1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 4 * All Rights Reserved. 5 */ 6 #include "xfs.h" 7 #include "xfs_fs.h" 8 #include "xfs_shared.h" 9 #include "xfs_format.h" 10 #include "xfs_log_format.h" 11 #include "xfs_trans_resv.h" 12 #include "xfs_mount.h" 13 #include "xfs_inode.h" 14 #include "xfs_rtalloc.h" 15 #include "xfs_iwalk.h" 16 #include "xfs_itable.h" 17 #include "xfs_error.h" 18 #include "xfs_da_format.h" 19 #include "xfs_da_btree.h" 20 #include "xfs_attr.h" 21 #include "xfs_bmap.h" 22 #include "xfs_bmap_util.h" 23 #include "xfs_fsops.h" 24 #include "xfs_discard.h" 25 #include "xfs_quota.h" 26 #include "xfs_export.h" 27 #include "xfs_trace.h" 28 #include "xfs_icache.h" 29 #include "xfs_trans.h" 30 #include "xfs_acl.h" 31 #include "xfs_btree.h" 32 #include <linux/fsmap.h> 33 #include "xfs_fsmap.h" 34 #include "scrub/xfs_scrub.h" 35 #include "xfs_sb.h" 36 #include "xfs_ag.h" 37 #include "xfs_health.h" 38 #include "xfs_reflink.h" 39 #include "xfs_ioctl.h" 40 #include "xfs_xattr.h" 41 #include "xfs_rtbitmap.h" 42 #include "xfs_file.h" 43 #include "xfs_exchrange.h" 44 45 #include <linux/mount.h> 46 #include <linux/namei.h> 47 #include <linux/fileattr.h> 48 49 /* 50 * xfs_find_handle maps from userspace xfs_fsop_handlereq structure to 51 * a file or fs handle. 52 * 53 * XFS_IOC_PATH_TO_FSHANDLE 54 * returns fs handle for a mount point or path within that mount point 55 * XFS_IOC_FD_TO_HANDLE 56 * returns full handle for a FD opened in user space 57 * XFS_IOC_PATH_TO_HANDLE 58 * returns full handle for a path 59 */ 60 int 61 xfs_find_handle( 62 unsigned int cmd, 63 xfs_fsop_handlereq_t *hreq) 64 { 65 int hsize; 66 xfs_handle_t handle; 67 struct inode *inode; 68 struct fd f = {NULL}; 69 struct path path; 70 int error; 71 struct xfs_inode *ip; 72 73 if (cmd == XFS_IOC_FD_TO_HANDLE) { 74 f = fdget(hreq->fd); 75 if (!f.file) 76 return -EBADF; 77 inode = file_inode(f.file); 78 } else { 79 error = user_path_at(AT_FDCWD, hreq->path, 0, &path); 80 if (error) 81 return error; 82 inode = d_inode(path.dentry); 83 } 84 ip = XFS_I(inode); 85 86 /* 87 * We can only generate handles for inodes residing on a XFS filesystem, 88 * and only for regular files, directories or symbolic links. 89 */ 90 error = -EINVAL; 91 if (inode->i_sb->s_magic != XFS_SB_MAGIC) 92 goto out_put; 93 94 error = -EBADF; 95 if (!S_ISREG(inode->i_mode) && 96 !S_ISDIR(inode->i_mode) && 97 !S_ISLNK(inode->i_mode)) 98 goto out_put; 99 100 101 memcpy(&handle.ha_fsid, ip->i_mount->m_fixedfsid, sizeof(xfs_fsid_t)); 102 103 if (cmd == XFS_IOC_PATH_TO_FSHANDLE) { 104 /* 105 * This handle only contains an fsid, zero the rest. 106 */ 107 memset(&handle.ha_fid, 0, sizeof(handle.ha_fid)); 108 hsize = sizeof(xfs_fsid_t); 109 } else { 110 handle.ha_fid.fid_len = sizeof(xfs_fid_t) - 111 sizeof(handle.ha_fid.fid_len); 112 handle.ha_fid.fid_pad = 0; 113 handle.ha_fid.fid_gen = inode->i_generation; 114 handle.ha_fid.fid_ino = ip->i_ino; 115 hsize = sizeof(xfs_handle_t); 116 } 117 118 error = -EFAULT; 119 if (copy_to_user(hreq->ohandle, &handle, hsize) || 120 copy_to_user(hreq->ohandlen, &hsize, sizeof(__s32))) 121 goto out_put; 122 123 error = 0; 124 125 out_put: 126 if (cmd == XFS_IOC_FD_TO_HANDLE) 127 fdput(f); 128 else 129 path_put(&path); 130 return error; 131 } 132 133 /* 134 * No need to do permission checks on the various pathname components 135 * as the handle operations are privileged. 136 */ 137 STATIC int 138 xfs_handle_acceptable( 139 void *context, 140 struct dentry *dentry) 141 { 142 return 1; 143 } 144 145 /* 146 * Convert userspace handle data into a dentry. 147 */ 148 struct dentry * 149 xfs_handle_to_dentry( 150 struct file *parfilp, 151 void __user *uhandle, 152 u32 hlen) 153 { 154 xfs_handle_t handle; 155 struct xfs_fid64 fid; 156 157 /* 158 * Only allow handle opens under a directory. 159 */ 160 if (!S_ISDIR(file_inode(parfilp)->i_mode)) 161 return ERR_PTR(-ENOTDIR); 162 163 if (hlen != sizeof(xfs_handle_t)) 164 return ERR_PTR(-EINVAL); 165 if (copy_from_user(&handle, uhandle, hlen)) 166 return ERR_PTR(-EFAULT); 167 if (handle.ha_fid.fid_len != 168 sizeof(handle.ha_fid) - sizeof(handle.ha_fid.fid_len)) 169 return ERR_PTR(-EINVAL); 170 171 memset(&fid, 0, sizeof(struct fid)); 172 fid.ino = handle.ha_fid.fid_ino; 173 fid.gen = handle.ha_fid.fid_gen; 174 175 return exportfs_decode_fh(parfilp->f_path.mnt, (struct fid *)&fid, 3, 176 FILEID_INO32_GEN | XFS_FILEID_TYPE_64FLAG, 177 xfs_handle_acceptable, NULL); 178 } 179 180 STATIC struct dentry * 181 xfs_handlereq_to_dentry( 182 struct file *parfilp, 183 xfs_fsop_handlereq_t *hreq) 184 { 185 return xfs_handle_to_dentry(parfilp, hreq->ihandle, hreq->ihandlen); 186 } 187 188 int 189 xfs_open_by_handle( 190 struct file *parfilp, 191 xfs_fsop_handlereq_t *hreq) 192 { 193 const struct cred *cred = current_cred(); 194 int error; 195 int fd; 196 int permflag; 197 struct file *filp; 198 struct inode *inode; 199 struct dentry *dentry; 200 fmode_t fmode; 201 struct path path; 202 203 if (!capable(CAP_SYS_ADMIN)) 204 return -EPERM; 205 206 dentry = xfs_handlereq_to_dentry(parfilp, hreq); 207 if (IS_ERR(dentry)) 208 return PTR_ERR(dentry); 209 inode = d_inode(dentry); 210 211 /* Restrict xfs_open_by_handle to directories & regular files. */ 212 if (!(S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode))) { 213 error = -EPERM; 214 goto out_dput; 215 } 216 217 #if BITS_PER_LONG != 32 218 hreq->oflags |= O_LARGEFILE; 219 #endif 220 221 permflag = hreq->oflags; 222 fmode = OPEN_FMODE(permflag); 223 if ((!(permflag & O_APPEND) || (permflag & O_TRUNC)) && 224 (fmode & FMODE_WRITE) && IS_APPEND(inode)) { 225 error = -EPERM; 226 goto out_dput; 227 } 228 229 if ((fmode & FMODE_WRITE) && IS_IMMUTABLE(inode)) { 230 error = -EPERM; 231 goto out_dput; 232 } 233 234 /* Can't write directories. */ 235 if (S_ISDIR(inode->i_mode) && (fmode & FMODE_WRITE)) { 236 error = -EISDIR; 237 goto out_dput; 238 } 239 240 fd = get_unused_fd_flags(0); 241 if (fd < 0) { 242 error = fd; 243 goto out_dput; 244 } 245 246 path.mnt = parfilp->f_path.mnt; 247 path.dentry = dentry; 248 filp = dentry_open(&path, hreq->oflags, cred); 249 dput(dentry); 250 if (IS_ERR(filp)) { 251 put_unused_fd(fd); 252 return PTR_ERR(filp); 253 } 254 255 if (S_ISREG(inode->i_mode)) { 256 filp->f_flags |= O_NOATIME; 257 filp->f_mode |= FMODE_NOCMTIME; 258 } 259 260 fd_install(fd, filp); 261 return fd; 262 263 out_dput: 264 dput(dentry); 265 return error; 266 } 267 268 int 269 xfs_readlink_by_handle( 270 struct file *parfilp, 271 xfs_fsop_handlereq_t *hreq) 272 { 273 struct dentry *dentry; 274 __u32 olen; 275 int error; 276 277 if (!capable(CAP_SYS_ADMIN)) 278 return -EPERM; 279 280 dentry = xfs_handlereq_to_dentry(parfilp, hreq); 281 if (IS_ERR(dentry)) 282 return PTR_ERR(dentry); 283 284 /* Restrict this handle operation to symlinks only. */ 285 if (!d_is_symlink(dentry)) { 286 error = -EINVAL; 287 goto out_dput; 288 } 289 290 if (copy_from_user(&olen, hreq->ohandlen, sizeof(__u32))) { 291 error = -EFAULT; 292 goto out_dput; 293 } 294 295 error = vfs_readlink(dentry, hreq->ohandle, olen); 296 297 out_dput: 298 dput(dentry); 299 return error; 300 } 301 302 /* 303 * Format an attribute and copy it out to the user's buffer. 304 * Take care to check values and protect against them changing later, 305 * we may be reading them directly out of a user buffer. 306 */ 307 static void 308 xfs_ioc_attr_put_listent( 309 struct xfs_attr_list_context *context, 310 int flags, 311 unsigned char *name, 312 int namelen, 313 int valuelen) 314 { 315 struct xfs_attrlist *alist = context->buffer; 316 struct xfs_attrlist_ent *aep; 317 int arraytop; 318 319 ASSERT(!context->seen_enough); 320 ASSERT(context->count >= 0); 321 ASSERT(context->count < (ATTR_MAX_VALUELEN/8)); 322 ASSERT(context->firstu >= sizeof(*alist)); 323 ASSERT(context->firstu <= context->bufsize); 324 325 /* 326 * Only list entries in the right namespace. 327 */ 328 if (context->attr_filter != (flags & XFS_ATTR_NSP_ONDISK_MASK)) 329 return; 330 331 arraytop = sizeof(*alist) + 332 context->count * sizeof(alist->al_offset[0]); 333 334 /* decrement by the actual bytes used by the attr */ 335 context->firstu -= round_up(offsetof(struct xfs_attrlist_ent, a_name) + 336 namelen + 1, sizeof(uint32_t)); 337 if (context->firstu < arraytop) { 338 trace_xfs_attr_list_full(context); 339 alist->al_more = 1; 340 context->seen_enough = 1; 341 return; 342 } 343 344 aep = context->buffer + context->firstu; 345 aep->a_valuelen = valuelen; 346 memcpy(aep->a_name, name, namelen); 347 aep->a_name[namelen] = 0; 348 alist->al_offset[context->count++] = context->firstu; 349 alist->al_count = context->count; 350 trace_xfs_attr_list_add(context); 351 } 352 353 static unsigned int 354 xfs_attr_filter( 355 u32 ioc_flags) 356 { 357 if (ioc_flags & XFS_IOC_ATTR_ROOT) 358 return XFS_ATTR_ROOT; 359 if (ioc_flags & XFS_IOC_ATTR_SECURE) 360 return XFS_ATTR_SECURE; 361 return 0; 362 } 363 364 static unsigned int 365 xfs_attr_flags( 366 u32 ioc_flags) 367 { 368 if (ioc_flags & XFS_IOC_ATTR_CREATE) 369 return XATTR_CREATE; 370 if (ioc_flags & XFS_IOC_ATTR_REPLACE) 371 return XATTR_REPLACE; 372 return 0; 373 } 374 375 int 376 xfs_ioc_attr_list( 377 struct xfs_inode *dp, 378 void __user *ubuf, 379 size_t bufsize, 380 int flags, 381 struct xfs_attrlist_cursor __user *ucursor) 382 { 383 struct xfs_attr_list_context context = { }; 384 struct xfs_attrlist *alist; 385 void *buffer; 386 int error; 387 388 if (bufsize < sizeof(struct xfs_attrlist) || 389 bufsize > XFS_XATTR_LIST_MAX) 390 return -EINVAL; 391 392 /* 393 * Reject flags, only allow namespaces. 394 */ 395 if (flags & ~(XFS_IOC_ATTR_ROOT | XFS_IOC_ATTR_SECURE)) 396 return -EINVAL; 397 if (flags == (XFS_IOC_ATTR_ROOT | XFS_IOC_ATTR_SECURE)) 398 return -EINVAL; 399 400 /* 401 * Validate the cursor. 402 */ 403 if (copy_from_user(&context.cursor, ucursor, sizeof(context.cursor))) 404 return -EFAULT; 405 if (context.cursor.pad1 || context.cursor.pad2) 406 return -EINVAL; 407 if (!context.cursor.initted && 408 (context.cursor.hashval || context.cursor.blkno || 409 context.cursor.offset)) 410 return -EINVAL; 411 412 buffer = kvzalloc(bufsize, GFP_KERNEL); 413 if (!buffer) 414 return -ENOMEM; 415 416 /* 417 * Initialize the output buffer. 418 */ 419 context.dp = dp; 420 context.resynch = 1; 421 context.attr_filter = xfs_attr_filter(flags); 422 context.buffer = buffer; 423 context.bufsize = round_down(bufsize, sizeof(uint32_t)); 424 context.firstu = context.bufsize; 425 context.put_listent = xfs_ioc_attr_put_listent; 426 427 alist = context.buffer; 428 alist->al_count = 0; 429 alist->al_more = 0; 430 alist->al_offset[0] = context.bufsize; 431 432 error = xfs_attr_list(&context); 433 if (error) 434 goto out_free; 435 436 if (copy_to_user(ubuf, buffer, bufsize) || 437 copy_to_user(ucursor, &context.cursor, sizeof(context.cursor))) 438 error = -EFAULT; 439 out_free: 440 kvfree(buffer); 441 return error; 442 } 443 444 STATIC int 445 xfs_attrlist_by_handle( 446 struct file *parfilp, 447 struct xfs_fsop_attrlist_handlereq __user *p) 448 { 449 struct xfs_fsop_attrlist_handlereq al_hreq; 450 struct dentry *dentry; 451 int error = -ENOMEM; 452 453 if (!capable(CAP_SYS_ADMIN)) 454 return -EPERM; 455 if (copy_from_user(&al_hreq, p, sizeof(al_hreq))) 456 return -EFAULT; 457 458 dentry = xfs_handlereq_to_dentry(parfilp, &al_hreq.hreq); 459 if (IS_ERR(dentry)) 460 return PTR_ERR(dentry); 461 462 error = xfs_ioc_attr_list(XFS_I(d_inode(dentry)), al_hreq.buffer, 463 al_hreq.buflen, al_hreq.flags, &p->pos); 464 dput(dentry); 465 return error; 466 } 467 468 static int 469 xfs_attrmulti_attr_get( 470 struct inode *inode, 471 unsigned char *name, 472 unsigned char __user *ubuf, 473 uint32_t *len, 474 uint32_t flags) 475 { 476 struct xfs_da_args args = { 477 .dp = XFS_I(inode), 478 .attr_filter = xfs_attr_filter(flags), 479 .attr_flags = xfs_attr_flags(flags), 480 .name = name, 481 .namelen = strlen(name), 482 .valuelen = *len, 483 }; 484 int error; 485 486 if (*len > XFS_XATTR_SIZE_MAX) 487 return -EINVAL; 488 489 error = xfs_attr_get(&args); 490 if (error) 491 goto out_kfree; 492 493 *len = args.valuelen; 494 if (copy_to_user(ubuf, args.value, args.valuelen)) 495 error = -EFAULT; 496 497 out_kfree: 498 kvfree(args.value); 499 return error; 500 } 501 502 static int 503 xfs_attrmulti_attr_set( 504 struct inode *inode, 505 unsigned char *name, 506 const unsigned char __user *ubuf, 507 uint32_t len, 508 uint32_t flags) 509 { 510 struct xfs_da_args args = { 511 .dp = XFS_I(inode), 512 .attr_filter = xfs_attr_filter(flags), 513 .attr_flags = xfs_attr_flags(flags), 514 .name = name, 515 .namelen = strlen(name), 516 }; 517 int error; 518 519 if (IS_IMMUTABLE(inode) || IS_APPEND(inode)) 520 return -EPERM; 521 522 if (ubuf) { 523 if (len > XFS_XATTR_SIZE_MAX) 524 return -EINVAL; 525 args.value = memdup_user(ubuf, len); 526 if (IS_ERR(args.value)) 527 return PTR_ERR(args.value); 528 args.valuelen = len; 529 } 530 531 error = xfs_attr_change(&args); 532 if (!error && (flags & XFS_IOC_ATTR_ROOT)) 533 xfs_forget_acl(inode, name); 534 kfree(args.value); 535 return error; 536 } 537 538 int 539 xfs_ioc_attrmulti_one( 540 struct file *parfilp, 541 struct inode *inode, 542 uint32_t opcode, 543 void __user *uname, 544 void __user *value, 545 uint32_t *len, 546 uint32_t flags) 547 { 548 unsigned char *name; 549 int error; 550 551 if ((flags & XFS_IOC_ATTR_ROOT) && (flags & XFS_IOC_ATTR_SECURE)) 552 return -EINVAL; 553 554 name = strndup_user(uname, MAXNAMELEN); 555 if (IS_ERR(name)) 556 return PTR_ERR(name); 557 558 switch (opcode) { 559 case ATTR_OP_GET: 560 error = xfs_attrmulti_attr_get(inode, name, value, len, flags); 561 break; 562 case ATTR_OP_REMOVE: 563 value = NULL; 564 *len = 0; 565 fallthrough; 566 case ATTR_OP_SET: 567 error = mnt_want_write_file(parfilp); 568 if (error) 569 break; 570 error = xfs_attrmulti_attr_set(inode, name, value, *len, flags); 571 mnt_drop_write_file(parfilp); 572 break; 573 default: 574 error = -EINVAL; 575 break; 576 } 577 578 kfree(name); 579 return error; 580 } 581 582 STATIC int 583 xfs_attrmulti_by_handle( 584 struct file *parfilp, 585 void __user *arg) 586 { 587 int error; 588 xfs_attr_multiop_t *ops; 589 xfs_fsop_attrmulti_handlereq_t am_hreq; 590 struct dentry *dentry; 591 unsigned int i, size; 592 593 if (!capable(CAP_SYS_ADMIN)) 594 return -EPERM; 595 if (copy_from_user(&am_hreq, arg, sizeof(xfs_fsop_attrmulti_handlereq_t))) 596 return -EFAULT; 597 598 /* overflow check */ 599 if (am_hreq.opcount >= INT_MAX / sizeof(xfs_attr_multiop_t)) 600 return -E2BIG; 601 602 dentry = xfs_handlereq_to_dentry(parfilp, &am_hreq.hreq); 603 if (IS_ERR(dentry)) 604 return PTR_ERR(dentry); 605 606 error = -E2BIG; 607 size = am_hreq.opcount * sizeof(xfs_attr_multiop_t); 608 if (!size || size > 16 * PAGE_SIZE) 609 goto out_dput; 610 611 ops = memdup_user(am_hreq.ops, size); 612 if (IS_ERR(ops)) { 613 error = PTR_ERR(ops); 614 goto out_dput; 615 } 616 617 error = 0; 618 for (i = 0; i < am_hreq.opcount; i++) { 619 ops[i].am_error = xfs_ioc_attrmulti_one(parfilp, 620 d_inode(dentry), ops[i].am_opcode, 621 ops[i].am_attrname, ops[i].am_attrvalue, 622 &ops[i].am_length, ops[i].am_flags); 623 } 624 625 if (copy_to_user(am_hreq.ops, ops, size)) 626 error = -EFAULT; 627 628 kfree(ops); 629 out_dput: 630 dput(dentry); 631 return error; 632 } 633 634 /* Return 0 on success or positive error */ 635 int 636 xfs_fsbulkstat_one_fmt( 637 struct xfs_ibulk *breq, 638 const struct xfs_bulkstat *bstat) 639 { 640 struct xfs_bstat bs1; 641 642 xfs_bulkstat_to_bstat(breq->mp, &bs1, bstat); 643 if (copy_to_user(breq->ubuffer, &bs1, sizeof(bs1))) 644 return -EFAULT; 645 return xfs_ibulk_advance(breq, sizeof(struct xfs_bstat)); 646 } 647 648 int 649 xfs_fsinumbers_fmt( 650 struct xfs_ibulk *breq, 651 const struct xfs_inumbers *igrp) 652 { 653 struct xfs_inogrp ig1; 654 655 xfs_inumbers_to_inogrp(&ig1, igrp); 656 if (copy_to_user(breq->ubuffer, &ig1, sizeof(struct xfs_inogrp))) 657 return -EFAULT; 658 return xfs_ibulk_advance(breq, sizeof(struct xfs_inogrp)); 659 } 660 661 STATIC int 662 xfs_ioc_fsbulkstat( 663 struct file *file, 664 unsigned int cmd, 665 void __user *arg) 666 { 667 struct xfs_mount *mp = XFS_I(file_inode(file))->i_mount; 668 struct xfs_fsop_bulkreq bulkreq; 669 struct xfs_ibulk breq = { 670 .mp = mp, 671 .idmap = file_mnt_idmap(file), 672 .ocount = 0, 673 }; 674 xfs_ino_t lastino; 675 int error; 676 677 /* done = 1 if there are more stats to get and if bulkstat */ 678 /* should be called again (unused here, but used in dmapi) */ 679 680 if (!capable(CAP_SYS_ADMIN)) 681 return -EPERM; 682 683 if (xfs_is_shutdown(mp)) 684 return -EIO; 685 686 if (copy_from_user(&bulkreq, arg, sizeof(struct xfs_fsop_bulkreq))) 687 return -EFAULT; 688 689 if (copy_from_user(&lastino, bulkreq.lastip, sizeof(__s64))) 690 return -EFAULT; 691 692 if (bulkreq.icount <= 0) 693 return -EINVAL; 694 695 if (bulkreq.ubuffer == NULL) 696 return -EINVAL; 697 698 breq.ubuffer = bulkreq.ubuffer; 699 breq.icount = bulkreq.icount; 700 701 /* 702 * FSBULKSTAT_SINGLE expects that *lastip contains the inode number 703 * that we want to stat. However, FSINUMBERS and FSBULKSTAT expect 704 * that *lastip contains either zero or the number of the last inode to 705 * be examined by the previous call and return results starting with 706 * the next inode after that. The new bulk request back end functions 707 * take the inode to start with, so we have to compute the startino 708 * parameter from lastino to maintain correct function. lastino == 0 709 * is a special case because it has traditionally meant "first inode 710 * in filesystem". 711 */ 712 if (cmd == XFS_IOC_FSINUMBERS) { 713 breq.startino = lastino ? lastino + 1 : 0; 714 error = xfs_inumbers(&breq, xfs_fsinumbers_fmt); 715 lastino = breq.startino - 1; 716 } else if (cmd == XFS_IOC_FSBULKSTAT_SINGLE) { 717 breq.startino = lastino; 718 breq.icount = 1; 719 error = xfs_bulkstat_one(&breq, xfs_fsbulkstat_one_fmt); 720 } else { /* XFS_IOC_FSBULKSTAT */ 721 breq.startino = lastino ? lastino + 1 : 0; 722 error = xfs_bulkstat(&breq, xfs_fsbulkstat_one_fmt); 723 lastino = breq.startino - 1; 724 } 725 726 if (error) 727 return error; 728 729 if (bulkreq.lastip != NULL && 730 copy_to_user(bulkreq.lastip, &lastino, sizeof(xfs_ino_t))) 731 return -EFAULT; 732 733 if (bulkreq.ocount != NULL && 734 copy_to_user(bulkreq.ocount, &breq.ocount, sizeof(__s32))) 735 return -EFAULT; 736 737 return 0; 738 } 739 740 /* Return 0 on success or positive error */ 741 static int 742 xfs_bulkstat_fmt( 743 struct xfs_ibulk *breq, 744 const struct xfs_bulkstat *bstat) 745 { 746 if (copy_to_user(breq->ubuffer, bstat, sizeof(struct xfs_bulkstat))) 747 return -EFAULT; 748 return xfs_ibulk_advance(breq, sizeof(struct xfs_bulkstat)); 749 } 750 751 /* 752 * Check the incoming bulk request @hdr from userspace and initialize the 753 * internal @breq bulk request appropriately. Returns 0 if the bulk request 754 * should proceed; -ECANCELED if there's nothing to do; or the usual 755 * negative error code. 756 */ 757 static int 758 xfs_bulk_ireq_setup( 759 struct xfs_mount *mp, 760 const struct xfs_bulk_ireq *hdr, 761 struct xfs_ibulk *breq, 762 void __user *ubuffer) 763 { 764 if (hdr->icount == 0 || 765 (hdr->flags & ~XFS_BULK_IREQ_FLAGS_ALL) || 766 memchr_inv(hdr->reserved, 0, sizeof(hdr->reserved))) 767 return -EINVAL; 768 769 breq->startino = hdr->ino; 770 breq->ubuffer = ubuffer; 771 breq->icount = hdr->icount; 772 breq->ocount = 0; 773 breq->flags = 0; 774 775 /* 776 * The @ino parameter is a special value, so we must look it up here. 777 * We're not allowed to have IREQ_AGNO, and we only return one inode 778 * worth of data. 779 */ 780 if (hdr->flags & XFS_BULK_IREQ_SPECIAL) { 781 if (hdr->flags & XFS_BULK_IREQ_AGNO) 782 return -EINVAL; 783 784 switch (hdr->ino) { 785 case XFS_BULK_IREQ_SPECIAL_ROOT: 786 breq->startino = mp->m_sb.sb_rootino; 787 break; 788 default: 789 return -EINVAL; 790 } 791 breq->icount = 1; 792 } 793 794 /* 795 * The IREQ_AGNO flag means that we only want results from a given AG. 796 * If @hdr->ino is zero, we start iterating in that AG. If @hdr->ino is 797 * beyond the specified AG then we return no results. 798 */ 799 if (hdr->flags & XFS_BULK_IREQ_AGNO) { 800 if (hdr->agno >= mp->m_sb.sb_agcount) 801 return -EINVAL; 802 803 if (breq->startino == 0) 804 breq->startino = XFS_AGINO_TO_INO(mp, hdr->agno, 0); 805 else if (XFS_INO_TO_AGNO(mp, breq->startino) < hdr->agno) 806 return -EINVAL; 807 808 breq->flags |= XFS_IBULK_SAME_AG; 809 810 /* Asking for an inode past the end of the AG? We're done! */ 811 if (XFS_INO_TO_AGNO(mp, breq->startino) > hdr->agno) 812 return -ECANCELED; 813 } else if (hdr->agno) 814 return -EINVAL; 815 816 /* Asking for an inode past the end of the FS? We're done! */ 817 if (XFS_INO_TO_AGNO(mp, breq->startino) >= mp->m_sb.sb_agcount) 818 return -ECANCELED; 819 820 if (hdr->flags & XFS_BULK_IREQ_NREXT64) 821 breq->flags |= XFS_IBULK_NREXT64; 822 823 return 0; 824 } 825 826 /* 827 * Update the userspace bulk request @hdr to reflect the end state of the 828 * internal bulk request @breq. 829 */ 830 static void 831 xfs_bulk_ireq_teardown( 832 struct xfs_bulk_ireq *hdr, 833 struct xfs_ibulk *breq) 834 { 835 hdr->ino = breq->startino; 836 hdr->ocount = breq->ocount; 837 } 838 839 /* Handle the v5 bulkstat ioctl. */ 840 STATIC int 841 xfs_ioc_bulkstat( 842 struct file *file, 843 unsigned int cmd, 844 struct xfs_bulkstat_req __user *arg) 845 { 846 struct xfs_mount *mp = XFS_I(file_inode(file))->i_mount; 847 struct xfs_bulk_ireq hdr; 848 struct xfs_ibulk breq = { 849 .mp = mp, 850 .idmap = file_mnt_idmap(file), 851 }; 852 int error; 853 854 if (!capable(CAP_SYS_ADMIN)) 855 return -EPERM; 856 857 if (xfs_is_shutdown(mp)) 858 return -EIO; 859 860 if (copy_from_user(&hdr, &arg->hdr, sizeof(hdr))) 861 return -EFAULT; 862 863 error = xfs_bulk_ireq_setup(mp, &hdr, &breq, arg->bulkstat); 864 if (error == -ECANCELED) 865 goto out_teardown; 866 if (error < 0) 867 return error; 868 869 error = xfs_bulkstat(&breq, xfs_bulkstat_fmt); 870 if (error) 871 return error; 872 873 out_teardown: 874 xfs_bulk_ireq_teardown(&hdr, &breq); 875 if (copy_to_user(&arg->hdr, &hdr, sizeof(hdr))) 876 return -EFAULT; 877 878 return 0; 879 } 880 881 STATIC int 882 xfs_inumbers_fmt( 883 struct xfs_ibulk *breq, 884 const struct xfs_inumbers *igrp) 885 { 886 if (copy_to_user(breq->ubuffer, igrp, sizeof(struct xfs_inumbers))) 887 return -EFAULT; 888 return xfs_ibulk_advance(breq, sizeof(struct xfs_inumbers)); 889 } 890 891 /* Handle the v5 inumbers ioctl. */ 892 STATIC int 893 xfs_ioc_inumbers( 894 struct xfs_mount *mp, 895 unsigned int cmd, 896 struct xfs_inumbers_req __user *arg) 897 { 898 struct xfs_bulk_ireq hdr; 899 struct xfs_ibulk breq = { 900 .mp = mp, 901 }; 902 int error; 903 904 if (!capable(CAP_SYS_ADMIN)) 905 return -EPERM; 906 907 if (xfs_is_shutdown(mp)) 908 return -EIO; 909 910 if (copy_from_user(&hdr, &arg->hdr, sizeof(hdr))) 911 return -EFAULT; 912 913 error = xfs_bulk_ireq_setup(mp, &hdr, &breq, arg->inumbers); 914 if (error == -ECANCELED) 915 goto out_teardown; 916 if (error < 0) 917 return error; 918 919 error = xfs_inumbers(&breq, xfs_inumbers_fmt); 920 if (error) 921 return error; 922 923 out_teardown: 924 xfs_bulk_ireq_teardown(&hdr, &breq); 925 if (copy_to_user(&arg->hdr, &hdr, sizeof(hdr))) 926 return -EFAULT; 927 928 return 0; 929 } 930 931 STATIC int 932 xfs_ioc_fsgeometry( 933 struct xfs_mount *mp, 934 void __user *arg, 935 int struct_version) 936 { 937 struct xfs_fsop_geom fsgeo; 938 size_t len; 939 940 xfs_fs_geometry(mp, &fsgeo, struct_version); 941 942 if (struct_version <= 3) 943 len = sizeof(struct xfs_fsop_geom_v1); 944 else if (struct_version == 4) 945 len = sizeof(struct xfs_fsop_geom_v4); 946 else { 947 xfs_fsop_geom_health(mp, &fsgeo); 948 len = sizeof(fsgeo); 949 } 950 951 if (copy_to_user(arg, &fsgeo, len)) 952 return -EFAULT; 953 return 0; 954 } 955 956 STATIC int 957 xfs_ioc_ag_geometry( 958 struct xfs_mount *mp, 959 void __user *arg) 960 { 961 struct xfs_perag *pag; 962 struct xfs_ag_geometry ageo; 963 int error; 964 965 if (copy_from_user(&ageo, arg, sizeof(ageo))) 966 return -EFAULT; 967 if (ageo.ag_flags) 968 return -EINVAL; 969 if (memchr_inv(&ageo.ag_reserved, 0, sizeof(ageo.ag_reserved))) 970 return -EINVAL; 971 972 pag = xfs_perag_get(mp, ageo.ag_number); 973 if (!pag) 974 return -EINVAL; 975 976 error = xfs_ag_get_geometry(pag, &ageo); 977 xfs_perag_put(pag); 978 if (error) 979 return error; 980 981 if (copy_to_user(arg, &ageo, sizeof(ageo))) 982 return -EFAULT; 983 return 0; 984 } 985 986 /* 987 * Linux extended inode flags interface. 988 */ 989 990 static void 991 xfs_fill_fsxattr( 992 struct xfs_inode *ip, 993 int whichfork, 994 struct fileattr *fa) 995 { 996 struct xfs_mount *mp = ip->i_mount; 997 struct xfs_ifork *ifp = xfs_ifork_ptr(ip, whichfork); 998 999 fileattr_fill_xflags(fa, xfs_ip2xflags(ip)); 1000 1001 if (ip->i_diflags & XFS_DIFLAG_EXTSIZE) { 1002 fa->fsx_extsize = XFS_FSB_TO_B(mp, ip->i_extsize); 1003 } else if (ip->i_diflags & XFS_DIFLAG_EXTSZINHERIT) { 1004 /* 1005 * Don't let a misaligned extent size hint on a directory 1006 * escape to userspace if it won't pass the setattr checks 1007 * later. 1008 */ 1009 if ((ip->i_diflags & XFS_DIFLAG_RTINHERIT) && 1010 xfs_extlen_to_rtxmod(mp, ip->i_extsize) > 0) { 1011 fa->fsx_xflags &= ~(FS_XFLAG_EXTSIZE | 1012 FS_XFLAG_EXTSZINHERIT); 1013 fa->fsx_extsize = 0; 1014 } else { 1015 fa->fsx_extsize = XFS_FSB_TO_B(mp, ip->i_extsize); 1016 } 1017 } 1018 1019 if (ip->i_diflags2 & XFS_DIFLAG2_COWEXTSIZE) 1020 fa->fsx_cowextsize = XFS_FSB_TO_B(mp, ip->i_cowextsize); 1021 fa->fsx_projid = ip->i_projid; 1022 if (ifp && !xfs_need_iread_extents(ifp)) 1023 fa->fsx_nextents = xfs_iext_count(ifp); 1024 else 1025 fa->fsx_nextents = xfs_ifork_nextents(ifp); 1026 } 1027 1028 STATIC int 1029 xfs_ioc_fsgetxattra( 1030 xfs_inode_t *ip, 1031 void __user *arg) 1032 { 1033 struct fileattr fa; 1034 1035 xfs_ilock(ip, XFS_ILOCK_SHARED); 1036 xfs_fill_fsxattr(ip, XFS_ATTR_FORK, &fa); 1037 xfs_iunlock(ip, XFS_ILOCK_SHARED); 1038 1039 return copy_fsxattr_to_user(&fa, arg); 1040 } 1041 1042 int 1043 xfs_fileattr_get( 1044 struct dentry *dentry, 1045 struct fileattr *fa) 1046 { 1047 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1048 1049 if (d_is_special(dentry)) 1050 return -ENOTTY; 1051 1052 xfs_ilock(ip, XFS_ILOCK_SHARED); 1053 xfs_fill_fsxattr(ip, XFS_DATA_FORK, fa); 1054 xfs_iunlock(ip, XFS_ILOCK_SHARED); 1055 1056 return 0; 1057 } 1058 1059 STATIC uint16_t 1060 xfs_flags2diflags( 1061 struct xfs_inode *ip, 1062 unsigned int xflags) 1063 { 1064 /* can't set PREALLOC this way, just preserve it */ 1065 uint16_t di_flags = 1066 (ip->i_diflags & XFS_DIFLAG_PREALLOC); 1067 1068 if (xflags & FS_XFLAG_IMMUTABLE) 1069 di_flags |= XFS_DIFLAG_IMMUTABLE; 1070 if (xflags & FS_XFLAG_APPEND) 1071 di_flags |= XFS_DIFLAG_APPEND; 1072 if (xflags & FS_XFLAG_SYNC) 1073 di_flags |= XFS_DIFLAG_SYNC; 1074 if (xflags & FS_XFLAG_NOATIME) 1075 di_flags |= XFS_DIFLAG_NOATIME; 1076 if (xflags & FS_XFLAG_NODUMP) 1077 di_flags |= XFS_DIFLAG_NODUMP; 1078 if (xflags & FS_XFLAG_NODEFRAG) 1079 di_flags |= XFS_DIFLAG_NODEFRAG; 1080 if (xflags & FS_XFLAG_FILESTREAM) 1081 di_flags |= XFS_DIFLAG_FILESTREAM; 1082 if (S_ISDIR(VFS_I(ip)->i_mode)) { 1083 if (xflags & FS_XFLAG_RTINHERIT) 1084 di_flags |= XFS_DIFLAG_RTINHERIT; 1085 if (xflags & FS_XFLAG_NOSYMLINKS) 1086 di_flags |= XFS_DIFLAG_NOSYMLINKS; 1087 if (xflags & FS_XFLAG_EXTSZINHERIT) 1088 di_flags |= XFS_DIFLAG_EXTSZINHERIT; 1089 if (xflags & FS_XFLAG_PROJINHERIT) 1090 di_flags |= XFS_DIFLAG_PROJINHERIT; 1091 } else if (S_ISREG(VFS_I(ip)->i_mode)) { 1092 if (xflags & FS_XFLAG_REALTIME) 1093 di_flags |= XFS_DIFLAG_REALTIME; 1094 if (xflags & FS_XFLAG_EXTSIZE) 1095 di_flags |= XFS_DIFLAG_EXTSIZE; 1096 } 1097 1098 return di_flags; 1099 } 1100 1101 STATIC uint64_t 1102 xfs_flags2diflags2( 1103 struct xfs_inode *ip, 1104 unsigned int xflags) 1105 { 1106 uint64_t di_flags2 = 1107 (ip->i_diflags2 & (XFS_DIFLAG2_REFLINK | 1108 XFS_DIFLAG2_BIGTIME | 1109 XFS_DIFLAG2_NREXT64)); 1110 1111 if (xflags & FS_XFLAG_DAX) 1112 di_flags2 |= XFS_DIFLAG2_DAX; 1113 if (xflags & FS_XFLAG_COWEXTSIZE) 1114 di_flags2 |= XFS_DIFLAG2_COWEXTSIZE; 1115 1116 return di_flags2; 1117 } 1118 1119 static int 1120 xfs_ioctl_setattr_xflags( 1121 struct xfs_trans *tp, 1122 struct xfs_inode *ip, 1123 struct fileattr *fa) 1124 { 1125 struct xfs_mount *mp = ip->i_mount; 1126 bool rtflag = (fa->fsx_xflags & FS_XFLAG_REALTIME); 1127 uint64_t i_flags2; 1128 1129 if (rtflag != XFS_IS_REALTIME_INODE(ip)) { 1130 /* Can't change realtime flag if any extents are allocated. */ 1131 if (ip->i_df.if_nextents || ip->i_delayed_blks) 1132 return -EINVAL; 1133 } 1134 1135 if (rtflag) { 1136 /* If realtime flag is set then must have realtime device */ 1137 if (mp->m_sb.sb_rblocks == 0 || mp->m_sb.sb_rextsize == 0 || 1138 xfs_extlen_to_rtxmod(mp, ip->i_extsize)) 1139 return -EINVAL; 1140 1141 /* Clear reflink if we are actually able to set the rt flag. */ 1142 if (xfs_is_reflink_inode(ip)) 1143 ip->i_diflags2 &= ~XFS_DIFLAG2_REFLINK; 1144 } 1145 1146 /* diflags2 only valid for v3 inodes. */ 1147 i_flags2 = xfs_flags2diflags2(ip, fa->fsx_xflags); 1148 if (i_flags2 && !xfs_has_v3inodes(mp)) 1149 return -EINVAL; 1150 1151 ip->i_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1152 ip->i_diflags2 = i_flags2; 1153 1154 xfs_diflags_to_iflags(ip, false); 1155 1156 /* 1157 * Make the stable writes flag match that of the device the inode 1158 * resides on when flipping the RT flag. 1159 */ 1160 if (rtflag != XFS_IS_REALTIME_INODE(ip) && S_ISREG(VFS_I(ip)->i_mode)) 1161 xfs_update_stable_writes(ip); 1162 1163 xfs_trans_ichgtime(tp, ip, XFS_ICHGTIME_CHG); 1164 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 1165 XFS_STATS_INC(mp, xs_ig_attrchg); 1166 return 0; 1167 } 1168 1169 static void 1170 xfs_ioctl_setattr_prepare_dax( 1171 struct xfs_inode *ip, 1172 struct fileattr *fa) 1173 { 1174 struct xfs_mount *mp = ip->i_mount; 1175 struct inode *inode = VFS_I(ip); 1176 1177 if (S_ISDIR(inode->i_mode)) 1178 return; 1179 1180 if (xfs_has_dax_always(mp) || xfs_has_dax_never(mp)) 1181 return; 1182 1183 if (((fa->fsx_xflags & FS_XFLAG_DAX) && 1184 !(ip->i_diflags2 & XFS_DIFLAG2_DAX)) || 1185 (!(fa->fsx_xflags & FS_XFLAG_DAX) && 1186 (ip->i_diflags2 & XFS_DIFLAG2_DAX))) 1187 d_mark_dontcache(inode); 1188 } 1189 1190 /* 1191 * Set up the transaction structure for the setattr operation, checking that we 1192 * have permission to do so. On success, return a clean transaction and the 1193 * inode locked exclusively ready for further operation specific checks. On 1194 * failure, return an error without modifying or locking the inode. 1195 */ 1196 static struct xfs_trans * 1197 xfs_ioctl_setattr_get_trans( 1198 struct xfs_inode *ip, 1199 struct xfs_dquot *pdqp) 1200 { 1201 struct xfs_mount *mp = ip->i_mount; 1202 struct xfs_trans *tp; 1203 int error = -EROFS; 1204 1205 if (xfs_is_readonly(mp)) 1206 goto out_error; 1207 error = -EIO; 1208 if (xfs_is_shutdown(mp)) 1209 goto out_error; 1210 1211 error = xfs_trans_alloc_ichange(ip, NULL, NULL, pdqp, 1212 has_capability_noaudit(current, CAP_FOWNER), &tp); 1213 if (error) 1214 goto out_error; 1215 1216 if (xfs_has_wsync(mp)) 1217 xfs_trans_set_sync(tp); 1218 1219 return tp; 1220 1221 out_error: 1222 return ERR_PTR(error); 1223 } 1224 1225 /* 1226 * Validate a proposed extent size hint. For regular files, the hint can only 1227 * be changed if no extents are allocated. 1228 */ 1229 static int 1230 xfs_ioctl_setattr_check_extsize( 1231 struct xfs_inode *ip, 1232 struct fileattr *fa) 1233 { 1234 struct xfs_mount *mp = ip->i_mount; 1235 xfs_failaddr_t failaddr; 1236 uint16_t new_diflags; 1237 1238 if (!fa->fsx_valid) 1239 return 0; 1240 1241 if (S_ISREG(VFS_I(ip)->i_mode) && ip->i_df.if_nextents && 1242 XFS_FSB_TO_B(mp, ip->i_extsize) != fa->fsx_extsize) 1243 return -EINVAL; 1244 1245 if (fa->fsx_extsize & mp->m_blockmask) 1246 return -EINVAL; 1247 1248 new_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1249 1250 /* 1251 * Inode verifiers do not check that the extent size hint is an integer 1252 * multiple of the rt extent size on a directory with both rtinherit 1253 * and extszinherit flags set. Don't let sysadmins misconfigure 1254 * directories. 1255 */ 1256 if ((new_diflags & XFS_DIFLAG_RTINHERIT) && 1257 (new_diflags & XFS_DIFLAG_EXTSZINHERIT)) { 1258 unsigned int rtextsize_bytes; 1259 1260 rtextsize_bytes = XFS_FSB_TO_B(mp, mp->m_sb.sb_rextsize); 1261 if (fa->fsx_extsize % rtextsize_bytes) 1262 return -EINVAL; 1263 } 1264 1265 failaddr = xfs_inode_validate_extsize(ip->i_mount, 1266 XFS_B_TO_FSB(mp, fa->fsx_extsize), 1267 VFS_I(ip)->i_mode, new_diflags); 1268 return failaddr != NULL ? -EINVAL : 0; 1269 } 1270 1271 static int 1272 xfs_ioctl_setattr_check_cowextsize( 1273 struct xfs_inode *ip, 1274 struct fileattr *fa) 1275 { 1276 struct xfs_mount *mp = ip->i_mount; 1277 xfs_failaddr_t failaddr; 1278 uint64_t new_diflags2; 1279 uint16_t new_diflags; 1280 1281 if (!fa->fsx_valid) 1282 return 0; 1283 1284 if (fa->fsx_cowextsize & mp->m_blockmask) 1285 return -EINVAL; 1286 1287 new_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1288 new_diflags2 = xfs_flags2diflags2(ip, fa->fsx_xflags); 1289 1290 failaddr = xfs_inode_validate_cowextsize(ip->i_mount, 1291 XFS_B_TO_FSB(mp, fa->fsx_cowextsize), 1292 VFS_I(ip)->i_mode, new_diflags, new_diflags2); 1293 return failaddr != NULL ? -EINVAL : 0; 1294 } 1295 1296 static int 1297 xfs_ioctl_setattr_check_projid( 1298 struct xfs_inode *ip, 1299 struct fileattr *fa) 1300 { 1301 if (!fa->fsx_valid) 1302 return 0; 1303 1304 /* Disallow 32bit project ids if 32bit IDs are not enabled. */ 1305 if (fa->fsx_projid > (uint16_t)-1 && 1306 !xfs_has_projid32(ip->i_mount)) 1307 return -EINVAL; 1308 return 0; 1309 } 1310 1311 int 1312 xfs_fileattr_set( 1313 struct mnt_idmap *idmap, 1314 struct dentry *dentry, 1315 struct fileattr *fa) 1316 { 1317 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1318 struct xfs_mount *mp = ip->i_mount; 1319 struct xfs_trans *tp; 1320 struct xfs_dquot *pdqp = NULL; 1321 struct xfs_dquot *olddquot = NULL; 1322 int error; 1323 1324 trace_xfs_ioctl_setattr(ip); 1325 1326 if (d_is_special(dentry)) 1327 return -ENOTTY; 1328 1329 if (!fa->fsx_valid) { 1330 if (fa->flags & ~(FS_IMMUTABLE_FL | FS_APPEND_FL | 1331 FS_NOATIME_FL | FS_NODUMP_FL | 1332 FS_SYNC_FL | FS_DAX_FL | FS_PROJINHERIT_FL)) 1333 return -EOPNOTSUPP; 1334 } 1335 1336 error = xfs_ioctl_setattr_check_projid(ip, fa); 1337 if (error) 1338 return error; 1339 1340 /* 1341 * If disk quotas is on, we make sure that the dquots do exist on disk, 1342 * before we start any other transactions. Trying to do this later 1343 * is messy. We don't care to take a readlock to look at the ids 1344 * in inode here, because we can't hold it across the trans_reserve. 1345 * If the IDs do change before we take the ilock, we're covered 1346 * because the i_*dquot fields will get updated anyway. 1347 */ 1348 if (fa->fsx_valid && XFS_IS_QUOTA_ON(mp)) { 1349 error = xfs_qm_vop_dqalloc(ip, VFS_I(ip)->i_uid, 1350 VFS_I(ip)->i_gid, fa->fsx_projid, 1351 XFS_QMOPT_PQUOTA, NULL, NULL, &pdqp); 1352 if (error) 1353 return error; 1354 } 1355 1356 xfs_ioctl_setattr_prepare_dax(ip, fa); 1357 1358 tp = xfs_ioctl_setattr_get_trans(ip, pdqp); 1359 if (IS_ERR(tp)) { 1360 error = PTR_ERR(tp); 1361 goto error_free_dquots; 1362 } 1363 1364 error = xfs_ioctl_setattr_check_extsize(ip, fa); 1365 if (error) 1366 goto error_trans_cancel; 1367 1368 error = xfs_ioctl_setattr_check_cowextsize(ip, fa); 1369 if (error) 1370 goto error_trans_cancel; 1371 1372 error = xfs_ioctl_setattr_xflags(tp, ip, fa); 1373 if (error) 1374 goto error_trans_cancel; 1375 1376 if (!fa->fsx_valid) 1377 goto skip_xattr; 1378 /* 1379 * Change file ownership. Must be the owner or privileged. CAP_FSETID 1380 * overrides the following restrictions: 1381 * 1382 * The set-user-ID and set-group-ID bits of a file will be cleared upon 1383 * successful return from chown() 1384 */ 1385 1386 if ((VFS_I(ip)->i_mode & (S_ISUID|S_ISGID)) && 1387 !capable_wrt_inode_uidgid(idmap, VFS_I(ip), CAP_FSETID)) 1388 VFS_I(ip)->i_mode &= ~(S_ISUID|S_ISGID); 1389 1390 /* Change the ownerships and register project quota modifications */ 1391 if (ip->i_projid != fa->fsx_projid) { 1392 if (XFS_IS_PQUOTA_ON(mp)) { 1393 olddquot = xfs_qm_vop_chown(tp, ip, 1394 &ip->i_pdquot, pdqp); 1395 } 1396 ip->i_projid = fa->fsx_projid; 1397 } 1398 1399 /* 1400 * Only set the extent size hint if we've already determined that the 1401 * extent size hint should be set on the inode. If no extent size flags 1402 * are set on the inode then unconditionally clear the extent size hint. 1403 */ 1404 if (ip->i_diflags & (XFS_DIFLAG_EXTSIZE | XFS_DIFLAG_EXTSZINHERIT)) 1405 ip->i_extsize = XFS_B_TO_FSB(mp, fa->fsx_extsize); 1406 else 1407 ip->i_extsize = 0; 1408 1409 if (xfs_has_v3inodes(mp)) { 1410 if (ip->i_diflags2 & XFS_DIFLAG2_COWEXTSIZE) 1411 ip->i_cowextsize = XFS_B_TO_FSB(mp, fa->fsx_cowextsize); 1412 else 1413 ip->i_cowextsize = 0; 1414 } 1415 1416 skip_xattr: 1417 error = xfs_trans_commit(tp); 1418 1419 /* 1420 * Release any dquot(s) the inode had kept before chown. 1421 */ 1422 xfs_qm_dqrele(olddquot); 1423 xfs_qm_dqrele(pdqp); 1424 1425 return error; 1426 1427 error_trans_cancel: 1428 xfs_trans_cancel(tp); 1429 error_free_dquots: 1430 xfs_qm_dqrele(pdqp); 1431 return error; 1432 } 1433 1434 static bool 1435 xfs_getbmap_format( 1436 struct kgetbmap *p, 1437 struct getbmapx __user *u, 1438 size_t recsize) 1439 { 1440 if (put_user(p->bmv_offset, &u->bmv_offset) || 1441 put_user(p->bmv_block, &u->bmv_block) || 1442 put_user(p->bmv_length, &u->bmv_length) || 1443 put_user(0, &u->bmv_count) || 1444 put_user(0, &u->bmv_entries)) 1445 return false; 1446 if (recsize < sizeof(struct getbmapx)) 1447 return true; 1448 if (put_user(0, &u->bmv_iflags) || 1449 put_user(p->bmv_oflags, &u->bmv_oflags) || 1450 put_user(0, &u->bmv_unused1) || 1451 put_user(0, &u->bmv_unused2)) 1452 return false; 1453 return true; 1454 } 1455 1456 STATIC int 1457 xfs_ioc_getbmap( 1458 struct file *file, 1459 unsigned int cmd, 1460 void __user *arg) 1461 { 1462 struct getbmapx bmx = { 0 }; 1463 struct kgetbmap *buf; 1464 size_t recsize; 1465 int error, i; 1466 1467 switch (cmd) { 1468 case XFS_IOC_GETBMAPA: 1469 bmx.bmv_iflags = BMV_IF_ATTRFORK; 1470 fallthrough; 1471 case XFS_IOC_GETBMAP: 1472 /* struct getbmap is a strict subset of struct getbmapx. */ 1473 recsize = sizeof(struct getbmap); 1474 break; 1475 case XFS_IOC_GETBMAPX: 1476 recsize = sizeof(struct getbmapx); 1477 break; 1478 default: 1479 return -EINVAL; 1480 } 1481 1482 if (copy_from_user(&bmx, arg, recsize)) 1483 return -EFAULT; 1484 1485 if (bmx.bmv_count < 2) 1486 return -EINVAL; 1487 if (bmx.bmv_count >= INT_MAX / recsize) 1488 return -ENOMEM; 1489 1490 buf = kvcalloc(bmx.bmv_count, sizeof(*buf), GFP_KERNEL); 1491 if (!buf) 1492 return -ENOMEM; 1493 1494 error = xfs_getbmap(XFS_I(file_inode(file)), &bmx, buf); 1495 if (error) 1496 goto out_free_buf; 1497 1498 error = -EFAULT; 1499 if (copy_to_user(arg, &bmx, recsize)) 1500 goto out_free_buf; 1501 arg += recsize; 1502 1503 for (i = 0; i < bmx.bmv_entries; i++) { 1504 if (!xfs_getbmap_format(buf + i, arg, recsize)) 1505 goto out_free_buf; 1506 arg += recsize; 1507 } 1508 1509 error = 0; 1510 out_free_buf: 1511 kvfree(buf); 1512 return error; 1513 } 1514 1515 STATIC int 1516 xfs_ioc_getfsmap( 1517 struct xfs_inode *ip, 1518 struct fsmap_head __user *arg) 1519 { 1520 struct xfs_fsmap_head xhead = {0}; 1521 struct fsmap_head head; 1522 struct fsmap *recs; 1523 unsigned int count; 1524 __u32 last_flags = 0; 1525 bool done = false; 1526 int error; 1527 1528 if (copy_from_user(&head, arg, sizeof(struct fsmap_head))) 1529 return -EFAULT; 1530 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) || 1531 memchr_inv(head.fmh_keys[0].fmr_reserved, 0, 1532 sizeof(head.fmh_keys[0].fmr_reserved)) || 1533 memchr_inv(head.fmh_keys[1].fmr_reserved, 0, 1534 sizeof(head.fmh_keys[1].fmr_reserved))) 1535 return -EINVAL; 1536 1537 /* 1538 * Use an internal memory buffer so that we don't have to copy fsmap 1539 * data to userspace while holding locks. Start by trying to allocate 1540 * up to 128k for the buffer, but fall back to a single page if needed. 1541 */ 1542 count = min_t(unsigned int, head.fmh_count, 1543 131072 / sizeof(struct fsmap)); 1544 recs = kvcalloc(count, sizeof(struct fsmap), GFP_KERNEL); 1545 if (!recs) { 1546 count = min_t(unsigned int, head.fmh_count, 1547 PAGE_SIZE / sizeof(struct fsmap)); 1548 recs = kvcalloc(count, sizeof(struct fsmap), GFP_KERNEL); 1549 if (!recs) 1550 return -ENOMEM; 1551 } 1552 1553 xhead.fmh_iflags = head.fmh_iflags; 1554 xfs_fsmap_to_internal(&xhead.fmh_keys[0], &head.fmh_keys[0]); 1555 xfs_fsmap_to_internal(&xhead.fmh_keys[1], &head.fmh_keys[1]); 1556 1557 trace_xfs_getfsmap_low_key(ip->i_mount, &xhead.fmh_keys[0]); 1558 trace_xfs_getfsmap_high_key(ip->i_mount, &xhead.fmh_keys[1]); 1559 1560 head.fmh_entries = 0; 1561 do { 1562 struct fsmap __user *user_recs; 1563 struct fsmap *last_rec; 1564 1565 user_recs = &arg->fmh_recs[head.fmh_entries]; 1566 xhead.fmh_entries = 0; 1567 xhead.fmh_count = min_t(unsigned int, count, 1568 head.fmh_count - head.fmh_entries); 1569 1570 /* Run query, record how many entries we got. */ 1571 error = xfs_getfsmap(ip->i_mount, &xhead, recs); 1572 switch (error) { 1573 case 0: 1574 /* 1575 * There are no more records in the result set. Copy 1576 * whatever we got to userspace and break out. 1577 */ 1578 done = true; 1579 break; 1580 case -ECANCELED: 1581 /* 1582 * The internal memory buffer is full. Copy whatever 1583 * records we got to userspace and go again if we have 1584 * not yet filled the userspace buffer. 1585 */ 1586 error = 0; 1587 break; 1588 default: 1589 goto out_free; 1590 } 1591 head.fmh_entries += xhead.fmh_entries; 1592 head.fmh_oflags = xhead.fmh_oflags; 1593 1594 /* 1595 * If the caller wanted a record count or there aren't any 1596 * new records to return, we're done. 1597 */ 1598 if (head.fmh_count == 0 || xhead.fmh_entries == 0) 1599 break; 1600 1601 /* Copy all the records we got out to userspace. */ 1602 if (copy_to_user(user_recs, recs, 1603 xhead.fmh_entries * sizeof(struct fsmap))) { 1604 error = -EFAULT; 1605 goto out_free; 1606 } 1607 1608 /* Remember the last record flags we copied to userspace. */ 1609 last_rec = &recs[xhead.fmh_entries - 1]; 1610 last_flags = last_rec->fmr_flags; 1611 1612 /* Set up the low key for the next iteration. */ 1613 xfs_fsmap_to_internal(&xhead.fmh_keys[0], last_rec); 1614 trace_xfs_getfsmap_low_key(ip->i_mount, &xhead.fmh_keys[0]); 1615 } while (!done && head.fmh_entries < head.fmh_count); 1616 1617 /* 1618 * If there are no more records in the query result set and we're not 1619 * in counting mode, mark the last record returned with the LAST flag. 1620 */ 1621 if (done && head.fmh_count > 0 && head.fmh_entries > 0) { 1622 struct fsmap __user *user_rec; 1623 1624 last_flags |= FMR_OF_LAST; 1625 user_rec = &arg->fmh_recs[head.fmh_entries - 1]; 1626 1627 if (copy_to_user(&user_rec->fmr_flags, &last_flags, 1628 sizeof(last_flags))) { 1629 error = -EFAULT; 1630 goto out_free; 1631 } 1632 } 1633 1634 /* copy back header */ 1635 if (copy_to_user(arg, &head, sizeof(struct fsmap_head))) { 1636 error = -EFAULT; 1637 goto out_free; 1638 } 1639 1640 out_free: 1641 kvfree(recs); 1642 return error; 1643 } 1644 1645 STATIC int 1646 xfs_ioc_scrub_metadata( 1647 struct file *file, 1648 void __user *arg) 1649 { 1650 struct xfs_scrub_metadata scrub; 1651 int error; 1652 1653 if (!capable(CAP_SYS_ADMIN)) 1654 return -EPERM; 1655 1656 if (copy_from_user(&scrub, arg, sizeof(scrub))) 1657 return -EFAULT; 1658 1659 error = xfs_scrub_metadata(file, &scrub); 1660 if (error) 1661 return error; 1662 1663 if (copy_to_user(arg, &scrub, sizeof(scrub))) 1664 return -EFAULT; 1665 1666 return 0; 1667 } 1668 1669 int 1670 xfs_ioc_swapext( 1671 xfs_swapext_t *sxp) 1672 { 1673 xfs_inode_t *ip, *tip; 1674 struct fd f, tmp; 1675 int error = 0; 1676 1677 /* Pull information for the target fd */ 1678 f = fdget((int)sxp->sx_fdtarget); 1679 if (!f.file) { 1680 error = -EINVAL; 1681 goto out; 1682 } 1683 1684 if (!(f.file->f_mode & FMODE_WRITE) || 1685 !(f.file->f_mode & FMODE_READ) || 1686 (f.file->f_flags & O_APPEND)) { 1687 error = -EBADF; 1688 goto out_put_file; 1689 } 1690 1691 tmp = fdget((int)sxp->sx_fdtmp); 1692 if (!tmp.file) { 1693 error = -EINVAL; 1694 goto out_put_file; 1695 } 1696 1697 if (!(tmp.file->f_mode & FMODE_WRITE) || 1698 !(tmp.file->f_mode & FMODE_READ) || 1699 (tmp.file->f_flags & O_APPEND)) { 1700 error = -EBADF; 1701 goto out_put_tmp_file; 1702 } 1703 1704 if (IS_SWAPFILE(file_inode(f.file)) || 1705 IS_SWAPFILE(file_inode(tmp.file))) { 1706 error = -EINVAL; 1707 goto out_put_tmp_file; 1708 } 1709 1710 /* 1711 * We need to ensure that the fds passed in point to XFS inodes 1712 * before we cast and access them as XFS structures as we have no 1713 * control over what the user passes us here. 1714 */ 1715 if (f.file->f_op != &xfs_file_operations || 1716 tmp.file->f_op != &xfs_file_operations) { 1717 error = -EINVAL; 1718 goto out_put_tmp_file; 1719 } 1720 1721 ip = XFS_I(file_inode(f.file)); 1722 tip = XFS_I(file_inode(tmp.file)); 1723 1724 if (ip->i_mount != tip->i_mount) { 1725 error = -EINVAL; 1726 goto out_put_tmp_file; 1727 } 1728 1729 if (ip->i_ino == tip->i_ino) { 1730 error = -EINVAL; 1731 goto out_put_tmp_file; 1732 } 1733 1734 if (xfs_is_shutdown(ip->i_mount)) { 1735 error = -EIO; 1736 goto out_put_tmp_file; 1737 } 1738 1739 error = xfs_swap_extents(ip, tip, sxp); 1740 1741 out_put_tmp_file: 1742 fdput(tmp); 1743 out_put_file: 1744 fdput(f); 1745 out: 1746 return error; 1747 } 1748 1749 static int 1750 xfs_ioc_getlabel( 1751 struct xfs_mount *mp, 1752 char __user *user_label) 1753 { 1754 struct xfs_sb *sbp = &mp->m_sb; 1755 char label[XFSLABEL_MAX + 1]; 1756 1757 /* Paranoia */ 1758 BUILD_BUG_ON(sizeof(sbp->sb_fname) > FSLABEL_MAX); 1759 1760 /* 1 larger than sb_fname, so this ensures a trailing NUL char */ 1761 memset(label, 0, sizeof(label)); 1762 spin_lock(&mp->m_sb_lock); 1763 strncpy(label, sbp->sb_fname, XFSLABEL_MAX); 1764 spin_unlock(&mp->m_sb_lock); 1765 1766 if (copy_to_user(user_label, label, sizeof(label))) 1767 return -EFAULT; 1768 return 0; 1769 } 1770 1771 static int 1772 xfs_ioc_setlabel( 1773 struct file *filp, 1774 struct xfs_mount *mp, 1775 char __user *newlabel) 1776 { 1777 struct xfs_sb *sbp = &mp->m_sb; 1778 char label[XFSLABEL_MAX + 1]; 1779 size_t len; 1780 int error; 1781 1782 if (!capable(CAP_SYS_ADMIN)) 1783 return -EPERM; 1784 /* 1785 * The generic ioctl allows up to FSLABEL_MAX chars, but XFS is much 1786 * smaller, at 12 bytes. We copy one more to be sure we find the 1787 * (required) NULL character to test the incoming label length. 1788 * NB: The on disk label doesn't need to be null terminated. 1789 */ 1790 if (copy_from_user(label, newlabel, XFSLABEL_MAX + 1)) 1791 return -EFAULT; 1792 len = strnlen(label, XFSLABEL_MAX + 1); 1793 if (len > sizeof(sbp->sb_fname)) 1794 return -EINVAL; 1795 1796 error = mnt_want_write_file(filp); 1797 if (error) 1798 return error; 1799 1800 spin_lock(&mp->m_sb_lock); 1801 memset(sbp->sb_fname, 0, sizeof(sbp->sb_fname)); 1802 memcpy(sbp->sb_fname, label, len); 1803 spin_unlock(&mp->m_sb_lock); 1804 1805 /* 1806 * Now we do several things to satisfy userspace. 1807 * In addition to normal logging of the primary superblock, we also 1808 * immediately write these changes to sector zero for the primary, then 1809 * update all backup supers (as xfs_db does for a label change), then 1810 * invalidate the block device page cache. This is so that any prior 1811 * buffered reads from userspace (i.e. from blkid) are invalidated, 1812 * and userspace will see the newly-written label. 1813 */ 1814 error = xfs_sync_sb_buf(mp); 1815 if (error) 1816 goto out; 1817 /* 1818 * growfs also updates backup supers so lock against that. 1819 */ 1820 mutex_lock(&mp->m_growlock); 1821 error = xfs_update_secondary_sbs(mp); 1822 mutex_unlock(&mp->m_growlock); 1823 1824 invalidate_bdev(mp->m_ddev_targp->bt_bdev); 1825 1826 out: 1827 mnt_drop_write_file(filp); 1828 return error; 1829 } 1830 1831 static inline int 1832 xfs_fs_eofblocks_from_user( 1833 struct xfs_fs_eofblocks *src, 1834 struct xfs_icwalk *dst) 1835 { 1836 if (src->eof_version != XFS_EOFBLOCKS_VERSION) 1837 return -EINVAL; 1838 1839 if (src->eof_flags & ~XFS_EOF_FLAGS_VALID) 1840 return -EINVAL; 1841 1842 if (memchr_inv(&src->pad32, 0, sizeof(src->pad32)) || 1843 memchr_inv(src->pad64, 0, sizeof(src->pad64))) 1844 return -EINVAL; 1845 1846 dst->icw_flags = 0; 1847 if (src->eof_flags & XFS_EOF_FLAGS_SYNC) 1848 dst->icw_flags |= XFS_ICWALK_FLAG_SYNC; 1849 if (src->eof_flags & XFS_EOF_FLAGS_UID) 1850 dst->icw_flags |= XFS_ICWALK_FLAG_UID; 1851 if (src->eof_flags & XFS_EOF_FLAGS_GID) 1852 dst->icw_flags |= XFS_ICWALK_FLAG_GID; 1853 if (src->eof_flags & XFS_EOF_FLAGS_PRID) 1854 dst->icw_flags |= XFS_ICWALK_FLAG_PRID; 1855 if (src->eof_flags & XFS_EOF_FLAGS_MINFILESIZE) 1856 dst->icw_flags |= XFS_ICWALK_FLAG_MINFILESIZE; 1857 1858 dst->icw_prid = src->eof_prid; 1859 dst->icw_min_file_size = src->eof_min_file_size; 1860 1861 dst->icw_uid = INVALID_UID; 1862 if (src->eof_flags & XFS_EOF_FLAGS_UID) { 1863 dst->icw_uid = make_kuid(current_user_ns(), src->eof_uid); 1864 if (!uid_valid(dst->icw_uid)) 1865 return -EINVAL; 1866 } 1867 1868 dst->icw_gid = INVALID_GID; 1869 if (src->eof_flags & XFS_EOF_FLAGS_GID) { 1870 dst->icw_gid = make_kgid(current_user_ns(), src->eof_gid); 1871 if (!gid_valid(dst->icw_gid)) 1872 return -EINVAL; 1873 } 1874 return 0; 1875 } 1876 1877 static int 1878 xfs_ioctl_getset_resblocks( 1879 struct file *filp, 1880 unsigned int cmd, 1881 void __user *arg) 1882 { 1883 struct xfs_mount *mp = XFS_I(file_inode(filp))->i_mount; 1884 struct xfs_fsop_resblks fsop = { }; 1885 int error; 1886 1887 if (!capable(CAP_SYS_ADMIN)) 1888 return -EPERM; 1889 1890 if (cmd == XFS_IOC_SET_RESBLKS) { 1891 if (xfs_is_readonly(mp)) 1892 return -EROFS; 1893 1894 if (copy_from_user(&fsop, arg, sizeof(fsop))) 1895 return -EFAULT; 1896 1897 error = mnt_want_write_file(filp); 1898 if (error) 1899 return error; 1900 error = xfs_reserve_blocks(mp, fsop.resblks); 1901 mnt_drop_write_file(filp); 1902 if (error) 1903 return error; 1904 } 1905 1906 spin_lock(&mp->m_sb_lock); 1907 fsop.resblks = mp->m_resblks; 1908 fsop.resblks_avail = mp->m_resblks_avail; 1909 spin_unlock(&mp->m_sb_lock); 1910 1911 if (copy_to_user(arg, &fsop, sizeof(fsop))) 1912 return -EFAULT; 1913 return 0; 1914 } 1915 1916 static int 1917 xfs_ioctl_fs_counts( 1918 struct xfs_mount *mp, 1919 struct xfs_fsop_counts __user *uarg) 1920 { 1921 struct xfs_fsop_counts out = { 1922 .allocino = percpu_counter_read_positive(&mp->m_icount), 1923 .freeino = percpu_counter_read_positive(&mp->m_ifree), 1924 .freedata = percpu_counter_read_positive(&mp->m_fdblocks) - 1925 xfs_fdblocks_unavailable(mp), 1926 .freertx = percpu_counter_read_positive(&mp->m_frextents), 1927 }; 1928 1929 if (copy_to_user(uarg, &out, sizeof(out))) 1930 return -EFAULT; 1931 return 0; 1932 } 1933 1934 /* 1935 * These long-unused ioctls were removed from the official ioctl API in 5.17, 1936 * but retain these definitions so that we can log warnings about them. 1937 */ 1938 #define XFS_IOC_ALLOCSP _IOW ('X', 10, struct xfs_flock64) 1939 #define XFS_IOC_FREESP _IOW ('X', 11, struct xfs_flock64) 1940 #define XFS_IOC_ALLOCSP64 _IOW ('X', 36, struct xfs_flock64) 1941 #define XFS_IOC_FREESP64 _IOW ('X', 37, struct xfs_flock64) 1942 1943 /* 1944 * Note: some of the ioctl's return positive numbers as a 1945 * byte count indicating success, such as readlink_by_handle. 1946 * So we don't "sign flip" like most other routines. This means 1947 * true errors need to be returned as a negative value. 1948 */ 1949 long 1950 xfs_file_ioctl( 1951 struct file *filp, 1952 unsigned int cmd, 1953 unsigned long p) 1954 { 1955 struct inode *inode = file_inode(filp); 1956 struct xfs_inode *ip = XFS_I(inode); 1957 struct xfs_mount *mp = ip->i_mount; 1958 void __user *arg = (void __user *)p; 1959 int error; 1960 1961 trace_xfs_file_ioctl(ip); 1962 1963 switch (cmd) { 1964 case FITRIM: 1965 return xfs_ioc_trim(mp, arg); 1966 case FS_IOC_GETFSLABEL: 1967 return xfs_ioc_getlabel(mp, arg); 1968 case FS_IOC_SETFSLABEL: 1969 return xfs_ioc_setlabel(filp, mp, arg); 1970 case XFS_IOC_ALLOCSP: 1971 case XFS_IOC_FREESP: 1972 case XFS_IOC_ALLOCSP64: 1973 case XFS_IOC_FREESP64: 1974 xfs_warn_once(mp, 1975 "%s should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported", 1976 current->comm); 1977 return -ENOTTY; 1978 case XFS_IOC_DIOINFO: { 1979 struct xfs_buftarg *target = xfs_inode_buftarg(ip); 1980 struct dioattr da; 1981 1982 da.d_mem = da.d_miniosz = target->bt_logical_sectorsize; 1983 da.d_maxiosz = INT_MAX & ~(da.d_miniosz - 1); 1984 1985 if (copy_to_user(arg, &da, sizeof(da))) 1986 return -EFAULT; 1987 return 0; 1988 } 1989 1990 case XFS_IOC_FSBULKSTAT_SINGLE: 1991 case XFS_IOC_FSBULKSTAT: 1992 case XFS_IOC_FSINUMBERS: 1993 return xfs_ioc_fsbulkstat(filp, cmd, arg); 1994 1995 case XFS_IOC_BULKSTAT: 1996 return xfs_ioc_bulkstat(filp, cmd, arg); 1997 case XFS_IOC_INUMBERS: 1998 return xfs_ioc_inumbers(mp, cmd, arg); 1999 2000 case XFS_IOC_FSGEOMETRY_V1: 2001 return xfs_ioc_fsgeometry(mp, arg, 3); 2002 case XFS_IOC_FSGEOMETRY_V4: 2003 return xfs_ioc_fsgeometry(mp, arg, 4); 2004 case XFS_IOC_FSGEOMETRY: 2005 return xfs_ioc_fsgeometry(mp, arg, 5); 2006 2007 case XFS_IOC_AG_GEOMETRY: 2008 return xfs_ioc_ag_geometry(mp, arg); 2009 2010 case XFS_IOC_GETVERSION: 2011 return put_user(inode->i_generation, (int __user *)arg); 2012 2013 case XFS_IOC_FSGETXATTRA: 2014 return xfs_ioc_fsgetxattra(ip, arg); 2015 2016 case XFS_IOC_GETBMAP: 2017 case XFS_IOC_GETBMAPA: 2018 case XFS_IOC_GETBMAPX: 2019 return xfs_ioc_getbmap(filp, cmd, arg); 2020 2021 case FS_IOC_GETFSMAP: 2022 return xfs_ioc_getfsmap(ip, arg); 2023 2024 case XFS_IOC_SCRUB_METADATA: 2025 return xfs_ioc_scrub_metadata(filp, arg); 2026 2027 case XFS_IOC_FD_TO_HANDLE: 2028 case XFS_IOC_PATH_TO_HANDLE: 2029 case XFS_IOC_PATH_TO_FSHANDLE: { 2030 xfs_fsop_handlereq_t hreq; 2031 2032 if (copy_from_user(&hreq, arg, sizeof(hreq))) 2033 return -EFAULT; 2034 return xfs_find_handle(cmd, &hreq); 2035 } 2036 case XFS_IOC_OPEN_BY_HANDLE: { 2037 xfs_fsop_handlereq_t hreq; 2038 2039 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t))) 2040 return -EFAULT; 2041 return xfs_open_by_handle(filp, &hreq); 2042 } 2043 2044 case XFS_IOC_READLINK_BY_HANDLE: { 2045 xfs_fsop_handlereq_t hreq; 2046 2047 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t))) 2048 return -EFAULT; 2049 return xfs_readlink_by_handle(filp, &hreq); 2050 } 2051 case XFS_IOC_ATTRLIST_BY_HANDLE: 2052 return xfs_attrlist_by_handle(filp, arg); 2053 2054 case XFS_IOC_ATTRMULTI_BY_HANDLE: 2055 return xfs_attrmulti_by_handle(filp, arg); 2056 2057 case XFS_IOC_SWAPEXT: { 2058 struct xfs_swapext sxp; 2059 2060 if (copy_from_user(&sxp, arg, sizeof(xfs_swapext_t))) 2061 return -EFAULT; 2062 error = mnt_want_write_file(filp); 2063 if (error) 2064 return error; 2065 error = xfs_ioc_swapext(&sxp); 2066 mnt_drop_write_file(filp); 2067 return error; 2068 } 2069 2070 case XFS_IOC_FSCOUNTS: 2071 return xfs_ioctl_fs_counts(mp, arg); 2072 2073 case XFS_IOC_SET_RESBLKS: 2074 case XFS_IOC_GET_RESBLKS: 2075 return xfs_ioctl_getset_resblocks(filp, cmd, arg); 2076 2077 case XFS_IOC_FSGROWFSDATA: { 2078 struct xfs_growfs_data in; 2079 2080 if (copy_from_user(&in, arg, sizeof(in))) 2081 return -EFAULT; 2082 2083 error = mnt_want_write_file(filp); 2084 if (error) 2085 return error; 2086 error = xfs_growfs_data(mp, &in); 2087 mnt_drop_write_file(filp); 2088 return error; 2089 } 2090 2091 case XFS_IOC_FSGROWFSLOG: { 2092 struct xfs_growfs_log in; 2093 2094 if (copy_from_user(&in, arg, sizeof(in))) 2095 return -EFAULT; 2096 2097 error = mnt_want_write_file(filp); 2098 if (error) 2099 return error; 2100 error = xfs_growfs_log(mp, &in); 2101 mnt_drop_write_file(filp); 2102 return error; 2103 } 2104 2105 case XFS_IOC_FSGROWFSRT: { 2106 xfs_growfs_rt_t in; 2107 2108 if (copy_from_user(&in, arg, sizeof(in))) 2109 return -EFAULT; 2110 2111 error = mnt_want_write_file(filp); 2112 if (error) 2113 return error; 2114 error = xfs_growfs_rt(mp, &in); 2115 mnt_drop_write_file(filp); 2116 return error; 2117 } 2118 2119 case XFS_IOC_GOINGDOWN: { 2120 uint32_t in; 2121 2122 if (!capable(CAP_SYS_ADMIN)) 2123 return -EPERM; 2124 2125 if (get_user(in, (uint32_t __user *)arg)) 2126 return -EFAULT; 2127 2128 return xfs_fs_goingdown(mp, in); 2129 } 2130 2131 case XFS_IOC_ERROR_INJECTION: { 2132 xfs_error_injection_t in; 2133 2134 if (!capable(CAP_SYS_ADMIN)) 2135 return -EPERM; 2136 2137 if (copy_from_user(&in, arg, sizeof(in))) 2138 return -EFAULT; 2139 2140 return xfs_errortag_add(mp, in.errtag); 2141 } 2142 2143 case XFS_IOC_ERROR_CLEARALL: 2144 if (!capable(CAP_SYS_ADMIN)) 2145 return -EPERM; 2146 2147 return xfs_errortag_clearall(mp); 2148 2149 case XFS_IOC_FREE_EOFBLOCKS: { 2150 struct xfs_fs_eofblocks eofb; 2151 struct xfs_icwalk icw; 2152 2153 if (!capable(CAP_SYS_ADMIN)) 2154 return -EPERM; 2155 2156 if (xfs_is_readonly(mp)) 2157 return -EROFS; 2158 2159 if (copy_from_user(&eofb, arg, sizeof(eofb))) 2160 return -EFAULT; 2161 2162 error = xfs_fs_eofblocks_from_user(&eofb, &icw); 2163 if (error) 2164 return error; 2165 2166 trace_xfs_ioc_free_eofblocks(mp, &icw, _RET_IP_); 2167 2168 sb_start_write(mp->m_super); 2169 error = xfs_blockgc_free_space(mp, &icw); 2170 sb_end_write(mp->m_super); 2171 return error; 2172 } 2173 2174 case XFS_IOC_EXCHANGE_RANGE: 2175 return xfs_ioc_exchange_range(filp, arg); 2176 2177 default: 2178 return -ENOTTY; 2179 } 2180 } 2181