1 // SPDX-License-Identifier: GPL-2.0
3 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
8 #include "xfs_shared.h"
9 #include "xfs_format.h"
10 #include "xfs_log_format.h"
11 #include "xfs_trans_resv.h"
12 #include "xfs_mount.h"
13 #include "xfs_inode.h"
14 #include "xfs_rtalloc.h"
15 #include "xfs_iwalk.h"
16 #include "xfs_itable.h"
17 #include "xfs_error.h"
18 #include "xfs_da_format.h"
19 #include "xfs_da_btree.h"
22 #include "xfs_bmap_util.h"
23 #include "xfs_fsops.h"
24 #include "xfs_discard.h"
25 #include "xfs_quota.h"
26 #include "xfs_trace.h"
27 #include "xfs_icache.h"
28 #include "xfs_trans.h"
29 #include "xfs_btree.h"
30 #include <linux/fsmap.h>
31 #include "xfs_fsmap.h"
32 #include "scrub/xfs_scrub.h"
35 #include "xfs_health.h"
36 #include "xfs_reflink.h"
37 #include "xfs_ioctl.h"
38 #include "xfs_xattr.h"
39 #include "xfs_rtbitmap.h"
41 #include "xfs_exchrange.h"
42 #include "xfs_handle.h"
44 #include <linux/mount.h>
45 #include <linux/fileattr.h>
47 /* Return 0 on success or positive error */
49 xfs_fsbulkstat_one_fmt(
50 struct xfs_ibulk *breq,
51 const struct xfs_bulkstat *bstat)
55 xfs_bulkstat_to_bstat(breq->mp, &bs1, bstat);
56 if (copy_to_user(breq->ubuffer, &bs1, sizeof(bs1)))
58 return xfs_ibulk_advance(breq, sizeof(struct xfs_bstat));
63 struct xfs_ibulk *breq,
64 const struct xfs_inumbers *igrp)
66 struct xfs_inogrp ig1;
68 xfs_inumbers_to_inogrp(&ig1, igrp);
69 if (copy_to_user(breq->ubuffer, &ig1, sizeof(struct xfs_inogrp)))
71 return xfs_ibulk_advance(breq, sizeof(struct xfs_inogrp));
80 struct xfs_mount *mp = XFS_I(file_inode(file))->i_mount;
81 struct xfs_fsop_bulkreq bulkreq;
82 struct xfs_ibulk breq = {
84 .idmap = file_mnt_idmap(file),
90 /* done = 1 if there are more stats to get and if bulkstat */
91 /* should be called again (unused here, but used in dmapi) */
93 if (!capable(CAP_SYS_ADMIN))
96 if (xfs_is_shutdown(mp))
99 if (copy_from_user(&bulkreq, arg, sizeof(struct xfs_fsop_bulkreq)))
102 if (copy_from_user(&lastino, bulkreq.lastip, sizeof(__s64)))
105 if (bulkreq.icount <= 0)
108 if (bulkreq.ubuffer == NULL)
111 breq.ubuffer = bulkreq.ubuffer;
112 breq.icount = bulkreq.icount;
115 * FSBULKSTAT_SINGLE expects that *lastip contains the inode number
116 * that we want to stat. However, FSINUMBERS and FSBULKSTAT expect
117 * that *lastip contains either zero or the number of the last inode to
118 * be examined by the previous call and return results starting with
119 * the next inode after that. The new bulk request back end functions
120 * take the inode to start with, so we have to compute the startino
121 * parameter from lastino to maintain correct function. lastino == 0
122 * is a special case because it has traditionally meant "first inode
125 if (cmd == XFS_IOC_FSINUMBERS) {
126 breq.startino = lastino ? lastino + 1 : 0;
127 error = xfs_inumbers(&breq, xfs_fsinumbers_fmt);
128 lastino = breq.startino - 1;
129 } else if (cmd == XFS_IOC_FSBULKSTAT_SINGLE) {
130 breq.startino = lastino;
132 error = xfs_bulkstat_one(&breq, xfs_fsbulkstat_one_fmt);
133 } else { /* XFS_IOC_FSBULKSTAT */
134 breq.startino = lastino ? lastino + 1 : 0;
135 error = xfs_bulkstat(&breq, xfs_fsbulkstat_one_fmt);
136 lastino = breq.startino - 1;
142 if (bulkreq.lastip != NULL &&
143 copy_to_user(bulkreq.lastip, &lastino, sizeof(xfs_ino_t)))
146 if (bulkreq.ocount != NULL &&
147 copy_to_user(bulkreq.ocount, &breq.ocount, sizeof(__s32)))
153 /* Return 0 on success or positive error */
156 struct xfs_ibulk *breq,
157 const struct xfs_bulkstat *bstat)
159 if (copy_to_user(breq->ubuffer, bstat, sizeof(struct xfs_bulkstat)))
161 return xfs_ibulk_advance(breq, sizeof(struct xfs_bulkstat));
165 * Check the incoming bulk request @hdr from userspace and initialize the
166 * internal @breq bulk request appropriately. Returns 0 if the bulk request
167 * should proceed; -ECANCELED if there's nothing to do; or the usual
168 * negative error code.
172 struct xfs_mount *mp,
173 const struct xfs_bulk_ireq *hdr,
174 struct xfs_ibulk *breq,
175 void __user *ubuffer)
177 if (hdr->icount == 0 ||
178 (hdr->flags & ~XFS_BULK_IREQ_FLAGS_ALL) ||
179 memchr_inv(hdr->reserved, 0, sizeof(hdr->reserved)))
182 breq->startino = hdr->ino;
183 breq->ubuffer = ubuffer;
184 breq->icount = hdr->icount;
189 * The @ino parameter is a special value, so we must look it up here.
190 * We're not allowed to have IREQ_AGNO, and we only return one inode
193 if (hdr->flags & XFS_BULK_IREQ_SPECIAL) {
194 if (hdr->flags & XFS_BULK_IREQ_AGNO)
198 case XFS_BULK_IREQ_SPECIAL_ROOT:
199 breq->startino = mp->m_sb.sb_rootino;
208 * The IREQ_AGNO flag means that we only want results from a given AG.
209 * If @hdr->ino is zero, we start iterating in that AG. If @hdr->ino is
210 * beyond the specified AG then we return no results.
212 if (hdr->flags & XFS_BULK_IREQ_AGNO) {
213 if (hdr->agno >= mp->m_sb.sb_agcount)
216 if (breq->startino == 0)
217 breq->startino = XFS_AGINO_TO_INO(mp, hdr->agno, 0);
218 else if (XFS_INO_TO_AGNO(mp, breq->startino) < hdr->agno)
221 breq->flags |= XFS_IBULK_SAME_AG;
223 /* Asking for an inode past the end of the AG? We're done! */
224 if (XFS_INO_TO_AGNO(mp, breq->startino) > hdr->agno)
226 } else if (hdr->agno)
229 /* Asking for an inode past the end of the FS? We're done! */
230 if (XFS_INO_TO_AGNO(mp, breq->startino) >= mp->m_sb.sb_agcount)
233 if (hdr->flags & XFS_BULK_IREQ_NREXT64)
234 breq->flags |= XFS_IBULK_NREXT64;
240 * Update the userspace bulk request @hdr to reflect the end state of the
241 * internal bulk request @breq.
244 xfs_bulk_ireq_teardown(
245 struct xfs_bulk_ireq *hdr,
246 struct xfs_ibulk *breq)
248 hdr->ino = breq->startino;
249 hdr->ocount = breq->ocount;
252 /* Handle the v5 bulkstat ioctl. */
257 struct xfs_bulkstat_req __user *arg)
259 struct xfs_mount *mp = XFS_I(file_inode(file))->i_mount;
260 struct xfs_bulk_ireq hdr;
261 struct xfs_ibulk breq = {
263 .idmap = file_mnt_idmap(file),
267 if (!capable(CAP_SYS_ADMIN))
270 if (xfs_is_shutdown(mp))
273 if (copy_from_user(&hdr, &arg->hdr, sizeof(hdr)))
276 error = xfs_bulk_ireq_setup(mp, &hdr, &breq, arg->bulkstat);
277 if (error == -ECANCELED)
282 error = xfs_bulkstat(&breq, xfs_bulkstat_fmt);
287 xfs_bulk_ireq_teardown(&hdr, &breq);
288 if (copy_to_user(&arg->hdr, &hdr, sizeof(hdr)))
296 struct xfs_ibulk *breq,
297 const struct xfs_inumbers *igrp)
299 if (copy_to_user(breq->ubuffer, igrp, sizeof(struct xfs_inumbers)))
301 return xfs_ibulk_advance(breq, sizeof(struct xfs_inumbers));
304 /* Handle the v5 inumbers ioctl. */
307 struct xfs_mount *mp,
309 struct xfs_inumbers_req __user *arg)
311 struct xfs_bulk_ireq hdr;
312 struct xfs_ibulk breq = {
317 if (!capable(CAP_SYS_ADMIN))
320 if (xfs_is_shutdown(mp))
323 if (copy_from_user(&hdr, &arg->hdr, sizeof(hdr)))
326 error = xfs_bulk_ireq_setup(mp, &hdr, &breq, arg->inumbers);
327 if (error == -ECANCELED)
332 error = xfs_inumbers(&breq, xfs_inumbers_fmt);
337 xfs_bulk_ireq_teardown(&hdr, &breq);
338 if (copy_to_user(&arg->hdr, &hdr, sizeof(hdr)))
346 struct xfs_mount *mp,
350 struct xfs_fsop_geom fsgeo;
353 xfs_fs_geometry(mp, &fsgeo, struct_version);
355 if (struct_version <= 3)
356 len = sizeof(struct xfs_fsop_geom_v1);
357 else if (struct_version == 4)
358 len = sizeof(struct xfs_fsop_geom_v4);
360 xfs_fsop_geom_health(mp, &fsgeo);
364 if (copy_to_user(arg, &fsgeo, len))
371 struct xfs_mount *mp,
374 struct xfs_perag *pag;
375 struct xfs_ag_geometry ageo;
378 if (copy_from_user(&ageo, arg, sizeof(ageo)))
382 if (memchr_inv(&ageo.ag_reserved, 0, sizeof(ageo.ag_reserved)))
385 pag = xfs_perag_get(mp, ageo.ag_number);
389 error = xfs_ag_get_geometry(pag, &ageo);
394 if (copy_to_user(arg, &ageo, sizeof(ageo)))
400 * Linux extended inode flags interface.
405 struct xfs_inode *ip,
409 struct xfs_mount *mp = ip->i_mount;
410 struct xfs_ifork *ifp = xfs_ifork_ptr(ip, whichfork);
412 fileattr_fill_xflags(fa, xfs_ip2xflags(ip));
414 if (ip->i_diflags & XFS_DIFLAG_EXTSIZE) {
415 fa->fsx_extsize = XFS_FSB_TO_B(mp, ip->i_extsize);
416 } else if (ip->i_diflags & XFS_DIFLAG_EXTSZINHERIT) {
418 * Don't let a misaligned extent size hint on a directory
419 * escape to userspace if it won't pass the setattr checks
422 if ((ip->i_diflags & XFS_DIFLAG_RTINHERIT) &&
423 xfs_extlen_to_rtxmod(mp, ip->i_extsize) > 0) {
424 fa->fsx_xflags &= ~(FS_XFLAG_EXTSIZE |
425 FS_XFLAG_EXTSZINHERIT);
428 fa->fsx_extsize = XFS_FSB_TO_B(mp, ip->i_extsize);
432 if (ip->i_diflags2 & XFS_DIFLAG2_COWEXTSIZE)
433 fa->fsx_cowextsize = XFS_FSB_TO_B(mp, ip->i_cowextsize);
434 fa->fsx_projid = ip->i_projid;
435 if (ifp && !xfs_need_iread_extents(ifp))
436 fa->fsx_nextents = xfs_iext_count(ifp);
438 fa->fsx_nextents = xfs_ifork_nextents(ifp);
448 xfs_ilock(ip, XFS_ILOCK_SHARED);
449 xfs_fill_fsxattr(ip, XFS_ATTR_FORK, &fa);
450 xfs_iunlock(ip, XFS_ILOCK_SHARED);
452 return copy_fsxattr_to_user(&fa, arg);
457 struct dentry *dentry,
460 struct xfs_inode *ip = XFS_I(d_inode(dentry));
462 if (d_is_special(dentry))
465 xfs_ilock(ip, XFS_ILOCK_SHARED);
466 xfs_fill_fsxattr(ip, XFS_DATA_FORK, fa);
467 xfs_iunlock(ip, XFS_ILOCK_SHARED);
474 struct xfs_inode *ip,
477 /* can't set PREALLOC this way, just preserve it */
479 (ip->i_diflags & XFS_DIFLAG_PREALLOC);
481 if (xflags & FS_XFLAG_IMMUTABLE)
482 di_flags |= XFS_DIFLAG_IMMUTABLE;
483 if (xflags & FS_XFLAG_APPEND)
484 di_flags |= XFS_DIFLAG_APPEND;
485 if (xflags & FS_XFLAG_SYNC)
486 di_flags |= XFS_DIFLAG_SYNC;
487 if (xflags & FS_XFLAG_NOATIME)
488 di_flags |= XFS_DIFLAG_NOATIME;
489 if (xflags & FS_XFLAG_NODUMP)
490 di_flags |= XFS_DIFLAG_NODUMP;
491 if (xflags & FS_XFLAG_NODEFRAG)
492 di_flags |= XFS_DIFLAG_NODEFRAG;
493 if (xflags & FS_XFLAG_FILESTREAM)
494 di_flags |= XFS_DIFLAG_FILESTREAM;
495 if (S_ISDIR(VFS_I(ip)->i_mode)) {
496 if (xflags & FS_XFLAG_RTINHERIT)
497 di_flags |= XFS_DIFLAG_RTINHERIT;
498 if (xflags & FS_XFLAG_NOSYMLINKS)
499 di_flags |= XFS_DIFLAG_NOSYMLINKS;
500 if (xflags & FS_XFLAG_EXTSZINHERIT)
501 di_flags |= XFS_DIFLAG_EXTSZINHERIT;
502 if (xflags & FS_XFLAG_PROJINHERIT)
503 di_flags |= XFS_DIFLAG_PROJINHERIT;
504 } else if (S_ISREG(VFS_I(ip)->i_mode)) {
505 if (xflags & FS_XFLAG_REALTIME)
506 di_flags |= XFS_DIFLAG_REALTIME;
507 if (xflags & FS_XFLAG_EXTSIZE)
508 di_flags |= XFS_DIFLAG_EXTSIZE;
516 struct xfs_inode *ip,
520 (ip->i_diflags2 & (XFS_DIFLAG2_REFLINK |
521 XFS_DIFLAG2_BIGTIME |
522 XFS_DIFLAG2_NREXT64));
524 if (xflags & FS_XFLAG_DAX)
525 di_flags2 |= XFS_DIFLAG2_DAX;
526 if (xflags & FS_XFLAG_COWEXTSIZE)
527 di_flags2 |= XFS_DIFLAG2_COWEXTSIZE;
533 xfs_ioctl_setattr_xflags(
534 struct xfs_trans *tp,
535 struct xfs_inode *ip,
538 struct xfs_mount *mp = ip->i_mount;
539 bool rtflag = (fa->fsx_xflags & FS_XFLAG_REALTIME);
542 if (rtflag != XFS_IS_REALTIME_INODE(ip)) {
543 /* Can't change realtime flag if any extents are allocated. */
544 if (ip->i_df.if_nextents || ip->i_delayed_blks)
549 /* If realtime flag is set then must have realtime device */
550 if (mp->m_sb.sb_rblocks == 0 || mp->m_sb.sb_rextsize == 0 ||
551 xfs_extlen_to_rtxmod(mp, ip->i_extsize))
554 /* Clear reflink if we are actually able to set the rt flag. */
555 if (xfs_is_reflink_inode(ip))
556 ip->i_diflags2 &= ~XFS_DIFLAG2_REFLINK;
559 /* diflags2 only valid for v3 inodes. */
560 i_flags2 = xfs_flags2diflags2(ip, fa->fsx_xflags);
561 if (i_flags2 && !xfs_has_v3inodes(mp))
564 ip->i_diflags = xfs_flags2diflags(ip, fa->fsx_xflags);
565 ip->i_diflags2 = i_flags2;
567 xfs_diflags_to_iflags(ip, false);
570 * Make the stable writes flag match that of the device the inode
571 * resides on when flipping the RT flag.
573 if (rtflag != XFS_IS_REALTIME_INODE(ip) && S_ISREG(VFS_I(ip)->i_mode))
574 xfs_update_stable_writes(ip);
576 xfs_trans_ichgtime(tp, ip, XFS_ICHGTIME_CHG);
577 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
578 XFS_STATS_INC(mp, xs_ig_attrchg);
583 xfs_ioctl_setattr_prepare_dax(
584 struct xfs_inode *ip,
587 struct xfs_mount *mp = ip->i_mount;
588 struct inode *inode = VFS_I(ip);
590 if (S_ISDIR(inode->i_mode))
593 if (xfs_has_dax_always(mp) || xfs_has_dax_never(mp))
596 if (((fa->fsx_xflags & FS_XFLAG_DAX) &&
597 !(ip->i_diflags2 & XFS_DIFLAG2_DAX)) ||
598 (!(fa->fsx_xflags & FS_XFLAG_DAX) &&
599 (ip->i_diflags2 & XFS_DIFLAG2_DAX)))
600 d_mark_dontcache(inode);
604 * Set up the transaction structure for the setattr operation, checking that we
605 * have permission to do so. On success, return a clean transaction and the
606 * inode locked exclusively ready for further operation specific checks. On
607 * failure, return an error without modifying or locking the inode.
609 static struct xfs_trans *
610 xfs_ioctl_setattr_get_trans(
611 struct xfs_inode *ip,
612 struct xfs_dquot *pdqp)
614 struct xfs_mount *mp = ip->i_mount;
615 struct xfs_trans *tp;
618 if (xfs_is_readonly(mp))
621 if (xfs_is_shutdown(mp))
624 error = xfs_trans_alloc_ichange(ip, NULL, NULL, pdqp,
625 has_capability_noaudit(current, CAP_FOWNER), &tp);
629 if (xfs_has_wsync(mp))
630 xfs_trans_set_sync(tp);
635 return ERR_PTR(error);
639 * Validate a proposed extent size hint. For regular files, the hint can only
640 * be changed if no extents are allocated.
643 xfs_ioctl_setattr_check_extsize(
644 struct xfs_inode *ip,
647 struct xfs_mount *mp = ip->i_mount;
648 xfs_failaddr_t failaddr;
649 uint16_t new_diflags;
654 if (S_ISREG(VFS_I(ip)->i_mode) && ip->i_df.if_nextents &&
655 XFS_FSB_TO_B(mp, ip->i_extsize) != fa->fsx_extsize)
658 if (fa->fsx_extsize & mp->m_blockmask)
661 new_diflags = xfs_flags2diflags(ip, fa->fsx_xflags);
664 * Inode verifiers do not check that the extent size hint is an integer
665 * multiple of the rt extent size on a directory with both rtinherit
666 * and extszinherit flags set. Don't let sysadmins misconfigure
669 if ((new_diflags & XFS_DIFLAG_RTINHERIT) &&
670 (new_diflags & XFS_DIFLAG_EXTSZINHERIT)) {
671 unsigned int rtextsize_bytes;
673 rtextsize_bytes = XFS_FSB_TO_B(mp, mp->m_sb.sb_rextsize);
674 if (fa->fsx_extsize % rtextsize_bytes)
678 failaddr = xfs_inode_validate_extsize(ip->i_mount,
679 XFS_B_TO_FSB(mp, fa->fsx_extsize),
680 VFS_I(ip)->i_mode, new_diflags);
681 return failaddr != NULL ? -EINVAL : 0;
685 xfs_ioctl_setattr_check_cowextsize(
686 struct xfs_inode *ip,
689 struct xfs_mount *mp = ip->i_mount;
690 xfs_failaddr_t failaddr;
691 uint64_t new_diflags2;
692 uint16_t new_diflags;
697 if (fa->fsx_cowextsize & mp->m_blockmask)
700 new_diflags = xfs_flags2diflags(ip, fa->fsx_xflags);
701 new_diflags2 = xfs_flags2diflags2(ip, fa->fsx_xflags);
703 failaddr = xfs_inode_validate_cowextsize(ip->i_mount,
704 XFS_B_TO_FSB(mp, fa->fsx_cowextsize),
705 VFS_I(ip)->i_mode, new_diflags, new_diflags2);
706 return failaddr != NULL ? -EINVAL : 0;
710 xfs_ioctl_setattr_check_projid(
711 struct xfs_inode *ip,
717 /* Disallow 32bit project ids if 32bit IDs are not enabled. */
718 if (fa->fsx_projid > (uint16_t)-1 &&
719 !xfs_has_projid32(ip->i_mount))
726 struct mnt_idmap *idmap,
727 struct dentry *dentry,
730 struct xfs_inode *ip = XFS_I(d_inode(dentry));
731 struct xfs_mount *mp = ip->i_mount;
732 struct xfs_trans *tp;
733 struct xfs_dquot *pdqp = NULL;
734 struct xfs_dquot *olddquot = NULL;
737 trace_xfs_ioctl_setattr(ip);
739 if (d_is_special(dentry))
742 if (!fa->fsx_valid) {
743 if (fa->flags & ~(FS_IMMUTABLE_FL | FS_APPEND_FL |
744 FS_NOATIME_FL | FS_NODUMP_FL |
745 FS_SYNC_FL | FS_DAX_FL | FS_PROJINHERIT_FL))
749 error = xfs_ioctl_setattr_check_projid(ip, fa);
754 * If disk quotas is on, we make sure that the dquots do exist on disk,
755 * before we start any other transactions. Trying to do this later
756 * is messy. We don't care to take a readlock to look at the ids
757 * in inode here, because we can't hold it across the trans_reserve.
758 * If the IDs do change before we take the ilock, we're covered
759 * because the i_*dquot fields will get updated anyway.
761 if (fa->fsx_valid && XFS_IS_QUOTA_ON(mp)) {
762 error = xfs_qm_vop_dqalloc(ip, VFS_I(ip)->i_uid,
763 VFS_I(ip)->i_gid, fa->fsx_projid,
764 XFS_QMOPT_PQUOTA, NULL, NULL, &pdqp);
769 xfs_ioctl_setattr_prepare_dax(ip, fa);
771 tp = xfs_ioctl_setattr_get_trans(ip, pdqp);
774 goto error_free_dquots;
777 error = xfs_ioctl_setattr_check_extsize(ip, fa);
779 goto error_trans_cancel;
781 error = xfs_ioctl_setattr_check_cowextsize(ip, fa);
783 goto error_trans_cancel;
785 error = xfs_ioctl_setattr_xflags(tp, ip, fa);
787 goto error_trans_cancel;
792 * Change file ownership. Must be the owner or privileged. CAP_FSETID
793 * overrides the following restrictions:
795 * The set-user-ID and set-group-ID bits of a file will be cleared upon
796 * successful return from chown()
799 if ((VFS_I(ip)->i_mode & (S_ISUID|S_ISGID)) &&
800 !capable_wrt_inode_uidgid(idmap, VFS_I(ip), CAP_FSETID))
801 VFS_I(ip)->i_mode &= ~(S_ISUID|S_ISGID);
803 /* Change the ownerships and register project quota modifications */
804 if (ip->i_projid != fa->fsx_projid) {
805 if (XFS_IS_PQUOTA_ON(mp)) {
806 olddquot = xfs_qm_vop_chown(tp, ip,
807 &ip->i_pdquot, pdqp);
809 ip->i_projid = fa->fsx_projid;
813 * Only set the extent size hint if we've already determined that the
814 * extent size hint should be set on the inode. If no extent size flags
815 * are set on the inode then unconditionally clear the extent size hint.
817 if (ip->i_diflags & (XFS_DIFLAG_EXTSIZE | XFS_DIFLAG_EXTSZINHERIT))
818 ip->i_extsize = XFS_B_TO_FSB(mp, fa->fsx_extsize);
822 if (xfs_has_v3inodes(mp)) {
823 if (ip->i_diflags2 & XFS_DIFLAG2_COWEXTSIZE)
824 ip->i_cowextsize = XFS_B_TO_FSB(mp, fa->fsx_cowextsize);
826 ip->i_cowextsize = 0;
830 error = xfs_trans_commit(tp);
833 * Release any dquot(s) the inode had kept before chown.
835 xfs_qm_dqrele(olddquot);
841 xfs_trans_cancel(tp);
850 struct getbmapx __user *u,
853 if (put_user(p->bmv_offset, &u->bmv_offset) ||
854 put_user(p->bmv_block, &u->bmv_block) ||
855 put_user(p->bmv_length, &u->bmv_length) ||
856 put_user(0, &u->bmv_count) ||
857 put_user(0, &u->bmv_entries))
859 if (recsize < sizeof(struct getbmapx))
861 if (put_user(0, &u->bmv_iflags) ||
862 put_user(p->bmv_oflags, &u->bmv_oflags) ||
863 put_user(0, &u->bmv_unused1) ||
864 put_user(0, &u->bmv_unused2))
875 struct getbmapx bmx = { 0 };
876 struct kgetbmap *buf;
881 case XFS_IOC_GETBMAPA:
882 bmx.bmv_iflags = BMV_IF_ATTRFORK;
884 case XFS_IOC_GETBMAP:
885 /* struct getbmap is a strict subset of struct getbmapx. */
886 recsize = sizeof(struct getbmap);
888 case XFS_IOC_GETBMAPX:
889 recsize = sizeof(struct getbmapx);
895 if (copy_from_user(&bmx, arg, recsize))
898 if (bmx.bmv_count < 2)
900 if (bmx.bmv_count >= INT_MAX / recsize)
903 buf = kvcalloc(bmx.bmv_count, sizeof(*buf), GFP_KERNEL);
907 error = xfs_getbmap(XFS_I(file_inode(file)), &bmx, buf);
912 if (copy_to_user(arg, &bmx, recsize))
916 for (i = 0; i < bmx.bmv_entries; i++) {
917 if (!xfs_getbmap_format(buf + i, arg, recsize))
930 struct xfs_inode *ip,
931 struct fsmap_head __user *arg)
933 struct xfs_fsmap_head xhead = {0};
934 struct fsmap_head head;
937 __u32 last_flags = 0;
941 if (copy_from_user(&head, arg, sizeof(struct fsmap_head)))
943 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) ||
944 memchr_inv(head.fmh_keys[0].fmr_reserved, 0,
945 sizeof(head.fmh_keys[0].fmr_reserved)) ||
946 memchr_inv(head.fmh_keys[1].fmr_reserved, 0,
947 sizeof(head.fmh_keys[1].fmr_reserved)))
951 * Use an internal memory buffer so that we don't have to copy fsmap
952 * data to userspace while holding locks. Start by trying to allocate
953 * up to 128k for the buffer, but fall back to a single page if needed.
955 count = min_t(unsigned int, head.fmh_count,
956 131072 / sizeof(struct fsmap));
957 recs = kvcalloc(count, sizeof(struct fsmap), GFP_KERNEL);
959 count = min_t(unsigned int, head.fmh_count,
960 PAGE_SIZE / sizeof(struct fsmap));
961 recs = kvcalloc(count, sizeof(struct fsmap), GFP_KERNEL);
966 xhead.fmh_iflags = head.fmh_iflags;
967 xfs_fsmap_to_internal(&xhead.fmh_keys[0], &head.fmh_keys[0]);
968 xfs_fsmap_to_internal(&xhead.fmh_keys[1], &head.fmh_keys[1]);
970 trace_xfs_getfsmap_low_key(ip->i_mount, &xhead.fmh_keys[0]);
971 trace_xfs_getfsmap_high_key(ip->i_mount, &xhead.fmh_keys[1]);
973 head.fmh_entries = 0;
975 struct fsmap __user *user_recs;
976 struct fsmap *last_rec;
978 user_recs = &arg->fmh_recs[head.fmh_entries];
979 xhead.fmh_entries = 0;
980 xhead.fmh_count = min_t(unsigned int, count,
981 head.fmh_count - head.fmh_entries);
983 /* Run query, record how many entries we got. */
984 error = xfs_getfsmap(ip->i_mount, &xhead, recs);
988 * There are no more records in the result set. Copy
989 * whatever we got to userspace and break out.
995 * The internal memory buffer is full. Copy whatever
996 * records we got to userspace and go again if we have
997 * not yet filled the userspace buffer.
1004 head.fmh_entries += xhead.fmh_entries;
1005 head.fmh_oflags = xhead.fmh_oflags;
1008 * If the caller wanted a record count or there aren't any
1009 * new records to return, we're done.
1011 if (head.fmh_count == 0 || xhead.fmh_entries == 0)
1014 /* Copy all the records we got out to userspace. */
1015 if (copy_to_user(user_recs, recs,
1016 xhead.fmh_entries * sizeof(struct fsmap))) {
1021 /* Remember the last record flags we copied to userspace. */
1022 last_rec = &recs[xhead.fmh_entries - 1];
1023 last_flags = last_rec->fmr_flags;
1025 /* Set up the low key for the next iteration. */
1026 xfs_fsmap_to_internal(&xhead.fmh_keys[0], last_rec);
1027 trace_xfs_getfsmap_low_key(ip->i_mount, &xhead.fmh_keys[0]);
1028 } while (!done && head.fmh_entries < head.fmh_count);
1031 * If there are no more records in the query result set and we're not
1032 * in counting mode, mark the last record returned with the LAST flag.
1034 if (done && head.fmh_count > 0 && head.fmh_entries > 0) {
1035 struct fsmap __user *user_rec;
1037 last_flags |= FMR_OF_LAST;
1038 user_rec = &arg->fmh_recs[head.fmh_entries - 1];
1040 if (copy_to_user(&user_rec->fmr_flags, &last_flags,
1041 sizeof(last_flags))) {
1047 /* copy back header */
1048 if (copy_to_user(arg, &head, sizeof(struct fsmap_head))) {
1062 xfs_inode_t *ip, *tip;
1066 /* Pull information for the target fd */
1067 f = fdget((int)sxp->sx_fdtarget);
1073 if (!(f.file->f_mode & FMODE_WRITE) ||
1074 !(f.file->f_mode & FMODE_READ) ||
1075 (f.file->f_flags & O_APPEND)) {
1080 tmp = fdget((int)sxp->sx_fdtmp);
1086 if (!(tmp.file->f_mode & FMODE_WRITE) ||
1087 !(tmp.file->f_mode & FMODE_READ) ||
1088 (tmp.file->f_flags & O_APPEND)) {
1090 goto out_put_tmp_file;
1093 if (IS_SWAPFILE(file_inode(f.file)) ||
1094 IS_SWAPFILE(file_inode(tmp.file))) {
1096 goto out_put_tmp_file;
1100 * We need to ensure that the fds passed in point to XFS inodes
1101 * before we cast and access them as XFS structures as we have no
1102 * control over what the user passes us here.
1104 if (f.file->f_op != &xfs_file_operations ||
1105 tmp.file->f_op != &xfs_file_operations) {
1107 goto out_put_tmp_file;
1110 ip = XFS_I(file_inode(f.file));
1111 tip = XFS_I(file_inode(tmp.file));
1113 if (ip->i_mount != tip->i_mount) {
1115 goto out_put_tmp_file;
1118 if (ip->i_ino == tip->i_ino) {
1120 goto out_put_tmp_file;
1123 if (xfs_is_shutdown(ip->i_mount)) {
1125 goto out_put_tmp_file;
1128 error = xfs_swap_extents(ip, tip, sxp);
1140 struct xfs_mount *mp,
1141 char __user *user_label)
1143 struct xfs_sb *sbp = &mp->m_sb;
1144 char label[XFSLABEL_MAX + 1];
1147 BUILD_BUG_ON(sizeof(sbp->sb_fname) > FSLABEL_MAX);
1149 /* 1 larger than sb_fname, so this ensures a trailing NUL char */
1150 memset(label, 0, sizeof(label));
1151 spin_lock(&mp->m_sb_lock);
1152 strncpy(label, sbp->sb_fname, XFSLABEL_MAX);
1153 spin_unlock(&mp->m_sb_lock);
1155 if (copy_to_user(user_label, label, sizeof(label)))
1163 struct xfs_mount *mp,
1164 char __user *newlabel)
1166 struct xfs_sb *sbp = &mp->m_sb;
1167 char label[XFSLABEL_MAX + 1];
1171 if (!capable(CAP_SYS_ADMIN))
1174 * The generic ioctl allows up to FSLABEL_MAX chars, but XFS is much
1175 * smaller, at 12 bytes. We copy one more to be sure we find the
1176 * (required) NULL character to test the incoming label length.
1177 * NB: The on disk label doesn't need to be null terminated.
1179 if (copy_from_user(label, newlabel, XFSLABEL_MAX + 1))
1181 len = strnlen(label, XFSLABEL_MAX + 1);
1182 if (len > sizeof(sbp->sb_fname))
1185 error = mnt_want_write_file(filp);
1189 spin_lock(&mp->m_sb_lock);
1190 memset(sbp->sb_fname, 0, sizeof(sbp->sb_fname));
1191 memcpy(sbp->sb_fname, label, len);
1192 spin_unlock(&mp->m_sb_lock);
1195 * Now we do several things to satisfy userspace.
1196 * In addition to normal logging of the primary superblock, we also
1197 * immediately write these changes to sector zero for the primary, then
1198 * update all backup supers (as xfs_db does for a label change), then
1199 * invalidate the block device page cache. This is so that any prior
1200 * buffered reads from userspace (i.e. from blkid) are invalidated,
1201 * and userspace will see the newly-written label.
1203 error = xfs_sync_sb_buf(mp);
1207 * growfs also updates backup supers so lock against that.
1209 mutex_lock(&mp->m_growlock);
1210 error = xfs_update_secondary_sbs(mp);
1211 mutex_unlock(&mp->m_growlock);
1213 invalidate_bdev(mp->m_ddev_targp->bt_bdev);
1216 mnt_drop_write_file(filp);
1221 xfs_fs_eofblocks_from_user(
1222 struct xfs_fs_eofblocks *src,
1223 struct xfs_icwalk *dst)
1225 if (src->eof_version != XFS_EOFBLOCKS_VERSION)
1228 if (src->eof_flags & ~XFS_EOF_FLAGS_VALID)
1231 if (memchr_inv(&src->pad32, 0, sizeof(src->pad32)) ||
1232 memchr_inv(src->pad64, 0, sizeof(src->pad64)))
1236 if (src->eof_flags & XFS_EOF_FLAGS_SYNC)
1237 dst->icw_flags |= XFS_ICWALK_FLAG_SYNC;
1238 if (src->eof_flags & XFS_EOF_FLAGS_UID)
1239 dst->icw_flags |= XFS_ICWALK_FLAG_UID;
1240 if (src->eof_flags & XFS_EOF_FLAGS_GID)
1241 dst->icw_flags |= XFS_ICWALK_FLAG_GID;
1242 if (src->eof_flags & XFS_EOF_FLAGS_PRID)
1243 dst->icw_flags |= XFS_ICWALK_FLAG_PRID;
1244 if (src->eof_flags & XFS_EOF_FLAGS_MINFILESIZE)
1245 dst->icw_flags |= XFS_ICWALK_FLAG_MINFILESIZE;
1247 dst->icw_prid = src->eof_prid;
1248 dst->icw_min_file_size = src->eof_min_file_size;
1250 dst->icw_uid = INVALID_UID;
1251 if (src->eof_flags & XFS_EOF_FLAGS_UID) {
1252 dst->icw_uid = make_kuid(current_user_ns(), src->eof_uid);
1253 if (!uid_valid(dst->icw_uid))
1257 dst->icw_gid = INVALID_GID;
1258 if (src->eof_flags & XFS_EOF_FLAGS_GID) {
1259 dst->icw_gid = make_kgid(current_user_ns(), src->eof_gid);
1260 if (!gid_valid(dst->icw_gid))
1267 xfs_ioctl_getset_resblocks(
1272 struct xfs_mount *mp = XFS_I(file_inode(filp))->i_mount;
1273 struct xfs_fsop_resblks fsop = { };
1276 if (!capable(CAP_SYS_ADMIN))
1279 if (cmd == XFS_IOC_SET_RESBLKS) {
1280 if (xfs_is_readonly(mp))
1283 if (copy_from_user(&fsop, arg, sizeof(fsop)))
1286 error = mnt_want_write_file(filp);
1289 error = xfs_reserve_blocks(mp, fsop.resblks);
1290 mnt_drop_write_file(filp);
1295 spin_lock(&mp->m_sb_lock);
1296 fsop.resblks = mp->m_resblks;
1297 fsop.resblks_avail = mp->m_resblks_avail;
1298 spin_unlock(&mp->m_sb_lock);
1300 if (copy_to_user(arg, &fsop, sizeof(fsop)))
1306 xfs_ioctl_fs_counts(
1307 struct xfs_mount *mp,
1308 struct xfs_fsop_counts __user *uarg)
1310 struct xfs_fsop_counts out = {
1311 .allocino = percpu_counter_read_positive(&mp->m_icount),
1312 .freeino = percpu_counter_read_positive(&mp->m_ifree),
1313 .freedata = percpu_counter_read_positive(&mp->m_fdblocks) -
1314 xfs_fdblocks_unavailable(mp),
1315 .freertx = percpu_counter_read_positive(&mp->m_frextents),
1318 if (copy_to_user(uarg, &out, sizeof(out)))
1324 * These long-unused ioctls were removed from the official ioctl API in 5.17,
1325 * but retain these definitions so that we can log warnings about them.
1327 #define XFS_IOC_ALLOCSP _IOW ('X', 10, struct xfs_flock64)
1328 #define XFS_IOC_FREESP _IOW ('X', 11, struct xfs_flock64)
1329 #define XFS_IOC_ALLOCSP64 _IOW ('X', 36, struct xfs_flock64)
1330 #define XFS_IOC_FREESP64 _IOW ('X', 37, struct xfs_flock64)
1333 * Note: some of the ioctl's return positive numbers as a
1334 * byte count indicating success, such as readlink_by_handle.
1335 * So we don't "sign flip" like most other routines. This means
1336 * true errors need to be returned as a negative value.
1344 struct inode *inode = file_inode(filp);
1345 struct xfs_inode *ip = XFS_I(inode);
1346 struct xfs_mount *mp = ip->i_mount;
1347 void __user *arg = (void __user *)p;
1350 trace_xfs_file_ioctl(ip);
1354 return xfs_ioc_trim(mp, arg);
1355 case FS_IOC_GETFSLABEL:
1356 return xfs_ioc_getlabel(mp, arg);
1357 case FS_IOC_SETFSLABEL:
1358 return xfs_ioc_setlabel(filp, mp, arg);
1359 case XFS_IOC_ALLOCSP:
1360 case XFS_IOC_FREESP:
1361 case XFS_IOC_ALLOCSP64:
1362 case XFS_IOC_FREESP64:
1364 "%s should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported",
1367 case XFS_IOC_DIOINFO: {
1368 struct xfs_buftarg *target = xfs_inode_buftarg(ip);
1371 da.d_mem = da.d_miniosz = target->bt_logical_sectorsize;
1372 da.d_maxiosz = INT_MAX & ~(da.d_miniosz - 1);
1374 if (copy_to_user(arg, &da, sizeof(da)))
1379 case XFS_IOC_FSBULKSTAT_SINGLE:
1380 case XFS_IOC_FSBULKSTAT:
1381 case XFS_IOC_FSINUMBERS:
1382 return xfs_ioc_fsbulkstat(filp, cmd, arg);
1384 case XFS_IOC_BULKSTAT:
1385 return xfs_ioc_bulkstat(filp, cmd, arg);
1386 case XFS_IOC_INUMBERS:
1387 return xfs_ioc_inumbers(mp, cmd, arg);
1389 case XFS_IOC_FSGEOMETRY_V1:
1390 return xfs_ioc_fsgeometry(mp, arg, 3);
1391 case XFS_IOC_FSGEOMETRY_V4:
1392 return xfs_ioc_fsgeometry(mp, arg, 4);
1393 case XFS_IOC_FSGEOMETRY:
1394 return xfs_ioc_fsgeometry(mp, arg, 5);
1396 case XFS_IOC_AG_GEOMETRY:
1397 return xfs_ioc_ag_geometry(mp, arg);
1399 case XFS_IOC_GETVERSION:
1400 return put_user(inode->i_generation, (int __user *)arg);
1402 case XFS_IOC_FSGETXATTRA:
1403 return xfs_ioc_fsgetxattra(ip, arg);
1404 case XFS_IOC_GETPARENTS:
1405 return xfs_ioc_getparents(filp, arg);
1406 case XFS_IOC_GETPARENTS_BY_HANDLE:
1407 return xfs_ioc_getparents_by_handle(filp, arg);
1408 case XFS_IOC_GETBMAP:
1409 case XFS_IOC_GETBMAPA:
1410 case XFS_IOC_GETBMAPX:
1411 return xfs_ioc_getbmap(filp, cmd, arg);
1413 case FS_IOC_GETFSMAP:
1414 return xfs_ioc_getfsmap(ip, arg);
1416 case XFS_IOC_SCRUBV_METADATA:
1417 return xfs_ioc_scrubv_metadata(filp, arg);
1418 case XFS_IOC_SCRUB_METADATA:
1419 return xfs_ioc_scrub_metadata(filp, arg);
1421 case XFS_IOC_FD_TO_HANDLE:
1422 case XFS_IOC_PATH_TO_HANDLE:
1423 case XFS_IOC_PATH_TO_FSHANDLE: {
1424 xfs_fsop_handlereq_t hreq;
1426 if (copy_from_user(&hreq, arg, sizeof(hreq)))
1428 return xfs_find_handle(cmd, &hreq);
1430 case XFS_IOC_OPEN_BY_HANDLE: {
1431 xfs_fsop_handlereq_t hreq;
1433 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t)))
1435 return xfs_open_by_handle(filp, &hreq);
1438 case XFS_IOC_READLINK_BY_HANDLE: {
1439 xfs_fsop_handlereq_t hreq;
1441 if (copy_from_user(&hreq, arg, sizeof(xfs_fsop_handlereq_t)))
1443 return xfs_readlink_by_handle(filp, &hreq);
1445 case XFS_IOC_ATTRLIST_BY_HANDLE:
1446 return xfs_attrlist_by_handle(filp, arg);
1448 case XFS_IOC_ATTRMULTI_BY_HANDLE:
1449 return xfs_attrmulti_by_handle(filp, arg);
1451 case XFS_IOC_SWAPEXT: {
1452 struct xfs_swapext sxp;
1454 if (copy_from_user(&sxp, arg, sizeof(xfs_swapext_t)))
1456 error = mnt_want_write_file(filp);
1459 error = xfs_ioc_swapext(&sxp);
1460 mnt_drop_write_file(filp);
1464 case XFS_IOC_FSCOUNTS:
1465 return xfs_ioctl_fs_counts(mp, arg);
1467 case XFS_IOC_SET_RESBLKS:
1468 case XFS_IOC_GET_RESBLKS:
1469 return xfs_ioctl_getset_resblocks(filp, cmd, arg);
1471 case XFS_IOC_FSGROWFSDATA: {
1472 struct xfs_growfs_data in;
1474 if (copy_from_user(&in, arg, sizeof(in)))
1477 error = mnt_want_write_file(filp);
1480 error = xfs_growfs_data(mp, &in);
1481 mnt_drop_write_file(filp);
1485 case XFS_IOC_FSGROWFSLOG: {
1486 struct xfs_growfs_log in;
1488 if (copy_from_user(&in, arg, sizeof(in)))
1491 error = mnt_want_write_file(filp);
1494 error = xfs_growfs_log(mp, &in);
1495 mnt_drop_write_file(filp);
1499 case XFS_IOC_FSGROWFSRT: {
1502 if (copy_from_user(&in, arg, sizeof(in)))
1505 error = mnt_want_write_file(filp);
1508 error = xfs_growfs_rt(mp, &in);
1509 mnt_drop_write_file(filp);
1513 case XFS_IOC_GOINGDOWN: {
1516 if (!capable(CAP_SYS_ADMIN))
1519 if (get_user(in, (uint32_t __user *)arg))
1522 return xfs_fs_goingdown(mp, in);
1525 case XFS_IOC_ERROR_INJECTION: {
1526 xfs_error_injection_t in;
1528 if (!capable(CAP_SYS_ADMIN))
1531 if (copy_from_user(&in, arg, sizeof(in)))
1534 return xfs_errortag_add(mp, in.errtag);
1537 case XFS_IOC_ERROR_CLEARALL:
1538 if (!capable(CAP_SYS_ADMIN))
1541 return xfs_errortag_clearall(mp);
1543 case XFS_IOC_FREE_EOFBLOCKS: {
1544 struct xfs_fs_eofblocks eofb;
1545 struct xfs_icwalk icw;
1547 if (!capable(CAP_SYS_ADMIN))
1550 if (xfs_is_readonly(mp))
1553 if (copy_from_user(&eofb, arg, sizeof(eofb)))
1556 error = xfs_fs_eofblocks_from_user(&eofb, &icw);
1560 trace_xfs_ioc_free_eofblocks(mp, &icw, _RET_IP_);
1562 sb_start_write(mp->m_super);
1563 error = xfs_blockgc_free_space(mp, &icw);
1564 sb_end_write(mp->m_super);
1568 case XFS_IOC_EXCHANGE_RANGE:
1569 return xfs_ioc_exchange_range(filp, arg);
projects / linux.git / blob