nhmk/examples/chardev2.c
linD026 1a6fb67cf2
Fix potential concurrent access problems with VFS (#108)
Since Linux v3.14, the read, write and seek operations of "struct file" are
guaranteed for thread safety [1][2]. This patch added an explanation.

Here are the potential problems:
chardev.c:
- Move the "msg_ptr" pointer into the read function to remove unnecessary usage.
- List the clear states of "already_open" by using mnemonic enumeration.

chardev2.c:
- The "buffer" in the write function is user space data. It cannot use in the
  kernel space.
- Reduce the redundant type transformation.
- List the states of "already_open". Same as chardev.c.

[1] https://lore.kernel.org/lkml/20140303210359.26624.qmail@science.horizon.com/T/#u
[2] 9c225f2655
2021-09-23 12:20:10 +08:00

226 lines
6.6 KiB
C

/*
* chardev2.c - Create an input/output character device
*/
#include <linux/cdev.h>
#include <linux/delay.h>
#include <linux/device.h>
#include <linux/fs.h>
#include <linux/init.h>
#include <linux/irq.h>
#include <linux/kernel.h> /* We are doing kernel work */
#include <linux/module.h> /* Specifically, a module */
#include <linux/poll.h>
#include "chardev.h"
#define SUCCESS 0
#define DEVICE_NAME "char_dev"
#define BUF_LEN 80
enum {
CDEV_NOT_USED = 0,
CDEV_EXCLUSIVE_OPEN = 1,
};
/* Is the device open right now? Used to prevent concurrent access into
* the same device
*/
static atomic_t already_open = ATOMIC_INIT(CDEV_NOT_USED);
/* The message the device will give when asked */
static char message[BUF_LEN];
static struct class *cls;
/* This is called whenever a process attempts to open the device file */
static int device_open(struct inode *inode, struct file *file)
{
pr_info("device_open(%p)\n", file);
/* We don't want to talk to two processes at the same time. */
if (atomic_cmpxchg(&already_open, CDEV_NOT_USED, CDEV_EXCLUSIVE_OPEN))
return -EBUSY;
try_module_get(THIS_MODULE);
return SUCCESS;
}
static int device_release(struct inode *inode, struct file *file)
{
pr_info("device_release(%p,%p)\n", inode, file);
/* We're now ready for our next caller */
atomic_set(&already_open, CDEV_NOT_USED);
module_put(THIS_MODULE);
return SUCCESS;
}
/* This function is called whenever a process which has already opened the
* device file attempts to read from it.
*/
static ssize_t device_read(struct file *file, /* see include/linux/fs.h */
char __user *buffer, /* buffer to be filled */
size_t length, /* length of the buffer */
loff_t *offset)
{
/* Number of bytes actually written to the buffer */
int bytes_read = 0;
/* How far did the process reading the message get? Useful if the message
* is larger than the size of the buffer we get to fill in device_read.
*/
const char *message_ptr = message;
if (!*(message_ptr + *offset)) { /* we are at the end of message */
*offset = 0; /* reset the offset */
return 0; /* signify end of file */
}
message_ptr += *offset;
/* Actually put the data into the buffer */
while (length && *message_ptr) {
/* Because the buffer is in the user data segment, not the kernel
* data segment, assignment would not work. Instead, we have to
* use put_user which copies data from the kernel data segment to
* the user data segment.
*/
put_user(*(message_ptr++), buffer++);
length--;
bytes_read++;
}
pr_info("Read %d bytes, %ld left\n", bytes_read, length);
*offset += bytes_read;
/* Read functions are supposed to return the number of bytes actually
* inserted into the buffer.
*/
return bytes_read;
}
/* called when somebody tries to write into our device file. */
static ssize_t device_write(struct file *file, const char __user *buffer,
size_t length, loff_t *offset)
{
int i;
pr_info("device_write(%p,%p,%ld)", file, buffer, length);
for (i = 0; i < length && i < BUF_LEN; i++)
get_user(message[i], buffer + i);
/* Again, return the number of input characters used. */
return i;
}
/* This function is called whenever a process tries to do an ioctl on our
* device file. We get two extra parameters (additional to the inode and file
* structures, which all device functions get): the number of the ioctl called
* and the parameter given to the ioctl function.
*
* If the ioctl is write or read/write (meaning output is returned to the
* calling process), the ioctl call returns the output of this function.
*/
static long
device_ioctl(struct file *file, /* ditto */
unsigned int ioctl_num, /* number and param for ioctl */
unsigned long ioctl_param)
{
int i;
/* Switch according to the ioctl called */
switch (ioctl_num) {
case IOCTL_SET_MSG: {
/* Receive a pointer to a message (in user space) and set that to
* be the device's message. Get the parameter given to ioctl by
* the process.
*/
char __user *tmp = (char __user *)ioctl_param;
char ch;
/* Find the length of the message */
get_user(ch, tmp);
for (i = 0; ch && i < BUF_LEN; i++, tmp++)
get_user(ch, tmp);
device_write(file, (char __user *)ioctl_param, i, NULL);
break;
}
case IOCTL_GET_MSG: {
loff_t offset = 0;
/* Give the current message to the calling process - the parameter
* we got is a pointer, fill it.
*/
i = device_read(file, (char __user *)ioctl_param, 99, &offset);
/* Put a zero at the end of the buffer, so it will be properly
* terminated.
*/
put_user('\0', (char __user *)ioctl_param + i);
break;
}
case IOCTL_GET_NTH_BYTE:
/* This ioctl is both input (ioctl_param) and output (the return
* value of this function).
*/
return (long)message[ioctl_param];
break;
}
return SUCCESS;
}
/* Module Declarations */
/* This structure will hold the functions to be called when a process does
* something to the device we created. Since a pointer to this structure
* is kept in the devices table, it can't be local to init_module. NULL is
* for unimplemented functions.
*/
static struct file_operations fops = {
.read = device_read,
.write = device_write,
.unlocked_ioctl = device_ioctl,
.open = device_open,
.release = device_release, /* a.k.a. close */
};
/* Initialize the module - Register the character device */
static int __init chardev2_init(void)
{
/* Register the character device (atleast try) */
int ret_val = register_chrdev(MAJOR_NUM, DEVICE_NAME, &fops);
/* Negative values signify an error */
if (ret_val < 0) {
pr_alert("%s failed with %d\n",
"Sorry, registering the character device ", ret_val);
return ret_val;
}
cls = class_create(THIS_MODULE, DEVICE_FILE_NAME);
device_create(cls, NULL, MKDEV(MAJOR_NUM, 0), NULL, DEVICE_FILE_NAME);
pr_info("Device created on /dev/%s\n", DEVICE_FILE_NAME);
return 0;
}
/* Cleanup - unregister the appropriate file from /proc */
static void __exit chardev2_exit(void)
{
device_destroy(cls, MKDEV(MAJOR_NUM, 0));
class_destroy(cls);
/* Unregister the device */
unregister_chrdev(MAJOR_NUM, DEVICE_NAME);
}
module_init(chardev2_init);
module_exit(chardev2_exit);
MODULE_LICENSE("GPL");