1 // SPDX-License-Identifier: GPL-2.0
12 #include <linux/compat.h>
13 #include <linux/fsnotify.h>
14 #include <linux/mount.h>
15 #include <linux/namei.h>
16 #include <linux/security.h>
17 #include <linux/writeback.h>
19 #define FS_IOC_GOINGDOWN _IOR('X', 125, __u32)
20 #define FSOP_GOING_FLAGS_DEFAULT 0x0 /* going down */
21 #define FSOP_GOING_FLAGS_LOGFLUSH 0x1 /* flush log but not data */
22 #define FSOP_GOING_FLAGS_NOLOGFLUSH 0x2 /* don't flush log nor data */
34 static int bch2_inode_flags_set(struct btree_trans *trans,
35 struct bch_inode_info *inode,
36 struct bch_inode_unpacked *bi,
39 struct bch_fs *c = inode->v.i_sb->s_fs_info;
41 * We're relying on btree locking here for exclusion with other ioctl
42 * calls - use the flags in the btree (@bi), not inode->i_flags:
44 struct flags_set *s = p;
45 unsigned newflags = s->flags;
46 unsigned oldflags = bi->bi_flags & s->mask;
48 if (((newflags ^ oldflags) & (BCH_INODE_append|BCH_INODE_immutable)) &&
49 !capable(CAP_LINUX_IMMUTABLE))
52 if (!S_ISREG(bi->bi_mode) &&
53 !S_ISDIR(bi->bi_mode) &&
54 (newflags & (BCH_INODE_nodump|BCH_INODE_noatime)) != newflags)
57 if (s->set_projinherit) {
58 bi->bi_fields_set &= ~(1 << Inode_opt_project);
59 bi->bi_fields_set |= ((int) s->projinherit << Inode_opt_project);
62 bi->bi_flags &= ~s->mask;
63 bi->bi_flags |= newflags;
65 bi->bi_ctime = timespec_to_bch2_time(c, current_time(&inode->v));
69 static int bch2_ioc_getflags(struct bch_inode_info *inode, int __user *arg)
71 unsigned flags = map_flags(bch_flags_to_uflags, inode->ei_inode.bi_flags);
73 return put_user(flags, arg);
76 static int bch2_ioc_setflags(struct bch_fs *c,
78 struct bch_inode_info *inode,
81 struct flags_set s = { .mask = map_defined(bch_flags_to_uflags) };
85 if (get_user(uflags, (int __user *) arg))
88 s.flags = map_flags_rev(bch_flags_to_uflags, uflags);
92 ret = mnt_want_write_file(file);
96 inode_lock(&inode->v);
97 if (!inode_owner_or_capable(file_mnt_idmap(file), &inode->v)) {
102 mutex_lock(&inode->ei_update_lock);
103 ret = bch2_write_inode(c, inode, bch2_inode_flags_set, &s,
105 mutex_unlock(&inode->ei_update_lock);
108 inode_unlock(&inode->v);
109 mnt_drop_write_file(file);
113 static int bch2_ioc_fsgetxattr(struct bch_inode_info *inode,
114 struct fsxattr __user *arg)
116 struct fsxattr fa = { 0 };
118 fa.fsx_xflags = map_flags(bch_flags_to_xflags, inode->ei_inode.bi_flags);
120 if (inode->ei_inode.bi_fields_set & (1 << Inode_opt_project))
121 fa.fsx_xflags |= FS_XFLAG_PROJINHERIT;
123 fa.fsx_projid = inode->ei_qid.q[QTYP_PRJ];
125 if (copy_to_user(arg, &fa, sizeof(fa)))
131 static int fssetxattr_inode_update_fn(struct btree_trans *trans,
132 struct bch_inode_info *inode,
133 struct bch_inode_unpacked *bi,
136 struct flags_set *s = p;
138 if (s->projid != bi->bi_project) {
139 bi->bi_fields_set |= 1U << Inode_opt_project;
140 bi->bi_project = s->projid;
143 return bch2_inode_flags_set(trans, inode, bi, p);
146 static int bch2_ioc_fssetxattr(struct bch_fs *c,
148 struct bch_inode_info *inode,
149 struct fsxattr __user *arg)
151 struct flags_set s = { .mask = map_defined(bch_flags_to_xflags) };
155 if (copy_from_user(&fa, arg, sizeof(fa)))
158 s.set_projinherit = true;
159 s.projinherit = (fa.fsx_xflags & FS_XFLAG_PROJINHERIT) != 0;
160 fa.fsx_xflags &= ~FS_XFLAG_PROJINHERIT;
162 s.flags = map_flags_rev(bch_flags_to_xflags, fa.fsx_xflags);
166 if (fa.fsx_projid >= U32_MAX)
170 * inode fields accessible via the xattr interface are stored with a +1
171 * bias, so that 0 means unset:
173 s.projid = fa.fsx_projid + 1;
175 ret = mnt_want_write_file(file);
179 inode_lock(&inode->v);
180 if (!inode_owner_or_capable(file_mnt_idmap(file), &inode->v)) {
185 mutex_lock(&inode->ei_update_lock);
186 ret = bch2_set_projid(c, inode, fa.fsx_projid);
190 ret = bch2_write_inode(c, inode, fssetxattr_inode_update_fn, &s,
193 mutex_unlock(&inode->ei_update_lock);
195 inode_unlock(&inode->v);
196 mnt_drop_write_file(file);
200 static int bch2_reinherit_attrs_fn(struct btree_trans *trans,
201 struct bch_inode_info *inode,
202 struct bch_inode_unpacked *bi,
205 struct bch_inode_info *dir = p;
207 return !bch2_reinherit_attrs(bi, &dir->ei_inode);
210 static int bch2_ioc_reinherit_attrs(struct bch_fs *c,
212 struct bch_inode_info *src,
213 const char __user *name)
215 struct bch_hash_info hash = bch2_hash_info_init(c, &src->ei_inode);
216 struct bch_inode_info *dst;
217 struct inode *vinode = NULL;
223 kname = kmalloc(BCH_NAME_MAX + 1, GFP_KERNEL);
227 ret = strncpy_from_user(kname, name, BCH_NAME_MAX);
228 if (unlikely(ret < 0))
234 ret = bch2_dirent_lookup(c, inode_inum(src), &hash, &qstr, &inum);
238 vinode = bch2_vfs_inode_get(c, inum);
239 ret = PTR_ERR_OR_ZERO(vinode);
243 dst = to_bch_ei(vinode);
245 ret = mnt_want_write_file(file);
249 bch2_lock_inodes(INODE_UPDATE_LOCK, src, dst);
251 if (inode_attr_changing(src, dst, Inode_opt_project)) {
252 ret = bch2_fs_quota_transfer(c, dst,
255 KEY_TYPE_QUOTA_PREALLOC);
260 ret = bch2_write_inode(c, dst, bch2_reinherit_attrs_fn, src, 0);
262 bch2_unlock_inodes(INODE_UPDATE_LOCK, src, dst);
264 /* return true if we did work */
268 mnt_drop_write_file(file);
277 static int bch2_ioc_goingdown(struct bch_fs *c, u32 __user *arg)
282 if (!capable(CAP_SYS_ADMIN))
285 if (get_user(flags, arg))
288 bch_notice(c, "shutdown by ioctl type %u", flags);
291 case FSOP_GOING_FLAGS_DEFAULT:
292 ret = freeze_bdev(c->vfs_sb->s_bdev);
295 bch2_journal_flush(&c->journal);
296 bch2_fs_emergency_read_only(c);
297 thaw_bdev(c->vfs_sb->s_bdev);
299 case FSOP_GOING_FLAGS_LOGFLUSH:
300 bch2_journal_flush(&c->journal);
302 case FSOP_GOING_FLAGS_NOLOGFLUSH:
303 bch2_fs_emergency_read_only(c);
313 static long __bch2_ioctl_subvolume_create(struct bch_fs *c, struct file *filp,
314 struct bch_ioctl_subvolume arg)
317 struct bch_inode_info *inode;
318 struct user_namespace *s_user_ns;
319 struct dentry *dst_dentry;
320 struct path src_path, dst_path;
321 int how = LOOKUP_FOLLOW;
323 subvol_inum snapshot_src = { 0 };
324 unsigned lookup_flags = 0;
325 unsigned create_flags = BCH_CREATE_SUBVOL;
327 if (arg.flags & ~(BCH_SUBVOL_SNAPSHOT_CREATE|
328 BCH_SUBVOL_SNAPSHOT_RO))
331 if (!(arg.flags & BCH_SUBVOL_SNAPSHOT_CREATE) &&
333 (arg.flags & BCH_SUBVOL_SNAPSHOT_RO)))
336 if (arg.flags & BCH_SUBVOL_SNAPSHOT_CREATE)
337 create_flags |= BCH_CREATE_SNAPSHOT;
339 if (arg.flags & BCH_SUBVOL_SNAPSHOT_RO)
340 create_flags |= BCH_CREATE_SNAPSHOT_RO;
342 /* why do we need this lock? */
343 down_read(&c->vfs_sb->s_umount);
345 if (arg.flags & BCH_SUBVOL_SNAPSHOT_CREATE)
346 sync_inodes_sb(c->vfs_sb);
349 error = user_path_at(arg.dirfd,
350 (const char __user *)(unsigned long)arg.src_ptr,
355 if (src_path.dentry->d_sb->s_fs_info != c) {
361 snapshot_src = inode_inum(to_bch_ei(src_path.dentry->d_inode));
364 dst_dentry = user_path_create(arg.dirfd,
365 (const char __user *)(unsigned long)arg.dst_ptr,
366 &dst_path, lookup_flags);
367 error = PTR_ERR_OR_ZERO(dst_dentry);
371 if (dst_dentry->d_sb->s_fs_info != c) {
376 if (dst_dentry->d_inode) {
381 dir = dst_path.dentry->d_inode;
382 if (IS_DEADDIR(dir)) {
383 error = -BCH_ERR_ENOENT_directory_dead;
387 s_user_ns = dir->i_sb->s_user_ns;
388 if (!kuid_has_mapping(s_user_ns, current_fsuid()) ||
389 !kgid_has_mapping(s_user_ns, current_fsgid())) {
394 error = inode_permission(file_mnt_idmap(filp),
395 dir, MAY_WRITE | MAY_EXEC);
399 if (!IS_POSIXACL(dir))
400 arg.mode &= ~current_umask();
402 error = security_path_mkdir(&dst_path, dst_dentry, arg.mode);
406 if ((arg.flags & BCH_SUBVOL_SNAPSHOT_CREATE) &&
408 snapshot_src.subvol = inode_inum(to_bch_ei(dir)).subvol;
410 inode = __bch2_create(file_mnt_idmap(filp), to_bch_ei(dir),
411 dst_dentry, arg.mode|S_IFDIR,
412 0, snapshot_src, create_flags);
413 error = PTR_ERR_OR_ZERO(inode);
417 d_instantiate(dst_dentry, &inode->v);
418 fsnotify_mkdir(dir, dst_dentry);
420 done_path_create(&dst_path, dst_dentry);
425 if (retry_estale(error, lookup_flags)) {
426 lookup_flags |= LOOKUP_REVAL;
430 up_read(&c->vfs_sb->s_umount);
435 static long bch2_ioctl_subvolume_create(struct bch_fs *c, struct file *filp,
436 struct bch_ioctl_subvolume arg)
438 down_write(&c->snapshot_create_lock);
439 long ret = __bch2_ioctl_subvolume_create(c, filp, arg);
440 up_write(&c->snapshot_create_lock);
445 static long bch2_ioctl_subvolume_destroy(struct bch_fs *c, struct file *filp,
446 struct bch_ioctl_subvolume arg)
455 ret = user_path_at(arg.dirfd,
456 (const char __user *)(unsigned long)arg.dst_ptr,
457 LOOKUP_FOLLOW, &path);
461 if (path.dentry->d_sb->s_fs_info != c) {
466 dir = path.dentry->d_parent->d_inode;
468 ret = __bch2_unlink(dir, path.dentry, true);
472 fsnotify_rmdir(dir, path.dentry);
473 d_delete(path.dentry);
479 long bch2_fs_file_ioctl(struct file *file, unsigned cmd, unsigned long arg)
481 struct bch_inode_info *inode = file_bch_inode(file);
482 struct bch_fs *c = inode->v.i_sb->s_fs_info;
486 case FS_IOC_GETFLAGS:
487 ret = bch2_ioc_getflags(inode, (int __user *) arg);
490 case FS_IOC_SETFLAGS:
491 ret = bch2_ioc_setflags(c, file, inode, (int __user *) arg);
494 case FS_IOC_FSGETXATTR:
495 ret = bch2_ioc_fsgetxattr(inode, (void __user *) arg);
498 case FS_IOC_FSSETXATTR:
499 ret = bch2_ioc_fssetxattr(c, file, inode,
500 (void __user *) arg);
503 case BCHFS_IOC_REINHERIT_ATTRS:
504 ret = bch2_ioc_reinherit_attrs(c, file, inode,
505 (void __user *) arg);
508 case FS_IOC_GETVERSION:
512 case FS_IOC_SETVERSION:
516 case FS_IOC_GOINGDOWN:
517 ret = bch2_ioc_goingdown(c, (u32 __user *) arg);
520 case BCH_IOCTL_SUBVOLUME_CREATE: {
521 struct bch_ioctl_subvolume i;
523 ret = copy_from_user(&i, (void __user *) arg, sizeof(i))
525 : bch2_ioctl_subvolume_create(c, file, i);
529 case BCH_IOCTL_SUBVOLUME_DESTROY: {
530 struct bch_ioctl_subvolume i;
532 ret = copy_from_user(&i, (void __user *) arg, sizeof(i))
534 : bch2_ioctl_subvolume_destroy(c, file, i);
539 ret = bch2_fs_ioctl(c, cmd, (void __user *) arg);
543 return bch2_err_class(ret);
547 long bch2_compat_fs_ioctl(struct file *file, unsigned cmd, unsigned long arg)
549 /* These are just misnamed, they actually get/put from/to user an int */
551 case FS_IOC_GETFLAGS:
552 cmd = FS_IOC_GETFLAGS;
554 case FS_IOC32_SETFLAGS:
555 cmd = FS_IOC_SETFLAGS;
560 return bch2_fs_file_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
564 #endif /* NO_BCACHEFS_FS */