xfs_ioctl.c (50539B)
1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 4 * All Rights Reserved. 5 */ 6#include "xfs.h" 7#include "xfs_fs.h" 8#include "xfs_shared.h" 9#include "xfs_format.h" 10#include "xfs_log_format.h" 11#include "xfs_trans_resv.h" 12#include "xfs_mount.h" 13#include "xfs_inode.h" 14#include "xfs_rtalloc.h" 15#include "xfs_iwalk.h" 16#include "xfs_itable.h" 17#include "xfs_error.h" 18#include "xfs_da_format.h" 19#include "xfs_da_btree.h" 20#include "xfs_attr.h" 21#include "xfs_bmap.h" 22#include "xfs_bmap_util.h" 23#include "xfs_fsops.h" 24#include "xfs_discard.h" 25#include "xfs_quota.h" 26#include "xfs_export.h" 27#include "xfs_trace.h" 28#include "xfs_icache.h" 29#include "xfs_trans.h" 30#include "xfs_acl.h" 31#include "xfs_btree.h" 32#include <linux/fsmap.h> 33#include "xfs_fsmap.h" 34#include "scrub/xfs_scrub.h" 35#include "xfs_sb.h" 36#include "xfs_ag.h" 37#include "xfs_health.h" 38#include "xfs_reflink.h" 39#include "xfs_ioctl.h" 40#include "xfs_xattr.h" 41 42#include <linux/mount.h> 43#include <linux/namei.h> 44#include <linux/fileattr.h> 45 46/* 47 * xfs_find_handle maps from userspace xfs_fsop_handlereq structure to 48 * a file or fs handle. 49 * 50 * XFS_IOC_PATH_TO_FSHANDLE 51 * returns fs handle for a mount point or path within that mount point 52 * XFS_IOC_FD_TO_HANDLE 53 * returns full handle for a FD opened in user space 54 * XFS_IOC_PATH_TO_HANDLE 55 * returns full handle for a path 56 */ 57int 58xfs_find_handle( 59 unsigned int cmd, 60 xfs_fsop_handlereq_t *hreq) 61{ 62 int hsize; 63 xfs_handle_t handle; 64 struct inode *inode; 65 struct fd f = {NULL}; 66 struct path path; 67 int error; 68 struct xfs_inode *ip; 69 70 if (cmd == XFS_IOC_FD_TO_HANDLE) { 71 f = fdget(hreq->fd); 72 if (!f.file) 73 return -EBADF; 74 inode = file_inode(f.file); 75 } else { 76 error = user_path_at(AT_FDCWD, hreq->path, 0, &path); 77 if (error) 78 return error; 79 inode = d_inode(path.dentry); 80 } 81 ip = XFS_I(inode); 82 83 /* 84 * We can only generate handles for inodes residing on a XFS filesystem, 85 * and only for regular files, directories or symbolic links. 86 */ 87 error = -EINVAL; 88 if (inode->i_sb->s_magic != XFS_SB_MAGIC) 89 goto out_put; 90 91 error = -EBADF; 92 if (!S_ISREG(inode->i_mode) && 93 !S_ISDIR(inode->i_mode) && 94 !S_ISLNK(inode->i_mode)) 95 goto out_put; 96 97 98 memcpy(&handle.ha_fsid, ip->i_mount->m_fixedfsid, sizeof(xfs_fsid_t)); 99 100 if (cmd == XFS_IOC_PATH_TO_FSHANDLE) { 101 /* 102 * This handle only contains an fsid, zero the rest. 103 */ 104 memset(&handle.ha_fid, 0, sizeof(handle.ha_fid)); 105 hsize = sizeof(xfs_fsid_t); 106 } else { 107 handle.ha_fid.fid_len = sizeof(xfs_fid_t) - 108 sizeof(handle.ha_fid.fid_len); 109 handle.ha_fid.fid_pad = 0; 110 handle.ha_fid.fid_gen = inode->i_generation; 111 handle.ha_fid.fid_ino = ip->i_ino; 112 hsize = sizeof(xfs_handle_t); 113 } 114 115 error = -EFAULT; 116 if (copy_to_user(hreq->ohandle, &handle, hsize) || 117 copy_to_user(hreq->ohandlen, &hsize, sizeof(__s32))) 118 goto out_put; 119 120 error = 0; 121 122 out_put: 123 if (cmd == XFS_IOC_FD_TO_HANDLE) 124 fdput(f); 125 else 126 path_put(&path); 127 return error; 128} 129 130/* 131 * No need to do permission checks on the various pathname components 132 * as the handle operations are privileged. 133 */ 134STATIC int 135xfs_handle_acceptable( 136 void *context, 137 struct dentry *dentry) 138{ 139 return 1; 140} 141 142/* 143 * Convert userspace handle data into a dentry. 144 */ 145struct dentry * 146xfs_handle_to_dentry( 147 struct file *parfilp, 148 void __user *uhandle, 149 u32 hlen) 150{ 151 xfs_handle_t handle; 152 struct xfs_fid64 fid; 153 154 /* 155 * Only allow handle opens under a directory. 156 */ 157 if (!S_ISDIR(file_inode(parfilp)->i_mode)) 158 return ERR_PTR(-ENOTDIR); 159 160 if (hlen != sizeof(xfs_handle_t)) 161 return ERR_PTR(-EINVAL); 162 if (copy_from_user(&handle, uhandle, hlen)) 163 return ERR_PTR(-EFAULT); 164 if (handle.ha_fid.fid_len != 165 sizeof(handle.ha_fid) - sizeof(handle.ha_fid.fid_len)) 166 return ERR_PTR(-EINVAL); 167 168 memset(&fid, 0, sizeof(struct fid)); 169 fid.ino = handle.ha_fid.fid_ino; 170 fid.gen = handle.ha_fid.fid_gen; 171 172 return exportfs_decode_fh(parfilp->f_path.mnt, (struct fid *)&fid, 3, 173 FILEID_INO32_GEN | XFS_FILEID_TYPE_64FLAG, 174 xfs_handle_acceptable, NULL); 175} 176 177STATIC struct dentry * 178xfs_handlereq_to_dentry( 179 struct file *parfilp, 180 xfs_fsop_handlereq_t *hreq) 181{ 182 return xfs_handle_to_dentry(parfilp, hreq->ihandle, hreq->ihandlen); 183} 184 185int 186xfs_open_by_handle( 187 struct file *parfilp, 188 xfs_fsop_handlereq_t *hreq) 189{ 190 const struct cred *cred = current_cred(); 191 int error; 192 int fd; 193 int permflag; 194 struct file *filp; 195 struct inode *inode; 196 struct dentry *dentry; 197 fmode_t fmode; 198 struct path path; 199 200 if (!capable(CAP_SYS_ADMIN)) 201 return -EPERM; 202 203 dentry = xfs_handlereq_to_dentry(parfilp, hreq); 204 if (IS_ERR(dentry)) 205 return PTR_ERR(dentry); 206 inode = d_inode(dentry); 207 208 /* Restrict xfs_open_by_handle to directories & regular files. */ 209 if (!(S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode))) { 210 error = -EPERM; 211 goto out_dput; 212 } 213 214#if BITS_PER_LONG != 32 215 hreq->oflags |= O_LARGEFILE; 216#endif 217 218 permflag = hreq->oflags; 219 fmode = OPEN_FMODE(permflag); 220 if ((!(permflag & O_APPEND) || (permflag & O_TRUNC)) && 221 (fmode & FMODE_WRITE) && IS_APPEND(inode)) { 222 error = -EPERM; 223 goto out_dput; 224 } 225 226 if ((fmode & FMODE_WRITE) && IS_IMMUTABLE(inode)) { 227 error = -EPERM; 228 goto out_dput; 229 } 230 231 /* Can't write directories. */ 232 if (S_ISDIR(inode->i_mode) && (fmode & FMODE_WRITE)) { 233 error = -EISDIR; 234 goto out_dput; 235 } 236 237 fd = get_unused_fd_flags(0); 238 if (fd < 0) { 239 error = fd; 240 goto out_dput; 241 } 242 243 path.mnt = parfilp->f_path.mnt; 244 path.dentry = dentry; 245 filp = dentry_open(&path, hreq->oflags, cred); 246 dput(dentry); 247 if (IS_ERR(filp)) { 248 put_unused_fd(fd); 249 return PTR_ERR(filp); 250 } 251 252 if (S_ISREG(inode->i_mode)) { 253 filp->f_flags |= O_NOATIME; 254 filp->f_mode |= FMODE_NOCMTIME; 255 } 256 257 fd_install(fd, filp); 258 return fd; 259 260 out_dput: 261 dput(dentry); 262 return error; 263} 264 265int 266xfs_readlink_by_handle( 267 struct file *parfilp, 268 xfs_fsop_handlereq_t *hreq) 269{ 270 struct dentry *dentry; 271 __u32 olen; 272 int error; 273 274 if (!capable(CAP_SYS_ADMIN)) 275 return -EPERM; 276 277 dentry = xfs_handlereq_to_dentry(parfilp, hreq); 278 if (IS_ERR(dentry)) 279 return PTR_ERR(dentry); 280 281 /* Restrict this handle operation to symlinks only. */ 282 if (!d_is_symlink(dentry)) { 283 error = -EINVAL; 284 goto out_dput; 285 } 286 287 if (copy_from_user(&olen, hreq->ohandlen, sizeof(__u32))) { 288 error = -EFAULT; 289 goto out_dput; 290 } 291 292 error = vfs_readlink(dentry, hreq->ohandle, olen); 293 294 out_dput: 295 dput(dentry); 296 return error; 297} 298 299/* 300 * Format an attribute and copy it out to the user's buffer. 301 * Take care to check values and protect against them changing later, 302 * we may be reading them directly out of a user buffer. 303 */ 304static void 305xfs_ioc_attr_put_listent( 306 struct xfs_attr_list_context *context, 307 int flags, 308 unsigned char *name, 309 int namelen, 310 int valuelen) 311{ 312 struct xfs_attrlist *alist = context->buffer; 313 struct xfs_attrlist_ent *aep; 314 int arraytop; 315 316 ASSERT(!context->seen_enough); 317 ASSERT(context->count >= 0); 318 ASSERT(context->count < (ATTR_MAX_VALUELEN/8)); 319 ASSERT(context->firstu >= sizeof(*alist)); 320 ASSERT(context->firstu <= context->bufsize); 321 322 /* 323 * Only list entries in the right namespace. 324 */ 325 if (context->attr_filter != (flags & XFS_ATTR_NSP_ONDISK_MASK)) 326 return; 327 328 arraytop = sizeof(*alist) + 329 context->count * sizeof(alist->al_offset[0]); 330 331 /* decrement by the actual bytes used by the attr */ 332 context->firstu -= round_up(offsetof(struct xfs_attrlist_ent, a_name) + 333 namelen + 1, sizeof(uint32_t)); 334 if (context->firstu < arraytop) { 335 trace_xfs_attr_list_full(context); 336 alist->al_more = 1; 337 context->seen_enough = 1; 338 return; 339 } 340 341 aep = context->buffer + context->firstu; 342 aep->a_valuelen = valuelen; 343 memcpy(aep->a_name, name, namelen); 344 aep->a_name[namelen] = 0; 345 alist->al_offset[context->count++] = context->firstu; 346 alist->al_count = context->count; 347 trace_xfs_attr_list_add(context); 348} 349 350static unsigned int 351xfs_attr_filter( 352 u32 ioc_flags) 353{ 354 if (ioc_flags & XFS_IOC_ATTR_ROOT) 355 return XFS_ATTR_ROOT; 356 if (ioc_flags & XFS_IOC_ATTR_SECURE) 357 return XFS_ATTR_SECURE; 358 return 0; 359} 360 361static unsigned int 362xfs_attr_flags( 363 u32 ioc_flags) 364{ 365 if (ioc_flags & XFS_IOC_ATTR_CREATE) 366 return XATTR_CREATE; 367 if (ioc_flags & XFS_IOC_ATTR_REPLACE) 368 return XATTR_REPLACE; 369 return 0; 370} 371 372int 373xfs_ioc_attr_list( 374 struct xfs_inode *dp, 375 void __user *ubuf, 376 size_t bufsize, 377 int flags, 378 struct xfs_attrlist_cursor __user *ucursor) 379{ 380 struct xfs_attr_list_context context = { }; 381 struct xfs_attrlist *alist; 382 void *buffer; 383 int error; 384 385 if (bufsize < sizeof(struct xfs_attrlist) || 386 bufsize > XFS_XATTR_LIST_MAX) 387 return -EINVAL; 388 389 /* 390 * Reject flags, only allow namespaces. 391 */ 392 if (flags & ~(XFS_IOC_ATTR_ROOT | XFS_IOC_ATTR_SECURE)) 393 return -EINVAL; 394 if (flags == (XFS_IOC_ATTR_ROOT | XFS_IOC_ATTR_SECURE)) 395 return -EINVAL; 396 397 /* 398 * Validate the cursor. 399 */ 400 if (copy_from_user(&context.cursor, ucursor, sizeof(context.cursor))) 401 return -EFAULT; 402 if (context.cursor.pad1 || context.cursor.pad2) 403 return -EINVAL; 404 if (!context.cursor.initted && 405 (context.cursor.hashval || context.cursor.blkno || 406 context.cursor.offset)) 407 return -EINVAL; 408 409 buffer = kvzalloc(bufsize, GFP_KERNEL); 410 if (!buffer) 411 return -ENOMEM; 412 413 /* 414 * Initialize the output buffer. 415 */ 416 context.dp = dp; 417 context.resynch = 1; 418 context.attr_filter = xfs_attr_filter(flags); 419 context.buffer = buffer; 420 context.bufsize = round_down(bufsize, sizeof(uint32_t)); 421 context.firstu = context.bufsize; 422 context.put_listent = xfs_ioc_attr_put_listent; 423 424 alist = context.buffer; 425 alist->al_count = 0; 426 alist->al_more = 0; 427 alist->al_offset[0] = context.bufsize; 428 429 error = xfs_attr_list(&context); 430 if (error) 431 goto out_free; 432 433 if (copy_to_user(ubuf, buffer, bufsize) || 434 copy_to_user(ucursor, &context.cursor, sizeof(context.cursor))) 435 error = -EFAULT; 436out_free: 437 kmem_free(buffer); 438 return error; 439} 440 441STATIC int 442xfs_attrlist_by_handle( 443 struct file *parfilp, 444 struct xfs_fsop_attrlist_handlereq __user *p) 445{ 446 struct xfs_fsop_attrlist_handlereq al_hreq; 447 struct dentry *dentry; 448 int error = -ENOMEM; 449 450 if (!capable(CAP_SYS_ADMIN)) 451 return -EPERM; 452 if (copy_from_user(&al_hreq, p, sizeof(al_hreq))) 453 return -EFAULT; 454 455 dentry = xfs_handlereq_to_dentry(parfilp, &al_hreq.hreq); 456 if (IS_ERR(dentry)) 457 return PTR_ERR(dentry); 458 459 error = xfs_ioc_attr_list(XFS_I(d_inode(dentry)), al_hreq.buffer, 460 al_hreq.buflen, al_hreq.flags, &p->pos); 461 dput(dentry); 462 return error; 463} 464 465static int 466xfs_attrmulti_attr_get( 467 struct inode *inode, 468 unsigned char *name, 469 unsigned char __user *ubuf, 470 uint32_t *len, 471 uint32_t flags) 472{ 473 struct xfs_da_args args = { 474 .dp = XFS_I(inode), 475 .attr_filter = xfs_attr_filter(flags), 476 .attr_flags = xfs_attr_flags(flags), 477 .name = name, 478 .namelen = strlen(name), 479 .valuelen = *len, 480 }; 481 int error; 482 483 if (*len > XFS_XATTR_SIZE_MAX) 484 return -EINVAL; 485 486 error = xfs_attr_get(&args); 487 if (error) 488 goto out_kfree; 489 490 *len = args.valuelen; 491 if (copy_to_user(ubuf, args.value, args.valuelen)) 492 error = -EFAULT; 493 494out_kfree: 495 kmem_free(args.value); 496 return error; 497} 498 499static int 500xfs_attrmulti_attr_set( 501 struct inode *inode, 502 unsigned char *name, 503 const unsigned char __user *ubuf, 504 uint32_t len, 505 uint32_t flags) 506{ 507 struct xfs_da_args args = { 508 .dp = XFS_I(inode), 509 .attr_filter = xfs_attr_filter(flags), 510 .attr_flags = xfs_attr_flags(flags), 511 .name = name, 512 .namelen = strlen(name), 513 }; 514 int error; 515 516 if (IS_IMMUTABLE(inode) || IS_APPEND(inode)) 517 return -EPERM; 518 519 if (ubuf) { 520 if (len > XFS_XATTR_SIZE_MAX) 521 return -EINVAL; 522 args.value = memdup_user(ubuf, len); 523 if (IS_ERR(args.value)) 524 return PTR_ERR(args.value); 525 args.valuelen = len; 526 } 527 528 error = xfs_attr_change(&args); 529 if (!error && (flags & XFS_IOC_ATTR_ROOT)) 530 xfs_forget_acl(inode, name); 531 kfree(args.value); 532 return error; 533} 534 535int 536xfs_ioc_attrmulti_one( 537 struct file *parfilp, 538 struct inode *inode, 539 uint32_t opcode, 540 void __user *uname, 541 void __user *value, 542 uint32_t *len, 543 uint32_t flags) 544{ 545 unsigned char *name; 546 int error; 547 548 if ((flags & XFS_IOC_ATTR_ROOT) && (flags & XFS_IOC_ATTR_SECURE)) 549 return -EINVAL; 550 551 name = strndup_user(uname, MAXNAMELEN); 552 if (IS_ERR(name)) 553 return PTR_ERR(name); 554 555 switch (opcode) { 556 case ATTR_OP_GET: 557 error = xfs_attrmulti_attr_get(inode, name, value, len, flags); 558 break; 559 case ATTR_OP_REMOVE: 560 value = NULL; 561 *len = 0; 562 fallthrough; 563 case ATTR_OP_SET: 564 error = mnt_want_write_file(parfilp); 565 if (error) 566 break; 567 error = xfs_attrmulti_attr_set(inode, name, value, *len, flags); 568 mnt_drop_write_file(parfilp); 569 break; 570 default: 571 error = -EINVAL; 572 break; 573 } 574 575 kfree(name); 576 return error; 577} 578 579STATIC int 580xfs_attrmulti_by_handle( 581 struct file *parfilp, 582 void __user *arg) 583{ 584 int error; 585 xfs_attr_multiop_t *ops; 586 xfs_fsop_attrmulti_handlereq_t am_hreq; 587 struct dentry *dentry; 588 unsigned int i, size; 589 590 if (!capable(CAP_SYS_ADMIN)) 591 return -EPERM; 592 if (copy_from_user(&am_hreq, arg, sizeof(xfs_fsop_attrmulti_handlereq_t))) 593 return -EFAULT; 594 595 /* overflow check */ 596 if (am_hreq.opcount >= INT_MAX / sizeof(xfs_attr_multiop_t)) 597 return -E2BIG; 598 599 dentry = xfs_handlereq_to_dentry(parfilp, &am_hreq.hreq); 600 if (IS_ERR(dentry)) 601 return PTR_ERR(dentry); 602 603 error = -E2BIG; 604 size = am_hreq.opcount * sizeof(xfs_attr_multiop_t); 605 if (!size || size > 16 * PAGE_SIZE) 606 goto out_dput; 607 608 ops = memdup_user(am_hreq.ops, size); 609 if (IS_ERR(ops)) { 610 error = PTR_ERR(ops); 611 goto out_dput; 612 } 613 614 error = 0; 615 for (i = 0; i < am_hreq.opcount; i++) { 616 ops[i].am_error = xfs_ioc_attrmulti_one(parfilp, 617 d_inode(dentry), ops[i].am_opcode, 618 ops[i].am_attrname, ops[i].am_attrvalue, 619 &ops[i].am_length, ops[i].am_flags); 620 } 621 622 if (copy_to_user(am_hreq.ops, ops, size)) 623 error = -EFAULT; 624 625 kfree(ops); 626 out_dput: 627 dput(dentry); 628 return error; 629} 630 631/* Return 0 on success or positive error */ 632int 633xfs_fsbulkstat_one_fmt( 634 struct xfs_ibulk *breq, 635 const struct xfs_bulkstat *bstat) 636{ 637 struct xfs_bstat bs1; 638 639 xfs_bulkstat_to_bstat(breq->mp, &bs1, bstat); 640 if (copy_to_user(breq->ubuffer, &bs1, sizeof(bs1))) 641 return -EFAULT; 642 return xfs_ibulk_advance(breq, sizeof(struct xfs_bstat)); 643} 644 645int 646xfs_fsinumbers_fmt( 647 struct xfs_ibulk *breq, 648 const struct xfs_inumbers *igrp) 649{ 650 struct xfs_inogrp ig1; 651 652 xfs_inumbers_to_inogrp(&ig1, igrp); 653 if (copy_to_user(breq->ubuffer, &ig1, sizeof(struct xfs_inogrp))) 654 return -EFAULT; 655 return xfs_ibulk_advance(breq, sizeof(struct xfs_inogrp)); 656} 657 658STATIC int 659xfs_ioc_fsbulkstat( 660 struct file *file, 661 unsigned int cmd, 662 void __user *arg) 663{ 664 struct xfs_mount *mp = XFS_I(file_inode(file))->i_mount; 665 struct xfs_fsop_bulkreq bulkreq; 666 struct xfs_ibulk breq = { 667 .mp = mp, 668 .mnt_userns = file_mnt_user_ns(file), 669 .ocount = 0, 670 }; 671 xfs_ino_t lastino; 672 int error; 673 674 /* done = 1 if there are more stats to get and if bulkstat */ 675 /* should be called again (unused here, but used in dmapi) */ 676 677 if (!capable(CAP_SYS_ADMIN)) 678 return -EPERM; 679 680 if (xfs_is_shutdown(mp)) 681 return -EIO; 682 683 if (copy_from_user(&bulkreq, arg, sizeof(struct xfs_fsop_bulkreq))) 684 return -EFAULT; 685 686 if (copy_from_user(&lastino, bulkreq.lastip, sizeof(__s64))) 687 return -EFAULT; 688 689 if (bulkreq.icount <= 0) 690 return -EINVAL; 691 692 if (bulkreq.ubuffer == NULL) 693 return -EINVAL; 694 695 breq.ubuffer = bulkreq.ubuffer; 696 breq.icount = bulkreq.icount; 697 698 /* 699 * FSBULKSTAT_SINGLE expects that *lastip contains the inode number 700 * that we want to stat. However, FSINUMBERS and FSBULKSTAT expect 701 * that *lastip contains either zero or the number of the last inode to 702 * be examined by the previous call and return results starting with 703 * the next inode after that. The new bulk request back end functions 704 * take the inode to start with, so we have to compute the startino 705 * parameter from lastino to maintain correct function. lastino == 0 706 * is a special case because it has traditionally meant "first inode 707 * in filesystem". 708 */ 709 if (cmd == XFS_IOC_FSINUMBERS) { 710 breq.startino = lastino ? lastino + 1 : 0; 711 error = xfs_inumbers(&breq, xfs_fsinumbers_fmt); 712 lastino = breq.startino - 1; 713 } else if (cmd == XFS_IOC_FSBULKSTAT_SINGLE) { 714 breq.startino = lastino; 715 breq.icount = 1; 716 error = xfs_bulkstat_one(&breq, xfs_fsbulkstat_one_fmt); 717 } else { /* XFS_IOC_FSBULKSTAT */ 718 breq.startino = lastino ? lastino + 1 : 0; 719 error = xfs_bulkstat(&breq, xfs_fsbulkstat_one_fmt); 720 lastino = breq.startino - 1; 721 } 722 723 if (error) 724 return error; 725 726 if (bulkreq.lastip != NULL && 727 copy_to_user(bulkreq.lastip, &lastino, sizeof(xfs_ino_t))) 728 return -EFAULT; 729 730 if (bulkreq.ocount != NULL && 731 copy_to_user(bulkreq.ocount, &breq.ocount, sizeof(__s32))) 732 return -EFAULT; 733 734 return 0; 735} 736 737/* Return 0 on success or positive error */ 738static int 739xfs_bulkstat_fmt( 740 struct xfs_ibulk *breq, 741 const struct xfs_bulkstat *bstat) 742{ 743 if (copy_to_user(breq->ubuffer, bstat, sizeof(struct xfs_bulkstat))) 744 return -EFAULT; 745 return xfs_ibulk_advance(breq, sizeof(struct xfs_bulkstat)); 746} 747 748/* 749 * Check the incoming bulk request @hdr from userspace and initialize the 750 * internal @breq bulk request appropriately. Returns 0 if the bulk request 751 * should proceed; -ECANCELED if there's nothing to do; or the usual 752 * negative error code. 753 */ 754static int 755xfs_bulk_ireq_setup( 756 struct xfs_mount *mp, 757 struct xfs_bulk_ireq *hdr, 758 struct xfs_ibulk *breq, 759 void __user *ubuffer) 760{ 761 if (hdr->icount == 0 || 762 (hdr->flags & ~XFS_BULK_IREQ_FLAGS_ALL) || 763 memchr_inv(hdr->reserved, 0, sizeof(hdr->reserved))) 764 return -EINVAL; 765 766 breq->startino = hdr->ino; 767 breq->ubuffer = ubuffer; 768 breq->icount = hdr->icount; 769 breq->ocount = 0; 770 breq->flags = 0; 771 772 /* 773 * The @ino parameter is a special value, so we must look it up here. 774 * We're not allowed to have IREQ_AGNO, and we only return one inode 775 * worth of data. 776 */ 777 if (hdr->flags & XFS_BULK_IREQ_SPECIAL) { 778 if (hdr->flags & XFS_BULK_IREQ_AGNO) 779 return -EINVAL; 780 781 switch (hdr->ino) { 782 case XFS_BULK_IREQ_SPECIAL_ROOT: 783 hdr->ino = mp->m_sb.sb_rootino; 784 break; 785 default: 786 return -EINVAL; 787 } 788 breq->icount = 1; 789 } 790 791 /* 792 * The IREQ_AGNO flag means that we only want results from a given AG. 793 * If @hdr->ino is zero, we start iterating in that AG. If @hdr->ino is 794 * beyond the specified AG then we return no results. 795 */ 796 if (hdr->flags & XFS_BULK_IREQ_AGNO) { 797 if (hdr->agno >= mp->m_sb.sb_agcount) 798 return -EINVAL; 799 800 if (breq->startino == 0) 801 breq->startino = XFS_AGINO_TO_INO(mp, hdr->agno, 0); 802 else if (XFS_INO_TO_AGNO(mp, breq->startino) < hdr->agno) 803 return -EINVAL; 804 805 breq->flags |= XFS_IBULK_SAME_AG; 806 807 /* Asking for an inode past the end of the AG? We're done! */ 808 if (XFS_INO_TO_AGNO(mp, breq->startino) > hdr->agno) 809 return -ECANCELED; 810 } else if (hdr->agno) 811 return -EINVAL; 812 813 /* Asking for an inode past the end of the FS? We're done! */ 814 if (XFS_INO_TO_AGNO(mp, breq->startino) >= mp->m_sb.sb_agcount) 815 return -ECANCELED; 816 817 if (hdr->flags & XFS_BULK_IREQ_NREXT64) 818 breq->flags |= XFS_IBULK_NREXT64; 819 820 return 0; 821} 822 823/* 824 * Update the userspace bulk request @hdr to reflect the end state of the 825 * internal bulk request @breq. 826 */ 827static void 828xfs_bulk_ireq_teardown( 829 struct xfs_bulk_ireq *hdr, 830 struct xfs_ibulk *breq) 831{ 832 hdr->ino = breq->startino; 833 hdr->ocount = breq->ocount; 834} 835 836/* Handle the v5 bulkstat ioctl. */ 837STATIC int 838xfs_ioc_bulkstat( 839 struct file *file, 840 unsigned int cmd, 841 struct xfs_bulkstat_req __user *arg) 842{ 843 struct xfs_mount *mp = XFS_I(file_inode(file))->i_mount; 844 struct xfs_bulk_ireq hdr; 845 struct xfs_ibulk breq = { 846 .mp = mp, 847 .mnt_userns = file_mnt_user_ns(file), 848 }; 849 int error; 850 851 if (!capable(CAP_SYS_ADMIN)) 852 return -EPERM; 853 854 if (xfs_is_shutdown(mp)) 855 return -EIO; 856 857 if (copy_from_user(&hdr, &arg->hdr, sizeof(hdr))) 858 return -EFAULT; 859 860 error = xfs_bulk_ireq_setup(mp, &hdr, &breq, arg->bulkstat); 861 if (error == -ECANCELED) 862 goto out_teardown; 863 if (error < 0) 864 return error; 865 866 error = xfs_bulkstat(&breq, xfs_bulkstat_fmt); 867 if (error) 868 return error; 869 870out_teardown: 871 xfs_bulk_ireq_teardown(&hdr, &breq); 872 if (copy_to_user(&arg->hdr, &hdr, sizeof(hdr))) 873 return -EFAULT; 874 875 return 0; 876} 877 878STATIC int 879xfs_inumbers_fmt( 880 struct xfs_ibulk *breq, 881 const struct xfs_inumbers *igrp) 882{ 883 if (copy_to_user(breq->ubuffer, igrp, sizeof(struct xfs_inumbers))) 884 return -EFAULT; 885 return xfs_ibulk_advance(breq, sizeof(struct xfs_inumbers)); 886} 887 888/* Handle the v5 inumbers ioctl. */ 889STATIC int 890xfs_ioc_inumbers( 891 struct xfs_mount *mp, 892 unsigned int cmd, 893 struct xfs_inumbers_req __user *arg) 894{ 895 struct xfs_bulk_ireq hdr; 896 struct xfs_ibulk breq = { 897 .mp = mp, 898 }; 899 int error; 900 901 if (!capable(CAP_SYS_ADMIN)) 902 return -EPERM; 903 904 if (xfs_is_shutdown(mp)) 905 return -EIO; 906 907 if (copy_from_user(&hdr, &arg->hdr, sizeof(hdr))) 908 return -EFAULT; 909 910 error = xfs_bulk_ireq_setup(mp, &hdr, &breq, arg->inumbers); 911 if (error == -ECANCELED) 912 goto out_teardown; 913 if (error < 0) 914 return error; 915 916 error = xfs_inumbers(&breq, xfs_inumbers_fmt); 917 if (error) 918 return error; 919 920out_teardown: 921 xfs_bulk_ireq_teardown(&hdr, &breq); 922 if (copy_to_user(&arg->hdr, &hdr, sizeof(hdr))) 923 return -EFAULT; 924 925 return 0; 926} 927 928STATIC int 929xfs_ioc_fsgeometry( 930 struct xfs_mount *mp, 931 void __user *arg, 932 int struct_version) 933{ 934 struct xfs_fsop_geom fsgeo; 935 size_t len; 936 937 xfs_fs_geometry(mp, &fsgeo, struct_version); 938 939 if (struct_version <= 3) 940 len = sizeof(struct xfs_fsop_geom_v1); 941 else if (struct_version == 4) 942 len = sizeof(struct xfs_fsop_geom_v4); 943 else { 944 xfs_fsop_geom_health(mp, &fsgeo); 945 len = sizeof(fsgeo); 946 } 947 948 if (copy_to_user(arg, &fsgeo, len)) 949 return -EFAULT; 950 return 0; 951} 952 953STATIC int 954xfs_ioc_ag_geometry( 955 struct xfs_mount *mp, 956 void __user *arg) 957{ 958 struct xfs_ag_geometry ageo; 959 int error; 960 961 if (copy_from_user(&ageo, arg, sizeof(ageo))) 962 return -EFAULT; 963 if (ageo.ag_flags) 964 return -EINVAL; 965 if (memchr_inv(&ageo.ag_reserved, 0, sizeof(ageo.ag_reserved))) 966 return -EINVAL; 967 968 error = xfs_ag_get_geometry(mp, ageo.ag_number, &ageo); 969 if (error) 970 return error; 971 972 if (copy_to_user(arg, &ageo, sizeof(ageo))) 973 return -EFAULT; 974 return 0; 975} 976 977/* 978 * Linux extended inode flags interface. 979 */ 980 981static void 982xfs_fill_fsxattr( 983 struct xfs_inode *ip, 984 int whichfork, 985 struct fileattr *fa) 986{ 987 struct xfs_mount *mp = ip->i_mount; 988 struct xfs_ifork *ifp = XFS_IFORK_PTR(ip, whichfork); 989 990 fileattr_fill_xflags(fa, xfs_ip2xflags(ip)); 991 992 if (ip->i_diflags & XFS_DIFLAG_EXTSIZE) { 993 fa->fsx_extsize = XFS_FSB_TO_B(mp, ip->i_extsize); 994 } else if (ip->i_diflags & XFS_DIFLAG_EXTSZINHERIT) { 995 /* 996 * Don't let a misaligned extent size hint on a directory 997 * escape to userspace if it won't pass the setattr checks 998 * later. 999 */ 1000 if ((ip->i_diflags & XFS_DIFLAG_RTINHERIT) && 1001 ip->i_extsize % mp->m_sb.sb_rextsize > 0) { 1002 fa->fsx_xflags &= ~(FS_XFLAG_EXTSIZE | 1003 FS_XFLAG_EXTSZINHERIT); 1004 fa->fsx_extsize = 0; 1005 } else { 1006 fa->fsx_extsize = XFS_FSB_TO_B(mp, ip->i_extsize); 1007 } 1008 } 1009 1010 if (ip->i_diflags2 & XFS_DIFLAG2_COWEXTSIZE) 1011 fa->fsx_cowextsize = XFS_FSB_TO_B(mp, ip->i_cowextsize); 1012 fa->fsx_projid = ip->i_projid; 1013 if (ifp && !xfs_need_iread_extents(ifp)) 1014 fa->fsx_nextents = xfs_iext_count(ifp); 1015 else 1016 fa->fsx_nextents = xfs_ifork_nextents(ifp); 1017} 1018 1019STATIC int 1020xfs_ioc_fsgetxattra( 1021 xfs_inode_t *ip, 1022 void __user *arg) 1023{ 1024 struct fileattr fa; 1025 1026 xfs_ilock(ip, XFS_ILOCK_SHARED); 1027 xfs_fill_fsxattr(ip, XFS_ATTR_FORK, &fa); 1028 xfs_iunlock(ip, XFS_ILOCK_SHARED); 1029 1030 return copy_fsxattr_to_user(&fa, arg); 1031} 1032 1033int 1034xfs_fileattr_get( 1035 struct dentry *dentry, 1036 struct fileattr *fa) 1037{ 1038 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1039 1040 if (d_is_special(dentry)) 1041 return -ENOTTY; 1042 1043 xfs_ilock(ip, XFS_ILOCK_SHARED); 1044 xfs_fill_fsxattr(ip, XFS_DATA_FORK, fa); 1045 xfs_iunlock(ip, XFS_ILOCK_SHARED); 1046 1047 return 0; 1048} 1049 1050STATIC uint16_t 1051xfs_flags2diflags( 1052 struct xfs_inode *ip, 1053 unsigned int xflags) 1054{ 1055 /* can't set PREALLOC this way, just preserve it */ 1056 uint16_t di_flags = 1057 (ip->i_diflags & XFS_DIFLAG_PREALLOC); 1058 1059 if (xflags & FS_XFLAG_IMMUTABLE) 1060 di_flags |= XFS_DIFLAG_IMMUTABLE; 1061 if (xflags & FS_XFLAG_APPEND) 1062 di_flags |= XFS_DIFLAG_APPEND; 1063 if (xflags & FS_XFLAG_SYNC) 1064 di_flags |= XFS_DIFLAG_SYNC; 1065 if (xflags & FS_XFLAG_NOATIME) 1066 di_flags |= XFS_DIFLAG_NOATIME; 1067 if (xflags & FS_XFLAG_NODUMP) 1068 di_flags |= XFS_DIFLAG_NODUMP; 1069 if (xflags & FS_XFLAG_NODEFRAG) 1070 di_flags |= XFS_DIFLAG_NODEFRAG; 1071 if (xflags & FS_XFLAG_FILESTREAM) 1072 di_flags |= XFS_DIFLAG_FILESTREAM; 1073 if (S_ISDIR(VFS_I(ip)->i_mode)) { 1074 if (xflags & FS_XFLAG_RTINHERIT) 1075 di_flags |= XFS_DIFLAG_RTINHERIT; 1076 if (xflags & FS_XFLAG_NOSYMLINKS) 1077 di_flags |= XFS_DIFLAG_NOSYMLINKS; 1078 if (xflags & FS_XFLAG_EXTSZINHERIT) 1079 di_flags |= XFS_DIFLAG_EXTSZINHERIT; 1080 if (xflags & FS_XFLAG_PROJINHERIT) 1081 di_flags |= XFS_DIFLAG_PROJINHERIT; 1082 } else if (S_ISREG(VFS_I(ip)->i_mode)) { 1083 if (xflags & FS_XFLAG_REALTIME) 1084 di_flags |= XFS_DIFLAG_REALTIME; 1085 if (xflags & FS_XFLAG_EXTSIZE) 1086 di_flags |= XFS_DIFLAG_EXTSIZE; 1087 } 1088 1089 return di_flags; 1090} 1091 1092STATIC uint64_t 1093xfs_flags2diflags2( 1094 struct xfs_inode *ip, 1095 unsigned int xflags) 1096{ 1097 uint64_t di_flags2 = 1098 (ip->i_diflags2 & (XFS_DIFLAG2_REFLINK | 1099 XFS_DIFLAG2_BIGTIME | 1100 XFS_DIFLAG2_NREXT64)); 1101 1102 if (xflags & FS_XFLAG_DAX) 1103 di_flags2 |= XFS_DIFLAG2_DAX; 1104 if (xflags & FS_XFLAG_COWEXTSIZE) 1105 di_flags2 |= XFS_DIFLAG2_COWEXTSIZE; 1106 1107 return di_flags2; 1108} 1109 1110static int 1111xfs_ioctl_setattr_xflags( 1112 struct xfs_trans *tp, 1113 struct xfs_inode *ip, 1114 struct fileattr *fa) 1115{ 1116 struct xfs_mount *mp = ip->i_mount; 1117 uint64_t i_flags2; 1118 1119 /* Can't change realtime flag if any extents are allocated. */ 1120 if ((ip->i_df.if_nextents || ip->i_delayed_blks) && 1121 XFS_IS_REALTIME_INODE(ip) != (fa->fsx_xflags & FS_XFLAG_REALTIME)) 1122 return -EINVAL; 1123 1124 /* If realtime flag is set then must have realtime device */ 1125 if (fa->fsx_xflags & FS_XFLAG_REALTIME) { 1126 if (mp->m_sb.sb_rblocks == 0 || mp->m_sb.sb_rextsize == 0 || 1127 (ip->i_extsize % mp->m_sb.sb_rextsize)) 1128 return -EINVAL; 1129 } 1130 1131 /* Clear reflink if we are actually able to set the rt flag. */ 1132 if ((fa->fsx_xflags & FS_XFLAG_REALTIME) && xfs_is_reflink_inode(ip)) 1133 ip->i_diflags2 &= ~XFS_DIFLAG2_REFLINK; 1134 1135 /* Don't allow us to set DAX mode for a reflinked file for now. */ 1136 if ((fa->fsx_xflags & FS_XFLAG_DAX) && xfs_is_reflink_inode(ip)) 1137 return -EINVAL; 1138 1139 /* diflags2 only valid for v3 inodes. */ 1140 i_flags2 = xfs_flags2diflags2(ip, fa->fsx_xflags); 1141 if (i_flags2 && !xfs_has_v3inodes(mp)) 1142 return -EINVAL; 1143 1144 ip->i_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1145 ip->i_diflags2 = i_flags2; 1146 1147 xfs_diflags_to_iflags(ip, false); 1148 xfs_trans_ichgtime(tp, ip, XFS_ICHGTIME_CHG); 1149 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 1150 XFS_STATS_INC(mp, xs_ig_attrchg); 1151 return 0; 1152} 1153 1154static void 1155xfs_ioctl_setattr_prepare_dax( 1156 struct xfs_inode *ip, 1157 struct fileattr *fa) 1158{ 1159 struct xfs_mount *mp = ip->i_mount; 1160 struct inode *inode = VFS_I(ip); 1161 1162 if (S_ISDIR(inode->i_mode)) 1163 return; 1164 1165 if (xfs_has_dax_always(mp) || xfs_has_dax_never(mp)) 1166 return; 1167 1168 if (((fa->fsx_xflags & FS_XFLAG_DAX) && 1169 !(ip->i_diflags2 & XFS_DIFLAG2_DAX)) || 1170 (!(fa->fsx_xflags & FS_XFLAG_DAX) && 1171 (ip->i_diflags2 & XFS_DIFLAG2_DAX))) 1172 d_mark_dontcache(inode); 1173} 1174 1175/* 1176 * Set up the transaction structure for the setattr operation, checking that we 1177 * have permission to do so. On success, return a clean transaction and the 1178 * inode locked exclusively ready for further operation specific checks. On 1179 * failure, return an error without modifying or locking the inode. 1180 */ 1181static struct xfs_trans * 1182xfs_ioctl_setattr_get_trans( 1183 struct xfs_inode *ip, 1184 struct xfs_dquot *pdqp) 1185{ 1186 struct xfs_mount *mp = ip->i_mount; 1187 struct xfs_trans *tp; 1188 int error = -EROFS; 1189 1190 if (xfs_is_readonly(mp)) 1191 goto out_error; 1192 error = -EIO; 1193 if (xfs_is_shutdown(mp)) 1194 goto out_error; 1195 1196 error = xfs_trans_alloc_ichange(ip, NULL, NULL, pdqp, 1197 has_capability_noaudit(current, CAP_FOWNER), &tp); 1198 if (error) 1199 goto out_error; 1200 1201 if (xfs_has_wsync(mp)) 1202 xfs_trans_set_sync(tp); 1203 1204 return tp; 1205 1206out_error: 1207 return ERR_PTR(error); 1208} 1209 1210/* 1211 * Validate a proposed extent size hint. For regular files, the hint can only 1212 * be changed if no extents are allocated. 1213 */ 1214static int 1215xfs_ioctl_setattr_check_extsize( 1216 struct xfs_inode *ip, 1217 struct fileattr *fa) 1218{ 1219 struct xfs_mount *mp = ip->i_mount; 1220 xfs_failaddr_t failaddr; 1221 uint16_t new_diflags; 1222 1223 if (!fa->fsx_valid) 1224 return 0; 1225 1226 if (S_ISREG(VFS_I(ip)->i_mode) && ip->i_df.if_nextents && 1227 XFS_FSB_TO_B(mp, ip->i_extsize) != fa->fsx_extsize) 1228 return -EINVAL; 1229 1230 if (fa->fsx_extsize & mp->m_blockmask) 1231 return -EINVAL; 1232 1233 new_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1234 1235 /* 1236 * Inode verifiers do not check that the extent size hint is an integer 1237 * multiple of the rt extent size on a directory with both rtinherit 1238 * and extszinherit flags set. Don't let sysadmins misconfigure 1239 * directories. 1240 */ 1241 if ((new_diflags & XFS_DIFLAG_RTINHERIT) && 1242 (new_diflags & XFS_DIFLAG_EXTSZINHERIT)) { 1243 unsigned int rtextsize_bytes; 1244 1245 rtextsize_bytes = XFS_FSB_TO_B(mp, mp->m_sb.sb_rextsize); 1246 if (fa->fsx_extsize % rtextsize_bytes) 1247 return -EINVAL; 1248 } 1249 1250 failaddr = xfs_inode_validate_extsize(ip->i_mount, 1251 XFS_B_TO_FSB(mp, fa->fsx_extsize), 1252 VFS_I(ip)->i_mode, new_diflags); 1253 return failaddr != NULL ? -EINVAL : 0; 1254} 1255 1256static int 1257xfs_ioctl_setattr_check_cowextsize( 1258 struct xfs_inode *ip, 1259 struct fileattr *fa) 1260{ 1261 struct xfs_mount *mp = ip->i_mount; 1262 xfs_failaddr_t failaddr; 1263 uint64_t new_diflags2; 1264 uint16_t new_diflags; 1265 1266 if (!fa->fsx_valid) 1267 return 0; 1268 1269 if (fa->fsx_cowextsize & mp->m_blockmask) 1270 return -EINVAL; 1271 1272 new_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1273 new_diflags2 = xfs_flags2diflags2(ip, fa->fsx_xflags); 1274 1275 failaddr = xfs_inode_validate_cowextsize(ip->i_mount, 1276 XFS_B_TO_FSB(mp, fa->fsx_cowextsize), 1277 VFS_I(ip)->i_mode, new_diflags, new_diflags2); 1278 return failaddr != NULL ? -EINVAL : 0; 1279} 1280 1281static int 1282xfs_ioctl_setattr_check_projid( 1283 struct xfs_inode *ip, 1284 struct fileattr *fa) 1285{ 1286 if (!fa->fsx_valid) 1287 return 0; 1288 1289 /* Disallow 32bit project ids if 32bit IDs are not enabled. */ 1290 if (fa->fsx_projid > (uint16_t)-1 && 1291 !xfs_has_projid32(ip->i_mount)) 1292 return -EINVAL; 1293 return 0; 1294} 1295 1296int 1297xfs_fileattr_set( 1298 struct user_namespace *mnt_userns, 1299 struct dentry *dentry, 1300 struct fileattr *fa) 1301{ 1302 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1303 struct xfs_mount *mp = ip->i_mount; 1304 struct xfs_trans *tp; 1305 struct xfs_dquot *pdqp = NULL; 1306 struct xfs_dquot *olddquot = NULL; 1307 int error; 1308 1309 trace_xfs_ioctl_setattr(ip); 1310 1311 if (d_is_special(dentry)) 1312 return -ENOTTY; 1313 1314 if (!fa->fsx_valid) { 1315 if (fa->flags & ~(FS_IMMUTABLE_FL | FS_APPEND_FL | 1316 FS_NOATIME_FL | FS_NODUMP_FL | 1317 FS_SYNC_FL | FS_DAX_FL | FS_PROJINHERIT_FL)) 1318 return -EOPNOTSUPP; 1319 } 1320 1321 error = xfs_ioctl_setattr_check_projid(ip, fa); 1322 if (error) 1323 return error; 1324 1325 /* 1326 * If disk quotas is on, we make sure that the dquots do exist on disk, 1327 * before we start any other transactions. Trying to do this later 1328 * is messy. We don't care to take a readlock to look at the ids 1329 * in inode here, because we can't hold it across the trans_reserve. 1330 * If the IDs do change before we take the ilock, we're covered 1331 * because the i_*dquot fields will get updated anyway. 1332 */ 1333 if (fa->fsx_valid && XFS_IS_QUOTA_ON(mp)) { 1334 error = xfs_qm_vop_dqalloc(ip, VFS_I(ip)->i_uid, 1335 VFS_I(ip)->i_gid, fa->fsx_projid, 1336 XFS_QMOPT_PQUOTA, NULL, NULL, &pdqp); 1337 if (error) 1338 return error; 1339 } 1340 1341 xfs_ioctl_setattr_prepare_dax(ip, fa); 1342 1343 tp = xfs_ioctl_setattr_get_trans(ip, pdqp); 1344 if (IS_ERR(tp)) { 1345 error = PTR_ERR(tp); 1346 goto error_free_dquots; 1347 } 1348 1349 error = xfs_ioctl_setattr_check_extsize(ip, fa); 1350 if (error) 1351 goto error_trans_cancel; 1352 1353 error = xfs_ioctl_setattr_check_cowextsize(ip, fa); 1354 if (error) 1355 goto error_trans_cancel; 1356 1357 error = xfs_ioctl_setattr_xflags(tp, ip, fa); 1358 if (error) 1359 goto error_trans_cancel; 1360 1361 if (!fa->fsx_valid) 1362 goto skip_xattr; 1363 /* 1364 * Change file ownership. Must be the owner or privileged. CAP_FSETID 1365 * overrides the following restrictions: 1366 * 1367 * The set-user-ID and set-group-ID bits of a file will be cleared upon 1368 * successful return from chown() 1369 */ 1370 1371 if ((VFS_I(ip)->i_mode & (S_ISUID|S_ISGID)) && 1372 !capable_wrt_inode_uidgid(mnt_userns, VFS_I(ip), CAP_FSETID)) 1373 VFS_I(ip)->i_mode &= ~(S_ISUID|S_ISGID); 1374 1375 /* Change the ownerships and register project quota modifications */ 1376 if (ip->i_projid != fa->fsx_projid) { 1377 if (XFS_IS_PQUOTA_ON(mp)) { 1378 olddquot = xfs_qm_vop_chown(tp, ip, 1379 &ip->i_pdquot, pdqp); 1380 } 1381 ip->i_projid = fa->fsx_projid; 1382 } 1383 1384 /* 1385 * Only set the extent size hint if we've already determined that the 1386 * extent size hint should be set on the inode. If no extent size flags 1387 * are set on the inode then unconditionally clear the extent size hint. 1388 */ 1389 if (ip->i_diflags & (XFS_DIFLAG_EXTSIZE | XFS_DIFLAG_EXTSZINHERIT)) 1390 ip->i_extsize = XFS_B_TO_FSB(mp, fa->fsx_extsize); 1391 else 1392 ip->i_extsize = 0; 1393 1394 if (xfs_has_v3inodes(mp)) { 1395 if (ip->i_diflags2 & XFS_DIFLAG2_COWEXTSIZE) 1396 ip->i_cowextsize = XFS_B_TO_FSB(mp, fa->fsx_cowextsize); 1397 else 1398 ip->i_cowextsize = 0; 1399 } 1400 1401skip_xattr: 1402 error = xfs_trans_commit(tp); 1403 1404 /* 1405 * Release any dquot(s) the inode had kept before chown. 1406 */ 1407 xfs_qm_dqrele(olddquot); 1408 xfs_qm_dqrele(pdqp); 1409 1410 return error; 1411 1412error_trans_cancel: 1413 xfs_trans_cancel(tp); 1414error_free_dquots: 1415 xfs_qm_dqrele(pdqp); 1416 return error; 1417} 1418 1419static bool 1420xfs_getbmap_format( 1421 struct kgetbmap *p, 1422 struct getbmapx __user *u, 1423 size_t recsize) 1424{ 1425 if (put_user(p->bmv_offset, &u->bmv_offset) || 1426 put_user(p->bmv_block, &u->bmv_block) || 1427 put_user(p->bmv_length, &u->bmv_length) || 1428 put_user(0, &u->bmv_count) || 1429 put_user(0, &u->bmv_entries)) 1430 return false; 1431 if (recsize < sizeof(struct getbmapx)) 1432 return true; 1433 if (put_user(0, &u->bmv_iflags) || 1434 put_user(p->bmv_oflags, &u->bmv_oflags) || 1435 put_user(0, &u->bmv_unused1) || 1436 put_user(0, &u->bmv_unused2)) 1437 return false; 1438 return true; 1439} 1440 1441STATIC int 1442xfs_ioc_getbmap( 1443 struct file *file, 1444 unsigned int cmd, 1445 void __user *arg) 1446{ 1447 struct getbmapx bmx = { 0 }; 1448 struct kgetbmap *buf; 1449 size_t recsize; 1450 int error, i; 1451 1452 switch (cmd) { 1453 case XFS_IOC_GETBMAPA: 1454 bmx.bmv_iflags = BMV_IF_ATTRFORK; 1455 fallthrough; 1456 case XFS_IOC_GETBMAP: 1457 /* struct getbmap is a strict subset of struct getbmapx. */ 1458 recsize = sizeof(struct getbmap); 1459 break; 1460 case XFS_IOC_GETBMAPX: 1461 recsize = sizeof(struct getbmapx); 1462 break; 1463 default: 1464 return -EINVAL; 1465 } 1466 1467 if (copy_from_user(&bmx, arg, recsize)) 1468 return -EFAULT; 1469 1470 if (bmx.bmv_count < 2) 1471 return -EINVAL; 1472 if (bmx.bmv_count >= INT_MAX / recsize) 1473 return -ENOMEM; 1474 1475 buf = kvcalloc(bmx.bmv_count, sizeof(*buf), GFP_KERNEL); 1476 if (!buf) 1477 return -ENOMEM; 1478 1479 error = xfs_getbmap(XFS_I(file_inode(file)), &bmx, buf); 1480 if (error) 1481 goto out_free_buf; 1482 1483 error = -EFAULT; 1484 if (copy_to_user(arg, &bmx, recsize)) 1485 goto out_free_buf; 1486 arg += recsize; 1487 1488 for (i = 0; i < bmx.bmv_entries; i++) { 1489 if (!xfs_getbmap_format(buf + i, arg, recsize)) 1490 goto out_free_buf; 1491 arg += recsize; 1492 } 1493 1494 error = 0; 1495out_free_buf: 1496 kmem_free(buf); 1497 return error; 1498} 1499 1500STATIC int 1501xfs_ioc_getfsmap( 1502 struct xfs_inode *ip, 1503 struct fsmap_head __user *arg) 1504{ 1505 struct xfs_fsmap_head xhead = {0}; 1506 struct fsmap_head head; 1507 struct fsmap *recs; 1508 unsigned int count; 1509 __u32 last_flags = 0; 1510 bool done = false; 1511 int error; 1512 1513 if (copy_from_user(&head, arg, sizeof(struct fsmap_head))) 1514 return -EFAULT; 1515 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) || 1516 memchr_inv(head.fmh_keys[0].fmr_reserved, 0, 1517 sizeof(head.fmh_keys[0].fmr_reserved)) || 1518 memchr_inv(head.fmh_keys[1].fmr_reserved, 0, 1519 sizeof(head.fmh_keys[1].fmr_reserved))) 1520 return -EINVAL; 1521 1522 /* 1523 * Use an internal memory buffer so that we don't have to copy fsmap 1524 * data to userspace while holding locks. Start by trying to allocate 1525 * up to 128k for the buffer, but fall back to a single page if needed. 1526 */ 1527 count = min_t(unsigned int, head.fmh_count, 1528 131072 / sizeof(struct fsmap)); 1529 recs = kvcalloc(count, sizeof(struct fsmap), GFP_KERNEL); 1530 if (!recs) { 1531 count = min_t(unsigned int, head.fmh_count, 1532 PAGE_SIZE / sizeof(struct fsmap)); 1533 recs = kvcalloc(count, sizeof(struct fsmap), GFP_KERNEL); 1534 if (!recs) 1535 return -ENOMEM; 1536 } 1537 1538 xhead.fmh_iflags = head.fmh_iflags; 1539 xfs_fsmap_to_internal(&xhead.fmh_keys[0], &head.fmh_keys[0]); 1540 xfs_fsmap_to_internal(&xhead.fmh_keys[1], &head.fmh_keys[1]); 1541 1542 trace_xfs_getfsmap_low_key(ip->i_mount, &xhead.fmh_keys[0]); 1543 trace_xfs_getfsmap_high_key(ip->i_mount, &xhead.fmh_keys[1]); 1544 1545 head.fmh_entries = 0; 1546 do { 1547 struct fsmap __user *user_recs; 1548 struct fsmap *last_rec; 1549 1550 user_recs = &arg->fmh_recs[head.fmh_entries]; 1551 xhead.fmh_entries = 0; 1552 xhead.fmh_count = min_t(unsigned int, count, 1553 head.fmh_count - head.fmh_entries); 1554 1555 /* Run query, record how many entries we got. */ 1556 error = xfs_getfsmap(ip->i_mount, &xhead, recs); 1557 switch (error) { 1558 case 0: 1559 /* 1560 * There are no more records in the result set. Copy 1561 * whatever we got to userspace and break out. 1562 */ 1563 done = true; 1564 break; 1565 case -ECANCELED: 1566 /* 1567 * The internal memory buffer is full. Copy whatever 1568 * records we got to userspace and go again if we have 1569 * not yet filled the userspace buffer. 1570 */ 1571 error = 0; 1572 break; 1573 default: 1574 goto out_free; 1575 } 1576 head.fmh_entries += xhead.fmh_entries; 1577 head.fmh_oflags = xhead.fmh_oflags; 1578 1579 /* 1580 * If the caller wanted a record count or there aren't any 1581 * new records to return, we're done. 1582 */ 1583 if (head.fmh_count == 0 || xhead.fmh_entries == 0) 1584 break; 1585 1586 /* Copy all the records we got out to userspace. */ 1587 if (copy_to_user(user_recs, recs, 1588 xhead.fmh_entries * sizeof(struct fsmap))) { 1589 error = -EFAULT; 1590 goto out_free; 1591 } 1592 1593 /* Remember the last record flags we copied to userspace. */ 1594 last_rec = &recs[xhead.fmh_entries - 1]; 1595 last_flags = last_rec->fmr_flags; 1596 1597 /* Set up the low key for the next iteration. */ 1598 xfs_fsmap_to_internal(&xhead.fmh_keys[0], last_rec); 1599 trace_xfs_getfsmap_low_key(ip->i_mount, &xhead.fmh_keys[0]); 1600 } while (!done && head.fmh_entries < head.fmh_count); 1601 1602 /* 1603 * If there are no more records in the query result set and we're not 1604 * in counting mode, mark the last record returned with the LAST flag. 1605 */ 1606 if (done && head.fmh_count > 0 && head.fmh_entries > 0) { 1607 struct fsmap __user *user_rec; 1608 1609 last_flags |= FMR_OF_LAST; 1610 user_rec = &arg->fmh_recs[head.fmh_entries - 1]; 1611 1612 if (copy_to_user(&user_rec->fmr_flags, &last_flags, 1613 sizeof(last_flags))) { 1614 error = -EFAULT; 1615 goto out_free; 1616 } 1617 } 1618 1619 /* copy back header */ 1620 if (copy_to_user(arg, &head, sizeof(struct fsmap_head))) { 1621 error = -EFAULT; 1622 goto out_free; 1623 } 1624 1625out_free: 1626 kmem_free(recs); 1627 return error; 1628} 1629 1630STATIC int 1631xfs_ioc_scrub_metadata( 1632 struct file *file, 1633 void __user *arg) 1634{ 1635 struct xfs_scrub_metadata scrub; 1636 int error; 1637 1638 if (!capable(CAP_SYS_ADMIN)) 1639 return -EPERM; 1640 1641 if (copy_from_user(&scrub, arg, sizeof(scrub))) 1642 return -EFAULT; 1643 1644 error = xfs_scrub_metadata(file, &scrub); 1645 if (error) 1646 return error; 1647 1648 if (copy_to_user(arg, &scrub, sizeof(scrub))) 1649 return -EFAULT; 1650 1651 return 0; 1652} 1653 1654int 1655xfs_ioc_swapext( 1656 xfs_swapext_t *sxp) 1657{ 1658 xfs_inode_t *ip, *tip; 1659 struct fd f, tmp; 1660 int error = 0; 1661 1662 /* Pull information for the target fd */ 1663 f = fdget((int)sxp->sx_fdtarget); 1664 if (!f.file) { 1665 error = -EINVAL; 1666 goto out; 1667 } 1668 1669 if (!(f.file->f_mode & FMODE_WRITE) || 1670 !(f.file->f_mode & FMODE_READ) || 1671 (f.file->f_flags & O_APPEND)) { 1672 error = -EBADF; 1673 goto out_put_file; 1674 } 1675 1676 tmp = fdget((int)sxp->sx_fdtmp); 1677 if (!tmp.file) { 1678 error = -EINVAL; 1679 goto out_put_file; 1680 } 1681 1682 if (!(tmp.file->f_mode & FMODE_WRITE) || 1683 !(tmp.file->f_mode & FMODE_READ) || 1684 (tmp.file->f_flags & O_APPEND)) { 1685 error = -EBADF; 1686 goto out_put_tmp_file; 1687 } 1688 1689 if (IS_SWAPFILE(file_inode(f.file)) || 1690 IS_SWAPFILE(file_inode(tmp.file))) { 1691 error = -EINVAL; 1692 goto out_put_tmp_file; 1693 } 1694 1695 /* 1696 * We need to ensure that the fds passed in point to XFS inodes 1697 * before we cast and access them as XFS structures as we have no 1698 * control over what the user passes us here. 1699 */ 1700 if (f.file->f_op != &xfs_file_operations || 1701 tmp.file->f_op != &xfs_file_operations) { 1702 error = -EINVAL; 1703 goto out_put_tmp_file; 1704 } 1705 1706 ip = XFS_I(file_inode(f.file)); 1707 tip = XFS_I(file_inode(tmp.file)); 1708 1709 if (ip->i_mount != tip->i_mount) { 1710 error = -EINVAL; 1711 goto out_put_tmp_file; 1712 } 1713 1714 if (ip->i_ino == tip->i_ino) { 1715 error = -EINVAL; 1716 goto out_put_tmp_file; 1717 } 1718 1719 if (xfs_is_shutdown(ip->i_mount)) { 1720 error = -EIO; 1721 goto out_put_tmp_file; 1722 } 1723 1724 error = xfs_swap_extents(ip, tip, sxp); 1725 1726 out_put_tmp_file: 1727 fdput(tmp); 1728 out_put_file: 1729 fdput(f); 1730 out: 1731 return error; 1732} 1733 1734static int 1735xfs_ioc_getlabel( 1736 struct xfs_mount *mp, 1737 char __user *user_label) 1738{ 1739 struct xfs_sb *sbp = &mp->m_sb; 1740 char label[XFSLABEL_MAX + 1]; 1741 1742 /* Paranoia */ 1743 BUILD_BUG_ON(sizeof(sbp->sb_fname) > FSLABEL_MAX); 1744 1745 /* 1 larger than sb_fname, so this ensures a trailing NUL char */ 1746 memset(label, 0, sizeof(label)); 1747 spin_lock(&mp->m_sb_lock); 1748 strncpy(label, sbp->sb_fname, XFSLABEL_MAX); 1749 spin_unlock(&mp->m_sb_lock); 1750 1751 if (copy_to_user(user_label, label, sizeof(label))) 1752 return -EFAULT; 1753 return 0; 1754} 1755 1756static int 1757xfs_ioc_setlabel( 1758 struct file *filp, 1759 struct xfs_mount *mp, 1760 char __user *newlabel) 1761{ 1762 struct xfs_sb *sbp = &mp->m_sb; 1763 char label[XFSLABEL_MAX + 1]; 1764 size_t len; 1765 int error; 1766 1767 if (!capable(CAP_SYS_ADMIN)) 1768 return -EPERM; 1769 /* 1770 * The generic ioctl allows up to FSLABEL_MAX chars, but XFS is much 1771 * smaller, at 12 bytes. We copy one more to be sure we find the 1772 * (required) NULL character to test the incoming label length. 1773 * NB: The on disk label doesn't need to be null terminated. 1774 */ 1775 if (copy_from_user(label, newlabel, XFSLABEL_MAX + 1)) 1776 return -EFAULT; 1777 len = strnlen(label, XFSLABEL_MAX + 1); 1778 if (len > sizeof(sbp->sb_fname)) 1779 return -EINVAL; 1780 1781 error = mnt_want_write_file(filp); 1782 if (error) 1783 return error; 1784 1785 spin_lock(&mp->m_sb_lock); 1786 memset(sbp->sb_fname, 0, sizeof(sbp->sb_fname)); 1787 memcpy(sbp->sb_fname, label, len); 1788 spin_unlock(&mp->m_sb_lock); 1789 1790 /* 1791 * Now we do several things to satisfy userspace. 1792 * In addition to normal logging of the primary superblock, we also 1793 * immediately write these changes to sector zero for the primary, then 1794 * update all backup supers (as xfs_db does for a label change), then 1795 * invalidate the block device page cache. This is so that any prior 1796 * buffered reads from userspace (i.e. from blkid) are invalidated, 1797 * and userspace will see the newly-written label. 1798 */ 1799 error = xfs_sync_sb_buf(mp); 1800 if (error) 1801 goto out; 1802 /* 1803 * growfs also updates backup supers so lock against that. 1804 */ 1805 mutex_lock(&mp->m_growlock); 1806 error = xfs_update_secondary_sbs(mp); 1807 mutex_unlock(&mp->m_growlock); 1808 1809 invalidate_bdev(mp->m_ddev_targp->bt_bdev); 1810 1811out: 1812 mnt_drop_write_file(filp); 1813 return error; 1814} 1815 1816static inline int 1817xfs_fs_eofblocks_from_user( 1818 struct xfs_fs_eofblocks *src, 1819 struct xfs_icwalk *dst) 1820{ 1821 if (src->eof_version != XFS_EOFBLOCKS_VERSION) 1822 return -EINVAL; 1823 1824 if (src->eof_flags & ~XFS_EOF_FLAGS_VALID) 1825 return -EINVAL; 1826 1827 if (memchr_inv(&src->pad32, 0, sizeof(src->pad32)) || 1828 memchr_inv(src->pad64, 0, sizeof(src->pad64))) 1829 return -EINVAL; 1830 1831 dst->icw_flags = 0; 1832 if (src->eof_flags & XFS_EOF_FLAGS_SYNC) 1833 dst->icw_flags |= XFS_ICWALK_FLAG_SYNC; 1834 if (src->eof_flags & XFS_EOF_FLAGS_UID) 1835 dst->icw_flags |= XFS_ICWALK_FLAG_UID; 1836 if (src->eof_flags & XFS_EOF_FLAGS_GID) 1837 dst->icw_flags |= XFS_ICWALK_FLAG_GID; 1838 if (src->eof_flags & XFS_EOF_FLAGS_PRID) 1839 dst->icw_flags |= XFS_ICWALK_FLAG_PRID; 1840 if (src->eof_flags & XFS_EOF_FLAGS_MINFILESIZE) 1841 dst->icw_flags |= XFS_ICWALK_FLAG_MINFILESIZE; 1842 1843 dst->icw_prid = src->eof_prid; 1844 dst->icw_min_file_size = src->eof_min_file_size; 1845 1846 dst->icw_uid = INVALID_UID; 1847 if (src->eof_flags & XFS_EOF_FLAGS_UID) { 1848 dst->icw_uid = make_kuid(current_user_ns(), src->eof_uid); 1849 if (!uid_valid(dst->icw_uid)) 1850 return -EINVAL; 1851 } 1852 1853 dst->icw_gid = INVALID_GID; 1854 if (src->eof_flags & XFS_EOF_FLAGS_GID) { 1855 dst->icw_gid = make_kgid(current_user_ns(), src->eof_gid); 1856 if (!gid_valid(dst->icw_gid)) 1857 return -EINVAL; 1858 } 1859 return 0; 1860} 1861 1862/* 1863 * These long-unused ioctls were removed from the official ioctl API in 5.17, 1864 * but retain these definitions so that we can log warnings about them. 1865 */ 1866#define XFS_IOC_ALLOCSP _IOW ('X', 10, struct xfs_flock64) 1867#define XFS_IOC_FREESP _IOW ('X', 11, struct xfs_flock64) 1868#define XFS_IOC_ALLOCSP64 _IOW ('X', 36, struct xfs_flock64) 1869#define XFS_IOC_FREESP64 _IOW ('X', 37, struct xfs_flock64) 1870 1871/* 1872 * Note: some of the ioctl's return positive numbers as a 1873 * byte count indicating success, such as readlink_by_handle. 1874 * So we don't "sign flip" like most other routines. This means 1875 * true errors need to be returned as a negative value. 1876 */ 1877long 1878xfs_file_ioctl( 1879 struct file *filp, 1880 unsigned int cmd, 1881 unsigned long p) 1882{ 1883 struct inode *inode = file_inode(filp); 1884 struct xfs_inode *ip = XFS_I(inode); 1885 struct xfs_mount *mp = ip->i_mount; 1886 void __user *arg = (void __user *)p; 1887 int error; 1888 1889 trace_xfs_file_ioctl(ip); 1890 1891 switch (cmd) { 1892 case FITRIM: 1893 return xfs_ioc_trim(mp, arg); 1894 case FS_IOC_GETFSLABEL: 1895 return xfs_ioc_getlabel(mp, arg); 1896 case FS_IOC_SETFSLABEL: 1897 return xfs_ioc_setlabel(filp, mp, arg); 1898 case XFS_IOC_ALLOCSP: 1899 case XFS_IOC_FREESP: 1900 case XFS_IOC_ALLOCSP64: 1901 case XFS_IOC_FREESP64: 1902 xfs_warn_once(mp, 1903 "%s should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported", 1904 current->comm); 1905 return -ENOTTY; 1906 case XFS_IOC_DIOINFO: { 1907 struct xfs_buftarg *target = xfs_inode_buftarg(ip); 1908 struct dioattr da; 1909 1910 da.d_mem = da.d_miniosz = target->bt_logical_sectorsize; 1911 da.d_maxiosz = INT_MAX & ~(da.d_miniosz - 1); 1912 1913 if (copy_to_user(arg, &da, sizeof(da))) 1914 return -EFAULT; 1915 return 0; 1916 } 1917 1918 case XFS_IOC_FSBULKSTAT_SINGLE: 1919 case XFS_IOC_FSBULKSTAT: 1920 case XFS_IOC_FSINUMBERS: 1921 return xfs_ioc_fsbulkstat(filp, cmd, arg); 1922 1923 case XFS_IOC_BULKSTAT: 1924 return xfs_ioc_bulkstat(filp, cmd, arg); 1925 case XFS_IOC_INUMBERS: 1926 return xfs_ioc_inumbers(mp, cmd, arg); 1927 1928 case XFS_IOC_FSGEOMETRY_V1: 1929 return xfs_ioc_fsgeometry(mp, arg, 3); 1930 case XFS_IOC_FSGEOMETRY_V4: 1931 return xfs_ioc_fsgeometry(mp, arg, 4); 1932 case XFS_IOC_FSGEOMETRY: 1933 return xfs_ioc_fsgeometry(mp, arg, 5); 1934 1935 case XFS_IOC_AG_GEOMETRY: 1936 return xfs_ioc_ag_geometry(mp, arg); 1937 1938 case XFS_IOC_GETVERSION: 1939 return put_user(inode->i_generation, (int __user *)arg); 1940 1941 case XFS_IOC_FSGETXATTRA: 1942 return xfs_ioc_fsgetxattra(ip, arg); 1943 1944 case XFS_IOC_GETBMAP: 1945 case XFS_IOC_GETBMAPA: 1946 case XFS_IOC_GETBMAPX: 1947 return xfs_ioc_getbmap(filp, cmd, arg); 1948 1949 case FS_IOC_GETFSMAP: 1950 return xfs_ioc_getfsmap(ip, arg); 1951 1952 case XFS_IOC_SCRUB_METADATA: 1953 return xfs_ioc_scrub_metadata(filp, arg); 1954 1955 case XFS_IOC_FD_TO_HANDLE: 1956 case XFS_IOC_PATH_TO_HANDLE: 1957 case XFS_IOC_PATH_TO_FSHANDLE: { 1958 xfs_fsop_handlereq_t hreq; 1959 1960 if (copy_from_user(&hreq, arg, sizeof(hreq))) 1961 return -EFAULT; 1962 return xfs_find_handle(cmd, &hreq); 1963 } 1964 case XFS_IOC_OPEN_BY_HANDLE: { 1965 xfs_fsop_handlereq_t hreq; 1966 1967 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t))) 1968 return -EFAULT; 1969 return xfs_open_by_handle(filp, &hreq); 1970 } 1971 1972 case XFS_IOC_READLINK_BY_HANDLE: { 1973 xfs_fsop_handlereq_t hreq; 1974 1975 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t))) 1976 return -EFAULT; 1977 return xfs_readlink_by_handle(filp, &hreq); 1978 } 1979 case XFS_IOC_ATTRLIST_BY_HANDLE: 1980 return xfs_attrlist_by_handle(filp, arg); 1981 1982 case XFS_IOC_ATTRMULTI_BY_HANDLE: 1983 return xfs_attrmulti_by_handle(filp, arg); 1984 1985 case XFS_IOC_SWAPEXT: { 1986 struct xfs_swapext sxp; 1987 1988 if (copy_from_user(&sxp, arg, sizeof(xfs_swapext_t))) 1989 return -EFAULT; 1990 error = mnt_want_write_file(filp); 1991 if (error) 1992 return error; 1993 error = xfs_ioc_swapext(&sxp); 1994 mnt_drop_write_file(filp); 1995 return error; 1996 } 1997 1998 case XFS_IOC_FSCOUNTS: { 1999 xfs_fsop_counts_t out; 2000 2001 xfs_fs_counts(mp, &out); 2002 2003 if (copy_to_user(arg, &out, sizeof(out))) 2004 return -EFAULT; 2005 return 0; 2006 } 2007 2008 case XFS_IOC_SET_RESBLKS: { 2009 xfs_fsop_resblks_t inout; 2010 uint64_t in; 2011 2012 if (!capable(CAP_SYS_ADMIN)) 2013 return -EPERM; 2014 2015 if (xfs_is_readonly(mp)) 2016 return -EROFS; 2017 2018 if (copy_from_user(&inout, arg, sizeof(inout))) 2019 return -EFAULT; 2020 2021 error = mnt_want_write_file(filp); 2022 if (error) 2023 return error; 2024 2025 /* input parameter is passed in resblks field of structure */ 2026 in = inout.resblks; 2027 error = xfs_reserve_blocks(mp, &in, &inout); 2028 mnt_drop_write_file(filp); 2029 if (error) 2030 return error; 2031 2032 if (copy_to_user(arg, &inout, sizeof(inout))) 2033 return -EFAULT; 2034 return 0; 2035 } 2036 2037 case XFS_IOC_GET_RESBLKS: { 2038 xfs_fsop_resblks_t out; 2039 2040 if (!capable(CAP_SYS_ADMIN)) 2041 return -EPERM; 2042 2043 error = xfs_reserve_blocks(mp, NULL, &out); 2044 if (error) 2045 return error; 2046 2047 if (copy_to_user(arg, &out, sizeof(out))) 2048 return -EFAULT; 2049 2050 return 0; 2051 } 2052 2053 case XFS_IOC_FSGROWFSDATA: { 2054 struct xfs_growfs_data in; 2055 2056 if (copy_from_user(&in, arg, sizeof(in))) 2057 return -EFAULT; 2058 2059 error = mnt_want_write_file(filp); 2060 if (error) 2061 return error; 2062 error = xfs_growfs_data(mp, &in); 2063 mnt_drop_write_file(filp); 2064 return error; 2065 } 2066 2067 case XFS_IOC_FSGROWFSLOG: { 2068 struct xfs_growfs_log in; 2069 2070 if (copy_from_user(&in, arg, sizeof(in))) 2071 return -EFAULT; 2072 2073 error = mnt_want_write_file(filp); 2074 if (error) 2075 return error; 2076 error = xfs_growfs_log(mp, &in); 2077 mnt_drop_write_file(filp); 2078 return error; 2079 } 2080 2081 case XFS_IOC_FSGROWFSRT: { 2082 xfs_growfs_rt_t in; 2083 2084 if (copy_from_user(&in, arg, sizeof(in))) 2085 return -EFAULT; 2086 2087 error = mnt_want_write_file(filp); 2088 if (error) 2089 return error; 2090 error = xfs_growfs_rt(mp, &in); 2091 mnt_drop_write_file(filp); 2092 return error; 2093 } 2094 2095 case XFS_IOC_GOINGDOWN: { 2096 uint32_t in; 2097 2098 if (!capable(CAP_SYS_ADMIN)) 2099 return -EPERM; 2100 2101 if (get_user(in, (uint32_t __user *)arg)) 2102 return -EFAULT; 2103 2104 return xfs_fs_goingdown(mp, in); 2105 } 2106 2107 case XFS_IOC_ERROR_INJECTION: { 2108 xfs_error_injection_t in; 2109 2110 if (!capable(CAP_SYS_ADMIN)) 2111 return -EPERM; 2112 2113 if (copy_from_user(&in, arg, sizeof(in))) 2114 return -EFAULT; 2115 2116 return xfs_errortag_add(mp, in.errtag); 2117 } 2118 2119 case XFS_IOC_ERROR_CLEARALL: 2120 if (!capable(CAP_SYS_ADMIN)) 2121 return -EPERM; 2122 2123 return xfs_errortag_clearall(mp); 2124 2125 case XFS_IOC_FREE_EOFBLOCKS: { 2126 struct xfs_fs_eofblocks eofb; 2127 struct xfs_icwalk icw; 2128 2129 if (!capable(CAP_SYS_ADMIN)) 2130 return -EPERM; 2131 2132 if (xfs_is_readonly(mp)) 2133 return -EROFS; 2134 2135 if (copy_from_user(&eofb, arg, sizeof(eofb))) 2136 return -EFAULT; 2137 2138 error = xfs_fs_eofblocks_from_user(&eofb, &icw); 2139 if (error) 2140 return error; 2141 2142 trace_xfs_ioc_free_eofblocks(mp, &icw, _RET_IP_); 2143 2144 sb_start_write(mp->m_super); 2145 error = xfs_blockgc_free_space(mp, &icw); 2146 sb_end_write(mp->m_super); 2147 return error; 2148 } 2149 2150 default: 2151 return -ENOTTY; 2152 } 2153}