| 1 | #include <linux/capability.h> |
| 2 | #include <linux/blkdev.h> |
| 3 | #include <linux/export.h> |
| 4 | #include <linux/gfp.h> |
| 5 | #include <linux/blkpg.h> |
| 6 | #include <linux/hdreg.h> |
| 7 | #include <linux/backing-dev.h> |
| 8 | #include <linux/fs.h> |
| 9 | #include <linux/blktrace_api.h> |
| 10 | #include <asm/uaccess.h> |
| 11 | |
| 12 | static int blkpg_ioctl(struct block_device *bdev, struct blkpg_ioctl_arg __user *arg) |
| 13 | { |
| 14 | struct block_device *bdevp; |
| 15 | struct gendisk *disk; |
| 16 | struct hd_struct *part, *lpart; |
| 17 | struct blkpg_ioctl_arg a; |
| 18 | struct blkpg_partition p; |
| 19 | struct disk_part_iter piter; |
| 20 | long long start, length; |
| 21 | int partno; |
| 22 | |
| 23 | if (!capable(CAP_SYS_ADMIN)) |
| 24 | return -EACCES; |
| 25 | if (copy_from_user(&a, arg, sizeof(struct blkpg_ioctl_arg))) |
| 26 | return -EFAULT; |
| 27 | if (copy_from_user(&p, a.data, sizeof(struct blkpg_partition))) |
| 28 | return -EFAULT; |
| 29 | disk = bdev->bd_disk; |
| 30 | if (bdev != bdev->bd_contains) |
| 31 | return -EINVAL; |
| 32 | partno = p.pno; |
| 33 | if (partno <= 0) |
| 34 | return -EINVAL; |
| 35 | switch (a.op) { |
| 36 | case BLKPG_ADD_PARTITION: |
| 37 | start = p.start >> 9; |
| 38 | length = p.length >> 9; |
| 39 | /* check for fit in a hd_struct */ |
| 40 | if (sizeof(sector_t) == sizeof(long) && |
| 41 | sizeof(long long) > sizeof(long)) { |
| 42 | long pstart = start, plength = length; |
| 43 | if (pstart != start || plength != length |
| 44 | || pstart < 0 || plength < 0 || partno > 65535) |
| 45 | return -EINVAL; |
| 46 | } |
| 47 | |
| 48 | mutex_lock(&bdev->bd_mutex); |
| 49 | |
| 50 | /* overlap? */ |
| 51 | disk_part_iter_init(&piter, disk, |
| 52 | DISK_PITER_INCL_EMPTY); |
| 53 | while ((part = disk_part_iter_next(&piter))) { |
| 54 | if (!(start + length <= part->start_sect || |
| 55 | start >= part->start_sect + part->nr_sects)) { |
| 56 | disk_part_iter_exit(&piter); |
| 57 | mutex_unlock(&bdev->bd_mutex); |
| 58 | return -EBUSY; |
| 59 | } |
| 60 | } |
| 61 | disk_part_iter_exit(&piter); |
| 62 | |
| 63 | /* all seems OK */ |
| 64 | part = add_partition(disk, partno, start, length, |
| 65 | ADDPART_FLAG_NONE, NULL); |
| 66 | mutex_unlock(&bdev->bd_mutex); |
| 67 | return IS_ERR(part) ? PTR_ERR(part) : 0; |
| 68 | case BLKPG_DEL_PARTITION: |
| 69 | part = disk_get_part(disk, partno); |
| 70 | if (!part) |
| 71 | return -ENXIO; |
| 72 | |
| 73 | bdevp = bdget(part_devt(part)); |
| 74 | disk_put_part(part); |
| 75 | if (!bdevp) |
| 76 | return -ENOMEM; |
| 77 | |
| 78 | mutex_lock(&bdevp->bd_mutex); |
| 79 | if (bdevp->bd_openers) { |
| 80 | mutex_unlock(&bdevp->bd_mutex); |
| 81 | bdput(bdevp); |
| 82 | return -EBUSY; |
| 83 | } |
| 84 | /* all seems OK */ |
| 85 | fsync_bdev(bdevp); |
| 86 | invalidate_bdev(bdevp); |
| 87 | |
| 88 | mutex_lock_nested(&bdev->bd_mutex, 1); |
| 89 | delete_partition(disk, partno); |
| 90 | mutex_unlock(&bdev->bd_mutex); |
| 91 | mutex_unlock(&bdevp->bd_mutex); |
| 92 | bdput(bdevp); |
| 93 | |
| 94 | return 0; |
| 95 | case BLKPG_RESIZE_PARTITION: |
| 96 | start = p.start >> 9; |
| 97 | /* new length of partition in bytes */ |
| 98 | length = p.length >> 9; |
| 99 | /* check for fit in a hd_struct */ |
| 100 | if (sizeof(sector_t) == sizeof(long) && |
| 101 | sizeof(long long) > sizeof(long)) { |
| 102 | long pstart = start, plength = length; |
| 103 | if (pstart != start || plength != length |
| 104 | || pstart < 0 || plength < 0) |
| 105 | return -EINVAL; |
| 106 | } |
| 107 | part = disk_get_part(disk, partno); |
| 108 | if (!part) |
| 109 | return -ENXIO; |
| 110 | bdevp = bdget(part_devt(part)); |
| 111 | if (!bdevp) { |
| 112 | disk_put_part(part); |
| 113 | return -ENOMEM; |
| 114 | } |
| 115 | mutex_lock(&bdevp->bd_mutex); |
| 116 | mutex_lock_nested(&bdev->bd_mutex, 1); |
| 117 | if (start != part->start_sect) { |
| 118 | mutex_unlock(&bdevp->bd_mutex); |
| 119 | mutex_unlock(&bdev->bd_mutex); |
| 120 | bdput(bdevp); |
| 121 | disk_put_part(part); |
| 122 | return -EINVAL; |
| 123 | } |
| 124 | /* overlap? */ |
| 125 | disk_part_iter_init(&piter, disk, |
| 126 | DISK_PITER_INCL_EMPTY); |
| 127 | while ((lpart = disk_part_iter_next(&piter))) { |
| 128 | if (lpart->partno != partno && |
| 129 | !(start + length <= lpart->start_sect || |
| 130 | start >= lpart->start_sect + lpart->nr_sects) |
| 131 | ) { |
| 132 | disk_part_iter_exit(&piter); |
| 133 | mutex_unlock(&bdevp->bd_mutex); |
| 134 | mutex_unlock(&bdev->bd_mutex); |
| 135 | bdput(bdevp); |
| 136 | disk_put_part(part); |
| 137 | return -EBUSY; |
| 138 | } |
| 139 | } |
| 140 | disk_part_iter_exit(&piter); |
| 141 | part_nr_sects_write(part, (sector_t)length); |
| 142 | i_size_write(bdevp->bd_inode, p.length); |
| 143 | mutex_unlock(&bdevp->bd_mutex); |
| 144 | mutex_unlock(&bdev->bd_mutex); |
| 145 | bdput(bdevp); |
| 146 | disk_put_part(part); |
| 147 | return 0; |
| 148 | default: |
| 149 | return -EINVAL; |
| 150 | } |
| 151 | } |
| 152 | |
| 153 | static int blkdev_reread_part(struct block_device *bdev) |
| 154 | { |
| 155 | struct gendisk *disk = bdev->bd_disk; |
| 156 | int res; |
| 157 | |
| 158 | if (!disk_part_scan_enabled(disk) || bdev != bdev->bd_contains) |
| 159 | return -EINVAL; |
| 160 | if (!capable(CAP_SYS_ADMIN)) |
| 161 | return -EACCES; |
| 162 | if (!mutex_trylock(&bdev->bd_mutex)) |
| 163 | return -EBUSY; |
| 164 | res = rescan_partitions(disk, bdev); |
| 165 | mutex_unlock(&bdev->bd_mutex); |
| 166 | return res; |
| 167 | } |
| 168 | |
| 169 | static int blk_ioctl_discard(struct block_device *bdev, uint64_t start, |
| 170 | uint64_t len, int secure) |
| 171 | { |
| 172 | unsigned long flags = 0; |
| 173 | |
| 174 | if (start & 511) |
| 175 | return -EINVAL; |
| 176 | if (len & 511) |
| 177 | return -EINVAL; |
| 178 | start >>= 9; |
| 179 | len >>= 9; |
| 180 | |
| 181 | if (start + len > (i_size_read(bdev->bd_inode) >> 9)) |
| 182 | return -EINVAL; |
| 183 | if (secure) |
| 184 | flags |= BLKDEV_DISCARD_SECURE; |
| 185 | return blkdev_issue_discard(bdev, start, len, GFP_KERNEL, flags); |
| 186 | } |
| 187 | |
| 188 | static int blk_ioctl_zeroout(struct block_device *bdev, uint64_t start, |
| 189 | uint64_t len) |
| 190 | { |
| 191 | if (start & 511) |
| 192 | return -EINVAL; |
| 193 | if (len & 511) |
| 194 | return -EINVAL; |
| 195 | start >>= 9; |
| 196 | len >>= 9; |
| 197 | |
| 198 | if (start + len > (i_size_read(bdev->bd_inode) >> 9)) |
| 199 | return -EINVAL; |
| 200 | |
| 201 | return blkdev_issue_zeroout(bdev, start, len, GFP_KERNEL); |
| 202 | } |
| 203 | |
| 204 | static int put_ushort(unsigned long arg, unsigned short val) |
| 205 | { |
| 206 | return put_user(val, (unsigned short __user *)arg); |
| 207 | } |
| 208 | |
| 209 | static int put_int(unsigned long arg, int val) |
| 210 | { |
| 211 | return put_user(val, (int __user *)arg); |
| 212 | } |
| 213 | |
| 214 | static int put_uint(unsigned long arg, unsigned int val) |
| 215 | { |
| 216 | return put_user(val, (unsigned int __user *)arg); |
| 217 | } |
| 218 | |
| 219 | static int put_long(unsigned long arg, long val) |
| 220 | { |
| 221 | return put_user(val, (long __user *)arg); |
| 222 | } |
| 223 | |
| 224 | static int put_ulong(unsigned long arg, unsigned long val) |
| 225 | { |
| 226 | return put_user(val, (unsigned long __user *)arg); |
| 227 | } |
| 228 | |
| 229 | static int put_u64(unsigned long arg, u64 val) |
| 230 | { |
| 231 | return put_user(val, (u64 __user *)arg); |
| 232 | } |
| 233 | |
| 234 | int __blkdev_driver_ioctl(struct block_device *bdev, fmode_t mode, |
| 235 | unsigned cmd, unsigned long arg) |
| 236 | { |
| 237 | struct gendisk *disk = bdev->bd_disk; |
| 238 | |
| 239 | if (disk->fops->ioctl) |
| 240 | return disk->fops->ioctl(bdev, mode, cmd, arg); |
| 241 | |
| 242 | return -ENOTTY; |
| 243 | } |
| 244 | /* |
| 245 | * For the record: _GPL here is only because somebody decided to slap it |
| 246 | * on the previous export. Sheer idiocy, since it wasn't copyrightable |
| 247 | * at all and could be open-coded without any exports by anybody who cares. |
| 248 | */ |
| 249 | EXPORT_SYMBOL_GPL(__blkdev_driver_ioctl); |
| 250 | |
| 251 | /* |
| 252 | * Is it an unrecognized ioctl? The correct returns are either |
| 253 | * ENOTTY (final) or ENOIOCTLCMD ("I don't know this one, try a |
| 254 | * fallback"). ENOIOCTLCMD gets turned into ENOTTY by the ioctl |
| 255 | * code before returning. |
| 256 | * |
| 257 | * Confused drivers sometimes return EINVAL, which is wrong. It |
| 258 | * means "I understood the ioctl command, but the parameters to |
| 259 | * it were wrong". |
| 260 | * |
| 261 | * We should aim to just fix the broken drivers, the EINVAL case |
| 262 | * should go away. |
| 263 | */ |
| 264 | static inline int is_unrecognized_ioctl(int ret) |
| 265 | { |
| 266 | return ret == -EINVAL || |
| 267 | ret == -ENOTTY || |
| 268 | ret == -ENOIOCTLCMD; |
| 269 | } |
| 270 | |
| 271 | /* |
| 272 | * always keep this in sync with compat_blkdev_ioctl() |
| 273 | */ |
| 274 | int blkdev_ioctl(struct block_device *bdev, fmode_t mode, unsigned cmd, |
| 275 | unsigned long arg) |
| 276 | { |
| 277 | struct gendisk *disk = bdev->bd_disk; |
| 278 | struct backing_dev_info *bdi; |
| 279 | loff_t size; |
| 280 | int ret, n; |
| 281 | |
| 282 | switch(cmd) { |
| 283 | case BLKFLSBUF: |
| 284 | if (!capable(CAP_SYS_ADMIN)) |
| 285 | return -EACCES; |
| 286 | |
| 287 | ret = __blkdev_driver_ioctl(bdev, mode, cmd, arg); |
| 288 | if (!is_unrecognized_ioctl(ret)) |
| 289 | return ret; |
| 290 | |
| 291 | fsync_bdev(bdev); |
| 292 | invalidate_bdev(bdev); |
| 293 | return 0; |
| 294 | |
| 295 | case BLKROSET: |
| 296 | ret = __blkdev_driver_ioctl(bdev, mode, cmd, arg); |
| 297 | if (!is_unrecognized_ioctl(ret)) |
| 298 | return ret; |
| 299 | if (!capable(CAP_SYS_ADMIN)) |
| 300 | return -EACCES; |
| 301 | if (get_user(n, (int __user *)(arg))) |
| 302 | return -EFAULT; |
| 303 | set_device_ro(bdev, n); |
| 304 | return 0; |
| 305 | |
| 306 | case BLKDISCARD: |
| 307 | case BLKSECDISCARD: { |
| 308 | uint64_t range[2]; |
| 309 | |
| 310 | if (!(mode & FMODE_WRITE)) |
| 311 | return -EBADF; |
| 312 | |
| 313 | if (copy_from_user(range, (void __user *)arg, sizeof(range))) |
| 314 | return -EFAULT; |
| 315 | |
| 316 | return blk_ioctl_discard(bdev, range[0], range[1], |
| 317 | cmd == BLKSECDISCARD); |
| 318 | } |
| 319 | case BLKZEROOUT: { |
| 320 | uint64_t range[2]; |
| 321 | |
| 322 | if (!(mode & FMODE_WRITE)) |
| 323 | return -EBADF; |
| 324 | |
| 325 | if (copy_from_user(range, (void __user *)arg, sizeof(range))) |
| 326 | return -EFAULT; |
| 327 | |
| 328 | return blk_ioctl_zeroout(bdev, range[0], range[1]); |
| 329 | } |
| 330 | |
| 331 | case HDIO_GETGEO: { |
| 332 | struct hd_geometry geo; |
| 333 | |
| 334 | if (!arg) |
| 335 | return -EINVAL; |
| 336 | if (!disk->fops->getgeo) |
| 337 | return -ENOTTY; |
| 338 | |
| 339 | /* |
| 340 | * We need to set the startsect first, the driver may |
| 341 | * want to override it. |
| 342 | */ |
| 343 | memset(&geo, 0, sizeof(geo)); |
| 344 | geo.start = get_start_sect(bdev); |
| 345 | ret = disk->fops->getgeo(bdev, &geo); |
| 346 | if (ret) |
| 347 | return ret; |
| 348 | if (copy_to_user((struct hd_geometry __user *)arg, &geo, |
| 349 | sizeof(geo))) |
| 350 | return -EFAULT; |
| 351 | return 0; |
| 352 | } |
| 353 | case BLKRAGET: |
| 354 | case BLKFRAGET: |
| 355 | if (!arg) |
| 356 | return -EINVAL; |
| 357 | bdi = blk_get_backing_dev_info(bdev); |
| 358 | if (bdi == NULL) |
| 359 | return -ENOTTY; |
| 360 | return put_long(arg, (bdi->ra_pages * PAGE_CACHE_SIZE) / 512); |
| 361 | case BLKROGET: |
| 362 | return put_int(arg, bdev_read_only(bdev) != 0); |
| 363 | case BLKBSZGET: /* get block device soft block size (cf. BLKSSZGET) */ |
| 364 | return put_int(arg, block_size(bdev)); |
| 365 | case BLKSSZGET: /* get block device logical block size */ |
| 366 | return put_int(arg, bdev_logical_block_size(bdev)); |
| 367 | case BLKPBSZGET: /* get block device physical block size */ |
| 368 | return put_uint(arg, bdev_physical_block_size(bdev)); |
| 369 | case BLKIOMIN: |
| 370 | return put_uint(arg, bdev_io_min(bdev)); |
| 371 | case BLKIOOPT: |
| 372 | return put_uint(arg, bdev_io_opt(bdev)); |
| 373 | case BLKALIGNOFF: |
| 374 | return put_int(arg, bdev_alignment_offset(bdev)); |
| 375 | case BLKDISCARDZEROES: |
| 376 | return put_uint(arg, bdev_discard_zeroes_data(bdev)); |
| 377 | case BLKSECTGET: |
| 378 | return put_ushort(arg, queue_max_sectors(bdev_get_queue(bdev))); |
| 379 | case BLKROTATIONAL: |
| 380 | return put_ushort(arg, !blk_queue_nonrot(bdev_get_queue(bdev))); |
| 381 | case BLKRASET: |
| 382 | case BLKFRASET: |
| 383 | if(!capable(CAP_SYS_ADMIN)) |
| 384 | return -EACCES; |
| 385 | bdi = blk_get_backing_dev_info(bdev); |
| 386 | if (bdi == NULL) |
| 387 | return -ENOTTY; |
| 388 | bdi->ra_pages = (arg * 512) / PAGE_CACHE_SIZE; |
| 389 | return 0; |
| 390 | case BLKBSZSET: |
| 391 | /* set the logical block size */ |
| 392 | if (!capable(CAP_SYS_ADMIN)) |
| 393 | return -EACCES; |
| 394 | if (!arg) |
| 395 | return -EINVAL; |
| 396 | if (get_user(n, (int __user *) arg)) |
| 397 | return -EFAULT; |
| 398 | if (!(mode & FMODE_EXCL)) { |
| 399 | bdgrab(bdev); |
| 400 | if (blkdev_get(bdev, mode | FMODE_EXCL, &bdev) < 0) |
| 401 | return -EBUSY; |
| 402 | } |
| 403 | ret = set_blocksize(bdev, n); |
| 404 | if (!(mode & FMODE_EXCL)) |
| 405 | blkdev_put(bdev, mode | FMODE_EXCL); |
| 406 | return ret; |
| 407 | case BLKPG: |
| 408 | ret = blkpg_ioctl(bdev, (struct blkpg_ioctl_arg __user *) arg); |
| 409 | break; |
| 410 | case BLKRRPART: |
| 411 | ret = blkdev_reread_part(bdev); |
| 412 | break; |
| 413 | case BLKGETSIZE: |
| 414 | size = i_size_read(bdev->bd_inode); |
| 415 | if ((size >> 9) > ~0UL) |
| 416 | return -EFBIG; |
| 417 | return put_ulong(arg, size >> 9); |
| 418 | case BLKGETSIZE64: |
| 419 | return put_u64(arg, i_size_read(bdev->bd_inode)); |
| 420 | case BLKTRACESTART: |
| 421 | case BLKTRACESTOP: |
| 422 | case BLKTRACESETUP: |
| 423 | case BLKTRACETEARDOWN: |
| 424 | ret = blk_trace_ioctl(bdev, cmd, (char __user *) arg); |
| 425 | break; |
| 426 | default: |
| 427 | ret = __blkdev_driver_ioctl(bdev, mode, cmd, arg); |
| 428 | } |
| 429 | return ret; |
| 430 | } |
| 431 | EXPORT_SYMBOL_GPL(blkdev_ioctl); |