1 /* 2 * linux/fs/ext4/ioctl.c 3 * 4 * Copyright (C) 1993, 1994, 1995 5 * Remy Card (card@masi.ibp.fr) 6 * Laboratoire MASI - Institut Blaise Pascal 7 * Universite Pierre et Marie Curie (Paris VI) 8 */ 9 10 #include <linux/fs.h> 11 #include <linux/capability.h> 12 #include <linux/time.h> 13 #include <linux/compat.h> 14 #include <linux/mount.h> 15 #include <linux/file.h> 16 #include <linux/quotaops.h> 17 #include <linux/uuid.h> 18 #include <linux/uaccess.h> 19 #include <linux/delay.h> 20 #include "ext4_jbd2.h" 21 #include "ext4.h" 22 #include <linux/fsmap.h> 23 #include "fsmap.h" 24 #include <trace/events/ext4.h> 25 26 /** 27 * Swap memory between @a and @b for @len bytes. 28 * 29 * @a: pointer to first memory area 30 * @b: pointer to second memory area 31 * @len: number of bytes to swap 32 * 33 */ 34 static void memswap(void *a, void *b, size_t len) 35 { 36 unsigned char *ap, *bp; 37 38 ap = (unsigned char *)a; 39 bp = (unsigned char *)b; 40 while (len-- > 0) { 41 swap(*ap, *bp); 42 ap++; 43 bp++; 44 } 45 } 46 47 /** 48 * Swap i_data and associated attributes between @inode1 and @inode2. 49 * This function is used for the primary swap between inode1 and inode2 50 * and also to revert this primary swap in case of errors. 51 * 52 * Therefore you have to make sure, that calling this method twice 53 * will revert all changes. 54 * 55 * @inode1: pointer to first inode 56 * @inode2: pointer to second inode 57 */ 58 static void swap_inode_data(struct inode *inode1, struct inode *inode2) 59 { 60 loff_t isize; 61 struct ext4_inode_info *ei1; 62 struct ext4_inode_info *ei2; 63 64 ei1 = EXT4_I(inode1); 65 ei2 = EXT4_I(inode2); 66 67 memswap(&inode1->i_flags, &inode2->i_flags, sizeof(inode1->i_flags)); 68 memswap(&inode1->i_version, &inode2->i_version, 69 sizeof(inode1->i_version)); 70 memswap(&inode1->i_blocks, &inode2->i_blocks, 71 sizeof(inode1->i_blocks)); 72 memswap(&inode1->i_bytes, &inode2->i_bytes, sizeof(inode1->i_bytes)); 73 memswap(&inode1->i_atime, &inode2->i_atime, sizeof(inode1->i_atime)); 74 memswap(&inode1->i_mtime, &inode2->i_mtime, sizeof(inode1->i_mtime)); 75 76 memswap(ei1->i_data, ei2->i_data, sizeof(ei1->i_data)); 77 memswap(&ei1->i_flags, &ei2->i_flags, sizeof(ei1->i_flags)); 78 memswap(&ei1->i_disksize, &ei2->i_disksize, sizeof(ei1->i_disksize)); 79 ext4_es_remove_extent(inode1, 0, EXT_MAX_BLOCKS); 80 ext4_es_remove_extent(inode2, 0, EXT_MAX_BLOCKS); 81 82 isize = i_size_read(inode1); 83 i_size_write(inode1, i_size_read(inode2)); 84 i_size_write(inode2, isize); 85 } 86 87 /** 88 * Swap the information from the given @inode and the inode 89 * EXT4_BOOT_LOADER_INO. It will basically swap i_data and all other 90 * important fields of the inodes. 91 * 92 * @sb: the super block of the filesystem 93 * @inode: the inode to swap with EXT4_BOOT_LOADER_INO 94 * 95 */ 96 static long swap_inode_boot_loader(struct super_block *sb, 97 struct inode *inode) 98 { 99 handle_t *handle; 100 int err; 101 struct inode *inode_bl; 102 struct ext4_inode_info *ei_bl; 103 struct ext4_sb_info *sbi = EXT4_SB(sb); 104 105 if (inode->i_nlink != 1 || !S_ISREG(inode->i_mode)) 106 return -EINVAL; 107 108 if (!inode_owner_or_capable(inode) || !capable(CAP_SYS_ADMIN)) 109 return -EPERM; 110 111 inode_bl = ext4_iget(sb, EXT4_BOOT_LOADER_INO); 112 if (IS_ERR(inode_bl)) 113 return PTR_ERR(inode_bl); 114 ei_bl = EXT4_I(inode_bl); 115 116 filemap_flush(inode->i_mapping); 117 filemap_flush(inode_bl->i_mapping); 118 119 /* Protect orig inodes against a truncate and make sure, 120 * that only 1 swap_inode_boot_loader is running. */ 121 lock_two_nondirectories(inode, inode_bl); 122 123 truncate_inode_pages(&inode->i_data, 0); 124 truncate_inode_pages(&inode_bl->i_data, 0); 125 126 /* Wait for all existing dio workers */ 127 ext4_inode_block_unlocked_dio(inode); 128 ext4_inode_block_unlocked_dio(inode_bl); 129 inode_dio_wait(inode); 130 inode_dio_wait(inode_bl); 131 132 handle = ext4_journal_start(inode_bl, EXT4_HT_MOVE_EXTENTS, 2); 133 if (IS_ERR(handle)) { 134 err = -EINVAL; 135 goto journal_err_out; 136 } 137 138 /* Protect extent tree against block allocations via delalloc */ 139 ext4_double_down_write_data_sem(inode, inode_bl); 140 141 if (inode_bl->i_nlink == 0) { 142 /* this inode has never been used as a BOOT_LOADER */ 143 set_nlink(inode_bl, 1); 144 i_uid_write(inode_bl, 0); 145 i_gid_write(inode_bl, 0); 146 inode_bl->i_flags = 0; 147 ei_bl->i_flags = 0; 148 inode_bl->i_version = 1; 149 i_size_write(inode_bl, 0); 150 inode_bl->i_mode = S_IFREG; 151 if (ext4_has_feature_extents(sb)) { 152 ext4_set_inode_flag(inode_bl, EXT4_INODE_EXTENTS); 153 ext4_ext_tree_init(handle, inode_bl); 154 } else 155 memset(ei_bl->i_data, 0, sizeof(ei_bl->i_data)); 156 } 157 158 swap_inode_data(inode, inode_bl); 159 160 inode->i_ctime = inode_bl->i_ctime = current_time(inode); 161 162 spin_lock(&sbi->s_next_gen_lock); 163 inode->i_generation = sbi->s_next_generation++; 164 inode_bl->i_generation = sbi->s_next_generation++; 165 spin_unlock(&sbi->s_next_gen_lock); 166 167 ext4_discard_preallocations(inode); 168 169 err = ext4_mark_inode_dirty(handle, inode); 170 if (err < 0) { 171 ext4_warning(inode->i_sb, 172 "couldn't mark inode #%lu dirty (err %d)", 173 inode->i_ino, err); 174 /* Revert all changes: */ 175 swap_inode_data(inode, inode_bl); 176 } else { 177 err = ext4_mark_inode_dirty(handle, inode_bl); 178 if (err < 0) { 179 ext4_warning(inode_bl->i_sb, 180 "couldn't mark inode #%lu dirty (err %d)", 181 inode_bl->i_ino, err); 182 /* Revert all changes: */ 183 swap_inode_data(inode, inode_bl); 184 ext4_mark_inode_dirty(handle, inode); 185 } 186 } 187 ext4_journal_stop(handle); 188 ext4_double_up_write_data_sem(inode, inode_bl); 189 190 journal_err_out: 191 ext4_inode_resume_unlocked_dio(inode); 192 ext4_inode_resume_unlocked_dio(inode_bl); 193 unlock_two_nondirectories(inode, inode_bl); 194 iput(inode_bl); 195 return err; 196 } 197 198 #ifdef CONFIG_EXT4_FS_ENCRYPTION 199 static int uuid_is_zero(__u8 u[16]) 200 { 201 int i; 202 203 for (i = 0; i < 16; i++) 204 if (u[i]) 205 return 0; 206 return 1; 207 } 208 #endif 209 210 static int ext4_ioctl_setflags(struct inode *inode, 211 unsigned int flags) 212 { 213 struct ext4_inode_info *ei = EXT4_I(inode); 214 handle_t *handle = NULL; 215 int err = -EPERM, migrate = 0; 216 struct ext4_iloc iloc; 217 unsigned int oldflags, mask, i; 218 unsigned int jflag; 219 220 /* Is it quota file? Do not allow user to mess with it */ 221 if (ext4_is_quota_file(inode)) 222 goto flags_out; 223 224 oldflags = ei->i_flags; 225 226 /* The JOURNAL_DATA flag is modifiable only by root */ 227 jflag = flags & EXT4_JOURNAL_DATA_FL; 228 229 /* 230 * The IMMUTABLE and APPEND_ONLY flags can only be changed by 231 * the relevant capability. 232 * 233 * This test looks nicer. Thanks to Pauline Middelink 234 */ 235 if ((flags ^ oldflags) & (EXT4_APPEND_FL | EXT4_IMMUTABLE_FL)) { 236 if (!capable(CAP_LINUX_IMMUTABLE)) 237 goto flags_out; 238 } 239 240 /* 241 * The JOURNAL_DATA flag can only be changed by 242 * the relevant capability. 243 */ 244 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) { 245 if (!capable(CAP_SYS_RESOURCE)) 246 goto flags_out; 247 } 248 if ((flags ^ oldflags) & EXT4_EXTENTS_FL) 249 migrate = 1; 250 251 if (flags & EXT4_EOFBLOCKS_FL) { 252 /* we don't support adding EOFBLOCKS flag */ 253 if (!(oldflags & EXT4_EOFBLOCKS_FL)) { 254 err = -EOPNOTSUPP; 255 goto flags_out; 256 } 257 } else if (oldflags & EXT4_EOFBLOCKS_FL) { 258 err = ext4_truncate(inode); 259 if (err) 260 goto flags_out; 261 } 262 263 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1); 264 if (IS_ERR(handle)) { 265 err = PTR_ERR(handle); 266 goto flags_out; 267 } 268 if (IS_SYNC(inode)) 269 ext4_handle_sync(handle); 270 err = ext4_reserve_inode_write(handle, inode, &iloc); 271 if (err) 272 goto flags_err; 273 274 for (i = 0, mask = 1; i < 32; i++, mask <<= 1) { 275 if (!(mask & EXT4_FL_USER_MODIFIABLE)) 276 continue; 277 /* These flags get special treatment later */ 278 if (mask == EXT4_JOURNAL_DATA_FL || mask == EXT4_EXTENTS_FL) 279 continue; 280 if (mask & flags) 281 ext4_set_inode_flag(inode, i); 282 else 283 ext4_clear_inode_flag(inode, i); 284 } 285 286 ext4_set_inode_flags(inode); 287 inode->i_ctime = current_time(inode); 288 289 err = ext4_mark_iloc_dirty(handle, inode, &iloc); 290 flags_err: 291 ext4_journal_stop(handle); 292 if (err) 293 goto flags_out; 294 295 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) 296 err = ext4_change_inode_journal_flag(inode, jflag); 297 if (err) 298 goto flags_out; 299 if (migrate) { 300 if (flags & EXT4_EXTENTS_FL) 301 err = ext4_ext_migrate(inode); 302 else 303 err = ext4_ind_migrate(inode); 304 } 305 306 flags_out: 307 return err; 308 } 309 310 #ifdef CONFIG_QUOTA 311 static int ext4_ioctl_setproject(struct file *filp, __u32 projid) 312 { 313 struct inode *inode = file_inode(filp); 314 struct super_block *sb = inode->i_sb; 315 struct ext4_inode_info *ei = EXT4_I(inode); 316 int err, rc; 317 handle_t *handle; 318 kprojid_t kprojid; 319 struct ext4_iloc iloc; 320 struct ext4_inode *raw_inode; 321 struct dquot *transfer_to[MAXQUOTAS] = { }; 322 323 if (!ext4_has_feature_project(sb)) { 324 if (projid != EXT4_DEF_PROJID) 325 return -EOPNOTSUPP; 326 else 327 return 0; 328 } 329 330 if (EXT4_INODE_SIZE(sb) <= EXT4_GOOD_OLD_INODE_SIZE) 331 return -EOPNOTSUPP; 332 333 kprojid = make_kprojid(&init_user_ns, (projid_t)projid); 334 335 if (projid_eq(kprojid, EXT4_I(inode)->i_projid)) 336 return 0; 337 338 err = mnt_want_write_file(filp); 339 if (err) 340 return err; 341 342 err = -EPERM; 343 inode_lock(inode); 344 /* Is it quota file? Do not allow user to mess with it */ 345 if (ext4_is_quota_file(inode)) 346 goto out_unlock; 347 348 err = ext4_get_inode_loc(inode, &iloc); 349 if (err) 350 goto out_unlock; 351 352 raw_inode = ext4_raw_inode(&iloc); 353 if (!EXT4_FITS_IN_INODE(raw_inode, ei, i_projid)) { 354 err = -EOVERFLOW; 355 brelse(iloc.bh); 356 goto out_unlock; 357 } 358 brelse(iloc.bh); 359 360 dquot_initialize(inode); 361 362 handle = ext4_journal_start(inode, EXT4_HT_QUOTA, 363 EXT4_QUOTA_INIT_BLOCKS(sb) + 364 EXT4_QUOTA_DEL_BLOCKS(sb) + 3); 365 if (IS_ERR(handle)) { 366 err = PTR_ERR(handle); 367 goto out_unlock; 368 } 369 370 err = ext4_reserve_inode_write(handle, inode, &iloc); 371 if (err) 372 goto out_stop; 373 374 transfer_to[PRJQUOTA] = dqget(sb, make_kqid_projid(kprojid)); 375 if (!IS_ERR(transfer_to[PRJQUOTA])) { 376 377 /* __dquot_transfer() calls back ext4_get_inode_usage() which 378 * counts xattr inode references. 379 */ 380 down_read(&EXT4_I(inode)->xattr_sem); 381 err = __dquot_transfer(inode, transfer_to); 382 up_read(&EXT4_I(inode)->xattr_sem); 383 dqput(transfer_to[PRJQUOTA]); 384 if (err) 385 goto out_dirty; 386 } 387 388 EXT4_I(inode)->i_projid = kprojid; 389 inode->i_ctime = current_time(inode); 390 out_dirty: 391 rc = ext4_mark_iloc_dirty(handle, inode, &iloc); 392 if (!err) 393 err = rc; 394 out_stop: 395 ext4_journal_stop(handle); 396 out_unlock: 397 inode_unlock(inode); 398 mnt_drop_write_file(filp); 399 return err; 400 } 401 #else 402 static int ext4_ioctl_setproject(struct file *filp, __u32 projid) 403 { 404 if (projid != EXT4_DEF_PROJID) 405 return -EOPNOTSUPP; 406 return 0; 407 } 408 #endif 409 410 /* Transfer internal flags to xflags */ 411 static inline __u32 ext4_iflags_to_xflags(unsigned long iflags) 412 { 413 __u32 xflags = 0; 414 415 if (iflags & EXT4_SYNC_FL) 416 xflags |= FS_XFLAG_SYNC; 417 if (iflags & EXT4_IMMUTABLE_FL) 418 xflags |= FS_XFLAG_IMMUTABLE; 419 if (iflags & EXT4_APPEND_FL) 420 xflags |= FS_XFLAG_APPEND; 421 if (iflags & EXT4_NODUMP_FL) 422 xflags |= FS_XFLAG_NODUMP; 423 if (iflags & EXT4_NOATIME_FL) 424 xflags |= FS_XFLAG_NOATIME; 425 if (iflags & EXT4_PROJINHERIT_FL) 426 xflags |= FS_XFLAG_PROJINHERIT; 427 return xflags; 428 } 429 430 #define EXT4_SUPPORTED_FS_XFLAGS (FS_XFLAG_SYNC | FS_XFLAG_IMMUTABLE | \ 431 FS_XFLAG_APPEND | FS_XFLAG_NODUMP | \ 432 FS_XFLAG_NOATIME | FS_XFLAG_PROJINHERIT) 433 434 /* Transfer xflags flags to internal */ 435 static inline unsigned long ext4_xflags_to_iflags(__u32 xflags) 436 { 437 unsigned long iflags = 0; 438 439 if (xflags & FS_XFLAG_SYNC) 440 iflags |= EXT4_SYNC_FL; 441 if (xflags & FS_XFLAG_IMMUTABLE) 442 iflags |= EXT4_IMMUTABLE_FL; 443 if (xflags & FS_XFLAG_APPEND) 444 iflags |= EXT4_APPEND_FL; 445 if (xflags & FS_XFLAG_NODUMP) 446 iflags |= EXT4_NODUMP_FL; 447 if (xflags & FS_XFLAG_NOATIME) 448 iflags |= EXT4_NOATIME_FL; 449 if (xflags & FS_XFLAG_PROJINHERIT) 450 iflags |= EXT4_PROJINHERIT_FL; 451 452 return iflags; 453 } 454 455 static int ext4_shutdown(struct super_block *sb, unsigned long arg) 456 { 457 struct ext4_sb_info *sbi = EXT4_SB(sb); 458 __u32 flags; 459 460 if (!capable(CAP_SYS_ADMIN)) 461 return -EPERM; 462 463 if (get_user(flags, (__u32 __user *)arg)) 464 return -EFAULT; 465 466 if (flags > EXT4_GOING_FLAGS_NOLOGFLUSH) 467 return -EINVAL; 468 469 if (ext4_forced_shutdown(sbi)) 470 return 0; 471 472 ext4_msg(sb, KERN_ALERT, "shut down requested (%d)", flags); 473 474 switch (flags) { 475 case EXT4_GOING_FLAGS_DEFAULT: 476 freeze_bdev(sb->s_bdev); 477 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags); 478 thaw_bdev(sb->s_bdev, sb); 479 break; 480 case EXT4_GOING_FLAGS_LOGFLUSH: 481 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags); 482 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) { 483 (void) ext4_force_commit(sb); 484 jbd2_journal_abort(sbi->s_journal, 0); 485 } 486 break; 487 case EXT4_GOING_FLAGS_NOLOGFLUSH: 488 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags); 489 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) { 490 msleep(100); 491 jbd2_journal_abort(sbi->s_journal, 0); 492 } 493 break; 494 default: 495 return -EINVAL; 496 } 497 clear_opt(sb, DISCARD); 498 return 0; 499 } 500 501 struct getfsmap_info { 502 struct super_block *gi_sb; 503 struct fsmap_head __user *gi_data; 504 unsigned int gi_idx; 505 __u32 gi_last_flags; 506 }; 507 508 static int ext4_getfsmap_format(struct ext4_fsmap *xfm, void *priv) 509 { 510 struct getfsmap_info *info = priv; 511 struct fsmap fm; 512 513 trace_ext4_getfsmap_mapping(info->gi_sb, xfm); 514 515 info->gi_last_flags = xfm->fmr_flags; 516 ext4_fsmap_from_internal(info->gi_sb, &fm, xfm); 517 if (copy_to_user(&info->gi_data->fmh_recs[info->gi_idx++], &fm, 518 sizeof(struct fsmap))) 519 return -EFAULT; 520 521 return 0; 522 } 523 524 static int ext4_ioc_getfsmap(struct super_block *sb, 525 struct fsmap_head __user *arg) 526 { 527 struct getfsmap_info info = {0}; 528 struct ext4_fsmap_head xhead = {0}; 529 struct fsmap_head head; 530 bool aborted = false; 531 int error; 532 533 if (copy_from_user(&head, arg, sizeof(struct fsmap_head))) 534 return -EFAULT; 535 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) || 536 memchr_inv(head.fmh_keys[0].fmr_reserved, 0, 537 sizeof(head.fmh_keys[0].fmr_reserved)) || 538 memchr_inv(head.fmh_keys[1].fmr_reserved, 0, 539 sizeof(head.fmh_keys[1].fmr_reserved))) 540 return -EINVAL; 541 /* 542 * ext4 doesn't report file extents at all, so the only valid 543 * file offsets are the magic ones (all zeroes or all ones). 544 */ 545 if (head.fmh_keys[0].fmr_offset || 546 (head.fmh_keys[1].fmr_offset != 0 && 547 head.fmh_keys[1].fmr_offset != -1ULL)) 548 return -EINVAL; 549 550 xhead.fmh_iflags = head.fmh_iflags; 551 xhead.fmh_count = head.fmh_count; 552 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[0], &head.fmh_keys[0]); 553 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[1], &head.fmh_keys[1]); 554 555 trace_ext4_getfsmap_low_key(sb, &xhead.fmh_keys[0]); 556 trace_ext4_getfsmap_high_key(sb, &xhead.fmh_keys[1]); 557 558 info.gi_sb = sb; 559 info.gi_data = arg; 560 error = ext4_getfsmap(sb, &xhead, ext4_getfsmap_format, &info); 561 if (error == EXT4_QUERY_RANGE_ABORT) { 562 error = 0; 563 aborted = true; 564 } else if (error) 565 return error; 566 567 /* If we didn't abort, set the "last" flag in the last fmx */ 568 if (!aborted && info.gi_idx) { 569 info.gi_last_flags |= FMR_OF_LAST; 570 if (copy_to_user(&info.gi_data->fmh_recs[info.gi_idx - 1].fmr_flags, 571 &info.gi_last_flags, 572 sizeof(info.gi_last_flags))) 573 return -EFAULT; 574 } 575 576 /* copy back header */ 577 head.fmh_entries = xhead.fmh_entries; 578 head.fmh_oflags = xhead.fmh_oflags; 579 if (copy_to_user(arg, &head, sizeof(struct fsmap_head))) 580 return -EFAULT; 581 582 return 0; 583 } 584 585 long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) 586 { 587 struct inode *inode = file_inode(filp); 588 struct super_block *sb = inode->i_sb; 589 struct ext4_inode_info *ei = EXT4_I(inode); 590 unsigned int flags; 591 592 ext4_debug("cmd = %u, arg = %lu\n", cmd, arg); 593 594 switch (cmd) { 595 case FS_IOC_GETFSMAP: 596 return ext4_ioc_getfsmap(sb, (void __user *)arg); 597 case EXT4_IOC_GETFLAGS: 598 flags = ei->i_flags & EXT4_FL_USER_VISIBLE; 599 return put_user(flags, (int __user *) arg); 600 case EXT4_IOC_SETFLAGS: { 601 int err; 602 603 if (!inode_owner_or_capable(inode)) 604 return -EACCES; 605 606 if (get_user(flags, (int __user *) arg)) 607 return -EFAULT; 608 609 if (flags & ~EXT4_FL_USER_VISIBLE) 610 return -EOPNOTSUPP; 611 /* 612 * chattr(1) grabs flags via GETFLAGS, modifies the result and 613 * passes that to SETFLAGS. So we cannot easily make SETFLAGS 614 * more restrictive than just silently masking off visible but 615 * not settable flags as we always did. 616 */ 617 flags &= EXT4_FL_USER_MODIFIABLE; 618 if (ext4_mask_flags(inode->i_mode, flags) != flags) 619 return -EOPNOTSUPP; 620 621 err = mnt_want_write_file(filp); 622 if (err) 623 return err; 624 625 inode_lock(inode); 626 err = ext4_ioctl_setflags(inode, flags); 627 inode_unlock(inode); 628 mnt_drop_write_file(filp); 629 return err; 630 } 631 case EXT4_IOC_GETVERSION: 632 case EXT4_IOC_GETVERSION_OLD: 633 return put_user(inode->i_generation, (int __user *) arg); 634 case EXT4_IOC_SETVERSION: 635 case EXT4_IOC_SETVERSION_OLD: { 636 handle_t *handle; 637 struct ext4_iloc iloc; 638 __u32 generation; 639 int err; 640 641 if (!inode_owner_or_capable(inode)) 642 return -EPERM; 643 644 if (ext4_has_metadata_csum(inode->i_sb)) { 645 ext4_warning(sb, "Setting inode version is not " 646 "supported with metadata_csum enabled."); 647 return -ENOTTY; 648 } 649 650 err = mnt_want_write_file(filp); 651 if (err) 652 return err; 653 if (get_user(generation, (int __user *) arg)) { 654 err = -EFAULT; 655 goto setversion_out; 656 } 657 658 inode_lock(inode); 659 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1); 660 if (IS_ERR(handle)) { 661 err = PTR_ERR(handle); 662 goto unlock_out; 663 } 664 err = ext4_reserve_inode_write(handle, inode, &iloc); 665 if (err == 0) { 666 inode->i_ctime = current_time(inode); 667 inode->i_generation = generation; 668 err = ext4_mark_iloc_dirty(handle, inode, &iloc); 669 } 670 ext4_journal_stop(handle); 671 672 unlock_out: 673 inode_unlock(inode); 674 setversion_out: 675 mnt_drop_write_file(filp); 676 return err; 677 } 678 case EXT4_IOC_GROUP_EXTEND: { 679 ext4_fsblk_t n_blocks_count; 680 int err, err2=0; 681 682 err = ext4_resize_begin(sb); 683 if (err) 684 return err; 685 686 if (get_user(n_blocks_count, (__u32 __user *)arg)) { 687 err = -EFAULT; 688 goto group_extend_out; 689 } 690 691 if (ext4_has_feature_bigalloc(sb)) { 692 ext4_msg(sb, KERN_ERR, 693 "Online resizing not supported with bigalloc"); 694 err = -EOPNOTSUPP; 695 goto group_extend_out; 696 } 697 698 err = mnt_want_write_file(filp); 699 if (err) 700 goto group_extend_out; 701 702 err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count); 703 if (EXT4_SB(sb)->s_journal) { 704 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal); 705 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal); 706 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal); 707 } 708 if (err == 0) 709 err = err2; 710 mnt_drop_write_file(filp); 711 group_extend_out: 712 ext4_resize_end(sb); 713 return err; 714 } 715 716 case EXT4_IOC_MOVE_EXT: { 717 struct move_extent me; 718 struct fd donor; 719 int err; 720 721 if (!(filp->f_mode & FMODE_READ) || 722 !(filp->f_mode & FMODE_WRITE)) 723 return -EBADF; 724 725 if (copy_from_user(&me, 726 (struct move_extent __user *)arg, sizeof(me))) 727 return -EFAULT; 728 me.moved_len = 0; 729 730 donor = fdget(me.donor_fd); 731 if (!donor.file) 732 return -EBADF; 733 734 if (!(donor.file->f_mode & FMODE_WRITE)) { 735 err = -EBADF; 736 goto mext_out; 737 } 738 739 if (ext4_has_feature_bigalloc(sb)) { 740 ext4_msg(sb, KERN_ERR, 741 "Online defrag not supported with bigalloc"); 742 err = -EOPNOTSUPP; 743 goto mext_out; 744 } else if (IS_DAX(inode)) { 745 ext4_msg(sb, KERN_ERR, 746 "Online defrag not supported with DAX"); 747 err = -EOPNOTSUPP; 748 goto mext_out; 749 } 750 751 err = mnt_want_write_file(filp); 752 if (err) 753 goto mext_out; 754 755 err = ext4_move_extents(filp, donor.file, me.orig_start, 756 me.donor_start, me.len, &me.moved_len); 757 mnt_drop_write_file(filp); 758 759 if (copy_to_user((struct move_extent __user *)arg, 760 &me, sizeof(me))) 761 err = -EFAULT; 762 mext_out: 763 fdput(donor); 764 return err; 765 } 766 767 case EXT4_IOC_GROUP_ADD: { 768 struct ext4_new_group_data input; 769 int err, err2=0; 770 771 err = ext4_resize_begin(sb); 772 if (err) 773 return err; 774 775 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg, 776 sizeof(input))) { 777 err = -EFAULT; 778 goto group_add_out; 779 } 780 781 if (ext4_has_feature_bigalloc(sb)) { 782 ext4_msg(sb, KERN_ERR, 783 "Online resizing not supported with bigalloc"); 784 err = -EOPNOTSUPP; 785 goto group_add_out; 786 } 787 788 err = mnt_want_write_file(filp); 789 if (err) 790 goto group_add_out; 791 792 err = ext4_group_add(sb, &input); 793 if (EXT4_SB(sb)->s_journal) { 794 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal); 795 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal); 796 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal); 797 } 798 if (err == 0) 799 err = err2; 800 mnt_drop_write_file(filp); 801 if (!err && ext4_has_group_desc_csum(sb) && 802 test_opt(sb, INIT_INODE_TABLE)) 803 err = ext4_register_li_request(sb, input.group); 804 group_add_out: 805 ext4_resize_end(sb); 806 return err; 807 } 808 809 case EXT4_IOC_MIGRATE: 810 { 811 int err; 812 if (!inode_owner_or_capable(inode)) 813 return -EACCES; 814 815 err = mnt_want_write_file(filp); 816 if (err) 817 return err; 818 /* 819 * inode_mutex prevent write and truncate on the file. 820 * Read still goes through. We take i_data_sem in 821 * ext4_ext_swap_inode_data before we switch the 822 * inode format to prevent read. 823 */ 824 inode_lock((inode)); 825 err = ext4_ext_migrate(inode); 826 inode_unlock((inode)); 827 mnt_drop_write_file(filp); 828 return err; 829 } 830 831 case EXT4_IOC_ALLOC_DA_BLKS: 832 { 833 int err; 834 if (!inode_owner_or_capable(inode)) 835 return -EACCES; 836 837 err = mnt_want_write_file(filp); 838 if (err) 839 return err; 840 err = ext4_alloc_da_blocks(inode); 841 mnt_drop_write_file(filp); 842 return err; 843 } 844 845 case EXT4_IOC_SWAP_BOOT: 846 { 847 int err; 848 if (!(filp->f_mode & FMODE_WRITE)) 849 return -EBADF; 850 err = mnt_want_write_file(filp); 851 if (err) 852 return err; 853 err = swap_inode_boot_loader(sb, inode); 854 mnt_drop_write_file(filp); 855 return err; 856 } 857 858 case EXT4_IOC_RESIZE_FS: { 859 ext4_fsblk_t n_blocks_count; 860 int err = 0, err2 = 0; 861 ext4_group_t o_group = EXT4_SB(sb)->s_groups_count; 862 863 if (ext4_has_feature_bigalloc(sb)) { 864 ext4_msg(sb, KERN_ERR, 865 "Online resizing not (yet) supported with bigalloc"); 866 return -EOPNOTSUPP; 867 } 868 869 if (copy_from_user(&n_blocks_count, (__u64 __user *)arg, 870 sizeof(__u64))) { 871 return -EFAULT; 872 } 873 874 err = ext4_resize_begin(sb); 875 if (err) 876 return err; 877 878 err = mnt_want_write_file(filp); 879 if (err) 880 goto resizefs_out; 881 882 err = ext4_resize_fs(sb, n_blocks_count); 883 if (EXT4_SB(sb)->s_journal) { 884 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal); 885 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal); 886 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal); 887 } 888 if (err == 0) 889 err = err2; 890 mnt_drop_write_file(filp); 891 if (!err && (o_group > EXT4_SB(sb)->s_groups_count) && 892 ext4_has_group_desc_csum(sb) && 893 test_opt(sb, INIT_INODE_TABLE)) 894 err = ext4_register_li_request(sb, o_group); 895 896 resizefs_out: 897 ext4_resize_end(sb); 898 return err; 899 } 900 901 case FITRIM: 902 { 903 struct request_queue *q = bdev_get_queue(sb->s_bdev); 904 struct fstrim_range range; 905 int ret = 0; 906 907 if (!capable(CAP_SYS_ADMIN)) 908 return -EPERM; 909 910 if (!blk_queue_discard(q)) 911 return -EOPNOTSUPP; 912 913 if (copy_from_user(&range, (struct fstrim_range __user *)arg, 914 sizeof(range))) 915 return -EFAULT; 916 917 range.minlen = max((unsigned int)range.minlen, 918 q->limits.discard_granularity); 919 ret = ext4_trim_fs(sb, &range); 920 if (ret < 0) 921 return ret; 922 923 if (copy_to_user((struct fstrim_range __user *)arg, &range, 924 sizeof(range))) 925 return -EFAULT; 926 927 return 0; 928 } 929 case EXT4_IOC_PRECACHE_EXTENTS: 930 return ext4_ext_precache(inode); 931 932 case EXT4_IOC_SET_ENCRYPTION_POLICY: 933 if (!ext4_has_feature_encrypt(sb)) 934 return -EOPNOTSUPP; 935 return fscrypt_ioctl_set_policy(filp, (const void __user *)arg); 936 937 case EXT4_IOC_GET_ENCRYPTION_PWSALT: { 938 #ifdef CONFIG_EXT4_FS_ENCRYPTION 939 int err, err2; 940 struct ext4_sb_info *sbi = EXT4_SB(sb); 941 handle_t *handle; 942 943 if (!ext4_has_feature_encrypt(sb)) 944 return -EOPNOTSUPP; 945 if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) { 946 err = mnt_want_write_file(filp); 947 if (err) 948 return err; 949 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1); 950 if (IS_ERR(handle)) { 951 err = PTR_ERR(handle); 952 goto pwsalt_err_exit; 953 } 954 err = ext4_journal_get_write_access(handle, sbi->s_sbh); 955 if (err) 956 goto pwsalt_err_journal; 957 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt); 958 err = ext4_handle_dirty_metadata(handle, NULL, 959 sbi->s_sbh); 960 pwsalt_err_journal: 961 err2 = ext4_journal_stop(handle); 962 if (err2 && !err) 963 err = err2; 964 pwsalt_err_exit: 965 mnt_drop_write_file(filp); 966 if (err) 967 return err; 968 } 969 if (copy_to_user((void __user *) arg, 970 sbi->s_es->s_encrypt_pw_salt, 16)) 971 return -EFAULT; 972 return 0; 973 #else 974 return -EOPNOTSUPP; 975 #endif 976 } 977 case EXT4_IOC_GET_ENCRYPTION_POLICY: 978 return fscrypt_ioctl_get_policy(filp, (void __user *)arg); 979 980 case EXT4_IOC_FSGETXATTR: 981 { 982 struct fsxattr fa; 983 984 memset(&fa, 0, sizeof(struct fsxattr)); 985 fa.fsx_xflags = ext4_iflags_to_xflags(ei->i_flags & EXT4_FL_USER_VISIBLE); 986 987 if (ext4_has_feature_project(inode->i_sb)) { 988 fa.fsx_projid = (__u32)from_kprojid(&init_user_ns, 989 EXT4_I(inode)->i_projid); 990 } 991 992 if (copy_to_user((struct fsxattr __user *)arg, 993 &fa, sizeof(fa))) 994 return -EFAULT; 995 return 0; 996 } 997 case EXT4_IOC_FSSETXATTR: 998 { 999 struct fsxattr fa; 1000 int err; 1001 1002 if (copy_from_user(&fa, (struct fsxattr __user *)arg, 1003 sizeof(fa))) 1004 return -EFAULT; 1005 1006 /* Make sure caller has proper permission */ 1007 if (!inode_owner_or_capable(inode)) 1008 return -EACCES; 1009 1010 if (fa.fsx_xflags & ~EXT4_SUPPORTED_FS_XFLAGS) 1011 return -EOPNOTSUPP; 1012 1013 flags = ext4_xflags_to_iflags(fa.fsx_xflags); 1014 if (ext4_mask_flags(inode->i_mode, flags) != flags) 1015 return -EOPNOTSUPP; 1016 1017 err = mnt_want_write_file(filp); 1018 if (err) 1019 return err; 1020 1021 inode_lock(inode); 1022 flags = (ei->i_flags & ~EXT4_FL_XFLAG_VISIBLE) | 1023 (flags & EXT4_FL_XFLAG_VISIBLE); 1024 err = ext4_ioctl_setflags(inode, flags); 1025 inode_unlock(inode); 1026 mnt_drop_write_file(filp); 1027 if (err) 1028 return err; 1029 1030 err = ext4_ioctl_setproject(filp, fa.fsx_projid); 1031 if (err) 1032 return err; 1033 1034 return 0; 1035 } 1036 case EXT4_IOC_SHUTDOWN: 1037 return ext4_shutdown(sb, arg); 1038 default: 1039 return -ENOTTY; 1040 } 1041 } 1042 1043 #ifdef CONFIG_COMPAT 1044 long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 1045 { 1046 /* These are just misnamed, they actually get/put from/to user an int */ 1047 switch (cmd) { 1048 case EXT4_IOC32_GETFLAGS: 1049 cmd = EXT4_IOC_GETFLAGS; 1050 break; 1051 case EXT4_IOC32_SETFLAGS: 1052 cmd = EXT4_IOC_SETFLAGS; 1053 break; 1054 case EXT4_IOC32_GETVERSION: 1055 cmd = EXT4_IOC_GETVERSION; 1056 break; 1057 case EXT4_IOC32_SETVERSION: 1058 cmd = EXT4_IOC_SETVERSION; 1059 break; 1060 case EXT4_IOC32_GROUP_EXTEND: 1061 cmd = EXT4_IOC_GROUP_EXTEND; 1062 break; 1063 case EXT4_IOC32_GETVERSION_OLD: 1064 cmd = EXT4_IOC_GETVERSION_OLD; 1065 break; 1066 case EXT4_IOC32_SETVERSION_OLD: 1067 cmd = EXT4_IOC_SETVERSION_OLD; 1068 break; 1069 case EXT4_IOC32_GETRSVSZ: 1070 cmd = EXT4_IOC_GETRSVSZ; 1071 break; 1072 case EXT4_IOC32_SETRSVSZ: 1073 cmd = EXT4_IOC_SETRSVSZ; 1074 break; 1075 case EXT4_IOC32_GROUP_ADD: { 1076 struct compat_ext4_new_group_input __user *uinput; 1077 struct ext4_new_group_input input; 1078 mm_segment_t old_fs; 1079 int err; 1080 1081 uinput = compat_ptr(arg); 1082 err = get_user(input.group, &uinput->group); 1083 err |= get_user(input.block_bitmap, &uinput->block_bitmap); 1084 err |= get_user(input.inode_bitmap, &uinput->inode_bitmap); 1085 err |= get_user(input.inode_table, &uinput->inode_table); 1086 err |= get_user(input.blocks_count, &uinput->blocks_count); 1087 err |= get_user(input.reserved_blocks, 1088 &uinput->reserved_blocks); 1089 if (err) 1090 return -EFAULT; 1091 old_fs = get_fs(); 1092 set_fs(KERNEL_DS); 1093 err = ext4_ioctl(file, EXT4_IOC_GROUP_ADD, 1094 (unsigned long) &input); 1095 set_fs(old_fs); 1096 return err; 1097 } 1098 case EXT4_IOC_MOVE_EXT: 1099 case EXT4_IOC_RESIZE_FS: 1100 case EXT4_IOC_PRECACHE_EXTENTS: 1101 case EXT4_IOC_SET_ENCRYPTION_POLICY: 1102 case EXT4_IOC_GET_ENCRYPTION_PWSALT: 1103 case EXT4_IOC_GET_ENCRYPTION_POLICY: 1104 case EXT4_IOC_SHUTDOWN: 1105 case FS_IOC_GETFSMAP: 1106 break; 1107 default: 1108 return -ENOIOCTLCMD; 1109 } 1110 return ext4_ioctl(file, cmd, (unsigned long) compat_ptr(arg)); 1111 } 1112 #endif 1113