1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2012-2013 Samsung Electronics Co., Ltd. 4 */ 5 6 #include <linux/slab.h> 7 #include <linux/compat.h> 8 #include <linux/cred.h> 9 #include <linux/buffer_head.h> 10 #include <linux/blkdev.h> 11 #include <linux/fsnotify.h> 12 #include <linux/security.h> 13 #include <linux/msdos_fs.h> 14 15 #include "exfat_raw.h" 16 #include "exfat_fs.h" 17 18 static int exfat_cont_expand(struct inode *inode, loff_t size) 19 { 20 struct address_space *mapping = inode->i_mapping; 21 loff_t start = i_size_read(inode), count = size - i_size_read(inode); 22 int err, err2; 23 24 err = generic_cont_expand_simple(inode, size); 25 if (err) 26 return err; 27 28 inode_set_mtime_to_ts(inode, inode_set_ctime_current(inode)); 29 mark_inode_dirty(inode); 30 31 if (!IS_SYNC(inode)) 32 return 0; 33 34 err = filemap_fdatawrite_range(mapping, start, start + count - 1); 35 err2 = sync_mapping_buffers(mapping); 36 if (!err) 37 err = err2; 38 err2 = write_inode_now(inode, 1); 39 if (!err) 40 err = err2; 41 if (err) 42 return err; 43 44 return filemap_fdatawait_range(mapping, start, start + count - 1); 45 } 46 47 static bool exfat_allow_set_time(struct exfat_sb_info *sbi, struct inode *inode) 48 { 49 mode_t allow_utime = sbi->options.allow_utime; 50 51 if (!uid_eq(current_fsuid(), inode->i_uid)) { 52 if (in_group_p(inode->i_gid)) 53 allow_utime >>= 3; 54 if (allow_utime & MAY_WRITE) 55 return true; 56 } 57 58 /* use a default check */ 59 return false; 60 } 61 62 static int exfat_sanitize_mode(const struct exfat_sb_info *sbi, 63 struct inode *inode, umode_t *mode_ptr) 64 { 65 mode_t i_mode, mask, perm; 66 67 i_mode = inode->i_mode; 68 69 mask = (S_ISREG(i_mode) || S_ISLNK(i_mode)) ? 70 sbi->options.fs_fmask : sbi->options.fs_dmask; 71 perm = *mode_ptr & ~(S_IFMT | mask); 72 73 /* Of the r and x bits, all (subject to umask) must be present.*/ 74 if ((perm & 0555) != (i_mode & 0555)) 75 return -EPERM; 76 77 if (exfat_mode_can_hold_ro(inode)) { 78 /* 79 * Of the w bits, either all (subject to umask) or none must 80 * be present. 81 */ 82 if ((perm & 0222) && ((perm & 0222) != (0222 & ~mask))) 83 return -EPERM; 84 } else { 85 /* 86 * If exfat_mode_can_hold_ro(inode) is false, can't change 87 * w bits. 88 */ 89 if ((perm & 0222) != (0222 & ~mask)) 90 return -EPERM; 91 } 92 93 *mode_ptr &= S_IFMT | perm; 94 95 return 0; 96 } 97 98 /* resize the file length */ 99 int __exfat_truncate(struct inode *inode) 100 { 101 unsigned int num_clusters_new, num_clusters_phys; 102 unsigned int last_clu = EXFAT_FREE_CLUSTER; 103 struct exfat_chain clu; 104 struct super_block *sb = inode->i_sb; 105 struct exfat_sb_info *sbi = EXFAT_SB(sb); 106 struct exfat_inode_info *ei = EXFAT_I(inode); 107 108 /* check if the given file ID is opened */ 109 if (ei->type != TYPE_FILE && ei->type != TYPE_DIR) 110 return -EPERM; 111 112 exfat_set_volume_dirty(sb); 113 114 num_clusters_new = EXFAT_B_TO_CLU_ROUND_UP(i_size_read(inode), sbi); 115 num_clusters_phys = EXFAT_B_TO_CLU_ROUND_UP(ei->i_size_ondisk, sbi); 116 117 exfat_chain_set(&clu, ei->start_clu, num_clusters_phys, ei->flags); 118 119 if (i_size_read(inode) > 0) { 120 /* 121 * Truncate FAT chain num_clusters after the first cluster 122 * num_clusters = min(new, phys); 123 */ 124 unsigned int num_clusters = 125 min(num_clusters_new, num_clusters_phys); 126 127 /* 128 * Follow FAT chain 129 * (defensive coding - works fine even with corrupted FAT table 130 */ 131 if (clu.flags == ALLOC_NO_FAT_CHAIN) { 132 clu.dir += num_clusters; 133 clu.size -= num_clusters; 134 } else { 135 while (num_clusters > 0) { 136 last_clu = clu.dir; 137 if (exfat_get_next_cluster(sb, &(clu.dir))) 138 return -EIO; 139 140 num_clusters--; 141 clu.size--; 142 } 143 } 144 } else { 145 ei->flags = ALLOC_NO_FAT_CHAIN; 146 ei->start_clu = EXFAT_EOF_CLUSTER; 147 } 148 149 if (ei->type == TYPE_FILE) 150 ei->attr |= EXFAT_ATTR_ARCHIVE; 151 152 /* 153 * update the directory entry 154 * 155 * If the directory entry is updated by mark_inode_dirty(), the 156 * directory entry will be written after a writeback cycle of 157 * updating the bitmap/FAT, which may result in clusters being 158 * freed but referenced by the directory entry in the event of a 159 * sudden power failure. 160 * __exfat_write_inode() is called for directory entry, bitmap 161 * and FAT to be written in a same writeback. 162 */ 163 if (__exfat_write_inode(inode, inode_needs_sync(inode))) 164 return -EIO; 165 166 /* cut off from the FAT chain */ 167 if (ei->flags == ALLOC_FAT_CHAIN && last_clu != EXFAT_FREE_CLUSTER && 168 last_clu != EXFAT_EOF_CLUSTER) { 169 if (exfat_ent_set(sb, last_clu, EXFAT_EOF_CLUSTER)) 170 return -EIO; 171 } 172 173 /* invalidate cache and free the clusters */ 174 /* clear exfat cache */ 175 exfat_cache_inval_inode(inode); 176 177 /* hint information */ 178 ei->hint_bmap.off = EXFAT_EOF_CLUSTER; 179 ei->hint_bmap.clu = EXFAT_EOF_CLUSTER; 180 181 /* hint_stat will be used if this is directory. */ 182 ei->hint_stat.eidx = 0; 183 ei->hint_stat.clu = ei->start_clu; 184 ei->hint_femp.eidx = EXFAT_HINT_NONE; 185 186 /* free the clusters */ 187 if (exfat_free_cluster(inode, &clu)) 188 return -EIO; 189 190 return 0; 191 } 192 193 void exfat_truncate(struct inode *inode) 194 { 195 struct super_block *sb = inode->i_sb; 196 struct exfat_sb_info *sbi = EXFAT_SB(sb); 197 struct exfat_inode_info *ei = EXFAT_I(inode); 198 unsigned int blocksize = i_blocksize(inode); 199 loff_t aligned_size; 200 int err; 201 202 mutex_lock(&sbi->s_lock); 203 if (ei->start_clu == 0) { 204 /* 205 * Empty start_clu != ~0 (not allocated) 206 */ 207 exfat_fs_error(sb, "tried to truncate zeroed cluster."); 208 goto write_size; 209 } 210 211 err = __exfat_truncate(inode); 212 if (err) 213 goto write_size; 214 215 inode->i_blocks = round_up(i_size_read(inode), sbi->cluster_size) >> 9; 216 write_size: 217 aligned_size = i_size_read(inode); 218 if (aligned_size & (blocksize - 1)) { 219 aligned_size |= (blocksize - 1); 220 aligned_size++; 221 } 222 223 if (ei->i_size_ondisk > i_size_read(inode)) 224 ei->i_size_ondisk = aligned_size; 225 226 if (ei->i_size_aligned > i_size_read(inode)) 227 ei->i_size_aligned = aligned_size; 228 mutex_unlock(&sbi->s_lock); 229 } 230 231 int exfat_getattr(struct mnt_idmap *idmap, const struct path *path, 232 struct kstat *stat, unsigned int request_mask, 233 unsigned int query_flags) 234 { 235 struct inode *inode = d_backing_inode(path->dentry); 236 struct exfat_inode_info *ei = EXFAT_I(inode); 237 238 generic_fillattr(&nop_mnt_idmap, request_mask, inode, stat); 239 exfat_truncate_atime(&stat->atime); 240 stat->result_mask |= STATX_BTIME; 241 stat->btime.tv_sec = ei->i_crtime.tv_sec; 242 stat->btime.tv_nsec = ei->i_crtime.tv_nsec; 243 stat->blksize = EXFAT_SB(inode->i_sb)->cluster_size; 244 return 0; 245 } 246 247 int exfat_setattr(struct mnt_idmap *idmap, struct dentry *dentry, 248 struct iattr *attr) 249 { 250 struct exfat_sb_info *sbi = EXFAT_SB(dentry->d_sb); 251 struct inode *inode = dentry->d_inode; 252 unsigned int ia_valid; 253 int error; 254 255 if ((attr->ia_valid & ATTR_SIZE) && 256 attr->ia_size > i_size_read(inode)) { 257 error = exfat_cont_expand(inode, attr->ia_size); 258 if (error || attr->ia_valid == ATTR_SIZE) 259 return error; 260 attr->ia_valid &= ~ATTR_SIZE; 261 } 262 263 /* Check for setting the inode time. */ 264 ia_valid = attr->ia_valid; 265 if ((ia_valid & (ATTR_MTIME_SET | ATTR_ATIME_SET | ATTR_TIMES_SET)) && 266 exfat_allow_set_time(sbi, inode)) { 267 attr->ia_valid &= ~(ATTR_MTIME_SET | ATTR_ATIME_SET | 268 ATTR_TIMES_SET); 269 } 270 271 error = setattr_prepare(&nop_mnt_idmap, dentry, attr); 272 attr->ia_valid = ia_valid; 273 if (error) 274 goto out; 275 276 if (((attr->ia_valid & ATTR_UID) && 277 !uid_eq(attr->ia_uid, sbi->options.fs_uid)) || 278 ((attr->ia_valid & ATTR_GID) && 279 !gid_eq(attr->ia_gid, sbi->options.fs_gid)) || 280 ((attr->ia_valid & ATTR_MODE) && 281 (attr->ia_mode & ~(S_IFREG | S_IFLNK | S_IFDIR | 0777)))) { 282 error = -EPERM; 283 goto out; 284 } 285 286 /* 287 * We don't return -EPERM here. Yes, strange, but this is too 288 * old behavior. 289 */ 290 if (attr->ia_valid & ATTR_MODE) { 291 if (exfat_sanitize_mode(sbi, inode, &attr->ia_mode) < 0) 292 attr->ia_valid &= ~ATTR_MODE; 293 } 294 295 if (attr->ia_valid & ATTR_SIZE) 296 inode_set_mtime_to_ts(inode, inode_set_ctime_current(inode)); 297 298 exfat_truncate_inode_atime(inode); 299 300 if (attr->ia_valid & ATTR_SIZE) { 301 error = exfat_block_truncate_page(inode, attr->ia_size); 302 if (error) 303 goto out; 304 305 down_write(&EXFAT_I(inode)->truncate_lock); 306 truncate_setsize(inode, attr->ia_size); 307 308 /* 309 * __exfat_write_inode() is called from exfat_truncate(), inode 310 * is already written by it, so mark_inode_dirty() is unneeded. 311 */ 312 exfat_truncate(inode); 313 up_write(&EXFAT_I(inode)->truncate_lock); 314 } else 315 mark_inode_dirty(inode); 316 317 out: 318 return error; 319 } 320 321 /* 322 * modified ioctls from fat/file.c by Welmer Almesberger 323 */ 324 static int exfat_ioctl_get_attributes(struct inode *inode, u32 __user *user_attr) 325 { 326 u32 attr; 327 328 inode_lock_shared(inode); 329 attr = exfat_make_attr(inode); 330 inode_unlock_shared(inode); 331 332 return put_user(attr, user_attr); 333 } 334 335 static int exfat_ioctl_set_attributes(struct file *file, u32 __user *user_attr) 336 { 337 struct inode *inode = file_inode(file); 338 struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); 339 int is_dir = S_ISDIR(inode->i_mode); 340 u32 attr, oldattr; 341 struct iattr ia; 342 int err; 343 344 err = get_user(attr, user_attr); 345 if (err) 346 goto out; 347 348 err = mnt_want_write_file(file); 349 if (err) 350 goto out; 351 inode_lock(inode); 352 353 oldattr = exfat_make_attr(inode); 354 355 /* 356 * Mask attributes so we don't set reserved fields. 357 */ 358 attr &= (EXFAT_ATTR_READONLY | EXFAT_ATTR_HIDDEN | EXFAT_ATTR_SYSTEM | 359 EXFAT_ATTR_ARCHIVE); 360 attr |= (is_dir ? EXFAT_ATTR_SUBDIR : 0); 361 362 /* Equivalent to a chmod() */ 363 ia.ia_valid = ATTR_MODE | ATTR_CTIME; 364 ia.ia_ctime = current_time(inode); 365 if (is_dir) 366 ia.ia_mode = exfat_make_mode(sbi, attr, 0777); 367 else 368 ia.ia_mode = exfat_make_mode(sbi, attr, 0666 | (inode->i_mode & 0111)); 369 370 /* The root directory has no attributes */ 371 if (inode->i_ino == EXFAT_ROOT_INO && attr != EXFAT_ATTR_SUBDIR) { 372 err = -EINVAL; 373 goto out_unlock_inode; 374 } 375 376 if (((attr | oldattr) & EXFAT_ATTR_SYSTEM) && 377 !capable(CAP_LINUX_IMMUTABLE)) { 378 err = -EPERM; 379 goto out_unlock_inode; 380 } 381 382 /* 383 * The security check is questionable... We single 384 * out the RO attribute for checking by the security 385 * module, just because it maps to a file mode. 386 */ 387 err = security_inode_setattr(file_mnt_idmap(file), 388 file->f_path.dentry, &ia); 389 if (err) 390 goto out_unlock_inode; 391 392 /* This MUST be done before doing anything irreversible... */ 393 err = exfat_setattr(file_mnt_idmap(file), file->f_path.dentry, &ia); 394 if (err) 395 goto out_unlock_inode; 396 397 fsnotify_change(file->f_path.dentry, ia.ia_valid); 398 399 exfat_save_attr(inode, attr); 400 mark_inode_dirty(inode); 401 out_unlock_inode: 402 inode_unlock(inode); 403 mnt_drop_write_file(file); 404 out: 405 return err; 406 } 407 408 static int exfat_ioctl_fitrim(struct inode *inode, unsigned long arg) 409 { 410 struct fstrim_range range; 411 int ret = 0; 412 413 if (!capable(CAP_SYS_ADMIN)) 414 return -EPERM; 415 416 if (!bdev_max_discard_sectors(inode->i_sb->s_bdev)) 417 return -EOPNOTSUPP; 418 419 if (copy_from_user(&range, (struct fstrim_range __user *)arg, sizeof(range))) 420 return -EFAULT; 421 422 range.minlen = max_t(unsigned int, range.minlen, 423 bdev_discard_granularity(inode->i_sb->s_bdev)); 424 425 ret = exfat_trim_fs(inode, &range); 426 if (ret < 0) 427 return ret; 428 429 if (copy_to_user((struct fstrim_range __user *)arg, &range, sizeof(range))) 430 return -EFAULT; 431 432 return 0; 433 } 434 435 long exfat_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) 436 { 437 struct inode *inode = file_inode(filp); 438 u32 __user *user_attr = (u32 __user *)arg; 439 440 switch (cmd) { 441 case FAT_IOCTL_GET_ATTRIBUTES: 442 return exfat_ioctl_get_attributes(inode, user_attr); 443 case FAT_IOCTL_SET_ATTRIBUTES: 444 return exfat_ioctl_set_attributes(filp, user_attr); 445 case FITRIM: 446 return exfat_ioctl_fitrim(inode, arg); 447 default: 448 return -ENOTTY; 449 } 450 } 451 452 #ifdef CONFIG_COMPAT 453 long exfat_compat_ioctl(struct file *filp, unsigned int cmd, 454 unsigned long arg) 455 { 456 return exfat_ioctl(filp, cmd, (unsigned long)compat_ptr(arg)); 457 } 458 #endif 459 460 int exfat_file_fsync(struct file *filp, loff_t start, loff_t end, int datasync) 461 { 462 struct inode *inode = filp->f_mapping->host; 463 int err; 464 465 err = __generic_file_fsync(filp, start, end, datasync); 466 if (err) 467 return err; 468 469 err = sync_blockdev(inode->i_sb->s_bdev); 470 if (err) 471 return err; 472 473 return blkdev_issue_flush(inode->i_sb->s_bdev); 474 } 475 476 const struct file_operations exfat_file_operations = { 477 .llseek = generic_file_llseek, 478 .read_iter = generic_file_read_iter, 479 .write_iter = generic_file_write_iter, 480 .unlocked_ioctl = exfat_ioctl, 481 #ifdef CONFIG_COMPAT 482 .compat_ioctl = exfat_compat_ioctl, 483 #endif 484 .mmap = generic_file_mmap, 485 .fsync = exfat_file_fsync, 486 .splice_read = filemap_splice_read, 487 .splice_write = iter_file_splice_write, 488 }; 489 490 const struct inode_operations exfat_file_inode_operations = { 491 .setattr = exfat_setattr, 492 .getattr = exfat_getattr, 493 }; 494