1 // SPDX-License-Identifier: GPL-2.0 2 #include <linux/capability.h> 3 #include <linux/compat.h> 4 #include <linux/blkdev.h> 5 #include <linux/export.h> 6 #include <linux/gfp.h> 7 #include <linux/blkpg.h> 8 #include <linux/hdreg.h> 9 #include <linux/backing-dev.h> 10 #include <linux/fs.h> 11 #include <linux/blktrace_api.h> 12 #include <linux/pr.h> 13 #include <linux/uaccess.h> 14 #include "blk.h" 15 16 static int blkpg_do_ioctl(struct block_device *bdev, 17 struct blkpg_partition __user *upart, int op) 18 { 19 struct gendisk *disk = bdev->bd_disk; 20 struct blkpg_partition p; 21 long long start, length; 22 23 if (!capable(CAP_SYS_ADMIN)) 24 return -EACCES; 25 if (copy_from_user(&p, upart, sizeof(struct blkpg_partition))) 26 return -EFAULT; 27 if (bdev_is_partition(bdev)) 28 return -EINVAL; 29 30 if (p.pno <= 0) 31 return -EINVAL; 32 33 if (op == BLKPG_DEL_PARTITION) 34 return bdev_del_partition(disk, p.pno); 35 36 start = p.start >> SECTOR_SHIFT; 37 length = p.length >> SECTOR_SHIFT; 38 39 switch (op) { 40 case BLKPG_ADD_PARTITION: 41 /* check if partition is aligned to blocksize */ 42 if (p.start & (bdev_logical_block_size(bdev) - 1)) 43 return -EINVAL; 44 return bdev_add_partition(disk, p.pno, start, length); 45 case BLKPG_RESIZE_PARTITION: 46 return bdev_resize_partition(disk, p.pno, start, length); 47 default: 48 return -EINVAL; 49 } 50 } 51 52 static int blkpg_ioctl(struct block_device *bdev, 53 struct blkpg_ioctl_arg __user *arg) 54 { 55 struct blkpg_partition __user *udata; 56 int op; 57 58 if (get_user(op, &arg->op) || get_user(udata, &arg->data)) 59 return -EFAULT; 60 61 return blkpg_do_ioctl(bdev, udata, op); 62 } 63 64 #ifdef CONFIG_COMPAT 65 struct compat_blkpg_ioctl_arg { 66 compat_int_t op; 67 compat_int_t flags; 68 compat_int_t datalen; 69 compat_caddr_t data; 70 }; 71 72 static int compat_blkpg_ioctl(struct block_device *bdev, 73 struct compat_blkpg_ioctl_arg __user *arg) 74 { 75 compat_caddr_t udata; 76 int op; 77 78 if (get_user(op, &arg->op) || get_user(udata, &arg->data)) 79 return -EFAULT; 80 81 return blkpg_do_ioctl(bdev, compat_ptr(udata), op); 82 } 83 #endif 84 85 static int blk_ioctl_discard(struct block_device *bdev, blk_mode_t mode, 86 unsigned long arg) 87 { 88 uint64_t range[2]; 89 uint64_t start, len; 90 struct inode *inode = bdev->bd_inode; 91 int err; 92 93 if (!(mode & BLK_OPEN_WRITE)) 94 return -EBADF; 95 96 if (!bdev_max_discard_sectors(bdev)) 97 return -EOPNOTSUPP; 98 99 if (copy_from_user(range, (void __user *)arg, sizeof(range))) 100 return -EFAULT; 101 102 start = range[0]; 103 len = range[1]; 104 105 if (start & 511) 106 return -EINVAL; 107 if (len & 511) 108 return -EINVAL; 109 110 if (start + len > bdev_nr_bytes(bdev)) 111 return -EINVAL; 112 113 filemap_invalidate_lock(inode->i_mapping); 114 err = truncate_bdev_range(bdev, mode, start, start + len - 1); 115 if (err) 116 goto fail; 117 err = blkdev_issue_discard(bdev, start >> 9, len >> 9, GFP_KERNEL); 118 fail: 119 filemap_invalidate_unlock(inode->i_mapping); 120 return err; 121 } 122 123 static int blk_ioctl_secure_erase(struct block_device *bdev, blk_mode_t mode, 124 void __user *argp) 125 { 126 uint64_t start, len; 127 uint64_t range[2]; 128 int err; 129 130 if (!(mode & BLK_OPEN_WRITE)) 131 return -EBADF; 132 if (!bdev_max_secure_erase_sectors(bdev)) 133 return -EOPNOTSUPP; 134 if (copy_from_user(range, argp, sizeof(range))) 135 return -EFAULT; 136 137 start = range[0]; 138 len = range[1]; 139 if ((start & 511) || (len & 511)) 140 return -EINVAL; 141 if (start + len > bdev_nr_bytes(bdev)) 142 return -EINVAL; 143 144 filemap_invalidate_lock(bdev->bd_inode->i_mapping); 145 err = truncate_bdev_range(bdev, mode, start, start + len - 1); 146 if (!err) 147 err = blkdev_issue_secure_erase(bdev, start >> 9, len >> 9, 148 GFP_KERNEL); 149 filemap_invalidate_unlock(bdev->bd_inode->i_mapping); 150 return err; 151 } 152 153 154 static int blk_ioctl_zeroout(struct block_device *bdev, blk_mode_t mode, 155 unsigned long arg) 156 { 157 uint64_t range[2]; 158 uint64_t start, end, len; 159 struct inode *inode = bdev->bd_inode; 160 int err; 161 162 if (!(mode & BLK_OPEN_WRITE)) 163 return -EBADF; 164 165 if (copy_from_user(range, (void __user *)arg, sizeof(range))) 166 return -EFAULT; 167 168 start = range[0]; 169 len = range[1]; 170 end = start + len - 1; 171 172 if (start & 511) 173 return -EINVAL; 174 if (len & 511) 175 return -EINVAL; 176 if (end >= (uint64_t)bdev_nr_bytes(bdev)) 177 return -EINVAL; 178 if (end < start) 179 return -EINVAL; 180 181 /* Invalidate the page cache, including dirty pages */ 182 filemap_invalidate_lock(inode->i_mapping); 183 err = truncate_bdev_range(bdev, mode, start, end); 184 if (err) 185 goto fail; 186 187 err = blkdev_issue_zeroout(bdev, start >> 9, len >> 9, GFP_KERNEL, 188 BLKDEV_ZERO_NOUNMAP); 189 190 fail: 191 filemap_invalidate_unlock(inode->i_mapping); 192 return err; 193 } 194 195 static int put_ushort(unsigned short __user *argp, unsigned short val) 196 { 197 return put_user(val, argp); 198 } 199 200 static int put_int(int __user *argp, int val) 201 { 202 return put_user(val, argp); 203 } 204 205 static int put_uint(unsigned int __user *argp, unsigned int val) 206 { 207 return put_user(val, argp); 208 } 209 210 static int put_long(long __user *argp, long val) 211 { 212 return put_user(val, argp); 213 } 214 215 static int put_ulong(unsigned long __user *argp, unsigned long val) 216 { 217 return put_user(val, argp); 218 } 219 220 static int put_u64(u64 __user *argp, u64 val) 221 { 222 return put_user(val, argp); 223 } 224 225 #ifdef CONFIG_COMPAT 226 static int compat_put_long(compat_long_t __user *argp, long val) 227 { 228 return put_user(val, argp); 229 } 230 231 static int compat_put_ulong(compat_ulong_t __user *argp, compat_ulong_t val) 232 { 233 return put_user(val, argp); 234 } 235 #endif 236 237 #ifdef CONFIG_COMPAT 238 /* 239 * This is the equivalent of compat_ptr_ioctl(), to be used by block 240 * drivers that implement only commands that are completely compatible 241 * between 32-bit and 64-bit user space 242 */ 243 int blkdev_compat_ptr_ioctl(struct block_device *bdev, blk_mode_t mode, 244 unsigned cmd, unsigned long arg) 245 { 246 struct gendisk *disk = bdev->bd_disk; 247 248 if (disk->fops->ioctl) 249 return disk->fops->ioctl(bdev, mode, cmd, 250 (unsigned long)compat_ptr(arg)); 251 252 return -ENOIOCTLCMD; 253 } 254 EXPORT_SYMBOL(blkdev_compat_ptr_ioctl); 255 #endif 256 257 static bool blkdev_pr_allowed(struct block_device *bdev, blk_mode_t mode) 258 { 259 /* no sense to make reservations for partitions */ 260 if (bdev_is_partition(bdev)) 261 return false; 262 263 if (capable(CAP_SYS_ADMIN)) 264 return true; 265 /* 266 * Only allow unprivileged reservations if the file descriptor is open 267 * for writing. 268 */ 269 return mode & BLK_OPEN_WRITE; 270 } 271 272 static int blkdev_pr_register(struct block_device *bdev, blk_mode_t mode, 273 struct pr_registration __user *arg) 274 { 275 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 276 struct pr_registration reg; 277 278 if (!blkdev_pr_allowed(bdev, mode)) 279 return -EPERM; 280 if (!ops || !ops->pr_register) 281 return -EOPNOTSUPP; 282 if (copy_from_user(®, arg, sizeof(reg))) 283 return -EFAULT; 284 285 if (reg.flags & ~PR_FL_IGNORE_KEY) 286 return -EOPNOTSUPP; 287 return ops->pr_register(bdev, reg.old_key, reg.new_key, reg.flags); 288 } 289 290 static int blkdev_pr_reserve(struct block_device *bdev, blk_mode_t mode, 291 struct pr_reservation __user *arg) 292 { 293 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 294 struct pr_reservation rsv; 295 296 if (!blkdev_pr_allowed(bdev, mode)) 297 return -EPERM; 298 if (!ops || !ops->pr_reserve) 299 return -EOPNOTSUPP; 300 if (copy_from_user(&rsv, arg, sizeof(rsv))) 301 return -EFAULT; 302 303 if (rsv.flags & ~PR_FL_IGNORE_KEY) 304 return -EOPNOTSUPP; 305 return ops->pr_reserve(bdev, rsv.key, rsv.type, rsv.flags); 306 } 307 308 static int blkdev_pr_release(struct block_device *bdev, blk_mode_t mode, 309 struct pr_reservation __user *arg) 310 { 311 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 312 struct pr_reservation rsv; 313 314 if (!blkdev_pr_allowed(bdev, mode)) 315 return -EPERM; 316 if (!ops || !ops->pr_release) 317 return -EOPNOTSUPP; 318 if (copy_from_user(&rsv, arg, sizeof(rsv))) 319 return -EFAULT; 320 321 if (rsv.flags) 322 return -EOPNOTSUPP; 323 return ops->pr_release(bdev, rsv.key, rsv.type); 324 } 325 326 static int blkdev_pr_preempt(struct block_device *bdev, blk_mode_t mode, 327 struct pr_preempt __user *arg, bool abort) 328 { 329 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 330 struct pr_preempt p; 331 332 if (!blkdev_pr_allowed(bdev, mode)) 333 return -EPERM; 334 if (!ops || !ops->pr_preempt) 335 return -EOPNOTSUPP; 336 if (copy_from_user(&p, arg, sizeof(p))) 337 return -EFAULT; 338 339 if (p.flags) 340 return -EOPNOTSUPP; 341 return ops->pr_preempt(bdev, p.old_key, p.new_key, p.type, abort); 342 } 343 344 static int blkdev_pr_clear(struct block_device *bdev, blk_mode_t mode, 345 struct pr_clear __user *arg) 346 { 347 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 348 struct pr_clear c; 349 350 if (!blkdev_pr_allowed(bdev, mode)) 351 return -EPERM; 352 if (!ops || !ops->pr_clear) 353 return -EOPNOTSUPP; 354 if (copy_from_user(&c, arg, sizeof(c))) 355 return -EFAULT; 356 357 if (c.flags) 358 return -EOPNOTSUPP; 359 return ops->pr_clear(bdev, c.key); 360 } 361 362 static int blkdev_flushbuf(struct block_device *bdev, unsigned cmd, 363 unsigned long arg) 364 { 365 if (!capable(CAP_SYS_ADMIN)) 366 return -EACCES; 367 368 mutex_lock(&bdev->bd_holder_lock); 369 if (bdev->bd_holder_ops && bdev->bd_holder_ops->sync) 370 bdev->bd_holder_ops->sync(bdev); 371 else 372 sync_blockdev(bdev); 373 mutex_unlock(&bdev->bd_holder_lock); 374 375 invalidate_bdev(bdev); 376 return 0; 377 } 378 379 static int blkdev_roset(struct block_device *bdev, unsigned cmd, 380 unsigned long arg) 381 { 382 int ret, n; 383 384 if (!capable(CAP_SYS_ADMIN)) 385 return -EACCES; 386 387 if (get_user(n, (int __user *)arg)) 388 return -EFAULT; 389 if (bdev->bd_disk->fops->set_read_only) { 390 ret = bdev->bd_disk->fops->set_read_only(bdev, n); 391 if (ret) 392 return ret; 393 } 394 bdev->bd_read_only = n; 395 return 0; 396 } 397 398 static int blkdev_getgeo(struct block_device *bdev, 399 struct hd_geometry __user *argp) 400 { 401 struct gendisk *disk = bdev->bd_disk; 402 struct hd_geometry geo; 403 int ret; 404 405 if (!argp) 406 return -EINVAL; 407 if (!disk->fops->getgeo) 408 return -ENOTTY; 409 410 /* 411 * We need to set the startsect first, the driver may 412 * want to override it. 413 */ 414 memset(&geo, 0, sizeof(geo)); 415 geo.start = get_start_sect(bdev); 416 ret = disk->fops->getgeo(bdev, &geo); 417 if (ret) 418 return ret; 419 if (copy_to_user(argp, &geo, sizeof(geo))) 420 return -EFAULT; 421 return 0; 422 } 423 424 #ifdef CONFIG_COMPAT 425 struct compat_hd_geometry { 426 unsigned char heads; 427 unsigned char sectors; 428 unsigned short cylinders; 429 u32 start; 430 }; 431 432 static int compat_hdio_getgeo(struct block_device *bdev, 433 struct compat_hd_geometry __user *ugeo) 434 { 435 struct gendisk *disk = bdev->bd_disk; 436 struct hd_geometry geo; 437 int ret; 438 439 if (!ugeo) 440 return -EINVAL; 441 if (!disk->fops->getgeo) 442 return -ENOTTY; 443 444 memset(&geo, 0, sizeof(geo)); 445 /* 446 * We need to set the startsect first, the driver may 447 * want to override it. 448 */ 449 geo.start = get_start_sect(bdev); 450 ret = disk->fops->getgeo(bdev, &geo); 451 if (ret) 452 return ret; 453 454 ret = copy_to_user(ugeo, &geo, 4); 455 ret |= put_user(geo.start, &ugeo->start); 456 if (ret) 457 ret = -EFAULT; 458 459 return ret; 460 } 461 #endif 462 463 /* set the logical block size */ 464 static int blkdev_bszset(struct block_device *bdev, blk_mode_t mode, 465 int __user *argp) 466 { 467 int ret, n; 468 469 if (!capable(CAP_SYS_ADMIN)) 470 return -EACCES; 471 if (!argp) 472 return -EINVAL; 473 if (get_user(n, argp)) 474 return -EFAULT; 475 476 if (mode & BLK_OPEN_EXCL) 477 return set_blocksize(bdev, n); 478 479 if (IS_ERR(blkdev_get_by_dev(bdev->bd_dev, mode, &bdev, NULL))) 480 return -EBUSY; 481 ret = set_blocksize(bdev, n); 482 blkdev_put(bdev, &bdev); 483 484 return ret; 485 } 486 487 /* 488 * Common commands that are handled the same way on native and compat 489 * user space. Note the separate arg/argp parameters that are needed 490 * to deal with the compat_ptr() conversion. 491 */ 492 static int blkdev_common_ioctl(struct block_device *bdev, blk_mode_t mode, 493 unsigned int cmd, unsigned long arg, 494 void __user *argp) 495 { 496 unsigned int max_sectors; 497 498 switch (cmd) { 499 case BLKFLSBUF: 500 return blkdev_flushbuf(bdev, cmd, arg); 501 case BLKROSET: 502 return blkdev_roset(bdev, cmd, arg); 503 case BLKDISCARD: 504 return blk_ioctl_discard(bdev, mode, arg); 505 case BLKSECDISCARD: 506 return blk_ioctl_secure_erase(bdev, mode, argp); 507 case BLKZEROOUT: 508 return blk_ioctl_zeroout(bdev, mode, arg); 509 case BLKGETDISKSEQ: 510 return put_u64(argp, bdev->bd_disk->diskseq); 511 case BLKREPORTZONE: 512 return blkdev_report_zones_ioctl(bdev, cmd, arg); 513 case BLKRESETZONE: 514 case BLKOPENZONE: 515 case BLKCLOSEZONE: 516 case BLKFINISHZONE: 517 return blkdev_zone_mgmt_ioctl(bdev, mode, cmd, arg); 518 case BLKGETZONESZ: 519 return put_uint(argp, bdev_zone_sectors(bdev)); 520 case BLKGETNRZONES: 521 return put_uint(argp, bdev_nr_zones(bdev)); 522 case BLKROGET: 523 return put_int(argp, bdev_read_only(bdev) != 0); 524 case BLKSSZGET: /* get block device logical block size */ 525 return put_int(argp, bdev_logical_block_size(bdev)); 526 case BLKPBSZGET: /* get block device physical block size */ 527 return put_uint(argp, bdev_physical_block_size(bdev)); 528 case BLKIOMIN: 529 return put_uint(argp, bdev_io_min(bdev)); 530 case BLKIOOPT: 531 return put_uint(argp, bdev_io_opt(bdev)); 532 case BLKALIGNOFF: 533 return put_int(argp, bdev_alignment_offset(bdev)); 534 case BLKDISCARDZEROES: 535 return put_uint(argp, 0); 536 case BLKSECTGET: 537 max_sectors = min_t(unsigned int, USHRT_MAX, 538 queue_max_sectors(bdev_get_queue(bdev))); 539 return put_ushort(argp, max_sectors); 540 case BLKROTATIONAL: 541 return put_ushort(argp, !bdev_nonrot(bdev)); 542 case BLKRASET: 543 case BLKFRASET: 544 if(!capable(CAP_SYS_ADMIN)) 545 return -EACCES; 546 bdev->bd_disk->bdi->ra_pages = (arg * 512) / PAGE_SIZE; 547 return 0; 548 case BLKRRPART: 549 if (!capable(CAP_SYS_ADMIN)) 550 return -EACCES; 551 if (bdev_is_partition(bdev)) 552 return -EINVAL; 553 return disk_scan_partitions(bdev->bd_disk, mode); 554 case BLKTRACESTART: 555 case BLKTRACESTOP: 556 case BLKTRACETEARDOWN: 557 return blk_trace_ioctl(bdev, cmd, argp); 558 case IOC_PR_REGISTER: 559 return blkdev_pr_register(bdev, mode, argp); 560 case IOC_PR_RESERVE: 561 return blkdev_pr_reserve(bdev, mode, argp); 562 case IOC_PR_RELEASE: 563 return blkdev_pr_release(bdev, mode, argp); 564 case IOC_PR_PREEMPT: 565 return blkdev_pr_preempt(bdev, mode, argp, false); 566 case IOC_PR_PREEMPT_ABORT: 567 return blkdev_pr_preempt(bdev, mode, argp, true); 568 case IOC_PR_CLEAR: 569 return blkdev_pr_clear(bdev, mode, argp); 570 default: 571 return -ENOIOCTLCMD; 572 } 573 } 574 575 /* 576 * Always keep this in sync with compat_blkdev_ioctl() 577 * to handle all incompatible commands in both functions. 578 * 579 * New commands must be compatible and go into blkdev_common_ioctl 580 */ 581 long blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg) 582 { 583 struct block_device *bdev = I_BDEV(file->f_mapping->host); 584 void __user *argp = (void __user *)arg; 585 blk_mode_t mode = file_to_blk_mode(file); 586 int ret; 587 588 switch (cmd) { 589 /* These need separate implementations for the data structure */ 590 case HDIO_GETGEO: 591 return blkdev_getgeo(bdev, argp); 592 case BLKPG: 593 return blkpg_ioctl(bdev, argp); 594 595 /* Compat mode returns 32-bit data instead of 'long' */ 596 case BLKRAGET: 597 case BLKFRAGET: 598 if (!argp) 599 return -EINVAL; 600 return put_long(argp, 601 (bdev->bd_disk->bdi->ra_pages * PAGE_SIZE) / 512); 602 case BLKGETSIZE: 603 if (bdev_nr_sectors(bdev) > ~0UL) 604 return -EFBIG; 605 return put_ulong(argp, bdev_nr_sectors(bdev)); 606 607 /* The data is compatible, but the command number is different */ 608 case BLKBSZGET: /* get block device soft block size (cf. BLKSSZGET) */ 609 return put_int(argp, block_size(bdev)); 610 case BLKBSZSET: 611 return blkdev_bszset(bdev, mode, argp); 612 case BLKGETSIZE64: 613 return put_u64(argp, bdev_nr_bytes(bdev)); 614 615 /* Incompatible alignment on i386 */ 616 case BLKTRACESETUP: 617 return blk_trace_ioctl(bdev, cmd, argp); 618 default: 619 break; 620 } 621 622 ret = blkdev_common_ioctl(bdev, mode, cmd, arg, argp); 623 if (ret != -ENOIOCTLCMD) 624 return ret; 625 626 if (!bdev->bd_disk->fops->ioctl) 627 return -ENOTTY; 628 return bdev->bd_disk->fops->ioctl(bdev, mode, cmd, arg); 629 } 630 631 #ifdef CONFIG_COMPAT 632 633 #define BLKBSZGET_32 _IOR(0x12, 112, int) 634 #define BLKBSZSET_32 _IOW(0x12, 113, int) 635 #define BLKGETSIZE64_32 _IOR(0x12, 114, int) 636 637 /* Most of the generic ioctls are handled in the normal fallback path. 638 This assumes the blkdev's low level compat_ioctl always returns 639 ENOIOCTLCMD for unknown ioctls. */ 640 long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg) 641 { 642 int ret; 643 void __user *argp = compat_ptr(arg); 644 struct block_device *bdev = I_BDEV(file->f_mapping->host); 645 struct gendisk *disk = bdev->bd_disk; 646 blk_mode_t mode = file_to_blk_mode(file); 647 648 switch (cmd) { 649 /* These need separate implementations for the data structure */ 650 case HDIO_GETGEO: 651 return compat_hdio_getgeo(bdev, argp); 652 case BLKPG: 653 return compat_blkpg_ioctl(bdev, argp); 654 655 /* Compat mode returns 32-bit data instead of 'long' */ 656 case BLKRAGET: 657 case BLKFRAGET: 658 if (!argp) 659 return -EINVAL; 660 return compat_put_long(argp, 661 (bdev->bd_disk->bdi->ra_pages * PAGE_SIZE) / 512); 662 case BLKGETSIZE: 663 if (bdev_nr_sectors(bdev) > ~(compat_ulong_t)0) 664 return -EFBIG; 665 return compat_put_ulong(argp, bdev_nr_sectors(bdev)); 666 667 /* The data is compatible, but the command number is different */ 668 case BLKBSZGET_32: /* get the logical block size (cf. BLKSSZGET) */ 669 return put_int(argp, bdev_logical_block_size(bdev)); 670 case BLKBSZSET_32: 671 return blkdev_bszset(bdev, mode, argp); 672 case BLKGETSIZE64_32: 673 return put_u64(argp, bdev_nr_bytes(bdev)); 674 675 /* Incompatible alignment on i386 */ 676 case BLKTRACESETUP32: 677 return blk_trace_ioctl(bdev, cmd, argp); 678 default: 679 break; 680 } 681 682 ret = blkdev_common_ioctl(bdev, mode, cmd, arg, argp); 683 if (ret == -ENOIOCTLCMD && disk->fops->compat_ioctl) 684 ret = disk->fops->compat_ioctl(bdev, mode, cmd, arg); 685 686 return ret; 687 } 688 #endif 689