1 /* 2 * Quota code necessary even when VFS quota support is not compiled 3 * into the kernel. The interesting stuff is over in dquot.c, here 4 * we have symbols for initial quotactl(2) handling, the sysctl(2) 5 * variables, etc - things needed even when quota support disabled. 6 */ 7 8 #include <linux/fs.h> 9 #include <linux/namei.h> 10 #include <linux/slab.h> 11 #include <asm/current.h> 12 #include <linux/uaccess.h> 13 #include <linux/kernel.h> 14 #include <linux/security.h> 15 #include <linux/syscalls.h> 16 #include <linux/capability.h> 17 #include <linux/quotaops.h> 18 #include <linux/types.h> 19 #include <linux/writeback.h> 20 21 static int check_quotactl_permission(struct super_block *sb, int type, int cmd, 22 qid_t id) 23 { 24 switch (cmd) { 25 /* these commands do not require any special privilegues */ 26 case Q_GETFMT: 27 case Q_SYNC: 28 case Q_GETINFO: 29 case Q_XGETQSTAT: 30 case Q_XGETQSTATV: 31 case Q_XQUOTASYNC: 32 break; 33 /* allow to query information for dquots we "own" */ 34 case Q_GETQUOTA: 35 case Q_XGETQUOTA: 36 if ((type == USRQUOTA && uid_eq(current_euid(), make_kuid(current_user_ns(), id))) || 37 (type == GRPQUOTA && in_egroup_p(make_kgid(current_user_ns(), id)))) 38 break; 39 /*FALLTHROUGH*/ 40 default: 41 if (!capable(CAP_SYS_ADMIN)) 42 return -EPERM; 43 } 44 45 return security_quotactl(cmd, type, id, sb); 46 } 47 48 static void quota_sync_one(struct super_block *sb, void *arg) 49 { 50 int type = *(int *)arg; 51 52 if (sb->s_qcop && sb->s_qcop->quota_sync && 53 (sb->s_quota_types & (1 << type))) 54 sb->s_qcop->quota_sync(sb, type); 55 } 56 57 static int quota_sync_all(int type) 58 { 59 int ret; 60 61 if (type >= MAXQUOTAS) 62 return -EINVAL; 63 ret = security_quotactl(Q_SYNC, type, 0, NULL); 64 if (!ret) 65 iterate_supers(quota_sync_one, &type); 66 return ret; 67 } 68 69 static int quota_quotaon(struct super_block *sb, int type, int cmd, qid_t id, 70 struct path *path) 71 { 72 if (!sb->s_qcop->quota_on && !sb->s_qcop->quota_on_meta) 73 return -ENOSYS; 74 if (sb->s_qcop->quota_on_meta) 75 return sb->s_qcop->quota_on_meta(sb, type, id); 76 if (IS_ERR(path)) 77 return PTR_ERR(path); 78 return sb->s_qcop->quota_on(sb, type, id, path); 79 } 80 81 static int quota_getfmt(struct super_block *sb, int type, void __user *addr) 82 { 83 __u32 fmt; 84 85 mutex_lock(&sb_dqopt(sb)->dqonoff_mutex); 86 if (!sb_has_quota_active(sb, type)) { 87 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex); 88 return -ESRCH; 89 } 90 fmt = sb_dqopt(sb)->info[type].dqi_format->qf_fmt_id; 91 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex); 92 if (copy_to_user(addr, &fmt, sizeof(fmt))) 93 return -EFAULT; 94 return 0; 95 } 96 97 static int quota_getinfo(struct super_block *sb, int type, void __user *addr) 98 { 99 struct if_dqinfo info; 100 int ret; 101 102 if (!sb->s_qcop->get_info) 103 return -ENOSYS; 104 ret = sb->s_qcop->get_info(sb, type, &info); 105 if (!ret && copy_to_user(addr, &info, sizeof(info))) 106 return -EFAULT; 107 return ret; 108 } 109 110 static int quota_setinfo(struct super_block *sb, int type, void __user *addr) 111 { 112 struct if_dqinfo info; 113 114 if (copy_from_user(&info, addr, sizeof(info))) 115 return -EFAULT; 116 if (!sb->s_qcop->set_info) 117 return -ENOSYS; 118 return sb->s_qcop->set_info(sb, type, &info); 119 } 120 121 static void copy_to_if_dqblk(struct if_dqblk *dst, struct fs_disk_quota *src) 122 { 123 memset(dst, 0, sizeof(*dst)); 124 dst->dqb_bhardlimit = src->d_blk_hardlimit; 125 dst->dqb_bsoftlimit = src->d_blk_softlimit; 126 dst->dqb_curspace = src->d_bcount; 127 dst->dqb_ihardlimit = src->d_ino_hardlimit; 128 dst->dqb_isoftlimit = src->d_ino_softlimit; 129 dst->dqb_curinodes = src->d_icount; 130 dst->dqb_btime = src->d_btimer; 131 dst->dqb_itime = src->d_itimer; 132 dst->dqb_valid = QIF_ALL; 133 } 134 135 static int quota_getquota(struct super_block *sb, int type, qid_t id, 136 void __user *addr) 137 { 138 struct kqid qid; 139 struct fs_disk_quota fdq; 140 struct if_dqblk idq; 141 int ret; 142 143 if (!sb->s_qcop->get_dqblk) 144 return -ENOSYS; 145 qid = make_kqid(current_user_ns(), type, id); 146 if (!qid_valid(qid)) 147 return -EINVAL; 148 ret = sb->s_qcop->get_dqblk(sb, qid, &fdq); 149 if (ret) 150 return ret; 151 copy_to_if_dqblk(&idq, &fdq); 152 if (copy_to_user(addr, &idq, sizeof(idq))) 153 return -EFAULT; 154 return 0; 155 } 156 157 static void copy_from_if_dqblk(struct fs_disk_quota *dst, struct if_dqblk *src) 158 { 159 dst->d_blk_hardlimit = src->dqb_bhardlimit; 160 dst->d_blk_softlimit = src->dqb_bsoftlimit; 161 dst->d_bcount = src->dqb_curspace; 162 dst->d_ino_hardlimit = src->dqb_ihardlimit; 163 dst->d_ino_softlimit = src->dqb_isoftlimit; 164 dst->d_icount = src->dqb_curinodes; 165 dst->d_btimer = src->dqb_btime; 166 dst->d_itimer = src->dqb_itime; 167 168 dst->d_fieldmask = 0; 169 if (src->dqb_valid & QIF_BLIMITS) 170 dst->d_fieldmask |= FS_DQ_BSOFT | FS_DQ_BHARD; 171 if (src->dqb_valid & QIF_SPACE) 172 dst->d_fieldmask |= FS_DQ_BCOUNT; 173 if (src->dqb_valid & QIF_ILIMITS) 174 dst->d_fieldmask |= FS_DQ_ISOFT | FS_DQ_IHARD; 175 if (src->dqb_valid & QIF_INODES) 176 dst->d_fieldmask |= FS_DQ_ICOUNT; 177 if (src->dqb_valid & QIF_BTIME) 178 dst->d_fieldmask |= FS_DQ_BTIMER; 179 if (src->dqb_valid & QIF_ITIME) 180 dst->d_fieldmask |= FS_DQ_ITIMER; 181 } 182 183 static int quota_setquota(struct super_block *sb, int type, qid_t id, 184 void __user *addr) 185 { 186 struct fs_disk_quota fdq; 187 struct if_dqblk idq; 188 struct kqid qid; 189 190 if (copy_from_user(&idq, addr, sizeof(idq))) 191 return -EFAULT; 192 if (!sb->s_qcop->set_dqblk) 193 return -ENOSYS; 194 qid = make_kqid(current_user_ns(), type, id); 195 if (!qid_valid(qid)) 196 return -EINVAL; 197 copy_from_if_dqblk(&fdq, &idq); 198 return sb->s_qcop->set_dqblk(sb, qid, &fdq); 199 } 200 201 static int quota_setxstate(struct super_block *sb, int cmd, void __user *addr) 202 { 203 __u32 flags; 204 205 if (copy_from_user(&flags, addr, sizeof(flags))) 206 return -EFAULT; 207 if (!sb->s_qcop->set_xstate) 208 return -ENOSYS; 209 return sb->s_qcop->set_xstate(sb, flags, cmd); 210 } 211 212 static int quota_getxstate(struct super_block *sb, void __user *addr) 213 { 214 struct fs_quota_stat fqs; 215 int ret; 216 217 if (!sb->s_qcop->get_xstate) 218 return -ENOSYS; 219 ret = sb->s_qcop->get_xstate(sb, &fqs); 220 if (!ret && copy_to_user(addr, &fqs, sizeof(fqs))) 221 return -EFAULT; 222 return ret; 223 } 224 225 static int quota_getxstatev(struct super_block *sb, void __user *addr) 226 { 227 struct fs_quota_statv fqs; 228 int ret; 229 230 if (!sb->s_qcop->get_xstatev) 231 return -ENOSYS; 232 233 memset(&fqs, 0, sizeof(fqs)); 234 if (copy_from_user(&fqs, addr, 1)) /* Just read qs_version */ 235 return -EFAULT; 236 237 /* If this kernel doesn't support user specified version, fail */ 238 switch (fqs.qs_version) { 239 case FS_QSTATV_VERSION1: 240 break; 241 default: 242 return -EINVAL; 243 } 244 ret = sb->s_qcop->get_xstatev(sb, &fqs); 245 if (!ret && copy_to_user(addr, &fqs, sizeof(fqs))) 246 return -EFAULT; 247 return ret; 248 } 249 250 static int quota_setxquota(struct super_block *sb, int type, qid_t id, 251 void __user *addr) 252 { 253 struct fs_disk_quota fdq; 254 struct kqid qid; 255 256 if (copy_from_user(&fdq, addr, sizeof(fdq))) 257 return -EFAULT; 258 if (!sb->s_qcop->set_dqblk) 259 return -ENOSYS; 260 qid = make_kqid(current_user_ns(), type, id); 261 if (!qid_valid(qid)) 262 return -EINVAL; 263 return sb->s_qcop->set_dqblk(sb, qid, &fdq); 264 } 265 266 static int quota_getxquota(struct super_block *sb, int type, qid_t id, 267 void __user *addr) 268 { 269 struct fs_disk_quota fdq; 270 struct kqid qid; 271 int ret; 272 273 if (!sb->s_qcop->get_dqblk) 274 return -ENOSYS; 275 qid = make_kqid(current_user_ns(), type, id); 276 if (!qid_valid(qid)) 277 return -EINVAL; 278 ret = sb->s_qcop->get_dqblk(sb, qid, &fdq); 279 if (!ret && copy_to_user(addr, &fdq, sizeof(fdq))) 280 return -EFAULT; 281 return ret; 282 } 283 284 static int quota_rmxquota(struct super_block *sb, void __user *addr) 285 { 286 __u32 flags; 287 288 if (copy_from_user(&flags, addr, sizeof(flags))) 289 return -EFAULT; 290 if (!sb->s_qcop->rm_xquota) 291 return -ENOSYS; 292 return sb->s_qcop->rm_xquota(sb, flags); 293 } 294 295 /* Copy parameters and call proper function */ 296 static int do_quotactl(struct super_block *sb, int type, int cmd, qid_t id, 297 void __user *addr, struct path *path) 298 { 299 int ret; 300 301 if (type >= (XQM_COMMAND(cmd) ? XQM_MAXQUOTAS : MAXQUOTAS)) 302 return -EINVAL; 303 /* 304 * Quota not supported on this fs? Check this before s_quota_types 305 * since they needn't be set if quota is not supported at all. 306 */ 307 if (!sb->s_qcop) 308 return -ENOSYS; 309 if (!(sb->s_quota_types & (1 << type))) 310 return -EINVAL; 311 312 ret = check_quotactl_permission(sb, type, cmd, id); 313 if (ret < 0) 314 return ret; 315 316 switch (cmd) { 317 case Q_QUOTAON: 318 return quota_quotaon(sb, type, cmd, id, path); 319 case Q_QUOTAOFF: 320 if (!sb->s_qcop->quota_off) 321 return -ENOSYS; 322 return sb->s_qcop->quota_off(sb, type); 323 case Q_GETFMT: 324 return quota_getfmt(sb, type, addr); 325 case Q_GETINFO: 326 return quota_getinfo(sb, type, addr); 327 case Q_SETINFO: 328 return quota_setinfo(sb, type, addr); 329 case Q_GETQUOTA: 330 return quota_getquota(sb, type, id, addr); 331 case Q_SETQUOTA: 332 return quota_setquota(sb, type, id, addr); 333 case Q_SYNC: 334 if (!sb->s_qcop->quota_sync) 335 return -ENOSYS; 336 return sb->s_qcop->quota_sync(sb, type); 337 case Q_XQUOTAON: 338 case Q_XQUOTAOFF: 339 return quota_setxstate(sb, cmd, addr); 340 case Q_XQUOTARM: 341 return quota_rmxquota(sb, addr); 342 case Q_XGETQSTAT: 343 return quota_getxstate(sb, addr); 344 case Q_XGETQSTATV: 345 return quota_getxstatev(sb, addr); 346 case Q_XSETQLIM: 347 return quota_setxquota(sb, type, id, addr); 348 case Q_XGETQUOTA: 349 return quota_getxquota(sb, type, id, addr); 350 case Q_XQUOTASYNC: 351 if (sb->s_flags & MS_RDONLY) 352 return -EROFS; 353 /* XFS quotas are fully coherent now, making this call a noop */ 354 return 0; 355 default: 356 return -EINVAL; 357 } 358 } 359 360 #ifdef CONFIG_BLOCK 361 362 /* Return 1 if 'cmd' will block on frozen filesystem */ 363 static int quotactl_cmd_write(int cmd) 364 { 365 switch (cmd) { 366 case Q_GETFMT: 367 case Q_GETINFO: 368 case Q_SYNC: 369 case Q_XGETQSTAT: 370 case Q_XGETQSTATV: 371 case Q_XGETQUOTA: 372 case Q_XQUOTASYNC: 373 return 0; 374 } 375 return 1; 376 } 377 378 #endif /* CONFIG_BLOCK */ 379 380 /* 381 * look up a superblock on which quota ops will be performed 382 * - use the name of a block device to find the superblock thereon 383 */ 384 static struct super_block *quotactl_block(const char __user *special, int cmd) 385 { 386 #ifdef CONFIG_BLOCK 387 struct block_device *bdev; 388 struct super_block *sb; 389 struct filename *tmp = getname(special); 390 391 if (IS_ERR(tmp)) 392 return ERR_CAST(tmp); 393 bdev = lookup_bdev(tmp->name); 394 putname(tmp); 395 if (IS_ERR(bdev)) 396 return ERR_CAST(bdev); 397 if (quotactl_cmd_write(cmd)) 398 sb = get_super_thawed(bdev); 399 else 400 sb = get_super(bdev); 401 bdput(bdev); 402 if (!sb) 403 return ERR_PTR(-ENODEV); 404 405 return sb; 406 #else 407 return ERR_PTR(-ENODEV); 408 #endif 409 } 410 411 /* 412 * This is the system call interface. This communicates with 413 * the user-level programs. Currently this only supports diskquota 414 * calls. Maybe we need to add the process quotas etc. in the future, 415 * but we probably should use rlimits for that. 416 */ 417 SYSCALL_DEFINE4(quotactl, unsigned int, cmd, const char __user *, special, 418 qid_t, id, void __user *, addr) 419 { 420 uint cmds, type; 421 struct super_block *sb = NULL; 422 struct path path, *pathp = NULL; 423 int ret; 424 425 cmds = cmd >> SUBCMDSHIFT; 426 type = cmd & SUBCMDMASK; 427 428 /* 429 * As a special case Q_SYNC can be called without a specific device. 430 * It will iterate all superblocks that have quota enabled and call 431 * the sync action on each of them. 432 */ 433 if (!special) { 434 if (cmds == Q_SYNC) 435 return quota_sync_all(type); 436 return -ENODEV; 437 } 438 439 /* 440 * Path for quotaon has to be resolved before grabbing superblock 441 * because that gets s_umount sem which is also possibly needed by path 442 * resolution (think about autofs) and thus deadlocks could arise. 443 */ 444 if (cmds == Q_QUOTAON) { 445 ret = user_path_at(AT_FDCWD, addr, LOOKUP_FOLLOW|LOOKUP_AUTOMOUNT, &path); 446 if (ret) 447 pathp = ERR_PTR(ret); 448 else 449 pathp = &path; 450 } 451 452 sb = quotactl_block(special, cmds); 453 if (IS_ERR(sb)) { 454 ret = PTR_ERR(sb); 455 goto out; 456 } 457 458 ret = do_quotactl(sb, type, cmds, id, addr, pathp); 459 460 drop_super(sb); 461 out: 462 if (pathp && !IS_ERR(pathp)) 463 path_put(pathp); 464 return ret; 465 } 466