1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 4 * All Rights Reserved. 5 */ 6#include "xfs.h" 7#include "xfs_fs.h" 8#include "xfs_shared.h" 9#include "xfs_format.h" 10#include "xfs_log_format.h" 11#include "xfs_trans_resv.h" 12#include "xfs_mount.h" 13#include "xfs_inode.h" 14#include "xfs_rtalloc.h" 15#include "xfs_iwalk.h" 16#include "xfs_itable.h" 17#include "xfs_error.h" 18#include "xfs_da_format.h" 19#include "xfs_da_btree.h" 20#include "xfs_attr.h" 21#include "xfs_bmap.h" 22#include "xfs_bmap_util.h" 23#include "xfs_fsops.h" 24#include "xfs_discard.h" 25#include "xfs_quota.h" 26#include "xfs_export.h" 27#include "xfs_trace.h" 28#include "xfs_icache.h" 29#include "xfs_trans.h" 30#include "xfs_acl.h" 31#include "xfs_btree.h" 32#include <linux/fsmap.h> 33#include "xfs_fsmap.h" 34#include "scrub/xfs_scrub.h" 35#include "xfs_sb.h" 36#include "xfs_ag.h" 37#include "xfs_health.h" 38#include "xfs_reflink.h" 39#include "xfs_ioctl.h" 40#include "xfs_xattr.h" 41 42#include <linux/mount.h> 43#include <linux/namei.h> 44#include <linux/fileattr.h> 45 46/* 47 * xfs_find_handle maps from userspace xfs_fsop_handlereq structure to 48 * a file or fs handle. 49 * 50 * XFS_IOC_PATH_TO_FSHANDLE 51 * returns fs handle for a mount point or path within that mount point 52 * XFS_IOC_FD_TO_HANDLE 53 * returns full handle for a FD opened in user space 54 * XFS_IOC_PATH_TO_HANDLE 55 * returns full handle for a path 56 */ 57int 58xfs_find_handle( 59 unsigned int cmd, 60 xfs_fsop_handlereq_t *hreq) 61{ 62 int hsize; 63 xfs_handle_t handle; 64 struct inode *inode; 65 struct fd f = {NULL}; 66 struct path path; 67 int error; 68 struct xfs_inode *ip; 69 70 if (cmd == XFS_IOC_FD_TO_HANDLE) { 71 f = fdget(hreq->fd); 72 if (!f.file) 73 return -EBADF; 74 inode = file_inode(f.file); 75 } else { 76 error = user_path_at(AT_FDCWD, hreq->path, 0, &path); 77 if (error) 78 return error; 79 inode = d_inode(path.dentry); 80 } 81 ip = XFS_I(inode); 82 83 /* 84 * We can only generate handles for inodes residing on a XFS filesystem, 85 * and only for regular files, directories or symbolic links. 86 */ 87 error = -EINVAL; 88 if (inode->i_sb->s_magic != XFS_SB_MAGIC) 89 goto out_put; 90 91 error = -EBADF; 92 if (!S_ISREG(inode->i_mode) && 93 !S_ISDIR(inode->i_mode) && 94 !S_ISLNK(inode->i_mode)) 95 goto out_put; 96 97 98 memcpy(&handle.ha_fsid, ip->i_mount->m_fixedfsid, sizeof(xfs_fsid_t)); 99 100 if (cmd == XFS_IOC_PATH_TO_FSHANDLE) { 101 /* 102 * This handle only contains an fsid, zero the rest. 103 */ 104 memset(&handle.ha_fid, 0, sizeof(handle.ha_fid)); 105 hsize = sizeof(xfs_fsid_t); 106 } else { 107 handle.ha_fid.fid_len = sizeof(xfs_fid_t) - 108 sizeof(handle.ha_fid.fid_len); 109 handle.ha_fid.fid_pad = 0; 110 handle.ha_fid.fid_gen = inode->i_generation; 111 handle.ha_fid.fid_ino = ip->i_ino; 112 hsize = sizeof(xfs_handle_t); 113 } 114 115 error = -EFAULT; 116 if (copy_to_user(hreq->ohandle, &handle, hsize) || 117 copy_to_user(hreq->ohandlen, &hsize, sizeof(__s32))) 118 goto out_put; 119 120 error = 0; 121 122 out_put: 123 if (cmd == XFS_IOC_FD_TO_HANDLE) 124 fdput(f); 125 else 126 path_put(&path); 127 return error; 128} 129 130/* 131 * No need to do permission checks on the various pathname components 132 * as the handle operations are privileged. 133 */ 134STATIC int 135xfs_handle_acceptable( 136 void *context, 137 struct dentry *dentry) 138{ 139 return 1; 140} 141 142/* 143 * Convert userspace handle data into a dentry. 144 */ 145struct dentry * 146xfs_handle_to_dentry( 147 struct file *parfilp, 148 void __user *uhandle, 149 u32 hlen) 150{ 151 xfs_handle_t handle; 152 struct xfs_fid64 fid; 153 154 /* 155 * Only allow handle opens under a directory. 156 */ 157 if (!S_ISDIR(file_inode(parfilp)->i_mode)) 158 return ERR_PTR(-ENOTDIR); 159 160 if (hlen != sizeof(xfs_handle_t)) 161 return ERR_PTR(-EINVAL); 162 if (copy_from_user(&handle, uhandle, hlen)) 163 return ERR_PTR(-EFAULT); 164 if (handle.ha_fid.fid_len != 165 sizeof(handle.ha_fid) - sizeof(handle.ha_fid.fid_len)) 166 return ERR_PTR(-EINVAL); 167 168 memset(&fid, 0, sizeof(struct fid)); 169 fid.ino = handle.ha_fid.fid_ino; 170 fid.gen = handle.ha_fid.fid_gen; 171 172 return exportfs_decode_fh(parfilp->f_path.mnt, (struct fid *)&fid, 3, 173 FILEID_INO32_GEN | XFS_FILEID_TYPE_64FLAG, 174 xfs_handle_acceptable, NULL); 175} 176 177STATIC struct dentry * 178xfs_handlereq_to_dentry( 179 struct file *parfilp, 180 xfs_fsop_handlereq_t *hreq) 181{ 182 return xfs_handle_to_dentry(parfilp, hreq->ihandle, hreq->ihandlen); 183} 184 185int 186xfs_open_by_handle( 187 struct file *parfilp, 188 xfs_fsop_handlereq_t *hreq) 189{ 190 const struct cred *cred = current_cred(); 191 int error; 192 int fd; 193 int permflag; 194 struct file *filp; 195 struct inode *inode; 196 struct dentry *dentry; 197 fmode_t fmode; 198 struct path path; 199 200 if (!capable(CAP_SYS_ADMIN)) 201 return -EPERM; 202 203 dentry = xfs_handlereq_to_dentry(parfilp, hreq); 204 if (IS_ERR(dentry)) 205 return PTR_ERR(dentry); 206 inode = d_inode(dentry); 207 208 /* Restrict xfs_open_by_handle to directories & regular files. */ 209 if (!(S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode))) { 210 error = -EPERM; 211 goto out_dput; 212 } 213 214#if BITS_PER_LONG != 32 215 hreq->oflags |= O_LARGEFILE; 216#endif 217 218 permflag = hreq->oflags; 219 fmode = OPEN_FMODE(permflag); 220 if ((!(permflag & O_APPEND) || (permflag & O_TRUNC)) && 221 (fmode & FMODE_WRITE) && IS_APPEND(inode)) { 222 error = -EPERM; 223 goto out_dput; 224 } 225 226 if ((fmode & FMODE_WRITE) && IS_IMMUTABLE(inode)) { 227 error = -EPERM; 228 goto out_dput; 229 } 230 231 /* Can't write directories. */ 232 if (S_ISDIR(inode->i_mode) && (fmode & FMODE_WRITE)) { 233 error = -EISDIR; 234 goto out_dput; 235 } 236 237 fd = get_unused_fd_flags(0); 238 if (fd < 0) { 239 error = fd; 240 goto out_dput; 241 } 242 243 path.mnt = parfilp->f_path.mnt; 244 path.dentry = dentry; 245 filp = dentry_open(&path, hreq->oflags, cred); 246 dput(dentry); 247 if (IS_ERR(filp)) { 248 put_unused_fd(fd); 249 return PTR_ERR(filp); 250 } 251 252 if (S_ISREG(inode->i_mode)) { 253 filp->f_flags |= O_NOATIME; 254 filp->f_mode |= FMODE_NOCMTIME; 255 } 256 257 fd_install(fd, filp); 258 return fd; 259 260 out_dput: 261 dput(dentry); 262 return error; 263} 264 265int 266xfs_readlink_by_handle( 267 struct file *parfilp, 268 xfs_fsop_handlereq_t *hreq) 269{ 270 struct dentry *dentry; 271 __u32 olen; 272 int error; 273 274 if (!capable(CAP_SYS_ADMIN)) 275 return -EPERM; 276 277 dentry = xfs_handlereq_to_dentry(parfilp, hreq); 278 if (IS_ERR(dentry)) 279 return PTR_ERR(dentry); 280 281 /* Restrict this handle operation to symlinks only. */ 282 if (!d_is_symlink(dentry)) { 283 error = -EINVAL; 284 goto out_dput; 285 } 286 287 if (copy_from_user(&olen, hreq->ohandlen, sizeof(__u32))) { 288 error = -EFAULT; 289 goto out_dput; 290 } 291 292 error = vfs_readlink(dentry, hreq->ohandle, olen); 293 294 out_dput: 295 dput(dentry); 296 return error; 297} 298 299/* 300 * Format an attribute and copy it out to the user's buffer. 301 * Take care to check values and protect against them changing later, 302 * we may be reading them directly out of a user buffer. 303 */ 304static void 305xfs_ioc_attr_put_listent( 306 struct xfs_attr_list_context *context, 307 int flags, 308 unsigned char *name, 309 int namelen, 310 int valuelen) 311{ 312 struct xfs_attrlist *alist = context->buffer; 313 struct xfs_attrlist_ent *aep; 314 int arraytop; 315 316 ASSERT(!context->seen_enough); 317 ASSERT(context->count >= 0); 318 ASSERT(context->count < (ATTR_MAX_VALUELEN/8)); 319 ASSERT(context->firstu >= sizeof(*alist)); 320 ASSERT(context->firstu <= context->bufsize); 321 322 /* 323 * Only list entries in the right namespace. 324 */ 325 if (context->attr_filter != (flags & XFS_ATTR_NSP_ONDISK_MASK)) 326 return; 327 328 arraytop = sizeof(*alist) + 329 context->count * sizeof(alist->al_offset[0]); 330 331 /* decrement by the actual bytes used by the attr */ 332 context->firstu -= round_up(offsetof(struct xfs_attrlist_ent, a_name) + 333 namelen + 1, sizeof(uint32_t)); 334 if (context->firstu < arraytop) { 335 trace_xfs_attr_list_full(context); 336 alist->al_more = 1; 337 context->seen_enough = 1; 338 return; 339 } 340 341 aep = context->buffer + context->firstu; 342 aep->a_valuelen = valuelen; 343 memcpy(aep->a_name, name, namelen); 344 aep->a_name[namelen] = 0; 345 alist->al_offset[context->count++] = context->firstu; 346 alist->al_count = context->count; 347 trace_xfs_attr_list_add(context); 348} 349 350static unsigned int 351xfs_attr_filter( 352 u32 ioc_flags) 353{ 354 if (ioc_flags & XFS_IOC_ATTR_ROOT) 355 return XFS_ATTR_ROOT; 356 if (ioc_flags & XFS_IOC_ATTR_SECURE) 357 return XFS_ATTR_SECURE; 358 return 0; 359} 360 361static unsigned int 362xfs_attr_flags( 363 u32 ioc_flags) 364{ 365 if (ioc_flags & XFS_IOC_ATTR_CREATE) 366 return XATTR_CREATE; 367 if (ioc_flags & XFS_IOC_ATTR_REPLACE) 368 return XATTR_REPLACE; 369 return 0; 370} 371 372int 373xfs_ioc_attr_list( 374 struct xfs_inode *dp, 375 void __user *ubuf, 376 size_t bufsize, 377 int flags, 378 struct xfs_attrlist_cursor __user *ucursor) 379{ 380 struct xfs_attr_list_context context = { }; 381 struct xfs_attrlist *alist; 382 void *buffer; 383 int error; 384 385 if (bufsize < sizeof(struct xfs_attrlist) || 386 bufsize > XFS_XATTR_LIST_MAX) 387 return -EINVAL; 388 389 /* 390 * Reject flags, only allow namespaces. 391 */ 392 if (flags & ~(XFS_IOC_ATTR_ROOT | XFS_IOC_ATTR_SECURE)) 393 return -EINVAL; 394 if (flags == (XFS_IOC_ATTR_ROOT | XFS_IOC_ATTR_SECURE)) 395 return -EINVAL; 396 397 /* 398 * Validate the cursor. 399 */ 400 if (copy_from_user(&context.cursor, ucursor, sizeof(context.cursor))) 401 return -EFAULT; 402 if (context.cursor.pad1 || context.cursor.pad2) 403 return -EINVAL; 404 if (!context.cursor.initted && 405 (context.cursor.hashval || context.cursor.blkno || 406 context.cursor.offset)) 407 return -EINVAL; 408 409 buffer = kvzalloc(bufsize, GFP_KERNEL); 410 if (!buffer) 411 return -ENOMEM; 412 413 /* 414 * Initialize the output buffer. 415 */ 416 context.dp = dp; 417 context.resynch = 1; 418 context.attr_filter = xfs_attr_filter(flags); 419 context.buffer = buffer; 420 context.bufsize = round_down(bufsize, sizeof(uint32_t)); 421 context.firstu = context.bufsize; 422 context.put_listent = xfs_ioc_attr_put_listent; 423 424 alist = context.buffer; 425 alist->al_count = 0; 426 alist->al_more = 0; 427 alist->al_offset[0] = context.bufsize; 428 429 error = xfs_attr_list(&context); 430 if (error) 431 goto out_free; 432 433 if (copy_to_user(ubuf, buffer, bufsize) || 434 copy_to_user(ucursor, &context.cursor, sizeof(context.cursor))) 435 error = -EFAULT; 436out_free: 437 kmem_free(buffer); 438 return error; 439} 440 441STATIC int 442xfs_attrlist_by_handle( 443 struct file *parfilp, 444 struct xfs_fsop_attrlist_handlereq __user *p) 445{ 446 struct xfs_fsop_attrlist_handlereq al_hreq; 447 struct dentry *dentry; 448 int error = -ENOMEM; 449 450 if (!capable(CAP_SYS_ADMIN)) 451 return -EPERM; 452 if (copy_from_user(&al_hreq, p, sizeof(al_hreq))) 453 return -EFAULT; 454 455 dentry = xfs_handlereq_to_dentry(parfilp, &al_hreq.hreq); 456 if (IS_ERR(dentry)) 457 return PTR_ERR(dentry); 458 459 error = xfs_ioc_attr_list(XFS_I(d_inode(dentry)), al_hreq.buffer, 460 al_hreq.buflen, al_hreq.flags, &p->pos); 461 dput(dentry); 462 return error; 463} 464 465static int 466xfs_attrmulti_attr_get( 467 struct inode *inode, 468 unsigned char *name, 469 unsigned char __user *ubuf, 470 uint32_t *len, 471 uint32_t flags) 472{ 473 struct xfs_da_args args = { 474 .dp = XFS_I(inode), 475 .attr_filter = xfs_attr_filter(flags), 476 .attr_flags = xfs_attr_flags(flags), 477 .name = name, 478 .namelen = strlen(name), 479 .valuelen = *len, 480 }; 481 int error; 482 483 if (*len > XFS_XATTR_SIZE_MAX) 484 return -EINVAL; 485 486 error = xfs_attr_get(&args); 487 if (error) 488 goto out_kfree; 489 490 *len = args.valuelen; 491 if (copy_to_user(ubuf, args.value, args.valuelen)) 492 error = -EFAULT; 493 494out_kfree: 495 kmem_free(args.value); 496 return error; 497} 498 499static int 500xfs_attrmulti_attr_set( 501 struct inode *inode, 502 unsigned char *name, 503 const unsigned char __user *ubuf, 504 uint32_t len, 505 uint32_t flags) 506{ 507 struct xfs_da_args args = { 508 .dp = XFS_I(inode), 509 .attr_filter = xfs_attr_filter(flags), 510 .attr_flags = xfs_attr_flags(flags), 511 .name = name, 512 .namelen = strlen(name), 513 }; 514 int error; 515 516 if (IS_IMMUTABLE(inode) || IS_APPEND(inode)) 517 return -EPERM; 518 519 if (ubuf) { 520 if (len > XFS_XATTR_SIZE_MAX) 521 return -EINVAL; 522 args.value = memdup_user(ubuf, len); 523 if (IS_ERR(args.value)) 524 return PTR_ERR(args.value); 525 args.valuelen = len; 526 } 527 528 error = xfs_attr_change(&args); 529 if (!error && (flags & XFS_IOC_ATTR_ROOT)) 530 xfs_forget_acl(inode, name); 531 kfree(args.value); 532 return error; 533} 534 535int 536xfs_ioc_attrmulti_one( 537 struct file *parfilp, 538 struct inode *inode, 539 uint32_t opcode, 540 void __user *uname, 541 void __user *value, 542 uint32_t *len, 543 uint32_t flags) 544{ 545 unsigned char *name; 546 int error; 547 548 if ((flags & XFS_IOC_ATTR_ROOT) && (flags & XFS_IOC_ATTR_SECURE)) 549 return -EINVAL; 550 551 name = strndup_user(uname, MAXNAMELEN); 552 if (IS_ERR(name)) 553 return PTR_ERR(name); 554 555 switch (opcode) { 556 case ATTR_OP_GET: 557 error = xfs_attrmulti_attr_get(inode, name, value, len, flags); 558 break; 559 case ATTR_OP_REMOVE: 560 value = NULL; 561 *len = 0; 562 fallthrough; 563 case ATTR_OP_SET: 564 error = mnt_want_write_file(parfilp); 565 if (error) 566 break; 567 error = xfs_attrmulti_attr_set(inode, name, value, *len, flags); 568 mnt_drop_write_file(parfilp); 569 break; 570 default: 571 error = -EINVAL; 572 break; 573 } 574 575 kfree(name); 576 return error; 577} 578 579STATIC int 580xfs_attrmulti_by_handle( 581 struct file *parfilp, 582 void __user *arg) 583{ 584 int error; 585 xfs_attr_multiop_t *ops; 586 xfs_fsop_attrmulti_handlereq_t am_hreq; 587 struct dentry *dentry; 588 unsigned int i, size; 589 590 if (!capable(CAP_SYS_ADMIN)) 591 return -EPERM; 592 if (copy_from_user(&am_hreq, arg, sizeof(xfs_fsop_attrmulti_handlereq_t))) 593 return -EFAULT; 594 595 /* overflow check */ 596 if (am_hreq.opcount >= INT_MAX / sizeof(xfs_attr_multiop_t)) 597 return -E2BIG; 598 599 dentry = xfs_handlereq_to_dentry(parfilp, &am_hreq.hreq); 600 if (IS_ERR(dentry)) 601 return PTR_ERR(dentry); 602 603 error = -E2BIG; 604 size = am_hreq.opcount * sizeof(xfs_attr_multiop_t); 605 if (!size || size > 16 * PAGE_SIZE) 606 goto out_dput; 607 608 ops = memdup_user(am_hreq.ops, size); 609 if (IS_ERR(ops)) { 610 error = PTR_ERR(ops); 611 goto out_dput; 612 } 613 614 error = 0; 615 for (i = 0; i < am_hreq.opcount; i++) { 616 ops[i].am_error = xfs_ioc_attrmulti_one(parfilp, 617 d_inode(dentry), ops[i].am_opcode, 618 ops[i].am_attrname, ops[i].am_attrvalue, 619 &ops[i].am_length, ops[i].am_flags); 620 } 621 622 if (copy_to_user(am_hreq.ops, ops, size)) 623 error = -EFAULT; 624 625 kfree(ops); 626 out_dput: 627 dput(dentry); 628 return error; 629} 630 631/* Return 0 on success or positive error */ 632int 633xfs_fsbulkstat_one_fmt( 634 struct xfs_ibulk *breq, 635 const struct xfs_bulkstat *bstat) 636{ 637 struct xfs_bstat bs1; 638 639 xfs_bulkstat_to_bstat(breq->mp, &bs1, bstat); 640 if (copy_to_user(breq->ubuffer, &bs1, sizeof(bs1))) 641 return -EFAULT; 642 return xfs_ibulk_advance(breq, sizeof(struct xfs_bstat)); 643} 644 645int 646xfs_fsinumbers_fmt( 647 struct xfs_ibulk *breq, 648 const struct xfs_inumbers *igrp) 649{ 650 struct xfs_inogrp ig1; 651 652 xfs_inumbers_to_inogrp(&ig1, igrp); 653 if (copy_to_user(breq->ubuffer, &ig1, sizeof(struct xfs_inogrp))) 654 return -EFAULT; 655 return xfs_ibulk_advance(breq, sizeof(struct xfs_inogrp)); 656} 657 658STATIC int 659xfs_ioc_fsbulkstat( 660 struct file *file, 661 unsigned int cmd, 662 void __user *arg) 663{ 664 struct xfs_mount *mp = XFS_I(file_inode(file))->i_mount; 665 struct xfs_fsop_bulkreq bulkreq; 666 struct xfs_ibulk breq = { 667 .mp = mp, 668 .idmap = file_mnt_idmap(file), 669 .ocount = 0, 670 }; 671 xfs_ino_t lastino; 672 int error; 673 674 /* done = 1 if there are more stats to get and if bulkstat */ 675 /* should be called again (unused here, but used in dmapi) */ 676 677 if (!capable(CAP_SYS_ADMIN)) 678 return -EPERM; 679 680 if (xfs_is_shutdown(mp)) 681 return -EIO; 682 683 if (copy_from_user(&bulkreq, arg, sizeof(struct xfs_fsop_bulkreq))) 684 return -EFAULT; 685 686 if (copy_from_user(&lastino, bulkreq.lastip, sizeof(__s64))) 687 return -EFAULT; 688 689 if (bulkreq.icount <= 0) 690 return -EINVAL; 691 692 if (bulkreq.ubuffer == NULL) 693 return -EINVAL; 694 695 breq.ubuffer = bulkreq.ubuffer; 696 breq.icount = bulkreq.icount; 697 698 /* 699 * FSBULKSTAT_SINGLE expects that *lastip contains the inode number 700 * that we want to stat. However, FSINUMBERS and FSBULKSTAT expect 701 * that *lastip contains either zero or the number of the last inode to 702 * be examined by the previous call and return results starting with 703 * the next inode after that. The new bulk request back end functions 704 * take the inode to start with, so we have to compute the startino 705 * parameter from lastino to maintain correct function. lastino == 0 706 * is a special case because it has traditionally meant "first inode 707 * in filesystem". 708 */ 709 if (cmd == XFS_IOC_FSINUMBERS) { 710 breq.startino = lastino ? lastino + 1 : 0; 711 error = xfs_inumbers(&breq, xfs_fsinumbers_fmt); 712 lastino = breq.startino - 1; 713 } else if (cmd == XFS_IOC_FSBULKSTAT_SINGLE) { 714 breq.startino = lastino; 715 breq.icount = 1; 716 error = xfs_bulkstat_one(&breq, xfs_fsbulkstat_one_fmt); 717 } else { /* XFS_IOC_FSBULKSTAT */ 718 breq.startino = lastino ? lastino + 1 : 0; 719 error = xfs_bulkstat(&breq, xfs_fsbulkstat_one_fmt); 720 lastino = breq.startino - 1; 721 } 722 723 if (error) 724 return error; 725 726 if (bulkreq.lastip != NULL && 727 copy_to_user(bulkreq.lastip, &lastino, sizeof(xfs_ino_t))) 728 return -EFAULT; 729 730 if (bulkreq.ocount != NULL && 731 copy_to_user(bulkreq.ocount, &breq.ocount, sizeof(__s32))) 732 return -EFAULT; 733 734 return 0; 735} 736 737/* Return 0 on success or positive error */ 738static int 739xfs_bulkstat_fmt( 740 struct xfs_ibulk *breq, 741 const struct xfs_bulkstat *bstat) 742{ 743 if (copy_to_user(breq->ubuffer, bstat, sizeof(struct xfs_bulkstat))) 744 return -EFAULT; 745 return xfs_ibulk_advance(breq, sizeof(struct xfs_bulkstat)); 746} 747 748/* 749 * Check the incoming bulk request @hdr from userspace and initialize the 750 * internal @breq bulk request appropriately. Returns 0 if the bulk request 751 * should proceed; -ECANCELED if there's nothing to do; or the usual 752 * negative error code. 753 */ 754static int 755xfs_bulk_ireq_setup( 756 struct xfs_mount *mp, 757 const struct xfs_bulk_ireq *hdr, 758 struct xfs_ibulk *breq, 759 void __user *ubuffer) 760{ 761 if (hdr->icount == 0 || 762 (hdr->flags & ~XFS_BULK_IREQ_FLAGS_ALL) || 763 memchr_inv(hdr->reserved, 0, sizeof(hdr->reserved))) 764 return -EINVAL; 765 766 breq->startino = hdr->ino; 767 breq->ubuffer = ubuffer; 768 breq->icount = hdr->icount; 769 breq->ocount = 0; 770 breq->flags = 0; 771 772 /* 773 * The @ino parameter is a special value, so we must look it up here. 774 * We're not allowed to have IREQ_AGNO, and we only return one inode 775 * worth of data. 776 */ 777 if (hdr->flags & XFS_BULK_IREQ_SPECIAL) { 778 if (hdr->flags & XFS_BULK_IREQ_AGNO) 779 return -EINVAL; 780 781 switch (hdr->ino) { 782 case XFS_BULK_IREQ_SPECIAL_ROOT: 783 breq->startino = mp->m_sb.sb_rootino; 784 break; 785 default: 786 return -EINVAL; 787 } 788 breq->icount = 1; 789 } 790 791 /* 792 * The IREQ_AGNO flag means that we only want results from a given AG. 793 * If @hdr->ino is zero, we start iterating in that AG. If @hdr->ino is 794 * beyond the specified AG then we return no results. 795 */ 796 if (hdr->flags & XFS_BULK_IREQ_AGNO) { 797 if (hdr->agno >= mp->m_sb.sb_agcount) 798 return -EINVAL; 799 800 if (breq->startino == 0) 801 breq->startino = XFS_AGINO_TO_INO(mp, hdr->agno, 0); 802 else if (XFS_INO_TO_AGNO(mp, breq->startino) < hdr->agno) 803 return -EINVAL; 804 805 breq->flags |= XFS_IBULK_SAME_AG; 806 807 /* Asking for an inode past the end of the AG? We're done! */ 808 if (XFS_INO_TO_AGNO(mp, breq->startino) > hdr->agno) 809 return -ECANCELED; 810 } else if (hdr->agno) 811 return -EINVAL; 812 813 /* Asking for an inode past the end of the FS? We're done! */ 814 if (XFS_INO_TO_AGNO(mp, breq->startino) >= mp->m_sb.sb_agcount) 815 return -ECANCELED; 816 817 if (hdr->flags & XFS_BULK_IREQ_NREXT64) 818 breq->flags |= XFS_IBULK_NREXT64; 819 820 return 0; 821} 822 823/* 824 * Update the userspace bulk request @hdr to reflect the end state of the 825 * internal bulk request @breq. 826 */ 827static void 828xfs_bulk_ireq_teardown( 829 struct xfs_bulk_ireq *hdr, 830 struct xfs_ibulk *breq) 831{ 832 hdr->ino = breq->startino; 833 hdr->ocount = breq->ocount; 834} 835 836/* Handle the v5 bulkstat ioctl. */ 837STATIC int 838xfs_ioc_bulkstat( 839 struct file *file, 840 unsigned int cmd, 841 struct xfs_bulkstat_req __user *arg) 842{ 843 struct xfs_mount *mp = XFS_I(file_inode(file))->i_mount; 844 struct xfs_bulk_ireq hdr; 845 struct xfs_ibulk breq = { 846 .mp = mp, 847 .idmap = file_mnt_idmap(file), 848 }; 849 int error; 850 851 if (!capable(CAP_SYS_ADMIN)) 852 return -EPERM; 853 854 if (xfs_is_shutdown(mp)) 855 return -EIO; 856 857 if (copy_from_user(&hdr, &arg->hdr, sizeof(hdr))) 858 return -EFAULT; 859 860 error = xfs_bulk_ireq_setup(mp, &hdr, &breq, arg->bulkstat); 861 if (error == -ECANCELED) 862 goto out_teardown; 863 if (error < 0) 864 return error; 865 866 error = xfs_bulkstat(&breq, xfs_bulkstat_fmt); 867 if (error) 868 return error; 869 870out_teardown: 871 xfs_bulk_ireq_teardown(&hdr, &breq); 872 if (copy_to_user(&arg->hdr, &hdr, sizeof(hdr))) 873 return -EFAULT; 874 875 return 0; 876} 877 878STATIC int 879xfs_inumbers_fmt( 880 struct xfs_ibulk *breq, 881 const struct xfs_inumbers *igrp) 882{ 883 if (copy_to_user(breq->ubuffer, igrp, sizeof(struct xfs_inumbers))) 884 return -EFAULT; 885 return xfs_ibulk_advance(breq, sizeof(struct xfs_inumbers)); 886} 887 888/* Handle the v5 inumbers ioctl. */ 889STATIC int 890xfs_ioc_inumbers( 891 struct xfs_mount *mp, 892 unsigned int cmd, 893 struct xfs_inumbers_req __user *arg) 894{ 895 struct xfs_bulk_ireq hdr; 896 struct xfs_ibulk breq = { 897 .mp = mp, 898 }; 899 int error; 900 901 if (!capable(CAP_SYS_ADMIN)) 902 return -EPERM; 903 904 if (xfs_is_shutdown(mp)) 905 return -EIO; 906 907 if (copy_from_user(&hdr, &arg->hdr, sizeof(hdr))) 908 return -EFAULT; 909 910 error = xfs_bulk_ireq_setup(mp, &hdr, &breq, arg->inumbers); 911 if (error == -ECANCELED) 912 goto out_teardown; 913 if (error < 0) 914 return error; 915 916 error = xfs_inumbers(&breq, xfs_inumbers_fmt); 917 if (error) 918 return error; 919 920out_teardown: 921 xfs_bulk_ireq_teardown(&hdr, &breq); 922 if (copy_to_user(&arg->hdr, &hdr, sizeof(hdr))) 923 return -EFAULT; 924 925 return 0; 926} 927 928STATIC int 929xfs_ioc_fsgeometry( 930 struct xfs_mount *mp, 931 void __user *arg, 932 int struct_version) 933{ 934 struct xfs_fsop_geom fsgeo; 935 size_t len; 936 937 xfs_fs_geometry(mp, &fsgeo, struct_version); 938 939 if (struct_version <= 3) 940 len = sizeof(struct xfs_fsop_geom_v1); 941 else if (struct_version == 4) 942 len = sizeof(struct xfs_fsop_geom_v4); 943 else { 944 xfs_fsop_geom_health(mp, &fsgeo); 945 len = sizeof(fsgeo); 946 } 947 948 if (copy_to_user(arg, &fsgeo, len)) 949 return -EFAULT; 950 return 0; 951} 952 953STATIC int 954xfs_ioc_ag_geometry( 955 struct xfs_mount *mp, 956 void __user *arg) 957{ 958 struct xfs_perag *pag; 959 struct xfs_ag_geometry ageo; 960 int error; 961 962 if (copy_from_user(&ageo, arg, sizeof(ageo))) 963 return -EFAULT; 964 if (ageo.ag_flags) 965 return -EINVAL; 966 if (memchr_inv(&ageo.ag_reserved, 0, sizeof(ageo.ag_reserved))) 967 return -EINVAL; 968 969 pag = xfs_perag_get(mp, ageo.ag_number); 970 if (!pag) 971 return -EINVAL; 972 973 error = xfs_ag_get_geometry(pag, &ageo); 974 xfs_perag_put(pag); 975 if (error) 976 return error; 977 978 if (copy_to_user(arg, &ageo, sizeof(ageo))) 979 return -EFAULT; 980 return 0; 981} 982 983/* 984 * Linux extended inode flags interface. 985 */ 986 987static void 988xfs_fill_fsxattr( 989 struct xfs_inode *ip, 990 int whichfork, 991 struct fileattr *fa) 992{ 993 struct xfs_mount *mp = ip->i_mount; 994 struct xfs_ifork *ifp = xfs_ifork_ptr(ip, whichfork); 995 996 fileattr_fill_xflags(fa, xfs_ip2xflags(ip)); 997 998 if (ip->i_diflags & XFS_DIFLAG_EXTSIZE) { 999 fa->fsx_extsize = XFS_FSB_TO_B(mp, ip->i_extsize); 1000 } else if (ip->i_diflags & XFS_DIFLAG_EXTSZINHERIT) { 1001 /* 1002 * Don't let a misaligned extent size hint on a directory 1003 * escape to userspace if it won't pass the setattr checks 1004 * later. 1005 */ 1006 if ((ip->i_diflags & XFS_DIFLAG_RTINHERIT) && 1007 ip->i_extsize % mp->m_sb.sb_rextsize > 0) { 1008 fa->fsx_xflags &= ~(FS_XFLAG_EXTSIZE | 1009 FS_XFLAG_EXTSZINHERIT); 1010 fa->fsx_extsize = 0; 1011 } else { 1012 fa->fsx_extsize = XFS_FSB_TO_B(mp, ip->i_extsize); 1013 } 1014 } 1015 1016 if (ip->i_diflags2 & XFS_DIFLAG2_COWEXTSIZE) 1017 fa->fsx_cowextsize = XFS_FSB_TO_B(mp, ip->i_cowextsize); 1018 fa->fsx_projid = ip->i_projid; 1019 if (ifp && !xfs_need_iread_extents(ifp)) 1020 fa->fsx_nextents = xfs_iext_count(ifp); 1021 else 1022 fa->fsx_nextents = xfs_ifork_nextents(ifp); 1023} 1024 1025STATIC int 1026xfs_ioc_fsgetxattra( 1027 xfs_inode_t *ip, 1028 void __user *arg) 1029{ 1030 struct fileattr fa; 1031 1032 xfs_ilock(ip, XFS_ILOCK_SHARED); 1033 xfs_fill_fsxattr(ip, XFS_ATTR_FORK, &fa); 1034 xfs_iunlock(ip, XFS_ILOCK_SHARED); 1035 1036 return copy_fsxattr_to_user(&fa, arg); 1037} 1038 1039int 1040xfs_fileattr_get( 1041 struct dentry *dentry, 1042 struct fileattr *fa) 1043{ 1044 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1045 1046 if (d_is_special(dentry)) 1047 return -ENOTTY; 1048 1049 xfs_ilock(ip, XFS_ILOCK_SHARED); 1050 xfs_fill_fsxattr(ip, XFS_DATA_FORK, fa); 1051 xfs_iunlock(ip, XFS_ILOCK_SHARED); 1052 1053 return 0; 1054} 1055 1056STATIC uint16_t 1057xfs_flags2diflags( 1058 struct xfs_inode *ip, 1059 unsigned int xflags) 1060{ 1061 /* can't set PREALLOC this way, just preserve it */ 1062 uint16_t di_flags = 1063 (ip->i_diflags & XFS_DIFLAG_PREALLOC); 1064 1065 if (xflags & FS_XFLAG_IMMUTABLE) 1066 di_flags |= XFS_DIFLAG_IMMUTABLE; 1067 if (xflags & FS_XFLAG_APPEND) 1068 di_flags |= XFS_DIFLAG_APPEND; 1069 if (xflags & FS_XFLAG_SYNC) 1070 di_flags |= XFS_DIFLAG_SYNC; 1071 if (xflags & FS_XFLAG_NOATIME) 1072 di_flags |= XFS_DIFLAG_NOATIME; 1073 if (xflags & FS_XFLAG_NODUMP) 1074 di_flags |= XFS_DIFLAG_NODUMP; 1075 if (xflags & FS_XFLAG_NODEFRAG) 1076 di_flags |= XFS_DIFLAG_NODEFRAG; 1077 if (xflags & FS_XFLAG_FILESTREAM) 1078 di_flags |= XFS_DIFLAG_FILESTREAM; 1079 if (S_ISDIR(VFS_I(ip)->i_mode)) { 1080 if (xflags & FS_XFLAG_RTINHERIT) 1081 di_flags |= XFS_DIFLAG_RTINHERIT; 1082 if (xflags & FS_XFLAG_NOSYMLINKS) 1083 di_flags |= XFS_DIFLAG_NOSYMLINKS; 1084 if (xflags & FS_XFLAG_EXTSZINHERIT) 1085 di_flags |= XFS_DIFLAG_EXTSZINHERIT; 1086 if (xflags & FS_XFLAG_PROJINHERIT) 1087 di_flags |= XFS_DIFLAG_PROJINHERIT; 1088 } else if (S_ISREG(VFS_I(ip)->i_mode)) { 1089 if (xflags & FS_XFLAG_REALTIME) 1090 di_flags |= XFS_DIFLAG_REALTIME; 1091 if (xflags & FS_XFLAG_EXTSIZE) 1092 di_flags |= XFS_DIFLAG_EXTSIZE; 1093 } 1094 1095 return di_flags; 1096} 1097 1098STATIC uint64_t 1099xfs_flags2diflags2( 1100 struct xfs_inode *ip, 1101 unsigned int xflags) 1102{ 1103 uint64_t di_flags2 = 1104 (ip->i_diflags2 & (XFS_DIFLAG2_REFLINK | 1105 XFS_DIFLAG2_BIGTIME | 1106 XFS_DIFLAG2_NREXT64)); 1107 1108 if (xflags & FS_XFLAG_DAX) 1109 di_flags2 |= XFS_DIFLAG2_DAX; 1110 if (xflags & FS_XFLAG_COWEXTSIZE) 1111 di_flags2 |= XFS_DIFLAG2_COWEXTSIZE; 1112 1113 return di_flags2; 1114} 1115 1116static int 1117xfs_ioctl_setattr_xflags( 1118 struct xfs_trans *tp, 1119 struct xfs_inode *ip, 1120 struct fileattr *fa) 1121{ 1122 struct xfs_mount *mp = ip->i_mount; 1123 bool rtflag = (fa->fsx_xflags & FS_XFLAG_REALTIME); 1124 uint64_t i_flags2; 1125 1126 if (rtflag != XFS_IS_REALTIME_INODE(ip)) { 1127 /* Can't change realtime flag if any extents are allocated. */ 1128 if (ip->i_df.if_nextents || ip->i_delayed_blks) 1129 return -EINVAL; 1130 } 1131 1132 if (rtflag) { 1133 /* If realtime flag is set then must have realtime device */ 1134 if (mp->m_sb.sb_rblocks == 0 || mp->m_sb.sb_rextsize == 0 || 1135 (ip->i_extsize % mp->m_sb.sb_rextsize)) 1136 return -EINVAL; 1137 1138 /* Clear reflink if we are actually able to set the rt flag. */ 1139 if (xfs_is_reflink_inode(ip)) 1140 ip->i_diflags2 &= ~XFS_DIFLAG2_REFLINK; 1141 } 1142 1143 /* diflags2 only valid for v3 inodes. */ 1144 i_flags2 = xfs_flags2diflags2(ip, fa->fsx_xflags); 1145 if (i_flags2 && !xfs_has_v3inodes(mp)) 1146 return -EINVAL; 1147 1148 ip->i_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1149 ip->i_diflags2 = i_flags2; 1150 1151 xfs_diflags_to_iflags(ip, false); 1152 1153 /* 1154 * Make the stable writes flag match that of the device the inode 1155 * resides on when flipping the RT flag. 1156 */ 1157 if (rtflag != XFS_IS_REALTIME_INODE(ip) && S_ISREG(VFS_I(ip)->i_mode)) 1158 xfs_update_stable_writes(ip); 1159 1160 xfs_trans_ichgtime(tp, ip, XFS_ICHGTIME_CHG); 1161 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 1162 XFS_STATS_INC(mp, xs_ig_attrchg); 1163 return 0; 1164} 1165 1166static void 1167xfs_ioctl_setattr_prepare_dax( 1168 struct xfs_inode *ip, 1169 struct fileattr *fa) 1170{ 1171 struct xfs_mount *mp = ip->i_mount; 1172 struct inode *inode = VFS_I(ip); 1173 1174 if (S_ISDIR(inode->i_mode)) 1175 return; 1176 1177 if (xfs_has_dax_always(mp) || xfs_has_dax_never(mp)) 1178 return; 1179 1180 if (((fa->fsx_xflags & FS_XFLAG_DAX) && 1181 !(ip->i_diflags2 & XFS_DIFLAG2_DAX)) || 1182 (!(fa->fsx_xflags & FS_XFLAG_DAX) && 1183 (ip->i_diflags2 & XFS_DIFLAG2_DAX))) 1184 d_mark_dontcache(inode); 1185} 1186 1187/* 1188 * Set up the transaction structure for the setattr operation, checking that we 1189 * have permission to do so. On success, return a clean transaction and the 1190 * inode locked exclusively ready for further operation specific checks. On 1191 * failure, return an error without modifying or locking the inode. 1192 */ 1193static struct xfs_trans * 1194xfs_ioctl_setattr_get_trans( 1195 struct xfs_inode *ip, 1196 struct xfs_dquot *pdqp) 1197{ 1198 struct xfs_mount *mp = ip->i_mount; 1199 struct xfs_trans *tp; 1200 int error = -EROFS; 1201 1202 if (xfs_is_readonly(mp)) 1203 goto out_error; 1204 error = -EIO; 1205 if (xfs_is_shutdown(mp)) 1206 goto out_error; 1207 1208 error = xfs_trans_alloc_ichange(ip, NULL, NULL, pdqp, 1209 has_capability_noaudit(current, CAP_FOWNER), &tp); 1210 if (error) 1211 goto out_error; 1212 1213 if (xfs_has_wsync(mp)) 1214 xfs_trans_set_sync(tp); 1215 1216 return tp; 1217 1218out_error: 1219 return ERR_PTR(error); 1220} 1221 1222/* 1223 * Validate a proposed extent size hint. For regular files, the hint can only 1224 * be changed if no extents are allocated. 1225 */ 1226static int 1227xfs_ioctl_setattr_check_extsize( 1228 struct xfs_inode *ip, 1229 struct fileattr *fa) 1230{ 1231 struct xfs_mount *mp = ip->i_mount; 1232 xfs_failaddr_t failaddr; 1233 uint16_t new_diflags; 1234 1235 if (!fa->fsx_valid) 1236 return 0; 1237 1238 if (S_ISREG(VFS_I(ip)->i_mode) && ip->i_df.if_nextents && 1239 XFS_FSB_TO_B(mp, ip->i_extsize) != fa->fsx_extsize) 1240 return -EINVAL; 1241 1242 if (fa->fsx_extsize & mp->m_blockmask) 1243 return -EINVAL; 1244 1245 new_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1246 1247 /* 1248 * Inode verifiers do not check that the extent size hint is an integer 1249 * multiple of the rt extent size on a directory with both rtinherit 1250 * and extszinherit flags set. Don't let sysadmins misconfigure 1251 * directories. 1252 */ 1253 if ((new_diflags & XFS_DIFLAG_RTINHERIT) && 1254 (new_diflags & XFS_DIFLAG_EXTSZINHERIT)) { 1255 unsigned int rtextsize_bytes; 1256 1257 rtextsize_bytes = XFS_FSB_TO_B(mp, mp->m_sb.sb_rextsize); 1258 if (fa->fsx_extsize % rtextsize_bytes) 1259 return -EINVAL; 1260 } 1261 1262 failaddr = xfs_inode_validate_extsize(ip->i_mount, 1263 XFS_B_TO_FSB(mp, fa->fsx_extsize), 1264 VFS_I(ip)->i_mode, new_diflags); 1265 return failaddr != NULL ? -EINVAL : 0; 1266} 1267 1268static int 1269xfs_ioctl_setattr_check_cowextsize( 1270 struct xfs_inode *ip, 1271 struct fileattr *fa) 1272{ 1273 struct xfs_mount *mp = ip->i_mount; 1274 xfs_failaddr_t failaddr; 1275 uint64_t new_diflags2; 1276 uint16_t new_diflags; 1277 1278 if (!fa->fsx_valid) 1279 return 0; 1280 1281 if (fa->fsx_cowextsize & mp->m_blockmask) 1282 return -EINVAL; 1283 1284 new_diflags = xfs_flags2diflags(ip, fa->fsx_xflags); 1285 new_diflags2 = xfs_flags2diflags2(ip, fa->fsx_xflags); 1286 1287 failaddr = xfs_inode_validate_cowextsize(ip->i_mount, 1288 XFS_B_TO_FSB(mp, fa->fsx_cowextsize), 1289 VFS_I(ip)->i_mode, new_diflags, new_diflags2); 1290 return failaddr != NULL ? -EINVAL : 0; 1291} 1292 1293static int 1294xfs_ioctl_setattr_check_projid( 1295 struct xfs_inode *ip, 1296 struct fileattr *fa) 1297{ 1298 if (!fa->fsx_valid) 1299 return 0; 1300 1301 /* Disallow 32bit project ids if 32bit IDs are not enabled. */ 1302 if (fa->fsx_projid > (uint16_t)-1 && 1303 !xfs_has_projid32(ip->i_mount)) 1304 return -EINVAL; 1305 return 0; 1306} 1307 1308int 1309xfs_fileattr_set( 1310 struct mnt_idmap *idmap, 1311 struct dentry *dentry, 1312 struct fileattr *fa) 1313{ 1314 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1315 struct xfs_mount *mp = ip->i_mount; 1316 struct xfs_trans *tp; 1317 struct xfs_dquot *pdqp = NULL; 1318 struct xfs_dquot *olddquot = NULL; 1319 int error; 1320 1321 trace_xfs_ioctl_setattr(ip); 1322 1323 if (d_is_special(dentry)) 1324 return -ENOTTY; 1325 1326 if (!fa->fsx_valid) { 1327 if (fa->flags & ~(FS_IMMUTABLE_FL | FS_APPEND_FL | 1328 FS_NOATIME_FL | FS_NODUMP_FL | 1329 FS_SYNC_FL | FS_DAX_FL | FS_PROJINHERIT_FL)) 1330 return -EOPNOTSUPP; 1331 } 1332 1333 error = xfs_ioctl_setattr_check_projid(ip, fa); 1334 if (error) 1335 return error; 1336 1337 /* 1338 * If disk quotas is on, we make sure that the dquots do exist on disk, 1339 * before we start any other transactions. Trying to do this later 1340 * is messy. We don't care to take a readlock to look at the ids 1341 * in inode here, because we can't hold it across the trans_reserve. 1342 * If the IDs do change before we take the ilock, we're covered 1343 * because the i_*dquot fields will get updated anyway. 1344 */ 1345 if (fa->fsx_valid && XFS_IS_QUOTA_ON(mp)) { 1346 error = xfs_qm_vop_dqalloc(ip, VFS_I(ip)->i_uid, 1347 VFS_I(ip)->i_gid, fa->fsx_projid, 1348 XFS_QMOPT_PQUOTA, NULL, NULL, &pdqp); 1349 if (error) 1350 return error; 1351 } 1352 1353 xfs_ioctl_setattr_prepare_dax(ip, fa); 1354 1355 tp = xfs_ioctl_setattr_get_trans(ip, pdqp); 1356 if (IS_ERR(tp)) { 1357 error = PTR_ERR(tp); 1358 goto error_free_dquots; 1359 } 1360 1361 error = xfs_ioctl_setattr_check_extsize(ip, fa); 1362 if (error) 1363 goto error_trans_cancel; 1364 1365 error = xfs_ioctl_setattr_check_cowextsize(ip, fa); 1366 if (error) 1367 goto error_trans_cancel; 1368 1369 error = xfs_ioctl_setattr_xflags(tp, ip, fa); 1370 if (error) 1371 goto error_trans_cancel; 1372 1373 if (!fa->fsx_valid) 1374 goto skip_xattr; 1375 /* 1376 * Change file ownership. Must be the owner or privileged. CAP_FSETID 1377 * overrides the following restrictions: 1378 * 1379 * The set-user-ID and set-group-ID bits of a file will be cleared upon 1380 * successful return from chown() 1381 */ 1382 1383 if ((VFS_I(ip)->i_mode & (S_ISUID|S_ISGID)) && 1384 !capable_wrt_inode_uidgid(idmap, VFS_I(ip), CAP_FSETID)) 1385 VFS_I(ip)->i_mode &= ~(S_ISUID|S_ISGID); 1386 1387 /* Change the ownerships and register project quota modifications */ 1388 if (ip->i_projid != fa->fsx_projid) { 1389 if (XFS_IS_PQUOTA_ON(mp)) { 1390 olddquot = xfs_qm_vop_chown(tp, ip, 1391 &ip->i_pdquot, pdqp); 1392 } 1393 ip->i_projid = fa->fsx_projid; 1394 } 1395 1396 /* 1397 * Only set the extent size hint if we've already determined that the 1398 * extent size hint should be set on the inode. If no extent size flags 1399 * are set on the inode then unconditionally clear the extent size hint. 1400 */ 1401 if (ip->i_diflags & (XFS_DIFLAG_EXTSIZE | XFS_DIFLAG_EXTSZINHERIT)) 1402 ip->i_extsize = XFS_B_TO_FSB(mp, fa->fsx_extsize); 1403 else 1404 ip->i_extsize = 0; 1405 1406 if (xfs_has_v3inodes(mp)) { 1407 if (ip->i_diflags2 & XFS_DIFLAG2_COWEXTSIZE) 1408 ip->i_cowextsize = XFS_B_TO_FSB(mp, fa->fsx_cowextsize); 1409 else 1410 ip->i_cowextsize = 0; 1411 } 1412 1413skip_xattr: 1414 error = xfs_trans_commit(tp); 1415 1416 /* 1417 * Release any dquot(s) the inode had kept before chown. 1418 */ 1419 xfs_qm_dqrele(olddquot); 1420 xfs_qm_dqrele(pdqp); 1421 1422 return error; 1423 1424error_trans_cancel: 1425 xfs_trans_cancel(tp); 1426error_free_dquots: 1427 xfs_qm_dqrele(pdqp); 1428 return error; 1429} 1430 1431static bool 1432xfs_getbmap_format( 1433 struct kgetbmap *p, 1434 struct getbmapx __user *u, 1435 size_t recsize) 1436{ 1437 if (put_user(p->bmv_offset, &u->bmv_offset) || 1438 put_user(p->bmv_block, &u->bmv_block) || 1439 put_user(p->bmv_length, &u->bmv_length) || 1440 put_user(0, &u->bmv_count) || 1441 put_user(0, &u->bmv_entries)) 1442 return false; 1443 if (recsize < sizeof(struct getbmapx)) 1444 return true; 1445 if (put_user(0, &u->bmv_iflags) || 1446 put_user(p->bmv_oflags, &u->bmv_oflags) || 1447 put_user(0, &u->bmv_unused1) || 1448 put_user(0, &u->bmv_unused2)) 1449 return false; 1450 return true; 1451} 1452 1453STATIC int 1454xfs_ioc_getbmap( 1455 struct file *file, 1456 unsigned int cmd, 1457 void __user *arg) 1458{ 1459 struct getbmapx bmx = { 0 }; 1460 struct kgetbmap *buf; 1461 size_t recsize; 1462 int error, i; 1463 1464 switch (cmd) { 1465 case XFS_IOC_GETBMAPA: 1466 bmx.bmv_iflags = BMV_IF_ATTRFORK; 1467 fallthrough; 1468 case XFS_IOC_GETBMAP: 1469 /* struct getbmap is a strict subset of struct getbmapx. */ 1470 recsize = sizeof(struct getbmap); 1471 break; 1472 case XFS_IOC_GETBMAPX: 1473 recsize = sizeof(struct getbmapx); 1474 break; 1475 default: 1476 return -EINVAL; 1477 } 1478 1479 if (copy_from_user(&bmx, arg, recsize)) 1480 return -EFAULT; 1481 1482 if (bmx.bmv_count < 2) 1483 return -EINVAL; 1484 if (bmx.bmv_count >= INT_MAX / recsize) 1485 return -ENOMEM; 1486 1487 buf = kvcalloc(bmx.bmv_count, sizeof(*buf), GFP_KERNEL); 1488 if (!buf) 1489 return -ENOMEM; 1490 1491 error = xfs_getbmap(XFS_I(file_inode(file)), &bmx, buf); 1492 if (error) 1493 goto out_free_buf; 1494 1495 error = -EFAULT; 1496 if (copy_to_user(arg, &bmx, recsize)) 1497 goto out_free_buf; 1498 arg += recsize; 1499 1500 for (i = 0; i < bmx.bmv_entries; i++) { 1501 if (!xfs_getbmap_format(buf + i, arg, recsize)) 1502 goto out_free_buf; 1503 arg += recsize; 1504 } 1505 1506 error = 0; 1507out_free_buf: 1508 kmem_free(buf); 1509 return error; 1510} 1511 1512STATIC int 1513xfs_ioc_getfsmap( 1514 struct xfs_inode *ip, 1515 struct fsmap_head __user *arg) 1516{ 1517 struct xfs_fsmap_head xhead = {0}; 1518 struct fsmap_head head; 1519 struct fsmap *recs; 1520 unsigned int count; 1521 __u32 last_flags = 0; 1522 bool done = false; 1523 int error; 1524 1525 if (copy_from_user(&head, arg, sizeof(struct fsmap_head))) 1526 return -EFAULT; 1527 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) || 1528 memchr_inv(head.fmh_keys[0].fmr_reserved, 0, 1529 sizeof(head.fmh_keys[0].fmr_reserved)) || 1530 memchr_inv(head.fmh_keys[1].fmr_reserved, 0, 1531 sizeof(head.fmh_keys[1].fmr_reserved))) 1532 return -EINVAL; 1533 1534 /* 1535 * Use an internal memory buffer so that we don't have to copy fsmap 1536 * data to userspace while holding locks. Start by trying to allocate 1537 * up to 128k for the buffer, but fall back to a single page if needed. 1538 */ 1539 count = min_t(unsigned int, head.fmh_count, 1540 131072 / sizeof(struct fsmap)); 1541 recs = kvcalloc(count, sizeof(struct fsmap), GFP_KERNEL); 1542 if (!recs) { 1543 count = min_t(unsigned int, head.fmh_count, 1544 PAGE_SIZE / sizeof(struct fsmap)); 1545 recs = kvcalloc(count, sizeof(struct fsmap), GFP_KERNEL); 1546 if (!recs) 1547 return -ENOMEM; 1548 } 1549 1550 xhead.fmh_iflags = head.fmh_iflags; 1551 xfs_fsmap_to_internal(&xhead.fmh_keys[0], &head.fmh_keys[0]); 1552 xfs_fsmap_to_internal(&xhead.fmh_keys[1], &head.fmh_keys[1]); 1553 1554 trace_xfs_getfsmap_low_key(ip->i_mount, &xhead.fmh_keys[0]); 1555 trace_xfs_getfsmap_high_key(ip->i_mount, &xhead.fmh_keys[1]); 1556 1557 head.fmh_entries = 0; 1558 do { 1559 struct fsmap __user *user_recs; 1560 struct fsmap *last_rec; 1561 1562 user_recs = &arg->fmh_recs[head.fmh_entries]; 1563 xhead.fmh_entries = 0; 1564 xhead.fmh_count = min_t(unsigned int, count, 1565 head.fmh_count - head.fmh_entries); 1566 1567 /* Run query, record how many entries we got. */ 1568 error = xfs_getfsmap(ip->i_mount, &xhead, recs); 1569 switch (error) { 1570 case 0: 1571 /* 1572 * There are no more records in the result set. Copy 1573 * whatever we got to userspace and break out. 1574 */ 1575 done = true; 1576 break; 1577 case -ECANCELED: 1578 /* 1579 * The internal memory buffer is full. Copy whatever 1580 * records we got to userspace and go again if we have 1581 * not yet filled the userspace buffer. 1582 */ 1583 error = 0; 1584 break; 1585 default: 1586 goto out_free; 1587 } 1588 head.fmh_entries += xhead.fmh_entries; 1589 head.fmh_oflags = xhead.fmh_oflags; 1590 1591 /* 1592 * If the caller wanted a record count or there aren't any 1593 * new records to return, we're done. 1594 */ 1595 if (head.fmh_count == 0 || xhead.fmh_entries == 0) 1596 break; 1597 1598 /* Copy all the records we got out to userspace. */ 1599 if (copy_to_user(user_recs, recs, 1600 xhead.fmh_entries * sizeof(struct fsmap))) { 1601 error = -EFAULT; 1602 goto out_free; 1603 } 1604 1605 /* Remember the last record flags we copied to userspace. */ 1606 last_rec = &recs[xhead.fmh_entries - 1]; 1607 last_flags = last_rec->fmr_flags; 1608 1609 /* Set up the low key for the next iteration. */ 1610 xfs_fsmap_to_internal(&xhead.fmh_keys[0], last_rec); 1611 trace_xfs_getfsmap_low_key(ip->i_mount, &xhead.fmh_keys[0]); 1612 } while (!done && head.fmh_entries < head.fmh_count); 1613 1614 /* 1615 * If there are no more records in the query result set and we're not 1616 * in counting mode, mark the last record returned with the LAST flag. 1617 */ 1618 if (done && head.fmh_count > 0 && head.fmh_entries > 0) { 1619 struct fsmap __user *user_rec; 1620 1621 last_flags |= FMR_OF_LAST; 1622 user_rec = &arg->fmh_recs[head.fmh_entries - 1]; 1623 1624 if (copy_to_user(&user_rec->fmr_flags, &last_flags, 1625 sizeof(last_flags))) { 1626 error = -EFAULT; 1627 goto out_free; 1628 } 1629 } 1630 1631 /* copy back header */ 1632 if (copy_to_user(arg, &head, sizeof(struct fsmap_head))) { 1633 error = -EFAULT; 1634 goto out_free; 1635 } 1636 1637out_free: 1638 kmem_free(recs); 1639 return error; 1640} 1641 1642STATIC int 1643xfs_ioc_scrub_metadata( 1644 struct file *file, 1645 void __user *arg) 1646{ 1647 struct xfs_scrub_metadata scrub; 1648 int error; 1649 1650 if (!capable(CAP_SYS_ADMIN)) 1651 return -EPERM; 1652 1653 if (copy_from_user(&scrub, arg, sizeof(scrub))) 1654 return -EFAULT; 1655 1656 error = xfs_scrub_metadata(file, &scrub); 1657 if (error) 1658 return error; 1659 1660 if (copy_to_user(arg, &scrub, sizeof(scrub))) 1661 return -EFAULT; 1662 1663 return 0; 1664} 1665 1666int 1667xfs_ioc_swapext( 1668 xfs_swapext_t *sxp) 1669{ 1670 xfs_inode_t *ip, *tip; 1671 struct fd f, tmp; 1672 int error = 0; 1673 1674 /* Pull information for the target fd */ 1675 f = fdget((int)sxp->sx_fdtarget); 1676 if (!f.file) { 1677 error = -EINVAL; 1678 goto out; 1679 } 1680 1681 if (!(f.file->f_mode & FMODE_WRITE) || 1682 !(f.file->f_mode & FMODE_READ) || 1683 (f.file->f_flags & O_APPEND)) { 1684 error = -EBADF; 1685 goto out_put_file; 1686 } 1687 1688 tmp = fdget((int)sxp->sx_fdtmp); 1689 if (!tmp.file) { 1690 error = -EINVAL; 1691 goto out_put_file; 1692 } 1693 1694 if (!(tmp.file->f_mode & FMODE_WRITE) || 1695 !(tmp.file->f_mode & FMODE_READ) || 1696 (tmp.file->f_flags & O_APPEND)) { 1697 error = -EBADF; 1698 goto out_put_tmp_file; 1699 } 1700 1701 if (IS_SWAPFILE(file_inode(f.file)) || 1702 IS_SWAPFILE(file_inode(tmp.file))) { 1703 error = -EINVAL; 1704 goto out_put_tmp_file; 1705 } 1706 1707 /* 1708 * We need to ensure that the fds passed in point to XFS inodes 1709 * before we cast and access them as XFS structures as we have no 1710 * control over what the user passes us here. 1711 */ 1712 if (f.file->f_op != &xfs_file_operations || 1713 tmp.file->f_op != &xfs_file_operations) { 1714 error = -EINVAL; 1715 goto out_put_tmp_file; 1716 } 1717 1718 ip = XFS_I(file_inode(f.file)); 1719 tip = XFS_I(file_inode(tmp.file)); 1720 1721 if (ip->i_mount != tip->i_mount) { 1722 error = -EINVAL; 1723 goto out_put_tmp_file; 1724 } 1725 1726 if (ip->i_ino == tip->i_ino) { 1727 error = -EINVAL; 1728 goto out_put_tmp_file; 1729 } 1730 1731 if (xfs_is_shutdown(ip->i_mount)) { 1732 error = -EIO; 1733 goto out_put_tmp_file; 1734 } 1735 1736 error = xfs_swap_extents(ip, tip, sxp); 1737 1738 out_put_tmp_file: 1739 fdput(tmp); 1740 out_put_file: 1741 fdput(f); 1742 out: 1743 return error; 1744} 1745 1746static int 1747xfs_ioc_getlabel( 1748 struct xfs_mount *mp, 1749 char __user *user_label) 1750{ 1751 struct xfs_sb *sbp = &mp->m_sb; 1752 char label[XFSLABEL_MAX + 1]; 1753 1754 /* Paranoia */ 1755 BUILD_BUG_ON(sizeof(sbp->sb_fname) > FSLABEL_MAX); 1756 1757 /* 1 larger than sb_fname, so this ensures a trailing NUL char */ 1758 memset(label, 0, sizeof(label)); 1759 spin_lock(&mp->m_sb_lock); 1760 strncpy(label, sbp->sb_fname, XFSLABEL_MAX); 1761 spin_unlock(&mp->m_sb_lock); 1762 1763 if (copy_to_user(user_label, label, sizeof(label))) 1764 return -EFAULT; 1765 return 0; 1766} 1767 1768static int 1769xfs_ioc_setlabel( 1770 struct file *filp, 1771 struct xfs_mount *mp, 1772 char __user *newlabel) 1773{ 1774 struct xfs_sb *sbp = &mp->m_sb; 1775 char label[XFSLABEL_MAX + 1]; 1776 size_t len; 1777 int error; 1778 1779 if (!capable(CAP_SYS_ADMIN)) 1780 return -EPERM; 1781 /* 1782 * The generic ioctl allows up to FSLABEL_MAX chars, but XFS is much 1783 * smaller, at 12 bytes. We copy one more to be sure we find the 1784 * (required) NULL character to test the incoming label length. 1785 * NB: The on disk label doesn't need to be null terminated. 1786 */ 1787 if (copy_from_user(label, newlabel, XFSLABEL_MAX + 1)) 1788 return -EFAULT; 1789 len = strnlen(label, XFSLABEL_MAX + 1); 1790 if (len > sizeof(sbp->sb_fname)) 1791 return -EINVAL; 1792 1793 error = mnt_want_write_file(filp); 1794 if (error) 1795 return error; 1796 1797 spin_lock(&mp->m_sb_lock); 1798 memset(sbp->sb_fname, 0, sizeof(sbp->sb_fname)); 1799 memcpy(sbp->sb_fname, label, len); 1800 spin_unlock(&mp->m_sb_lock); 1801 1802 /* 1803 * Now we do several things to satisfy userspace. 1804 * In addition to normal logging of the primary superblock, we also 1805 * immediately write these changes to sector zero for the primary, then 1806 * update all backup supers (as xfs_db does for a label change), then 1807 * invalidate the block device page cache. This is so that any prior 1808 * buffered reads from userspace (i.e. from blkid) are invalidated, 1809 * and userspace will see the newly-written label. 1810 */ 1811 error = xfs_sync_sb_buf(mp); 1812 if (error) 1813 goto out; 1814 /* 1815 * growfs also updates backup supers so lock against that. 1816 */ 1817 mutex_lock(&mp->m_growlock); 1818 error = xfs_update_secondary_sbs(mp); 1819 mutex_unlock(&mp->m_growlock); 1820 1821 invalidate_bdev(mp->m_ddev_targp->bt_bdev); 1822 1823out: 1824 mnt_drop_write_file(filp); 1825 return error; 1826} 1827 1828static inline int 1829xfs_fs_eofblocks_from_user( 1830 struct xfs_fs_eofblocks *src, 1831 struct xfs_icwalk *dst) 1832{ 1833 if (src->eof_version != XFS_EOFBLOCKS_VERSION) 1834 return -EINVAL; 1835 1836 if (src->eof_flags & ~XFS_EOF_FLAGS_VALID) 1837 return -EINVAL; 1838 1839 if (memchr_inv(&src->pad32, 0, sizeof(src->pad32)) || 1840 memchr_inv(src->pad64, 0, sizeof(src->pad64))) 1841 return -EINVAL; 1842 1843 dst->icw_flags = 0; 1844 if (src->eof_flags & XFS_EOF_FLAGS_SYNC) 1845 dst->icw_flags |= XFS_ICWALK_FLAG_SYNC; 1846 if (src->eof_flags & XFS_EOF_FLAGS_UID) 1847 dst->icw_flags |= XFS_ICWALK_FLAG_UID; 1848 if (src->eof_flags & XFS_EOF_FLAGS_GID) 1849 dst->icw_flags |= XFS_ICWALK_FLAG_GID; 1850 if (src->eof_flags & XFS_EOF_FLAGS_PRID) 1851 dst->icw_flags |= XFS_ICWALK_FLAG_PRID; 1852 if (src->eof_flags & XFS_EOF_FLAGS_MINFILESIZE) 1853 dst->icw_flags |= XFS_ICWALK_FLAG_MINFILESIZE; 1854 1855 dst->icw_prid = src->eof_prid; 1856 dst->icw_min_file_size = src->eof_min_file_size; 1857 1858 dst->icw_uid = INVALID_UID; 1859 if (src->eof_flags & XFS_EOF_FLAGS_UID) { 1860 dst->icw_uid = make_kuid(current_user_ns(), src->eof_uid); 1861 if (!uid_valid(dst->icw_uid)) 1862 return -EINVAL; 1863 } 1864 1865 dst->icw_gid = INVALID_GID; 1866 if (src->eof_flags & XFS_EOF_FLAGS_GID) { 1867 dst->icw_gid = make_kgid(current_user_ns(), src->eof_gid); 1868 if (!gid_valid(dst->icw_gid)) 1869 return -EINVAL; 1870 } 1871 return 0; 1872} 1873 1874/* 1875 * These long-unused ioctls were removed from the official ioctl API in 5.17, 1876 * but retain these definitions so that we can log warnings about them. 1877 */ 1878#define XFS_IOC_ALLOCSP _IOW ('X', 10, struct xfs_flock64) 1879#define XFS_IOC_FREESP _IOW ('X', 11, struct xfs_flock64) 1880#define XFS_IOC_ALLOCSP64 _IOW ('X', 36, struct xfs_flock64) 1881#define XFS_IOC_FREESP64 _IOW ('X', 37, struct xfs_flock64) 1882 1883/* 1884 * Note: some of the ioctl's return positive numbers as a 1885 * byte count indicating success, such as readlink_by_handle. 1886 * So we don't "sign flip" like most other routines. This means 1887 * true errors need to be returned as a negative value. 1888 */ 1889long 1890xfs_file_ioctl( 1891 struct file *filp, 1892 unsigned int cmd, 1893 unsigned long p) 1894{ 1895 struct inode *inode = file_inode(filp); 1896 struct xfs_inode *ip = XFS_I(inode); 1897 struct xfs_mount *mp = ip->i_mount; 1898 void __user *arg = (void __user *)p; 1899 int error; 1900 1901 trace_xfs_file_ioctl(ip); 1902 1903 switch (cmd) { 1904 case FITRIM: 1905 return xfs_ioc_trim(mp, arg); 1906 case FS_IOC_GETFSLABEL: 1907 return xfs_ioc_getlabel(mp, arg); 1908 case FS_IOC_SETFSLABEL: 1909 return xfs_ioc_setlabel(filp, mp, arg); 1910 case XFS_IOC_ALLOCSP: 1911 case XFS_IOC_FREESP: 1912 case XFS_IOC_ALLOCSP64: 1913 case XFS_IOC_FREESP64: 1914 xfs_warn_once(mp, 1915 "%s should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported", 1916 current->comm); 1917 return -ENOTTY; 1918 case XFS_IOC_DIOINFO: { 1919 struct xfs_buftarg *target = xfs_inode_buftarg(ip); 1920 struct dioattr da; 1921 1922 da.d_mem = da.d_miniosz = target->bt_logical_sectorsize; 1923 da.d_maxiosz = INT_MAX & ~(da.d_miniosz - 1); 1924 1925 if (copy_to_user(arg, &da, sizeof(da))) 1926 return -EFAULT; 1927 return 0; 1928 } 1929 1930 case XFS_IOC_FSBULKSTAT_SINGLE: 1931 case XFS_IOC_FSBULKSTAT: 1932 case XFS_IOC_FSINUMBERS: 1933 return xfs_ioc_fsbulkstat(filp, cmd, arg); 1934 1935 case XFS_IOC_BULKSTAT: 1936 return xfs_ioc_bulkstat(filp, cmd, arg); 1937 case XFS_IOC_INUMBERS: 1938 return xfs_ioc_inumbers(mp, cmd, arg); 1939 1940 case XFS_IOC_FSGEOMETRY_V1: 1941 return xfs_ioc_fsgeometry(mp, arg, 3); 1942 case XFS_IOC_FSGEOMETRY_V4: 1943 return xfs_ioc_fsgeometry(mp, arg, 4); 1944 case XFS_IOC_FSGEOMETRY: 1945 return xfs_ioc_fsgeometry(mp, arg, 5); 1946 1947 case XFS_IOC_AG_GEOMETRY: 1948 return xfs_ioc_ag_geometry(mp, arg); 1949 1950 case XFS_IOC_GETVERSION: 1951 return put_user(inode->i_generation, (int __user *)arg); 1952 1953 case XFS_IOC_FSGETXATTRA: 1954 return xfs_ioc_fsgetxattra(ip, arg); 1955 1956 case XFS_IOC_GETBMAP: 1957 case XFS_IOC_GETBMAPA: 1958 case XFS_IOC_GETBMAPX: 1959 return xfs_ioc_getbmap(filp, cmd, arg); 1960 1961 case FS_IOC_GETFSMAP: 1962 return xfs_ioc_getfsmap(ip, arg); 1963 1964 case XFS_IOC_SCRUB_METADATA: 1965 return xfs_ioc_scrub_metadata(filp, arg); 1966 1967 case XFS_IOC_FD_TO_HANDLE: 1968 case XFS_IOC_PATH_TO_HANDLE: 1969 case XFS_IOC_PATH_TO_FSHANDLE: { 1970 xfs_fsop_handlereq_t hreq; 1971 1972 if (copy_from_user(&hreq, arg, sizeof(hreq))) 1973 return -EFAULT; 1974 return xfs_find_handle(cmd, &hreq); 1975 } 1976 case XFS_IOC_OPEN_BY_HANDLE: { 1977 xfs_fsop_handlereq_t hreq; 1978 1979 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t))) 1980 return -EFAULT; 1981 return xfs_open_by_handle(filp, &hreq); 1982 } 1983 1984 case XFS_IOC_READLINK_BY_HANDLE: { 1985 xfs_fsop_handlereq_t hreq; 1986 1987 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t))) 1988 return -EFAULT; 1989 return xfs_readlink_by_handle(filp, &hreq); 1990 } 1991 case XFS_IOC_ATTRLIST_BY_HANDLE: 1992 return xfs_attrlist_by_handle(filp, arg); 1993 1994 case XFS_IOC_ATTRMULTI_BY_HANDLE: 1995 return xfs_attrmulti_by_handle(filp, arg); 1996 1997 case XFS_IOC_SWAPEXT: { 1998 struct xfs_swapext sxp; 1999 2000 if (copy_from_user(&sxp, arg, sizeof(xfs_swapext_t))) 2001 return -EFAULT; 2002 error = mnt_want_write_file(filp); 2003 if (error) 2004 return error; 2005 error = xfs_ioc_swapext(&sxp); 2006 mnt_drop_write_file(filp); 2007 return error; 2008 } 2009 2010 case XFS_IOC_FSCOUNTS: { 2011 xfs_fsop_counts_t out; 2012 2013 xfs_fs_counts(mp, &out); 2014 2015 if (copy_to_user(arg, &out, sizeof(out))) 2016 return -EFAULT; 2017 return 0; 2018 } 2019 2020 case XFS_IOC_SET_RESBLKS: { 2021 xfs_fsop_resblks_t inout; 2022 uint64_t in; 2023 2024 if (!capable(CAP_SYS_ADMIN)) 2025 return -EPERM; 2026 2027 if (xfs_is_readonly(mp)) 2028 return -EROFS; 2029 2030 if (copy_from_user(&inout, arg, sizeof(inout))) 2031 return -EFAULT; 2032 2033 error = mnt_want_write_file(filp); 2034 if (error) 2035 return error; 2036 2037 /* input parameter is passed in resblks field of structure */ 2038 in = inout.resblks; 2039 error = xfs_reserve_blocks(mp, &in, &inout); 2040 mnt_drop_write_file(filp); 2041 if (error) 2042 return error; 2043 2044 if (copy_to_user(arg, &inout, sizeof(inout))) 2045 return -EFAULT; 2046 return 0; 2047 } 2048 2049 case XFS_IOC_GET_RESBLKS: { 2050 xfs_fsop_resblks_t out; 2051 2052 if (!capable(CAP_SYS_ADMIN)) 2053 return -EPERM; 2054 2055 error = xfs_reserve_blocks(mp, NULL, &out); 2056 if (error) 2057 return error; 2058 2059 if (copy_to_user(arg, &out, sizeof(out))) 2060 return -EFAULT; 2061 2062 return 0; 2063 } 2064 2065 case XFS_IOC_FSGROWFSDATA: { 2066 struct xfs_growfs_data in; 2067 2068 if (copy_from_user(&in, arg, sizeof(in))) 2069 return -EFAULT; 2070 2071 error = mnt_want_write_file(filp); 2072 if (error) 2073 return error; 2074 error = xfs_growfs_data(mp, &in); 2075 mnt_drop_write_file(filp); 2076 return error; 2077 } 2078 2079 case XFS_IOC_FSGROWFSLOG: { 2080 struct xfs_growfs_log in; 2081 2082 if (copy_from_user(&in, arg, sizeof(in))) 2083 return -EFAULT; 2084 2085 error = mnt_want_write_file(filp); 2086 if (error) 2087 return error; 2088 error = xfs_growfs_log(mp, &in); 2089 mnt_drop_write_file(filp); 2090 return error; 2091 } 2092 2093 case XFS_IOC_FSGROWFSRT: { 2094 xfs_growfs_rt_t in; 2095 2096 if (copy_from_user(&in, arg, sizeof(in))) 2097 return -EFAULT; 2098 2099 error = mnt_want_write_file(filp); 2100 if (error) 2101 return error; 2102 error = xfs_growfs_rt(mp, &in); 2103 mnt_drop_write_file(filp); 2104 return error; 2105 } 2106 2107 case XFS_IOC_GOINGDOWN: { 2108 uint32_t in; 2109 2110 if (!capable(CAP_SYS_ADMIN)) 2111 return -EPERM; 2112 2113 if (get_user(in, (uint32_t __user *)arg)) 2114 return -EFAULT; 2115 2116 return xfs_fs_goingdown(mp, in); 2117 } 2118 2119 case XFS_IOC_ERROR_INJECTION: { 2120 xfs_error_injection_t in; 2121 2122 if (!capable(CAP_SYS_ADMIN)) 2123 return -EPERM; 2124 2125 if (copy_from_user(&in, arg, sizeof(in))) 2126 return -EFAULT; 2127 2128 return xfs_errortag_add(mp, in.errtag); 2129 } 2130 2131 case XFS_IOC_ERROR_CLEARALL: 2132 if (!capable(CAP_SYS_ADMIN)) 2133 return -EPERM; 2134 2135 return xfs_errortag_clearall(mp); 2136 2137 case XFS_IOC_FREE_EOFBLOCKS: { 2138 struct xfs_fs_eofblocks eofb; 2139 struct xfs_icwalk icw; 2140 2141 if (!capable(CAP_SYS_ADMIN)) 2142 return -EPERM; 2143 2144 if (xfs_is_readonly(mp)) 2145 return -EROFS; 2146 2147 if (copy_from_user(&eofb, arg, sizeof(eofb))) 2148 return -EFAULT; 2149 2150 error = xfs_fs_eofblocks_from_user(&eofb, &icw); 2151 if (error) 2152 return error; 2153 2154 trace_xfs_ioc_free_eofblocks(mp, &icw, _RET_IP_); 2155 2156 sb_start_write(mp->m_super); 2157 error = xfs_blockgc_free_space(mp, &icw); 2158 sb_end_write(mp->m_super); 2159 return error; 2160 } 2161 2162 default: 2163 return -ENOTTY; 2164 } 2165} 2166