arch/um/drivers/cow_user.c

root/arch/um/drivers/cow_user.c
// SPDX-License-Identifier: GPL-2.0
/*
 * Copyright (C) 2007 Jeff Dike (jdike@{linux.intel,addtoit}.com)
 */

/*
 * _XOPEN_SOURCE is needed for pread, but we define _GNU_SOURCE, which defines
 * that.
 */
#include <unistd.h>
#include <errno.h>
#include <string.h>
#include <arpa/inet.h>
#include <endian.h>
#include "cow.h"
#include "cow_sys.h"

#define PATH_LEN_V1 256

/* unsigned time_t works until year 2106 */
typedef __u32 time32_t;

struct cow_header_v1 {
        __s32 magic;
        __s32 version;
        char backing_file[PATH_LEN_V1];
        time32_t mtime;
        __u64 size;
        __s32 sectorsize;
} __attribute__((packed));

/*
 * Define PATH_LEN_V3 as the usual value of MAXPATHLEN, just hard-code it in
 * case other systems have different values for MAXPATHLEN.
 *
 * The same must hold for V2 - we want file format compatibility, not anything
 * else.
 */
#define PATH_LEN_V3 4096
#define PATH_LEN_V2 PATH_LEN_V3

struct cow_header_v2 {
        __u32 magic;
        __u32 version;
        char backing_file[PATH_LEN_V2];
        time32_t mtime;
        __u64 size;
        __s32 sectorsize;
} __attribute__((packed));

/*
 * Changes from V2 -
 *      PATH_LEN_V3 as described above
 *      Explicitly specify field bit lengths for systems with different
 *              lengths for the usual C types.  Not sure whether char or
 *              time_t should be changed, this can be changed later without
 *              breaking compatibility
 *      Add alignment field so that different alignments can be used for the
 *              bitmap and data
 *      Add cow_format field to allow for the possibility of different ways
 *              of specifying the COW blocks.  For now, the only value is 0,
 *              for the traditional COW bitmap.
 *      Move the backing_file field to the end of the header.  This allows
 *              for the possibility of expanding it into the padding required
 *              by the bitmap alignment.
 *      The bitmap and data portions of the file will be aligned as specified
 *              by the alignment field.  This is to allow COW files to be
 *              put on devices with restrictions on access alignments, such as
 *              /dev/raw, with a 512 byte alignment restriction.  This also
 *              allows the data to be more aligned more strictly than on
 *              sector boundaries.  This is needed for ubd-mmap, which needs
 *              the data to be page aligned.
 *      Fixed (finally!) the rounding bug
 */

/*
 * Until Dec2005, __attribute__((packed)) was left out from the below
 * definition, leading on 64-bit systems to 4 bytes of padding after mtime, to
 * align size to 8-byte alignment.  This shifted all fields above (no padding
 * was present on 32-bit, no other padding was added).
 *
 * However, this _can be detected_: it means that cow_format (always 0 until
 * now) is shifted onto the first 4 bytes of backing_file, where it is otherwise
 * impossible to find 4 zeros. -bb */

struct cow_header_v3 {
        __u32 magic;
        __u32 version;
        __u32 mtime;
        __u64 size;
        __u32 sectorsize;
        __u32 alignment;
        __u32 cow_format;
        char backing_file[PATH_LEN_V3];
} __attribute__((packed));

/* This is the broken layout used by some 64-bit binaries. */
struct cow_header_v3_broken {
        __u32 magic;
        __u32 version;
        __s64 mtime;
        __u64 size;
        __u32 sectorsize;
        __u32 alignment;
        __u32 cow_format;
        char backing_file[PATH_LEN_V3];
};

/* COW format definitions - for now, we have only the usual COW bitmap */
#define COW_BITMAP 0

union cow_header {
        struct cow_header_v1 v1;
        struct cow_header_v2 v2;
        struct cow_header_v3 v3;
        struct cow_header_v3_broken v3_b;
};

#define COW_MAGIC 0x4f4f4f4d  /* MOOO */
#define COW_VERSION 3

#define DIV_ROUND(x, len) (((x) + (len) - 1) / (len))
#define ROUND_UP(x, align) DIV_ROUND(x, align) * (align)

void cow_sizes(int version, __u64 size, int sectorsize, int align,
               int bitmap_offset, unsigned long *bitmap_len_out,
               int *data_offset_out)
{
        if (version < 3) {
                *bitmap_len_out = (size + sectorsize - 1) / (8 * sectorsize);

                *data_offset_out = bitmap_offset + *bitmap_len_out;
                *data_offset_out = (*data_offset_out + sectorsize - 1) /
                        sectorsize;
                *data_offset_out *= sectorsize;
        }
        else {
                *bitmap_len_out = DIV_ROUND(size, sectorsize);
                *bitmap_len_out = DIV_ROUND(*bitmap_len_out, 8);

                *data_offset_out = bitmap_offset + *bitmap_len_out;
                *data_offset_out = ROUND_UP(*data_offset_out, align);
        }
}

static int absolutize(char *to, int size, char *from)
{
        char save_cwd[256], *slash;
        int remaining;

        if (getcwd(save_cwd, sizeof(save_cwd)) == NULL) {
                cow_printf("absolutize : unable to get cwd - errno = %d\n",
                           errno);
                return -1;
        }
        slash = strrchr(from, '/');
        if (slash != NULL) {
                *slash = '\0';
                if (chdir(from)) {
                        *slash = '/';
                        cow_printf("absolutize : Can't cd to '%s' - "
                                   "errno = %d\n", from, errno);
                        return -1;
                }
                *slash = '/';
                if (getcwd(to, size) == NULL) {
                        cow_printf("absolutize : unable to get cwd of '%s' - "
                               "errno = %d\n", from, errno);
                        return -1;
                }
                remaining = size - strlen(to);
                if (strlen(slash) + 1 > remaining) {
                        cow_printf("absolutize : unable to fit '%s' into %d "
                               "chars\n", from, size);
                        return -1;
                }
                strcat(to, slash);
        }
        else {
                if (strlen(save_cwd) + 1 + strlen(from) + 1 > size) {
                        cow_printf("absolutize : unable to fit '%s' into %d "
                               "chars\n", from, size);
                        return -1;
                }
                strcpy(to, save_cwd);
                strcat(to, "/");
                strcat(to, from);
        }
        if (chdir(save_cwd)) {
                cow_printf("absolutize : Can't cd to '%s' - "
                           "errno = %d\n", save_cwd, errno);
                return -1;
        }
        return 0;
}

int write_cow_header(char *cow_file, int fd, char *backing_file,
                     int sectorsize, int alignment, unsigned long long *size)
{
        struct cow_header_v3 *header;
        long long modtime;
        int err;

        err = cow_seek_file(fd, 0);
        if (err < 0) {
                cow_printf("write_cow_header - lseek failed, err = %d\n", -err);
                goto out;
        }

        err = -ENOMEM;
        header = cow_malloc(sizeof(*header));
        if (header == NULL) {
                cow_printf("write_cow_header - failed to allocate COW V3 "
                           "header\n");
                goto out;
        }
        header->magic = htobe32(COW_MAGIC);
        header->version = htobe32(COW_VERSION);

        err = -EINVAL;
        if (strlen(backing_file) > sizeof(header->backing_file) - 1) {
                /* Below, %zd is for a size_t value */
                cow_printf("Backing file name \"%s\" is too long - names are "
                           "limited to %zd characters\n", backing_file,
                           sizeof(header->backing_file) - 1);
                goto out_free;
        }

        if (absolutize(header->backing_file, sizeof(header->backing_file),
                      backing_file))
                goto out_free;

        err = os_file_modtime(header->backing_file, &modtime);
        if (err < 0) {
                cow_printf("write_cow_header - backing file '%s' mtime "
                           "request failed, err = %d\n", header->backing_file,
                           -err);
                goto out_free;
        }

        err = cow_file_size(header->backing_file, size);
        if (err < 0) {
                cow_printf("write_cow_header - couldn't get size of "
                           "backing file '%s', err = %d\n",
                           header->backing_file, -err);
                goto out_free;
        }

        header->mtime = htobe32(modtime);
        header->size = htobe64(*size);
        header->sectorsize = htobe32(sectorsize);
        header->alignment = htobe32(alignment);
        header->cow_format = COW_BITMAP;

        err = cow_write_file(fd, header, sizeof(*header));
        if (err != sizeof(*header)) {
                cow_printf("write_cow_header - write of header to "
                           "new COW file '%s' failed, err = %d\n", cow_file,
                           -err);
                goto out_free;
        }
        err = 0;
 out_free:
        cow_free(header);
 out:
        return err;
}

int file_reader(__u64 offset, char *buf, int len, void *arg)
{
        int fd = *((int *) arg);

        return pread(fd, buf, len, offset);
}

/* XXX Need to sanity-check the values read from the header */

int read_cow_header(int (*reader)(__u64, char *, int, void *), void *arg,
                    __u32 *version_out, char **backing_file_out,
                    long long *mtime_out, unsigned long long *size_out,
                    int *sectorsize_out, __u32 *align_out,
                    int *bitmap_offset_out)
{
        union cow_header *header;
        char *file;
        int err, n;
        unsigned long version, magic;

        header = cow_malloc(sizeof(*header));
        if (header == NULL) {
                cow_printf("read_cow_header - Failed to allocate header\n");
                return -ENOMEM;
        }
        err = -EINVAL;
        n = (*reader)(0, (char *) header, sizeof(*header), arg);
        if (n < offsetof(typeof(header->v1), backing_file)) {
                cow_printf("read_cow_header - short header\n");
                goto out;
        }

        magic = header->v1.magic;
        if (magic == COW_MAGIC)
                version = header->v1.version;
        else if (magic == be32toh(COW_MAGIC))
                version = be32toh(header->v1.version);
        /* No error printed because the non-COW case comes through here */
        else goto out;

        *version_out = version;

        if (version == 1) {
                if (n < sizeof(header->v1)) {
                        cow_printf("read_cow_header - failed to read V1 "
                                   "header\n");
                        goto out;
                }
                *mtime_out = header->v1.mtime;
                *size_out = header->v1.size;
                *sectorsize_out = header->v1.sectorsize;
                *bitmap_offset_out = sizeof(header->v1);
                *align_out = *sectorsize_out;
                file = header->v1.backing_file;
        }
        else if (version == 2) {
                if (n < sizeof(header->v2)) {
                        cow_printf("read_cow_header - failed to read V2 "
                                   "header\n");
                        goto out;
                }
                *mtime_out = be32toh(header->v2.mtime);
                *size_out = be64toh(header->v2.size);
                *sectorsize_out = be32toh(header->v2.sectorsize);
                *bitmap_offset_out = sizeof(header->v2);
                *align_out = *sectorsize_out;
                file = header->v2.backing_file;
        }
        /* This is very subtle - see above at union cow_header definition */
        else if (version == 3 && (*((int*)header->v3.backing_file) != 0)) {
                if (n < sizeof(header->v3)) {
                        cow_printf("read_cow_header - failed to read V3 "
                                   "header\n");
                        goto out;
                }
                *mtime_out = be32toh(header->v3.mtime);
                *size_out = be64toh(header->v3.size);
                *sectorsize_out = be32toh(header->v3.sectorsize);
                *align_out = be32toh(header->v3.alignment);
                if (*align_out == 0) {
                        cow_printf("read_cow_header - invalid COW header, "
                                   "align == 0\n");
                }
                *bitmap_offset_out = ROUND_UP(sizeof(header->v3), *align_out);
                file = header->v3.backing_file;
        }
        else if (version == 3) {
                cow_printf("read_cow_header - broken V3 file with"
                           " 64-bit layout - recovering content.\n");

                if (n < sizeof(header->v3_b)) {
                        cow_printf("read_cow_header - failed to read V3 "
                                   "header\n");
                        goto out;
                }

                /*
                 * this was used until Dec2005 - 64bits are needed to represent
                 * 2106+. I.e. we can safely do this truncating cast.
                 *
                 * Additionally, we must use be32toh() instead of be64toh(), since
                 * the program used to use the former (tested - I got mtime
                 * mismatch "0 vs whatever").
                 *
                 * Ever heard about bug-to-bug-compatibility ? ;-) */
                *mtime_out = (time32_t) be32toh(header->v3_b.mtime);

                *size_out = be64toh(header->v3_b.size);
                *sectorsize_out = be32toh(header->v3_b.sectorsize);
                *align_out = be32toh(header->v3_b.alignment);
                if (*align_out == 0) {
                        cow_printf("read_cow_header - invalid COW header, "
                                   "align == 0\n");
                }
                *bitmap_offset_out = ROUND_UP(sizeof(header->v3_b), *align_out);
                file = header->v3_b.backing_file;
        }
        else {
                cow_printf("read_cow_header - invalid COW version\n");
                goto out;
        }
        err = -ENOMEM;
        *backing_file_out = cow_strdup(file);
        if (*backing_file_out == NULL) {
                cow_printf("read_cow_header - failed to allocate backing "
                           "file\n");
                goto out;
        }
        err = 0;
 out:
        cow_free(header);
        return err;
}

int init_cow_file(int fd, char *cow_file, char *backing_file, int sectorsize,
                  int alignment, int *bitmap_offset_out,
                  unsigned long *bitmap_len_out, int *data_offset_out)
{
        unsigned long long size, offset;
        char zero = 0;
        int err;

        err = write_cow_header(cow_file, fd, backing_file, sectorsize,
                               alignment, &size);
        if (err)
                goto out;

        *bitmap_offset_out = ROUND_UP(sizeof(struct cow_header_v3), alignment);
        cow_sizes(COW_VERSION, size, sectorsize, alignment, *bitmap_offset_out,
                  bitmap_len_out, data_offset_out);

        offset = *data_offset_out + size - sizeof(zero);
        err = cow_seek_file(fd, offset);
        if (err < 0) {
                cow_printf("cow bitmap lseek failed : err = %d\n", -err);
                goto out;
        }

        /*
         * does not really matter how much we write it is just to set EOF
         * this also sets the entire COW bitmap
         * to zero without having to allocate it
         */
        err = cow_write_file(fd, &zero, sizeof(zero));
        if (err != sizeof(zero)) {
                cow_printf("Write of bitmap to new COW file '%s' failed, "
                           "err = %d\n", cow_file, -err);
                if (err >= 0)
                        err = -EINVAL;
                goto out;
        }

        return 0;
 out:
        return err;
}
Linux
