Loading...
1/*
2 * linux/fs/ext4/ioctl.c
3 *
4 * Copyright (C) 1993, 1994, 1995
5 * Remy Card (card@masi.ibp.fr)
6 * Laboratoire MASI - Institut Blaise Pascal
7 * Universite Pierre et Marie Curie (Paris VI)
8 */
9
10#include <linux/fs.h>
11#include <linux/jbd2.h>
12#include <linux/capability.h>
13#include <linux/time.h>
14#include <linux/compat.h>
15#include <linux/mount.h>
16#include <linux/file.h>
17#include <asm/uaccess.h>
18#include "ext4_jbd2.h"
19#include "ext4.h"
20
21long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
22{
23 struct inode *inode = filp->f_dentry->d_inode;
24 struct ext4_inode_info *ei = EXT4_I(inode);
25 unsigned int flags;
26
27 ext4_debug("cmd = %u, arg = %lu\n", cmd, arg);
28
29 switch (cmd) {
30 case EXT4_IOC_GETFLAGS:
31 ext4_get_inode_flags(ei);
32 flags = ei->i_flags & EXT4_FL_USER_VISIBLE;
33 return put_user(flags, (int __user *) arg);
34 case EXT4_IOC_SETFLAGS: {
35 handle_t *handle = NULL;
36 int err, migrate = 0;
37 struct ext4_iloc iloc;
38 unsigned int oldflags;
39 unsigned int jflag;
40
41 if (!inode_owner_or_capable(inode))
42 return -EACCES;
43
44 if (get_user(flags, (int __user *) arg))
45 return -EFAULT;
46
47 err = mnt_want_write(filp->f_path.mnt);
48 if (err)
49 return err;
50
51 flags = ext4_mask_flags(inode->i_mode, flags);
52
53 err = -EPERM;
54 mutex_lock(&inode->i_mutex);
55 /* Is it quota file? Do not allow user to mess with it */
56 if (IS_NOQUOTA(inode))
57 goto flags_out;
58
59 oldflags = ei->i_flags;
60
61 /* The JOURNAL_DATA flag is modifiable only by root */
62 jflag = flags & EXT4_JOURNAL_DATA_FL;
63
64 /*
65 * The IMMUTABLE and APPEND_ONLY flags can only be changed by
66 * the relevant capability.
67 *
68 * This test looks nicer. Thanks to Pauline Middelink
69 */
70 if ((flags ^ oldflags) & (EXT4_APPEND_FL | EXT4_IMMUTABLE_FL)) {
71 if (!capable(CAP_LINUX_IMMUTABLE))
72 goto flags_out;
73 }
74
75 /*
76 * The JOURNAL_DATA flag can only be changed by
77 * the relevant capability.
78 */
79 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
80 if (!capable(CAP_SYS_RESOURCE))
81 goto flags_out;
82 }
83 if (oldflags & EXT4_EXTENTS_FL) {
84 /* We don't support clearning extent flags */
85 if (!(flags & EXT4_EXTENTS_FL)) {
86 err = -EOPNOTSUPP;
87 goto flags_out;
88 }
89 } else if (flags & EXT4_EXTENTS_FL) {
90 /* migrate the file */
91 migrate = 1;
92 flags &= ~EXT4_EXTENTS_FL;
93 }
94
95 if (flags & EXT4_EOFBLOCKS_FL) {
96 /* we don't support adding EOFBLOCKS flag */
97 if (!(oldflags & EXT4_EOFBLOCKS_FL)) {
98 err = -EOPNOTSUPP;
99 goto flags_out;
100 }
101 } else if (oldflags & EXT4_EOFBLOCKS_FL)
102 ext4_truncate(inode);
103
104 handle = ext4_journal_start(inode, 1);
105 if (IS_ERR(handle)) {
106 err = PTR_ERR(handle);
107 goto flags_out;
108 }
109 if (IS_SYNC(inode))
110 ext4_handle_sync(handle);
111 err = ext4_reserve_inode_write(handle, inode, &iloc);
112 if (err)
113 goto flags_err;
114
115 flags = flags & EXT4_FL_USER_MODIFIABLE;
116 flags |= oldflags & ~EXT4_FL_USER_MODIFIABLE;
117 ei->i_flags = flags;
118
119 ext4_set_inode_flags(inode);
120 inode->i_ctime = ext4_current_time(inode);
121
122 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
123flags_err:
124 ext4_journal_stop(handle);
125 if (err)
126 goto flags_out;
127
128 if ((jflag ^ oldflags) & (EXT4_JOURNAL_DATA_FL))
129 err = ext4_change_inode_journal_flag(inode, jflag);
130 if (err)
131 goto flags_out;
132 if (migrate)
133 err = ext4_ext_migrate(inode);
134flags_out:
135 mutex_unlock(&inode->i_mutex);
136 mnt_drop_write(filp->f_path.mnt);
137 return err;
138 }
139 case EXT4_IOC_GETVERSION:
140 case EXT4_IOC_GETVERSION_OLD:
141 return put_user(inode->i_generation, (int __user *) arg);
142 case EXT4_IOC_SETVERSION:
143 case EXT4_IOC_SETVERSION_OLD: {
144 handle_t *handle;
145 struct ext4_iloc iloc;
146 __u32 generation;
147 int err;
148
149 if (!inode_owner_or_capable(inode))
150 return -EPERM;
151
152 err = mnt_want_write(filp->f_path.mnt);
153 if (err)
154 return err;
155 if (get_user(generation, (int __user *) arg)) {
156 err = -EFAULT;
157 goto setversion_out;
158 }
159
160 handle = ext4_journal_start(inode, 1);
161 if (IS_ERR(handle)) {
162 err = PTR_ERR(handle);
163 goto setversion_out;
164 }
165 err = ext4_reserve_inode_write(handle, inode, &iloc);
166 if (err == 0) {
167 inode->i_ctime = ext4_current_time(inode);
168 inode->i_generation = generation;
169 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
170 }
171 ext4_journal_stop(handle);
172setversion_out:
173 mnt_drop_write(filp->f_path.mnt);
174 return err;
175 }
176#ifdef CONFIG_JBD2_DEBUG
177 case EXT4_IOC_WAIT_FOR_READONLY:
178 /*
179 * This is racy - by the time we're woken up and running,
180 * the superblock could be released. And the module could
181 * have been unloaded. So sue me.
182 *
183 * Returns 1 if it slept, else zero.
184 */
185 {
186 struct super_block *sb = inode->i_sb;
187 DECLARE_WAITQUEUE(wait, current);
188 int ret = 0;
189
190 set_current_state(TASK_INTERRUPTIBLE);
191 add_wait_queue(&EXT4_SB(sb)->ro_wait_queue, &wait);
192 if (timer_pending(&EXT4_SB(sb)->turn_ro_timer)) {
193 schedule();
194 ret = 1;
195 }
196 remove_wait_queue(&EXT4_SB(sb)->ro_wait_queue, &wait);
197 return ret;
198 }
199#endif
200 case EXT4_IOC_GROUP_EXTEND: {
201 ext4_fsblk_t n_blocks_count;
202 struct super_block *sb = inode->i_sb;
203 int err, err2=0;
204
205 err = ext4_resize_begin(sb);
206 if (err)
207 return err;
208
209 if (get_user(n_blocks_count, (__u32 __user *)arg))
210 return -EFAULT;
211
212 err = mnt_want_write(filp->f_path.mnt);
213 if (err)
214 return err;
215
216 err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count);
217 if (EXT4_SB(sb)->s_journal) {
218 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
219 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
220 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
221 }
222 if (err == 0)
223 err = err2;
224 mnt_drop_write(filp->f_path.mnt);
225 ext4_resize_end(sb);
226
227 return err;
228 }
229
230 case EXT4_IOC_MOVE_EXT: {
231 struct move_extent me;
232 struct file *donor_filp;
233 int err;
234
235 if (!(filp->f_mode & FMODE_READ) ||
236 !(filp->f_mode & FMODE_WRITE))
237 return -EBADF;
238
239 if (copy_from_user(&me,
240 (struct move_extent __user *)arg, sizeof(me)))
241 return -EFAULT;
242 me.moved_len = 0;
243
244 donor_filp = fget(me.donor_fd);
245 if (!donor_filp)
246 return -EBADF;
247
248 if (!(donor_filp->f_mode & FMODE_WRITE)) {
249 err = -EBADF;
250 goto mext_out;
251 }
252
253 err = mnt_want_write(filp->f_path.mnt);
254 if (err)
255 goto mext_out;
256
257 err = ext4_move_extents(filp, donor_filp, me.orig_start,
258 me.donor_start, me.len, &me.moved_len);
259 mnt_drop_write(filp->f_path.mnt);
260 if (me.moved_len > 0)
261 file_remove_suid(donor_filp);
262
263 if (copy_to_user((struct move_extent __user *)arg,
264 &me, sizeof(me)))
265 err = -EFAULT;
266mext_out:
267 fput(donor_filp);
268 return err;
269 }
270
271 case EXT4_IOC_GROUP_ADD: {
272 struct ext4_new_group_data input;
273 struct super_block *sb = inode->i_sb;
274 int err, err2=0;
275
276 err = ext4_resize_begin(sb);
277 if (err)
278 return err;
279
280 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg,
281 sizeof(input)))
282 return -EFAULT;
283
284 err = mnt_want_write(filp->f_path.mnt);
285 if (err)
286 return err;
287
288 err = ext4_group_add(sb, &input);
289 if (EXT4_SB(sb)->s_journal) {
290 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
291 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
292 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
293 }
294 if (err == 0)
295 err = err2;
296 mnt_drop_write(filp->f_path.mnt);
297 ext4_resize_end(sb);
298
299 return err;
300 }
301
302 case EXT4_IOC_MIGRATE:
303 {
304 int err;
305 if (!inode_owner_or_capable(inode))
306 return -EACCES;
307
308 err = mnt_want_write(filp->f_path.mnt);
309 if (err)
310 return err;
311 /*
312 * inode_mutex prevent write and truncate on the file.
313 * Read still goes through. We take i_data_sem in
314 * ext4_ext_swap_inode_data before we switch the
315 * inode format to prevent read.
316 */
317 mutex_lock(&(inode->i_mutex));
318 err = ext4_ext_migrate(inode);
319 mutex_unlock(&(inode->i_mutex));
320 mnt_drop_write(filp->f_path.mnt);
321 return err;
322 }
323
324 case EXT4_IOC_ALLOC_DA_BLKS:
325 {
326 int err;
327 if (!inode_owner_or_capable(inode))
328 return -EACCES;
329
330 err = mnt_want_write(filp->f_path.mnt);
331 if (err)
332 return err;
333 err = ext4_alloc_da_blocks(inode);
334 mnt_drop_write(filp->f_path.mnt);
335 return err;
336 }
337
338 case FITRIM:
339 {
340 struct super_block *sb = inode->i_sb;
341 struct request_queue *q = bdev_get_queue(sb->s_bdev);
342 struct fstrim_range range;
343 int ret = 0;
344
345 if (!capable(CAP_SYS_ADMIN))
346 return -EPERM;
347
348 if (!blk_queue_discard(q))
349 return -EOPNOTSUPP;
350
351 if (copy_from_user(&range, (struct fstrim_range *)arg,
352 sizeof(range)))
353 return -EFAULT;
354
355 range.minlen = max((unsigned int)range.minlen,
356 q->limits.discard_granularity);
357 ret = ext4_trim_fs(sb, &range);
358 if (ret < 0)
359 return ret;
360
361 if (copy_to_user((struct fstrim_range *)arg, &range,
362 sizeof(range)))
363 return -EFAULT;
364
365 return 0;
366 }
367
368 default:
369 return -ENOTTY;
370 }
371}
372
373#ifdef CONFIG_COMPAT
374long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
375{
376 /* These are just misnamed, they actually get/put from/to user an int */
377 switch (cmd) {
378 case EXT4_IOC32_GETFLAGS:
379 cmd = EXT4_IOC_GETFLAGS;
380 break;
381 case EXT4_IOC32_SETFLAGS:
382 cmd = EXT4_IOC_SETFLAGS;
383 break;
384 case EXT4_IOC32_GETVERSION:
385 cmd = EXT4_IOC_GETVERSION;
386 break;
387 case EXT4_IOC32_SETVERSION:
388 cmd = EXT4_IOC_SETVERSION;
389 break;
390 case EXT4_IOC32_GROUP_EXTEND:
391 cmd = EXT4_IOC_GROUP_EXTEND;
392 break;
393 case EXT4_IOC32_GETVERSION_OLD:
394 cmd = EXT4_IOC_GETVERSION_OLD;
395 break;
396 case EXT4_IOC32_SETVERSION_OLD:
397 cmd = EXT4_IOC_SETVERSION_OLD;
398 break;
399#ifdef CONFIG_JBD2_DEBUG
400 case EXT4_IOC32_WAIT_FOR_READONLY:
401 cmd = EXT4_IOC_WAIT_FOR_READONLY;
402 break;
403#endif
404 case EXT4_IOC32_GETRSVSZ:
405 cmd = EXT4_IOC_GETRSVSZ;
406 break;
407 case EXT4_IOC32_SETRSVSZ:
408 cmd = EXT4_IOC_SETRSVSZ;
409 break;
410 case EXT4_IOC32_GROUP_ADD: {
411 struct compat_ext4_new_group_input __user *uinput;
412 struct ext4_new_group_input input;
413 mm_segment_t old_fs;
414 int err;
415
416 uinput = compat_ptr(arg);
417 err = get_user(input.group, &uinput->group);
418 err |= get_user(input.block_bitmap, &uinput->block_bitmap);
419 err |= get_user(input.inode_bitmap, &uinput->inode_bitmap);
420 err |= get_user(input.inode_table, &uinput->inode_table);
421 err |= get_user(input.blocks_count, &uinput->blocks_count);
422 err |= get_user(input.reserved_blocks,
423 &uinput->reserved_blocks);
424 if (err)
425 return -EFAULT;
426 old_fs = get_fs();
427 set_fs(KERNEL_DS);
428 err = ext4_ioctl(file, EXT4_IOC_GROUP_ADD,
429 (unsigned long) &input);
430 set_fs(old_fs);
431 return err;
432 }
433 case EXT4_IOC_MOVE_EXT:
434 case FITRIM:
435 break;
436 default:
437 return -ENOIOCTLCMD;
438 }
439 return ext4_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
440}
441#endif
1// SPDX-License-Identifier: GPL-2.0
2/*
3 * linux/fs/ext4/ioctl.c
4 *
5 * Copyright (C) 1993, 1994, 1995
6 * Remy Card (card@masi.ibp.fr)
7 * Laboratoire MASI - Institut Blaise Pascal
8 * Universite Pierre et Marie Curie (Paris VI)
9 */
10
11#include <linux/fs.h>
12#include <linux/capability.h>
13#include <linux/time.h>
14#include <linux/compat.h>
15#include <linux/mount.h>
16#include <linux/file.h>
17#include <linux/quotaops.h>
18#include <linux/random.h>
19#include <linux/uaccess.h>
20#include <linux/delay.h>
21#include <linux/iversion.h>
22#include <linux/fileattr.h>
23#include <linux/uuid.h>
24#include "ext4_jbd2.h"
25#include "ext4.h"
26#include <linux/fsmap.h>
27#include "fsmap.h"
28#include <trace/events/ext4.h>
29
30typedef void ext4_update_sb_callback(struct ext4_super_block *es,
31 const void *arg);
32
33/*
34 * Superblock modification callback function for changing file system
35 * label
36 */
37static void ext4_sb_setlabel(struct ext4_super_block *es, const void *arg)
38{
39 /* Sanity check, this should never happen */
40 BUILD_BUG_ON(sizeof(es->s_volume_name) < EXT4_LABEL_MAX);
41
42 memcpy(es->s_volume_name, (char *)arg, EXT4_LABEL_MAX);
43}
44
45/*
46 * Superblock modification callback function for changing file system
47 * UUID.
48 */
49static void ext4_sb_setuuid(struct ext4_super_block *es, const void *arg)
50{
51 memcpy(es->s_uuid, (__u8 *)arg, UUID_SIZE);
52}
53
54static
55int ext4_update_primary_sb(struct super_block *sb, handle_t *handle,
56 ext4_update_sb_callback func,
57 const void *arg)
58{
59 int err = 0;
60 struct ext4_sb_info *sbi = EXT4_SB(sb);
61 struct buffer_head *bh = sbi->s_sbh;
62 struct ext4_super_block *es = sbi->s_es;
63
64 trace_ext4_update_sb(sb, bh->b_blocknr, 1);
65
66 BUFFER_TRACE(bh, "get_write_access");
67 err = ext4_journal_get_write_access(handle, sb,
68 bh,
69 EXT4_JTR_NONE);
70 if (err)
71 goto out_err;
72
73 lock_buffer(bh);
74 func(es, arg);
75 ext4_superblock_csum_set(sb);
76 unlock_buffer(bh);
77
78 if (buffer_write_io_error(bh) || !buffer_uptodate(bh)) {
79 ext4_msg(sbi->s_sb, KERN_ERR, "previous I/O error to "
80 "superblock detected");
81 clear_buffer_write_io_error(bh);
82 set_buffer_uptodate(bh);
83 }
84
85 err = ext4_handle_dirty_metadata(handle, NULL, bh);
86 if (err)
87 goto out_err;
88 err = sync_dirty_buffer(bh);
89out_err:
90 ext4_std_error(sb, err);
91 return err;
92}
93
94/*
95 * Update one backup superblock in the group 'grp' using the callback
96 * function 'func' and argument 'arg'. If the handle is NULL the
97 * modification is not journalled.
98 *
99 * Returns: 0 when no modification was done (no superblock in the group)
100 * 1 when the modification was successful
101 * <0 on error
102 */
103static int ext4_update_backup_sb(struct super_block *sb,
104 handle_t *handle, ext4_group_t grp,
105 ext4_update_sb_callback func, const void *arg)
106{
107 int err = 0;
108 ext4_fsblk_t sb_block;
109 struct buffer_head *bh;
110 unsigned long offset = 0;
111 struct ext4_super_block *es;
112
113 if (!ext4_bg_has_super(sb, grp))
114 return 0;
115
116 /*
117 * For the group 0 there is always 1k padding, so we have
118 * either adjust offset, or sb_block depending on blocksize
119 */
120 if (grp == 0) {
121 sb_block = 1 * EXT4_MIN_BLOCK_SIZE;
122 offset = do_div(sb_block, sb->s_blocksize);
123 } else {
124 sb_block = ext4_group_first_block_no(sb, grp);
125 offset = 0;
126 }
127
128 trace_ext4_update_sb(sb, sb_block, handle ? 1 : 0);
129
130 bh = ext4_sb_bread(sb, sb_block, 0);
131 if (IS_ERR(bh))
132 return PTR_ERR(bh);
133
134 if (handle) {
135 BUFFER_TRACE(bh, "get_write_access");
136 err = ext4_journal_get_write_access(handle, sb,
137 bh,
138 EXT4_JTR_NONE);
139 if (err)
140 goto out_bh;
141 }
142
143 es = (struct ext4_super_block *) (bh->b_data + offset);
144 lock_buffer(bh);
145 if (ext4_has_metadata_csum(sb) &&
146 es->s_checksum != ext4_superblock_csum(sb, es)) {
147 ext4_msg(sb, KERN_ERR, "Invalid checksum for backup "
148 "superblock %llu", sb_block);
149 unlock_buffer(bh);
150 goto out_bh;
151 }
152 func(es, arg);
153 if (ext4_has_metadata_csum(sb))
154 es->s_checksum = ext4_superblock_csum(sb, es);
155 set_buffer_uptodate(bh);
156 unlock_buffer(bh);
157
158 if (handle) {
159 err = ext4_handle_dirty_metadata(handle, NULL, bh);
160 if (err)
161 goto out_bh;
162 } else {
163 BUFFER_TRACE(bh, "marking dirty");
164 mark_buffer_dirty(bh);
165 }
166 err = sync_dirty_buffer(bh);
167
168out_bh:
169 brelse(bh);
170 ext4_std_error(sb, err);
171 return (err) ? err : 1;
172}
173
174/*
175 * Update primary and backup superblocks using the provided function
176 * func and argument arg.
177 *
178 * Only the primary superblock and at most two backup superblock
179 * modifications are journalled; the rest is modified without journal.
180 * This is safe because e2fsck will re-write them if there is a problem,
181 * and we're very unlikely to ever need more than two backups.
182 */
183static
184int ext4_update_superblocks_fn(struct super_block *sb,
185 ext4_update_sb_callback func,
186 const void *arg)
187{
188 handle_t *handle;
189 ext4_group_t ngroups;
190 unsigned int three = 1;
191 unsigned int five = 5;
192 unsigned int seven = 7;
193 int err = 0, ret, i;
194 ext4_group_t grp, primary_grp;
195 struct ext4_sb_info *sbi = EXT4_SB(sb);
196
197 /*
198 * We can't update superblocks while the online resize is running
199 */
200 if (test_and_set_bit_lock(EXT4_FLAGS_RESIZING,
201 &sbi->s_ext4_flags)) {
202 ext4_msg(sb, KERN_ERR, "Can't modify superblock while"
203 "performing online resize");
204 return -EBUSY;
205 }
206
207 /*
208 * We're only going to update primary superblock and two
209 * backup superblocks in this transaction.
210 */
211 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 3);
212 if (IS_ERR(handle)) {
213 err = PTR_ERR(handle);
214 goto out;
215 }
216
217 /* Update primary superblock */
218 err = ext4_update_primary_sb(sb, handle, func, arg);
219 if (err) {
220 ext4_msg(sb, KERN_ERR, "Failed to update primary "
221 "superblock");
222 goto out_journal;
223 }
224
225 primary_grp = ext4_get_group_number(sb, sbi->s_sbh->b_blocknr);
226 ngroups = ext4_get_groups_count(sb);
227
228 /*
229 * Update backup superblocks. We have to start from group 0
230 * because it might not be where the primary superblock is
231 * if the fs is mounted with -o sb=<backup_sb_block>
232 */
233 i = 0;
234 grp = 0;
235 while (grp < ngroups) {
236 /* Skip primary superblock */
237 if (grp == primary_grp)
238 goto next_grp;
239
240 ret = ext4_update_backup_sb(sb, handle, grp, func, arg);
241 if (ret < 0) {
242 /* Ignore bad checksum; try to update next sb */
243 if (ret == -EFSBADCRC)
244 goto next_grp;
245 err = ret;
246 goto out_journal;
247 }
248
249 i += ret;
250 if (handle && i > 1) {
251 /*
252 * We're only journalling primary superblock and
253 * two backup superblocks; the rest is not
254 * journalled.
255 */
256 err = ext4_journal_stop(handle);
257 if (err)
258 goto out;
259 handle = NULL;
260 }
261next_grp:
262 grp = ext4_list_backups(sb, &three, &five, &seven);
263 }
264
265out_journal:
266 if (handle) {
267 ret = ext4_journal_stop(handle);
268 if (ret && !err)
269 err = ret;
270 }
271out:
272 clear_bit_unlock(EXT4_FLAGS_RESIZING, &sbi->s_ext4_flags);
273 smp_mb__after_atomic();
274 return err ? err : 0;
275}
276
277/*
278 * Swap memory between @a and @b for @len bytes.
279 *
280 * @a: pointer to first memory area
281 * @b: pointer to second memory area
282 * @len: number of bytes to swap
283 *
284 */
285static void memswap(void *a, void *b, size_t len)
286{
287 unsigned char *ap, *bp;
288
289 ap = (unsigned char *)a;
290 bp = (unsigned char *)b;
291 while (len-- > 0) {
292 swap(*ap, *bp);
293 ap++;
294 bp++;
295 }
296}
297
298/*
299 * Swap i_data and associated attributes between @inode1 and @inode2.
300 * This function is used for the primary swap between inode1 and inode2
301 * and also to revert this primary swap in case of errors.
302 *
303 * Therefore you have to make sure, that calling this method twice
304 * will revert all changes.
305 *
306 * @inode1: pointer to first inode
307 * @inode2: pointer to second inode
308 */
309static void swap_inode_data(struct inode *inode1, struct inode *inode2)
310{
311 loff_t isize;
312 struct ext4_inode_info *ei1;
313 struct ext4_inode_info *ei2;
314 unsigned long tmp;
315 struct timespec64 ts1, ts2;
316
317 ei1 = EXT4_I(inode1);
318 ei2 = EXT4_I(inode2);
319
320 swap(inode1->i_version, inode2->i_version);
321
322 ts1 = inode_get_atime(inode1);
323 ts2 = inode_get_atime(inode2);
324 inode_set_atime_to_ts(inode1, ts2);
325 inode_set_atime_to_ts(inode2, ts1);
326
327 ts1 = inode_get_mtime(inode1);
328 ts2 = inode_get_mtime(inode2);
329 inode_set_mtime_to_ts(inode1, ts2);
330 inode_set_mtime_to_ts(inode2, ts1);
331
332 memswap(ei1->i_data, ei2->i_data, sizeof(ei1->i_data));
333 tmp = ei1->i_flags & EXT4_FL_SHOULD_SWAP;
334 ei1->i_flags = (ei2->i_flags & EXT4_FL_SHOULD_SWAP) |
335 (ei1->i_flags & ~EXT4_FL_SHOULD_SWAP);
336 ei2->i_flags = tmp | (ei2->i_flags & ~EXT4_FL_SHOULD_SWAP);
337 swap(ei1->i_disksize, ei2->i_disksize);
338 ext4_es_remove_extent(inode1, 0, EXT_MAX_BLOCKS);
339 ext4_es_remove_extent(inode2, 0, EXT_MAX_BLOCKS);
340
341 isize = i_size_read(inode1);
342 i_size_write(inode1, i_size_read(inode2));
343 i_size_write(inode2, isize);
344}
345
346void ext4_reset_inode_seed(struct inode *inode)
347{
348 struct ext4_inode_info *ei = EXT4_I(inode);
349 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
350 __le32 inum = cpu_to_le32(inode->i_ino);
351 __le32 gen = cpu_to_le32(inode->i_generation);
352 __u32 csum;
353
354 if (!ext4_has_metadata_csum(inode->i_sb))
355 return;
356
357 csum = ext4_chksum(sbi, sbi->s_csum_seed, (__u8 *)&inum, sizeof(inum));
358 ei->i_csum_seed = ext4_chksum(sbi, csum, (__u8 *)&gen, sizeof(gen));
359}
360
361/*
362 * Swap the information from the given @inode and the inode
363 * EXT4_BOOT_LOADER_INO. It will basically swap i_data and all other
364 * important fields of the inodes.
365 *
366 * @sb: the super block of the filesystem
367 * @idmap: idmap of the mount the inode was found from
368 * @inode: the inode to swap with EXT4_BOOT_LOADER_INO
369 *
370 */
371static long swap_inode_boot_loader(struct super_block *sb,
372 struct mnt_idmap *idmap,
373 struct inode *inode)
374{
375 handle_t *handle;
376 int err;
377 struct inode *inode_bl;
378 struct ext4_inode_info *ei_bl;
379 qsize_t size, size_bl, diff;
380 blkcnt_t blocks;
381 unsigned short bytes;
382
383 inode_bl = ext4_iget(sb, EXT4_BOOT_LOADER_INO,
384 EXT4_IGET_SPECIAL | EXT4_IGET_BAD);
385 if (IS_ERR(inode_bl))
386 return PTR_ERR(inode_bl);
387 ei_bl = EXT4_I(inode_bl);
388
389 /* Protect orig inodes against a truncate and make sure,
390 * that only 1 swap_inode_boot_loader is running. */
391 lock_two_nondirectories(inode, inode_bl);
392
393 if (inode->i_nlink != 1 || !S_ISREG(inode->i_mode) ||
394 IS_SWAPFILE(inode) || IS_ENCRYPTED(inode) ||
395 (EXT4_I(inode)->i_flags & EXT4_JOURNAL_DATA_FL) ||
396 ext4_has_inline_data(inode)) {
397 err = -EINVAL;
398 goto journal_err_out;
399 }
400
401 if (IS_RDONLY(inode) || IS_APPEND(inode) || IS_IMMUTABLE(inode) ||
402 !inode_owner_or_capable(idmap, inode) ||
403 !capable(CAP_SYS_ADMIN)) {
404 err = -EPERM;
405 goto journal_err_out;
406 }
407
408 filemap_invalidate_lock(inode->i_mapping);
409 err = filemap_write_and_wait(inode->i_mapping);
410 if (err)
411 goto err_out;
412
413 err = filemap_write_and_wait(inode_bl->i_mapping);
414 if (err)
415 goto err_out;
416
417 /* Wait for all existing dio workers */
418 inode_dio_wait(inode);
419 inode_dio_wait(inode_bl);
420
421 truncate_inode_pages(&inode->i_data, 0);
422 truncate_inode_pages(&inode_bl->i_data, 0);
423
424 handle = ext4_journal_start(inode_bl, EXT4_HT_MOVE_EXTENTS, 2);
425 if (IS_ERR(handle)) {
426 err = -EINVAL;
427 goto err_out;
428 }
429 ext4_fc_mark_ineligible(sb, EXT4_FC_REASON_SWAP_BOOT, handle);
430
431 /* Protect extent tree against block allocations via delalloc */
432 ext4_double_down_write_data_sem(inode, inode_bl);
433
434 if (is_bad_inode(inode_bl) || !S_ISREG(inode_bl->i_mode)) {
435 /* this inode has never been used as a BOOT_LOADER */
436 set_nlink(inode_bl, 1);
437 i_uid_write(inode_bl, 0);
438 i_gid_write(inode_bl, 0);
439 inode_bl->i_flags = 0;
440 ei_bl->i_flags = 0;
441 inode_set_iversion(inode_bl, 1);
442 i_size_write(inode_bl, 0);
443 EXT4_I(inode_bl)->i_disksize = inode_bl->i_size;
444 inode_bl->i_mode = S_IFREG;
445 if (ext4_has_feature_extents(sb)) {
446 ext4_set_inode_flag(inode_bl, EXT4_INODE_EXTENTS);
447 ext4_ext_tree_init(handle, inode_bl);
448 } else
449 memset(ei_bl->i_data, 0, sizeof(ei_bl->i_data));
450 }
451
452 err = dquot_initialize(inode);
453 if (err)
454 goto err_out1;
455
456 size = (qsize_t)(inode->i_blocks) * (1 << 9) + inode->i_bytes;
457 size_bl = (qsize_t)(inode_bl->i_blocks) * (1 << 9) + inode_bl->i_bytes;
458 diff = size - size_bl;
459 swap_inode_data(inode, inode_bl);
460
461 inode_set_ctime_current(inode);
462 inode_set_ctime_current(inode_bl);
463 inode_inc_iversion(inode);
464
465 inode->i_generation = get_random_u32();
466 inode_bl->i_generation = get_random_u32();
467 ext4_reset_inode_seed(inode);
468 ext4_reset_inode_seed(inode_bl);
469
470 ext4_discard_preallocations(inode);
471
472 err = ext4_mark_inode_dirty(handle, inode);
473 if (err < 0) {
474 /* No need to update quota information. */
475 ext4_warning(inode->i_sb,
476 "couldn't mark inode #%lu dirty (err %d)",
477 inode->i_ino, err);
478 /* Revert all changes: */
479 swap_inode_data(inode, inode_bl);
480 ext4_mark_inode_dirty(handle, inode);
481 goto err_out1;
482 }
483
484 blocks = inode_bl->i_blocks;
485 bytes = inode_bl->i_bytes;
486 inode_bl->i_blocks = inode->i_blocks;
487 inode_bl->i_bytes = inode->i_bytes;
488 err = ext4_mark_inode_dirty(handle, inode_bl);
489 if (err < 0) {
490 /* No need to update quota information. */
491 ext4_warning(inode_bl->i_sb,
492 "couldn't mark inode #%lu dirty (err %d)",
493 inode_bl->i_ino, err);
494 goto revert;
495 }
496
497 /* Bootloader inode should not be counted into quota information. */
498 if (diff > 0)
499 dquot_free_space(inode, diff);
500 else
501 err = dquot_alloc_space(inode, -1 * diff);
502
503 if (err < 0) {
504revert:
505 /* Revert all changes: */
506 inode_bl->i_blocks = blocks;
507 inode_bl->i_bytes = bytes;
508 swap_inode_data(inode, inode_bl);
509 ext4_mark_inode_dirty(handle, inode);
510 ext4_mark_inode_dirty(handle, inode_bl);
511 }
512
513err_out1:
514 ext4_journal_stop(handle);
515 ext4_double_up_write_data_sem(inode, inode_bl);
516
517err_out:
518 filemap_invalidate_unlock(inode->i_mapping);
519journal_err_out:
520 unlock_two_nondirectories(inode, inode_bl);
521 iput(inode_bl);
522 return err;
523}
524
525/*
526 * If immutable is set and we are not clearing it, we're not allowed to change
527 * anything else in the inode. Don't error out if we're only trying to set
528 * immutable on an immutable file.
529 */
530static int ext4_ioctl_check_immutable(struct inode *inode, __u32 new_projid,
531 unsigned int flags)
532{
533 struct ext4_inode_info *ei = EXT4_I(inode);
534 unsigned int oldflags = ei->i_flags;
535
536 if (!(oldflags & EXT4_IMMUTABLE_FL) || !(flags & EXT4_IMMUTABLE_FL))
537 return 0;
538
539 if ((oldflags & ~EXT4_IMMUTABLE_FL) != (flags & ~EXT4_IMMUTABLE_FL))
540 return -EPERM;
541 if (ext4_has_feature_project(inode->i_sb) &&
542 __kprojid_val(ei->i_projid) != new_projid)
543 return -EPERM;
544
545 return 0;
546}
547
548static void ext4_dax_dontcache(struct inode *inode, unsigned int flags)
549{
550 struct ext4_inode_info *ei = EXT4_I(inode);
551
552 if (S_ISDIR(inode->i_mode))
553 return;
554
555 if (test_opt2(inode->i_sb, DAX_NEVER) ||
556 test_opt(inode->i_sb, DAX_ALWAYS))
557 return;
558
559 if ((ei->i_flags ^ flags) & EXT4_DAX_FL)
560 d_mark_dontcache(inode);
561}
562
563static bool dax_compatible(struct inode *inode, unsigned int oldflags,
564 unsigned int flags)
565{
566 /* Allow the DAX flag to be changed on inline directories */
567 if (S_ISDIR(inode->i_mode)) {
568 flags &= ~EXT4_INLINE_DATA_FL;
569 oldflags &= ~EXT4_INLINE_DATA_FL;
570 }
571
572 if (flags & EXT4_DAX_FL) {
573 if ((oldflags & EXT4_DAX_MUT_EXCL) ||
574 ext4_test_inode_state(inode,
575 EXT4_STATE_VERITY_IN_PROGRESS)) {
576 return false;
577 }
578 }
579
580 if ((flags & EXT4_DAX_MUT_EXCL) && (oldflags & EXT4_DAX_FL))
581 return false;
582
583 return true;
584}
585
586static int ext4_ioctl_setflags(struct inode *inode,
587 unsigned int flags)
588{
589 struct ext4_inode_info *ei = EXT4_I(inode);
590 handle_t *handle = NULL;
591 int err = -EPERM, migrate = 0;
592 struct ext4_iloc iloc;
593 unsigned int oldflags, mask, i;
594 struct super_block *sb = inode->i_sb;
595
596 /* Is it quota file? Do not allow user to mess with it */
597 if (ext4_is_quota_file(inode))
598 goto flags_out;
599
600 oldflags = ei->i_flags;
601 /*
602 * The JOURNAL_DATA flag can only be changed by
603 * the relevant capability.
604 */
605 if ((flags ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
606 if (!capable(CAP_SYS_RESOURCE))
607 goto flags_out;
608 }
609
610 if (!dax_compatible(inode, oldflags, flags)) {
611 err = -EOPNOTSUPP;
612 goto flags_out;
613 }
614
615 if ((flags ^ oldflags) & EXT4_EXTENTS_FL)
616 migrate = 1;
617
618 if ((flags ^ oldflags) & EXT4_CASEFOLD_FL) {
619 if (!ext4_has_feature_casefold(sb)) {
620 err = -EOPNOTSUPP;
621 goto flags_out;
622 }
623
624 if (!S_ISDIR(inode->i_mode)) {
625 err = -ENOTDIR;
626 goto flags_out;
627 }
628
629 if (!ext4_empty_dir(inode)) {
630 err = -ENOTEMPTY;
631 goto flags_out;
632 }
633 }
634
635 /*
636 * Wait for all pending directio and then flush all the dirty pages
637 * for this file. The flush marks all the pages readonly, so any
638 * subsequent attempt to write to the file (particularly mmap pages)
639 * will come through the filesystem and fail.
640 */
641 if (S_ISREG(inode->i_mode) && !IS_IMMUTABLE(inode) &&
642 (flags & EXT4_IMMUTABLE_FL)) {
643 inode_dio_wait(inode);
644 err = filemap_write_and_wait(inode->i_mapping);
645 if (err)
646 goto flags_out;
647 }
648
649 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
650 if (IS_ERR(handle)) {
651 err = PTR_ERR(handle);
652 goto flags_out;
653 }
654 if (IS_SYNC(inode))
655 ext4_handle_sync(handle);
656 err = ext4_reserve_inode_write(handle, inode, &iloc);
657 if (err)
658 goto flags_err;
659
660 ext4_dax_dontcache(inode, flags);
661
662 for (i = 0, mask = 1; i < 32; i++, mask <<= 1) {
663 if (!(mask & EXT4_FL_USER_MODIFIABLE))
664 continue;
665 /* These flags get special treatment later */
666 if (mask == EXT4_JOURNAL_DATA_FL || mask == EXT4_EXTENTS_FL)
667 continue;
668 if (mask & flags)
669 ext4_set_inode_flag(inode, i);
670 else
671 ext4_clear_inode_flag(inode, i);
672 }
673
674 ext4_set_inode_flags(inode, false);
675
676 inode_set_ctime_current(inode);
677 inode_inc_iversion(inode);
678
679 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
680flags_err:
681 ext4_journal_stop(handle);
682 if (err)
683 goto flags_out;
684
685 if ((flags ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
686 /*
687 * Changes to the journaling mode can cause unsafe changes to
688 * S_DAX if the inode is DAX
689 */
690 if (IS_DAX(inode)) {
691 err = -EBUSY;
692 goto flags_out;
693 }
694
695 err = ext4_change_inode_journal_flag(inode,
696 flags & EXT4_JOURNAL_DATA_FL);
697 if (err)
698 goto flags_out;
699 }
700 if (migrate) {
701 if (flags & EXT4_EXTENTS_FL)
702 err = ext4_ext_migrate(inode);
703 else
704 err = ext4_ind_migrate(inode);
705 }
706
707flags_out:
708 return err;
709}
710
711#ifdef CONFIG_QUOTA
712static int ext4_ioctl_setproject(struct inode *inode, __u32 projid)
713{
714 struct super_block *sb = inode->i_sb;
715 struct ext4_inode_info *ei = EXT4_I(inode);
716 int err, rc;
717 handle_t *handle;
718 kprojid_t kprojid;
719 struct ext4_iloc iloc;
720 struct ext4_inode *raw_inode;
721 struct dquot *transfer_to[MAXQUOTAS] = { };
722
723 if (!ext4_has_feature_project(sb)) {
724 if (projid != EXT4_DEF_PROJID)
725 return -EOPNOTSUPP;
726 else
727 return 0;
728 }
729
730 if (EXT4_INODE_SIZE(sb) <= EXT4_GOOD_OLD_INODE_SIZE)
731 return -EOPNOTSUPP;
732
733 kprojid = make_kprojid(&init_user_ns, (projid_t)projid);
734
735 if (projid_eq(kprojid, EXT4_I(inode)->i_projid))
736 return 0;
737
738 err = -EPERM;
739 /* Is it quota file? Do not allow user to mess with it */
740 if (ext4_is_quota_file(inode))
741 return err;
742
743 err = dquot_initialize(inode);
744 if (err)
745 return err;
746
747 err = ext4_get_inode_loc(inode, &iloc);
748 if (err)
749 return err;
750
751 raw_inode = ext4_raw_inode(&iloc);
752 if (!EXT4_FITS_IN_INODE(raw_inode, ei, i_projid)) {
753 err = ext4_expand_extra_isize(inode,
754 EXT4_SB(sb)->s_want_extra_isize,
755 &iloc);
756 if (err)
757 return err;
758 } else {
759 brelse(iloc.bh);
760 }
761
762 handle = ext4_journal_start(inode, EXT4_HT_QUOTA,
763 EXT4_QUOTA_INIT_BLOCKS(sb) +
764 EXT4_QUOTA_DEL_BLOCKS(sb) + 3);
765 if (IS_ERR(handle))
766 return PTR_ERR(handle);
767
768 err = ext4_reserve_inode_write(handle, inode, &iloc);
769 if (err)
770 goto out_stop;
771
772 transfer_to[PRJQUOTA] = dqget(sb, make_kqid_projid(kprojid));
773 if (!IS_ERR(transfer_to[PRJQUOTA])) {
774
775 /* __dquot_transfer() calls back ext4_get_inode_usage() which
776 * counts xattr inode references.
777 */
778 down_read(&EXT4_I(inode)->xattr_sem);
779 err = __dquot_transfer(inode, transfer_to);
780 up_read(&EXT4_I(inode)->xattr_sem);
781 dqput(transfer_to[PRJQUOTA]);
782 if (err)
783 goto out_dirty;
784 }
785
786 EXT4_I(inode)->i_projid = kprojid;
787 inode_set_ctime_current(inode);
788 inode_inc_iversion(inode);
789out_dirty:
790 rc = ext4_mark_iloc_dirty(handle, inode, &iloc);
791 if (!err)
792 err = rc;
793out_stop:
794 ext4_journal_stop(handle);
795 return err;
796}
797#else
798static int ext4_ioctl_setproject(struct inode *inode, __u32 projid)
799{
800 if (projid != EXT4_DEF_PROJID)
801 return -EOPNOTSUPP;
802 return 0;
803}
804#endif
805
806int ext4_force_shutdown(struct super_block *sb, u32 flags)
807{
808 struct ext4_sb_info *sbi = EXT4_SB(sb);
809 int ret;
810
811 if (flags > EXT4_GOING_FLAGS_NOLOGFLUSH)
812 return -EINVAL;
813
814 if (ext4_forced_shutdown(sb))
815 return 0;
816
817 ext4_msg(sb, KERN_ALERT, "shut down requested (%d)", flags);
818 trace_ext4_shutdown(sb, flags);
819
820 switch (flags) {
821 case EXT4_GOING_FLAGS_DEFAULT:
822 ret = bdev_freeze(sb->s_bdev);
823 if (ret)
824 return ret;
825 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
826 bdev_thaw(sb->s_bdev);
827 break;
828 case EXT4_GOING_FLAGS_LOGFLUSH:
829 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
830 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) {
831 (void) ext4_force_commit(sb);
832 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
833 }
834 break;
835 case EXT4_GOING_FLAGS_NOLOGFLUSH:
836 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
837 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal))
838 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
839 break;
840 default:
841 return -EINVAL;
842 }
843 clear_opt(sb, DISCARD);
844 return 0;
845}
846
847static int ext4_ioctl_shutdown(struct super_block *sb, unsigned long arg)
848{
849 u32 flags;
850
851 if (!capable(CAP_SYS_ADMIN))
852 return -EPERM;
853
854 if (get_user(flags, (__u32 __user *)arg))
855 return -EFAULT;
856
857 return ext4_force_shutdown(sb, flags);
858}
859
860struct getfsmap_info {
861 struct super_block *gi_sb;
862 struct fsmap_head __user *gi_data;
863 unsigned int gi_idx;
864 __u32 gi_last_flags;
865};
866
867static int ext4_getfsmap_format(struct ext4_fsmap *xfm, void *priv)
868{
869 struct getfsmap_info *info = priv;
870 struct fsmap fm;
871
872 trace_ext4_getfsmap_mapping(info->gi_sb, xfm);
873
874 info->gi_last_flags = xfm->fmr_flags;
875 ext4_fsmap_from_internal(info->gi_sb, &fm, xfm);
876 if (copy_to_user(&info->gi_data->fmh_recs[info->gi_idx++], &fm,
877 sizeof(struct fsmap)))
878 return -EFAULT;
879
880 return 0;
881}
882
883static int ext4_ioc_getfsmap(struct super_block *sb,
884 struct fsmap_head __user *arg)
885{
886 struct getfsmap_info info = { NULL };
887 struct ext4_fsmap_head xhead = {0};
888 struct fsmap_head head;
889 bool aborted = false;
890 int error;
891
892 if (copy_from_user(&head, arg, sizeof(struct fsmap_head)))
893 return -EFAULT;
894 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) ||
895 memchr_inv(head.fmh_keys[0].fmr_reserved, 0,
896 sizeof(head.fmh_keys[0].fmr_reserved)) ||
897 memchr_inv(head.fmh_keys[1].fmr_reserved, 0,
898 sizeof(head.fmh_keys[1].fmr_reserved)))
899 return -EINVAL;
900 /*
901 * ext4 doesn't report file extents at all, so the only valid
902 * file offsets are the magic ones (all zeroes or all ones).
903 */
904 if (head.fmh_keys[0].fmr_offset ||
905 (head.fmh_keys[1].fmr_offset != 0 &&
906 head.fmh_keys[1].fmr_offset != -1ULL))
907 return -EINVAL;
908
909 xhead.fmh_iflags = head.fmh_iflags;
910 xhead.fmh_count = head.fmh_count;
911 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[0], &head.fmh_keys[0]);
912 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[1], &head.fmh_keys[1]);
913
914 trace_ext4_getfsmap_low_key(sb, &xhead.fmh_keys[0]);
915 trace_ext4_getfsmap_high_key(sb, &xhead.fmh_keys[1]);
916
917 info.gi_sb = sb;
918 info.gi_data = arg;
919 error = ext4_getfsmap(sb, &xhead, ext4_getfsmap_format, &info);
920 if (error == EXT4_QUERY_RANGE_ABORT)
921 aborted = true;
922 else if (error)
923 return error;
924
925 /* If we didn't abort, set the "last" flag in the last fmx */
926 if (!aborted && info.gi_idx) {
927 info.gi_last_flags |= FMR_OF_LAST;
928 if (copy_to_user(&info.gi_data->fmh_recs[info.gi_idx - 1].fmr_flags,
929 &info.gi_last_flags,
930 sizeof(info.gi_last_flags)))
931 return -EFAULT;
932 }
933
934 /* copy back header */
935 head.fmh_entries = xhead.fmh_entries;
936 head.fmh_oflags = xhead.fmh_oflags;
937 if (copy_to_user(arg, &head, sizeof(struct fsmap_head)))
938 return -EFAULT;
939
940 return 0;
941}
942
943static long ext4_ioctl_group_add(struct file *file,
944 struct ext4_new_group_data *input)
945{
946 struct super_block *sb = file_inode(file)->i_sb;
947 int err, err2=0;
948
949 err = ext4_resize_begin(sb);
950 if (err)
951 return err;
952
953 if (ext4_has_feature_bigalloc(sb)) {
954 ext4_msg(sb, KERN_ERR,
955 "Online resizing not supported with bigalloc");
956 err = -EOPNOTSUPP;
957 goto group_add_out;
958 }
959
960 err = mnt_want_write_file(file);
961 if (err)
962 goto group_add_out;
963
964 err = ext4_group_add(sb, input);
965 if (EXT4_SB(sb)->s_journal) {
966 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
967 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal, 0);
968 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
969 }
970 if (err == 0)
971 err = err2;
972 mnt_drop_write_file(file);
973 if (!err && ext4_has_group_desc_csum(sb) &&
974 test_opt(sb, INIT_INODE_TABLE))
975 err = ext4_register_li_request(sb, input->group);
976group_add_out:
977 err2 = ext4_resize_end(sb, false);
978 if (err == 0)
979 err = err2;
980 return err;
981}
982
983int ext4_fileattr_get(struct dentry *dentry, struct fileattr *fa)
984{
985 struct inode *inode = d_inode(dentry);
986 struct ext4_inode_info *ei = EXT4_I(inode);
987 u32 flags = ei->i_flags & EXT4_FL_USER_VISIBLE;
988
989 if (S_ISREG(inode->i_mode))
990 flags &= ~FS_PROJINHERIT_FL;
991
992 fileattr_fill_flags(fa, flags);
993 if (ext4_has_feature_project(inode->i_sb))
994 fa->fsx_projid = from_kprojid(&init_user_ns, ei->i_projid);
995
996 return 0;
997}
998
999int ext4_fileattr_set(struct mnt_idmap *idmap,
1000 struct dentry *dentry, struct fileattr *fa)
1001{
1002 struct inode *inode = d_inode(dentry);
1003 u32 flags = fa->flags;
1004 int err = -EOPNOTSUPP;
1005
1006 if (flags & ~EXT4_FL_USER_VISIBLE)
1007 goto out;
1008
1009 /*
1010 * chattr(1) grabs flags via GETFLAGS, modifies the result and
1011 * passes that to SETFLAGS. So we cannot easily make SETFLAGS
1012 * more restrictive than just silently masking off visible but
1013 * not settable flags as we always did.
1014 */
1015 flags &= EXT4_FL_USER_MODIFIABLE;
1016 if (ext4_mask_flags(inode->i_mode, flags) != flags)
1017 goto out;
1018 err = ext4_ioctl_check_immutable(inode, fa->fsx_projid, flags);
1019 if (err)
1020 goto out;
1021 err = ext4_ioctl_setflags(inode, flags);
1022 if (err)
1023 goto out;
1024 err = ext4_ioctl_setproject(inode, fa->fsx_projid);
1025out:
1026 return err;
1027}
1028
1029/* So that the fiemap access checks can't overflow on 32 bit machines. */
1030#define FIEMAP_MAX_EXTENTS (UINT_MAX / sizeof(struct fiemap_extent))
1031
1032static int ext4_ioctl_get_es_cache(struct file *filp, unsigned long arg)
1033{
1034 struct fiemap fiemap;
1035 struct fiemap __user *ufiemap = (struct fiemap __user *) arg;
1036 struct fiemap_extent_info fieinfo = { 0, };
1037 struct inode *inode = file_inode(filp);
1038 int error;
1039
1040 if (copy_from_user(&fiemap, ufiemap, sizeof(fiemap)))
1041 return -EFAULT;
1042
1043 if (fiemap.fm_extent_count > FIEMAP_MAX_EXTENTS)
1044 return -EINVAL;
1045
1046 fieinfo.fi_flags = fiemap.fm_flags;
1047 fieinfo.fi_extents_max = fiemap.fm_extent_count;
1048 fieinfo.fi_extents_start = ufiemap->fm_extents;
1049
1050 error = ext4_get_es_cache(inode, &fieinfo, fiemap.fm_start,
1051 fiemap.fm_length);
1052 fiemap.fm_flags = fieinfo.fi_flags;
1053 fiemap.fm_mapped_extents = fieinfo.fi_extents_mapped;
1054 if (copy_to_user(ufiemap, &fiemap, sizeof(fiemap)))
1055 error = -EFAULT;
1056
1057 return error;
1058}
1059
1060static int ext4_ioctl_checkpoint(struct file *filp, unsigned long arg)
1061{
1062 int err = 0;
1063 __u32 flags = 0;
1064 unsigned int flush_flags = 0;
1065 struct super_block *sb = file_inode(filp)->i_sb;
1066
1067 if (copy_from_user(&flags, (__u32 __user *)arg,
1068 sizeof(__u32)))
1069 return -EFAULT;
1070
1071 if (!capable(CAP_SYS_ADMIN))
1072 return -EPERM;
1073
1074 /* check for invalid bits set */
1075 if ((flags & ~EXT4_IOC_CHECKPOINT_FLAG_VALID) ||
1076 ((flags & JBD2_JOURNAL_FLUSH_DISCARD) &&
1077 (flags & JBD2_JOURNAL_FLUSH_ZEROOUT)))
1078 return -EINVAL;
1079
1080 if (!EXT4_SB(sb)->s_journal)
1081 return -ENODEV;
1082
1083 if ((flags & JBD2_JOURNAL_FLUSH_DISCARD) &&
1084 !bdev_max_discard_sectors(EXT4_SB(sb)->s_journal->j_dev))
1085 return -EOPNOTSUPP;
1086
1087 if (flags & EXT4_IOC_CHECKPOINT_FLAG_DRY_RUN)
1088 return 0;
1089
1090 if (flags & EXT4_IOC_CHECKPOINT_FLAG_DISCARD)
1091 flush_flags |= JBD2_JOURNAL_FLUSH_DISCARD;
1092
1093 if (flags & EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT) {
1094 flush_flags |= JBD2_JOURNAL_FLUSH_ZEROOUT;
1095 pr_info_ratelimited("warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow");
1096 }
1097
1098 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
1099 err = jbd2_journal_flush(EXT4_SB(sb)->s_journal, flush_flags);
1100 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
1101
1102 return err;
1103}
1104
1105static int ext4_ioctl_setlabel(struct file *filp, const char __user *user_label)
1106{
1107 size_t len;
1108 int ret = 0;
1109 char new_label[EXT4_LABEL_MAX + 1];
1110 struct super_block *sb = file_inode(filp)->i_sb;
1111
1112 if (!capable(CAP_SYS_ADMIN))
1113 return -EPERM;
1114
1115 /*
1116 * Copy the maximum length allowed for ext4 label with one more to
1117 * find the required terminating null byte in order to test the
1118 * label length. The on disk label doesn't need to be null terminated.
1119 */
1120 if (copy_from_user(new_label, user_label, EXT4_LABEL_MAX + 1))
1121 return -EFAULT;
1122
1123 len = strnlen(new_label, EXT4_LABEL_MAX + 1);
1124 if (len > EXT4_LABEL_MAX)
1125 return -EINVAL;
1126
1127 /*
1128 * Clear the buffer after the new label
1129 */
1130 memset(new_label + len, 0, EXT4_LABEL_MAX - len);
1131
1132 ret = mnt_want_write_file(filp);
1133 if (ret)
1134 return ret;
1135
1136 ret = ext4_update_superblocks_fn(sb, ext4_sb_setlabel, new_label);
1137
1138 mnt_drop_write_file(filp);
1139 return ret;
1140}
1141
1142static int ext4_ioctl_getlabel(struct ext4_sb_info *sbi, char __user *user_label)
1143{
1144 char label[EXT4_LABEL_MAX + 1];
1145
1146 /*
1147 * EXT4_LABEL_MAX must always be smaller than FSLABEL_MAX because
1148 * FSLABEL_MAX must include terminating null byte, while s_volume_name
1149 * does not have to.
1150 */
1151 BUILD_BUG_ON(EXT4_LABEL_MAX >= FSLABEL_MAX);
1152
1153 lock_buffer(sbi->s_sbh);
1154 memtostr_pad(label, sbi->s_es->s_volume_name);
1155 unlock_buffer(sbi->s_sbh);
1156
1157 if (copy_to_user(user_label, label, sizeof(label)))
1158 return -EFAULT;
1159 return 0;
1160}
1161
1162static int ext4_ioctl_getuuid(struct ext4_sb_info *sbi,
1163 struct fsuuid __user *ufsuuid)
1164{
1165 struct fsuuid fsuuid;
1166 __u8 uuid[UUID_SIZE];
1167
1168 if (copy_from_user(&fsuuid, ufsuuid, sizeof(fsuuid)))
1169 return -EFAULT;
1170
1171 if (fsuuid.fsu_len == 0) {
1172 fsuuid.fsu_len = UUID_SIZE;
1173 if (copy_to_user(&ufsuuid->fsu_len, &fsuuid.fsu_len,
1174 sizeof(fsuuid.fsu_len)))
1175 return -EFAULT;
1176 return 0;
1177 }
1178
1179 if (fsuuid.fsu_len < UUID_SIZE || fsuuid.fsu_flags != 0)
1180 return -EINVAL;
1181
1182 lock_buffer(sbi->s_sbh);
1183 memcpy(uuid, sbi->s_es->s_uuid, UUID_SIZE);
1184 unlock_buffer(sbi->s_sbh);
1185
1186 fsuuid.fsu_len = UUID_SIZE;
1187 if (copy_to_user(ufsuuid, &fsuuid, sizeof(fsuuid)) ||
1188 copy_to_user(&ufsuuid->fsu_uuid[0], uuid, UUID_SIZE))
1189 return -EFAULT;
1190 return 0;
1191}
1192
1193static int ext4_ioctl_setuuid(struct file *filp,
1194 const struct fsuuid __user *ufsuuid)
1195{
1196 int ret = 0;
1197 struct super_block *sb = file_inode(filp)->i_sb;
1198 struct fsuuid fsuuid;
1199 __u8 uuid[UUID_SIZE];
1200
1201 if (!capable(CAP_SYS_ADMIN))
1202 return -EPERM;
1203
1204 /*
1205 * If any checksums (group descriptors or metadata) are being used
1206 * then the checksum seed feature is required to change the UUID.
1207 */
1208 if (((ext4_has_feature_gdt_csum(sb) || ext4_has_metadata_csum(sb))
1209 && !ext4_has_feature_csum_seed(sb))
1210 || ext4_has_feature_stable_inodes(sb))
1211 return -EOPNOTSUPP;
1212
1213 if (copy_from_user(&fsuuid, ufsuuid, sizeof(fsuuid)))
1214 return -EFAULT;
1215
1216 if (fsuuid.fsu_len != UUID_SIZE || fsuuid.fsu_flags != 0)
1217 return -EINVAL;
1218
1219 if (copy_from_user(uuid, &ufsuuid->fsu_uuid[0], UUID_SIZE))
1220 return -EFAULT;
1221
1222 ret = mnt_want_write_file(filp);
1223 if (ret)
1224 return ret;
1225
1226 ret = ext4_update_superblocks_fn(sb, ext4_sb_setuuid, &uuid);
1227 mnt_drop_write_file(filp);
1228
1229 return ret;
1230}
1231
1232static long __ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
1233{
1234 struct inode *inode = file_inode(filp);
1235 struct super_block *sb = inode->i_sb;
1236 struct mnt_idmap *idmap = file_mnt_idmap(filp);
1237
1238 ext4_debug("cmd = %u, arg = %lu\n", cmd, arg);
1239
1240 switch (cmd) {
1241 case FS_IOC_GETFSMAP:
1242 return ext4_ioc_getfsmap(sb, (void __user *)arg);
1243 case EXT4_IOC_GETVERSION:
1244 case EXT4_IOC_GETVERSION_OLD:
1245 return put_user(inode->i_generation, (int __user *) arg);
1246 case EXT4_IOC_SETVERSION:
1247 case EXT4_IOC_SETVERSION_OLD: {
1248 handle_t *handle;
1249 struct ext4_iloc iloc;
1250 __u32 generation;
1251 int err;
1252
1253 if (!inode_owner_or_capable(idmap, inode))
1254 return -EPERM;
1255
1256 if (ext4_has_metadata_csum(inode->i_sb)) {
1257 ext4_warning(sb, "Setting inode version is not "
1258 "supported with metadata_csum enabled.");
1259 return -ENOTTY;
1260 }
1261
1262 err = mnt_want_write_file(filp);
1263 if (err)
1264 return err;
1265 if (get_user(generation, (int __user *) arg)) {
1266 err = -EFAULT;
1267 goto setversion_out;
1268 }
1269
1270 inode_lock(inode);
1271 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
1272 if (IS_ERR(handle)) {
1273 err = PTR_ERR(handle);
1274 goto unlock_out;
1275 }
1276 err = ext4_reserve_inode_write(handle, inode, &iloc);
1277 if (err == 0) {
1278 inode_set_ctime_current(inode);
1279 inode_inc_iversion(inode);
1280 inode->i_generation = generation;
1281 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
1282 }
1283 ext4_journal_stop(handle);
1284
1285unlock_out:
1286 inode_unlock(inode);
1287setversion_out:
1288 mnt_drop_write_file(filp);
1289 return err;
1290 }
1291 case EXT4_IOC_GROUP_EXTEND: {
1292 ext4_fsblk_t n_blocks_count;
1293 int err, err2=0;
1294
1295 err = ext4_resize_begin(sb);
1296 if (err)
1297 return err;
1298
1299 if (get_user(n_blocks_count, (__u32 __user *)arg)) {
1300 err = -EFAULT;
1301 goto group_extend_out;
1302 }
1303
1304 if (ext4_has_feature_bigalloc(sb)) {
1305 ext4_msg(sb, KERN_ERR,
1306 "Online resizing not supported with bigalloc");
1307 err = -EOPNOTSUPP;
1308 goto group_extend_out;
1309 }
1310
1311 err = mnt_want_write_file(filp);
1312 if (err)
1313 goto group_extend_out;
1314
1315 err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count);
1316 if (EXT4_SB(sb)->s_journal) {
1317 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
1318 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal, 0);
1319 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
1320 }
1321 if (err == 0)
1322 err = err2;
1323 mnt_drop_write_file(filp);
1324group_extend_out:
1325 err2 = ext4_resize_end(sb, false);
1326 if (err == 0)
1327 err = err2;
1328 return err;
1329 }
1330
1331 case EXT4_IOC_MOVE_EXT: {
1332 struct move_extent me;
1333 int err;
1334
1335 if (!(filp->f_mode & FMODE_READ) ||
1336 !(filp->f_mode & FMODE_WRITE))
1337 return -EBADF;
1338
1339 if (copy_from_user(&me,
1340 (struct move_extent __user *)arg, sizeof(me)))
1341 return -EFAULT;
1342 me.moved_len = 0;
1343
1344 CLASS(fd, donor)(me.donor_fd);
1345 if (fd_empty(donor))
1346 return -EBADF;
1347
1348 if (!(fd_file(donor)->f_mode & FMODE_WRITE))
1349 return -EBADF;
1350
1351 if (ext4_has_feature_bigalloc(sb)) {
1352 ext4_msg(sb, KERN_ERR,
1353 "Online defrag not supported with bigalloc");
1354 return -EOPNOTSUPP;
1355 } else if (IS_DAX(inode)) {
1356 ext4_msg(sb, KERN_ERR,
1357 "Online defrag not supported with DAX");
1358 return -EOPNOTSUPP;
1359 }
1360
1361 err = mnt_want_write_file(filp);
1362 if (err)
1363 return err;
1364
1365 err = ext4_move_extents(filp, fd_file(donor), me.orig_start,
1366 me.donor_start, me.len, &me.moved_len);
1367 mnt_drop_write_file(filp);
1368
1369 if (copy_to_user((struct move_extent __user *)arg,
1370 &me, sizeof(me)))
1371 err = -EFAULT;
1372 return err;
1373 }
1374
1375 case EXT4_IOC_GROUP_ADD: {
1376 struct ext4_new_group_data input;
1377
1378 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg,
1379 sizeof(input)))
1380 return -EFAULT;
1381
1382 return ext4_ioctl_group_add(filp, &input);
1383 }
1384
1385 case EXT4_IOC_MIGRATE:
1386 {
1387 int err;
1388 if (!inode_owner_or_capable(idmap, inode))
1389 return -EACCES;
1390
1391 err = mnt_want_write_file(filp);
1392 if (err)
1393 return err;
1394 /*
1395 * inode_mutex prevent write and truncate on the file.
1396 * Read still goes through. We take i_data_sem in
1397 * ext4_ext_swap_inode_data before we switch the
1398 * inode format to prevent read.
1399 */
1400 inode_lock((inode));
1401 err = ext4_ext_migrate(inode);
1402 inode_unlock((inode));
1403 mnt_drop_write_file(filp);
1404 return err;
1405 }
1406
1407 case EXT4_IOC_ALLOC_DA_BLKS:
1408 {
1409 int err;
1410 if (!inode_owner_or_capable(idmap, inode))
1411 return -EACCES;
1412
1413 err = mnt_want_write_file(filp);
1414 if (err)
1415 return err;
1416 err = ext4_alloc_da_blocks(inode);
1417 mnt_drop_write_file(filp);
1418 return err;
1419 }
1420
1421 case EXT4_IOC_SWAP_BOOT:
1422 {
1423 int err;
1424 if (!(filp->f_mode & FMODE_WRITE))
1425 return -EBADF;
1426 err = mnt_want_write_file(filp);
1427 if (err)
1428 return err;
1429 err = swap_inode_boot_loader(sb, idmap, inode);
1430 mnt_drop_write_file(filp);
1431 return err;
1432 }
1433
1434 case EXT4_IOC_RESIZE_FS: {
1435 ext4_fsblk_t n_blocks_count;
1436 int err = 0, err2 = 0;
1437 ext4_group_t o_group = EXT4_SB(sb)->s_groups_count;
1438
1439 if (copy_from_user(&n_blocks_count, (__u64 __user *)arg,
1440 sizeof(__u64))) {
1441 return -EFAULT;
1442 }
1443
1444 err = ext4_resize_begin(sb);
1445 if (err)
1446 return err;
1447
1448 err = mnt_want_write_file(filp);
1449 if (err)
1450 goto resizefs_out;
1451
1452 err = ext4_resize_fs(sb, n_blocks_count);
1453 if (EXT4_SB(sb)->s_journal) {
1454 ext4_fc_mark_ineligible(sb, EXT4_FC_REASON_RESIZE, NULL);
1455 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
1456 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal, 0);
1457 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
1458 }
1459 if (err == 0)
1460 err = err2;
1461 mnt_drop_write_file(filp);
1462 if (!err && (o_group < EXT4_SB(sb)->s_groups_count) &&
1463 ext4_has_group_desc_csum(sb) &&
1464 test_opt(sb, INIT_INODE_TABLE))
1465 err = ext4_register_li_request(sb, o_group);
1466
1467resizefs_out:
1468 err2 = ext4_resize_end(sb, true);
1469 if (err == 0)
1470 err = err2;
1471 return err;
1472 }
1473
1474 case FITRIM:
1475 {
1476 struct fstrim_range range;
1477 int ret = 0;
1478
1479 if (!capable(CAP_SYS_ADMIN))
1480 return -EPERM;
1481
1482 if (!bdev_max_discard_sectors(sb->s_bdev))
1483 return -EOPNOTSUPP;
1484
1485 /*
1486 * We haven't replayed the journal, so we cannot use our
1487 * block-bitmap-guided storage zapping commands.
1488 */
1489 if (test_opt(sb, NOLOAD) && ext4_has_feature_journal(sb))
1490 return -EROFS;
1491
1492 if (copy_from_user(&range, (struct fstrim_range __user *)arg,
1493 sizeof(range)))
1494 return -EFAULT;
1495
1496 ret = ext4_trim_fs(sb, &range);
1497 if (ret < 0)
1498 return ret;
1499
1500 if (copy_to_user((struct fstrim_range __user *)arg, &range,
1501 sizeof(range)))
1502 return -EFAULT;
1503
1504 return 0;
1505 }
1506 case EXT4_IOC_PRECACHE_EXTENTS:
1507 return ext4_ext_precache(inode);
1508
1509 case FS_IOC_SET_ENCRYPTION_POLICY:
1510 if (!ext4_has_feature_encrypt(sb))
1511 return -EOPNOTSUPP;
1512 return fscrypt_ioctl_set_policy(filp, (const void __user *)arg);
1513
1514 case FS_IOC_GET_ENCRYPTION_PWSALT:
1515 return ext4_ioctl_get_encryption_pwsalt(filp, (void __user *)arg);
1516
1517 case FS_IOC_GET_ENCRYPTION_POLICY:
1518 if (!ext4_has_feature_encrypt(sb))
1519 return -EOPNOTSUPP;
1520 return fscrypt_ioctl_get_policy(filp, (void __user *)arg);
1521
1522 case FS_IOC_GET_ENCRYPTION_POLICY_EX:
1523 if (!ext4_has_feature_encrypt(sb))
1524 return -EOPNOTSUPP;
1525 return fscrypt_ioctl_get_policy_ex(filp, (void __user *)arg);
1526
1527 case FS_IOC_ADD_ENCRYPTION_KEY:
1528 if (!ext4_has_feature_encrypt(sb))
1529 return -EOPNOTSUPP;
1530 return fscrypt_ioctl_add_key(filp, (void __user *)arg);
1531
1532 case FS_IOC_REMOVE_ENCRYPTION_KEY:
1533 if (!ext4_has_feature_encrypt(sb))
1534 return -EOPNOTSUPP;
1535 return fscrypt_ioctl_remove_key(filp, (void __user *)arg);
1536
1537 case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
1538 if (!ext4_has_feature_encrypt(sb))
1539 return -EOPNOTSUPP;
1540 return fscrypt_ioctl_remove_key_all_users(filp,
1541 (void __user *)arg);
1542 case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
1543 if (!ext4_has_feature_encrypt(sb))
1544 return -EOPNOTSUPP;
1545 return fscrypt_ioctl_get_key_status(filp, (void __user *)arg);
1546
1547 case FS_IOC_GET_ENCRYPTION_NONCE:
1548 if (!ext4_has_feature_encrypt(sb))
1549 return -EOPNOTSUPP;
1550 return fscrypt_ioctl_get_nonce(filp, (void __user *)arg);
1551
1552 case EXT4_IOC_CLEAR_ES_CACHE:
1553 {
1554 if (!inode_owner_or_capable(idmap, inode))
1555 return -EACCES;
1556 ext4_clear_inode_es(inode);
1557 return 0;
1558 }
1559
1560 case EXT4_IOC_GETSTATE:
1561 {
1562 __u32 state = 0;
1563
1564 if (ext4_test_inode_state(inode, EXT4_STATE_EXT_PRECACHED))
1565 state |= EXT4_STATE_FLAG_EXT_PRECACHED;
1566 if (ext4_test_inode_state(inode, EXT4_STATE_NEW))
1567 state |= EXT4_STATE_FLAG_NEW;
1568 if (ext4_test_inode_state(inode, EXT4_STATE_NEWENTRY))
1569 state |= EXT4_STATE_FLAG_NEWENTRY;
1570 if (ext4_test_inode_state(inode, EXT4_STATE_DA_ALLOC_CLOSE))
1571 state |= EXT4_STATE_FLAG_DA_ALLOC_CLOSE;
1572
1573 return put_user(state, (__u32 __user *) arg);
1574 }
1575
1576 case EXT4_IOC_GET_ES_CACHE:
1577 return ext4_ioctl_get_es_cache(filp, arg);
1578
1579 case EXT4_IOC_SHUTDOWN:
1580 return ext4_ioctl_shutdown(sb, arg);
1581
1582 case FS_IOC_ENABLE_VERITY:
1583 if (!ext4_has_feature_verity(sb))
1584 return -EOPNOTSUPP;
1585 return fsverity_ioctl_enable(filp, (const void __user *)arg);
1586
1587 case FS_IOC_MEASURE_VERITY:
1588 if (!ext4_has_feature_verity(sb))
1589 return -EOPNOTSUPP;
1590 return fsverity_ioctl_measure(filp, (void __user *)arg);
1591
1592 case FS_IOC_READ_VERITY_METADATA:
1593 if (!ext4_has_feature_verity(sb))
1594 return -EOPNOTSUPP;
1595 return fsverity_ioctl_read_metadata(filp,
1596 (const void __user *)arg);
1597
1598 case EXT4_IOC_CHECKPOINT:
1599 return ext4_ioctl_checkpoint(filp, arg);
1600
1601 case FS_IOC_GETFSLABEL:
1602 return ext4_ioctl_getlabel(EXT4_SB(sb), (void __user *)arg);
1603
1604 case FS_IOC_SETFSLABEL:
1605 return ext4_ioctl_setlabel(filp,
1606 (const void __user *)arg);
1607
1608 case EXT4_IOC_GETFSUUID:
1609 return ext4_ioctl_getuuid(EXT4_SB(sb), (void __user *)arg);
1610 case EXT4_IOC_SETFSUUID:
1611 return ext4_ioctl_setuuid(filp, (const void __user *)arg);
1612 default:
1613 return -ENOTTY;
1614 }
1615}
1616
1617long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
1618{
1619 return __ext4_ioctl(filp, cmd, arg);
1620}
1621
1622#ifdef CONFIG_COMPAT
1623long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1624{
1625 /* These are just misnamed, they actually get/put from/to user an int */
1626 switch (cmd) {
1627 case EXT4_IOC32_GETVERSION:
1628 cmd = EXT4_IOC_GETVERSION;
1629 break;
1630 case EXT4_IOC32_SETVERSION:
1631 cmd = EXT4_IOC_SETVERSION;
1632 break;
1633 case EXT4_IOC32_GROUP_EXTEND:
1634 cmd = EXT4_IOC_GROUP_EXTEND;
1635 break;
1636 case EXT4_IOC32_GETVERSION_OLD:
1637 cmd = EXT4_IOC_GETVERSION_OLD;
1638 break;
1639 case EXT4_IOC32_SETVERSION_OLD:
1640 cmd = EXT4_IOC_SETVERSION_OLD;
1641 break;
1642 case EXT4_IOC32_GETRSVSZ:
1643 cmd = EXT4_IOC_GETRSVSZ;
1644 break;
1645 case EXT4_IOC32_SETRSVSZ:
1646 cmd = EXT4_IOC_SETRSVSZ;
1647 break;
1648 case EXT4_IOC32_GROUP_ADD: {
1649 struct compat_ext4_new_group_input __user *uinput;
1650 struct ext4_new_group_data input;
1651 int err;
1652
1653 uinput = compat_ptr(arg);
1654 err = get_user(input.group, &uinput->group);
1655 err |= get_user(input.block_bitmap, &uinput->block_bitmap);
1656 err |= get_user(input.inode_bitmap, &uinput->inode_bitmap);
1657 err |= get_user(input.inode_table, &uinput->inode_table);
1658 err |= get_user(input.blocks_count, &uinput->blocks_count);
1659 err |= get_user(input.reserved_blocks,
1660 &uinput->reserved_blocks);
1661 if (err)
1662 return -EFAULT;
1663 return ext4_ioctl_group_add(file, &input);
1664 }
1665 case EXT4_IOC_MOVE_EXT:
1666 case EXT4_IOC_RESIZE_FS:
1667 case FITRIM:
1668 case EXT4_IOC_PRECACHE_EXTENTS:
1669 case FS_IOC_SET_ENCRYPTION_POLICY:
1670 case FS_IOC_GET_ENCRYPTION_PWSALT:
1671 case FS_IOC_GET_ENCRYPTION_POLICY:
1672 case FS_IOC_GET_ENCRYPTION_POLICY_EX:
1673 case FS_IOC_ADD_ENCRYPTION_KEY:
1674 case FS_IOC_REMOVE_ENCRYPTION_KEY:
1675 case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
1676 case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
1677 case FS_IOC_GET_ENCRYPTION_NONCE:
1678 case EXT4_IOC_SHUTDOWN:
1679 case FS_IOC_GETFSMAP:
1680 case FS_IOC_ENABLE_VERITY:
1681 case FS_IOC_MEASURE_VERITY:
1682 case FS_IOC_READ_VERITY_METADATA:
1683 case EXT4_IOC_CLEAR_ES_CACHE:
1684 case EXT4_IOC_GETSTATE:
1685 case EXT4_IOC_GET_ES_CACHE:
1686 case EXT4_IOC_CHECKPOINT:
1687 case FS_IOC_GETFSLABEL:
1688 case FS_IOC_SETFSLABEL:
1689 case EXT4_IOC_GETFSUUID:
1690 case EXT4_IOC_SETFSUUID:
1691 break;
1692 default:
1693 return -ENOIOCTLCMD;
1694 }
1695 return ext4_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
1696}
1697#endif
1698
1699static void set_overhead(struct ext4_super_block *es, const void *arg)
1700{
1701 es->s_overhead_clusters = cpu_to_le32(*((unsigned long *) arg));
1702}
1703
1704int ext4_update_overhead(struct super_block *sb, bool force)
1705{
1706 struct ext4_sb_info *sbi = EXT4_SB(sb);
1707
1708 if (sb_rdonly(sb))
1709 return 0;
1710 if (!force &&
1711 (sbi->s_overhead == 0 ||
1712 sbi->s_overhead == le32_to_cpu(sbi->s_es->s_overhead_clusters)))
1713 return 0;
1714 return ext4_update_superblocks_fn(sb, set_overhead, &sbi->s_overhead);
1715}