1 /* 2 * linux/fs/fat/file.c 3 * 4 * Written 1992,1993 by Werner Almesberger 5 * 6 * regular file handling primitives for fat-based filesystems 7 */ 8 9 #include <linux/capability.h> 10 #include <linux/module.h> 11 #include <linux/compat.h> 12 #include <linux/mount.h> 13 #include <linux/blkdev.h> 14 #include <linux/fsnotify.h> 15 #include <linux/security.h> 16 #include "fat.h" 17 18 static int fat_ioctl_get_attributes(struct inode *inode, u32 __user *user_attr) 19 { 20 u32 attr; 21 22 mutex_lock(&inode->i_mutex); 23 attr = fat_make_attrs(inode); 24 mutex_unlock(&inode->i_mutex); 25 26 return put_user(attr, user_attr); 27 } 28 29 static int fat_ioctl_set_attributes(struct file *file, u32 __user *user_attr) 30 { 31 struct inode *inode = file_inode(file); 32 struct msdos_sb_info *sbi = MSDOS_SB(inode->i_sb); 33 int is_dir = S_ISDIR(inode->i_mode); 34 u32 attr, oldattr; 35 struct iattr ia; 36 int err; 37 38 err = get_user(attr, user_attr); 39 if (err) 40 goto out; 41 42 err = mnt_want_write_file(file); 43 if (err) 44 goto out; 45 mutex_lock(&inode->i_mutex); 46 47 /* 48 * ATTR_VOLUME and ATTR_DIR cannot be changed; this also 49 * prevents the user from turning us into a VFAT 50 * longname entry. Also, we obviously can't set 51 * any of the NTFS attributes in the high 24 bits. 52 */ 53 attr &= 0xff & ~(ATTR_VOLUME | ATTR_DIR); 54 /* Merge in ATTR_VOLUME and ATTR_DIR */ 55 attr |= (MSDOS_I(inode)->i_attrs & ATTR_VOLUME) | 56 (is_dir ? ATTR_DIR : 0); 57 oldattr = fat_make_attrs(inode); 58 59 /* Equivalent to a chmod() */ 60 ia.ia_valid = ATTR_MODE | ATTR_CTIME; 61 ia.ia_ctime = current_fs_time(inode->i_sb); 62 if (is_dir) 63 ia.ia_mode = fat_make_mode(sbi, attr, S_IRWXUGO); 64 else { 65 ia.ia_mode = fat_make_mode(sbi, attr, 66 S_IRUGO | S_IWUGO | (inode->i_mode & S_IXUGO)); 67 } 68 69 /* The root directory has no attributes */ 70 if (inode->i_ino == MSDOS_ROOT_INO && attr != ATTR_DIR) { 71 err = -EINVAL; 72 goto out_unlock_inode; 73 } 74 75 if (sbi->options.sys_immutable && 76 ((attr | oldattr) & ATTR_SYS) && 77 !capable(CAP_LINUX_IMMUTABLE)) { 78 err = -EPERM; 79 goto out_unlock_inode; 80 } 81 82 /* 83 * The security check is questionable... We single 84 * out the RO attribute for checking by the security 85 * module, just because it maps to a file mode. 86 */ 87 err = security_inode_setattr(file->f_path.dentry, &ia); 88 if (err) 89 goto out_unlock_inode; 90 91 /* This MUST be done before doing anything irreversible... */ 92 err = fat_setattr(file->f_path.dentry, &ia); 93 if (err) 94 goto out_unlock_inode; 95 96 fsnotify_change(file->f_path.dentry, ia.ia_valid); 97 if (sbi->options.sys_immutable) { 98 if (attr & ATTR_SYS) 99 inode->i_flags |= S_IMMUTABLE; 100 else 101 inode->i_flags &= ~S_IMMUTABLE; 102 } 103 104 fat_save_attrs(inode, attr); 105 mark_inode_dirty(inode); 106 out_unlock_inode: 107 mutex_unlock(&inode->i_mutex); 108 mnt_drop_write_file(file); 109 out: 110 return err; 111 } 112 113 static int fat_ioctl_get_volume_id(struct inode *inode, u32 __user *user_attr) 114 { 115 struct msdos_sb_info *sbi = MSDOS_SB(inode->i_sb); 116 return put_user(sbi->vol_id, user_attr); 117 } 118 119 long fat_generic_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) 120 { 121 struct inode *inode = file_inode(filp); 122 u32 __user *user_attr = (u32 __user *)arg; 123 124 switch (cmd) { 125 case FAT_IOCTL_GET_ATTRIBUTES: 126 return fat_ioctl_get_attributes(inode, user_attr); 127 case FAT_IOCTL_SET_ATTRIBUTES: 128 return fat_ioctl_set_attributes(filp, user_attr); 129 case FAT_IOCTL_GET_VOLUME_ID: 130 return fat_ioctl_get_volume_id(inode, user_attr); 131 default: 132 return -ENOTTY; /* Inappropriate ioctl for device */ 133 } 134 } 135 136 #ifdef CONFIG_COMPAT 137 static long fat_generic_compat_ioctl(struct file *filp, unsigned int cmd, 138 unsigned long arg) 139 140 { 141 return fat_generic_ioctl(filp, cmd, (unsigned long)compat_ptr(arg)); 142 } 143 #endif 144 145 static int fat_file_release(struct inode *inode, struct file *filp) 146 { 147 if ((filp->f_mode & FMODE_WRITE) && 148 MSDOS_SB(inode->i_sb)->options.flush) { 149 fat_flush_inodes(inode->i_sb, inode, NULL); 150 congestion_wait(BLK_RW_ASYNC, HZ/10); 151 } 152 return 0; 153 } 154 155 int fat_file_fsync(struct file *filp, loff_t start, loff_t end, int datasync) 156 { 157 struct inode *inode = filp->f_mapping->host; 158 int res, err; 159 160 res = generic_file_fsync(filp, start, end, datasync); 161 err = sync_mapping_buffers(MSDOS_SB(inode->i_sb)->fat_inode->i_mapping); 162 163 return res ? res : err; 164 } 165 166 167 const struct file_operations fat_file_operations = { 168 .llseek = generic_file_llseek, 169 .read_iter = generic_file_read_iter, 170 .write_iter = generic_file_write_iter, 171 .mmap = generic_file_mmap, 172 .release = fat_file_release, 173 .unlocked_ioctl = fat_generic_ioctl, 174 #ifdef CONFIG_COMPAT 175 .compat_ioctl = fat_generic_compat_ioctl, 176 #endif 177 .fsync = fat_file_fsync, 178 .splice_read = generic_file_splice_read, 179 }; 180 181 static int fat_cont_expand(struct inode *inode, loff_t size) 182 { 183 struct address_space *mapping = inode->i_mapping; 184 loff_t start = inode->i_size, count = size - inode->i_size; 185 int err; 186 187 err = generic_cont_expand_simple(inode, size); 188 if (err) 189 goto out; 190 191 inode->i_ctime = inode->i_mtime = CURRENT_TIME_SEC; 192 mark_inode_dirty(inode); 193 if (IS_SYNC(inode)) { 194 int err2; 195 196 /* 197 * Opencode syncing since we don't have a file open to use 198 * standard fsync path. 199 */ 200 err = filemap_fdatawrite_range(mapping, start, 201 start + count - 1); 202 err2 = sync_mapping_buffers(mapping); 203 if (!err) 204 err = err2; 205 err2 = write_inode_now(inode, 1); 206 if (!err) 207 err = err2; 208 if (!err) { 209 err = filemap_fdatawait_range(mapping, start, 210 start + count - 1); 211 } 212 } 213 out: 214 return err; 215 } 216 217 /* Free all clusters after the skip'th cluster. */ 218 static int fat_free(struct inode *inode, int skip) 219 { 220 struct super_block *sb = inode->i_sb; 221 int err, wait, free_start, i_start, i_logstart; 222 223 if (MSDOS_I(inode)->i_start == 0) 224 return 0; 225 226 fat_cache_inval_inode(inode); 227 228 wait = IS_DIRSYNC(inode); 229 i_start = free_start = MSDOS_I(inode)->i_start; 230 i_logstart = MSDOS_I(inode)->i_logstart; 231 232 /* First, we write the new file size. */ 233 if (!skip) { 234 MSDOS_I(inode)->i_start = 0; 235 MSDOS_I(inode)->i_logstart = 0; 236 } 237 MSDOS_I(inode)->i_attrs |= ATTR_ARCH; 238 inode->i_ctime = inode->i_mtime = CURRENT_TIME_SEC; 239 if (wait) { 240 err = fat_sync_inode(inode); 241 if (err) { 242 MSDOS_I(inode)->i_start = i_start; 243 MSDOS_I(inode)->i_logstart = i_logstart; 244 return err; 245 } 246 } else 247 mark_inode_dirty(inode); 248 249 /* Write a new EOF, and get the remaining cluster chain for freeing. */ 250 if (skip) { 251 struct fat_entry fatent; 252 int ret, fclus, dclus; 253 254 ret = fat_get_cluster(inode, skip - 1, &fclus, &dclus); 255 if (ret < 0) 256 return ret; 257 else if (ret == FAT_ENT_EOF) 258 return 0; 259 260 fatent_init(&fatent); 261 ret = fat_ent_read(inode, &fatent, dclus); 262 if (ret == FAT_ENT_EOF) { 263 fatent_brelse(&fatent); 264 return 0; 265 } else if (ret == FAT_ENT_FREE) { 266 fat_fs_error(sb, 267 "%s: invalid cluster chain (i_pos %lld)", 268 __func__, MSDOS_I(inode)->i_pos); 269 ret = -EIO; 270 } else if (ret > 0) { 271 err = fat_ent_write(inode, &fatent, FAT_ENT_EOF, wait); 272 if (err) 273 ret = err; 274 } 275 fatent_brelse(&fatent); 276 if (ret < 0) 277 return ret; 278 279 free_start = ret; 280 } 281 inode->i_blocks = skip << (MSDOS_SB(sb)->cluster_bits - 9); 282 283 /* Freeing the remained cluster chain */ 284 return fat_free_clusters(inode, free_start); 285 } 286 287 void fat_truncate_blocks(struct inode *inode, loff_t offset) 288 { 289 struct msdos_sb_info *sbi = MSDOS_SB(inode->i_sb); 290 const unsigned int cluster_size = sbi->cluster_size; 291 int nr_clusters; 292 293 /* 294 * This protects against truncating a file bigger than it was then 295 * trying to write into the hole. 296 */ 297 if (MSDOS_I(inode)->mmu_private > offset) 298 MSDOS_I(inode)->mmu_private = offset; 299 300 nr_clusters = (offset + (cluster_size - 1)) >> sbi->cluster_bits; 301 302 fat_free(inode, nr_clusters); 303 fat_flush_inodes(inode->i_sb, inode, NULL); 304 } 305 306 int fat_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat) 307 { 308 struct inode *inode = d_inode(dentry); 309 generic_fillattr(inode, stat); 310 stat->blksize = MSDOS_SB(inode->i_sb)->cluster_size; 311 312 if (MSDOS_SB(inode->i_sb)->options.nfs == FAT_NFS_NOSTALE_RO) { 313 /* Use i_pos for ino. This is used as fileid of nfs. */ 314 stat->ino = fat_i_pos_read(MSDOS_SB(inode->i_sb), inode); 315 } 316 return 0; 317 } 318 EXPORT_SYMBOL_GPL(fat_getattr); 319 320 static int fat_sanitize_mode(const struct msdos_sb_info *sbi, 321 struct inode *inode, umode_t *mode_ptr) 322 { 323 umode_t mask, perm; 324 325 /* 326 * Note, the basic check is already done by a caller of 327 * (attr->ia_mode & ~FAT_VALID_MODE) 328 */ 329 330 if (S_ISREG(inode->i_mode)) 331 mask = sbi->options.fs_fmask; 332 else 333 mask = sbi->options.fs_dmask; 334 335 perm = *mode_ptr & ~(S_IFMT | mask); 336 337 /* 338 * Of the r and x bits, all (subject to umask) must be present. Of the 339 * w bits, either all (subject to umask) or none must be present. 340 * 341 * If fat_mode_can_hold_ro(inode) is false, can't change w bits. 342 */ 343 if ((perm & (S_IRUGO | S_IXUGO)) != (inode->i_mode & (S_IRUGO|S_IXUGO))) 344 return -EPERM; 345 if (fat_mode_can_hold_ro(inode)) { 346 if ((perm & S_IWUGO) && ((perm & S_IWUGO) != (S_IWUGO & ~mask))) 347 return -EPERM; 348 } else { 349 if ((perm & S_IWUGO) != (S_IWUGO & ~mask)) 350 return -EPERM; 351 } 352 353 *mode_ptr &= S_IFMT | perm; 354 355 return 0; 356 } 357 358 static int fat_allow_set_time(struct msdos_sb_info *sbi, struct inode *inode) 359 { 360 umode_t allow_utime = sbi->options.allow_utime; 361 362 if (!uid_eq(current_fsuid(), inode->i_uid)) { 363 if (in_group_p(inode->i_gid)) 364 allow_utime >>= 3; 365 if (allow_utime & MAY_WRITE) 366 return 1; 367 } 368 369 /* use a default check */ 370 return 0; 371 } 372 373 #define TIMES_SET_FLAGS (ATTR_MTIME_SET | ATTR_ATIME_SET | ATTR_TIMES_SET) 374 /* valid file mode bits */ 375 #define FAT_VALID_MODE (S_IFREG | S_IFDIR | S_IRWXUGO) 376 377 int fat_setattr(struct dentry *dentry, struct iattr *attr) 378 { 379 struct msdos_sb_info *sbi = MSDOS_SB(dentry->d_sb); 380 struct inode *inode = d_inode(dentry); 381 unsigned int ia_valid; 382 int error; 383 384 /* Check for setting the inode time. */ 385 ia_valid = attr->ia_valid; 386 if (ia_valid & TIMES_SET_FLAGS) { 387 if (fat_allow_set_time(sbi, inode)) 388 attr->ia_valid &= ~TIMES_SET_FLAGS; 389 } 390 391 error = inode_change_ok(inode, attr); 392 attr->ia_valid = ia_valid; 393 if (error) { 394 if (sbi->options.quiet) 395 error = 0; 396 goto out; 397 } 398 399 /* 400 * Expand the file. Since inode_setattr() updates ->i_size 401 * before calling the ->truncate(), but FAT needs to fill the 402 * hole before it. XXX: this is no longer true with new truncate 403 * sequence. 404 */ 405 if (attr->ia_valid & ATTR_SIZE) { 406 inode_dio_wait(inode); 407 408 if (attr->ia_size > inode->i_size) { 409 error = fat_cont_expand(inode, attr->ia_size); 410 if (error || attr->ia_valid == ATTR_SIZE) 411 goto out; 412 attr->ia_valid &= ~ATTR_SIZE; 413 } 414 } 415 416 if (((attr->ia_valid & ATTR_UID) && 417 (!uid_eq(attr->ia_uid, sbi->options.fs_uid))) || 418 ((attr->ia_valid & ATTR_GID) && 419 (!gid_eq(attr->ia_gid, sbi->options.fs_gid))) || 420 ((attr->ia_valid & ATTR_MODE) && 421 (attr->ia_mode & ~FAT_VALID_MODE))) 422 error = -EPERM; 423 424 if (error) { 425 if (sbi->options.quiet) 426 error = 0; 427 goto out; 428 } 429 430 /* 431 * We don't return -EPERM here. Yes, strange, but this is too 432 * old behavior. 433 */ 434 if (attr->ia_valid & ATTR_MODE) { 435 if (fat_sanitize_mode(sbi, inode, &attr->ia_mode) < 0) 436 attr->ia_valid &= ~ATTR_MODE; 437 } 438 439 if (attr->ia_valid & ATTR_SIZE) { 440 error = fat_block_truncate_page(inode, attr->ia_size); 441 if (error) 442 goto out; 443 down_write(&MSDOS_I(inode)->truncate_lock); 444 truncate_setsize(inode, attr->ia_size); 445 fat_truncate_blocks(inode, attr->ia_size); 446 up_write(&MSDOS_I(inode)->truncate_lock); 447 } 448 449 setattr_copy(inode, attr); 450 mark_inode_dirty(inode); 451 out: 452 return error; 453 } 454 EXPORT_SYMBOL_GPL(fat_setattr); 455 456 const struct inode_operations fat_file_inode_operations = { 457 .setattr = fat_setattr, 458 .getattr = fat_getattr, 459 }; 460