1// SPDX-License-Identifier: GPL-2.0 2#include <linux/capability.h> 3#include <linux/compat.h> 4#include <linux/blkdev.h> 5#include <linux/export.h> 6#include <linux/gfp.h> 7#include <linux/blkpg.h> 8#include <linux/hdreg.h> 9#include <linux/backing-dev.h> 10#include <linux/fs.h> 11#include <linux/blktrace_api.h> 12#include <linux/pr.h> 13#include <linux/uaccess.h> 14#include "blk.h" 15 16static int blkpg_do_ioctl(struct block_device *bdev, 17 struct blkpg_partition __user *upart, int op) 18{ 19 struct blkpg_partition p; 20 long long start, length; 21 22 if (!capable(CAP_SYS_ADMIN)) 23 return -EACCES; 24 if (copy_from_user(&p, upart, sizeof(struct blkpg_partition))) 25 return -EFAULT; 26 if (bdev_is_partition(bdev)) 27 return -EINVAL; 28 29 if (p.pno <= 0) 30 return -EINVAL; 31 32 if (op == BLKPG_DEL_PARTITION) 33 return bdev_del_partition(bdev, p.pno); 34 35 start = p.start >> SECTOR_SHIFT; 36 length = p.length >> SECTOR_SHIFT; 37 38 /* check for fit in a hd_struct */ 39 if (sizeof(sector_t) < sizeof(long long)) { 40 long pstart = start, plength = length; 41 42 if (pstart != start || plength != length || pstart < 0 || 43 plength < 0 || p.pno > 65535) 44 return -EINVAL; 45 } 46 47 switch (op) { 48 case BLKPG_ADD_PARTITION: 49 /* check if partition is aligned to blocksize */ 50 if (p.start & (bdev_logical_block_size(bdev) - 1)) 51 return -EINVAL; 52 return bdev_add_partition(bdev, p.pno, start, length); 53 case BLKPG_RESIZE_PARTITION: 54 return bdev_resize_partition(bdev, p.pno, start, length); 55 default: 56 return -EINVAL; 57 } 58} 59 60static int blkpg_ioctl(struct block_device *bdev, 61 struct blkpg_ioctl_arg __user *arg) 62{ 63 struct blkpg_partition __user *udata; 64 int op; 65 66 if (get_user(op, &arg->op) || get_user(udata, &arg->data)) 67 return -EFAULT; 68 69 return blkpg_do_ioctl(bdev, udata, op); 70} 71 72#ifdef CONFIG_COMPAT 73struct compat_blkpg_ioctl_arg { 74 compat_int_t op; 75 compat_int_t flags; 76 compat_int_t datalen; 77 compat_caddr_t data; 78}; 79 80static int compat_blkpg_ioctl(struct block_device *bdev, 81 struct compat_blkpg_ioctl_arg __user *arg) 82{ 83 compat_caddr_t udata; 84 int op; 85 86 if (get_user(op, &arg->op) || get_user(udata, &arg->data)) 87 return -EFAULT; 88 89 return blkpg_do_ioctl(bdev, compat_ptr(udata), op); 90} 91#endif 92 93static int blkdev_reread_part(struct block_device *bdev, fmode_t mode) 94{ 95 struct block_device *tmp; 96 97 if (!disk_part_scan_enabled(bdev->bd_disk) || bdev_is_partition(bdev)) 98 return -EINVAL; 99 if (!capable(CAP_SYS_ADMIN)) 100 return -EACCES; 101 if (bdev->bd_part_count) 102 return -EBUSY; 103 104 /* 105 * Reopen the device to revalidate the driver state and force a 106 * partition rescan. 107 */ 108 mode &= ~FMODE_EXCL; 109 set_bit(GD_NEED_PART_SCAN, &bdev->bd_disk->state); 110 111 tmp = blkdev_get_by_dev(bdev->bd_dev, mode, NULL); 112 if (IS_ERR(tmp)) 113 return PTR_ERR(tmp); 114 blkdev_put(tmp, mode); 115 return 0; 116} 117 118static int blk_ioctl_discard(struct block_device *bdev, fmode_t mode, 119 unsigned long arg, unsigned long flags) 120{ 121 uint64_t range[2]; 122 uint64_t start, len; 123 struct request_queue *q = bdev_get_queue(bdev); 124 int err; 125 126 if (!(mode & FMODE_WRITE)) 127 return -EBADF; 128 129 if (!blk_queue_discard(q)) 130 return -EOPNOTSUPP; 131 132 if (copy_from_user(range, (void __user *)arg, sizeof(range))) 133 return -EFAULT; 134 135 start = range[0]; 136 len = range[1]; 137 138 if (start & 511) 139 return -EINVAL; 140 if (len & 511) 141 return -EINVAL; 142 143 if (start + len > i_size_read(bdev->bd_inode)) 144 return -EINVAL; 145 146 err = truncate_bdev_range(bdev, mode, start, start + len - 1); 147 if (err) 148 return err; 149 150 return blkdev_issue_discard(bdev, start >> 9, len >> 9, 151 GFP_KERNEL, flags); 152} 153 154static int blk_ioctl_zeroout(struct block_device *bdev, fmode_t mode, 155 unsigned long arg) 156{ 157 uint64_t range[2]; 158 uint64_t start, end, len; 159 int err; 160 161 if (!(mode & FMODE_WRITE)) 162 return -EBADF; 163 164 if (copy_from_user(range, (void __user *)arg, sizeof(range))) 165 return -EFAULT; 166 167 start = range[0]; 168 len = range[1]; 169 end = start + len - 1; 170 171 if (start & 511) 172 return -EINVAL; 173 if (len & 511) 174 return -EINVAL; 175 if (end >= (uint64_t)i_size_read(bdev->bd_inode)) 176 return -EINVAL; 177 if (end < start) 178 return -EINVAL; 179 180 /* Invalidate the page cache, including dirty pages */ 181 err = truncate_bdev_range(bdev, mode, start, end); 182 if (err) 183 return err; 184 185 return blkdev_issue_zeroout(bdev, start >> 9, len >> 9, GFP_KERNEL, 186 BLKDEV_ZERO_NOUNMAP); 187} 188 189static int put_ushort(unsigned short __user *argp, unsigned short val) 190{ 191 return put_user(val, argp); 192} 193 194static int put_int(int __user *argp, int val) 195{ 196 return put_user(val, argp); 197} 198 199static int put_uint(unsigned int __user *argp, unsigned int val) 200{ 201 return put_user(val, argp); 202} 203 204static int put_long(long __user *argp, long val) 205{ 206 return put_user(val, argp); 207} 208 209static int put_ulong(unsigned long __user *argp, unsigned long val) 210{ 211 return put_user(val, argp); 212} 213 214static int put_u64(u64 __user *argp, u64 val) 215{ 216 return put_user(val, argp); 217} 218 219#ifdef CONFIG_COMPAT 220static int compat_put_long(compat_long_t __user *argp, long val) 221{ 222 return put_user(val, argp); 223} 224 225static int compat_put_ulong(compat_ulong_t __user *argp, compat_ulong_t val) 226{ 227 return put_user(val, argp); 228} 229#endif 230 231int __blkdev_driver_ioctl(struct block_device *bdev, fmode_t mode, 232 unsigned cmd, unsigned long arg) 233{ 234 struct gendisk *disk = bdev->bd_disk; 235 236 if (disk->fops->ioctl) 237 return disk->fops->ioctl(bdev, mode, cmd, arg); 238 239 return -ENOTTY; 240} 241/* 242 * For the record: _GPL here is only because somebody decided to slap it 243 * on the previous export. Sheer idiocy, since it wasn't copyrightable 244 * at all and could be open-coded without any exports by anybody who cares. 245 */ 246EXPORT_SYMBOL_GPL(__blkdev_driver_ioctl); 247 248#ifdef CONFIG_COMPAT 249/* 250 * This is the equivalent of compat_ptr_ioctl(), to be used by block 251 * drivers that implement only commands that are completely compatible 252 * between 32-bit and 64-bit user space 253 */ 254int blkdev_compat_ptr_ioctl(struct block_device *bdev, fmode_t mode, 255 unsigned cmd, unsigned long arg) 256{ 257 struct gendisk *disk = bdev->bd_disk; 258 259 if (disk->fops->ioctl) 260 return disk->fops->ioctl(bdev, mode, cmd, 261 (unsigned long)compat_ptr(arg)); 262 263 return -ENOIOCTLCMD; 264} 265EXPORT_SYMBOL(blkdev_compat_ptr_ioctl); 266#endif 267 268static int blkdev_pr_register(struct block_device *bdev, 269 struct pr_registration __user *arg) 270{ 271 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 272 struct pr_registration reg; 273 274 if (!capable(CAP_SYS_ADMIN)) 275 return -EPERM; 276 if (!ops || !ops->pr_register) 277 return -EOPNOTSUPP; 278 if (copy_from_user(®, arg, sizeof(reg))) 279 return -EFAULT; 280 281 if (reg.flags & ~PR_FL_IGNORE_KEY) 282 return -EOPNOTSUPP; 283 return ops->pr_register(bdev, reg.old_key, reg.new_key, reg.flags); 284} 285 286static int blkdev_pr_reserve(struct block_device *bdev, 287 struct pr_reservation __user *arg) 288{ 289 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 290 struct pr_reservation rsv; 291 292 if (!capable(CAP_SYS_ADMIN)) 293 return -EPERM; 294 if (!ops || !ops->pr_reserve) 295 return -EOPNOTSUPP; 296 if (copy_from_user(&rsv, arg, sizeof(rsv))) 297 return -EFAULT; 298 299 if (rsv.flags & ~PR_FL_IGNORE_KEY) 300 return -EOPNOTSUPP; 301 return ops->pr_reserve(bdev, rsv.key, rsv.type, rsv.flags); 302} 303 304static int blkdev_pr_release(struct block_device *bdev, 305 struct pr_reservation __user *arg) 306{ 307 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 308 struct pr_reservation rsv; 309 310 if (!capable(CAP_SYS_ADMIN)) 311 return -EPERM; 312 if (!ops || !ops->pr_release) 313 return -EOPNOTSUPP; 314 if (copy_from_user(&rsv, arg, sizeof(rsv))) 315 return -EFAULT; 316 317 if (rsv.flags) 318 return -EOPNOTSUPP; 319 return ops->pr_release(bdev, rsv.key, rsv.type); 320} 321 322static int blkdev_pr_preempt(struct block_device *bdev, 323 struct pr_preempt __user *arg, bool abort) 324{ 325 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 326 struct pr_preempt p; 327 328 if (!capable(CAP_SYS_ADMIN)) 329 return -EPERM; 330 if (!ops || !ops->pr_preempt) 331 return -EOPNOTSUPP; 332 if (copy_from_user(&p, arg, sizeof(p))) 333 return -EFAULT; 334 335 if (p.flags) 336 return -EOPNOTSUPP; 337 return ops->pr_preempt(bdev, p.old_key, p.new_key, p.type, abort); 338} 339 340static int blkdev_pr_clear(struct block_device *bdev, 341 struct pr_clear __user *arg) 342{ 343 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops; 344 struct pr_clear c; 345 346 if (!capable(CAP_SYS_ADMIN)) 347 return -EPERM; 348 if (!ops || !ops->pr_clear) 349 return -EOPNOTSUPP; 350 if (copy_from_user(&c, arg, sizeof(c))) 351 return -EFAULT; 352 353 if (c.flags) 354 return -EOPNOTSUPP; 355 return ops->pr_clear(bdev, c.key); 356} 357 358/* 359 * Is it an unrecognized ioctl? The correct returns are either 360 * ENOTTY (final) or ENOIOCTLCMD ("I don't know this one, try a 361 * fallback"). ENOIOCTLCMD gets turned into ENOTTY by the ioctl 362 * code before returning. 363 * 364 * Confused drivers sometimes return EINVAL, which is wrong. It 365 * means "I understood the ioctl command, but the parameters to 366 * it were wrong". 367 * 368 * We should aim to just fix the broken drivers, the EINVAL case 369 * should go away. 370 */ 371static inline int is_unrecognized_ioctl(int ret) 372{ 373 return ret == -EINVAL || 374 ret == -ENOTTY || 375 ret == -ENOIOCTLCMD; 376} 377 378static int blkdev_flushbuf(struct block_device *bdev, fmode_t mode, 379 unsigned cmd, unsigned long arg) 380{ 381 int ret; 382 383 if (!capable(CAP_SYS_ADMIN)) 384 return -EACCES; 385 386 ret = __blkdev_driver_ioctl(bdev, mode, cmd, arg); 387 if (!is_unrecognized_ioctl(ret)) 388 return ret; 389 390 fsync_bdev(bdev); 391 invalidate_bdev(bdev); 392 return 0; 393} 394 395static int blkdev_roset(struct block_device *bdev, fmode_t mode, 396 unsigned cmd, unsigned long arg) 397{ 398 int ret, n; 399 400 if (!capable(CAP_SYS_ADMIN)) 401 return -EACCES; 402 403 ret = __blkdev_driver_ioctl(bdev, mode, cmd, arg); 404 if (!is_unrecognized_ioctl(ret)) 405 return ret; 406 if (get_user(n, (int __user *)arg)) 407 return -EFAULT; 408 set_device_ro(bdev, n); 409 return 0; 410} 411 412static int blkdev_getgeo(struct block_device *bdev, 413 struct hd_geometry __user *argp) 414{ 415 struct gendisk *disk = bdev->bd_disk; 416 struct hd_geometry geo; 417 int ret; 418 419 if (!argp) 420 return -EINVAL; 421 if (!disk->fops->getgeo) 422 return -ENOTTY; 423 424 /* 425 * We need to set the startsect first, the driver may 426 * want to override it. 427 */ 428 memset(&geo, 0, sizeof(geo)); 429 geo.start = get_start_sect(bdev); 430 ret = disk->fops->getgeo(bdev, &geo); 431 if (ret) 432 return ret; 433 if (copy_to_user(argp, &geo, sizeof(geo))) 434 return -EFAULT; 435 return 0; 436} 437 438#ifdef CONFIG_COMPAT 439struct compat_hd_geometry { 440 unsigned char heads; 441 unsigned char sectors; 442 unsigned short cylinders; 443 u32 start; 444}; 445 446static int compat_hdio_getgeo(struct block_device *bdev, 447 struct compat_hd_geometry __user *ugeo) 448{ 449 struct gendisk *disk = bdev->bd_disk; 450 struct hd_geometry geo; 451 int ret; 452 453 if (!ugeo) 454 return -EINVAL; 455 if (!disk->fops->getgeo) 456 return -ENOTTY; 457 458 memset(&geo, 0, sizeof(geo)); 459 /* 460 * We need to set the startsect first, the driver may 461 * want to override it. 462 */ 463 geo.start = get_start_sect(bdev); 464 ret = disk->fops->getgeo(bdev, &geo); 465 if (ret) 466 return ret; 467 468 ret = copy_to_user(ugeo, &geo, 4); 469 ret |= put_user(geo.start, &ugeo->start); 470 if (ret) 471 ret = -EFAULT; 472 473 return ret; 474} 475#endif 476 477/* set the logical block size */ 478static int blkdev_bszset(struct block_device *bdev, fmode_t mode, 479 int __user *argp) 480{ 481 int ret, n; 482 483 if (!capable(CAP_SYS_ADMIN)) 484 return -EACCES; 485 if (!argp) 486 return -EINVAL; 487 if (get_user(n, argp)) 488 return -EFAULT; 489 490 if (mode & FMODE_EXCL) 491 return set_blocksize(bdev, n); 492 493 if (IS_ERR(blkdev_get_by_dev(bdev->bd_dev, mode | FMODE_EXCL, &bdev))) 494 return -EBUSY; 495 ret = set_blocksize(bdev, n); 496 blkdev_put(bdev, mode | FMODE_EXCL); 497 498 return ret; 499} 500 501/* 502 * Common commands that are handled the same way on native and compat 503 * user space. Note the separate arg/argp parameters that are needed 504 * to deal with the compat_ptr() conversion. 505 */ 506static int blkdev_common_ioctl(struct block_device *bdev, fmode_t mode, 507 unsigned cmd, unsigned long arg, void __user *argp) 508{ 509 unsigned int max_sectors; 510 511 switch (cmd) { 512 case BLKFLSBUF: 513 return blkdev_flushbuf(bdev, mode, cmd, arg); 514 case BLKROSET: 515 return blkdev_roset(bdev, mode, cmd, arg); 516 case BLKDISCARD: 517 return blk_ioctl_discard(bdev, mode, arg, 0); 518 case BLKSECDISCARD: 519 return blk_ioctl_discard(bdev, mode, arg, 520 BLKDEV_DISCARD_SECURE); 521 case BLKZEROOUT: 522 return blk_ioctl_zeroout(bdev, mode, arg); 523 case BLKREPORTZONE: 524 return blkdev_report_zones_ioctl(bdev, mode, cmd, arg); 525 case BLKRESETZONE: 526 case BLKOPENZONE: 527 case BLKCLOSEZONE: 528 case BLKFINISHZONE: 529 return blkdev_zone_mgmt_ioctl(bdev, mode, cmd, arg); 530 case BLKGETZONESZ: 531 return put_uint(argp, bdev_zone_sectors(bdev)); 532 case BLKGETNRZONES: 533 return put_uint(argp, blkdev_nr_zones(bdev->bd_disk)); 534 case BLKROGET: 535 return put_int(argp, bdev_read_only(bdev) != 0); 536 case BLKSSZGET: /* get block device logical block size */ 537 return put_int(argp, bdev_logical_block_size(bdev)); 538 case BLKPBSZGET: /* get block device physical block size */ 539 return put_uint(argp, bdev_physical_block_size(bdev)); 540 case BLKIOMIN: 541 return put_uint(argp, bdev_io_min(bdev)); 542 case BLKIOOPT: 543 return put_uint(argp, bdev_io_opt(bdev)); 544 case BLKALIGNOFF: 545 return put_int(argp, bdev_alignment_offset(bdev)); 546 case BLKDISCARDZEROES: 547 return put_uint(argp, 0); 548 case BLKSECTGET: 549 max_sectors = min_t(unsigned int, USHRT_MAX, 550 queue_max_sectors(bdev_get_queue(bdev))); 551 return put_ushort(argp, max_sectors); 552 case BLKROTATIONAL: 553 return put_ushort(argp, !blk_queue_nonrot(bdev_get_queue(bdev))); 554 case BLKRASET: 555 case BLKFRASET: 556 if(!capable(CAP_SYS_ADMIN)) 557 return -EACCES; 558 bdev->bd_bdi->ra_pages = (arg * 512) / PAGE_SIZE; 559 return 0; 560 case BLKRRPART: 561 return blkdev_reread_part(bdev, mode); 562 case BLKTRACESTART: 563 case BLKTRACESTOP: 564 case BLKTRACETEARDOWN: 565 return blk_trace_ioctl(bdev, cmd, argp); 566 case IOC_PR_REGISTER: 567 return blkdev_pr_register(bdev, argp); 568 case IOC_PR_RESERVE: 569 return blkdev_pr_reserve(bdev, argp); 570 case IOC_PR_RELEASE: 571 return blkdev_pr_release(bdev, argp); 572 case IOC_PR_PREEMPT: 573 return blkdev_pr_preempt(bdev, argp, false); 574 case IOC_PR_PREEMPT_ABORT: 575 return blkdev_pr_preempt(bdev, argp, true); 576 case IOC_PR_CLEAR: 577 return blkdev_pr_clear(bdev, argp); 578 default: 579 return -ENOIOCTLCMD; 580 } 581} 582 583/* 584 * Always keep this in sync with compat_blkdev_ioctl() 585 * to handle all incompatible commands in both functions. 586 * 587 * New commands must be compatible and go into blkdev_common_ioctl 588 */ 589int blkdev_ioctl(struct block_device *bdev, fmode_t mode, unsigned cmd, 590 unsigned long arg) 591{ 592 int ret; 593 loff_t size; 594 void __user *argp = (void __user *)arg; 595 596 switch (cmd) { 597 /* These need separate implementations for the data structure */ 598 case HDIO_GETGEO: 599 return blkdev_getgeo(bdev, argp); 600 case BLKPG: 601 return blkpg_ioctl(bdev, argp); 602 603 /* Compat mode returns 32-bit data instead of 'long' */ 604 case BLKRAGET: 605 case BLKFRAGET: 606 if (!argp) 607 return -EINVAL; 608 return put_long(argp, (bdev->bd_bdi->ra_pages*PAGE_SIZE) / 512); 609 case BLKGETSIZE: 610 size = i_size_read(bdev->bd_inode); 611 if ((size >> 9) > ~0UL) 612 return -EFBIG; 613 return put_ulong(argp, size >> 9); 614 615 /* The data is compatible, but the command number is different */ 616 case BLKBSZGET: /* get block device soft block size (cf. BLKSSZGET) */ 617 return put_int(argp, block_size(bdev)); 618 case BLKBSZSET: 619 return blkdev_bszset(bdev, mode, argp); 620 case BLKGETSIZE64: 621 return put_u64(argp, i_size_read(bdev->bd_inode)); 622 623 /* Incompatible alignment on i386 */ 624 case BLKTRACESETUP: 625 return blk_trace_ioctl(bdev, cmd, argp); 626 default: 627 break; 628 } 629 630 ret = blkdev_common_ioctl(bdev, mode, cmd, arg, argp); 631 if (ret == -ENOIOCTLCMD) 632 return __blkdev_driver_ioctl(bdev, mode, cmd, arg); 633 634 return ret; 635} 636EXPORT_SYMBOL_GPL(blkdev_ioctl); /* for /dev/raw */ 637 638#ifdef CONFIG_COMPAT 639 640#define BLKBSZGET_32 _IOR(0x12, 112, int) 641#define BLKBSZSET_32 _IOW(0x12, 113, int) 642#define BLKGETSIZE64_32 _IOR(0x12, 114, int) 643 644/* Most of the generic ioctls are handled in the normal fallback path. 645 This assumes the blkdev's low level compat_ioctl always returns 646 ENOIOCTLCMD for unknown ioctls. */ 647long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg) 648{ 649 int ret; 650 void __user *argp = compat_ptr(arg); 651 struct inode *inode = file->f_mapping->host; 652 struct block_device *bdev = inode->i_bdev; 653 struct gendisk *disk = bdev->bd_disk; 654 fmode_t mode = file->f_mode; 655 loff_t size; 656 657 /* 658 * O_NDELAY can be altered using fcntl(.., F_SETFL, ..), so we have 659 * to updated it before every ioctl. 660 */ 661 if (file->f_flags & O_NDELAY) 662 mode |= FMODE_NDELAY; 663 else 664 mode &= ~FMODE_NDELAY; 665 666 switch (cmd) { 667 /* These need separate implementations for the data structure */ 668 case HDIO_GETGEO: 669 return compat_hdio_getgeo(bdev, argp); 670 case BLKPG: 671 return compat_blkpg_ioctl(bdev, argp); 672 673 /* Compat mode returns 32-bit data instead of 'long' */ 674 case BLKRAGET: 675 case BLKFRAGET: 676 if (!argp) 677 return -EINVAL; 678 return compat_put_long(argp, 679 (bdev->bd_bdi->ra_pages * PAGE_SIZE) / 512); 680 case BLKGETSIZE: 681 size = i_size_read(bdev->bd_inode); 682 if ((size >> 9) > ~(compat_ulong_t)0) 683 return -EFBIG; 684 return compat_put_ulong(argp, size >> 9); 685 686 /* The data is compatible, but the command number is different */ 687 case BLKBSZGET_32: /* get the logical block size (cf. BLKSSZGET) */ 688 return put_int(argp, bdev_logical_block_size(bdev)); 689 case BLKBSZSET_32: 690 return blkdev_bszset(bdev, mode, argp); 691 case BLKGETSIZE64_32: 692 return put_u64(argp, i_size_read(bdev->bd_inode)); 693 694 /* Incompatible alignment on i386 */ 695 case BLKTRACESETUP32: 696 return blk_trace_ioctl(bdev, cmd, argp); 697 default: 698 break; 699 } 700 701 ret = blkdev_common_ioctl(bdev, mode, cmd, arg, argp); 702 if (ret == -ENOIOCTLCMD && disk->fops->compat_ioctl) 703 ret = disk->fops->compat_ioctl(bdev, mode, cmd, arg); 704 705 return ret; 706} 707#endif 708