1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * linux/fs/ext4/ioctl.c
4 *
5 * Copyright (C) 1993, 1994, 1995
6 * Remy Card (card@masi.ibp.fr)
7 * Laboratoire MASI - Institut Blaise Pascal
8 * Universite Pierre et Marie Curie (Paris VI)
9 */
10
11 #include <linux/fs.h>
12 #include <linux/capability.h>
13 #include <linux/time.h>
14 #include <linux/compat.h>
15 #include <linux/mount.h>
16 #include <linux/file.h>
17 #include <linux/quotaops.h>
18 #include <linux/random.h>
19 #include <linux/uuid.h>
20 #include <linux/uaccess.h>
21 #include <linux/delay.h>
22 #include <linux/iversion.h>
23 #include "ext4_jbd2.h"
24 #include "ext4.h"
25 #include <linux/fsmap.h>
26 #include "fsmap.h"
27 #include <trace/events/ext4.h>
28
29 /**
30 * Swap memory between @a and @b for @len bytes.
31 *
32 * @a: pointer to first memory area
33 * @b: pointer to second memory area
34 * @len: number of bytes to swap
35 *
36 */
memswap(void * a,void * b,size_t len)37 static void memswap(void *a, void *b, size_t len)
38 {
39 unsigned char *ap, *bp;
40
41 ap = (unsigned char *)a;
42 bp = (unsigned char *)b;
43 while (len-- > 0) {
44 swap(*ap, *bp);
45 ap++;
46 bp++;
47 }
48 }
49
50 /**
51 * Swap i_data and associated attributes between @inode1 and @inode2.
52 * This function is used for the primary swap between inode1 and inode2
53 * and also to revert this primary swap in case of errors.
54 *
55 * Therefore you have to make sure, that calling this method twice
56 * will revert all changes.
57 *
58 * @inode1: pointer to first inode
59 * @inode2: pointer to second inode
60 */
swap_inode_data(struct inode * inode1,struct inode * inode2)61 static void swap_inode_data(struct inode *inode1, struct inode *inode2)
62 {
63 loff_t isize;
64 struct ext4_inode_info *ei1;
65 struct ext4_inode_info *ei2;
66 unsigned long tmp;
67
68 ei1 = EXT4_I(inode1);
69 ei2 = EXT4_I(inode2);
70
71 swap(inode1->i_version, inode2->i_version);
72 swap(inode1->i_atime, inode2->i_atime);
73 swap(inode1->i_mtime, inode2->i_mtime);
74
75 memswap(ei1->i_data, ei2->i_data, sizeof(ei1->i_data));
76 tmp = ei1->i_flags & EXT4_FL_SHOULD_SWAP;
77 ei1->i_flags = (ei2->i_flags & EXT4_FL_SHOULD_SWAP) |
78 (ei1->i_flags & ~EXT4_FL_SHOULD_SWAP);
79 ei2->i_flags = tmp | (ei2->i_flags & ~EXT4_FL_SHOULD_SWAP);
80 swap(ei1->i_disksize, ei2->i_disksize);
81 ext4_es_remove_extent(inode1, 0, EXT_MAX_BLOCKS);
82 ext4_es_remove_extent(inode2, 0, EXT_MAX_BLOCKS);
83
84 isize = i_size_read(inode1);
85 i_size_write(inode1, i_size_read(inode2));
86 i_size_write(inode2, isize);
87 }
88
ext4_reset_inode_seed(struct inode * inode)89 void ext4_reset_inode_seed(struct inode *inode)
90 {
91 struct ext4_inode_info *ei = EXT4_I(inode);
92 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
93 __le32 inum = cpu_to_le32(inode->i_ino);
94 __le32 gen = cpu_to_le32(inode->i_generation);
95 __u32 csum;
96
97 if (!ext4_has_metadata_csum(inode->i_sb))
98 return;
99
100 csum = ext4_chksum(sbi, sbi->s_csum_seed, (__u8 *)&inum, sizeof(inum));
101 ei->i_csum_seed = ext4_chksum(sbi, csum, (__u8 *)&gen, sizeof(gen));
102 }
103
104 /**
105 * Swap the information from the given @inode and the inode
106 * EXT4_BOOT_LOADER_INO. It will basically swap i_data and all other
107 * important fields of the inodes.
108 *
109 * @sb: the super block of the filesystem
110 * @inode: the inode to swap with EXT4_BOOT_LOADER_INO
111 *
112 */
swap_inode_boot_loader(struct super_block * sb,struct inode * inode)113 static long swap_inode_boot_loader(struct super_block *sb,
114 struct inode *inode)
115 {
116 handle_t *handle;
117 int err;
118 struct inode *inode_bl;
119 struct ext4_inode_info *ei_bl;
120 qsize_t size, size_bl, diff;
121 blkcnt_t blocks;
122 unsigned short bytes;
123
124 inode_bl = ext4_iget(sb, EXT4_BOOT_LOADER_INO,
125 EXT4_IGET_SPECIAL | EXT4_IGET_BAD);
126 if (IS_ERR(inode_bl))
127 return PTR_ERR(inode_bl);
128 ei_bl = EXT4_I(inode_bl);
129
130 /* Protect orig inodes against a truncate and make sure,
131 * that only 1 swap_inode_boot_loader is running. */
132 lock_two_nondirectories(inode, inode_bl);
133
134 if (inode->i_nlink != 1 || !S_ISREG(inode->i_mode) ||
135 IS_SWAPFILE(inode) || IS_ENCRYPTED(inode) ||
136 (EXT4_I(inode)->i_flags & EXT4_JOURNAL_DATA_FL) ||
137 ext4_has_inline_data(inode)) {
138 err = -EINVAL;
139 goto journal_err_out;
140 }
141
142 if (IS_RDONLY(inode) || IS_APPEND(inode) || IS_IMMUTABLE(inode) ||
143 !inode_owner_or_capable(inode) || !capable(CAP_SYS_ADMIN)) {
144 err = -EPERM;
145 goto journal_err_out;
146 }
147
148 down_write(&EXT4_I(inode)->i_mmap_sem);
149 err = filemap_write_and_wait(inode->i_mapping);
150 if (err)
151 goto err_out;
152
153 err = filemap_write_and_wait(inode_bl->i_mapping);
154 if (err)
155 goto err_out;
156
157 /* Wait for all existing dio workers */
158 inode_dio_wait(inode);
159 inode_dio_wait(inode_bl);
160
161 truncate_inode_pages(&inode->i_data, 0);
162 truncate_inode_pages(&inode_bl->i_data, 0);
163
164 handle = ext4_journal_start(inode_bl, EXT4_HT_MOVE_EXTENTS, 2);
165 if (IS_ERR(handle)) {
166 err = -EINVAL;
167 goto err_out;
168 }
169 ext4_fc_start_ineligible(sb, EXT4_FC_REASON_SWAP_BOOT);
170
171 /* Protect extent tree against block allocations via delalloc */
172 ext4_double_down_write_data_sem(inode, inode_bl);
173
174 if (is_bad_inode(inode_bl) || !S_ISREG(inode_bl->i_mode)) {
175 /* this inode has never been used as a BOOT_LOADER */
176 set_nlink(inode_bl, 1);
177 i_uid_write(inode_bl, 0);
178 i_gid_write(inode_bl, 0);
179 inode_bl->i_flags = 0;
180 ei_bl->i_flags = 0;
181 inode_set_iversion(inode_bl, 1);
182 i_size_write(inode_bl, 0);
183 inode_bl->i_mode = S_IFREG;
184 if (ext4_has_feature_extents(sb)) {
185 ext4_set_inode_flag(inode_bl, EXT4_INODE_EXTENTS);
186 ext4_ext_tree_init(handle, inode_bl);
187 } else
188 memset(ei_bl->i_data, 0, sizeof(ei_bl->i_data));
189 }
190
191 err = dquot_initialize(inode);
192 if (err)
193 goto err_out1;
194
195 size = (qsize_t)(inode->i_blocks) * (1 << 9) + inode->i_bytes;
196 size_bl = (qsize_t)(inode_bl->i_blocks) * (1 << 9) + inode_bl->i_bytes;
197 diff = size - size_bl;
198 swap_inode_data(inode, inode_bl);
199
200 inode->i_ctime = inode_bl->i_ctime = current_time(inode);
201
202 inode->i_generation = prandom_u32();
203 inode_bl->i_generation = prandom_u32();
204 ext4_reset_inode_seed(inode);
205 ext4_reset_inode_seed(inode_bl);
206
207 ext4_discard_preallocations(inode, 0);
208
209 err = ext4_mark_inode_dirty(handle, inode);
210 if (err < 0) {
211 /* No need to update quota information. */
212 ext4_warning(inode->i_sb,
213 "couldn't mark inode #%lu dirty (err %d)",
214 inode->i_ino, err);
215 /* Revert all changes: */
216 swap_inode_data(inode, inode_bl);
217 ext4_mark_inode_dirty(handle, inode);
218 goto err_out1;
219 }
220
221 blocks = inode_bl->i_blocks;
222 bytes = inode_bl->i_bytes;
223 inode_bl->i_blocks = inode->i_blocks;
224 inode_bl->i_bytes = inode->i_bytes;
225 err = ext4_mark_inode_dirty(handle, inode_bl);
226 if (err < 0) {
227 /* No need to update quota information. */
228 ext4_warning(inode_bl->i_sb,
229 "couldn't mark inode #%lu dirty (err %d)",
230 inode_bl->i_ino, err);
231 goto revert;
232 }
233
234 /* Bootloader inode should not be counted into quota information. */
235 if (diff > 0)
236 dquot_free_space(inode, diff);
237 else
238 err = dquot_alloc_space(inode, -1 * diff);
239
240 if (err < 0) {
241 revert:
242 /* Revert all changes: */
243 inode_bl->i_blocks = blocks;
244 inode_bl->i_bytes = bytes;
245 swap_inode_data(inode, inode_bl);
246 ext4_mark_inode_dirty(handle, inode);
247 ext4_mark_inode_dirty(handle, inode_bl);
248 }
249
250 err_out1:
251 ext4_journal_stop(handle);
252 ext4_fc_stop_ineligible(sb);
253 ext4_double_up_write_data_sem(inode, inode_bl);
254
255 err_out:
256 up_write(&EXT4_I(inode)->i_mmap_sem);
257 journal_err_out:
258 unlock_two_nondirectories(inode, inode_bl);
259 iput(inode_bl);
260 return err;
261 }
262
263 #ifdef CONFIG_FS_ENCRYPTION
uuid_is_zero(__u8 u[16])264 static int uuid_is_zero(__u8 u[16])
265 {
266 int i;
267
268 for (i = 0; i < 16; i++)
269 if (u[i])
270 return 0;
271 return 1;
272 }
273 #endif
274
275 /*
276 * If immutable is set and we are not clearing it, we're not allowed to change
277 * anything else in the inode. Don't error out if we're only trying to set
278 * immutable on an immutable file.
279 */
ext4_ioctl_check_immutable(struct inode * inode,__u32 new_projid,unsigned int flags)280 static int ext4_ioctl_check_immutable(struct inode *inode, __u32 new_projid,
281 unsigned int flags)
282 {
283 struct ext4_inode_info *ei = EXT4_I(inode);
284 unsigned int oldflags = ei->i_flags;
285
286 if (!(oldflags & EXT4_IMMUTABLE_FL) || !(flags & EXT4_IMMUTABLE_FL))
287 return 0;
288
289 if ((oldflags & ~EXT4_IMMUTABLE_FL) != (flags & ~EXT4_IMMUTABLE_FL))
290 return -EPERM;
291 if (ext4_has_feature_project(inode->i_sb) &&
292 __kprojid_val(ei->i_projid) != new_projid)
293 return -EPERM;
294
295 return 0;
296 }
297
ext4_dax_dontcache(struct inode * inode,unsigned int flags)298 static void ext4_dax_dontcache(struct inode *inode, unsigned int flags)
299 {
300 struct ext4_inode_info *ei = EXT4_I(inode);
301
302 if (S_ISDIR(inode->i_mode))
303 return;
304
305 if (test_opt2(inode->i_sb, DAX_NEVER) ||
306 test_opt(inode->i_sb, DAX_ALWAYS))
307 return;
308
309 if ((ei->i_flags ^ flags) & EXT4_DAX_FL)
310 d_mark_dontcache(inode);
311 }
312
dax_compatible(struct inode * inode,unsigned int oldflags,unsigned int flags)313 static bool dax_compatible(struct inode *inode, unsigned int oldflags,
314 unsigned int flags)
315 {
316 /* Allow the DAX flag to be changed on inline directories */
317 if (S_ISDIR(inode->i_mode)) {
318 flags &= ~EXT4_INLINE_DATA_FL;
319 oldflags &= ~EXT4_INLINE_DATA_FL;
320 }
321
322 if (flags & EXT4_DAX_FL) {
323 if ((oldflags & EXT4_DAX_MUT_EXCL) ||
324 ext4_test_inode_state(inode,
325 EXT4_STATE_VERITY_IN_PROGRESS)) {
326 return false;
327 }
328 }
329
330 if ((flags & EXT4_DAX_MUT_EXCL) && (oldflags & EXT4_DAX_FL))
331 return false;
332
333 return true;
334 }
335
ext4_ioctl_setflags(struct inode * inode,unsigned int flags)336 static int ext4_ioctl_setflags(struct inode *inode,
337 unsigned int flags)
338 {
339 struct ext4_inode_info *ei = EXT4_I(inode);
340 handle_t *handle = NULL;
341 int err = -EPERM, migrate = 0;
342 struct ext4_iloc iloc;
343 unsigned int oldflags, mask, i;
344 struct super_block *sb = inode->i_sb;
345
346 /* Is it quota file? Do not allow user to mess with it */
347 if (ext4_is_quota_file(inode))
348 goto flags_out;
349
350 oldflags = ei->i_flags;
351
352 err = vfs_ioc_setflags_prepare(inode, oldflags, flags);
353 if (err)
354 goto flags_out;
355
356 /*
357 * The JOURNAL_DATA flag can only be changed by
358 * the relevant capability.
359 */
360 if ((flags ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
361 if (!capable(CAP_SYS_RESOURCE))
362 goto flags_out;
363 }
364
365 if (!dax_compatible(inode, oldflags, flags)) {
366 err = -EOPNOTSUPP;
367 goto flags_out;
368 }
369
370 if ((flags ^ oldflags) & EXT4_EXTENTS_FL)
371 migrate = 1;
372
373 if ((flags ^ oldflags) & EXT4_CASEFOLD_FL) {
374 if (!ext4_has_feature_casefold(sb)) {
375 err = -EOPNOTSUPP;
376 goto flags_out;
377 }
378
379 if (!S_ISDIR(inode->i_mode)) {
380 err = -ENOTDIR;
381 goto flags_out;
382 }
383
384 if (!ext4_empty_dir(inode)) {
385 err = -ENOTEMPTY;
386 goto flags_out;
387 }
388 }
389
390 /*
391 * Wait for all pending directio and then flush all the dirty pages
392 * for this file. The flush marks all the pages readonly, so any
393 * subsequent attempt to write to the file (particularly mmap pages)
394 * will come through the filesystem and fail.
395 */
396 if (S_ISREG(inode->i_mode) && !IS_IMMUTABLE(inode) &&
397 (flags & EXT4_IMMUTABLE_FL)) {
398 inode_dio_wait(inode);
399 err = filemap_write_and_wait(inode->i_mapping);
400 if (err)
401 goto flags_out;
402 }
403
404 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
405 if (IS_ERR(handle)) {
406 err = PTR_ERR(handle);
407 goto flags_out;
408 }
409 if (IS_SYNC(inode))
410 ext4_handle_sync(handle);
411 err = ext4_reserve_inode_write(handle, inode, &iloc);
412 if (err)
413 goto flags_err;
414
415 ext4_dax_dontcache(inode, flags);
416
417 for (i = 0, mask = 1; i < 32; i++, mask <<= 1) {
418 if (!(mask & EXT4_FL_USER_MODIFIABLE))
419 continue;
420 /* These flags get special treatment later */
421 if (mask == EXT4_JOURNAL_DATA_FL || mask == EXT4_EXTENTS_FL)
422 continue;
423 if (mask & flags)
424 ext4_set_inode_flag(inode, i);
425 else
426 ext4_clear_inode_flag(inode, i);
427 }
428
429 ext4_set_inode_flags(inode, false);
430
431 inode->i_ctime = current_time(inode);
432
433 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
434 flags_err:
435 ext4_journal_stop(handle);
436 if (err)
437 goto flags_out;
438
439 if ((flags ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
440 /*
441 * Changes to the journaling mode can cause unsafe changes to
442 * S_DAX if the inode is DAX
443 */
444 if (IS_DAX(inode)) {
445 err = -EBUSY;
446 goto flags_out;
447 }
448
449 err = ext4_change_inode_journal_flag(inode,
450 flags & EXT4_JOURNAL_DATA_FL);
451 if (err)
452 goto flags_out;
453 }
454 if (migrate) {
455 if (flags & EXT4_EXTENTS_FL)
456 err = ext4_ext_migrate(inode);
457 else
458 err = ext4_ind_migrate(inode);
459 }
460
461 flags_out:
462 return err;
463 }
464
465 #ifdef CONFIG_QUOTA
ext4_ioctl_setproject(struct file * filp,__u32 projid)466 static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
467 {
468 struct inode *inode = file_inode(filp);
469 struct super_block *sb = inode->i_sb;
470 struct ext4_inode_info *ei = EXT4_I(inode);
471 int err, rc;
472 handle_t *handle;
473 kprojid_t kprojid;
474 struct ext4_iloc iloc;
475 struct ext4_inode *raw_inode;
476 struct dquot *transfer_to[MAXQUOTAS] = { };
477
478 if (!ext4_has_feature_project(sb)) {
479 if (projid != EXT4_DEF_PROJID)
480 return -EOPNOTSUPP;
481 else
482 return 0;
483 }
484
485 if (EXT4_INODE_SIZE(sb) <= EXT4_GOOD_OLD_INODE_SIZE)
486 return -EOPNOTSUPP;
487
488 kprojid = make_kprojid(&init_user_ns, (projid_t)projid);
489
490 if (projid_eq(kprojid, EXT4_I(inode)->i_projid))
491 return 0;
492
493 err = -EPERM;
494 /* Is it quota file? Do not allow user to mess with it */
495 if (ext4_is_quota_file(inode))
496 return err;
497
498 err = dquot_initialize(inode);
499 if (err)
500 return err;
501
502 err = ext4_get_inode_loc(inode, &iloc);
503 if (err)
504 return err;
505
506 raw_inode = ext4_raw_inode(&iloc);
507 if (!EXT4_FITS_IN_INODE(raw_inode, ei, i_projid)) {
508 err = ext4_expand_extra_isize(inode,
509 EXT4_SB(sb)->s_want_extra_isize,
510 &iloc);
511 if (err)
512 return err;
513 } else {
514 brelse(iloc.bh);
515 }
516
517 handle = ext4_journal_start(inode, EXT4_HT_QUOTA,
518 EXT4_QUOTA_INIT_BLOCKS(sb) +
519 EXT4_QUOTA_DEL_BLOCKS(sb) + 3);
520 if (IS_ERR(handle))
521 return PTR_ERR(handle);
522
523 err = ext4_reserve_inode_write(handle, inode, &iloc);
524 if (err)
525 goto out_stop;
526
527 transfer_to[PRJQUOTA] = dqget(sb, make_kqid_projid(kprojid));
528 if (!IS_ERR(transfer_to[PRJQUOTA])) {
529
530 /* __dquot_transfer() calls back ext4_get_inode_usage() which
531 * counts xattr inode references.
532 */
533 down_read(&EXT4_I(inode)->xattr_sem);
534 err = __dquot_transfer(inode, transfer_to);
535 up_read(&EXT4_I(inode)->xattr_sem);
536 dqput(transfer_to[PRJQUOTA]);
537 if (err)
538 goto out_dirty;
539 }
540
541 EXT4_I(inode)->i_projid = kprojid;
542 inode->i_ctime = current_time(inode);
543 out_dirty:
544 rc = ext4_mark_iloc_dirty(handle, inode, &iloc);
545 if (!err)
546 err = rc;
547 out_stop:
548 ext4_journal_stop(handle);
549 return err;
550 }
551 #else
ext4_ioctl_setproject(struct file * filp,__u32 projid)552 static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
553 {
554 if (projid != EXT4_DEF_PROJID)
555 return -EOPNOTSUPP;
556 return 0;
557 }
558 #endif
559
560 /* Transfer internal flags to xflags */
ext4_iflags_to_xflags(unsigned long iflags)561 static inline __u32 ext4_iflags_to_xflags(unsigned long iflags)
562 {
563 __u32 xflags = 0;
564
565 if (iflags & EXT4_SYNC_FL)
566 xflags |= FS_XFLAG_SYNC;
567 if (iflags & EXT4_IMMUTABLE_FL)
568 xflags |= FS_XFLAG_IMMUTABLE;
569 if (iflags & EXT4_APPEND_FL)
570 xflags |= FS_XFLAG_APPEND;
571 if (iflags & EXT4_NODUMP_FL)
572 xflags |= FS_XFLAG_NODUMP;
573 if (iflags & EXT4_NOATIME_FL)
574 xflags |= FS_XFLAG_NOATIME;
575 if (iflags & EXT4_PROJINHERIT_FL)
576 xflags |= FS_XFLAG_PROJINHERIT;
577 if (iflags & EXT4_DAX_FL)
578 xflags |= FS_XFLAG_DAX;
579 return xflags;
580 }
581
582 #define EXT4_SUPPORTED_FS_XFLAGS (FS_XFLAG_SYNC | FS_XFLAG_IMMUTABLE | \
583 FS_XFLAG_APPEND | FS_XFLAG_NODUMP | \
584 FS_XFLAG_NOATIME | FS_XFLAG_PROJINHERIT | \
585 FS_XFLAG_DAX)
586
587 /* Transfer xflags flags to internal */
ext4_xflags_to_iflags(__u32 xflags)588 static inline unsigned long ext4_xflags_to_iflags(__u32 xflags)
589 {
590 unsigned long iflags = 0;
591
592 if (xflags & FS_XFLAG_SYNC)
593 iflags |= EXT4_SYNC_FL;
594 if (xflags & FS_XFLAG_IMMUTABLE)
595 iflags |= EXT4_IMMUTABLE_FL;
596 if (xflags & FS_XFLAG_APPEND)
597 iflags |= EXT4_APPEND_FL;
598 if (xflags & FS_XFLAG_NODUMP)
599 iflags |= EXT4_NODUMP_FL;
600 if (xflags & FS_XFLAG_NOATIME)
601 iflags |= EXT4_NOATIME_FL;
602 if (xflags & FS_XFLAG_PROJINHERIT)
603 iflags |= EXT4_PROJINHERIT_FL;
604 if (xflags & FS_XFLAG_DAX)
605 iflags |= EXT4_DAX_FL;
606
607 return iflags;
608 }
609
ext4_shutdown(struct super_block * sb,unsigned long arg)610 static int ext4_shutdown(struct super_block *sb, unsigned long arg)
611 {
612 struct ext4_sb_info *sbi = EXT4_SB(sb);
613 __u32 flags;
614
615 if (!capable(CAP_SYS_ADMIN))
616 return -EPERM;
617
618 if (get_user(flags, (__u32 __user *)arg))
619 return -EFAULT;
620
621 if (flags > EXT4_GOING_FLAGS_NOLOGFLUSH)
622 return -EINVAL;
623
624 if (ext4_forced_shutdown(sbi))
625 return 0;
626
627 ext4_msg(sb, KERN_ALERT, "shut down requested (%d)", flags);
628 trace_ext4_shutdown(sb, flags);
629
630 switch (flags) {
631 case EXT4_GOING_FLAGS_DEFAULT:
632 freeze_bdev(sb->s_bdev);
633 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
634 thaw_bdev(sb->s_bdev, sb);
635 break;
636 case EXT4_GOING_FLAGS_LOGFLUSH:
637 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
638 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) {
639 (void) ext4_force_commit(sb);
640 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
641 }
642 break;
643 case EXT4_GOING_FLAGS_NOLOGFLUSH:
644 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
645 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal))
646 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
647 break;
648 default:
649 return -EINVAL;
650 }
651 clear_opt(sb, DISCARD);
652 return 0;
653 }
654
655 struct getfsmap_info {
656 struct super_block *gi_sb;
657 struct fsmap_head __user *gi_data;
658 unsigned int gi_idx;
659 __u32 gi_last_flags;
660 };
661
ext4_getfsmap_format(struct ext4_fsmap * xfm,void * priv)662 static int ext4_getfsmap_format(struct ext4_fsmap *xfm, void *priv)
663 {
664 struct getfsmap_info *info = priv;
665 struct fsmap fm;
666
667 trace_ext4_getfsmap_mapping(info->gi_sb, xfm);
668
669 info->gi_last_flags = xfm->fmr_flags;
670 ext4_fsmap_from_internal(info->gi_sb, &fm, xfm);
671 if (copy_to_user(&info->gi_data->fmh_recs[info->gi_idx++], &fm,
672 sizeof(struct fsmap)))
673 return -EFAULT;
674
675 return 0;
676 }
677
ext4_ioc_getfsmap(struct super_block * sb,struct fsmap_head __user * arg)678 static int ext4_ioc_getfsmap(struct super_block *sb,
679 struct fsmap_head __user *arg)
680 {
681 struct getfsmap_info info = { NULL };
682 struct ext4_fsmap_head xhead = {0};
683 struct fsmap_head head;
684 bool aborted = false;
685 int error;
686
687 if (copy_from_user(&head, arg, sizeof(struct fsmap_head)))
688 return -EFAULT;
689 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) ||
690 memchr_inv(head.fmh_keys[0].fmr_reserved, 0,
691 sizeof(head.fmh_keys[0].fmr_reserved)) ||
692 memchr_inv(head.fmh_keys[1].fmr_reserved, 0,
693 sizeof(head.fmh_keys[1].fmr_reserved)))
694 return -EINVAL;
695 /*
696 * ext4 doesn't report file extents at all, so the only valid
697 * file offsets are the magic ones (all zeroes or all ones).
698 */
699 if (head.fmh_keys[0].fmr_offset ||
700 (head.fmh_keys[1].fmr_offset != 0 &&
701 head.fmh_keys[1].fmr_offset != -1ULL))
702 return -EINVAL;
703
704 xhead.fmh_iflags = head.fmh_iflags;
705 xhead.fmh_count = head.fmh_count;
706 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[0], &head.fmh_keys[0]);
707 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[1], &head.fmh_keys[1]);
708
709 trace_ext4_getfsmap_low_key(sb, &xhead.fmh_keys[0]);
710 trace_ext4_getfsmap_high_key(sb, &xhead.fmh_keys[1]);
711
712 info.gi_sb = sb;
713 info.gi_data = arg;
714 error = ext4_getfsmap(sb, &xhead, ext4_getfsmap_format, &info);
715 if (error == EXT4_QUERY_RANGE_ABORT) {
716 error = 0;
717 aborted = true;
718 } else if (error)
719 return error;
720
721 /* If we didn't abort, set the "last" flag in the last fmx */
722 if (!aborted && info.gi_idx) {
723 info.gi_last_flags |= FMR_OF_LAST;
724 if (copy_to_user(&info.gi_data->fmh_recs[info.gi_idx - 1].fmr_flags,
725 &info.gi_last_flags,
726 sizeof(info.gi_last_flags)))
727 return -EFAULT;
728 }
729
730 /* copy back header */
731 head.fmh_entries = xhead.fmh_entries;
732 head.fmh_oflags = xhead.fmh_oflags;
733 if (copy_to_user(arg, &head, sizeof(struct fsmap_head)))
734 return -EFAULT;
735
736 return 0;
737 }
738
ext4_ioctl_group_add(struct file * file,struct ext4_new_group_data * input)739 static long ext4_ioctl_group_add(struct file *file,
740 struct ext4_new_group_data *input)
741 {
742 struct super_block *sb = file_inode(file)->i_sb;
743 int err, err2=0;
744
745 err = ext4_resize_begin(sb);
746 if (err)
747 return err;
748
749 if (ext4_has_feature_bigalloc(sb)) {
750 ext4_msg(sb, KERN_ERR,
751 "Online resizing not supported with bigalloc");
752 err = -EOPNOTSUPP;
753 goto group_add_out;
754 }
755
756 err = mnt_want_write_file(file);
757 if (err)
758 goto group_add_out;
759
760 err = ext4_group_add(sb, input);
761 if (EXT4_SB(sb)->s_journal) {
762 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
763 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
764 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
765 }
766 if (err == 0)
767 err = err2;
768 mnt_drop_write_file(file);
769 if (!err && ext4_has_group_desc_csum(sb) &&
770 test_opt(sb, INIT_INODE_TABLE))
771 err = ext4_register_li_request(sb, input->group);
772 group_add_out:
773 ext4_resize_end(sb);
774 return err;
775 }
776
ext4_fill_fsxattr(struct inode * inode,struct fsxattr * fa)777 static void ext4_fill_fsxattr(struct inode *inode, struct fsxattr *fa)
778 {
779 struct ext4_inode_info *ei = EXT4_I(inode);
780
781 simple_fill_fsxattr(fa, ext4_iflags_to_xflags(ei->i_flags &
782 EXT4_FL_USER_VISIBLE));
783
784 if (ext4_has_feature_project(inode->i_sb))
785 fa->fsx_projid = from_kprojid(&init_user_ns, ei->i_projid);
786 }
787
788 /* So that the fiemap access checks can't overflow on 32 bit machines. */
789 #define FIEMAP_MAX_EXTENTS (UINT_MAX / sizeof(struct fiemap_extent))
790
ext4_ioctl_get_es_cache(struct file * filp,unsigned long arg)791 static int ext4_ioctl_get_es_cache(struct file *filp, unsigned long arg)
792 {
793 struct fiemap fiemap;
794 struct fiemap __user *ufiemap = (struct fiemap __user *) arg;
795 struct fiemap_extent_info fieinfo = { 0, };
796 struct inode *inode = file_inode(filp);
797 int error;
798
799 if (copy_from_user(&fiemap, ufiemap, sizeof(fiemap)))
800 return -EFAULT;
801
802 if (fiemap.fm_extent_count > FIEMAP_MAX_EXTENTS)
803 return -EINVAL;
804
805 fieinfo.fi_flags = fiemap.fm_flags;
806 fieinfo.fi_extents_max = fiemap.fm_extent_count;
807 fieinfo.fi_extents_start = ufiemap->fm_extents;
808
809 error = ext4_get_es_cache(inode, &fieinfo, fiemap.fm_start,
810 fiemap.fm_length);
811 fiemap.fm_flags = fieinfo.fi_flags;
812 fiemap.fm_mapped_extents = fieinfo.fi_extents_mapped;
813 if (copy_to_user(ufiemap, &fiemap, sizeof(fiemap)))
814 error = -EFAULT;
815
816 return error;
817 }
818
__ext4_ioctl(struct file * filp,unsigned int cmd,unsigned long arg)819 static long __ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
820 {
821 struct inode *inode = file_inode(filp);
822 struct super_block *sb = inode->i_sb;
823 struct ext4_inode_info *ei = EXT4_I(inode);
824 unsigned int flags;
825
826 ext4_debug("cmd = %u, arg = %lu\n", cmd, arg);
827
828 switch (cmd) {
829 case FS_IOC_GETFSMAP:
830 return ext4_ioc_getfsmap(sb, (void __user *)arg);
831 case FS_IOC_GETFLAGS:
832 flags = ei->i_flags & EXT4_FL_USER_VISIBLE;
833 if (S_ISREG(inode->i_mode))
834 flags &= ~EXT4_PROJINHERIT_FL;
835 return put_user(flags, (int __user *) arg);
836 case FS_IOC_SETFLAGS: {
837 int err;
838
839 if (!inode_owner_or_capable(inode))
840 return -EACCES;
841
842 if (get_user(flags, (int __user *) arg))
843 return -EFAULT;
844
845 if (flags & ~EXT4_FL_USER_VISIBLE)
846 return -EOPNOTSUPP;
847 /*
848 * chattr(1) grabs flags via GETFLAGS, modifies the result and
849 * passes that to SETFLAGS. So we cannot easily make SETFLAGS
850 * more restrictive than just silently masking off visible but
851 * not settable flags as we always did.
852 */
853 flags &= EXT4_FL_USER_MODIFIABLE;
854 if (ext4_mask_flags(inode->i_mode, flags) != flags)
855 return -EOPNOTSUPP;
856
857 err = mnt_want_write_file(filp);
858 if (err)
859 return err;
860
861 inode_lock(inode);
862 err = ext4_ioctl_check_immutable(inode,
863 from_kprojid(&init_user_ns, ei->i_projid),
864 flags);
865 if (!err)
866 err = ext4_ioctl_setflags(inode, flags);
867 inode_unlock(inode);
868 mnt_drop_write_file(filp);
869 return err;
870 }
871 case EXT4_IOC_GETVERSION:
872 case EXT4_IOC_GETVERSION_OLD:
873 return put_user(inode->i_generation, (int __user *) arg);
874 case EXT4_IOC_SETVERSION:
875 case EXT4_IOC_SETVERSION_OLD: {
876 handle_t *handle;
877 struct ext4_iloc iloc;
878 __u32 generation;
879 int err;
880
881 if (!inode_owner_or_capable(inode))
882 return -EPERM;
883
884 if (ext4_has_metadata_csum(inode->i_sb)) {
885 ext4_warning(sb, "Setting inode version is not "
886 "supported with metadata_csum enabled.");
887 return -ENOTTY;
888 }
889
890 err = mnt_want_write_file(filp);
891 if (err)
892 return err;
893 if (get_user(generation, (int __user *) arg)) {
894 err = -EFAULT;
895 goto setversion_out;
896 }
897
898 inode_lock(inode);
899 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
900 if (IS_ERR(handle)) {
901 err = PTR_ERR(handle);
902 goto unlock_out;
903 }
904 err = ext4_reserve_inode_write(handle, inode, &iloc);
905 if (err == 0) {
906 inode->i_ctime = current_time(inode);
907 inode->i_generation = generation;
908 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
909 }
910 ext4_journal_stop(handle);
911
912 unlock_out:
913 inode_unlock(inode);
914 setversion_out:
915 mnt_drop_write_file(filp);
916 return err;
917 }
918 case EXT4_IOC_GROUP_EXTEND: {
919 ext4_fsblk_t n_blocks_count;
920 int err, err2=0;
921
922 err = ext4_resize_begin(sb);
923 if (err)
924 return err;
925
926 if (get_user(n_blocks_count, (__u32 __user *)arg)) {
927 err = -EFAULT;
928 goto group_extend_out;
929 }
930
931 if (ext4_has_feature_bigalloc(sb)) {
932 ext4_msg(sb, KERN_ERR,
933 "Online resizing not supported with bigalloc");
934 err = -EOPNOTSUPP;
935 goto group_extend_out;
936 }
937
938 err = mnt_want_write_file(filp);
939 if (err)
940 goto group_extend_out;
941
942 err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count);
943 if (EXT4_SB(sb)->s_journal) {
944 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
945 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
946 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
947 }
948 if (err == 0)
949 err = err2;
950 mnt_drop_write_file(filp);
951 group_extend_out:
952 ext4_resize_end(sb);
953 return err;
954 }
955
956 case EXT4_IOC_MOVE_EXT: {
957 struct move_extent me;
958 struct fd donor;
959 int err;
960
961 if (!(filp->f_mode & FMODE_READ) ||
962 !(filp->f_mode & FMODE_WRITE))
963 return -EBADF;
964
965 if (copy_from_user(&me,
966 (struct move_extent __user *)arg, sizeof(me)))
967 return -EFAULT;
968 me.moved_len = 0;
969
970 donor = fdget(me.donor_fd);
971 if (!donor.file)
972 return -EBADF;
973
974 if (!(donor.file->f_mode & FMODE_WRITE)) {
975 err = -EBADF;
976 goto mext_out;
977 }
978
979 if (ext4_has_feature_bigalloc(sb)) {
980 ext4_msg(sb, KERN_ERR,
981 "Online defrag not supported with bigalloc");
982 err = -EOPNOTSUPP;
983 goto mext_out;
984 } else if (IS_DAX(inode)) {
985 ext4_msg(sb, KERN_ERR,
986 "Online defrag not supported with DAX");
987 err = -EOPNOTSUPP;
988 goto mext_out;
989 }
990
991 err = mnt_want_write_file(filp);
992 if (err)
993 goto mext_out;
994
995 err = ext4_move_extents(filp, donor.file, me.orig_start,
996 me.donor_start, me.len, &me.moved_len);
997 mnt_drop_write_file(filp);
998
999 if (copy_to_user((struct move_extent __user *)arg,
1000 &me, sizeof(me)))
1001 err = -EFAULT;
1002 mext_out:
1003 fdput(donor);
1004 return err;
1005 }
1006
1007 case EXT4_IOC_GROUP_ADD: {
1008 struct ext4_new_group_data input;
1009
1010 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg,
1011 sizeof(input)))
1012 return -EFAULT;
1013
1014 return ext4_ioctl_group_add(filp, &input);
1015 }
1016
1017 case EXT4_IOC_MIGRATE:
1018 {
1019 int err;
1020 if (!inode_owner_or_capable(inode))
1021 return -EACCES;
1022
1023 err = mnt_want_write_file(filp);
1024 if (err)
1025 return err;
1026 /*
1027 * inode_mutex prevent write and truncate on the file.
1028 * Read still goes through. We take i_data_sem in
1029 * ext4_ext_swap_inode_data before we switch the
1030 * inode format to prevent read.
1031 */
1032 inode_lock((inode));
1033 err = ext4_ext_migrate(inode);
1034 inode_unlock((inode));
1035 mnt_drop_write_file(filp);
1036 return err;
1037 }
1038
1039 case EXT4_IOC_ALLOC_DA_BLKS:
1040 {
1041 int err;
1042 if (!inode_owner_or_capable(inode))
1043 return -EACCES;
1044
1045 err = mnt_want_write_file(filp);
1046 if (err)
1047 return err;
1048 err = ext4_alloc_da_blocks(inode);
1049 mnt_drop_write_file(filp);
1050 return err;
1051 }
1052
1053 case EXT4_IOC_SWAP_BOOT:
1054 {
1055 int err;
1056 if (!(filp->f_mode & FMODE_WRITE))
1057 return -EBADF;
1058 err = mnt_want_write_file(filp);
1059 if (err)
1060 return err;
1061 err = swap_inode_boot_loader(sb, inode);
1062 mnt_drop_write_file(filp);
1063 return err;
1064 }
1065
1066 case EXT4_IOC_RESIZE_FS: {
1067 ext4_fsblk_t n_blocks_count;
1068 int err = 0, err2 = 0;
1069 ext4_group_t o_group = EXT4_SB(sb)->s_groups_count;
1070
1071 if (copy_from_user(&n_blocks_count, (__u64 __user *)arg,
1072 sizeof(__u64))) {
1073 return -EFAULT;
1074 }
1075
1076 err = ext4_resize_begin(sb);
1077 if (err)
1078 return err;
1079
1080 err = mnt_want_write_file(filp);
1081 if (err)
1082 goto resizefs_out;
1083
1084 err = ext4_resize_fs(sb, n_blocks_count);
1085 if (EXT4_SB(sb)->s_journal) {
1086 ext4_fc_mark_ineligible(sb, EXT4_FC_REASON_RESIZE);
1087 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
1088 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
1089 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
1090 }
1091 if (err == 0)
1092 err = err2;
1093 mnt_drop_write_file(filp);
1094 if (!err && (o_group < EXT4_SB(sb)->s_groups_count) &&
1095 ext4_has_group_desc_csum(sb) &&
1096 test_opt(sb, INIT_INODE_TABLE))
1097 err = ext4_register_li_request(sb, o_group);
1098
1099 resizefs_out:
1100 ext4_resize_end(sb);
1101 return err;
1102 }
1103
1104 case FITRIM:
1105 {
1106 struct request_queue *q = bdev_get_queue(sb->s_bdev);
1107 struct fstrim_range range;
1108 int ret = 0;
1109
1110 if (!capable(CAP_SYS_ADMIN))
1111 return -EPERM;
1112
1113 if (!blk_queue_discard(q))
1114 return -EOPNOTSUPP;
1115
1116 /*
1117 * We haven't replayed the journal, so we cannot use our
1118 * block-bitmap-guided storage zapping commands.
1119 */
1120 if (test_opt(sb, NOLOAD) && ext4_has_feature_journal(sb))
1121 return -EROFS;
1122
1123 if (copy_from_user(&range, (struct fstrim_range __user *)arg,
1124 sizeof(range)))
1125 return -EFAULT;
1126
1127 ret = ext4_trim_fs(sb, &range);
1128 if (ret < 0)
1129 return ret;
1130
1131 if (copy_to_user((struct fstrim_range __user *)arg, &range,
1132 sizeof(range)))
1133 return -EFAULT;
1134
1135 return 0;
1136 }
1137 case EXT4_IOC_PRECACHE_EXTENTS:
1138 return ext4_ext_precache(inode);
1139
1140 case FS_IOC_SET_ENCRYPTION_POLICY:
1141 if (!ext4_has_feature_encrypt(sb))
1142 return -EOPNOTSUPP;
1143 return fscrypt_ioctl_set_policy(filp, (const void __user *)arg);
1144
1145 case FS_IOC_GET_ENCRYPTION_PWSALT: {
1146 #ifdef CONFIG_FS_ENCRYPTION
1147 int err, err2;
1148 struct ext4_sb_info *sbi = EXT4_SB(sb);
1149 handle_t *handle;
1150
1151 if (!ext4_has_feature_encrypt(sb))
1152 return -EOPNOTSUPP;
1153 if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
1154 err = mnt_want_write_file(filp);
1155 if (err)
1156 return err;
1157 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
1158 if (IS_ERR(handle)) {
1159 err = PTR_ERR(handle);
1160 goto pwsalt_err_exit;
1161 }
1162 err = ext4_journal_get_write_access(handle, sbi->s_sbh);
1163 if (err)
1164 goto pwsalt_err_journal;
1165 lock_buffer(sbi->s_sbh);
1166 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
1167 ext4_superblock_csum_set(sb);
1168 unlock_buffer(sbi->s_sbh);
1169 err = ext4_handle_dirty_metadata(handle, NULL,
1170 sbi->s_sbh);
1171 pwsalt_err_journal:
1172 err2 = ext4_journal_stop(handle);
1173 if (err2 && !err)
1174 err = err2;
1175 pwsalt_err_exit:
1176 mnt_drop_write_file(filp);
1177 if (err)
1178 return err;
1179 }
1180 if (copy_to_user((void __user *) arg,
1181 sbi->s_es->s_encrypt_pw_salt, 16))
1182 return -EFAULT;
1183 return 0;
1184 #else
1185 return -EOPNOTSUPP;
1186 #endif
1187 }
1188 case FS_IOC_GET_ENCRYPTION_POLICY:
1189 if (!ext4_has_feature_encrypt(sb))
1190 return -EOPNOTSUPP;
1191 return fscrypt_ioctl_get_policy(filp, (void __user *)arg);
1192
1193 case FS_IOC_GET_ENCRYPTION_POLICY_EX:
1194 if (!ext4_has_feature_encrypt(sb))
1195 return -EOPNOTSUPP;
1196 return fscrypt_ioctl_get_policy_ex(filp, (void __user *)arg);
1197
1198 case FS_IOC_ADD_ENCRYPTION_KEY:
1199 if (!ext4_has_feature_encrypt(sb))
1200 return -EOPNOTSUPP;
1201 return fscrypt_ioctl_add_key(filp, (void __user *)arg);
1202
1203 case FS_IOC_REMOVE_ENCRYPTION_KEY:
1204 if (!ext4_has_feature_encrypt(sb))
1205 return -EOPNOTSUPP;
1206 return fscrypt_ioctl_remove_key(filp, (void __user *)arg);
1207
1208 case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
1209 if (!ext4_has_feature_encrypt(sb))
1210 return -EOPNOTSUPP;
1211 return fscrypt_ioctl_remove_key_all_users(filp,
1212 (void __user *)arg);
1213 case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
1214 if (!ext4_has_feature_encrypt(sb))
1215 return -EOPNOTSUPP;
1216 return fscrypt_ioctl_get_key_status(filp, (void __user *)arg);
1217
1218 case FS_IOC_GET_ENCRYPTION_NONCE:
1219 if (!ext4_has_feature_encrypt(sb))
1220 return -EOPNOTSUPP;
1221 return fscrypt_ioctl_get_nonce(filp, (void __user *)arg);
1222
1223 case EXT4_IOC_CLEAR_ES_CACHE:
1224 {
1225 if (!inode_owner_or_capable(inode))
1226 return -EACCES;
1227 ext4_clear_inode_es(inode);
1228 return 0;
1229 }
1230
1231 case EXT4_IOC_GETSTATE:
1232 {
1233 __u32 state = 0;
1234
1235 if (ext4_test_inode_state(inode, EXT4_STATE_EXT_PRECACHED))
1236 state |= EXT4_STATE_FLAG_EXT_PRECACHED;
1237 if (ext4_test_inode_state(inode, EXT4_STATE_NEW))
1238 state |= EXT4_STATE_FLAG_NEW;
1239 if (ext4_test_inode_state(inode, EXT4_STATE_NEWENTRY))
1240 state |= EXT4_STATE_FLAG_NEWENTRY;
1241 if (ext4_test_inode_state(inode, EXT4_STATE_DA_ALLOC_CLOSE))
1242 state |= EXT4_STATE_FLAG_DA_ALLOC_CLOSE;
1243
1244 return put_user(state, (__u32 __user *) arg);
1245 }
1246
1247 case EXT4_IOC_GET_ES_CACHE:
1248 return ext4_ioctl_get_es_cache(filp, arg);
1249
1250 case FS_IOC_FSGETXATTR:
1251 {
1252 struct fsxattr fa;
1253
1254 ext4_fill_fsxattr(inode, &fa);
1255
1256 if (copy_to_user((struct fsxattr __user *)arg,
1257 &fa, sizeof(fa)))
1258 return -EFAULT;
1259 return 0;
1260 }
1261 case FS_IOC_FSSETXATTR:
1262 {
1263 struct fsxattr fa, old_fa;
1264 int err;
1265
1266 if (copy_from_user(&fa, (struct fsxattr __user *)arg,
1267 sizeof(fa)))
1268 return -EFAULT;
1269
1270 /* Make sure caller has proper permission */
1271 if (!inode_owner_or_capable(inode))
1272 return -EACCES;
1273
1274 if (fa.fsx_xflags & ~EXT4_SUPPORTED_FS_XFLAGS)
1275 return -EOPNOTSUPP;
1276
1277 flags = ext4_xflags_to_iflags(fa.fsx_xflags);
1278 if (ext4_mask_flags(inode->i_mode, flags) != flags)
1279 return -EOPNOTSUPP;
1280
1281 err = mnt_want_write_file(filp);
1282 if (err)
1283 return err;
1284
1285 inode_lock(inode);
1286 ext4_fill_fsxattr(inode, &old_fa);
1287 err = vfs_ioc_fssetxattr_check(inode, &old_fa, &fa);
1288 if (err)
1289 goto out;
1290 flags = (ei->i_flags & ~EXT4_FL_XFLAG_VISIBLE) |
1291 (flags & EXT4_FL_XFLAG_VISIBLE);
1292 err = ext4_ioctl_check_immutable(inode, fa.fsx_projid, flags);
1293 if (err)
1294 goto out;
1295 err = ext4_ioctl_setflags(inode, flags);
1296 if (err)
1297 goto out;
1298 err = ext4_ioctl_setproject(filp, fa.fsx_projid);
1299 out:
1300 inode_unlock(inode);
1301 mnt_drop_write_file(filp);
1302 return err;
1303 }
1304 case EXT4_IOC_SHUTDOWN:
1305 return ext4_shutdown(sb, arg);
1306
1307 case FS_IOC_ENABLE_VERITY:
1308 if (!ext4_has_feature_verity(sb))
1309 return -EOPNOTSUPP;
1310 return fsverity_ioctl_enable(filp, (const void __user *)arg);
1311
1312 case FS_IOC_MEASURE_VERITY:
1313 if (!ext4_has_feature_verity(sb))
1314 return -EOPNOTSUPP;
1315 return fsverity_ioctl_measure(filp, (void __user *)arg);
1316
1317 default:
1318 return -ENOTTY;
1319 }
1320 }
1321
ext4_ioctl(struct file * filp,unsigned int cmd,unsigned long arg)1322 long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
1323 {
1324 long ret;
1325
1326 ext4_fc_start_update(file_inode(filp));
1327 ret = __ext4_ioctl(filp, cmd, arg);
1328 ext4_fc_stop_update(file_inode(filp));
1329
1330 return ret;
1331 }
1332
1333 #ifdef CONFIG_COMPAT
ext4_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1334 long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1335 {
1336 /* These are just misnamed, they actually get/put from/to user an int */
1337 switch (cmd) {
1338 case FS_IOC32_GETFLAGS:
1339 cmd = FS_IOC_GETFLAGS;
1340 break;
1341 case FS_IOC32_SETFLAGS:
1342 cmd = FS_IOC_SETFLAGS;
1343 break;
1344 case EXT4_IOC32_GETVERSION:
1345 cmd = EXT4_IOC_GETVERSION;
1346 break;
1347 case EXT4_IOC32_SETVERSION:
1348 cmd = EXT4_IOC_SETVERSION;
1349 break;
1350 case EXT4_IOC32_GROUP_EXTEND:
1351 cmd = EXT4_IOC_GROUP_EXTEND;
1352 break;
1353 case EXT4_IOC32_GETVERSION_OLD:
1354 cmd = EXT4_IOC_GETVERSION_OLD;
1355 break;
1356 case EXT4_IOC32_SETVERSION_OLD:
1357 cmd = EXT4_IOC_SETVERSION_OLD;
1358 break;
1359 case EXT4_IOC32_GETRSVSZ:
1360 cmd = EXT4_IOC_GETRSVSZ;
1361 break;
1362 case EXT4_IOC32_SETRSVSZ:
1363 cmd = EXT4_IOC_SETRSVSZ;
1364 break;
1365 case EXT4_IOC32_GROUP_ADD: {
1366 struct compat_ext4_new_group_input __user *uinput;
1367 struct ext4_new_group_data input;
1368 int err;
1369
1370 uinput = compat_ptr(arg);
1371 err = get_user(input.group, &uinput->group);
1372 err |= get_user(input.block_bitmap, &uinput->block_bitmap);
1373 err |= get_user(input.inode_bitmap, &uinput->inode_bitmap);
1374 err |= get_user(input.inode_table, &uinput->inode_table);
1375 err |= get_user(input.blocks_count, &uinput->blocks_count);
1376 err |= get_user(input.reserved_blocks,
1377 &uinput->reserved_blocks);
1378 if (err)
1379 return -EFAULT;
1380 return ext4_ioctl_group_add(file, &input);
1381 }
1382 case EXT4_IOC_MOVE_EXT:
1383 case EXT4_IOC_RESIZE_FS:
1384 case FITRIM:
1385 case EXT4_IOC_PRECACHE_EXTENTS:
1386 case FS_IOC_SET_ENCRYPTION_POLICY:
1387 case FS_IOC_GET_ENCRYPTION_PWSALT:
1388 case FS_IOC_GET_ENCRYPTION_POLICY:
1389 case FS_IOC_GET_ENCRYPTION_POLICY_EX:
1390 case FS_IOC_ADD_ENCRYPTION_KEY:
1391 case FS_IOC_REMOVE_ENCRYPTION_KEY:
1392 case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
1393 case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
1394 case FS_IOC_GET_ENCRYPTION_NONCE:
1395 case EXT4_IOC_SHUTDOWN:
1396 case FS_IOC_GETFSMAP:
1397 case FS_IOC_ENABLE_VERITY:
1398 case FS_IOC_MEASURE_VERITY:
1399 case EXT4_IOC_CLEAR_ES_CACHE:
1400 case EXT4_IOC_GETSTATE:
1401 case EXT4_IOC_GET_ES_CACHE:
1402 case FS_IOC_FSGETXATTR:
1403 case FS_IOC_FSSETXATTR:
1404 break;
1405 default:
1406 return -ENOIOCTLCMD;
1407 }
1408 return ext4_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
1409 }
1410 #endif
1411