cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

cow_user.c (12341B)

      1// SPDX-License-Identifier: GPL-2.0
      2/*
      3 * Copyright (C) 2007 Jeff Dike (jdike@{linux.intel,addtoit}.com)
      4 */
      5
      6/*
      7 * _XOPEN_SOURCE is needed for pread, but we define _GNU_SOURCE, which defines
      8 * that.
      9 */
     10#include <unistd.h>
     11#include <errno.h>
     12#include <string.h>
     13#include <arpa/inet.h>
     14#include <endian.h>
     15#include "cow.h"
     16#include "cow_sys.h"
     17
     18#define PATH_LEN_V1 256
     19
     20/* unsigned time_t works until year 2106 */
     21typedef __u32 time32_t;
     22
     23struct cow_header_v1 {
     24	__s32 magic;
     25	__s32 version;
     26	char backing_file[PATH_LEN_V1];
     27	time32_t mtime;
     28	__u64 size;
     29	__s32 sectorsize;
     30} __attribute__((packed));
     31
     32/*
     33 * Define PATH_LEN_V3 as the usual value of MAXPATHLEN, just hard-code it in
     34 * case other systems have different values for MAXPATHLEN.
     35 *
     36 * The same must hold for V2 - we want file format compatibility, not anything
     37 * else.
     38 */
     39#define PATH_LEN_V3 4096
     40#define PATH_LEN_V2 PATH_LEN_V3
     41
     42struct cow_header_v2 {
     43	__u32 magic;
     44	__u32 version;
     45	char backing_file[PATH_LEN_V2];
     46	time32_t mtime;
     47	__u64 size;
     48	__s32 sectorsize;
     49} __attribute__((packed));
     50
     51/*
     52 * Changes from V2 -
     53 *	PATH_LEN_V3 as described above
     54 *	Explicitly specify field bit lengths for systems with different
     55 *		lengths for the usual C types.  Not sure whether char or
     56 *		time_t should be changed, this can be changed later without
     57 *		breaking compatibility
     58 *	Add alignment field so that different alignments can be used for the
     59 *		bitmap and data
     60 * 	Add cow_format field to allow for the possibility of different ways
     61 *		of specifying the COW blocks.  For now, the only value is 0,
     62 * 		for the traditional COW bitmap.
     63 *	Move the backing_file field to the end of the header.  This allows
     64 *		for the possibility of expanding it into the padding required
     65 *		by the bitmap alignment.
     66 * 	The bitmap and data portions of the file will be aligned as specified
     67 * 		by the alignment field.  This is to allow COW files to be
     68 *		put on devices with restrictions on access alignments, such as
     69 *		/dev/raw, with a 512 byte alignment restriction.  This also
     70 *		allows the data to be more aligned more strictly than on
     71 *		sector boundaries.  This is needed for ubd-mmap, which needs
     72 *		the data to be page aligned.
     73 *	Fixed (finally!) the rounding bug
     74 */
     75
     76/*
     77 * Until Dec2005, __attribute__((packed)) was left out from the below
     78 * definition, leading on 64-bit systems to 4 bytes of padding after mtime, to
     79 * align size to 8-byte alignment.  This shifted all fields above (no padding
     80 * was present on 32-bit, no other padding was added).
     81 *
     82 * However, this _can be detected_: it means that cow_format (always 0 until
     83 * now) is shifted onto the first 4 bytes of backing_file, where it is otherwise
     84 * impossible to find 4 zeros. -bb */
     85
     86struct cow_header_v3 {
     87	__u32 magic;
     88	__u32 version;
     89	__u32 mtime;
     90	__u64 size;
     91	__u32 sectorsize;
     92	__u32 alignment;
     93	__u32 cow_format;
     94	char backing_file[PATH_LEN_V3];
     95} __attribute__((packed));
     96
     97/* This is the broken layout used by some 64-bit binaries. */
     98struct cow_header_v3_broken {
     99	__u32 magic;
    100	__u32 version;
    101	__s64 mtime;
    102	__u64 size;
    103	__u32 sectorsize;
    104	__u32 alignment;
    105	__u32 cow_format;
    106	char backing_file[PATH_LEN_V3];
    107};
    108
    109/* COW format definitions - for now, we have only the usual COW bitmap */
    110#define COW_BITMAP 0
    111
    112union cow_header {
    113	struct cow_header_v1 v1;
    114	struct cow_header_v2 v2;
    115	struct cow_header_v3 v3;
    116	struct cow_header_v3_broken v3_b;
    117};
    118
    119#define COW_MAGIC 0x4f4f4f4d  /* MOOO */
    120#define COW_VERSION 3
    121
    122#define DIV_ROUND(x, len) (((x) + (len) - 1) / (len))
    123#define ROUND_UP(x, align) DIV_ROUND(x, align) * (align)
    124
    125void cow_sizes(int version, __u64 size, int sectorsize, int align,
    126	       int bitmap_offset, unsigned long *bitmap_len_out,
    127	       int *data_offset_out)
    128{
    129	if (version < 3) {
    130		*bitmap_len_out = (size + sectorsize - 1) / (8 * sectorsize);
    131
    132		*data_offset_out = bitmap_offset + *bitmap_len_out;
    133		*data_offset_out = (*data_offset_out + sectorsize - 1) /
    134			sectorsize;
    135		*data_offset_out *= sectorsize;
    136	}
    137	else {
    138		*bitmap_len_out = DIV_ROUND(size, sectorsize);
    139		*bitmap_len_out = DIV_ROUND(*bitmap_len_out, 8);
    140
    141		*data_offset_out = bitmap_offset + *bitmap_len_out;
    142		*data_offset_out = ROUND_UP(*data_offset_out, align);
    143	}
    144}
    145
    146static int absolutize(char *to, int size, char *from)
    147{
    148	char save_cwd[256], *slash;
    149	int remaining;
    150
    151	if (getcwd(save_cwd, sizeof(save_cwd)) == NULL) {
    152		cow_printf("absolutize : unable to get cwd - errno = %d\n",
    153			   errno);
    154		return -1;
    155	}
    156	slash = strrchr(from, '/');
    157	if (slash != NULL) {
    158		*slash = '\0';
    159		if (chdir(from)) {
    160			*slash = '/';
    161			cow_printf("absolutize : Can't cd to '%s' - "
    162				   "errno = %d\n", from, errno);
    163			return -1;
    164		}
    165		*slash = '/';
    166		if (getcwd(to, size) == NULL) {
    167			cow_printf("absolutize : unable to get cwd of '%s' - "
    168			       "errno = %d\n", from, errno);
    169			return -1;
    170		}
    171		remaining = size - strlen(to);
    172		if (strlen(slash) + 1 > remaining) {
    173			cow_printf("absolutize : unable to fit '%s' into %d "
    174			       "chars\n", from, size);
    175			return -1;
    176		}
    177		strcat(to, slash);
    178	}
    179	else {
    180		if (strlen(save_cwd) + 1 + strlen(from) + 1 > size) {
    181			cow_printf("absolutize : unable to fit '%s' into %d "
    182			       "chars\n", from, size);
    183			return -1;
    184		}
    185		strcpy(to, save_cwd);
    186		strcat(to, "/");
    187		strcat(to, from);
    188	}
    189	if (chdir(save_cwd)) {
    190		cow_printf("absolutize : Can't cd to '%s' - "
    191			   "errno = %d\n", save_cwd, errno);
    192		return -1;
    193	}
    194	return 0;
    195}
    196
    197int write_cow_header(char *cow_file, int fd, char *backing_file,
    198		     int sectorsize, int alignment, unsigned long long *size)
    199{
    200	struct cow_header_v3 *header;
    201	long long modtime;
    202	int err;
    203
    204	err = cow_seek_file(fd, 0);
    205	if (err < 0) {
    206		cow_printf("write_cow_header - lseek failed, err = %d\n", -err);
    207		goto out;
    208	}
    209
    210	err = -ENOMEM;
    211	header = cow_malloc(sizeof(*header));
    212	if (header == NULL) {
    213		cow_printf("write_cow_header - failed to allocate COW V3 "
    214			   "header\n");
    215		goto out;
    216	}
    217	header->magic = htobe32(COW_MAGIC);
    218	header->version = htobe32(COW_VERSION);
    219
    220	err = -EINVAL;
    221	if (strlen(backing_file) > sizeof(header->backing_file) - 1) {
    222		/* Below, %zd is for a size_t value */
    223		cow_printf("Backing file name \"%s\" is too long - names are "
    224			   "limited to %zd characters\n", backing_file,
    225			   sizeof(header->backing_file) - 1);
    226		goto out_free;
    227	}
    228
    229	if (absolutize(header->backing_file, sizeof(header->backing_file),
    230		      backing_file))
    231		goto out_free;
    232
    233	err = os_file_modtime(header->backing_file, &modtime);
    234	if (err < 0) {
    235		cow_printf("write_cow_header - backing file '%s' mtime "
    236			   "request failed, err = %d\n", header->backing_file,
    237			   -err);
    238		goto out_free;
    239	}
    240
    241	err = cow_file_size(header->backing_file, size);
    242	if (err < 0) {
    243		cow_printf("write_cow_header - couldn't get size of "
    244			   "backing file '%s', err = %d\n",
    245			   header->backing_file, -err);
    246		goto out_free;
    247	}
    248
    249	header->mtime = htobe32(modtime);
    250	header->size = htobe64(*size);
    251	header->sectorsize = htobe32(sectorsize);
    252	header->alignment = htobe32(alignment);
    253	header->cow_format = COW_BITMAP;
    254
    255	err = cow_write_file(fd, header, sizeof(*header));
    256	if (err != sizeof(*header)) {
    257		cow_printf("write_cow_header - write of header to "
    258			   "new COW file '%s' failed, err = %d\n", cow_file,
    259			   -err);
    260		goto out_free;
    261	}
    262	err = 0;
    263 out_free:
    264	cow_free(header);
    265 out:
    266	return err;
    267}
    268
    269int file_reader(__u64 offset, char *buf, int len, void *arg)
    270{
    271	int fd = *((int *) arg);
    272
    273	return pread(fd, buf, len, offset);
    274}
    275
    276/* XXX Need to sanity-check the values read from the header */
    277
    278int read_cow_header(int (*reader)(__u64, char *, int, void *), void *arg,
    279		    __u32 *version_out, char **backing_file_out,
    280		    long long *mtime_out, unsigned long long *size_out,
    281		    int *sectorsize_out, __u32 *align_out,
    282		    int *bitmap_offset_out)
    283{
    284	union cow_header *header;
    285	char *file;
    286	int err, n;
    287	unsigned long version, magic;
    288
    289	header = cow_malloc(sizeof(*header));
    290	if (header == NULL) {
    291	        cow_printf("read_cow_header - Failed to allocate header\n");
    292		return -ENOMEM;
    293	}
    294	err = -EINVAL;
    295	n = (*reader)(0, (char *) header, sizeof(*header), arg);
    296	if (n < offsetof(typeof(header->v1), backing_file)) {
    297		cow_printf("read_cow_header - short header\n");
    298		goto out;
    299	}
    300
    301	magic = header->v1.magic;
    302	if (magic == COW_MAGIC)
    303		version = header->v1.version;
    304	else if (magic == be32toh(COW_MAGIC))
    305		version = be32toh(header->v1.version);
    306	/* No error printed because the non-COW case comes through here */
    307	else goto out;
    308
    309	*version_out = version;
    310
    311	if (version == 1) {
    312		if (n < sizeof(header->v1)) {
    313			cow_printf("read_cow_header - failed to read V1 "
    314				   "header\n");
    315			goto out;
    316		}
    317		*mtime_out = header->v1.mtime;
    318		*size_out = header->v1.size;
    319		*sectorsize_out = header->v1.sectorsize;
    320		*bitmap_offset_out = sizeof(header->v1);
    321		*align_out = *sectorsize_out;
    322		file = header->v1.backing_file;
    323	}
    324	else if (version == 2) {
    325		if (n < sizeof(header->v2)) {
    326			cow_printf("read_cow_header - failed to read V2 "
    327				   "header\n");
    328			goto out;
    329		}
    330		*mtime_out = be32toh(header->v2.mtime);
    331		*size_out = be64toh(header->v2.size);
    332		*sectorsize_out = be32toh(header->v2.sectorsize);
    333		*bitmap_offset_out = sizeof(header->v2);
    334		*align_out = *sectorsize_out;
    335		file = header->v2.backing_file;
    336	}
    337	/* This is very subtle - see above at union cow_header definition */
    338	else if (version == 3 && (*((int*)header->v3.backing_file) != 0)) {
    339		if (n < sizeof(header->v3)) {
    340			cow_printf("read_cow_header - failed to read V3 "
    341				   "header\n");
    342			goto out;
    343		}
    344		*mtime_out = be32toh(header->v3.mtime);
    345		*size_out = be64toh(header->v3.size);
    346		*sectorsize_out = be32toh(header->v3.sectorsize);
    347		*align_out = be32toh(header->v3.alignment);
    348		if (*align_out == 0) {
    349			cow_printf("read_cow_header - invalid COW header, "
    350				   "align == 0\n");
    351		}
    352		*bitmap_offset_out = ROUND_UP(sizeof(header->v3), *align_out);
    353		file = header->v3.backing_file;
    354	}
    355	else if (version == 3) {
    356		cow_printf("read_cow_header - broken V3 file with"
    357			   " 64-bit layout - recovering content.\n");
    358
    359		if (n < sizeof(header->v3_b)) {
    360			cow_printf("read_cow_header - failed to read V3 "
    361				   "header\n");
    362			goto out;
    363		}
    364
    365		/*
    366		 * this was used until Dec2005 - 64bits are needed to represent
    367		 * 2106+. I.e. we can safely do this truncating cast.
    368		 *
    369		 * Additionally, we must use be32toh() instead of be64toh(), since
    370		 * the program used to use the former (tested - I got mtime
    371		 * mismatch "0 vs whatever").
    372		 *
    373		 * Ever heard about bug-to-bug-compatibility ? ;-) */
    374		*mtime_out = (time32_t) be32toh(header->v3_b.mtime);
    375
    376		*size_out = be64toh(header->v3_b.size);
    377		*sectorsize_out = be32toh(header->v3_b.sectorsize);
    378		*align_out = be32toh(header->v3_b.alignment);
    379		if (*align_out == 0) {
    380			cow_printf("read_cow_header - invalid COW header, "
    381				   "align == 0\n");
    382		}
    383		*bitmap_offset_out = ROUND_UP(sizeof(header->v3_b), *align_out);
    384		file = header->v3_b.backing_file;
    385	}
    386	else {
    387		cow_printf("read_cow_header - invalid COW version\n");
    388		goto out;
    389	}
    390	err = -ENOMEM;
    391	*backing_file_out = cow_strdup(file);
    392	if (*backing_file_out == NULL) {
    393		cow_printf("read_cow_header - failed to allocate backing "
    394			   "file\n");
    395		goto out;
    396	}
    397	err = 0;
    398 out:
    399	cow_free(header);
    400	return err;
    401}
    402
    403int init_cow_file(int fd, char *cow_file, char *backing_file, int sectorsize,
    404		  int alignment, int *bitmap_offset_out,
    405		  unsigned long *bitmap_len_out, int *data_offset_out)
    406{
    407	unsigned long long size, offset;
    408	char zero = 0;
    409	int err;
    410
    411	err = write_cow_header(cow_file, fd, backing_file, sectorsize,
    412			       alignment, &size);
    413	if (err)
    414		goto out;
    415
    416	*bitmap_offset_out = ROUND_UP(sizeof(struct cow_header_v3), alignment);
    417	cow_sizes(COW_VERSION, size, sectorsize, alignment, *bitmap_offset_out,
    418		  bitmap_len_out, data_offset_out);
    419
    420	offset = *data_offset_out + size - sizeof(zero);
    421	err = cow_seek_file(fd, offset);
    422	if (err < 0) {
    423		cow_printf("cow bitmap lseek failed : err = %d\n", -err);
    424		goto out;
    425	}
    426
    427	/*
    428	 * does not really matter how much we write it is just to set EOF
    429	 * this also sets the entire COW bitmap
    430	 * to zero without having to allocate it
    431	 */
    432	err = cow_write_file(fd, &zero, sizeof(zero));
    433	if (err != sizeof(zero)) {
    434		cow_printf("Write of bitmap to new COW file '%s' failed, "
    435			   "err = %d\n", cow_file, -err);
    436		if (err >= 0)
    437			err = -EINVAL;
    438		goto out;
    439	}
    440
    441	return 0;
    442 out:
    443	return err;
    444}