search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 6.13-rc4
[linux.git] / fs / btrfs / ioctl.c
blob3af8bb0c8d75d79a74abcd36891f6aa2dd57dcac
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (C) 2007 Oracle. All rights reserved.
4 */
5
6 #include <linux/kernel.h>
7 #include <linux/bio.h>
8 #include <linux/file.h>
9 #include <linux/fs.h>
10 #include <linux/fsnotify.h>
11 #include <linux/pagemap.h>
12 #include <linux/highmem.h>
13 #include <linux/time.h>
14 #include <linux/string.h>
15 #include <linux/backing-dev.h>
16 #include <linux/mount.h>
17 #include <linux/namei.h>
18 #include <linux/writeback.h>
19 #include <linux/compat.h>
20 #include <linux/security.h>
21 #include <linux/xattr.h>
22 #include <linux/mm.h>
23 #include <linux/slab.h>
24 #include <linux/blkdev.h>
25 #include <linux/uuid.h>
26 #include <linux/btrfs.h>
27 #include <linux/uaccess.h>
28 #include <linux/iversion.h>
29 #include <linux/fileattr.h>
30 #include <linux/fsverity.h>
31 #include <linux/sched/xacct.h>
32 #include <linux/io_uring/cmd.h>
33 #include "ctree.h"
34 #include "disk-io.h"
35 #include "export.h"
36 #include "transaction.h"
37 #include "btrfs_inode.h"
38 #include "volumes.h"
39 #include "locking.h"
40 #include "backref.h"
41 #include "send.h"
42 #include "dev-replace.h"
43 #include "props.h"
44 #include "sysfs.h"
45 #include "qgroup.h"
46 #include "tree-log.h"
47 #include "compression.h"
48 #include "space-info.h"
49 #include "block-group.h"
50 #include "fs.h"
51 #include "accessors.h"
52 #include "extent-tree.h"
53 #include "root-tree.h"
54 #include "defrag.h"
55 #include "dir-item.h"
56 #include "uuid-tree.h"
57 #include "ioctl.h"
58 #include "file.h"
59 #include "scrub.h"
60 #include "super.h"
61
62 #ifdef CONFIG_64BIT
63 /* If we have a 32-bit userspace and 64-bit kernel, then the UAPI
64 * structures are incorrect, as the timespec structure from userspace
65 * is 4 bytes too small. We define these alternatives here to teach
66 * the kernel about the 32-bit struct packing.
67 */
68 struct btrfs_ioctl_timespec_32 {
69 __u64 sec;
70 __u32 nsec;
71 } __attribute__ ((__packed__));
72
73 struct btrfs_ioctl_received_subvol_args_32 {
74 char uuid[BTRFS_UUID_SIZE]; /* in */
75 __u64 stransid; /* in */
76 __u64 rtransid; /* out */
77 struct btrfs_ioctl_timespec_32 stime; /* in */
78 struct btrfs_ioctl_timespec_32 rtime; /* out */
79 __u64 flags; /* in */
80 __u64 reserved[16]; /* in */
81 } __attribute__ ((__packed__));
82
83 #define BTRFS_IOC_SET_RECEIVED_SUBVOL_32 _IOWR(BTRFS_IOCTL_MAGIC, 37, \
84 struct btrfs_ioctl_received_subvol_args_32)
85 #endif
86
87 #if defined(CONFIG_64BIT) && defined(CONFIG_COMPAT)
88 struct btrfs_ioctl_send_args_32 {
89 __s64 send_fd; /* in */
90 __u64 clone_sources_count; /* in */
91 compat_uptr_t clone_sources; /* in */
92 __u64 parent_root; /* in */
93 __u64 flags; /* in */
94 __u32 version; /* in */
95 __u8 reserved[28]; /* in */
96 } __attribute__ ((__packed__));
97
98 #define BTRFS_IOC_SEND_32 _IOW(BTRFS_IOCTL_MAGIC, 38, \
99 struct btrfs_ioctl_send_args_32)
100
101 struct btrfs_ioctl_encoded_io_args_32 {
102 compat_uptr_t iov;
103 compat_ulong_t iovcnt;
104 __s64 offset;
105 __u64 flags;
106 __u64 len;
107 __u64 unencoded_len;
108 __u64 unencoded_offset;
109 __u32 compression;
110 __u32 encryption;
111 __u8 reserved[64];
112 };
113
114 #define BTRFS_IOC_ENCODED_READ_32 _IOR(BTRFS_IOCTL_MAGIC, 64, \
115 struct btrfs_ioctl_encoded_io_args_32)
116 #define BTRFS_IOC_ENCODED_WRITE_32 _IOW(BTRFS_IOCTL_MAGIC, 64, \
117 struct btrfs_ioctl_encoded_io_args_32)
118 #endif
119
120 /* Mask out flags that are inappropriate for the given type of inode. */
121 static unsigned int btrfs_mask_fsflags_for_type(struct inode *inode,
122 unsigned int flags)
123 {
124 if (S_ISDIR(inode->i_mode))
125 return flags;
126 else if (S_ISREG(inode->i_mode))
127 return flags & ~FS_DIRSYNC_FL;
128 else
129 return flags & (FS_NODUMP_FL | FS_NOATIME_FL);
130 }
131
132 /*
133 * Export internal inode flags to the format expected by the FS_IOC_GETFLAGS
134 * ioctl.
135 */
136 static unsigned int btrfs_inode_flags_to_fsflags(struct btrfs_inode *binode)
137 {
138 unsigned int iflags = 0;
139 u32 flags = binode->flags;
140 u32 ro_flags = binode->ro_flags;
141
142 if (flags & BTRFS_INODE_SYNC)
143 iflags |= FS_SYNC_FL;
144 if (flags & BTRFS_INODE_IMMUTABLE)
145 iflags |= FS_IMMUTABLE_FL;
146 if (flags & BTRFS_INODE_APPEND)
147 iflags |= FS_APPEND_FL;
148 if (flags & BTRFS_INODE_NODUMP)
149 iflags |= FS_NODUMP_FL;
150 if (flags & BTRFS_INODE_NOATIME)
151 iflags |= FS_NOATIME_FL;
152 if (flags & BTRFS_INODE_DIRSYNC)
153 iflags |= FS_DIRSYNC_FL;
154 if (flags & BTRFS_INODE_NODATACOW)
155 iflags |= FS_NOCOW_FL;
156 if (ro_flags & BTRFS_INODE_RO_VERITY)
157 iflags |= FS_VERITY_FL;
158
159 if (flags & BTRFS_INODE_NOCOMPRESS)
160 iflags |= FS_NOCOMP_FL;
161 else if (flags & BTRFS_INODE_COMPRESS)
162 iflags |= FS_COMPR_FL;
163
164 return iflags;
165 }
166
167 /*
168 * Update inode->i_flags based on the btrfs internal flags.
169 */
170 void btrfs_sync_inode_flags_to_i_flags(struct inode *inode)
171 {
172 struct btrfs_inode *binode = BTRFS_I(inode);
173 unsigned int new_fl = 0;
174
175 if (binode->flags & BTRFS_INODE_SYNC)
176 new_fl |= S_SYNC;
177 if (binode->flags & BTRFS_INODE_IMMUTABLE)
178 new_fl |= S_IMMUTABLE;
179 if (binode->flags & BTRFS_INODE_APPEND)
180 new_fl |= S_APPEND;
181 if (binode->flags & BTRFS_INODE_NOATIME)
182 new_fl |= S_NOATIME;
183 if (binode->flags & BTRFS_INODE_DIRSYNC)
184 new_fl |= S_DIRSYNC;
185 if (binode->ro_flags & BTRFS_INODE_RO_VERITY)
186 new_fl |= S_VERITY;
187
188 set_mask_bits(&inode->i_flags,
189 S_SYNC | S_APPEND | S_IMMUTABLE | S_NOATIME | S_DIRSYNC |
190 S_VERITY, new_fl);
191 }
192
193 /*
194 * Check if @flags are a supported and valid set of FS_*_FL flags and that
195 * the old and new flags are not conflicting
196 */
197 static int check_fsflags(unsigned int old_flags, unsigned int flags)
198 {
199 if (flags & ~(FS_IMMUTABLE_FL | FS_APPEND_FL | \
200 FS_NOATIME_FL | FS_NODUMP_FL | \
201 FS_SYNC_FL | FS_DIRSYNC_FL | \
202 FS_NOCOMP_FL | FS_COMPR_FL |
203 FS_NOCOW_FL))
204 return -EOPNOTSUPP;
205
206 /* COMPR and NOCOMP on new/old are valid */
207 if ((flags & FS_NOCOMP_FL) && (flags & FS_COMPR_FL))
208 return -EINVAL;
209
210 if ((flags & FS_COMPR_FL) && (flags & FS_NOCOW_FL))
211 return -EINVAL;
212
213 /* NOCOW and compression options are mutually exclusive */
214 if ((old_flags & FS_NOCOW_FL) && (flags & (FS_COMPR_FL | FS_NOCOMP_FL)))
215 return -EINVAL;
216 if ((flags & FS_NOCOW_FL) && (old_flags & (FS_COMPR_FL | FS_NOCOMP_FL)))
217 return -EINVAL;
218
219 return 0;
220 }
221
222 static int check_fsflags_compatible(struct btrfs_fs_info *fs_info,
223 unsigned int flags)
224 {
225 if (btrfs_is_zoned(fs_info) && (flags & FS_NOCOW_FL))
226 return -EPERM;
227
228 return 0;
229 }
230
231 int btrfs_check_ioctl_vol_args_path(const struct btrfs_ioctl_vol_args *vol_args)
232 {
233 if (memchr(vol_args->name, 0, sizeof(vol_args->name)) == NULL)
234 return -ENAMETOOLONG;
235 return 0;
236 }
237
238 static int btrfs_check_ioctl_vol_args2_subvol_name(const struct btrfs_ioctl_vol_args_v2 *vol_args2)
239 {
240 if (memchr(vol_args2->name, 0, sizeof(vol_args2->name)) == NULL)
241 return -ENAMETOOLONG;
242 return 0;
243 }
244
245 /*
246 * Set flags/xflags from the internal inode flags. The remaining items of
247 * fsxattr are zeroed.
248 */
249 int btrfs_fileattr_get(struct dentry *dentry, struct fileattr *fa)
250 {
251 struct btrfs_inode *binode = BTRFS_I(d_inode(dentry));
252
253 fileattr_fill_flags(fa, btrfs_inode_flags_to_fsflags(binode));
254 return 0;
255 }
256
257 int btrfs_fileattr_set(struct mnt_idmap *idmap,
258 struct dentry *dentry, struct fileattr *fa)
259 {
260 struct inode *inode = d_inode(dentry);
261 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
262 struct btrfs_inode *binode = BTRFS_I(inode);
263 struct btrfs_root *root = binode->root;
264 struct btrfs_trans_handle *trans;
265 unsigned int fsflags, old_fsflags;
266 int ret;
267 const char *comp = NULL;
268 u32 binode_flags;
269
270 if (btrfs_root_readonly(root))
271 return -EROFS;
272
273 if (fileattr_has_fsx(fa))
274 return -EOPNOTSUPP;
275
276 fsflags = btrfs_mask_fsflags_for_type(inode, fa->flags);
277 old_fsflags = btrfs_inode_flags_to_fsflags(binode);
278 ret = check_fsflags(old_fsflags, fsflags);
279 if (ret)
280 return ret;
281
282 ret = check_fsflags_compatible(fs_info, fsflags);
283 if (ret)
284 return ret;
285
286 binode_flags = binode->flags;
287 if (fsflags & FS_SYNC_FL)
288 binode_flags |= BTRFS_INODE_SYNC;
289 else
290 binode_flags &= ~BTRFS_INODE_SYNC;
291 if (fsflags & FS_IMMUTABLE_FL)
292 binode_flags |= BTRFS_INODE_IMMUTABLE;
293 else
294 binode_flags &= ~BTRFS_INODE_IMMUTABLE;
295 if (fsflags & FS_APPEND_FL)
296 binode_flags |= BTRFS_INODE_APPEND;
297 else
298 binode_flags &= ~BTRFS_INODE_APPEND;
299 if (fsflags & FS_NODUMP_FL)
300 binode_flags |= BTRFS_INODE_NODUMP;
301 else
302 binode_flags &= ~BTRFS_INODE_NODUMP;
303 if (fsflags & FS_NOATIME_FL)
304 binode_flags |= BTRFS_INODE_NOATIME;
305 else
306 binode_flags &= ~BTRFS_INODE_NOATIME;
307
308 /* If coming from FS_IOC_FSSETXATTR then skip unconverted flags */
309 if (!fa->flags_valid) {
310 /* 1 item for the inode */
311 trans = btrfs_start_transaction(root, 1);
312 if (IS_ERR(trans))
313 return PTR_ERR(trans);
314 goto update_flags;
315 }
316
317 if (fsflags & FS_DIRSYNC_FL)
318 binode_flags |= BTRFS_INODE_DIRSYNC;
319 else
320 binode_flags &= ~BTRFS_INODE_DIRSYNC;
321 if (fsflags & FS_NOCOW_FL) {
322 if (S_ISREG(inode->i_mode)) {
323 /*
324 * It's safe to turn csums off here, no extents exist.
325 * Otherwise we want the flag to reflect the real COW
326 * status of the file and will not set it.
327 */
328 if (inode->i_size == 0)
329 binode_flags |= BTRFS_INODE_NODATACOW |
330 BTRFS_INODE_NODATASUM;
331 } else {
332 binode_flags |= BTRFS_INODE_NODATACOW;
333 }
334 } else {
335 /*
336 * Revert back under same assumptions as above
337 */
338 if (S_ISREG(inode->i_mode)) {
339 if (inode->i_size == 0)
340 binode_flags &= ~(BTRFS_INODE_NODATACOW |
341 BTRFS_INODE_NODATASUM);
342 } else {
343 binode_flags &= ~BTRFS_INODE_NODATACOW;
344 }
345 }
346
347 /*
348 * The COMPRESS flag can only be changed by users, while the NOCOMPRESS
349 * flag may be changed automatically if compression code won't make
350 * things smaller.
351 */
352 if (fsflags & FS_NOCOMP_FL) {
353 binode_flags &= ~BTRFS_INODE_COMPRESS;
354 binode_flags |= BTRFS_INODE_NOCOMPRESS;
355 } else if (fsflags & FS_COMPR_FL) {
356
357 if (IS_SWAPFILE(inode))
358 return -ETXTBSY;
359
360 binode_flags |= BTRFS_INODE_COMPRESS;
361 binode_flags &= ~BTRFS_INODE_NOCOMPRESS;
362
363 comp = btrfs_compress_type2str(fs_info->compress_type);
364 if (!comp || comp[0] == 0)
365 comp = btrfs_compress_type2str(BTRFS_COMPRESS_ZLIB);
366 } else {
367 binode_flags &= ~(BTRFS_INODE_COMPRESS | BTRFS_INODE_NOCOMPRESS);
368 }
369
370 /*
371 * 1 for inode item
372 * 2 for properties
373 */
374 trans = btrfs_start_transaction(root, 3);
375 if (IS_ERR(trans))
376 return PTR_ERR(trans);
377
378 if (comp) {
379 ret = btrfs_set_prop(trans, BTRFS_I(inode), "btrfs.compression",
380 comp, strlen(comp), 0);
381 if (ret) {
382 btrfs_abort_transaction(trans, ret);
383 goto out_end_trans;
384 }
385 } else {
386 ret = btrfs_set_prop(trans, BTRFS_I(inode), "btrfs.compression",
387 NULL, 0, 0);
388 if (ret && ret != -ENODATA) {
389 btrfs_abort_transaction(trans, ret);
390 goto out_end_trans;
391 }
392 }
393
394 update_flags:
395 binode->flags = binode_flags;
396 btrfs_sync_inode_flags_to_i_flags(inode);
397 inode_inc_iversion(inode);
398 inode_set_ctime_current(inode);
399 ret = btrfs_update_inode(trans, BTRFS_I(inode));
400
401 out_end_trans:
402 btrfs_end_transaction(trans);
403 return ret;
404 }
405
406 /*
407 * Start exclusive operation @type, return true on success
408 */
409 bool btrfs_exclop_start(struct btrfs_fs_info *fs_info,
410 enum btrfs_exclusive_operation type)
411 {
412 bool ret = false;
413
414 spin_lock(&fs_info->super_lock);
415 if (fs_info->exclusive_operation == BTRFS_EXCLOP_NONE) {
416 fs_info->exclusive_operation = type;
417 ret = true;
418 }
419 spin_unlock(&fs_info->super_lock);
420
421 return ret;
422 }
423
424 /*
425 * Conditionally allow to enter the exclusive operation in case it's compatible
426 * with the running one. This must be paired with btrfs_exclop_start_unlock and
427 * btrfs_exclop_finish.
428 *
429 * Compatibility:
430 * - the same type is already running
431 * - when trying to add a device and balance has been paused
432 * - not BTRFS_EXCLOP_NONE - this is intentionally incompatible and the caller
433 * must check the condition first that would allow none -> @type
434 */
435 bool btrfs_exclop_start_try_lock(struct btrfs_fs_info *fs_info,
436 enum btrfs_exclusive_operation type)
437 {
438 spin_lock(&fs_info->super_lock);
439 if (fs_info->exclusive_operation == type ||
440 (fs_info->exclusive_operation == BTRFS_EXCLOP_BALANCE_PAUSED &&
441 type == BTRFS_EXCLOP_DEV_ADD))
442 return true;
443
444 spin_unlock(&fs_info->super_lock);
445 return false;
446 }
447
448 void btrfs_exclop_start_unlock(struct btrfs_fs_info *fs_info)
449 {
450 spin_unlock(&fs_info->super_lock);
451 }
452
453 void btrfs_exclop_finish(struct btrfs_fs_info *fs_info)
454 {
455 spin_lock(&fs_info->super_lock);
456 WRITE_ONCE(fs_info->exclusive_operation, BTRFS_EXCLOP_NONE);
457 spin_unlock(&fs_info->super_lock);
458 sysfs_notify(&fs_info->fs_devices->fsid_kobj, NULL, "exclusive_operation");
459 }
460
461 void btrfs_exclop_balance(struct btrfs_fs_info *fs_info,
462 enum btrfs_exclusive_operation op)
463 {
464 switch (op) {
465 case BTRFS_EXCLOP_BALANCE_PAUSED:
466 spin_lock(&fs_info->super_lock);
467 ASSERT(fs_info->exclusive_operation == BTRFS_EXCLOP_BALANCE ||
468 fs_info->exclusive_operation == BTRFS_EXCLOP_DEV_ADD ||
469 fs_info->exclusive_operation == BTRFS_EXCLOP_NONE ||
470 fs_info->exclusive_operation == BTRFS_EXCLOP_BALANCE_PAUSED);
471 fs_info->exclusive_operation = BTRFS_EXCLOP_BALANCE_PAUSED;
472 spin_unlock(&fs_info->super_lock);
473 break;
474 case BTRFS_EXCLOP_BALANCE:
475 spin_lock(&fs_info->super_lock);
476 ASSERT(fs_info->exclusive_operation == BTRFS_EXCLOP_BALANCE_PAUSED);
477 fs_info->exclusive_operation = BTRFS_EXCLOP_BALANCE;
478 spin_unlock(&fs_info->super_lock);
479 break;
480 default:
481 btrfs_warn(fs_info,
482 "invalid exclop balance operation %d requested", op);
483 }
484 }
485
486 static int btrfs_ioctl_getversion(struct inode *inode, int __user *arg)
487 {
488 return put_user(inode->i_generation, arg);
489 }
490
491 static noinline int btrfs_ioctl_fitrim(struct btrfs_fs_info *fs_info,
492 void __user *arg)
493 {
494 struct btrfs_device *device;
495 struct fstrim_range range;
496 u64 minlen = ULLONG_MAX;
497 u64 num_devices = 0;
498 int ret;
499
500 if (!capable(CAP_SYS_ADMIN))
501 return -EPERM;
502
503 /*
504 * btrfs_trim_block_group() depends on space cache, which is not
505 * available in zoned filesystem. So, disallow fitrim on a zoned
506 * filesystem for now.
507 */
508 if (btrfs_is_zoned(fs_info))
509 return -EOPNOTSUPP;
510
511 /*
512 * If the fs is mounted with nologreplay, which requires it to be
513 * mounted in RO mode as well, we can not allow discard on free space
514 * inside block groups, because log trees refer to extents that are not
515 * pinned in a block group's free space cache (pinning the extents is
516 * precisely the first phase of replaying a log tree).
517 */
518 if (btrfs_test_opt(fs_info, NOLOGREPLAY))
519 return -EROFS;
520
521 rcu_read_lock();
522 list_for_each_entry_rcu(device, &fs_info->fs_devices->devices,
523 dev_list) {
524 if (!device->bdev || !bdev_max_discard_sectors(device->bdev))
525 continue;
526 num_devices++;
527 minlen = min_t(u64, bdev_discard_granularity(device->bdev),
528 minlen);
529 }
530 rcu_read_unlock();
531
532 if (!num_devices)
533 return -EOPNOTSUPP;
534 if (copy_from_user(&range, arg, sizeof(range)))
535 return -EFAULT;
536
537 /*
538 * NOTE: Don't truncate the range using super->total_bytes. Bytenr of
539 * block group is in the logical address space, which can be any
540 * sectorsize aligned bytenr in the range [0, U64_MAX].
541 */
542 if (range.len < fs_info->sectorsize)
543 return -EINVAL;
544
545 range.minlen = max(range.minlen, minlen);
546 ret = btrfs_trim_fs(fs_info, &range);
547
548 if (copy_to_user(arg, &range, sizeof(range)))
549 return -EFAULT;
550
551 return ret;
552 }
553
554 int __pure btrfs_is_empty_uuid(const u8 *uuid)
555 {
556 int i;
557
558 for (i = 0; i < BTRFS_UUID_SIZE; i++) {
559 if (uuid[i])
560 return 0;
561 }
562 return 1;
563 }
564
565 /*
566 * Calculate the number of transaction items to reserve for creating a subvolume
567 * or snapshot, not including the inode, directory entries, or parent directory.
568 */
569 static unsigned int create_subvol_num_items(struct btrfs_qgroup_inherit *inherit)
570 {
571 /*
572 * 1 to add root block
573 * 1 to add root item
574 * 1 to add root ref
575 * 1 to add root backref
576 * 1 to add UUID item
577 * 1 to add qgroup info
578 * 1 to add qgroup limit
579 *
580 * Ideally the last two would only be accounted if qgroups are enabled,
581 * but that can change between now and the time we would insert them.
582 */
583 unsigned int num_items = 7;
584
585 if (inherit) {
586 /* 2 to add qgroup relations for each inherited qgroup */
587 num_items += 2 * inherit->num_qgroups;
588 }
589 return num_items;
590 }
591
592 static noinline int create_subvol(struct mnt_idmap *idmap,
593 struct inode *dir, struct dentry *dentry,
594 struct btrfs_qgroup_inherit *inherit)
595 {
596 struct btrfs_fs_info *fs_info = inode_to_fs_info(dir);
597 struct btrfs_trans_handle *trans;
598 struct btrfs_key key;
599 struct btrfs_root_item *root_item;
600 struct btrfs_inode_item *inode_item;
601 struct extent_buffer *leaf;
602 struct btrfs_root *root = BTRFS_I(dir)->root;
603 struct btrfs_root *new_root;
604 struct btrfs_block_rsv block_rsv;
605 struct timespec64 cur_time = current_time(dir);
606 struct btrfs_new_inode_args new_inode_args = {
607 .dir = dir,
608 .dentry = dentry,
609 .subvol = true,
610 };
611 unsigned int trans_num_items;
612 int ret;
613 dev_t anon_dev;
614 u64 objectid;
615 u64 qgroup_reserved = 0;
616
617 root_item = kzalloc(sizeof(*root_item), GFP_KERNEL);
618 if (!root_item)
619 return -ENOMEM;
620
621 ret = btrfs_get_free_objectid(fs_info->tree_root, &objectid);
622 if (ret)
623 goto out_root_item;
624
625 /*
626 * Don't create subvolume whose level is not zero. Or qgroup will be
627 * screwed up since it assumes subvolume qgroup's level to be 0.
628 */
629 if (btrfs_qgroup_level(objectid)) {
630 ret = -ENOSPC;
631 goto out_root_item;
632 }
633
634 ret = get_anon_bdev(&anon_dev);
635 if (ret < 0)
636 goto out_root_item;
637
638 new_inode_args.inode = btrfs_new_subvol_inode(idmap, dir);
639 if (!new_inode_args.inode) {
640 ret = -ENOMEM;
641 goto out_anon_dev;
642 }
643 ret = btrfs_new_inode_prepare(&new_inode_args, &trans_num_items);
644 if (ret)
645 goto out_inode;
646 trans_num_items += create_subvol_num_items(inherit);
647
648 btrfs_init_block_rsv(&block_rsv, BTRFS_BLOCK_RSV_TEMP);
649 ret = btrfs_subvolume_reserve_metadata(root, &block_rsv,
650 trans_num_items, false);
651 if (ret)
652 goto out_new_inode_args;
653 qgroup_reserved = block_rsv.qgroup_rsv_reserved;
654
655 trans = btrfs_start_transaction(root, 0);
656 if (IS_ERR(trans)) {
657 ret = PTR_ERR(trans);
658 goto out_release_rsv;
659 }
660 btrfs_qgroup_convert_reserved_meta(root, qgroup_reserved);
661 qgroup_reserved = 0;
662 trans->block_rsv = &block_rsv;
663 trans->bytes_reserved = block_rsv.size;
664
665 ret = btrfs_qgroup_inherit(trans, 0, objectid, btrfs_root_id(root), inherit);
666 if (ret)
667 goto out;
668
669 leaf = btrfs_alloc_tree_block(trans, root, 0, objectid, NULL, 0, 0, 0,
670 0, BTRFS_NESTING_NORMAL);
671 if (IS_ERR(leaf)) {
672 ret = PTR_ERR(leaf);
673 goto out;
674 }
675
676 btrfs_mark_buffer_dirty(trans, leaf);
677
678 inode_item = &root_item->inode;
679 btrfs_set_stack_inode_generation(inode_item, 1);
680 btrfs_set_stack_inode_size(inode_item, 3);
681 btrfs_set_stack_inode_nlink(inode_item, 1);
682 btrfs_set_stack_inode_nbytes(inode_item,
683 fs_info->nodesize);
684 btrfs_set_stack_inode_mode(inode_item, S_IFDIR | 0755);
685
686 btrfs_set_root_flags(root_item, 0);
687 btrfs_set_root_limit(root_item, 0);
688 btrfs_set_stack_inode_flags(inode_item, BTRFS_INODE_ROOT_ITEM_INIT);
689
690 btrfs_set_root_bytenr(root_item, leaf->start);
691 btrfs_set_root_generation(root_item, trans->transid);
692 btrfs_set_root_level(root_item, 0);
693 btrfs_set_root_refs(root_item, 1);
694 btrfs_set_root_used(root_item, leaf->len);
695 btrfs_set_root_last_snapshot(root_item, 0);
696
697 btrfs_set_root_generation_v2(root_item,
698 btrfs_root_generation(root_item));
699 generate_random_guid(root_item->uuid);
700 btrfs_set_stack_timespec_sec(&root_item->otime, cur_time.tv_sec);
701 btrfs_set_stack_timespec_nsec(&root_item->otime, cur_time.tv_nsec);
702 root_item->ctime = root_item->otime;
703 btrfs_set_root_ctransid(root_item, trans->transid);
704 btrfs_set_root_otransid(root_item, trans->transid);
705
706 btrfs_tree_unlock(leaf);
707
708 btrfs_set_root_dirid(root_item, BTRFS_FIRST_FREE_OBJECTID);
709
710 key.objectid = objectid;
711 key.offset = 0;
712 key.type = BTRFS_ROOT_ITEM_KEY;
713 ret = btrfs_insert_root(trans, fs_info->tree_root, &key,
714 root_item);
715 if (ret) {
716 int ret2;
717
718 /*
719 * Since we don't abort the transaction in this case, free the
720 * tree block so that we don't leak space and leave the
721 * filesystem in an inconsistent state (an extent item in the
722 * extent tree with a backreference for a root that does not
723 * exists).
724 */
725 btrfs_tree_lock(leaf);
726 btrfs_clear_buffer_dirty(trans, leaf);
727 btrfs_tree_unlock(leaf);
728 ret2 = btrfs_free_tree_block(trans, objectid, leaf, 0, 1);
729 if (ret2 < 0)
730 btrfs_abort_transaction(trans, ret2);
731 free_extent_buffer(leaf);
732 goto out;
733 }
734
735 free_extent_buffer(leaf);
736 leaf = NULL;
737
738 new_root = btrfs_get_new_fs_root(fs_info, objectid, &anon_dev);
739 if (IS_ERR(new_root)) {
740 ret = PTR_ERR(new_root);
741 btrfs_abort_transaction(trans, ret);
742 goto out;
743 }
744 /* anon_dev is owned by new_root now. */
745 anon_dev = 0;
746 BTRFS_I(new_inode_args.inode)->root = new_root;
747 /* ... and new_root is owned by new_inode_args.inode now. */
748
749 ret = btrfs_record_root_in_trans(trans, new_root);
750 if (ret) {
751 btrfs_abort_transaction(trans, ret);
752 goto out;
753 }
754
755 ret = btrfs_uuid_tree_add(trans, root_item->uuid,
756 BTRFS_UUID_KEY_SUBVOL, objectid);
757 if (ret) {
758 btrfs_abort_transaction(trans, ret);
759 goto out;
760 }
761
762 ret = btrfs_create_new_inode(trans, &new_inode_args);
763 if (ret) {
764 btrfs_abort_transaction(trans, ret);
765 goto out;
766 }
767
768 btrfs_record_new_subvolume(trans, BTRFS_I(dir));
769
770 d_instantiate_new(dentry, new_inode_args.inode);
771 new_inode_args.inode = NULL;
772
773 out:
774 trans->block_rsv = NULL;
775 trans->bytes_reserved = 0;
776 btrfs_end_transaction(trans);
777 out_release_rsv:
778 btrfs_block_rsv_release(fs_info, &block_rsv, (u64)-1, NULL);
779 if (qgroup_reserved)
780 btrfs_qgroup_free_meta_prealloc(root, qgroup_reserved);
781 out_new_inode_args:
782 btrfs_new_inode_args_destroy(&new_inode_args);
783 out_inode:
784 iput(new_inode_args.inode);
785 out_anon_dev:
786 if (anon_dev)
787 free_anon_bdev(anon_dev);
788 out_root_item:
789 kfree(root_item);
790 return ret;
791 }
792
793 static int create_snapshot(struct btrfs_root *root, struct inode *dir,
794 struct dentry *dentry, bool readonly,
795 struct btrfs_qgroup_inherit *inherit)
796 {
797 struct btrfs_fs_info *fs_info = inode_to_fs_info(dir);
798 struct inode *inode;
799 struct btrfs_pending_snapshot *pending_snapshot;
800 unsigned int trans_num_items;
801 struct btrfs_trans_handle *trans;
802 struct btrfs_block_rsv *block_rsv;
803 u64 qgroup_reserved = 0;
804 int ret;
805
806 /* We do not support snapshotting right now. */
807 if (btrfs_fs_incompat(fs_info, EXTENT_TREE_V2)) {
808 btrfs_warn(fs_info,
809 "extent tree v2 doesn't support snapshotting yet");
810 return -EOPNOTSUPP;
811 }
812
813 if (btrfs_root_refs(&root->root_item) == 0)
814 return -ENOENT;
815
816 if (!test_bit(BTRFS_ROOT_SHAREABLE, &root->state))
817 return -EINVAL;
818
819 if (atomic_read(&root->nr_swapfiles)) {
820 btrfs_warn(fs_info,
821 "cannot snapshot subvolume with active swapfile");
822 return -ETXTBSY;
823 }
824
825 pending_snapshot = kzalloc(sizeof(*pending_snapshot), GFP_KERNEL);
826 if (!pending_snapshot)
827 return -ENOMEM;
828
829 ret = get_anon_bdev(&pending_snapshot->anon_dev);
830 if (ret < 0)
831 goto free_pending;
832 pending_snapshot->root_item = kzalloc(sizeof(struct btrfs_root_item),
833 GFP_KERNEL);
834 pending_snapshot->path = btrfs_alloc_path();
835 if (!pending_snapshot->root_item || !pending_snapshot->path) {
836 ret = -ENOMEM;
837 goto free_pending;
838 }
839
840 block_rsv = &pending_snapshot->block_rsv;
841 btrfs_init_block_rsv(block_rsv, BTRFS_BLOCK_RSV_TEMP);
842 /*
843 * 1 to add dir item
844 * 1 to add dir index
845 * 1 to update parent inode item
846 */
847 trans_num_items = create_subvol_num_items(inherit) + 3;
848 ret = btrfs_subvolume_reserve_metadata(BTRFS_I(dir)->root, block_rsv,
849 trans_num_items, false);
850 if (ret)
851 goto free_pending;
852 qgroup_reserved = block_rsv->qgroup_rsv_reserved;
853
854 pending_snapshot->dentry = dentry;
855 pending_snapshot->root = root;
856 pending_snapshot->readonly = readonly;
857 pending_snapshot->dir = BTRFS_I(dir);
858 pending_snapshot->inherit = inherit;
859
860 trans = btrfs_start_transaction(root, 0);
861 if (IS_ERR(trans)) {
862 ret = PTR_ERR(trans);
863 goto fail;
864 }
865 ret = btrfs_record_root_in_trans(trans, BTRFS_I(dir)->root);
866 if (ret) {
867 btrfs_end_transaction(trans);
868 goto fail;
869 }
870 btrfs_qgroup_convert_reserved_meta(root, qgroup_reserved);
871 qgroup_reserved = 0;
872
873 trans->pending_snapshot = pending_snapshot;
874
875 ret = btrfs_commit_transaction(trans);
876 if (ret)
877 goto fail;
878
879 ret = pending_snapshot->error;
880 if (ret)
881 goto fail;
882
883 ret = btrfs_orphan_cleanup(pending_snapshot->snap);
884 if (ret)
885 goto fail;
886
887 inode = btrfs_lookup_dentry(d_inode(dentry->d_parent), dentry);
888 if (IS_ERR(inode)) {
889 ret = PTR_ERR(inode);
890 goto fail;
891 }
892
893 d_instantiate(dentry, inode);
894 ret = 0;
895 pending_snapshot->anon_dev = 0;
896 fail:
897 /* Prevent double freeing of anon_dev */
898 if (ret && pending_snapshot->snap)
899 pending_snapshot->snap->anon_dev = 0;
900 btrfs_put_root(pending_snapshot->snap);
901 btrfs_block_rsv_release(fs_info, block_rsv, (u64)-1, NULL);
902 if (qgroup_reserved)
903 btrfs_qgroup_free_meta_prealloc(root, qgroup_reserved);
904 free_pending:
905 if (pending_snapshot->anon_dev)
906 free_anon_bdev(pending_snapshot->anon_dev);
907 kfree(pending_snapshot->root_item);
908 btrfs_free_path(pending_snapshot->path);
909 kfree(pending_snapshot);
910
911 return ret;
912 }
913
914 /* copy of may_delete in fs/namei.c()
915 * Check whether we can remove a link victim from directory dir, check
916 * whether the type of victim is right.
917 * 1. We can't do it if dir is read-only (done in permission())
918 * 2. We should have write and exec permissions on dir
919 * 3. We can't remove anything from append-only dir
920 * 4. We can't do anything with immutable dir (done in permission())
921 * 5. If the sticky bit on dir is set we should either
922 * a. be owner of dir, or
923 * b. be owner of victim, or
924 * c. have CAP_FOWNER capability
925 * 6. If the victim is append-only or immutable we can't do anything with
926 * links pointing to it.
927 * 7. If we were asked to remove a directory and victim isn't one - ENOTDIR.
928 * 8. If we were asked to remove a non-directory and victim isn't one - EISDIR.
929 * 9. We can't remove a root or mountpoint.
930 * 10. We don't allow removal of NFS sillyrenamed files; it's handled by
931 * nfs_async_unlink().
932 */
933
934 static int btrfs_may_delete(struct mnt_idmap *idmap,
935 struct inode *dir, struct dentry *victim, int isdir)
936 {
937 int error;
938
939 if (d_really_is_negative(victim))
940 return -ENOENT;
941
942 /* The @victim is not inside @dir. */
943 if (d_inode(victim->d_parent) != dir)
944 return -EINVAL;
945 audit_inode_child(dir, victim, AUDIT_TYPE_CHILD_DELETE);
946
947 error = inode_permission(idmap, dir, MAY_WRITE | MAY_EXEC);
948 if (error)
949 return error;
950 if (IS_APPEND(dir))
951 return -EPERM;
952 if (check_sticky(idmap, dir, d_inode(victim)) ||
953 IS_APPEND(d_inode(victim)) || IS_IMMUTABLE(d_inode(victim)) ||
954 IS_SWAPFILE(d_inode(victim)))
955 return -EPERM;
956 if (isdir) {
957 if (!d_is_dir(victim))
958 return -ENOTDIR;
959 if (IS_ROOT(victim))
960 return -EBUSY;
961 } else if (d_is_dir(victim))
962 return -EISDIR;
963 if (IS_DEADDIR(dir))
964 return -ENOENT;
965 if (victim->d_flags & DCACHE_NFSFS_RENAMED)
966 return -EBUSY;
967 return 0;
968 }
969
970 /* copy of may_create in fs/namei.c() */
971 static inline int btrfs_may_create(struct mnt_idmap *idmap,
972 struct inode *dir, struct dentry *child)
973 {
974 if (d_really_is_positive(child))
975 return -EEXIST;
976 if (IS_DEADDIR(dir))
977 return -ENOENT;
978 if (!fsuidgid_has_mapping(dir->i_sb, idmap))
979 return -EOVERFLOW;
980 return inode_permission(idmap, dir, MAY_WRITE | MAY_EXEC);
981 }
982
983 /*
984 * Create a new subvolume below @parent. This is largely modeled after
985 * sys_mkdirat and vfs_mkdir, but we only do a single component lookup
986 * inside this filesystem so it's quite a bit simpler.
987 */
988 static noinline int btrfs_mksubvol(const struct path *parent,
989 struct mnt_idmap *idmap,
990 const char *name, int namelen,
991 struct btrfs_root *snap_src,
992 bool readonly,
993 struct btrfs_qgroup_inherit *inherit)
994 {
995 struct inode *dir = d_inode(parent->dentry);
996 struct btrfs_fs_info *fs_info = inode_to_fs_info(dir);
997 struct dentry *dentry;
998 struct fscrypt_str name_str = FSTR_INIT((char *)name, namelen);
999 int error;
1000
1001 error = down_write_killable_nested(&dir->i_rwsem, I_MUTEX_PARENT);
1002 if (error == -EINTR)
1003 return error;
1004
1005 dentry = lookup_one(idmap, name, parent->dentry, namelen);
1006 error = PTR_ERR(dentry);
1007 if (IS_ERR(dentry))
1008 goto out_unlock;
1009
1010 error = btrfs_may_create(idmap, dir, dentry);
1011 if (error)
1012 goto out_dput;
1013
1014 /*
1015 * even if this name doesn't exist, we may get hash collisions.
1016 * check for them now when we can safely fail
1017 */
1018 error = btrfs_check_dir_item_collision(BTRFS_I(dir)->root,
1019 dir->i_ino, &name_str);
1020 if (error)
1021 goto out_dput;
1022
1023 down_read(&fs_info->subvol_sem);
1024
1025 if (btrfs_root_refs(&BTRFS_I(dir)->root->root_item) == 0)
1026 goto out_up_read;
1027
1028 if (snap_src)
1029 error = create_snapshot(snap_src, dir, dentry, readonly, inherit);
1030 else
1031 error = create_subvol(idmap, dir, dentry, inherit);
1032
1033 if (!error)
1034 fsnotify_mkdir(dir, dentry);
1035 out_up_read:
1036 up_read(&fs_info->subvol_sem);
1037 out_dput:
1038 dput(dentry);
1039 out_unlock:
1040 btrfs_inode_unlock(BTRFS_I(dir), 0);
1041 return error;
1042 }
1043
1044 static noinline int btrfs_mksnapshot(const struct path *parent,
1045 struct mnt_idmap *idmap,
1046 const char *name, int namelen,
1047 struct btrfs_root *root,
1048 bool readonly,
1049 struct btrfs_qgroup_inherit *inherit)
1050 {
1051 int ret;
1052
1053 /*
1054 * Force new buffered writes to reserve space even when NOCOW is
1055 * possible. This is to avoid later writeback (running dealloc) to
1056 * fallback to COW mode and unexpectedly fail with ENOSPC.
1057 */
1058 btrfs_drew_read_lock(&root->snapshot_lock);
1059
1060 ret = btrfs_start_delalloc_snapshot(root, false);
1061 if (ret)
1062 goto out;
1063
1064 /*
1065 * All previous writes have started writeback in NOCOW mode, so now
1066 * we force future writes to fallback to COW mode during snapshot
1067 * creation.
1068 */
1069 atomic_inc(&root->snapshot_force_cow);
1070
1071 btrfs_wait_ordered_extents(root, U64_MAX, NULL);
1072
1073 ret = btrfs_mksubvol(parent, idmap, name, namelen,
1074 root, readonly, inherit);
1075 atomic_dec(&root->snapshot_force_cow);
1076 out:
1077 btrfs_drew_read_unlock(&root->snapshot_lock);
1078 return ret;
1079 }
1080
1081 /*
1082 * Try to start exclusive operation @type or cancel it if it's running.
1083 *
1084 * Return:
1085 * 0 - normal mode, newly claimed op started
1086 * >0 - normal mode, something else is running,
1087 * return BTRFS_ERROR_DEV_EXCL_RUN_IN_PROGRESS to user space
1088 * ECANCELED - cancel mode, successful cancel
1089 * ENOTCONN - cancel mode, operation not running anymore
1090 */
1091 static int exclop_start_or_cancel_reloc(struct btrfs_fs_info *fs_info,
1092 enum btrfs_exclusive_operation type, bool cancel)
1093 {
1094 if (!cancel) {
1095 /* Start normal op */
1096 if (!btrfs_exclop_start(fs_info, type))
1097 return BTRFS_ERROR_DEV_EXCL_RUN_IN_PROGRESS;
1098 /* Exclusive operation is now claimed */
1099 return 0;
1100 }
1101
1102 /* Cancel running op */
1103 if (btrfs_exclop_start_try_lock(fs_info, type)) {
1104 /*
1105 * This blocks any exclop finish from setting it to NONE, so we
1106 * request cancellation. Either it runs and we will wait for it,
1107 * or it has finished and no waiting will happen.
1108 */
1109 atomic_inc(&fs_info->reloc_cancel_req);
1110 btrfs_exclop_start_unlock(fs_info);
1111
1112 if (test_bit(BTRFS_FS_RELOC_RUNNING, &fs_info->flags))
1113 wait_on_bit(&fs_info->flags, BTRFS_FS_RELOC_RUNNING,
1114 TASK_INTERRUPTIBLE);
1115
1116 return -ECANCELED;
1117 }
1118
1119 /* Something else is running or none */
1120 return -ENOTCONN;
1121 }
1122
1123 static noinline int btrfs_ioctl_resize(struct file *file,
1124 void __user *arg)
1125 {
1126 BTRFS_DEV_LOOKUP_ARGS(args);
1127 struct inode *inode = file_inode(file);
1128 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
1129 u64 new_size;
1130 u64 old_size;
1131 u64 devid = 1;
1132 struct btrfs_root *root = BTRFS_I(inode)->root;
1133 struct btrfs_ioctl_vol_args *vol_args;
1134 struct btrfs_trans_handle *trans;
1135 struct btrfs_device *device = NULL;
1136 char *sizestr;
1137 char *retptr;
1138 char *devstr = NULL;
1139 int ret = 0;
1140 int mod = 0;
1141 bool cancel;
1142
1143 if (!capable(CAP_SYS_ADMIN))
1144 return -EPERM;
1145
1146 ret = mnt_want_write_file(file);
1147 if (ret)
1148 return ret;
1149
1150 /*
1151 * Read the arguments before checking exclusivity to be able to
1152 * distinguish regular resize and cancel
1153 */
1154 vol_args = memdup_user(arg, sizeof(*vol_args));
1155 if (IS_ERR(vol_args)) {
1156 ret = PTR_ERR(vol_args);
1157 goto out_drop;
1158 }
1159 ret = btrfs_check_ioctl_vol_args_path(vol_args);
1160 if (ret < 0)
1161 goto out_free;
1162
1163 sizestr = vol_args->name;
1164 cancel = (strcmp("cancel", sizestr) == 0);
1165 ret = exclop_start_or_cancel_reloc(fs_info, BTRFS_EXCLOP_RESIZE, cancel);
1166 if (ret)
1167 goto out_free;
1168 /* Exclusive operation is now claimed */
1169
1170 devstr = strchr(sizestr, ':');
1171 if (devstr) {
1172 sizestr = devstr + 1;
1173 *devstr = '\0';
1174 devstr = vol_args->name;
1175 ret = kstrtoull(devstr, 10, &devid);
1176 if (ret)
1177 goto out_finish;
1178 if (!devid) {
1179 ret = -EINVAL;
1180 goto out_finish;
1181 }
1182 btrfs_info(fs_info, "resizing devid %llu", devid);
1183 }
1184
1185 args.devid = devid;
1186 device = btrfs_find_device(fs_info->fs_devices, &args);
1187 if (!device) {
1188 btrfs_info(fs_info, "resizer unable to find device %llu",
1189 devid);
1190 ret = -ENODEV;
1191 goto out_finish;
1192 }
1193
1194 if (!test_bit(BTRFS_DEV_STATE_WRITEABLE, &device->dev_state)) {
1195 btrfs_info(fs_info,
1196 "resizer unable to apply on readonly device %llu",
1197 devid);
1198 ret = -EPERM;
1199 goto out_finish;
1200 }
1201
1202 if (!strcmp(sizestr, "max"))
1203 new_size = bdev_nr_bytes(device->bdev);
1204 else {
1205 if (sizestr[0] == '-') {
1206 mod = -1;
1207 sizestr++;
1208 } else if (sizestr[0] == '+') {
1209 mod = 1;
1210 sizestr++;
1211 }
1212 new_size = memparse(sizestr, &retptr);
1213 if (*retptr != '\0' || new_size == 0) {
1214 ret = -EINVAL;
1215 goto out_finish;
1216 }
1217 }
1218
1219 if (test_bit(BTRFS_DEV_STATE_REPLACE_TGT, &device->dev_state)) {
1220 ret = -EPERM;
1221 goto out_finish;
1222 }
1223
1224 old_size = btrfs_device_get_total_bytes(device);
1225
1226 if (mod < 0) {
1227 if (new_size > old_size) {
1228 ret = -EINVAL;
1229 goto out_finish;
1230 }
1231 new_size = old_size - new_size;
1232 } else if (mod > 0) {
1233 if (new_size > ULLONG_MAX - old_size) {
1234 ret = -ERANGE;
1235 goto out_finish;
1236 }
1237 new_size = old_size + new_size;
1238 }
1239
1240 if (new_size < SZ_256M) {
1241 ret = -EINVAL;
1242 goto out_finish;
1243 }
1244 if (new_size > bdev_nr_bytes(device->bdev)) {
1245 ret = -EFBIG;
1246 goto out_finish;
1247 }
1248
1249 new_size = round_down(new_size, fs_info->sectorsize);
1250
1251 if (new_size > old_size) {
1252 trans = btrfs_start_transaction(root, 0);
1253 if (IS_ERR(trans)) {
1254 ret = PTR_ERR(trans);
1255 goto out_finish;
1256 }
1257 ret = btrfs_grow_device(trans, device, new_size);
1258 btrfs_commit_transaction(trans);
1259 } else if (new_size < old_size) {
1260 ret = btrfs_shrink_device(device, new_size);
1261 } /* equal, nothing need to do */
1262
1263 if (ret == 0 && new_size != old_size)
1264 btrfs_info_in_rcu(fs_info,
1265 "resize device %s (devid %llu) from %llu to %llu",
1266 btrfs_dev_name(device), device->devid,
1267 old_size, new_size);
1268 out_finish:
1269 btrfs_exclop_finish(fs_info);
1270 out_free:
1271 kfree(vol_args);
1272 out_drop:
1273 mnt_drop_write_file(file);
1274 return ret;
1275 }
1276
1277 static noinline int __btrfs_ioctl_snap_create(struct file *file,
1278 struct mnt_idmap *idmap,
1279 const char *name, unsigned long fd, int subvol,
1280 bool readonly,
1281 struct btrfs_qgroup_inherit *inherit)
1282 {
1283 int namelen;
1284 int ret = 0;
1285
1286 if (!S_ISDIR(file_inode(file)->i_mode))
1287 return -ENOTDIR;
1288
1289 ret = mnt_want_write_file(file);
1290 if (ret)
1291 goto out;
1292
1293 namelen = strlen(name);
1294 if (strchr(name, '/')) {
1295 ret = -EINVAL;
1296 goto out_drop_write;
1297 }
1298
1299 if (name[0] == '.' &&
1300 (namelen == 1 || (name[1] == '.' && namelen == 2))) {
1301 ret = -EEXIST;
1302 goto out_drop_write;
1303 }
1304
1305 if (subvol) {
1306 ret = btrfs_mksubvol(&file->f_path, idmap, name,
1307 namelen, NULL, readonly, inherit);
1308 } else {
1309 CLASS(fd, src)(fd);
1310 struct inode *src_inode;
1311 if (fd_empty(src)) {
1312 ret = -EINVAL;
1313 goto out_drop_write;
1314 }
1315
1316 src_inode = file_inode(fd_file(src));
1317 if (src_inode->i_sb != file_inode(file)->i_sb) {
1318 btrfs_info(BTRFS_I(file_inode(file))->root->fs_info,
1319 "Snapshot src from another FS");
1320 ret = -EXDEV;
1321 } else if (!inode_owner_or_capable(idmap, src_inode)) {
1322 /*
1323 * Subvolume creation is not restricted, but snapshots
1324 * are limited to own subvolumes only
1325 */
1326 ret = -EPERM;
1327 } else if (btrfs_ino(BTRFS_I(src_inode)) != BTRFS_FIRST_FREE_OBJECTID) {
1328 /*
1329 * Snapshots must be made with the src_inode referring
1330 * to the subvolume inode, otherwise the permission
1331 * checking above is useless because we may have
1332 * permission on a lower directory but not the subvol
1333 * itself.
1334 */
1335 ret = -EINVAL;
1336 } else {
1337 ret = btrfs_mksnapshot(&file->f_path, idmap,
1338 name, namelen,
1339 BTRFS_I(src_inode)->root,
1340 readonly, inherit);
1341 }
1342 }
1343 out_drop_write:
1344 mnt_drop_write_file(file);
1345 out:
1346 return ret;
1347 }
1348
1349 static noinline int btrfs_ioctl_snap_create(struct file *file,
1350 void __user *arg, int subvol)
1351 {
1352 struct btrfs_ioctl_vol_args *vol_args;
1353 int ret;
1354
1355 if (!S_ISDIR(file_inode(file)->i_mode))
1356 return -ENOTDIR;
1357
1358 vol_args = memdup_user(arg, sizeof(*vol_args));
1359 if (IS_ERR(vol_args))
1360 return PTR_ERR(vol_args);
1361 ret = btrfs_check_ioctl_vol_args_path(vol_args);
1362 if (ret < 0)
1363 goto out;
1364
1365 ret = __btrfs_ioctl_snap_create(file, file_mnt_idmap(file),
1366 vol_args->name, vol_args->fd, subvol,
1367 false, NULL);
1368
1369 out:
1370 kfree(vol_args);
1371 return ret;
1372 }
1373
1374 static noinline int btrfs_ioctl_snap_create_v2(struct file *file,
1375 void __user *arg, int subvol)
1376 {
1377 struct btrfs_ioctl_vol_args_v2 *vol_args;
1378 int ret;
1379 bool readonly = false;
1380 struct btrfs_qgroup_inherit *inherit = NULL;
1381
1382 if (!S_ISDIR(file_inode(file)->i_mode))
1383 return -ENOTDIR;
1384
1385 vol_args = memdup_user(arg, sizeof(*vol_args));
1386 if (IS_ERR(vol_args))
1387 return PTR_ERR(vol_args);
1388 ret = btrfs_check_ioctl_vol_args2_subvol_name(vol_args);
1389 if (ret < 0)
1390 goto free_args;
1391
1392 if (vol_args->flags & ~BTRFS_SUBVOL_CREATE_ARGS_MASK) {
1393 ret = -EOPNOTSUPP;
1394 goto free_args;
1395 }
1396
1397 if (vol_args->flags & BTRFS_SUBVOL_RDONLY)
1398 readonly = true;
1399 if (vol_args->flags & BTRFS_SUBVOL_QGROUP_INHERIT) {
1400 struct btrfs_fs_info *fs_info = inode_to_fs_info(file_inode(file));
1401
1402 if (vol_args->size < sizeof(*inherit) ||
1403 vol_args->size > PAGE_SIZE) {
1404 ret = -EINVAL;
1405 goto free_args;
1406 }
1407 inherit = memdup_user(vol_args->qgroup_inherit, vol_args->size);
1408 if (IS_ERR(inherit)) {
1409 ret = PTR_ERR(inherit);
1410 goto free_args;
1411 }
1412
1413 ret = btrfs_qgroup_check_inherit(fs_info, inherit, vol_args->size);
1414 if (ret < 0)
1415 goto free_inherit;
1416 }
1417
1418 ret = __btrfs_ioctl_snap_create(file, file_mnt_idmap(file),
1419 vol_args->name, vol_args->fd, subvol,
1420 readonly, inherit);
1421 if (ret)
1422 goto free_inherit;
1423 free_inherit:
1424 kfree(inherit);
1425 free_args:
1426 kfree(vol_args);
1427 return ret;
1428 }
1429
1430 static noinline int btrfs_ioctl_subvol_getflags(struct inode *inode,
1431 void __user *arg)
1432 {
1433 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
1434 struct btrfs_root *root = BTRFS_I(inode)->root;
1435 int ret = 0;
1436 u64 flags = 0;
1437
1438 if (btrfs_ino(BTRFS_I(inode)) != BTRFS_FIRST_FREE_OBJECTID)
1439 return -EINVAL;
1440
1441 down_read(&fs_info->subvol_sem);
1442 if (btrfs_root_readonly(root))
1443 flags |= BTRFS_SUBVOL_RDONLY;
1444 up_read(&fs_info->subvol_sem);
1445
1446 if (copy_to_user(arg, &flags, sizeof(flags)))
1447 ret = -EFAULT;
1448
1449 return ret;
1450 }
1451
1452 static noinline int btrfs_ioctl_subvol_setflags(struct file *file,
1453 void __user *arg)
1454 {
1455 struct inode *inode = file_inode(file);
1456 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
1457 struct btrfs_root *root = BTRFS_I(inode)->root;
1458 struct btrfs_trans_handle *trans;
1459 u64 root_flags;
1460 u64 flags;
1461 int ret = 0;
1462
1463 if (!inode_owner_or_capable(file_mnt_idmap(file), inode))
1464 return -EPERM;
1465
1466 ret = mnt_want_write_file(file);
1467 if (ret)
1468 goto out;
1469
1470 if (btrfs_ino(BTRFS_I(inode)) != BTRFS_FIRST_FREE_OBJECTID) {
1471 ret = -EINVAL;
1472 goto out_drop_write;
1473 }
1474
1475 if (copy_from_user(&flags, arg, sizeof(flags))) {
1476 ret = -EFAULT;
1477 goto out_drop_write;
1478 }
1479
1480 if (flags & ~BTRFS_SUBVOL_RDONLY) {
1481 ret = -EOPNOTSUPP;
1482 goto out_drop_write;
1483 }
1484
1485 down_write(&fs_info->subvol_sem);
1486
1487 /* nothing to do */
1488 if (!!(flags & BTRFS_SUBVOL_RDONLY) == btrfs_root_readonly(root))
1489 goto out_drop_sem;
1490
1491 root_flags = btrfs_root_flags(&root->root_item);
1492 if (flags & BTRFS_SUBVOL_RDONLY) {
1493 btrfs_set_root_flags(&root->root_item,
1494 root_flags | BTRFS_ROOT_SUBVOL_RDONLY);
1495 } else {
1496 /*
1497 * Block RO -> RW transition if this subvolume is involved in
1498 * send
1499 */
1500 spin_lock(&root->root_item_lock);
1501 if (root->send_in_progress == 0) {
1502 btrfs_set_root_flags(&root->root_item,
1503 root_flags & ~BTRFS_ROOT_SUBVOL_RDONLY);
1504 spin_unlock(&root->root_item_lock);
1505 } else {
1506 spin_unlock(&root->root_item_lock);
1507 btrfs_warn(fs_info,
1508 "Attempt to set subvolume %llu read-write during send",
1509 btrfs_root_id(root));
1510 ret = -EPERM;
1511 goto out_drop_sem;
1512 }
1513 }
1514
1515 trans = btrfs_start_transaction(root, 1);
1516 if (IS_ERR(trans)) {
1517 ret = PTR_ERR(trans);
1518 goto out_reset;
1519 }
1520
1521 ret = btrfs_update_root(trans, fs_info->tree_root,
1522 &root->root_key, &root->root_item);
1523 if (ret < 0) {
1524 btrfs_end_transaction(trans);
1525 goto out_reset;
1526 }
1527
1528 ret = btrfs_commit_transaction(trans);
1529
1530 out_reset:
1531 if (ret)
1532 btrfs_set_root_flags(&root->root_item, root_flags);
1533 out_drop_sem:
1534 up_write(&fs_info->subvol_sem);
1535 out_drop_write:
1536 mnt_drop_write_file(file);
1537 out:
1538 return ret;
1539 }
1540
1541 static noinline int key_in_sk(struct btrfs_key *key,
1542 struct btrfs_ioctl_search_key *sk)
1543 {
1544 struct btrfs_key test;
1545 int ret;
1546
1547 test.objectid = sk->min_objectid;
1548 test.type = sk->min_type;
1549 test.offset = sk->min_offset;
1550
1551 ret = btrfs_comp_cpu_keys(key, &test);
1552 if (ret < 0)
1553 return 0;
1554
1555 test.objectid = sk->max_objectid;
1556 test.type = sk->max_type;
1557 test.offset = sk->max_offset;
1558
1559 ret = btrfs_comp_cpu_keys(key, &test);
1560 if (ret > 0)
1561 return 0;
1562 return 1;
1563 }
1564
1565 static noinline int copy_to_sk(struct btrfs_path *path,
1566 struct btrfs_key *key,
1567 struct btrfs_ioctl_search_key *sk,
1568 u64 *buf_size,
1569 char __user *ubuf,
1570 unsigned long *sk_offset,
1571 int *num_found)
1572 {
1573 u64 found_transid;
1574 struct extent_buffer *leaf;
1575 struct btrfs_ioctl_search_header sh;
1576 struct btrfs_key test;
1577 unsigned long item_off;
1578 unsigned long item_len;
1579 int nritems;
1580 int i;
1581 int slot;
1582 int ret = 0;
1583
1584 leaf = path->nodes[0];
1585 slot = path->slots[0];
1586 nritems = btrfs_header_nritems(leaf);
1587
1588 if (btrfs_header_generation(leaf) > sk->max_transid) {
1589 i = nritems;
1590 goto advance_key;
1591 }
1592 found_transid = btrfs_header_generation(leaf);
1593
1594 for (i = slot; i < nritems; i++) {
1595 item_off = btrfs_item_ptr_offset(leaf, i);
1596 item_len = btrfs_item_size(leaf, i);
1597
1598 btrfs_item_key_to_cpu(leaf, key, i);
1599 if (!key_in_sk(key, sk))
1600 continue;
1601
1602 if (sizeof(sh) + item_len > *buf_size) {
1603 if (*num_found) {
1604 ret = 1;
1605 goto out;
1606 }
1607
1608 /*
1609 * return one empty item back for v1, which does not
1610 * handle -EOVERFLOW
1611 */
1612
1613 *buf_size = sizeof(sh) + item_len;
1614 item_len = 0;
1615 ret = -EOVERFLOW;
1616 }
1617
1618 if (sizeof(sh) + item_len + *sk_offset > *buf_size) {
1619 ret = 1;
1620 goto out;
1621 }
1622
1623 sh.objectid = key->objectid;
1624 sh.offset = key->offset;
1625 sh.type = key->type;
1626 sh.len = item_len;
1627 sh.transid = found_transid;
1628
1629 /*
1630 * Copy search result header. If we fault then loop again so we
1631 * can fault in the pages and -EFAULT there if there's a
1632 * problem. Otherwise we'll fault and then copy the buffer in
1633 * properly this next time through
1634 */
1635 if (copy_to_user_nofault(ubuf + *sk_offset, &sh, sizeof(sh))) {
1636 ret = 0;
1637 goto out;
1638 }
1639
1640 *sk_offset += sizeof(sh);
1641
1642 if (item_len) {
1643 char __user *up = ubuf + *sk_offset;
1644 /*
1645 * Copy the item, same behavior as above, but reset the
1646 * * sk_offset so we copy the full thing again.
1647 */
1648 if (read_extent_buffer_to_user_nofault(leaf, up,
1649 item_off, item_len)) {
1650 ret = 0;
1651 *sk_offset -= sizeof(sh);
1652 goto out;
1653 }
1654
1655 *sk_offset += item_len;
1656 }
1657 (*num_found)++;
1658
1659 if (ret) /* -EOVERFLOW from above */
1660 goto out;
1661
1662 if (*num_found >= sk->nr_items) {
1663 ret = 1;
1664 goto out;
1665 }
1666 }
1667 advance_key:
1668 ret = 0;
1669 test.objectid = sk->max_objectid;
1670 test.type = sk->max_type;
1671 test.offset = sk->max_offset;
1672 if (btrfs_comp_cpu_keys(key, &test) >= 0)
1673 ret = 1;
1674 else if (key->offset < (u64)-1)
1675 key->offset++;
1676 else if (key->type < (u8)-1) {
1677 key->offset = 0;
1678 key->type++;
1679 } else if (key->objectid < (u64)-1) {
1680 key->offset = 0;
1681 key->type = 0;
1682 key->objectid++;
1683 } else
1684 ret = 1;
1685 out:
1686 /*
1687 * 0: all items from this leaf copied, continue with next
1688 * 1: * more items can be copied, but unused buffer is too small
1689 * * all items were found
1690 * Either way, it will stops the loop which iterates to the next
1691 * leaf
1692 * -EOVERFLOW: item was to large for buffer
1693 * -EFAULT: could not copy extent buffer back to userspace
1694 */
1695 return ret;
1696 }
1697
1698 static noinline int search_ioctl(struct inode *inode,
1699 struct btrfs_ioctl_search_key *sk,
1700 u64 *buf_size,
1701 char __user *ubuf)
1702 {
1703 struct btrfs_fs_info *info = inode_to_fs_info(inode);
1704 struct btrfs_root *root;
1705 struct btrfs_key key;
1706 struct btrfs_path *path;
1707 int ret;
1708 int num_found = 0;
1709 unsigned long sk_offset = 0;
1710
1711 if (*buf_size < sizeof(struct btrfs_ioctl_search_header)) {
1712 *buf_size = sizeof(struct btrfs_ioctl_search_header);
1713 return -EOVERFLOW;
1714 }
1715
1716 path = btrfs_alloc_path();
1717 if (!path)
1718 return -ENOMEM;
1719
1720 if (sk->tree_id == 0) {
1721 /* search the root of the inode that was passed */
1722 root = btrfs_grab_root(BTRFS_I(inode)->root);
1723 } else {
1724 root = btrfs_get_fs_root(info, sk->tree_id, true);
1725 if (IS_ERR(root)) {
1726 btrfs_free_path(path);
1727 return PTR_ERR(root);
1728 }
1729 }
1730
1731 key.objectid = sk->min_objectid;
1732 key.type = sk->min_type;
1733 key.offset = sk->min_offset;
1734
1735 while (1) {
1736 ret = -EFAULT;
1737 /*
1738 * Ensure that the whole user buffer is faulted in at sub-page
1739 * granularity, otherwise the loop may live-lock.
1740 */
1741 if (fault_in_subpage_writeable(ubuf + sk_offset,
1742 *buf_size - sk_offset))
1743 break;
1744
1745 ret = btrfs_search_forward(root, &key, path, sk->min_transid);
1746 if (ret != 0) {
1747 if (ret > 0)
1748 ret = 0;
1749 goto err;
1750 }
1751 ret = copy_to_sk(path, &key, sk, buf_size, ubuf,
1752 &sk_offset, &num_found);
1753 btrfs_release_path(path);
1754 if (ret)
1755 break;
1756
1757 }
1758 if (ret > 0)
1759 ret = 0;
1760 err:
1761 sk->nr_items = num_found;
1762 btrfs_put_root(root);
1763 btrfs_free_path(path);
1764 return ret;
1765 }
1766
1767 static noinline int btrfs_ioctl_tree_search(struct inode *inode,
1768 void __user *argp)
1769 {
1770 struct btrfs_ioctl_search_args __user *uargs = argp;
1771 struct btrfs_ioctl_search_key sk;
1772 int ret;
1773 u64 buf_size;
1774
1775 if (!capable(CAP_SYS_ADMIN))
1776 return -EPERM;
1777
1778 if (copy_from_user(&sk, &uargs->key, sizeof(sk)))
1779 return -EFAULT;
1780
1781 buf_size = sizeof(uargs->buf);
1782
1783 ret = search_ioctl(inode, &sk, &buf_size, uargs->buf);
1784
1785 /*
1786 * In the origin implementation an overflow is handled by returning a
1787 * search header with a len of zero, so reset ret.
1788 */
1789 if (ret == -EOVERFLOW)
1790 ret = 0;
1791
1792 if (ret == 0 && copy_to_user(&uargs->key, &sk, sizeof(sk)))
1793 ret = -EFAULT;
1794 return ret;
1795 }
1796
1797 static noinline int btrfs_ioctl_tree_search_v2(struct inode *inode,
1798 void __user *argp)
1799 {
1800 struct btrfs_ioctl_search_args_v2 __user *uarg = argp;
1801 struct btrfs_ioctl_search_args_v2 args;
1802 int ret;
1803 u64 buf_size;
1804 const u64 buf_limit = SZ_16M;
1805
1806 if (!capable(CAP_SYS_ADMIN))
1807 return -EPERM;
1808
1809 /* copy search header and buffer size */
1810 if (copy_from_user(&args, uarg, sizeof(args)))
1811 return -EFAULT;
1812
1813 buf_size = args.buf_size;
1814
1815 /* limit result size to 16MB */
1816 if (buf_size > buf_limit)
1817 buf_size = buf_limit;
1818
1819 ret = search_ioctl(inode, &args.key, &buf_size,
1820 (char __user *)(&uarg->buf[0]));
1821 if (ret == 0 && copy_to_user(&uarg->key, &args.key, sizeof(args.key)))
1822 ret = -EFAULT;
1823 else if (ret == -EOVERFLOW &&
1824 copy_to_user(&uarg->buf_size, &buf_size, sizeof(buf_size)))
1825 ret = -EFAULT;
1826
1827 return ret;
1828 }
1829
1830 /*
1831 * Search INODE_REFs to identify path name of 'dirid' directory
1832 * in a 'tree_id' tree. and sets path name to 'name'.
1833 */
1834 static noinline int btrfs_search_path_in_tree(struct btrfs_fs_info *info,
1835 u64 tree_id, u64 dirid, char *name)
1836 {
1837 struct btrfs_root *root;
1838 struct btrfs_key key;
1839 char *ptr;
1840 int ret = -1;
1841 int slot;
1842 int len;
1843 int total_len = 0;
1844 struct btrfs_inode_ref *iref;
1845 struct extent_buffer *l;
1846 struct btrfs_path *path;
1847
1848 if (dirid == BTRFS_FIRST_FREE_OBJECTID) {
1849 name[0]='\0';
1850 return 0;
1851 }
1852
1853 path = btrfs_alloc_path();
1854 if (!path)
1855 return -ENOMEM;
1856
1857 ptr = &name[BTRFS_INO_LOOKUP_PATH_MAX - 1];
1858
1859 root = btrfs_get_fs_root(info, tree_id, true);
1860 if (IS_ERR(root)) {
1861 ret = PTR_ERR(root);
1862 root = NULL;
1863 goto out;
1864 }
1865
1866 key.objectid = dirid;
1867 key.type = BTRFS_INODE_REF_KEY;
1868 key.offset = (u64)-1;
1869
1870 while (1) {
1871 ret = btrfs_search_backwards(root, &key, path);
1872 if (ret < 0)
1873 goto out;
1874 else if (ret > 0) {
1875 ret = -ENOENT;
1876 goto out;
1877 }
1878
1879 l = path->nodes[0];
1880 slot = path->slots[0];
1881
1882 iref = btrfs_item_ptr(l, slot, struct btrfs_inode_ref);
1883 len = btrfs_inode_ref_name_len(l, iref);
1884 ptr -= len + 1;
1885 total_len += len + 1;
1886 if (ptr < name) {
1887 ret = -ENAMETOOLONG;
1888 goto out;
1889 }
1890
1891 *(ptr + len) = '/';
1892 read_extent_buffer(l, ptr, (unsigned long)(iref + 1), len);
1893
1894 if (key.offset == BTRFS_FIRST_FREE_OBJECTID)
1895 break;
1896
1897 btrfs_release_path(path);
1898 key.objectid = key.offset;
1899 key.offset = (u64)-1;
1900 dirid = key.objectid;
1901 }
1902 memmove(name, ptr, total_len);
1903 name[total_len] = '\0';
1904 ret = 0;
1905 out:
1906 btrfs_put_root(root);
1907 btrfs_free_path(path);
1908 return ret;
1909 }
1910
1911 static int btrfs_search_path_in_tree_user(struct mnt_idmap *idmap,
1912 struct inode *inode,
1913 struct btrfs_ioctl_ino_lookup_user_args *args)
1914 {
1915 struct btrfs_fs_info *fs_info = BTRFS_I(inode)->root->fs_info;
1916 u64 upper_limit = btrfs_ino(BTRFS_I(inode));
1917 u64 treeid = btrfs_root_id(BTRFS_I(inode)->root);
1918 u64 dirid = args->dirid;
1919 unsigned long item_off;
1920 unsigned long item_len;
1921 struct btrfs_inode_ref *iref;
1922 struct btrfs_root_ref *rref;
1923 struct btrfs_root *root = NULL;
1924 struct btrfs_path *path;
1925 struct btrfs_key key, key2;
1926 struct extent_buffer *leaf;
1927 struct inode *temp_inode;
1928 char *ptr;
1929 int slot;
1930 int len;
1931 int total_len = 0;
1932 int ret;
1933
1934 path = btrfs_alloc_path();
1935 if (!path)
1936 return -ENOMEM;
1937
1938 /*
1939 * If the bottom subvolume does not exist directly under upper_limit,
1940 * construct the path in from the bottom up.
1941 */
1942 if (dirid != upper_limit) {
1943 ptr = &args->path[BTRFS_INO_LOOKUP_USER_PATH_MAX - 1];
1944
1945 root = btrfs_get_fs_root(fs_info, treeid, true);
1946 if (IS_ERR(root)) {
1947 ret = PTR_ERR(root);
1948 goto out;
1949 }
1950
1951 key.objectid = dirid;
1952 key.type = BTRFS_INODE_REF_KEY;
1953 key.offset = (u64)-1;
1954 while (1) {
1955 ret = btrfs_search_backwards(root, &key, path);
1956 if (ret < 0)
1957 goto out_put;
1958 else if (ret > 0) {
1959 ret = -ENOENT;
1960 goto out_put;
1961 }
1962
1963 leaf = path->nodes[0];
1964 slot = path->slots[0];
1965
1966 iref = btrfs_item_ptr(leaf, slot, struct btrfs_inode_ref);
1967 len = btrfs_inode_ref_name_len(leaf, iref);
1968 ptr -= len + 1;
1969 total_len += len + 1;
1970 if (ptr < args->path) {
1971 ret = -ENAMETOOLONG;
1972 goto out_put;
1973 }
1974
1975 *(ptr + len) = '/';
1976 read_extent_buffer(leaf, ptr,
1977 (unsigned long)(iref + 1), len);
1978
1979 /* Check the read+exec permission of this directory */
1980 ret = btrfs_previous_item(root, path, dirid,
1981 BTRFS_INODE_ITEM_KEY);
1982 if (ret < 0) {
1983 goto out_put;
1984 } else if (ret > 0) {
1985 ret = -ENOENT;
1986 goto out_put;
1987 }
1988
1989 leaf = path->nodes[0];
1990 slot = path->slots[0];
1991 btrfs_item_key_to_cpu(leaf, &key2, slot);
1992 if (key2.objectid != dirid) {
1993 ret = -ENOENT;
1994 goto out_put;
1995 }
1996
1997 /*
1998 * We don't need the path anymore, so release it and
1999 * avoid deadlocks and lockdep warnings in case
2000 * btrfs_iget() needs to lookup the inode from its root
2001 * btree and lock the same leaf.
2002 */
2003 btrfs_release_path(path);
2004 temp_inode = btrfs_iget(key2.objectid, root);
2005 if (IS_ERR(temp_inode)) {
2006 ret = PTR_ERR(temp_inode);
2007 goto out_put;
2008 }
2009 ret = inode_permission(idmap, temp_inode,
2010 MAY_READ | MAY_EXEC);
2011 iput(temp_inode);
2012 if (ret) {
2013 ret = -EACCES;
2014 goto out_put;
2015 }
2016
2017 if (key.offset == upper_limit)
2018 break;
2019 if (key.objectid == BTRFS_FIRST_FREE_OBJECTID) {
2020 ret = -EACCES;
2021 goto out_put;
2022 }
2023
2024 key.objectid = key.offset;
2025 key.offset = (u64)-1;
2026 dirid = key.objectid;
2027 }
2028
2029 memmove(args->path, ptr, total_len);
2030 args->path[total_len] = '\0';
2031 btrfs_put_root(root);
2032 root = NULL;
2033 btrfs_release_path(path);
2034 }
2035
2036 /* Get the bottom subvolume's name from ROOT_REF */
2037 key.objectid = treeid;
2038 key.type = BTRFS_ROOT_REF_KEY;
2039 key.offset = args->treeid;
2040 ret = btrfs_search_slot(NULL, fs_info->tree_root, &key, path, 0, 0);
2041 if (ret < 0) {
2042 goto out;
2043 } else if (ret > 0) {
2044 ret = -ENOENT;
2045 goto out;
2046 }
2047
2048 leaf = path->nodes[0];
2049 slot = path->slots[0];
2050 btrfs_item_key_to_cpu(leaf, &key, slot);
2051
2052 item_off = btrfs_item_ptr_offset(leaf, slot);
2053 item_len = btrfs_item_size(leaf, slot);
2054 /* Check if dirid in ROOT_REF corresponds to passed dirid */
2055 rref = btrfs_item_ptr(leaf, slot, struct btrfs_root_ref);
2056 if (args->dirid != btrfs_root_ref_dirid(leaf, rref)) {
2057 ret = -EINVAL;
2058 goto out;
2059 }
2060
2061 /* Copy subvolume's name */
2062 item_off += sizeof(struct btrfs_root_ref);
2063 item_len -= sizeof(struct btrfs_root_ref);
2064 read_extent_buffer(leaf, args->name, item_off, item_len);
2065 args->name[item_len] = 0;
2066
2067 out_put:
2068 btrfs_put_root(root);
2069 out:
2070 btrfs_free_path(path);
2071 return ret;
2072 }
2073
2074 static noinline int btrfs_ioctl_ino_lookup(struct btrfs_root *root,
2075 void __user *argp)
2076 {
2077 struct btrfs_ioctl_ino_lookup_args *args;
2078 int ret = 0;
2079
2080 args = memdup_user(argp, sizeof(*args));
2081 if (IS_ERR(args))
2082 return PTR_ERR(args);
2083
2084 /*
2085 * Unprivileged query to obtain the containing subvolume root id. The
2086 * path is reset so it's consistent with btrfs_search_path_in_tree.
2087 */
2088 if (args->treeid == 0)
2089 args->treeid = btrfs_root_id(root);
2090
2091 if (args->objectid == BTRFS_FIRST_FREE_OBJECTID) {
2092 args->name[0] = 0;
2093 goto out;
2094 }
2095
2096 if (!capable(CAP_SYS_ADMIN)) {
2097 ret = -EPERM;
2098 goto out;
2099 }
2100
2101 ret = btrfs_search_path_in_tree(root->fs_info,
2102 args->treeid, args->objectid,
2103 args->name);
2104
2105 out:
2106 if (ret == 0 && copy_to_user(argp, args, sizeof(*args)))
2107 ret = -EFAULT;
2108
2109 kfree(args);
2110 return ret;
2111 }
2112
2113 /*
2114 * Version of ino_lookup ioctl (unprivileged)
2115 *
2116 * The main differences from ino_lookup ioctl are:
2117 *
2118 * 1. Read + Exec permission will be checked using inode_permission() during
2119 * path construction. -EACCES will be returned in case of failure.
2120 * 2. Path construction will be stopped at the inode number which corresponds
2121 * to the fd with which this ioctl is called. If constructed path does not
2122 * exist under fd's inode, -EACCES will be returned.
2123 * 3. The name of bottom subvolume is also searched and filled.
2124 */
2125 static int btrfs_ioctl_ino_lookup_user(struct file *file, void __user *argp)
2126 {
2127 struct btrfs_ioctl_ino_lookup_user_args *args;
2128 struct inode *inode;
2129 int ret;
2130
2131 args = memdup_user(argp, sizeof(*args));
2132 if (IS_ERR(args))
2133 return PTR_ERR(args);
2134
2135 inode = file_inode(file);
2136
2137 if (args->dirid == BTRFS_FIRST_FREE_OBJECTID &&
2138 btrfs_ino(BTRFS_I(inode)) != BTRFS_FIRST_FREE_OBJECTID) {
2139 /*
2140 * The subvolume does not exist under fd with which this is
2141 * called
2142 */
2143 kfree(args);
2144 return -EACCES;
2145 }
2146
2147 ret = btrfs_search_path_in_tree_user(file_mnt_idmap(file), inode, args);
2148
2149 if (ret == 0 && copy_to_user(argp, args, sizeof(*args)))
2150 ret = -EFAULT;
2151
2152 kfree(args);
2153 return ret;
2154 }
2155
2156 /* Get the subvolume information in BTRFS_ROOT_ITEM and BTRFS_ROOT_BACKREF */
2157 static int btrfs_ioctl_get_subvol_info(struct inode *inode, void __user *argp)
2158 {
2159 struct btrfs_ioctl_get_subvol_info_args *subvol_info;
2160 struct btrfs_fs_info *fs_info;
2161 struct btrfs_root *root;
2162 struct btrfs_path *path;
2163 struct btrfs_key key;
2164 struct btrfs_root_item *root_item;
2165 struct btrfs_root_ref *rref;
2166 struct extent_buffer *leaf;
2167 unsigned long item_off;
2168 unsigned long item_len;
2169 int slot;
2170 int ret = 0;
2171
2172 path = btrfs_alloc_path();
2173 if (!path)
2174 return -ENOMEM;
2175
2176 subvol_info = kzalloc(sizeof(*subvol_info), GFP_KERNEL);
2177 if (!subvol_info) {
2178 btrfs_free_path(path);
2179 return -ENOMEM;
2180 }
2181
2182 fs_info = BTRFS_I(inode)->root->fs_info;
2183
2184 /* Get root_item of inode's subvolume */
2185 key.objectid = btrfs_root_id(BTRFS_I(inode)->root);
2186 root = btrfs_get_fs_root(fs_info, key.objectid, true);
2187 if (IS_ERR(root)) {
2188 ret = PTR_ERR(root);
2189 goto out_free;
2190 }
2191 root_item = &root->root_item;
2192
2193 subvol_info->treeid = key.objectid;
2194
2195 subvol_info->generation = btrfs_root_generation(root_item);
2196 subvol_info->flags = btrfs_root_flags(root_item);
2197
2198 memcpy(subvol_info->uuid, root_item->uuid, BTRFS_UUID_SIZE);
2199 memcpy(subvol_info->parent_uuid, root_item->parent_uuid,
2200 BTRFS_UUID_SIZE);
2201 memcpy(subvol_info->received_uuid, root_item->received_uuid,
2202 BTRFS_UUID_SIZE);
2203
2204 subvol_info->ctransid = btrfs_root_ctransid(root_item);
2205 subvol_info->ctime.sec = btrfs_stack_timespec_sec(&root_item->ctime);
2206 subvol_info->ctime.nsec = btrfs_stack_timespec_nsec(&root_item->ctime);
2207
2208 subvol_info->otransid = btrfs_root_otransid(root_item);
2209 subvol_info->otime.sec = btrfs_stack_timespec_sec(&root_item->otime);
2210 subvol_info->otime.nsec = btrfs_stack_timespec_nsec(&root_item->otime);
2211
2212 subvol_info->stransid = btrfs_root_stransid(root_item);
2213 subvol_info->stime.sec = btrfs_stack_timespec_sec(&root_item->stime);
2214 subvol_info->stime.nsec = btrfs_stack_timespec_nsec(&root_item->stime);
2215
2216 subvol_info->rtransid = btrfs_root_rtransid(root_item);
2217 subvol_info->rtime.sec = btrfs_stack_timespec_sec(&root_item->rtime);
2218 subvol_info->rtime.nsec = btrfs_stack_timespec_nsec(&root_item->rtime);
2219
2220 if (key.objectid != BTRFS_FS_TREE_OBJECTID) {
2221 /* Search root tree for ROOT_BACKREF of this subvolume */
2222 key.type = BTRFS_ROOT_BACKREF_KEY;
2223 key.offset = 0;
2224 ret = btrfs_search_slot(NULL, fs_info->tree_root, &key, path, 0, 0);
2225 if (ret < 0) {
2226 goto out;
2227 } else if (path->slots[0] >=
2228 btrfs_header_nritems(path->nodes[0])) {
2229 ret = btrfs_next_leaf(fs_info->tree_root, path);
2230 if (ret < 0) {
2231 goto out;
2232 } else if (ret > 0) {
2233 ret = -EUCLEAN;
2234 goto out;
2235 }
2236 }
2237
2238 leaf = path->nodes[0];
2239 slot = path->slots[0];
2240 btrfs_item_key_to_cpu(leaf, &key, slot);
2241 if (key.objectid == subvol_info->treeid &&
2242 key.type == BTRFS_ROOT_BACKREF_KEY) {
2243 subvol_info->parent_id = key.offset;
2244
2245 rref = btrfs_item_ptr(leaf, slot, struct btrfs_root_ref);
2246 subvol_info->dirid = btrfs_root_ref_dirid(leaf, rref);
2247
2248 item_off = btrfs_item_ptr_offset(leaf, slot)
2249 + sizeof(struct btrfs_root_ref);
2250 item_len = btrfs_item_size(leaf, slot)
2251 - sizeof(struct btrfs_root_ref);
2252 read_extent_buffer(leaf, subvol_info->name,
2253 item_off, item_len);
2254 } else {
2255 ret = -ENOENT;
2256 goto out;
2257 }
2258 }
2259
2260 btrfs_free_path(path);
2261 path = NULL;
2262 if (copy_to_user(argp, subvol_info, sizeof(*subvol_info)))
2263 ret = -EFAULT;
2264
2265 out:
2266 btrfs_put_root(root);
2267 out_free:
2268 btrfs_free_path(path);
2269 kfree(subvol_info);
2270 return ret;
2271 }
2272
2273 /*
2274 * Return ROOT_REF information of the subvolume containing this inode
2275 * except the subvolume name.
2276 */
2277 static int btrfs_ioctl_get_subvol_rootref(struct btrfs_root *root,
2278 void __user *argp)
2279 {
2280 struct btrfs_ioctl_get_subvol_rootref_args *rootrefs;
2281 struct btrfs_root_ref *rref;
2282 struct btrfs_path *path;
2283 struct btrfs_key key;
2284 struct extent_buffer *leaf;
2285 u64 objectid;
2286 int slot;
2287 int ret;
2288 u8 found;
2289
2290 path = btrfs_alloc_path();
2291 if (!path)
2292 return -ENOMEM;
2293
2294 rootrefs = memdup_user(argp, sizeof(*rootrefs));
2295 if (IS_ERR(rootrefs)) {
2296 btrfs_free_path(path);
2297 return PTR_ERR(rootrefs);
2298 }
2299
2300 objectid = btrfs_root_id(root);
2301 key.objectid = objectid;
2302 key.type = BTRFS_ROOT_REF_KEY;
2303 key.offset = rootrefs->min_treeid;
2304 found = 0;
2305
2306 root = root->fs_info->tree_root;
2307 ret = btrfs_search_slot(NULL, root, &key, path, 0, 0);
2308 if (ret < 0) {
2309 goto out;
2310 } else if (path->slots[0] >=
2311 btrfs_header_nritems(path->nodes[0])) {
2312 ret = btrfs_next_leaf(root, path);
2313 if (ret < 0) {
2314 goto out;
2315 } else if (ret > 0) {
2316 ret = -EUCLEAN;
2317 goto out;
2318 }
2319 }
2320 while (1) {
2321 leaf = path->nodes[0];
2322 slot = path->slots[0];
2323
2324 btrfs_item_key_to_cpu(leaf, &key, slot);
2325 if (key.objectid != objectid || key.type != BTRFS_ROOT_REF_KEY) {
2326 ret = 0;
2327 goto out;
2328 }
2329
2330 if (found == BTRFS_MAX_ROOTREF_BUFFER_NUM) {
2331 ret = -EOVERFLOW;
2332 goto out;
2333 }
2334
2335 rref = btrfs_item_ptr(leaf, slot, struct btrfs_root_ref);
2336 rootrefs->rootref[found].treeid = key.offset;
2337 rootrefs->rootref[found].dirid =
2338 btrfs_root_ref_dirid(leaf, rref);
2339 found++;
2340
2341 ret = btrfs_next_item(root, path);
2342 if (ret < 0) {
2343 goto out;
2344 } else if (ret > 0) {
2345 ret = -EUCLEAN;
2346 goto out;
2347 }
2348 }
2349
2350 out:
2351 btrfs_free_path(path);
2352
2353 if (!ret || ret == -EOVERFLOW) {
2354 rootrefs->num_items = found;
2355 /* update min_treeid for next search */
2356 if (found)
2357 rootrefs->min_treeid =
2358 rootrefs->rootref[found - 1].treeid + 1;
2359 if (copy_to_user(argp, rootrefs, sizeof(*rootrefs)))
2360 ret = -EFAULT;
2361 }
2362
2363 kfree(rootrefs);
2364
2365 return ret;
2366 }
2367
2368 static noinline int btrfs_ioctl_snap_destroy(struct file *file,
2369 void __user *arg,
2370 bool destroy_v2)
2371 {
2372 struct dentry *parent = file->f_path.dentry;
2373 struct dentry *dentry;
2374 struct inode *dir = d_inode(parent);
2375 struct btrfs_fs_info *fs_info = inode_to_fs_info(dir);
2376 struct inode *inode;
2377 struct btrfs_root *root = BTRFS_I(dir)->root;
2378 struct btrfs_root *dest = NULL;
2379 struct btrfs_ioctl_vol_args *vol_args = NULL;
2380 struct btrfs_ioctl_vol_args_v2 *vol_args2 = NULL;
2381 struct mnt_idmap *idmap = file_mnt_idmap(file);
2382 char *subvol_name, *subvol_name_ptr = NULL;
2383 int subvol_namelen;
2384 int ret = 0;
2385 bool destroy_parent = false;
2386
2387 /* We don't support snapshots with extent tree v2 yet. */
2388 if (btrfs_fs_incompat(fs_info, EXTENT_TREE_V2)) {
2389 btrfs_err(fs_info,
2390 "extent tree v2 doesn't support snapshot deletion yet");
2391 return -EOPNOTSUPP;
2392 }
2393
2394 if (destroy_v2) {
2395 vol_args2 = memdup_user(arg, sizeof(*vol_args2));
2396 if (IS_ERR(vol_args2))
2397 return PTR_ERR(vol_args2);
2398
2399 if (vol_args2->flags & ~BTRFS_SUBVOL_DELETE_ARGS_MASK) {
2400 ret = -EOPNOTSUPP;
2401 goto out;
2402 }
2403
2404 /*
2405 * If SPEC_BY_ID is not set, we are looking for the subvolume by
2406 * name, same as v1 currently does.
2407 */
2408 if (!(vol_args2->flags & BTRFS_SUBVOL_SPEC_BY_ID)) {
2409 ret = btrfs_check_ioctl_vol_args2_subvol_name(vol_args2);
2410 if (ret < 0)
2411 goto out;
2412 subvol_name = vol_args2->name;
2413
2414 ret = mnt_want_write_file(file);
2415 if (ret)
2416 goto out;
2417 } else {
2418 struct inode *old_dir;
2419
2420 if (vol_args2->subvolid < BTRFS_FIRST_FREE_OBJECTID) {
2421 ret = -EINVAL;
2422 goto out;
2423 }
2424
2425 ret = mnt_want_write_file(file);
2426 if (ret)
2427 goto out;
2428
2429 dentry = btrfs_get_dentry(fs_info->sb,
2430 BTRFS_FIRST_FREE_OBJECTID,
2431 vol_args2->subvolid, 0);
2432 if (IS_ERR(dentry)) {
2433 ret = PTR_ERR(dentry);
2434 goto out_drop_write;
2435 }
2436
2437 /*
2438 * Change the default parent since the subvolume being
2439 * deleted can be outside of the current mount point.
2440 */
2441 parent = btrfs_get_parent(dentry);
2442
2443 /*
2444 * At this point dentry->d_name can point to '/' if the
2445 * subvolume we want to destroy is outsite of the
2446 * current mount point, so we need to release the
2447 * current dentry and execute the lookup to return a new
2448 * one with ->d_name pointing to the
2449 * <mount point>/subvol_name.
2450 */
2451 dput(dentry);
2452 if (IS_ERR(parent)) {
2453 ret = PTR_ERR(parent);
2454 goto out_drop_write;
2455 }
2456 old_dir = dir;
2457 dir = d_inode(parent);
2458
2459 /*
2460 * If v2 was used with SPEC_BY_ID, a new parent was
2461 * allocated since the subvolume can be outside of the
2462 * current mount point. Later on we need to release this
2463 * new parent dentry.
2464 */
2465 destroy_parent = true;
2466
2467 /*
2468 * On idmapped mounts, deletion via subvolid is
2469 * restricted to subvolumes that are immediate
2470 * ancestors of the inode referenced by the file
2471 * descriptor in the ioctl. Otherwise the idmapping
2472 * could potentially be abused to delete subvolumes
2473 * anywhere in the filesystem the user wouldn't be able
2474 * to delete without an idmapped mount.
2475 */
2476 if (old_dir != dir && idmap != &nop_mnt_idmap) {
2477 ret = -EOPNOTSUPP;
2478 goto free_parent;
2479 }
2480
2481 subvol_name_ptr = btrfs_get_subvol_name_from_objectid(
2482 fs_info, vol_args2->subvolid);
2483 if (IS_ERR(subvol_name_ptr)) {
2484 ret = PTR_ERR(subvol_name_ptr);
2485 goto free_parent;
2486 }
2487 /* subvol_name_ptr is already nul terminated */
2488 subvol_name = (char *)kbasename(subvol_name_ptr);
2489 }
2490 } else {
2491 vol_args = memdup_user(arg, sizeof(*vol_args));
2492 if (IS_ERR(vol_args))
2493 return PTR_ERR(vol_args);
2494
2495 ret = btrfs_check_ioctl_vol_args_path(vol_args);
2496 if (ret < 0)
2497 goto out;
2498
2499 subvol_name = vol_args->name;
2500
2501 ret = mnt_want_write_file(file);
2502 if (ret)
2503 goto out;
2504 }
2505
2506 subvol_namelen = strlen(subvol_name);
2507
2508 if (strchr(subvol_name, '/') ||
2509 strncmp(subvol_name, "..", subvol_namelen) == 0) {
2510 ret = -EINVAL;
2511 goto free_subvol_name;
2512 }
2513
2514 if (!S_ISDIR(dir->i_mode)) {
2515 ret = -ENOTDIR;
2516 goto free_subvol_name;
2517 }
2518
2519 ret = down_write_killable_nested(&dir->i_rwsem, I_MUTEX_PARENT);
2520 if (ret == -EINTR)
2521 goto free_subvol_name;
2522 dentry = lookup_one(idmap, subvol_name, parent, subvol_namelen);
2523 if (IS_ERR(dentry)) {
2524 ret = PTR_ERR(dentry);
2525 goto out_unlock_dir;
2526 }
2527
2528 if (d_really_is_negative(dentry)) {
2529 ret = -ENOENT;
2530 goto out_dput;
2531 }
2532
2533 inode = d_inode(dentry);
2534 dest = BTRFS_I(inode)->root;
2535 if (!capable(CAP_SYS_ADMIN)) {
2536 /*
2537 * Regular user. Only allow this with a special mount
2538 * option, when the user has write+exec access to the
2539 * subvol root, and when rmdir(2) would have been
2540 * allowed.
2541 *
2542 * Note that this is _not_ check that the subvol is
2543 * empty or doesn't contain data that we wouldn't
2544 * otherwise be able to delete.
2545 *
2546 * Users who want to delete empty subvols should try
2547 * rmdir(2).
2548 */
2549 ret = -EPERM;
2550 if (!btrfs_test_opt(fs_info, USER_SUBVOL_RM_ALLOWED))
2551 goto out_dput;
2552
2553 /*
2554 * Do not allow deletion if the parent dir is the same
2555 * as the dir to be deleted. That means the ioctl
2556 * must be called on the dentry referencing the root
2557 * of the subvol, not a random directory contained
2558 * within it.
2559 */
2560 ret = -EINVAL;
2561 if (root == dest)
2562 goto out_dput;
2563
2564 ret = inode_permission(idmap, inode, MAY_WRITE | MAY_EXEC);
2565 if (ret)
2566 goto out_dput;
2567 }
2568
2569 /* check if subvolume may be deleted by a user */
2570 ret = btrfs_may_delete(idmap, dir, dentry, 1);
2571 if (ret)
2572 goto out_dput;
2573
2574 if (btrfs_ino(BTRFS_I(inode)) != BTRFS_FIRST_FREE_OBJECTID) {
2575 ret = -EINVAL;
2576 goto out_dput;
2577 }
2578
2579 btrfs_inode_lock(BTRFS_I(inode), 0);
2580 ret = btrfs_delete_subvolume(BTRFS_I(dir), dentry);
2581 btrfs_inode_unlock(BTRFS_I(inode), 0);
2582 if (!ret)
2583 d_delete_notify(dir, dentry);
2584
2585 out_dput:
2586 dput(dentry);
2587 out_unlock_dir:
2588 btrfs_inode_unlock(BTRFS_I(dir), 0);
2589 free_subvol_name:
2590 kfree(subvol_name_ptr);
2591 free_parent:
2592 if (destroy_parent)
2593 dput(parent);
2594 out_drop_write:
2595 mnt_drop_write_file(file);
2596 out:
2597 kfree(vol_args2);
2598 kfree(vol_args);
2599 return ret;
2600 }
2601
2602 static int btrfs_ioctl_defrag(struct file *file, void __user *argp)
2603 {
2604 struct inode *inode = file_inode(file);
2605 struct btrfs_root *root = BTRFS_I(inode)->root;
2606 struct btrfs_ioctl_defrag_range_args range = {0};
2607 int ret;
2608
2609 ret = mnt_want_write_file(file);
2610 if (ret)
2611 return ret;
2612
2613 if (btrfs_root_readonly(root)) {
2614 ret = -EROFS;
2615 goto out;
2616 }
2617
2618 switch (inode->i_mode & S_IFMT) {
2619 case S_IFDIR:
2620 if (!capable(CAP_SYS_ADMIN)) {
2621 ret = -EPERM;
2622 goto out;
2623 }
2624 ret = btrfs_defrag_root(root);
2625 break;
2626 case S_IFREG:
2627 /*
2628 * Note that this does not check the file descriptor for write
2629 * access. This prevents defragmenting executables that are
2630 * running and allows defrag on files open in read-only mode.
2631 */
2632 if (!capable(CAP_SYS_ADMIN) &&
2633 inode_permission(&nop_mnt_idmap, inode, MAY_WRITE)) {
2634 ret = -EPERM;
2635 goto out;
2636 }
2637
2638 if (argp) {
2639 if (copy_from_user(&range, argp, sizeof(range))) {
2640 ret = -EFAULT;
2641 goto out;
2642 }
2643 if (range.flags & ~BTRFS_DEFRAG_RANGE_FLAGS_SUPP) {
2644 ret = -EOPNOTSUPP;
2645 goto out;
2646 }
2647 /* compression requires us to start the IO */
2648 if ((range.flags & BTRFS_DEFRAG_RANGE_COMPRESS)) {
2649 range.flags |= BTRFS_DEFRAG_RANGE_START_IO;
2650 range.extent_thresh = (u32)-1;
2651 }
2652 } else {
2653 /* the rest are all set to zero by kzalloc */
2654 range.len = (u64)-1;
2655 }
2656 ret = btrfs_defrag_file(file_inode(file), &file->f_ra,
2657 &range, BTRFS_OLDEST_GENERATION, 0);
2658 if (ret > 0)
2659 ret = 0;
2660 break;
2661 default:
2662 ret = -EINVAL;
2663 }
2664 out:
2665 mnt_drop_write_file(file);
2666 return ret;
2667 }
2668
2669 static long btrfs_ioctl_add_dev(struct btrfs_fs_info *fs_info, void __user *arg)
2670 {
2671 struct btrfs_ioctl_vol_args *vol_args;
2672 bool restore_op = false;
2673 int ret;
2674
2675 if (!capable(CAP_SYS_ADMIN))
2676 return -EPERM;
2677
2678 if (btrfs_fs_incompat(fs_info, EXTENT_TREE_V2)) {
2679 btrfs_err(fs_info, "device add not supported on extent tree v2 yet");
2680 return -EINVAL;
2681 }
2682
2683 if (fs_info->fs_devices->temp_fsid) {
2684 btrfs_err(fs_info,
2685 "device add not supported on cloned temp-fsid mount");
2686 return -EINVAL;
2687 }
2688
2689 if (!btrfs_exclop_start(fs_info, BTRFS_EXCLOP_DEV_ADD)) {
2690 if (!btrfs_exclop_start_try_lock(fs_info, BTRFS_EXCLOP_DEV_ADD))
2691 return BTRFS_ERROR_DEV_EXCL_RUN_IN_PROGRESS;
2692
2693 /*
2694 * We can do the device add because we have a paused balanced,
2695 * change the exclusive op type and remember we should bring
2696 * back the paused balance
2697 */
2698 fs_info->exclusive_operation = BTRFS_EXCLOP_DEV_ADD;
2699 btrfs_exclop_start_unlock(fs_info);
2700 restore_op = true;
2701 }
2702
2703 vol_args = memdup_user(arg, sizeof(*vol_args));
2704 if (IS_ERR(vol_args)) {
2705 ret = PTR_ERR(vol_args);
2706 goto out;
2707 }
2708
2709 ret = btrfs_check_ioctl_vol_args_path(vol_args);
2710 if (ret < 0)
2711 goto out_free;
2712
2713 ret = btrfs_init_new_device(fs_info, vol_args->name);
2714
2715 if (!ret)
2716 btrfs_info(fs_info, "disk added %s", vol_args->name);
2717
2718 out_free:
2719 kfree(vol_args);
2720 out:
2721 if (restore_op)
2722 btrfs_exclop_balance(fs_info, BTRFS_EXCLOP_BALANCE_PAUSED);
2723 else
2724 btrfs_exclop_finish(fs_info);
2725 return ret;
2726 }
2727
2728 static long btrfs_ioctl_rm_dev_v2(struct file *file, void __user *arg)
2729 {
2730 BTRFS_DEV_LOOKUP_ARGS(args);
2731 struct inode *inode = file_inode(file);
2732 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
2733 struct btrfs_ioctl_vol_args_v2 *vol_args;
2734 struct file *bdev_file = NULL;
2735 int ret;
2736 bool cancel = false;
2737
2738 if (!capable(CAP_SYS_ADMIN))
2739 return -EPERM;
2740
2741 vol_args = memdup_user(arg, sizeof(*vol_args));
2742 if (IS_ERR(vol_args))
2743 return PTR_ERR(vol_args);
2744
2745 if (vol_args->flags & ~BTRFS_DEVICE_REMOVE_ARGS_MASK) {
2746 ret = -EOPNOTSUPP;
2747 goto out;
2748 }
2749
2750 ret = btrfs_check_ioctl_vol_args2_subvol_name(vol_args);
2751 if (ret < 0)
2752 goto out;
2753
2754 if (vol_args->flags & BTRFS_DEVICE_SPEC_BY_ID) {
2755 args.devid = vol_args->devid;
2756 } else if (!strcmp("cancel", vol_args->name)) {
2757 cancel = true;
2758 } else {
2759 ret = btrfs_get_dev_args_from_path(fs_info, &args, vol_args->name);
2760 if (ret)
2761 goto out;
2762 }
2763
2764 ret = mnt_want_write_file(file);
2765 if (ret)
2766 goto out;
2767
2768 ret = exclop_start_or_cancel_reloc(fs_info, BTRFS_EXCLOP_DEV_REMOVE,
2769 cancel);
2770 if (ret)
2771 goto err_drop;
2772
2773 /* Exclusive operation is now claimed */
2774 ret = btrfs_rm_device(fs_info, &args, &bdev_file);
2775
2776 btrfs_exclop_finish(fs_info);
2777
2778 if (!ret) {
2779 if (vol_args->flags & BTRFS_DEVICE_SPEC_BY_ID)
2780 btrfs_info(fs_info, "device deleted: id %llu",
2781 vol_args->devid);
2782 else
2783 btrfs_info(fs_info, "device deleted: %s",
2784 vol_args->name);
2785 }
2786 err_drop:
2787 mnt_drop_write_file(file);
2788 if (bdev_file)
2789 fput(bdev_file);
2790 out:
2791 btrfs_put_dev_args_from_path(&args);
2792 kfree(vol_args);
2793 return ret;
2794 }
2795
2796 static long btrfs_ioctl_rm_dev(struct file *file, void __user *arg)
2797 {
2798 BTRFS_DEV_LOOKUP_ARGS(args);
2799 struct inode *inode = file_inode(file);
2800 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
2801 struct btrfs_ioctl_vol_args *vol_args;
2802 struct file *bdev_file = NULL;
2803 int ret;
2804 bool cancel = false;
2805
2806 if (!capable(CAP_SYS_ADMIN))
2807 return -EPERM;
2808
2809 vol_args = memdup_user(arg, sizeof(*vol_args));
2810 if (IS_ERR(vol_args))
2811 return PTR_ERR(vol_args);
2812
2813 ret = btrfs_check_ioctl_vol_args_path(vol_args);
2814 if (ret < 0)
2815 goto out_free;
2816
2817 if (!strcmp("cancel", vol_args->name)) {
2818 cancel = true;
2819 } else {
2820 ret = btrfs_get_dev_args_from_path(fs_info, &args, vol_args->name);
2821 if (ret)
2822 goto out;
2823 }
2824
2825 ret = mnt_want_write_file(file);
2826 if (ret)
2827 goto out;
2828
2829 ret = exclop_start_or_cancel_reloc(fs_info, BTRFS_EXCLOP_DEV_REMOVE,
2830 cancel);
2831 if (ret == 0) {
2832 ret = btrfs_rm_device(fs_info, &args, &bdev_file);
2833 if (!ret)
2834 btrfs_info(fs_info, "disk deleted %s", vol_args->name);
2835 btrfs_exclop_finish(fs_info);
2836 }
2837
2838 mnt_drop_write_file(file);
2839 if (bdev_file)
2840 fput(bdev_file);
2841 out:
2842 btrfs_put_dev_args_from_path(&args);
2843 out_free:
2844 kfree(vol_args);
2845 return ret;
2846 }
2847
2848 static long btrfs_ioctl_fs_info(struct btrfs_fs_info *fs_info,
2849 void __user *arg)
2850 {
2851 struct btrfs_ioctl_fs_info_args *fi_args;
2852 struct btrfs_device *device;
2853 struct btrfs_fs_devices *fs_devices = fs_info->fs_devices;
2854 u64 flags_in;
2855 int ret = 0;
2856
2857 fi_args = memdup_user(arg, sizeof(*fi_args));
2858 if (IS_ERR(fi_args))
2859 return PTR_ERR(fi_args);
2860
2861 flags_in = fi_args->flags;
2862 memset(fi_args, 0, sizeof(*fi_args));
2863
2864 rcu_read_lock();
2865 fi_args->num_devices = fs_devices->num_devices;
2866
2867 list_for_each_entry_rcu(device, &fs_devices->devices, dev_list) {
2868 if (device->devid > fi_args->max_id)
2869 fi_args->max_id = device->devid;
2870 }
2871 rcu_read_unlock();
2872
2873 memcpy(&fi_args->fsid, fs_devices->fsid, sizeof(fi_args->fsid));
2874 fi_args->nodesize = fs_info->nodesize;
2875 fi_args->sectorsize = fs_info->sectorsize;
2876 fi_args->clone_alignment = fs_info->sectorsize;
2877
2878 if (flags_in & BTRFS_FS_INFO_FLAG_CSUM_INFO) {
2879 fi_args->csum_type = btrfs_super_csum_type(fs_info->super_copy);
2880 fi_args->csum_size = btrfs_super_csum_size(fs_info->super_copy);
2881 fi_args->flags |= BTRFS_FS_INFO_FLAG_CSUM_INFO;
2882 }
2883
2884 if (flags_in & BTRFS_FS_INFO_FLAG_GENERATION) {
2885 fi_args->generation = btrfs_get_fs_generation(fs_info);
2886 fi_args->flags |= BTRFS_FS_INFO_FLAG_GENERATION;
2887 }
2888
2889 if (flags_in & BTRFS_FS_INFO_FLAG_METADATA_UUID) {
2890 memcpy(&fi_args->metadata_uuid, fs_devices->metadata_uuid,
2891 sizeof(fi_args->metadata_uuid));
2892 fi_args->flags |= BTRFS_FS_INFO_FLAG_METADATA_UUID;
2893 }
2894
2895 if (copy_to_user(arg, fi_args, sizeof(*fi_args)))
2896 ret = -EFAULT;
2897
2898 kfree(fi_args);
2899 return ret;
2900 }
2901
2902 static long btrfs_ioctl_dev_info(struct btrfs_fs_info *fs_info,
2903 void __user *arg)
2904 {
2905 BTRFS_DEV_LOOKUP_ARGS(args);
2906 struct btrfs_ioctl_dev_info_args *di_args;
2907 struct btrfs_device *dev;
2908 int ret = 0;
2909
2910 di_args = memdup_user(arg, sizeof(*di_args));
2911 if (IS_ERR(di_args))
2912 return PTR_ERR(di_args);
2913
2914 args.devid = di_args->devid;
2915 if (!btrfs_is_empty_uuid(di_args->uuid))
2916 args.uuid = di_args->uuid;
2917
2918 rcu_read_lock();
2919 dev = btrfs_find_device(fs_info->fs_devices, &args);
2920 if (!dev) {
2921 ret = -ENODEV;
2922 goto out;
2923 }
2924
2925 di_args->devid = dev->devid;
2926 di_args->bytes_used = btrfs_device_get_bytes_used(dev);
2927 di_args->total_bytes = btrfs_device_get_total_bytes(dev);
2928 memcpy(di_args->uuid, dev->uuid, sizeof(di_args->uuid));
2929 memcpy(di_args->fsid, dev->fs_devices->fsid, BTRFS_UUID_SIZE);
2930 if (dev->name)
2931 strscpy(di_args->path, btrfs_dev_name(dev), sizeof(di_args->path));
2932 else
2933 di_args->path[0] = '\0';
2934
2935 out:
2936 rcu_read_unlock();
2937 if (ret == 0 && copy_to_user(arg, di_args, sizeof(*di_args)))
2938 ret = -EFAULT;
2939
2940 kfree(di_args);
2941 return ret;
2942 }
2943
2944 static long btrfs_ioctl_default_subvol(struct file *file, void __user *argp)
2945 {
2946 struct inode *inode = file_inode(file);
2947 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
2948 struct btrfs_root *root = BTRFS_I(inode)->root;
2949 struct btrfs_root *new_root;
2950 struct btrfs_dir_item *di;
2951 struct btrfs_trans_handle *trans;
2952 struct btrfs_path *path = NULL;
2953 struct btrfs_disk_key disk_key;
2954 struct fscrypt_str name = FSTR_INIT("default", 7);
2955 u64 objectid = 0;
2956 u64 dir_id;
2957 int ret;
2958
2959 if (!capable(CAP_SYS_ADMIN))
2960 return -EPERM;
2961
2962 ret = mnt_want_write_file(file);
2963 if (ret)
2964 return ret;
2965
2966 if (copy_from_user(&objectid, argp, sizeof(objectid))) {
2967 ret = -EFAULT;
2968 goto out;
2969 }
2970
2971 if (!objectid)
2972 objectid = BTRFS_FS_TREE_OBJECTID;
2973
2974 new_root = btrfs_get_fs_root(fs_info, objectid, true);
2975 if (IS_ERR(new_root)) {
2976 ret = PTR_ERR(new_root);
2977 goto out;
2978 }
2979 if (!is_fstree(btrfs_root_id(new_root))) {
2980 ret = -ENOENT;
2981 goto out_free;
2982 }
2983
2984 path = btrfs_alloc_path();
2985 if (!path) {
2986 ret = -ENOMEM;
2987 goto out_free;
2988 }
2989
2990 trans = btrfs_start_transaction(root, 1);
2991 if (IS_ERR(trans)) {
2992 ret = PTR_ERR(trans);
2993 goto out_free;
2994 }
2995
2996 dir_id = btrfs_super_root_dir(fs_info->super_copy);
2997 di = btrfs_lookup_dir_item(trans, fs_info->tree_root, path,
2998 dir_id, &name, 1);
2999 if (IS_ERR_OR_NULL(di)) {
3000 btrfs_release_path(path);
3001 btrfs_end_transaction(trans);
3002 btrfs_err(fs_info,
3003 "Umm, you don't have the default diritem, this isn't going to work");
3004 ret = -ENOENT;
3005 goto out_free;
3006 }
3007
3008 btrfs_cpu_key_to_disk(&disk_key, &new_root->root_key);
3009 btrfs_set_dir_item_key(path->nodes[0], di, &disk_key);
3010 btrfs_mark_buffer_dirty(trans, path->nodes[0]);
3011 btrfs_release_path(path);
3012
3013 btrfs_set_fs_incompat(fs_info, DEFAULT_SUBVOL);
3014 btrfs_end_transaction(trans);
3015 out_free:
3016 btrfs_put_root(new_root);
3017 btrfs_free_path(path);
3018 out:
3019 mnt_drop_write_file(file);
3020 return ret;
3021 }
3022
3023 static void get_block_group_info(struct list_head *groups_list,
3024 struct btrfs_ioctl_space_info *space)
3025 {
3026 struct btrfs_block_group *block_group;
3027
3028 space->total_bytes = 0;
3029 space->used_bytes = 0;
3030 space->flags = 0;
3031 list_for_each_entry(block_group, groups_list, list) {
3032 space->flags = block_group->flags;
3033 space->total_bytes += block_group->length;
3034 space->used_bytes += block_group->used;
3035 }
3036 }
3037
3038 static long btrfs_ioctl_space_info(struct btrfs_fs_info *fs_info,
3039 void __user *arg)
3040 {
3041 struct btrfs_ioctl_space_args space_args = { 0 };
3042 struct btrfs_ioctl_space_info space;
3043 struct btrfs_ioctl_space_info *dest;
3044 struct btrfs_ioctl_space_info *dest_orig;
3045 struct btrfs_ioctl_space_info __user *user_dest;
3046 struct btrfs_space_info *info;
3047 static const u64 types[] = {
3048 BTRFS_BLOCK_GROUP_DATA,
3049 BTRFS_BLOCK_GROUP_SYSTEM,
3050 BTRFS_BLOCK_GROUP_METADATA,
3051 BTRFS_BLOCK_GROUP_DATA | BTRFS_BLOCK_GROUP_METADATA
3052 };
3053 int num_types = 4;
3054 int alloc_size;
3055 int ret = 0;
3056 u64 slot_count = 0;
3057 int i, c;
3058
3059 if (copy_from_user(&space_args,
3060 (struct btrfs_ioctl_space_args __user *)arg,
3061 sizeof(space_args)))
3062 return -EFAULT;
3063
3064 for (i = 0; i < num_types; i++) {
3065 struct btrfs_space_info *tmp;
3066
3067 info = NULL;
3068 list_for_each_entry(tmp, &fs_info->space_info, list) {
3069 if (tmp->flags == types[i]) {
3070 info = tmp;
3071 break;
3072 }
3073 }
3074
3075 if (!info)
3076 continue;
3077
3078 down_read(&info->groups_sem);
3079 for (c = 0; c < BTRFS_NR_RAID_TYPES; c++) {
3080 if (!list_empty(&info->block_groups[c]))
3081 slot_count++;
3082 }
3083 up_read(&info->groups_sem);
3084 }
3085
3086 /*
3087 * Global block reserve, exported as a space_info
3088 */
3089 slot_count++;
3090
3091 /* space_slots == 0 means they are asking for a count */
3092 if (space_args.space_slots == 0) {
3093 space_args.total_spaces = slot_count;
3094 goto out;
3095 }
3096
3097 slot_count = min_t(u64, space_args.space_slots, slot_count);
3098
3099 alloc_size = sizeof(*dest) * slot_count;
3100
3101 /* we generally have at most 6 or so space infos, one for each raid
3102 * level. So, a whole page should be more than enough for everyone
3103 */
3104 if (alloc_size > PAGE_SIZE)
3105 return -ENOMEM;
3106
3107 space_args.total_spaces = 0;
3108 dest = kmalloc(alloc_size, GFP_KERNEL);
3109 if (!dest)
3110 return -ENOMEM;
3111 dest_orig = dest;
3112
3113 /* now we have a buffer to copy into */
3114 for (i = 0; i < num_types; i++) {
3115 struct btrfs_space_info *tmp;
3116
3117 if (!slot_count)
3118 break;
3119
3120 info = NULL;
3121 list_for_each_entry(tmp, &fs_info->space_info, list) {
3122 if (tmp->flags == types[i]) {
3123 info = tmp;
3124 break;
3125 }
3126 }
3127
3128 if (!info)
3129 continue;
3130 down_read(&info->groups_sem);
3131 for (c = 0; c < BTRFS_NR_RAID_TYPES; c++) {
3132 if (!list_empty(&info->block_groups[c])) {
3133 get_block_group_info(&info->block_groups[c],
3134 &space);
3135 memcpy(dest, &space, sizeof(space));
3136 dest++;
3137 space_args.total_spaces++;
3138 slot_count--;
3139 }
3140 if (!slot_count)
3141 break;
3142 }
3143 up_read(&info->groups_sem);
3144 }
3145
3146 /*
3147 * Add global block reserve
3148 */
3149 if (slot_count) {
3150 struct btrfs_block_rsv *block_rsv = &fs_info->global_block_rsv;
3151
3152 spin_lock(&block_rsv->lock);
3153 space.total_bytes = block_rsv->size;
3154 space.used_bytes = block_rsv->size - block_rsv->reserved;
3155 spin_unlock(&block_rsv->lock);
3156 space.flags = BTRFS_SPACE_INFO_GLOBAL_RSV;
3157 memcpy(dest, &space, sizeof(space));
3158 space_args.total_spaces++;
3159 }
3160
3161 user_dest = (struct btrfs_ioctl_space_info __user *)
3162 (arg + sizeof(struct btrfs_ioctl_space_args));
3163
3164 if (copy_to_user(user_dest, dest_orig, alloc_size))
3165 ret = -EFAULT;
3166
3167 kfree(dest_orig);
3168 out:
3169 if (ret == 0 && copy_to_user(arg, &space_args, sizeof(space_args)))
3170 ret = -EFAULT;
3171
3172 return ret;
3173 }
3174
3175 static noinline long btrfs_ioctl_start_sync(struct btrfs_root *root,
3176 void __user *argp)
3177 {
3178 struct btrfs_trans_handle *trans;
3179 u64 transid;
3180
3181 /*
3182 * Start orphan cleanup here for the given root in case it hasn't been
3183 * started already by other means. Errors are handled in the other
3184 * functions during transaction commit.
3185 */
3186 btrfs_orphan_cleanup(root);
3187
3188 trans = btrfs_attach_transaction_barrier(root);
3189 if (IS_ERR(trans)) {
3190 if (PTR_ERR(trans) != -ENOENT)
3191 return PTR_ERR(trans);
3192
3193 /* No running transaction, don't bother */
3194 transid = btrfs_get_last_trans_committed(root->fs_info);
3195 goto out;
3196 }
3197 transid = trans->transid;
3198 btrfs_commit_transaction_async(trans);
3199 out:
3200 if (argp)
3201 if (copy_to_user(argp, &transid, sizeof(transid)))
3202 return -EFAULT;
3203 return 0;
3204 }
3205
3206 static noinline long btrfs_ioctl_wait_sync(struct btrfs_fs_info *fs_info,
3207 void __user *argp)
3208 {
3209 /* By default wait for the current transaction. */
3210 u64 transid = 0;
3211
3212 if (argp)
3213 if (copy_from_user(&transid, argp, sizeof(transid)))
3214 return -EFAULT;
3215
3216 return btrfs_wait_for_commit(fs_info, transid);
3217 }
3218
3219 static long btrfs_ioctl_scrub(struct file *file, void __user *arg)
3220 {
3221 struct btrfs_fs_info *fs_info = inode_to_fs_info(file_inode(file));
3222 struct btrfs_ioctl_scrub_args *sa;
3223 int ret;
3224
3225 if (!capable(CAP_SYS_ADMIN))
3226 return -EPERM;
3227
3228 if (btrfs_fs_incompat(fs_info, EXTENT_TREE_V2)) {
3229 btrfs_err(fs_info, "scrub is not supported on extent tree v2 yet");
3230 return -EINVAL;
3231 }
3232
3233 sa = memdup_user(arg, sizeof(*sa));
3234 if (IS_ERR(sa))
3235 return PTR_ERR(sa);
3236
3237 if (sa->flags & ~BTRFS_SCRUB_SUPPORTED_FLAGS) {
3238 ret = -EOPNOTSUPP;
3239 goto out;
3240 }
3241
3242 if (!(sa->flags & BTRFS_SCRUB_READONLY)) {
3243 ret = mnt_want_write_file(file);
3244 if (ret)
3245 goto out;
3246 }
3247
3248 ret = btrfs_scrub_dev(fs_info, sa->devid, sa->start, sa->end,
3249 &sa->progress, sa->flags & BTRFS_SCRUB_READONLY,
3250 0);
3251
3252 /*
3253 * Copy scrub args to user space even if btrfs_scrub_dev() returned an
3254 * error. This is important as it allows user space to know how much
3255 * progress scrub has done. For example, if scrub is canceled we get
3256 * -ECANCELED from btrfs_scrub_dev() and return that error back to user
3257 * space. Later user space can inspect the progress from the structure
3258 * btrfs_ioctl_scrub_args and resume scrub from where it left off
3259 * previously (btrfs-progs does this).
3260 * If we fail to copy the btrfs_ioctl_scrub_args structure to user space
3261 * then return -EFAULT to signal the structure was not copied or it may
3262 * be corrupt and unreliable due to a partial copy.
3263 */
3264 if (copy_to_user(arg, sa, sizeof(*sa)))
3265 ret = -EFAULT;
3266
3267 if (!(sa->flags & BTRFS_SCRUB_READONLY))
3268 mnt_drop_write_file(file);
3269 out:
3270 kfree(sa);
3271 return ret;
3272 }
3273
3274 static long btrfs_ioctl_scrub_cancel(struct btrfs_fs_info *fs_info)
3275 {
3276 if (!capable(CAP_SYS_ADMIN))
3277 return -EPERM;
3278
3279 return btrfs_scrub_cancel(fs_info);
3280 }
3281
3282 static long btrfs_ioctl_scrub_progress(struct btrfs_fs_info *fs_info,
3283 void __user *arg)
3284 {
3285 struct btrfs_ioctl_scrub_args *sa;
3286 int ret;
3287
3288 if (!capable(CAP_SYS_ADMIN))
3289 return -EPERM;
3290
3291 sa = memdup_user(arg, sizeof(*sa));
3292 if (IS_ERR(sa))
3293 return PTR_ERR(sa);
3294
3295 ret = btrfs_scrub_progress(fs_info, sa->devid, &sa->progress);
3296
3297 if (ret == 0 && copy_to_user(arg, sa, sizeof(*sa)))
3298 ret = -EFAULT;
3299
3300 kfree(sa);
3301 return ret;
3302 }
3303
3304 static long btrfs_ioctl_get_dev_stats(struct btrfs_fs_info *fs_info,
3305 void __user *arg)
3306 {
3307 struct btrfs_ioctl_get_dev_stats *sa;
3308 int ret;
3309
3310 sa = memdup_user(arg, sizeof(*sa));
3311 if (IS_ERR(sa))
3312 return PTR_ERR(sa);
3313
3314 if ((sa->flags & BTRFS_DEV_STATS_RESET) && !capable(CAP_SYS_ADMIN)) {
3315 kfree(sa);
3316 return -EPERM;
3317 }
3318
3319 ret = btrfs_get_dev_stats(fs_info, sa);
3320
3321 if (ret == 0 && copy_to_user(arg, sa, sizeof(*sa)))
3322 ret = -EFAULT;
3323
3324 kfree(sa);
3325 return ret;
3326 }
3327
3328 static long btrfs_ioctl_dev_replace(struct btrfs_fs_info *fs_info,
3329 void __user *arg)
3330 {
3331 struct btrfs_ioctl_dev_replace_args *p;
3332 int ret;
3333
3334 if (!capable(CAP_SYS_ADMIN))
3335 return -EPERM;
3336
3337 if (btrfs_fs_incompat(fs_info, EXTENT_TREE_V2)) {
3338 btrfs_err(fs_info, "device replace not supported on extent tree v2 yet");
3339 return -EINVAL;
3340 }
3341
3342 p = memdup_user(arg, sizeof(*p));
3343 if (IS_ERR(p))
3344 return PTR_ERR(p);
3345
3346 switch (p->cmd) {
3347 case BTRFS_IOCTL_DEV_REPLACE_CMD_START:
3348 if (sb_rdonly(fs_info->sb)) {
3349 ret = -EROFS;
3350 goto out;
3351 }
3352 if (!btrfs_exclop_start(fs_info, BTRFS_EXCLOP_DEV_REPLACE)) {
3353 ret = BTRFS_ERROR_DEV_EXCL_RUN_IN_PROGRESS;
3354 } else {
3355 ret = btrfs_dev_replace_by_ioctl(fs_info, p);
3356 btrfs_exclop_finish(fs_info);
3357 }
3358 break;
3359 case BTRFS_IOCTL_DEV_REPLACE_CMD_STATUS:
3360 btrfs_dev_replace_status(fs_info, p);
3361 ret = 0;
3362 break;
3363 case BTRFS_IOCTL_DEV_REPLACE_CMD_CANCEL:
3364 p->result = btrfs_dev_replace_cancel(fs_info);
3365 ret = 0;
3366 break;
3367 default:
3368 ret = -EINVAL;
3369 break;
3370 }
3371
3372 if ((ret == 0 || ret == -ECANCELED) && copy_to_user(arg, p, sizeof(*p)))
3373 ret = -EFAULT;
3374 out:
3375 kfree(p);
3376 return ret;
3377 }
3378
3379 static long btrfs_ioctl_ino_to_path(struct btrfs_root *root, void __user *arg)
3380 {
3381 int ret = 0;
3382 int i;
3383 u64 rel_ptr;
3384 int size;
3385 struct btrfs_ioctl_ino_path_args *ipa = NULL;
3386 struct inode_fs_paths *ipath = NULL;
3387 struct btrfs_path *path;
3388
3389 if (!capable(CAP_DAC_READ_SEARCH))
3390 return -EPERM;
3391
3392 path = btrfs_alloc_path();
3393 if (!path) {
3394 ret = -ENOMEM;
3395 goto out;
3396 }
3397
3398 ipa = memdup_user(arg, sizeof(*ipa));
3399 if (IS_ERR(ipa)) {
3400 ret = PTR_ERR(ipa);
3401 ipa = NULL;
3402 goto out;
3403 }
3404
3405 size = min_t(u32, ipa->size, 4096);
3406 ipath = init_ipath(size, root, path);
3407 if (IS_ERR(ipath)) {
3408 ret = PTR_ERR(ipath);
3409 ipath = NULL;
3410 goto out;
3411 }
3412
3413 ret = paths_from_inode(ipa->inum, ipath);
3414 if (ret < 0)
3415 goto out;
3416
3417 for (i = 0; i < ipath->fspath->elem_cnt; ++i) {
3418 rel_ptr = ipath->fspath->val[i] -
3419 (u64)(unsigned long)ipath->fspath->val;
3420 ipath->fspath->val[i] = rel_ptr;
3421 }
3422
3423 btrfs_free_path(path);
3424 path = NULL;
3425 ret = copy_to_user((void __user *)(unsigned long)ipa->fspath,
3426 ipath->fspath, size);
3427 if (ret) {
3428 ret = -EFAULT;
3429 goto out;
3430 }
3431
3432 out:
3433 btrfs_free_path(path);
3434 free_ipath(ipath);
3435 kfree(ipa);
3436
3437 return ret;
3438 }
3439
3440 static long btrfs_ioctl_logical_to_ino(struct btrfs_fs_info *fs_info,
3441 void __user *arg, int version)
3442 {
3443 int ret = 0;
3444 int size;
3445 struct btrfs_ioctl_logical_ino_args *loi;
3446 struct btrfs_data_container *inodes = NULL;
3447 struct btrfs_path *path = NULL;
3448 bool ignore_offset;
3449
3450 if (!capable(CAP_SYS_ADMIN))
3451 return -EPERM;
3452
3453 loi = memdup_user(arg, sizeof(*loi));
3454 if (IS_ERR(loi))
3455 return PTR_ERR(loi);
3456
3457 if (version == 1) {
3458 ignore_offset = false;
3459 size = min_t(u32, loi->size, SZ_64K);
3460 } else {
3461 /* All reserved bits must be 0 for now */
3462 if (memchr_inv(loi->reserved, 0, sizeof(loi->reserved))) {
3463 ret = -EINVAL;
3464 goto out_loi;
3465 }
3466 /* Only accept flags we have defined so far */
3467 if (loi->flags & ~(BTRFS_LOGICAL_INO_ARGS_IGNORE_OFFSET)) {
3468 ret = -EINVAL;
3469 goto out_loi;
3470 }
3471 ignore_offset = loi->flags & BTRFS_LOGICAL_INO_ARGS_IGNORE_OFFSET;
3472 size = min_t(u32, loi->size, SZ_16M);
3473 }
3474
3475 inodes = init_data_container(size);
3476 if (IS_ERR(inodes)) {
3477 ret = PTR_ERR(inodes);
3478 goto out_loi;
3479 }
3480
3481 path = btrfs_alloc_path();
3482 if (!path) {
3483 ret = -ENOMEM;
3484 goto out;
3485 }
3486 ret = iterate_inodes_from_logical(loi->logical, fs_info, path,
3487 inodes, ignore_offset);
3488 btrfs_free_path(path);
3489 if (ret == -EINVAL)
3490 ret = -ENOENT;
3491 if (ret < 0)
3492 goto out;
3493
3494 ret = copy_to_user((void __user *)(unsigned long)loi->inodes, inodes,
3495 size);
3496 if (ret)
3497 ret = -EFAULT;
3498
3499 out:
3500 kvfree(inodes);
3501 out_loi:
3502 kfree(loi);
3503
3504 return ret;
3505 }
3506
3507 void btrfs_update_ioctl_balance_args(struct btrfs_fs_info *fs_info,
3508 struct btrfs_ioctl_balance_args *bargs)
3509 {
3510 struct btrfs_balance_control *bctl = fs_info->balance_ctl;
3511
3512 bargs->flags = bctl->flags;
3513
3514 if (test_bit(BTRFS_FS_BALANCE_RUNNING, &fs_info->flags))
3515 bargs->state |= BTRFS_BALANCE_STATE_RUNNING;
3516 if (atomic_read(&fs_info->balance_pause_req))
3517 bargs->state |= BTRFS_BALANCE_STATE_PAUSE_REQ;
3518 if (atomic_read(&fs_info->balance_cancel_req))
3519 bargs->state |= BTRFS_BALANCE_STATE_CANCEL_REQ;
3520
3521 memcpy(&bargs->data, &bctl->data, sizeof(bargs->data));
3522 memcpy(&bargs->meta, &bctl->meta, sizeof(bargs->meta));
3523 memcpy(&bargs->sys, &bctl->sys, sizeof(bargs->sys));
3524
3525 spin_lock(&fs_info->balance_lock);
3526 memcpy(&bargs->stat, &bctl->stat, sizeof(bargs->stat));
3527 spin_unlock(&fs_info->balance_lock);
3528 }
3529
3530 /*
3531 * Try to acquire fs_info::balance_mutex as well as set BTRFS_EXLCOP_BALANCE as
3532 * required.
3533 *
3534 * @fs_info: the filesystem
3535 * @excl_acquired: ptr to boolean value which is set to false in case balance
3536 * is being resumed
3537 *
3538 * Return 0 on success in which case both fs_info::balance is acquired as well
3539 * as exclusive ops are blocked. In case of failure return an error code.
3540 */
3541 static int btrfs_try_lock_balance(struct btrfs_fs_info *fs_info, bool *excl_acquired)
3542 {
3543 int ret;
3544
3545 /*
3546 * Exclusive operation is locked. Three possibilities:
3547 * (1) some other op is running
3548 * (2) balance is running
3549 * (3) balance is paused -- special case (think resume)
3550 */
3551 while (1) {
3552 if (btrfs_exclop_start(fs_info, BTRFS_EXCLOP_BALANCE)) {
3553 *excl_acquired = true;
3554 mutex_lock(&fs_info->balance_mutex);
3555 return 0;
3556 }
3557
3558 mutex_lock(&fs_info->balance_mutex);
3559 if (fs_info->balance_ctl) {
3560 /* This is either (2) or (3) */
3561 if (test_bit(BTRFS_FS_BALANCE_RUNNING, &fs_info->flags)) {
3562 /* This is (2) */
3563 ret = -EINPROGRESS;
3564 goto out_failure;
3565
3566 } else {
3567 mutex_unlock(&fs_info->balance_mutex);
3568 /*
3569 * Lock released to allow other waiters to
3570 * continue, we'll reexamine the status again.
3571 */
3572 mutex_lock(&fs_info->balance_mutex);
3573
3574 if (fs_info->balance_ctl &&
3575 !test_bit(BTRFS_FS_BALANCE_RUNNING, &fs_info->flags)) {
3576 /* This is (3) */
3577 *excl_acquired = false;
3578 return 0;
3579 }
3580 }
3581 } else {
3582 /* This is (1) */
3583 ret = BTRFS_ERROR_DEV_EXCL_RUN_IN_PROGRESS;
3584 goto out_failure;
3585 }
3586
3587 mutex_unlock(&fs_info->balance_mutex);
3588 }
3589
3590 out_failure:
3591 mutex_unlock(&fs_info->balance_mutex);
3592 *excl_acquired = false;
3593 return ret;
3594 }
3595
3596 static long btrfs_ioctl_balance(struct file *file, void __user *arg)
3597 {
3598 struct btrfs_root *root = BTRFS_I(file_inode(file))->root;
3599 struct btrfs_fs_info *fs_info = root->fs_info;
3600 struct btrfs_ioctl_balance_args *bargs;
3601 struct btrfs_balance_control *bctl;
3602 bool need_unlock = true;
3603 int ret;
3604
3605 if (!capable(CAP_SYS_ADMIN))
3606 return -EPERM;
3607
3608 ret = mnt_want_write_file(file);
3609 if (ret)
3610 return ret;
3611
3612 bargs = memdup_user(arg, sizeof(*bargs));
3613 if (IS_ERR(bargs)) {
3614 ret = PTR_ERR(bargs);
3615 bargs = NULL;
3616 goto out;
3617 }
3618
3619 ret = btrfs_try_lock_balance(fs_info, &need_unlock);
3620 if (ret)
3621 goto out;
3622
3623 lockdep_assert_held(&fs_info->balance_mutex);
3624
3625 if (bargs->flags & BTRFS_BALANCE_RESUME) {
3626 if (!fs_info->balance_ctl) {
3627 ret = -ENOTCONN;
3628 goto out_unlock;
3629 }
3630
3631 bctl = fs_info->balance_ctl;
3632 spin_lock(&fs_info->balance_lock);
3633 bctl->flags |= BTRFS_BALANCE_RESUME;
3634 spin_unlock(&fs_info->balance_lock);
3635 btrfs_exclop_balance(fs_info, BTRFS_EXCLOP_BALANCE);
3636
3637 goto do_balance;
3638 }
3639
3640 if (bargs->flags & ~(BTRFS_BALANCE_ARGS_MASK | BTRFS_BALANCE_TYPE_MASK)) {
3641 ret = -EINVAL;
3642 goto out_unlock;
3643 }
3644
3645 if (fs_info->balance_ctl) {
3646 ret = -EINPROGRESS;
3647 goto out_unlock;
3648 }
3649
3650 bctl = kzalloc(sizeof(*bctl), GFP_KERNEL);
3651 if (!bctl) {
3652 ret = -ENOMEM;
3653 goto out_unlock;
3654 }
3655
3656 memcpy(&bctl->data, &bargs->data, sizeof(bctl->data));
3657 memcpy(&bctl->meta, &bargs->meta, sizeof(bctl->meta));
3658 memcpy(&bctl->sys, &bargs->sys, sizeof(bctl->sys));
3659
3660 bctl->flags = bargs->flags;
3661 do_balance:
3662 /*
3663 * Ownership of bctl and exclusive operation goes to btrfs_balance.
3664 * bctl is freed in reset_balance_state, or, if restriper was paused
3665 * all the way until unmount, in free_fs_info. The flag should be
3666 * cleared after reset_balance_state.
3667 */
3668 need_unlock = false;
3669
3670 ret = btrfs_balance(fs_info, bctl, bargs);
3671 bctl = NULL;
3672
3673 if (ret == 0 || ret == -ECANCELED) {
3674 if (copy_to_user(arg, bargs, sizeof(*bargs)))
3675 ret = -EFAULT;
3676 }
3677
3678 kfree(bctl);
3679 out_unlock:
3680 mutex_unlock(&fs_info->balance_mutex);
3681 if (need_unlock)
3682 btrfs_exclop_finish(fs_info);
3683 out:
3684 mnt_drop_write_file(file);
3685 kfree(bargs);
3686 return ret;
3687 }
3688
3689 static long btrfs_ioctl_balance_ctl(struct btrfs_fs_info *fs_info, int cmd)
3690 {
3691 if (!capable(CAP_SYS_ADMIN))
3692 return -EPERM;
3693
3694 switch (cmd) {
3695 case BTRFS_BALANCE_CTL_PAUSE:
3696 return btrfs_pause_balance(fs_info);
3697 case BTRFS_BALANCE_CTL_CANCEL:
3698 return btrfs_cancel_balance(fs_info);
3699 }
3700
3701 return -EINVAL;
3702 }
3703
3704 static long btrfs_ioctl_balance_progress(struct btrfs_fs_info *fs_info,
3705 void __user *arg)
3706 {
3707 struct btrfs_ioctl_balance_args *bargs;
3708 int ret = 0;
3709
3710 if (!capable(CAP_SYS_ADMIN))
3711 return -EPERM;
3712
3713 mutex_lock(&fs_info->balance_mutex);
3714 if (!fs_info->balance_ctl) {
3715 ret = -ENOTCONN;
3716 goto out;
3717 }
3718
3719 bargs = kzalloc(sizeof(*bargs), GFP_KERNEL);
3720 if (!bargs) {
3721 ret = -ENOMEM;
3722 goto out;
3723 }
3724
3725 btrfs_update_ioctl_balance_args(fs_info, bargs);
3726
3727 if (copy_to_user(arg, bargs, sizeof(*bargs)))
3728 ret = -EFAULT;
3729
3730 kfree(bargs);
3731 out:
3732 mutex_unlock(&fs_info->balance_mutex);
3733 return ret;
3734 }
3735
3736 static long btrfs_ioctl_quota_ctl(struct file *file, void __user *arg)
3737 {
3738 struct inode *inode = file_inode(file);
3739 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
3740 struct btrfs_ioctl_quota_ctl_args *sa;
3741 int ret;
3742
3743 if (!capable(CAP_SYS_ADMIN))
3744 return -EPERM;
3745
3746 ret = mnt_want_write_file(file);
3747 if (ret)
3748 return ret;
3749
3750 sa = memdup_user(arg, sizeof(*sa));
3751 if (IS_ERR(sa)) {
3752 ret = PTR_ERR(sa);
3753 goto drop_write;
3754 }
3755
3756 switch (sa->cmd) {
3757 case BTRFS_QUOTA_CTL_ENABLE:
3758 case BTRFS_QUOTA_CTL_ENABLE_SIMPLE_QUOTA:
3759 down_write(&fs_info->subvol_sem);
3760 ret = btrfs_quota_enable(fs_info, sa);
3761 up_write(&fs_info->subvol_sem);
3762 break;
3763 case BTRFS_QUOTA_CTL_DISABLE:
3764 /*
3765 * Lock the cleaner mutex to prevent races with concurrent
3766 * relocation, because relocation may be building backrefs for
3767 * blocks of the quota root while we are deleting the root. This
3768 * is like dropping fs roots of deleted snapshots/subvolumes, we
3769 * need the same protection.
3770 *
3771 * This also prevents races between concurrent tasks trying to
3772 * disable quotas, because we will unlock and relock
3773 * qgroup_ioctl_lock across BTRFS_FS_QUOTA_ENABLED changes.
3774 *
3775 * We take this here because we have the dependency of
3776 *
3777 * inode_lock -> subvol_sem
3778 *
3779 * because of rename. With relocation we can prealloc extents,
3780 * so that makes the dependency chain
3781 *
3782 * cleaner_mutex -> inode_lock -> subvol_sem
3783 *
3784 * so we must take the cleaner_mutex here before we take the
3785 * subvol_sem. The deadlock can't actually happen, but this
3786 * quiets lockdep.
3787 */
3788 mutex_lock(&fs_info->cleaner_mutex);
3789 down_write(&fs_info->subvol_sem);
3790 ret = btrfs_quota_disable(fs_info);
3791 up_write(&fs_info->subvol_sem);
3792 mutex_unlock(&fs_info->cleaner_mutex);
3793 break;
3794 default:
3795 ret = -EINVAL;
3796 break;
3797 }
3798
3799 kfree(sa);
3800 drop_write:
3801 mnt_drop_write_file(file);
3802 return ret;
3803 }
3804
3805 /*
3806 * Quick check for ioctl handlers if quotas are enabled. Proper locking must be
3807 * done before any operations.
3808 */
3809 static bool qgroup_enabled(struct btrfs_fs_info *fs_info)
3810 {
3811 bool ret = true;
3812
3813 mutex_lock(&fs_info->qgroup_ioctl_lock);
3814 if (!fs_info->quota_root)
3815 ret = false;
3816 mutex_unlock(&fs_info->qgroup_ioctl_lock);
3817
3818 return ret;
3819 }
3820
3821 static long btrfs_ioctl_qgroup_assign(struct file *file, void __user *arg)
3822 {
3823 struct inode *inode = file_inode(file);
3824 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
3825 struct btrfs_root *root = BTRFS_I(inode)->root;
3826 struct btrfs_ioctl_qgroup_assign_args *sa;
3827 struct btrfs_qgroup_list *prealloc = NULL;
3828 struct btrfs_trans_handle *trans;
3829 int ret;
3830 int err;
3831
3832 if (!capable(CAP_SYS_ADMIN))
3833 return -EPERM;
3834
3835 if (!qgroup_enabled(root->fs_info))
3836 return -ENOTCONN;
3837
3838 ret = mnt_want_write_file(file);
3839 if (ret)
3840 return ret;
3841
3842 sa = memdup_user(arg, sizeof(*sa));
3843 if (IS_ERR(sa)) {
3844 ret = PTR_ERR(sa);
3845 goto drop_write;
3846 }
3847
3848 if (sa->assign) {
3849 prealloc = kzalloc(sizeof(*prealloc), GFP_KERNEL);
3850 if (!prealloc) {
3851 ret = -ENOMEM;
3852 goto drop_write;
3853 }
3854 }
3855
3856 trans = btrfs_join_transaction(root);
3857 if (IS_ERR(trans)) {
3858 ret = PTR_ERR(trans);
3859 goto out;
3860 }
3861
3862 /*
3863 * Prealloc ownership is moved to the relation handler, there it's used
3864 * or freed on error.
3865 */
3866 if (sa->assign) {
3867 ret = btrfs_add_qgroup_relation(trans, sa->src, sa->dst, prealloc);
3868 prealloc = NULL;
3869 } else {
3870 ret = btrfs_del_qgroup_relation(trans, sa->src, sa->dst);
3871 }
3872
3873 /* update qgroup status and info */
3874 mutex_lock(&fs_info->qgroup_ioctl_lock);
3875 err = btrfs_run_qgroups(trans);
3876 mutex_unlock(&fs_info->qgroup_ioctl_lock);
3877 if (err < 0)
3878 btrfs_warn(fs_info,
3879 "qgroup status update failed after %s relation, marked as inconsistent",
3880 sa->assign ? "adding" : "deleting");
3881 err = btrfs_end_transaction(trans);
3882 if (err && !ret)
3883 ret = err;
3884
3885 out:
3886 kfree(prealloc);
3887 kfree(sa);
3888 drop_write:
3889 mnt_drop_write_file(file);
3890 return ret;
3891 }
3892
3893 static long btrfs_ioctl_qgroup_create(struct file *file, void __user *arg)
3894 {
3895 struct inode *inode = file_inode(file);
3896 struct btrfs_root *root = BTRFS_I(inode)->root;
3897 struct btrfs_ioctl_qgroup_create_args *sa;
3898 struct btrfs_trans_handle *trans;
3899 int ret;
3900 int err;
3901
3902 if (!capable(CAP_SYS_ADMIN))
3903 return -EPERM;
3904
3905 if (!qgroup_enabled(root->fs_info))
3906 return -ENOTCONN;
3907
3908 ret = mnt_want_write_file(file);
3909 if (ret)
3910 return ret;
3911
3912 sa = memdup_user(arg, sizeof(*sa));
3913 if (IS_ERR(sa)) {
3914 ret = PTR_ERR(sa);
3915 goto drop_write;
3916 }
3917
3918 if (!sa->qgroupid) {
3919 ret = -EINVAL;
3920 goto out;
3921 }
3922
3923 if (sa->create && is_fstree(sa->qgroupid)) {
3924 ret = -EINVAL;
3925 goto out;
3926 }
3927
3928 trans = btrfs_join_transaction(root);
3929 if (IS_ERR(trans)) {
3930 ret = PTR_ERR(trans);
3931 goto out;
3932 }
3933
3934 if (sa->create) {
3935 ret = btrfs_create_qgroup(trans, sa->qgroupid);
3936 } else {
3937 ret = btrfs_remove_qgroup(trans, sa->qgroupid);
3938 }
3939
3940 err = btrfs_end_transaction(trans);
3941 if (err && !ret)
3942 ret = err;
3943
3944 out:
3945 kfree(sa);
3946 drop_write:
3947 mnt_drop_write_file(file);
3948 return ret;
3949 }
3950
3951 static long btrfs_ioctl_qgroup_limit(struct file *file, void __user *arg)
3952 {
3953 struct inode *inode = file_inode(file);
3954 struct btrfs_root *root = BTRFS_I(inode)->root;
3955 struct btrfs_ioctl_qgroup_limit_args *sa;
3956 struct btrfs_trans_handle *trans;
3957 int ret;
3958 int err;
3959 u64 qgroupid;
3960
3961 if (!capable(CAP_SYS_ADMIN))
3962 return -EPERM;
3963
3964 if (!qgroup_enabled(root->fs_info))
3965 return -ENOTCONN;
3966
3967 ret = mnt_want_write_file(file);
3968 if (ret)
3969 return ret;
3970
3971 sa = memdup_user(arg, sizeof(*sa));
3972 if (IS_ERR(sa)) {
3973 ret = PTR_ERR(sa);
3974 goto drop_write;
3975 }
3976
3977 trans = btrfs_join_transaction(root);
3978 if (IS_ERR(trans)) {
3979 ret = PTR_ERR(trans);
3980 goto out;
3981 }
3982
3983 qgroupid = sa->qgroupid;
3984 if (!qgroupid) {
3985 /* take the current subvol as qgroup */
3986 qgroupid = btrfs_root_id(root);
3987 }
3988
3989 ret = btrfs_limit_qgroup(trans, qgroupid, &sa->lim);
3990
3991 err = btrfs_end_transaction(trans);
3992 if (err && !ret)
3993 ret = err;
3994
3995 out:
3996 kfree(sa);
3997 drop_write:
3998 mnt_drop_write_file(file);
3999 return ret;
4000 }
4001
4002 static long btrfs_ioctl_quota_rescan(struct file *file, void __user *arg)
4003 {
4004 struct inode *inode = file_inode(file);
4005 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
4006 struct btrfs_ioctl_quota_rescan_args *qsa;
4007 int ret;
4008
4009 if (!capable(CAP_SYS_ADMIN))
4010 return -EPERM;
4011
4012 if (!qgroup_enabled(fs_info))
4013 return -ENOTCONN;
4014
4015 ret = mnt_want_write_file(file);
4016 if (ret)
4017 return ret;
4018
4019 qsa = memdup_user(arg, sizeof(*qsa));
4020 if (IS_ERR(qsa)) {
4021 ret = PTR_ERR(qsa);
4022 goto drop_write;
4023 }
4024
4025 if (qsa->flags) {
4026 ret = -EINVAL;
4027 goto out;
4028 }
4029
4030 ret = btrfs_qgroup_rescan(fs_info);
4031
4032 out:
4033 kfree(qsa);
4034 drop_write:
4035 mnt_drop_write_file(file);
4036 return ret;
4037 }
4038
4039 static long btrfs_ioctl_quota_rescan_status(struct btrfs_fs_info *fs_info,
4040 void __user *arg)
4041 {
4042 struct btrfs_ioctl_quota_rescan_args qsa = {0};
4043
4044 if (!capable(CAP_SYS_ADMIN))
4045 return -EPERM;
4046
4047 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_RESCAN) {
4048 qsa.flags = 1;
4049 qsa.progress = fs_info->qgroup_rescan_progress.objectid;
4050 }
4051
4052 if (copy_to_user(arg, &qsa, sizeof(qsa)))
4053 return -EFAULT;
4054
4055 return 0;
4056 }
4057
4058 static long btrfs_ioctl_quota_rescan_wait(struct btrfs_fs_info *fs_info)
4059 {
4060 if (!capable(CAP_SYS_ADMIN))
4061 return -EPERM;
4062
4063 return btrfs_qgroup_wait_for_completion(fs_info, true);
4064 }
4065
4066 static long _btrfs_ioctl_set_received_subvol(struct file *file,
4067 struct mnt_idmap *idmap,
4068 struct btrfs_ioctl_received_subvol_args *sa)
4069 {
4070 struct inode *inode = file_inode(file);
4071 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
4072 struct btrfs_root *root = BTRFS_I(inode)->root;
4073 struct btrfs_root_item *root_item = &root->root_item;
4074 struct btrfs_trans_handle *trans;
4075 struct timespec64 ct = current_time(inode);
4076 int ret = 0;
4077 int received_uuid_changed;
4078
4079 if (!inode_owner_or_capable(idmap, inode))
4080 return -EPERM;
4081
4082 ret = mnt_want_write_file(file);
4083 if (ret < 0)
4084 return ret;
4085
4086 down_write(&fs_info->subvol_sem);
4087
4088 if (btrfs_ino(BTRFS_I(inode)) != BTRFS_FIRST_FREE_OBJECTID) {
4089 ret = -EINVAL;
4090 goto out;
4091 }
4092
4093 if (btrfs_root_readonly(root)) {
4094 ret = -EROFS;
4095 goto out;
4096 }
4097
4098 /*
4099 * 1 - root item
4100 * 2 - uuid items (received uuid + subvol uuid)
4101 */
4102 trans = btrfs_start_transaction(root, 3);
4103 if (IS_ERR(trans)) {
4104 ret = PTR_ERR(trans);
4105 trans = NULL;
4106 goto out;
4107 }
4108
4109 sa->rtransid = trans->transid;
4110 sa->rtime.sec = ct.tv_sec;
4111 sa->rtime.nsec = ct.tv_nsec;
4112
4113 received_uuid_changed = memcmp(root_item->received_uuid, sa->uuid,
4114 BTRFS_UUID_SIZE);
4115 if (received_uuid_changed &&
4116 !btrfs_is_empty_uuid(root_item->received_uuid)) {
4117 ret = btrfs_uuid_tree_remove(trans, root_item->received_uuid,
4118 BTRFS_UUID_KEY_RECEIVED_SUBVOL,
4119 btrfs_root_id(root));
4120 if (ret && ret != -ENOENT) {
4121 btrfs_abort_transaction(trans, ret);
4122 btrfs_end_transaction(trans);
4123 goto out;
4124 }
4125 }
4126 memcpy(root_item->received_uuid, sa->uuid, BTRFS_UUID_SIZE);
4127 btrfs_set_root_stransid(root_item, sa->stransid);
4128 btrfs_set_root_rtransid(root_item, sa->rtransid);
4129 btrfs_set_stack_timespec_sec(&root_item->stime, sa->stime.sec);
4130 btrfs_set_stack_timespec_nsec(&root_item->stime, sa->stime.nsec);
4131 btrfs_set_stack_timespec_sec(&root_item->rtime, sa->rtime.sec);
4132 btrfs_set_stack_timespec_nsec(&root_item->rtime, sa->rtime.nsec);
4133
4134 ret = btrfs_update_root(trans, fs_info->tree_root,
4135 &root->root_key, &root->root_item);
4136 if (ret < 0) {
4137 btrfs_end_transaction(trans);
4138 goto out;
4139 }
4140 if (received_uuid_changed && !btrfs_is_empty_uuid(sa->uuid)) {
4141 ret = btrfs_uuid_tree_add(trans, sa->uuid,
4142 BTRFS_UUID_KEY_RECEIVED_SUBVOL,
4143 btrfs_root_id(root));
4144 if (ret < 0 && ret != -EEXIST) {
4145 btrfs_abort_transaction(trans, ret);
4146 btrfs_end_transaction(trans);
4147 goto out;
4148 }
4149 }
4150 ret = btrfs_commit_transaction(trans);
4151 out:
4152 up_write(&fs_info->subvol_sem);
4153 mnt_drop_write_file(file);
4154 return ret;
4155 }
4156
4157 #ifdef CONFIG_64BIT
4158 static long btrfs_ioctl_set_received_subvol_32(struct file *file,
4159 void __user *arg)
4160 {
4161 struct btrfs_ioctl_received_subvol_args_32 *args32 = NULL;
4162 struct btrfs_ioctl_received_subvol_args *args64 = NULL;
4163 int ret = 0;
4164
4165 args32 = memdup_user(arg, sizeof(*args32));
4166 if (IS_ERR(args32))
4167 return PTR_ERR(args32);
4168
4169 args64 = kmalloc(sizeof(*args64), GFP_KERNEL);
4170 if (!args64) {
4171 ret = -ENOMEM;
4172 goto out;
4173 }
4174
4175 memcpy(args64->uuid, args32->uuid, BTRFS_UUID_SIZE);
4176 args64->stransid = args32->stransid;
4177 args64->rtransid = args32->rtransid;
4178 args64->stime.sec = args32->stime.sec;
4179 args64->stime.nsec = args32->stime.nsec;
4180 args64->rtime.sec = args32->rtime.sec;
4181 args64->rtime.nsec = args32->rtime.nsec;
4182 args64->flags = args32->flags;
4183
4184 ret = _btrfs_ioctl_set_received_subvol(file, file_mnt_idmap(file), args64);
4185 if (ret)
4186 goto out;
4187
4188 memcpy(args32->uuid, args64->uuid, BTRFS_UUID_SIZE);
4189 args32->stransid = args64->stransid;
4190 args32->rtransid = args64->rtransid;
4191 args32->stime.sec = args64->stime.sec;
4192 args32->stime.nsec = args64->stime.nsec;
4193 args32->rtime.sec = args64->rtime.sec;
4194 args32->rtime.nsec = args64->rtime.nsec;
4195 args32->flags = args64->flags;
4196
4197 ret = copy_to_user(arg, args32, sizeof(*args32));
4198 if (ret)
4199 ret = -EFAULT;
4200
4201 out:
4202 kfree(args32);
4203 kfree(args64);
4204 return ret;
4205 }
4206 #endif
4207
4208 static long btrfs_ioctl_set_received_subvol(struct file *file,
4209 void __user *arg)
4210 {
4211 struct btrfs_ioctl_received_subvol_args *sa = NULL;
4212 int ret = 0;
4213
4214 sa = memdup_user(arg, sizeof(*sa));
4215 if (IS_ERR(sa))
4216 return PTR_ERR(sa);
4217
4218 ret = _btrfs_ioctl_set_received_subvol(file, file_mnt_idmap(file), sa);
4219
4220 if (ret)
4221 goto out;
4222
4223 ret = copy_to_user(arg, sa, sizeof(*sa));
4224 if (ret)
4225 ret = -EFAULT;
4226
4227 out:
4228 kfree(sa);
4229 return ret;
4230 }
4231
4232 static int btrfs_ioctl_get_fslabel(struct btrfs_fs_info *fs_info,
4233 void __user *arg)
4234 {
4235 size_t len;
4236 int ret;
4237 char label[BTRFS_LABEL_SIZE];
4238
4239 spin_lock(&fs_info->super_lock);
4240 memcpy(label, fs_info->super_copy->label, BTRFS_LABEL_SIZE);
4241 spin_unlock(&fs_info->super_lock);
4242
4243 len = strnlen(label, BTRFS_LABEL_SIZE);
4244
4245 if (len == BTRFS_LABEL_SIZE) {
4246 btrfs_warn(fs_info,
4247 "label is too long, return the first %zu bytes",
4248 --len);
4249 }
4250
4251 ret = copy_to_user(arg, label, len);
4252
4253 return ret ? -EFAULT : 0;
4254 }
4255
4256 static int btrfs_ioctl_set_fslabel(struct file *file, void __user *arg)
4257 {
4258 struct inode *inode = file_inode(file);
4259 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
4260 struct btrfs_root *root = BTRFS_I(inode)->root;
4261 struct btrfs_super_block *super_block = fs_info->super_copy;
4262 struct btrfs_trans_handle *trans;
4263 char label[BTRFS_LABEL_SIZE];
4264 int ret;
4265
4266 if (!capable(CAP_SYS_ADMIN))
4267 return -EPERM;
4268
4269 if (copy_from_user(label, arg, sizeof(label)))
4270 return -EFAULT;
4271
4272 if (strnlen(label, BTRFS_LABEL_SIZE) == BTRFS_LABEL_SIZE) {
4273 btrfs_err(fs_info,
4274 "unable to set label with more than %d bytes",
4275 BTRFS_LABEL_SIZE - 1);
4276 return -EINVAL;
4277 }
4278
4279 ret = mnt_want_write_file(file);
4280 if (ret)
4281 return ret;
4282
4283 trans = btrfs_start_transaction(root, 0);
4284 if (IS_ERR(trans)) {
4285 ret = PTR_ERR(trans);
4286 goto out_unlock;
4287 }
4288
4289 spin_lock(&fs_info->super_lock);
4290 strcpy(super_block->label, label);
4291 spin_unlock(&fs_info->super_lock);
4292 ret = btrfs_commit_transaction(trans);
4293
4294 out_unlock:
4295 mnt_drop_write_file(file);
4296 return ret;
4297 }
4298
4299 #define INIT_FEATURE_FLAGS(suffix) \
4300 { .compat_flags = BTRFS_FEATURE_COMPAT_##suffix, \
4301 .compat_ro_flags = BTRFS_FEATURE_COMPAT_RO_##suffix, \
4302 .incompat_flags = BTRFS_FEATURE_INCOMPAT_##suffix }
4303
4304 int btrfs_ioctl_get_supported_features(void __user *arg)
4305 {
4306 static const struct btrfs_ioctl_feature_flags features[3] = {
4307 INIT_FEATURE_FLAGS(SUPP),
4308 INIT_FEATURE_FLAGS(SAFE_SET),
4309 INIT_FEATURE_FLAGS(SAFE_CLEAR)
4310 };
4311
4312 if (copy_to_user(arg, &features, sizeof(features)))
4313 return -EFAULT;
4314
4315 return 0;
4316 }
4317
4318 static int btrfs_ioctl_get_features(struct btrfs_fs_info *fs_info,
4319 void __user *arg)
4320 {
4321 struct btrfs_super_block *super_block = fs_info->super_copy;
4322 struct btrfs_ioctl_feature_flags features;
4323
4324 features.compat_flags = btrfs_super_compat_flags(super_block);
4325 features.compat_ro_flags = btrfs_super_compat_ro_flags(super_block);
4326 features.incompat_flags = btrfs_super_incompat_flags(super_block);
4327
4328 if (copy_to_user(arg, &features, sizeof(features)))
4329 return -EFAULT;
4330
4331 return 0;
4332 }
4333
4334 static int check_feature_bits(struct btrfs_fs_info *fs_info,
4335 enum btrfs_feature_set set,
4336 u64 change_mask, u64 flags, u64 supported_flags,
4337 u64 safe_set, u64 safe_clear)
4338 {
4339 const char *type = btrfs_feature_set_name(set);
4340 char *names;
4341 u64 disallowed, unsupported;
4342 u64 set_mask = flags & change_mask;
4343 u64 clear_mask = ~flags & change_mask;
4344
4345 unsupported = set_mask & ~supported_flags;
4346 if (unsupported) {
4347 names = btrfs_printable_features(set, unsupported);
4348 if (names) {
4349 btrfs_warn(fs_info,
4350 "this kernel does not support the %s feature bit%s",
4351 names, strchr(names, ',') ? "s" : "");
4352 kfree(names);
4353 } else
4354 btrfs_warn(fs_info,
4355 "this kernel does not support %s bits 0x%llx",
4356 type, unsupported);
4357 return -EOPNOTSUPP;
4358 }
4359
4360 disallowed = set_mask & ~safe_set;
4361 if (disallowed) {
4362 names = btrfs_printable_features(set, disallowed);
4363 if (names) {
4364 btrfs_warn(fs_info,
4365 "can't set the %s feature bit%s while mounted",
4366 names, strchr(names, ',') ? "s" : "");
4367 kfree(names);
4368 } else
4369 btrfs_warn(fs_info,
4370 "can't set %s bits 0x%llx while mounted",
4371 type, disallowed);
4372 return -EPERM;
4373 }
4374
4375 disallowed = clear_mask & ~safe_clear;
4376 if (disallowed) {
4377 names = btrfs_printable_features(set, disallowed);
4378 if (names) {
4379 btrfs_warn(fs_info,
4380 "can't clear the %s feature bit%s while mounted",
4381 names, strchr(names, ',') ? "s" : "");
4382 kfree(names);
4383 } else
4384 btrfs_warn(fs_info,
4385 "can't clear %s bits 0x%llx while mounted",
4386 type, disallowed);
4387 return -EPERM;
4388 }
4389
4390 return 0;
4391 }
4392
4393 #define check_feature(fs_info, change_mask, flags, mask_base) \
4394 check_feature_bits(fs_info, FEAT_##mask_base, change_mask, flags, \
4395 BTRFS_FEATURE_ ## mask_base ## _SUPP, \
4396 BTRFS_FEATURE_ ## mask_base ## _SAFE_SET, \
4397 BTRFS_FEATURE_ ## mask_base ## _SAFE_CLEAR)
4398
4399 static int btrfs_ioctl_set_features(struct file *file, void __user *arg)
4400 {
4401 struct inode *inode = file_inode(file);
4402 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
4403 struct btrfs_root *root = BTRFS_I(inode)->root;
4404 struct btrfs_super_block *super_block = fs_info->super_copy;
4405 struct btrfs_ioctl_feature_flags flags[2];
4406 struct btrfs_trans_handle *trans;
4407 u64 newflags;
4408 int ret;
4409
4410 if (!capable(CAP_SYS_ADMIN))
4411 return -EPERM;
4412
4413 if (copy_from_user(flags, arg, sizeof(flags)))
4414 return -EFAULT;
4415
4416 /* Nothing to do */
4417 if (!flags[0].compat_flags && !flags[0].compat_ro_flags &&
4418 !flags[0].incompat_flags)
4419 return 0;
4420
4421 ret = check_feature(fs_info, flags[0].compat_flags,
4422 flags[1].compat_flags, COMPAT);
4423 if (ret)
4424 return ret;
4425
4426 ret = check_feature(fs_info, flags[0].compat_ro_flags,
4427 flags[1].compat_ro_flags, COMPAT_RO);
4428 if (ret)
4429 return ret;
4430
4431 ret = check_feature(fs_info, flags[0].incompat_flags,
4432 flags[1].incompat_flags, INCOMPAT);
4433 if (ret)
4434 return ret;
4435
4436 ret = mnt_want_write_file(file);
4437 if (ret)
4438 return ret;
4439
4440 trans = btrfs_start_transaction(root, 0);
4441 if (IS_ERR(trans)) {
4442 ret = PTR_ERR(trans);
4443 goto out_drop_write;
4444 }
4445
4446 spin_lock(&fs_info->super_lock);
4447 newflags = btrfs_super_compat_flags(super_block);
4448 newflags |= flags[0].compat_flags & flags[1].compat_flags;
4449 newflags &= ~(flags[0].compat_flags & ~flags[1].compat_flags);
4450 btrfs_set_super_compat_flags(super_block, newflags);
4451
4452 newflags = btrfs_super_compat_ro_flags(super_block);
4453 newflags |= flags[0].compat_ro_flags & flags[1].compat_ro_flags;
4454 newflags &= ~(flags[0].compat_ro_flags & ~flags[1].compat_ro_flags);
4455 btrfs_set_super_compat_ro_flags(super_block, newflags);
4456
4457 newflags = btrfs_super_incompat_flags(super_block);
4458 newflags |= flags[0].incompat_flags & flags[1].incompat_flags;
4459 newflags &= ~(flags[0].incompat_flags & ~flags[1].incompat_flags);
4460 btrfs_set_super_incompat_flags(super_block, newflags);
4461 spin_unlock(&fs_info->super_lock);
4462
4463 ret = btrfs_commit_transaction(trans);
4464 out_drop_write:
4465 mnt_drop_write_file(file);
4466
4467 return ret;
4468 }
4469
4470 static int _btrfs_ioctl_send(struct btrfs_inode *inode, void __user *argp, bool compat)
4471 {
4472 struct btrfs_ioctl_send_args *arg;
4473 int ret;
4474
4475 if (compat) {
4476 #if defined(CONFIG_64BIT) && defined(CONFIG_COMPAT)
4477 struct btrfs_ioctl_send_args_32 args32 = { 0 };
4478
4479 ret = copy_from_user(&args32, argp, sizeof(args32));
4480 if (ret)
4481 return -EFAULT;
4482 arg = kzalloc(sizeof(*arg), GFP_KERNEL);
4483 if (!arg)
4484 return -ENOMEM;
4485 arg->send_fd = args32.send_fd;
4486 arg->clone_sources_count = args32.clone_sources_count;
4487 arg->clone_sources = compat_ptr(args32.clone_sources);
4488 arg->parent_root = args32.parent_root;
4489 arg->flags = args32.flags;
4490 arg->version = args32.version;
4491 memcpy(arg->reserved, args32.reserved,
4492 sizeof(args32.reserved));
4493 #else
4494 return -ENOTTY;
4495 #endif
4496 } else {
4497 arg = memdup_user(argp, sizeof(*arg));
4498 if (IS_ERR(arg))
4499 return PTR_ERR(arg);
4500 }
4501 ret = btrfs_ioctl_send(inode, arg);
4502 kfree(arg);
4503 return ret;
4504 }
4505
4506 static int btrfs_ioctl_encoded_read(struct file *file, void __user *argp,
4507 bool compat)
4508 {
4509 struct btrfs_ioctl_encoded_io_args args = { 0 };
4510 size_t copy_end_kernel = offsetofend(struct btrfs_ioctl_encoded_io_args,
4511 flags);
4512 size_t copy_end;
4513 struct btrfs_inode *inode = BTRFS_I(file_inode(file));
4514 struct btrfs_fs_info *fs_info = inode->root->fs_info;
4515 struct extent_io_tree *io_tree = &inode->io_tree;
4516 struct iovec iovstack[UIO_FASTIOV];
4517 struct iovec *iov = iovstack;
4518 struct iov_iter iter;
4519 loff_t pos;
4520 struct kiocb kiocb;
4521 ssize_t ret;
4522 u64 disk_bytenr, disk_io_size;
4523 struct extent_state *cached_state = NULL;
4524
4525 if (!capable(CAP_SYS_ADMIN)) {
4526 ret = -EPERM;
4527 goto out_acct;
4528 }
4529
4530 if (compat) {
4531 #if defined(CONFIG_64BIT) && defined(CONFIG_COMPAT)
4532 struct btrfs_ioctl_encoded_io_args_32 args32;
4533
4534 copy_end = offsetofend(struct btrfs_ioctl_encoded_io_args_32,
4535 flags);
4536 if (copy_from_user(&args32, argp, copy_end)) {
4537 ret = -EFAULT;
4538 goto out_acct;
4539 }
4540 args.iov = compat_ptr(args32.iov);
4541 args.iovcnt = args32.iovcnt;
4542 args.offset = args32.offset;
4543 args.flags = args32.flags;
4544 #else
4545 return -ENOTTY;
4546 #endif
4547 } else {
4548 copy_end = copy_end_kernel;
4549 if (copy_from_user(&args, argp, copy_end)) {
4550 ret = -EFAULT;
4551 goto out_acct;
4552 }
4553 }
4554 if (args.flags != 0) {
4555 ret = -EINVAL;
4556 goto out_acct;
4557 }
4558
4559 ret = import_iovec(ITER_DEST, args.iov, args.iovcnt, ARRAY_SIZE(iovstack),
4560 &iov, &iter);
4561 if (ret < 0)
4562 goto out_acct;
4563
4564 if (iov_iter_count(&iter) == 0) {
4565 ret = 0;
4566 goto out_iov;
4567 }
4568 pos = args.offset;
4569 ret = rw_verify_area(READ, file, &pos, args.len);
4570 if (ret < 0)
4571 goto out_iov;
4572
4573 init_sync_kiocb(&kiocb, file);
4574 kiocb.ki_pos = pos;
4575
4576 ret = btrfs_encoded_read(&kiocb, &iter, &args, &cached_state,
4577 &disk_bytenr, &disk_io_size);
4578
4579 if (ret == -EIOCBQUEUED) {
4580 bool unlocked = false;
4581 u64 start, lockend, count;
4582
4583 start = ALIGN_DOWN(kiocb.ki_pos, fs_info->sectorsize);
4584 lockend = start + BTRFS_MAX_UNCOMPRESSED - 1;
4585
4586 if (args.compression)
4587 count = disk_io_size;
4588 else
4589 count = args.len;
4590
4591 ret = btrfs_encoded_read_regular(&kiocb, &iter, start, lockend,
4592 &cached_state, disk_bytenr,
4593 disk_io_size, count,
4594 args.compression, &unlocked);
4595
4596 if (!unlocked) {
4597 unlock_extent(io_tree, start, lockend, &cached_state);
4598 btrfs_inode_unlock(inode, BTRFS_ILOCK_SHARED);
4599 }
4600 }
4601
4602 if (ret >= 0) {
4603 fsnotify_access(file);
4604 if (copy_to_user(argp + copy_end,
4605 (char *)&args + copy_end_kernel,
4606 sizeof(args) - copy_end_kernel))
4607 ret = -EFAULT;
4608 }
4609
4610 out_iov:
4611 kfree(iov);
4612 out_acct:
4613 if (ret > 0)
4614 add_rchar(current, ret);
4615 inc_syscr(current);
4616 return ret;
4617 }
4618
4619 static int btrfs_ioctl_encoded_write(struct file *file, void __user *argp, bool compat)
4620 {
4621 struct btrfs_ioctl_encoded_io_args args;
4622 struct iovec iovstack[UIO_FASTIOV];
4623 struct iovec *iov = iovstack;
4624 struct iov_iter iter;
4625 loff_t pos;
4626 struct kiocb kiocb;
4627 ssize_t ret;
4628
4629 if (!capable(CAP_SYS_ADMIN)) {
4630 ret = -EPERM;
4631 goto out_acct;
4632 }
4633
4634 if (!(file->f_mode & FMODE_WRITE)) {
4635 ret = -EBADF;
4636 goto out_acct;
4637 }
4638
4639 if (compat) {
4640 #if defined(CONFIG_64BIT) && defined(CONFIG_COMPAT)
4641 struct btrfs_ioctl_encoded_io_args_32 args32;
4642
4643 if (copy_from_user(&args32, argp, sizeof(args32))) {
4644 ret = -EFAULT;
4645 goto out_acct;
4646 }
4647 args.iov = compat_ptr(args32.iov);
4648 args.iovcnt = args32.iovcnt;
4649 args.offset = args32.offset;
4650 args.flags = args32.flags;
4651 args.len = args32.len;
4652 args.unencoded_len = args32.unencoded_len;
4653 args.unencoded_offset = args32.unencoded_offset;
4654 args.compression = args32.compression;
4655 args.encryption = args32.encryption;
4656 memcpy(args.reserved, args32.reserved, sizeof(args.reserved));
4657 #else
4658 return -ENOTTY;
4659 #endif
4660 } else {
4661 if (copy_from_user(&args, argp, sizeof(args))) {
4662 ret = -EFAULT;
4663 goto out_acct;
4664 }
4665 }
4666
4667 ret = -EINVAL;
4668 if (args.flags != 0)
4669 goto out_acct;
4670 if (memchr_inv(args.reserved, 0, sizeof(args.reserved)))
4671 goto out_acct;
4672 if (args.compression == BTRFS_ENCODED_IO_COMPRESSION_NONE &&
4673 args.encryption == BTRFS_ENCODED_IO_ENCRYPTION_NONE)
4674 goto out_acct;
4675 if (args.compression >= BTRFS_ENCODED_IO_COMPRESSION_TYPES ||
4676 args.encryption >= BTRFS_ENCODED_IO_ENCRYPTION_TYPES)
4677 goto out_acct;
4678 if (args.unencoded_offset > args.unencoded_len)
4679 goto out_acct;
4680 if (args.len > args.unencoded_len - args.unencoded_offset)
4681 goto out_acct;
4682
4683 ret = import_iovec(ITER_SOURCE, args.iov, args.iovcnt, ARRAY_SIZE(iovstack),
4684 &iov, &iter);
4685 if (ret < 0)
4686 goto out_acct;
4687
4688 if (iov_iter_count(&iter) == 0) {
4689 ret = 0;
4690 goto out_iov;
4691 }
4692 pos = args.offset;
4693 ret = rw_verify_area(WRITE, file, &pos, args.len);
4694 if (ret < 0)
4695 goto out_iov;
4696
4697 init_sync_kiocb(&kiocb, file);
4698 ret = kiocb_set_rw_flags(&kiocb, 0, WRITE);
4699 if (ret)
4700 goto out_iov;
4701 kiocb.ki_pos = pos;
4702
4703 file_start_write(file);
4704
4705 ret = btrfs_do_write_iter(&kiocb, &iter, &args);
4706 if (ret > 0)
4707 fsnotify_modify(file);
4708
4709 file_end_write(file);
4710 out_iov:
4711 kfree(iov);
4712 out_acct:
4713 if (ret > 0)
4714 add_wchar(current, ret);
4715 inc_syscw(current);
4716 return ret;
4717 }
4718
4719 /*
4720 * Context that's attached to an encoded read io_uring command, in cmd->pdu. It
4721 * contains the fields in btrfs_uring_read_extent that are necessary to finish
4722 * off and cleanup the I/O in btrfs_uring_read_finished.
4723 */
4724 struct btrfs_uring_priv {
4725 struct io_uring_cmd *cmd;
4726 struct page **pages;
4727 unsigned long nr_pages;
4728 struct kiocb iocb;
4729 struct iovec *iov;
4730 struct iov_iter iter;
4731 struct extent_state *cached_state;
4732 u64 count;
4733 u64 start;
4734 u64 lockend;
4735 int err;
4736 bool compressed;
4737 };
4738
4739 struct io_btrfs_cmd {
4740 struct btrfs_uring_priv *priv;
4741 };
4742
4743 static void btrfs_uring_read_finished(struct io_uring_cmd *cmd, unsigned int issue_flags)
4744 {
4745 struct io_btrfs_cmd *bc = io_uring_cmd_to_pdu(cmd, struct io_btrfs_cmd);
4746 struct btrfs_uring_priv *priv = bc->priv;
4747 struct btrfs_inode *inode = BTRFS_I(file_inode(priv->iocb.ki_filp));
4748 struct extent_io_tree *io_tree = &inode->io_tree;
4749 unsigned long index;
4750 u64 cur;
4751 size_t page_offset;
4752 ssize_t ret;
4753
4754 /* The inode lock has already been acquired in btrfs_uring_read_extent. */
4755 btrfs_lockdep_inode_acquire(inode, i_rwsem);
4756
4757 if (priv->err) {
4758 ret = priv->err;
4759 goto out;
4760 }
4761
4762 if (priv->compressed) {
4763 index = 0;
4764 page_offset = 0;
4765 } else {
4766 index = (priv->iocb.ki_pos - priv->start) >> PAGE_SHIFT;
4767 page_offset = offset_in_page(priv->iocb.ki_pos - priv->start);
4768 }
4769 cur = 0;
4770 while (cur < priv->count) {
4771 size_t bytes = min_t(size_t, priv->count - cur, PAGE_SIZE - page_offset);
4772
4773 if (copy_page_to_iter(priv->pages[index], page_offset, bytes,
4774 &priv->iter) != bytes) {
4775 ret = -EFAULT;
4776 goto out;
4777 }
4778
4779 index++;
4780 cur += bytes;
4781 page_offset = 0;
4782 }
4783 ret = priv->count;
4784
4785 out:
4786 unlock_extent(io_tree, priv->start, priv->lockend, &priv->cached_state);
4787 btrfs_inode_unlock(inode, BTRFS_ILOCK_SHARED);
4788
4789 io_uring_cmd_done(cmd, ret, 0, issue_flags);
4790 add_rchar(current, ret);
4791
4792 for (index = 0; index < priv->nr_pages; index++)
4793 __free_page(priv->pages[index]);
4794
4795 kfree(priv->pages);
4796 kfree(priv->iov);
4797 kfree(priv);
4798 }
4799
4800 void btrfs_uring_read_extent_endio(void *ctx, int err)
4801 {
4802 struct btrfs_uring_priv *priv = ctx;
4803 struct io_btrfs_cmd *bc = io_uring_cmd_to_pdu(priv->cmd, struct io_btrfs_cmd);
4804
4805 priv->err = err;
4806 bc->priv = priv;
4807
4808 io_uring_cmd_complete_in_task(priv->cmd, btrfs_uring_read_finished);
4809 }
4810
4811 static int btrfs_uring_read_extent(struct kiocb *iocb, struct iov_iter *iter,
4812 u64 start, u64 lockend,
4813 struct extent_state *cached_state,
4814 u64 disk_bytenr, u64 disk_io_size,
4815 size_t count, bool compressed,
4816 struct iovec *iov, struct io_uring_cmd *cmd)
4817 {
4818 struct btrfs_inode *inode = BTRFS_I(file_inode(iocb->ki_filp));
4819 struct extent_io_tree *io_tree = &inode->io_tree;
4820 struct page **pages;
4821 struct btrfs_uring_priv *priv = NULL;
4822 unsigned long nr_pages;
4823 int ret;
4824
4825 nr_pages = DIV_ROUND_UP(disk_io_size, PAGE_SIZE);
4826 pages = kcalloc(nr_pages, sizeof(struct page *), GFP_NOFS);
4827 if (!pages)
4828 return -ENOMEM;
4829 ret = btrfs_alloc_page_array(nr_pages, pages, 0);
4830 if (ret) {
4831 ret = -ENOMEM;
4832 goto out_fail;
4833 }
4834
4835 priv = kmalloc(sizeof(*priv), GFP_NOFS);
4836 if (!priv) {
4837 ret = -ENOMEM;
4838 goto out_fail;
4839 }
4840
4841 priv->iocb = *iocb;
4842 priv->iov = iov;
4843 priv->iter = *iter;
4844 priv->count = count;
4845 priv->cmd = cmd;
4846 priv->cached_state = cached_state;
4847 priv->compressed = compressed;
4848 priv->nr_pages = nr_pages;
4849 priv->pages = pages;
4850 priv->start = start;
4851 priv->lockend = lockend;
4852 priv->err = 0;
4853
4854 ret = btrfs_encoded_read_regular_fill_pages(inode, disk_bytenr,
4855 disk_io_size, pages, priv);
4856 if (ret && ret != -EIOCBQUEUED)
4857 goto out_fail;
4858
4859 /*
4860 * If we return -EIOCBQUEUED, we're deferring the cleanup to
4861 * btrfs_uring_read_finished(), which will handle unlocking the extent
4862 * and inode and freeing the allocations.
4863 */
4864
4865 /*
4866 * We're returning to userspace with the inode lock held, and that's
4867 * okay - it'll get unlocked in a worker thread. Call
4868 * btrfs_lockdep_inode_release() to avoid confusing lockdep.
4869 */
4870 btrfs_lockdep_inode_release(inode, i_rwsem);
4871
4872 return -EIOCBQUEUED;
4873
4874 out_fail:
4875 unlock_extent(io_tree, start, lockend, &cached_state);
4876 btrfs_inode_unlock(inode, BTRFS_ILOCK_SHARED);
4877 kfree(priv);
4878 return ret;
4879 }
4880
4881 static int btrfs_uring_encoded_read(struct io_uring_cmd *cmd, unsigned int issue_flags)
4882 {
4883 size_t copy_end_kernel = offsetofend(struct btrfs_ioctl_encoded_io_args, flags);
4884 size_t copy_end;
4885 struct btrfs_ioctl_encoded_io_args args = { 0 };
4886 int ret;
4887 u64 disk_bytenr, disk_io_size;
4888 struct file *file;
4889 struct btrfs_inode *inode;
4890 struct btrfs_fs_info *fs_info;
4891 struct extent_io_tree *io_tree;
4892 struct iovec iovstack[UIO_FASTIOV];
4893 struct iovec *iov = iovstack;
4894 struct iov_iter iter;
4895 loff_t pos;
4896 struct kiocb kiocb;
4897 struct extent_state *cached_state = NULL;
4898 u64 start, lockend;
4899 void __user *sqe_addr;
4900
4901 if (!capable(CAP_SYS_ADMIN)) {
4902 ret = -EPERM;
4903 goto out_acct;
4904 }
4905 file = cmd->file;
4906 inode = BTRFS_I(file->f_inode);
4907 fs_info = inode->root->fs_info;
4908 io_tree = &inode->io_tree;
4909 sqe_addr = u64_to_user_ptr(READ_ONCE(cmd->sqe->addr));
4910
4911 if (issue_flags & IO_URING_F_COMPAT) {
4912 #if defined(CONFIG_64BIT) && defined(CONFIG_COMPAT)
4913 struct btrfs_ioctl_encoded_io_args_32 args32;
4914
4915 copy_end = offsetofend(struct btrfs_ioctl_encoded_io_args_32, flags);
4916 if (copy_from_user(&args32, sqe_addr, copy_end)) {
4917 ret = -EFAULT;
4918 goto out_acct;
4919 }
4920 args.iov = compat_ptr(args32.iov);
4921 args.iovcnt = args32.iovcnt;
4922 args.offset = args32.offset;
4923 args.flags = args32.flags;
4924 #else
4925 return -ENOTTY;
4926 #endif
4927 } else {
4928 copy_end = copy_end_kernel;
4929 if (copy_from_user(&args, sqe_addr, copy_end)) {
4930 ret = -EFAULT;
4931 goto out_acct;
4932 }
4933 }
4934
4935 if (args.flags != 0)
4936 return -EINVAL;
4937
4938 ret = import_iovec(ITER_DEST, args.iov, args.iovcnt, ARRAY_SIZE(iovstack),
4939 &iov, &iter);
4940 if (ret < 0)
4941 goto out_acct;
4942
4943 if (iov_iter_count(&iter) == 0) {
4944 ret = 0;
4945 goto out_free;
4946 }
4947
4948 pos = args.offset;
4949 ret = rw_verify_area(READ, file, &pos, args.len);
4950 if (ret < 0)
4951 goto out_free;
4952
4953 init_sync_kiocb(&kiocb, file);
4954 kiocb.ki_pos = pos;
4955
4956 if (issue_flags & IO_URING_F_NONBLOCK)
4957 kiocb.ki_flags |= IOCB_NOWAIT;
4958
4959 start = ALIGN_DOWN(pos, fs_info->sectorsize);
4960 lockend = start + BTRFS_MAX_UNCOMPRESSED - 1;
4961
4962 ret = btrfs_encoded_read(&kiocb, &iter, &args, &cached_state,
4963 &disk_bytenr, &disk_io_size);
4964 if (ret < 0 && ret != -EIOCBQUEUED)
4965 goto out_free;
4966
4967 file_accessed(file);
4968
4969 if (copy_to_user(sqe_addr + copy_end, (const char *)&args + copy_end_kernel,
4970 sizeof(args) - copy_end_kernel)) {
4971 if (ret == -EIOCBQUEUED) {
4972 unlock_extent(io_tree, start, lockend, &cached_state);
4973 btrfs_inode_unlock(inode, BTRFS_ILOCK_SHARED);
4974 }
4975 ret = -EFAULT;
4976 goto out_free;
4977 }
4978
4979 if (ret == -EIOCBQUEUED) {
4980 u64 count;
4981
4982 /*
4983 * If we've optimized things by storing the iovecs on the stack,
4984 * undo this.
4985 */
4986 if (!iov) {
4987 iov = kmalloc(sizeof(struct iovec) * args.iovcnt, GFP_NOFS);
4988 if (!iov) {
4989 unlock_extent(io_tree, start, lockend, &cached_state);
4990 btrfs_inode_unlock(inode, BTRFS_ILOCK_SHARED);
4991 ret = -ENOMEM;
4992 goto out_acct;
4993 }
4994
4995 memcpy(iov, iovstack, sizeof(struct iovec) * args.iovcnt);
4996 }
4997
4998 count = min_t(u64, iov_iter_count(&iter), disk_io_size);
4999
5000 /* Match ioctl by not returning past EOF if uncompressed. */
5001 if (!args.compression)
5002 count = min_t(u64, count, args.len);
5003
5004 ret = btrfs_uring_read_extent(&kiocb, &iter, start, lockend,
5005 cached_state, disk_bytenr,
5006 disk_io_size, count,
5007 args.compression, iov, cmd);
5008
5009 goto out_acct;
5010 }
5011
5012 out_free:
5013 kfree(iov);
5014
5015 out_acct:
5016 if (ret > 0)
5017 add_rchar(current, ret);
5018 inc_syscr(current);
5019
5020 return ret;
5021 }
5022
5023 int btrfs_uring_cmd(struct io_uring_cmd *cmd, unsigned int issue_flags)
5024 {
5025 switch (cmd->cmd_op) {
5026 case BTRFS_IOC_ENCODED_READ:
5027 #if defined(CONFIG_64BIT) && defined(CONFIG_COMPAT)
5028 case BTRFS_IOC_ENCODED_READ_32:
5029 #endif
5030 return btrfs_uring_encoded_read(cmd, issue_flags);
5031 }
5032
5033 return -EINVAL;
5034 }
5035
5036 static int btrfs_ioctl_subvol_sync(struct btrfs_fs_info *fs_info, void __user *argp)
5037 {
5038 struct btrfs_root *root;
5039 struct btrfs_ioctl_subvol_wait args = { 0 };
5040 signed long sched_ret;
5041 int refs;
5042 u64 root_flags;
5043 bool wait_for_deletion = false;
5044 bool found = false;
5045
5046 if (copy_from_user(&args, argp, sizeof(args)))
5047 return -EFAULT;
5048
5049 switch (args.mode) {
5050 case BTRFS_SUBVOL_SYNC_WAIT_FOR_QUEUED:
5051 /*
5052 * Wait for the first one deleted that waits until all previous
5053 * are cleaned.
5054 */
5055 spin_lock(&fs_info->trans_lock);
5056 if (!list_empty(&fs_info->dead_roots)) {
5057 root = list_last_entry(&fs_info->dead_roots,
5058 struct btrfs_root, root_list);
5059 args.subvolid = btrfs_root_id(root);
5060 found = true;
5061 }
5062 spin_unlock(&fs_info->trans_lock);
5063 if (!found)
5064 return -ENOENT;
5065
5066 fallthrough;
5067 case BTRFS_SUBVOL_SYNC_WAIT_FOR_ONE:
5068 if ((0 < args.subvolid && args.subvolid < BTRFS_FIRST_FREE_OBJECTID) ||
5069 BTRFS_LAST_FREE_OBJECTID < args.subvolid)
5070 return -EINVAL;
5071 break;
5072 case BTRFS_SUBVOL_SYNC_COUNT:
5073 spin_lock(&fs_info->trans_lock);
5074 args.count = list_count_nodes(&fs_info->dead_roots);
5075 spin_unlock(&fs_info->trans_lock);
5076 if (copy_to_user(argp, &args, sizeof(args)))
5077 return -EFAULT;
5078 return 0;
5079 case BTRFS_SUBVOL_SYNC_PEEK_FIRST:
5080 spin_lock(&fs_info->trans_lock);
5081 /* Last in the list was deleted first. */
5082 if (!list_empty(&fs_info->dead_roots)) {
5083 root = list_last_entry(&fs_info->dead_roots,
5084 struct btrfs_root, root_list);
5085 args.subvolid = btrfs_root_id(root);
5086 } else {
5087 args.subvolid = 0;
5088 }
5089 spin_unlock(&fs_info->trans_lock);
5090 if (copy_to_user(argp, &args, sizeof(args)))
5091 return -EFAULT;
5092 return 0;
5093 case BTRFS_SUBVOL_SYNC_PEEK_LAST:
5094 spin_lock(&fs_info->trans_lock);
5095 /* First in the list was deleted last. */
5096 if (!list_empty(&fs_info->dead_roots)) {
5097 root = list_first_entry(&fs_info->dead_roots,
5098 struct btrfs_root, root_list);
5099 args.subvolid = btrfs_root_id(root);
5100 } else {
5101 args.subvolid = 0;
5102 }
5103 spin_unlock(&fs_info->trans_lock);
5104 if (copy_to_user(argp, &args, sizeof(args)))
5105 return -EFAULT;
5106 return 0;
5107 default:
5108 return -EINVAL;
5109 }
5110
5111 /* 32bit limitation: fs_roots_radix key is not wide enough. */
5112 if (sizeof(unsigned long) != sizeof(u64) && args.subvolid > U32_MAX)
5113 return -EOVERFLOW;
5114
5115 while (1) {
5116 /* Wait for the specific one. */
5117 if (down_read_interruptible(&fs_info->subvol_sem) == -EINTR)
5118 return -EINTR;
5119 refs = -1;
5120 spin_lock(&fs_info->fs_roots_radix_lock);
5121 root = radix_tree_lookup(&fs_info->fs_roots_radix,
5122 (unsigned long)args.subvolid);
5123 if (root) {
5124 spin_lock(&root->root_item_lock);
5125 refs = btrfs_root_refs(&root->root_item);
5126 root_flags = btrfs_root_flags(&root->root_item);
5127 spin_unlock(&root->root_item_lock);
5128 }
5129 spin_unlock(&fs_info->fs_roots_radix_lock);
5130 up_read(&fs_info->subvol_sem);
5131
5132 /* Subvolume does not exist. */
5133 if (!root)
5134 return -ENOENT;
5135
5136 /* Subvolume not deleted at all. */
5137 if (refs > 0)
5138 return -EEXIST;
5139 /* We've waited and now the subvolume is gone. */
5140 if (wait_for_deletion && refs == -1) {
5141 /* Return the one we waited for as the last one. */
5142 if (copy_to_user(argp, &args, sizeof(args)))
5143 return -EFAULT;
5144 return 0;
5145 }
5146
5147 /* Subvolume not found on the first try (deleted or never existed). */
5148 if (refs == -1)
5149 return -ENOENT;
5150
5151 wait_for_deletion = true;
5152 ASSERT(root_flags & BTRFS_ROOT_SUBVOL_DEAD);
5153 sched_ret = schedule_timeout_interruptible(HZ);
5154 /* Early wake up or error. */
5155 if (sched_ret != 0)
5156 return -EINTR;
5157 }
5158
5159 return 0;
5160 }
5161
5162 long btrfs_ioctl(struct file *file, unsigned int
5163 cmd, unsigned long arg)
5164 {
5165 struct inode *inode = file_inode(file);
5166 struct btrfs_fs_info *fs_info = inode_to_fs_info(inode);
5167 struct btrfs_root *root = BTRFS_I(inode)->root;
5168 void __user *argp = (void __user *)arg;
5169
5170 switch (cmd) {
5171 case FS_IOC_GETVERSION:
5172 return btrfs_ioctl_getversion(inode, argp);
5173 case FS_IOC_GETFSLABEL:
5174 return btrfs_ioctl_get_fslabel(fs_info, argp);
5175 case FS_IOC_SETFSLABEL:
5176 return btrfs_ioctl_set_fslabel(file, argp);
5177 case FITRIM:
5178 return btrfs_ioctl_fitrim(fs_info, argp);
5179 case BTRFS_IOC_SNAP_CREATE:
5180 return btrfs_ioctl_snap_create(file, argp, 0);
5181 case BTRFS_IOC_SNAP_CREATE_V2:
5182 return btrfs_ioctl_snap_create_v2(file, argp, 0);
5183 case BTRFS_IOC_SUBVOL_CREATE:
5184 return btrfs_ioctl_snap_create(file, argp, 1);
5185 case BTRFS_IOC_SUBVOL_CREATE_V2:
5186 return btrfs_ioctl_snap_create_v2(file, argp, 1);
5187 case BTRFS_IOC_SNAP_DESTROY:
5188 return btrfs_ioctl_snap_destroy(file, argp, false);
5189 case BTRFS_IOC_SNAP_DESTROY_V2:
5190 return btrfs_ioctl_snap_destroy(file, argp, true);
5191 case BTRFS_IOC_SUBVOL_GETFLAGS:
5192 return btrfs_ioctl_subvol_getflags(inode, argp);
5193 case BTRFS_IOC_SUBVOL_SETFLAGS:
5194 return btrfs_ioctl_subvol_setflags(file, argp);
5195 case BTRFS_IOC_DEFAULT_SUBVOL:
5196 return btrfs_ioctl_default_subvol(file, argp);
5197 case BTRFS_IOC_DEFRAG:
5198 return btrfs_ioctl_defrag(file, NULL);
5199 case BTRFS_IOC_DEFRAG_RANGE:
5200 return btrfs_ioctl_defrag(file, argp);
5201 case BTRFS_IOC_RESIZE:
5202 return btrfs_ioctl_resize(file, argp);
5203 case BTRFS_IOC_ADD_DEV:
5204 return btrfs_ioctl_add_dev(fs_info, argp);
5205 case BTRFS_IOC_RM_DEV:
5206 return btrfs_ioctl_rm_dev(file, argp);
5207 case BTRFS_IOC_RM_DEV_V2:
5208 return btrfs_ioctl_rm_dev_v2(file, argp);
5209 case BTRFS_IOC_FS_INFO:
5210 return btrfs_ioctl_fs_info(fs_info, argp);
5211 case BTRFS_IOC_DEV_INFO:
5212 return btrfs_ioctl_dev_info(fs_info, argp);
5213 case BTRFS_IOC_TREE_SEARCH:
5214 return btrfs_ioctl_tree_search(inode, argp);
5215 case BTRFS_IOC_TREE_SEARCH_V2:
5216 return btrfs_ioctl_tree_search_v2(inode, argp);
5217 case BTRFS_IOC_INO_LOOKUP:
5218 return btrfs_ioctl_ino_lookup(root, argp);
5219 case BTRFS_IOC_INO_PATHS:
5220 return btrfs_ioctl_ino_to_path(root, argp);
5221 case BTRFS_IOC_LOGICAL_INO:
5222 return btrfs_ioctl_logical_to_ino(fs_info, argp, 1);
5223 case BTRFS_IOC_LOGICAL_INO_V2:
5224 return btrfs_ioctl_logical_to_ino(fs_info, argp, 2);
5225 case BTRFS_IOC_SPACE_INFO:
5226 return btrfs_ioctl_space_info(fs_info, argp);
5227 case BTRFS_IOC_SYNC: {
5228 int ret;
5229
5230 ret = btrfs_start_delalloc_roots(fs_info, LONG_MAX, false);
5231 if (ret)
5232 return ret;
5233 ret = btrfs_sync_fs(inode->i_sb, 1);
5234 /*
5235 * There may be work for the cleaner kthread to do (subvolume
5236 * deletion, delayed iputs, defrag inodes, etc), so wake it up.
5237 */
5238 wake_up_process(fs_info->cleaner_kthread);
5239 return ret;
5240 }
5241 case BTRFS_IOC_START_SYNC:
5242 return btrfs_ioctl_start_sync(root, argp);
5243 case BTRFS_IOC_WAIT_SYNC:
5244 return btrfs_ioctl_wait_sync(fs_info, argp);
5245 case BTRFS_IOC_SCRUB:
5246 return btrfs_ioctl_scrub(file, argp);
5247 case BTRFS_IOC_SCRUB_CANCEL:
5248 return btrfs_ioctl_scrub_cancel(fs_info);
5249 case BTRFS_IOC_SCRUB_PROGRESS:
5250 return btrfs_ioctl_scrub_progress(fs_info, argp);
5251 case BTRFS_IOC_BALANCE_V2:
5252 return btrfs_ioctl_balance(file, argp);
5253 case BTRFS_IOC_BALANCE_CTL:
5254 return btrfs_ioctl_balance_ctl(fs_info, arg);
5255 case BTRFS_IOC_BALANCE_PROGRESS:
5256 return btrfs_ioctl_balance_progress(fs_info, argp);
5257 case BTRFS_IOC_SET_RECEIVED_SUBVOL:
5258 return btrfs_ioctl_set_received_subvol(file, argp);
5259 #ifdef CONFIG_64BIT
5260 case BTRFS_IOC_SET_RECEIVED_SUBVOL_32:
5261 return btrfs_ioctl_set_received_subvol_32(file, argp);
5262 #endif
5263 case BTRFS_IOC_SEND:
5264 return _btrfs_ioctl_send(BTRFS_I(inode), argp, false);
5265 #if defined(CONFIG_64BIT) && defined(CONFIG_COMPAT)
5266 case BTRFS_IOC_SEND_32:
5267 return _btrfs_ioctl_send(BTRFS_I(inode), argp, true);
5268 #endif
5269 case BTRFS_IOC_GET_DEV_STATS:
5270 return btrfs_ioctl_get_dev_stats(fs_info, argp);
5271 case BTRFS_IOC_QUOTA_CTL:
5272 return btrfs_ioctl_quota_ctl(file, argp);
5273 case BTRFS_IOC_QGROUP_ASSIGN:
5274 return btrfs_ioctl_qgroup_assign(file, argp);
5275 case BTRFS_IOC_QGROUP_CREATE:
5276 return btrfs_ioctl_qgroup_create(file, argp);
5277 case BTRFS_IOC_QGROUP_LIMIT:
5278 return btrfs_ioctl_qgroup_limit(file, argp);
5279 case BTRFS_IOC_QUOTA_RESCAN:
5280 return btrfs_ioctl_quota_rescan(file, argp);
5281 case BTRFS_IOC_QUOTA_RESCAN_STATUS:
5282 return btrfs_ioctl_quota_rescan_status(fs_info, argp);
5283 case BTRFS_IOC_QUOTA_RESCAN_WAIT:
5284 return btrfs_ioctl_quota_rescan_wait(fs_info);
5285 case BTRFS_IOC_DEV_REPLACE:
5286 return btrfs_ioctl_dev_replace(fs_info, argp);
5287 case BTRFS_IOC_GET_SUPPORTED_FEATURES:
5288 return btrfs_ioctl_get_supported_features(argp);
5289 case BTRFS_IOC_GET_FEATURES:
5290 return btrfs_ioctl_get_features(fs_info, argp);
5291 case BTRFS_IOC_SET_FEATURES:
5292 return btrfs_ioctl_set_features(file, argp);
5293 case BTRFS_IOC_GET_SUBVOL_INFO:
5294 return btrfs_ioctl_get_subvol_info(inode, argp);
5295 case BTRFS_IOC_GET_SUBVOL_ROOTREF:
5296 return btrfs_ioctl_get_subvol_rootref(root, argp);
5297 case BTRFS_IOC_INO_LOOKUP_USER:
5298 return btrfs_ioctl_ino_lookup_user(file, argp);
5299 case FS_IOC_ENABLE_VERITY:
5300 return fsverity_ioctl_enable(file, (const void __user *)argp);
5301 case FS_IOC_MEASURE_VERITY:
5302 return fsverity_ioctl_measure(file, argp);
5303 case BTRFS_IOC_ENCODED_READ:
5304 return btrfs_ioctl_encoded_read(file, argp, false);
5305 case BTRFS_IOC_ENCODED_WRITE:
5306 return btrfs_ioctl_encoded_write(file, argp, false);
5307 #if defined(CONFIG_64BIT) && defined(CONFIG_COMPAT)
5308 case BTRFS_IOC_ENCODED_READ_32:
5309 return btrfs_ioctl_encoded_read(file, argp, true);
5310 case BTRFS_IOC_ENCODED_WRITE_32:
5311 return btrfs_ioctl_encoded_write(file, argp, true);
5312 #endif
5313 case BTRFS_IOC_SUBVOL_SYNC_WAIT:
5314 return btrfs_ioctl_subvol_sync(fs_info, argp);
5315 }
5316
5317 return -ENOTTY;
5318 }
5319
5320 #ifdef CONFIG_COMPAT
5321 long btrfs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
5322 {
5323 /*
5324 * These all access 32-bit values anyway so no further
5325 * handling is necessary.
5326 */
5327 switch (cmd) {
5328 case FS_IOC32_GETVERSION:
5329 cmd = FS_IOC_GETVERSION;
5330 break;
5331 }
5332
5333 return btrfs_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
5334 }
5335 #endif
Linux Kernel