1 // SPDX-License-Identifier: GPL-2.0 2 #include <linux/capability.h> 3 #include <linux/compat.h> 4 #include <linux/blkdev.h> 5 #include <linux/export.h> 6 #include <linux/gfp.h> 7 #include <linux/blkpg.h> 8 #include <linux/hdreg.h> 9 #include <linux/backing-dev.h> 10 #include <linux/fs.h> 11 #include <linux/blktrace_api.h> 12 #include <linux/pr.h> 13 #include <linux/uaccess.h> 14 #include "blk.h" 15 16 static int blkpg_do_ioctl(struct block_device *bdev, 17 struct blkpg_partition __user *upart, int op) 18 { 19 struct gendisk *disk = bdev->bd_disk; 20 struct blkpg_partition p; 21 long long start, length; 22 23 if (!capable(CAP_SYS_ADMIN)) 24 return -EACCES; 25 if (copy_from_user(&p, upart, sizeof(struct blkpg_partition))) 26 return -EFAULT; 27 if (bdev_is_partition(bdev)) 28 return -EINVAL; 29 30 if (p.pno <= 0) 31 return -EINVAL; 32 33 if (op == BLKPG_DEL_PARTITION) 34 return bdev_del_partition(disk, p.pno); 35 36 start = p.start >> SECTOR_SHIFT; 37 length = p.length >> SECTOR_SHIFT; 38 39 switch (op) { 40 case BLKPG_ADD_PARTITION: 41 /* check if partition is aligned to blocksize */ 42 if (p.start & (bdev_logical_block_size(bdev) - 1)) 43 return -EINVAL; 44 return bdev_add_partition(disk, p.pno, start, length); 45 case BLKPG_RESIZE_PARTITION: 46 return bdev_resize_partition(disk, p.pno, start, length); 47 default: 48 return -EINVAL; 49 } 50 } 51 52 static int blkpg_ioctl(struct block_device *bdev, 53 struct blkpg_ioctl_arg __user *arg) 54 { 55 struct blkpg_partition __user *udata; 56 int op; 57 58 if (get_user(op, &arg->op) || get_user(udata, &arg->data)) 59 return -EFAULT; 60 61 return blkpg_do_ioctl(bdev, udata, op); 62 } 63 64 #ifdef CONFIG_COMPAT 65 struct compat_blkpg_ioctl_arg { 66 compat_int_t op; 67 compat_int_t flags; 68 compat_int_t datalen; 69 compat_caddr_t data; 70 }; 71 72 static int compat_blkpg_ioctl(struct block_device *bdev, 73 struct compat_blkpg_ioctl_arg __user *arg) 74 { 75 compat_caddr_t udata; 76 int op; 77 78 if (get_user(op, &arg->op) || get_user(udata, &arg->data)) 79 return -EFAULT; 80 81 return blkpg_do_ioctl(bdev, compat_ptr(udata), op); 82 } 83 #endif 84 85 static int blkdev_reread_part(struct block_device *bdev, fmode_t mode) 86 { 87 struct block_device *tmp; 88 89 if (!disk_part_scan_enabled(bdev->bd_disk) || bdev_is_partition(bdev)) 90 return -EINVAL; 91 if (!capable(CAP_SYS_ADMIN)) 92 return -EACCES; 93 if (bdev->bd_disk->open_partitions) 94 return -EBUSY; 95 96 /* 97 * Reopen the device to revalidate the driver state and force a 98 * partition rescan. 99 */ 100 mode &= ~FMODE_EXCL; 101 set_bit(GD_NEED_PART_SCAN, &bdev->bd_disk->state); 102 103 tmp = blkdev_get_by_dev(bdev->bd_dev, mode, NULL); 104 if (IS_ERR(tmp)) 105 return PTR_ERR(tmp); 106 blkdev_put(tmp, mode); 107 return 0; 108 } 109 110 static int blk_ioctl_discard(struct block_device *bdev, fmode_t mode, 111 unsigned long arg, unsigned long flags) 112 { 113 uint64_t range[2]; 114 uint64_t start, len; 115 struct request_queue *q = bdev_get_queue(bdev); 116 struct inode *inode = bdev->bd_inode; 117 int err; 118 119 if (!(mode & FMODE_WRITE)) 120 return -EBADF; 121 122 if (!blk_queue_discard(q)) 123 return -EOPNOTSUPP; 124 125 if (copy_from_user(range, (void __user *)arg, sizeof(range))) 126 return -EFAULT; 127 128 start = range[0]; 129 len = range[1]; 130 131 if (start & 511) 132 return -EINVAL; 133 if (len & 511) 134 return -EINVAL; 135 136 if (start + len > bdev_nr_bytes(bdev)) 137 return -EINVAL; 138 139 filemap_invalidate_lock(inode->i_mapping); 140 err = truncate_bdev_range(bdev, mode, start, start + len - 1); 141 if (err) 142 goto fail; 143 144 err = blkdev_issue_discard(bdev, start >> 9, len >> 9, 145 GFP_KERNEL, flags); 146 147 fail: 148 filemap_invalidate_unlock(inode->i_mapping); 149 return err; 150 } 151 152 static int blk_ioctl_zeroout(struct block_device *bdev, fmode_t mode, 153 unsigned long arg) 154 { 155 uint64_t range[2]; 156 uint64_t start, end, len; 157 struct inode *inode = bdev->bd_inode; 158 int err; 159 160 if (!(mode & FMODE_WRITE)) 161 return -EBADF; 162 163 if (copy_from_user(range, (void __user *)arg, sizeof(range))) 164 return -EFAULT; 165 166 start = range[0]; 167 len = range[1]; 168 end = start + len - 1; 169 170 if (start & 511) 171 return -EINVAL; 172 if (len & 511) 173 return -EINVAL; 174 if (end >= (uint64_t)bdev_nr_bytes(bdev)) 175 return -EINVAL; 176 if (end < start) 177 return -EINVAL; 178 179 /* Invalidate the page cache, including dirty pages */ 180 filemap_invalidate_lock(inode->i_mapping); 181 err = truncate_bdev_range(bdev, mode, start, end); 182 if (err) 183 goto fail; 184 185 err = blkdev_issue_zeroout(bdev, start >> 9, len >> 9, GFP_KERNEL, 186 BLKDEV_ZERO_NOUNMAP); 187 188 fail: 189 filemap_invalidate_unlock(inode->i_mapping); 190 return err; 191 } 192 193 static int put_ushort(unsigned short __user *argp, unsigned short val) 194 { 195 return put_user(val, argp); 196 } 197 198 static int put_int(int __user *argp, int val) 199 { 200 return put_user(val, argp); 201 } 202 203 static int put_uint(unsigned int __user *argp, unsigned int val) 204 { 205 return put_user(val, argp); 206 } 207 208 static int put_long(long __user *argp, long val) 209 { 210 return put_user(val, argp); 211 } 212 213 static int put_ulong(unsigned long __user *argp, unsigned long val) 214 { 215 return put_user(val, argp); 216 } 217 218 static int put_u64(u64 __user *argp, u64 val) 219 { 220 return put_user(val, argp); 221 } 222 223 #ifdef CONFIG_COMPAT 224 static int compat_put_long(compat_long_t __user *argp, long val) 225 { 226 return put_user(val, argp); 227 } 228 229 static int compat_put_ulong(compat_ulong_t __user *argp, compat_ulong_t val) 230 { 231 return put_user(val, argp); 232 } 233 #endif 234 235 #ifdef CONFIG_COMPAT 236 /* 237 * This is the equivalent of compat_ptr_ioctl(), to be used by block 238 * drivers that implement only commands that are completely compatible 239 * between 32-bit and 64-bit user space 240 */ 241 int blkdev_compat_ptr_ioctl(struct block_device *bdev, fmode_t mode, 242 unsigned cmd, unsigned long arg) 243 { 244 struct gendisk *disk = bdev->bd_disk; 245 246 if (disk->fops->ioctl) 247 return disk->fops->ioctl(bdev, mode, cmd, 248 (unsigned long)compat_ptr(arg)); 249 250 return -ENOIOCTLCMD; 251 } 252 EXPORT_SYMBOL(blkdev_compat_ptr_ioctl); 253 #endif 254 255 static int blkdev_pr_register(struct block_device *bdev, 256 struct pr_registration __user *arg) 257 { 258 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 259 struct pr_registration reg; 260 261 if (!capable(CAP_SYS_ADMIN)) 262 return -EPERM; 263 if (!ops || !ops->pr_register) 264 return -EOPNOTSUPP; 265 if (copy_from_user(®, arg, sizeof(reg))) 266 return -EFAULT; 267 268 if (reg.flags & ~PR_FL_IGNORE_KEY) 269 return -EOPNOTSUPP; 270 return ops->pr_register(bdev, reg.old_key, reg.new_key, reg.flags); 271 } 272 273 static int blkdev_pr_reserve(struct block_device *bdev, 274 struct pr_reservation __user *arg) 275 { 276 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 277 struct pr_reservation rsv; 278 279 if (!capable(CAP_SYS_ADMIN)) 280 return -EPERM; 281 if (!ops || !ops->pr_reserve) 282 return -EOPNOTSUPP; 283 if (copy_from_user(&rsv, arg, sizeof(rsv))) 284 return -EFAULT; 285 286 if (rsv.flags & ~PR_FL_IGNORE_KEY) 287 return -EOPNOTSUPP; 288 return ops->pr_reserve(bdev, rsv.key, rsv.type, rsv.flags); 289 } 290 291 static int blkdev_pr_release(struct block_device *bdev, 292 struct pr_reservation __user *arg) 293 { 294 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 295 struct pr_reservation rsv; 296 297 if (!capable(CAP_SYS_ADMIN)) 298 return -EPERM; 299 if (!ops || !ops->pr_release) 300 return -EOPNOTSUPP; 301 if (copy_from_user(&rsv, arg, sizeof(rsv))) 302 return -EFAULT; 303 304 if (rsv.flags) 305 return -EOPNOTSUPP; 306 return ops->pr_release(bdev, rsv.key, rsv.type); 307 } 308 309 static int blkdev_pr_preempt(struct block_device *bdev, 310 struct pr_preempt __user *arg, bool abort) 311 { 312 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 313 struct pr_preempt p; 314 315 if (!capable(CAP_SYS_ADMIN)) 316 return -EPERM; 317 if (!ops || !ops->pr_preempt) 318 return -EOPNOTSUPP; 319 if (copy_from_user(&p, arg, sizeof(p))) 320 return -EFAULT; 321 322 if (p.flags) 323 return -EOPNOTSUPP; 324 return ops->pr_preempt(bdev, p.old_key, p.new_key, p.type, abort); 325 } 326 327 static int blkdev_pr_clear(struct block_device *bdev, 328 struct pr_clear __user *arg) 329 { 330 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 331 struct pr_clear c; 332 333 if (!capable(CAP_SYS_ADMIN)) 334 return -EPERM; 335 if (!ops || !ops->pr_clear) 336 return -EOPNOTSUPP; 337 if (copy_from_user(&c, arg, sizeof(c))) 338 return -EFAULT; 339 340 if (c.flags) 341 return -EOPNOTSUPP; 342 return ops->pr_clear(bdev, c.key); 343 } 344 345 static int blkdev_flushbuf(struct block_device *bdev, fmode_t mode, 346 unsigned cmd, unsigned long arg) 347 { 348 if (!capable(CAP_SYS_ADMIN)) 349 return -EACCES; 350 fsync_bdev(bdev); 351 invalidate_bdev(bdev); 352 return 0; 353 } 354 355 static int blkdev_roset(struct block_device *bdev, fmode_t mode, 356 unsigned cmd, unsigned long arg) 357 { 358 int ret, n; 359 360 if (!capable(CAP_SYS_ADMIN)) 361 return -EACCES; 362 363 if (get_user(n, (int __user *)arg)) 364 return -EFAULT; 365 if (bdev->bd_disk->fops->set_read_only) { 366 ret = bdev->bd_disk->fops->set_read_only(bdev, n); 367 if (ret) 368 return ret; 369 } 370 bdev->bd_read_only = n; 371 return 0; 372 } 373 374 static int blkdev_getgeo(struct block_device *bdev, 375 struct hd_geometry __user *argp) 376 { 377 struct gendisk *disk = bdev->bd_disk; 378 struct hd_geometry geo; 379 int ret; 380 381 if (!argp) 382 return -EINVAL; 383 if (!disk->fops->getgeo) 384 return -ENOTTY; 385 386 /* 387 * We need to set the startsect first, the driver may 388 * want to override it. 389 */ 390 memset(&geo, 0, sizeof(geo)); 391 geo.start = get_start_sect(bdev); 392 ret = disk->fops->getgeo(bdev, &geo); 393 if (ret) 394 return ret; 395 if (copy_to_user(argp, &geo, sizeof(geo))) 396 return -EFAULT; 397 return 0; 398 } 399 400 #ifdef CONFIG_COMPAT 401 struct compat_hd_geometry { 402 unsigned char heads; 403 unsigned char sectors; 404 unsigned short cylinders; 405 u32 start; 406 }; 407 408 static int compat_hdio_getgeo(struct block_device *bdev, 409 struct compat_hd_geometry __user *ugeo) 410 { 411 struct gendisk *disk = bdev->bd_disk; 412 struct hd_geometry geo; 413 int ret; 414 415 if (!ugeo) 416 return -EINVAL; 417 if (!disk->fops->getgeo) 418 return -ENOTTY; 419 420 memset(&geo, 0, sizeof(geo)); 421 /* 422 * We need to set the startsect first, the driver may 423 * want to override it. 424 */ 425 geo.start = get_start_sect(bdev); 426 ret = disk->fops->getgeo(bdev, &geo); 427 if (ret) 428 return ret; 429 430 ret = copy_to_user(ugeo, &geo, 4); 431 ret |= put_user(geo.start, &ugeo->start); 432 if (ret) 433 ret = -EFAULT; 434 435 return ret; 436 } 437 #endif 438 439 /* set the logical block size */ 440 static int blkdev_bszset(struct block_device *bdev, fmode_t mode, 441 int __user *argp) 442 { 443 int ret, n; 444 445 if (!capable(CAP_SYS_ADMIN)) 446 return -EACCES; 447 if (!argp) 448 return -EINVAL; 449 if (get_user(n, argp)) 450 return -EFAULT; 451 452 if (mode & FMODE_EXCL) 453 return set_blocksize(bdev, n); 454 455 if (IS_ERR(blkdev_get_by_dev(bdev->bd_dev, mode | FMODE_EXCL, &bdev))) 456 return -EBUSY; 457 ret = set_blocksize(bdev, n); 458 blkdev_put(bdev, mode | FMODE_EXCL); 459 460 return ret; 461 } 462 463 /* 464 * Common commands that are handled the same way on native and compat 465 * user space. Note the separate arg/argp parameters that are needed 466 * to deal with the compat_ptr() conversion. 467 */ 468 static int blkdev_common_ioctl(struct block_device *bdev, fmode_t mode, 469 unsigned cmd, unsigned long arg, void __user *argp) 470 { 471 unsigned int max_sectors; 472 473 switch (cmd) { 474 case BLKFLSBUF: 475 return blkdev_flushbuf(bdev, mode, cmd, arg); 476 case BLKROSET: 477 return blkdev_roset(bdev, mode, cmd, arg); 478 case BLKDISCARD: 479 return blk_ioctl_discard(bdev, mode, arg, 0); 480 case BLKSECDISCARD: 481 return blk_ioctl_discard(bdev, mode, arg, 482 BLKDEV_DISCARD_SECURE); 483 case BLKZEROOUT: 484 return blk_ioctl_zeroout(bdev, mode, arg); 485 case BLKGETDISKSEQ: 486 return put_u64(argp, bdev->bd_disk->diskseq); 487 case BLKREPORTZONE: 488 return blkdev_report_zones_ioctl(bdev, mode, cmd, arg); 489 case BLKRESETZONE: 490 case BLKOPENZONE: 491 case BLKCLOSEZONE: 492 case BLKFINISHZONE: 493 return blkdev_zone_mgmt_ioctl(bdev, mode, cmd, arg); 494 case BLKGETZONESZ: 495 return put_uint(argp, bdev_zone_sectors(bdev)); 496 case BLKGETNRZONES: 497 return put_uint(argp, blkdev_nr_zones(bdev->bd_disk)); 498 case BLKROGET: 499 return put_int(argp, bdev_read_only(bdev) != 0); 500 case BLKSSZGET: /* get block device logical block size */ 501 return put_int(argp, bdev_logical_block_size(bdev)); 502 case BLKPBSZGET: /* get block device physical block size */ 503 return put_uint(argp, bdev_physical_block_size(bdev)); 504 case BLKIOMIN: 505 return put_uint(argp, bdev_io_min(bdev)); 506 case BLKIOOPT: 507 return put_uint(argp, bdev_io_opt(bdev)); 508 case BLKALIGNOFF: 509 return put_int(argp, bdev_alignment_offset(bdev)); 510 case BLKDISCARDZEROES: 511 return put_uint(argp, 0); 512 case BLKSECTGET: 513 max_sectors = min_t(unsigned int, USHRT_MAX, 514 queue_max_sectors(bdev_get_queue(bdev))); 515 return put_ushort(argp, max_sectors); 516 case BLKROTATIONAL: 517 return put_ushort(argp, !blk_queue_nonrot(bdev_get_queue(bdev))); 518 case BLKRASET: 519 case BLKFRASET: 520 if(!capable(CAP_SYS_ADMIN)) 521 return -EACCES; 522 bdev->bd_disk->bdi->ra_pages = (arg * 512) / PAGE_SIZE; 523 return 0; 524 case BLKRRPART: 525 return blkdev_reread_part(bdev, mode); 526 case BLKTRACESTART: 527 case BLKTRACESTOP: 528 case BLKTRACETEARDOWN: 529 return blk_trace_ioctl(bdev, cmd, argp); 530 case IOC_PR_REGISTER: 531 return blkdev_pr_register(bdev, argp); 532 case IOC_PR_RESERVE: 533 return blkdev_pr_reserve(bdev, argp); 534 case IOC_PR_RELEASE: 535 return blkdev_pr_release(bdev, argp); 536 case IOC_PR_PREEMPT: 537 return blkdev_pr_preempt(bdev, argp, false); 538 case IOC_PR_PREEMPT_ABORT: 539 return blkdev_pr_preempt(bdev, argp, true); 540 case IOC_PR_CLEAR: 541 return blkdev_pr_clear(bdev, argp); 542 default: 543 return -ENOIOCTLCMD; 544 } 545 } 546 547 /* 548 * Always keep this in sync with compat_blkdev_ioctl() 549 * to handle all incompatible commands in both functions. 550 * 551 * New commands must be compatible and go into blkdev_common_ioctl 552 */ 553 long blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg) 554 { 555 struct block_device *bdev = I_BDEV(file->f_mapping->host); 556 void __user *argp = (void __user *)arg; 557 fmode_t mode = file->f_mode; 558 int ret; 559 560 /* 561 * O_NDELAY can be altered using fcntl(.., F_SETFL, ..), so we have 562 * to updated it before every ioctl. 563 */ 564 if (file->f_flags & O_NDELAY) 565 mode |= FMODE_NDELAY; 566 else 567 mode &= ~FMODE_NDELAY; 568 569 switch (cmd) { 570 /* These need separate implementations for the data structure */ 571 case HDIO_GETGEO: 572 return blkdev_getgeo(bdev, argp); 573 case BLKPG: 574 return blkpg_ioctl(bdev, argp); 575 576 /* Compat mode returns 32-bit data instead of 'long' */ 577 case BLKRAGET: 578 case BLKFRAGET: 579 if (!argp) 580 return -EINVAL; 581 return put_long(argp, 582 (bdev->bd_disk->bdi->ra_pages * PAGE_SIZE) / 512); 583 case BLKGETSIZE: 584 if (bdev_nr_sectors(bdev) > ~0UL) 585 return -EFBIG; 586 return put_ulong(argp, bdev_nr_sectors(bdev)); 587 588 /* The data is compatible, but the command number is different */ 589 case BLKBSZGET: /* get block device soft block size (cf. BLKSSZGET) */ 590 return put_int(argp, block_size(bdev)); 591 case BLKBSZSET: 592 return blkdev_bszset(bdev, mode, argp); 593 case BLKGETSIZE64: 594 return put_u64(argp, bdev_nr_bytes(bdev)); 595 596 /* Incompatible alignment on i386 */ 597 case BLKTRACESETUP: 598 return blk_trace_ioctl(bdev, cmd, argp); 599 default: 600 break; 601 } 602 603 ret = blkdev_common_ioctl(bdev, mode, cmd, arg, argp); 604 if (ret != -ENOIOCTLCMD) 605 return ret; 606 607 if (!bdev->bd_disk->fops->ioctl) 608 return -ENOTTY; 609 return bdev->bd_disk->fops->ioctl(bdev, mode, cmd, arg); 610 } 611 612 #ifdef CONFIG_COMPAT 613 614 #define BLKBSZGET_32 _IOR(0x12, 112, int) 615 #define BLKBSZSET_32 _IOW(0x12, 113, int) 616 #define BLKGETSIZE64_32 _IOR(0x12, 114, int) 617 618 /* Most of the generic ioctls are handled in the normal fallback path. 619 This assumes the blkdev's low level compat_ioctl always returns 620 ENOIOCTLCMD for unknown ioctls. */ 621 long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg) 622 { 623 int ret; 624 void __user *argp = compat_ptr(arg); 625 struct block_device *bdev = I_BDEV(file->f_mapping->host); 626 struct gendisk *disk = bdev->bd_disk; 627 fmode_t mode = file->f_mode; 628 629 /* 630 * O_NDELAY can be altered using fcntl(.., F_SETFL, ..), so we have 631 * to updated it before every ioctl. 632 */ 633 if (file->f_flags & O_NDELAY) 634 mode |= FMODE_NDELAY; 635 else 636 mode &= ~FMODE_NDELAY; 637 638 switch (cmd) { 639 /* These need separate implementations for the data structure */ 640 case HDIO_GETGEO: 641 return compat_hdio_getgeo(bdev, argp); 642 case BLKPG: 643 return compat_blkpg_ioctl(bdev, argp); 644 645 /* Compat mode returns 32-bit data instead of 'long' */ 646 case BLKRAGET: 647 case BLKFRAGET: 648 if (!argp) 649 return -EINVAL; 650 return compat_put_long(argp, 651 (bdev->bd_disk->bdi->ra_pages * PAGE_SIZE) / 512); 652 case BLKGETSIZE: 653 if (bdev_nr_sectors(bdev) > ~0UL) 654 return -EFBIG; 655 return compat_put_ulong(argp, bdev_nr_sectors(bdev)); 656 657 /* The data is compatible, but the command number is different */ 658 case BLKBSZGET_32: /* get the logical block size (cf. BLKSSZGET) */ 659 return put_int(argp, bdev_logical_block_size(bdev)); 660 case BLKBSZSET_32: 661 return blkdev_bszset(bdev, mode, argp); 662 case BLKGETSIZE64_32: 663 return put_u64(argp, bdev_nr_bytes(bdev)); 664 665 /* Incompatible alignment on i386 */ 666 case BLKTRACESETUP32: 667 return blk_trace_ioctl(bdev, cmd, argp); 668 default: 669 break; 670 } 671 672 ret = blkdev_common_ioctl(bdev, mode, cmd, arg, argp); 673 if (ret == -ENOIOCTLCMD && disk->fops->compat_ioctl) 674 ret = disk->fops->compat_ioctl(bdev, mode, cmd, arg); 675 676 return ret; 677 } 678 #endif 679