1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 4 * All Rights Reserved. 5 */ 6 #include "xfs.h" 7 #include "xfs_fs.h" 8 #include "xfs_shared.h" 9 #include "xfs_format.h" 10 #include "xfs_log_format.h" 11 #include "xfs_trans_resv.h" 12 #include "xfs_mount.h" 13 #include "xfs_inode.h" 14 #include "xfs_rtalloc.h" 15 #include "xfs_iwalk.h" 16 #include "xfs_itable.h" 17 #include "xfs_error.h" 18 #include "xfs_da_format.h" 19 #include "xfs_da_btree.h" 20 #include "xfs_attr.h" 21 #include "xfs_bmap.h" 22 #include "xfs_bmap_util.h" 23 #include "xfs_fsops.h" 24 #include "xfs_discard.h" 25 #include "xfs_quota.h" 26 #include "xfs_export.h" 27 #include "xfs_trace.h" 28 #include "xfs_icache.h" 29 #include "xfs_trans.h" 30 #include "xfs_acl.h" 31 #include "xfs_btree.h" 32 #include <linux/fsmap.h> 33 #include "xfs_fsmap.h" 34 #include "scrub/xfs_scrub.h" 35 #include "xfs_sb.h" 36 #include "xfs_ag.h" 37 #include "xfs_health.h" 38 #include "xfs_reflink.h" 39 #include "xfs_ioctl.h" 40 #include "xfs_xattr.h" 41 #include "xfs_file.h" 42 43 #include <linux/mount.h> 44 #include <linux/namei.h> 45 #include <linux/fileattr.h> 46 47 /* 48 * xfs_find_handle maps from userspace xfs_fsop_handlereq structure to 49 * a file or fs handle. 50 * 51 * XFS_IOC_PATH_TO_FSHANDLE 52 * returns fs handle for a mount point or path within that mount point 53 * XFS_IOC_FD_TO_HANDLE 54 * returns full handle for a FD opened in user space 55 * XFS_IOC_PATH_TO_HANDLE 56 * returns full handle for a path 57 */ 58 int 59 xfs_find_handle( 60 unsigned int cmd, 61 xfs_fsop_handlereq_t *hreq) 62 { 63 int hsize; 64 xfs_handle_t handle; 65 struct inode *inode; 66 struct fd f = {NULL}; 67 struct path path; 68 int error; 69 struct xfs_inode *ip; 70 71 if (cmd == XFS_IOC_FD_TO_HANDLE) { 72 f = fdget(hreq->fd); 73 if (!f.file) 74 return -EBADF; 75 inode = file_inode(f.file); 76 } else { 77 error = user_path_at(AT_FDCWD, hreq->path, 0, &path); 78 if (error) 79 return error; 80 inode = d_inode(path.dentry); 81 } 82 ip = XFS_I(inode); 83 84 /* 85 * We can only generate handles for inodes residing on a XFS filesystem, 86 * and only for regular files, directories or symbolic links. 87 */ 88 error = -EINVAL; 89 if (inode->i_sb->s_magic != XFS_SB_MAGIC) 90 goto out_put; 91 92 error = -EBADF; 93 if (!S_ISREG(inode->i_mode) && 94 !S_ISDIR(inode->i_mode) && 95 !S_ISLNK(inode->i_mode)) 96 goto out_put; 97 98 99 memcpy(&handle.ha_fsid, ip->i_mount->m_fixedfsid, sizeof(xfs_fsid_t)); 100 101 if (cmd == XFS_IOC_PATH_TO_FSHANDLE) { 102 /* 103 * This handle only contains an fsid, zero the rest. 104 */ 105 memset(&handle.ha_fid, 0, sizeof(handle.ha_fid)); 106 hsize = sizeof(xfs_fsid_t); 107 } else { 108 handle.ha_fid.fid_len = sizeof(xfs_fid_t) - 109 sizeof(handle.ha_fid.fid_len); 110 handle.ha_fid.fid_pad = 0; 111 handle.ha_fid.fid_gen = inode->i_generation; 112 handle.ha_fid.fid_ino = ip->i_ino; 113 hsize = sizeof(xfs_handle_t); 114 } 115 116 error = -EFAULT; 117 if (copy_to_user(hreq->ohandle, &handle, hsize) || 118 copy_to_user(hreq->ohandlen, &hsize, sizeof(__s32))) 119 goto out_put; 120 121 error = 0; 122 123 out_put: 124 if (cmd == XFS_IOC_FD_TO_HANDLE) 125 fdput(f); 126 else 127 path_put(&path); 128 return error; 129 } 130 131 /* 132 * No need to do permission checks on the various pathname components 133 * as the handle operations are privileged. 134 */ 135 STATIC int 136 xfs_handle_acceptable( 137 void *context, 138 struct dentry *dentry) 139 { 140 return 1; 141 } 142 143 /* 144 * Convert userspace handle data into a dentry. 145 */ 146 struct dentry * 147 xfs_handle_to_dentry( 148 struct file *parfilp, 149 void __user *uhandle, 150 u32 hlen) 151 { 152 xfs_handle_t handle; 153 struct xfs_fid64 fid; 154 155 /* 156 * Only allow handle opens under a directory. 157 */ 158 if (!S_ISDIR(file_inode(parfilp)->i_mode)) 159 return ERR_PTR(-ENOTDIR); 160 161 if (hlen != sizeof(xfs_handle_t)) 162 return ERR_PTR(-EINVAL); 163 if (copy_from_user(&handle, uhandle, hlen)) 164 return ERR_PTR(-EFAULT); 165 if (handle.ha_fid.fid_len != 166 sizeof(handle.ha_fid) - sizeof(handle.ha_fid.fid_len)) 167 return ERR_PTR(-EINVAL); 168 169 memset(&fid, 0, sizeof(struct fid)); 170 fid.ino = handle.ha_fid.fid_ino; 171 fid.gen = handle.ha_fid.fid_gen; 172 173 return exportfs_decode_fh(parfilp->f_path.mnt, (struct fid *)&fid, 3, 174 FILEID_INO32_GEN | XFS_FILEID_TYPE_64FLAG, 175 xfs_handle_acceptable, NULL); 176 } 177 178 STATIC struct dentry * 179 xfs_handlereq_to_dentry( 180 struct file *parfilp, 181 xfs_fsop_handlereq_t *hreq) 182 { 183 return xfs_handle_to_dentry(parfilp, hreq->ihandle, hreq->ihandlen); 184 } 185 186 int 187 xfs_open_by_handle( 188 struct file *parfilp, 189 xfs_fsop_handlereq_t *hreq) 190 { 191 const struct cred *cred = current_cred(); 192 int error; 193 int fd; 194 int permflag; 195 struct file *filp; 196 struct inode *inode; 197 struct dentry *dentry; 198 fmode_t fmode; 199 struct path path; 200 201 if (!capable(CAP_SYS_ADMIN)) 202 return -EPERM; 203 204 dentry = xfs_handlereq_to_dentry(parfilp, hreq); 205 if (IS_ERR(dentry)) 206 return PTR_ERR(dentry); 207 inode = d_inode(dentry); 208 209 /* Restrict xfs_open_by_handle to directories & regular files. */ 210 if (!(S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode))) { 211 error = -EPERM; 212 goto out_dput; 213 } 214 215 #if BITS_PER_LONG != 32 216 hreq->oflags |= O_LARGEFILE; 217 #endif 218 219 permflag = hreq->oflags; 220 fmode = OPEN_FMODE(permflag); 221 if ((!(permflag & O_APPEND) || (permflag & O_TRUNC)) && 222 (fmode & FMODE_WRITE) && IS_APPEND(inode)) { 223 error = -EPERM; 224 goto out_dput; 225 } 226 227 if ((fmode & FMODE_WRITE) && IS_IMMUTABLE(inode)) { 228 error = -EPERM; 229 goto out_dput; 230 } 231 232 /* Can't write directories. */ 233 if (S_ISDIR(inode->i_mode) && (fmode & FMODE_WRITE)) { 234 error = -EISDIR; 235 goto out_dput; 236 } 237 238 fd = get_unused_fd_flags(0); 239 if (fd < 0) { 240 error = fd; 241 goto out_dput; 242 } 243 244 path.mnt = parfilp->f_path.mnt; 245 path.dentry = dentry; 246 filp = dentry_open(&path, hreq->oflags, cred); 247 dput(dentry); 248 if (IS_ERR(filp)) { 249 put_unused_fd(fd); 250 return PTR_ERR(filp); 251 } 252 253 if (S_ISREG(inode->i_mode)) { 254 filp->f_flags |= O_NOATIME; 255 filp->f_mode |= FMODE_NOCMTIME; 256 } 257 258 fd_install(fd, filp); 259 return fd; 260 261 out_dput: 262 dput(dentry); 263 return error; 264 } 265 266 int 267 xfs_readlink_by_handle( 268 struct file *parfilp, 269 xfs_fsop_handlereq_t *hreq) 270 { 271 struct dentry *dentry; 272 __u32 olen; 273 int error; 274 275 if (!capable(CAP_SYS_ADMIN)) 276 return -EPERM; 277 278 dentry = xfs_handlereq_to_dentry(parfilp, hreq); 279 if (IS_ERR(dentry)) 280 return PTR_ERR(dentry); 281 282 /* Restrict this handle operation to symlinks only. */ 283 if (!d_is_symlink(dentry)) { 284 error = -EINVAL; 285 goto out_dput; 286 } 287 288 if (copy_from_user(&olen, hreq->ohandlen, sizeof(__u32))) { 289 error = -EFAULT; 290 goto out_dput; 291 } 292 293 error = vfs_readlink(dentry, hreq->ohandle, olen); 294 295 out_dput: 296 dput(dentry); 297 return error; 298 } 299 300 /* 301 * Format an attribute and copy it out to the user's buffer. 302 * Take care to check values and protect against them changing later, 303 * we may be reading them directly out of a user buffer. 304 */ 305 static void 306 xfs_ioc_attr_put_listent( 307 struct xfs_attr_list_context *context, 308 int flags, 309 unsigned char *name, 310 int namelen, 311 int valuelen) 312 { 313 struct xfs_attrlist *alist = context->buffer; 314 struct xfs_attrlist_ent *aep; 315 int arraytop; 316 317 ASSERT(!context->seen_enough); 318 ASSERT(context->count >= 0); 319 ASSERT(context->count < (ATTR_MAX_VALUELEN/8)); 320 ASSERT(context->firstu >= sizeof(*alist)); 321 ASSERT(context->firstu <= context->bufsize); 322 323 /* 324 * Only list entries in the right namespace. 325 */ 326 if (context->attr_filter != (flags & XFS_ATTR_NSP_ONDISK_MASK)) 327 return; 328 329 arraytop = sizeof(*alist) + 330 context->count * sizeof(alist->al_offset[0]); 331 332 /* decrement by the actual bytes used by the attr */ 333 context->firstu -= round_up(offsetof(struct xfs_attrlist_ent, a_name) + 334 namelen + 1, sizeof(uint32_t)); 335 if (context->firstu < arraytop) { 336 trace_xfs_attr_list_full(context); 337 alist->al_more = 1; 338 context->seen_enough = 1; 339 return; 340 } 341 342 aep = context->buffer + context->firstu; 343 aep->a_valuelen = valuelen; 344 memcpy(aep->a_name, name, namelen); 345 aep->a_name[namelen] = 0; 346 alist->al_offset[context->count++] = context->firstu; 347 alist->al_count = context->count; 348 trace_xfs_attr_list_add(context); 349 } 350 351 static unsigned int 352 xfs_attr_filter( 353 u32 ioc_flags) 354 { 355 if (ioc_flags & XFS_IOC_ATTR_ROOT) 356 return XFS_ATTR_ROOT; 357 if (ioc_flags & XFS_IOC_ATTR_SECURE) 358 return XFS_ATTR_SECURE; 359 return 0; 360 } 361 362 static unsigned int 363 xfs_attr_flags( 364 u32 ioc_flags) 365 { 366 if (ioc_flags & XFS_IOC_ATTR_CREATE) 367 return XATTR_CREATE; 368 if (ioc_flags & XFS_IOC_ATTR_REPLACE) 369 return XATTR_REPLACE; 370 return 0; 371 } 372 373 int 374 xfs_ioc_attr_list( 375 struct xfs_inode *dp, 376 void __user *ubuf, 377 size_t bufsize, 378 int flags, 379 struct xfs_attrlist_cursor __user *ucursor) 380 { 381 struct xfs_attr_list_context context = { }; 382 struct xfs_attrlist *alist; 383 void *buffer; 384 int error; 385 386 if (bufsize < sizeof(struct xfs_attrlist) || 387 bufsize > XFS_XATTR_LIST_MAX) 388 return -EINVAL; 389 390 /* 391 * Reject flags, only allow namespaces. 392 */ 393 if (flags & ~(XFS_IOC_ATTR_ROOT | XFS_IOC_ATTR_SECURE)) 394 return -EINVAL; 395 if (flags == (XFS_IOC_ATTR_ROOT | XFS_IOC_ATTR_SECURE)) 396 return -EINVAL; 397 398 /* 399 * Validate the cursor. 400 */ 401 if (copy_from_user(&context.cursor, ucursor, sizeof(context.cursor))) 402 return -EFAULT; 403 if (context.cursor.pad1 || context.cursor.pad2) 404 return -EINVAL; 405 if (!context.cursor.initted && 406 (context.cursor.hashval || context.cursor.blkno || 407 context.cursor.offset)) 408 return -EINVAL; 409 410 buffer = kvzalloc(bufsize, GFP_KERNEL); 411 if (!buffer) 412 return -ENOMEM; 413 414 /* 415 * Initialize the output buffer. 416 */ 417 context.dp = dp; 418 context.resynch = 1; 419 context.attr_filter = xfs_attr_filter(flags); 420 context.buffer = buffer; 421 context.bufsize = round_down(bufsize, sizeof(uint32_t)); 422 context.firstu = context.bufsize; 423 context.put_listent = xfs_ioc_attr_put_listent; 424 425 alist = context.buffer; 426 alist->al_count = 0; 427 alist->al_more = 0; 428 alist->al_offset[0] = context.bufsize; 429 430 error = xfs_attr_list(&context); 431 if (error) 432 goto out_free; 433 434 if (copy_to_user(ubuf, buffer, bufsize) || 435 copy_to_user(ucursor, &context.cursor, sizeof(context.cursor))) 436 error = -EFAULT; 437 out_free: 438 kmem_free(buffer); 439 return error; 440 } 441 442 STATIC int 443 xfs_attrlist_by_handle( 444 struct file *parfilp, 445 struct xfs_fsop_attrlist_handlereq __user *p) 446 { 447 struct xfs_fsop_attrlist_handlereq al_hreq; 448 struct dentry *dentry; 449 int error = -ENOMEM; 450 451 if (!capable(CAP_SYS_ADMIN)) 452 return -EPERM; 453 if (copy_from_user(&al_hreq, p, sizeof(al_hreq))) 454 return -EFAULT; 455 456 dentry = xfs_handlereq_to_dentry(parfilp, &al_hreq.hreq); 457 if (IS_ERR(dentry)) 458 return PTR_ERR(dentry); 459 460 error = xfs_ioc_attr_list(XFS_I(d_inode(dentry)), al_hreq.buffer, 461 al_hreq.buflen, al_hreq.flags, &p->pos); 462 dput(dentry); 463 return error; 464 } 465 466 static int 467 xfs_attrmulti_attr_get( 468 struct inode *inode, 469 unsigned char *name, 470 unsigned char __user *ubuf, 471 uint32_t *len, 472 uint32_t flags) 473 { 474 struct xfs_da_args args = { 475 .dp = XFS_I(inode), 476 .attr_filter = xfs_attr_filter(flags), 477 .attr_flags = xfs_attr_flags(flags), 478 .name = name, 479 .namelen = strlen(name), 480 .valuelen = *len, 481 }; 482 int error; 483 484 if (*len > XFS_XATTR_SIZE_MAX) 485 return -EINVAL; 486 487 error = xfs_attr_get(&args); 488 if (error) 489 goto out_kfree; 490 491 *len = args.valuelen; 492 if (copy_to_user(ubuf, args.value, args.valuelen)) 493 error = -EFAULT; 494 495 out_kfree: 496 kmem_free(args.value); 497 return error; 498 } 499 500 static int 501 xfs_attrmulti_attr_set( 502 struct inode *inode, 503 unsigned char *name, 504 const unsigned char __user *ubuf, 505 uint32_t len, 506 uint32_t flags) 507 { 508 struct xfs_da_args args = { 509 .dp = XFS_I(inode), 510 .attr_filter = xfs_attr_filter(flags), 511 .attr_flags = xfs_attr_flags(flags), 512 .name = name, 513 .namelen = strlen(name), 514 }; 515 int error; 516 517 if (IS_IMMUTABLE(inode) || IS_APPEND(inode)) 518 return -EPERM; 519 520 if (ubuf) { 521 if (len > XFS_XATTR_SIZE_MAX) 522 return -EINVAL; 523 args.value = memdup_user(ubuf, len); 524 if (IS_ERR(args.value)) 525 return PTR_ERR(args.value); 526 args.valuelen = len; 527 } 528 529 error = xfs_attr_change(&args); 530 if (!error && (flags & XFS_IOC_ATTR_ROOT)) 531 xfs_forget_acl(inode, name); 532 kfree(args.value); 533 return error; 534 } 535 536 int 537 xfs_ioc_attrmulti_one( 538 struct file *parfilp, 539 struct inode *inode, 540 uint32_t opcode, 541 void __user *uname, 542 void __user *value, 543 uint32_t *len, 544 uint32_t flags) 545 { 546 unsigned char *name; 547 int error; 548 549 if ((flags & XFS_IOC_ATTR_ROOT) && (flags & XFS_IOC_ATTR_SECURE)) 550 return -EINVAL; 551 552 name = strndup_user(uname, MAXNAMELEN); 553 if (IS_ERR(name)) 554 return PTR_ERR(name); 555 556 switch (opcode) { 557 case ATTR_OP_GET: 558 error = xfs_attrmulti_attr_get(inode, name, value, len, flags); 559 break; 560 case ATTR_OP_REMOVE: 561 value = NULL; 562 *len = 0; 563 fallthrough; 564 case ATTR_OP_SET: 565 error = mnt_want_write_file(parfilp); 566 if (error) 567 break; 568 error = xfs_attrmulti_attr_set(inode, name, value, *len, flags); 569 mnt_drop_write_file(parfilp); 570 break; 571 default: 572 error = -EINVAL; 573 break; 574 } 575 576 kfree(name); 577 return error; 578 } 579 580 STATIC int 581 xfs_attrmulti_by_handle( 582 struct file *parfilp, 583 void __user *arg) 584 { 585 int error; 586 xfs_attr_multiop_t *ops; 587 xfs_fsop_attrmulti_handlereq_t am_hreq; 588 struct dentry *dentry; 589 unsigned int i, size; 590 591 if (!capable(CAP_SYS_ADMIN)) 592 return -EPERM; 593 if (copy_from_user(&am_hreq, arg, sizeof(xfs_fsop_attrmulti_handlereq_t))) 594 return -EFAULT; 595 596 /* overflow check */ 597 if (am_hreq.opcount >= INT_MAX / sizeof(xfs_attr_multiop_t)) 598 return -E2BIG; 599 600 dentry = xfs_handlereq_to_dentry(parfilp, &am_hreq.hreq); 601 if (IS_ERR(dentry)) 602 return PTR_ERR(dentry); 603 604 error = -E2BIG; 605 size = am_hreq.opcount * sizeof(xfs_attr_multiop_t); 606 if (!size || size > 16 * PAGE_SIZE) 607 goto out_dput; 608 609 ops = memdup_user(am_hreq.ops, size); 610 if (IS_ERR(ops)) { 611 error = PTR_ERR(ops); 612 goto out_dput; 613 } 614 615 error = 0; 616 for (i = 0; i < am_hreq.opcount; i++) { 617 ops[i].am_error = xfs_ioc_attrmulti_one(parfilp, 618 d_inode(dentry), ops[i].am_opcode, 619 ops[i].am_attrname, ops[i].am_attrvalue, 620 &ops[i].am_length, ops[i].am_flags); 621 } 622 623 if (copy_to_user(am_hreq.ops, ops, size)) 624 error = -EFAULT; 625 626 kfree(ops); 627 out_dput: 628 dput(dentry); 629 return error; 630 } 631 632 /* Return 0 on success or positive error */ 633 int 634 xfs_fsbulkstat_one_fmt( 635 struct xfs_ibulk *breq, 636 const struct xfs_bulkstat *bstat) 637 { 638 struct xfs_bstat bs1; 639 640 xfs_bulkstat_to_bstat(breq->mp, &bs1, bstat); 641 if (copy_to_user(breq->ubuffer, &bs1, sizeof(bs1))) 642 return -EFAULT; 643 return xfs_ibulk_advance(breq, sizeof(struct xfs_bstat)); 644 } 645 646 int 647 xfs_fsinumbers_fmt( 648 struct xfs_ibulk *breq, 649 const struct xfs_inumbers *igrp) 650 { 651 struct xfs_inogrp ig1; 652 653 xfs_inumbers_to_inogrp(&ig1, igrp); 654 if (copy_to_user(breq->ubuffer, &ig1, sizeof(struct xfs_inogrp))) 655 return -EFAULT; 656 return xfs_ibulk_advance(breq, sizeof(struct xfs_inogrp)); 657 } 658 659 STATIC int 660 xfs_ioc_fsbulkstat( 661 struct file *file, 662 unsigned int cmd, 663 void __user *arg) 664 { 665 struct xfs_mount *mp = XFS_I(file_inode(file))->i_mount; 666 struct xfs_fsop_bulkreq bulkreq; 667 struct xfs_ibulk breq = { 668 .mp = mp, 669 .idmap = file_mnt_idmap(file), 670 .ocount = 0, 671 }; 672 xfs_ino_t lastino; 673 int error; 674 675 /* done = 1 if there are more stats to get and if bulkstat */ 676 /* should be called again (unused here, but used in dmapi) */ 677 678 if (!capable(CAP_SYS_ADMIN)) 679 return -EPERM; 680 681 if (xfs_is_shutdown(mp)) 682 return -EIO; 683 684 if (copy_from_user(&bulkreq, arg, sizeof(struct xfs_fsop_bulkreq))) 685 return -EFAULT; 686 687 if (copy_from_user(&lastino, bulkreq.lastip, sizeof(__s64))) 688 return -EFAULT; 689 690 if (bulkreq.icount <= 0) 691 return -EINVAL; 692 693 if (bulkreq.ubuffer == NULL) 694 return -EINVAL; 695 696 breq.ubuffer = bulkreq.ubuffer; 697 breq.icount = bulkreq.icount; 698 699 /* 700 * FSBULKSTAT_SINGLE expects that *lastip contains the inode number 701 * that we want to stat. However, FSINUMBERS and FSBULKSTAT expect 702 * that *lastip contains either zero or the number of the last inode to 703 * be examined by the previous call and return results starting with 704 * the next inode after that. The new bulk request back end functions 705 * take the inode to start with, so we have to compute the startino 706 * parameter from lastino to maintain correct function. lastino == 0 707 * is a special case because it has traditionally meant "first inode 708 * in filesystem". 709 */ 710 if (cmd == XFS_IOC_FSINUMBERS) { 711 breq.startino = lastino ? lastino + 1 : 0; 712 error = xfs_inumbers(&breq, xfs_fsinumbers_fmt); 713 lastino = breq.startino - 1; 714 } else if (cmd == XFS_IOC_FSBULKSTAT_SINGLE) { 715 breq.startino = lastino; 716 breq.icount = 1; 717 error = xfs_bulkstat_one(&breq, xfs_fsbulkstat_one_fmt); 718 } else { /* XFS_IOC_FSBULKSTAT */ 719 breq.startino = lastino ? lastino + 1 : 0; 720 error = xfs_bulkstat(&breq, xfs_fsbulkstat_one_fmt); 721 lastino = breq.startino - 1; 722 } 723 724 if (error) 725 return error; 726 727 if (bulkreq.lastip != NULL && 728 copy_to_user(bulkreq.lastip, &lastino, sizeof(xfs_ino_t))) 729 return -EFAULT; 730 731 if (bulkreq.ocount != NULL && 732 copy_to_user(bulkreq.ocount, &breq.ocount, sizeof(__s32))) 733 return -EFAULT; 734 735 return 0; 736 } 737 738 /* Return 0 on success or positive error */ 739 static int 740 xfs_bulkstat_fmt( 741 struct xfs_ibulk *breq, 742 const struct xfs_bulkstat *bstat) 743 { 744 if (copy_to_user(breq->ubuffer, bstat, sizeof(struct xfs_bulkstat))) 745 return -EFAULT; 746 return xfs_ibulk_advance(breq, sizeof(struct xfs_bulkstat)); 747 } 748 749 /* 750 * Check the incoming bulk request @hdr from userspace and initialize the 751 * internal @breq bulk request appropriately. Returns 0 if the bulk request 752 * should proceed; -ECANCELED if there's nothing to do; or the usual 753 * negative error code. 754 */ 755 static int 756 xfs_bulk_ireq_setup( 757 struct xfs_mount *mp, 758 const struct xfs_bulk_ireq *hdr, 759 struct xfs_ibulk *breq, 760 void __user *ubuffer) 761 { 762 if (hdr->icount == 0 || 763 (hdr->flags & ~XFS_BULK_IREQ_FLAGS_ALL) || 764 memchr_inv(hdr->reserved, 0, sizeof(hdr->reserved))) 765 return -EINVAL; 766 767 breq->startino = hdr->ino; 768 breq->ubuffer = ubuffer; 769 breq->icount = hdr->icount; 770 breq->ocount = 0; 771 breq->flags = 0; 772 773 /* 774 * The @ino parameter is a special value, so we must look it up here. 775 * We're not allowed to have IREQ_AGNO, and we only return one inode 776 * worth of data. 777 */ 778 if (hdr->flags & XFS_BULK_IREQ_SPECIAL) { 779 if (hdr->flags & XFS_BULK_IREQ_AGNO) 780 return -EINVAL; 781 782 switch (hdr->ino) { 783 case XFS_BULK_IREQ_SPECIAL_ROOT: 784 breq->startino = mp->m_sb.sb_rootino; 785 break; 786 default: 787 return -EINVAL; 788 } 789 breq->icount = 1; 790 } 791 792 /* 793 * The IREQ_AGNO flag means that we only want results from a given AG. 794 * If @hdr->ino is zero, we start iterating in that AG. If @hdr->ino is 795 * beyond the specified AG then we return no results. 796 */ 797 if (hdr->flags & XFS_BULK_IREQ_AGNO) { 798 if (hdr->agno >= mp->m_sb.sb_agcount) 799 return -EINVAL; 800 801 if (breq->startino == 0) 802 breq->startino = XFS_AGINO_TO_INO(mp, hdr->agno, 0); 803 else if (XFS_INO_TO_AGNO(mp, breq->startino) < hdr->agno) 804 return -EINVAL; 805 806 breq->flags |= XFS_IBULK_SAME_AG; 807 808 /* Asking for an inode past the end of the AG? We're done! */ 809 if (XFS_INO_TO_AGNO(mp, breq->startino) > hdr->agno) 810 return -ECANCELED; 811 } else if (hdr->agno) 812 return -EINVAL; 813 814 /* Asking for an inode past the end of the FS? We're done! */ 815 if (XFS_INO_TO_AGNO(mp, breq->startino) >= mp->m_sb.sb_agcount) 816 return -ECANCELED; 817 818 if (hdr->flags & XFS_BULK_IREQ_NREXT64) 819 breq->flags |= XFS_IBULK_NREXT64; 820 821 return 0; 822 } 823 824 /* 825 * Update the userspace bulk request @hdr to reflect the end state of the 826 * internal bulk request @breq. 827 */ 828 static void 829 xfs_bulk_ireq_teardown( 830 struct xfs_bulk_ireq *hdr, 831 struct xfs_ibulk *breq) 832 { 833 hdr->ino = breq->startino; 834 hdr->ocount = breq->ocount; 835 } 836 837 /* Handle the v5 bulkstat ioctl. */ 838 STATIC int 839 xfs_ioc_bulkstat( 840 struct file *file, 841 unsigned int cmd, 842 struct xfs_bulkstat_req __user *arg) 843 { 844 struct xfs_mount *mp = XFS_I(file_inode(file))->i_mount; 845 struct xfs_bulk_ireq hdr; 846 struct xfs_ibulk breq = { 847 .mp = mp, 848 .idmap = file_mnt_idmap(file), 849 }; 850 int error; 851 852 if (!capable(CAP_SYS_ADMIN)) 853 return -EPERM; 854 855 if (xfs_is_shutdown(mp)) 856 return -EIO; 857 858 if (copy_from_user(&hdr, &arg->hdr, sizeof(hdr))) 859 return -EFAULT; 860 861 error = xfs_bulk_ireq_setup(mp, &hdr, &breq, arg->bulkstat); 862 if (error == -ECANCELED) 863 goto out_teardown; 864 if (error < 0) 865 return error; 866 867 error = xfs_bulkstat(&breq, xfs_bulkstat_fmt); 868 if (error) 869 return error; 870 871 out_teardown: 872 xfs_bulk_ireq_teardown(&hdr, &breq); 873 if (copy_to_user(&arg->hdr, &hdr, sizeof(hdr))) 874 return -EFAULT; 875 876 return 0; 877 } 878 879 STATIC int 880 xfs_inumbers_fmt( 881 struct xfs_ibulk *breq, 882 const struct xfs_inumbers *igrp) 883 { 884 if (copy_to_user(breq->ubuffer, igrp, sizeof(struct xfs_inumbers))) 885 return -EFAULT; 886 return xfs_ibulk_advance(breq, sizeof(struct xfs_inumbers)); 887 } 888 889 /* Handle the v5 inumbers ioctl. */ 890 STATIC int 891 xfs_ioc_inumbers( 892 struct xfs_mount *mp, 893 unsigned int cmd, 894 struct xfs_inumbers_req __user *arg) 895 { 896 struct xfs_bulk_ireq hdr; 897 struct xfs_ibulk breq = { 898 .mp = mp, 899 }; 900 int error; 901 902 if (!capable(CAP_SYS_ADMIN)) 903 return -EPERM; 904 905 if (xfs_is_shutdown(mp)) 906 return -EIO; 907 908 if (copy_from_user(&hdr, &arg->hdr, sizeof(hdr))) 909 return -EFAULT; 910 911 error = xfs_bulk_ireq_setup(mp, &hdr, &breq, arg->inumbers); 912 if (error == -ECANCELED) 913 goto out_teardown; 914 if (error < 0) 915 return error; 916 917 error = xfs_inumbers(&breq, xfs_inumbers_fmt); 918 if (error) 919 return error; 920 921 out_teardown: 922 xfs_bulk_ireq_teardown(&hdr, &breq); 923 if (copy_to_user(&arg->hdr, &hdr, sizeof(hdr))) 924 return -EFAULT; 925 926 return 0; 927 } 928 929 STATIC int 930 xfs_ioc_fsgeometry( 931 struct xfs_mount *mp, 932 void __user *arg, 933 int struct_version) 934 { 935 struct xfs_fsop_geom fsgeo; 936 size_t len; 937 938 xfs_fs_geometry(mp, &fsgeo, struct_version); 939 940 if (struct_version <= 3) 941 len = sizeof(struct xfs_fsop_geom_v1); 942 else if (struct_version == 4) 943 len = sizeof(struct xfs_fsop_geom_v4); 944 else { 945 xfs_fsop_geom_health(mp, &fsgeo); 946 len = sizeof(fsgeo); 947 } 948 949 if (copy_to_user(arg, &fsgeo, len)) 950 return -EFAULT; 951 return 0; 952 } 953 954 STATIC int 955 xfs_ioc_ag_geometry( 956 struct xfs_mount *mp, 957 void __user *arg) 958 { 959 struct xfs_perag *pag; 960 struct xfs_ag_geometry ageo; 961 int error; 962 963 if (copy_from_user(&ageo, arg, sizeof(ageo))) 964 return -EFAULT; 965 if (ageo.ag_flags) 966 return -EINVAL; 967 if (memchr_inv(&ageo.ag_reserved, 0, sizeof(ageo.ag_reserved))) 968 return -EINVAL; 969 970 pag = xfs_perag_get(mp, ageo.ag_number); 971 if (!pag) 972 return -EINVAL; 973 974 error = xfs_ag_get_geometry(pag, &ageo); 975 xfs_perag_put(pag); 976 if (error) 977 return error; 978 979 if (copy_to_user(arg, &ageo, sizeof(ageo))) 980 return -EFAULT; 981 return 0; 982 } 983 984 /* 985 * Linux extended inode flags interface. 986 */ 987 988 static void 989 xfs_fill_fsxattr( 990 struct xfs_inode *ip, 991 int whichfork, 992 struct fileattr *fa) 993 { 994 struct xfs_mount *mp = ip->i_mount; 995 struct xfs_ifork *ifp = xfs_ifork_ptr(ip, whichfork); 996 997 fileattr_fill_xflags(fa, xfs_ip2xflags(ip)); 998 999 if (ip->i_diflags & XFS_DIFLAG_EXTSIZE) { 1000 fa->fsx_extsize = XFS_FSB_TO_B(mp, ip->i_extsize); 1001 } else if (ip->i_diflags & XFS_DIFLAG_EXTSZINHERIT) { 1002 /* 1003 * Don't let a misaligned extent size hint on a directory 1004 * escape to userspace if it won't pass the setattr checks 1005 * later. 1006 */ 1007 if ((ip->i_diflags & XFS_DIFLAG_RTINHERIT) && 1008 ip->i_extsize % mp->m_sb.sb_rextsize > 0) { 1009 fa->fsx_xflags &= ~(FS_XFLAG_EXTSIZE | 1010 FS_XFLAG_EXTSZINHERIT); 1011 fa->fsx_extsize = 0; 1012 } else { 1013 fa->fsx_extsize = XFS_FSB_TO_B(mp, ip->i_extsize); 1014 } 1015 } 1016 1017 if (ip->i_diflags2 & XFS_DIFLAG2_COWEXTSIZE) 1018 fa->fsx_cowextsize = XFS_FSB_TO_B(mp, ip->i_cowextsize); 1019 fa->fsx_projid = ip->i_projid; 1020 if (ifp && !xfs_need_iread_extents(ifp)) 1021 fa->fsx_nextents = xfs_iext_count(ifp); 1022 else 1023 fa->fsx_nextents = xfs_ifork_nextents(ifp); 1024 } 1025 1026 STATIC int 1027 xfs_ioc_fsgetxattra( 1028 xfs_inode_t *ip, 1029 void __user *arg) 1030 { 1031 struct fileattr fa; 1032 1033 xfs_ilock(ip, XFS_ILOCK_SHARED); 1034 xfs_fill_fsxattr(ip, XFS_ATTR_FORK, &fa); 1035 xfs_iunlock(ip, XFS_ILOCK_SHARED); 1036 1037 return copy_fsxattr_to_user(&fa, arg); 1038 } 1039 1040 int 1041 xfs_fileattr_get( 1042 struct dentry *dentry, 1043 struct fileattr *fa) 1044 { 1045 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1046 1047 if (d_is_special(dentry)) 1048 return -ENOTTY; 1049 1050 xfs_ilock(ip, XFS_ILOCK_SHARED); 1051 xfs_fill_fsxattr(ip, XFS_DATA_FORK, fa); 1052 xfs_iunlock(ip, XFS_ILOCK_SHARED); 1053 1054 return 0; 1055 } 1056 1057 STATIC uint16_t 1058 xfs_flags2diflags( 1059 struct xfs_inode *ip, 1060 unsigned int xflags) 1061 { 1062 /* can't set PREALLOC this way, just preserve it */ 1063 uint16_t di_flags = 1064 (ip->i_diflags & XFS_DIFLAG_PREALLOC); 1065 1066 if (xflags & FS_XFLAG_IMMUTABLE) 1067 di_flags |= XFS_DIFLAG_IMMUTABLE; 1068 if (xflags & FS_XFLAG_APPEND) 1069 di_flags |= XFS_DIFLAG_APPEND; 1070 if (xflags & FS_XFLAG_SYNC) 1071 di_flags |= XFS_DIFLAG_SYNC; 1072 if (xflags & FS_XFLAG_NOATIME) 1073 di_flags |= XFS_DIFLAG_NOATIME; 1074 if (xflags & FS_XFLAG_NODUMP) 1075 di_flags |= XFS_DIFLAG_NODUMP; 1076 if (xflags & FS_XFLAG_NODEFRAG) 1077 di_flags |= XFS_DIFLAG_NODEFRAG; 1078 if (xflags & FS_XFLAG_FILESTREAM) 1079 di_flags |= XFS_DIFLAG_FILESTREAM; 1080 if (S_ISDIR(VFS_I(ip)->i_mode)) { 1081 if (xflags & FS_XFLAG_RTINHERIT) 1082 di_flags |= XFS_DIFLAG_RTINHERIT; 1083 if (xflags & FS_XFLAG_NOSYMLINKS) 1084 di_flags |= XFS_DIFLAG_NOSYMLINKS; 1085 if (xflags & FS_XFLAG_EXTSZINHERIT) 1086 di_flags |= XFS_DIFLAG_EXTSZINHERIT; 1087 if (xflags & FS_XFLAG_PROJINHERIT) 1088 di_flags |= XFS_DIFLAG_PROJINHERIT; 1089 } else if (S_ISREG(VFS_I(ip)->i_mode)) { 1090 if (xflags & FS_XFLAG_REALTIME) 1091 di_flags |= XFS_DIFLAG_REALTIME; 1092 if (xflags & FS_XFLAG_EXTSIZE) 1093 di_flags |= XFS_DIFLAG_EXTSIZE; 1094 } 1095 1096 return di_flags; 1097 } 1098 1099 STATIC uint64_t 1100 xfs_flags2diflags2( 1101 struct xfs_inode *ip, 1102 unsigned int xflags) 1103 { 1104 uint64_t di_flags2 = 1105 (ip->i_diflags2 & (XFS_DIFLAG2_REFLINK | 1106 XFS_DIFLAG2_BIGTIME | 1107 XFS_DIFLAG2_NREXT64)); 1108 1109 if (xflags & FS_XFLAG_DAX) 1110 di_flags2 |= XFS_DIFLAG2_DAX; 1111 if (xflags & FS_XFLAG_COWEXTSIZE) 1112 di_flags2 |= XFS_DIFLAG2_COWEXTSIZE; 1113 1114 return di_flags2; 1115 } 1116 1117 static int 1118 xfs_ioctl_setattr_xflags( 1119 struct xfs_trans *tp, 1120 struct xfs_inode *ip, 1121 struct fileattr *fa) 1122 { 1123 struct xfs_mount *mp = ip->i_mount; 1124 bool rtflag = (fa->fsx_xflags & FS_XFLAG_REALTIME); 1125 uint64_t i_flags2; 1126 1127 if (rtflag != XFS_IS_REALTIME_INODE(ip)) { 1128 /* Can't change realtime flag if any extents are allocated. */ 1129 if (ip->i_df.if_nextents || ip->i_delayed_blks) 1130 return -EINVAL; 1131 1132 /* 1133 * If S_DAX is enabled on this file, we can only switch the 1134 * device if both support fsdax. We can't update S_DAX because 1135 * there might be other threads walking down the access paths. 1136 */ 1137 if (IS_DAX(VFS_I(ip)) && 1138 (mp->m_ddev_targp->bt_daxdev == NULL || 1139 (mp->m_rtdev_targp && 1140 mp->m_rtdev_targp->bt_daxdev == NULL))) 1141 return -EINVAL; 1142 } 1143 1144 if (rtflag) { 1145 /* If realtime flag is set then must have realtime device */ 1146 if (mp->m_sb.sb_rblocks == 0 || mp->m_sb.sb_rextsize == 0 || 1147 (ip->i_extsize % mp->m_sb.sb_rextsize)) 1148 return -EINVAL; 1149 1150 /* Clear reflink if we are actually able to set the rt flag. */ 1151 if (xfs_is_reflink_inode(ip)) 1152 ip->i_diflags2 &= ~XFS_DIFLAG2_REFLINK; 1153 } 1154 1155 /* diflags2 only valid for v3 inodes. */ 1156 i_flags2 = xfs_flags2diflags2(ip, fa->fsx_xflags); 1157 if (i_flags2 && !xfs_has_v3inodes(mp)) 1158 return -EINVAL; 1159 1160 ip->i_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1161 ip->i_diflags2 = i_flags2; 1162 1163 xfs_diflags_to_iflags(ip, false); 1164 1165 /* 1166 * Make the stable writes flag match that of the device the inode 1167 * resides on when flipping the RT flag. 1168 */ 1169 if (rtflag != XFS_IS_REALTIME_INODE(ip) && S_ISREG(VFS_I(ip)->i_mode)) 1170 xfs_update_stable_writes(ip); 1171 1172 xfs_trans_ichgtime(tp, ip, XFS_ICHGTIME_CHG); 1173 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 1174 XFS_STATS_INC(mp, xs_ig_attrchg); 1175 return 0; 1176 } 1177 1178 static void 1179 xfs_ioctl_setattr_prepare_dax( 1180 struct xfs_inode *ip, 1181 struct fileattr *fa) 1182 { 1183 struct xfs_mount *mp = ip->i_mount; 1184 struct inode *inode = VFS_I(ip); 1185 1186 if (S_ISDIR(inode->i_mode)) 1187 return; 1188 1189 if (xfs_has_dax_always(mp) || xfs_has_dax_never(mp)) 1190 return; 1191 1192 if (((fa->fsx_xflags & FS_XFLAG_DAX) && 1193 !(ip->i_diflags2 & XFS_DIFLAG2_DAX)) || 1194 (!(fa->fsx_xflags & FS_XFLAG_DAX) && 1195 (ip->i_diflags2 & XFS_DIFLAG2_DAX))) 1196 d_mark_dontcache(inode); 1197 } 1198 1199 /* 1200 * Set up the transaction structure for the setattr operation, checking that we 1201 * have permission to do so. On success, return a clean transaction and the 1202 * inode locked exclusively ready for further operation specific checks. On 1203 * failure, return an error without modifying or locking the inode. 1204 */ 1205 static struct xfs_trans * 1206 xfs_ioctl_setattr_get_trans( 1207 struct xfs_inode *ip, 1208 struct xfs_dquot *pdqp) 1209 { 1210 struct xfs_mount *mp = ip->i_mount; 1211 struct xfs_trans *tp; 1212 int error = -EROFS; 1213 1214 if (xfs_is_readonly(mp)) 1215 goto out_error; 1216 error = -EIO; 1217 if (xfs_is_shutdown(mp)) 1218 goto out_error; 1219 1220 error = xfs_trans_alloc_ichange(ip, NULL, NULL, pdqp, 1221 has_capability_noaudit(current, CAP_FOWNER), &tp); 1222 if (error) 1223 goto out_error; 1224 1225 if (xfs_has_wsync(mp)) 1226 xfs_trans_set_sync(tp); 1227 1228 return tp; 1229 1230 out_error: 1231 return ERR_PTR(error); 1232 } 1233 1234 /* 1235 * Validate a proposed extent size hint. For regular files, the hint can only 1236 * be changed if no extents are allocated. 1237 */ 1238 static int 1239 xfs_ioctl_setattr_check_extsize( 1240 struct xfs_inode *ip, 1241 struct fileattr *fa) 1242 { 1243 struct xfs_mount *mp = ip->i_mount; 1244 xfs_failaddr_t failaddr; 1245 uint16_t new_diflags; 1246 1247 if (!fa->fsx_valid) 1248 return 0; 1249 1250 if (S_ISREG(VFS_I(ip)->i_mode) && ip->i_df.if_nextents && 1251 XFS_FSB_TO_B(mp, ip->i_extsize) != fa->fsx_extsize) 1252 return -EINVAL; 1253 1254 if (fa->fsx_extsize & mp->m_blockmask) 1255 return -EINVAL; 1256 1257 new_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1258 1259 /* 1260 * Inode verifiers do not check that the extent size hint is an integer 1261 * multiple of the rt extent size on a directory with both rtinherit 1262 * and extszinherit flags set. Don't let sysadmins misconfigure 1263 * directories. 1264 */ 1265 if ((new_diflags & XFS_DIFLAG_RTINHERIT) && 1266 (new_diflags & XFS_DIFLAG_EXTSZINHERIT)) { 1267 unsigned int rtextsize_bytes; 1268 1269 rtextsize_bytes = XFS_FSB_TO_B(mp, mp->m_sb.sb_rextsize); 1270 if (fa->fsx_extsize % rtextsize_bytes) 1271 return -EINVAL; 1272 } 1273 1274 failaddr = xfs_inode_validate_extsize(ip->i_mount, 1275 XFS_B_TO_FSB(mp, fa->fsx_extsize), 1276 VFS_I(ip)->i_mode, new_diflags); 1277 return failaddr != NULL ? -EINVAL : 0; 1278 } 1279 1280 static int 1281 xfs_ioctl_setattr_check_cowextsize( 1282 struct xfs_inode *ip, 1283 struct fileattr *fa) 1284 { 1285 struct xfs_mount *mp = ip->i_mount; 1286 xfs_failaddr_t failaddr; 1287 uint64_t new_diflags2; 1288 uint16_t new_diflags; 1289 1290 if (!fa->fsx_valid) 1291 return 0; 1292 1293 if (fa->fsx_cowextsize & mp->m_blockmask) 1294 return -EINVAL; 1295 1296 new_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1297 new_diflags2 = xfs_flags2diflags2(ip, fa->fsx_xflags); 1298 1299 failaddr = xfs_inode_validate_cowextsize(ip->i_mount, 1300 XFS_B_TO_FSB(mp, fa->fsx_cowextsize), 1301 VFS_I(ip)->i_mode, new_diflags, new_diflags2); 1302 return failaddr != NULL ? -EINVAL : 0; 1303 } 1304 1305 static int 1306 xfs_ioctl_setattr_check_projid( 1307 struct xfs_inode *ip, 1308 struct fileattr *fa) 1309 { 1310 if (!fa->fsx_valid) 1311 return 0; 1312 1313 /* Disallow 32bit project ids if 32bit IDs are not enabled. */ 1314 if (fa->fsx_projid > (uint16_t)-1 && 1315 !xfs_has_projid32(ip->i_mount)) 1316 return -EINVAL; 1317 return 0; 1318 } 1319 1320 int 1321 xfs_fileattr_set( 1322 struct mnt_idmap *idmap, 1323 struct dentry *dentry, 1324 struct fileattr *fa) 1325 { 1326 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1327 struct xfs_mount *mp = ip->i_mount; 1328 struct xfs_trans *tp; 1329 struct xfs_dquot *pdqp = NULL; 1330 struct xfs_dquot *olddquot = NULL; 1331 int error; 1332 1333 trace_xfs_ioctl_setattr(ip); 1334 1335 if (d_is_special(dentry)) 1336 return -ENOTTY; 1337 1338 if (!fa->fsx_valid) { 1339 if (fa->flags & ~(FS_IMMUTABLE_FL | FS_APPEND_FL | 1340 FS_NOATIME_FL | FS_NODUMP_FL | 1341 FS_SYNC_FL | FS_DAX_FL | FS_PROJINHERIT_FL)) 1342 return -EOPNOTSUPP; 1343 } 1344 1345 error = xfs_ioctl_setattr_check_projid(ip, fa); 1346 if (error) 1347 return error; 1348 1349 /* 1350 * If disk quotas is on, we make sure that the dquots do exist on disk, 1351 * before we start any other transactions. Trying to do this later 1352 * is messy. We don't care to take a readlock to look at the ids 1353 * in inode here, because we can't hold it across the trans_reserve. 1354 * If the IDs do change before we take the ilock, we're covered 1355 * because the i_*dquot fields will get updated anyway. 1356 */ 1357 if (fa->fsx_valid && XFS_IS_QUOTA_ON(mp)) { 1358 error = xfs_qm_vop_dqalloc(ip, VFS_I(ip)->i_uid, 1359 VFS_I(ip)->i_gid, fa->fsx_projid, 1360 XFS_QMOPT_PQUOTA, NULL, NULL, &pdqp); 1361 if (error) 1362 return error; 1363 } 1364 1365 xfs_ioctl_setattr_prepare_dax(ip, fa); 1366 1367 tp = xfs_ioctl_setattr_get_trans(ip, pdqp); 1368 if (IS_ERR(tp)) { 1369 error = PTR_ERR(tp); 1370 goto error_free_dquots; 1371 } 1372 1373 error = xfs_ioctl_setattr_check_extsize(ip, fa); 1374 if (error) 1375 goto error_trans_cancel; 1376 1377 error = xfs_ioctl_setattr_check_cowextsize(ip, fa); 1378 if (error) 1379 goto error_trans_cancel; 1380 1381 error = xfs_ioctl_setattr_xflags(tp, ip, fa); 1382 if (error) 1383 goto error_trans_cancel; 1384 1385 if (!fa->fsx_valid) 1386 goto skip_xattr; 1387 /* 1388 * Change file ownership. Must be the owner or privileged. CAP_FSETID 1389 * overrides the following restrictions: 1390 * 1391 * The set-user-ID and set-group-ID bits of a file will be cleared upon 1392 * successful return from chown() 1393 */ 1394 1395 if ((VFS_I(ip)->i_mode & (S_ISUID|S_ISGID)) && 1396 !capable_wrt_inode_uidgid(idmap, VFS_I(ip), CAP_FSETID)) 1397 VFS_I(ip)->i_mode &= ~(S_ISUID|S_ISGID); 1398 1399 /* Change the ownerships and register project quota modifications */ 1400 if (ip->i_projid != fa->fsx_projid) { 1401 if (XFS_IS_PQUOTA_ON(mp)) { 1402 olddquot = xfs_qm_vop_chown(tp, ip, 1403 &ip->i_pdquot, pdqp); 1404 } 1405 ip->i_projid = fa->fsx_projid; 1406 } 1407 1408 /* 1409 * Only set the extent size hint if we've already determined that the 1410 * extent size hint should be set on the inode. If no extent size flags 1411 * are set on the inode then unconditionally clear the extent size hint. 1412 */ 1413 if (ip->i_diflags & (XFS_DIFLAG_EXTSIZE | XFS_DIFLAG_EXTSZINHERIT)) 1414 ip->i_extsize = XFS_B_TO_FSB(mp, fa->fsx_extsize); 1415 else 1416 ip->i_extsize = 0; 1417 1418 if (xfs_has_v3inodes(mp)) { 1419 if (ip->i_diflags2 & XFS_DIFLAG2_COWEXTSIZE) 1420 ip->i_cowextsize = XFS_B_TO_FSB(mp, fa->fsx_cowextsize); 1421 else 1422 ip->i_cowextsize = 0; 1423 } 1424 1425 skip_xattr: 1426 error = xfs_trans_commit(tp); 1427 1428 /* 1429 * Release any dquot(s) the inode had kept before chown. 1430 */ 1431 xfs_qm_dqrele(olddquot); 1432 xfs_qm_dqrele(pdqp); 1433 1434 return error; 1435 1436 error_trans_cancel: 1437 xfs_trans_cancel(tp); 1438 error_free_dquots: 1439 xfs_qm_dqrele(pdqp); 1440 return error; 1441 } 1442 1443 static bool 1444 xfs_getbmap_format( 1445 struct kgetbmap *p, 1446 struct getbmapx __user *u, 1447 size_t recsize) 1448 { 1449 if (put_user(p->bmv_offset, &u->bmv_offset) || 1450 put_user(p->bmv_block, &u->bmv_block) || 1451 put_user(p->bmv_length, &u->bmv_length) || 1452 put_user(0, &u->bmv_count) || 1453 put_user(0, &u->bmv_entries)) 1454 return false; 1455 if (recsize < sizeof(struct getbmapx)) 1456 return true; 1457 if (put_user(0, &u->bmv_iflags) || 1458 put_user(p->bmv_oflags, &u->bmv_oflags) || 1459 put_user(0, &u->bmv_unused1) || 1460 put_user(0, &u->bmv_unused2)) 1461 return false; 1462 return true; 1463 } 1464 1465 STATIC int 1466 xfs_ioc_getbmap( 1467 struct file *file, 1468 unsigned int cmd, 1469 void __user *arg) 1470 { 1471 struct getbmapx bmx = { 0 }; 1472 struct kgetbmap *buf; 1473 size_t recsize; 1474 int error, i; 1475 1476 switch (cmd) { 1477 case XFS_IOC_GETBMAPA: 1478 bmx.bmv_iflags = BMV_IF_ATTRFORK; 1479 fallthrough; 1480 case XFS_IOC_GETBMAP: 1481 /* struct getbmap is a strict subset of struct getbmapx. */ 1482 recsize = sizeof(struct getbmap); 1483 break; 1484 case XFS_IOC_GETBMAPX: 1485 recsize = sizeof(struct getbmapx); 1486 break; 1487 default: 1488 return -EINVAL; 1489 } 1490 1491 if (copy_from_user(&bmx, arg, recsize)) 1492 return -EFAULT; 1493 1494 if (bmx.bmv_count < 2) 1495 return -EINVAL; 1496 if (bmx.bmv_count >= INT_MAX / recsize) 1497 return -ENOMEM; 1498 1499 buf = kvcalloc(bmx.bmv_count, sizeof(*buf), GFP_KERNEL); 1500 if (!buf) 1501 return -ENOMEM; 1502 1503 error = xfs_getbmap(XFS_I(file_inode(file)), &bmx, buf); 1504 if (error) 1505 goto out_free_buf; 1506 1507 error = -EFAULT; 1508 if (copy_to_user(arg, &bmx, recsize)) 1509 goto out_free_buf; 1510 arg += recsize; 1511 1512 for (i = 0; i < bmx.bmv_entries; i++) { 1513 if (!xfs_getbmap_format(buf + i, arg, recsize)) 1514 goto out_free_buf; 1515 arg += recsize; 1516 } 1517 1518 error = 0; 1519 out_free_buf: 1520 kmem_free(buf); 1521 return error; 1522 } 1523 1524 STATIC int 1525 xfs_ioc_getfsmap( 1526 struct xfs_inode *ip, 1527 struct fsmap_head __user *arg) 1528 { 1529 struct xfs_fsmap_head xhead = {0}; 1530 struct fsmap_head head; 1531 struct fsmap *recs; 1532 unsigned int count; 1533 __u32 last_flags = 0; 1534 bool done = false; 1535 int error; 1536 1537 if (copy_from_user(&head, arg, sizeof(struct fsmap_head))) 1538 return -EFAULT; 1539 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) || 1540 memchr_inv(head.fmh_keys[0].fmr_reserved, 0, 1541 sizeof(head.fmh_keys[0].fmr_reserved)) || 1542 memchr_inv(head.fmh_keys[1].fmr_reserved, 0, 1543 sizeof(head.fmh_keys[1].fmr_reserved))) 1544 return -EINVAL; 1545 1546 /* 1547 * Use an internal memory buffer so that we don't have to copy fsmap 1548 * data to userspace while holding locks. Start by trying to allocate 1549 * up to 128k for the buffer, but fall back to a single page if needed. 1550 */ 1551 count = min_t(unsigned int, head.fmh_count, 1552 131072 / sizeof(struct fsmap)); 1553 recs = kvcalloc(count, sizeof(struct fsmap), GFP_KERNEL); 1554 if (!recs) { 1555 count = min_t(unsigned int, head.fmh_count, 1556 PAGE_SIZE / sizeof(struct fsmap)); 1557 recs = kvcalloc(count, sizeof(struct fsmap), GFP_KERNEL); 1558 if (!recs) 1559 return -ENOMEM; 1560 } 1561 1562 xhead.fmh_iflags = head.fmh_iflags; 1563 xfs_fsmap_to_internal(&xhead.fmh_keys[0], &head.fmh_keys[0]); 1564 xfs_fsmap_to_internal(&xhead.fmh_keys[1], &head.fmh_keys[1]); 1565 1566 trace_xfs_getfsmap_low_key(ip->i_mount, &xhead.fmh_keys[0]); 1567 trace_xfs_getfsmap_high_key(ip->i_mount, &xhead.fmh_keys[1]); 1568 1569 head.fmh_entries = 0; 1570 do { 1571 struct fsmap __user *user_recs; 1572 struct fsmap *last_rec; 1573 1574 user_recs = &arg->fmh_recs[head.fmh_entries]; 1575 xhead.fmh_entries = 0; 1576 xhead.fmh_count = min_t(unsigned int, count, 1577 head.fmh_count - head.fmh_entries); 1578 1579 /* Run query, record how many entries we got. */ 1580 error = xfs_getfsmap(ip->i_mount, &xhead, recs); 1581 switch (error) { 1582 case 0: 1583 /* 1584 * There are no more records in the result set. Copy 1585 * whatever we got to userspace and break out. 1586 */ 1587 done = true; 1588 break; 1589 case -ECANCELED: 1590 /* 1591 * The internal memory buffer is full. Copy whatever 1592 * records we got to userspace and go again if we have 1593 * not yet filled the userspace buffer. 1594 */ 1595 error = 0; 1596 break; 1597 default: 1598 goto out_free; 1599 } 1600 head.fmh_entries += xhead.fmh_entries; 1601 head.fmh_oflags = xhead.fmh_oflags; 1602 1603 /* 1604 * If the caller wanted a record count or there aren't any 1605 * new records to return, we're done. 1606 */ 1607 if (head.fmh_count == 0 || xhead.fmh_entries == 0) 1608 break; 1609 1610 /* Copy all the records we got out to userspace. */ 1611 if (copy_to_user(user_recs, recs, 1612 xhead.fmh_entries * sizeof(struct fsmap))) { 1613 error = -EFAULT; 1614 goto out_free; 1615 } 1616 1617 /* Remember the last record flags we copied to userspace. */ 1618 last_rec = &recs[xhead.fmh_entries - 1]; 1619 last_flags = last_rec->fmr_flags; 1620 1621 /* Set up the low key for the next iteration. */ 1622 xfs_fsmap_to_internal(&xhead.fmh_keys[0], last_rec); 1623 trace_xfs_getfsmap_low_key(ip->i_mount, &xhead.fmh_keys[0]); 1624 } while (!done && head.fmh_entries < head.fmh_count); 1625 1626 /* 1627 * If there are no more records in the query result set and we're not 1628 * in counting mode, mark the last record returned with the LAST flag. 1629 */ 1630 if (done && head.fmh_count > 0 && head.fmh_entries > 0) { 1631 struct fsmap __user *user_rec; 1632 1633 last_flags |= FMR_OF_LAST; 1634 user_rec = &arg->fmh_recs[head.fmh_entries - 1]; 1635 1636 if (copy_to_user(&user_rec->fmr_flags, &last_flags, 1637 sizeof(last_flags))) { 1638 error = -EFAULT; 1639 goto out_free; 1640 } 1641 } 1642 1643 /* copy back header */ 1644 if (copy_to_user(arg, &head, sizeof(struct fsmap_head))) { 1645 error = -EFAULT; 1646 goto out_free; 1647 } 1648 1649 out_free: 1650 kmem_free(recs); 1651 return error; 1652 } 1653 1654 STATIC int 1655 xfs_ioc_scrub_metadata( 1656 struct file *file, 1657 void __user *arg) 1658 { 1659 struct xfs_scrub_metadata scrub; 1660 int error; 1661 1662 if (!capable(CAP_SYS_ADMIN)) 1663 return -EPERM; 1664 1665 if (copy_from_user(&scrub, arg, sizeof(scrub))) 1666 return -EFAULT; 1667 1668 error = xfs_scrub_metadata(file, &scrub); 1669 if (error) 1670 return error; 1671 1672 if (copy_to_user(arg, &scrub, sizeof(scrub))) 1673 return -EFAULT; 1674 1675 return 0; 1676 } 1677 1678 int 1679 xfs_ioc_swapext( 1680 xfs_swapext_t *sxp) 1681 { 1682 xfs_inode_t *ip, *tip; 1683 struct fd f, tmp; 1684 int error = 0; 1685 1686 /* Pull information for the target fd */ 1687 f = fdget((int)sxp->sx_fdtarget); 1688 if (!f.file) { 1689 error = -EINVAL; 1690 goto out; 1691 } 1692 1693 if (!(f.file->f_mode & FMODE_WRITE) || 1694 !(f.file->f_mode & FMODE_READ) || 1695 (f.file->f_flags & O_APPEND)) { 1696 error = -EBADF; 1697 goto out_put_file; 1698 } 1699 1700 tmp = fdget((int)sxp->sx_fdtmp); 1701 if (!tmp.file) { 1702 error = -EINVAL; 1703 goto out_put_file; 1704 } 1705 1706 if (!(tmp.file->f_mode & FMODE_WRITE) || 1707 !(tmp.file->f_mode & FMODE_READ) || 1708 (tmp.file->f_flags & O_APPEND)) { 1709 error = -EBADF; 1710 goto out_put_tmp_file; 1711 } 1712 1713 if (IS_SWAPFILE(file_inode(f.file)) || 1714 IS_SWAPFILE(file_inode(tmp.file))) { 1715 error = -EINVAL; 1716 goto out_put_tmp_file; 1717 } 1718 1719 /* 1720 * We need to ensure that the fds passed in point to XFS inodes 1721 * before we cast and access them as XFS structures as we have no 1722 * control over what the user passes us here. 1723 */ 1724 if (f.file->f_op != &xfs_file_operations || 1725 tmp.file->f_op != &xfs_file_operations) { 1726 error = -EINVAL; 1727 goto out_put_tmp_file; 1728 } 1729 1730 ip = XFS_I(file_inode(f.file)); 1731 tip = XFS_I(file_inode(tmp.file)); 1732 1733 if (ip->i_mount != tip->i_mount) { 1734 error = -EINVAL; 1735 goto out_put_tmp_file; 1736 } 1737 1738 if (ip->i_ino == tip->i_ino) { 1739 error = -EINVAL; 1740 goto out_put_tmp_file; 1741 } 1742 1743 if (xfs_is_shutdown(ip->i_mount)) { 1744 error = -EIO; 1745 goto out_put_tmp_file; 1746 } 1747 1748 error = xfs_swap_extents(ip, tip, sxp); 1749 1750 out_put_tmp_file: 1751 fdput(tmp); 1752 out_put_file: 1753 fdput(f); 1754 out: 1755 return error; 1756 } 1757 1758 static int 1759 xfs_ioc_getlabel( 1760 struct xfs_mount *mp, 1761 char __user *user_label) 1762 { 1763 struct xfs_sb *sbp = &mp->m_sb; 1764 char label[XFSLABEL_MAX + 1]; 1765 1766 /* Paranoia */ 1767 BUILD_BUG_ON(sizeof(sbp->sb_fname) > FSLABEL_MAX); 1768 1769 /* 1 larger than sb_fname, so this ensures a trailing NUL char */ 1770 memset(label, 0, sizeof(label)); 1771 spin_lock(&mp->m_sb_lock); 1772 strncpy(label, sbp->sb_fname, XFSLABEL_MAX); 1773 spin_unlock(&mp->m_sb_lock); 1774 1775 if (copy_to_user(user_label, label, sizeof(label))) 1776 return -EFAULT; 1777 return 0; 1778 } 1779 1780 static int 1781 xfs_ioc_setlabel( 1782 struct file *filp, 1783 struct xfs_mount *mp, 1784 char __user *newlabel) 1785 { 1786 struct xfs_sb *sbp = &mp->m_sb; 1787 char label[XFSLABEL_MAX + 1]; 1788 size_t len; 1789 int error; 1790 1791 if (!capable(CAP_SYS_ADMIN)) 1792 return -EPERM; 1793 /* 1794 * The generic ioctl allows up to FSLABEL_MAX chars, but XFS is much 1795 * smaller, at 12 bytes. We copy one more to be sure we find the 1796 * (required) NULL character to test the incoming label length. 1797 * NB: The on disk label doesn't need to be null terminated. 1798 */ 1799 if (copy_from_user(label, newlabel, XFSLABEL_MAX + 1)) 1800 return -EFAULT; 1801 len = strnlen(label, XFSLABEL_MAX + 1); 1802 if (len > sizeof(sbp->sb_fname)) 1803 return -EINVAL; 1804 1805 error = mnt_want_write_file(filp); 1806 if (error) 1807 return error; 1808 1809 spin_lock(&mp->m_sb_lock); 1810 memset(sbp->sb_fname, 0, sizeof(sbp->sb_fname)); 1811 memcpy(sbp->sb_fname, label, len); 1812 spin_unlock(&mp->m_sb_lock); 1813 1814 /* 1815 * Now we do several things to satisfy userspace. 1816 * In addition to normal logging of the primary superblock, we also 1817 * immediately write these changes to sector zero for the primary, then 1818 * update all backup supers (as xfs_db does for a label change), then 1819 * invalidate the block device page cache. This is so that any prior 1820 * buffered reads from userspace (i.e. from blkid) are invalidated, 1821 * and userspace will see the newly-written label. 1822 */ 1823 error = xfs_sync_sb_buf(mp); 1824 if (error) 1825 goto out; 1826 /* 1827 * growfs also updates backup supers so lock against that. 1828 */ 1829 mutex_lock(&mp->m_growlock); 1830 error = xfs_update_secondary_sbs(mp); 1831 mutex_unlock(&mp->m_growlock); 1832 1833 invalidate_bdev(mp->m_ddev_targp->bt_bdev); 1834 1835 out: 1836 mnt_drop_write_file(filp); 1837 return error; 1838 } 1839 1840 static inline int 1841 xfs_fs_eofblocks_from_user( 1842 struct xfs_fs_eofblocks *src, 1843 struct xfs_icwalk *dst) 1844 { 1845 if (src->eof_version != XFS_EOFBLOCKS_VERSION) 1846 return -EINVAL; 1847 1848 if (src->eof_flags & ~XFS_EOF_FLAGS_VALID) 1849 return -EINVAL; 1850 1851 if (memchr_inv(&src->pad32, 0, sizeof(src->pad32)) || 1852 memchr_inv(src->pad64, 0, sizeof(src->pad64))) 1853 return -EINVAL; 1854 1855 dst->icw_flags = 0; 1856 if (src->eof_flags & XFS_EOF_FLAGS_SYNC) 1857 dst->icw_flags |= XFS_ICWALK_FLAG_SYNC; 1858 if (src->eof_flags & XFS_EOF_FLAGS_UID) 1859 dst->icw_flags |= XFS_ICWALK_FLAG_UID; 1860 if (src->eof_flags & XFS_EOF_FLAGS_GID) 1861 dst->icw_flags |= XFS_ICWALK_FLAG_GID; 1862 if (src->eof_flags & XFS_EOF_FLAGS_PRID) 1863 dst->icw_flags |= XFS_ICWALK_FLAG_PRID; 1864 if (src->eof_flags & XFS_EOF_FLAGS_MINFILESIZE) 1865 dst->icw_flags |= XFS_ICWALK_FLAG_MINFILESIZE; 1866 1867 dst->icw_prid = src->eof_prid; 1868 dst->icw_min_file_size = src->eof_min_file_size; 1869 1870 dst->icw_uid = INVALID_UID; 1871 if (src->eof_flags & XFS_EOF_FLAGS_UID) { 1872 dst->icw_uid = make_kuid(current_user_ns(), src->eof_uid); 1873 if (!uid_valid(dst->icw_uid)) 1874 return -EINVAL; 1875 } 1876 1877 dst->icw_gid = INVALID_GID; 1878 if (src->eof_flags & XFS_EOF_FLAGS_GID) { 1879 dst->icw_gid = make_kgid(current_user_ns(), src->eof_gid); 1880 if (!gid_valid(dst->icw_gid)) 1881 return -EINVAL; 1882 } 1883 return 0; 1884 } 1885 1886 /* 1887 * These long-unused ioctls were removed from the official ioctl API in 5.17, 1888 * but retain these definitions so that we can log warnings about them. 1889 */ 1890 #define XFS_IOC_ALLOCSP _IOW ('X', 10, struct xfs_flock64) 1891 #define XFS_IOC_FREESP _IOW ('X', 11, struct xfs_flock64) 1892 #define XFS_IOC_ALLOCSP64 _IOW ('X', 36, struct xfs_flock64) 1893 #define XFS_IOC_FREESP64 _IOW ('X', 37, struct xfs_flock64) 1894 1895 /* 1896 * Note: some of the ioctl's return positive numbers as a 1897 * byte count indicating success, such as readlink_by_handle. 1898 * So we don't "sign flip" like most other routines. This means 1899 * true errors need to be returned as a negative value. 1900 */ 1901 long 1902 xfs_file_ioctl( 1903 struct file *filp, 1904 unsigned int cmd, 1905 unsigned long p) 1906 { 1907 struct inode *inode = file_inode(filp); 1908 struct xfs_inode *ip = XFS_I(inode); 1909 struct xfs_mount *mp = ip->i_mount; 1910 void __user *arg = (void __user *)p; 1911 int error; 1912 1913 trace_xfs_file_ioctl(ip); 1914 1915 switch (cmd) { 1916 case FITRIM: 1917 return xfs_ioc_trim(mp, arg); 1918 case FS_IOC_GETFSLABEL: 1919 return xfs_ioc_getlabel(mp, arg); 1920 case FS_IOC_SETFSLABEL: 1921 return xfs_ioc_setlabel(filp, mp, arg); 1922 case XFS_IOC_ALLOCSP: 1923 case XFS_IOC_FREESP: 1924 case XFS_IOC_ALLOCSP64: 1925 case XFS_IOC_FREESP64: 1926 xfs_warn_once(mp, 1927 "%s should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported", 1928 current->comm); 1929 return -ENOTTY; 1930 case XFS_IOC_DIOINFO: { 1931 struct xfs_buftarg *target = xfs_inode_buftarg(ip); 1932 struct dioattr da; 1933 1934 da.d_mem = da.d_miniosz = target->bt_logical_sectorsize; 1935 da.d_maxiosz = INT_MAX & ~(da.d_miniosz - 1); 1936 1937 if (copy_to_user(arg, &da, sizeof(da))) 1938 return -EFAULT; 1939 return 0; 1940 } 1941 1942 case XFS_IOC_FSBULKSTAT_SINGLE: 1943 case XFS_IOC_FSBULKSTAT: 1944 case XFS_IOC_FSINUMBERS: 1945 return xfs_ioc_fsbulkstat(filp, cmd, arg); 1946 1947 case XFS_IOC_BULKSTAT: 1948 return xfs_ioc_bulkstat(filp, cmd, arg); 1949 case XFS_IOC_INUMBERS: 1950 return xfs_ioc_inumbers(mp, cmd, arg); 1951 1952 case XFS_IOC_FSGEOMETRY_V1: 1953 return xfs_ioc_fsgeometry(mp, arg, 3); 1954 case XFS_IOC_FSGEOMETRY_V4: 1955 return xfs_ioc_fsgeometry(mp, arg, 4); 1956 case XFS_IOC_FSGEOMETRY: 1957 return xfs_ioc_fsgeometry(mp, arg, 5); 1958 1959 case XFS_IOC_AG_GEOMETRY: 1960 return xfs_ioc_ag_geometry(mp, arg); 1961 1962 case XFS_IOC_GETVERSION: 1963 return put_user(inode->i_generation, (int __user *)arg); 1964 1965 case XFS_IOC_FSGETXATTRA: 1966 return xfs_ioc_fsgetxattra(ip, arg); 1967 1968 case XFS_IOC_GETBMAP: 1969 case XFS_IOC_GETBMAPA: 1970 case XFS_IOC_GETBMAPX: 1971 return xfs_ioc_getbmap(filp, cmd, arg); 1972 1973 case FS_IOC_GETFSMAP: 1974 return xfs_ioc_getfsmap(ip, arg); 1975 1976 case XFS_IOC_SCRUB_METADATA: 1977 return xfs_ioc_scrub_metadata(filp, arg); 1978 1979 case XFS_IOC_FD_TO_HANDLE: 1980 case XFS_IOC_PATH_TO_HANDLE: 1981 case XFS_IOC_PATH_TO_FSHANDLE: { 1982 xfs_fsop_handlereq_t hreq; 1983 1984 if (copy_from_user(&hreq, arg, sizeof(hreq))) 1985 return -EFAULT; 1986 return xfs_find_handle(cmd, &hreq); 1987 } 1988 case XFS_IOC_OPEN_BY_HANDLE: { 1989 xfs_fsop_handlereq_t hreq; 1990 1991 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t))) 1992 return -EFAULT; 1993 return xfs_open_by_handle(filp, &hreq); 1994 } 1995 1996 case XFS_IOC_READLINK_BY_HANDLE: { 1997 xfs_fsop_handlereq_t hreq; 1998 1999 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t))) 2000 return -EFAULT; 2001 return xfs_readlink_by_handle(filp, &hreq); 2002 } 2003 case XFS_IOC_ATTRLIST_BY_HANDLE: 2004 return xfs_attrlist_by_handle(filp, arg); 2005 2006 case XFS_IOC_ATTRMULTI_BY_HANDLE: 2007 return xfs_attrmulti_by_handle(filp, arg); 2008 2009 case XFS_IOC_SWAPEXT: { 2010 struct xfs_swapext sxp; 2011 2012 if (copy_from_user(&sxp, arg, sizeof(xfs_swapext_t))) 2013 return -EFAULT; 2014 error = mnt_want_write_file(filp); 2015 if (error) 2016 return error; 2017 error = xfs_ioc_swapext(&sxp); 2018 mnt_drop_write_file(filp); 2019 return error; 2020 } 2021 2022 case XFS_IOC_FSCOUNTS: { 2023 xfs_fsop_counts_t out; 2024 2025 xfs_fs_counts(mp, &out); 2026 2027 if (copy_to_user(arg, &out, sizeof(out))) 2028 return -EFAULT; 2029 return 0; 2030 } 2031 2032 case XFS_IOC_SET_RESBLKS: { 2033 xfs_fsop_resblks_t inout; 2034 uint64_t in; 2035 2036 if (!capable(CAP_SYS_ADMIN)) 2037 return -EPERM; 2038 2039 if (xfs_is_readonly(mp)) 2040 return -EROFS; 2041 2042 if (copy_from_user(&inout, arg, sizeof(inout))) 2043 return -EFAULT; 2044 2045 error = mnt_want_write_file(filp); 2046 if (error) 2047 return error; 2048 2049 /* input parameter is passed in resblks field of structure */ 2050 in = inout.resblks; 2051 error = xfs_reserve_blocks(mp, &in, &inout); 2052 mnt_drop_write_file(filp); 2053 if (error) 2054 return error; 2055 2056 if (copy_to_user(arg, &inout, sizeof(inout))) 2057 return -EFAULT; 2058 return 0; 2059 } 2060 2061 case XFS_IOC_GET_RESBLKS: { 2062 xfs_fsop_resblks_t out; 2063 2064 if (!capable(CAP_SYS_ADMIN)) 2065 return -EPERM; 2066 2067 error = xfs_reserve_blocks(mp, NULL, &out); 2068 if (error) 2069 return error; 2070 2071 if (copy_to_user(arg, &out, sizeof(out))) 2072 return -EFAULT; 2073 2074 return 0; 2075 } 2076 2077 case XFS_IOC_FSGROWFSDATA: { 2078 struct xfs_growfs_data in; 2079 2080 if (copy_from_user(&in, arg, sizeof(in))) 2081 return -EFAULT; 2082 2083 error = mnt_want_write_file(filp); 2084 if (error) 2085 return error; 2086 error = xfs_growfs_data(mp, &in); 2087 mnt_drop_write_file(filp); 2088 return error; 2089 } 2090 2091 case XFS_IOC_FSGROWFSLOG: { 2092 struct xfs_growfs_log in; 2093 2094 if (copy_from_user(&in, arg, sizeof(in))) 2095 return -EFAULT; 2096 2097 error = mnt_want_write_file(filp); 2098 if (error) 2099 return error; 2100 error = xfs_growfs_log(mp, &in); 2101 mnt_drop_write_file(filp); 2102 return error; 2103 } 2104 2105 case XFS_IOC_FSGROWFSRT: { 2106 xfs_growfs_rt_t in; 2107 2108 if (copy_from_user(&in, arg, sizeof(in))) 2109 return -EFAULT; 2110 2111 error = mnt_want_write_file(filp); 2112 if (error) 2113 return error; 2114 error = xfs_growfs_rt(mp, &in); 2115 mnt_drop_write_file(filp); 2116 return error; 2117 } 2118 2119 case XFS_IOC_GOINGDOWN: { 2120 uint32_t in; 2121 2122 if (!capable(CAP_SYS_ADMIN)) 2123 return -EPERM; 2124 2125 if (get_user(in, (uint32_t __user *)arg)) 2126 return -EFAULT; 2127 2128 return xfs_fs_goingdown(mp, in); 2129 } 2130 2131 case XFS_IOC_ERROR_INJECTION: { 2132 xfs_error_injection_t in; 2133 2134 if (!capable(CAP_SYS_ADMIN)) 2135 return -EPERM; 2136 2137 if (copy_from_user(&in, arg, sizeof(in))) 2138 return -EFAULT; 2139 2140 return xfs_errortag_add(mp, in.errtag); 2141 } 2142 2143 case XFS_IOC_ERROR_CLEARALL: 2144 if (!capable(CAP_SYS_ADMIN)) 2145 return -EPERM; 2146 2147 return xfs_errortag_clearall(mp); 2148 2149 case XFS_IOC_FREE_EOFBLOCKS: { 2150 struct xfs_fs_eofblocks eofb; 2151 struct xfs_icwalk icw; 2152 2153 if (!capable(CAP_SYS_ADMIN)) 2154 return -EPERM; 2155 2156 if (xfs_is_readonly(mp)) 2157 return -EROFS; 2158 2159 if (copy_from_user(&eofb, arg, sizeof(eofb))) 2160 return -EFAULT; 2161 2162 error = xfs_fs_eofblocks_from_user(&eofb, &icw); 2163 if (error) 2164 return error; 2165 2166 trace_xfs_ioc_free_eofblocks(mp, &icw, _RET_IP_); 2167 2168 sb_start_write(mp->m_super); 2169 error = xfs_blockgc_free_space(mp, &icw); 2170 sb_end_write(mp->m_super); 2171 return error; 2172 } 2173 2174 default: 2175 return -ENOTTY; 2176 } 2177 } 2178