1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * linux/fs/ext4/ioctl.c
4 *
5 * Copyright (C) 1993, 1994, 1995
6 * Remy Card (card@masi.ibp.fr)
7 * Laboratoire MASI - Institut Blaise Pascal
8 * Universite Pierre et Marie Curie (Paris VI)
9 */
10
11 #include <linux/fs.h>
12 #include <linux/capability.h>
13 #include <linux/time.h>
14 #include <linux/compat.h>
15 #include <linux/mount.h>
16 #include <linux/file.h>
17 #include <linux/quotaops.h>
18 #include <linux/random.h>
19 #include <linux/uuid.h>
20 #include <linux/uaccess.h>
21 #include <linux/delay.h>
22 #include <linux/iversion.h>
23 #include "ext4_jbd2.h"
24 #include "ext4.h"
25 #include <linux/fsmap.h>
26 #include "fsmap.h"
27 #include <trace/events/ext4.h>
28
29 /**
30 * Swap memory between @a and @b for @len bytes.
31 *
32 * @a: pointer to first memory area
33 * @b: pointer to second memory area
34 * @len: number of bytes to swap
35 *
36 */
memswap(void * a,void * b,size_t len)37 static void memswap(void *a, void *b, size_t len)
38 {
39 unsigned char *ap, *bp;
40
41 ap = (unsigned char *)a;
42 bp = (unsigned char *)b;
43 while (len-- > 0) {
44 swap(*ap, *bp);
45 ap++;
46 bp++;
47 }
48 }
49
50 /**
51 * Swap i_data and associated attributes between @inode1 and @inode2.
52 * This function is used for the primary swap between inode1 and inode2
53 * and also to revert this primary swap in case of errors.
54 *
55 * Therefore you have to make sure, that calling this method twice
56 * will revert all changes.
57 *
58 * @inode1: pointer to first inode
59 * @inode2: pointer to second inode
60 */
swap_inode_data(struct inode * inode1,struct inode * inode2)61 static void swap_inode_data(struct inode *inode1, struct inode *inode2)
62 {
63 loff_t isize;
64 struct ext4_inode_info *ei1;
65 struct ext4_inode_info *ei2;
66 unsigned long tmp;
67
68 ei1 = EXT4_I(inode1);
69 ei2 = EXT4_I(inode2);
70
71 swap(inode1->i_version, inode2->i_version);
72 swap(inode1->i_atime, inode2->i_atime);
73 swap(inode1->i_mtime, inode2->i_mtime);
74
75 memswap(ei1->i_data, ei2->i_data, sizeof(ei1->i_data));
76 tmp = ei1->i_flags & EXT4_FL_SHOULD_SWAP;
77 ei1->i_flags = (ei2->i_flags & EXT4_FL_SHOULD_SWAP) |
78 (ei1->i_flags & ~EXT4_FL_SHOULD_SWAP);
79 ei2->i_flags = tmp | (ei2->i_flags & ~EXT4_FL_SHOULD_SWAP);
80 swap(ei1->i_disksize, ei2->i_disksize);
81 ext4_es_remove_extent(inode1, 0, EXT_MAX_BLOCKS);
82 ext4_es_remove_extent(inode2, 0, EXT_MAX_BLOCKS);
83
84 isize = i_size_read(inode1);
85 i_size_write(inode1, i_size_read(inode2));
86 i_size_write(inode2, isize);
87 }
88
ext4_reset_inode_seed(struct inode * inode)89 void ext4_reset_inode_seed(struct inode *inode)
90 {
91 struct ext4_inode_info *ei = EXT4_I(inode);
92 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
93 __le32 inum = cpu_to_le32(inode->i_ino);
94 __le32 gen = cpu_to_le32(inode->i_generation);
95 __u32 csum;
96
97 if (!ext4_has_metadata_csum(inode->i_sb))
98 return;
99
100 csum = ext4_chksum(sbi, sbi->s_csum_seed, (__u8 *)&inum, sizeof(inum));
101 ei->i_csum_seed = ext4_chksum(sbi, csum, (__u8 *)&gen, sizeof(gen));
102 }
103
104 /**
105 * Swap the information from the given @inode and the inode
106 * EXT4_BOOT_LOADER_INO. It will basically swap i_data and all other
107 * important fields of the inodes.
108 *
109 * @sb: the super block of the filesystem
110 * @inode: the inode to swap with EXT4_BOOT_LOADER_INO
111 *
112 */
swap_inode_boot_loader(struct super_block * sb,struct inode * inode)113 static long swap_inode_boot_loader(struct super_block *sb,
114 struct inode *inode)
115 {
116 handle_t *handle;
117 int err;
118 struct inode *inode_bl;
119 struct ext4_inode_info *ei_bl;
120 qsize_t size, size_bl, diff;
121 blkcnt_t blocks;
122 unsigned short bytes;
123
124 inode_bl = ext4_iget(sb, EXT4_BOOT_LOADER_INO, EXT4_IGET_SPECIAL);
125 if (IS_ERR(inode_bl))
126 return PTR_ERR(inode_bl);
127 ei_bl = EXT4_I(inode_bl);
128
129 /* Protect orig inodes against a truncate and make sure,
130 * that only 1 swap_inode_boot_loader is running. */
131 lock_two_nondirectories(inode, inode_bl);
132
133 if (inode->i_nlink != 1 || !S_ISREG(inode->i_mode) ||
134 IS_SWAPFILE(inode) || IS_ENCRYPTED(inode) ||
135 (EXT4_I(inode)->i_flags & EXT4_JOURNAL_DATA_FL) ||
136 ext4_has_inline_data(inode)) {
137 err = -EINVAL;
138 goto journal_err_out;
139 }
140
141 if (IS_RDONLY(inode) || IS_APPEND(inode) || IS_IMMUTABLE(inode) ||
142 !inode_owner_or_capable(inode) || !capable(CAP_SYS_ADMIN)) {
143 err = -EPERM;
144 goto journal_err_out;
145 }
146
147 down_write(&EXT4_I(inode)->i_mmap_sem);
148 err = filemap_write_and_wait(inode->i_mapping);
149 if (err)
150 goto err_out;
151
152 err = filemap_write_and_wait(inode_bl->i_mapping);
153 if (err)
154 goto err_out;
155
156 /* Wait for all existing dio workers */
157 inode_dio_wait(inode);
158 inode_dio_wait(inode_bl);
159
160 truncate_inode_pages(&inode->i_data, 0);
161 truncate_inode_pages(&inode_bl->i_data, 0);
162
163 handle = ext4_journal_start(inode_bl, EXT4_HT_MOVE_EXTENTS, 2);
164 if (IS_ERR(handle)) {
165 err = -EINVAL;
166 goto err_out;
167 }
168 ext4_fc_start_ineligible(sb, EXT4_FC_REASON_SWAP_BOOT);
169
170 /* Protect extent tree against block allocations via delalloc */
171 ext4_double_down_write_data_sem(inode, inode_bl);
172
173 if (inode_bl->i_nlink == 0) {
174 /* this inode has never been used as a BOOT_LOADER */
175 set_nlink(inode_bl, 1);
176 i_uid_write(inode_bl, 0);
177 i_gid_write(inode_bl, 0);
178 inode_bl->i_flags = 0;
179 ei_bl->i_flags = 0;
180 inode_set_iversion(inode_bl, 1);
181 i_size_write(inode_bl, 0);
182 inode_bl->i_mode = S_IFREG;
183 if (ext4_has_feature_extents(sb)) {
184 ext4_set_inode_flag(inode_bl, EXT4_INODE_EXTENTS);
185 ext4_ext_tree_init(handle, inode_bl);
186 } else
187 memset(ei_bl->i_data, 0, sizeof(ei_bl->i_data));
188 }
189
190 err = dquot_initialize(inode);
191 if (err)
192 goto err_out1;
193
194 size = (qsize_t)(inode->i_blocks) * (1 << 9) + inode->i_bytes;
195 size_bl = (qsize_t)(inode_bl->i_blocks) * (1 << 9) + inode_bl->i_bytes;
196 diff = size - size_bl;
197 swap_inode_data(inode, inode_bl);
198
199 inode->i_ctime = inode_bl->i_ctime = current_time(inode);
200
201 inode->i_generation = prandom_u32();
202 inode_bl->i_generation = prandom_u32();
203 ext4_reset_inode_seed(inode);
204 ext4_reset_inode_seed(inode_bl);
205
206 ext4_discard_preallocations(inode, 0);
207
208 err = ext4_mark_inode_dirty(handle, inode);
209 if (err < 0) {
210 /* No need to update quota information. */
211 ext4_warning(inode->i_sb,
212 "couldn't mark inode #%lu dirty (err %d)",
213 inode->i_ino, err);
214 /* Revert all changes: */
215 swap_inode_data(inode, inode_bl);
216 ext4_mark_inode_dirty(handle, inode);
217 goto err_out1;
218 }
219
220 blocks = inode_bl->i_blocks;
221 bytes = inode_bl->i_bytes;
222 inode_bl->i_blocks = inode->i_blocks;
223 inode_bl->i_bytes = inode->i_bytes;
224 err = ext4_mark_inode_dirty(handle, inode_bl);
225 if (err < 0) {
226 /* No need to update quota information. */
227 ext4_warning(inode_bl->i_sb,
228 "couldn't mark inode #%lu dirty (err %d)",
229 inode_bl->i_ino, err);
230 goto revert;
231 }
232
233 /* Bootloader inode should not be counted into quota information. */
234 if (diff > 0)
235 dquot_free_space(inode, diff);
236 else
237 err = dquot_alloc_space(inode, -1 * diff);
238
239 if (err < 0) {
240 revert:
241 /* Revert all changes: */
242 inode_bl->i_blocks = blocks;
243 inode_bl->i_bytes = bytes;
244 swap_inode_data(inode, inode_bl);
245 ext4_mark_inode_dirty(handle, inode);
246 ext4_mark_inode_dirty(handle, inode_bl);
247 }
248
249 err_out1:
250 ext4_journal_stop(handle);
251 ext4_fc_stop_ineligible(sb);
252 ext4_double_up_write_data_sem(inode, inode_bl);
253
254 err_out:
255 up_write(&EXT4_I(inode)->i_mmap_sem);
256 journal_err_out:
257 unlock_two_nondirectories(inode, inode_bl);
258 iput(inode_bl);
259 return err;
260 }
261
262 #ifdef CONFIG_FS_ENCRYPTION
uuid_is_zero(__u8 u[16])263 static int uuid_is_zero(__u8 u[16])
264 {
265 int i;
266
267 for (i = 0; i < 16; i++)
268 if (u[i])
269 return 0;
270 return 1;
271 }
272 #endif
273
274 /*
275 * If immutable is set and we are not clearing it, we're not allowed to change
276 * anything else in the inode. Don't error out if we're only trying to set
277 * immutable on an immutable file.
278 */
ext4_ioctl_check_immutable(struct inode * inode,__u32 new_projid,unsigned int flags)279 static int ext4_ioctl_check_immutable(struct inode *inode, __u32 new_projid,
280 unsigned int flags)
281 {
282 struct ext4_inode_info *ei = EXT4_I(inode);
283 unsigned int oldflags = ei->i_flags;
284
285 if (!(oldflags & EXT4_IMMUTABLE_FL) || !(flags & EXT4_IMMUTABLE_FL))
286 return 0;
287
288 if ((oldflags & ~EXT4_IMMUTABLE_FL) != (flags & ~EXT4_IMMUTABLE_FL))
289 return -EPERM;
290 if (ext4_has_feature_project(inode->i_sb) &&
291 __kprojid_val(ei->i_projid) != new_projid)
292 return -EPERM;
293
294 return 0;
295 }
296
ext4_dax_dontcache(struct inode * inode,unsigned int flags)297 static void ext4_dax_dontcache(struct inode *inode, unsigned int flags)
298 {
299 struct ext4_inode_info *ei = EXT4_I(inode);
300
301 if (S_ISDIR(inode->i_mode))
302 return;
303
304 if (test_opt2(inode->i_sb, DAX_NEVER) ||
305 test_opt(inode->i_sb, DAX_ALWAYS))
306 return;
307
308 if ((ei->i_flags ^ flags) & EXT4_DAX_FL)
309 d_mark_dontcache(inode);
310 }
311
dax_compatible(struct inode * inode,unsigned int oldflags,unsigned int flags)312 static bool dax_compatible(struct inode *inode, unsigned int oldflags,
313 unsigned int flags)
314 {
315 /* Allow the DAX flag to be changed on inline directories */
316 if (S_ISDIR(inode->i_mode)) {
317 flags &= ~EXT4_INLINE_DATA_FL;
318 oldflags &= ~EXT4_INLINE_DATA_FL;
319 }
320
321 if (flags & EXT4_DAX_FL) {
322 if ((oldflags & EXT4_DAX_MUT_EXCL) ||
323 ext4_test_inode_state(inode,
324 EXT4_STATE_VERITY_IN_PROGRESS)) {
325 return false;
326 }
327 }
328
329 if ((flags & EXT4_DAX_MUT_EXCL) && (oldflags & EXT4_DAX_FL))
330 return false;
331
332 return true;
333 }
334
ext4_ioctl_setflags(struct inode * inode,unsigned int flags)335 static int ext4_ioctl_setflags(struct inode *inode,
336 unsigned int flags)
337 {
338 struct ext4_inode_info *ei = EXT4_I(inode);
339 handle_t *handle = NULL;
340 int err = -EPERM, migrate = 0;
341 struct ext4_iloc iloc;
342 unsigned int oldflags, mask, i;
343 struct super_block *sb = inode->i_sb;
344
345 /* Is it quota file? Do not allow user to mess with it */
346 if (ext4_is_quota_file(inode))
347 goto flags_out;
348
349 oldflags = ei->i_flags;
350
351 err = vfs_ioc_setflags_prepare(inode, oldflags, flags);
352 if (err)
353 goto flags_out;
354
355 /*
356 * The JOURNAL_DATA flag can only be changed by
357 * the relevant capability.
358 */
359 if ((flags ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
360 if (!capable(CAP_SYS_RESOURCE))
361 goto flags_out;
362 }
363
364 if (!dax_compatible(inode, oldflags, flags)) {
365 err = -EOPNOTSUPP;
366 goto flags_out;
367 }
368
369 if ((flags ^ oldflags) & EXT4_EXTENTS_FL)
370 migrate = 1;
371
372 if ((flags ^ oldflags) & EXT4_CASEFOLD_FL) {
373 if (!ext4_has_feature_casefold(sb)) {
374 err = -EOPNOTSUPP;
375 goto flags_out;
376 }
377
378 if (!S_ISDIR(inode->i_mode)) {
379 err = -ENOTDIR;
380 goto flags_out;
381 }
382
383 if (!ext4_empty_dir(inode)) {
384 err = -ENOTEMPTY;
385 goto flags_out;
386 }
387 }
388
389 /*
390 * Wait for all pending directio and then flush all the dirty pages
391 * for this file. The flush marks all the pages readonly, so any
392 * subsequent attempt to write to the file (particularly mmap pages)
393 * will come through the filesystem and fail.
394 */
395 if (S_ISREG(inode->i_mode) && !IS_IMMUTABLE(inode) &&
396 (flags & EXT4_IMMUTABLE_FL)) {
397 inode_dio_wait(inode);
398 err = filemap_write_and_wait(inode->i_mapping);
399 if (err)
400 goto flags_out;
401 }
402
403 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
404 if (IS_ERR(handle)) {
405 err = PTR_ERR(handle);
406 goto flags_out;
407 }
408 if (IS_SYNC(inode))
409 ext4_handle_sync(handle);
410 err = ext4_reserve_inode_write(handle, inode, &iloc);
411 if (err)
412 goto flags_err;
413
414 ext4_dax_dontcache(inode, flags);
415
416 for (i = 0, mask = 1; i < 32; i++, mask <<= 1) {
417 if (!(mask & EXT4_FL_USER_MODIFIABLE))
418 continue;
419 /* These flags get special treatment later */
420 if (mask == EXT4_JOURNAL_DATA_FL || mask == EXT4_EXTENTS_FL)
421 continue;
422 if (mask & flags)
423 ext4_set_inode_flag(inode, i);
424 else
425 ext4_clear_inode_flag(inode, i);
426 }
427
428 ext4_set_inode_flags(inode, false);
429
430 inode->i_ctime = current_time(inode);
431
432 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
433 flags_err:
434 ext4_journal_stop(handle);
435 if (err)
436 goto flags_out;
437
438 if ((flags ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
439 /*
440 * Changes to the journaling mode can cause unsafe changes to
441 * S_DAX if the inode is DAX
442 */
443 if (IS_DAX(inode)) {
444 err = -EBUSY;
445 goto flags_out;
446 }
447
448 err = ext4_change_inode_journal_flag(inode,
449 flags & EXT4_JOURNAL_DATA_FL);
450 if (err)
451 goto flags_out;
452 }
453 if (migrate) {
454 if (flags & EXT4_EXTENTS_FL)
455 err = ext4_ext_migrate(inode);
456 else
457 err = ext4_ind_migrate(inode);
458 }
459
460 flags_out:
461 return err;
462 }
463
464 #ifdef CONFIG_QUOTA
ext4_ioctl_setproject(struct file * filp,__u32 projid)465 static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
466 {
467 struct inode *inode = file_inode(filp);
468 struct super_block *sb = inode->i_sb;
469 struct ext4_inode_info *ei = EXT4_I(inode);
470 int err, rc;
471 handle_t *handle;
472 kprojid_t kprojid;
473 struct ext4_iloc iloc;
474 struct ext4_inode *raw_inode;
475 struct dquot *transfer_to[MAXQUOTAS] = { };
476
477 if (!ext4_has_feature_project(sb)) {
478 if (projid != EXT4_DEF_PROJID)
479 return -EOPNOTSUPP;
480 else
481 return 0;
482 }
483
484 if (EXT4_INODE_SIZE(sb) <= EXT4_GOOD_OLD_INODE_SIZE)
485 return -EOPNOTSUPP;
486
487 kprojid = make_kprojid(&init_user_ns, (projid_t)projid);
488
489 if (projid_eq(kprojid, EXT4_I(inode)->i_projid))
490 return 0;
491
492 err = -EPERM;
493 /* Is it quota file? Do not allow user to mess with it */
494 if (ext4_is_quota_file(inode))
495 return err;
496
497 err = ext4_get_inode_loc(inode, &iloc);
498 if (err)
499 return err;
500
501 raw_inode = ext4_raw_inode(&iloc);
502 if (!EXT4_FITS_IN_INODE(raw_inode, ei, i_projid)) {
503 err = ext4_expand_extra_isize(inode,
504 EXT4_SB(sb)->s_want_extra_isize,
505 &iloc);
506 if (err)
507 return err;
508 } else {
509 brelse(iloc.bh);
510 }
511
512 err = dquot_initialize(inode);
513 if (err)
514 return err;
515
516 handle = ext4_journal_start(inode, EXT4_HT_QUOTA,
517 EXT4_QUOTA_INIT_BLOCKS(sb) +
518 EXT4_QUOTA_DEL_BLOCKS(sb) + 3);
519 if (IS_ERR(handle))
520 return PTR_ERR(handle);
521
522 err = ext4_reserve_inode_write(handle, inode, &iloc);
523 if (err)
524 goto out_stop;
525
526 transfer_to[PRJQUOTA] = dqget(sb, make_kqid_projid(kprojid));
527 if (!IS_ERR(transfer_to[PRJQUOTA])) {
528
529 /* __dquot_transfer() calls back ext4_get_inode_usage() which
530 * counts xattr inode references.
531 */
532 down_read(&EXT4_I(inode)->xattr_sem);
533 err = __dquot_transfer(inode, transfer_to);
534 up_read(&EXT4_I(inode)->xattr_sem);
535 dqput(transfer_to[PRJQUOTA]);
536 if (err)
537 goto out_dirty;
538 }
539
540 EXT4_I(inode)->i_projid = kprojid;
541 inode->i_ctime = current_time(inode);
542 out_dirty:
543 rc = ext4_mark_iloc_dirty(handle, inode, &iloc);
544 if (!err)
545 err = rc;
546 out_stop:
547 ext4_journal_stop(handle);
548 return err;
549 }
550 #else
ext4_ioctl_setproject(struct file * filp,__u32 projid)551 static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
552 {
553 if (projid != EXT4_DEF_PROJID)
554 return -EOPNOTSUPP;
555 return 0;
556 }
557 #endif
558
559 /* Transfer internal flags to xflags */
ext4_iflags_to_xflags(unsigned long iflags)560 static inline __u32 ext4_iflags_to_xflags(unsigned long iflags)
561 {
562 __u32 xflags = 0;
563
564 if (iflags & EXT4_SYNC_FL)
565 xflags |= FS_XFLAG_SYNC;
566 if (iflags & EXT4_IMMUTABLE_FL)
567 xflags |= FS_XFLAG_IMMUTABLE;
568 if (iflags & EXT4_APPEND_FL)
569 xflags |= FS_XFLAG_APPEND;
570 if (iflags & EXT4_NODUMP_FL)
571 xflags |= FS_XFLAG_NODUMP;
572 if (iflags & EXT4_NOATIME_FL)
573 xflags |= FS_XFLAG_NOATIME;
574 if (iflags & EXT4_PROJINHERIT_FL)
575 xflags |= FS_XFLAG_PROJINHERIT;
576 if (iflags & EXT4_DAX_FL)
577 xflags |= FS_XFLAG_DAX;
578 return xflags;
579 }
580
581 #define EXT4_SUPPORTED_FS_XFLAGS (FS_XFLAG_SYNC | FS_XFLAG_IMMUTABLE | \
582 FS_XFLAG_APPEND | FS_XFLAG_NODUMP | \
583 FS_XFLAG_NOATIME | FS_XFLAG_PROJINHERIT | \
584 FS_XFLAG_DAX)
585
586 /* Transfer xflags flags to internal */
ext4_xflags_to_iflags(__u32 xflags)587 static inline unsigned long ext4_xflags_to_iflags(__u32 xflags)
588 {
589 unsigned long iflags = 0;
590
591 if (xflags & FS_XFLAG_SYNC)
592 iflags |= EXT4_SYNC_FL;
593 if (xflags & FS_XFLAG_IMMUTABLE)
594 iflags |= EXT4_IMMUTABLE_FL;
595 if (xflags & FS_XFLAG_APPEND)
596 iflags |= EXT4_APPEND_FL;
597 if (xflags & FS_XFLAG_NODUMP)
598 iflags |= EXT4_NODUMP_FL;
599 if (xflags & FS_XFLAG_NOATIME)
600 iflags |= EXT4_NOATIME_FL;
601 if (xflags & FS_XFLAG_PROJINHERIT)
602 iflags |= EXT4_PROJINHERIT_FL;
603 if (xflags & FS_XFLAG_DAX)
604 iflags |= EXT4_DAX_FL;
605
606 return iflags;
607 }
608
ext4_shutdown(struct super_block * sb,unsigned long arg)609 static int ext4_shutdown(struct super_block *sb, unsigned long arg)
610 {
611 struct ext4_sb_info *sbi = EXT4_SB(sb);
612 __u32 flags;
613
614 if (!capable(CAP_SYS_ADMIN))
615 return -EPERM;
616
617 if (get_user(flags, (__u32 __user *)arg))
618 return -EFAULT;
619
620 if (flags > EXT4_GOING_FLAGS_NOLOGFLUSH)
621 return -EINVAL;
622
623 if (ext4_forced_shutdown(sbi))
624 return 0;
625
626 ext4_msg(sb, KERN_ALERT, "shut down requested (%d)", flags);
627 trace_ext4_shutdown(sb, flags);
628
629 switch (flags) {
630 case EXT4_GOING_FLAGS_DEFAULT:
631 freeze_bdev(sb->s_bdev);
632 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
633 thaw_bdev(sb->s_bdev, sb);
634 break;
635 case EXT4_GOING_FLAGS_LOGFLUSH:
636 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
637 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) {
638 (void) ext4_force_commit(sb);
639 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
640 }
641 break;
642 case EXT4_GOING_FLAGS_NOLOGFLUSH:
643 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
644 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal))
645 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
646 break;
647 default:
648 return -EINVAL;
649 }
650 clear_opt(sb, DISCARD);
651 return 0;
652 }
653
654 struct getfsmap_info {
655 struct super_block *gi_sb;
656 struct fsmap_head __user *gi_data;
657 unsigned int gi_idx;
658 __u32 gi_last_flags;
659 };
660
ext4_getfsmap_format(struct ext4_fsmap * xfm,void * priv)661 static int ext4_getfsmap_format(struct ext4_fsmap *xfm, void *priv)
662 {
663 struct getfsmap_info *info = priv;
664 struct fsmap fm;
665
666 trace_ext4_getfsmap_mapping(info->gi_sb, xfm);
667
668 info->gi_last_flags = xfm->fmr_flags;
669 ext4_fsmap_from_internal(info->gi_sb, &fm, xfm);
670 if (copy_to_user(&info->gi_data->fmh_recs[info->gi_idx++], &fm,
671 sizeof(struct fsmap)))
672 return -EFAULT;
673
674 return 0;
675 }
676
ext4_ioc_getfsmap(struct super_block * sb,struct fsmap_head __user * arg)677 static int ext4_ioc_getfsmap(struct super_block *sb,
678 struct fsmap_head __user *arg)
679 {
680 struct getfsmap_info info = { NULL };
681 struct ext4_fsmap_head xhead = {0};
682 struct fsmap_head head;
683 bool aborted = false;
684 int error;
685
686 if (copy_from_user(&head, arg, sizeof(struct fsmap_head)))
687 return -EFAULT;
688 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) ||
689 memchr_inv(head.fmh_keys[0].fmr_reserved, 0,
690 sizeof(head.fmh_keys[0].fmr_reserved)) ||
691 memchr_inv(head.fmh_keys[1].fmr_reserved, 0,
692 sizeof(head.fmh_keys[1].fmr_reserved)))
693 return -EINVAL;
694 /*
695 * ext4 doesn't report file extents at all, so the only valid
696 * file offsets are the magic ones (all zeroes or all ones).
697 */
698 if (head.fmh_keys[0].fmr_offset ||
699 (head.fmh_keys[1].fmr_offset != 0 &&
700 head.fmh_keys[1].fmr_offset != -1ULL))
701 return -EINVAL;
702
703 xhead.fmh_iflags = head.fmh_iflags;
704 xhead.fmh_count = head.fmh_count;
705 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[0], &head.fmh_keys[0]);
706 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[1], &head.fmh_keys[1]);
707
708 trace_ext4_getfsmap_low_key(sb, &xhead.fmh_keys[0]);
709 trace_ext4_getfsmap_high_key(sb, &xhead.fmh_keys[1]);
710
711 info.gi_sb = sb;
712 info.gi_data = arg;
713 error = ext4_getfsmap(sb, &xhead, ext4_getfsmap_format, &info);
714 if (error == EXT4_QUERY_RANGE_ABORT) {
715 error = 0;
716 aborted = true;
717 } else if (error)
718 return error;
719
720 /* If we didn't abort, set the "last" flag in the last fmx */
721 if (!aborted && info.gi_idx) {
722 info.gi_last_flags |= FMR_OF_LAST;
723 if (copy_to_user(&info.gi_data->fmh_recs[info.gi_idx - 1].fmr_flags,
724 &info.gi_last_flags,
725 sizeof(info.gi_last_flags)))
726 return -EFAULT;
727 }
728
729 /* copy back header */
730 head.fmh_entries = xhead.fmh_entries;
731 head.fmh_oflags = xhead.fmh_oflags;
732 if (copy_to_user(arg, &head, sizeof(struct fsmap_head)))
733 return -EFAULT;
734
735 return 0;
736 }
737
ext4_ioctl_group_add(struct file * file,struct ext4_new_group_data * input)738 static long ext4_ioctl_group_add(struct file *file,
739 struct ext4_new_group_data *input)
740 {
741 struct super_block *sb = file_inode(file)->i_sb;
742 int err, err2=0;
743
744 err = ext4_resize_begin(sb);
745 if (err)
746 return err;
747
748 if (ext4_has_feature_bigalloc(sb)) {
749 ext4_msg(sb, KERN_ERR,
750 "Online resizing not supported with bigalloc");
751 err = -EOPNOTSUPP;
752 goto group_add_out;
753 }
754
755 err = mnt_want_write_file(file);
756 if (err)
757 goto group_add_out;
758
759 err = ext4_group_add(sb, input);
760 if (EXT4_SB(sb)->s_journal) {
761 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
762 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
763 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
764 }
765 if (err == 0)
766 err = err2;
767 mnt_drop_write_file(file);
768 if (!err && ext4_has_group_desc_csum(sb) &&
769 test_opt(sb, INIT_INODE_TABLE))
770 err = ext4_register_li_request(sb, input->group);
771 group_add_out:
772 ext4_resize_end(sb);
773 return err;
774 }
775
ext4_fill_fsxattr(struct inode * inode,struct fsxattr * fa)776 static void ext4_fill_fsxattr(struct inode *inode, struct fsxattr *fa)
777 {
778 struct ext4_inode_info *ei = EXT4_I(inode);
779
780 simple_fill_fsxattr(fa, ext4_iflags_to_xflags(ei->i_flags &
781 EXT4_FL_USER_VISIBLE));
782
783 if (ext4_has_feature_project(inode->i_sb))
784 fa->fsx_projid = from_kprojid(&init_user_ns, ei->i_projid);
785 }
786
787 /* So that the fiemap access checks can't overflow on 32 bit machines. */
788 #define FIEMAP_MAX_EXTENTS (UINT_MAX / sizeof(struct fiemap_extent))
789
ext4_ioctl_get_es_cache(struct file * filp,unsigned long arg)790 static int ext4_ioctl_get_es_cache(struct file *filp, unsigned long arg)
791 {
792 struct fiemap fiemap;
793 struct fiemap __user *ufiemap = (struct fiemap __user *) arg;
794 struct fiemap_extent_info fieinfo = { 0, };
795 struct inode *inode = file_inode(filp);
796 int error;
797
798 if (copy_from_user(&fiemap, ufiemap, sizeof(fiemap)))
799 return -EFAULT;
800
801 if (fiemap.fm_extent_count > FIEMAP_MAX_EXTENTS)
802 return -EINVAL;
803
804 fieinfo.fi_flags = fiemap.fm_flags;
805 fieinfo.fi_extents_max = fiemap.fm_extent_count;
806 fieinfo.fi_extents_start = ufiemap->fm_extents;
807
808 error = ext4_get_es_cache(inode, &fieinfo, fiemap.fm_start,
809 fiemap.fm_length);
810 fiemap.fm_flags = fieinfo.fi_flags;
811 fiemap.fm_mapped_extents = fieinfo.fi_extents_mapped;
812 if (copy_to_user(ufiemap, &fiemap, sizeof(fiemap)))
813 error = -EFAULT;
814
815 return error;
816 }
817
__ext4_ioctl(struct file * filp,unsigned int cmd,unsigned long arg)818 static long __ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
819 {
820 struct inode *inode = file_inode(filp);
821 struct super_block *sb = inode->i_sb;
822 struct ext4_inode_info *ei = EXT4_I(inode);
823 unsigned int flags;
824
825 ext4_debug("cmd = %u, arg = %lu\n", cmd, arg);
826
827 switch (cmd) {
828 case FS_IOC_GETFSMAP:
829 return ext4_ioc_getfsmap(sb, (void __user *)arg);
830 case FS_IOC_GETFLAGS:
831 flags = ei->i_flags & EXT4_FL_USER_VISIBLE;
832 if (S_ISREG(inode->i_mode))
833 flags &= ~EXT4_PROJINHERIT_FL;
834 return put_user(flags, (int __user *) arg);
835 case FS_IOC_SETFLAGS: {
836 int err;
837
838 if (!inode_owner_or_capable(inode))
839 return -EACCES;
840
841 if (get_user(flags, (int __user *) arg))
842 return -EFAULT;
843
844 if (flags & ~EXT4_FL_USER_VISIBLE)
845 return -EOPNOTSUPP;
846 /*
847 * chattr(1) grabs flags via GETFLAGS, modifies the result and
848 * passes that to SETFLAGS. So we cannot easily make SETFLAGS
849 * more restrictive than just silently masking off visible but
850 * not settable flags as we always did.
851 */
852 flags &= EXT4_FL_USER_MODIFIABLE;
853 if (ext4_mask_flags(inode->i_mode, flags) != flags)
854 return -EOPNOTSUPP;
855
856 err = mnt_want_write_file(filp);
857 if (err)
858 return err;
859
860 inode_lock(inode);
861 err = ext4_ioctl_check_immutable(inode,
862 from_kprojid(&init_user_ns, ei->i_projid),
863 flags);
864 if (!err)
865 err = ext4_ioctl_setflags(inode, flags);
866 inode_unlock(inode);
867 mnt_drop_write_file(filp);
868 return err;
869 }
870 case EXT4_IOC_GETVERSION:
871 case EXT4_IOC_GETVERSION_OLD:
872 return put_user(inode->i_generation, (int __user *) arg);
873 case EXT4_IOC_SETVERSION:
874 case EXT4_IOC_SETVERSION_OLD: {
875 handle_t *handle;
876 struct ext4_iloc iloc;
877 __u32 generation;
878 int err;
879
880 if (!inode_owner_or_capable(inode))
881 return -EPERM;
882
883 if (ext4_has_metadata_csum(inode->i_sb)) {
884 ext4_warning(sb, "Setting inode version is not "
885 "supported with metadata_csum enabled.");
886 return -ENOTTY;
887 }
888
889 err = mnt_want_write_file(filp);
890 if (err)
891 return err;
892 if (get_user(generation, (int __user *) arg)) {
893 err = -EFAULT;
894 goto setversion_out;
895 }
896
897 inode_lock(inode);
898 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
899 if (IS_ERR(handle)) {
900 err = PTR_ERR(handle);
901 goto unlock_out;
902 }
903 err = ext4_reserve_inode_write(handle, inode, &iloc);
904 if (err == 0) {
905 inode->i_ctime = current_time(inode);
906 inode->i_generation = generation;
907 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
908 }
909 ext4_journal_stop(handle);
910
911 unlock_out:
912 inode_unlock(inode);
913 setversion_out:
914 mnt_drop_write_file(filp);
915 return err;
916 }
917 case EXT4_IOC_GROUP_EXTEND: {
918 ext4_fsblk_t n_blocks_count;
919 int err, err2=0;
920
921 err = ext4_resize_begin(sb);
922 if (err)
923 return err;
924
925 if (get_user(n_blocks_count, (__u32 __user *)arg)) {
926 err = -EFAULT;
927 goto group_extend_out;
928 }
929
930 if (ext4_has_feature_bigalloc(sb)) {
931 ext4_msg(sb, KERN_ERR,
932 "Online resizing not supported with bigalloc");
933 err = -EOPNOTSUPP;
934 goto group_extend_out;
935 }
936
937 err = mnt_want_write_file(filp);
938 if (err)
939 goto group_extend_out;
940
941 err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count);
942 if (EXT4_SB(sb)->s_journal) {
943 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
944 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
945 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
946 }
947 if (err == 0)
948 err = err2;
949 mnt_drop_write_file(filp);
950 group_extend_out:
951 ext4_resize_end(sb);
952 return err;
953 }
954
955 case EXT4_IOC_MOVE_EXT: {
956 struct move_extent me;
957 struct fd donor;
958 int err;
959
960 if (!(filp->f_mode & FMODE_READ) ||
961 !(filp->f_mode & FMODE_WRITE))
962 return -EBADF;
963
964 if (copy_from_user(&me,
965 (struct move_extent __user *)arg, sizeof(me)))
966 return -EFAULT;
967 me.moved_len = 0;
968
969 donor = fdget(me.donor_fd);
970 if (!donor.file)
971 return -EBADF;
972
973 if (!(donor.file->f_mode & FMODE_WRITE)) {
974 err = -EBADF;
975 goto mext_out;
976 }
977
978 if (ext4_has_feature_bigalloc(sb)) {
979 ext4_msg(sb, KERN_ERR,
980 "Online defrag not supported with bigalloc");
981 err = -EOPNOTSUPP;
982 goto mext_out;
983 } else if (IS_DAX(inode)) {
984 ext4_msg(sb, KERN_ERR,
985 "Online defrag not supported with DAX");
986 err = -EOPNOTSUPP;
987 goto mext_out;
988 }
989
990 err = mnt_want_write_file(filp);
991 if (err)
992 goto mext_out;
993
994 err = ext4_move_extents(filp, donor.file, me.orig_start,
995 me.donor_start, me.len, &me.moved_len);
996 mnt_drop_write_file(filp);
997
998 if (copy_to_user((struct move_extent __user *)arg,
999 &me, sizeof(me)))
1000 err = -EFAULT;
1001 mext_out:
1002 fdput(donor);
1003 return err;
1004 }
1005
1006 case EXT4_IOC_GROUP_ADD: {
1007 struct ext4_new_group_data input;
1008
1009 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg,
1010 sizeof(input)))
1011 return -EFAULT;
1012
1013 return ext4_ioctl_group_add(filp, &input);
1014 }
1015
1016 case EXT4_IOC_MIGRATE:
1017 {
1018 int err;
1019 if (!inode_owner_or_capable(inode))
1020 return -EACCES;
1021
1022 err = mnt_want_write_file(filp);
1023 if (err)
1024 return err;
1025 /*
1026 * inode_mutex prevent write and truncate on the file.
1027 * Read still goes through. We take i_data_sem in
1028 * ext4_ext_swap_inode_data before we switch the
1029 * inode format to prevent read.
1030 */
1031 inode_lock((inode));
1032 err = ext4_ext_migrate(inode);
1033 inode_unlock((inode));
1034 mnt_drop_write_file(filp);
1035 return err;
1036 }
1037
1038 case EXT4_IOC_ALLOC_DA_BLKS:
1039 {
1040 int err;
1041 if (!inode_owner_or_capable(inode))
1042 return -EACCES;
1043
1044 err = mnt_want_write_file(filp);
1045 if (err)
1046 return err;
1047 err = ext4_alloc_da_blocks(inode);
1048 mnt_drop_write_file(filp);
1049 return err;
1050 }
1051
1052 case EXT4_IOC_SWAP_BOOT:
1053 {
1054 int err;
1055 if (!(filp->f_mode & FMODE_WRITE))
1056 return -EBADF;
1057 err = mnt_want_write_file(filp);
1058 if (err)
1059 return err;
1060 err = swap_inode_boot_loader(sb, inode);
1061 mnt_drop_write_file(filp);
1062 return err;
1063 }
1064
1065 case EXT4_IOC_RESIZE_FS: {
1066 ext4_fsblk_t n_blocks_count;
1067 int err = 0, err2 = 0;
1068 ext4_group_t o_group = EXT4_SB(sb)->s_groups_count;
1069
1070 if (copy_from_user(&n_blocks_count, (__u64 __user *)arg,
1071 sizeof(__u64))) {
1072 return -EFAULT;
1073 }
1074
1075 err = ext4_resize_begin(sb);
1076 if (err)
1077 return err;
1078
1079 err = mnt_want_write_file(filp);
1080 if (err)
1081 goto resizefs_out;
1082
1083 err = ext4_resize_fs(sb, n_blocks_count);
1084 if (EXT4_SB(sb)->s_journal) {
1085 ext4_fc_mark_ineligible(sb, EXT4_FC_REASON_RESIZE);
1086 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
1087 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
1088 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
1089 }
1090 if (err == 0)
1091 err = err2;
1092 mnt_drop_write_file(filp);
1093 if (!err && (o_group < EXT4_SB(sb)->s_groups_count) &&
1094 ext4_has_group_desc_csum(sb) &&
1095 test_opt(sb, INIT_INODE_TABLE))
1096 err = ext4_register_li_request(sb, o_group);
1097
1098 resizefs_out:
1099 ext4_resize_end(sb);
1100 return err;
1101 }
1102
1103 case FITRIM:
1104 {
1105 struct request_queue *q = bdev_get_queue(sb->s_bdev);
1106 struct fstrim_range range;
1107 int ret = 0;
1108
1109 if (!capable(CAP_SYS_ADMIN))
1110 return -EPERM;
1111
1112 if (!blk_queue_discard(q))
1113 return -EOPNOTSUPP;
1114
1115 /*
1116 * We haven't replayed the journal, so we cannot use our
1117 * block-bitmap-guided storage zapping commands.
1118 */
1119 if (test_opt(sb, NOLOAD) && ext4_has_feature_journal(sb))
1120 return -EROFS;
1121
1122 if (copy_from_user(&range, (struct fstrim_range __user *)arg,
1123 sizeof(range)))
1124 return -EFAULT;
1125
1126 ret = ext4_trim_fs(sb, &range);
1127 if (ret < 0)
1128 return ret;
1129
1130 if (copy_to_user((struct fstrim_range __user *)arg, &range,
1131 sizeof(range)))
1132 return -EFAULT;
1133
1134 return 0;
1135 }
1136 case EXT4_IOC_PRECACHE_EXTENTS:
1137 return ext4_ext_precache(inode);
1138
1139 case FS_IOC_SET_ENCRYPTION_POLICY:
1140 if (!ext4_has_feature_encrypt(sb))
1141 return -EOPNOTSUPP;
1142 return fscrypt_ioctl_set_policy(filp, (const void __user *)arg);
1143
1144 case FS_IOC_GET_ENCRYPTION_PWSALT: {
1145 #ifdef CONFIG_FS_ENCRYPTION
1146 int err, err2;
1147 struct ext4_sb_info *sbi = EXT4_SB(sb);
1148 handle_t *handle;
1149
1150 if (!ext4_has_feature_encrypt(sb))
1151 return -EOPNOTSUPP;
1152 if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
1153 err = mnt_want_write_file(filp);
1154 if (err)
1155 return err;
1156 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
1157 if (IS_ERR(handle)) {
1158 err = PTR_ERR(handle);
1159 goto pwsalt_err_exit;
1160 }
1161 err = ext4_journal_get_write_access(handle, sbi->s_sbh);
1162 if (err)
1163 goto pwsalt_err_journal;
1164 lock_buffer(sbi->s_sbh);
1165 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
1166 ext4_superblock_csum_set(sb);
1167 unlock_buffer(sbi->s_sbh);
1168 err = ext4_handle_dirty_metadata(handle, NULL,
1169 sbi->s_sbh);
1170 pwsalt_err_journal:
1171 err2 = ext4_journal_stop(handle);
1172 if (err2 && !err)
1173 err = err2;
1174 pwsalt_err_exit:
1175 mnt_drop_write_file(filp);
1176 if (err)
1177 return err;
1178 }
1179 if (copy_to_user((void __user *) arg,
1180 sbi->s_es->s_encrypt_pw_salt, 16))
1181 return -EFAULT;
1182 return 0;
1183 #else
1184 return -EOPNOTSUPP;
1185 #endif
1186 }
1187 case FS_IOC_GET_ENCRYPTION_POLICY:
1188 if (!ext4_has_feature_encrypt(sb))
1189 return -EOPNOTSUPP;
1190 return fscrypt_ioctl_get_policy(filp, (void __user *)arg);
1191
1192 case FS_IOC_GET_ENCRYPTION_POLICY_EX:
1193 if (!ext4_has_feature_encrypt(sb))
1194 return -EOPNOTSUPP;
1195 return fscrypt_ioctl_get_policy_ex(filp, (void __user *)arg);
1196
1197 case FS_IOC_ADD_ENCRYPTION_KEY:
1198 if (!ext4_has_feature_encrypt(sb))
1199 return -EOPNOTSUPP;
1200 return fscrypt_ioctl_add_key(filp, (void __user *)arg);
1201
1202 case FS_IOC_REMOVE_ENCRYPTION_KEY:
1203 if (!ext4_has_feature_encrypt(sb))
1204 return -EOPNOTSUPP;
1205 return fscrypt_ioctl_remove_key(filp, (void __user *)arg);
1206
1207 case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
1208 if (!ext4_has_feature_encrypt(sb))
1209 return -EOPNOTSUPP;
1210 return fscrypt_ioctl_remove_key_all_users(filp,
1211 (void __user *)arg);
1212 case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
1213 if (!ext4_has_feature_encrypt(sb))
1214 return -EOPNOTSUPP;
1215 return fscrypt_ioctl_get_key_status(filp, (void __user *)arg);
1216
1217 case FS_IOC_GET_ENCRYPTION_NONCE:
1218 if (!ext4_has_feature_encrypt(sb))
1219 return -EOPNOTSUPP;
1220 return fscrypt_ioctl_get_nonce(filp, (void __user *)arg);
1221
1222 case EXT4_IOC_CLEAR_ES_CACHE:
1223 {
1224 if (!inode_owner_or_capable(inode))
1225 return -EACCES;
1226 ext4_clear_inode_es(inode);
1227 return 0;
1228 }
1229
1230 case EXT4_IOC_GETSTATE:
1231 {
1232 __u32 state = 0;
1233
1234 if (ext4_test_inode_state(inode, EXT4_STATE_EXT_PRECACHED))
1235 state |= EXT4_STATE_FLAG_EXT_PRECACHED;
1236 if (ext4_test_inode_state(inode, EXT4_STATE_NEW))
1237 state |= EXT4_STATE_FLAG_NEW;
1238 if (ext4_test_inode_state(inode, EXT4_STATE_NEWENTRY))
1239 state |= EXT4_STATE_FLAG_NEWENTRY;
1240 if (ext4_test_inode_state(inode, EXT4_STATE_DA_ALLOC_CLOSE))
1241 state |= EXT4_STATE_FLAG_DA_ALLOC_CLOSE;
1242
1243 return put_user(state, (__u32 __user *) arg);
1244 }
1245
1246 case EXT4_IOC_GET_ES_CACHE:
1247 return ext4_ioctl_get_es_cache(filp, arg);
1248
1249 case FS_IOC_FSGETXATTR:
1250 {
1251 struct fsxattr fa;
1252
1253 ext4_fill_fsxattr(inode, &fa);
1254
1255 if (copy_to_user((struct fsxattr __user *)arg,
1256 &fa, sizeof(fa)))
1257 return -EFAULT;
1258 return 0;
1259 }
1260 case FS_IOC_FSSETXATTR:
1261 {
1262 struct fsxattr fa, old_fa;
1263 int err;
1264
1265 if (copy_from_user(&fa, (struct fsxattr __user *)arg,
1266 sizeof(fa)))
1267 return -EFAULT;
1268
1269 /* Make sure caller has proper permission */
1270 if (!inode_owner_or_capable(inode))
1271 return -EACCES;
1272
1273 if (fa.fsx_xflags & ~EXT4_SUPPORTED_FS_XFLAGS)
1274 return -EOPNOTSUPP;
1275
1276 flags = ext4_xflags_to_iflags(fa.fsx_xflags);
1277 if (ext4_mask_flags(inode->i_mode, flags) != flags)
1278 return -EOPNOTSUPP;
1279
1280 err = mnt_want_write_file(filp);
1281 if (err)
1282 return err;
1283
1284 inode_lock(inode);
1285 ext4_fill_fsxattr(inode, &old_fa);
1286 err = vfs_ioc_fssetxattr_check(inode, &old_fa, &fa);
1287 if (err)
1288 goto out;
1289 flags = (ei->i_flags & ~EXT4_FL_XFLAG_VISIBLE) |
1290 (flags & EXT4_FL_XFLAG_VISIBLE);
1291 err = ext4_ioctl_check_immutable(inode, fa.fsx_projid, flags);
1292 if (err)
1293 goto out;
1294 err = ext4_ioctl_setflags(inode, flags);
1295 if (err)
1296 goto out;
1297 err = ext4_ioctl_setproject(filp, fa.fsx_projid);
1298 out:
1299 inode_unlock(inode);
1300 mnt_drop_write_file(filp);
1301 return err;
1302 }
1303 case EXT4_IOC_SHUTDOWN:
1304 return ext4_shutdown(sb, arg);
1305
1306 case FS_IOC_ENABLE_VERITY:
1307 if (!ext4_has_feature_verity(sb))
1308 return -EOPNOTSUPP;
1309 return fsverity_ioctl_enable(filp, (const void __user *)arg);
1310
1311 case FS_IOC_MEASURE_VERITY:
1312 if (!ext4_has_feature_verity(sb))
1313 return -EOPNOTSUPP;
1314 return fsverity_ioctl_measure(filp, (void __user *)arg);
1315
1316 default:
1317 return -ENOTTY;
1318 }
1319 }
1320
ext4_ioctl(struct file * filp,unsigned int cmd,unsigned long arg)1321 long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
1322 {
1323 long ret;
1324
1325 ext4_fc_start_update(file_inode(filp));
1326 ret = __ext4_ioctl(filp, cmd, arg);
1327 ext4_fc_stop_update(file_inode(filp));
1328
1329 return ret;
1330 }
1331
1332 #ifdef CONFIG_COMPAT
ext4_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1333 long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1334 {
1335 /* These are just misnamed, they actually get/put from/to user an int */
1336 switch (cmd) {
1337 case FS_IOC32_GETFLAGS:
1338 cmd = FS_IOC_GETFLAGS;
1339 break;
1340 case FS_IOC32_SETFLAGS:
1341 cmd = FS_IOC_SETFLAGS;
1342 break;
1343 case EXT4_IOC32_GETVERSION:
1344 cmd = EXT4_IOC_GETVERSION;
1345 break;
1346 case EXT4_IOC32_SETVERSION:
1347 cmd = EXT4_IOC_SETVERSION;
1348 break;
1349 case EXT4_IOC32_GROUP_EXTEND:
1350 cmd = EXT4_IOC_GROUP_EXTEND;
1351 break;
1352 case EXT4_IOC32_GETVERSION_OLD:
1353 cmd = EXT4_IOC_GETVERSION_OLD;
1354 break;
1355 case EXT4_IOC32_SETVERSION_OLD:
1356 cmd = EXT4_IOC_SETVERSION_OLD;
1357 break;
1358 case EXT4_IOC32_GETRSVSZ:
1359 cmd = EXT4_IOC_GETRSVSZ;
1360 break;
1361 case EXT4_IOC32_SETRSVSZ:
1362 cmd = EXT4_IOC_SETRSVSZ;
1363 break;
1364 case EXT4_IOC32_GROUP_ADD: {
1365 struct compat_ext4_new_group_input __user *uinput;
1366 struct ext4_new_group_data input;
1367 int err;
1368
1369 uinput = compat_ptr(arg);
1370 err = get_user(input.group, &uinput->group);
1371 err |= get_user(input.block_bitmap, &uinput->block_bitmap);
1372 err |= get_user(input.inode_bitmap, &uinput->inode_bitmap);
1373 err |= get_user(input.inode_table, &uinput->inode_table);
1374 err |= get_user(input.blocks_count, &uinput->blocks_count);
1375 err |= get_user(input.reserved_blocks,
1376 &uinput->reserved_blocks);
1377 if (err)
1378 return -EFAULT;
1379 return ext4_ioctl_group_add(file, &input);
1380 }
1381 case EXT4_IOC_MOVE_EXT:
1382 case EXT4_IOC_RESIZE_FS:
1383 case FITRIM:
1384 case EXT4_IOC_PRECACHE_EXTENTS:
1385 case FS_IOC_SET_ENCRYPTION_POLICY:
1386 case FS_IOC_GET_ENCRYPTION_PWSALT:
1387 case FS_IOC_GET_ENCRYPTION_POLICY:
1388 case FS_IOC_GET_ENCRYPTION_POLICY_EX:
1389 case FS_IOC_ADD_ENCRYPTION_KEY:
1390 case FS_IOC_REMOVE_ENCRYPTION_KEY:
1391 case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
1392 case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
1393 case FS_IOC_GET_ENCRYPTION_NONCE:
1394 case EXT4_IOC_SHUTDOWN:
1395 case FS_IOC_GETFSMAP:
1396 case FS_IOC_ENABLE_VERITY:
1397 case FS_IOC_MEASURE_VERITY:
1398 case EXT4_IOC_CLEAR_ES_CACHE:
1399 case EXT4_IOC_GETSTATE:
1400 case EXT4_IOC_GET_ES_CACHE:
1401 case FS_IOC_FSGETXATTR:
1402 case FS_IOC_FSSETXATTR:
1403 break;
1404 default:
1405 return -ENOIOCTLCMD;
1406 }
1407 return ext4_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
1408 }
1409 #endif
1410