sizeof (lsp->ls_uncomp_last_seg_sz);
index_sz += header_len;
/*
* Read in the index -- this has a side-effect
* of reading in the header as well
*/
if (error != 0)
return (error);
/* Skip the header, this is where the index really begins */
/*LINTED*/
/*
* Now recompute offsets in the index to account for
* the header length
*/
for (i = 0; i < lsp->ls_comp_index_sz; i++) {
}
return (error);
}
/*
* Check to see if the passed in signature is a valid
* one. If it is valid, return the index into
* lofi_compress_table.
*
* Return -1 if it is invalid
*/
static int lofi_compress_select(char *signature)
{
int i;
for (i = 0; i < LOFI_COMPRESS_FUNCTIONS; i++) {
return (i);
}
return (-1);
}
/*
* map a file to a minor number. Return the minor number.
*/
static int
{
struct lofi_state *lsp;
struct lofi_ioctl *klip;
int error;
int compress_index;
int flag;
int zalloced = 0;
char namebuf[50];
char *tbuf;
return (EFAULT);
goto out;
}
goto out;
}
if (pickminor) {
/* Find a free one */
break;
if (newminor >= lofi_max_files) {
goto out;
}
} else {
goto out;
}
}
/* make sure it's valid */
if (error) {
goto out;
}
if (!V_ISLOFIABLE(v_type)) {
goto out;
}
if (error) {
/* try read-only */
&vp, 0, 0);
if (error) {
goto out;
}
}
if (error) {
goto closeout;
}
/* the file needs to be a multiple of the block size */
goto closeout;
}
goto closeout;
}
goto propout;
}
if (error == DDI_FAILURE) {
goto propout;
}
zalloced = 1;
DDI_PSEUDO, NULL);
if (error != DDI_SUCCESS) {
goto propout;
}
DDI_PSEUDO, NULL);
if (error != DDI_SUCCESS) {
/* remove block node */
goto propout;
}
}
/*
* save open mode so file can be closed properly and vnode counts
* updated correctly.
*/
/*
* Try to handle stacked lofs vnodes.
*/
} else {
/*
* Even though vp was obtained via vn_open(), we
* can't call vn_close() on it, since lofs will
* pass the VOP_CLOSE() on down to the realvp
* (which we are about to use). Hence we merely
* drop the reference to the lofs vnode and hold
* the realvp so things behave as if we've
* opened the realvp without any interaction
* with lofs.
*/
}
} else {
}
if (rvalp)
/*
* Read the file signature to check if it is compressed.
* 'rw' is set to read since only reads are allowed to
* a compressed file.
*/
if (error != 0)
goto propout;
lsp->ls_uncomp_seg_sz = 0;
if (compress_index != -1) {
sizeof (lsp->ls_comp_algorithm));
if (error != 0)
goto propout;
/* update DDI properties */
Size_prop_val)) != DDI_PROP_SUCCESS) {
goto propout;
}
Nblocks_prop_val)) != DDI_PROP_SUCCESS) {
goto propout;
}
}
return (0);
out:
if (zalloced)
return (error);
}
/*
* unmap a file.
*/
static int
{
struct lofi_state *lsp;
struct lofi_ioctl *klip;
return (EFAULT);
if (byfilename) {
} else {
}
if (minor == 0) {
return (ENXIO);
}
return (ENXIO);
}
/*
* If it's still held open, we'll do one of three things:
*
* If no flag is set, just return EBUSY.
*
* If the 'cleanup' flag is set, unmap and remove the device when
* the last user finishes.
*
* If the 'force' flag is set, then we forcibly close the underlying
* file. Subsequent operations will fail, and the DKIOCSTATE ioctl
* will return DKIO_DEV_GONE. When the device is last closed, the
* device will be cleaned up appropriately.
*
* This is complicated by the fact that we may have outstanding
* I/O, we keep a count of the number of outstanding I/O requests, as
* and then close the underlying vnode.
*/
while (lsp->ls_vp_iocount > 0)
return (0);
} else if (klip->li_cleanup) {
return (0);
}
return (EBUSY);
}
return (0);
}
/*
* get the filename given the minor number, or the minor number given
* the name.
*/
/*ARGSUSED*/
static int
{
struct lofi_state *lsp;
struct lofi_ioctl *klip;
int error;
return (EFAULT);
switch (which) {
case LOFI_GET_FILENAME:
if (minor == 0) {
return (EINVAL);
}
return (ENXIO);
}
sizeof (klip->li_algorithm));
return (error);
case LOFI_GET_MINOR:
return (ENOENT);
}
return (error);
case LOFI_CHECK_COMPRESSED:
return (ENOENT);
}
return (ENXIO);
}
sizeof (klip->li_algorithm));
return (error);
default:
return (EINVAL);
}
}
static int
int *rvalp)
{
int error;
enum dkio_state dkstate;
struct lofi_state *lsp;
#ifdef lint
#endif
/* lofi ioctls only apply to the master device */
if (minor == 0) {
/*
* the query command only need read-access - i.e., normal
* users are allowed to do those on the ctl device as
* long as they can open it read-only.
*/
switch (cmd) {
case LOFI_MAP_FILE:
return (EPERM);
case LOFI_MAP_FILE_MINOR:
return (EPERM);
case LOFI_UNMAP_FILE:
return (EPERM);
case LOFI_UNMAP_FILE_MINOR:
return (EPERM);
case LOFI_GET_FILENAME:
case LOFI_GET_MINOR:
case LOFI_GET_MAXMINOR:
sizeof (lofi_max_files), flag);
if (error)
return (EFAULT);
return (0);
case LOFI_CHECK_COMPRESSED:
default:
break;
}
}
return (ENXIO);
/*
* We explicitly allow DKIOCSTATE, but all other ioctls should fail with
* EIO as if the device was no longer present.
*/
return (EIO);
/* these are for faking out utilities like newfs */
switch (cmd) {
case DKIOCGVTOC:
case DDI_MODEL_ILP32: {
return (EFAULT);
break;
}
case DDI_MODEL_NONE:
return (EFAULT);
break;
}
return (0);
case DKIOCINFO:
if (error)
return (EFAULT);
return (0);
case DKIOCG_VIRTGEOM:
case DKIOCG_PHYGEOM:
case DKIOCGGEOM:
if (error)
return (EFAULT);
return (0);
case DKIOCSTATE:
/*
* Normally, lofi devices are always in the INSERTED state. If
* a device is forcefully unmapped, then the device transitions
* to the DKIO_DEV_GONE state.
*/
flag) != 0)
return (EFAULT);
/*
* By virtue of having the device open, we know that
* 'lsp' will remain valid when we return.
*/
&lsp->ls_vp_lock)) {
return (EINTR);
}
}
return (EFAULT);
return (0);
default:
return (ENOTTY);
}
}
static struct cb_ops lofi_cb_ops = {
lofi_open, /* open */
lofi_close, /* close */
lofi_strategy, /* strategy */
nodev, /* print */
nodev, /* dump */
lofi_read, /* read */
lofi_write, /* write */
lofi_ioctl, /* ioctl */
nodev, /* devmap */
nodev, /* mmap */
nodev, /* segmap */
nochpoll, /* poll */
ddi_prop_op, /* prop_op */
0, /* streamtab */
};
DEVO_REV, /* devo_rev, */
0, /* refcnt */
lofi_info, /* info */
nulldev, /* identify */
nulldev, /* probe */
lofi_attach, /* attach */
lofi_detach, /* detach */
nodev, /* reset */
&lofi_cb_ops, /* driver operations */
NULL, /* no bus operations */
NULL, /* power */
ddi_quiesce_not_needed, /* quiesce */
};
"loopback file driver",
&lofi_ops,
};
static struct modlinkage modlinkage = {
&modldrv,
};
int
_init(void)
{
int error;
sizeof (struct lofi_state), 0);
if (error)
return (error);
if (error) {
}
return (error);
}
int
_fini(void)
{
int error;
if (lofi_busy())
return (EBUSY);
if (error)
return (error);
return (error);
}
int
{
}