1 /* 2 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 3 * All Rights Reserved. 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it would be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write the Free Software Foundation, 16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 17 */ 18 #include "xfs.h" 19 #include "xfs_fs.h" 20 #include "xfs_shared.h" 21 #include "xfs_format.h" 22 #include "xfs_log_format.h" 23 #include "xfs_trans_resv.h" 24 #include "xfs_mount.h" 25 #include "xfs_inode.h" 26 #include "xfs_ioctl.h" 27 #include "xfs_alloc.h" 28 #include "xfs_rtalloc.h" 29 #include "xfs_itable.h" 30 #include "xfs_error.h" 31 #include "xfs_attr.h" 32 #include "xfs_bmap.h" 33 #include "xfs_bmap_util.h" 34 #include "xfs_fsops.h" 35 #include "xfs_discard.h" 36 #include "xfs_quota.h" 37 #include "xfs_export.h" 38 #include "xfs_trace.h" 39 #include "xfs_icache.h" 40 #include "xfs_symlink.h" 41 #include "xfs_trans.h" 42 #include "xfs_pnfs.h" 43 #include "xfs_acl.h" 44 45 #include <linux/capability.h> 46 #include <linux/cred.h> 47 #include <linux/dcache.h> 48 #include <linux/mount.h> 49 #include <linux/namei.h> 50 #include <linux/pagemap.h> 51 #include <linux/slab.h> 52 #include <linux/exportfs.h> 53 54 /* 55 * xfs_find_handle maps from userspace xfs_fsop_handlereq structure to 56 * a file or fs handle. 57 * 58 * XFS_IOC_PATH_TO_FSHANDLE 59 * returns fs handle for a mount point or path within that mount point 60 * XFS_IOC_FD_TO_HANDLE 61 * returns full handle for a FD opened in user space 62 * XFS_IOC_PATH_TO_HANDLE 63 * returns full handle for a path 64 */ 65 int 66 xfs_find_handle( 67 unsigned int cmd, 68 xfs_fsop_handlereq_t *hreq) 69 { 70 int hsize; 71 xfs_handle_t handle; 72 struct inode *inode; 73 struct fd f = {NULL}; 74 struct path path; 75 int error; 76 struct xfs_inode *ip; 77 78 if (cmd == XFS_IOC_FD_TO_HANDLE) { 79 f = fdget(hreq->fd); 80 if (!f.file) 81 return -EBADF; 82 inode = file_inode(f.file); 83 } else { 84 error = user_lpath((const char __user *)hreq->path, &path); 85 if (error) 86 return error; 87 inode = d_inode(path.dentry); 88 } 89 ip = XFS_I(inode); 90 91 /* 92 * We can only generate handles for inodes residing on a XFS filesystem, 93 * and only for regular files, directories or symbolic links. 94 */ 95 error = -EINVAL; 96 if (inode->i_sb->s_magic != XFS_SB_MAGIC) 97 goto out_put; 98 99 error = -EBADF; 100 if (!S_ISREG(inode->i_mode) && 101 !S_ISDIR(inode->i_mode) && 102 !S_ISLNK(inode->i_mode)) 103 goto out_put; 104 105 106 memcpy(&handle.ha_fsid, ip->i_mount->m_fixedfsid, sizeof(xfs_fsid_t)); 107 108 if (cmd == XFS_IOC_PATH_TO_FSHANDLE) { 109 /* 110 * This handle only contains an fsid, zero the rest. 111 */ 112 memset(&handle.ha_fid, 0, sizeof(handle.ha_fid)); 113 hsize = sizeof(xfs_fsid_t); 114 } else { 115 handle.ha_fid.fid_len = sizeof(xfs_fid_t) - 116 sizeof(handle.ha_fid.fid_len); 117 handle.ha_fid.fid_pad = 0; 118 handle.ha_fid.fid_gen = inode->i_generation; 119 handle.ha_fid.fid_ino = ip->i_ino; 120 121 hsize = XFS_HSIZE(handle); 122 } 123 124 error = -EFAULT; 125 if (copy_to_user(hreq->ohandle, &handle, hsize) || 126 copy_to_user(hreq->ohandlen, &hsize, sizeof(__s32))) 127 goto out_put; 128 129 error = 0; 130 131 out_put: 132 if (cmd == XFS_IOC_FD_TO_HANDLE) 133 fdput(f); 134 else 135 path_put(&path); 136 return error; 137 } 138 139 /* 140 * No need to do permission checks on the various pathname components 141 * as the handle operations are privileged. 142 */ 143 STATIC int 144 xfs_handle_acceptable( 145 void *context, 146 struct dentry *dentry) 147 { 148 return 1; 149 } 150 151 /* 152 * Convert userspace handle data into a dentry. 153 */ 154 struct dentry * 155 xfs_handle_to_dentry( 156 struct file *parfilp, 157 void __user *uhandle, 158 u32 hlen) 159 { 160 xfs_handle_t handle; 161 struct xfs_fid64 fid; 162 163 /* 164 * Only allow handle opens under a directory. 165 */ 166 if (!S_ISDIR(file_inode(parfilp)->i_mode)) 167 return ERR_PTR(-ENOTDIR); 168 169 if (hlen != sizeof(xfs_handle_t)) 170 return ERR_PTR(-EINVAL); 171 if (copy_from_user(&handle, uhandle, hlen)) 172 return ERR_PTR(-EFAULT); 173 if (handle.ha_fid.fid_len != 174 sizeof(handle.ha_fid) - sizeof(handle.ha_fid.fid_len)) 175 return ERR_PTR(-EINVAL); 176 177 memset(&fid, 0, sizeof(struct fid)); 178 fid.ino = handle.ha_fid.fid_ino; 179 fid.gen = handle.ha_fid.fid_gen; 180 181 return exportfs_decode_fh(parfilp->f_path.mnt, (struct fid *)&fid, 3, 182 FILEID_INO32_GEN | XFS_FILEID_TYPE_64FLAG, 183 xfs_handle_acceptable, NULL); 184 } 185 186 STATIC struct dentry * 187 xfs_handlereq_to_dentry( 188 struct file *parfilp, 189 xfs_fsop_handlereq_t *hreq) 190 { 191 return xfs_handle_to_dentry(parfilp, hreq->ihandle, hreq->ihandlen); 192 } 193 194 int 195 xfs_open_by_handle( 196 struct file *parfilp, 197 xfs_fsop_handlereq_t *hreq) 198 { 199 const struct cred *cred = current_cred(); 200 int error; 201 int fd; 202 int permflag; 203 struct file *filp; 204 struct inode *inode; 205 struct dentry *dentry; 206 fmode_t fmode; 207 struct path path; 208 209 if (!capable(CAP_SYS_ADMIN)) 210 return -EPERM; 211 212 dentry = xfs_handlereq_to_dentry(parfilp, hreq); 213 if (IS_ERR(dentry)) 214 return PTR_ERR(dentry); 215 inode = d_inode(dentry); 216 217 /* Restrict xfs_open_by_handle to directories & regular files. */ 218 if (!(S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode))) { 219 error = -EPERM; 220 goto out_dput; 221 } 222 223 #if BITS_PER_LONG != 32 224 hreq->oflags |= O_LARGEFILE; 225 #endif 226 227 permflag = hreq->oflags; 228 fmode = OPEN_FMODE(permflag); 229 if ((!(permflag & O_APPEND) || (permflag & O_TRUNC)) && 230 (fmode & FMODE_WRITE) && IS_APPEND(inode)) { 231 error = -EPERM; 232 goto out_dput; 233 } 234 235 if ((fmode & FMODE_WRITE) && IS_IMMUTABLE(inode)) { 236 error = -EPERM; 237 goto out_dput; 238 } 239 240 /* Can't write directories. */ 241 if (S_ISDIR(inode->i_mode) && (fmode & FMODE_WRITE)) { 242 error = -EISDIR; 243 goto out_dput; 244 } 245 246 fd = get_unused_fd_flags(0); 247 if (fd < 0) { 248 error = fd; 249 goto out_dput; 250 } 251 252 path.mnt = parfilp->f_path.mnt; 253 path.dentry = dentry; 254 filp = dentry_open(&path, hreq->oflags, cred); 255 dput(dentry); 256 if (IS_ERR(filp)) { 257 put_unused_fd(fd); 258 return PTR_ERR(filp); 259 } 260 261 if (S_ISREG(inode->i_mode)) { 262 filp->f_flags |= O_NOATIME; 263 filp->f_mode |= FMODE_NOCMTIME; 264 } 265 266 fd_install(fd, filp); 267 return fd; 268 269 out_dput: 270 dput(dentry); 271 return error; 272 } 273 274 int 275 xfs_readlink_by_handle( 276 struct file *parfilp, 277 xfs_fsop_handlereq_t *hreq) 278 { 279 struct dentry *dentry; 280 __u32 olen; 281 int error; 282 283 if (!capable(CAP_SYS_ADMIN)) 284 return -EPERM; 285 286 dentry = xfs_handlereq_to_dentry(parfilp, hreq); 287 if (IS_ERR(dentry)) 288 return PTR_ERR(dentry); 289 290 /* Restrict this handle operation to symlinks only. */ 291 if (!d_is_symlink(dentry)) { 292 error = -EINVAL; 293 goto out_dput; 294 } 295 296 if (copy_from_user(&olen, hreq->ohandlen, sizeof(__u32))) { 297 error = -EFAULT; 298 goto out_dput; 299 } 300 301 error = vfs_readlink(dentry, hreq->ohandle, olen); 302 303 out_dput: 304 dput(dentry); 305 return error; 306 } 307 308 int 309 xfs_set_dmattrs( 310 xfs_inode_t *ip, 311 u_int evmask, 312 u_int16_t state) 313 { 314 xfs_mount_t *mp = ip->i_mount; 315 xfs_trans_t *tp; 316 int error; 317 318 if (!capable(CAP_SYS_ADMIN)) 319 return -EPERM; 320 321 if (XFS_FORCED_SHUTDOWN(mp)) 322 return -EIO; 323 324 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_ichange, 0, 0, 0, &tp); 325 if (error) 326 return error; 327 328 xfs_ilock(ip, XFS_ILOCK_EXCL); 329 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL); 330 331 ip->i_d.di_dmevmask = evmask; 332 ip->i_d.di_dmstate = state; 333 334 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 335 error = xfs_trans_commit(tp); 336 337 return error; 338 } 339 340 STATIC int 341 xfs_fssetdm_by_handle( 342 struct file *parfilp, 343 void __user *arg) 344 { 345 int error; 346 struct fsdmidata fsd; 347 xfs_fsop_setdm_handlereq_t dmhreq; 348 struct dentry *dentry; 349 350 if (!capable(CAP_MKNOD)) 351 return -EPERM; 352 if (copy_from_user(&dmhreq, arg, sizeof(xfs_fsop_setdm_handlereq_t))) 353 return -EFAULT; 354 355 error = mnt_want_write_file(parfilp); 356 if (error) 357 return error; 358 359 dentry = xfs_handlereq_to_dentry(parfilp, &dmhreq.hreq); 360 if (IS_ERR(dentry)) { 361 mnt_drop_write_file(parfilp); 362 return PTR_ERR(dentry); 363 } 364 365 if (IS_IMMUTABLE(d_inode(dentry)) || IS_APPEND(d_inode(dentry))) { 366 error = -EPERM; 367 goto out; 368 } 369 370 if (copy_from_user(&fsd, dmhreq.data, sizeof(fsd))) { 371 error = -EFAULT; 372 goto out; 373 } 374 375 error = xfs_set_dmattrs(XFS_I(d_inode(dentry)), fsd.fsd_dmevmask, 376 fsd.fsd_dmstate); 377 378 out: 379 mnt_drop_write_file(parfilp); 380 dput(dentry); 381 return error; 382 } 383 384 STATIC int 385 xfs_attrlist_by_handle( 386 struct file *parfilp, 387 void __user *arg) 388 { 389 int error = -ENOMEM; 390 attrlist_cursor_kern_t *cursor; 391 struct xfs_fsop_attrlist_handlereq __user *p = arg; 392 xfs_fsop_attrlist_handlereq_t al_hreq; 393 struct dentry *dentry; 394 char *kbuf; 395 396 if (!capable(CAP_SYS_ADMIN)) 397 return -EPERM; 398 if (copy_from_user(&al_hreq, arg, sizeof(xfs_fsop_attrlist_handlereq_t))) 399 return -EFAULT; 400 if (al_hreq.buflen < sizeof(struct attrlist) || 401 al_hreq.buflen > XFS_XATTR_LIST_MAX) 402 return -EINVAL; 403 404 /* 405 * Reject flags, only allow namespaces. 406 */ 407 if (al_hreq.flags & ~(ATTR_ROOT | ATTR_SECURE)) 408 return -EINVAL; 409 410 dentry = xfs_handlereq_to_dentry(parfilp, &al_hreq.hreq); 411 if (IS_ERR(dentry)) 412 return PTR_ERR(dentry); 413 414 kbuf = kmem_zalloc_large(al_hreq.buflen, KM_SLEEP); 415 if (!kbuf) 416 goto out_dput; 417 418 cursor = (attrlist_cursor_kern_t *)&al_hreq.pos; 419 error = xfs_attr_list(XFS_I(d_inode(dentry)), kbuf, al_hreq.buflen, 420 al_hreq.flags, cursor); 421 if (error) 422 goto out_kfree; 423 424 if (copy_to_user(&p->pos, cursor, sizeof(attrlist_cursor_kern_t))) { 425 error = -EFAULT; 426 goto out_kfree; 427 } 428 429 if (copy_to_user(al_hreq.buffer, kbuf, al_hreq.buflen)) 430 error = -EFAULT; 431 432 out_kfree: 433 kmem_free(kbuf); 434 out_dput: 435 dput(dentry); 436 return error; 437 } 438 439 int 440 xfs_attrmulti_attr_get( 441 struct inode *inode, 442 unsigned char *name, 443 unsigned char __user *ubuf, 444 __uint32_t *len, 445 __uint32_t flags) 446 { 447 unsigned char *kbuf; 448 int error = -EFAULT; 449 450 if (*len > XFS_XATTR_SIZE_MAX) 451 return -EINVAL; 452 kbuf = kmem_zalloc_large(*len, KM_SLEEP); 453 if (!kbuf) 454 return -ENOMEM; 455 456 error = xfs_attr_get(XFS_I(inode), name, kbuf, (int *)len, flags); 457 if (error) 458 goto out_kfree; 459 460 if (copy_to_user(ubuf, kbuf, *len)) 461 error = -EFAULT; 462 463 out_kfree: 464 kmem_free(kbuf); 465 return error; 466 } 467 468 int 469 xfs_attrmulti_attr_set( 470 struct inode *inode, 471 unsigned char *name, 472 const unsigned char __user *ubuf, 473 __uint32_t len, 474 __uint32_t flags) 475 { 476 unsigned char *kbuf; 477 int error; 478 479 if (IS_IMMUTABLE(inode) || IS_APPEND(inode)) 480 return -EPERM; 481 if (len > XFS_XATTR_SIZE_MAX) 482 return -EINVAL; 483 484 kbuf = memdup_user(ubuf, len); 485 if (IS_ERR(kbuf)) 486 return PTR_ERR(kbuf); 487 488 error = xfs_attr_set(XFS_I(inode), name, kbuf, len, flags); 489 if (!error) 490 xfs_forget_acl(inode, name, flags); 491 kfree(kbuf); 492 return error; 493 } 494 495 int 496 xfs_attrmulti_attr_remove( 497 struct inode *inode, 498 unsigned char *name, 499 __uint32_t flags) 500 { 501 int error; 502 503 if (IS_IMMUTABLE(inode) || IS_APPEND(inode)) 504 return -EPERM; 505 error = xfs_attr_remove(XFS_I(inode), name, flags); 506 if (!error) 507 xfs_forget_acl(inode, name, flags); 508 return error; 509 } 510 511 STATIC int 512 xfs_attrmulti_by_handle( 513 struct file *parfilp, 514 void __user *arg) 515 { 516 int error; 517 xfs_attr_multiop_t *ops; 518 xfs_fsop_attrmulti_handlereq_t am_hreq; 519 struct dentry *dentry; 520 unsigned int i, size; 521 unsigned char *attr_name; 522 523 if (!capable(CAP_SYS_ADMIN)) 524 return -EPERM; 525 if (copy_from_user(&am_hreq, arg, sizeof(xfs_fsop_attrmulti_handlereq_t))) 526 return -EFAULT; 527 528 /* overflow check */ 529 if (am_hreq.opcount >= INT_MAX / sizeof(xfs_attr_multiop_t)) 530 return -E2BIG; 531 532 dentry = xfs_handlereq_to_dentry(parfilp, &am_hreq.hreq); 533 if (IS_ERR(dentry)) 534 return PTR_ERR(dentry); 535 536 error = -E2BIG; 537 size = am_hreq.opcount * sizeof(xfs_attr_multiop_t); 538 if (!size || size > 16 * PAGE_SIZE) 539 goto out_dput; 540 541 ops = memdup_user(am_hreq.ops, size); 542 if (IS_ERR(ops)) { 543 error = PTR_ERR(ops); 544 goto out_dput; 545 } 546 547 error = -ENOMEM; 548 attr_name = kmalloc(MAXNAMELEN, GFP_KERNEL); 549 if (!attr_name) 550 goto out_kfree_ops; 551 552 error = 0; 553 for (i = 0; i < am_hreq.opcount; i++) { 554 ops[i].am_error = strncpy_from_user((char *)attr_name, 555 ops[i].am_attrname, MAXNAMELEN); 556 if (ops[i].am_error == 0 || ops[i].am_error == MAXNAMELEN) 557 error = -ERANGE; 558 if (ops[i].am_error < 0) 559 break; 560 561 switch (ops[i].am_opcode) { 562 case ATTR_OP_GET: 563 ops[i].am_error = xfs_attrmulti_attr_get( 564 d_inode(dentry), attr_name, 565 ops[i].am_attrvalue, &ops[i].am_length, 566 ops[i].am_flags); 567 break; 568 case ATTR_OP_SET: 569 ops[i].am_error = mnt_want_write_file(parfilp); 570 if (ops[i].am_error) 571 break; 572 ops[i].am_error = xfs_attrmulti_attr_set( 573 d_inode(dentry), attr_name, 574 ops[i].am_attrvalue, ops[i].am_length, 575 ops[i].am_flags); 576 mnt_drop_write_file(parfilp); 577 break; 578 case ATTR_OP_REMOVE: 579 ops[i].am_error = mnt_want_write_file(parfilp); 580 if (ops[i].am_error) 581 break; 582 ops[i].am_error = xfs_attrmulti_attr_remove( 583 d_inode(dentry), attr_name, 584 ops[i].am_flags); 585 mnt_drop_write_file(parfilp); 586 break; 587 default: 588 ops[i].am_error = -EINVAL; 589 } 590 } 591 592 if (copy_to_user(am_hreq.ops, ops, size)) 593 error = -EFAULT; 594 595 kfree(attr_name); 596 out_kfree_ops: 597 kfree(ops); 598 out_dput: 599 dput(dentry); 600 return error; 601 } 602 603 int 604 xfs_ioc_space( 605 struct file *filp, 606 unsigned int cmd, 607 xfs_flock64_t *bf) 608 { 609 struct inode *inode = file_inode(filp); 610 struct xfs_inode *ip = XFS_I(inode); 611 struct iattr iattr; 612 enum xfs_prealloc_flags flags = 0; 613 uint iolock = XFS_IOLOCK_EXCL; 614 int error; 615 616 /* 617 * Only allow the sys admin to reserve space unless 618 * unwritten extents are enabled. 619 */ 620 if (!xfs_sb_version_hasextflgbit(&ip->i_mount->m_sb) && 621 !capable(CAP_SYS_ADMIN)) 622 return -EPERM; 623 624 if (inode->i_flags & (S_IMMUTABLE|S_APPEND)) 625 return -EPERM; 626 627 if (!(filp->f_mode & FMODE_WRITE)) 628 return -EBADF; 629 630 if (!S_ISREG(inode->i_mode)) 631 return -EINVAL; 632 633 if (filp->f_flags & O_DSYNC) 634 flags |= XFS_PREALLOC_SYNC; 635 if (filp->f_mode & FMODE_NOCMTIME) 636 flags |= XFS_PREALLOC_INVISIBLE; 637 638 error = mnt_want_write_file(filp); 639 if (error) 640 return error; 641 642 xfs_ilock(ip, iolock); 643 error = xfs_break_layouts(inode, &iolock); 644 if (error) 645 goto out_unlock; 646 647 xfs_ilock(ip, XFS_MMAPLOCK_EXCL); 648 iolock |= XFS_MMAPLOCK_EXCL; 649 650 switch (bf->l_whence) { 651 case 0: /*SEEK_SET*/ 652 break; 653 case 1: /*SEEK_CUR*/ 654 bf->l_start += filp->f_pos; 655 break; 656 case 2: /*SEEK_END*/ 657 bf->l_start += XFS_ISIZE(ip); 658 break; 659 default: 660 error = -EINVAL; 661 goto out_unlock; 662 } 663 664 /* 665 * length of <= 0 for resv/unresv/zero is invalid. length for 666 * alloc/free is ignored completely and we have no idea what userspace 667 * might have set it to, so set it to zero to allow range 668 * checks to pass. 669 */ 670 switch (cmd) { 671 case XFS_IOC_ZERO_RANGE: 672 case XFS_IOC_RESVSP: 673 case XFS_IOC_RESVSP64: 674 case XFS_IOC_UNRESVSP: 675 case XFS_IOC_UNRESVSP64: 676 if (bf->l_len <= 0) { 677 error = -EINVAL; 678 goto out_unlock; 679 } 680 break; 681 default: 682 bf->l_len = 0; 683 break; 684 } 685 686 if (bf->l_start < 0 || 687 bf->l_start > inode->i_sb->s_maxbytes || 688 bf->l_start + bf->l_len < 0 || 689 bf->l_start + bf->l_len >= inode->i_sb->s_maxbytes) { 690 error = -EINVAL; 691 goto out_unlock; 692 } 693 694 switch (cmd) { 695 case XFS_IOC_ZERO_RANGE: 696 flags |= XFS_PREALLOC_SET; 697 error = xfs_zero_file_space(ip, bf->l_start, bf->l_len); 698 break; 699 case XFS_IOC_RESVSP: 700 case XFS_IOC_RESVSP64: 701 flags |= XFS_PREALLOC_SET; 702 error = xfs_alloc_file_space(ip, bf->l_start, bf->l_len, 703 XFS_BMAPI_PREALLOC); 704 break; 705 case XFS_IOC_UNRESVSP: 706 case XFS_IOC_UNRESVSP64: 707 error = xfs_free_file_space(ip, bf->l_start, bf->l_len); 708 break; 709 case XFS_IOC_ALLOCSP: 710 case XFS_IOC_ALLOCSP64: 711 case XFS_IOC_FREESP: 712 case XFS_IOC_FREESP64: 713 flags |= XFS_PREALLOC_CLEAR; 714 if (bf->l_start > XFS_ISIZE(ip)) { 715 error = xfs_alloc_file_space(ip, XFS_ISIZE(ip), 716 bf->l_start - XFS_ISIZE(ip), 0); 717 if (error) 718 goto out_unlock; 719 } 720 721 iattr.ia_valid = ATTR_SIZE; 722 iattr.ia_size = bf->l_start; 723 724 error = xfs_vn_setattr_size(file_dentry(filp), &iattr); 725 break; 726 default: 727 ASSERT(0); 728 error = -EINVAL; 729 } 730 731 if (error) 732 goto out_unlock; 733 734 error = xfs_update_prealloc_flags(ip, flags); 735 736 out_unlock: 737 xfs_iunlock(ip, iolock); 738 mnt_drop_write_file(filp); 739 return error; 740 } 741 742 STATIC int 743 xfs_ioc_bulkstat( 744 xfs_mount_t *mp, 745 unsigned int cmd, 746 void __user *arg) 747 { 748 xfs_fsop_bulkreq_t bulkreq; 749 int count; /* # of records returned */ 750 xfs_ino_t inlast; /* last inode number */ 751 int done; 752 int error; 753 754 /* done = 1 if there are more stats to get and if bulkstat */ 755 /* should be called again (unused here, but used in dmapi) */ 756 757 if (!capable(CAP_SYS_ADMIN)) 758 return -EPERM; 759 760 if (XFS_FORCED_SHUTDOWN(mp)) 761 return -EIO; 762 763 if (copy_from_user(&bulkreq, arg, sizeof(xfs_fsop_bulkreq_t))) 764 return -EFAULT; 765 766 if (copy_from_user(&inlast, bulkreq.lastip, sizeof(__s64))) 767 return -EFAULT; 768 769 if ((count = bulkreq.icount) <= 0) 770 return -EINVAL; 771 772 if (bulkreq.ubuffer == NULL) 773 return -EINVAL; 774 775 if (cmd == XFS_IOC_FSINUMBERS) 776 error = xfs_inumbers(mp, &inlast, &count, 777 bulkreq.ubuffer, xfs_inumbers_fmt); 778 else if (cmd == XFS_IOC_FSBULKSTAT_SINGLE) 779 error = xfs_bulkstat_one(mp, inlast, bulkreq.ubuffer, 780 sizeof(xfs_bstat_t), NULL, &done); 781 else /* XFS_IOC_FSBULKSTAT */ 782 error = xfs_bulkstat(mp, &inlast, &count, xfs_bulkstat_one, 783 sizeof(xfs_bstat_t), bulkreq.ubuffer, 784 &done); 785 786 if (error) 787 return error; 788 789 if (bulkreq.ocount != NULL) { 790 if (copy_to_user(bulkreq.lastip, &inlast, 791 sizeof(xfs_ino_t))) 792 return -EFAULT; 793 794 if (copy_to_user(bulkreq.ocount, &count, sizeof(count))) 795 return -EFAULT; 796 } 797 798 return 0; 799 } 800 801 STATIC int 802 xfs_ioc_fsgeometry_v1( 803 xfs_mount_t *mp, 804 void __user *arg) 805 { 806 xfs_fsop_geom_t fsgeo; 807 int error; 808 809 error = xfs_fs_geometry(mp, &fsgeo, 3); 810 if (error) 811 return error; 812 813 /* 814 * Caller should have passed an argument of type 815 * xfs_fsop_geom_v1_t. This is a proper subset of the 816 * xfs_fsop_geom_t that xfs_fs_geometry() fills in. 817 */ 818 if (copy_to_user(arg, &fsgeo, sizeof(xfs_fsop_geom_v1_t))) 819 return -EFAULT; 820 return 0; 821 } 822 823 STATIC int 824 xfs_ioc_fsgeometry( 825 xfs_mount_t *mp, 826 void __user *arg) 827 { 828 xfs_fsop_geom_t fsgeo; 829 int error; 830 831 error = xfs_fs_geometry(mp, &fsgeo, 4); 832 if (error) 833 return error; 834 835 if (copy_to_user(arg, &fsgeo, sizeof(fsgeo))) 836 return -EFAULT; 837 return 0; 838 } 839 840 /* 841 * Linux extended inode flags interface. 842 */ 843 844 STATIC unsigned int 845 xfs_merge_ioc_xflags( 846 unsigned int flags, 847 unsigned int start) 848 { 849 unsigned int xflags = start; 850 851 if (flags & FS_IMMUTABLE_FL) 852 xflags |= FS_XFLAG_IMMUTABLE; 853 else 854 xflags &= ~FS_XFLAG_IMMUTABLE; 855 if (flags & FS_APPEND_FL) 856 xflags |= FS_XFLAG_APPEND; 857 else 858 xflags &= ~FS_XFLAG_APPEND; 859 if (flags & FS_SYNC_FL) 860 xflags |= FS_XFLAG_SYNC; 861 else 862 xflags &= ~FS_XFLAG_SYNC; 863 if (flags & FS_NOATIME_FL) 864 xflags |= FS_XFLAG_NOATIME; 865 else 866 xflags &= ~FS_XFLAG_NOATIME; 867 if (flags & FS_NODUMP_FL) 868 xflags |= FS_XFLAG_NODUMP; 869 else 870 xflags &= ~FS_XFLAG_NODUMP; 871 872 return xflags; 873 } 874 875 STATIC unsigned int 876 xfs_di2lxflags( 877 __uint16_t di_flags) 878 { 879 unsigned int flags = 0; 880 881 if (di_flags & XFS_DIFLAG_IMMUTABLE) 882 flags |= FS_IMMUTABLE_FL; 883 if (di_flags & XFS_DIFLAG_APPEND) 884 flags |= FS_APPEND_FL; 885 if (di_flags & XFS_DIFLAG_SYNC) 886 flags |= FS_SYNC_FL; 887 if (di_flags & XFS_DIFLAG_NOATIME) 888 flags |= FS_NOATIME_FL; 889 if (di_flags & XFS_DIFLAG_NODUMP) 890 flags |= FS_NODUMP_FL; 891 return flags; 892 } 893 894 STATIC int 895 xfs_ioc_fsgetxattr( 896 xfs_inode_t *ip, 897 int attr, 898 void __user *arg) 899 { 900 struct fsxattr fa; 901 902 memset(&fa, 0, sizeof(struct fsxattr)); 903 904 xfs_ilock(ip, XFS_ILOCK_SHARED); 905 fa.fsx_xflags = xfs_ip2xflags(ip); 906 fa.fsx_extsize = ip->i_d.di_extsize << ip->i_mount->m_sb.sb_blocklog; 907 fa.fsx_cowextsize = ip->i_d.di_cowextsize << 908 ip->i_mount->m_sb.sb_blocklog; 909 fa.fsx_projid = xfs_get_projid(ip); 910 911 if (attr) { 912 if (ip->i_afp) { 913 if (ip->i_afp->if_flags & XFS_IFEXTENTS) 914 fa.fsx_nextents = xfs_iext_count(ip->i_afp); 915 else 916 fa.fsx_nextents = ip->i_d.di_anextents; 917 } else 918 fa.fsx_nextents = 0; 919 } else { 920 if (ip->i_df.if_flags & XFS_IFEXTENTS) 921 fa.fsx_nextents = xfs_iext_count(&ip->i_df); 922 else 923 fa.fsx_nextents = ip->i_d.di_nextents; 924 } 925 xfs_iunlock(ip, XFS_ILOCK_SHARED); 926 927 if (copy_to_user(arg, &fa, sizeof(fa))) 928 return -EFAULT; 929 return 0; 930 } 931 932 STATIC void 933 xfs_set_diflags( 934 struct xfs_inode *ip, 935 unsigned int xflags) 936 { 937 unsigned int di_flags; 938 uint64_t di_flags2; 939 940 /* can't set PREALLOC this way, just preserve it */ 941 di_flags = (ip->i_d.di_flags & XFS_DIFLAG_PREALLOC); 942 if (xflags & FS_XFLAG_IMMUTABLE) 943 di_flags |= XFS_DIFLAG_IMMUTABLE; 944 if (xflags & FS_XFLAG_APPEND) 945 di_flags |= XFS_DIFLAG_APPEND; 946 if (xflags & FS_XFLAG_SYNC) 947 di_flags |= XFS_DIFLAG_SYNC; 948 if (xflags & FS_XFLAG_NOATIME) 949 di_flags |= XFS_DIFLAG_NOATIME; 950 if (xflags & FS_XFLAG_NODUMP) 951 di_flags |= XFS_DIFLAG_NODUMP; 952 if (xflags & FS_XFLAG_NODEFRAG) 953 di_flags |= XFS_DIFLAG_NODEFRAG; 954 if (xflags & FS_XFLAG_FILESTREAM) 955 di_flags |= XFS_DIFLAG_FILESTREAM; 956 if (S_ISDIR(VFS_I(ip)->i_mode)) { 957 if (xflags & FS_XFLAG_RTINHERIT) 958 di_flags |= XFS_DIFLAG_RTINHERIT; 959 if (xflags & FS_XFLAG_NOSYMLINKS) 960 di_flags |= XFS_DIFLAG_NOSYMLINKS; 961 if (xflags & FS_XFLAG_EXTSZINHERIT) 962 di_flags |= XFS_DIFLAG_EXTSZINHERIT; 963 if (xflags & FS_XFLAG_PROJINHERIT) 964 di_flags |= XFS_DIFLAG_PROJINHERIT; 965 } else if (S_ISREG(VFS_I(ip)->i_mode)) { 966 if (xflags & FS_XFLAG_REALTIME) 967 di_flags |= XFS_DIFLAG_REALTIME; 968 if (xflags & FS_XFLAG_EXTSIZE) 969 di_flags |= XFS_DIFLAG_EXTSIZE; 970 } 971 ip->i_d.di_flags = di_flags; 972 973 /* diflags2 only valid for v3 inodes. */ 974 if (ip->i_d.di_version < 3) 975 return; 976 977 di_flags2 = (ip->i_d.di_flags2 & XFS_DIFLAG2_REFLINK); 978 if (xflags & FS_XFLAG_DAX) 979 di_flags2 |= XFS_DIFLAG2_DAX; 980 if (xflags & FS_XFLAG_COWEXTSIZE) 981 di_flags2 |= XFS_DIFLAG2_COWEXTSIZE; 982 983 ip->i_d.di_flags2 = di_flags2; 984 } 985 986 STATIC void 987 xfs_diflags_to_linux( 988 struct xfs_inode *ip) 989 { 990 struct inode *inode = VFS_I(ip); 991 unsigned int xflags = xfs_ip2xflags(ip); 992 993 if (xflags & FS_XFLAG_IMMUTABLE) 994 inode->i_flags |= S_IMMUTABLE; 995 else 996 inode->i_flags &= ~S_IMMUTABLE; 997 if (xflags & FS_XFLAG_APPEND) 998 inode->i_flags |= S_APPEND; 999 else 1000 inode->i_flags &= ~S_APPEND; 1001 if (xflags & FS_XFLAG_SYNC) 1002 inode->i_flags |= S_SYNC; 1003 else 1004 inode->i_flags &= ~S_SYNC; 1005 if (xflags & FS_XFLAG_NOATIME) 1006 inode->i_flags |= S_NOATIME; 1007 else 1008 inode->i_flags &= ~S_NOATIME; 1009 if (xflags & FS_XFLAG_DAX) 1010 inode->i_flags |= S_DAX; 1011 else 1012 inode->i_flags &= ~S_DAX; 1013 1014 } 1015 1016 static int 1017 xfs_ioctl_setattr_xflags( 1018 struct xfs_trans *tp, 1019 struct xfs_inode *ip, 1020 struct fsxattr *fa) 1021 { 1022 struct xfs_mount *mp = ip->i_mount; 1023 1024 /* Can't change realtime flag if any extents are allocated. */ 1025 if ((ip->i_d.di_nextents || ip->i_delayed_blks) && 1026 XFS_IS_REALTIME_INODE(ip) != (fa->fsx_xflags & FS_XFLAG_REALTIME)) 1027 return -EINVAL; 1028 1029 /* If realtime flag is set then must have realtime device */ 1030 if (fa->fsx_xflags & FS_XFLAG_REALTIME) { 1031 if (mp->m_sb.sb_rblocks == 0 || mp->m_sb.sb_rextsize == 0 || 1032 (ip->i_d.di_extsize % mp->m_sb.sb_rextsize)) 1033 return -EINVAL; 1034 } 1035 1036 /* Clear reflink if we are actually able to set the rt flag. */ 1037 if ((fa->fsx_xflags & FS_XFLAG_REALTIME) && xfs_is_reflink_inode(ip)) 1038 ip->i_d.di_flags2 &= ~XFS_DIFLAG2_REFLINK; 1039 1040 /* Don't allow us to set DAX mode for a reflinked file for now. */ 1041 if ((fa->fsx_xflags & FS_XFLAG_DAX) && xfs_is_reflink_inode(ip)) 1042 return -EINVAL; 1043 1044 /* 1045 * Can't modify an immutable/append-only file unless 1046 * we have appropriate permission. 1047 */ 1048 if (((ip->i_d.di_flags & (XFS_DIFLAG_IMMUTABLE | XFS_DIFLAG_APPEND)) || 1049 (fa->fsx_xflags & (FS_XFLAG_IMMUTABLE | FS_XFLAG_APPEND))) && 1050 !capable(CAP_LINUX_IMMUTABLE)) 1051 return -EPERM; 1052 1053 xfs_set_diflags(ip, fa->fsx_xflags); 1054 xfs_diflags_to_linux(ip); 1055 xfs_trans_ichgtime(tp, ip, XFS_ICHGTIME_CHG); 1056 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 1057 XFS_STATS_INC(mp, xs_ig_attrchg); 1058 return 0; 1059 } 1060 1061 /* 1062 * If we are changing DAX flags, we have to ensure the file is clean and any 1063 * cached objects in the address space are invalidated and removed. This 1064 * requires us to lock out other IO and page faults similar to a truncate 1065 * operation. The locks need to be held until the transaction has been committed 1066 * so that the cache invalidation is atomic with respect to the DAX flag 1067 * manipulation. 1068 */ 1069 static int 1070 xfs_ioctl_setattr_dax_invalidate( 1071 struct xfs_inode *ip, 1072 struct fsxattr *fa, 1073 int *join_flags) 1074 { 1075 struct inode *inode = VFS_I(ip); 1076 int error; 1077 1078 *join_flags = 0; 1079 1080 /* 1081 * It is only valid to set the DAX flag on regular files and 1082 * directories on filesystems where the block size is equal to the page 1083 * size. On directories it serves as an inherit hint. 1084 */ 1085 if (fa->fsx_xflags & FS_XFLAG_DAX) { 1086 if (!(S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode))) 1087 return -EINVAL; 1088 if (ip->i_mount->m_sb.sb_blocksize != PAGE_SIZE) 1089 return -EINVAL; 1090 } 1091 1092 /* If the DAX state is not changing, we have nothing to do here. */ 1093 if ((fa->fsx_xflags & FS_XFLAG_DAX) && IS_DAX(inode)) 1094 return 0; 1095 if (!(fa->fsx_xflags & FS_XFLAG_DAX) && !IS_DAX(inode)) 1096 return 0; 1097 1098 /* lock, flush and invalidate mapping in preparation for flag change */ 1099 xfs_ilock(ip, XFS_MMAPLOCK_EXCL | XFS_IOLOCK_EXCL); 1100 error = filemap_write_and_wait(inode->i_mapping); 1101 if (error) 1102 goto out_unlock; 1103 error = invalidate_inode_pages2(inode->i_mapping); 1104 if (error) 1105 goto out_unlock; 1106 1107 *join_flags = XFS_MMAPLOCK_EXCL | XFS_IOLOCK_EXCL; 1108 return 0; 1109 1110 out_unlock: 1111 xfs_iunlock(ip, XFS_MMAPLOCK_EXCL | XFS_IOLOCK_EXCL); 1112 return error; 1113 1114 } 1115 1116 /* 1117 * Set up the transaction structure for the setattr operation, checking that we 1118 * have permission to do so. On success, return a clean transaction and the 1119 * inode locked exclusively ready for further operation specific checks. On 1120 * failure, return an error without modifying or locking the inode. 1121 * 1122 * The inode might already be IO locked on call. If this is the case, it is 1123 * indicated in @join_flags and we take full responsibility for ensuring they 1124 * are unlocked from now on. Hence if we have an error here, we still have to 1125 * unlock them. Otherwise, once they are joined to the transaction, they will 1126 * be unlocked on commit/cancel. 1127 */ 1128 static struct xfs_trans * 1129 xfs_ioctl_setattr_get_trans( 1130 struct xfs_inode *ip, 1131 int join_flags) 1132 { 1133 struct xfs_mount *mp = ip->i_mount; 1134 struct xfs_trans *tp; 1135 int error = -EROFS; 1136 1137 if (mp->m_flags & XFS_MOUNT_RDONLY) 1138 goto out_unlock; 1139 error = -EIO; 1140 if (XFS_FORCED_SHUTDOWN(mp)) 1141 goto out_unlock; 1142 1143 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_ichange, 0, 0, 0, &tp); 1144 if (error) 1145 return ERR_PTR(error); 1146 1147 xfs_ilock(ip, XFS_ILOCK_EXCL); 1148 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL | join_flags); 1149 join_flags = 0; 1150 1151 /* 1152 * CAP_FOWNER overrides the following restrictions: 1153 * 1154 * The user ID of the calling process must be equal to the file owner 1155 * ID, except in cases where the CAP_FSETID capability is applicable. 1156 */ 1157 if (!inode_owner_or_capable(VFS_I(ip))) { 1158 error = -EPERM; 1159 goto out_cancel; 1160 } 1161 1162 if (mp->m_flags & XFS_MOUNT_WSYNC) 1163 xfs_trans_set_sync(tp); 1164 1165 return tp; 1166 1167 out_cancel: 1168 xfs_trans_cancel(tp); 1169 out_unlock: 1170 if (join_flags) 1171 xfs_iunlock(ip, join_flags); 1172 return ERR_PTR(error); 1173 } 1174 1175 /* 1176 * extent size hint validation is somewhat cumbersome. Rules are: 1177 * 1178 * 1. extent size hint is only valid for directories and regular files 1179 * 2. FS_XFLAG_EXTSIZE is only valid for regular files 1180 * 3. FS_XFLAG_EXTSZINHERIT is only valid for directories. 1181 * 4. can only be changed on regular files if no extents are allocated 1182 * 5. can be changed on directories at any time 1183 * 6. extsize hint of 0 turns off hints, clears inode flags. 1184 * 7. Extent size must be a multiple of the appropriate block size. 1185 * 8. for non-realtime files, the extent size hint must be limited 1186 * to half the AG size to avoid alignment extending the extent beyond the 1187 * limits of the AG. 1188 */ 1189 static int 1190 xfs_ioctl_setattr_check_extsize( 1191 struct xfs_inode *ip, 1192 struct fsxattr *fa) 1193 { 1194 struct xfs_mount *mp = ip->i_mount; 1195 1196 if ((fa->fsx_xflags & FS_XFLAG_EXTSIZE) && !S_ISREG(VFS_I(ip)->i_mode)) 1197 return -EINVAL; 1198 1199 if ((fa->fsx_xflags & FS_XFLAG_EXTSZINHERIT) && 1200 !S_ISDIR(VFS_I(ip)->i_mode)) 1201 return -EINVAL; 1202 1203 if (S_ISREG(VFS_I(ip)->i_mode) && ip->i_d.di_nextents && 1204 ((ip->i_d.di_extsize << mp->m_sb.sb_blocklog) != fa->fsx_extsize)) 1205 return -EINVAL; 1206 1207 if (fa->fsx_extsize != 0) { 1208 xfs_extlen_t size; 1209 xfs_fsblock_t extsize_fsb; 1210 1211 extsize_fsb = XFS_B_TO_FSB(mp, fa->fsx_extsize); 1212 if (extsize_fsb > MAXEXTLEN) 1213 return -EINVAL; 1214 1215 if (XFS_IS_REALTIME_INODE(ip) || 1216 (fa->fsx_xflags & FS_XFLAG_REALTIME)) { 1217 size = mp->m_sb.sb_rextsize << mp->m_sb.sb_blocklog; 1218 } else { 1219 size = mp->m_sb.sb_blocksize; 1220 if (extsize_fsb > mp->m_sb.sb_agblocks / 2) 1221 return -EINVAL; 1222 } 1223 1224 if (fa->fsx_extsize % size) 1225 return -EINVAL; 1226 } else 1227 fa->fsx_xflags &= ~(FS_XFLAG_EXTSIZE | FS_XFLAG_EXTSZINHERIT); 1228 1229 return 0; 1230 } 1231 1232 /* 1233 * CoW extent size hint validation rules are: 1234 * 1235 * 1. CoW extent size hint can only be set if reflink is enabled on the fs. 1236 * The inode does not have to have any shared blocks, but it must be a v3. 1237 * 2. FS_XFLAG_COWEXTSIZE is only valid for directories and regular files; 1238 * for a directory, the hint is propagated to new files. 1239 * 3. Can be changed on files & directories at any time. 1240 * 4. CoW extsize hint of 0 turns off hints, clears inode flags. 1241 * 5. Extent size must be a multiple of the appropriate block size. 1242 * 6. The extent size hint must be limited to half the AG size to avoid 1243 * alignment extending the extent beyond the limits of the AG. 1244 */ 1245 static int 1246 xfs_ioctl_setattr_check_cowextsize( 1247 struct xfs_inode *ip, 1248 struct fsxattr *fa) 1249 { 1250 struct xfs_mount *mp = ip->i_mount; 1251 1252 if (!(fa->fsx_xflags & FS_XFLAG_COWEXTSIZE)) 1253 return 0; 1254 1255 if (!xfs_sb_version_hasreflink(&ip->i_mount->m_sb) || 1256 ip->i_d.di_version != 3) 1257 return -EINVAL; 1258 1259 if (!S_ISREG(VFS_I(ip)->i_mode) && !S_ISDIR(VFS_I(ip)->i_mode)) 1260 return -EINVAL; 1261 1262 if (fa->fsx_cowextsize != 0) { 1263 xfs_extlen_t size; 1264 xfs_fsblock_t cowextsize_fsb; 1265 1266 cowextsize_fsb = XFS_B_TO_FSB(mp, fa->fsx_cowextsize); 1267 if (cowextsize_fsb > MAXEXTLEN) 1268 return -EINVAL; 1269 1270 size = mp->m_sb.sb_blocksize; 1271 if (cowextsize_fsb > mp->m_sb.sb_agblocks / 2) 1272 return -EINVAL; 1273 1274 if (fa->fsx_cowextsize % size) 1275 return -EINVAL; 1276 } else 1277 fa->fsx_xflags &= ~FS_XFLAG_COWEXTSIZE; 1278 1279 return 0; 1280 } 1281 1282 static int 1283 xfs_ioctl_setattr_check_projid( 1284 struct xfs_inode *ip, 1285 struct fsxattr *fa) 1286 { 1287 /* Disallow 32bit project ids if projid32bit feature is not enabled. */ 1288 if (fa->fsx_projid > (__uint16_t)-1 && 1289 !xfs_sb_version_hasprojid32bit(&ip->i_mount->m_sb)) 1290 return -EINVAL; 1291 1292 /* 1293 * Project Quota ID state is only allowed to change from within the init 1294 * namespace. Enforce that restriction only if we are trying to change 1295 * the quota ID state. Everything else is allowed in user namespaces. 1296 */ 1297 if (current_user_ns() == &init_user_ns) 1298 return 0; 1299 1300 if (xfs_get_projid(ip) != fa->fsx_projid) 1301 return -EINVAL; 1302 if ((fa->fsx_xflags & FS_XFLAG_PROJINHERIT) != 1303 (ip->i_d.di_flags & XFS_DIFLAG_PROJINHERIT)) 1304 return -EINVAL; 1305 1306 return 0; 1307 } 1308 1309 STATIC int 1310 xfs_ioctl_setattr( 1311 xfs_inode_t *ip, 1312 struct fsxattr *fa) 1313 { 1314 struct xfs_mount *mp = ip->i_mount; 1315 struct xfs_trans *tp; 1316 struct xfs_dquot *udqp = NULL; 1317 struct xfs_dquot *pdqp = NULL; 1318 struct xfs_dquot *olddquot = NULL; 1319 int code; 1320 int join_flags = 0; 1321 1322 trace_xfs_ioctl_setattr(ip); 1323 1324 code = xfs_ioctl_setattr_check_projid(ip, fa); 1325 if (code) 1326 return code; 1327 1328 /* 1329 * If disk quotas is on, we make sure that the dquots do exist on disk, 1330 * before we start any other transactions. Trying to do this later 1331 * is messy. We don't care to take a readlock to look at the ids 1332 * in inode here, because we can't hold it across the trans_reserve. 1333 * If the IDs do change before we take the ilock, we're covered 1334 * because the i_*dquot fields will get updated anyway. 1335 */ 1336 if (XFS_IS_QUOTA_ON(mp)) { 1337 code = xfs_qm_vop_dqalloc(ip, ip->i_d.di_uid, 1338 ip->i_d.di_gid, fa->fsx_projid, 1339 XFS_QMOPT_PQUOTA, &udqp, NULL, &pdqp); 1340 if (code) 1341 return code; 1342 } 1343 1344 /* 1345 * Changing DAX config may require inode locking for mapping 1346 * invalidation. These need to be held all the way to transaction commit 1347 * or cancel time, so need to be passed through to 1348 * xfs_ioctl_setattr_get_trans() so it can apply them to the join call 1349 * appropriately. 1350 */ 1351 code = xfs_ioctl_setattr_dax_invalidate(ip, fa, &join_flags); 1352 if (code) 1353 goto error_free_dquots; 1354 1355 tp = xfs_ioctl_setattr_get_trans(ip, join_flags); 1356 if (IS_ERR(tp)) { 1357 code = PTR_ERR(tp); 1358 goto error_free_dquots; 1359 } 1360 1361 1362 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_PQUOTA_ON(mp) && 1363 xfs_get_projid(ip) != fa->fsx_projid) { 1364 code = xfs_qm_vop_chown_reserve(tp, ip, udqp, NULL, pdqp, 1365 capable(CAP_FOWNER) ? XFS_QMOPT_FORCE_RES : 0); 1366 if (code) /* out of quota */ 1367 goto error_trans_cancel; 1368 } 1369 1370 code = xfs_ioctl_setattr_check_extsize(ip, fa); 1371 if (code) 1372 goto error_trans_cancel; 1373 1374 code = xfs_ioctl_setattr_check_cowextsize(ip, fa); 1375 if (code) 1376 goto error_trans_cancel; 1377 1378 code = xfs_ioctl_setattr_xflags(tp, ip, fa); 1379 if (code) 1380 goto error_trans_cancel; 1381 1382 /* 1383 * Change file ownership. Must be the owner or privileged. CAP_FSETID 1384 * overrides the following restrictions: 1385 * 1386 * The set-user-ID and set-group-ID bits of a file will be cleared upon 1387 * successful return from chown() 1388 */ 1389 1390 if ((VFS_I(ip)->i_mode & (S_ISUID|S_ISGID)) && 1391 !capable_wrt_inode_uidgid(VFS_I(ip), CAP_FSETID)) 1392 VFS_I(ip)->i_mode &= ~(S_ISUID|S_ISGID); 1393 1394 /* Change the ownerships and register project quota modifications */ 1395 if (xfs_get_projid(ip) != fa->fsx_projid) { 1396 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_PQUOTA_ON(mp)) { 1397 olddquot = xfs_qm_vop_chown(tp, ip, 1398 &ip->i_pdquot, pdqp); 1399 } 1400 ASSERT(ip->i_d.di_version > 1); 1401 xfs_set_projid(ip, fa->fsx_projid); 1402 } 1403 1404 /* 1405 * Only set the extent size hint if we've already determined that the 1406 * extent size hint should be set on the inode. If no extent size flags 1407 * are set on the inode then unconditionally clear the extent size hint. 1408 */ 1409 if (ip->i_d.di_flags & (XFS_DIFLAG_EXTSIZE | XFS_DIFLAG_EXTSZINHERIT)) 1410 ip->i_d.di_extsize = fa->fsx_extsize >> mp->m_sb.sb_blocklog; 1411 else 1412 ip->i_d.di_extsize = 0; 1413 if (ip->i_d.di_version == 3 && 1414 (ip->i_d.di_flags2 & XFS_DIFLAG2_COWEXTSIZE)) 1415 ip->i_d.di_cowextsize = fa->fsx_cowextsize >> 1416 mp->m_sb.sb_blocklog; 1417 else 1418 ip->i_d.di_cowextsize = 0; 1419 1420 code = xfs_trans_commit(tp); 1421 1422 /* 1423 * Release any dquot(s) the inode had kept before chown. 1424 */ 1425 xfs_qm_dqrele(olddquot); 1426 xfs_qm_dqrele(udqp); 1427 xfs_qm_dqrele(pdqp); 1428 1429 return code; 1430 1431 error_trans_cancel: 1432 xfs_trans_cancel(tp); 1433 error_free_dquots: 1434 xfs_qm_dqrele(udqp); 1435 xfs_qm_dqrele(pdqp); 1436 return code; 1437 } 1438 1439 STATIC int 1440 xfs_ioc_fssetxattr( 1441 xfs_inode_t *ip, 1442 struct file *filp, 1443 void __user *arg) 1444 { 1445 struct fsxattr fa; 1446 int error; 1447 1448 if (copy_from_user(&fa, arg, sizeof(fa))) 1449 return -EFAULT; 1450 1451 error = mnt_want_write_file(filp); 1452 if (error) 1453 return error; 1454 error = xfs_ioctl_setattr(ip, &fa); 1455 mnt_drop_write_file(filp); 1456 return error; 1457 } 1458 1459 STATIC int 1460 xfs_ioc_getxflags( 1461 xfs_inode_t *ip, 1462 void __user *arg) 1463 { 1464 unsigned int flags; 1465 1466 flags = xfs_di2lxflags(ip->i_d.di_flags); 1467 if (copy_to_user(arg, &flags, sizeof(flags))) 1468 return -EFAULT; 1469 return 0; 1470 } 1471 1472 STATIC int 1473 xfs_ioc_setxflags( 1474 struct xfs_inode *ip, 1475 struct file *filp, 1476 void __user *arg) 1477 { 1478 struct xfs_trans *tp; 1479 struct fsxattr fa; 1480 unsigned int flags; 1481 int join_flags = 0; 1482 int error; 1483 1484 if (copy_from_user(&flags, arg, sizeof(flags))) 1485 return -EFAULT; 1486 1487 if (flags & ~(FS_IMMUTABLE_FL | FS_APPEND_FL | \ 1488 FS_NOATIME_FL | FS_NODUMP_FL | \ 1489 FS_SYNC_FL)) 1490 return -EOPNOTSUPP; 1491 1492 fa.fsx_xflags = xfs_merge_ioc_xflags(flags, xfs_ip2xflags(ip)); 1493 1494 error = mnt_want_write_file(filp); 1495 if (error) 1496 return error; 1497 1498 /* 1499 * Changing DAX config may require inode locking for mapping 1500 * invalidation. These need to be held all the way to transaction commit 1501 * or cancel time, so need to be passed through to 1502 * xfs_ioctl_setattr_get_trans() so it can apply them to the join call 1503 * appropriately. 1504 */ 1505 error = xfs_ioctl_setattr_dax_invalidate(ip, &fa, &join_flags); 1506 if (error) 1507 goto out_drop_write; 1508 1509 tp = xfs_ioctl_setattr_get_trans(ip, join_flags); 1510 if (IS_ERR(tp)) { 1511 error = PTR_ERR(tp); 1512 goto out_drop_write; 1513 } 1514 1515 error = xfs_ioctl_setattr_xflags(tp, ip, &fa); 1516 if (error) { 1517 xfs_trans_cancel(tp); 1518 goto out_drop_write; 1519 } 1520 1521 error = xfs_trans_commit(tp); 1522 out_drop_write: 1523 mnt_drop_write_file(filp); 1524 return error; 1525 } 1526 1527 STATIC int 1528 xfs_getbmap_format(void **ap, struct getbmapx *bmv) 1529 { 1530 struct getbmap __user *base = (struct getbmap __user *)*ap; 1531 1532 /* copy only getbmap portion (not getbmapx) */ 1533 if (copy_to_user(base, bmv, sizeof(struct getbmap))) 1534 return -EFAULT; 1535 1536 *ap += sizeof(struct getbmap); 1537 return 0; 1538 } 1539 1540 STATIC int 1541 xfs_ioc_getbmap( 1542 struct file *file, 1543 unsigned int cmd, 1544 void __user *arg) 1545 { 1546 struct getbmapx bmx; 1547 int error; 1548 1549 if (copy_from_user(&bmx, arg, sizeof(struct getbmapx))) 1550 return -EFAULT; 1551 1552 if (bmx.bmv_count < 2) 1553 return -EINVAL; 1554 1555 bmx.bmv_iflags = (cmd == XFS_IOC_GETBMAPA ? BMV_IF_ATTRFORK : 0); 1556 if (file->f_mode & FMODE_NOCMTIME) 1557 bmx.bmv_iflags |= BMV_IF_NO_DMAPI_READ; 1558 1559 error = xfs_getbmap(XFS_I(file_inode(file)), &bmx, xfs_getbmap_format, 1560 (__force struct getbmap *)arg+1); 1561 if (error) 1562 return error; 1563 1564 /* copy back header - only size of getbmap */ 1565 if (copy_to_user(arg, &bmx, sizeof(struct getbmap))) 1566 return -EFAULT; 1567 return 0; 1568 } 1569 1570 STATIC int 1571 xfs_getbmapx_format(void **ap, struct getbmapx *bmv) 1572 { 1573 struct getbmapx __user *base = (struct getbmapx __user *)*ap; 1574 1575 if (copy_to_user(base, bmv, sizeof(struct getbmapx))) 1576 return -EFAULT; 1577 1578 *ap += sizeof(struct getbmapx); 1579 return 0; 1580 } 1581 1582 STATIC int 1583 xfs_ioc_getbmapx( 1584 struct xfs_inode *ip, 1585 void __user *arg) 1586 { 1587 struct getbmapx bmx; 1588 int error; 1589 1590 if (copy_from_user(&bmx, arg, sizeof(bmx))) 1591 return -EFAULT; 1592 1593 if (bmx.bmv_count < 2) 1594 return -EINVAL; 1595 1596 if (bmx.bmv_iflags & (~BMV_IF_VALID)) 1597 return -EINVAL; 1598 1599 error = xfs_getbmap(ip, &bmx, xfs_getbmapx_format, 1600 (__force struct getbmapx *)arg+1); 1601 if (error) 1602 return error; 1603 1604 /* copy back header */ 1605 if (copy_to_user(arg, &bmx, sizeof(struct getbmapx))) 1606 return -EFAULT; 1607 1608 return 0; 1609 } 1610 1611 int 1612 xfs_ioc_swapext( 1613 xfs_swapext_t *sxp) 1614 { 1615 xfs_inode_t *ip, *tip; 1616 struct fd f, tmp; 1617 int error = 0; 1618 1619 /* Pull information for the target fd */ 1620 f = fdget((int)sxp->sx_fdtarget); 1621 if (!f.file) { 1622 error = -EINVAL; 1623 goto out; 1624 } 1625 1626 if (!(f.file->f_mode & FMODE_WRITE) || 1627 !(f.file->f_mode & FMODE_READ) || 1628 (f.file->f_flags & O_APPEND)) { 1629 error = -EBADF; 1630 goto out_put_file; 1631 } 1632 1633 tmp = fdget((int)sxp->sx_fdtmp); 1634 if (!tmp.file) { 1635 error = -EINVAL; 1636 goto out_put_file; 1637 } 1638 1639 if (!(tmp.file->f_mode & FMODE_WRITE) || 1640 !(tmp.file->f_mode & FMODE_READ) || 1641 (tmp.file->f_flags & O_APPEND)) { 1642 error = -EBADF; 1643 goto out_put_tmp_file; 1644 } 1645 1646 if (IS_SWAPFILE(file_inode(f.file)) || 1647 IS_SWAPFILE(file_inode(tmp.file))) { 1648 error = -EINVAL; 1649 goto out_put_tmp_file; 1650 } 1651 1652 /* 1653 * We need to ensure that the fds passed in point to XFS inodes 1654 * before we cast and access them as XFS structures as we have no 1655 * control over what the user passes us here. 1656 */ 1657 if (f.file->f_op != &xfs_file_operations || 1658 tmp.file->f_op != &xfs_file_operations) { 1659 error = -EINVAL; 1660 goto out_put_tmp_file; 1661 } 1662 1663 ip = XFS_I(file_inode(f.file)); 1664 tip = XFS_I(file_inode(tmp.file)); 1665 1666 if (ip->i_mount != tip->i_mount) { 1667 error = -EINVAL; 1668 goto out_put_tmp_file; 1669 } 1670 1671 if (ip->i_ino == tip->i_ino) { 1672 error = -EINVAL; 1673 goto out_put_tmp_file; 1674 } 1675 1676 if (XFS_FORCED_SHUTDOWN(ip->i_mount)) { 1677 error = -EIO; 1678 goto out_put_tmp_file; 1679 } 1680 1681 error = xfs_swap_extents(ip, tip, sxp); 1682 1683 out_put_tmp_file: 1684 fdput(tmp); 1685 out_put_file: 1686 fdput(f); 1687 out: 1688 return error; 1689 } 1690 1691 /* 1692 * Note: some of the ioctl's return positive numbers as a 1693 * byte count indicating success, such as readlink_by_handle. 1694 * So we don't "sign flip" like most other routines. This means 1695 * true errors need to be returned as a negative value. 1696 */ 1697 long 1698 xfs_file_ioctl( 1699 struct file *filp, 1700 unsigned int cmd, 1701 unsigned long p) 1702 { 1703 struct inode *inode = file_inode(filp); 1704 struct xfs_inode *ip = XFS_I(inode); 1705 struct xfs_mount *mp = ip->i_mount; 1706 void __user *arg = (void __user *)p; 1707 int error; 1708 1709 trace_xfs_file_ioctl(ip); 1710 1711 switch (cmd) { 1712 case FITRIM: 1713 return xfs_ioc_trim(mp, arg); 1714 case XFS_IOC_ALLOCSP: 1715 case XFS_IOC_FREESP: 1716 case XFS_IOC_RESVSP: 1717 case XFS_IOC_UNRESVSP: 1718 case XFS_IOC_ALLOCSP64: 1719 case XFS_IOC_FREESP64: 1720 case XFS_IOC_RESVSP64: 1721 case XFS_IOC_UNRESVSP64: 1722 case XFS_IOC_ZERO_RANGE: { 1723 xfs_flock64_t bf; 1724 1725 if (copy_from_user(&bf, arg, sizeof(bf))) 1726 return -EFAULT; 1727 return xfs_ioc_space(filp, cmd, &bf); 1728 } 1729 case XFS_IOC_DIOINFO: { 1730 struct dioattr da; 1731 xfs_buftarg_t *target = 1732 XFS_IS_REALTIME_INODE(ip) ? 1733 mp->m_rtdev_targp : mp->m_ddev_targp; 1734 1735 da.d_mem = da.d_miniosz = target->bt_logical_sectorsize; 1736 da.d_maxiosz = INT_MAX & ~(da.d_miniosz - 1); 1737 1738 if (copy_to_user(arg, &da, sizeof(da))) 1739 return -EFAULT; 1740 return 0; 1741 } 1742 1743 case XFS_IOC_FSBULKSTAT_SINGLE: 1744 case XFS_IOC_FSBULKSTAT: 1745 case XFS_IOC_FSINUMBERS: 1746 return xfs_ioc_bulkstat(mp, cmd, arg); 1747 1748 case XFS_IOC_FSGEOMETRY_V1: 1749 return xfs_ioc_fsgeometry_v1(mp, arg); 1750 1751 case XFS_IOC_FSGEOMETRY: 1752 return xfs_ioc_fsgeometry(mp, arg); 1753 1754 case XFS_IOC_GETVERSION: 1755 return put_user(inode->i_generation, (int __user *)arg); 1756 1757 case XFS_IOC_FSGETXATTR: 1758 return xfs_ioc_fsgetxattr(ip, 0, arg); 1759 case XFS_IOC_FSGETXATTRA: 1760 return xfs_ioc_fsgetxattr(ip, 1, arg); 1761 case XFS_IOC_FSSETXATTR: 1762 return xfs_ioc_fssetxattr(ip, filp, arg); 1763 case XFS_IOC_GETXFLAGS: 1764 return xfs_ioc_getxflags(ip, arg); 1765 case XFS_IOC_SETXFLAGS: 1766 return xfs_ioc_setxflags(ip, filp, arg); 1767 1768 case XFS_IOC_FSSETDM: { 1769 struct fsdmidata dmi; 1770 1771 if (copy_from_user(&dmi, arg, sizeof(dmi))) 1772 return -EFAULT; 1773 1774 error = mnt_want_write_file(filp); 1775 if (error) 1776 return error; 1777 1778 error = xfs_set_dmattrs(ip, dmi.fsd_dmevmask, 1779 dmi.fsd_dmstate); 1780 mnt_drop_write_file(filp); 1781 return error; 1782 } 1783 1784 case XFS_IOC_GETBMAP: 1785 case XFS_IOC_GETBMAPA: 1786 return xfs_ioc_getbmap(filp, cmd, arg); 1787 1788 case XFS_IOC_GETBMAPX: 1789 return xfs_ioc_getbmapx(ip, arg); 1790 1791 case XFS_IOC_FD_TO_HANDLE: 1792 case XFS_IOC_PATH_TO_HANDLE: 1793 case XFS_IOC_PATH_TO_FSHANDLE: { 1794 xfs_fsop_handlereq_t hreq; 1795 1796 if (copy_from_user(&hreq, arg, sizeof(hreq))) 1797 return -EFAULT; 1798 return xfs_find_handle(cmd, &hreq); 1799 } 1800 case XFS_IOC_OPEN_BY_HANDLE: { 1801 xfs_fsop_handlereq_t hreq; 1802 1803 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t))) 1804 return -EFAULT; 1805 return xfs_open_by_handle(filp, &hreq); 1806 } 1807 case XFS_IOC_FSSETDM_BY_HANDLE: 1808 return xfs_fssetdm_by_handle(filp, arg); 1809 1810 case XFS_IOC_READLINK_BY_HANDLE: { 1811 xfs_fsop_handlereq_t hreq; 1812 1813 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t))) 1814 return -EFAULT; 1815 return xfs_readlink_by_handle(filp, &hreq); 1816 } 1817 case XFS_IOC_ATTRLIST_BY_HANDLE: 1818 return xfs_attrlist_by_handle(filp, arg); 1819 1820 case XFS_IOC_ATTRMULTI_BY_HANDLE: 1821 return xfs_attrmulti_by_handle(filp, arg); 1822 1823 case XFS_IOC_SWAPEXT: { 1824 struct xfs_swapext sxp; 1825 1826 if (copy_from_user(&sxp, arg, sizeof(xfs_swapext_t))) 1827 return -EFAULT; 1828 error = mnt_want_write_file(filp); 1829 if (error) 1830 return error; 1831 error = xfs_ioc_swapext(&sxp); 1832 mnt_drop_write_file(filp); 1833 return error; 1834 } 1835 1836 case XFS_IOC_FSCOUNTS: { 1837 xfs_fsop_counts_t out; 1838 1839 error = xfs_fs_counts(mp, &out); 1840 if (error) 1841 return error; 1842 1843 if (copy_to_user(arg, &out, sizeof(out))) 1844 return -EFAULT; 1845 return 0; 1846 } 1847 1848 case XFS_IOC_SET_RESBLKS: { 1849 xfs_fsop_resblks_t inout; 1850 __uint64_t in; 1851 1852 if (!capable(CAP_SYS_ADMIN)) 1853 return -EPERM; 1854 1855 if (mp->m_flags & XFS_MOUNT_RDONLY) 1856 return -EROFS; 1857 1858 if (copy_from_user(&inout, arg, sizeof(inout))) 1859 return -EFAULT; 1860 1861 error = mnt_want_write_file(filp); 1862 if (error) 1863 return error; 1864 1865 /* input parameter is passed in resblks field of structure */ 1866 in = inout.resblks; 1867 error = xfs_reserve_blocks(mp, &in, &inout); 1868 mnt_drop_write_file(filp); 1869 if (error) 1870 return error; 1871 1872 if (copy_to_user(arg, &inout, sizeof(inout))) 1873 return -EFAULT; 1874 return 0; 1875 } 1876 1877 case XFS_IOC_GET_RESBLKS: { 1878 xfs_fsop_resblks_t out; 1879 1880 if (!capable(CAP_SYS_ADMIN)) 1881 return -EPERM; 1882 1883 error = xfs_reserve_blocks(mp, NULL, &out); 1884 if (error) 1885 return error; 1886 1887 if (copy_to_user(arg, &out, sizeof(out))) 1888 return -EFAULT; 1889 1890 return 0; 1891 } 1892 1893 case XFS_IOC_FSGROWFSDATA: { 1894 xfs_growfs_data_t in; 1895 1896 if (copy_from_user(&in, arg, sizeof(in))) 1897 return -EFAULT; 1898 1899 error = mnt_want_write_file(filp); 1900 if (error) 1901 return error; 1902 error = xfs_growfs_data(mp, &in); 1903 mnt_drop_write_file(filp); 1904 return error; 1905 } 1906 1907 case XFS_IOC_FSGROWFSLOG: { 1908 xfs_growfs_log_t in; 1909 1910 if (copy_from_user(&in, arg, sizeof(in))) 1911 return -EFAULT; 1912 1913 error = mnt_want_write_file(filp); 1914 if (error) 1915 return error; 1916 error = xfs_growfs_log(mp, &in); 1917 mnt_drop_write_file(filp); 1918 return error; 1919 } 1920 1921 case XFS_IOC_FSGROWFSRT: { 1922 xfs_growfs_rt_t in; 1923 1924 if (copy_from_user(&in, arg, sizeof(in))) 1925 return -EFAULT; 1926 1927 error = mnt_want_write_file(filp); 1928 if (error) 1929 return error; 1930 error = xfs_growfs_rt(mp, &in); 1931 mnt_drop_write_file(filp); 1932 return error; 1933 } 1934 1935 case XFS_IOC_GOINGDOWN: { 1936 __uint32_t in; 1937 1938 if (!capable(CAP_SYS_ADMIN)) 1939 return -EPERM; 1940 1941 if (get_user(in, (__uint32_t __user *)arg)) 1942 return -EFAULT; 1943 1944 return xfs_fs_goingdown(mp, in); 1945 } 1946 1947 case XFS_IOC_ERROR_INJECTION: { 1948 xfs_error_injection_t in; 1949 1950 if (!capable(CAP_SYS_ADMIN)) 1951 return -EPERM; 1952 1953 if (copy_from_user(&in, arg, sizeof(in))) 1954 return -EFAULT; 1955 1956 return xfs_errortag_add(in.errtag, mp); 1957 } 1958 1959 case XFS_IOC_ERROR_CLEARALL: 1960 if (!capable(CAP_SYS_ADMIN)) 1961 return -EPERM; 1962 1963 return xfs_errortag_clearall(mp, 1); 1964 1965 case XFS_IOC_FREE_EOFBLOCKS: { 1966 struct xfs_fs_eofblocks eofb; 1967 struct xfs_eofblocks keofb; 1968 1969 if (!capable(CAP_SYS_ADMIN)) 1970 return -EPERM; 1971 1972 if (mp->m_flags & XFS_MOUNT_RDONLY) 1973 return -EROFS; 1974 1975 if (copy_from_user(&eofb, arg, sizeof(eofb))) 1976 return -EFAULT; 1977 1978 error = xfs_fs_eofblocks_from_user(&eofb, &keofb); 1979 if (error) 1980 return error; 1981 1982 return xfs_icache_free_eofblocks(mp, &keofb); 1983 } 1984 1985 default: 1986 return -ENOTTY; 1987 } 1988 } 1989