1 // SPDX-License-Identifier: GPL-2.0
2 #ifndef NO_BCACHEFS_FS
3
4 #include "bcachefs.h"
5 #include "chardev.h"
6 #include "dirent.h"
7 #include "fs.h"
8 #include "fs-ioctl.h"
9 #include "namei.h"
10 #include "quota.h"
11
12 #include <linux/compat.h>
13 #include <linux/fsnotify.h>
14 #include <linux/mount.h>
15 #include <linux/namei.h>
16 #include <linux/security.h>
17 #include <linux/writeback.h>
18
19 #define FS_IOC_GOINGDOWN _IOR('X', 125, __u32)
20 #define FSOP_GOING_FLAGS_DEFAULT 0x0 /* going down */
21 #define FSOP_GOING_FLAGS_LOGFLUSH 0x1 /* flush log but not data */
22 #define FSOP_GOING_FLAGS_NOLOGFLUSH 0x2 /* don't flush log nor data */
23
bch2_reinherit_attrs_fn(struct btree_trans * trans,struct bch_inode_info * inode,struct bch_inode_unpacked * bi,void * p)24 static int bch2_reinherit_attrs_fn(struct btree_trans *trans,
25 struct bch_inode_info *inode,
26 struct bch_inode_unpacked *bi,
27 void *p)
28 {
29 struct bch_inode_info *dir = p;
30
31 return !bch2_reinherit_attrs(bi, &dir->ei_inode);
32 }
33
bch2_ioc_reinherit_attrs(struct bch_fs * c,struct file * file,struct bch_inode_info * src,const char __user * name)34 static int bch2_ioc_reinherit_attrs(struct bch_fs *c,
35 struct file *file,
36 struct bch_inode_info *src,
37 const char __user *name)
38 {
39 struct bch_hash_info hash = bch2_hash_info_init(c, &src->ei_inode);
40 struct bch_inode_info *dst;
41 struct inode *vinode = NULL;
42 char *kname = NULL;
43 struct qstr qstr;
44 int ret = 0;
45 subvol_inum inum;
46
47 kname = kmalloc(BCH_NAME_MAX, GFP_KERNEL);
48 if (!kname)
49 return -ENOMEM;
50
51 ret = strncpy_from_user(kname, name, BCH_NAME_MAX);
52 if (unlikely(ret < 0))
53 goto err1;
54
55 qstr.len = ret;
56 qstr.name = kname;
57
58 ret = bch2_dirent_lookup(c, inode_inum(src), &hash, &qstr, &inum);
59 if (ret)
60 goto err1;
61
62 vinode = bch2_vfs_inode_get(c, inum);
63 ret = PTR_ERR_OR_ZERO(vinode);
64 if (ret)
65 goto err1;
66
67 dst = to_bch_ei(vinode);
68
69 ret = mnt_want_write_file(file);
70 if (ret)
71 goto err2;
72
73 bch2_lock_inodes(INODE_UPDATE_LOCK, src, dst);
74
75 if (inode_attr_changing(src, dst, Inode_opt_project)) {
76 ret = bch2_fs_quota_transfer(c, dst,
77 src->ei_qid,
78 1 << QTYP_PRJ,
79 KEY_TYPE_QUOTA_PREALLOC);
80 if (ret)
81 goto err3;
82 }
83
84 ret = bch2_write_inode(c, dst, bch2_reinherit_attrs_fn, src, 0);
85 err3:
86 bch2_unlock_inodes(INODE_UPDATE_LOCK, src, dst);
87
88 /* return true if we did work */
89 if (ret >= 0)
90 ret = !ret;
91
92 mnt_drop_write_file(file);
93 err2:
94 iput(vinode);
95 err1:
96 kfree(kname);
97
98 return ret;
99 }
100
bch2_ioc_getversion(struct bch_inode_info * inode,u32 __user * arg)101 static int bch2_ioc_getversion(struct bch_inode_info *inode, u32 __user *arg)
102 {
103 return put_user(inode->v.i_generation, arg);
104 }
105
bch2_ioc_getlabel(struct bch_fs * c,char __user * user_label)106 static int bch2_ioc_getlabel(struct bch_fs *c, char __user *user_label)
107 {
108 int ret;
109 size_t len;
110 char label[BCH_SB_LABEL_SIZE];
111
112 BUILD_BUG_ON(BCH_SB_LABEL_SIZE >= FSLABEL_MAX);
113
114 mutex_lock(&c->sb_lock);
115 memcpy(label, c->disk_sb.sb->label, BCH_SB_LABEL_SIZE);
116 mutex_unlock(&c->sb_lock);
117
118 len = strnlen(label, BCH_SB_LABEL_SIZE);
119 if (len == BCH_SB_LABEL_SIZE) {
120 bch_warn(c,
121 "label is too long, return the first %zu bytes",
122 --len);
123 }
124
125 ret = copy_to_user(user_label, label, len);
126
127 return ret ? -EFAULT : 0;
128 }
129
bch2_ioc_setlabel(struct bch_fs * c,struct file * file,struct bch_inode_info * inode,const char __user * user_label)130 static int bch2_ioc_setlabel(struct bch_fs *c,
131 struct file *file,
132 struct bch_inode_info *inode,
133 const char __user *user_label)
134 {
135 int ret;
136 char label[BCH_SB_LABEL_SIZE];
137
138 if (!capable(CAP_SYS_ADMIN))
139 return -EPERM;
140
141 if (copy_from_user(label, user_label, sizeof(label)))
142 return -EFAULT;
143
144 if (strnlen(label, BCH_SB_LABEL_SIZE) == BCH_SB_LABEL_SIZE) {
145 bch_err(c,
146 "unable to set label with more than %d bytes",
147 BCH_SB_LABEL_SIZE - 1);
148 return -EINVAL;
149 }
150
151 ret = mnt_want_write_file(file);
152 if (ret)
153 return ret;
154
155 mutex_lock(&c->sb_lock);
156 strscpy(c->disk_sb.sb->label, label, BCH_SB_LABEL_SIZE);
157 ret = bch2_write_super(c);
158 mutex_unlock(&c->sb_lock);
159
160 mnt_drop_write_file(file);
161 return ret;
162 }
163
bch2_ioc_goingdown(struct bch_fs * c,u32 __user * arg)164 static int bch2_ioc_goingdown(struct bch_fs *c, u32 __user *arg)
165 {
166 u32 flags;
167 int ret = 0;
168
169 if (!capable(CAP_SYS_ADMIN))
170 return -EPERM;
171
172 if (get_user(flags, arg))
173 return -EFAULT;
174
175 bch_notice(c, "shutdown by ioctl type %u", flags);
176
177 switch (flags) {
178 case FSOP_GOING_FLAGS_DEFAULT:
179 ret = bdev_freeze(c->vfs_sb->s_bdev);
180 if (ret)
181 break;
182 bch2_journal_flush(&c->journal);
183 bch2_fs_emergency_read_only(c);
184 bdev_thaw(c->vfs_sb->s_bdev);
185 break;
186 case FSOP_GOING_FLAGS_LOGFLUSH:
187 bch2_journal_flush(&c->journal);
188 fallthrough;
189 case FSOP_GOING_FLAGS_NOLOGFLUSH:
190 bch2_fs_emergency_read_only(c);
191 break;
192 default:
193 ret = -EINVAL;
194 break;
195 }
196
197 return ret;
198 }
199
bch2_ioctl_subvolume_create(struct bch_fs * c,struct file * filp,struct bch_ioctl_subvolume arg)200 static long bch2_ioctl_subvolume_create(struct bch_fs *c, struct file *filp,
201 struct bch_ioctl_subvolume arg)
202 {
203 struct inode *dir;
204 struct bch_inode_info *inode;
205 struct user_namespace *s_user_ns;
206 struct dentry *dst_dentry;
207 struct path src_path, dst_path;
208 int how = LOOKUP_FOLLOW;
209 int error;
210 subvol_inum snapshot_src = { 0 };
211 unsigned lookup_flags = 0;
212 unsigned create_flags = BCH_CREATE_SUBVOL;
213
214 if (arg.flags & ~(BCH_SUBVOL_SNAPSHOT_CREATE|
215 BCH_SUBVOL_SNAPSHOT_RO))
216 return -EINVAL;
217
218 if (!(arg.flags & BCH_SUBVOL_SNAPSHOT_CREATE) &&
219 (arg.src_ptr ||
220 (arg.flags & BCH_SUBVOL_SNAPSHOT_RO)))
221 return -EINVAL;
222
223 if (arg.flags & BCH_SUBVOL_SNAPSHOT_CREATE)
224 create_flags |= BCH_CREATE_SNAPSHOT;
225
226 if (arg.flags & BCH_SUBVOL_SNAPSHOT_RO)
227 create_flags |= BCH_CREATE_SNAPSHOT_RO;
228
229 if (arg.flags & BCH_SUBVOL_SNAPSHOT_CREATE) {
230 /* sync_inodes_sb enforce s_umount is locked */
231 down_read(&c->vfs_sb->s_umount);
232 sync_inodes_sb(c->vfs_sb);
233 up_read(&c->vfs_sb->s_umount);
234 }
235
236 if (arg.src_ptr) {
237 error = user_path_at(arg.dirfd,
238 (const char __user *)(unsigned long)arg.src_ptr,
239 how, &src_path);
240 if (error)
241 goto err1;
242
243 if (src_path.dentry->d_sb->s_fs_info != c) {
244 path_put(&src_path);
245 error = -EXDEV;
246 goto err1;
247 }
248
249 snapshot_src = inode_inum(to_bch_ei(src_path.dentry->d_inode));
250 }
251
252 dst_dentry = user_path_create(arg.dirfd,
253 (const char __user *)(unsigned long)arg.dst_ptr,
254 &dst_path, lookup_flags);
255 error = PTR_ERR_OR_ZERO(dst_dentry);
256 if (error)
257 goto err2;
258
259 if (dst_dentry->d_sb->s_fs_info != c) {
260 error = -EXDEV;
261 goto err3;
262 }
263
264 if (dst_dentry->d_inode) {
265 error = -BCH_ERR_EEXIST_subvolume_create;
266 goto err3;
267 }
268
269 dir = dst_path.dentry->d_inode;
270 if (IS_DEADDIR(dir)) {
271 error = -BCH_ERR_ENOENT_directory_dead;
272 goto err3;
273 }
274
275 s_user_ns = dir->i_sb->s_user_ns;
276 if (!kuid_has_mapping(s_user_ns, current_fsuid()) ||
277 !kgid_has_mapping(s_user_ns, current_fsgid())) {
278 error = -EOVERFLOW;
279 goto err3;
280 }
281
282 error = inode_permission(file_mnt_idmap(filp),
283 dir, MAY_WRITE | MAY_EXEC);
284 if (error)
285 goto err3;
286
287 if (!IS_POSIXACL(dir))
288 arg.mode &= ~current_umask();
289
290 error = security_path_mkdir(&dst_path, dst_dentry, arg.mode);
291 if (error)
292 goto err3;
293
294 if ((arg.flags & BCH_SUBVOL_SNAPSHOT_CREATE) &&
295 !arg.src_ptr)
296 snapshot_src.subvol = inode_inum(to_bch_ei(dir)).subvol;
297
298 down_write(&c->snapshot_create_lock);
299 inode = __bch2_create(file_mnt_idmap(filp), to_bch_ei(dir),
300 dst_dentry, arg.mode|S_IFDIR,
301 0, snapshot_src, create_flags);
302 up_write(&c->snapshot_create_lock);
303
304 error = PTR_ERR_OR_ZERO(inode);
305 if (error)
306 goto err3;
307
308 d_instantiate(dst_dentry, &inode->v);
309 fsnotify_mkdir(dir, dst_dentry);
310 err3:
311 done_path_create(&dst_path, dst_dentry);
312 err2:
313 if (arg.src_ptr)
314 path_put(&src_path);
315 err1:
316 return error;
317 }
318
bch2_ioctl_subvolume_destroy(struct bch_fs * c,struct file * filp,struct bch_ioctl_subvolume arg)319 static long bch2_ioctl_subvolume_destroy(struct bch_fs *c, struct file *filp,
320 struct bch_ioctl_subvolume arg)
321 {
322 const char __user *name = (void __user *)(unsigned long)arg.dst_ptr;
323 struct path path;
324 struct inode *dir;
325 struct dentry *victim;
326 int ret = 0;
327
328 if (arg.flags)
329 return -EINVAL;
330
331 victim = user_path_locked_at(arg.dirfd, name, &path);
332 if (IS_ERR(victim))
333 return PTR_ERR(victim);
334
335 dir = d_inode(path.dentry);
336 if (victim->d_sb->s_fs_info != c) {
337 ret = -EXDEV;
338 goto err;
339 }
340
341 ret = inode_permission(file_mnt_idmap(filp), d_inode(victim), MAY_WRITE) ?:
342 __bch2_unlink(dir, victim, true);
343 if (!ret) {
344 fsnotify_rmdir(dir, victim);
345 d_invalidate(victim);
346 }
347 err:
348 inode_unlock(dir);
349 dput(victim);
350 path_put(&path);
351 return ret;
352 }
353
bch2_fs_file_ioctl(struct file * file,unsigned cmd,unsigned long arg)354 long bch2_fs_file_ioctl(struct file *file, unsigned cmd, unsigned long arg)
355 {
356 struct bch_inode_info *inode = file_bch_inode(file);
357 struct bch_fs *c = inode->v.i_sb->s_fs_info;
358 long ret;
359
360 switch (cmd) {
361 case BCHFS_IOC_REINHERIT_ATTRS:
362 ret = bch2_ioc_reinherit_attrs(c, file, inode,
363 (void __user *) arg);
364 break;
365
366 case FS_IOC_GETVERSION:
367 ret = bch2_ioc_getversion(inode, (u32 __user *) arg);
368 break;
369
370 case FS_IOC_SETVERSION:
371 ret = -ENOTTY;
372 break;
373
374 case FS_IOC_GETFSLABEL:
375 ret = bch2_ioc_getlabel(c, (void __user *) arg);
376 break;
377
378 case FS_IOC_SETFSLABEL:
379 ret = bch2_ioc_setlabel(c, file, inode, (const void __user *) arg);
380 break;
381
382 case FS_IOC_GOINGDOWN:
383 ret = bch2_ioc_goingdown(c, (u32 __user *) arg);
384 break;
385
386 case BCH_IOCTL_SUBVOLUME_CREATE: {
387 struct bch_ioctl_subvolume i;
388
389 ret = copy_from_user(&i, (void __user *) arg, sizeof(i))
390 ? -EFAULT
391 : bch2_ioctl_subvolume_create(c, file, i);
392 break;
393 }
394
395 case BCH_IOCTL_SUBVOLUME_DESTROY: {
396 struct bch_ioctl_subvolume i;
397
398 ret = copy_from_user(&i, (void __user *) arg, sizeof(i))
399 ? -EFAULT
400 : bch2_ioctl_subvolume_destroy(c, file, i);
401 break;
402 }
403
404 default:
405 ret = bch2_fs_ioctl(c, cmd, (void __user *) arg);
406 break;
407 }
408
409 return bch2_err_class(ret);
410 }
411
412 #ifdef CONFIG_COMPAT
bch2_compat_fs_ioctl(struct file * file,unsigned cmd,unsigned long arg)413 long bch2_compat_fs_ioctl(struct file *file, unsigned cmd, unsigned long arg)
414 {
415 /* These are just misnamed, they actually get/put from/to user an int */
416 switch (cmd) {
417 case FS_IOC32_GETFLAGS:
418 cmd = FS_IOC_GETFLAGS;
419 break;
420 case FS_IOC32_SETFLAGS:
421 cmd = FS_IOC_SETFLAGS;
422 break;
423 case FS_IOC32_GETVERSION:
424 cmd = FS_IOC_GETVERSION;
425 break;
426 case FS_IOC_GETFSLABEL:
427 case FS_IOC_SETFSLABEL:
428 break;
429 default:
430 return -ENOIOCTLCMD;
431 }
432 return bch2_fs_file_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
433 }
434 #endif
435
436 #endif /* NO_BCACHEFS_FS */
437