1 // SPDX-License-Identifier: GPL-2.0 2 #include <linux/capability.h> 3 #include <linux/compat.h> 4 #include <linux/blkdev.h> 5 #include <linux/export.h> 6 #include <linux/gfp.h> 7 #include <linux/blkpg.h> 8 #include <linux/hdreg.h> 9 #include <linux/backing-dev.h> 10 #include <linux/fs.h> 11 #include <linux/blktrace_api.h> 12 #include <linux/pr.h> 13 #include <linux/uaccess.h> 14 #include "blk.h" 15 16 static int blkpg_do_ioctl(struct block_device *bdev, 17 struct blkpg_partition __user *upart, int op) 18 { 19 struct gendisk *disk = bdev->bd_disk; 20 struct blkpg_partition p; 21 sector_t start, length; 22 23 if (!capable(CAP_SYS_ADMIN)) 24 return -EACCES; 25 if (copy_from_user(&p, upart, sizeof(struct blkpg_partition))) 26 return -EFAULT; 27 if (bdev_is_partition(bdev)) 28 return -EINVAL; 29 30 if (p.pno <= 0) 31 return -EINVAL; 32 33 if (op == BLKPG_DEL_PARTITION) 34 return bdev_del_partition(disk, p.pno); 35 36 if (p.start < 0 || p.length <= 0 || p.start + p.length < 0) 37 return -EINVAL; 38 /* Check that the partition is aligned to the block size */ 39 if (!IS_ALIGNED(p.start | p.length, bdev_logical_block_size(bdev))) 40 return -EINVAL; 41 42 start = p.start >> SECTOR_SHIFT; 43 length = p.length >> SECTOR_SHIFT; 44 45 switch (op) { 46 case BLKPG_ADD_PARTITION: 47 return bdev_add_partition(disk, p.pno, start, length); 48 case BLKPG_RESIZE_PARTITION: 49 return bdev_resize_partition(disk, p.pno, start, length); 50 default: 51 return -EINVAL; 52 } 53 } 54 55 static int blkpg_ioctl(struct block_device *bdev, 56 struct blkpg_ioctl_arg __user *arg) 57 { 58 struct blkpg_partition __user *udata; 59 int op; 60 61 if (get_user(op, &arg->op) || get_user(udata, &arg->data)) 62 return -EFAULT; 63 64 return blkpg_do_ioctl(bdev, udata, op); 65 } 66 67 #ifdef CONFIG_COMPAT 68 struct compat_blkpg_ioctl_arg { 69 compat_int_t op; 70 compat_int_t flags; 71 compat_int_t datalen; 72 compat_caddr_t data; 73 }; 74 75 static int compat_blkpg_ioctl(struct block_device *bdev, 76 struct compat_blkpg_ioctl_arg __user *arg) 77 { 78 compat_caddr_t udata; 79 int op; 80 81 if (get_user(op, &arg->op) || get_user(udata, &arg->data)) 82 return -EFAULT; 83 84 return blkpg_do_ioctl(bdev, compat_ptr(udata), op); 85 } 86 #endif 87 88 static int blk_ioctl_discard(struct block_device *bdev, blk_mode_t mode, 89 unsigned long arg) 90 { 91 uint64_t range[2]; 92 uint64_t start, len; 93 struct inode *inode = bdev->bd_inode; 94 int err; 95 96 if (!(mode & BLK_OPEN_WRITE)) 97 return -EBADF; 98 99 if (!bdev_max_discard_sectors(bdev)) 100 return -EOPNOTSUPP; 101 102 if (copy_from_user(range, (void __user *)arg, sizeof(range))) 103 return -EFAULT; 104 105 start = range[0]; 106 len = range[1]; 107 108 if (start & 511) 109 return -EINVAL; 110 if (len & 511) 111 return -EINVAL; 112 113 if (start + len > bdev_nr_bytes(bdev)) 114 return -EINVAL; 115 116 filemap_invalidate_lock(inode->i_mapping); 117 err = truncate_bdev_range(bdev, mode, start, start + len - 1); 118 if (err) 119 goto fail; 120 err = blkdev_issue_discard(bdev, start >> 9, len >> 9, GFP_KERNEL); 121 fail: 122 filemap_invalidate_unlock(inode->i_mapping); 123 return err; 124 } 125 126 static int blk_ioctl_secure_erase(struct block_device *bdev, blk_mode_t mode, 127 void __user *argp) 128 { 129 uint64_t start, len; 130 uint64_t range[2]; 131 int err; 132 133 if (!(mode & BLK_OPEN_WRITE)) 134 return -EBADF; 135 if (!bdev_max_secure_erase_sectors(bdev)) 136 return -EOPNOTSUPP; 137 if (copy_from_user(range, argp, sizeof(range))) 138 return -EFAULT; 139 140 start = range[0]; 141 len = range[1]; 142 if ((start & 511) || (len & 511)) 143 return -EINVAL; 144 if (start + len > bdev_nr_bytes(bdev)) 145 return -EINVAL; 146 147 filemap_invalidate_lock(bdev->bd_inode->i_mapping); 148 err = truncate_bdev_range(bdev, mode, start, start + len - 1); 149 if (!err) 150 err = blkdev_issue_secure_erase(bdev, start >> 9, len >> 9, 151 GFP_KERNEL); 152 filemap_invalidate_unlock(bdev->bd_inode->i_mapping); 153 return err; 154 } 155 156 157 static int blk_ioctl_zeroout(struct block_device *bdev, blk_mode_t mode, 158 unsigned long arg) 159 { 160 uint64_t range[2]; 161 uint64_t start, end, len; 162 struct inode *inode = bdev->bd_inode; 163 int err; 164 165 if (!(mode & BLK_OPEN_WRITE)) 166 return -EBADF; 167 168 if (copy_from_user(range, (void __user *)arg, sizeof(range))) 169 return -EFAULT; 170 171 start = range[0]; 172 len = range[1]; 173 end = start + len - 1; 174 175 if (start & 511) 176 return -EINVAL; 177 if (len & 511) 178 return -EINVAL; 179 if (end >= (uint64_t)bdev_nr_bytes(bdev)) 180 return -EINVAL; 181 if (end < start) 182 return -EINVAL; 183 184 /* Invalidate the page cache, including dirty pages */ 185 filemap_invalidate_lock(inode->i_mapping); 186 err = truncate_bdev_range(bdev, mode, start, end); 187 if (err) 188 goto fail; 189 190 err = blkdev_issue_zeroout(bdev, start >> 9, len >> 9, GFP_KERNEL, 191 BLKDEV_ZERO_NOUNMAP); 192 193 fail: 194 filemap_invalidate_unlock(inode->i_mapping); 195 return err; 196 } 197 198 static int put_ushort(unsigned short __user *argp, unsigned short val) 199 { 200 return put_user(val, argp); 201 } 202 203 static int put_int(int __user *argp, int val) 204 { 205 return put_user(val, argp); 206 } 207 208 static int put_uint(unsigned int __user *argp, unsigned int val) 209 { 210 return put_user(val, argp); 211 } 212 213 static int put_long(long __user *argp, long val) 214 { 215 return put_user(val, argp); 216 } 217 218 static int put_ulong(unsigned long __user *argp, unsigned long val) 219 { 220 return put_user(val, argp); 221 } 222 223 static int put_u64(u64 __user *argp, u64 val) 224 { 225 return put_user(val, argp); 226 } 227 228 #ifdef CONFIG_COMPAT 229 static int compat_put_long(compat_long_t __user *argp, long val) 230 { 231 return put_user(val, argp); 232 } 233 234 static int compat_put_ulong(compat_ulong_t __user *argp, compat_ulong_t val) 235 { 236 return put_user(val, argp); 237 } 238 #endif 239 240 #ifdef CONFIG_COMPAT 241 /* 242 * This is the equivalent of compat_ptr_ioctl(), to be used by block 243 * drivers that implement only commands that are completely compatible 244 * between 32-bit and 64-bit user space 245 */ 246 int blkdev_compat_ptr_ioctl(struct block_device *bdev, blk_mode_t mode, 247 unsigned cmd, unsigned long arg) 248 { 249 struct gendisk *disk = bdev->bd_disk; 250 251 if (disk->fops->ioctl) 252 return disk->fops->ioctl(bdev, mode, cmd, 253 (unsigned long)compat_ptr(arg)); 254 255 return -ENOIOCTLCMD; 256 } 257 EXPORT_SYMBOL(blkdev_compat_ptr_ioctl); 258 #endif 259 260 static bool blkdev_pr_allowed(struct block_device *bdev, blk_mode_t mode) 261 { 262 /* no sense to make reservations for partitions */ 263 if (bdev_is_partition(bdev)) 264 return false; 265 266 if (capable(CAP_SYS_ADMIN)) 267 return true; 268 /* 269 * Only allow unprivileged reservations if the file descriptor is open 270 * for writing. 271 */ 272 return mode & BLK_OPEN_WRITE; 273 } 274 275 static int blkdev_pr_register(struct block_device *bdev, blk_mode_t mode, 276 struct pr_registration __user *arg) 277 { 278 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 279 struct pr_registration reg; 280 281 if (!blkdev_pr_allowed(bdev, mode)) 282 return -EPERM; 283 if (!ops || !ops->pr_register) 284 return -EOPNOTSUPP; 285 if (copy_from_user(®, arg, sizeof(reg))) 286 return -EFAULT; 287 288 if (reg.flags & ~PR_FL_IGNORE_KEY) 289 return -EOPNOTSUPP; 290 return ops->pr_register(bdev, reg.old_key, reg.new_key, reg.flags); 291 } 292 293 static int blkdev_pr_reserve(struct block_device *bdev, blk_mode_t mode, 294 struct pr_reservation __user *arg) 295 { 296 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 297 struct pr_reservation rsv; 298 299 if (!blkdev_pr_allowed(bdev, mode)) 300 return -EPERM; 301 if (!ops || !ops->pr_reserve) 302 return -EOPNOTSUPP; 303 if (copy_from_user(&rsv, arg, sizeof(rsv))) 304 return -EFAULT; 305 306 if (rsv.flags & ~PR_FL_IGNORE_KEY) 307 return -EOPNOTSUPP; 308 return ops->pr_reserve(bdev, rsv.key, rsv.type, rsv.flags); 309 } 310 311 static int blkdev_pr_release(struct block_device *bdev, blk_mode_t mode, 312 struct pr_reservation __user *arg) 313 { 314 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 315 struct pr_reservation rsv; 316 317 if (!blkdev_pr_allowed(bdev, mode)) 318 return -EPERM; 319 if (!ops || !ops->pr_release) 320 return -EOPNOTSUPP; 321 if (copy_from_user(&rsv, arg, sizeof(rsv))) 322 return -EFAULT; 323 324 if (rsv.flags) 325 return -EOPNOTSUPP; 326 return ops->pr_release(bdev, rsv.key, rsv.type); 327 } 328 329 static int blkdev_pr_preempt(struct block_device *bdev, blk_mode_t mode, 330 struct pr_preempt __user *arg, bool abort) 331 { 332 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 333 struct pr_preempt p; 334 335 if (!blkdev_pr_allowed(bdev, mode)) 336 return -EPERM; 337 if (!ops || !ops->pr_preempt) 338 return -EOPNOTSUPP; 339 if (copy_from_user(&p, arg, sizeof(p))) 340 return -EFAULT; 341 342 if (p.flags) 343 return -EOPNOTSUPP; 344 return ops->pr_preempt(bdev, p.old_key, p.new_key, p.type, abort); 345 } 346 347 static int blkdev_pr_clear(struct block_device *bdev, blk_mode_t mode, 348 struct pr_clear __user *arg) 349 { 350 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 351 struct pr_clear c; 352 353 if (!blkdev_pr_allowed(bdev, mode)) 354 return -EPERM; 355 if (!ops || !ops->pr_clear) 356 return -EOPNOTSUPP; 357 if (copy_from_user(&c, arg, sizeof(c))) 358 return -EFAULT; 359 360 if (c.flags) 361 return -EOPNOTSUPP; 362 return ops->pr_clear(bdev, c.key); 363 } 364 365 static int blkdev_flushbuf(struct block_device *bdev, unsigned cmd, 366 unsigned long arg) 367 { 368 if (!capable(CAP_SYS_ADMIN)) 369 return -EACCES; 370 371 mutex_lock(&bdev->bd_holder_lock); 372 if (bdev->bd_holder_ops && bdev->bd_holder_ops->sync) 373 bdev->bd_holder_ops->sync(bdev); 374 else { 375 mutex_unlock(&bdev->bd_holder_lock); 376 sync_blockdev(bdev); 377 } 378 379 invalidate_bdev(bdev); 380 return 0; 381 } 382 383 static int blkdev_roset(struct block_device *bdev, unsigned cmd, 384 unsigned long arg) 385 { 386 int ret, n; 387 388 if (!capable(CAP_SYS_ADMIN)) 389 return -EACCES; 390 391 if (get_user(n, (int __user *)arg)) 392 return -EFAULT; 393 if (bdev->bd_disk->fops->set_read_only) { 394 ret = bdev->bd_disk->fops->set_read_only(bdev, n); 395 if (ret) 396 return ret; 397 } 398 bdev->bd_read_only = n; 399 return 0; 400 } 401 402 static int blkdev_getgeo(struct block_device *bdev, 403 struct hd_geometry __user *argp) 404 { 405 struct gendisk *disk = bdev->bd_disk; 406 struct hd_geometry geo; 407 int ret; 408 409 if (!argp) 410 return -EINVAL; 411 if (!disk->fops->getgeo) 412 return -ENOTTY; 413 414 /* 415 * We need to set the startsect first, the driver may 416 * want to override it. 417 */ 418 memset(&geo, 0, sizeof(geo)); 419 geo.start = get_start_sect(bdev); 420 ret = disk->fops->getgeo(bdev, &geo); 421 if (ret) 422 return ret; 423 if (copy_to_user(argp, &geo, sizeof(geo))) 424 return -EFAULT; 425 return 0; 426 } 427 428 #ifdef CONFIG_COMPAT 429 struct compat_hd_geometry { 430 unsigned char heads; 431 unsigned char sectors; 432 unsigned short cylinders; 433 u32 start; 434 }; 435 436 static int compat_hdio_getgeo(struct block_device *bdev, 437 struct compat_hd_geometry __user *ugeo) 438 { 439 struct gendisk *disk = bdev->bd_disk; 440 struct hd_geometry geo; 441 int ret; 442 443 if (!ugeo) 444 return -EINVAL; 445 if (!disk->fops->getgeo) 446 return -ENOTTY; 447 448 memset(&geo, 0, sizeof(geo)); 449 /* 450 * We need to set the startsect first, the driver may 451 * want to override it. 452 */ 453 geo.start = get_start_sect(bdev); 454 ret = disk->fops->getgeo(bdev, &geo); 455 if (ret) 456 return ret; 457 458 ret = copy_to_user(ugeo, &geo, 4); 459 ret |= put_user(geo.start, &ugeo->start); 460 if (ret) 461 ret = -EFAULT; 462 463 return ret; 464 } 465 #endif 466 467 /* set the logical block size */ 468 static int blkdev_bszset(struct block_device *bdev, blk_mode_t mode, 469 int __user *argp) 470 { 471 int ret, n; 472 struct bdev_handle *handle; 473 474 if (!capable(CAP_SYS_ADMIN)) 475 return -EACCES; 476 if (!argp) 477 return -EINVAL; 478 if (get_user(n, argp)) 479 return -EFAULT; 480 481 if (mode & BLK_OPEN_EXCL) 482 return set_blocksize(bdev, n); 483 484 handle = bdev_open_by_dev(bdev->bd_dev, mode, &bdev, NULL); 485 if (IS_ERR(handle)) 486 return -EBUSY; 487 ret = set_blocksize(bdev, n); 488 bdev_release(handle); 489 490 return ret; 491 } 492 493 /* 494 * Common commands that are handled the same way on native and compat 495 * user space. Note the separate arg/argp parameters that are needed 496 * to deal with the compat_ptr() conversion. 497 */ 498 static int blkdev_common_ioctl(struct block_device *bdev, blk_mode_t mode, 499 unsigned int cmd, unsigned long arg, 500 void __user *argp) 501 { 502 unsigned int max_sectors; 503 504 switch (cmd) { 505 case BLKFLSBUF: 506 return blkdev_flushbuf(bdev, cmd, arg); 507 case BLKROSET: 508 return blkdev_roset(bdev, cmd, arg); 509 case BLKDISCARD: 510 return blk_ioctl_discard(bdev, mode, arg); 511 case BLKSECDISCARD: 512 return blk_ioctl_secure_erase(bdev, mode, argp); 513 case BLKZEROOUT: 514 return blk_ioctl_zeroout(bdev, mode, arg); 515 case BLKGETDISKSEQ: 516 return put_u64(argp, bdev->bd_disk->diskseq); 517 case BLKREPORTZONE: 518 return blkdev_report_zones_ioctl(bdev, cmd, arg); 519 case BLKRESETZONE: 520 case BLKOPENZONE: 521 case BLKCLOSEZONE: 522 case BLKFINISHZONE: 523 return blkdev_zone_mgmt_ioctl(bdev, mode, cmd, arg); 524 case BLKGETZONESZ: 525 return put_uint(argp, bdev_zone_sectors(bdev)); 526 case BLKGETNRZONES: 527 return put_uint(argp, bdev_nr_zones(bdev)); 528 case BLKROGET: 529 return put_int(argp, bdev_read_only(bdev) != 0); 530 case BLKSSZGET: /* get block device logical block size */ 531 return put_int(argp, bdev_logical_block_size(bdev)); 532 case BLKPBSZGET: /* get block device physical block size */ 533 return put_uint(argp, bdev_physical_block_size(bdev)); 534 case BLKIOMIN: 535 return put_uint(argp, bdev_io_min(bdev)); 536 case BLKIOOPT: 537 return put_uint(argp, bdev_io_opt(bdev)); 538 case BLKALIGNOFF: 539 return put_int(argp, bdev_alignment_offset(bdev)); 540 case BLKDISCARDZEROES: 541 return put_uint(argp, 0); 542 case BLKSECTGET: 543 max_sectors = min_t(unsigned int, USHRT_MAX, 544 queue_max_sectors(bdev_get_queue(bdev))); 545 return put_ushort(argp, max_sectors); 546 case BLKROTATIONAL: 547 return put_ushort(argp, !bdev_nonrot(bdev)); 548 case BLKRASET: 549 case BLKFRASET: 550 if(!capable(CAP_SYS_ADMIN)) 551 return -EACCES; 552 bdev->bd_disk->bdi->ra_pages = (arg * 512) / PAGE_SIZE; 553 return 0; 554 case BLKRRPART: 555 if (!capable(CAP_SYS_ADMIN)) 556 return -EACCES; 557 if (bdev_is_partition(bdev)) 558 return -EINVAL; 559 return disk_scan_partitions(bdev->bd_disk, mode); 560 case BLKTRACESTART: 561 case BLKTRACESTOP: 562 case BLKTRACETEARDOWN: 563 return blk_trace_ioctl(bdev, cmd, argp); 564 case IOC_PR_REGISTER: 565 return blkdev_pr_register(bdev, mode, argp); 566 case IOC_PR_RESERVE: 567 return blkdev_pr_reserve(bdev, mode, argp); 568 case IOC_PR_RELEASE: 569 return blkdev_pr_release(bdev, mode, argp); 570 case IOC_PR_PREEMPT: 571 return blkdev_pr_preempt(bdev, mode, argp, false); 572 case IOC_PR_PREEMPT_ABORT: 573 return blkdev_pr_preempt(bdev, mode, argp, true); 574 case IOC_PR_CLEAR: 575 return blkdev_pr_clear(bdev, mode, argp); 576 default: 577 return -ENOIOCTLCMD; 578 } 579 } 580 581 /* 582 * Always keep this in sync with compat_blkdev_ioctl() 583 * to handle all incompatible commands in both functions. 584 * 585 * New commands must be compatible and go into blkdev_common_ioctl 586 */ 587 long blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg) 588 { 589 struct block_device *bdev = I_BDEV(file->f_mapping->host); 590 void __user *argp = (void __user *)arg; 591 blk_mode_t mode = file_to_blk_mode(file); 592 int ret; 593 594 switch (cmd) { 595 /* These need separate implementations for the data structure */ 596 case HDIO_GETGEO: 597 return blkdev_getgeo(bdev, argp); 598 case BLKPG: 599 return blkpg_ioctl(bdev, argp); 600 601 /* Compat mode returns 32-bit data instead of 'long' */ 602 case BLKRAGET: 603 case BLKFRAGET: 604 if (!argp) 605 return -EINVAL; 606 return put_long(argp, 607 (bdev->bd_disk->bdi->ra_pages * PAGE_SIZE) / 512); 608 case BLKGETSIZE: 609 if (bdev_nr_sectors(bdev) > ~0UL) 610 return -EFBIG; 611 return put_ulong(argp, bdev_nr_sectors(bdev)); 612 613 /* The data is compatible, but the command number is different */ 614 case BLKBSZGET: /* get block device soft block size (cf. BLKSSZGET) */ 615 return put_int(argp, block_size(bdev)); 616 case BLKBSZSET: 617 return blkdev_bszset(bdev, mode, argp); 618 case BLKGETSIZE64: 619 return put_u64(argp, bdev_nr_bytes(bdev)); 620 621 /* Incompatible alignment on i386 */ 622 case BLKTRACESETUP: 623 return blk_trace_ioctl(bdev, cmd, argp); 624 default: 625 break; 626 } 627 628 ret = blkdev_common_ioctl(bdev, mode, cmd, arg, argp); 629 if (ret != -ENOIOCTLCMD) 630 return ret; 631 632 if (!bdev->bd_disk->fops->ioctl) 633 return -ENOTTY; 634 return bdev->bd_disk->fops->ioctl(bdev, mode, cmd, arg); 635 } 636 637 #ifdef CONFIG_COMPAT 638 639 #define BLKBSZGET_32 _IOR(0x12, 112, int) 640 #define BLKBSZSET_32 _IOW(0x12, 113, int) 641 #define BLKGETSIZE64_32 _IOR(0x12, 114, int) 642 643 /* Most of the generic ioctls are handled in the normal fallback path. 644 This assumes the blkdev's low level compat_ioctl always returns 645 ENOIOCTLCMD for unknown ioctls. */ 646 long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg) 647 { 648 int ret; 649 void __user *argp = compat_ptr(arg); 650 struct block_device *bdev = I_BDEV(file->f_mapping->host); 651 struct gendisk *disk = bdev->bd_disk; 652 blk_mode_t mode = file_to_blk_mode(file); 653 654 switch (cmd) { 655 /* These need separate implementations for the data structure */ 656 case HDIO_GETGEO: 657 return compat_hdio_getgeo(bdev, argp); 658 case BLKPG: 659 return compat_blkpg_ioctl(bdev, argp); 660 661 /* Compat mode returns 32-bit data instead of 'long' */ 662 case BLKRAGET: 663 case BLKFRAGET: 664 if (!argp) 665 return -EINVAL; 666 return compat_put_long(argp, 667 (bdev->bd_disk->bdi->ra_pages * PAGE_SIZE) / 512); 668 case BLKGETSIZE: 669 if (bdev_nr_sectors(bdev) > ~(compat_ulong_t)0) 670 return -EFBIG; 671 return compat_put_ulong(argp, bdev_nr_sectors(bdev)); 672 673 /* The data is compatible, but the command number is different */ 674 case BLKBSZGET_32: /* get the logical block size (cf. BLKSSZGET) */ 675 return put_int(argp, bdev_logical_block_size(bdev)); 676 case BLKBSZSET_32: 677 return blkdev_bszset(bdev, mode, argp); 678 case BLKGETSIZE64_32: 679 return put_u64(argp, bdev_nr_bytes(bdev)); 680 681 /* Incompatible alignment on i386 */ 682 case BLKTRACESETUP32: 683 return blk_trace_ioctl(bdev, cmd, argp); 684 default: 685 break; 686 } 687 688 ret = blkdev_common_ioctl(bdev, mode, cmd, arg, argp); 689 if (ret == -ENOIOCTLCMD && disk->fops->compat_ioctl) 690 ret = disk->fops->compat_ioctl(bdev, mode, cmd, arg); 691 692 return ret; 693 } 694 #endif 695