1 // SPDX-License-Identifier: GPL-2.0
3 * linux/fs/ext4/ioctl.c
5 * Copyright (C) 1993, 1994, 1995
6 * Remy Card (card@masi.ibp.fr)
7 * Laboratoire MASI - Institut Blaise Pascal
8 * Universite Pierre et Marie Curie (Paris VI)
12 #include <linux/capability.h>
13 #include <linux/time.h>
14 #include <linux/compat.h>
15 #include <linux/mount.h>
16 #include <linux/file.h>
17 #include <linux/quotaops.h>
18 #include <linux/random.h>
19 #include <linux/uuid.h>
20 #include <linux/uaccess.h>
21 #include <linux/delay.h>
22 #include <linux/iversion.h>
23 #include "ext4_jbd2.h"
25 #include <linux/fsmap.h>
27 #include <trace/events/ext4.h>
30 * Swap memory between @a and @b for @len bytes.
32 * @a: pointer to first memory area
33 * @b: pointer to second memory area
34 * @len: number of bytes to swap
37 static void memswap(void *a, void *b, size_t len)
39 unsigned char *ap, *bp;
41 ap = (unsigned char *)a;
42 bp = (unsigned char *)b;
51 * Swap i_data and associated attributes between @inode1 and @inode2.
52 * This function is used for the primary swap between inode1 and inode2
53 * and also to revert this primary swap in case of errors.
55 * Therefore you have to make sure, that calling this method twice
56 * will revert all changes.
58 * @inode1: pointer to first inode
59 * @inode2: pointer to second inode
61 static void swap_inode_data(struct inode *inode1, struct inode *inode2)
64 struct ext4_inode_info *ei1;
65 struct ext4_inode_info *ei2;
71 swap(inode1->i_version, inode2->i_version);
72 swap(inode1->i_atime, inode2->i_atime);
73 swap(inode1->i_mtime, inode2->i_mtime);
75 memswap(ei1->i_data, ei2->i_data, sizeof(ei1->i_data));
76 tmp = ei1->i_flags & EXT4_FL_SHOULD_SWAP;
77 ei1->i_flags = (ei2->i_flags & EXT4_FL_SHOULD_SWAP) |
78 (ei1->i_flags & ~EXT4_FL_SHOULD_SWAP);
79 ei2->i_flags = tmp | (ei2->i_flags & ~EXT4_FL_SHOULD_SWAP);
80 swap(ei1->i_disksize, ei2->i_disksize);
81 ext4_es_remove_extent(inode1, 0, EXT_MAX_BLOCKS);
82 ext4_es_remove_extent(inode2, 0, EXT_MAX_BLOCKS);
84 isize = i_size_read(inode1);
85 i_size_write(inode1, i_size_read(inode2));
86 i_size_write(inode2, isize);
89 static void reset_inode_seed(struct inode *inode)
91 struct ext4_inode_info *ei = EXT4_I(inode);
92 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
93 __le32 inum = cpu_to_le32(inode->i_ino);
94 __le32 gen = cpu_to_le32(inode->i_generation);
97 if (!ext4_has_metadata_csum(inode->i_sb))
100 csum = ext4_chksum(sbi, sbi->s_csum_seed, (__u8 *)&inum, sizeof(inum));
101 ei->i_csum_seed = ext4_chksum(sbi, csum, (__u8 *)&gen, sizeof(gen));
105 * Swap the information from the given @inode and the inode
106 * EXT4_BOOT_LOADER_INO. It will basically swap i_data and all other
107 * important fields of the inodes.
109 * @sb: the super block of the filesystem
110 * @inode: the inode to swap with EXT4_BOOT_LOADER_INO
113 static long swap_inode_boot_loader(struct super_block *sb,
118 struct inode *inode_bl;
119 struct ext4_inode_info *ei_bl;
120 qsize_t size, size_bl, diff;
122 unsigned short bytes;
124 inode_bl = ext4_iget(sb, EXT4_BOOT_LOADER_INO, EXT4_IGET_SPECIAL);
125 if (IS_ERR(inode_bl))
126 return PTR_ERR(inode_bl);
127 ei_bl = EXT4_I(inode_bl);
129 /* Protect orig inodes against a truncate and make sure,
130 * that only 1 swap_inode_boot_loader is running. */
131 lock_two_nondirectories(inode, inode_bl);
133 if (inode->i_nlink != 1 || !S_ISREG(inode->i_mode) ||
134 IS_SWAPFILE(inode) || IS_ENCRYPTED(inode) ||
135 (EXT4_I(inode)->i_flags & EXT4_JOURNAL_DATA_FL) ||
136 ext4_has_inline_data(inode)) {
138 goto journal_err_out;
141 if (IS_RDONLY(inode) || IS_APPEND(inode) || IS_IMMUTABLE(inode) ||
142 !inode_owner_or_capable(inode) || !capable(CAP_SYS_ADMIN)) {
144 goto journal_err_out;
147 down_write(&EXT4_I(inode)->i_mmap_sem);
148 err = filemap_write_and_wait(inode->i_mapping);
152 err = filemap_write_and_wait(inode_bl->i_mapping);
156 /* Wait for all existing dio workers */
157 inode_dio_wait(inode);
158 inode_dio_wait(inode_bl);
160 truncate_inode_pages(&inode->i_data, 0);
161 truncate_inode_pages(&inode_bl->i_data, 0);
163 handle = ext4_journal_start(inode_bl, EXT4_HT_MOVE_EXTENTS, 2);
164 if (IS_ERR(handle)) {
169 /* Protect extent tree against block allocations via delalloc */
170 ext4_double_down_write_data_sem(inode, inode_bl);
172 if (inode_bl->i_nlink == 0) {
173 /* this inode has never been used as a BOOT_LOADER */
174 set_nlink(inode_bl, 1);
175 i_uid_write(inode_bl, 0);
176 i_gid_write(inode_bl, 0);
177 inode_bl->i_flags = 0;
179 inode_set_iversion(inode_bl, 1);
180 i_size_write(inode_bl, 0);
181 inode_bl->i_mode = S_IFREG;
182 if (ext4_has_feature_extents(sb)) {
183 ext4_set_inode_flag(inode_bl, EXT4_INODE_EXTENTS);
184 ext4_ext_tree_init(handle, inode_bl);
186 memset(ei_bl->i_data, 0, sizeof(ei_bl->i_data));
189 err = dquot_initialize(inode);
193 size = (qsize_t)(inode->i_blocks) * (1 << 9) + inode->i_bytes;
194 size_bl = (qsize_t)(inode_bl->i_blocks) * (1 << 9) + inode_bl->i_bytes;
195 diff = size - size_bl;
196 swap_inode_data(inode, inode_bl);
198 inode->i_ctime = inode_bl->i_ctime = current_time(inode);
200 inode->i_generation = prandom_u32();
201 inode_bl->i_generation = prandom_u32();
202 reset_inode_seed(inode);
203 reset_inode_seed(inode_bl);
205 ext4_discard_preallocations(inode);
207 err = ext4_mark_inode_dirty(handle, inode);
209 /* No need to update quota information. */
210 ext4_warning(inode->i_sb,
211 "couldn't mark inode #%lu dirty (err %d)",
213 /* Revert all changes: */
214 swap_inode_data(inode, inode_bl);
215 ext4_mark_inode_dirty(handle, inode);
219 blocks = inode_bl->i_blocks;
220 bytes = inode_bl->i_bytes;
221 inode_bl->i_blocks = inode->i_blocks;
222 inode_bl->i_bytes = inode->i_bytes;
223 err = ext4_mark_inode_dirty(handle, inode_bl);
225 /* No need to update quota information. */
226 ext4_warning(inode_bl->i_sb,
227 "couldn't mark inode #%lu dirty (err %d)",
228 inode_bl->i_ino, err);
232 /* Bootloader inode should not be counted into quota information. */
234 dquot_free_space(inode, diff);
236 err = dquot_alloc_space(inode, -1 * diff);
240 /* Revert all changes: */
241 inode_bl->i_blocks = blocks;
242 inode_bl->i_bytes = bytes;
243 swap_inode_data(inode, inode_bl);
244 ext4_mark_inode_dirty(handle, inode);
245 ext4_mark_inode_dirty(handle, inode_bl);
249 ext4_journal_stop(handle);
250 ext4_double_up_write_data_sem(inode, inode_bl);
253 up_write(&EXT4_I(inode)->i_mmap_sem);
255 unlock_two_nondirectories(inode, inode_bl);
260 #ifdef CONFIG_FS_ENCRYPTION
261 static int uuid_is_zero(__u8 u[16])
265 for (i = 0; i < 16; i++)
273 * If immutable is set and we are not clearing it, we're not allowed to change
274 * anything else in the inode. Don't error out if we're only trying to set
275 * immutable on an immutable file.
277 static int ext4_ioctl_check_immutable(struct inode *inode, __u32 new_projid,
280 struct ext4_inode_info *ei = EXT4_I(inode);
281 unsigned int oldflags = ei->i_flags;
283 if (!(oldflags & EXT4_IMMUTABLE_FL) || !(flags & EXT4_IMMUTABLE_FL))
286 if ((oldflags & ~EXT4_IMMUTABLE_FL) != (flags & ~EXT4_IMMUTABLE_FL))
288 if (ext4_has_feature_project(inode->i_sb) &&
289 __kprojid_val(ei->i_projid) != new_projid)
295 static int ext4_ioctl_setflags(struct inode *inode,
298 struct ext4_inode_info *ei = EXT4_I(inode);
299 handle_t *handle = NULL;
300 int err = -EPERM, migrate = 0;
301 struct ext4_iloc iloc;
302 unsigned int oldflags, mask, i;
304 struct super_block *sb = inode->i_sb;
306 /* Is it quota file? Do not allow user to mess with it */
307 if (ext4_is_quota_file(inode))
310 oldflags = ei->i_flags;
312 /* The JOURNAL_DATA flag is modifiable only by root */
313 jflag = flags & EXT4_JOURNAL_DATA_FL;
316 * The IMMUTABLE and APPEND_ONLY flags can only be changed by
317 * the relevant capability.
319 * This test looks nicer. Thanks to Pauline Middelink
321 if ((flags ^ oldflags) & (EXT4_APPEND_FL | EXT4_IMMUTABLE_FL)) {
322 if (!capable(CAP_LINUX_IMMUTABLE))
327 * The JOURNAL_DATA flag can only be changed by
328 * the relevant capability.
330 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
331 if (!capable(CAP_SYS_RESOURCE))
334 if ((flags ^ oldflags) & EXT4_EXTENTS_FL)
337 if (flags & EXT4_EOFBLOCKS_FL) {
338 /* we don't support adding EOFBLOCKS flag */
339 if (!(oldflags & EXT4_EOFBLOCKS_FL)) {
343 } else if (oldflags & EXT4_EOFBLOCKS_FL) {
344 err = ext4_truncate(inode);
349 if ((flags ^ oldflags) & EXT4_CASEFOLD_FL) {
350 if (!ext4_has_feature_casefold(sb)) {
355 if (!S_ISDIR(inode->i_mode)) {
360 if (!ext4_empty_dir(inode)) {
367 * Wait for all pending directio and then flush all the dirty pages
368 * for this file. The flush marks all the pages readonly, so any
369 * subsequent attempt to write to the file (particularly mmap pages)
370 * will come through the filesystem and fail.
372 if (S_ISREG(inode->i_mode) && !IS_IMMUTABLE(inode) &&
373 (flags & EXT4_IMMUTABLE_FL)) {
374 inode_dio_wait(inode);
375 err = filemap_write_and_wait(inode->i_mapping);
380 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
381 if (IS_ERR(handle)) {
382 err = PTR_ERR(handle);
386 ext4_handle_sync(handle);
387 err = ext4_reserve_inode_write(handle, inode, &iloc);
391 for (i = 0, mask = 1; i < 32; i++, mask <<= 1) {
392 if (!(mask & EXT4_FL_USER_MODIFIABLE))
394 /* These flags get special treatment later */
395 if (mask == EXT4_JOURNAL_DATA_FL || mask == EXT4_EXTENTS_FL)
398 ext4_set_inode_flag(inode, i);
400 ext4_clear_inode_flag(inode, i);
403 ext4_set_inode_flags(inode);
404 inode->i_ctime = current_time(inode);
406 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
408 ext4_journal_stop(handle);
412 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
414 * Changes to the journaling mode can cause unsafe changes to
415 * S_DAX if we are using the DAX mount option.
417 if (test_opt(inode->i_sb, DAX)) {
422 err = ext4_change_inode_journal_flag(inode, jflag);
427 if (flags & EXT4_EXTENTS_FL)
428 err = ext4_ext_migrate(inode);
430 err = ext4_ind_migrate(inode);
438 static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
440 struct inode *inode = file_inode(filp);
441 struct super_block *sb = inode->i_sb;
442 struct ext4_inode_info *ei = EXT4_I(inode);
446 struct ext4_iloc iloc;
447 struct ext4_inode *raw_inode;
448 struct dquot *transfer_to[MAXQUOTAS] = { };
450 if (!ext4_has_feature_project(sb)) {
451 if (projid != EXT4_DEF_PROJID)
457 if (EXT4_INODE_SIZE(sb) <= EXT4_GOOD_OLD_INODE_SIZE)
460 kprojid = make_kprojid(&init_user_ns, (projid_t)projid);
462 if (projid_eq(kprojid, EXT4_I(inode)->i_projid))
466 /* Is it quota file? Do not allow user to mess with it */
467 if (ext4_is_quota_file(inode))
470 err = ext4_get_inode_loc(inode, &iloc);
474 raw_inode = ext4_raw_inode(&iloc);
475 if (!EXT4_FITS_IN_INODE(raw_inode, ei, i_projid)) {
476 err = ext4_expand_extra_isize(inode,
477 EXT4_SB(sb)->s_want_extra_isize,
485 err = dquot_initialize(inode);
489 handle = ext4_journal_start(inode, EXT4_HT_QUOTA,
490 EXT4_QUOTA_INIT_BLOCKS(sb) +
491 EXT4_QUOTA_DEL_BLOCKS(sb) + 3);
493 return PTR_ERR(handle);
495 err = ext4_reserve_inode_write(handle, inode, &iloc);
499 transfer_to[PRJQUOTA] = dqget(sb, make_kqid_projid(kprojid));
500 if (!IS_ERR(transfer_to[PRJQUOTA])) {
502 /* __dquot_transfer() calls back ext4_get_inode_usage() which
503 * counts xattr inode references.
505 down_read(&EXT4_I(inode)->xattr_sem);
506 err = __dquot_transfer(inode, transfer_to);
507 up_read(&EXT4_I(inode)->xattr_sem);
508 dqput(transfer_to[PRJQUOTA]);
513 EXT4_I(inode)->i_projid = kprojid;
514 inode->i_ctime = current_time(inode);
516 rc = ext4_mark_iloc_dirty(handle, inode, &iloc);
520 ext4_journal_stop(handle);
524 static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
526 if (projid != EXT4_DEF_PROJID)
532 /* Transfer internal flags to xflags */
533 static inline __u32 ext4_iflags_to_xflags(unsigned long iflags)
537 if (iflags & EXT4_SYNC_FL)
538 xflags |= FS_XFLAG_SYNC;
539 if (iflags & EXT4_IMMUTABLE_FL)
540 xflags |= FS_XFLAG_IMMUTABLE;
541 if (iflags & EXT4_APPEND_FL)
542 xflags |= FS_XFLAG_APPEND;
543 if (iflags & EXT4_NODUMP_FL)
544 xflags |= FS_XFLAG_NODUMP;
545 if (iflags & EXT4_NOATIME_FL)
546 xflags |= FS_XFLAG_NOATIME;
547 if (iflags & EXT4_PROJINHERIT_FL)
548 xflags |= FS_XFLAG_PROJINHERIT;
552 #define EXT4_SUPPORTED_FS_XFLAGS (FS_XFLAG_SYNC | FS_XFLAG_IMMUTABLE | \
553 FS_XFLAG_APPEND | FS_XFLAG_NODUMP | \
554 FS_XFLAG_NOATIME | FS_XFLAG_PROJINHERIT)
556 /* Transfer xflags flags to internal */
557 static inline unsigned long ext4_xflags_to_iflags(__u32 xflags)
559 unsigned long iflags = 0;
561 if (xflags & FS_XFLAG_SYNC)
562 iflags |= EXT4_SYNC_FL;
563 if (xflags & FS_XFLAG_IMMUTABLE)
564 iflags |= EXT4_IMMUTABLE_FL;
565 if (xflags & FS_XFLAG_APPEND)
566 iflags |= EXT4_APPEND_FL;
567 if (xflags & FS_XFLAG_NODUMP)
568 iflags |= EXT4_NODUMP_FL;
569 if (xflags & FS_XFLAG_NOATIME)
570 iflags |= EXT4_NOATIME_FL;
571 if (xflags & FS_XFLAG_PROJINHERIT)
572 iflags |= EXT4_PROJINHERIT_FL;
577 static int ext4_shutdown(struct super_block *sb, unsigned long arg)
579 struct ext4_sb_info *sbi = EXT4_SB(sb);
582 if (!capable(CAP_SYS_ADMIN))
585 if (get_user(flags, (__u32 __user *)arg))
588 if (flags > EXT4_GOING_FLAGS_NOLOGFLUSH)
591 if (ext4_forced_shutdown(sbi))
594 ext4_msg(sb, KERN_ALERT, "shut down requested (%d)", flags);
595 trace_ext4_shutdown(sb, flags);
598 case EXT4_GOING_FLAGS_DEFAULT:
599 freeze_bdev(sb->s_bdev);
600 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
601 thaw_bdev(sb->s_bdev, sb);
603 case EXT4_GOING_FLAGS_LOGFLUSH:
604 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
605 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) {
606 (void) ext4_force_commit(sb);
607 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
610 case EXT4_GOING_FLAGS_NOLOGFLUSH:
611 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
612 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal))
613 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
618 clear_opt(sb, DISCARD);
622 struct getfsmap_info {
623 struct super_block *gi_sb;
624 struct fsmap_head __user *gi_data;
629 static int ext4_getfsmap_format(struct ext4_fsmap *xfm, void *priv)
631 struct getfsmap_info *info = priv;
634 trace_ext4_getfsmap_mapping(info->gi_sb, xfm);
636 info->gi_last_flags = xfm->fmr_flags;
637 ext4_fsmap_from_internal(info->gi_sb, &fm, xfm);
638 if (copy_to_user(&info->gi_data->fmh_recs[info->gi_idx++], &fm,
639 sizeof(struct fsmap)))
645 static int ext4_ioc_getfsmap(struct super_block *sb,
646 struct fsmap_head __user *arg)
648 struct getfsmap_info info = { NULL };
649 struct ext4_fsmap_head xhead = {0};
650 struct fsmap_head head;
651 bool aborted = false;
654 if (copy_from_user(&head, arg, sizeof(struct fsmap_head)))
656 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) ||
657 memchr_inv(head.fmh_keys[0].fmr_reserved, 0,
658 sizeof(head.fmh_keys[0].fmr_reserved)) ||
659 memchr_inv(head.fmh_keys[1].fmr_reserved, 0,
660 sizeof(head.fmh_keys[1].fmr_reserved)))
663 * ext4 doesn't report file extents at all, so the only valid
664 * file offsets are the magic ones (all zeroes or all ones).
666 if (head.fmh_keys[0].fmr_offset ||
667 (head.fmh_keys[1].fmr_offset != 0 &&
668 head.fmh_keys[1].fmr_offset != -1ULL))
671 xhead.fmh_iflags = head.fmh_iflags;
672 xhead.fmh_count = head.fmh_count;
673 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[0], &head.fmh_keys[0]);
674 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[1], &head.fmh_keys[1]);
676 trace_ext4_getfsmap_low_key(sb, &xhead.fmh_keys[0]);
677 trace_ext4_getfsmap_high_key(sb, &xhead.fmh_keys[1]);
681 error = ext4_getfsmap(sb, &xhead, ext4_getfsmap_format, &info);
682 if (error == EXT4_QUERY_RANGE_ABORT) {
688 /* If we didn't abort, set the "last" flag in the last fmx */
689 if (!aborted && info.gi_idx) {
690 info.gi_last_flags |= FMR_OF_LAST;
691 if (copy_to_user(&info.gi_data->fmh_recs[info.gi_idx - 1].fmr_flags,
693 sizeof(info.gi_last_flags)))
697 /* copy back header */
698 head.fmh_entries = xhead.fmh_entries;
699 head.fmh_oflags = xhead.fmh_oflags;
700 if (copy_to_user(arg, &head, sizeof(struct fsmap_head)))
706 static long ext4_ioctl_group_add(struct file *file,
707 struct ext4_new_group_data *input)
709 struct super_block *sb = file_inode(file)->i_sb;
712 err = ext4_resize_begin(sb);
716 if (ext4_has_feature_bigalloc(sb)) {
717 ext4_msg(sb, KERN_ERR,
718 "Online resizing not supported with bigalloc");
723 err = mnt_want_write_file(file);
727 err = ext4_group_add(sb, input);
728 if (EXT4_SB(sb)->s_journal) {
729 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
730 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
731 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
735 mnt_drop_write_file(file);
736 if (!err && ext4_has_group_desc_csum(sb) &&
737 test_opt(sb, INIT_INODE_TABLE))
738 err = ext4_register_li_request(sb, input->group);
744 static int ext4_ioctl_check_project(struct inode *inode, struct fsxattr *fa)
747 * Project Quota ID state is only allowed to change from within the init
748 * namespace. Enforce that restriction only if we are trying to change
749 * the quota ID state. Everything else is allowed in user namespaces.
751 if (current_user_ns() == &init_user_ns)
754 if (__kprojid_val(EXT4_I(inode)->i_projid) != fa->fsx_projid)
757 if (ext4_test_inode_flag(inode, EXT4_INODE_PROJINHERIT)) {
758 if (!(fa->fsx_xflags & FS_XFLAG_PROJINHERIT))
761 if (fa->fsx_xflags & FS_XFLAG_PROJINHERIT)
768 long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
770 struct inode *inode = file_inode(filp);
771 struct super_block *sb = inode->i_sb;
772 struct ext4_inode_info *ei = EXT4_I(inode);
775 ext4_debug("cmd = %u, arg = %lu\n", cmd, arg);
778 case FS_IOC_GETFSMAP:
779 return ext4_ioc_getfsmap(sb, (void __user *)arg);
780 case EXT4_IOC_GETFLAGS:
781 flags = ei->i_flags & EXT4_FL_USER_VISIBLE;
782 if (S_ISREG(inode->i_mode))
783 flags &= ~EXT4_PROJINHERIT_FL;
784 return put_user(flags, (int __user *) arg);
785 case EXT4_IOC_SETFLAGS: {
788 if (!inode_owner_or_capable(inode))
791 if (get_user(flags, (int __user *) arg))
794 if (flags & ~EXT4_FL_USER_VISIBLE)
797 * chattr(1) grabs flags via GETFLAGS, modifies the result and
798 * passes that to SETFLAGS. So we cannot easily make SETFLAGS
799 * more restrictive than just silently masking off visible but
800 * not settable flags as we always did.
802 flags &= EXT4_FL_USER_MODIFIABLE;
803 if (ext4_mask_flags(inode->i_mode, flags) != flags)
806 err = mnt_want_write_file(filp);
811 err = ext4_ioctl_check_immutable(inode,
812 from_kprojid(&init_user_ns, ei->i_projid),
815 err = ext4_ioctl_setflags(inode, flags);
817 mnt_drop_write_file(filp);
820 case EXT4_IOC_GETVERSION:
821 case EXT4_IOC_GETVERSION_OLD:
822 return put_user(inode->i_generation, (int __user *) arg);
823 case EXT4_IOC_SETVERSION:
824 case EXT4_IOC_SETVERSION_OLD: {
826 struct ext4_iloc iloc;
830 if (!inode_owner_or_capable(inode))
833 if (ext4_has_metadata_csum(inode->i_sb)) {
834 ext4_warning(sb, "Setting inode version is not "
835 "supported with metadata_csum enabled.");
839 err = mnt_want_write_file(filp);
842 if (get_user(generation, (int __user *) arg)) {
848 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
849 if (IS_ERR(handle)) {
850 err = PTR_ERR(handle);
853 err = ext4_reserve_inode_write(handle, inode, &iloc);
855 inode->i_ctime = current_time(inode);
856 inode->i_generation = generation;
857 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
859 ext4_journal_stop(handle);
864 mnt_drop_write_file(filp);
867 case EXT4_IOC_GROUP_EXTEND: {
868 ext4_fsblk_t n_blocks_count;
871 err = ext4_resize_begin(sb);
875 if (get_user(n_blocks_count, (__u32 __user *)arg)) {
877 goto group_extend_out;
880 if (ext4_has_feature_bigalloc(sb)) {
881 ext4_msg(sb, KERN_ERR,
882 "Online resizing not supported with bigalloc");
884 goto group_extend_out;
887 err = mnt_want_write_file(filp);
889 goto group_extend_out;
891 err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count);
892 if (EXT4_SB(sb)->s_journal) {
893 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
894 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
895 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
899 mnt_drop_write_file(filp);
905 case EXT4_IOC_MOVE_EXT: {
906 struct move_extent me;
910 if (!(filp->f_mode & FMODE_READ) ||
911 !(filp->f_mode & FMODE_WRITE))
914 if (copy_from_user(&me,
915 (struct move_extent __user *)arg, sizeof(me)))
919 donor = fdget(me.donor_fd);
923 if (!(donor.file->f_mode & FMODE_WRITE)) {
928 if (ext4_has_feature_bigalloc(sb)) {
929 ext4_msg(sb, KERN_ERR,
930 "Online defrag not supported with bigalloc");
933 } else if (IS_DAX(inode)) {
934 ext4_msg(sb, KERN_ERR,
935 "Online defrag not supported with DAX");
940 err = mnt_want_write_file(filp);
944 err = ext4_move_extents(filp, donor.file, me.orig_start,
945 me.donor_start, me.len, &me.moved_len);
946 mnt_drop_write_file(filp);
948 if (copy_to_user((struct move_extent __user *)arg,
956 case EXT4_IOC_GROUP_ADD: {
957 struct ext4_new_group_data input;
959 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg,
963 return ext4_ioctl_group_add(filp, &input);
966 case EXT4_IOC_MIGRATE:
969 if (!inode_owner_or_capable(inode))
972 err = mnt_want_write_file(filp);
976 * inode_mutex prevent write and truncate on the file.
977 * Read still goes through. We take i_data_sem in
978 * ext4_ext_swap_inode_data before we switch the
979 * inode format to prevent read.
982 err = ext4_ext_migrate(inode);
983 inode_unlock((inode));
984 mnt_drop_write_file(filp);
988 case EXT4_IOC_ALLOC_DA_BLKS:
991 if (!inode_owner_or_capable(inode))
994 err = mnt_want_write_file(filp);
997 err = ext4_alloc_da_blocks(inode);
998 mnt_drop_write_file(filp);
1002 case EXT4_IOC_SWAP_BOOT:
1005 if (!(filp->f_mode & FMODE_WRITE))
1007 err = mnt_want_write_file(filp);
1010 err = swap_inode_boot_loader(sb, inode);
1011 mnt_drop_write_file(filp);
1015 case EXT4_IOC_RESIZE_FS: {
1016 ext4_fsblk_t n_blocks_count;
1017 int err = 0, err2 = 0;
1018 ext4_group_t o_group = EXT4_SB(sb)->s_groups_count;
1020 if (copy_from_user(&n_blocks_count, (__u64 __user *)arg,
1025 err = ext4_resize_begin(sb);
1029 err = mnt_want_write_file(filp);
1033 err = ext4_resize_fs(sb, n_blocks_count);
1034 if (EXT4_SB(sb)->s_journal) {
1035 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
1036 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
1037 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
1041 mnt_drop_write_file(filp);
1042 if (!err && (o_group < EXT4_SB(sb)->s_groups_count) &&
1043 ext4_has_group_desc_csum(sb) &&
1044 test_opt(sb, INIT_INODE_TABLE))
1045 err = ext4_register_li_request(sb, o_group);
1048 ext4_resize_end(sb);
1054 struct request_queue *q = bdev_get_queue(sb->s_bdev);
1055 struct fstrim_range range;
1058 if (!capable(CAP_SYS_ADMIN))
1061 if (!blk_queue_discard(q))
1065 * We haven't replayed the journal, so we cannot use our
1066 * block-bitmap-guided storage zapping commands.
1068 if (test_opt(sb, NOLOAD) && ext4_has_feature_journal(sb))
1071 if (copy_from_user(&range, (struct fstrim_range __user *)arg,
1075 range.minlen = max((unsigned int)range.minlen,
1076 q->limits.discard_granularity);
1077 ret = ext4_trim_fs(sb, &range);
1081 if (copy_to_user((struct fstrim_range __user *)arg, &range,
1087 case EXT4_IOC_PRECACHE_EXTENTS:
1088 return ext4_ext_precache(inode);
1090 case EXT4_IOC_SET_ENCRYPTION_POLICY:
1091 if (!ext4_has_feature_encrypt(sb))
1093 return fscrypt_ioctl_set_policy(filp, (const void __user *)arg);
1095 case EXT4_IOC_GET_ENCRYPTION_PWSALT: {
1096 #ifdef CONFIG_FS_ENCRYPTION
1098 struct ext4_sb_info *sbi = EXT4_SB(sb);
1101 if (!ext4_has_feature_encrypt(sb))
1103 if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
1104 err = mnt_want_write_file(filp);
1107 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
1108 if (IS_ERR(handle)) {
1109 err = PTR_ERR(handle);
1110 goto pwsalt_err_exit;
1112 err = ext4_journal_get_write_access(handle, sbi->s_sbh);
1114 goto pwsalt_err_journal;
1115 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
1116 err = ext4_handle_dirty_metadata(handle, NULL,
1119 err2 = ext4_journal_stop(handle);
1123 mnt_drop_write_file(filp);
1127 if (copy_to_user((void __user *) arg,
1128 sbi->s_es->s_encrypt_pw_salt, 16))
1135 case EXT4_IOC_GET_ENCRYPTION_POLICY:
1136 return fscrypt_ioctl_get_policy(filp, (void __user *)arg);
1138 case EXT4_IOC_FSGETXATTR:
1142 memset(&fa, 0, sizeof(struct fsxattr));
1143 fa.fsx_xflags = ext4_iflags_to_xflags(ei->i_flags & EXT4_FL_USER_VISIBLE);
1145 if (ext4_has_feature_project(inode->i_sb)) {
1146 fa.fsx_projid = (__u32)from_kprojid(&init_user_ns,
1147 EXT4_I(inode)->i_projid);
1150 if (copy_to_user((struct fsxattr __user *)arg,
1155 case EXT4_IOC_FSSETXATTR:
1160 if (copy_from_user(&fa, (struct fsxattr __user *)arg,
1164 /* Make sure caller has proper permission */
1165 if (!inode_owner_or_capable(inode))
1168 if (fa.fsx_xflags & ~EXT4_SUPPORTED_FS_XFLAGS)
1171 flags = ext4_xflags_to_iflags(fa.fsx_xflags);
1172 if (ext4_mask_flags(inode->i_mode, flags) != flags)
1175 err = mnt_want_write_file(filp);
1180 err = ext4_ioctl_check_project(inode, &fa);
1183 flags = (ei->i_flags & ~EXT4_FL_XFLAG_VISIBLE) |
1184 (flags & EXT4_FL_XFLAG_VISIBLE);
1185 err = ext4_ioctl_check_immutable(inode, fa.fsx_projid, flags);
1188 err = ext4_ioctl_setflags(inode, flags);
1191 err = ext4_ioctl_setproject(filp, fa.fsx_projid);
1193 inode_unlock(inode);
1194 mnt_drop_write_file(filp);
1197 case EXT4_IOC_SHUTDOWN:
1198 return ext4_shutdown(sb, arg);
1204 #ifdef CONFIG_COMPAT
1205 long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1207 /* These are just misnamed, they actually get/put from/to user an int */
1209 case EXT4_IOC32_GETFLAGS:
1210 cmd = EXT4_IOC_GETFLAGS;
1212 case EXT4_IOC32_SETFLAGS:
1213 cmd = EXT4_IOC_SETFLAGS;
1215 case EXT4_IOC32_GETVERSION:
1216 cmd = EXT4_IOC_GETVERSION;
1218 case EXT4_IOC32_SETVERSION:
1219 cmd = EXT4_IOC_SETVERSION;
1221 case EXT4_IOC32_GROUP_EXTEND:
1222 cmd = EXT4_IOC_GROUP_EXTEND;
1224 case EXT4_IOC32_GETVERSION_OLD:
1225 cmd = EXT4_IOC_GETVERSION_OLD;
1227 case EXT4_IOC32_SETVERSION_OLD:
1228 cmd = EXT4_IOC_SETVERSION_OLD;
1230 case EXT4_IOC32_GETRSVSZ:
1231 cmd = EXT4_IOC_GETRSVSZ;
1233 case EXT4_IOC32_SETRSVSZ:
1234 cmd = EXT4_IOC_SETRSVSZ;
1236 case EXT4_IOC32_GROUP_ADD: {
1237 struct compat_ext4_new_group_input __user *uinput;
1238 struct ext4_new_group_data input;
1241 uinput = compat_ptr(arg);
1242 err = get_user(input.group, &uinput->group);
1243 err |= get_user(input.block_bitmap, &uinput->block_bitmap);
1244 err |= get_user(input.inode_bitmap, &uinput->inode_bitmap);
1245 err |= get_user(input.inode_table, &uinput->inode_table);
1246 err |= get_user(input.blocks_count, &uinput->blocks_count);
1247 err |= get_user(input.reserved_blocks,
1248 &uinput->reserved_blocks);
1251 return ext4_ioctl_group_add(file, &input);
1253 case EXT4_IOC_MOVE_EXT:
1254 case EXT4_IOC_RESIZE_FS:
1255 case EXT4_IOC_PRECACHE_EXTENTS:
1256 case EXT4_IOC_SET_ENCRYPTION_POLICY:
1257 case EXT4_IOC_GET_ENCRYPTION_PWSALT:
1258 case EXT4_IOC_GET_ENCRYPTION_POLICY:
1259 case EXT4_IOC_SHUTDOWN:
1260 case FS_IOC_GETFSMAP:
1263 return -ENOIOCTLCMD;
1265 return ext4_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
projects / linux.git / blob