1 /* 2 * linux/fs/ext4/ioctl.c 3 * 4 * Copyright (C) 1993, 1994, 1995 5 * Remy Card (card@masi.ibp.fr) 6 * Laboratoire MASI - Institut Blaise Pascal 7 * Universite Pierre et Marie Curie (Paris VI) 8 */ 9 10 #include <linux/fs.h> 11 #include <linux/capability.h> 12 #include <linux/time.h> 13 #include <linux/compat.h> 14 #include <linux/mount.h> 15 #include <linux/file.h> 16 #include <linux/quotaops.h> 17 #include <linux/uuid.h> 18 #include <linux/uaccess.h> 19 #include <linux/delay.h> 20 #include "ext4_jbd2.h" 21 #include "ext4.h" 22 #include <linux/fsmap.h> 23 #include "fsmap.h" 24 #include <trace/events/ext4.h> 25 26 /** 27 * Swap memory between @a and @b for @len bytes. 28 * 29 * @a: pointer to first memory area 30 * @b: pointer to second memory area 31 * @len: number of bytes to swap 32 * 33 */ 34 static void memswap(void *a, void *b, size_t len) 35 { 36 unsigned char *ap, *bp; 37 38 ap = (unsigned char *)a; 39 bp = (unsigned char *)b; 40 while (len-- > 0) { 41 swap(*ap, *bp); 42 ap++; 43 bp++; 44 } 45 } 46 47 /** 48 * Swap i_data and associated attributes between @inode1 and @inode2. 49 * This function is used for the primary swap between inode1 and inode2 50 * and also to revert this primary swap in case of errors. 51 * 52 * Therefore you have to make sure, that calling this method twice 53 * will revert all changes. 54 * 55 * @inode1: pointer to first inode 56 * @inode2: pointer to second inode 57 */ 58 static void swap_inode_data(struct inode *inode1, struct inode *inode2) 59 { 60 loff_t isize; 61 struct ext4_inode_info *ei1; 62 struct ext4_inode_info *ei2; 63 64 ei1 = EXT4_I(inode1); 65 ei2 = EXT4_I(inode2); 66 67 swap(inode1->i_flags, inode2->i_flags); 68 swap(inode1->i_version, inode2->i_version); 69 swap(inode1->i_blocks, inode2->i_blocks); 70 swap(inode1->i_bytes, inode2->i_bytes); 71 swap(inode1->i_atime, inode2->i_atime); 72 swap(inode1->i_mtime, inode2->i_mtime); 73 74 memswap(ei1->i_data, ei2->i_data, sizeof(ei1->i_data)); 75 swap(ei1->i_flags, ei2->i_flags); 76 swap(ei1->i_disksize, ei2->i_disksize); 77 ext4_es_remove_extent(inode1, 0, EXT_MAX_BLOCKS); 78 ext4_es_remove_extent(inode2, 0, EXT_MAX_BLOCKS); 79 80 isize = i_size_read(inode1); 81 i_size_write(inode1, i_size_read(inode2)); 82 i_size_write(inode2, isize); 83 } 84 85 /** 86 * Swap the information from the given @inode and the inode 87 * EXT4_BOOT_LOADER_INO. It will basically swap i_data and all other 88 * important fields of the inodes. 89 * 90 * @sb: the super block of the filesystem 91 * @inode: the inode to swap with EXT4_BOOT_LOADER_INO 92 * 93 */ 94 static long swap_inode_boot_loader(struct super_block *sb, 95 struct inode *inode) 96 { 97 handle_t *handle; 98 int err; 99 struct inode *inode_bl; 100 struct ext4_inode_info *ei_bl; 101 struct ext4_sb_info *sbi = EXT4_SB(sb); 102 103 if (inode->i_nlink != 1 || !S_ISREG(inode->i_mode)) 104 return -EINVAL; 105 106 if (!inode_owner_or_capable(inode) || !capable(CAP_SYS_ADMIN)) 107 return -EPERM; 108 109 inode_bl = ext4_iget(sb, EXT4_BOOT_LOADER_INO); 110 if (IS_ERR(inode_bl)) 111 return PTR_ERR(inode_bl); 112 ei_bl = EXT4_I(inode_bl); 113 114 filemap_flush(inode->i_mapping); 115 filemap_flush(inode_bl->i_mapping); 116 117 /* Protect orig inodes against a truncate and make sure, 118 * that only 1 swap_inode_boot_loader is running. */ 119 lock_two_nondirectories(inode, inode_bl); 120 121 truncate_inode_pages(&inode->i_data, 0); 122 truncate_inode_pages(&inode_bl->i_data, 0); 123 124 /* Wait for all existing dio workers */ 125 ext4_inode_block_unlocked_dio(inode); 126 ext4_inode_block_unlocked_dio(inode_bl); 127 inode_dio_wait(inode); 128 inode_dio_wait(inode_bl); 129 130 handle = ext4_journal_start(inode_bl, EXT4_HT_MOVE_EXTENTS, 2); 131 if (IS_ERR(handle)) { 132 err = -EINVAL; 133 goto journal_err_out; 134 } 135 136 /* Protect extent tree against block allocations via delalloc */ 137 ext4_double_down_write_data_sem(inode, inode_bl); 138 139 if (inode_bl->i_nlink == 0) { 140 /* this inode has never been used as a BOOT_LOADER */ 141 set_nlink(inode_bl, 1); 142 i_uid_write(inode_bl, 0); 143 i_gid_write(inode_bl, 0); 144 inode_bl->i_flags = 0; 145 ei_bl->i_flags = 0; 146 inode_bl->i_version = 1; 147 i_size_write(inode_bl, 0); 148 inode_bl->i_mode = S_IFREG; 149 if (ext4_has_feature_extents(sb)) { 150 ext4_set_inode_flag(inode_bl, EXT4_INODE_EXTENTS); 151 ext4_ext_tree_init(handle, inode_bl); 152 } else 153 memset(ei_bl->i_data, 0, sizeof(ei_bl->i_data)); 154 } 155 156 swap_inode_data(inode, inode_bl); 157 158 inode->i_ctime = inode_bl->i_ctime = current_time(inode); 159 160 spin_lock(&sbi->s_next_gen_lock); 161 inode->i_generation = sbi->s_next_generation++; 162 inode_bl->i_generation = sbi->s_next_generation++; 163 spin_unlock(&sbi->s_next_gen_lock); 164 165 ext4_discard_preallocations(inode); 166 167 err = ext4_mark_inode_dirty(handle, inode); 168 if (err < 0) { 169 ext4_warning(inode->i_sb, 170 "couldn't mark inode #%lu dirty (err %d)", 171 inode->i_ino, err); 172 /* Revert all changes: */ 173 swap_inode_data(inode, inode_bl); 174 } else { 175 err = ext4_mark_inode_dirty(handle, inode_bl); 176 if (err < 0) { 177 ext4_warning(inode_bl->i_sb, 178 "couldn't mark inode #%lu dirty (err %d)", 179 inode_bl->i_ino, err); 180 /* Revert all changes: */ 181 swap_inode_data(inode, inode_bl); 182 ext4_mark_inode_dirty(handle, inode); 183 } 184 } 185 ext4_journal_stop(handle); 186 ext4_double_up_write_data_sem(inode, inode_bl); 187 188 journal_err_out: 189 ext4_inode_resume_unlocked_dio(inode); 190 ext4_inode_resume_unlocked_dio(inode_bl); 191 unlock_two_nondirectories(inode, inode_bl); 192 iput(inode_bl); 193 return err; 194 } 195 196 #ifdef CONFIG_EXT4_FS_ENCRYPTION 197 static int uuid_is_zero(__u8 u[16]) 198 { 199 int i; 200 201 for (i = 0; i < 16; i++) 202 if (u[i]) 203 return 0; 204 return 1; 205 } 206 #endif 207 208 static int ext4_ioctl_setflags(struct inode *inode, 209 unsigned int flags) 210 { 211 struct ext4_inode_info *ei = EXT4_I(inode); 212 handle_t *handle = NULL; 213 int err = -EPERM, migrate = 0; 214 struct ext4_iloc iloc; 215 unsigned int oldflags, mask, i; 216 unsigned int jflag; 217 218 /* Is it quota file? Do not allow user to mess with it */ 219 if (ext4_is_quota_file(inode)) 220 goto flags_out; 221 222 oldflags = ei->i_flags; 223 224 /* The JOURNAL_DATA flag is modifiable only by root */ 225 jflag = flags & EXT4_JOURNAL_DATA_FL; 226 227 /* 228 * The IMMUTABLE and APPEND_ONLY flags can only be changed by 229 * the relevant capability. 230 * 231 * This test looks nicer. Thanks to Pauline Middelink 232 */ 233 if ((flags ^ oldflags) & (EXT4_APPEND_FL | EXT4_IMMUTABLE_FL)) { 234 if (!capable(CAP_LINUX_IMMUTABLE)) 235 goto flags_out; 236 } 237 238 /* 239 * The JOURNAL_DATA flag can only be changed by 240 * the relevant capability. 241 */ 242 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) { 243 if (!capable(CAP_SYS_RESOURCE)) 244 goto flags_out; 245 } 246 if ((flags ^ oldflags) & EXT4_EXTENTS_FL) 247 migrate = 1; 248 249 if (flags & EXT4_EOFBLOCKS_FL) { 250 /* we don't support adding EOFBLOCKS flag */ 251 if (!(oldflags & EXT4_EOFBLOCKS_FL)) { 252 err = -EOPNOTSUPP; 253 goto flags_out; 254 } 255 } else if (oldflags & EXT4_EOFBLOCKS_FL) { 256 err = ext4_truncate(inode); 257 if (err) 258 goto flags_out; 259 } 260 261 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1); 262 if (IS_ERR(handle)) { 263 err = PTR_ERR(handle); 264 goto flags_out; 265 } 266 if (IS_SYNC(inode)) 267 ext4_handle_sync(handle); 268 err = ext4_reserve_inode_write(handle, inode, &iloc); 269 if (err) 270 goto flags_err; 271 272 for (i = 0, mask = 1; i < 32; i++, mask <<= 1) { 273 if (!(mask & EXT4_FL_USER_MODIFIABLE)) 274 continue; 275 /* These flags get special treatment later */ 276 if (mask == EXT4_JOURNAL_DATA_FL || mask == EXT4_EXTENTS_FL) 277 continue; 278 if (mask & flags) 279 ext4_set_inode_flag(inode, i); 280 else 281 ext4_clear_inode_flag(inode, i); 282 } 283 284 ext4_set_inode_flags(inode); 285 inode->i_ctime = current_time(inode); 286 287 err = ext4_mark_iloc_dirty(handle, inode, &iloc); 288 flags_err: 289 ext4_journal_stop(handle); 290 if (err) 291 goto flags_out; 292 293 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) 294 err = ext4_change_inode_journal_flag(inode, jflag); 295 if (err) 296 goto flags_out; 297 if (migrate) { 298 if (flags & EXT4_EXTENTS_FL) 299 err = ext4_ext_migrate(inode); 300 else 301 err = ext4_ind_migrate(inode); 302 } 303 304 flags_out: 305 return err; 306 } 307 308 #ifdef CONFIG_QUOTA 309 static int ext4_ioctl_setproject(struct file *filp, __u32 projid) 310 { 311 struct inode *inode = file_inode(filp); 312 struct super_block *sb = inode->i_sb; 313 struct ext4_inode_info *ei = EXT4_I(inode); 314 int err, rc; 315 handle_t *handle; 316 kprojid_t kprojid; 317 struct ext4_iloc iloc; 318 struct ext4_inode *raw_inode; 319 struct dquot *transfer_to[MAXQUOTAS] = { }; 320 321 if (!ext4_has_feature_project(sb)) { 322 if (projid != EXT4_DEF_PROJID) 323 return -EOPNOTSUPP; 324 else 325 return 0; 326 } 327 328 if (EXT4_INODE_SIZE(sb) <= EXT4_GOOD_OLD_INODE_SIZE) 329 return -EOPNOTSUPP; 330 331 kprojid = make_kprojid(&init_user_ns, (projid_t)projid); 332 333 if (projid_eq(kprojid, EXT4_I(inode)->i_projid)) 334 return 0; 335 336 err = mnt_want_write_file(filp); 337 if (err) 338 return err; 339 340 err = -EPERM; 341 inode_lock(inode); 342 /* Is it quota file? Do not allow user to mess with it */ 343 if (ext4_is_quota_file(inode)) 344 goto out_unlock; 345 346 err = ext4_get_inode_loc(inode, &iloc); 347 if (err) 348 goto out_unlock; 349 350 raw_inode = ext4_raw_inode(&iloc); 351 if (!EXT4_FITS_IN_INODE(raw_inode, ei, i_projid)) { 352 err = ext4_expand_extra_isize(inode, 353 EXT4_SB(sb)->s_want_extra_isize, 354 &iloc); 355 if (err) 356 goto out_unlock; 357 } else { 358 brelse(iloc.bh); 359 } 360 361 dquot_initialize(inode); 362 363 handle = ext4_journal_start(inode, EXT4_HT_QUOTA, 364 EXT4_QUOTA_INIT_BLOCKS(sb) + 365 EXT4_QUOTA_DEL_BLOCKS(sb) + 3); 366 if (IS_ERR(handle)) { 367 err = PTR_ERR(handle); 368 goto out_unlock; 369 } 370 371 err = ext4_reserve_inode_write(handle, inode, &iloc); 372 if (err) 373 goto out_stop; 374 375 transfer_to[PRJQUOTA] = dqget(sb, make_kqid_projid(kprojid)); 376 if (!IS_ERR(transfer_to[PRJQUOTA])) { 377 378 /* __dquot_transfer() calls back ext4_get_inode_usage() which 379 * counts xattr inode references. 380 */ 381 down_read(&EXT4_I(inode)->xattr_sem); 382 err = __dquot_transfer(inode, transfer_to); 383 up_read(&EXT4_I(inode)->xattr_sem); 384 dqput(transfer_to[PRJQUOTA]); 385 if (err) 386 goto out_dirty; 387 } 388 389 EXT4_I(inode)->i_projid = kprojid; 390 inode->i_ctime = current_time(inode); 391 out_dirty: 392 rc = ext4_mark_iloc_dirty(handle, inode, &iloc); 393 if (!err) 394 err = rc; 395 out_stop: 396 ext4_journal_stop(handle); 397 out_unlock: 398 inode_unlock(inode); 399 mnt_drop_write_file(filp); 400 return err; 401 } 402 #else 403 static int ext4_ioctl_setproject(struct file *filp, __u32 projid) 404 { 405 if (projid != EXT4_DEF_PROJID) 406 return -EOPNOTSUPP; 407 return 0; 408 } 409 #endif 410 411 /* Transfer internal flags to xflags */ 412 static inline __u32 ext4_iflags_to_xflags(unsigned long iflags) 413 { 414 __u32 xflags = 0; 415 416 if (iflags & EXT4_SYNC_FL) 417 xflags |= FS_XFLAG_SYNC; 418 if (iflags & EXT4_IMMUTABLE_FL) 419 xflags |= FS_XFLAG_IMMUTABLE; 420 if (iflags & EXT4_APPEND_FL) 421 xflags |= FS_XFLAG_APPEND; 422 if (iflags & EXT4_NODUMP_FL) 423 xflags |= FS_XFLAG_NODUMP; 424 if (iflags & EXT4_NOATIME_FL) 425 xflags |= FS_XFLAG_NOATIME; 426 if (iflags & EXT4_PROJINHERIT_FL) 427 xflags |= FS_XFLAG_PROJINHERIT; 428 return xflags; 429 } 430 431 #define EXT4_SUPPORTED_FS_XFLAGS (FS_XFLAG_SYNC | FS_XFLAG_IMMUTABLE | \ 432 FS_XFLAG_APPEND | FS_XFLAG_NODUMP | \ 433 FS_XFLAG_NOATIME | FS_XFLAG_PROJINHERIT) 434 435 /* Transfer xflags flags to internal */ 436 static inline unsigned long ext4_xflags_to_iflags(__u32 xflags) 437 { 438 unsigned long iflags = 0; 439 440 if (xflags & FS_XFLAG_SYNC) 441 iflags |= EXT4_SYNC_FL; 442 if (xflags & FS_XFLAG_IMMUTABLE) 443 iflags |= EXT4_IMMUTABLE_FL; 444 if (xflags & FS_XFLAG_APPEND) 445 iflags |= EXT4_APPEND_FL; 446 if (xflags & FS_XFLAG_NODUMP) 447 iflags |= EXT4_NODUMP_FL; 448 if (xflags & FS_XFLAG_NOATIME) 449 iflags |= EXT4_NOATIME_FL; 450 if (xflags & FS_XFLAG_PROJINHERIT) 451 iflags |= EXT4_PROJINHERIT_FL; 452 453 return iflags; 454 } 455 456 static int ext4_shutdown(struct super_block *sb, unsigned long arg) 457 { 458 struct ext4_sb_info *sbi = EXT4_SB(sb); 459 __u32 flags; 460 461 if (!capable(CAP_SYS_ADMIN)) 462 return -EPERM; 463 464 if (get_user(flags, (__u32 __user *)arg)) 465 return -EFAULT; 466 467 if (flags > EXT4_GOING_FLAGS_NOLOGFLUSH) 468 return -EINVAL; 469 470 if (ext4_forced_shutdown(sbi)) 471 return 0; 472 473 ext4_msg(sb, KERN_ALERT, "shut down requested (%d)", flags); 474 475 switch (flags) { 476 case EXT4_GOING_FLAGS_DEFAULT: 477 freeze_bdev(sb->s_bdev); 478 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags); 479 thaw_bdev(sb->s_bdev, sb); 480 break; 481 case EXT4_GOING_FLAGS_LOGFLUSH: 482 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags); 483 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) { 484 (void) ext4_force_commit(sb); 485 jbd2_journal_abort(sbi->s_journal, 0); 486 } 487 break; 488 case EXT4_GOING_FLAGS_NOLOGFLUSH: 489 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags); 490 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) { 491 msleep(100); 492 jbd2_journal_abort(sbi->s_journal, 0); 493 } 494 break; 495 default: 496 return -EINVAL; 497 } 498 clear_opt(sb, DISCARD); 499 return 0; 500 } 501 502 struct getfsmap_info { 503 struct super_block *gi_sb; 504 struct fsmap_head __user *gi_data; 505 unsigned int gi_idx; 506 __u32 gi_last_flags; 507 }; 508 509 static int ext4_getfsmap_format(struct ext4_fsmap *xfm, void *priv) 510 { 511 struct getfsmap_info *info = priv; 512 struct fsmap fm; 513 514 trace_ext4_getfsmap_mapping(info->gi_sb, xfm); 515 516 info->gi_last_flags = xfm->fmr_flags; 517 ext4_fsmap_from_internal(info->gi_sb, &fm, xfm); 518 if (copy_to_user(&info->gi_data->fmh_recs[info->gi_idx++], &fm, 519 sizeof(struct fsmap))) 520 return -EFAULT; 521 522 return 0; 523 } 524 525 static int ext4_ioc_getfsmap(struct super_block *sb, 526 struct fsmap_head __user *arg) 527 { 528 struct getfsmap_info info = {0}; 529 struct ext4_fsmap_head xhead = {0}; 530 struct fsmap_head head; 531 bool aborted = false; 532 int error; 533 534 if (copy_from_user(&head, arg, sizeof(struct fsmap_head))) 535 return -EFAULT; 536 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) || 537 memchr_inv(head.fmh_keys[0].fmr_reserved, 0, 538 sizeof(head.fmh_keys[0].fmr_reserved)) || 539 memchr_inv(head.fmh_keys[1].fmr_reserved, 0, 540 sizeof(head.fmh_keys[1].fmr_reserved))) 541 return -EINVAL; 542 /* 543 * ext4 doesn't report file extents at all, so the only valid 544 * file offsets are the magic ones (all zeroes or all ones). 545 */ 546 if (head.fmh_keys[0].fmr_offset || 547 (head.fmh_keys[1].fmr_offset != 0 && 548 head.fmh_keys[1].fmr_offset != -1ULL)) 549 return -EINVAL; 550 551 xhead.fmh_iflags = head.fmh_iflags; 552 xhead.fmh_count = head.fmh_count; 553 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[0], &head.fmh_keys[0]); 554 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[1], &head.fmh_keys[1]); 555 556 trace_ext4_getfsmap_low_key(sb, &xhead.fmh_keys[0]); 557 trace_ext4_getfsmap_high_key(sb, &xhead.fmh_keys[1]); 558 559 info.gi_sb = sb; 560 info.gi_data = arg; 561 error = ext4_getfsmap(sb, &xhead, ext4_getfsmap_format, &info); 562 if (error == EXT4_QUERY_RANGE_ABORT) { 563 error = 0; 564 aborted = true; 565 } else if (error) 566 return error; 567 568 /* If we didn't abort, set the "last" flag in the last fmx */ 569 if (!aborted && info.gi_idx) { 570 info.gi_last_flags |= FMR_OF_LAST; 571 if (copy_to_user(&info.gi_data->fmh_recs[info.gi_idx - 1].fmr_flags, 572 &info.gi_last_flags, 573 sizeof(info.gi_last_flags))) 574 return -EFAULT; 575 } 576 577 /* copy back header */ 578 head.fmh_entries = xhead.fmh_entries; 579 head.fmh_oflags = xhead.fmh_oflags; 580 if (copy_to_user(arg, &head, sizeof(struct fsmap_head))) 581 return -EFAULT; 582 583 return 0; 584 } 585 586 long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) 587 { 588 struct inode *inode = file_inode(filp); 589 struct super_block *sb = inode->i_sb; 590 struct ext4_inode_info *ei = EXT4_I(inode); 591 unsigned int flags; 592 593 ext4_debug("cmd = %u, arg = %lu\n", cmd, arg); 594 595 switch (cmd) { 596 case FS_IOC_GETFSMAP: 597 return ext4_ioc_getfsmap(sb, (void __user *)arg); 598 case EXT4_IOC_GETFLAGS: 599 flags = ei->i_flags & EXT4_FL_USER_VISIBLE; 600 return put_user(flags, (int __user *) arg); 601 case EXT4_IOC_SETFLAGS: { 602 int err; 603 604 if (!inode_owner_or_capable(inode)) 605 return -EACCES; 606 607 if (get_user(flags, (int __user *) arg)) 608 return -EFAULT; 609 610 if (flags & ~EXT4_FL_USER_VISIBLE) 611 return -EOPNOTSUPP; 612 /* 613 * chattr(1) grabs flags via GETFLAGS, modifies the result and 614 * passes that to SETFLAGS. So we cannot easily make SETFLAGS 615 * more restrictive than just silently masking off visible but 616 * not settable flags as we always did. 617 */ 618 flags &= EXT4_FL_USER_MODIFIABLE; 619 if (ext4_mask_flags(inode->i_mode, flags) != flags) 620 return -EOPNOTSUPP; 621 622 err = mnt_want_write_file(filp); 623 if (err) 624 return err; 625 626 inode_lock(inode); 627 err = ext4_ioctl_setflags(inode, flags); 628 inode_unlock(inode); 629 mnt_drop_write_file(filp); 630 return err; 631 } 632 case EXT4_IOC_GETVERSION: 633 case EXT4_IOC_GETVERSION_OLD: 634 return put_user(inode->i_generation, (int __user *) arg); 635 case EXT4_IOC_SETVERSION: 636 case EXT4_IOC_SETVERSION_OLD: { 637 handle_t *handle; 638 struct ext4_iloc iloc; 639 __u32 generation; 640 int err; 641 642 if (!inode_owner_or_capable(inode)) 643 return -EPERM; 644 645 if (ext4_has_metadata_csum(inode->i_sb)) { 646 ext4_warning(sb, "Setting inode version is not " 647 "supported with metadata_csum enabled."); 648 return -ENOTTY; 649 } 650 651 err = mnt_want_write_file(filp); 652 if (err) 653 return err; 654 if (get_user(generation, (int __user *) arg)) { 655 err = -EFAULT; 656 goto setversion_out; 657 } 658 659 inode_lock(inode); 660 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1); 661 if (IS_ERR(handle)) { 662 err = PTR_ERR(handle); 663 goto unlock_out; 664 } 665 err = ext4_reserve_inode_write(handle, inode, &iloc); 666 if (err == 0) { 667 inode->i_ctime = current_time(inode); 668 inode->i_generation = generation; 669 err = ext4_mark_iloc_dirty(handle, inode, &iloc); 670 } 671 ext4_journal_stop(handle); 672 673 unlock_out: 674 inode_unlock(inode); 675 setversion_out: 676 mnt_drop_write_file(filp); 677 return err; 678 } 679 case EXT4_IOC_GROUP_EXTEND: { 680 ext4_fsblk_t n_blocks_count; 681 int err, err2=0; 682 683 err = ext4_resize_begin(sb); 684 if (err) 685 return err; 686 687 if (get_user(n_blocks_count, (__u32 __user *)arg)) { 688 err = -EFAULT; 689 goto group_extend_out; 690 } 691 692 if (ext4_has_feature_bigalloc(sb)) { 693 ext4_msg(sb, KERN_ERR, 694 "Online resizing not supported with bigalloc"); 695 err = -EOPNOTSUPP; 696 goto group_extend_out; 697 } 698 699 err = mnt_want_write_file(filp); 700 if (err) 701 goto group_extend_out; 702 703 err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count); 704 if (EXT4_SB(sb)->s_journal) { 705 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal); 706 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal); 707 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal); 708 } 709 if (err == 0) 710 err = err2; 711 mnt_drop_write_file(filp); 712 group_extend_out: 713 ext4_resize_end(sb); 714 return err; 715 } 716 717 case EXT4_IOC_MOVE_EXT: { 718 struct move_extent me; 719 struct fd donor; 720 int err; 721 722 if (!(filp->f_mode & FMODE_READ) || 723 !(filp->f_mode & FMODE_WRITE)) 724 return -EBADF; 725 726 if (copy_from_user(&me, 727 (struct move_extent __user *)arg, sizeof(me))) 728 return -EFAULT; 729 me.moved_len = 0; 730 731 donor = fdget(me.donor_fd); 732 if (!donor.file) 733 return -EBADF; 734 735 if (!(donor.file->f_mode & FMODE_WRITE)) { 736 err = -EBADF; 737 goto mext_out; 738 } 739 740 if (ext4_has_feature_bigalloc(sb)) { 741 ext4_msg(sb, KERN_ERR, 742 "Online defrag not supported with bigalloc"); 743 err = -EOPNOTSUPP; 744 goto mext_out; 745 } else if (IS_DAX(inode)) { 746 ext4_msg(sb, KERN_ERR, 747 "Online defrag not supported with DAX"); 748 err = -EOPNOTSUPP; 749 goto mext_out; 750 } 751 752 err = mnt_want_write_file(filp); 753 if (err) 754 goto mext_out; 755 756 err = ext4_move_extents(filp, donor.file, me.orig_start, 757 me.donor_start, me.len, &me.moved_len); 758 mnt_drop_write_file(filp); 759 760 if (copy_to_user((struct move_extent __user *)arg, 761 &me, sizeof(me))) 762 err = -EFAULT; 763 mext_out: 764 fdput(donor); 765 return err; 766 } 767 768 case EXT4_IOC_GROUP_ADD: { 769 struct ext4_new_group_data input; 770 int err, err2=0; 771 772 err = ext4_resize_begin(sb); 773 if (err) 774 return err; 775 776 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg, 777 sizeof(input))) { 778 err = -EFAULT; 779 goto group_add_out; 780 } 781 782 if (ext4_has_feature_bigalloc(sb)) { 783 ext4_msg(sb, KERN_ERR, 784 "Online resizing not supported with bigalloc"); 785 err = -EOPNOTSUPP; 786 goto group_add_out; 787 } 788 789 err = mnt_want_write_file(filp); 790 if (err) 791 goto group_add_out; 792 793 err = ext4_group_add(sb, &input); 794 if (EXT4_SB(sb)->s_journal) { 795 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal); 796 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal); 797 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal); 798 } 799 if (err == 0) 800 err = err2; 801 mnt_drop_write_file(filp); 802 if (!err && ext4_has_group_desc_csum(sb) && 803 test_opt(sb, INIT_INODE_TABLE)) 804 err = ext4_register_li_request(sb, input.group); 805 group_add_out: 806 ext4_resize_end(sb); 807 return err; 808 } 809 810 case EXT4_IOC_MIGRATE: 811 { 812 int err; 813 if (!inode_owner_or_capable(inode)) 814 return -EACCES; 815 816 err = mnt_want_write_file(filp); 817 if (err) 818 return err; 819 /* 820 * inode_mutex prevent write and truncate on the file. 821 * Read still goes through. We take i_data_sem in 822 * ext4_ext_swap_inode_data before we switch the 823 * inode format to prevent read. 824 */ 825 inode_lock((inode)); 826 err = ext4_ext_migrate(inode); 827 inode_unlock((inode)); 828 mnt_drop_write_file(filp); 829 return err; 830 } 831 832 case EXT4_IOC_ALLOC_DA_BLKS: 833 { 834 int err; 835 if (!inode_owner_or_capable(inode)) 836 return -EACCES; 837 838 err = mnt_want_write_file(filp); 839 if (err) 840 return err; 841 err = ext4_alloc_da_blocks(inode); 842 mnt_drop_write_file(filp); 843 return err; 844 } 845 846 case EXT4_IOC_SWAP_BOOT: 847 { 848 int err; 849 if (!(filp->f_mode & FMODE_WRITE)) 850 return -EBADF; 851 err = mnt_want_write_file(filp); 852 if (err) 853 return err; 854 err = swap_inode_boot_loader(sb, inode); 855 mnt_drop_write_file(filp); 856 return err; 857 } 858 859 case EXT4_IOC_RESIZE_FS: { 860 ext4_fsblk_t n_blocks_count; 861 int err = 0, err2 = 0; 862 ext4_group_t o_group = EXT4_SB(sb)->s_groups_count; 863 864 if (ext4_has_feature_bigalloc(sb)) { 865 ext4_msg(sb, KERN_ERR, 866 "Online resizing not (yet) supported with bigalloc"); 867 return -EOPNOTSUPP; 868 } 869 870 if (copy_from_user(&n_blocks_count, (__u64 __user *)arg, 871 sizeof(__u64))) { 872 return -EFAULT; 873 } 874 875 err = ext4_resize_begin(sb); 876 if (err) 877 return err; 878 879 err = mnt_want_write_file(filp); 880 if (err) 881 goto resizefs_out; 882 883 err = ext4_resize_fs(sb, n_blocks_count); 884 if (EXT4_SB(sb)->s_journal) { 885 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal); 886 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal); 887 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal); 888 } 889 if (err == 0) 890 err = err2; 891 mnt_drop_write_file(filp); 892 if (!err && (o_group > EXT4_SB(sb)->s_groups_count) && 893 ext4_has_group_desc_csum(sb) && 894 test_opt(sb, INIT_INODE_TABLE)) 895 err = ext4_register_li_request(sb, o_group); 896 897 resizefs_out: 898 ext4_resize_end(sb); 899 return err; 900 } 901 902 case FITRIM: 903 { 904 struct request_queue *q = bdev_get_queue(sb->s_bdev); 905 struct fstrim_range range; 906 int ret = 0; 907 908 if (!capable(CAP_SYS_ADMIN)) 909 return -EPERM; 910 911 if (!blk_queue_discard(q)) 912 return -EOPNOTSUPP; 913 914 if (copy_from_user(&range, (struct fstrim_range __user *)arg, 915 sizeof(range))) 916 return -EFAULT; 917 918 range.minlen = max((unsigned int)range.minlen, 919 q->limits.discard_granularity); 920 ret = ext4_trim_fs(sb, &range); 921 if (ret < 0) 922 return ret; 923 924 if (copy_to_user((struct fstrim_range __user *)arg, &range, 925 sizeof(range))) 926 return -EFAULT; 927 928 return 0; 929 } 930 case EXT4_IOC_PRECACHE_EXTENTS: 931 return ext4_ext_precache(inode); 932 933 case EXT4_IOC_SET_ENCRYPTION_POLICY: 934 if (!ext4_has_feature_encrypt(sb)) 935 return -EOPNOTSUPP; 936 return fscrypt_ioctl_set_policy(filp, (const void __user *)arg); 937 938 case EXT4_IOC_GET_ENCRYPTION_PWSALT: { 939 #ifdef CONFIG_EXT4_FS_ENCRYPTION 940 int err, err2; 941 struct ext4_sb_info *sbi = EXT4_SB(sb); 942 handle_t *handle; 943 944 if (!ext4_has_feature_encrypt(sb)) 945 return -EOPNOTSUPP; 946 if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) { 947 err = mnt_want_write_file(filp); 948 if (err) 949 return err; 950 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1); 951 if (IS_ERR(handle)) { 952 err = PTR_ERR(handle); 953 goto pwsalt_err_exit; 954 } 955 err = ext4_journal_get_write_access(handle, sbi->s_sbh); 956 if (err) 957 goto pwsalt_err_journal; 958 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt); 959 err = ext4_handle_dirty_metadata(handle, NULL, 960 sbi->s_sbh); 961 pwsalt_err_journal: 962 err2 = ext4_journal_stop(handle); 963 if (err2 && !err) 964 err = err2; 965 pwsalt_err_exit: 966 mnt_drop_write_file(filp); 967 if (err) 968 return err; 969 } 970 if (copy_to_user((void __user *) arg, 971 sbi->s_es->s_encrypt_pw_salt, 16)) 972 return -EFAULT; 973 return 0; 974 #else 975 return -EOPNOTSUPP; 976 #endif 977 } 978 case EXT4_IOC_GET_ENCRYPTION_POLICY: 979 return fscrypt_ioctl_get_policy(filp, (void __user *)arg); 980 981 case EXT4_IOC_FSGETXATTR: 982 { 983 struct fsxattr fa; 984 985 memset(&fa, 0, sizeof(struct fsxattr)); 986 fa.fsx_xflags = ext4_iflags_to_xflags(ei->i_flags & EXT4_FL_USER_VISIBLE); 987 988 if (ext4_has_feature_project(inode->i_sb)) { 989 fa.fsx_projid = (__u32)from_kprojid(&init_user_ns, 990 EXT4_I(inode)->i_projid); 991 } 992 993 if (copy_to_user((struct fsxattr __user *)arg, 994 &fa, sizeof(fa))) 995 return -EFAULT; 996 return 0; 997 } 998 case EXT4_IOC_FSSETXATTR: 999 { 1000 struct fsxattr fa; 1001 int err; 1002 1003 if (copy_from_user(&fa, (struct fsxattr __user *)arg, 1004 sizeof(fa))) 1005 return -EFAULT; 1006 1007 /* Make sure caller has proper permission */ 1008 if (!inode_owner_or_capable(inode)) 1009 return -EACCES; 1010 1011 if (fa.fsx_xflags & ~EXT4_SUPPORTED_FS_XFLAGS) 1012 return -EOPNOTSUPP; 1013 1014 flags = ext4_xflags_to_iflags(fa.fsx_xflags); 1015 if (ext4_mask_flags(inode->i_mode, flags) != flags) 1016 return -EOPNOTSUPP; 1017 1018 err = mnt_want_write_file(filp); 1019 if (err) 1020 return err; 1021 1022 inode_lock(inode); 1023 flags = (ei->i_flags & ~EXT4_FL_XFLAG_VISIBLE) | 1024 (flags & EXT4_FL_XFLAG_VISIBLE); 1025 err = ext4_ioctl_setflags(inode, flags); 1026 inode_unlock(inode); 1027 mnt_drop_write_file(filp); 1028 if (err) 1029 return err; 1030 1031 err = ext4_ioctl_setproject(filp, fa.fsx_projid); 1032 if (err) 1033 return err; 1034 1035 return 0; 1036 } 1037 case EXT4_IOC_SHUTDOWN: 1038 return ext4_shutdown(sb, arg); 1039 default: 1040 return -ENOTTY; 1041 } 1042 } 1043 1044 #ifdef CONFIG_COMPAT 1045 long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 1046 { 1047 /* These are just misnamed, they actually get/put from/to user an int */ 1048 switch (cmd) { 1049 case EXT4_IOC32_GETFLAGS: 1050 cmd = EXT4_IOC_GETFLAGS; 1051 break; 1052 case EXT4_IOC32_SETFLAGS: 1053 cmd = EXT4_IOC_SETFLAGS; 1054 break; 1055 case EXT4_IOC32_GETVERSION: 1056 cmd = EXT4_IOC_GETVERSION; 1057 break; 1058 case EXT4_IOC32_SETVERSION: 1059 cmd = EXT4_IOC_SETVERSION; 1060 break; 1061 case EXT4_IOC32_GROUP_EXTEND: 1062 cmd = EXT4_IOC_GROUP_EXTEND; 1063 break; 1064 case EXT4_IOC32_GETVERSION_OLD: 1065 cmd = EXT4_IOC_GETVERSION_OLD; 1066 break; 1067 case EXT4_IOC32_SETVERSION_OLD: 1068 cmd = EXT4_IOC_SETVERSION_OLD; 1069 break; 1070 case EXT4_IOC32_GETRSVSZ: 1071 cmd = EXT4_IOC_GETRSVSZ; 1072 break; 1073 case EXT4_IOC32_SETRSVSZ: 1074 cmd = EXT4_IOC_SETRSVSZ; 1075 break; 1076 case EXT4_IOC32_GROUP_ADD: { 1077 struct compat_ext4_new_group_input __user *uinput; 1078 struct ext4_new_group_input input; 1079 mm_segment_t old_fs; 1080 int err; 1081 1082 uinput = compat_ptr(arg); 1083 err = get_user(input.group, &uinput->group); 1084 err |= get_user(input.block_bitmap, &uinput->block_bitmap); 1085 err |= get_user(input.inode_bitmap, &uinput->inode_bitmap); 1086 err |= get_user(input.inode_table, &uinput->inode_table); 1087 err |= get_user(input.blocks_count, &uinput->blocks_count); 1088 err |= get_user(input.reserved_blocks, 1089 &uinput->reserved_blocks); 1090 if (err) 1091 return -EFAULT; 1092 old_fs = get_fs(); 1093 set_fs(KERNEL_DS); 1094 err = ext4_ioctl(file, EXT4_IOC_GROUP_ADD, 1095 (unsigned long) &input); 1096 set_fs(old_fs); 1097 return err; 1098 } 1099 case EXT4_IOC_MOVE_EXT: 1100 case EXT4_IOC_RESIZE_FS: 1101 case EXT4_IOC_PRECACHE_EXTENTS: 1102 case EXT4_IOC_SET_ENCRYPTION_POLICY: 1103 case EXT4_IOC_GET_ENCRYPTION_PWSALT: 1104 case EXT4_IOC_GET_ENCRYPTION_POLICY: 1105 case EXT4_IOC_SHUTDOWN: 1106 case FS_IOC_GETFSMAP: 1107 break; 1108 default: 1109 return -ENOIOCTLCMD; 1110 } 1111 return ext4_ioctl(file, cmd, (unsigned long) compat_ptr(arg)); 1112 } 1113 #endif 1114