1 /* 2 * Quota code necessary even when VFS quota support is not compiled 3 * into the kernel. The interesting stuff is over in dquot.c, here 4 * we have symbols for initial quotactl(2) handling, the sysctl(2) 5 * variables, etc - things needed even when quota support disabled. 6 */ 7 8 #include <linux/fs.h> 9 #include <linux/namei.h> 10 #include <linux/slab.h> 11 #include <asm/current.h> 12 #include <linux/uaccess.h> 13 #include <linux/kernel.h> 14 #include <linux/security.h> 15 #include <linux/syscalls.h> 16 #include <linux/capability.h> 17 #include <linux/quotaops.h> 18 #include <linux/types.h> 19 #include <linux/writeback.h> 20 21 static int check_quotactl_permission(struct super_block *sb, int type, int cmd, 22 qid_t id) 23 { 24 switch (cmd) { 25 /* these commands do not require any special privilegues */ 26 case Q_GETFMT: 27 case Q_SYNC: 28 case Q_GETINFO: 29 case Q_XGETQSTAT: 30 case Q_XGETQSTATV: 31 case Q_XQUOTASYNC: 32 break; 33 /* allow to query information for dquots we "own" */ 34 case Q_GETQUOTA: 35 case Q_XGETQUOTA: 36 if ((type == USRQUOTA && uid_eq(current_euid(), make_kuid(current_user_ns(), id))) || 37 (type == GRPQUOTA && in_egroup_p(make_kgid(current_user_ns(), id)))) 38 break; 39 /*FALLTHROUGH*/ 40 default: 41 if (!capable(CAP_SYS_ADMIN)) 42 return -EPERM; 43 } 44 45 return security_quotactl(cmd, type, id, sb); 46 } 47 48 static void quota_sync_one(struct super_block *sb, void *arg) 49 { 50 if (sb->s_qcop && sb->s_qcop->quota_sync) 51 sb->s_qcop->quota_sync(sb, *(int *)arg); 52 } 53 54 static int quota_sync_all(int type) 55 { 56 int ret; 57 58 if (type >= MAXQUOTAS) 59 return -EINVAL; 60 ret = security_quotactl(Q_SYNC, type, 0, NULL); 61 if (!ret) 62 iterate_supers(quota_sync_one, &type); 63 return ret; 64 } 65 66 static int quota_quotaon(struct super_block *sb, int type, int cmd, qid_t id, 67 struct path *path) 68 { 69 if (!sb->s_qcop->quota_on && !sb->s_qcop->quota_on_meta) 70 return -ENOSYS; 71 if (sb->s_qcop->quota_on_meta) 72 return sb->s_qcop->quota_on_meta(sb, type, id); 73 if (IS_ERR(path)) 74 return PTR_ERR(path); 75 return sb->s_qcop->quota_on(sb, type, id, path); 76 } 77 78 static int quota_getfmt(struct super_block *sb, int type, void __user *addr) 79 { 80 __u32 fmt; 81 82 down_read(&sb_dqopt(sb)->dqptr_sem); 83 if (!sb_has_quota_active(sb, type)) { 84 up_read(&sb_dqopt(sb)->dqptr_sem); 85 return -ESRCH; 86 } 87 fmt = sb_dqopt(sb)->info[type].dqi_format->qf_fmt_id; 88 up_read(&sb_dqopt(sb)->dqptr_sem); 89 if (copy_to_user(addr, &fmt, sizeof(fmt))) 90 return -EFAULT; 91 return 0; 92 } 93 94 static int quota_getinfo(struct super_block *sb, int type, void __user *addr) 95 { 96 struct if_dqinfo info; 97 int ret; 98 99 if (!sb->s_qcop->get_info) 100 return -ENOSYS; 101 ret = sb->s_qcop->get_info(sb, type, &info); 102 if (!ret && copy_to_user(addr, &info, sizeof(info))) 103 return -EFAULT; 104 return ret; 105 } 106 107 static int quota_setinfo(struct super_block *sb, int type, void __user *addr) 108 { 109 struct if_dqinfo info; 110 111 if (copy_from_user(&info, addr, sizeof(info))) 112 return -EFAULT; 113 if (!sb->s_qcop->set_info) 114 return -ENOSYS; 115 return sb->s_qcop->set_info(sb, type, &info); 116 } 117 118 static void copy_to_if_dqblk(struct if_dqblk *dst, struct fs_disk_quota *src) 119 { 120 memset(dst, 0, sizeof(*dst)); 121 dst->dqb_bhardlimit = src->d_blk_hardlimit; 122 dst->dqb_bsoftlimit = src->d_blk_softlimit; 123 dst->dqb_curspace = src->d_bcount; 124 dst->dqb_ihardlimit = src->d_ino_hardlimit; 125 dst->dqb_isoftlimit = src->d_ino_softlimit; 126 dst->dqb_curinodes = src->d_icount; 127 dst->dqb_btime = src->d_btimer; 128 dst->dqb_itime = src->d_itimer; 129 dst->dqb_valid = QIF_ALL; 130 } 131 132 static int quota_getquota(struct super_block *sb, int type, qid_t id, 133 void __user *addr) 134 { 135 struct kqid qid; 136 struct fs_disk_quota fdq; 137 struct if_dqblk idq; 138 int ret; 139 140 if (!sb->s_qcop->get_dqblk) 141 return -ENOSYS; 142 qid = make_kqid(current_user_ns(), type, id); 143 if (!qid_valid(qid)) 144 return -EINVAL; 145 ret = sb->s_qcop->get_dqblk(sb, qid, &fdq); 146 if (ret) 147 return ret; 148 copy_to_if_dqblk(&idq, &fdq); 149 if (copy_to_user(addr, &idq, sizeof(idq))) 150 return -EFAULT; 151 return 0; 152 } 153 154 static void copy_from_if_dqblk(struct fs_disk_quota *dst, struct if_dqblk *src) 155 { 156 dst->d_blk_hardlimit = src->dqb_bhardlimit; 157 dst->d_blk_softlimit = src->dqb_bsoftlimit; 158 dst->d_bcount = src->dqb_curspace; 159 dst->d_ino_hardlimit = src->dqb_ihardlimit; 160 dst->d_ino_softlimit = src->dqb_isoftlimit; 161 dst->d_icount = src->dqb_curinodes; 162 dst->d_btimer = src->dqb_btime; 163 dst->d_itimer = src->dqb_itime; 164 165 dst->d_fieldmask = 0; 166 if (src->dqb_valid & QIF_BLIMITS) 167 dst->d_fieldmask |= FS_DQ_BSOFT | FS_DQ_BHARD; 168 if (src->dqb_valid & QIF_SPACE) 169 dst->d_fieldmask |= FS_DQ_BCOUNT; 170 if (src->dqb_valid & QIF_ILIMITS) 171 dst->d_fieldmask |= FS_DQ_ISOFT | FS_DQ_IHARD; 172 if (src->dqb_valid & QIF_INODES) 173 dst->d_fieldmask |= FS_DQ_ICOUNT; 174 if (src->dqb_valid & QIF_BTIME) 175 dst->d_fieldmask |= FS_DQ_BTIMER; 176 if (src->dqb_valid & QIF_ITIME) 177 dst->d_fieldmask |= FS_DQ_ITIMER; 178 } 179 180 static int quota_setquota(struct super_block *sb, int type, qid_t id, 181 void __user *addr) 182 { 183 struct fs_disk_quota fdq; 184 struct if_dqblk idq; 185 struct kqid qid; 186 187 if (copy_from_user(&idq, addr, sizeof(idq))) 188 return -EFAULT; 189 if (!sb->s_qcop->set_dqblk) 190 return -ENOSYS; 191 qid = make_kqid(current_user_ns(), type, id); 192 if (!qid_valid(qid)) 193 return -EINVAL; 194 copy_from_if_dqblk(&fdq, &idq); 195 return sb->s_qcop->set_dqblk(sb, qid, &fdq); 196 } 197 198 static int quota_setxstate(struct super_block *sb, int cmd, void __user *addr) 199 { 200 __u32 flags; 201 202 if (copy_from_user(&flags, addr, sizeof(flags))) 203 return -EFAULT; 204 if (!sb->s_qcop->set_xstate) 205 return -ENOSYS; 206 return sb->s_qcop->set_xstate(sb, flags, cmd); 207 } 208 209 static int quota_getxstate(struct super_block *sb, void __user *addr) 210 { 211 struct fs_quota_stat fqs; 212 int ret; 213 214 if (!sb->s_qcop->get_xstate) 215 return -ENOSYS; 216 ret = sb->s_qcop->get_xstate(sb, &fqs); 217 if (!ret && copy_to_user(addr, &fqs, sizeof(fqs))) 218 return -EFAULT; 219 return ret; 220 } 221 222 static int quota_getxstatev(struct super_block *sb, void __user *addr) 223 { 224 struct fs_quota_statv fqs; 225 int ret; 226 227 if (!sb->s_qcop->get_xstatev) 228 return -ENOSYS; 229 230 memset(&fqs, 0, sizeof(fqs)); 231 if (copy_from_user(&fqs, addr, 1)) /* Just read qs_version */ 232 return -EFAULT; 233 234 /* If this kernel doesn't support user specified version, fail */ 235 switch (fqs.qs_version) { 236 case FS_QSTATV_VERSION1: 237 break; 238 default: 239 return -EINVAL; 240 } 241 ret = sb->s_qcop->get_xstatev(sb, &fqs); 242 if (!ret && copy_to_user(addr, &fqs, sizeof(fqs))) 243 return -EFAULT; 244 return ret; 245 } 246 247 static int quota_setxquota(struct super_block *sb, int type, qid_t id, 248 void __user *addr) 249 { 250 struct fs_disk_quota fdq; 251 struct kqid qid; 252 253 if (copy_from_user(&fdq, addr, sizeof(fdq))) 254 return -EFAULT; 255 if (!sb->s_qcop->set_dqblk) 256 return -ENOSYS; 257 qid = make_kqid(current_user_ns(), type, id); 258 if (!qid_valid(qid)) 259 return -EINVAL; 260 return sb->s_qcop->set_dqblk(sb, qid, &fdq); 261 } 262 263 static int quota_getxquota(struct super_block *sb, int type, qid_t id, 264 void __user *addr) 265 { 266 struct fs_disk_quota fdq; 267 struct kqid qid; 268 int ret; 269 270 if (!sb->s_qcop->get_dqblk) 271 return -ENOSYS; 272 qid = make_kqid(current_user_ns(), type, id); 273 if (!qid_valid(qid)) 274 return -EINVAL; 275 ret = sb->s_qcop->get_dqblk(sb, qid, &fdq); 276 if (!ret && copy_to_user(addr, &fdq, sizeof(fdq))) 277 return -EFAULT; 278 return ret; 279 } 280 281 static int quota_rmxquota(struct super_block *sb, void __user *addr) 282 { 283 __u32 flags; 284 285 if (copy_from_user(&flags, addr, sizeof(flags))) 286 return -EFAULT; 287 if (!sb->s_qcop->rm_xquota) 288 return -ENOSYS; 289 return sb->s_qcop->rm_xquota(sb, flags); 290 } 291 292 /* Copy parameters and call proper function */ 293 static int do_quotactl(struct super_block *sb, int type, int cmd, qid_t id, 294 void __user *addr, struct path *path) 295 { 296 int ret; 297 298 if (type >= (XQM_COMMAND(cmd) ? XQM_MAXQUOTAS : MAXQUOTAS)) 299 return -EINVAL; 300 if (!sb->s_qcop) 301 return -ENOSYS; 302 303 ret = check_quotactl_permission(sb, type, cmd, id); 304 if (ret < 0) 305 return ret; 306 307 switch (cmd) { 308 case Q_QUOTAON: 309 return quota_quotaon(sb, type, cmd, id, path); 310 case Q_QUOTAOFF: 311 if (!sb->s_qcop->quota_off) 312 return -ENOSYS; 313 return sb->s_qcop->quota_off(sb, type); 314 case Q_GETFMT: 315 return quota_getfmt(sb, type, addr); 316 case Q_GETINFO: 317 return quota_getinfo(sb, type, addr); 318 case Q_SETINFO: 319 return quota_setinfo(sb, type, addr); 320 case Q_GETQUOTA: 321 return quota_getquota(sb, type, id, addr); 322 case Q_SETQUOTA: 323 return quota_setquota(sb, type, id, addr); 324 case Q_SYNC: 325 if (!sb->s_qcop->quota_sync) 326 return -ENOSYS; 327 return sb->s_qcop->quota_sync(sb, type); 328 case Q_XQUOTAON: 329 case Q_XQUOTAOFF: 330 return quota_setxstate(sb, cmd, addr); 331 case Q_XQUOTARM: 332 return quota_rmxquota(sb, addr); 333 case Q_XGETQSTAT: 334 return quota_getxstate(sb, addr); 335 case Q_XGETQSTATV: 336 return quota_getxstatev(sb, addr); 337 case Q_XSETQLIM: 338 return quota_setxquota(sb, type, id, addr); 339 case Q_XGETQUOTA: 340 return quota_getxquota(sb, type, id, addr); 341 case Q_XQUOTASYNC: 342 if (sb->s_flags & MS_RDONLY) 343 return -EROFS; 344 /* XFS quotas are fully coherent now, making this call a noop */ 345 return 0; 346 default: 347 return -EINVAL; 348 } 349 } 350 351 #ifdef CONFIG_BLOCK 352 353 /* Return 1 if 'cmd' will block on frozen filesystem */ 354 static int quotactl_cmd_write(int cmd) 355 { 356 switch (cmd) { 357 case Q_GETFMT: 358 case Q_GETINFO: 359 case Q_SYNC: 360 case Q_XGETQSTAT: 361 case Q_XGETQSTATV: 362 case Q_XGETQUOTA: 363 case Q_XQUOTASYNC: 364 return 0; 365 } 366 return 1; 367 } 368 369 #endif /* CONFIG_BLOCK */ 370 371 /* 372 * look up a superblock on which quota ops will be performed 373 * - use the name of a block device to find the superblock thereon 374 */ 375 static struct super_block *quotactl_block(const char __user *special, int cmd) 376 { 377 #ifdef CONFIG_BLOCK 378 struct block_device *bdev; 379 struct super_block *sb; 380 struct filename *tmp = getname(special); 381 382 if (IS_ERR(tmp)) 383 return ERR_CAST(tmp); 384 bdev = lookup_bdev(tmp->name); 385 putname(tmp); 386 if (IS_ERR(bdev)) 387 return ERR_CAST(bdev); 388 if (quotactl_cmd_write(cmd)) 389 sb = get_super_thawed(bdev); 390 else 391 sb = get_super(bdev); 392 bdput(bdev); 393 if (!sb) 394 return ERR_PTR(-ENODEV); 395 396 return sb; 397 #else 398 return ERR_PTR(-ENODEV); 399 #endif 400 } 401 402 /* 403 * This is the system call interface. This communicates with 404 * the user-level programs. Currently this only supports diskquota 405 * calls. Maybe we need to add the process quotas etc. in the future, 406 * but we probably should use rlimits for that. 407 */ 408 SYSCALL_DEFINE4(quotactl, unsigned int, cmd, const char __user *, special, 409 qid_t, id, void __user *, addr) 410 { 411 uint cmds, type; 412 struct super_block *sb = NULL; 413 struct path path, *pathp = NULL; 414 int ret; 415 416 cmds = cmd >> SUBCMDSHIFT; 417 type = cmd & SUBCMDMASK; 418 419 /* 420 * As a special case Q_SYNC can be called without a specific device. 421 * It will iterate all superblocks that have quota enabled and call 422 * the sync action on each of them. 423 */ 424 if (!special) { 425 if (cmds == Q_SYNC) 426 return quota_sync_all(type); 427 return -ENODEV; 428 } 429 430 /* 431 * Path for quotaon has to be resolved before grabbing superblock 432 * because that gets s_umount sem which is also possibly needed by path 433 * resolution (think about autofs) and thus deadlocks could arise. 434 */ 435 if (cmds == Q_QUOTAON) { 436 ret = user_path_at(AT_FDCWD, addr, LOOKUP_FOLLOW|LOOKUP_AUTOMOUNT, &path); 437 if (ret) 438 pathp = ERR_PTR(ret); 439 else 440 pathp = &path; 441 } 442 443 sb = quotactl_block(special, cmds); 444 if (IS_ERR(sb)) { 445 ret = PTR_ERR(sb); 446 goto out; 447 } 448 449 ret = do_quotactl(sb, type, cmds, id, addr, pathp); 450 451 drop_super(sb); 452 out: 453 if (pathp && !IS_ERR(pathp)) 454 path_put(pathp); 455 return ret; 456 } 457