LXR linux/fs/ext4/ioctl.c

   1/*
   2 * linux/fs/ext4/ioctl.c
   3 *
   4 * Copyright (C) 1993, 1994, 1995
   5 * Remy Card (card@masi.ibp.fr)
   6 * Laboratoire MASI - Institut Blaise Pascal
   7 * Universite Pierre et Marie Curie (Paris VI)
   8 */
   9
  10#include <linux/fs.h>
  11#include <linux/capability.h>
  12#include <linux/time.h>
  13#include <linux/compat.h>
  14#include <linux/mount.h>
  15#include <linux/file.h>
  16#include <linux/quotaops.h>
  17#include <linux/uuid.h>
  18#include <linux/uaccess.h>
  19#include <linux/delay.h>
  20#include "ext4_jbd2.h"
  21#include "ext4.h"
  22#include <linux/fsmap.h>
  23#include "fsmap.h"
  24#include <trace/events/ext4.h>
  25
  26/**
  27 * Swap memory between @a and @b for @len bytes.
  28 *
  29 * @a:          pointer to first memory area
  30 * @b:          pointer to second memory area
  31 * @len:        number of bytes to swap
  32 *
  33 */
  34static void memswap(void *a, void *b, size_t len)
  35{
  36        unsigned char *ap, *bp;
  37
  38        ap = (unsigned char *)a;
  39        bp = (unsigned char *)b;
  40        while (len-- > 0) {
  41                swap(*ap, *bp);
  42                ap++;
  43                bp++;
  44        }
  45}
  46
  47/**
  48 * Swap i_data and associated attributes between @inode1 and @inode2.
  49 * This function is used for the primary swap between inode1 and inode2
  50 * and also to revert this primary swap in case of errors.
  51 *
  52 * Therefore you have to make sure, that calling this method twice
  53 * will revert all changes.
  54 *
  55 * @inode1:     pointer to first inode
  56 * @inode2:     pointer to second inode
  57 */
  58static void swap_inode_data(struct inode *inode1, struct inode *inode2)
  59{
  60        loff_t isize;
  61        struct ext4_inode_info *ei1;
  62        struct ext4_inode_info *ei2;
  63
  64        ei1 = EXT4_I(inode1);
  65        ei2 = EXT4_I(inode2);
  66
  67        swap(inode1->i_flags, inode2->i_flags);
  68        swap(inode1->i_version, inode2->i_version);
  69        swap(inode1->i_blocks, inode2->i_blocks);
  70        swap(inode1->i_bytes, inode2->i_bytes);
  71        swap(inode1->i_atime, inode2->i_atime);
  72        swap(inode1->i_mtime, inode2->i_mtime);
  73
  74        memswap(ei1->i_data, ei2->i_data, sizeof(ei1->i_data));
  75        swap(ei1->i_flags, ei2->i_flags);
  76        swap(ei1->i_disksize, ei2->i_disksize);
  77        ext4_es_remove_extent(inode1, 0, EXT_MAX_BLOCKS);
  78        ext4_es_remove_extent(inode2, 0, EXT_MAX_BLOCKS);
  79
  80        isize = i_size_read(inode1);
  81        i_size_write(inode1, i_size_read(inode2));
  82        i_size_write(inode2, isize);
  83}
  84
  85/**
  86 * Swap the information from the given @inode and the inode
  87 * EXT4_BOOT_LOADER_INO. It will basically swap i_data and all other
  88 * important fields of the inodes.
  89 *
  90 * @sb:         the super block of the filesystem
  91 * @inode:      the inode to swap with EXT4_BOOT_LOADER_INO
  92 *
  93 */
  94static long swap_inode_boot_loader(struct super_block *sb,
  95                                struct inode *inode)
  96{
  97        handle_t *handle;
  98        int err;
  99        struct inode *inode_bl;
 100        struct ext4_inode_info *ei_bl;
 101        struct ext4_sb_info *sbi = EXT4_SB(sb);
 102
 103        if (inode->i_nlink != 1 || !S_ISREG(inode->i_mode))
 104                return -EINVAL;
 105
 106        if (!inode_owner_or_capable(inode) || !capable(CAP_SYS_ADMIN))
 107                return -EPERM;
 108
 109        inode_bl = ext4_iget(sb, EXT4_BOOT_LOADER_INO);
 110        if (IS_ERR(inode_bl))
 111                return PTR_ERR(inode_bl);
 112        ei_bl = EXT4_I(inode_bl);
 113
 114        filemap_flush(inode->i_mapping);
 115        filemap_flush(inode_bl->i_mapping);
 116
 117        /* Protect orig inodes against a truncate and make sure,
 118         * that only 1 swap_inode_boot_loader is running. */
 119        lock_two_nondirectories(inode, inode_bl);
 120
 121        truncate_inode_pages(&inode->i_data, 0);
 122        truncate_inode_pages(&inode_bl->i_data, 0);
 123
 124        /* Wait for all existing dio workers */
 125        ext4_inode_block_unlocked_dio(inode);
 126        ext4_inode_block_unlocked_dio(inode_bl);
 127        inode_dio_wait(inode);
 128        inode_dio_wait(inode_bl);
 129
 130        handle = ext4_journal_start(inode_bl, EXT4_HT_MOVE_EXTENTS, 2);
 131        if (IS_ERR(handle)) {
 132                err = -EINVAL;
 133                goto journal_err_out;
 134        }
 135
 136        /* Protect extent tree against block allocations via delalloc */
 137        ext4_double_down_write_data_sem(inode, inode_bl);
 138
 139        if (inode_bl->i_nlink == 0) {
 140                /* this inode has never been used as a BOOT_LOADER */
 141                set_nlink(inode_bl, 1);
 142                i_uid_write(inode_bl, 0);
 143                i_gid_write(inode_bl, 0);
 144                inode_bl->i_flags = 0;
 145                ei_bl->i_flags = 0;
 146                inode_bl->i_version = 1;
 147                i_size_write(inode_bl, 0);
 148                inode_bl->i_mode = S_IFREG;
 149                if (ext4_has_feature_extents(sb)) {
 150                        ext4_set_inode_flag(inode_bl, EXT4_INODE_EXTENTS);
 151                        ext4_ext_tree_init(handle, inode_bl);
 152                } else
 153                        memset(ei_bl->i_data, 0, sizeof(ei_bl->i_data));
 154        }
 155
 156        swap_inode_data(inode, inode_bl);
 157
 158        inode->i_ctime = inode_bl->i_ctime = current_time(inode);
 159
 160        spin_lock(&sbi->s_next_gen_lock);
 161        inode->i_generation = sbi->s_next_generation++;
 162        inode_bl->i_generation = sbi->s_next_generation++;
 163        spin_unlock(&sbi->s_next_gen_lock);
 164
 165        ext4_discard_preallocations(inode);
 166
 167        err = ext4_mark_inode_dirty(handle, inode);
 168        if (err < 0) {
 169                ext4_warning(inode->i_sb,
 170                        "couldn't mark inode #%lu dirty (err %d)",
 171                        inode->i_ino, err);
 172                /* Revert all changes: */
 173                swap_inode_data(inode, inode_bl);
 174        } else {
 175                err = ext4_mark_inode_dirty(handle, inode_bl);
 176                if (err < 0) {
 177                        ext4_warning(inode_bl->i_sb,
 178                                "couldn't mark inode #%lu dirty (err %d)",
 179                                inode_bl->i_ino, err);
 180                        /* Revert all changes: */
 181                        swap_inode_data(inode, inode_bl);
 182                        ext4_mark_inode_dirty(handle, inode);
 183                }
 184        }
 185        ext4_journal_stop(handle);
 186        ext4_double_up_write_data_sem(inode, inode_bl);
 187
 188journal_err_out:
 189        ext4_inode_resume_unlocked_dio(inode);
 190        ext4_inode_resume_unlocked_dio(inode_bl);
 191        unlock_two_nondirectories(inode, inode_bl);
 192        iput(inode_bl);
 193        return err;
 194}
 195
 196#ifdef CONFIG_EXT4_FS_ENCRYPTION
 197static int uuid_is_zero(__u8 u[16])
 198{
 199        int     i;
 200
 201        for (i = 0; i < 16; i++)
 202                if (u[i])
 203                        return 0;
 204        return 1;
 205}
 206#endif
 207
 208static int ext4_ioctl_setflags(struct inode *inode,
 209                               unsigned int flags)
 210{
 211        struct ext4_inode_info *ei = EXT4_I(inode);
 212        handle_t *handle = NULL;
 213        int err = -EPERM, migrate = 0;
 214        struct ext4_iloc iloc;
 215        unsigned int oldflags, mask, i;
 216        unsigned int jflag;
 217
 218        /* Is it quota file? Do not allow user to mess with it */
 219        if (ext4_is_quota_file(inode))
 220                goto flags_out;
 221
 222        oldflags = ei->i_flags;
 223
 224        /* The JOURNAL_DATA flag is modifiable only by root */
 225        jflag = flags & EXT4_JOURNAL_DATA_FL;
 226
 227        /*
 228         * The IMMUTABLE and APPEND_ONLY flags can only be changed by
 229         * the relevant capability.
 230         *
 231         * This test looks nicer. Thanks to Pauline Middelink
 232         */
 233        if ((flags ^ oldflags) & (EXT4_APPEND_FL | EXT4_IMMUTABLE_FL)) {
 234                if (!capable(CAP_LINUX_IMMUTABLE))
 235                        goto flags_out;
 236        }
 237
 238        /*
 239         * The JOURNAL_DATA flag can only be changed by
 240         * the relevant capability.
 241         */
 242        if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
 243                if (!capable(CAP_SYS_RESOURCE))
 244                        goto flags_out;
 245        }
 246        if ((flags ^ oldflags) & EXT4_EXTENTS_FL)
 247                migrate = 1;
 248
 249        if (flags & EXT4_EOFBLOCKS_FL) {
 250                /* we don't support adding EOFBLOCKS flag */
 251                if (!(oldflags & EXT4_EOFBLOCKS_FL)) {
 252                        err = -EOPNOTSUPP;
 253                        goto flags_out;
 254                }
 255        } else if (oldflags & EXT4_EOFBLOCKS_FL) {
 256                err = ext4_truncate(inode);
 257                if (err)
 258                        goto flags_out;
 259        }
 260
 261        handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
 262        if (IS_ERR(handle)) {
 263                err = PTR_ERR(handle);
 264                goto flags_out;
 265        }
 266        if (IS_SYNC(inode))
 267                ext4_handle_sync(handle);
 268        err = ext4_reserve_inode_write(handle, inode, &iloc);
 269        if (err)
 270                goto flags_err;
 271
 272        for (i = 0, mask = 1; i < 32; i++, mask <<= 1) {
 273                if (!(mask & EXT4_FL_USER_MODIFIABLE))
 274                        continue;
 275                /* These flags get special treatment later */
 276                if (mask == EXT4_JOURNAL_DATA_FL || mask == EXT4_EXTENTS_FL)
 277                        continue;
 278                if (mask & flags)
 279                        ext4_set_inode_flag(inode, i);
 280                else
 281                        ext4_clear_inode_flag(inode, i);
 282        }
 283
 284        ext4_set_inode_flags(inode);
 285        inode->i_ctime = current_time(inode);
 286
 287        err = ext4_mark_iloc_dirty(handle, inode, &iloc);
 288flags_err:
 289        ext4_journal_stop(handle);
 290        if (err)
 291                goto flags_out;
 292
 293        if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL))
 294                err = ext4_change_inode_journal_flag(inode, jflag);
 295        if (err)
 296                goto flags_out;
 297        if (migrate) {
 298                if (flags & EXT4_EXTENTS_FL)
 299                        err = ext4_ext_migrate(inode);
 300                else
 301                        err = ext4_ind_migrate(inode);
 302        }
 303
 304flags_out:
 305        return err;
 306}
 307
 308#ifdef CONFIG_QUOTA
 309static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
 310{
 311        struct inode *inode = file_inode(filp);
 312        struct super_block *sb = inode->i_sb;
 313        struct ext4_inode_info *ei = EXT4_I(inode);
 314        int err, rc;
 315        handle_t *handle;
 316        kprojid_t kprojid;
 317        struct ext4_iloc iloc;
 318        struct ext4_inode *raw_inode;
 319        struct dquot *transfer_to[MAXQUOTAS] = { };
 320
 321        if (!ext4_has_feature_project(sb)) {
 322                if (projid != EXT4_DEF_PROJID)
 323                        return -EOPNOTSUPP;
 324                else
 325                        return 0;
 326        }
 327
 328        if (EXT4_INODE_SIZE(sb) <= EXT4_GOOD_OLD_INODE_SIZE)
 329                return -EOPNOTSUPP;
 330
 331        kprojid = make_kprojid(&init_user_ns, (projid_t)projid);
 332
 333        if (projid_eq(kprojid, EXT4_I(inode)->i_projid))
 334                return 0;
 335
 336        err = mnt_want_write_file(filp);
 337        if (err)
 338                return err;
 339
 340        err = -EPERM;
 341        inode_lock(inode);
 342        /* Is it quota file? Do not allow user to mess with it */
 343        if (ext4_is_quota_file(inode))
 344                goto out_unlock;
 345
 346        err = ext4_get_inode_loc(inode, &iloc);
 347        if (err)
 348                goto out_unlock;
 349
 350        raw_inode = ext4_raw_inode(&iloc);
 351        if (!EXT4_FITS_IN_INODE(raw_inode, ei, i_projid)) {
 352                err = ext4_expand_extra_isize(inode,
 353                                              EXT4_SB(sb)->s_want_extra_isize,
 354                                              &iloc);
 355                if (err)
 356                        goto out_unlock;
 357        } else {
 358                brelse(iloc.bh);
 359        }
 360
 361        dquot_initialize(inode);
 362
 363        handle = ext4_journal_start(inode, EXT4_HT_QUOTA,
 364                EXT4_QUOTA_INIT_BLOCKS(sb) +
 365                EXT4_QUOTA_DEL_BLOCKS(sb) + 3);
 366        if (IS_ERR(handle)) {
 367                err = PTR_ERR(handle);
 368                goto out_unlock;
 369        }
 370
 371        err = ext4_reserve_inode_write(handle, inode, &iloc);
 372        if (err)
 373                goto out_stop;
 374
 375        transfer_to[PRJQUOTA] = dqget(sb, make_kqid_projid(kprojid));
 376        if (!IS_ERR(transfer_to[PRJQUOTA])) {
 377
 378                /* __dquot_transfer() calls back ext4_get_inode_usage() which
 379                 * counts xattr inode references.
 380                 */
 381                down_read(&EXT4_I(inode)->xattr_sem);
 382                err = __dquot_transfer(inode, transfer_to);
 383                up_read(&EXT4_I(inode)->xattr_sem);
 384                dqput(transfer_to[PRJQUOTA]);
 385                if (err)
 386                        goto out_dirty;
 387        }
 388
 389        EXT4_I(inode)->i_projid = kprojid;
 390        inode->i_ctime = current_time(inode);
 391out_dirty:
 392        rc = ext4_mark_iloc_dirty(handle, inode, &iloc);
 393        if (!err)
 394                err = rc;
 395out_stop:
 396        ext4_journal_stop(handle);
 397out_unlock:
 398        inode_unlock(inode);
 399        mnt_drop_write_file(filp);
 400        return err;
 401}
 402#else
 403static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
 404{
 405        if (projid != EXT4_DEF_PROJID)
 406                return -EOPNOTSUPP;
 407        return 0;
 408}
 409#endif
 410
 411/* Transfer internal flags to xflags */
 412static inline __u32 ext4_iflags_to_xflags(unsigned long iflags)
 413{
 414        __u32 xflags = 0;
 415
 416        if (iflags & EXT4_SYNC_FL)
 417                xflags |= FS_XFLAG_SYNC;
 418        if (iflags & EXT4_IMMUTABLE_FL)
 419                xflags |= FS_XFLAG_IMMUTABLE;
 420        if (iflags & EXT4_APPEND_FL)
 421                xflags |= FS_XFLAG_APPEND;
 422        if (iflags & EXT4_NODUMP_FL)
 423                xflags |= FS_XFLAG_NODUMP;
 424        if (iflags & EXT4_NOATIME_FL)
 425                xflags |= FS_XFLAG_NOATIME;
 426        if (iflags & EXT4_PROJINHERIT_FL)
 427                xflags |= FS_XFLAG_PROJINHERIT;
 428        return xflags;
 429}
 430
 431#define EXT4_SUPPORTED_FS_XFLAGS (FS_XFLAG_SYNC | FS_XFLAG_IMMUTABLE | \
 432                                  FS_XFLAG_APPEND | FS_XFLAG_NODUMP | \
 433                                  FS_XFLAG_NOATIME | FS_XFLAG_PROJINHERIT)
 434
 435/* Transfer xflags flags to internal */
 436static inline unsigned long ext4_xflags_to_iflags(__u32 xflags)
 437{
 438        unsigned long iflags = 0;
 439
 440        if (xflags & FS_XFLAG_SYNC)
 441                iflags |= EXT4_SYNC_FL;
 442        if (xflags & FS_XFLAG_IMMUTABLE)
 443                iflags |= EXT4_IMMUTABLE_FL;
 444        if (xflags & FS_XFLAG_APPEND)
 445                iflags |= EXT4_APPEND_FL;
 446        if (xflags & FS_XFLAG_NODUMP)
 447                iflags |= EXT4_NODUMP_FL;
 448        if (xflags & FS_XFLAG_NOATIME)
 449                iflags |= EXT4_NOATIME_FL;
 450        if (xflags & FS_XFLAG_PROJINHERIT)
 451                iflags |= EXT4_PROJINHERIT_FL;
 452
 453        return iflags;
 454}
 455
 456static int ext4_shutdown(struct super_block *sb, unsigned long arg)
 457{
 458        struct ext4_sb_info *sbi = EXT4_SB(sb);
 459        __u32 flags;
 460
 461        if (!capable(CAP_SYS_ADMIN))
 462                return -EPERM;
 463
 464        if (get_user(flags, (__u32 __user *)arg))
 465                return -EFAULT;
 466
 467        if (flags > EXT4_GOING_FLAGS_NOLOGFLUSH)
 468                return -EINVAL;
 469
 470        if (ext4_forced_shutdown(sbi))
 471                return 0;
 472
 473        ext4_msg(sb, KERN_ALERT, "shut down requested (%d)", flags);
 474
 475        switch (flags) {
 476        case EXT4_GOING_FLAGS_DEFAULT:
 477                freeze_bdev(sb->s_bdev);
 478                set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
 479                thaw_bdev(sb->s_bdev, sb);
 480                break;
 481        case EXT4_GOING_FLAGS_LOGFLUSH:
 482                set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
 483                if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) {
 484                        (void) ext4_force_commit(sb);
 485                        jbd2_journal_abort(sbi->s_journal, 0);
 486                }
 487                break;
 488        case EXT4_GOING_FLAGS_NOLOGFLUSH:
 489                set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
 490                if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) {
 491                        msleep(100);
 492                        jbd2_journal_abort(sbi->s_journal, 0);
 493                }
 494                break;
 495        default:
 496                return -EINVAL;
 497        }
 498        clear_opt(sb, DISCARD);
 499        return 0;
 500}
 501
 502struct getfsmap_info {
 503        struct super_block      *gi_sb;
 504        struct fsmap_head __user *gi_data;
 505        unsigned int            gi_idx;
 506        __u32                   gi_last_flags;
 507};
 508
 509static int ext4_getfsmap_format(struct ext4_fsmap *xfm, void *priv)
 510{
 511        struct getfsmap_info *info = priv;
 512        struct fsmap fm;
 513
 514        trace_ext4_getfsmap_mapping(info->gi_sb, xfm);
 515
 516        info->gi_last_flags = xfm->fmr_flags;
 517        ext4_fsmap_from_internal(info->gi_sb, &fm, xfm);
 518        if (copy_to_user(&info->gi_data->fmh_recs[info->gi_idx++], &fm,
 519                        sizeof(struct fsmap)))
 520                return -EFAULT;
 521
 522        return 0;
 523}
 524
 525static int ext4_ioc_getfsmap(struct super_block *sb,
 526                             struct fsmap_head __user *arg)
 527{
 528        struct getfsmap_info info = {0};
 529        struct ext4_fsmap_head xhead = {0};
 530        struct fsmap_head head;
 531        bool aborted = false;
 532        int error;
 533
 534        if (copy_from_user(&head, arg, sizeof(struct fsmap_head)))
 535                return -EFAULT;
 536        if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) ||
 537            memchr_inv(head.fmh_keys[0].fmr_reserved, 0,
 538                       sizeof(head.fmh_keys[0].fmr_reserved)) ||
 539            memchr_inv(head.fmh_keys[1].fmr_reserved, 0,
 540                       sizeof(head.fmh_keys[1].fmr_reserved)))
 541                return -EINVAL;
 542        /*
 543         * ext4 doesn't report file extents at all, so the only valid
 544         * file offsets are the magic ones (all zeroes or all ones).
 545         */
 546        if (head.fmh_keys[0].fmr_offset ||
 547            (head.fmh_keys[1].fmr_offset != 0 &&
 548             head.fmh_keys[1].fmr_offset != -1ULL))
 549                return -EINVAL;
 550
 551        xhead.fmh_iflags = head.fmh_iflags;
 552        xhead.fmh_count = head.fmh_count;
 553        ext4_fsmap_to_internal(sb, &xhead.fmh_keys[0], &head.fmh_keys[0]);
 554        ext4_fsmap_to_internal(sb, &xhead.fmh_keys[1], &head.fmh_keys[1]);
 555
 556        trace_ext4_getfsmap_low_key(sb, &xhead.fmh_keys[0]);
 557        trace_ext4_getfsmap_high_key(sb, &xhead.fmh_keys[1]);
 558
 559        info.gi_sb = sb;
 560        info.gi_data = arg;
 561        error = ext4_getfsmap(sb, &xhead, ext4_getfsmap_format, &info);
 562        if (error == EXT4_QUERY_RANGE_ABORT) {
 563                error = 0;
 564                aborted = true;
 565        } else if (error)
 566                return error;
 567
 568        /* If we didn't abort, set the "last" flag in the last fmx */
 569        if (!aborted && info.gi_idx) {
 570                info.gi_last_flags |= FMR_OF_LAST;
 571                if (copy_to_user(&info.gi_data->fmh_recs[info.gi_idx - 1].fmr_flags,
 572                                 &info.gi_last_flags,
 573                                 sizeof(info.gi_last_flags)))
 574                        return -EFAULT;
 575        }
 576
 577        /* copy back header */
 578        head.fmh_entries = xhead.fmh_entries;
 579        head.fmh_oflags = xhead.fmh_oflags;
 580        if (copy_to_user(arg, &head, sizeof(struct fsmap_head)))
 581                return -EFAULT;
 582
 583        return 0;
 584}
 585
 586long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
 587{
 588        struct inode *inode = file_inode(filp);
 589        struct super_block *sb = inode->i_sb;
 590        struct ext4_inode_info *ei = EXT4_I(inode);
 591        unsigned int flags;
 592
 593        ext4_debug("cmd = %u, arg = %lu\n", cmd, arg);
 594
 595        switch (cmd) {
 596        case FS_IOC_GETFSMAP:
 597                return ext4_ioc_getfsmap(sb, (void __user *)arg);
 598        case EXT4_IOC_GETFLAGS:
 599                flags = ei->i_flags & EXT4_FL_USER_VISIBLE;
 600                return put_user(flags, (int __user *) arg);
 601        case EXT4_IOC_SETFLAGS: {
 602                int err;
 603
 604                if (!inode_owner_or_capable(inode))
 605                        return -EACCES;
 606
 607                if (get_user(flags, (int __user *) arg))
 608                        return -EFAULT;
 609
 610                if (flags & ~EXT4_FL_USER_VISIBLE)
 611                        return -EOPNOTSUPP;
 612                /*
 613                 * chattr(1) grabs flags via GETFLAGS, modifies the result and
 614                 * passes that to SETFLAGS. So we cannot easily make SETFLAGS
 615                 * more restrictive than just silently masking off visible but
 616                 * not settable flags as we always did.
 617                 */
 618                flags &= EXT4_FL_USER_MODIFIABLE;
 619                if (ext4_mask_flags(inode->i_mode, flags) != flags)
 620                        return -EOPNOTSUPP;
 621
 622                err = mnt_want_write_file(filp);
 623                if (err)
 624                        return err;
 625
 626                inode_lock(inode);
 627                err = ext4_ioctl_setflags(inode, flags);
 628                inode_unlock(inode);
 629                mnt_drop_write_file(filp);
 630                return err;
 631        }
 632        case EXT4_IOC_GETVERSION:
 633        case EXT4_IOC_GETVERSION_OLD:
 634                return put_user(inode->i_generation, (int __user *) arg);
 635        case EXT4_IOC_SETVERSION:
 636        case EXT4_IOC_SETVERSION_OLD: {
 637                handle_t *handle;
 638                struct ext4_iloc iloc;
 639                __u32 generation;
 640                int err;
 641
 642                if (!inode_owner_or_capable(inode))
 643                        return -EPERM;
 644
 645                if (ext4_has_metadata_csum(inode->i_sb)) {
 646                        ext4_warning(sb, "Setting inode version is not "
 647                                     "supported with metadata_csum enabled.");
 648                        return -ENOTTY;
 649                }
 650
 651                err = mnt_want_write_file(filp);
 652                if (err)
 653                        return err;
 654                if (get_user(generation, (int __user *) arg)) {
 655                        err = -EFAULT;
 656                        goto setversion_out;
 657                }
 658
 659                inode_lock(inode);
 660                handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
 661                if (IS_ERR(handle)) {
 662                        err = PTR_ERR(handle);
 663                        goto unlock_out;
 664                }
 665                err = ext4_reserve_inode_write(handle, inode, &iloc);
 666                if (err == 0) {
 667                        inode->i_ctime = current_time(inode);
 668                        inode->i_generation = generation;
 669                        err = ext4_mark_iloc_dirty(handle, inode, &iloc);
 670                }
 671                ext4_journal_stop(handle);
 672
 673unlock_out:
 674                inode_unlock(inode);
 675setversion_out:
 676                mnt_drop_write_file(filp);
 677                return err;
 678        }
 679        case EXT4_IOC_GROUP_EXTEND: {
 680                ext4_fsblk_t n_blocks_count;
 681                int err, err2=0;
 682
 683                err = ext4_resize_begin(sb);
 684                if (err)
 685                        return err;
 686
 687                if (get_user(n_blocks_count, (__u32 __user *)arg)) {
 688                        err = -EFAULT;
 689                        goto group_extend_out;
 690                }
 691
 692                if (ext4_has_feature_bigalloc(sb)) {
 693                        ext4_msg(sb, KERN_ERR,
 694                                 "Online resizing not supported with bigalloc");
 695                        err = -EOPNOTSUPP;
 696                        goto group_extend_out;
 697                }
 698
 699                err = mnt_want_write_file(filp);
 700                if (err)
 701                        goto group_extend_out;
 702
 703                err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count);
 704                if (EXT4_SB(sb)->s_journal) {
 705                        jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
 706                        err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
 707                        jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
 708                }
 709                if (err == 0)
 710                        err = err2;
 711                mnt_drop_write_file(filp);
 712group_extend_out:
 713                ext4_resize_end(sb);
 714                return err;
 715        }
 716
 717        case EXT4_IOC_MOVE_EXT: {
 718                struct move_extent me;
 719                struct fd donor;
 720                int err;
 721
 722                if (!(filp->f_mode & FMODE_READ) ||
 723                    !(filp->f_mode & FMODE_WRITE))
 724                        return -EBADF;
 725
 726                if (copy_from_user(&me,
 727                        (struct move_extent __user *)arg, sizeof(me)))
 728                        return -EFAULT;
 729                me.moved_len = 0;
 730
 731                donor = fdget(me.donor_fd);
 732                if (!donor.file)
 733                        return -EBADF;
 734
 735                if (!(donor.file->f_mode & FMODE_WRITE)) {
 736                        err = -EBADF;
 737                        goto mext_out;
 738                }
 739
 740                if (ext4_has_feature_bigalloc(sb)) {
 741                        ext4_msg(sb, KERN_ERR,
 742                                 "Online defrag not supported with bigalloc");
 743                        err = -EOPNOTSUPP;
 744                        goto mext_out;
 745                } else if (IS_DAX(inode)) {
 746                        ext4_msg(sb, KERN_ERR,
 747                                 "Online defrag not supported with DAX");
 748                        err = -EOPNOTSUPP;
 749                        goto mext_out;
 750                }
 751
 752                err = mnt_want_write_file(filp);
 753                if (err)
 754                        goto mext_out;
 755
 756                err = ext4_move_extents(filp, donor.file, me.orig_start,
 757                                        me.donor_start, me.len, &me.moved_len);
 758                mnt_drop_write_file(filp);
 759
 760                if (copy_to_user((struct move_extent __user *)arg,
 761                                 &me, sizeof(me)))
 762                        err = -EFAULT;
 763mext_out:
 764                fdput(donor);
 765                return err;
 766        }
 767
 768        case EXT4_IOC_GROUP_ADD: {
 769                struct ext4_new_group_data input;
 770                int err, err2=0;
 771
 772                err = ext4_resize_begin(sb);
 773                if (err)
 774                        return err;
 775
 776                if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg,
 777                                sizeof(input))) {
 778                        err = -EFAULT;
 779                        goto group_add_out;
 780                }
 781
 782                if (ext4_has_feature_bigalloc(sb)) {
 783                        ext4_msg(sb, KERN_ERR,
 784                                 "Online resizing not supported with bigalloc");
 785                        err = -EOPNOTSUPP;
 786                        goto group_add_out;
 787                }
 788
 789                err = mnt_want_write_file(filp);
 790                if (err)
 791                        goto group_add_out;
 792
 793                err = ext4_group_add(sb, &input);
 794                if (EXT4_SB(sb)->s_journal) {
 795                        jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
 796                        err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
 797                        jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
 798                }
 799                if (err == 0)
 800                        err = err2;
 801                mnt_drop_write_file(filp);
 802                if (!err && ext4_has_group_desc_csum(sb) &&
 803                    test_opt(sb, INIT_INODE_TABLE))
 804                        err = ext4_register_li_request(sb, input.group);
 805group_add_out:
 806                ext4_resize_end(sb);
 807                return err;
 808        }
 809
 810        case EXT4_IOC_MIGRATE:
 811        {
 812                int err;
 813                if (!inode_owner_or_capable(inode))
 814                        return -EACCES;
 815
 816                err = mnt_want_write_file(filp);
 817                if (err)
 818                        return err;
 819                /*
 820                 * inode_mutex prevent write and truncate on the file.
 821                 * Read still goes through. We take i_data_sem in
 822                 * ext4_ext_swap_inode_data before we switch the
 823                 * inode format to prevent read.
 824                 */
 825                inode_lock((inode));
 826                err = ext4_ext_migrate(inode);
 827                inode_unlock((inode));
 828                mnt_drop_write_file(filp);
 829                return err;
 830        }
 831
 832        case EXT4_IOC_ALLOC_DA_BLKS:
 833        {
 834                int err;
 835                if (!inode_owner_or_capable(inode))
 836                        return -EACCES;
 837
 838                err = mnt_want_write_file(filp);
 839                if (err)
 840                        return err;
 841                err = ext4_alloc_da_blocks(inode);
 842                mnt_drop_write_file(filp);
 843                return err;
 844        }
 845
 846        case EXT4_IOC_SWAP_BOOT:
 847        {
 848                int err;
 849                if (!(filp->f_mode & FMODE_WRITE))
 850                        return -EBADF;
 851                err = mnt_want_write_file(filp);
 852                if (err)
 853                        return err;
 854                err = swap_inode_boot_loader(sb, inode);
 855                mnt_drop_write_file(filp);
 856                return err;
 857        }
 858
 859        case EXT4_IOC_RESIZE_FS: {
 860                ext4_fsblk_t n_blocks_count;
 861                int err = 0, err2 = 0;
 862                ext4_group_t o_group = EXT4_SB(sb)->s_groups_count;
 863
 864                if (ext4_has_feature_bigalloc(sb)) {
 865                        ext4_msg(sb, KERN_ERR,
 866                                 "Online resizing not (yet) supported with bigalloc");
 867                        return -EOPNOTSUPP;
 868                }
 869
 870                if (copy_from_user(&n_blocks_count, (__u64 __user *)arg,
 871                                   sizeof(__u64))) {
 872                        return -EFAULT;
 873                }
 874
 875                err = ext4_resize_begin(sb);
 876                if (err)
 877                        return err;
 878
 879                err = mnt_want_write_file(filp);
 880                if (err)
 881                        goto resizefs_out;
 882
 883                err = ext4_resize_fs(sb, n_blocks_count);
 884                if (EXT4_SB(sb)->s_journal) {
 885                        jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
 886                        err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
 887                        jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
 888                }
 889                if (err == 0)
 890                        err = err2;
 891                mnt_drop_write_file(filp);
 892                if (!err && (o_group > EXT4_SB(sb)->s_groups_count) &&
 893                    ext4_has_group_desc_csum(sb) &&
 894                    test_opt(sb, INIT_INODE_TABLE))
 895                        err = ext4_register_li_request(sb, o_group);
 896
 897resizefs_out:
 898                ext4_resize_end(sb);
 899                return err;
 900        }
 901
 902        case FITRIM:
 903        {
 904                struct request_queue *q = bdev_get_queue(sb->s_bdev);
 905                struct fstrim_range range;
 906                int ret = 0;
 907
 908                if (!capable(CAP_SYS_ADMIN))
 909                        return -EPERM;
 910
 911                if (!blk_queue_discard(q))
 912                        return -EOPNOTSUPP;
 913
 914                if (copy_from_user(&range, (struct fstrim_range __user *)arg,
 915                    sizeof(range)))
 916                        return -EFAULT;
 917
 918                range.minlen = max((unsigned int)range.minlen,
 919                                   q->limits.discard_granularity);
 920                ret = ext4_trim_fs(sb, &range);
 921                if (ret < 0)
 922                        return ret;
 923
 924                if (copy_to_user((struct fstrim_range __user *)arg, &range,
 925                    sizeof(range)))
 926                        return -EFAULT;
 927
 928                return 0;
 929        }
 930        case EXT4_IOC_PRECACHE_EXTENTS:
 931                return ext4_ext_precache(inode);
 932
 933        case EXT4_IOC_SET_ENCRYPTION_POLICY:
 934                if (!ext4_has_feature_encrypt(sb))
 935                        return -EOPNOTSUPP;
 936                return fscrypt_ioctl_set_policy(filp, (const void __user *)arg);
 937
 938        case EXT4_IOC_GET_ENCRYPTION_PWSALT: {
 939#ifdef CONFIG_EXT4_FS_ENCRYPTION
 940                int err, err2;
 941                struct ext4_sb_info *sbi = EXT4_SB(sb);
 942                handle_t *handle;
 943
 944                if (!ext4_has_feature_encrypt(sb))
 945                        return -EOPNOTSUPP;
 946                if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
 947                        err = mnt_want_write_file(filp);
 948                        if (err)
 949                                return err;
 950                        handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
 951                        if (IS_ERR(handle)) {
 952                                err = PTR_ERR(handle);
 953                                goto pwsalt_err_exit;
 954                        }
 955                        err = ext4_journal_get_write_access(handle, sbi->s_sbh);
 956                        if (err)
 957                                goto pwsalt_err_journal;
 958                        generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
 959                        err = ext4_handle_dirty_metadata(handle, NULL,
 960                                                         sbi->s_sbh);
 961                pwsalt_err_journal:
 962                        err2 = ext4_journal_stop(handle);
 963                        if (err2 && !err)
 964                                err = err2;
 965                pwsalt_err_exit:
 966                        mnt_drop_write_file(filp);
 967                        if (err)
 968                                return err;
 969                }
 970                if (copy_to_user((void __user *) arg,
 971                                 sbi->s_es->s_encrypt_pw_salt, 16))
 972                        return -EFAULT;
 973                return 0;
 974#else
 975                return -EOPNOTSUPP;
 976#endif
 977        }
 978        case EXT4_IOC_GET_ENCRYPTION_POLICY:
 979                return fscrypt_ioctl_get_policy(filp, (void __user *)arg);
 980
 981        case EXT4_IOC_FSGETXATTR:
 982        {
 983                struct fsxattr fa;
 984
 985                memset(&fa, 0, sizeof(struct fsxattr));
 986                fa.fsx_xflags = ext4_iflags_to_xflags(ei->i_flags & EXT4_FL_USER_VISIBLE);
 987
 988                if (ext4_has_feature_project(inode->i_sb)) {
 989                        fa.fsx_projid = (__u32)from_kprojid(&init_user_ns,
 990                                EXT4_I(inode)->i_projid);
 991                }
 992
 993                if (copy_to_user((struct fsxattr __user *)arg,
 994                                 &fa, sizeof(fa)))
 995                        return -EFAULT;
 996                return 0;
 997        }
 998        case EXT4_IOC_FSSETXATTR:
 999        {
1000                struct fsxattr fa;

1001                int err;
1002
1003                if (copy_from_user(&fa, (struct fsxattr __user *)arg,
1004                                   sizeof(fa)))
1005                        return -EFAULT;
1006
1007                /* Make sure caller has proper permission */
1008                if (!inode_owner_or_capable(inode))
1009                        return -EACCES;
1010
1011                if (fa.fsx_xflags & ~EXT4_SUPPORTED_FS_XFLAGS)
1012                        return -EOPNOTSUPP;
1013
1014                flags = ext4_xflags_to_iflags(fa.fsx_xflags);
1015                if (ext4_mask_flags(inode->i_mode, flags) != flags)
1016                        return -EOPNOTSUPP;
1017
1018                err = mnt_want_write_file(filp);
1019                if (err)
1020                        return err;
1021
1022                inode_lock(inode);
1023                flags = (ei->i_flags & ~EXT4_FL_XFLAG_VISIBLE) |
1024                         (flags & EXT4_FL_XFLAG_VISIBLE);
1025                err = ext4_ioctl_setflags(inode, flags);
1026                inode_unlock(inode);
1027                mnt_drop_write_file(filp);
1028                if (err)
1029                        return err;
1030
1031                err = ext4_ioctl_setproject(filp, fa.fsx_projid);
1032                if (err)
1033                        return err;
1034
1035                return 0;
1036        }
1037        case EXT4_IOC_SHUTDOWN:
1038                return ext4_shutdown(sb, arg);
1039        default:
1040                return -ENOTTY;
1041        }
1042}
1043
1044#ifdef CONFIG_COMPAT
1045long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1046{
1047        /* These are just misnamed, they actually get/put from/to user an int */
1048        switch (cmd) {
1049        case EXT4_IOC32_GETFLAGS:
1050                cmd = EXT4_IOC_GETFLAGS;
1051                break;
1052        case EXT4_IOC32_SETFLAGS:
1053                cmd = EXT4_IOC_SETFLAGS;
1054                break;
1055        case EXT4_IOC32_GETVERSION:
1056                cmd = EXT4_IOC_GETVERSION;
1057                break;
1058        case EXT4_IOC32_SETVERSION:
1059                cmd = EXT4_IOC_SETVERSION;
1060                break;
1061        case EXT4_IOC32_GROUP_EXTEND:
1062                cmd = EXT4_IOC_GROUP_EXTEND;
1063                break;
1064        case EXT4_IOC32_GETVERSION_OLD:
1065                cmd = EXT4_IOC_GETVERSION_OLD;
1066                break;
1067        case EXT4_IOC32_SETVERSION_OLD:
1068                cmd = EXT4_IOC_SETVERSION_OLD;
1069                break;
1070        case EXT4_IOC32_GETRSVSZ:
1071                cmd = EXT4_IOC_GETRSVSZ;
1072                break;
1073        case EXT4_IOC32_SETRSVSZ:
1074                cmd = EXT4_IOC_SETRSVSZ;
1075                break;
1076        case EXT4_IOC32_GROUP_ADD: {
1077                struct compat_ext4_new_group_input __user *uinput;
1078                struct ext4_new_group_input input;
1079                mm_segment_t old_fs;
1080                int err;
1081
1082                uinput = compat_ptr(arg);
1083                err = get_user(input.group, &uinput->group);
1084                err |= get_user(input.block_bitmap, &uinput->block_bitmap);
1085                err |= get_user(input.inode_bitmap, &uinput->inode_bitmap);
1086                err |= get_user(input.inode_table, &uinput->inode_table);
1087                err |= get_user(input.blocks_count, &uinput->blocks_count);
1088                err |= get_user(input.reserved_blocks,
1089                                &uinput->reserved_blocks);
1090                if (err)
1091                        return -EFAULT;
1092                old_fs = get_fs();
1093                set_fs(KERNEL_DS);
1094                err = ext4_ioctl(file, EXT4_IOC_GROUP_ADD,
1095                                 (unsigned long) &input);
1096                set_fs(old_fs);
1097                return err;
1098        }
1099        case EXT4_IOC_MOVE_EXT:
1100        case EXT4_IOC_RESIZE_FS:
1101        case EXT4_IOC_PRECACHE_EXTENTS:
1102        case EXT4_IOC_SET_ENCRYPTION_POLICY:
1103        case EXT4_IOC_GET_ENCRYPTION_PWSALT:
1104        case EXT4_IOC_GET_ENCRYPTION_POLICY:
1105        case EXT4_IOC_SHUTDOWN:
1106        case FS_IOC_GETFSMAP:
1107                break;
1108        default:
1109                return -ENOIOCTLCMD;
1110        }
1111        return ext4_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
1112}
1113#endif
1114