linux/drivers/block/loop.c
<<
>>
Prefs
   1/*
   2 *  linux/drivers/block/loop.c
   3 *
   4 *  Written by Theodore Ts'o, 3/29/93
   5 *
   6 * Copyright 1993 by Theodore Ts'o.  Redistribution of this file is
   7 * permitted under the GNU General Public License.
   8 *
   9 * DES encryption plus some minor changes by Werner Almesberger, 30-MAY-1993
  10 * more DES encryption plus IDEA encryption by Nicholas J. Leon, June 20, 1996
  11 *
  12 * Modularized and updated for 1.1.16 kernel - Mitch Dsouza 28th May 1994
  13 * Adapted for 1.3.59 kernel - Andries Brouwer, 1 Feb 1996
  14 *
  15 * Fixed do_loop_request() re-entrancy - Vincent.Renardias@waw.com Mar 20, 1997
  16 *
  17 * Added devfs support - Richard Gooch <rgooch@atnf.csiro.au> 16-Jan-1998
  18 *
  19 * Handle sparse backing files correctly - Kenn Humborg, Jun 28, 1998
  20 *
  21 * Loadable modules and other fixes by AK, 1998
  22 *
  23 * Make real block number available to downstream transfer functions, enables
  24 * CBC (and relatives) mode encryption requiring unique IVs per data block.
  25 * Reed H. Petty, rhp@draper.net
  26 *
  27 * Maximum number of loop devices now dynamic via max_loop module parameter.
  28 * Russell Kroll <rkroll@exploits.org> 19990701
  29 *
  30 * Maximum number of loop devices when compiled-in now selectable by passing
  31 * max_loop=<1-255> to the kernel on boot.
  32 * Erik I. Bols\xC3\xB8, <eriki@himolde.no>, Oct 31, 1999
  33 *
  34 * Completely rewrite request handling to be make_request_fn style and
  35 * non blocking, pushing work to a helper thread. Lots of fixes from
  36 * Al Viro too.
  37 * Jens Axboe <axboe@suse.de>, Nov 2000
  38 *
  39 * Support up to 256 loop devices
  40 * Heinz Mauelshagen <mge@sistina.com>, Feb 2002
  41 *
  42 * Support for falling back on the write file operation when the address space
  43 * operations write_begin is not available on the backing filesystem.
  44 * Anton Altaparmakov, 16 Feb 2005
  45 *
  46 * Still To Fix:
  47 * - Advisory locking is ignored here.
  48 * - Should use an own CAP_* category instead of CAP_SYS_ADMIN
  49 *
  50 */
  51
  52#include <linux/module.h>
  53#include <linux/moduleparam.h>
  54#include <linux/sched.h>
  55#include <linux/fs.h>
  56#include <linux/file.h>
  57#include <linux/stat.h>
  58#include <linux/errno.h>
  59#include <linux/major.h>
  60#include <linux/wait.h>
  61#include <linux/blkdev.h>
  62#include <linux/blkpg.h>
  63#include <linux/init.h>
  64#include <linux/swap.h>
  65#include <linux/slab.h>
  66#include <linux/compat.h>
  67#include <linux/suspend.h>
  68#include <linux/freezer.h>
  69#include <linux/mutex.h>
  70#include <linux/writeback.h>
  71#include <linux/completion.h>
  72#include <linux/highmem.h>
  73#include <linux/kthread.h>
  74#include <linux/splice.h>
  75#include <linux/sysfs.h>
  76#include <linux/miscdevice.h>
  77#include <linux/falloc.h>
  78#include <linux/uio.h>
  79#include "loop.h"
  80
  81#include <linux/uaccess.h>
  82
  83static DEFINE_IDR(loop_index_idr);
  84static DEFINE_MUTEX(loop_index_mutex);
  85
  86static int max_part;
  87static int part_shift;
  88
  89static int transfer_xor(struct loop_device *lo, int cmd,
  90                        struct page *raw_page, unsigned raw_off,
  91                        struct page *loop_page, unsigned loop_off,
  92                        int size, sector_t real_block)
  93{
  94        char *raw_buf = kmap_atomic(raw_page) + raw_off;
  95        char *loop_buf = kmap_atomic(loop_page) + loop_off;
  96        char *in, *out, *key;
  97        int i, keysize;
  98
  99        if (cmd == READ) {
 100                in = raw_buf;
 101                out = loop_buf;
 102        } else {
 103                in = loop_buf;
 104                out = raw_buf;
 105        }
 106
 107        key = lo->lo_encrypt_key;
 108        keysize = lo->lo_encrypt_key_size;
 109        for (i = 0; i < size; i++)
 110                *out++ = *in++ ^ key[(i & 511) % keysize];
 111
 112        kunmap_atomic(loop_buf);
 113        kunmap_atomic(raw_buf);
 114        cond_resched();
 115        return 0;
 116}
 117
 118static int xor_init(struct loop_device *lo, const struct loop_info64 *info)
 119{
 120        if (unlikely(info->lo_encrypt_key_size <= 0))
 121                return -EINVAL;
 122        return 0;
 123}
 124
 125static struct loop_func_table none_funcs = {
 126        .number = LO_CRYPT_NONE,
 127}; 
 128
 129static struct loop_func_table xor_funcs = {
 130        .number = LO_CRYPT_XOR,
 131        .transfer = transfer_xor,
 132        .init = xor_init
 133}; 
 134
 135/* xfer_funcs[0] is special - its release function is never called */
 136static struct loop_func_table *xfer_funcs[MAX_LO_CRYPT] = {
 137        &none_funcs,
 138        &xor_funcs
 139};
 140
 141static loff_t get_size(loff_t offset, loff_t sizelimit, struct file *file)
 142{
 143        loff_t loopsize;
 144
 145        /* Compute loopsize in bytes */
 146        loopsize = i_size_read(file->f_mapping->host);
 147        if (offset > 0)
 148                loopsize -= offset;
 149        /* offset is beyond i_size, weird but possible */
 150        if (loopsize < 0)
 151                return 0;
 152
 153        if (sizelimit > 0 && sizelimit < loopsize)
 154                loopsize = sizelimit;
 155        /*
 156         * Unfortunately, if we want to do I/O on the device,
 157         * the number of 512-byte sectors has to fit into a sector_t.
 158         */
 159        return loopsize >> 9;
 160}
 161
 162static loff_t get_loop_size(struct loop_device *lo, struct file *file)
 163{
 164        return get_size(lo->lo_offset, lo->lo_sizelimit, file);
 165}
 166
 167static void __loop_update_dio(struct loop_device *lo, bool dio)
 168{
 169        struct file *file = lo->lo_backing_file;
 170        struct address_space *mapping = file->f_mapping;
 171        struct inode *inode = mapping->host;
 172        unsigned short sb_bsize = 0;
 173        unsigned dio_align = 0;
 174        bool use_dio;
 175
 176        if (inode->i_sb->s_bdev) {
 177                sb_bsize = bdev_logical_block_size(inode->i_sb->s_bdev);
 178                dio_align = sb_bsize - 1;
 179        }
 180
 181        /*
 182         * We support direct I/O only if lo_offset is aligned with the
 183         * logical I/O size of backing device, and the logical block
 184         * size of loop is bigger than the backing device's and the loop
 185         * needn't transform transfer.
 186         *
 187         * TODO: the above condition may be loosed in the future, and
 188         * direct I/O may be switched runtime at that time because most
 189         * of requests in sane appplications should be PAGE_SIZE algined
 190         */
 191        if (dio) {
 192                if (queue_logical_block_size(lo->lo_queue) >= sb_bsize &&
 193                                !(lo->lo_offset & dio_align) &&
 194                                mapping->a_ops->direct_IO &&
 195                                !lo->transfer)
 196                        use_dio = true;
 197                else
 198                        use_dio = false;
 199        } else {
 200                use_dio = false;
 201        }
 202
 203        if (lo->use_dio == use_dio)
 204                return;
 205
 206        /* flush dirty pages before changing direct IO */
 207        vfs_fsync(file, 0);
 208
 209        /*
 210         * The flag of LO_FLAGS_DIRECT_IO is handled similarly with
 211         * LO_FLAGS_READ_ONLY, both are set from kernel, and losetup
 212         * will get updated by ioctl(LOOP_GET_STATUS)
 213         */
 214        blk_mq_freeze_queue(lo->lo_queue);
 215        lo->use_dio = use_dio;
 216        if (use_dio)
 217                lo->lo_flags |= LO_FLAGS_DIRECT_IO;
 218        else
 219                lo->lo_flags &= ~LO_FLAGS_DIRECT_IO;
 220        blk_mq_unfreeze_queue(lo->lo_queue);
 221}
 222
 223static int
 224figure_loop_size(struct loop_device *lo, loff_t offset, loff_t sizelimit)
 225{
 226        loff_t size = get_size(offset, sizelimit, lo->lo_backing_file);
 227        sector_t x = (sector_t)size;
 228        struct block_device *bdev = lo->lo_device;
 229
 230        if (unlikely((loff_t)x != size))
 231                return -EFBIG;
 232        if (lo->lo_offset != offset)
 233                lo->lo_offset = offset;
 234        if (lo->lo_sizelimit != sizelimit)
 235                lo->lo_sizelimit = sizelimit;
 236        set_capacity(lo->lo_disk, x);
 237        bd_set_size(bdev, (loff_t)get_capacity(bdev->bd_disk) << 9);
 238        /* let user-space know about the new size */
 239        kobject_uevent(&disk_to_dev(bdev->bd_disk)->kobj, KOBJ_CHANGE);
 240        return 0;
 241}
 242
 243static inline int
 244lo_do_transfer(struct loop_device *lo, int cmd,
 245               struct page *rpage, unsigned roffs,
 246               struct page *lpage, unsigned loffs,
 247               int size, sector_t rblock)
 248{
 249        int ret;
 250
 251        ret = lo->transfer(lo, cmd, rpage, roffs, lpage, loffs, size, rblock);
 252        if (likely(!ret))
 253                return 0;
 254
 255        printk_ratelimited(KERN_ERR
 256                "loop: Transfer error at byte offset %llu, length %i.\n",
 257                (unsigned long long)rblock << 9, size);
 258        return ret;
 259}
 260
 261static int lo_write_bvec(struct file *file, struct bio_vec *bvec, loff_t *ppos)
 262{
 263        struct iov_iter i;
 264        ssize_t bw;
 265
 266        iov_iter_bvec(&i, ITER_BVEC, bvec, 1, bvec->bv_len);
 267
 268        file_start_write(file);
 269        bw = vfs_iter_write(file, &i, ppos);
 270        file_end_write(file);
 271
 272        if (likely(bw ==  bvec->bv_len))
 273                return 0;
 274
 275        printk_ratelimited(KERN_ERR
 276                "loop: Write error at byte offset %llu, length %i.\n",
 277                (unsigned long long)*ppos, bvec->bv_len);
 278        if (bw >= 0)
 279                bw = -EIO;
 280        return bw;
 281}
 282
 283static int lo_write_simple(struct loop_device *lo, struct request *rq,
 284                loff_t pos)
 285{
 286        struct bio_vec bvec;
 287        struct req_iterator iter;
 288        int ret = 0;
 289
 290        rq_for_each_segment(bvec, rq, iter) {
 291                ret = lo_write_bvec(lo->lo_backing_file, &bvec, &pos);
 292                if (ret < 0)
 293                        break;
 294                cond_resched();
 295        }
 296
 297        return ret;
 298}
 299
 300/*
 301 * This is the slow, transforming version that needs to double buffer the
 302 * data as it cannot do the transformations in place without having direct
 303 * access to the destination pages of the backing file.
 304 */
 305static int lo_write_transfer(struct loop_device *lo, struct request *rq,
 306                loff_t pos)
 307{
 308        struct bio_vec bvec, b;
 309        struct req_iterator iter;
 310        struct page *page;
 311        int ret = 0;
 312
 313        page = alloc_page(GFP_NOIO);
 314        if (unlikely(!page))
 315                return -ENOMEM;
 316
 317        rq_for_each_segment(bvec, rq, iter) {
 318                ret = lo_do_transfer(lo, WRITE, page, 0, bvec.bv_page,
 319                        bvec.bv_offset, bvec.bv_len, pos >> 9);
 320                if (unlikely(ret))
 321                        break;
 322
 323                b.bv_page = page;
 324                b.bv_offset = 0;
 325                b.bv_len = bvec.bv_len;
 326                ret = lo_write_bvec(lo->lo_backing_file, &b, &pos);
 327                if (ret < 0)
 328                        break;
 329        }
 330
 331        __free_page(page);
 332        return ret;
 333}
 334
 335static int lo_read_simple(struct loop_device *lo, struct request *rq,
 336                loff_t pos)
 337{
 338        struct bio_vec bvec;
 339        struct req_iterator iter;
 340        struct iov_iter i;
 341        ssize_t len;
 342
 343        rq_for_each_segment(bvec, rq, iter) {
 344                iov_iter_bvec(&i, ITER_BVEC, &bvec, 1, bvec.bv_len);
 345                len = vfs_iter_read(lo->lo_backing_file, &i, &pos);
 346                if (len < 0)
 347                        return len;
 348
 349                flush_dcache_page(bvec.bv_page);
 350
 351                if (len != bvec.bv_len) {
 352                        struct bio *bio;
 353
 354                        __rq_for_each_bio(bio, rq)
 355                                zero_fill_bio(bio);
 356                        break;
 357                }
 358                cond_resched();
 359        }
 360
 361        return 0;
 362}
 363
 364static int lo_read_transfer(struct loop_device *lo, struct request *rq,
 365                loff_t pos)
 366{
 367        struct bio_vec bvec, b;
 368        struct req_iterator iter;
 369        struct iov_iter i;
 370        struct page *page;
 371        ssize_t len;
 372        int ret = 0;
 373
 374        page = alloc_page(GFP_NOIO);
 375        if (unlikely(!page))
 376                return -ENOMEM;
 377
 378        rq_for_each_segment(bvec, rq, iter) {
 379                loff_t offset = pos;
 380
 381                b.bv_page = page;
 382                b.bv_offset = 0;
 383                b.bv_len = bvec.bv_len;
 384
 385                iov_iter_bvec(&i, ITER_BVEC, &b, 1, b.bv_len);
 386                len = vfs_iter_read(lo->lo_backing_file, &i, &pos);
 387                if (len < 0) {
 388                        ret = len;
 389                        goto out_free_page;
 390                }
 391
 392                ret = lo_do_transfer(lo, READ, page, 0, bvec.bv_page,
 393                        bvec.bv_offset, len, offset >> 9);
 394                if (ret)
 395                        goto out_free_page;
 396
 397                flush_dcache_page(bvec.bv_page);
 398
 399                if (len != bvec.bv_len) {
 400                        struct bio *bio;
 401
 402                        __rq_for_each_bio(bio, rq)
 403                                zero_fill_bio(bio);
 404                        break;
 405                }
 406        }
 407
 408        ret = 0;
 409out_free_page:
 410        __free_page(page);
 411        return ret;
 412}
 413
 414static int lo_discard(struct loop_device *lo, struct request *rq, loff_t pos)
 415{
 416        /*
 417         * We use punch hole to reclaim the free space used by the
 418         * image a.k.a. discard. However we do not support discard if
 419         * encryption is enabled, because it may give an attacker
 420         * useful information.
 421         */
 422        struct file *file = lo->lo_backing_file;
 423        int mode = FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE;
 424        int ret;
 425
 426        if ((!file->f_op->fallocate) || lo->lo_encrypt_key_size) {
 427                ret = -EOPNOTSUPP;
 428                goto out;
 429        }
 430
 431        ret = file->f_op->fallocate(file, mode, pos, blk_rq_bytes(rq));
 432        if (unlikely(ret && ret != -EINVAL && ret != -EOPNOTSUPP))
 433                ret = -EIO;
 434 out:
 435        return ret;
 436}
 437
 438static int lo_req_flush(struct loop_device *lo, struct request *rq)
 439{
 440        struct file *file = lo->lo_backing_file;
 441        int ret = vfs_fsync(file, 0);
 442        if (unlikely(ret && ret != -EINVAL))
 443                ret = -EIO;
 444
 445        return ret;
 446}
 447
 448static inline void handle_partial_read(struct loop_cmd *cmd, long bytes)
 449{
 450        if (bytes < 0 || op_is_write(req_op(cmd->rq)))
 451                return;
 452
 453        if (unlikely(bytes < blk_rq_bytes(cmd->rq))) {
 454                struct bio *bio = cmd->rq->bio;
 455
 456                bio_advance(bio, bytes);
 457                zero_fill_bio(bio);
 458        }
 459}
 460
 461static void lo_rw_aio_complete(struct kiocb *iocb, long ret, long ret2)
 462{
 463        struct loop_cmd *cmd = container_of(iocb, struct loop_cmd, iocb);
 464        struct request *rq = cmd->rq;
 465
 466        handle_partial_read(cmd, ret);
 467
 468        if (ret > 0)
 469                ret = 0;
 470        else if (ret < 0)
 471                ret = -EIO;
 472
 473        blk_mq_complete_request(rq, ret);
 474}
 475
 476static int lo_rw_aio(struct loop_device *lo, struct loop_cmd *cmd,
 477                     loff_t pos, bool rw)
 478{
 479        struct iov_iter iter;
 480        struct bio_vec *bvec;
 481        struct bio *bio = cmd->rq->bio;
 482        struct file *file = lo->lo_backing_file;
 483        int ret;
 484
 485        /* nomerge for loop request queue */
 486        WARN_ON(cmd->rq->bio != cmd->rq->biotail);
 487
 488        bvec = __bvec_iter_bvec(bio->bi_io_vec, bio->bi_iter);
 489        iov_iter_bvec(&iter, ITER_BVEC | rw, bvec,
 490                      bio_segments(bio), blk_rq_bytes(cmd->rq));
 491        /*
 492         * This bio may be started from the middle of the 'bvec'
 493         * because of bio splitting, so offset from the bvec must
 494         * be passed to iov iterator
 495         */
 496        iter.iov_offset = bio->bi_iter.bi_bvec_done;
 497
 498        cmd->iocb.ki_pos = pos;
 499        cmd->iocb.ki_filp = file;
 500        cmd->iocb.ki_complete = lo_rw_aio_complete;
 501        cmd->iocb.ki_flags = IOCB_DIRECT;
 502
 503        if (rw == WRITE)
 504                ret = file->f_op->write_iter(&cmd->iocb, &iter);
 505        else
 506                ret = file->f_op->read_iter(&cmd->iocb, &iter);
 507
 508        if (ret != -EIOCBQUEUED)
 509                cmd->iocb.ki_complete(&cmd->iocb, ret, 0);
 510        return 0;
 511}
 512
 513static int do_req_filebacked(struct loop_device *lo, struct request *rq)
 514{
 515        struct loop_cmd *cmd = blk_mq_rq_to_pdu(rq);
 516        loff_t pos = ((loff_t) blk_rq_pos(rq) << 9) + lo->lo_offset;
 517
 518        /*
 519         * lo_write_simple and lo_read_simple should have been covered
 520         * by io submit style function like lo_rw_aio(), one blocker
 521         * is that lo_read_simple() need to call flush_dcache_page after
 522         * the page is written from kernel, and it isn't easy to handle
 523         * this in io submit style function which submits all segments
 524         * of the req at one time. And direct read IO doesn't need to
 525         * run flush_dcache_page().
 526         */
 527        switch (req_op(rq)) {
 528        case REQ_OP_FLUSH:
 529                return lo_req_flush(lo, rq);
 530        case REQ_OP_DISCARD:
 531                return lo_discard(lo, rq, pos);
 532        case REQ_OP_WRITE:
 533                if (lo->transfer)
 534                        return lo_write_transfer(lo, rq, pos);
 535                else if (cmd->use_aio)
 536                        return lo_rw_aio(lo, cmd, pos, WRITE);
 537                else
 538                        return lo_write_simple(lo, rq, pos);
 539        case REQ_OP_READ:
 540                if (lo->transfer)
 541                        return lo_read_transfer(lo, rq, pos);
 542                else if (cmd->use_aio)
 543                        return lo_rw_aio(lo, cmd, pos, READ);
 544                else
 545                        return lo_read_simple(lo, rq, pos);
 546        default:
 547                WARN_ON_ONCE(1);
 548                return -EIO;
 549                break;
 550        }
 551}
 552
 553struct switch_request {
 554        struct file *file;
 555        struct completion wait;
 556};
 557
 558static inline void loop_update_dio(struct loop_device *lo)
 559{
 560        __loop_update_dio(lo, io_is_direct(lo->lo_backing_file) |
 561                        lo->use_dio);
 562}
 563
 564/*
 565 * Do the actual switch; called from the BIO completion routine
 566 */
 567static void do_loop_switch(struct loop_device *lo, struct switch_request *p)
 568{
 569        struct file *file = p->file;
 570        struct file *old_file = lo->lo_backing_file;
 571        struct address_space *mapping;
 572
 573        /* if no new file, only flush of queued bios requested */
 574        if (!file)
 575                return;
 576
 577        mapping = file->f_mapping;
 578        mapping_set_gfp_mask(old_file->f_mapping, lo->old_gfp_mask);
 579        lo->lo_backing_file = file;
 580        lo->lo_blocksize = S_ISBLK(mapping->host->i_mode) ?
 581                mapping->host->i_bdev->bd_block_size : PAGE_SIZE;
 582        lo->old_gfp_mask = mapping_gfp_mask(mapping);
 583        mapping_set_gfp_mask(mapping, lo->old_gfp_mask & ~(__GFP_IO|__GFP_FS));
 584        loop_update_dio(lo);
 585}
 586
 587/*
 588 * loop_switch performs the hard work of switching a backing store.
 589 * First it needs to flush existing IO, it does this by sending a magic
 590 * BIO down the pipe. The completion of this BIO does the actual switch.
 591 */
 592static int loop_switch(struct loop_device *lo, struct file *file)
 593{
 594        struct switch_request w;
 595
 596        w.file = file;
 597
 598        /* freeze queue and wait for completion of scheduled requests */
 599        blk_mq_freeze_queue(lo->lo_queue);
 600
 601        /* do the switch action */
 602        do_loop_switch(lo, &w);
 603
 604        /* unfreeze */
 605        blk_mq_unfreeze_queue(lo->lo_queue);
 606
 607        return 0;
 608}
 609
 610/*
 611 * Helper to flush the IOs in loop, but keeping loop thread running
 612 */
 613static int loop_flush(struct loop_device *lo)
 614{
 615        return loop_switch(lo, NULL);
 616}
 617
 618static void loop_reread_partitions(struct loop_device *lo,
 619                                   struct block_device *bdev)
 620{
 621        int rc;
 622
 623        /*
 624         * bd_mutex has been held already in release path, so don't
 625         * acquire it if this function is called in such case.
 626         *
 627         * If the reread partition isn't from release path, lo_refcnt
 628         * must be at least one and it can only become zero when the
 629         * current holder is released.
 630         */
 631        if (!atomic_read(&lo->lo_refcnt))
 632                rc = __blkdev_reread_part(bdev);
 633        else
 634                rc = blkdev_reread_part(bdev);
 635        if (rc)
 636                pr_warn("%s: partition scan of loop%d (%s) failed (rc=%d)\n",
 637                        __func__, lo->lo_number, lo->lo_file_name, rc);
 638}
 639
 640/*
 641 * loop_change_fd switched the backing store of a loopback device to
 642 * a new file. This is useful for operating system installers to free up
 643 * the original file and in High Availability environments to switch to
 644 * an alternative location for the content in case of server meltdown.
 645 * This can only work if the loop device is used read-only, and if the
 646 * new backing store is the same size and type as the old backing store.
 647 */
 648static int loop_change_fd(struct loop_device *lo, struct block_device *bdev,
 649                          unsigned int arg)
 650{
 651        struct file     *file, *old_file;
 652        struct inode    *inode;
 653        int             error;
 654
 655        error = -ENXIO;
 656        if (lo->lo_state != Lo_bound)
 657                goto out;
 658
 659        /* the loop device has to be read-only */
 660        error = -EINVAL;
 661        if (!(lo->lo_flags & LO_FLAGS_READ_ONLY))
 662                goto out;
 663
 664        error = -EBADF;
 665        file = fget(arg);
 666        if (!file)
 667                goto out;
 668
 669        inode = file->f_mapping->host;
 670        old_file = lo->lo_backing_file;
 671
 672        error = -EINVAL;
 673
 674        if (!S_ISREG(inode->i_mode) && !S_ISBLK(inode->i_mode))
 675                goto out_putf;
 676
 677        /* size of the new backing store needs to be the same */
 678        if (get_loop_size(lo, file) != get_loop_size(lo, old_file))
 679                goto out_putf;
 680
 681        /* and ... switch */
 682        error = loop_switch(lo, file);
 683        if (error)
 684                goto out_putf;
 685
 686        fput(old_file);
 687        if (lo->lo_flags & LO_FLAGS_PARTSCAN)
 688                loop_reread_partitions(lo, bdev);
 689        return 0;
 690
 691 out_putf:
 692        fput(file);
 693 out:
 694        return error;
 695}
 696
 697static inline int is_loop_device(struct file *file)
 698{
 699        struct inode *i = file->f_mapping->host;
 700
 701        return i && S_ISBLK(i->i_mode) && MAJOR(i->i_rdev) == LOOP_MAJOR;
 702}
 703
 704/* loop sysfs attributes */
 705
 706static ssize_t loop_attr_show(struct device *dev, char *page,
 707                              ssize_t (*callback)(struct loop_device *, char *))
 708{
 709        struct gendisk *disk = dev_to_disk(dev);
 710        struct loop_device *lo = disk->private_data;
 711
 712        return callback(lo, page);
 713}
 714
 715#define LOOP_ATTR_RO(_name)                                             \
 716static ssize_t loop_attr_##_name##_show(struct loop_device *, char *);  \
 717static ssize_t loop_attr_do_show_##_name(struct device *d,              \
 718                                struct device_attribute *attr, char *b) \
 719{                                                                       \
 720        return loop_attr_show(d, b, loop_attr_##_name##_show);          \
 721}                                                                       \
 722static struct device_attribute loop_attr_##_name =                      \
 723        __ATTR(_name, S_IRUGO, loop_attr_do_show_##_name, NULL);
 724
 725static ssize_t loop_attr_backing_file_show(struct loop_device *lo, char *buf)
 726{
 727        ssize_t ret;
 728        char *p = NULL;
 729
 730        spin_lock_irq(&lo->lo_lock);
 731        if (lo->lo_backing_file)
 732                p = file_path(lo->lo_backing_file, buf, PAGE_SIZE - 1);
 733        spin_unlock_irq(&lo->lo_lock);
 734
 735        if (IS_ERR_OR_NULL(p))
 736                ret = PTR_ERR(p);
 737        else {
 738                ret = strlen(p);
 739                memmove(buf, p, ret);
 740                buf[ret++] = '\n';
 741                buf[ret] = 0;
 742        }
 743
 744        return ret;
 745}
 746
 747static ssize_t loop_attr_offset_show(struct loop_device *lo, char *buf)
 748{
 749        return sprintf(buf, "%llu\n", (unsigned long long)lo->lo_offset);
 750}
 751
 752static ssize_t loop_attr_sizelimit_show(struct loop_device *lo, char *buf)
 753{
 754        return sprintf(buf, "%llu\n", (unsigned long long)lo->lo_sizelimit);
 755}
 756
 757static ssize_t loop_attr_autoclear_show(struct loop_device *lo, char *buf)
 758{
 759        int autoclear = (lo->lo_flags & LO_FLAGS_AUTOCLEAR);
 760
 761        return sprintf(buf, "%s\n", autoclear ? "1" : "0");
 762}
 763
 764static ssize_t loop_attr_partscan_show(struct loop_device *lo, char *buf)
 765{
 766        int partscan = (lo->lo_flags & LO_FLAGS_PARTSCAN);
 767
 768        return sprintf(buf, "%s\n", partscan ? "1" : "0");
 769}
 770
 771static ssize_t loop_attr_dio_show(struct loop_device *lo, char *buf)
 772{
 773        int dio = (lo->lo_flags & LO_FLAGS_DIRECT_IO);
 774
 775        return sprintf(buf, "%s\n", dio ? "1" : "0");
 776}
 777
 778LOOP_ATTR_RO(backing_file);
 779LOOP_ATTR_RO(offset);
 780LOOP_ATTR_RO(sizelimit);
 781LOOP_ATTR_RO(autoclear);
 782LOOP_ATTR_RO(partscan);
 783LOOP_ATTR_RO(dio);
 784
 785static struct attribute *loop_attrs[] = {
 786        &loop_attr_backing_file.attr,
 787        &loop_attr_offset.attr,
 788        &loop_attr_sizelimit.attr,
 789        &loop_attr_autoclear.attr,
 790        &loop_attr_partscan.attr,
 791        &loop_attr_dio.attr,
 792        NULL,
 793};
 794
 795static struct attribute_group loop_attribute_group = {
 796        .name = "loop",
 797        .attrs= loop_attrs,
 798};
 799
 800static int loop_sysfs_init(struct loop_device *lo)
 801{
 802        return sysfs_create_group(&disk_to_dev(lo->lo_disk)->kobj,
 803                                  &loop_attribute_group);
 804}
 805
 806static void loop_sysfs_exit(struct loop_device *lo)
 807{
 808        sysfs_remove_group(&disk_to_dev(lo->lo_disk)->kobj,
 809                           &loop_attribute_group);
 810}
 811
 812static void loop_config_discard(struct loop_device *lo)
 813{
 814        struct file *file = lo->lo_backing_file;
 815        struct inode *inode = file->f_mapping->host;
 816        struct request_queue *q = lo->lo_queue;
 817
 818        /*
 819         * We use punch hole to reclaim the free space used by the
 820         * image a.k.a. discard. However we do not support discard if
 821         * encryption is enabled, because it may give an attacker
 822         * useful information.
 823         */
 824        if ((!file->f_op->fallocate) ||
 825            lo->lo_encrypt_key_size) {
 826                q->limits.discard_granularity = 0;
 827                q->limits.discard_alignment = 0;
 828                blk_queue_max_discard_sectors(q, 0);
 829                q->limits.discard_zeroes_data = 0;
 830                queue_flag_clear_unlocked(QUEUE_FLAG_DISCARD, q);
 831                return;
 832        }
 833
 834        q->limits.discard_granularity = inode->i_sb->s_blocksize;
 835        q->limits.discard_alignment = 0;
 836        blk_queue_max_discard_sectors(q, UINT_MAX >> 9);
 837        q->limits.discard_zeroes_data = 1;
 838        queue_flag_set_unlocked(QUEUE_FLAG_DISCARD, q);
 839}
 840
 841static void loop_unprepare_queue(struct loop_device *lo)
 842{
 843        kthread_flush_worker(&lo->worker);
 844        kthread_stop(lo->worker_task);
 845}
 846
 847static int loop_prepare_queue(struct loop_device *lo)
 848{
 849        kthread_init_worker(&lo->worker);
 850        lo->worker_task = kthread_run(kthread_worker_fn,
 851                        &lo->worker, "loop%d", lo->lo_number);
 852        if (IS_ERR(lo->worker_task))
 853                return -ENOMEM;
 854        set_user_nice(lo->worker_task, MIN_NICE);
 855        return 0;
 856}
 857
 858static int loop_set_fd(struct loop_device *lo, fmode_t mode,
 859                       struct block_device *bdev, unsigned int arg)
 860{
 861        struct file     *file, *f;
 862        struct inode    *inode;
 863        struct address_space *mapping;
 864        unsigned lo_blocksize;
 865        int             lo_flags = 0;
 866        int             error;
 867        loff_t          size;
 868
 869        /* This is safe, since we have a reference from open(). */
 870        __module_get(THIS_MODULE);
 871
 872        error = -EBADF;
 873        file = fget(arg);
 874        if (!file)
 875                goto out;
 876
 877        error = -EBUSY;
 878        if (lo->lo_state != Lo_unbound)
 879                goto out_putf;
 880
 881        /* Avoid recursion */
 882        f = file;
 883        while (is_loop_device(f)) {
 884                struct loop_device *l;
 885
 886                if (f->f_mapping->host->i_bdev == bdev)
 887                        goto out_putf;
 888
 889                l = f->f_mapping->host->i_bdev->bd_disk->private_data;
 890                if (l->lo_state == Lo_unbound) {
 891                        error = -EINVAL;
 892                        goto out_putf;
 893                }
 894                f = l->lo_backing_file;
 895        }
 896
 897        mapping = file->f_mapping;
 898        inode = mapping->host;
 899
 900        error = -EINVAL;
 901        if (!S_ISREG(inode->i_mode) && !S_ISBLK(inode->i_mode))
 902                goto out_putf;
 903
 904        if (!(file->f_mode & FMODE_WRITE) || !(mode & FMODE_WRITE) ||
 905            !file->f_op->write_iter)
 906                lo_flags |= LO_FLAGS_READ_ONLY;
 907
 908        lo_blocksize = S_ISBLK(inode->i_mode) ?
 909                inode->i_bdev->bd_block_size : PAGE_SIZE;
 910
 911        error = -EFBIG;
 912        size = get_loop_size(lo, file);
 913        if ((loff_t)(sector_t)size != size)
 914                goto out_putf;
 915        error = loop_prepare_queue(lo);
 916        if (error)
 917                goto out_putf;
 918
 919        error = 0;
 920
 921        set_device_ro(bdev, (lo_flags & LO_FLAGS_READ_ONLY) != 0);
 922
 923        lo->use_dio = false;
 924        lo->lo_blocksize = lo_blocksize;
 925        lo->lo_device = bdev;
 926        lo->lo_flags = lo_flags;
 927        lo->lo_backing_file = file;
 928        lo->transfer = NULL;
 929        lo->ioctl = NULL;
 930        lo->lo_sizelimit = 0;
 931        lo->old_gfp_mask = mapping_gfp_mask(mapping);
 932        mapping_set_gfp_mask(mapping, lo->old_gfp_mask & ~(__GFP_IO|__GFP_FS));
 933
 934        if (!(lo_flags & LO_FLAGS_READ_ONLY) && file->f_op->fsync)
 935                blk_queue_write_cache(lo->lo_queue, true, false);
 936
 937        loop_update_dio(lo);
 938        set_capacity(lo->lo_disk, size);
 939        bd_set_size(bdev, size << 9);
 940        loop_sysfs_init(lo);
 941        /* let user-space know about the new size */
 942        kobject_uevent(&disk_to_dev(bdev->bd_disk)->kobj, KOBJ_CHANGE);
 943
 944        set_blocksize(bdev, lo_blocksize);
 945
 946        lo->lo_state = Lo_bound;
 947        if (part_shift)
 948                lo->lo_flags |= LO_FLAGS_PARTSCAN;
 949        if (lo->lo_flags & LO_FLAGS_PARTSCAN)
 950                loop_reread_partitions(lo, bdev);
 951
 952        /* Grab the block_device to prevent its destruction after we
 953         * put /dev/loopXX inode. Later in loop_clr_fd() we bdput(bdev).
 954         */
 955        bdgrab(bdev);
 956        return 0;
 957
 958 out_putf:
 959        fput(file);
 960 out:
 961        /* This is safe: open() is still holding a reference. */
 962        module_put(THIS_MODULE);
 963        return error;
 964}
 965
 966static int
 967loop_release_xfer(struct loop_device *lo)
 968{
 969        int err = 0;
 970        struct loop_func_table *xfer = lo->lo_encryption;
 971
 972        if (xfer) {
 973                if (xfer->release)
 974                        err = xfer->release(lo);
 975                lo->transfer = NULL;
 976                lo->lo_encryption = NULL;
 977                module_put(xfer->owner);
 978        }
 979        return err;
 980}
 981
 982static int
 983loop_init_xfer(struct loop_device *lo, struct loop_func_table *xfer,
 984               const struct loop_info64 *i)
 985{
 986        int err = 0;
 987
 988        if (xfer) {
 989                struct module *owner = xfer->owner;
 990
 991                if (!try_module_get(owner))
 992                        return -EINVAL;
 993                if (xfer->init)
 994                        err = xfer->init(lo, i);
 995                if (err)
 996                        module_put(owner);
 997                else
 998                        lo->lo_encryption = xfer;
 999        }
1000        return err;
1001}
1002
1003static int loop_clr_fd(struct loop_device *lo)
1004{
1005        struct file *filp = lo->lo_backing_file;
1006        gfp_t gfp = lo->old_gfp_mask;
1007        struct block_device *bdev = lo->lo_device;
1008
1009        if (lo->lo_state != Lo_bound)
1010                return -ENXIO;
1011
1012        /*
1013         * If we've explicitly asked to tear down the loop device,
1014         * and it has an elevated reference count, set it for auto-teardown when
1015         * the last reference goes away. This stops $!~#$@ udev from
1016         * preventing teardown because it decided that it needs to run blkid on
1017         * the loopback device whenever they appear. xfstests is notorious for
1018         * failing tests because blkid via udev races with a losetup
1019         * <dev>/do something like mkfs/losetup -d <dev> causing the losetup -d
1020         * command to fail with EBUSY.
1021         */
1022        if (atomic_read(&lo->lo_refcnt) > 1) {
1023                lo->lo_flags |= LO_FLAGS_AUTOCLEAR;
1024                mutex_unlock(&lo->lo_ctl_mutex);
1025                return 0;
1026        }
1027
1028        if (filp == NULL)
1029                return -EINVAL;
1030
1031        /* freeze request queue during the transition */
1032        blk_mq_freeze_queue(lo->lo_queue);
1033
1034        spin_lock_irq(&lo->lo_lock);
1035        lo->lo_state = Lo_rundown;
1036        lo->lo_backing_file = NULL;
1037        spin_unlock_irq(&lo->lo_lock);
1038
1039        loop_release_xfer(lo);
1040        lo->transfer = NULL;
1041        lo->ioctl = NULL;
1042        lo->lo_device = NULL;
1043        lo->lo_encryption = NULL;
1044        lo->lo_offset = 0;
1045        lo->lo_sizelimit = 0;
1046        lo->lo_encrypt_key_size = 0;
1047        memset(lo->lo_encrypt_key, 0, LO_KEY_SIZE);
1048        memset(lo->lo_crypt_name, 0, LO_NAME_SIZE);
1049        memset(lo->lo_file_name, 0, LO_NAME_SIZE);
1050        if (bdev) {
1051                bdput(bdev);
1052                invalidate_bdev(bdev);
1053        }
1054        set_capacity(lo->lo_disk, 0);
1055        loop_sysfs_exit(lo);
1056        if (bdev) {
1057                bd_set_size(bdev, 0);
1058                /* let user-space know about this change */
1059                kobject_uevent(&disk_to_dev(bdev->bd_disk)->kobj, KOBJ_CHANGE);
1060        }
1061        mapping_set_gfp_mask(filp->f_mapping, gfp);
1062        lo->lo_state = Lo_unbound;
1063        /* This is safe: open() is still holding a reference. */
1064        module_put(THIS_MODULE);
1065        blk_mq_unfreeze_queue(lo->lo_queue);
1066
1067        if (lo->lo_flags & LO_FLAGS_PARTSCAN && bdev)
1068                loop_reread_partitions(lo, bdev);
1069        lo->lo_flags = 0;
1070        if (!part_shift)
1071                lo->lo_disk->flags |= GENHD_FL_NO_PART_SCAN;
1072        loop_unprepare_queue(lo);
1073        mutex_unlock(&lo->lo_ctl_mutex);
1074        /*
1075         * Need not hold lo_ctl_mutex to fput backing file.
1076         * Calling fput holding lo_ctl_mutex triggers a circular
1077         * lock dependency possibility warning as fput can take
1078         * bd_mutex which is usually taken before lo_ctl_mutex.
1079         */
1080        fput(filp);
1081        return 0;
1082}
1083
1084static int
1085loop_set_status(struct loop_device *lo, const struct loop_info64 *info)
1086{
1087        int err;
1088        struct loop_func_table *xfer;
1089        kuid_t uid = current_uid();
1090
1091        if (lo->lo_encrypt_key_size &&
1092            !uid_eq(lo->lo_key_owner, uid) &&
1093            !capable(CAP_SYS_ADMIN))
1094                return -EPERM;
1095        if (lo->lo_state != Lo_bound)
1096                return -ENXIO;
1097        if ((unsigned int) info->lo_encrypt_key_size > LO_KEY_SIZE)
1098                return -EINVAL;
1099
1100        err = loop_release_xfer(lo);
1101        if (err)
1102                return err;
1103
1104        if (info->lo_encrypt_type) {
1105                unsigned int type = info->lo_encrypt_type;
1106
1107                if (type >= MAX_LO_CRYPT)
1108                        return -EINVAL;
1109                xfer = xfer_funcs[type];
1110                if (xfer == NULL)
1111                        return -EINVAL;
1112        } else
1113                xfer = NULL;
1114
1115        err = loop_init_xfer(lo, xfer, info);
1116        if (err)
1117                return err;
1118
1119        if (lo->lo_offset != info->lo_offset ||
1120            lo->lo_sizelimit != info->lo_sizelimit)
1121                if (figure_loop_size(lo, info->lo_offset, info->lo_sizelimit))
1122                        return -EFBIG;
1123
1124        loop_config_discard(lo);
1125
1126        memcpy(lo->lo_file_name, info->lo_file_name, LO_NAME_SIZE);
1127        memcpy(lo->lo_crypt_name, info->lo_crypt_name, LO_NAME_SIZE);
1128        lo->lo_file_name[LO_NAME_SIZE-1] = 0;
1129        lo->lo_crypt_name[LO_NAME_SIZE-1] = 0;
1130
1131        if (!xfer)
1132                xfer = &none_funcs;
1133        lo->transfer = xfer->transfer;
1134        lo->ioctl = xfer->ioctl;
1135
1136        if ((lo->lo_flags & LO_FLAGS_AUTOCLEAR) !=
1137             (info->lo_flags & LO_FLAGS_AUTOCLEAR))
1138                lo->lo_flags ^= LO_FLAGS_AUTOCLEAR;
1139
1140        if ((info->lo_flags & LO_FLAGS_PARTSCAN) &&
1141             !(lo->lo_flags & LO_FLAGS_PARTSCAN)) {
1142                lo->lo_flags |= LO_FLAGS_PARTSCAN;
1143                lo->lo_disk->flags &= ~GENHD_FL_NO_PART_SCAN;
1144                loop_reread_partitions(lo, lo->lo_device);
1145        }
1146
1147        lo->lo_encrypt_key_size = info->lo_encrypt_key_size;
1148        lo->lo_init[0] = info->lo_init[0];
1149        lo->lo_init[1] = info->lo_init[1];
1150        if (info->lo_encrypt_key_size) {
1151                memcpy(lo->lo_encrypt_key, info->lo_encrypt_key,
1152                       info->lo_encrypt_key_size);
1153                lo->lo_key_owner = uid;
1154        }
1155
1156        /* update dio if lo_offset or transfer is changed */
1157        __loop_update_dio(lo, lo->use_dio);
1158
1159        return 0;
1160}
1161
1162static int
1163loop_get_status(struct loop_device *lo, struct loop_info64 *info)
1164{
1165        struct file *file = lo->lo_backing_file;
1166        struct kstat stat;
1167        int error;
1168
1169        if (lo->lo_state != Lo_bound)
1170                return -ENXIO;
1171        error = vfs_getattr(&file->f_path, &stat);
1172        if (error)
1173                return error;
1174        memset(info, 0, sizeof(*info));
1175        info->lo_number = lo->lo_number;
1176        info->lo_device = huge_encode_dev(stat.dev);
1177        info->lo_inode = stat.ino;
1178        info->lo_rdevice = huge_encode_dev(lo->lo_device ? stat.rdev : stat.dev);
1179        info->lo_offset = lo->lo_offset;
1180        info->lo_sizelimit = lo->lo_sizelimit;
1181        info->lo_flags = lo->lo_flags;
1182        memcpy(info->lo_file_name, lo->lo_file_name, LO_NAME_SIZE);
1183        memcpy(info->lo_crypt_name, lo->lo_crypt_name, LO_NAME_SIZE);
1184        info->lo_encrypt_type =
1185                lo->lo_encryption ? lo->lo_encryption->number : 0;
1186        if (lo->lo_encrypt_key_size && capable(CAP_SYS_ADMIN)) {
1187                info->lo_encrypt_key_size = lo->lo_encrypt_key_size;
1188                memcpy(info->lo_encrypt_key, lo->lo_encrypt_key,
1189                       lo->lo_encrypt_key_size);
1190        }
1191        return 0;
1192}
1193
1194static void
1195loop_info64_from_old(const struct loop_info *info, struct loop_info64 *info64)
1196{
1197        memset(info64, 0, sizeof(*info64));
1198        info64->lo_number = info->lo_number;
1199        info64->lo_device = info->lo_device;
1200        info64->lo_inode = info->lo_inode;
1201        info64->lo_rdevice = info->lo_rdevice;
1202        info64->lo_offset = info->lo_offset;
1203        info64->lo_sizelimit = 0;
1204        info64->lo_encrypt_type = info->lo_encrypt_type;
1205        info64->lo_encrypt_key_size = info->lo_encrypt_key_size;
1206        info64->lo_flags = info->lo_flags;
1207        info64->lo_init[0] = info->lo_init[0];
1208        info64->lo_init[1] = info->lo_init[1];
1209        if (info->lo_encrypt_type == LO_CRYPT_CRYPTOAPI)
1210                memcpy(info64->lo_crypt_name, info->lo_name, LO_NAME_SIZE);
1211        else
1212                memcpy(info64->lo_file_name, info->lo_name, LO_NAME_SIZE);
1213        memcpy(info64->lo_encrypt_key, info->lo_encrypt_key, LO_KEY_SIZE);
1214}
1215
1216static int
1217loop_info64_to_old(const struct loop_info64 *info64, struct loop_info *info)
1218{
1219        memset(info, 0, sizeof(*info));
1220        info->lo_number = info64->lo_number;
1221        info->lo_device = info64->lo_device;
1222        info->lo_inode = info64->lo_inode;
1223        info->lo_rdevice = info64->lo_rdevice;
1224        info->lo_offset = info64->lo_offset;
1225        info->lo_encrypt_type = info64->lo_encrypt_type;
1226        info->lo_encrypt_key_size = info64->lo_encrypt_key_size;
1227        info->lo_flags = info64->lo_flags;
1228        info->lo_init[0] = info64->lo_init[0];
1229        info->lo_init[1] = info64->lo_init[1];
1230        if (info->lo_encrypt_type == LO_CRYPT_CRYPTOAPI)
1231                memcpy(info->lo_name, info64->lo_crypt_name, LO_NAME_SIZE);
1232        else
1233                memcpy(info->lo_name, info64->lo_file_name, LO_NAME_SIZE);
1234        memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, LO_KEY_SIZE);
1235
1236        /* error in case values were truncated */
1237        if (info->lo_device != info64->lo_device ||
1238            info->lo_rdevice != info64->lo_rdevice ||
1239            info->lo_inode != info64->lo_inode ||
1240            info->lo_offset != info64->lo_offset)
1241                return -EOVERFLOW;
1242
1243        return 0;
1244}
1245
1246static int
1247loop_set_status_old(struct loop_device *lo, const struct loop_info __user *arg)
1248{
1249        struct loop_info info;
1250        struct loop_info64 info64;
1251
1252        if (copy_from_user(&info, arg, sizeof (struct loop_info)))
1253                return -EFAULT;
1254        loop_info64_from_old(&info, &info64);
1255        return loop_set_status(lo, &info64);
1256}
1257
1258static int
1259loop_set_status64(struct loop_device *lo, const struct loop_info64 __user *arg)
1260{
1261        struct loop_info64 info64;
1262
1263        if (copy_from_user(&info64, arg, sizeof (struct loop_info64)))
1264                return -EFAULT;
1265        return loop_set_status(lo, &info64);
1266}
1267
1268static int
1269loop_get_status_old(struct loop_device *lo, struct loop_info __user *arg) {
1270        struct loop_info info;
1271        struct loop_info64 info64;
1272        int err = 0;
1273
1274        if (!arg)
1275                err = -EINVAL;
1276        if (!err)
1277                err = loop_get_status(lo, &info64);
1278        if (!err)
1279                err = loop_info64_to_old(&info64, &info);
1280        if (!err && copy_to_user(arg, &info, sizeof(info)))
1281                err = -EFAULT;
1282
1283        return err;
1284}
1285
1286static int
1287loop_get_status64(struct loop_device *lo, struct loop_info64 __user *arg) {
1288        struct loop_info64 info64;
1289        int err = 0;
1290
1291        if (!arg)
1292                err = -EINVAL;
1293        if (!err)
1294                err = loop_get_status(lo, &info64);
1295        if (!err && copy_to_user(arg, &info64, sizeof(info64)))
1296                err = -EFAULT;
1297
1298        return err;
1299}
1300
1301static int loop_set_capacity(struct loop_device *lo, struct block_device *bdev)
1302{
1303        if (unlikely(lo->lo_state != Lo_bound))
1304                return -ENXIO;
1305
1306        return figure_loop_size(lo, lo->lo_offset, lo->lo_sizelimit);
1307}
1308
1309static int loop_set_dio(struct loop_device *lo, unsigned long arg)
1310{
1311        int error = -ENXIO;
1312        if (lo->lo_state != Lo_bound)
1313                goto out;
1314
1315        __loop_update_dio(lo, !!arg);
1316        if (lo->use_dio == !!arg)
1317                return 0;
1318        error = -EINVAL;
1319 out:
1320        return error;
1321}
1322
1323static int lo_ioctl(struct block_device *bdev, fmode_t mode,
1324        unsigned int cmd, unsigned long arg)
1325{
1326        struct loop_device *lo = bdev->bd_disk->private_data;
1327        int err;
1328
1329        mutex_lock_nested(&lo->lo_ctl_mutex, 1);
1330        switch (cmd) {
1331        case LOOP_SET_FD:
1332                err = loop_set_fd(lo, mode, bdev, arg);
1333                break;
1334        case LOOP_CHANGE_FD:
1335                err = loop_change_fd(lo, bdev, arg);
1336                break;
1337        case LOOP_CLR_FD:
1338                /* loop_clr_fd would have unlocked lo_ctl_mutex on success */
1339                err = loop_clr_fd(lo);
1340                if (!err)
1341                        goto out_unlocked;
1342                break;
1343        case LOOP_SET_STATUS:
1344                err = -EPERM;
1345                if ((mode & FMODE_WRITE) || capable(CAP_SYS_ADMIN))
1346                        err = loop_set_status_old(lo,
1347                                        (struct loop_info __user *)arg);
1348                break;
1349        case LOOP_GET_STATUS:
1350                err = loop_get_status_old(lo, (struct loop_info __user *) arg);
1351                break;
1352        case LOOP_SET_STATUS64:
1353                err = -EPERM;
1354                if ((mode & FMODE_WRITE) || capable(CAP_SYS_ADMIN))
1355                        err = loop_set_status64(lo,
1356                                        (struct loop_info64 __user *) arg);
1357                break;
1358        case LOOP_GET_STATUS64:
1359                err = loop_get_status64(lo, (struct loop_info64 __user *) arg);
1360                break;
1361        case LOOP_SET_CAPACITY:
1362                err = -EPERM;
1363                if ((mode & FMODE_WRITE) || capable(CAP_SYS_ADMIN))
1364                        err = loop_set_capacity(lo, bdev);
1365                break;
1366        case LOOP_SET_DIRECT_IO:
1367                err = -EPERM;
1368                if ((mode & FMODE_WRITE) || capable(CAP_SYS_ADMIN))
1369                        err = loop_set_dio(lo, arg);
1370                break;
1371        default:
1372                err = lo->ioctl ? lo->ioctl(lo, cmd, arg) : -EINVAL;
1373        }
1374        mutex_unlock(&lo->lo_ctl_mutex);
1375
1376out_unlocked:
1377        return err;
1378}
1379
1380#ifdef CONFIG_COMPAT
1381struct compat_loop_info {
1382        compat_int_t    lo_number;      /* ioctl r/o */
1383        compat_dev_t    lo_device;      /* ioctl r/o */
1384        compat_ulong_t  lo_inode;       /* ioctl r/o */
1385        compat_dev_t    lo_rdevice;     /* ioctl r/o */
1386        compat_int_t    lo_offset;
1387        compat_int_t    lo_encrypt_type;
1388        compat_int_t    lo_encrypt_key_size;    /* ioctl w/o */
1389        compat_int_t    lo_flags;       /* ioctl r/o */
1390        char            lo_name[LO_NAME_SIZE];
1391        unsigned char   lo_encrypt_key[LO_KEY_SIZE]; /* ioctl w/o */
1392        compat_ulong_t  lo_init[2];
1393        char            reserved[4];
1394};
1395
1396/*
1397 * Transfer 32-bit compatibility structure in userspace to 64-bit loop info
1398 * - noinlined to reduce stack space usage in main part of driver
1399 */
1400static noinline int
1401loop_info64_from_compat(const struct compat_loop_info __user *arg,
1402                        struct loop_info64 *info64)
1403{
1404        struct compat_loop_info info;
1405
1406        if (copy_from_user(&info, arg, sizeof(info)))
1407                return -EFAULT;
1408
1409        memset(info64, 0, sizeof(*info64));
1410        info64->lo_number = info.lo_number;
1411        info64->lo_device = info.lo_device;
1412        info64->lo_inode = info.lo_inode;
1413        info64->lo_rdevice = info.lo_rdevice;
1414        info64->lo_offset = info.lo_offset;
1415        info64->lo_sizelimit = 0;
1416        info64->lo_encrypt_type = info.lo_encrypt_type;
1417        info64->lo_encrypt_key_size = info.lo_encrypt_key_size;
1418        info64->lo_flags = info.lo_flags;
1419        info64->lo_init[0] = info.lo_init[0];
1420        info64->lo_init[1] = info.lo_init[1];
1421        if (info.lo_encrypt_type == LO_CRYPT_CRYPTOAPI)
1422                memcpy(info64->lo_crypt_name, info.lo_name, LO_NAME_SIZE);
1423        else
1424                memcpy(info64->lo_file_name, info.lo_name, LO_NAME_SIZE);
1425        memcpy(info64->lo_encrypt_key, info.lo_encrypt_key, LO_KEY_SIZE);
1426        return 0;
1427}
1428
1429/*
1430 * Transfer 64-bit loop info to 32-bit compatibility structure in userspace
1431 * - noinlined to reduce stack space usage in main part of driver
1432 */
1433static noinline int
1434loop_info64_to_compat(const struct loop_info64 *info64,
1435                      struct compat_loop_info __user *arg)
1436{
1437        struct compat_loop_info info;
1438
1439        memset(&info, 0, sizeof(info));
1440        info.lo_number = info64->lo_number;
1441        info.lo_device = info64->lo_device;
1442        info.lo_inode = info64->lo_inode;
1443        info.lo_rdevice = info64->lo_rdevice;
1444        info.lo_offset = info64->lo_offset;
1445        info.lo_encrypt_type = info64->lo_encrypt_type;
1446        info.lo_encrypt_key_size = info64->lo_encrypt_key_size;
1447        info.lo_flags = info64->lo_flags;
1448        info.lo_init[0] = info64->lo_init[0];
1449        info.lo_init[1] = info64->lo_init[1];
1450        if (info.lo_encrypt_type == LO_CRYPT_CRYPTOAPI)
1451                memcpy(info.lo_name, info64->lo_crypt_name, LO_NAME_SIZE);
1452        else
1453                memcpy(info.lo_name, info64->lo_file_name, LO_NAME_SIZE);
1454        memcpy(info.lo_encrypt_key, info64->lo_encrypt_key, LO_KEY_SIZE);
1455
1456        /* error in case values were truncated */
1457        if (info.lo_device != info64->lo_device ||
1458            info.lo_rdevice != info64->lo_rdevice ||
1459            info.lo_inode != info64->lo_inode ||
1460            info.lo_offset != info64->lo_offset ||
1461            info.lo_init[0] != info64->lo_init[0] ||
1462            info.lo_init[1] != info64->lo_init[1])
1463                return -EOVERFLOW;
1464
1465        if (copy_to_user(arg, &info, sizeof(info)))
1466                return -EFAULT;
1467        return 0;
1468}
1469
1470static int
1471loop_set_status_compat(struct loop_device *lo,
1472                       const struct compat_loop_info __user *arg)
1473{
1474        struct loop_info64 info64;
1475        int ret;
1476
1477        ret = loop_info64_from_compat(arg, &info64);
1478        if (ret < 0)
1479                return ret;
1480        return loop_set_status(lo, &info64);
1481}
1482
1483static int
1484loop_get_status_compat(struct loop_device *lo,
1485                       struct compat_loop_info __user *arg)
1486{
1487        struct loop_info64 info64;
1488        int err = 0;
1489
1490        if (!arg)
1491                err = -EINVAL;
1492        if (!err)
1493                err = loop_get_status(lo, &info64);
1494        if (!err)
1495                err = loop_info64_to_compat(&info64, arg);
1496        return err;
1497}
1498
1499static int lo_compat_ioctl(struct block_device *bdev, fmode_t mode,
1500                           unsigned int cmd, unsigned long arg)
1501{
1502        struct loop_device *lo = bdev->bd_disk->private_data;
1503        int err;
1504
1505        switch(cmd) {
1506        case LOOP_SET_STATUS:
1507                mutex_lock(&lo->lo_ctl_mutex);
1508                err = loop_set_status_compat(
1509                        lo, (const struct compat_loop_info __user *) arg);
1510                mutex_unlock(&lo->lo_ctl_mutex);
1511                break;
1512        case LOOP_GET_STATUS:
1513                mutex_lock(&lo->lo_ctl_mutex);
1514                err = loop_get_status_compat(
1515                        lo, (struct compat_loop_info __user *) arg);
1516                mutex_unlock(&lo->lo_ctl_mutex);
1517                break;
1518        case LOOP_SET_CAPACITY:
1519        case LOOP_CLR_FD:
1520        case LOOP_GET_STATUS64:
1521        case LOOP_SET_STATUS64:
1522                arg = (unsigned long) compat_ptr(arg);
1523        case LOOP_SET_FD:
1524        case LOOP_CHANGE_FD:
1525                err = lo_ioctl(bdev, mode, cmd, arg);
1526                break;
1527        default:
1528                err = -ENOIOCTLCMD;
1529                break;
1530        }
1531        return err;
1532}
1533#endif
1534
1535static int lo_open(struct block_device *bdev, fmode_t mode)
1536{
1537        struct loop_device *lo;
1538        int err = 0;
1539
1540        mutex_lock(&loop_index_mutex);
1541        lo = bdev->bd_disk->private_data;
1542        if (!lo) {
1543                err = -ENXIO;
1544                goto out;
1545        }
1546
1547        atomic_inc(&lo->lo_refcnt);
1548out:
1549        mutex_unlock(&loop_index_mutex);
1550        return err;
1551}
1552
1553static void lo_release(struct gendisk *disk, fmode_t mode)
1554{
1555        struct loop_device *lo = disk->private_data;
1556        int err;
1557
1558        if (atomic_dec_return(&lo->lo_refcnt))
1559                return;
1560
1561        mutex_lock(&lo->lo_ctl_mutex);
1562        if (lo->lo_flags & LO_FLAGS_AUTOCLEAR) {
1563                /*
1564                 * In autoclear mode, stop the loop thread
1565                 * and remove configuration after last close.
1566                 */
1567                err = loop_clr_fd(lo);
1568                if (!err)
1569                        return;
1570        } else {
1571                /*
1572                 * Otherwise keep thread (if running) and config,
1573                 * but flush possible ongoing bios in thread.
1574                 */
1575                loop_flush(lo);
1576        }
1577
1578        mutex_unlock(&lo->lo_ctl_mutex);
1579}
1580
1581static const struct block_device_operations lo_fops = {
1582        .owner =        THIS_MODULE,
1583        .open =         lo_open,
1584        .release =      lo_release,
1585        .ioctl =        lo_ioctl,
1586#ifdef CONFIG_COMPAT
1587        .compat_ioctl = lo_compat_ioctl,
1588#endif
1589};
1590
1591/*
1592 * And now the modules code and kernel interface.
1593 */
1594static int max_loop;
1595module_param(max_loop, int, S_IRUGO);
1596MODULE_PARM_DESC(max_loop, "Maximum number of loop devices");
1597module_param(max_part, int, S_IRUGO);
1598MODULE_PARM_DESC(max_part, "Maximum number of partitions per loop device");
1599MODULE_LICENSE("GPL");
1600MODULE_ALIAS_BLOCKDEV_MAJOR(LOOP_MAJOR);
1601
1602int loop_register_transfer(struct loop_func_table *funcs)
1603{
1604        unsigned int n = funcs->number;
1605
1606        if (n >= MAX_LO_CRYPT || xfer_funcs[n])
1607                return -EINVAL;
1608        xfer_funcs[n] = funcs;
1609        return 0;
1610}
1611
1612static int unregister_transfer_cb(int id, void *ptr, void *data)
1613{
1614        struct loop_device *lo = ptr;
1615        struct loop_func_table *xfer = data;
1616
1617        mutex_lock(&lo->lo_ctl_mutex);
1618        if (lo->lo_encryption == xfer)
1619                loop_release_xfer(lo);
1620        mutex_unlock(&lo->lo_ctl_mutex);
1621        return 0;
1622}
1623
1624int loop_unregister_transfer(int number)
1625{
1626        unsigned int n = number;
1627        struct loop_func_table *xfer;
1628
1629        if (n == 0 || n >= MAX_LO_CRYPT || (xfer = xfer_funcs[n]) == NULL)
1630                return -EINVAL;
1631
1632        xfer_funcs[n] = NULL;
1633        idr_for_each(&loop_index_idr, &unregister_transfer_cb, xfer);
1634        return 0;
1635}
1636
1637EXPORT_SYMBOL(loop_register_transfer);
1638EXPORT_SYMBOL(loop_unregister_transfer);
1639
1640static int loop_queue_rq(struct blk_mq_hw_ctx *hctx,
1641                const struct blk_mq_queue_data *bd)
1642{
1643        struct loop_cmd *cmd = blk_mq_rq_to_pdu(bd->rq);
1644        struct loop_device *lo = cmd->rq->q->queuedata;
1645
1646        blk_mq_start_request(bd->rq);
1647
1648        if (lo->lo_state != Lo_bound)
1649                return BLK_MQ_RQ_QUEUE_ERROR;
1650
1651        switch (req_op(cmd->rq)) {
1652        case REQ_OP_FLUSH:
1653        case REQ_OP_DISCARD:
1654                cmd->use_aio = false;
1655                break;
1656        default:
1657                cmd->use_aio = lo->use_dio;
1658                break;
1659        }
1660
1661        kthread_queue_work(&lo->worker, &cmd->work);
1662
1663        return BLK_MQ_RQ_QUEUE_OK;
1664}
1665
1666static void loop_handle_cmd(struct loop_cmd *cmd)
1667{
1668        const bool write = op_is_write(req_op(cmd->rq));
1669        struct loop_device *lo = cmd->rq->q->queuedata;
1670        int ret = 0;
1671
1672        if (write && (lo->lo_flags & LO_FLAGS_READ_ONLY)) {
1673                ret = -EIO;
1674                goto failed;
1675        }
1676
1677        ret = do_req_filebacked(lo, cmd->rq);
1678 failed:
1679        /* complete non-aio request */
1680        if (!cmd->use_aio || ret)
1681                blk_mq_complete_request(cmd->rq, ret ? -EIO : 0);
1682}
1683
1684static void loop_queue_work(struct kthread_work *work)
1685{
1686        struct loop_cmd *cmd =
1687                container_of(work, struct loop_cmd, work);
1688
1689        loop_handle_cmd(cmd);
1690}
1691
1692static int loop_init_request(void *data, struct request *rq,
1693                unsigned int hctx_idx, unsigned int request_idx,
1694                unsigned int numa_node)
1695{
1696        struct loop_cmd *cmd = blk_mq_rq_to_pdu(rq);
1697
1698        cmd->rq = rq;
1699        kthread_init_work(&cmd->work, loop_queue_work);
1700
1701        return 0;
1702}
1703
1704static struct blk_mq_ops loop_mq_ops = {
1705        .queue_rq       = loop_queue_rq,
1706        .init_request   = loop_init_request,
1707};
1708
1709static int loop_add(struct loop_device **l, int i)
1710{
1711        struct loop_device *lo;
1712        struct gendisk *disk;
1713        int err;
1714
1715        err = -ENOMEM;
1716        lo = kzalloc(sizeof(*lo), GFP_KERNEL);
1717        if (!lo)
1718                goto out;
1719
1720        lo->lo_state = Lo_unbound;
1721
1722        /* allocate id, if @id >= 0, we're requesting that specific id */
1723        if (i >= 0) {
1724                err = idr_alloc(&loop_index_idr, lo, i, i + 1, GFP_KERNEL);
1725                if (err == -ENOSPC)
1726                        err = -EEXIST;
1727        } else {
1728                err = idr_alloc(&loop_index_idr, lo, 0, 0, GFP_KERNEL);
1729        }
1730        if (err < 0)
1731                goto out_free_dev;
1732        i = err;
1733
1734        err = -ENOMEM;
1735        lo->tag_set.ops = &loop_mq_ops;
1736        lo->tag_set.nr_hw_queues = 1;
1737        lo->tag_set.queue_depth = 128;
1738        lo->tag_set.numa_node = NUMA_NO_NODE;
1739        lo->tag_set.cmd_size = sizeof(struct loop_cmd);
1740        lo->tag_set.flags = BLK_MQ_F_SHOULD_MERGE | BLK_MQ_F_SG_MERGE;
1741        lo->tag_set.driver_data = lo;
1742
1743        err = blk_mq_alloc_tag_set(&lo->tag_set);
1744        if (err)
1745                goto out_free_idr;
1746
1747        lo->lo_queue = blk_mq_init_queue(&lo->tag_set);
1748        if (IS_ERR_OR_NULL(lo->lo_queue)) {
1749                err = PTR_ERR(lo->lo_queue);
1750                goto out_cleanup_tags;
1751        }
1752        lo->lo_queue->queuedata = lo;
1753
1754        /*
1755         * It doesn't make sense to enable merge because the I/O
1756         * submitted to backing file is handled page by page.
1757         */
1758        queue_flag_set_unlocked(QUEUE_FLAG_NOMERGES, lo->lo_queue);
1759
1760        err = -ENOMEM;
1761        disk = lo->lo_disk = alloc_disk(1 << part_shift);
1762        if (!disk)
1763                goto out_free_queue;
1764
1765        /*
1766         * Disable partition scanning by default. The in-kernel partition
1767         * scanning can be requested individually per-device during its
1768         * setup. Userspace can always add and remove partitions from all
1769         * devices. The needed partition minors are allocated from the
1770         * extended minor space, the main loop device numbers will continue
1771         * to match the loop minors, regardless of the number of partitions
1772         * used.
1773         *
1774         * If max_part is given, partition scanning is globally enabled for
1775         * all loop devices. The minors for the main loop devices will be
1776         * multiples of max_part.
1777         *
1778         * Note: Global-for-all-devices, set-only-at-init, read-only module
1779         * parameteters like 'max_loop' and 'max_part' make things needlessly
1780         * complicated, are too static, inflexible and may surprise
1781         * userspace tools. Parameters like this in general should be avoided.
1782         */
1783        if (!part_shift)
1784                disk->flags |= GENHD_FL_NO_PART_SCAN;
1785        disk->flags |= GENHD_FL_EXT_DEVT;
1786        mutex_init(&lo->lo_ctl_mutex);
1787        atomic_set(&lo->lo_refcnt, 0);
1788        lo->lo_number           = i;
1789        spin_lock_init(&lo->lo_lock);
1790        disk->major             = LOOP_MAJOR;
1791        disk->first_minor       = i << part_shift;
1792        disk->fops              = &lo_fops;
1793        disk->private_data      = lo;
1794        disk->queue             = lo->lo_queue;
1795        sprintf(disk->disk_name, "loop%d", i);
1796        add_disk(disk);
1797        *l = lo;
1798        return lo->lo_number;
1799
1800out_free_queue:
1801        blk_cleanup_queue(lo->lo_queue);
1802out_cleanup_tags:
1803        blk_mq_free_tag_set(&lo->tag_set);
1804out_free_idr:
1805        idr_remove(&loop_index_idr, i);
1806out_free_dev:
1807        kfree(lo);
1808out:
1809        return err;
1810}
1811
1812static void loop_remove(struct loop_device *lo)
1813{
1814        blk_cleanup_queue(lo->lo_queue);
1815        del_gendisk(lo->lo_disk);
1816        blk_mq_free_tag_set(&lo->tag_set);
1817        put_disk(lo->lo_disk);
1818        kfree(lo);
1819}
1820
1821static int find_free_cb(int id, void *ptr, void *data)
1822{
1823        struct loop_device *lo = ptr;
1824        struct loop_device **l = data;
1825
1826        if (lo->lo_state == Lo_unbound) {
1827                *l = lo;
1828                return 1;
1829        }
1830        return 0;
1831}
1832
1833static int loop_lookup(struct loop_device **l, int i)
1834{
1835        struct loop_device *lo;
1836        int ret = -ENODEV;
1837
1838        if (i < 0) {
1839                int err;
1840
1841                err = idr_for_each(&loop_index_idr, &find_free_cb, &lo);
1842                if (err == 1) {
1843                        *l = lo;
1844                        ret = lo->lo_number;
1845                }
1846                goto out;
1847        }
1848
1849        /* lookup and return a specific i */
1850        lo = idr_find(&loop_index_idr, i);
1851        if (lo) {
1852                *l = lo;
1853                ret = lo->lo_number;
1854        }
1855out:
1856        return ret;
1857}
1858
1859static struct kobject *loop_probe(dev_t dev, int *part, void *data)
1860{
1861        struct loop_device *lo;
1862        struct kobject *kobj;
1863        int err;
1864
1865        mutex_lock(&loop_index_mutex);
1866        err = loop_lookup(&lo, MINOR(dev) >> part_shift);
1867        if (err < 0)
1868                err = loop_add(&lo, MINOR(dev) >> part_shift);
1869        if (err < 0)
1870                kobj = NULL;
1871        else
1872                kobj = get_disk(lo->lo_disk);
1873        mutex_unlock(&loop_index_mutex);
1874
1875        *part = 0;
1876        return kobj;
1877}
1878
1879static long loop_control_ioctl(struct file *file, unsigned int cmd,
1880                               unsigned long parm)
1881{
1882        struct loop_device *lo;
1883        int ret = -ENOSYS;
1884
1885        mutex_lock(&loop_index_mutex);
1886        switch (cmd) {
1887        case LOOP_CTL_ADD:
1888                ret = loop_lookup(&lo, parm);
1889                if (ret >= 0) {
1890                        ret = -EEXIST;
1891                        break;
1892                }
1893                ret = loop_add(&lo, parm);
1894                break;
1895        case LOOP_CTL_REMOVE:
1896                ret = loop_lookup(&lo, parm);
1897                if (ret < 0)
1898                        break;
1899                mutex_lock(&lo->lo_ctl_mutex);
1900                if (lo->lo_state != Lo_unbound) {
1901                        ret = -EBUSY;
1902                        mutex_unlock(&lo->lo_ctl_mutex);
1903                        break;
1904                }
1905                if (atomic_read(&lo->lo_refcnt) > 0) {
1906                        ret = -EBUSY;
1907                        mutex_unlock(&lo->lo_ctl_mutex);
1908                        break;
1909                }
1910                lo->lo_disk->private_data = NULL;
1911                mutex_unlock(&lo->lo_ctl_mutex);
1912                idr_remove(&loop_index_idr, lo->lo_number);
1913                loop_remove(lo);
1914                break;
1915        case LOOP_CTL_GET_FREE:
1916                ret = loop_lookup(&lo, -1);
1917                if (ret >= 0)
1918                        break;
1919                ret = loop_add(&lo, -1);
1920        }
1921        mutex_unlock(&loop_index_mutex);
1922
1923        return ret;
1924}
1925
1926static const struct file_operations loop_ctl_fops = {
1927        .open           = nonseekable_open,
1928        .unlocked_ioctl = loop_control_ioctl,
1929        .compat_ioctl   = loop_control_ioctl,
1930        .owner          = THIS_MODULE,
1931        .llseek         = noop_llseek,
1932};
1933
1934static struct miscdevice loop_misc = {
1935        .minor          = LOOP_CTRL_MINOR,
1936        .name           = "loop-control",
1937        .fops           = &loop_ctl_fops,
1938};
1939
1940MODULE_ALIAS_MISCDEV(LOOP_CTRL_MINOR);
1941MODULE_ALIAS("devname:loop-control");
1942
1943static int __init loop_init(void)
1944{
1945        int i, nr;
1946        unsigned long range;
1947        struct loop_device *lo;
1948        int err;
1949
1950        err = misc_register(&loop_misc);
1951        if (err < 0)
1952                return err;
1953
1954        part_shift = 0;
1955        if (max_part > 0) {
1956                part_shift = fls(max_part);
1957
1958                /*
1959                 * Adjust max_part according to part_shift as it is exported
1960                 * to user space so that user can decide correct minor number
1961                 * if [s]he want to create more devices.
1962                 *
1963                 * Note that -1 is required because partition 0 is reserved
1964                 * for the whole disk.
1965                 */
1966                max_part = (1UL << part_shift) - 1;
1967        }
1968
1969        if ((1UL << part_shift) > DISK_MAX_PARTS) {
1970                err = -EINVAL;
1971                goto misc_out;
1972        }
1973
1974        if (max_loop > 1UL << (MINORBITS - part_shift)) {
1975                err = -EINVAL;
1976                goto misc_out;
1977        }
1978
1979        /*
1980         * If max_loop is specified, create that many devices upfront.
1981         * This also becomes a hard limit. If max_loop is not specified,
1982         * create CONFIG_BLK_DEV_LOOP_MIN_COUNT loop devices at module
1983         * init time. Loop devices can be requested on-demand with the
1984         * /dev/loop-control interface, or be instantiated by accessing
1985         * a 'dead' device node.
1986         */
1987        if (max_loop) {
1988                nr = max_loop;
1989                range = max_loop << part_shift;
1990        } else {
1991                nr = CONFIG_BLK_DEV_LOOP_MIN_COUNT;
1992                range = 1UL << MINORBITS;
1993        }
1994
1995        if (register_blkdev(LOOP_MAJOR, "loop")) {
1996                err = -EIO;
1997                goto misc_out;
1998        }
1999
2000        blk_register_region(MKDEV(LOOP_MAJOR, 0), range,
2001                                  THIS_MODULE, loop_probe, NULL, NULL);
2002
2003        /* pre-create number of devices given by config or max_loop */
2004        mutex_lock(&loop_index_mutex);
2005        for (i = 0; i < nr; i++)
2006                loop_add(&lo, i);
2007        mutex_unlock(&loop_index_mutex);
2008
2009        printk(KERN_INFO "loop: module loaded\n");
2010        return 0;
2011
2012misc_out:
2013        misc_deregister(&loop_misc);
2014        return err;
2015}
2016
2017static int loop_exit_cb(int id, void *ptr, void *data)
2018{
2019        struct loop_device *lo = ptr;
2020
2021        loop_remove(lo);
2022        return 0;
2023}
2024
2025static void __exit loop_exit(void)
2026{
2027        unsigned long range;
2028
2029        range = max_loop ? max_loop << part_shift : 1UL << MINORBITS;
2030
2031        idr_for_each(&loop_index_idr, &loop_exit_cb, NULL);
2032        idr_destroy(&loop_index_idr);
2033
2034        blk_unregister_region(MKDEV(LOOP_MAJOR, 0), range);
2035        unregister_blkdev(LOOP_MAJOR, "loop");
2036
2037        misc_deregister(&loop_misc);
2038}
2039
2040module_init(loop_init);
2041module_exit(loop_exit);
2042
2043#ifndef MODULE
2044static int __init max_loop_setup(char *str)
2045{
2046        max_loop = simple_strtol(str, NULL, 0);
2047        return 1;
2048}
2049
2050__setup("max_loop=", max_loop_setup);
2051#endif
2052
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.