1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * linux/fs/ext4/ioctl.c
4 *
5 * Copyright (C) 1993, 1994, 1995
6 * Remy Card (card@masi.ibp.fr)
7 * Laboratoire MASI - Institut Blaise Pascal
8 * Universite Pierre et Marie Curie (Paris VI)
9 */
10
11 #include <linux/fs.h>
12 #include <linux/capability.h>
13 #include <linux/time.h>
14 #include <linux/compat.h>
15 #include <linux/mount.h>
16 #include <linux/file.h>
17 #include <linux/quotaops.h>
18 #include <linux/random.h>
19 #include <linux/uuid.h>
20 #include <linux/uaccess.h>
21 #include <linux/delay.h>
22 #include <linux/iversion.h>
23 #include "ext4_jbd2.h"
24 #include "ext4.h"
25 #include <linux/fsmap.h>
26 #include "fsmap.h"
27 #include <trace/events/ext4.h>
28
29 /**
30 * Swap memory between @a and @b for @len bytes.
31 *
32 * @a: pointer to first memory area
33 * @b: pointer to second memory area
34 * @len: number of bytes to swap
35 *
36 */
memswap(void * a,void * b,size_t len)37 static void memswap(void *a, void *b, size_t len)
38 {
39 unsigned char *ap, *bp;
40
41 ap = (unsigned char *)a;
42 bp = (unsigned char *)b;
43 while (len-- > 0) {
44 swap(*ap, *bp);
45 ap++;
46 bp++;
47 }
48 }
49
50 /**
51 * Swap i_data and associated attributes between @inode1 and @inode2.
52 * This function is used for the primary swap between inode1 and inode2
53 * and also to revert this primary swap in case of errors.
54 *
55 * Therefore you have to make sure, that calling this method twice
56 * will revert all changes.
57 *
58 * @inode1: pointer to first inode
59 * @inode2: pointer to second inode
60 */
swap_inode_data(struct inode * inode1,struct inode * inode2)61 static void swap_inode_data(struct inode *inode1, struct inode *inode2)
62 {
63 loff_t isize;
64 struct ext4_inode_info *ei1;
65 struct ext4_inode_info *ei2;
66 unsigned long tmp;
67
68 ei1 = EXT4_I(inode1);
69 ei2 = EXT4_I(inode2);
70
71 swap(inode1->i_version, inode2->i_version);
72 swap(inode1->i_atime, inode2->i_atime);
73 swap(inode1->i_mtime, inode2->i_mtime);
74
75 memswap(ei1->i_data, ei2->i_data, sizeof(ei1->i_data));
76 tmp = ei1->i_flags & EXT4_FL_SHOULD_SWAP;
77 ei1->i_flags = (ei2->i_flags & EXT4_FL_SHOULD_SWAP) |
78 (ei1->i_flags & ~EXT4_FL_SHOULD_SWAP);
79 ei2->i_flags = tmp | (ei2->i_flags & ~EXT4_FL_SHOULD_SWAP);
80 swap(ei1->i_disksize, ei2->i_disksize);
81 ext4_es_remove_extent(inode1, 0, EXT_MAX_BLOCKS);
82 ext4_es_remove_extent(inode2, 0, EXT_MAX_BLOCKS);
83
84 isize = i_size_read(inode1);
85 i_size_write(inode1, i_size_read(inode2));
86 i_size_write(inode2, isize);
87 }
88
reset_inode_seed(struct inode * inode)89 static void reset_inode_seed(struct inode *inode)
90 {
91 struct ext4_inode_info *ei = EXT4_I(inode);
92 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
93 __le32 inum = cpu_to_le32(inode->i_ino);
94 __le32 gen = cpu_to_le32(inode->i_generation);
95 __u32 csum;
96
97 if (!ext4_has_metadata_csum(inode->i_sb))
98 return;
99
100 csum = ext4_chksum(sbi, sbi->s_csum_seed, (__u8 *)&inum, sizeof(inum));
101 ei->i_csum_seed = ext4_chksum(sbi, csum, (__u8 *)&gen, sizeof(gen));
102 }
103
104 /**
105 * Swap the information from the given @inode and the inode
106 * EXT4_BOOT_LOADER_INO. It will basically swap i_data and all other
107 * important fields of the inodes.
108 *
109 * @sb: the super block of the filesystem
110 * @inode: the inode to swap with EXT4_BOOT_LOADER_INO
111 *
112 */
swap_inode_boot_loader(struct super_block * sb,struct inode * inode)113 static long swap_inode_boot_loader(struct super_block *sb,
114 struct inode *inode)
115 {
116 handle_t *handle;
117 int err;
118 struct inode *inode_bl;
119 struct ext4_inode_info *ei_bl;
120 qsize_t size, size_bl, diff;
121 blkcnt_t blocks;
122 unsigned short bytes;
123
124 inode_bl = ext4_iget(sb, EXT4_BOOT_LOADER_INO,
125 EXT4_IGET_SPECIAL | EXT4_IGET_BAD);
126 if (IS_ERR(inode_bl))
127 return PTR_ERR(inode_bl);
128 ei_bl = EXT4_I(inode_bl);
129
130 /* Protect orig inodes against a truncate and make sure,
131 * that only 1 swap_inode_boot_loader is running. */
132 lock_two_nondirectories(inode, inode_bl);
133
134 if (inode->i_nlink != 1 || !S_ISREG(inode->i_mode) ||
135 IS_SWAPFILE(inode) || IS_ENCRYPTED(inode) ||
136 (EXT4_I(inode)->i_flags & EXT4_JOURNAL_DATA_FL) ||
137 ext4_has_inline_data(inode)) {
138 err = -EINVAL;
139 goto journal_err_out;
140 }
141
142 if (IS_RDONLY(inode) || IS_APPEND(inode) || IS_IMMUTABLE(inode) ||
143 !inode_owner_or_capable(inode) || !capable(CAP_SYS_ADMIN)) {
144 err = -EPERM;
145 goto journal_err_out;
146 }
147
148 down_write(&EXT4_I(inode)->i_mmap_sem);
149 err = filemap_write_and_wait(inode->i_mapping);
150 if (err)
151 goto err_out;
152
153 err = filemap_write_and_wait(inode_bl->i_mapping);
154 if (err)
155 goto err_out;
156
157 /* Wait for all existing dio workers */
158 inode_dio_wait(inode);
159 inode_dio_wait(inode_bl);
160
161 truncate_inode_pages(&inode->i_data, 0);
162 truncate_inode_pages(&inode_bl->i_data, 0);
163
164 handle = ext4_journal_start(inode_bl, EXT4_HT_MOVE_EXTENTS, 2);
165 if (IS_ERR(handle)) {
166 err = -EINVAL;
167 goto err_out;
168 }
169
170 /* Protect extent tree against block allocations via delalloc */
171 ext4_double_down_write_data_sem(inode, inode_bl);
172
173 if (is_bad_inode(inode_bl) || !S_ISREG(inode_bl->i_mode)) {
174 /* this inode has never been used as a BOOT_LOADER */
175 set_nlink(inode_bl, 1);
176 i_uid_write(inode_bl, 0);
177 i_gid_write(inode_bl, 0);
178 inode_bl->i_flags = 0;
179 ei_bl->i_flags = 0;
180 inode_set_iversion(inode_bl, 1);
181 i_size_write(inode_bl, 0);
182 EXT4_I(inode_bl)->i_disksize = inode_bl->i_size;
183 inode_bl->i_mode = S_IFREG;
184 if (ext4_has_feature_extents(sb)) {
185 ext4_set_inode_flag(inode_bl, EXT4_INODE_EXTENTS);
186 ext4_ext_tree_init(handle, inode_bl);
187 } else
188 memset(ei_bl->i_data, 0, sizeof(ei_bl->i_data));
189 }
190
191 err = dquot_initialize(inode);
192 if (err)
193 goto err_out1;
194
195 size = (qsize_t)(inode->i_blocks) * (1 << 9) + inode->i_bytes;
196 size_bl = (qsize_t)(inode_bl->i_blocks) * (1 << 9) + inode_bl->i_bytes;
197 diff = size - size_bl;
198 swap_inode_data(inode, inode_bl);
199
200 inode->i_ctime = inode_bl->i_ctime = current_time(inode);
201
202 inode->i_generation = prandom_u32();
203 inode_bl->i_generation = prandom_u32();
204 reset_inode_seed(inode);
205 reset_inode_seed(inode_bl);
206
207 ext4_discard_preallocations(inode);
208
209 err = ext4_mark_inode_dirty(handle, inode);
210 if (err < 0) {
211 /* No need to update quota information. */
212 ext4_warning(inode->i_sb,
213 "couldn't mark inode #%lu dirty (err %d)",
214 inode->i_ino, err);
215 /* Revert all changes: */
216 swap_inode_data(inode, inode_bl);
217 ext4_mark_inode_dirty(handle, inode);
218 goto err_out1;
219 }
220
221 blocks = inode_bl->i_blocks;
222 bytes = inode_bl->i_bytes;
223 inode_bl->i_blocks = inode->i_blocks;
224 inode_bl->i_bytes = inode->i_bytes;
225 err = ext4_mark_inode_dirty(handle, inode_bl);
226 if (err < 0) {
227 /* No need to update quota information. */
228 ext4_warning(inode_bl->i_sb,
229 "couldn't mark inode #%lu dirty (err %d)",
230 inode_bl->i_ino, err);
231 goto revert;
232 }
233
234 /* Bootloader inode should not be counted into quota information. */
235 if (diff > 0)
236 dquot_free_space(inode, diff);
237 else
238 err = dquot_alloc_space(inode, -1 * diff);
239
240 if (err < 0) {
241 revert:
242 /* Revert all changes: */
243 inode_bl->i_blocks = blocks;
244 inode_bl->i_bytes = bytes;
245 swap_inode_data(inode, inode_bl);
246 ext4_mark_inode_dirty(handle, inode);
247 ext4_mark_inode_dirty(handle, inode_bl);
248 }
249
250 err_out1:
251 ext4_journal_stop(handle);
252 ext4_double_up_write_data_sem(inode, inode_bl);
253
254 err_out:
255 up_write(&EXT4_I(inode)->i_mmap_sem);
256 journal_err_out:
257 unlock_two_nondirectories(inode, inode_bl);
258 iput(inode_bl);
259 return err;
260 }
261
262 #ifdef CONFIG_FS_ENCRYPTION
uuid_is_zero(__u8 u[16])263 static int uuid_is_zero(__u8 u[16])
264 {
265 int i;
266
267 for (i = 0; i < 16; i++)
268 if (u[i])
269 return 0;
270 return 1;
271 }
272 #endif
273
274 /*
275 * If immutable is set and we are not clearing it, we're not allowed to change
276 * anything else in the inode. Don't error out if we're only trying to set
277 * immutable on an immutable file.
278 */
ext4_ioctl_check_immutable(struct inode * inode,__u32 new_projid,unsigned int flags)279 static int ext4_ioctl_check_immutable(struct inode *inode, __u32 new_projid,
280 unsigned int flags)
281 {
282 struct ext4_inode_info *ei = EXT4_I(inode);
283 unsigned int oldflags = ei->i_flags;
284
285 if (!(oldflags & EXT4_IMMUTABLE_FL) || !(flags & EXT4_IMMUTABLE_FL))
286 return 0;
287
288 if ((oldflags & ~EXT4_IMMUTABLE_FL) != (flags & ~EXT4_IMMUTABLE_FL))
289 return -EPERM;
290 if (ext4_has_feature_project(inode->i_sb) &&
291 __kprojid_val(ei->i_projid) != new_projid)
292 return -EPERM;
293
294 return 0;
295 }
296
ext4_ioctl_setflags(struct inode * inode,unsigned int flags)297 static int ext4_ioctl_setflags(struct inode *inode,
298 unsigned int flags)
299 {
300 struct ext4_inode_info *ei = EXT4_I(inode);
301 handle_t *handle = NULL;
302 int err = -EPERM, migrate = 0;
303 struct ext4_iloc iloc;
304 unsigned int oldflags, mask, i;
305 unsigned int jflag;
306 struct super_block *sb = inode->i_sb;
307
308 /* Is it quota file? Do not allow user to mess with it */
309 if (ext4_is_quota_file(inode))
310 goto flags_out;
311
312 oldflags = ei->i_flags;
313
314 /* The JOURNAL_DATA flag is modifiable only by root */
315 jflag = flags & EXT4_JOURNAL_DATA_FL;
316
317 err = vfs_ioc_setflags_prepare(inode, oldflags, flags);
318 if (err)
319 goto flags_out;
320
321 /*
322 * The JOURNAL_DATA flag can only be changed by
323 * the relevant capability.
324 */
325 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
326 if (!capable(CAP_SYS_RESOURCE))
327 goto flags_out;
328 }
329 if ((flags ^ oldflags) & EXT4_EXTENTS_FL)
330 migrate = 1;
331
332 if (flags & EXT4_EOFBLOCKS_FL) {
333 /* we don't support adding EOFBLOCKS flag */
334 if (!(oldflags & EXT4_EOFBLOCKS_FL)) {
335 err = -EOPNOTSUPP;
336 goto flags_out;
337 }
338 } else if (oldflags & EXT4_EOFBLOCKS_FL) {
339 err = ext4_truncate(inode);
340 if (err)
341 goto flags_out;
342 }
343
344 if ((flags ^ oldflags) & EXT4_CASEFOLD_FL) {
345 if (!ext4_has_feature_casefold(sb)) {
346 err = -EOPNOTSUPP;
347 goto flags_out;
348 }
349
350 if (!S_ISDIR(inode->i_mode)) {
351 err = -ENOTDIR;
352 goto flags_out;
353 }
354
355 if (!ext4_empty_dir(inode)) {
356 err = -ENOTEMPTY;
357 goto flags_out;
358 }
359 }
360
361 /*
362 * Wait for all pending directio and then flush all the dirty pages
363 * for this file. The flush marks all the pages readonly, so any
364 * subsequent attempt to write to the file (particularly mmap pages)
365 * will come through the filesystem and fail.
366 */
367 if (S_ISREG(inode->i_mode) && !IS_IMMUTABLE(inode) &&
368 (flags & EXT4_IMMUTABLE_FL)) {
369 inode_dio_wait(inode);
370 err = filemap_write_and_wait(inode->i_mapping);
371 if (err)
372 goto flags_out;
373 }
374
375 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
376 if (IS_ERR(handle)) {
377 err = PTR_ERR(handle);
378 goto flags_out;
379 }
380 if (IS_SYNC(inode))
381 ext4_handle_sync(handle);
382 err = ext4_reserve_inode_write(handle, inode, &iloc);
383 if (err)
384 goto flags_err;
385
386 for (i = 0, mask = 1; i < 32; i++, mask <<= 1) {
387 if (!(mask & EXT4_FL_USER_MODIFIABLE))
388 continue;
389 /* These flags get special treatment later */
390 if (mask == EXT4_JOURNAL_DATA_FL || mask == EXT4_EXTENTS_FL)
391 continue;
392 if (mask & flags)
393 ext4_set_inode_flag(inode, i);
394 else
395 ext4_clear_inode_flag(inode, i);
396 }
397
398 ext4_set_inode_flags(inode);
399 inode->i_ctime = current_time(inode);
400
401 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
402 flags_err:
403 ext4_journal_stop(handle);
404 if (err)
405 goto flags_out;
406
407 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
408 /*
409 * Changes to the journaling mode can cause unsafe changes to
410 * S_DAX if we are using the DAX mount option.
411 */
412 if (test_opt(inode->i_sb, DAX)) {
413 err = -EBUSY;
414 goto flags_out;
415 }
416
417 err = ext4_change_inode_journal_flag(inode, jflag);
418 if (err)
419 goto flags_out;
420 }
421 if (migrate) {
422 if (flags & EXT4_EXTENTS_FL)
423 err = ext4_ext_migrate(inode);
424 else
425 err = ext4_ind_migrate(inode);
426 }
427
428 flags_out:
429 return err;
430 }
431
432 #ifdef CONFIG_QUOTA
ext4_ioctl_setproject(struct file * filp,__u32 projid)433 static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
434 {
435 struct inode *inode = file_inode(filp);
436 struct super_block *sb = inode->i_sb;
437 struct ext4_inode_info *ei = EXT4_I(inode);
438 int err, rc;
439 handle_t *handle;
440 kprojid_t kprojid;
441 struct ext4_iloc iloc;
442 struct ext4_inode *raw_inode;
443 struct dquot *transfer_to[MAXQUOTAS] = { };
444
445 if (!ext4_has_feature_project(sb)) {
446 if (projid != EXT4_DEF_PROJID)
447 return -EOPNOTSUPP;
448 else
449 return 0;
450 }
451
452 if (EXT4_INODE_SIZE(sb) <= EXT4_GOOD_OLD_INODE_SIZE)
453 return -EOPNOTSUPP;
454
455 kprojid = make_kprojid(&init_user_ns, (projid_t)projid);
456
457 if (projid_eq(kprojid, EXT4_I(inode)->i_projid))
458 return 0;
459
460 err = -EPERM;
461 /* Is it quota file? Do not allow user to mess with it */
462 if (ext4_is_quota_file(inode))
463 return err;
464
465 err = dquot_initialize(inode);
466 if (err)
467 return err;
468
469 err = ext4_get_inode_loc(inode, &iloc);
470 if (err)
471 return err;
472
473 raw_inode = ext4_raw_inode(&iloc);
474 if (!EXT4_FITS_IN_INODE(raw_inode, ei, i_projid)) {
475 err = ext4_expand_extra_isize(inode,
476 EXT4_SB(sb)->s_want_extra_isize,
477 &iloc);
478 if (err)
479 return err;
480 } else {
481 brelse(iloc.bh);
482 }
483
484 handle = ext4_journal_start(inode, EXT4_HT_QUOTA,
485 EXT4_QUOTA_INIT_BLOCKS(sb) +
486 EXT4_QUOTA_DEL_BLOCKS(sb) + 3);
487 if (IS_ERR(handle))
488 return PTR_ERR(handle);
489
490 err = ext4_reserve_inode_write(handle, inode, &iloc);
491 if (err)
492 goto out_stop;
493
494 transfer_to[PRJQUOTA] = dqget(sb, make_kqid_projid(kprojid));
495 if (!IS_ERR(transfer_to[PRJQUOTA])) {
496
497 /* __dquot_transfer() calls back ext4_get_inode_usage() which
498 * counts xattr inode references.
499 */
500 down_read(&EXT4_I(inode)->xattr_sem);
501 err = __dquot_transfer(inode, transfer_to);
502 up_read(&EXT4_I(inode)->xattr_sem);
503 dqput(transfer_to[PRJQUOTA]);
504 if (err)
505 goto out_dirty;
506 }
507
508 EXT4_I(inode)->i_projid = kprojid;
509 inode->i_ctime = current_time(inode);
510 out_dirty:
511 rc = ext4_mark_iloc_dirty(handle, inode, &iloc);
512 if (!err)
513 err = rc;
514 out_stop:
515 ext4_journal_stop(handle);
516 return err;
517 }
518 #else
ext4_ioctl_setproject(struct file * filp,__u32 projid)519 static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
520 {
521 if (projid != EXT4_DEF_PROJID)
522 return -EOPNOTSUPP;
523 return 0;
524 }
525 #endif
526
527 /* Transfer internal flags to xflags */
ext4_iflags_to_xflags(unsigned long iflags)528 static inline __u32 ext4_iflags_to_xflags(unsigned long iflags)
529 {
530 __u32 xflags = 0;
531
532 if (iflags & EXT4_SYNC_FL)
533 xflags |= FS_XFLAG_SYNC;
534 if (iflags & EXT4_IMMUTABLE_FL)
535 xflags |= FS_XFLAG_IMMUTABLE;
536 if (iflags & EXT4_APPEND_FL)
537 xflags |= FS_XFLAG_APPEND;
538 if (iflags & EXT4_NODUMP_FL)
539 xflags |= FS_XFLAG_NODUMP;
540 if (iflags & EXT4_NOATIME_FL)
541 xflags |= FS_XFLAG_NOATIME;
542 if (iflags & EXT4_PROJINHERIT_FL)
543 xflags |= FS_XFLAG_PROJINHERIT;
544 return xflags;
545 }
546
547 #define EXT4_SUPPORTED_FS_XFLAGS (FS_XFLAG_SYNC | FS_XFLAG_IMMUTABLE | \
548 FS_XFLAG_APPEND | FS_XFLAG_NODUMP | \
549 FS_XFLAG_NOATIME | FS_XFLAG_PROJINHERIT)
550
551 /* Transfer xflags flags to internal */
ext4_xflags_to_iflags(__u32 xflags)552 static inline unsigned long ext4_xflags_to_iflags(__u32 xflags)
553 {
554 unsigned long iflags = 0;
555
556 if (xflags & FS_XFLAG_SYNC)
557 iflags |= EXT4_SYNC_FL;
558 if (xflags & FS_XFLAG_IMMUTABLE)
559 iflags |= EXT4_IMMUTABLE_FL;
560 if (xflags & FS_XFLAG_APPEND)
561 iflags |= EXT4_APPEND_FL;
562 if (xflags & FS_XFLAG_NODUMP)
563 iflags |= EXT4_NODUMP_FL;
564 if (xflags & FS_XFLAG_NOATIME)
565 iflags |= EXT4_NOATIME_FL;
566 if (xflags & FS_XFLAG_PROJINHERIT)
567 iflags |= EXT4_PROJINHERIT_FL;
568
569 return iflags;
570 }
571
ext4_shutdown(struct super_block * sb,unsigned long arg)572 static int ext4_shutdown(struct super_block *sb, unsigned long arg)
573 {
574 struct ext4_sb_info *sbi = EXT4_SB(sb);
575 __u32 flags;
576 struct super_block *ret;
577
578 if (!capable(CAP_SYS_ADMIN))
579 return -EPERM;
580
581 if (get_user(flags, (__u32 __user *)arg))
582 return -EFAULT;
583
584 if (flags > EXT4_GOING_FLAGS_NOLOGFLUSH)
585 return -EINVAL;
586
587 if (ext4_forced_shutdown(sbi))
588 return 0;
589
590 ext4_msg(sb, KERN_ALERT, "shut down requested (%d)", flags);
591 trace_ext4_shutdown(sb, flags);
592
593 switch (flags) {
594 case EXT4_GOING_FLAGS_DEFAULT:
595 ret = freeze_bdev(sb->s_bdev);
596 if (IS_ERR(ret))
597 return PTR_ERR(ret);
598 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
599 thaw_bdev(sb->s_bdev, sb);
600 break;
601 case EXT4_GOING_FLAGS_LOGFLUSH:
602 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
603 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) {
604 (void) ext4_force_commit(sb);
605 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
606 }
607 break;
608 case EXT4_GOING_FLAGS_NOLOGFLUSH:
609 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
610 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal))
611 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
612 break;
613 default:
614 return -EINVAL;
615 }
616 clear_opt(sb, DISCARD);
617 return 0;
618 }
619
620 struct getfsmap_info {
621 struct super_block *gi_sb;
622 struct fsmap_head __user *gi_data;
623 unsigned int gi_idx;
624 __u32 gi_last_flags;
625 };
626
ext4_getfsmap_format(struct ext4_fsmap * xfm,void * priv)627 static int ext4_getfsmap_format(struct ext4_fsmap *xfm, void *priv)
628 {
629 struct getfsmap_info *info = priv;
630 struct fsmap fm;
631
632 trace_ext4_getfsmap_mapping(info->gi_sb, xfm);
633
634 info->gi_last_flags = xfm->fmr_flags;
635 ext4_fsmap_from_internal(info->gi_sb, &fm, xfm);
636 if (copy_to_user(&info->gi_data->fmh_recs[info->gi_idx++], &fm,
637 sizeof(struct fsmap)))
638 return -EFAULT;
639
640 return 0;
641 }
642
ext4_ioc_getfsmap(struct super_block * sb,struct fsmap_head __user * arg)643 static int ext4_ioc_getfsmap(struct super_block *sb,
644 struct fsmap_head __user *arg)
645 {
646 struct getfsmap_info info = { NULL };
647 struct ext4_fsmap_head xhead = {0};
648 struct fsmap_head head;
649 bool aborted = false;
650 int error;
651
652 if (copy_from_user(&head, arg, sizeof(struct fsmap_head)))
653 return -EFAULT;
654 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) ||
655 memchr_inv(head.fmh_keys[0].fmr_reserved, 0,
656 sizeof(head.fmh_keys[0].fmr_reserved)) ||
657 memchr_inv(head.fmh_keys[1].fmr_reserved, 0,
658 sizeof(head.fmh_keys[1].fmr_reserved)))
659 return -EINVAL;
660 /*
661 * ext4 doesn't report file extents at all, so the only valid
662 * file offsets are the magic ones (all zeroes or all ones).
663 */
664 if (head.fmh_keys[0].fmr_offset ||
665 (head.fmh_keys[1].fmr_offset != 0 &&
666 head.fmh_keys[1].fmr_offset != -1ULL))
667 return -EINVAL;
668
669 xhead.fmh_iflags = head.fmh_iflags;
670 xhead.fmh_count = head.fmh_count;
671 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[0], &head.fmh_keys[0]);
672 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[1], &head.fmh_keys[1]);
673
674 trace_ext4_getfsmap_low_key(sb, &xhead.fmh_keys[0]);
675 trace_ext4_getfsmap_high_key(sb, &xhead.fmh_keys[1]);
676
677 info.gi_sb = sb;
678 info.gi_data = arg;
679 error = ext4_getfsmap(sb, &xhead, ext4_getfsmap_format, &info);
680 if (error == EXT4_QUERY_RANGE_ABORT) {
681 error = 0;
682 aborted = true;
683 } else if (error)
684 return error;
685
686 /* If we didn't abort, set the "last" flag in the last fmx */
687 if (!aborted && info.gi_idx) {
688 info.gi_last_flags |= FMR_OF_LAST;
689 if (copy_to_user(&info.gi_data->fmh_recs[info.gi_idx - 1].fmr_flags,
690 &info.gi_last_flags,
691 sizeof(info.gi_last_flags)))
692 return -EFAULT;
693 }
694
695 /* copy back header */
696 head.fmh_entries = xhead.fmh_entries;
697 head.fmh_oflags = xhead.fmh_oflags;
698 if (copy_to_user(arg, &head, sizeof(struct fsmap_head)))
699 return -EFAULT;
700
701 return 0;
702 }
703
ext4_ioctl_group_add(struct file * file,struct ext4_new_group_data * input)704 static long ext4_ioctl_group_add(struct file *file,
705 struct ext4_new_group_data *input)
706 {
707 struct super_block *sb = file_inode(file)->i_sb;
708 int err, err2=0;
709
710 err = ext4_resize_begin(sb);
711 if (err)
712 return err;
713
714 if (ext4_has_feature_bigalloc(sb)) {
715 ext4_msg(sb, KERN_ERR,
716 "Online resizing not supported with bigalloc");
717 err = -EOPNOTSUPP;
718 goto group_add_out;
719 }
720
721 err = mnt_want_write_file(file);
722 if (err)
723 goto group_add_out;
724
725 err = ext4_group_add(sb, input);
726 if (EXT4_SB(sb)->s_journal) {
727 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
728 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
729 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
730 }
731 if (err == 0)
732 err = err2;
733 mnt_drop_write_file(file);
734 if (!err && ext4_has_group_desc_csum(sb) &&
735 test_opt(sb, INIT_INODE_TABLE))
736 err = ext4_register_li_request(sb, input->group);
737 group_add_out:
738 ext4_resize_end(sb);
739 return err;
740 }
741
ext4_fill_fsxattr(struct inode * inode,struct fsxattr * fa)742 static void ext4_fill_fsxattr(struct inode *inode, struct fsxattr *fa)
743 {
744 struct ext4_inode_info *ei = EXT4_I(inode);
745
746 simple_fill_fsxattr(fa, ext4_iflags_to_xflags(ei->i_flags &
747 EXT4_FL_USER_VISIBLE));
748
749 if (ext4_has_feature_project(inode->i_sb))
750 fa->fsx_projid = from_kprojid(&init_user_ns, ei->i_projid);
751 }
752
753 /* copied from fs/ioctl.c */
fiemap_check_ranges(struct super_block * sb,u64 start,u64 len,u64 * new_len)754 static int fiemap_check_ranges(struct super_block *sb,
755 u64 start, u64 len, u64 *new_len)
756 {
757 u64 maxbytes = (u64) sb->s_maxbytes;
758
759 *new_len = len;
760
761 if (len == 0)
762 return -EINVAL;
763
764 if (start > maxbytes)
765 return -EFBIG;
766
767 /*
768 * Shrink request scope to what the fs can actually handle.
769 */
770 if (len > maxbytes || (maxbytes - len) < start)
771 *new_len = maxbytes - start;
772
773 return 0;
774 }
775
776 /* So that the fiemap access checks can't overflow on 32 bit machines. */
777 #define FIEMAP_MAX_EXTENTS (UINT_MAX / sizeof(struct fiemap_extent))
778
ext4_ioctl_get_es_cache(struct file * filp,unsigned long arg)779 static int ext4_ioctl_get_es_cache(struct file *filp, unsigned long arg)
780 {
781 struct fiemap fiemap;
782 struct fiemap __user *ufiemap = (struct fiemap __user *) arg;
783 struct fiemap_extent_info fieinfo = { 0, };
784 struct inode *inode = file_inode(filp);
785 struct super_block *sb = inode->i_sb;
786 u64 len;
787 int error;
788
789 if (copy_from_user(&fiemap, ufiemap, sizeof(fiemap)))
790 return -EFAULT;
791
792 if (fiemap.fm_extent_count > FIEMAP_MAX_EXTENTS)
793 return -EINVAL;
794
795 error = fiemap_check_ranges(sb, fiemap.fm_start, fiemap.fm_length,
796 &len);
797 if (error)
798 return error;
799
800 fieinfo.fi_flags = fiemap.fm_flags;
801 fieinfo.fi_extents_max = fiemap.fm_extent_count;
802 fieinfo.fi_extents_start = ufiemap->fm_extents;
803
804 if (fiemap.fm_extent_count != 0 &&
805 !access_ok(fieinfo.fi_extents_start,
806 fieinfo.fi_extents_max * sizeof(struct fiemap_extent)))
807 return -EFAULT;
808
809 if (fieinfo.fi_flags & FIEMAP_FLAG_SYNC)
810 filemap_write_and_wait(inode->i_mapping);
811
812 error = ext4_get_es_cache(inode, &fieinfo, fiemap.fm_start, len);
813 fiemap.fm_flags = fieinfo.fi_flags;
814 fiemap.fm_mapped_extents = fieinfo.fi_extents_mapped;
815 if (copy_to_user(ufiemap, &fiemap, sizeof(fiemap)))
816 error = -EFAULT;
817
818 return error;
819 }
820
ext4_ioctl(struct file * filp,unsigned int cmd,unsigned long arg)821 long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
822 {
823 struct inode *inode = file_inode(filp);
824 struct super_block *sb = inode->i_sb;
825 struct ext4_inode_info *ei = EXT4_I(inode);
826 unsigned int flags;
827
828 ext4_debug("cmd = %u, arg = %lu\n", cmd, arg);
829
830 switch (cmd) {
831 case FS_IOC_GETFSMAP:
832 return ext4_ioc_getfsmap(sb, (void __user *)arg);
833 case EXT4_IOC_GETFLAGS:
834 flags = ei->i_flags & EXT4_FL_USER_VISIBLE;
835 if (S_ISREG(inode->i_mode))
836 flags &= ~EXT4_PROJINHERIT_FL;
837 return put_user(flags, (int __user *) arg);
838 case EXT4_IOC_SETFLAGS: {
839 int err;
840
841 if (!inode_owner_or_capable(inode))
842 return -EACCES;
843
844 if (get_user(flags, (int __user *) arg))
845 return -EFAULT;
846
847 if (flags & ~EXT4_FL_USER_VISIBLE)
848 return -EOPNOTSUPP;
849 /*
850 * chattr(1) grabs flags via GETFLAGS, modifies the result and
851 * passes that to SETFLAGS. So we cannot easily make SETFLAGS
852 * more restrictive than just silently masking off visible but
853 * not settable flags as we always did.
854 */
855 flags &= EXT4_FL_USER_MODIFIABLE;
856 if (ext4_mask_flags(inode->i_mode, flags) != flags)
857 return -EOPNOTSUPP;
858
859 err = mnt_want_write_file(filp);
860 if (err)
861 return err;
862
863 inode_lock(inode);
864 err = ext4_ioctl_check_immutable(inode,
865 from_kprojid(&init_user_ns, ei->i_projid),
866 flags);
867 if (!err)
868 err = ext4_ioctl_setflags(inode, flags);
869 inode_unlock(inode);
870 mnt_drop_write_file(filp);
871 return err;
872 }
873 case EXT4_IOC_GETVERSION:
874 case EXT4_IOC_GETVERSION_OLD:
875 return put_user(inode->i_generation, (int __user *) arg);
876 case EXT4_IOC_SETVERSION:
877 case EXT4_IOC_SETVERSION_OLD: {
878 handle_t *handle;
879 struct ext4_iloc iloc;
880 __u32 generation;
881 int err;
882
883 if (!inode_owner_or_capable(inode))
884 return -EPERM;
885
886 if (ext4_has_metadata_csum(inode->i_sb)) {
887 ext4_warning(sb, "Setting inode version is not "
888 "supported with metadata_csum enabled.");
889 return -ENOTTY;
890 }
891
892 err = mnt_want_write_file(filp);
893 if (err)
894 return err;
895 if (get_user(generation, (int __user *) arg)) {
896 err = -EFAULT;
897 goto setversion_out;
898 }
899
900 inode_lock(inode);
901 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
902 if (IS_ERR(handle)) {
903 err = PTR_ERR(handle);
904 goto unlock_out;
905 }
906 err = ext4_reserve_inode_write(handle, inode, &iloc);
907 if (err == 0) {
908 inode->i_ctime = current_time(inode);
909 inode->i_generation = generation;
910 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
911 }
912 ext4_journal_stop(handle);
913
914 unlock_out:
915 inode_unlock(inode);
916 setversion_out:
917 mnt_drop_write_file(filp);
918 return err;
919 }
920 case EXT4_IOC_GROUP_EXTEND: {
921 ext4_fsblk_t n_blocks_count;
922 int err, err2=0;
923
924 err = ext4_resize_begin(sb);
925 if (err)
926 return err;
927
928 if (get_user(n_blocks_count, (__u32 __user *)arg)) {
929 err = -EFAULT;
930 goto group_extend_out;
931 }
932
933 if (ext4_has_feature_bigalloc(sb)) {
934 ext4_msg(sb, KERN_ERR,
935 "Online resizing not supported with bigalloc");
936 err = -EOPNOTSUPP;
937 goto group_extend_out;
938 }
939
940 err = mnt_want_write_file(filp);
941 if (err)
942 goto group_extend_out;
943
944 err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count);
945 if (EXT4_SB(sb)->s_journal) {
946 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
947 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
948 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
949 }
950 if (err == 0)
951 err = err2;
952 mnt_drop_write_file(filp);
953 group_extend_out:
954 ext4_resize_end(sb);
955 return err;
956 }
957
958 case EXT4_IOC_MOVE_EXT: {
959 struct move_extent me;
960 struct fd donor;
961 int err;
962
963 if (!(filp->f_mode & FMODE_READ) ||
964 !(filp->f_mode & FMODE_WRITE))
965 return -EBADF;
966
967 if (copy_from_user(&me,
968 (struct move_extent __user *)arg, sizeof(me)))
969 return -EFAULT;
970 me.moved_len = 0;
971
972 donor = fdget(me.donor_fd);
973 if (!donor.file)
974 return -EBADF;
975
976 if (!(donor.file->f_mode & FMODE_WRITE)) {
977 err = -EBADF;
978 goto mext_out;
979 }
980
981 if (ext4_has_feature_bigalloc(sb)) {
982 ext4_msg(sb, KERN_ERR,
983 "Online defrag not supported with bigalloc");
984 err = -EOPNOTSUPP;
985 goto mext_out;
986 } else if (IS_DAX(inode)) {
987 ext4_msg(sb, KERN_ERR,
988 "Online defrag not supported with DAX");
989 err = -EOPNOTSUPP;
990 goto mext_out;
991 }
992
993 err = mnt_want_write_file(filp);
994 if (err)
995 goto mext_out;
996
997 err = ext4_move_extents(filp, donor.file, me.orig_start,
998 me.donor_start, me.len, &me.moved_len);
999 mnt_drop_write_file(filp);
1000
1001 if (copy_to_user((struct move_extent __user *)arg,
1002 &me, sizeof(me)))
1003 err = -EFAULT;
1004 mext_out:
1005 fdput(donor);
1006 return err;
1007 }
1008
1009 case EXT4_IOC_GROUP_ADD: {
1010 struct ext4_new_group_data input;
1011
1012 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg,
1013 sizeof(input)))
1014 return -EFAULT;
1015
1016 return ext4_ioctl_group_add(filp, &input);
1017 }
1018
1019 case EXT4_IOC_MIGRATE:
1020 {
1021 int err;
1022 if (!inode_owner_or_capable(inode))
1023 return -EACCES;
1024
1025 err = mnt_want_write_file(filp);
1026 if (err)
1027 return err;
1028 /*
1029 * inode_mutex prevent write and truncate on the file.
1030 * Read still goes through. We take i_data_sem in
1031 * ext4_ext_swap_inode_data before we switch the
1032 * inode format to prevent read.
1033 */
1034 inode_lock((inode));
1035 err = ext4_ext_migrate(inode);
1036 inode_unlock((inode));
1037 mnt_drop_write_file(filp);
1038 return err;
1039 }
1040
1041 case EXT4_IOC_ALLOC_DA_BLKS:
1042 {
1043 int err;
1044 if (!inode_owner_or_capable(inode))
1045 return -EACCES;
1046
1047 err = mnt_want_write_file(filp);
1048 if (err)
1049 return err;
1050 err = ext4_alloc_da_blocks(inode);
1051 mnt_drop_write_file(filp);
1052 return err;
1053 }
1054
1055 case EXT4_IOC_SWAP_BOOT:
1056 {
1057 int err;
1058 if (!(filp->f_mode & FMODE_WRITE))
1059 return -EBADF;
1060 err = mnt_want_write_file(filp);
1061 if (err)
1062 return err;
1063 err = swap_inode_boot_loader(sb, inode);
1064 mnt_drop_write_file(filp);
1065 return err;
1066 }
1067
1068 case EXT4_IOC_RESIZE_FS: {
1069 ext4_fsblk_t n_blocks_count;
1070 int err = 0, err2 = 0;
1071 ext4_group_t o_group = EXT4_SB(sb)->s_groups_count;
1072
1073 if (copy_from_user(&n_blocks_count, (__u64 __user *)arg,
1074 sizeof(__u64))) {
1075 return -EFAULT;
1076 }
1077
1078 err = ext4_resize_begin(sb);
1079 if (err)
1080 return err;
1081
1082 err = mnt_want_write_file(filp);
1083 if (err)
1084 goto resizefs_out;
1085
1086 err = ext4_resize_fs(sb, n_blocks_count);
1087 if (EXT4_SB(sb)->s_journal) {
1088 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
1089 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
1090 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
1091 }
1092 if (err == 0)
1093 err = err2;
1094 mnt_drop_write_file(filp);
1095 if (!err && (o_group < EXT4_SB(sb)->s_groups_count) &&
1096 ext4_has_group_desc_csum(sb) &&
1097 test_opt(sb, INIT_INODE_TABLE))
1098 err = ext4_register_li_request(sb, o_group);
1099
1100 resizefs_out:
1101 ext4_resize_end(sb);
1102 return err;
1103 }
1104
1105 case FITRIM:
1106 {
1107 struct request_queue *q = bdev_get_queue(sb->s_bdev);
1108 struct fstrim_range range;
1109 int ret = 0;
1110
1111 if (!capable(CAP_SYS_ADMIN))
1112 return -EPERM;
1113
1114 if (!blk_queue_discard(q))
1115 return -EOPNOTSUPP;
1116
1117 /*
1118 * We haven't replayed the journal, so we cannot use our
1119 * block-bitmap-guided storage zapping commands.
1120 */
1121 if (test_opt(sb, NOLOAD) && ext4_has_feature_journal(sb))
1122 return -EROFS;
1123
1124 if (copy_from_user(&range, (struct fstrim_range __user *)arg,
1125 sizeof(range)))
1126 return -EFAULT;
1127
1128 ret = ext4_trim_fs(sb, &range);
1129 if (ret < 0)
1130 return ret;
1131
1132 if (copy_to_user((struct fstrim_range __user *)arg, &range,
1133 sizeof(range)))
1134 return -EFAULT;
1135
1136 return 0;
1137 }
1138 case EXT4_IOC_PRECACHE_EXTENTS:
1139 return ext4_ext_precache(inode);
1140
1141 case EXT4_IOC_SET_ENCRYPTION_POLICY:
1142 if (!ext4_has_feature_encrypt(sb))
1143 return -EOPNOTSUPP;
1144 return fscrypt_ioctl_set_policy(filp, (const void __user *)arg);
1145
1146 case EXT4_IOC_GET_ENCRYPTION_PWSALT: {
1147 #ifdef CONFIG_FS_ENCRYPTION
1148 int err, err2;
1149 struct ext4_sb_info *sbi = EXT4_SB(sb);
1150 handle_t *handle;
1151
1152 if (!ext4_has_feature_encrypt(sb))
1153 return -EOPNOTSUPP;
1154 if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
1155 err = mnt_want_write_file(filp);
1156 if (err)
1157 return err;
1158 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
1159 if (IS_ERR(handle)) {
1160 err = PTR_ERR(handle);
1161 goto pwsalt_err_exit;
1162 }
1163 err = ext4_journal_get_write_access(handle, sbi->s_sbh);
1164 if (err)
1165 goto pwsalt_err_journal;
1166 lock_buffer(sbi->s_sbh);
1167 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
1168 ext4_superblock_csum_set(sb);
1169 unlock_buffer(sbi->s_sbh);
1170 err = ext4_handle_dirty_metadata(handle, NULL,
1171 sbi->s_sbh);
1172 pwsalt_err_journal:
1173 err2 = ext4_journal_stop(handle);
1174 if (err2 && !err)
1175 err = err2;
1176 pwsalt_err_exit:
1177 mnt_drop_write_file(filp);
1178 if (err)
1179 return err;
1180 }
1181 if (copy_to_user((void __user *) arg,
1182 sbi->s_es->s_encrypt_pw_salt, 16))
1183 return -EFAULT;
1184 return 0;
1185 #else
1186 return -EOPNOTSUPP;
1187 #endif
1188 }
1189 case EXT4_IOC_GET_ENCRYPTION_POLICY:
1190 if (!ext4_has_feature_encrypt(sb))
1191 return -EOPNOTSUPP;
1192 return fscrypt_ioctl_get_policy(filp, (void __user *)arg);
1193
1194 case FS_IOC_GET_ENCRYPTION_POLICY_EX:
1195 if (!ext4_has_feature_encrypt(sb))
1196 return -EOPNOTSUPP;
1197 return fscrypt_ioctl_get_policy_ex(filp, (void __user *)arg);
1198
1199 case FS_IOC_ADD_ENCRYPTION_KEY:
1200 if (!ext4_has_feature_encrypt(sb))
1201 return -EOPNOTSUPP;
1202 return fscrypt_ioctl_add_key(filp, (void __user *)arg);
1203
1204 case FS_IOC_REMOVE_ENCRYPTION_KEY:
1205 if (!ext4_has_feature_encrypt(sb))
1206 return -EOPNOTSUPP;
1207 return fscrypt_ioctl_remove_key(filp, (void __user *)arg);
1208
1209 case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
1210 if (!ext4_has_feature_encrypt(sb))
1211 return -EOPNOTSUPP;
1212 return fscrypt_ioctl_remove_key_all_users(filp,
1213 (void __user *)arg);
1214 case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
1215 if (!ext4_has_feature_encrypt(sb))
1216 return -EOPNOTSUPP;
1217 return fscrypt_ioctl_get_key_status(filp, (void __user *)arg);
1218
1219 case FS_IOC_GET_ENCRYPTION_NONCE:
1220 if (!ext4_has_feature_encrypt(sb))
1221 return -EOPNOTSUPP;
1222 return fscrypt_ioctl_get_nonce(filp, (void __user *)arg);
1223
1224 case EXT4_IOC_CLEAR_ES_CACHE:
1225 {
1226 if (!inode_owner_or_capable(inode))
1227 return -EACCES;
1228 ext4_clear_inode_es(inode);
1229 return 0;
1230 }
1231
1232 case EXT4_IOC_GETSTATE:
1233 {
1234 __u32 state = 0;
1235
1236 if (ext4_test_inode_state(inode, EXT4_STATE_EXT_PRECACHED))
1237 state |= EXT4_STATE_FLAG_EXT_PRECACHED;
1238 if (ext4_test_inode_state(inode, EXT4_STATE_NEW))
1239 state |= EXT4_STATE_FLAG_NEW;
1240 if (ext4_test_inode_state(inode, EXT4_STATE_NEWENTRY))
1241 state |= EXT4_STATE_FLAG_NEWENTRY;
1242 if (ext4_test_inode_state(inode, EXT4_STATE_DA_ALLOC_CLOSE))
1243 state |= EXT4_STATE_FLAG_DA_ALLOC_CLOSE;
1244
1245 return put_user(state, (__u32 __user *) arg);
1246 }
1247
1248 case EXT4_IOC_GET_ES_CACHE:
1249 return ext4_ioctl_get_es_cache(filp, arg);
1250
1251 case EXT4_IOC_FSGETXATTR:
1252 {
1253 struct fsxattr fa;
1254
1255 ext4_fill_fsxattr(inode, &fa);
1256
1257 if (copy_to_user((struct fsxattr __user *)arg,
1258 &fa, sizeof(fa)))
1259 return -EFAULT;
1260 return 0;
1261 }
1262 case EXT4_IOC_FSSETXATTR:
1263 {
1264 struct fsxattr fa, old_fa;
1265 int err;
1266
1267 if (copy_from_user(&fa, (struct fsxattr __user *)arg,
1268 sizeof(fa)))
1269 return -EFAULT;
1270
1271 /* Make sure caller has proper permission */
1272 if (!inode_owner_or_capable(inode))
1273 return -EACCES;
1274
1275 if (fa.fsx_xflags & ~EXT4_SUPPORTED_FS_XFLAGS)
1276 return -EOPNOTSUPP;
1277
1278 flags = ext4_xflags_to_iflags(fa.fsx_xflags);
1279 if (ext4_mask_flags(inode->i_mode, flags) != flags)
1280 return -EOPNOTSUPP;
1281
1282 err = mnt_want_write_file(filp);
1283 if (err)
1284 return err;
1285
1286 inode_lock(inode);
1287 ext4_fill_fsxattr(inode, &old_fa);
1288 err = vfs_ioc_fssetxattr_check(inode, &old_fa, &fa);
1289 if (err)
1290 goto out;
1291 flags = (ei->i_flags & ~EXT4_FL_XFLAG_VISIBLE) |
1292 (flags & EXT4_FL_XFLAG_VISIBLE);
1293 err = ext4_ioctl_check_immutable(inode, fa.fsx_projid, flags);
1294 if (err)
1295 goto out;
1296 err = ext4_ioctl_setflags(inode, flags);
1297 if (err)
1298 goto out;
1299 err = ext4_ioctl_setproject(filp, fa.fsx_projid);
1300 out:
1301 inode_unlock(inode);
1302 mnt_drop_write_file(filp);
1303 return err;
1304 }
1305 case EXT4_IOC_SHUTDOWN:
1306 return ext4_shutdown(sb, arg);
1307
1308 case FS_IOC_ENABLE_VERITY:
1309 if (!ext4_has_feature_verity(sb))
1310 return -EOPNOTSUPP;
1311 return fsverity_ioctl_enable(filp, (const void __user *)arg);
1312
1313 case FS_IOC_MEASURE_VERITY:
1314 if (!ext4_has_feature_verity(sb))
1315 return -EOPNOTSUPP;
1316 return fsverity_ioctl_measure(filp, (void __user *)arg);
1317
1318 default:
1319 return -ENOTTY;
1320 }
1321 }
1322
1323 #ifdef CONFIG_COMPAT
ext4_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1324 long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1325 {
1326 /* These are just misnamed, they actually get/put from/to user an int */
1327 switch (cmd) {
1328 case EXT4_IOC32_GETFLAGS:
1329 cmd = EXT4_IOC_GETFLAGS;
1330 break;
1331 case EXT4_IOC32_SETFLAGS:
1332 cmd = EXT4_IOC_SETFLAGS;
1333 break;
1334 case EXT4_IOC32_GETVERSION:
1335 cmd = EXT4_IOC_GETVERSION;
1336 break;
1337 case EXT4_IOC32_SETVERSION:
1338 cmd = EXT4_IOC_SETVERSION;
1339 break;
1340 case EXT4_IOC32_GROUP_EXTEND:
1341 cmd = EXT4_IOC_GROUP_EXTEND;
1342 break;
1343 case EXT4_IOC32_GETVERSION_OLD:
1344 cmd = EXT4_IOC_GETVERSION_OLD;
1345 break;
1346 case EXT4_IOC32_SETVERSION_OLD:
1347 cmd = EXT4_IOC_SETVERSION_OLD;
1348 break;
1349 case EXT4_IOC32_GETRSVSZ:
1350 cmd = EXT4_IOC_GETRSVSZ;
1351 break;
1352 case EXT4_IOC32_SETRSVSZ:
1353 cmd = EXT4_IOC_SETRSVSZ;
1354 break;
1355 case EXT4_IOC32_GROUP_ADD: {
1356 struct compat_ext4_new_group_input __user *uinput;
1357 struct ext4_new_group_data input;
1358 int err;
1359
1360 uinput = compat_ptr(arg);
1361 err = get_user(input.group, &uinput->group);
1362 err |= get_user(input.block_bitmap, &uinput->block_bitmap);
1363 err |= get_user(input.inode_bitmap, &uinput->inode_bitmap);
1364 err |= get_user(input.inode_table, &uinput->inode_table);
1365 err |= get_user(input.blocks_count, &uinput->blocks_count);
1366 err |= get_user(input.reserved_blocks,
1367 &uinput->reserved_blocks);
1368 if (err)
1369 return -EFAULT;
1370 return ext4_ioctl_group_add(file, &input);
1371 }
1372 case EXT4_IOC_MOVE_EXT:
1373 case EXT4_IOC_RESIZE_FS:
1374 case EXT4_IOC_PRECACHE_EXTENTS:
1375 case EXT4_IOC_SET_ENCRYPTION_POLICY:
1376 case EXT4_IOC_GET_ENCRYPTION_PWSALT:
1377 case EXT4_IOC_GET_ENCRYPTION_POLICY:
1378 case FS_IOC_GET_ENCRYPTION_POLICY_EX:
1379 case FS_IOC_ADD_ENCRYPTION_KEY:
1380 case FS_IOC_REMOVE_ENCRYPTION_KEY:
1381 case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
1382 case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
1383 case FS_IOC_GET_ENCRYPTION_NONCE:
1384 case EXT4_IOC_SHUTDOWN:
1385 case FS_IOC_GETFSMAP:
1386 case FS_IOC_ENABLE_VERITY:
1387 case FS_IOC_MEASURE_VERITY:
1388 case EXT4_IOC_CLEAR_ES_CACHE:
1389 case EXT4_IOC_GETSTATE:
1390 case EXT4_IOC_GET_ES_CACHE:
1391 case EXT4_IOC_FSGETXATTR:
1392 case EXT4_IOC_FSSETXATTR:
1393 break;
1394 default:
1395 return -ENOIOCTLCMD;
1396 }
1397 return ext4_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
1398 }
1399 #endif
1400