1 // SPDX-License-Identifier: GPL-2.0
3 * linux/fs/ext4/ioctl.c
5 * Copyright (C) 1993, 1994, 1995
6 * Remy Card (card@masi.ibp.fr)
7 * Laboratoire MASI - Institut Blaise Pascal
8 * Universite Pierre et Marie Curie (Paris VI)
12 #include <linux/capability.h>
13 #include <linux/time.h>
14 #include <linux/compat.h>
15 #include <linux/mount.h>
16 #include <linux/file.h>
17 #include <linux/quotaops.h>
18 #include <linux/random.h>
19 #include <linux/uuid.h>
20 #include <linux/uaccess.h>
21 #include <linux/delay.h>
22 #include <linux/iversion.h>
23 #include "ext4_jbd2.h"
25 #include <linux/fsmap.h>
27 #include <trace/events/ext4.h>
30 * Swap memory between @a and @b for @len bytes.
32 * @a: pointer to first memory area
33 * @b: pointer to second memory area
34 * @len: number of bytes to swap
37 static void memswap(void *a, void *b, size_t len)
39 unsigned char *ap, *bp;
41 ap = (unsigned char *)a;
42 bp = (unsigned char *)b;
51 * Swap i_data and associated attributes between @inode1 and @inode2.
52 * This function is used for the primary swap between inode1 and inode2
53 * and also to revert this primary swap in case of errors.
55 * Therefore you have to make sure, that calling this method twice
56 * will revert all changes.
58 * @inode1: pointer to first inode
59 * @inode2: pointer to second inode
61 static void swap_inode_data(struct inode *inode1, struct inode *inode2)
64 struct ext4_inode_info *ei1;
65 struct ext4_inode_info *ei2;
71 swap(inode1->i_version, inode2->i_version);
72 swap(inode1->i_atime, inode2->i_atime);
73 swap(inode1->i_mtime, inode2->i_mtime);
75 memswap(ei1->i_data, ei2->i_data, sizeof(ei1->i_data));
76 tmp = ei1->i_flags & EXT4_FL_SHOULD_SWAP;
77 ei1->i_flags = (ei2->i_flags & EXT4_FL_SHOULD_SWAP) |
78 (ei1->i_flags & ~EXT4_FL_SHOULD_SWAP);
79 ei2->i_flags = tmp | (ei2->i_flags & ~EXT4_FL_SHOULD_SWAP);
80 swap(ei1->i_disksize, ei2->i_disksize);
81 ext4_es_remove_extent(inode1, 0, EXT_MAX_BLOCKS);
82 ext4_es_remove_extent(inode2, 0, EXT_MAX_BLOCKS);
84 isize = i_size_read(inode1);
85 i_size_write(inode1, i_size_read(inode2));
86 i_size_write(inode2, isize);
89 void ext4_reset_inode_seed(struct inode *inode)
91 struct ext4_inode_info *ei = EXT4_I(inode);
92 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
93 __le32 inum = cpu_to_le32(inode->i_ino);
94 __le32 gen = cpu_to_le32(inode->i_generation);
97 if (!ext4_has_metadata_csum(inode->i_sb))
100 csum = ext4_chksum(sbi, sbi->s_csum_seed, (__u8 *)&inum, sizeof(inum));
101 ei->i_csum_seed = ext4_chksum(sbi, csum, (__u8 *)&gen, sizeof(gen));
105 * Swap the information from the given @inode and the inode
106 * EXT4_BOOT_LOADER_INO. It will basically swap i_data and all other
107 * important fields of the inodes.
109 * @sb: the super block of the filesystem
110 * @inode: the inode to swap with EXT4_BOOT_LOADER_INO
113 static long swap_inode_boot_loader(struct super_block *sb,
118 struct inode *inode_bl;
119 struct ext4_inode_info *ei_bl;
120 qsize_t size, size_bl, diff;
122 unsigned short bytes;
124 inode_bl = ext4_iget(sb, EXT4_BOOT_LOADER_INO,
125 EXT4_IGET_SPECIAL | EXT4_IGET_BAD);
126 if (IS_ERR(inode_bl))
127 return PTR_ERR(inode_bl);
128 ei_bl = EXT4_I(inode_bl);
130 /* Protect orig inodes against a truncate and make sure,
131 * that only 1 swap_inode_boot_loader is running. */
132 lock_two_nondirectories(inode, inode_bl);
134 if (inode->i_nlink != 1 || !S_ISREG(inode->i_mode) ||
135 IS_SWAPFILE(inode) || IS_ENCRYPTED(inode) ||
136 (EXT4_I(inode)->i_flags & EXT4_JOURNAL_DATA_FL) ||
137 ext4_has_inline_data(inode)) {
139 goto journal_err_out;
142 if (IS_RDONLY(inode) || IS_APPEND(inode) || IS_IMMUTABLE(inode) ||
143 !inode_owner_or_capable(inode) || !capable(CAP_SYS_ADMIN)) {
145 goto journal_err_out;
148 down_write(&EXT4_I(inode)->i_mmap_sem);
149 err = filemap_write_and_wait(inode->i_mapping);
153 err = filemap_write_and_wait(inode_bl->i_mapping);
157 /* Wait for all existing dio workers */
158 inode_dio_wait(inode);
159 inode_dio_wait(inode_bl);
161 truncate_inode_pages(&inode->i_data, 0);
162 truncate_inode_pages(&inode_bl->i_data, 0);
164 handle = ext4_journal_start(inode_bl, EXT4_HT_MOVE_EXTENTS, 2);
165 if (IS_ERR(handle)) {
169 ext4_fc_start_ineligible(sb, EXT4_FC_REASON_SWAP_BOOT);
171 /* Protect extent tree against block allocations via delalloc */
172 ext4_double_down_write_data_sem(inode, inode_bl);
174 if (is_bad_inode(inode_bl) || !S_ISREG(inode_bl->i_mode)) {
175 /* this inode has never been used as a BOOT_LOADER */
176 set_nlink(inode_bl, 1);
177 i_uid_write(inode_bl, 0);
178 i_gid_write(inode_bl, 0);
179 inode_bl->i_flags = 0;
181 inode_set_iversion(inode_bl, 1);
182 i_size_write(inode_bl, 0);
183 EXT4_I(inode_bl)->i_disksize = inode_bl->i_size;
184 inode_bl->i_mode = S_IFREG;
185 if (ext4_has_feature_extents(sb)) {
186 ext4_set_inode_flag(inode_bl, EXT4_INODE_EXTENTS);
187 ext4_ext_tree_init(handle, inode_bl);
189 memset(ei_bl->i_data, 0, sizeof(ei_bl->i_data));
192 err = dquot_initialize(inode);
196 size = (qsize_t)(inode->i_blocks) * (1 << 9) + inode->i_bytes;
197 size_bl = (qsize_t)(inode_bl->i_blocks) * (1 << 9) + inode_bl->i_bytes;
198 diff = size - size_bl;
199 swap_inode_data(inode, inode_bl);
201 inode->i_ctime = inode_bl->i_ctime = current_time(inode);
203 inode->i_generation = prandom_u32();
204 inode_bl->i_generation = prandom_u32();
205 ext4_reset_inode_seed(inode);
206 ext4_reset_inode_seed(inode_bl);
208 ext4_discard_preallocations(inode, 0);
210 err = ext4_mark_inode_dirty(handle, inode);
212 /* No need to update quota information. */
213 ext4_warning(inode->i_sb,
214 "couldn't mark inode #%lu dirty (err %d)",
216 /* Revert all changes: */
217 swap_inode_data(inode, inode_bl);
218 ext4_mark_inode_dirty(handle, inode);
222 blocks = inode_bl->i_blocks;
223 bytes = inode_bl->i_bytes;
224 inode_bl->i_blocks = inode->i_blocks;
225 inode_bl->i_bytes = inode->i_bytes;
226 err = ext4_mark_inode_dirty(handle, inode_bl);
228 /* No need to update quota information. */
229 ext4_warning(inode_bl->i_sb,
230 "couldn't mark inode #%lu dirty (err %d)",
231 inode_bl->i_ino, err);
235 /* Bootloader inode should not be counted into quota information. */
237 dquot_free_space(inode, diff);
239 err = dquot_alloc_space(inode, -1 * diff);
243 /* Revert all changes: */
244 inode_bl->i_blocks = blocks;
245 inode_bl->i_bytes = bytes;
246 swap_inode_data(inode, inode_bl);
247 ext4_mark_inode_dirty(handle, inode);
248 ext4_mark_inode_dirty(handle, inode_bl);
252 ext4_journal_stop(handle);
253 ext4_fc_stop_ineligible(sb);
254 ext4_double_up_write_data_sem(inode, inode_bl);
257 up_write(&EXT4_I(inode)->i_mmap_sem);
259 unlock_two_nondirectories(inode, inode_bl);
264 #ifdef CONFIG_FS_ENCRYPTION
265 static int uuid_is_zero(__u8 u[16])
269 for (i = 0; i < 16; i++)
277 * If immutable is set and we are not clearing it, we're not allowed to change
278 * anything else in the inode. Don't error out if we're only trying to set
279 * immutable on an immutable file.
281 static int ext4_ioctl_check_immutable(struct inode *inode, __u32 new_projid,
284 struct ext4_inode_info *ei = EXT4_I(inode);
285 unsigned int oldflags = ei->i_flags;
287 if (!(oldflags & EXT4_IMMUTABLE_FL) || !(flags & EXT4_IMMUTABLE_FL))
290 if ((oldflags & ~EXT4_IMMUTABLE_FL) != (flags & ~EXT4_IMMUTABLE_FL))
292 if (ext4_has_feature_project(inode->i_sb) &&
293 __kprojid_val(ei->i_projid) != new_projid)
299 static void ext4_dax_dontcache(struct inode *inode, unsigned int flags)
301 struct ext4_inode_info *ei = EXT4_I(inode);
303 if (S_ISDIR(inode->i_mode))
306 if (test_opt2(inode->i_sb, DAX_NEVER) ||
307 test_opt(inode->i_sb, DAX_ALWAYS))
310 if ((ei->i_flags ^ flags) & EXT4_DAX_FL)
311 d_mark_dontcache(inode);
314 static bool dax_compatible(struct inode *inode, unsigned int oldflags,
317 /* Allow the DAX flag to be changed on inline directories */
318 if (S_ISDIR(inode->i_mode)) {
319 flags &= ~EXT4_INLINE_DATA_FL;
320 oldflags &= ~EXT4_INLINE_DATA_FL;
323 if (flags & EXT4_DAX_FL) {
324 if ((oldflags & EXT4_DAX_MUT_EXCL) ||
325 ext4_test_inode_state(inode,
326 EXT4_STATE_VERITY_IN_PROGRESS)) {
331 if ((flags & EXT4_DAX_MUT_EXCL) && (oldflags & EXT4_DAX_FL))
337 static int ext4_ioctl_setflags(struct inode *inode,
340 struct ext4_inode_info *ei = EXT4_I(inode);
341 handle_t *handle = NULL;
342 int err = -EPERM, migrate = 0;
343 struct ext4_iloc iloc;
344 unsigned int oldflags, mask, i;
345 struct super_block *sb = inode->i_sb;
347 /* Is it quota file? Do not allow user to mess with it */
348 if (ext4_is_quota_file(inode))
351 oldflags = ei->i_flags;
353 err = vfs_ioc_setflags_prepare(inode, oldflags, flags);
358 * The JOURNAL_DATA flag can only be changed by
359 * the relevant capability.
361 if ((flags ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
362 if (!capable(CAP_SYS_RESOURCE))
366 if (!dax_compatible(inode, oldflags, flags)) {
371 if ((flags ^ oldflags) & EXT4_EXTENTS_FL)
374 if ((flags ^ oldflags) & EXT4_CASEFOLD_FL) {
375 if (!ext4_has_feature_casefold(sb)) {
380 if (!S_ISDIR(inode->i_mode)) {
385 if (!ext4_empty_dir(inode)) {
392 * Wait for all pending directio and then flush all the dirty pages
393 * for this file. The flush marks all the pages readonly, so any
394 * subsequent attempt to write to the file (particularly mmap pages)
395 * will come through the filesystem and fail.
397 if (S_ISREG(inode->i_mode) && !IS_IMMUTABLE(inode) &&
398 (flags & EXT4_IMMUTABLE_FL)) {
399 inode_dio_wait(inode);
400 err = filemap_write_and_wait(inode->i_mapping);
405 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
406 if (IS_ERR(handle)) {
407 err = PTR_ERR(handle);
411 ext4_handle_sync(handle);
412 err = ext4_reserve_inode_write(handle, inode, &iloc);
416 ext4_dax_dontcache(inode, flags);
418 for (i = 0, mask = 1; i < 32; i++, mask <<= 1) {
419 if (!(mask & EXT4_FL_USER_MODIFIABLE))
421 /* These flags get special treatment later */
422 if (mask == EXT4_JOURNAL_DATA_FL || mask == EXT4_EXTENTS_FL)
425 ext4_set_inode_flag(inode, i);
427 ext4_clear_inode_flag(inode, i);
430 ext4_set_inode_flags(inode, false);
432 inode->i_ctime = current_time(inode);
434 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
436 ext4_journal_stop(handle);
440 if ((flags ^ oldflags) & (EXT4_JOURNAL_DATA_FL)) {
442 * Changes to the journaling mode can cause unsafe changes to
443 * S_DAX if the inode is DAX
450 err = ext4_change_inode_journal_flag(inode,
451 flags & EXT4_JOURNAL_DATA_FL);
456 if (flags & EXT4_EXTENTS_FL)
457 err = ext4_ext_migrate(inode);
459 err = ext4_ind_migrate(inode);
467 static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
469 struct inode *inode = file_inode(filp);
470 struct super_block *sb = inode->i_sb;
471 struct ext4_inode_info *ei = EXT4_I(inode);
475 struct ext4_iloc iloc;
476 struct ext4_inode *raw_inode;
477 struct dquot *transfer_to[MAXQUOTAS] = { };
479 if (!ext4_has_feature_project(sb)) {
480 if (projid != EXT4_DEF_PROJID)
486 if (EXT4_INODE_SIZE(sb) <= EXT4_GOOD_OLD_INODE_SIZE)
489 kprojid = make_kprojid(&init_user_ns, (projid_t)projid);
491 if (projid_eq(kprojid, EXT4_I(inode)->i_projid))
495 /* Is it quota file? Do not allow user to mess with it */
496 if (ext4_is_quota_file(inode))
499 err = dquot_initialize(inode);
503 err = ext4_get_inode_loc(inode, &iloc);
507 raw_inode = ext4_raw_inode(&iloc);
508 if (!EXT4_FITS_IN_INODE(raw_inode, ei, i_projid)) {
509 err = ext4_expand_extra_isize(inode,
510 EXT4_SB(sb)->s_want_extra_isize,
518 handle = ext4_journal_start(inode, EXT4_HT_QUOTA,
519 EXT4_QUOTA_INIT_BLOCKS(sb) +
520 EXT4_QUOTA_DEL_BLOCKS(sb) + 3);
522 return PTR_ERR(handle);
524 err = ext4_reserve_inode_write(handle, inode, &iloc);
528 transfer_to[PRJQUOTA] = dqget(sb, make_kqid_projid(kprojid));
529 if (!IS_ERR(transfer_to[PRJQUOTA])) {
531 /* __dquot_transfer() calls back ext4_get_inode_usage() which
532 * counts xattr inode references.
534 down_read(&EXT4_I(inode)->xattr_sem);
535 err = __dquot_transfer(inode, transfer_to);
536 up_read(&EXT4_I(inode)->xattr_sem);
537 dqput(transfer_to[PRJQUOTA]);
542 EXT4_I(inode)->i_projid = kprojid;
543 inode->i_ctime = current_time(inode);
545 rc = ext4_mark_iloc_dirty(handle, inode, &iloc);
549 ext4_journal_stop(handle);
553 static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
555 if (projid != EXT4_DEF_PROJID)
561 /* Transfer internal flags to xflags */
562 static inline __u32 ext4_iflags_to_xflags(unsigned long iflags)
566 if (iflags & EXT4_SYNC_FL)
567 xflags |= FS_XFLAG_SYNC;
568 if (iflags & EXT4_IMMUTABLE_FL)
569 xflags |= FS_XFLAG_IMMUTABLE;
570 if (iflags & EXT4_APPEND_FL)
571 xflags |= FS_XFLAG_APPEND;
572 if (iflags & EXT4_NODUMP_FL)
573 xflags |= FS_XFLAG_NODUMP;
574 if (iflags & EXT4_NOATIME_FL)
575 xflags |= FS_XFLAG_NOATIME;
576 if (iflags & EXT4_PROJINHERIT_FL)
577 xflags |= FS_XFLAG_PROJINHERIT;
578 if (iflags & EXT4_DAX_FL)
579 xflags |= FS_XFLAG_DAX;
583 #define EXT4_SUPPORTED_FS_XFLAGS (FS_XFLAG_SYNC | FS_XFLAG_IMMUTABLE | \
584 FS_XFLAG_APPEND | FS_XFLAG_NODUMP | \
585 FS_XFLAG_NOATIME | FS_XFLAG_PROJINHERIT | \
588 /* Transfer xflags flags to internal */
589 static inline unsigned long ext4_xflags_to_iflags(__u32 xflags)
591 unsigned long iflags = 0;
593 if (xflags & FS_XFLAG_SYNC)
594 iflags |= EXT4_SYNC_FL;
595 if (xflags & FS_XFLAG_IMMUTABLE)
596 iflags |= EXT4_IMMUTABLE_FL;
597 if (xflags & FS_XFLAG_APPEND)
598 iflags |= EXT4_APPEND_FL;
599 if (xflags & FS_XFLAG_NODUMP)
600 iflags |= EXT4_NODUMP_FL;
601 if (xflags & FS_XFLAG_NOATIME)
602 iflags |= EXT4_NOATIME_FL;
603 if (xflags & FS_XFLAG_PROJINHERIT)
604 iflags |= EXT4_PROJINHERIT_FL;
605 if (xflags & FS_XFLAG_DAX)
606 iflags |= EXT4_DAX_FL;
611 static int ext4_shutdown(struct super_block *sb, unsigned long arg)
613 struct ext4_sb_info *sbi = EXT4_SB(sb);
615 struct super_block *ret;
617 if (!capable(CAP_SYS_ADMIN))
620 if (get_user(flags, (__u32 __user *)arg))
623 if (flags > EXT4_GOING_FLAGS_NOLOGFLUSH)
626 if (ext4_forced_shutdown(sbi))
629 ext4_msg(sb, KERN_ALERT, "shut down requested (%d)", flags);
630 trace_ext4_shutdown(sb, flags);
633 case EXT4_GOING_FLAGS_DEFAULT:
634 ret = freeze_bdev(sb->s_bdev);
637 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
638 thaw_bdev(sb->s_bdev, sb);
640 case EXT4_GOING_FLAGS_LOGFLUSH:
641 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
642 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal)) {
643 (void) ext4_force_commit(sb);
644 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
647 case EXT4_GOING_FLAGS_NOLOGFLUSH:
648 set_bit(EXT4_FLAGS_SHUTDOWN, &sbi->s_ext4_flags);
649 if (sbi->s_journal && !is_journal_aborted(sbi->s_journal))
650 jbd2_journal_abort(sbi->s_journal, -ESHUTDOWN);
655 clear_opt(sb, DISCARD);
659 struct getfsmap_info {
660 struct super_block *gi_sb;
661 struct fsmap_head __user *gi_data;
666 static int ext4_getfsmap_format(struct ext4_fsmap *xfm, void *priv)
668 struct getfsmap_info *info = priv;
671 trace_ext4_getfsmap_mapping(info->gi_sb, xfm);
673 info->gi_last_flags = xfm->fmr_flags;
674 ext4_fsmap_from_internal(info->gi_sb, &fm, xfm);
675 if (copy_to_user(&info->gi_data->fmh_recs[info->gi_idx++], &fm,
676 sizeof(struct fsmap)))
682 static int ext4_ioc_getfsmap(struct super_block *sb,
683 struct fsmap_head __user *arg)
685 struct getfsmap_info info = { NULL };
686 struct ext4_fsmap_head xhead = {0};
687 struct fsmap_head head;
688 bool aborted = false;
691 if (copy_from_user(&head, arg, sizeof(struct fsmap_head)))
693 if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) ||
694 memchr_inv(head.fmh_keys[0].fmr_reserved, 0,
695 sizeof(head.fmh_keys[0].fmr_reserved)) ||
696 memchr_inv(head.fmh_keys[1].fmr_reserved, 0,
697 sizeof(head.fmh_keys[1].fmr_reserved)))
700 * ext4 doesn't report file extents at all, so the only valid
701 * file offsets are the magic ones (all zeroes or all ones).
703 if (head.fmh_keys[0].fmr_offset ||
704 (head.fmh_keys[1].fmr_offset != 0 &&
705 head.fmh_keys[1].fmr_offset != -1ULL))
708 xhead.fmh_iflags = head.fmh_iflags;
709 xhead.fmh_count = head.fmh_count;
710 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[0], &head.fmh_keys[0]);
711 ext4_fsmap_to_internal(sb, &xhead.fmh_keys[1], &head.fmh_keys[1]);
713 trace_ext4_getfsmap_low_key(sb, &xhead.fmh_keys[0]);
714 trace_ext4_getfsmap_high_key(sb, &xhead.fmh_keys[1]);
718 error = ext4_getfsmap(sb, &xhead, ext4_getfsmap_format, &info);
719 if (error == EXT4_QUERY_RANGE_ABORT) {
725 /* If we didn't abort, set the "last" flag in the last fmx */
726 if (!aborted && info.gi_idx) {
727 info.gi_last_flags |= FMR_OF_LAST;
728 if (copy_to_user(&info.gi_data->fmh_recs[info.gi_idx - 1].fmr_flags,
730 sizeof(info.gi_last_flags)))
734 /* copy back header */
735 head.fmh_entries = xhead.fmh_entries;
736 head.fmh_oflags = xhead.fmh_oflags;
737 if (copy_to_user(arg, &head, sizeof(struct fsmap_head)))
743 static long ext4_ioctl_group_add(struct file *file,
744 struct ext4_new_group_data *input)
746 struct super_block *sb = file_inode(file)->i_sb;
749 err = ext4_resize_begin(sb);
753 if (ext4_has_feature_bigalloc(sb)) {
754 ext4_msg(sb, KERN_ERR,
755 "Online resizing not supported with bigalloc");
760 err = mnt_want_write_file(file);
764 err = ext4_group_add(sb, input);
765 if (EXT4_SB(sb)->s_journal) {
766 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
767 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
768 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
772 mnt_drop_write_file(file);
773 if (!err && ext4_has_group_desc_csum(sb) &&
774 test_opt(sb, INIT_INODE_TABLE))
775 err = ext4_register_li_request(sb, input->group);
781 static void ext4_fill_fsxattr(struct inode *inode, struct fsxattr *fa)
783 struct ext4_inode_info *ei = EXT4_I(inode);
785 simple_fill_fsxattr(fa, ext4_iflags_to_xflags(ei->i_flags &
786 EXT4_FL_USER_VISIBLE));
788 if (ext4_has_feature_project(inode->i_sb))
789 fa->fsx_projid = from_kprojid(&init_user_ns, ei->i_projid);
792 /* So that the fiemap access checks can't overflow on 32 bit machines. */
793 #define FIEMAP_MAX_EXTENTS (UINT_MAX / sizeof(struct fiemap_extent))
795 static int ext4_ioctl_get_es_cache(struct file *filp, unsigned long arg)
797 struct fiemap fiemap;
798 struct fiemap __user *ufiemap = (struct fiemap __user *) arg;
799 struct fiemap_extent_info fieinfo = { 0, };
800 struct inode *inode = file_inode(filp);
803 if (copy_from_user(&fiemap, ufiemap, sizeof(fiemap)))
806 if (fiemap.fm_extent_count > FIEMAP_MAX_EXTENTS)
809 fieinfo.fi_flags = fiemap.fm_flags;
810 fieinfo.fi_extents_max = fiemap.fm_extent_count;
811 fieinfo.fi_extents_start = ufiemap->fm_extents;
813 error = ext4_get_es_cache(inode, &fieinfo, fiemap.fm_start,
815 fiemap.fm_flags = fieinfo.fi_flags;
816 fiemap.fm_mapped_extents = fieinfo.fi_extents_mapped;
817 if (copy_to_user(ufiemap, &fiemap, sizeof(fiemap)))
823 static long __ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
825 struct inode *inode = file_inode(filp);
826 struct super_block *sb = inode->i_sb;
827 struct ext4_inode_info *ei = EXT4_I(inode);
830 ext4_debug("cmd = %u, arg = %lu\n", cmd, arg);
833 case FS_IOC_GETFSMAP:
834 return ext4_ioc_getfsmap(sb, (void __user *)arg);
835 case FS_IOC_GETFLAGS:
836 flags = ei->i_flags & EXT4_FL_USER_VISIBLE;
837 if (S_ISREG(inode->i_mode))
838 flags &= ~EXT4_PROJINHERIT_FL;
839 return put_user(flags, (int __user *) arg);
840 case FS_IOC_SETFLAGS: {
843 if (!inode_owner_or_capable(inode))
846 if (get_user(flags, (int __user *) arg))
849 if (flags & ~EXT4_FL_USER_VISIBLE)
852 * chattr(1) grabs flags via GETFLAGS, modifies the result and
853 * passes that to SETFLAGS. So we cannot easily make SETFLAGS
854 * more restrictive than just silently masking off visible but
855 * not settable flags as we always did.
857 flags &= EXT4_FL_USER_MODIFIABLE;
858 if (ext4_mask_flags(inode->i_mode, flags) != flags)
861 err = mnt_want_write_file(filp);
866 err = ext4_ioctl_check_immutable(inode,
867 from_kprojid(&init_user_ns, ei->i_projid),
870 err = ext4_ioctl_setflags(inode, flags);
872 mnt_drop_write_file(filp);
875 case EXT4_IOC_GETVERSION:
876 case EXT4_IOC_GETVERSION_OLD:
877 return put_user(inode->i_generation, (int __user *) arg);
878 case EXT4_IOC_SETVERSION:
879 case EXT4_IOC_SETVERSION_OLD: {
881 struct ext4_iloc iloc;
885 if (!inode_owner_or_capable(inode))
888 if (ext4_has_metadata_csum(inode->i_sb)) {
889 ext4_warning(sb, "Setting inode version is not "
890 "supported with metadata_csum enabled.");
894 err = mnt_want_write_file(filp);
897 if (get_user(generation, (int __user *) arg)) {
903 handle = ext4_journal_start(inode, EXT4_HT_INODE, 1);
904 if (IS_ERR(handle)) {
905 err = PTR_ERR(handle);
908 err = ext4_reserve_inode_write(handle, inode, &iloc);
910 inode->i_ctime = current_time(inode);
911 inode->i_generation = generation;
912 err = ext4_mark_iloc_dirty(handle, inode, &iloc);
914 ext4_journal_stop(handle);
919 mnt_drop_write_file(filp);
922 case EXT4_IOC_GROUP_EXTEND: {
923 ext4_fsblk_t n_blocks_count;
926 err = ext4_resize_begin(sb);
930 if (get_user(n_blocks_count, (__u32 __user *)arg)) {
932 goto group_extend_out;
935 if (ext4_has_feature_bigalloc(sb)) {
936 ext4_msg(sb, KERN_ERR,
937 "Online resizing not supported with bigalloc");
939 goto group_extend_out;
942 err = mnt_want_write_file(filp);
944 goto group_extend_out;
946 err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count);
947 if (EXT4_SB(sb)->s_journal) {
948 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
949 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
950 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
954 mnt_drop_write_file(filp);
960 case EXT4_IOC_MOVE_EXT: {
961 struct move_extent me;
965 if (!(filp->f_mode & FMODE_READ) ||
966 !(filp->f_mode & FMODE_WRITE))
969 if (copy_from_user(&me,
970 (struct move_extent __user *)arg, sizeof(me)))
974 donor = fdget(me.donor_fd);
978 if (!(donor.file->f_mode & FMODE_WRITE)) {
983 if (ext4_has_feature_bigalloc(sb)) {
984 ext4_msg(sb, KERN_ERR,
985 "Online defrag not supported with bigalloc");
988 } else if (IS_DAX(inode)) {
989 ext4_msg(sb, KERN_ERR,
990 "Online defrag not supported with DAX");
995 err = mnt_want_write_file(filp);
999 err = ext4_move_extents(filp, donor.file, me.orig_start,
1000 me.donor_start, me.len, &me.moved_len);
1001 mnt_drop_write_file(filp);
1003 if (copy_to_user((struct move_extent __user *)arg,
1011 case EXT4_IOC_GROUP_ADD: {
1012 struct ext4_new_group_data input;
1014 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg,
1018 return ext4_ioctl_group_add(filp, &input);
1021 case EXT4_IOC_MIGRATE:
1024 if (!inode_owner_or_capable(inode))
1027 err = mnt_want_write_file(filp);
1031 * inode_mutex prevent write and truncate on the file.
1032 * Read still goes through. We take i_data_sem in
1033 * ext4_ext_swap_inode_data before we switch the
1034 * inode format to prevent read.
1036 inode_lock((inode));
1037 err = ext4_ext_migrate(inode);
1038 inode_unlock((inode));
1039 mnt_drop_write_file(filp);
1043 case EXT4_IOC_ALLOC_DA_BLKS:
1046 if (!inode_owner_or_capable(inode))
1049 err = mnt_want_write_file(filp);
1052 err = ext4_alloc_da_blocks(inode);
1053 mnt_drop_write_file(filp);
1057 case EXT4_IOC_SWAP_BOOT:
1060 if (!(filp->f_mode & FMODE_WRITE))
1062 err = mnt_want_write_file(filp);
1065 err = swap_inode_boot_loader(sb, inode);
1066 mnt_drop_write_file(filp);
1070 case EXT4_IOC_RESIZE_FS: {
1071 ext4_fsblk_t n_blocks_count;
1072 int err = 0, err2 = 0;
1073 ext4_group_t o_group = EXT4_SB(sb)->s_groups_count;
1075 if (copy_from_user(&n_blocks_count, (__u64 __user *)arg,
1080 err = ext4_resize_begin(sb);
1084 err = mnt_want_write_file(filp);
1088 err = ext4_resize_fs(sb, n_blocks_count);
1089 if (EXT4_SB(sb)->s_journal) {
1090 ext4_fc_mark_ineligible(sb, EXT4_FC_REASON_RESIZE);
1091 jbd2_journal_lock_updates(EXT4_SB(sb)->s_journal);
1092 err2 = jbd2_journal_flush(EXT4_SB(sb)->s_journal);
1093 jbd2_journal_unlock_updates(EXT4_SB(sb)->s_journal);
1097 mnt_drop_write_file(filp);
1098 if (!err && (o_group < EXT4_SB(sb)->s_groups_count) &&
1099 ext4_has_group_desc_csum(sb) &&
1100 test_opt(sb, INIT_INODE_TABLE))
1101 err = ext4_register_li_request(sb, o_group);
1104 ext4_resize_end(sb);
1110 struct request_queue *q = bdev_get_queue(sb->s_bdev);
1111 struct fstrim_range range;
1114 if (!capable(CAP_SYS_ADMIN))
1117 if (!blk_queue_discard(q))
1121 * We haven't replayed the journal, so we cannot use our
1122 * block-bitmap-guided storage zapping commands.
1124 if (test_opt(sb, NOLOAD) && ext4_has_feature_journal(sb))
1127 if (copy_from_user(&range, (struct fstrim_range __user *)arg,
1131 ret = ext4_trim_fs(sb, &range);
1135 if (copy_to_user((struct fstrim_range __user *)arg, &range,
1141 case EXT4_IOC_PRECACHE_EXTENTS:
1142 return ext4_ext_precache(inode);
1144 case FS_IOC_SET_ENCRYPTION_POLICY:
1145 if (!ext4_has_feature_encrypt(sb))
1147 return fscrypt_ioctl_set_policy(filp, (const void __user *)arg);
1149 case FS_IOC_GET_ENCRYPTION_PWSALT: {
1150 #ifdef CONFIG_FS_ENCRYPTION
1152 struct ext4_sb_info *sbi = EXT4_SB(sb);
1155 if (!ext4_has_feature_encrypt(sb))
1157 if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
1158 err = mnt_want_write_file(filp);
1161 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
1162 if (IS_ERR(handle)) {
1163 err = PTR_ERR(handle);
1164 goto pwsalt_err_exit;
1166 err = ext4_journal_get_write_access(handle, sbi->s_sbh);
1168 goto pwsalt_err_journal;
1169 lock_buffer(sbi->s_sbh);
1170 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
1171 ext4_superblock_csum_set(sb);
1172 unlock_buffer(sbi->s_sbh);
1173 err = ext4_handle_dirty_metadata(handle, NULL,
1176 err2 = ext4_journal_stop(handle);
1180 mnt_drop_write_file(filp);
1184 if (copy_to_user((void __user *) arg,
1185 sbi->s_es->s_encrypt_pw_salt, 16))
1192 case FS_IOC_GET_ENCRYPTION_POLICY:
1193 if (!ext4_has_feature_encrypt(sb))
1195 return fscrypt_ioctl_get_policy(filp, (void __user *)arg);
1197 case FS_IOC_GET_ENCRYPTION_POLICY_EX:
1198 if (!ext4_has_feature_encrypt(sb))
1200 return fscrypt_ioctl_get_policy_ex(filp, (void __user *)arg);
1202 case FS_IOC_ADD_ENCRYPTION_KEY:
1203 if (!ext4_has_feature_encrypt(sb))
1205 return fscrypt_ioctl_add_key(filp, (void __user *)arg);
1207 case FS_IOC_REMOVE_ENCRYPTION_KEY:
1208 if (!ext4_has_feature_encrypt(sb))
1210 return fscrypt_ioctl_remove_key(filp, (void __user *)arg);
1212 case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
1213 if (!ext4_has_feature_encrypt(sb))
1215 return fscrypt_ioctl_remove_key_all_users(filp,
1216 (void __user *)arg);
1217 case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
1218 if (!ext4_has_feature_encrypt(sb))
1220 return fscrypt_ioctl_get_key_status(filp, (void __user *)arg);
1222 case FS_IOC_GET_ENCRYPTION_NONCE:
1223 if (!ext4_has_feature_encrypt(sb))
1225 return fscrypt_ioctl_get_nonce(filp, (void __user *)arg);
1227 case EXT4_IOC_CLEAR_ES_CACHE:
1229 if (!inode_owner_or_capable(inode))
1231 ext4_clear_inode_es(inode);
1235 case EXT4_IOC_GETSTATE:
1239 if (ext4_test_inode_state(inode, EXT4_STATE_EXT_PRECACHED))
1240 state |= EXT4_STATE_FLAG_EXT_PRECACHED;
1241 if (ext4_test_inode_state(inode, EXT4_STATE_NEW))
1242 state |= EXT4_STATE_FLAG_NEW;
1243 if (ext4_test_inode_state(inode, EXT4_STATE_NEWENTRY))
1244 state |= EXT4_STATE_FLAG_NEWENTRY;
1245 if (ext4_test_inode_state(inode, EXT4_STATE_DA_ALLOC_CLOSE))
1246 state |= EXT4_STATE_FLAG_DA_ALLOC_CLOSE;
1248 return put_user(state, (__u32 __user *) arg);
1251 case EXT4_IOC_GET_ES_CACHE:
1252 return ext4_ioctl_get_es_cache(filp, arg);
1254 case FS_IOC_FSGETXATTR:
1258 ext4_fill_fsxattr(inode, &fa);
1260 if (copy_to_user((struct fsxattr __user *)arg,
1265 case FS_IOC_FSSETXATTR:
1267 struct fsxattr fa, old_fa;
1270 if (copy_from_user(&fa, (struct fsxattr __user *)arg,
1274 /* Make sure caller has proper permission */
1275 if (!inode_owner_or_capable(inode))
1278 if (fa.fsx_xflags & ~EXT4_SUPPORTED_FS_XFLAGS)
1281 flags = ext4_xflags_to_iflags(fa.fsx_xflags);
1282 if (ext4_mask_flags(inode->i_mode, flags) != flags)
1285 err = mnt_want_write_file(filp);
1290 ext4_fill_fsxattr(inode, &old_fa);
1291 err = vfs_ioc_fssetxattr_check(inode, &old_fa, &fa);
1294 flags = (ei->i_flags & ~EXT4_FL_XFLAG_VISIBLE) |
1295 (flags & EXT4_FL_XFLAG_VISIBLE);
1296 err = ext4_ioctl_check_immutable(inode, fa.fsx_projid, flags);
1299 err = ext4_ioctl_setflags(inode, flags);
1302 err = ext4_ioctl_setproject(filp, fa.fsx_projid);
1304 inode_unlock(inode);
1305 mnt_drop_write_file(filp);
1308 case EXT4_IOC_SHUTDOWN:
1309 return ext4_shutdown(sb, arg);
1311 case FS_IOC_ENABLE_VERITY:
1312 if (!ext4_has_feature_verity(sb))
1314 return fsverity_ioctl_enable(filp, (const void __user *)arg);
1316 case FS_IOC_MEASURE_VERITY:
1317 if (!ext4_has_feature_verity(sb))
1319 return fsverity_ioctl_measure(filp, (void __user *)arg);
1326 long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
1328 return __ext4_ioctl(filp, cmd, arg);
1331 #ifdef CONFIG_COMPAT
1332 long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
1334 /* These are just misnamed, they actually get/put from/to user an int */
1336 case FS_IOC32_GETFLAGS:
1337 cmd = FS_IOC_GETFLAGS;
1339 case FS_IOC32_SETFLAGS:
1340 cmd = FS_IOC_SETFLAGS;
1342 case EXT4_IOC32_GETVERSION:
1343 cmd = EXT4_IOC_GETVERSION;
1345 case EXT4_IOC32_SETVERSION:
1346 cmd = EXT4_IOC_SETVERSION;
1348 case EXT4_IOC32_GROUP_EXTEND:
1349 cmd = EXT4_IOC_GROUP_EXTEND;
1351 case EXT4_IOC32_GETVERSION_OLD:
1352 cmd = EXT4_IOC_GETVERSION_OLD;
1354 case EXT4_IOC32_SETVERSION_OLD:
1355 cmd = EXT4_IOC_SETVERSION_OLD;
1357 case EXT4_IOC32_GETRSVSZ:
1358 cmd = EXT4_IOC_GETRSVSZ;
1360 case EXT4_IOC32_SETRSVSZ:
1361 cmd = EXT4_IOC_SETRSVSZ;
1363 case EXT4_IOC32_GROUP_ADD: {
1364 struct compat_ext4_new_group_input __user *uinput;
1365 struct ext4_new_group_data input;
1368 uinput = compat_ptr(arg);
1369 err = get_user(input.group, &uinput->group);
1370 err |= get_user(input.block_bitmap, &uinput->block_bitmap);
1371 err |= get_user(input.inode_bitmap, &uinput->inode_bitmap);
1372 err |= get_user(input.inode_table, &uinput->inode_table);
1373 err |= get_user(input.blocks_count, &uinput->blocks_count);
1374 err |= get_user(input.reserved_blocks,
1375 &uinput->reserved_blocks);
1378 return ext4_ioctl_group_add(file, &input);
1380 case EXT4_IOC_MOVE_EXT:
1381 case EXT4_IOC_RESIZE_FS:
1383 case EXT4_IOC_PRECACHE_EXTENTS:
1384 case FS_IOC_SET_ENCRYPTION_POLICY:
1385 case FS_IOC_GET_ENCRYPTION_PWSALT:
1386 case FS_IOC_GET_ENCRYPTION_POLICY:
1387 case FS_IOC_GET_ENCRYPTION_POLICY_EX:
1388 case FS_IOC_ADD_ENCRYPTION_KEY:
1389 case FS_IOC_REMOVE_ENCRYPTION_KEY:
1390 case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS:
1391 case FS_IOC_GET_ENCRYPTION_KEY_STATUS:
1392 case FS_IOC_GET_ENCRYPTION_NONCE:
1393 case EXT4_IOC_SHUTDOWN:
1394 case FS_IOC_GETFSMAP:
1395 case FS_IOC_ENABLE_VERITY:
1396 case FS_IOC_MEASURE_VERITY:
1397 case EXT4_IOC_CLEAR_ES_CACHE:
1398 case EXT4_IOC_GETSTATE:
1399 case EXT4_IOC_GET_ES_CACHE:
1400 case FS_IOC_FSGETXATTR:
1401 case FS_IOC_FSSETXATTR:
1404 return -ENOIOCTLCMD;
1406 return ext4_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
projects / releases.git / blob