1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * linux/fs/ioctl.c 4 * 5 * Copyright (C) 1991, 1992 Linus Torvalds 6 */ 7 8 #include <linux/syscalls.h> 9 #include <linux/mm.h> 10 #include <linux/capability.h> 11 #include <linux/compat.h> 12 #include <linux/file.h> 13 #include <linux/fs.h> 14 #include <linux/security.h> 15 #include <linux/export.h> 16 #include <linux/uaccess.h> 17 #include <linux/writeback.h> 18 #include <linux/buffer_head.h> 19 #include <linux/falloc.h> 20 #include <linux/sched/signal.h> 21 #include <linux/fiemap.h> 22 #include <linux/mount.h> 23 #include <linux/fscrypt.h> 24 #include <linux/fileattr.h> 25 26 #include "internal.h" 27 28 #include <asm/ioctls.h> 29 30 /* So that the fiemap access checks can't overflow on 32 bit machines. */ 31 #define FIEMAP_MAX_EXTENTS (UINT_MAX / sizeof(struct fiemap_extent)) 32 33 /** 34 * vfs_ioctl - call filesystem specific ioctl methods 35 * @filp: open file to invoke ioctl method on 36 * @cmd: ioctl command to execute 37 * @arg: command-specific argument for ioctl 38 * 39 * Invokes filesystem specific ->unlocked_ioctl, if one exists; otherwise 40 * returns -ENOTTY. 41 * 42 * Returns 0 on success, -errno on error. 43 */ 44 long vfs_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) 45 { 46 int error = -ENOTTY; 47 48 if (!filp->f_op->unlocked_ioctl) 49 goto out; 50 51 error = filp->f_op->unlocked_ioctl(filp, cmd, arg); 52 if (error == -ENOIOCTLCMD) 53 error = -ENOTTY; 54 out: 55 return error; 56 } 57 EXPORT_SYMBOL(vfs_ioctl); 58 59 static int ioctl_fibmap(struct file *filp, int __user *p) 60 { 61 struct inode *inode = file_inode(filp); 62 struct super_block *sb = inode->i_sb; 63 int error, ur_block; 64 sector_t block; 65 66 if (!capable(CAP_SYS_RAWIO)) 67 return -EPERM; 68 69 error = get_user(ur_block, p); 70 if (error) 71 return error; 72 73 if (ur_block < 0) 74 return -EINVAL; 75 76 block = ur_block; 77 error = bmap(inode, &block); 78 79 if (block > INT_MAX) { 80 error = -ERANGE; 81 pr_warn_ratelimited("[%s/%d] FS: %s File: %pD4 would truncate fibmap result\n", 82 current->comm, task_pid_nr(current), 83 sb->s_id, filp); 84 } 85 86 if (error) 87 ur_block = 0; 88 else 89 ur_block = block; 90 91 if (put_user(ur_block, p)) 92 error = -EFAULT; 93 94 return error; 95 } 96 97 /** 98 * fiemap_fill_next_extent - Fiemap helper function 99 * @fieinfo: Fiemap context passed into ->fiemap 100 * @logical: Extent logical start offset, in bytes 101 * @phys: Extent physical start offset, in bytes 102 * @len: Extent length, in bytes 103 * @flags: FIEMAP_EXTENT flags that describe this extent 104 * 105 * Called from file system ->fiemap callback. Will populate extent 106 * info as passed in via arguments and copy to user memory. On 107 * success, extent count on fieinfo is incremented. 108 * 109 * Returns 0 on success, -errno on error, 1 if this was the last 110 * extent that will fit in user array. 111 */ 112 int fiemap_fill_next_extent(struct fiemap_extent_info *fieinfo, u64 logical, 113 u64 phys, u64 len, u32 flags) 114 { 115 struct fiemap_extent extent; 116 struct fiemap_extent __user *dest = fieinfo->fi_extents_start; 117 118 /* only count the extents */ 119 if (fieinfo->fi_extents_max == 0) { 120 fieinfo->fi_extents_mapped++; 121 return (flags & FIEMAP_EXTENT_LAST) ? 1 : 0; 122 } 123 124 if (fieinfo->fi_extents_mapped >= fieinfo->fi_extents_max) 125 return 1; 126 127 #define SET_UNKNOWN_FLAGS (FIEMAP_EXTENT_DELALLOC) 128 #define SET_NO_UNMOUNTED_IO_FLAGS (FIEMAP_EXTENT_DATA_ENCRYPTED) 129 #define SET_NOT_ALIGNED_FLAGS (FIEMAP_EXTENT_DATA_TAIL|FIEMAP_EXTENT_DATA_INLINE) 130 131 if (flags & SET_UNKNOWN_FLAGS) 132 flags |= FIEMAP_EXTENT_UNKNOWN; 133 if (flags & SET_NO_UNMOUNTED_IO_FLAGS) 134 flags |= FIEMAP_EXTENT_ENCODED; 135 if (flags & SET_NOT_ALIGNED_FLAGS) 136 flags |= FIEMAP_EXTENT_NOT_ALIGNED; 137 138 memset(&extent, 0, sizeof(extent)); 139 extent.fe_logical = logical; 140 extent.fe_physical = phys; 141 extent.fe_length = len; 142 extent.fe_flags = flags; 143 144 dest += fieinfo->fi_extents_mapped; 145 if (copy_to_user(dest, &extent, sizeof(extent))) 146 return -EFAULT; 147 148 fieinfo->fi_extents_mapped++; 149 if (fieinfo->fi_extents_mapped == fieinfo->fi_extents_max) 150 return 1; 151 return (flags & FIEMAP_EXTENT_LAST) ? 1 : 0; 152 } 153 EXPORT_SYMBOL(fiemap_fill_next_extent); 154 155 /** 156 * fiemap_prep - check validity of requested flags for fiemap 157 * @inode: Inode to operate on 158 * @fieinfo: Fiemap context passed into ->fiemap 159 * @start: Start of the mapped range 160 * @len: Length of the mapped range, can be truncated by this function. 161 * @supported_flags: Set of fiemap flags that the file system understands 162 * 163 * This function must be called from each ->fiemap instance to validate the 164 * fiemap request against the file system parameters. 165 * 166 * Returns 0 on success, or a negative error on failure. 167 */ 168 int fiemap_prep(struct inode *inode, struct fiemap_extent_info *fieinfo, 169 u64 start, u64 *len, u32 supported_flags) 170 { 171 u64 maxbytes = inode->i_sb->s_maxbytes; 172 u32 incompat_flags; 173 int ret = 0; 174 175 if (*len == 0) 176 return -EINVAL; 177 if (start >= maxbytes) 178 return -EFBIG; 179 180 /* 181 * Shrink request scope to what the fs can actually handle. 182 */ 183 if (*len > maxbytes || (maxbytes - *len) < start) 184 *len = maxbytes - start; 185 186 supported_flags |= FIEMAP_FLAG_SYNC; 187 supported_flags &= FIEMAP_FLAGS_COMPAT; 188 incompat_flags = fieinfo->fi_flags & ~supported_flags; 189 if (incompat_flags) { 190 fieinfo->fi_flags = incompat_flags; 191 return -EBADR; 192 } 193 194 if (fieinfo->fi_flags & FIEMAP_FLAG_SYNC) 195 ret = filemap_write_and_wait(inode->i_mapping); 196 return ret; 197 } 198 EXPORT_SYMBOL(fiemap_prep); 199 200 static int ioctl_fiemap(struct file *filp, struct fiemap __user *ufiemap) 201 { 202 struct fiemap fiemap; 203 struct fiemap_extent_info fieinfo = { 0, }; 204 struct inode *inode = file_inode(filp); 205 int error; 206 207 if (!inode->i_op->fiemap) 208 return -EOPNOTSUPP; 209 210 if (copy_from_user(&fiemap, ufiemap, sizeof(fiemap))) 211 return -EFAULT; 212 213 if (fiemap.fm_extent_count > FIEMAP_MAX_EXTENTS) 214 return -EINVAL; 215 216 fieinfo.fi_flags = fiemap.fm_flags; 217 fieinfo.fi_extents_max = fiemap.fm_extent_count; 218 fieinfo.fi_extents_start = ufiemap->fm_extents; 219 220 error = inode->i_op->fiemap(inode, &fieinfo, fiemap.fm_start, 221 fiemap.fm_length); 222 223 fiemap.fm_flags = fieinfo.fi_flags; 224 fiemap.fm_mapped_extents = fieinfo.fi_extents_mapped; 225 if (copy_to_user(ufiemap, &fiemap, sizeof(fiemap))) 226 error = -EFAULT; 227 228 return error; 229 } 230 231 static long ioctl_file_clone(struct file *dst_file, unsigned long srcfd, 232 u64 off, u64 olen, u64 destoff) 233 { 234 CLASS(fd, src_file)(srcfd); 235 loff_t cloned; 236 int ret; 237 238 if (fd_empty(src_file)) 239 return -EBADF; 240 cloned = vfs_clone_file_range(fd_file(src_file), off, dst_file, destoff, 241 olen, 0); 242 if (cloned < 0) 243 ret = cloned; 244 else if (olen && cloned != olen) 245 ret = -EINVAL; 246 else 247 ret = 0; 248 return ret; 249 } 250 251 static long ioctl_file_clone_range(struct file *file, 252 struct file_clone_range __user *argp) 253 { 254 struct file_clone_range args; 255 256 if (copy_from_user(&args, argp, sizeof(args))) 257 return -EFAULT; 258 return ioctl_file_clone(file, args.src_fd, args.src_offset, 259 args.src_length, args.dest_offset); 260 } 261 262 /* 263 * This provides compatibility with legacy XFS pre-allocation ioctls 264 * which predate the fallocate syscall. 265 * 266 * Only the l_start, l_len and l_whence fields of the 'struct space_resv' 267 * are used here, rest are ignored. 268 */ 269 static int ioctl_preallocate(struct file *filp, int mode, void __user *argp) 270 { 271 struct inode *inode = file_inode(filp); 272 struct space_resv sr; 273 274 if (copy_from_user(&sr, argp, sizeof(sr))) 275 return -EFAULT; 276 277 switch (sr.l_whence) { 278 case SEEK_SET: 279 break; 280 case SEEK_CUR: 281 sr.l_start += filp->f_pos; 282 break; 283 case SEEK_END: 284 sr.l_start += i_size_read(inode); 285 break; 286 default: 287 return -EINVAL; 288 } 289 290 return vfs_fallocate(filp, mode | FALLOC_FL_KEEP_SIZE, sr.l_start, 291 sr.l_len); 292 } 293 294 /* on ia32 l_start is on a 32-bit boundary */ 295 #if defined CONFIG_COMPAT && defined(CONFIG_X86_64) 296 /* just account for different alignment */ 297 static int compat_ioctl_preallocate(struct file *file, int mode, 298 struct space_resv_32 __user *argp) 299 { 300 struct inode *inode = file_inode(file); 301 struct space_resv_32 sr; 302 303 if (copy_from_user(&sr, argp, sizeof(sr))) 304 return -EFAULT; 305 306 switch (sr.l_whence) { 307 case SEEK_SET: 308 break; 309 case SEEK_CUR: 310 sr.l_start += file->f_pos; 311 break; 312 case SEEK_END: 313 sr.l_start += i_size_read(inode); 314 break; 315 default: 316 return -EINVAL; 317 } 318 319 return vfs_fallocate(file, mode | FALLOC_FL_KEEP_SIZE, sr.l_start, sr.l_len); 320 } 321 #endif 322 323 static int file_ioctl(struct file *filp, unsigned int cmd, int __user *p) 324 { 325 switch (cmd) { 326 case FIBMAP: 327 return ioctl_fibmap(filp, p); 328 case FS_IOC_RESVSP: 329 case FS_IOC_RESVSP64: 330 return ioctl_preallocate(filp, 0, p); 331 case FS_IOC_UNRESVSP: 332 case FS_IOC_UNRESVSP64: 333 return ioctl_preallocate(filp, FALLOC_FL_PUNCH_HOLE, p); 334 case FS_IOC_ZERO_RANGE: 335 return ioctl_preallocate(filp, FALLOC_FL_ZERO_RANGE, p); 336 } 337 338 return -ENOIOCTLCMD; 339 } 340 341 static int ioctl_fionbio(struct file *filp, int __user *argp) 342 { 343 unsigned int flag; 344 int on, error; 345 346 error = get_user(on, argp); 347 if (error) 348 return error; 349 flag = O_NONBLOCK; 350 #ifdef __sparc__ 351 /* SunOS compatibility item. */ 352 if (O_NONBLOCK != O_NDELAY) 353 flag |= O_NDELAY; 354 #endif 355 spin_lock(&filp->f_lock); 356 if (on) 357 filp->f_flags |= flag; 358 else 359 filp->f_flags &= ~flag; 360 spin_unlock(&filp->f_lock); 361 return error; 362 } 363 364 static int ioctl_fioasync(unsigned int fd, struct file *filp, 365 int __user *argp) 366 { 367 unsigned int flag; 368 int on, error; 369 370 error = get_user(on, argp); 371 if (error) 372 return error; 373 flag = on ? FASYNC : 0; 374 375 /* Did FASYNC state change ? */ 376 if ((flag ^ filp->f_flags) & FASYNC) { 377 if (filp->f_op->fasync) 378 /* fasync() adjusts filp->f_flags */ 379 error = filp->f_op->fasync(fd, filp, on); 380 else 381 error = -ENOTTY; 382 } 383 return error < 0 ? error : 0; 384 } 385 386 static int ioctl_fsfreeze(struct file *filp) 387 { 388 struct super_block *sb = file_inode(filp)->i_sb; 389 390 if (!ns_capable(sb->s_user_ns, CAP_SYS_ADMIN)) 391 return -EPERM; 392 393 /* If filesystem doesn't support freeze feature, return. */ 394 if (sb->s_op->freeze_fs == NULL && sb->s_op->freeze_super == NULL) 395 return -EOPNOTSUPP; 396 397 /* Freeze */ 398 if (sb->s_op->freeze_super) 399 return sb->s_op->freeze_super(sb, FREEZE_HOLDER_USERSPACE); 400 return freeze_super(sb, FREEZE_HOLDER_USERSPACE); 401 } 402 403 static int ioctl_fsthaw(struct file *filp) 404 { 405 struct super_block *sb = file_inode(filp)->i_sb; 406 407 if (!ns_capable(sb->s_user_ns, CAP_SYS_ADMIN)) 408 return -EPERM; 409 410 /* Thaw */ 411 if (sb->s_op->thaw_super) 412 return sb->s_op->thaw_super(sb, FREEZE_HOLDER_USERSPACE); 413 return thaw_super(sb, FREEZE_HOLDER_USERSPACE); 414 } 415 416 static int ioctl_file_dedupe_range(struct file *file, 417 struct file_dedupe_range __user *argp) 418 { 419 struct file_dedupe_range *same = NULL; 420 int ret; 421 unsigned long size; 422 u16 count; 423 424 if (get_user(count, &argp->dest_count)) { 425 ret = -EFAULT; 426 goto out; 427 } 428 429 size = offsetof(struct file_dedupe_range, info[count]); 430 if (size > PAGE_SIZE) { 431 ret = -ENOMEM; 432 goto out; 433 } 434 435 same = memdup_user(argp, size); 436 if (IS_ERR(same)) { 437 ret = PTR_ERR(same); 438 same = NULL; 439 goto out; 440 } 441 442 same->dest_count = count; 443 ret = vfs_dedupe_file_range(file, same); 444 if (ret) 445 goto out; 446 447 ret = copy_to_user(argp, same, size); 448 if (ret) 449 ret = -EFAULT; 450 451 out: 452 kfree(same); 453 return ret; 454 } 455 456 /** 457 * fileattr_fill_xflags - initialize fileattr with xflags 458 * @fa: fileattr pointer 459 * @xflags: FS_XFLAG_* flags 460 * 461 * Set ->fsx_xflags, ->fsx_valid and ->flags (translated xflags). All 462 * other fields are zeroed. 463 */ 464 void fileattr_fill_xflags(struct fileattr *fa, u32 xflags) 465 { 466 memset(fa, 0, sizeof(*fa)); 467 fa->fsx_valid = true; 468 fa->fsx_xflags = xflags; 469 if (fa->fsx_xflags & FS_XFLAG_IMMUTABLE) 470 fa->flags |= FS_IMMUTABLE_FL; 471 if (fa->fsx_xflags & FS_XFLAG_APPEND) 472 fa->flags |= FS_APPEND_FL; 473 if (fa->fsx_xflags & FS_XFLAG_SYNC) 474 fa->flags |= FS_SYNC_FL; 475 if (fa->fsx_xflags & FS_XFLAG_NOATIME) 476 fa->flags |= FS_NOATIME_FL; 477 if (fa->fsx_xflags & FS_XFLAG_NODUMP) 478 fa->flags |= FS_NODUMP_FL; 479 if (fa->fsx_xflags & FS_XFLAG_DAX) 480 fa->flags |= FS_DAX_FL; 481 if (fa->fsx_xflags & FS_XFLAG_PROJINHERIT) 482 fa->flags |= FS_PROJINHERIT_FL; 483 } 484 EXPORT_SYMBOL(fileattr_fill_xflags); 485 486 /** 487 * fileattr_fill_flags - initialize fileattr with flags 488 * @fa: fileattr pointer 489 * @flags: FS_*_FL flags 490 * 491 * Set ->flags, ->flags_valid and ->fsx_xflags (translated flags). 492 * All other fields are zeroed. 493 */ 494 void fileattr_fill_flags(struct fileattr *fa, u32 flags) 495 { 496 memset(fa, 0, sizeof(*fa)); 497 fa->flags_valid = true; 498 fa->flags = flags; 499 if (fa->flags & FS_SYNC_FL) 500 fa->fsx_xflags |= FS_XFLAG_SYNC; 501 if (fa->flags & FS_IMMUTABLE_FL) 502 fa->fsx_xflags |= FS_XFLAG_IMMUTABLE; 503 if (fa->flags & FS_APPEND_FL) 504 fa->fsx_xflags |= FS_XFLAG_APPEND; 505 if (fa->flags & FS_NODUMP_FL) 506 fa->fsx_xflags |= FS_XFLAG_NODUMP; 507 if (fa->flags & FS_NOATIME_FL) 508 fa->fsx_xflags |= FS_XFLAG_NOATIME; 509 if (fa->flags & FS_DAX_FL) 510 fa->fsx_xflags |= FS_XFLAG_DAX; 511 if (fa->flags & FS_PROJINHERIT_FL) 512 fa->fsx_xflags |= FS_XFLAG_PROJINHERIT; 513 } 514 EXPORT_SYMBOL(fileattr_fill_flags); 515 516 /** 517 * vfs_fileattr_get - retrieve miscellaneous file attributes 518 * @dentry: the object to retrieve from 519 * @fa: fileattr pointer 520 * 521 * Call i_op->fileattr_get() callback, if exists. 522 * 523 * Return: 0 on success, or a negative error on failure. 524 */ 525 int vfs_fileattr_get(struct dentry *dentry, struct fileattr *fa) 526 { 527 struct inode *inode = d_inode(dentry); 528 529 if (!inode->i_op->fileattr_get) 530 return -ENOIOCTLCMD; 531 532 return inode->i_op->fileattr_get(dentry, fa); 533 } 534 EXPORT_SYMBOL(vfs_fileattr_get); 535 536 /** 537 * copy_fsxattr_to_user - copy fsxattr to userspace. 538 * @fa: fileattr pointer 539 * @ufa: fsxattr user pointer 540 * 541 * Return: 0 on success, or -EFAULT on failure. 542 */ 543 int copy_fsxattr_to_user(const struct fileattr *fa, struct fsxattr __user *ufa) 544 { 545 struct fsxattr xfa; 546 547 memset(&xfa, 0, sizeof(xfa)); 548 xfa.fsx_xflags = fa->fsx_xflags; 549 xfa.fsx_extsize = fa->fsx_extsize; 550 xfa.fsx_nextents = fa->fsx_nextents; 551 xfa.fsx_projid = fa->fsx_projid; 552 xfa.fsx_cowextsize = fa->fsx_cowextsize; 553 554 if (copy_to_user(ufa, &xfa, sizeof(xfa))) 555 return -EFAULT; 556 557 return 0; 558 } 559 EXPORT_SYMBOL(copy_fsxattr_to_user); 560 561 static int copy_fsxattr_from_user(struct fileattr *fa, 562 struct fsxattr __user *ufa) 563 { 564 struct fsxattr xfa; 565 566 if (copy_from_user(&xfa, ufa, sizeof(xfa))) 567 return -EFAULT; 568 569 fileattr_fill_xflags(fa, xfa.fsx_xflags); 570 fa->fsx_extsize = xfa.fsx_extsize; 571 fa->fsx_nextents = xfa.fsx_nextents; 572 fa->fsx_projid = xfa.fsx_projid; 573 fa->fsx_cowextsize = xfa.fsx_cowextsize; 574 575 return 0; 576 } 577 578 /* 579 * Generic function to check FS_IOC_FSSETXATTR/FS_IOC_SETFLAGS values and reject 580 * any invalid configurations. 581 * 582 * Note: must be called with inode lock held. 583 */ 584 static int fileattr_set_prepare(struct inode *inode, 585 const struct fileattr *old_ma, 586 struct fileattr *fa) 587 { 588 int err; 589 590 /* 591 * The IMMUTABLE and APPEND_ONLY flags can only be changed by 592 * the relevant capability. 593 */ 594 if ((fa->flags ^ old_ma->flags) & (FS_APPEND_FL | FS_IMMUTABLE_FL) && 595 !capable(CAP_LINUX_IMMUTABLE)) 596 return -EPERM; 597 598 err = fscrypt_prepare_setflags(inode, old_ma->flags, fa->flags); 599 if (err) 600 return err; 601 602 /* 603 * Project Quota ID state is only allowed to change from within the init 604 * namespace. Enforce that restriction only if we are trying to change 605 * the quota ID state. Everything else is allowed in user namespaces. 606 */ 607 if (current_user_ns() != &init_user_ns) { 608 if (old_ma->fsx_projid != fa->fsx_projid) 609 return -EINVAL; 610 if ((old_ma->fsx_xflags ^ fa->fsx_xflags) & 611 FS_XFLAG_PROJINHERIT) 612 return -EINVAL; 613 } else { 614 /* 615 * Caller is allowed to change the project ID. If it is being 616 * changed, make sure that the new value is valid. 617 */ 618 if (old_ma->fsx_projid != fa->fsx_projid && 619 !projid_valid(make_kprojid(&init_user_ns, fa->fsx_projid))) 620 return -EINVAL; 621 } 622 623 /* Check extent size hints. */ 624 if ((fa->fsx_xflags & FS_XFLAG_EXTSIZE) && !S_ISREG(inode->i_mode)) 625 return -EINVAL; 626 627 if ((fa->fsx_xflags & FS_XFLAG_EXTSZINHERIT) && 628 !S_ISDIR(inode->i_mode)) 629 return -EINVAL; 630 631 if ((fa->fsx_xflags & FS_XFLAG_COWEXTSIZE) && 632 !S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode)) 633 return -EINVAL; 634 635 /* 636 * It is only valid to set the DAX flag on regular files and 637 * directories on filesystems. 638 */ 639 if ((fa->fsx_xflags & FS_XFLAG_DAX) && 640 !(S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode))) 641 return -EINVAL; 642 643 /* Extent size hints of zero turn off the flags. */ 644 if (fa->fsx_extsize == 0) 645 fa->fsx_xflags &= ~(FS_XFLAG_EXTSIZE | FS_XFLAG_EXTSZINHERIT); 646 if (fa->fsx_cowextsize == 0) 647 fa->fsx_xflags &= ~FS_XFLAG_COWEXTSIZE; 648 649 return 0; 650 } 651 652 /** 653 * vfs_fileattr_set - change miscellaneous file attributes 654 * @idmap: idmap of the mount 655 * @dentry: the object to change 656 * @fa: fileattr pointer 657 * 658 * After verifying permissions, call i_op->fileattr_set() callback, if 659 * exists. 660 * 661 * Verifying attributes involves retrieving current attributes with 662 * i_op->fileattr_get(), this also allows initializing attributes that have 663 * not been set by the caller to current values. Inode lock is held 664 * thoughout to prevent racing with another instance. 665 * 666 * Return: 0 on success, or a negative error on failure. 667 */ 668 int vfs_fileattr_set(struct mnt_idmap *idmap, struct dentry *dentry, 669 struct fileattr *fa) 670 { 671 struct inode *inode = d_inode(dentry); 672 struct fileattr old_ma = {}; 673 int err; 674 675 if (!inode->i_op->fileattr_set) 676 return -ENOIOCTLCMD; 677 678 if (!inode_owner_or_capable(idmap, inode)) 679 return -EPERM; 680 681 inode_lock(inode); 682 err = vfs_fileattr_get(dentry, &old_ma); 683 if (!err) { 684 /* initialize missing bits from old_ma */ 685 if (fa->flags_valid) { 686 fa->fsx_xflags |= old_ma.fsx_xflags & ~FS_XFLAG_COMMON; 687 fa->fsx_extsize = old_ma.fsx_extsize; 688 fa->fsx_nextents = old_ma.fsx_nextents; 689 fa->fsx_projid = old_ma.fsx_projid; 690 fa->fsx_cowextsize = old_ma.fsx_cowextsize; 691 } else { 692 fa->flags |= old_ma.flags & ~FS_COMMON_FL; 693 } 694 err = fileattr_set_prepare(inode, &old_ma, fa); 695 if (!err) 696 err = inode->i_op->fileattr_set(idmap, dentry, fa); 697 } 698 inode_unlock(inode); 699 700 return err; 701 } 702 EXPORT_SYMBOL(vfs_fileattr_set); 703 704 static int ioctl_getflags(struct file *file, unsigned int __user *argp) 705 { 706 struct fileattr fa = { .flags_valid = true }; /* hint only */ 707 int err; 708 709 err = vfs_fileattr_get(file->f_path.dentry, &fa); 710 if (!err) 711 err = put_user(fa.flags, argp); 712 return err; 713 } 714 715 static int ioctl_setflags(struct file *file, unsigned int __user *argp) 716 { 717 struct mnt_idmap *idmap = file_mnt_idmap(file); 718 struct dentry *dentry = file->f_path.dentry; 719 struct fileattr fa; 720 unsigned int flags; 721 int err; 722 723 err = get_user(flags, argp); 724 if (!err) { 725 err = mnt_want_write_file(file); 726 if (!err) { 727 fileattr_fill_flags(&fa, flags); 728 err = vfs_fileattr_set(idmap, dentry, &fa); 729 mnt_drop_write_file(file); 730 } 731 } 732 return err; 733 } 734 735 static int ioctl_fsgetxattr(struct file *file, void __user *argp) 736 { 737 struct fileattr fa = { .fsx_valid = true }; /* hint only */ 738 int err; 739 740 err = vfs_fileattr_get(file->f_path.dentry, &fa); 741 if (!err) 742 err = copy_fsxattr_to_user(&fa, argp); 743 744 return err; 745 } 746 747 static int ioctl_fssetxattr(struct file *file, void __user *argp) 748 { 749 struct mnt_idmap *idmap = file_mnt_idmap(file); 750 struct dentry *dentry = file->f_path.dentry; 751 struct fileattr fa; 752 int err; 753 754 err = copy_fsxattr_from_user(&fa, argp); 755 if (!err) { 756 err = mnt_want_write_file(file); 757 if (!err) { 758 err = vfs_fileattr_set(idmap, dentry, &fa); 759 mnt_drop_write_file(file); 760 } 761 } 762 return err; 763 } 764 765 static int ioctl_getfsuuid(struct file *file, void __user *argp) 766 { 767 struct super_block *sb = file_inode(file)->i_sb; 768 struct fsuuid2 u = { .len = sb->s_uuid_len, }; 769 770 if (!sb->s_uuid_len) 771 return -ENOTTY; 772 773 memcpy(&u.uuid[0], &sb->s_uuid, sb->s_uuid_len); 774 775 return copy_to_user(argp, &u, sizeof(u)) ? -EFAULT : 0; 776 } 777 778 static int ioctl_get_fs_sysfs_path(struct file *file, void __user *argp) 779 { 780 struct super_block *sb = file_inode(file)->i_sb; 781 782 if (!strlen(sb->s_sysfs_name)) 783 return -ENOTTY; 784 785 struct fs_sysfs_path u = {}; 786 787 u.len = scnprintf(u.name, sizeof(u.name), "%s/%s", sb->s_type->name, sb->s_sysfs_name); 788 789 return copy_to_user(argp, &u, sizeof(u)) ? -EFAULT : 0; 790 } 791 792 /* 793 * do_vfs_ioctl() is not for drivers and not intended to be EXPORT_SYMBOL()'d. 794 * It's just a simple helper for sys_ioctl and compat_sys_ioctl. 795 * 796 * When you add any new common ioctls to the switches above and below, 797 * please ensure they have compatible arguments in compat mode. 798 * 799 * The LSM mailing list should also be notified of any command additions or 800 * changes, as specific LSMs may be affected. 801 */ 802 static int do_vfs_ioctl(struct file *filp, unsigned int fd, 803 unsigned int cmd, unsigned long arg) 804 { 805 void __user *argp = (void __user *)arg; 806 struct inode *inode = file_inode(filp); 807 808 switch (cmd) { 809 case FIOCLEX: 810 set_close_on_exec(fd, 1); 811 return 0; 812 813 case FIONCLEX: 814 set_close_on_exec(fd, 0); 815 return 0; 816 817 case FIONBIO: 818 return ioctl_fionbio(filp, argp); 819 820 case FIOASYNC: 821 return ioctl_fioasync(fd, filp, argp); 822 823 case FIOQSIZE: 824 if (S_ISDIR(inode->i_mode) || S_ISREG(inode->i_mode) || 825 S_ISLNK(inode->i_mode)) { 826 loff_t res = inode_get_bytes(inode); 827 return copy_to_user(argp, &res, sizeof(res)) ? 828 -EFAULT : 0; 829 } 830 831 return -ENOTTY; 832 833 case FIFREEZE: 834 return ioctl_fsfreeze(filp); 835 836 case FITHAW: 837 return ioctl_fsthaw(filp); 838 839 case FS_IOC_FIEMAP: 840 return ioctl_fiemap(filp, argp); 841 842 case FIGETBSZ: 843 /* anon_bdev filesystems may not have a block size */ 844 if (!inode->i_sb->s_blocksize) 845 return -EINVAL; 846 847 return put_user(inode->i_sb->s_blocksize, (int __user *)argp); 848 849 case FICLONE: 850 return ioctl_file_clone(filp, arg, 0, 0, 0); 851 852 case FICLONERANGE: 853 return ioctl_file_clone_range(filp, argp); 854 855 case FIDEDUPERANGE: 856 return ioctl_file_dedupe_range(filp, argp); 857 858 case FIONREAD: 859 if (!S_ISREG(inode->i_mode)) 860 return vfs_ioctl(filp, cmd, arg); 861 862 return put_user(i_size_read(inode) - filp->f_pos, 863 (int __user *)argp); 864 865 case FS_IOC_GETFLAGS: 866 return ioctl_getflags(filp, argp); 867 868 case FS_IOC_SETFLAGS: 869 return ioctl_setflags(filp, argp); 870 871 case FS_IOC_FSGETXATTR: 872 return ioctl_fsgetxattr(filp, argp); 873 874 case FS_IOC_FSSETXATTR: 875 return ioctl_fssetxattr(filp, argp); 876 877 case FS_IOC_GETFSUUID: 878 return ioctl_getfsuuid(filp, argp); 879 880 case FS_IOC_GETFSSYSFSPATH: 881 return ioctl_get_fs_sysfs_path(filp, argp); 882 883 default: 884 if (S_ISREG(inode->i_mode)) 885 return file_ioctl(filp, cmd, argp); 886 break; 887 } 888 889 return -ENOIOCTLCMD; 890 } 891 892 SYSCALL_DEFINE3(ioctl, unsigned int, fd, unsigned int, cmd, unsigned long, arg) 893 { 894 CLASS(fd, f)(fd); 895 int error; 896 897 if (fd_empty(f)) 898 return -EBADF; 899 900 error = security_file_ioctl(fd_file(f), cmd, arg); 901 if (error) 902 return error; 903 904 error = do_vfs_ioctl(fd_file(f), fd, cmd, arg); 905 if (error == -ENOIOCTLCMD) 906 error = vfs_ioctl(fd_file(f), cmd, arg); 907 908 return error; 909 } 910 911 #ifdef CONFIG_COMPAT 912 /** 913 * compat_ptr_ioctl - generic implementation of .compat_ioctl file operation 914 * @file: The file to operate on. 915 * @cmd: The ioctl command number. 916 * @arg: The argument to the ioctl. 917 * 918 * This is not normally called as a function, but instead set in struct 919 * file_operations as 920 * 921 * .compat_ioctl = compat_ptr_ioctl, 922 * 923 * On most architectures, the compat_ptr_ioctl() just passes all arguments 924 * to the corresponding ->ioctl handler. The exception is arch/s390, where 925 * compat_ptr() clears the top bit of a 32-bit pointer value, so user space 926 * pointers to the second 2GB alias the first 2GB, as is the case for 927 * native 32-bit s390 user space. 928 * 929 * The compat_ptr_ioctl() function must therefore be used only with ioctl 930 * functions that either ignore the argument or pass a pointer to a 931 * compatible data type. 932 * 933 * If any ioctl command handled by fops->unlocked_ioctl passes a plain 934 * integer instead of a pointer, or any of the passed data types 935 * is incompatible between 32-bit and 64-bit architectures, a proper 936 * handler is required instead of compat_ptr_ioctl. 937 */ 938 long compat_ptr_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 939 { 940 if (!file->f_op->unlocked_ioctl) 941 return -ENOIOCTLCMD; 942 943 return file->f_op->unlocked_ioctl(file, cmd, (unsigned long)compat_ptr(arg)); 944 } 945 EXPORT_SYMBOL(compat_ptr_ioctl); 946 947 COMPAT_SYSCALL_DEFINE3(ioctl, unsigned int, fd, unsigned int, cmd, 948 compat_ulong_t, arg) 949 { 950 CLASS(fd, f)(fd); 951 int error; 952 953 if (fd_empty(f)) 954 return -EBADF; 955 956 error = security_file_ioctl_compat(fd_file(f), cmd, arg); 957 if (error) 958 return error; 959 960 switch (cmd) { 961 /* FICLONE takes an int argument, so don't use compat_ptr() */ 962 case FICLONE: 963 error = ioctl_file_clone(fd_file(f), arg, 0, 0, 0); 964 break; 965 966 #if defined(CONFIG_X86_64) 967 /* these get messy on amd64 due to alignment differences */ 968 case FS_IOC_RESVSP_32: 969 case FS_IOC_RESVSP64_32: 970 error = compat_ioctl_preallocate(fd_file(f), 0, compat_ptr(arg)); 971 break; 972 case FS_IOC_UNRESVSP_32: 973 case FS_IOC_UNRESVSP64_32: 974 error = compat_ioctl_preallocate(fd_file(f), FALLOC_FL_PUNCH_HOLE, 975 compat_ptr(arg)); 976 break; 977 case FS_IOC_ZERO_RANGE_32: 978 error = compat_ioctl_preallocate(fd_file(f), FALLOC_FL_ZERO_RANGE, 979 compat_ptr(arg)); 980 break; 981 #endif 982 983 /* 984 * These access 32-bit values anyway so no further handling is 985 * necessary. 986 */ 987 case FS_IOC32_GETFLAGS: 988 case FS_IOC32_SETFLAGS: 989 cmd = (cmd == FS_IOC32_GETFLAGS) ? 990 FS_IOC_GETFLAGS : FS_IOC_SETFLAGS; 991 fallthrough; 992 /* 993 * everything else in do_vfs_ioctl() takes either a compatible 994 * pointer argument or no argument -- call it with a modified 995 * argument. 996 */ 997 default: 998 error = do_vfs_ioctl(fd_file(f), fd, cmd, 999 (unsigned long)compat_ptr(arg)); 1000 if (error != -ENOIOCTLCMD) 1001 break; 1002 1003 if (fd_file(f)->f_op->compat_ioctl) 1004 error = fd_file(f)->f_op->compat_ioctl(fd_file(f), cmd, arg); 1005 if (error == -ENOIOCTLCMD) 1006 error = -ENOTTY; 1007 break; 1008 } 1009 return error; 1010 } 1011 #endif 1012