1 /* 2 * linux/fs/ext4/ioctl.c 3 * 4 * Copyright (C) 1993, 1994, 1995 5 * Remy Card (card@masi.ibp.fr) 6 * Laboratoire MASI - Institut Blaise Pascal 7 * Universite Pierre et Marie Curie (Paris VI) 8 */ 9 10 #include <linux/fs.h> 11 #include <linux/capability.h> 12 #include <linux/time.h> 13 #include <linux/compat.h> 14 #include <linux/mount.h> 15 #include <linux/file.h> 16 #include <linux/quotaops.h> 17 #include <linux/uuid.h> 18 #include <linux/uaccess.h> 19 #include <linux/delay.h> 20 #include "ext4_jbd2.h" 21 #include "ext4.h" 22 #include <linux/fsmap.h> 23 #include "fsmap.h" 24 #include <trace/events/ext4.h> 25 26 /** 27 * Swap memory between @a and @b for @len bytes. 28 * 29 * @a: pointer to first memory area 30 * @b: pointer to second memory area 31 * @len: number of bytes to swap 32 * 33 */ 34 static void memswap(void *a, void *b, size_t len) 35 { 36 unsigned char *ap, *bp; 37 38 ap = (unsigned char *)a; 39 bp = (unsigned char *)b; 40 while (len-- > 0) { 41 swap(*ap, *bp); 42 ap++; 43 bp++; 44 } 45 } 46 47 /** 48 * Swap i_data and associated attributes between @inode1 and @inode2. 49 * This function is used for the primary swap between inode1 and inode2 50 * and also to revert this primary swap in case of errors. 51 * 52 * Therefore you have to make sure, that calling this method twice 53 * will revert all changes. 54 * 55 * @inode1: pointer to first inode 56 * @inode2: pointer to second inode 57 */ 58 static void swap_inode_data(struct inode *inode1, struct inode *inode2) 59 { 60 loff_t isize; 61 struct ext4_inode_info *ei1; 62 struct ext4_inode_info *ei2; 63 64 ei1 = EXT4_I(inode1); 65 ei2 = EXT4_I(inode2); 66 67 memswap(&inode1->i_flags, &inode2->i_flags, sizeof(inode1->i_flags)); 68 memswap(&inode1->i_version, &inode2->i_version, 69 sizeof(inode1->i_version)); 70 memswap(&inode1->i_blocks, &inode2->i_blocks, 71 sizeof(inode1->i_blocks)); 72 memswap(&inode1->i_bytes, &inode2->i_bytes, sizeof(inode1->i_bytes)); 73 memswap(&inode1->i_atime, &inode2->i_atime, sizeof(inode1->i_atime)); 74 memswap(&inode1->i_mtime, &inode2->i_mtime, sizeof(inode1->i_mtime)); 75 76 memswap(ei1->i_data, ei2->i_data, sizeof(ei1->i_data)); 77 memswap(&ei1->i_flags, &ei2->i_flags, sizeof(ei1->i_flags)); 78 memswap(&ei1->i_disksize, &ei2->i_disksize, sizeof(ei1->i_disksize)); 79 ext4_es_remove_extent(inode1, 0, EXT_MAX_BLOCKS); 80 ext4_es_remove_extent(inode2, 0, EXT_MAX_BLOCKS); 81 82 isize = i_size_read(inode1); 83 i_size_write(inode1, i_size_read(inode2)); 84 i_size_write(inode2, isize); 85 } 86 87 /** 88 * Swap the information from the given @inode and the inode 89 * EXT4_BOOT_LOADER_INO. It will basically swap i_data and all other 90 * important fields of the inodes. 91 * 92 * @sb: the super block of the filesystem 93 * @inode: the inode to swap with EXT4_BOOT_LOADER_INO 94 * 95 */ 96 static long swap_inode_boot_loader(struct super_block *sb, 97 struct inode *inode) 98 { 99 handle_t *handle; 100 int err; 101 struct inode *inode_bl; 102 struct ext4_inode_info *ei_bl; 103 struct ext4_sb_info *sbi = EXT4_SB(sb); 104 105 if (inode->i_nlink != 1 || !S_ISREG(inode->i_mode)) 106 return -EINVAL; 107 108 if (!inode_owner_or_capable(inode) || !capable(CAP_SYS_ADMIN)) 109 return -EPERM; 110 111 inode_bl = ext4_iget(sb, EXT4_BOOT_LOADER_INO); 112 if (IS_ERR(inode_bl)) 113 return PTR_ERR(inode_bl); 114 ei_bl = EXT4_I(inode_bl); 115 116 filemap_flush(inode->i_mapping); 117 filemap_flush(inode_bl->i_mapping); 118 119 /* Protect orig inodes against a truncate and make sure, 120 * that only 1 swap_inode_boot_loader is running. */ 121 lock_two_nondirectories(inode, inode_bl); 122 123 truncate_inode_pages(&inode->i_data, 0); 124 truncate_inode_pages(&inode_bl->i_data, 0); 125 126 /* Wait for all existing dio workers */ 127 ext4_inode_block_unlocked_dio(inode); 128 ext4_inode_block_unlocked_dio(inode_bl); 129 inode_dio_wait(inode); 130 inode_dio_wait(inode_bl); 131 132 handle = ext4_journal_start(inode_bl, EXT4_HT_MOVE_EXTENTS, 2); 133 if (IS_ERR(handle)) { 134 err = -EINVAL; 135 goto journal_err_out; 136 } 137 138 /* Protect extent tree against block allocations via delalloc */ 139 ext4_double_down_write_data_sem(inode, inode_bl); 140 141 if (inode_bl->i_nlink == 0) { 142 /* this inode has never been used as a BOOT_LOADER */ 143 set_nlink(inode_bl, 1); 144 i_uid_write(inode_bl, 0); 145 i_gid_write(inode_bl, 0); 146 inode_bl->i_flags = 0; 147 ei_bl->i_flags = 0; 148 inode_bl->i_version = 1; 149 i_size_write(inode_bl, 0); 150 inode_bl->i_mode = S_IFREG; 151 if (ext4_has_feature_extents(sb)) { 152 ext4_set_inode_flag(inode_bl, EXT4_INODE_EXTENTS); 153 ext4_ext_tree_init(handle, inode_bl); 154 } else 155 memset(ei_bl->i_data, 0, sizeof(ei_bl->i_data)); 156 } 157 158 swap_inode_data(inode, inode_bl); 159 160 inode->i_ctime = inode_bl->i_ctime = current_time(inode); 161 162 spin_lock(&sbi->s_next_gen_lock); 163 inode->i_generation = sbi->s_next_generation++; 164 inode_bl->i_generation = sbi->s_next_generation++; 165 spin_unlock(&sbi->s_next_gen_lock); 166 167 ext4_discard_preallocations(inode); 168 169 err = ext4_mark_inode_dirty(handle, inode); 170 if (err < 0) { 171 ext4_warning(inode->i_sb, 172 "couldn't mark inode #%lu dirty (err %d)", 173 inode->i_ino, err); 174 /* Revert all changes: */ 175 swap_inode_data(inode, inode_bl); 176 } else { 177 err = ext4_mark_inode_dirty(handle, inode_bl); 178 if (err < 0) { 179 ext4_warning(inode_bl->i_sb, 180 "couldn't mark inode #%lu dirty (err %d)", 181 inode_bl->i_ino, err); 182 /* Revert all changes: */ 183 swap_inode_data(inode, inode_bl); 184 ext4_mark_inode_dirty(handle, inode); 185 } 186 } 187 ext4_journal_stop(handle); 188 ext4_double_up_write_data_sem(inode, inode_bl); 189 190 journal_err_out: 191 ext4_inode_resume_unlocked_dio(inode); 192 ext4_inode_resume_unlocked_dio(inode_bl); 193 unlock_two_nondirectories(inode, inode_bl); 194 iput(inode_bl); 195 return err; 196 } 197 198 #ifdef CONFIG_EXT4_FS_ENCRYPTION 199 static int uuid_is_zero(__u8 u[16]) 200 { 201 int i; 202 203 for (i = 0; i < 16; i++) 204 if (u[i]) 205 return 0; 206 return 1; 207 } 208 #endif 209 210 static int ext4_ioctl_setflags(struct inode *inode, 211 unsigned int flags) 212 { 213 struct ext4_inode_info *ei = EXT4_I(inode); 214 handle_t *handle = NULL; 215 int err = -EPERM, migrate = 0; 216 struct ext4_iloc iloc; 217 unsigned int oldflags, mask, i; 218 unsigned int jflag; 219 220 /* Is it quota file? Do not allow user to mess with it */ 221 if (IS_NOQUOTA(inode)) 222 goto flags_out; 223 224 oldflags = ei->i_flags; 225 226 /* The JOURNAL_DATA flag is modifiable only by root */ 227 jflag = flags & EXT4_JOURNAL_DATA_FL; 228 229 /* 230 * The IMMUTABLE and APPEND_ONLY flags can only be changed by 231 * the relevant capability. 232 * 233 * This test looks nicer. Thanks to Pauline Middelink 234 */ 235 if ((flags ^ oldflags) & (EXT4_APPEND_FL | EXT4_IMMUTABLE_FL)) { 236 if (!capable(CAP_LINUX_IMMUTABLE)) 237 goto flags_out; 238 } 239 240 /* 241 * The JOURNAL_DATA flag can only be changed by 242 * the relevant capability. 243 */ 244 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) { 245 if (!capable(CAP_SYS_RESOURCE)) 246 goto flags_out; 247 } 248 if ((flags ^ oldflags) & EXT4_EXTENTS_FL) 249 migrate = 1; 250 251 if (flags & EXT4_EOFBLOCKS_FL) { 252 /* we don't support adding EOFBLOCKS flag */ 253 if (!(oldflags & EXT4_EOFBLOCKS_FL)) { 254 err = -EOPNOTSUPP; 255 goto flags_out; 256 } 257 } else if (oldflags & EXT4_EOFBLOCKS_FL) { 258 err = ext4_truncate(inode); 259 if (err) 260 goto flags_out; 261 } 262 263 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1); 264 if (IS_ERR(handle)) { 265 err = PTR_ERR(handle); 266 goto flags_out; 267 } 268 if (IS_SYNC(inode)) 269 ext4_handle_sync(handle); 270 err = ext4_reserve_inode_write(handle, inode, &iloc); 271 if (err) 272 goto flags_err; 273 274 for (i = 0, mask = 1; i < 32; i++, mask <<= 1) { 275 if (!(mask & EXT4_FL_USER_MODIFIABLE)) 276 continue; 277 /* These flags get special treatment later */ 278 if (mask == EXT4_JOURNAL_DATA_FL || mask == EXT4_EXTENTS_FL) 279 continue; 280 if (mask & flags) 281 ext4_set_inode_flag(inode, i); 282 else 283 ext4_clear_inode_flag(inode, i); 284 } 285 286 ext4_set_inode_flags(inode); 287 inode->i_ctime = current_time(inode); 288 289 err = ext4_mark_iloc_dirty(handle, inode, &iloc); 290 flags_err: 291 ext4_journal_stop(handle); 292 if (err) 293 goto flags_out; 294 295 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) 296 err = ext4_change_inode_journal_flag(inode, jflag); 297 if (err) 298 goto flags_out; 299 if (migrate) { 300 if (flags & EXT4_EXTENTS_FL) 301 err = ext4_ext_migrate(inode); 302 else 303 err = ext4_ind_migrate(inode); 304 } 305 306 flags_out: 307 return err; 308 } 309 310 #ifdef CONFIG_QUOTA 311 static int ext4_ioctl_setproject(struct file *filp, __u32 projid) 312 { 313 struct inode *inode = file_inode(filp); 314 struct super_block *sb = inode->i_sb; 315 struct ext4_inode_info *ei = EXT4_I(inode); 316 int err, rc; 317 handle_t *handle; 318 kprojid_t kprojid; 319 struct ext4_iloc iloc; 320 struct ext4_inode *raw_inode; 321 struct dquot *transfer_to[MAXQUOTAS] = { }; 322 323 if (!ext4_has_feature_project(sb)) { 324 if (projid != EXT4_DEF_PROJID) 325 return -EOPNOTSUPP; 326 else 327 return 0; 328 } 329 330 if (EXT4_INODE_SIZE(sb) <= EXT4_GOOD_OLD_INODE_SIZE) 331 return -EOPNOTSUPP; 332 333 kprojid = make_kprojid(&init_user_ns, (projid_t)projid); 334 335 if (projid_eq(kprojid, EXT4_I(inode)->i_projid)) 336 return 0; 337 338 err = mnt_want_write_file(filp); 339 if (err) 340 return err; 341 342 err = -EPERM; 343 inode_lock(inode); 344 /* Is it quota file? Do not allow user to mess with it */ 345 if (IS_NOQUOTA(inode)) 346 goto out_unlock; 347 348 err = ext4_get_inode_loc(inode, &iloc); 349 if (err) 350 goto out_unlock; 351 352 raw_inode = ext4_raw_inode(&iloc); 353 if (!EXT4_FITS_IN_INODE(raw_inode, ei, i_projid)) { 354 err = -EOVERFLOW; 355 brelse(iloc.bh); 356 goto out_unlock; 357 } 358 brelse(iloc.bh); 359 360 dquot_initialize(inode); 361 362 handle = ext4_journal_start(inode, EXT4_HT_QUOTA, 363 EXT4_QUOTA_INIT_BLOCKS(sb) + 364 EXT4_QUOTA_DEL_BLOCKS(sb) + 3); 365 if (IS_ERR(handle)) { 366 err = PTR_ERR(handle); 367 goto out_unlock; 368 } 369 370 err = ext4_reserve_inode_write(handle, inode, &iloc); 371 if (err) 372 goto out_stop; 373 374 transfer_to[PRJQUOTA] = dqget(sb, make_kqid_projid(kprojid)); 375 if (!IS_ERR(transfer_to[PRJQUOTA])) { 376 err = __dquot_transfer(inode, transfer_to); 377 dqput(transfer_to[PRJQUOTA]); 378 if (err) 379 goto out_dirty; 380 } 381 382 EXT4_I(inode)->i_projid = kprojid; 383 inode->i_ctime = current_time(inode); 384 out_dirty: 385 rc = ext4_mark_iloc_dirty(handle, inode, &iloc); 386 if (!err) 387 err = rc; 388 out_stop: 389 ext4_journal_stop(handle); 390 out_unlock: 391 inode_unlock(inode); 392 mnt_drop_write_file(filp); 393 return err; 394 } 395 #else 396 static int ext4_ioctl_setproject(struct file *filp, __u32 projid) 397 { 398 if (projid != EXT4_DEF_PROJID) 399 return -EOPNOTSUPP; 400 return 0; 401 } 402 #endif 403 404 /* Transfer internal flags to xflags */ 405 static inline __u32 ext4_iflags_to_xflags(unsigned long iflags) 406 { 407 __u32 xflags = 0; 408 409 if (iflags & EXT4_SYNC_FL) 410 xflags |= FS_XFLAG_SYNC; 411 if (iflags & EXT4_IMMUTABLE_FL) 412 xflags |= FS_XFLAG_IMMUTABLE; 413 if (iflags & EXT4_APPEND_FL) 414 xflags |= FS_XFLAG_APPEND; 415 if (iflags & EXT4_NODUMP_FL) 416 xflags |= FS_XFLAG_NODUMP; 417 if (iflags & EXT4_NOATIME_FL) 418 xflags |= FS_XFLAG_NOATIME; 419 if (iflags & EXT4_PROJINHERIT_FL) 420 xflags |= FS_XFLAG_PROJINHERIT; 421 return xflags; 422 } 423 424 #define EXT4_SUPPORTED_FS_XFLAGS (FS_XFLAG_SYNC | FS_XFLAG_IMMUTABLE | \ 425 FS_XFLAG_APPEND | FS_XFLAG_NODUMP | \ 426 FS_XFLAG_NOATIME | FS_XFLAG_PROJINHERIT) 427 428 /* Transfer xflags flags to internal */ 429 static inline unsigned long ext4_xflags_to_iflags(__u32 xflags) 430 { 431 unsigned long iflags = 0; 432 433 if (xflags & FS_XFLAG_SYNC) 434 iflags |= EXT4_SYNC_FL; 435 if (xflags & FS_XFLAG_IMMUTABLE) 436 iflags |= EXT4_IMMUTABLE_FL; 437 if (xflags & FS_XFLAG_APPEND) 438 iflags |= EXT4_APPEND_FL; 439 if (xflags & FS_XFLAG_NODUMP) 440 iflags |= EXT4_NODUMP_FL; 441 if (xflags & FS_XFLAG_NOATIME) 442 iflags |= EXT4_NOATIME_FL; 443 if (xflags & FS_XFLAG_PROJINHERIT) 444 iflags |= EXT4_PROJINHERIT_FL; 445 446 return iflags; 447 } 448 449 static int ext4_shutdown(struct super_block *sb, unsigned long arg) 450 { 451 struct ext4_sb_info *sbi = EXT4_SB(sb); 452 __u32 flags; 453 454 if (!capable(CAP_SYS_ADMIN)) 455 return -EPERM; 456 457 if (get_user(flags, (__u32 __user *)arg)) 458 return -EFAULT; 459 460 if (flags > EXT4_GOING_FLAGS_NOLOGFLUSH) 461 return -EINVAL; 462 463 if (ext4_forced_shutdown(sbi)) 464 return 0; 465 466 ext4_msg(sb, KERN_ALERT, "shut down requested (%d)", flags); 467 468 switch (flags) { 469 case EXT4_GOING_FLAGS_DEFAULT: 470 freeze_bdev(sb->s_bdev); 471 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags); 472 thaw_bdev(sb->s_bdev, sb); 473 break; 474 case EXT4_GOING_FLAGS_LOGFLUSH: 475 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags); 476 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) { 477 (void) ext4_force_commit(sb); 478 jbd2_journal_abort(sbi->s_journal, 0); 479 } 480 break; 481 case EXT4_GOING_FLAGS_NOLOGFLUSH: 482 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags); 483 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) { 484 msleep(100); 485 jbd2_journal_abort(sbi->s_journal, 0); 486 } 487 break; 488 default: 489 return -EINVAL; 490 } 491 clear_opt(sb, DISCARD); 492 return 0; 493 } 494 495 struct getfsmap_info { 496 struct super_block *gi_sb; 497 struct fsmap_head __user *gi_data; 498 unsigned int gi_idx; 499 __u32 gi_last_flags; 500 }; 501 502 static int ext4_getfsmap_format(struct ext4_fsmap *xfm, void *priv) 503 { 504 struct getfsmap_info *info = priv; 505 struct fsmap fm; 506 507 trace_ext4_getfsmap_mapping(info->gi_sb, xfm); 508 509 info->gi_last_flags = xfm->fmr_flags; 510 ext4_fsmap_from_internal(info->gi_sb, &fm, xfm); 511 if (copy_to_user(&info->gi_data->fmh_recs[info->gi_idx++], &fm, 512 sizeof(struct fsmap))) 513 return -EFAULT; 514 515 return 0; 516 } 517 518 static int ext4_ioc_getfsmap(struct super_block *sb, 519 struct fsmap_head __user *arg) 520 { 521 struct getfsmap_info info = {0}; 522 struct ext4_fsmap_head xhead = {0}; 523 struct fsmap_head head; 524 bool aborted = false; 525 int error; 526 527 if (copy_from_user(&head, arg, sizeof(struct fsmap_head))) 528 return -EFAULT; 529 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) || 530 memchr_inv(head.fmh_keys[0].fmr_reserved, 0, 531 sizeof(head.fmh_keys[0].fmr_reserved)) || 532 memchr_inv(head.fmh_keys[1].fmr_reserved, 0, 533 sizeof(head.fmh_keys[1].fmr_reserved))) 534 return -EINVAL; 535 /* 536 * ext4 doesn't report file extents at all, so the only valid 537 * file offsets are the magic ones (all zeroes or all ones). 538 */ 539 if (head.fmh_keys[0].fmr_offset || 540 (head.fmh_keys[1].fmr_offset != 0 && 541 head.fmh_keys[1].fmr_offset != -1ULL)) 542 return -EINVAL; 543 544 xhead.fmh_iflags = head.fmh_iflags; 545 xhead.fmh_count = head.fmh_count; 546 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[0], &head.fmh_keys[0]); 547 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[1], &head.fmh_keys[1]); 548 549 trace_ext4_getfsmap_low_key(sb, &xhead.fmh_keys[0]); 550 trace_ext4_getfsmap_high_key(sb, &xhead.fmh_keys[1]); 551 552 info.gi_sb = sb; 553 info.gi_data = arg; 554 error = ext4_getfsmap(sb, &xhead, ext4_getfsmap_format, &info); 555 if (error == EXT4_QUERY_RANGE_ABORT) { 556 error = 0; 557 aborted = true; 558 } else if (error) 559 return error; 560 561 /* If we didn't abort, set the "last" flag in the last fmx */ 562 if (!aborted && info.gi_idx) { 563 info.gi_last_flags |= FMR_OF_LAST; 564 if (copy_to_user(&info.gi_data->fmh_recs[info.gi_idx - 1].fmr_flags, 565 &info.gi_last_flags, 566 sizeof(info.gi_last_flags))) 567 return -EFAULT; 568 } 569 570 /* copy back header */ 571 head.fmh_entries = xhead.fmh_entries; 572 head.fmh_oflags = xhead.fmh_oflags; 573 if (copy_to_user(arg, &head, sizeof(struct fsmap_head))) 574 return -EFAULT; 575 576 return 0; 577 } 578 579 long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) 580 { 581 struct inode *inode = file_inode(filp); 582 struct super_block *sb = inode->i_sb; 583 struct ext4_inode_info *ei = EXT4_I(inode); 584 unsigned int flags; 585 586 ext4_debug("cmd = %u, arg = %lu\n", cmd, arg); 587 588 switch (cmd) { 589 case FS_IOC_GETFSMAP: 590 return ext4_ioc_getfsmap(sb, (void __user *)arg); 591 case EXT4_IOC_GETFLAGS: 592 flags = ei->i_flags & EXT4_FL_USER_VISIBLE; 593 return put_user(flags, (int __user *) arg); 594 case EXT4_IOC_SETFLAGS: { 595 int err; 596 597 if (!inode_owner_or_capable(inode)) 598 return -EACCES; 599 600 if (get_user(flags, (int __user *) arg)) 601 return -EFAULT; 602 603 if (flags & ~EXT4_FL_USER_VISIBLE) 604 return -EOPNOTSUPP; 605 /* 606 * chattr(1) grabs flags via GETFLAGS, modifies the result and 607 * passes that to SETFLAGS. So we cannot easily make SETFLAGS 608 * more restrictive than just silently masking off visible but 609 * not settable flags as we always did. 610 */ 611 flags &= EXT4_FL_USER_MODIFIABLE; 612 if (ext4_mask_flags(inode->i_mode, flags) != flags) 613 return -EOPNOTSUPP; 614 615 err = mnt_want_write_file(filp); 616 if (err) 617 return err; 618 619 inode_lock(inode); 620 err = ext4_ioctl_setflags(inode, flags); 621 inode_unlock(inode); 622 mnt_drop_write_file(filp); 623 return err; 624 } 625 case EXT4_IOC_GETVERSION: 626 case EXT4_IOC_GETVERSION_OLD: 627 return put_user(inode->i_generation, (int __user *) arg); 628 case EXT4_IOC_SETVERSION: 629 case EXT4_IOC_SETVERSION_OLD: { 630 handle_t *handle; 631 struct ext4_iloc iloc; 632 __u32 generation; 633 int err; 634 635 if (!inode_owner_or_capable(inode)) 636 return -EPERM; 637 638 if (ext4_has_metadata_csum(inode->i_sb)) { 639 ext4_warning(sb, "Setting inode version is not " 640 "supported with metadata_csum enabled."); 641 return -ENOTTY; 642 } 643 644 err = mnt_want_write_file(filp); 645 if (err) 646 return err; 647 if (get_user(generation, (int __user *) arg)) { 648 err = -EFAULT; 649 goto setversion_out; 650 } 651 652 inode_lock(inode); 653 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1); 654 if (IS_ERR(handle)) { 655 err = PTR_ERR(handle); 656 goto unlock_out; 657 } 658 err = ext4_reserve_inode_write(handle, inode, &iloc); 659 if (err == 0) { 660 inode->i_ctime = current_time(inode); 661 inode->i_generation = generation; 662 err = ext4_mark_iloc_dirty(handle, inode, &iloc); 663 } 664 ext4_journal_stop(handle); 665 666 unlock_out: 667 inode_unlock(inode); 668 setversion_out: 669 mnt_drop_write_file(filp); 670 return err; 671 } 672 case EXT4_IOC_GROUP_EXTEND: { 673 ext4_fsblk_t n_blocks_count; 674 int err, err2=0; 675 676 err = ext4_resize_begin(sb); 677 if (err) 678 return err; 679 680 if (get_user(n_blocks_count, (__u32 __user *)arg)) { 681 err = -EFAULT; 682 goto group_extend_out; 683 } 684 685 if (ext4_has_feature_bigalloc(sb)) { 686 ext4_msg(sb, KERN_ERR, 687 "Online resizing not supported with bigalloc"); 688 err = -EOPNOTSUPP; 689 goto group_extend_out; 690 } 691 692 err = mnt_want_write_file(filp); 693 if (err) 694 goto group_extend_out; 695 696 err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count); 697 if (EXT4_SB(sb)->s_journal) { 698 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal); 699 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal); 700 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal); 701 } 702 if (err == 0) 703 err = err2; 704 mnt_drop_write_file(filp); 705 group_extend_out: 706 ext4_resize_end(sb); 707 return err; 708 } 709 710 case EXT4_IOC_MOVE_EXT: { 711 struct move_extent me; 712 struct fd donor; 713 int err; 714 715 if (!(filp->f_mode & FMODE_READ) || 716 !(filp->f_mode & FMODE_WRITE)) 717 return -EBADF; 718 719 if (copy_from_user(&me, 720 (struct move_extent __user *)arg, sizeof(me))) 721 return -EFAULT; 722 me.moved_len = 0; 723 724 donor = fdget(me.donor_fd); 725 if (!donor.file) 726 return -EBADF; 727 728 if (!(donor.file->f_mode & FMODE_WRITE)) { 729 err = -EBADF; 730 goto mext_out; 731 } 732 733 if (ext4_has_feature_bigalloc(sb)) { 734 ext4_msg(sb, KERN_ERR, 735 "Online defrag not supported with bigalloc"); 736 err = -EOPNOTSUPP; 737 goto mext_out; 738 } else if (IS_DAX(inode)) { 739 ext4_msg(sb, KERN_ERR, 740 "Online defrag not supported with DAX"); 741 err = -EOPNOTSUPP; 742 goto mext_out; 743 } 744 745 err = mnt_want_write_file(filp); 746 if (err) 747 goto mext_out; 748 749 err = ext4_move_extents(filp, donor.file, me.orig_start, 750 me.donor_start, me.len, &me.moved_len); 751 mnt_drop_write_file(filp); 752 753 if (copy_to_user((struct move_extent __user *)arg, 754 &me, sizeof(me))) 755 err = -EFAULT; 756 mext_out: 757 fdput(donor); 758 return err; 759 } 760 761 case EXT4_IOC_GROUP_ADD: { 762 struct ext4_new_group_data input; 763 int err, err2=0; 764 765 err = ext4_resize_begin(sb); 766 if (err) 767 return err; 768 769 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg, 770 sizeof(input))) { 771 err = -EFAULT; 772 goto group_add_out; 773 } 774 775 if (ext4_has_feature_bigalloc(sb)) { 776 ext4_msg(sb, KERN_ERR, 777 "Online resizing not supported with bigalloc"); 778 err = -EOPNOTSUPP; 779 goto group_add_out; 780 } 781 782 err = mnt_want_write_file(filp); 783 if (err) 784 goto group_add_out; 785 786 err = ext4_group_add(sb, &input); 787 if (EXT4_SB(sb)->s_journal) { 788 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal); 789 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal); 790 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal); 791 } 792 if (err == 0) 793 err = err2; 794 mnt_drop_write_file(filp); 795 if (!err && ext4_has_group_desc_csum(sb) && 796 test_opt(sb, INIT_INODE_TABLE)) 797 err = ext4_register_li_request(sb, input.group); 798 group_add_out: 799 ext4_resize_end(sb); 800 return err; 801 } 802 803 case EXT4_IOC_MIGRATE: 804 { 805 int err; 806 if (!inode_owner_or_capable(inode)) 807 return -EACCES; 808 809 err = mnt_want_write_file(filp); 810 if (err) 811 return err; 812 /* 813 * inode_mutex prevent write and truncate on the file. 814 * Read still goes through. We take i_data_sem in 815 * ext4_ext_swap_inode_data before we switch the 816 * inode format to prevent read. 817 */ 818 inode_lock((inode)); 819 err = ext4_ext_migrate(inode); 820 inode_unlock((inode)); 821 mnt_drop_write_file(filp); 822 return err; 823 } 824 825 case EXT4_IOC_ALLOC_DA_BLKS: 826 { 827 int err; 828 if (!inode_owner_or_capable(inode)) 829 return -EACCES; 830 831 err = mnt_want_write_file(filp); 832 if (err) 833 return err; 834 err = ext4_alloc_da_blocks(inode); 835 mnt_drop_write_file(filp); 836 return err; 837 } 838 839 case EXT4_IOC_SWAP_BOOT: 840 { 841 int err; 842 if (!(filp->f_mode & FMODE_WRITE)) 843 return -EBADF; 844 err = mnt_want_write_file(filp); 845 if (err) 846 return err; 847 err = swap_inode_boot_loader(sb, inode); 848 mnt_drop_write_file(filp); 849 return err; 850 } 851 852 case EXT4_IOC_RESIZE_FS: { 853 ext4_fsblk_t n_blocks_count; 854 int err = 0, err2 = 0; 855 ext4_group_t o_group = EXT4_SB(sb)->s_groups_count; 856 857 if (ext4_has_feature_bigalloc(sb)) { 858 ext4_msg(sb, KERN_ERR, 859 "Online resizing not (yet) supported with bigalloc"); 860 return -EOPNOTSUPP; 861 } 862 863 if (copy_from_user(&n_blocks_count, (__u64 __user *)arg, 864 sizeof(__u64))) { 865 return -EFAULT; 866 } 867 868 err = ext4_resize_begin(sb); 869 if (err) 870 return err; 871 872 err = mnt_want_write_file(filp); 873 if (err) 874 goto resizefs_out; 875 876 err = ext4_resize_fs(sb, n_blocks_count); 877 if (EXT4_SB(sb)->s_journal) { 878 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal); 879 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal); 880 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal); 881 } 882 if (err == 0) 883 err = err2; 884 mnt_drop_write_file(filp); 885 if (!err && (o_group > EXT4_SB(sb)->s_groups_count) && 886 ext4_has_group_desc_csum(sb) && 887 test_opt(sb, INIT_INODE_TABLE)) 888 err = ext4_register_li_request(sb, o_group); 889 890 resizefs_out: 891 ext4_resize_end(sb); 892 return err; 893 } 894 895 case FITRIM: 896 { 897 struct request_queue *q = bdev_get_queue(sb->s_bdev); 898 struct fstrim_range range; 899 int ret = 0; 900 901 if (!capable(CAP_SYS_ADMIN)) 902 return -EPERM; 903 904 if (!blk_queue_discard(q)) 905 return -EOPNOTSUPP; 906 907 if (copy_from_user(&range, (struct fstrim_range __user *)arg, 908 sizeof(range))) 909 return -EFAULT; 910 911 range.minlen = max((unsigned int)range.minlen, 912 q->limits.discard_granularity); 913 ret = ext4_trim_fs(sb, &range); 914 if (ret < 0) 915 return ret; 916 917 if (copy_to_user((struct fstrim_range __user *)arg, &range, 918 sizeof(range))) 919 return -EFAULT; 920 921 return 0; 922 } 923 case EXT4_IOC_PRECACHE_EXTENTS: 924 return ext4_ext_precache(inode); 925 926 case EXT4_IOC_SET_ENCRYPTION_POLICY: 927 if (!ext4_has_feature_encrypt(sb)) 928 return -EOPNOTSUPP; 929 return fscrypt_ioctl_set_policy(filp, (const void __user *)arg); 930 931 case EXT4_IOC_GET_ENCRYPTION_PWSALT: { 932 #ifdef CONFIG_EXT4_FS_ENCRYPTION 933 int err, err2; 934 struct ext4_sb_info *sbi = EXT4_SB(sb); 935 handle_t *handle; 936 937 if (!ext4_has_feature_encrypt(sb)) 938 return -EOPNOTSUPP; 939 if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) { 940 err = mnt_want_write_file(filp); 941 if (err) 942 return err; 943 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1); 944 if (IS_ERR(handle)) { 945 err = PTR_ERR(handle); 946 goto pwsalt_err_exit; 947 } 948 err = ext4_journal_get_write_access(handle, sbi->s_sbh); 949 if (err) 950 goto pwsalt_err_journal; 951 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt); 952 err = ext4_handle_dirty_metadata(handle, NULL, 953 sbi->s_sbh); 954 pwsalt_err_journal: 955 err2 = ext4_journal_stop(handle); 956 if (err2 && !err) 957 err = err2; 958 pwsalt_err_exit: 959 mnt_drop_write_file(filp); 960 if (err) 961 return err; 962 } 963 if (copy_to_user((void __user *) arg, 964 sbi->s_es->s_encrypt_pw_salt, 16)) 965 return -EFAULT; 966 return 0; 967 #else 968 return -EOPNOTSUPP; 969 #endif 970 } 971 case EXT4_IOC_GET_ENCRYPTION_POLICY: 972 return fscrypt_ioctl_get_policy(filp, (void __user *)arg); 973 974 case EXT4_IOC_FSGETXATTR: 975 { 976 struct fsxattr fa; 977 978 memset(&fa, 0, sizeof(struct fsxattr)); 979 fa.fsx_xflags = ext4_iflags_to_xflags(ei->i_flags & EXT4_FL_USER_VISIBLE); 980 981 if (ext4_has_feature_project(inode->i_sb)) { 982 fa.fsx_projid = (__u32)from_kprojid(&init_user_ns, 983 EXT4_I(inode)->i_projid); 984 } 985 986 if (copy_to_user((struct fsxattr __user *)arg, 987 &fa, sizeof(fa))) 988 return -EFAULT; 989 return 0; 990 } 991 case EXT4_IOC_FSSETXATTR: 992 { 993 struct fsxattr fa; 994 int err; 995 996 if (copy_from_user(&fa, (struct fsxattr __user *)arg, 997 sizeof(fa))) 998 return -EFAULT; 999 1000 /* Make sure caller has proper permission */ 1001 if (!inode_owner_or_capable(inode)) 1002 return -EACCES; 1003 1004 if (fa.fsx_xflags & ~EXT4_SUPPORTED_FS_XFLAGS) 1005 return -EOPNOTSUPP; 1006 1007 flags = ext4_xflags_to_iflags(fa.fsx_xflags); 1008 if (ext4_mask_flags(inode->i_mode, flags) != flags) 1009 return -EOPNOTSUPP; 1010 1011 err = mnt_want_write_file(filp); 1012 if (err) 1013 return err; 1014 1015 inode_lock(inode); 1016 flags = (ei->i_flags & ~EXT4_FL_XFLAG_VISIBLE) | 1017 (flags & EXT4_FL_XFLAG_VISIBLE); 1018 err = ext4_ioctl_setflags(inode, flags); 1019 inode_unlock(inode); 1020 mnt_drop_write_file(filp); 1021 if (err) 1022 return err; 1023 1024 err = ext4_ioctl_setproject(filp, fa.fsx_projid); 1025 if (err) 1026 return err; 1027 1028 return 0; 1029 } 1030 case EXT4_IOC_SHUTDOWN: 1031 return ext4_shutdown(sb, arg); 1032 default: 1033 return -ENOTTY; 1034 } 1035 } 1036 1037 #ifdef CONFIG_COMPAT 1038 long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 1039 { 1040 /* These are just misnamed, they actually get/put from/to user an int */ 1041 switch (cmd) { 1042 case EXT4_IOC32_GETFLAGS: 1043 cmd = EXT4_IOC_GETFLAGS; 1044 break; 1045 case EXT4_IOC32_SETFLAGS: 1046 cmd = EXT4_IOC_SETFLAGS; 1047 break; 1048 case EXT4_IOC32_GETVERSION: 1049 cmd = EXT4_IOC_GETVERSION; 1050 break; 1051 case EXT4_IOC32_SETVERSION: 1052 cmd = EXT4_IOC_SETVERSION; 1053 break; 1054 case EXT4_IOC32_GROUP_EXTEND: 1055 cmd = EXT4_IOC_GROUP_EXTEND; 1056 break; 1057 case EXT4_IOC32_GETVERSION_OLD: 1058 cmd = EXT4_IOC_GETVERSION_OLD; 1059 break; 1060 case EXT4_IOC32_SETVERSION_OLD: 1061 cmd = EXT4_IOC_SETVERSION_OLD; 1062 break; 1063 case EXT4_IOC32_GETRSVSZ: 1064 cmd = EXT4_IOC_GETRSVSZ; 1065 break; 1066 case EXT4_IOC32_SETRSVSZ: 1067 cmd = EXT4_IOC_SETRSVSZ; 1068 break; 1069 case EXT4_IOC32_GROUP_ADD: { 1070 struct compat_ext4_new_group_input __user *uinput; 1071 struct ext4_new_group_input input; 1072 mm_segment_t old_fs; 1073 int err; 1074 1075 uinput = compat_ptr(arg); 1076 err = get_user(input.group, &uinput->group); 1077 err |= get_user(input.block_bitmap, &uinput->block_bitmap); 1078 err |= get_user(input.inode_bitmap, &uinput->inode_bitmap); 1079 err |= get_user(input.inode_table, &uinput->inode_table); 1080 err |= get_user(input.blocks_count, &uinput->blocks_count); 1081 err |= get_user(input.reserved_blocks, 1082 &uinput->reserved_blocks); 1083 if (err) 1084 return -EFAULT; 1085 old_fs = get_fs(); 1086 set_fs(KERNEL_DS); 1087 err = ext4_ioctl(file, EXT4_IOC_GROUP_ADD, 1088 (unsigned long) &input); 1089 set_fs(old_fs); 1090 return err; 1091 } 1092 case EXT4_IOC_MOVE_EXT: 1093 case EXT4_IOC_RESIZE_FS: 1094 case EXT4_IOC_PRECACHE_EXTENTS: 1095 case EXT4_IOC_SET_ENCRYPTION_POLICY: 1096 case EXT4_IOC_GET_ENCRYPTION_PWSALT: 1097 case EXT4_IOC_GET_ENCRYPTION_POLICY: 1098 case EXT4_IOC_SHUTDOWN: 1099 case FS_IOC_GETFSMAP: 1100 break; 1101 default: 1102 return -ENOIOCTLCMD; 1103 } 1104 return ext4_ioctl(file, cmd, (unsigned long) compat_ptr(arg)); 1105 } 1106 #endif 1107