1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/capability.h>
3 #include <linux/compat.h>
4 #include <linux/blkdev.h>
5 #include <linux/export.h>
7 #include <linux/blkpg.h>
8 #include <linux/hdreg.h>
9 #include <linux/backing-dev.h>
11 #include <linux/blktrace_api.h>
13 #include <linux/uaccess.h>
15 static int blkpg_do_ioctl(struct block_device *bdev,
16 struct blkpg_partition __user *upart, int op)
18 struct block_device *bdevp;
20 struct hd_struct *part, *lpart;
21 struct blkpg_partition p;
22 struct disk_part_iter piter;
23 long long start, length;
26 if (!capable(CAP_SYS_ADMIN))
28 if (copy_from_user(&p, upart, sizeof(struct blkpg_partition)))
31 if (bdev != bdev->bd_contains)
37 case BLKPG_ADD_PARTITION:
39 length = p.length >> 9;
40 /* check for fit in a hd_struct */
41 if (sizeof(sector_t) == sizeof(long) &&
42 sizeof(long long) > sizeof(long)) {
43 long pstart = start, plength = length;
44 if (pstart != start || plength != length
45 || pstart < 0 || plength < 0 || partno > 65535)
48 /* check if partition is aligned to blocksize */
49 if (p.start & (bdev_logical_block_size(bdev) - 1))
52 mutex_lock(&bdev->bd_mutex);
55 disk_part_iter_init(&piter, disk,
56 DISK_PITER_INCL_EMPTY);
57 while ((part = disk_part_iter_next(&piter))) {
58 if (!(start + length <= part->start_sect ||
59 start >= part->start_sect + part->nr_sects)) {
60 disk_part_iter_exit(&piter);
61 mutex_unlock(&bdev->bd_mutex);
65 disk_part_iter_exit(&piter);
68 part = add_partition(disk, partno, start, length,
69 ADDPART_FLAG_NONE, NULL);
70 mutex_unlock(&bdev->bd_mutex);
71 return PTR_ERR_OR_ZERO(part);
72 case BLKPG_DEL_PARTITION:
73 part = disk_get_part(disk, partno);
77 bdevp = bdget(part_devt(part));
82 mutex_lock(&bdevp->bd_mutex);
83 if (bdevp->bd_openers) {
84 mutex_unlock(&bdevp->bd_mutex);
90 invalidate_bdev(bdevp);
92 mutex_lock_nested(&bdev->bd_mutex, 1);
93 delete_partition(disk, partno);
94 mutex_unlock(&bdev->bd_mutex);
95 mutex_unlock(&bdevp->bd_mutex);
99 case BLKPG_RESIZE_PARTITION:
100 start = p.start >> 9;
101 /* new length of partition in bytes */
102 length = p.length >> 9;
103 /* check for fit in a hd_struct */
104 if (sizeof(sector_t) == sizeof(long) &&
105 sizeof(long long) > sizeof(long)) {
106 long pstart = start, plength = length;
107 if (pstart != start || plength != length
108 || pstart < 0 || plength < 0)
111 part = disk_get_part(disk, partno);
114 bdevp = bdget(part_devt(part));
119 mutex_lock(&bdevp->bd_mutex);
120 mutex_lock_nested(&bdev->bd_mutex, 1);
121 if (start != part->start_sect) {
122 mutex_unlock(&bdevp->bd_mutex);
123 mutex_unlock(&bdev->bd_mutex);
129 disk_part_iter_init(&piter, disk,
130 DISK_PITER_INCL_EMPTY);
131 while ((lpart = disk_part_iter_next(&piter))) {
132 if (lpart->partno != partno &&
133 !(start + length <= lpart->start_sect ||
134 start >= lpart->start_sect + lpart->nr_sects)
136 disk_part_iter_exit(&piter);
137 mutex_unlock(&bdevp->bd_mutex);
138 mutex_unlock(&bdev->bd_mutex);
144 disk_part_iter_exit(&piter);
145 part_nr_sects_write(part, (sector_t)length);
146 i_size_write(bdevp->bd_inode, p.length);
147 mutex_unlock(&bdevp->bd_mutex);
148 mutex_unlock(&bdev->bd_mutex);
157 static int blkpg_ioctl(struct block_device *bdev,
158 struct blkpg_ioctl_arg __user *arg)
160 struct blkpg_partition __user *udata;
163 if (get_user(op, &arg->op) || get_user(udata, &arg->data))
166 return blkpg_do_ioctl(bdev, udata, op);
170 struct compat_blkpg_ioctl_arg {
173 compat_int_t datalen;
177 static int compat_blkpg_ioctl(struct block_device *bdev,
178 struct compat_blkpg_ioctl_arg __user *arg)
180 compat_caddr_t udata;
183 if (get_user(op, &arg->op) || get_user(udata, &arg->data))
186 return blkpg_do_ioctl(bdev, compat_ptr(udata), op);
190 static int blkdev_reread_part(struct block_device *bdev)
194 if (!disk_part_scan_enabled(bdev->bd_disk) || bdev != bdev->bd_contains)
196 if (!capable(CAP_SYS_ADMIN))
199 mutex_lock(&bdev->bd_mutex);
200 ret = bdev_disk_changed(bdev, false);
201 mutex_unlock(&bdev->bd_mutex);
206 static int blk_ioctl_discard(struct block_device *bdev, fmode_t mode,
207 unsigned long arg, unsigned long flags)
211 struct request_queue *q = bdev_get_queue(bdev);
212 struct address_space *mapping = bdev->bd_inode->i_mapping;
215 if (!(mode & FMODE_WRITE))
218 if (!blk_queue_discard(q))
221 if (copy_from_user(range, (void __user *)arg, sizeof(range)))
232 if (start + len > i_size_read(bdev->bd_inode))
234 truncate_inode_pages_range(mapping, start, start + len - 1);
235 return blkdev_issue_discard(bdev, start >> 9, len >> 9,
239 static int blk_ioctl_zeroout(struct block_device *bdev, fmode_t mode,
243 struct address_space *mapping;
244 uint64_t start, end, len;
246 if (!(mode & FMODE_WRITE))
249 if (copy_from_user(range, (void __user *)arg, sizeof(range)))
254 end = start + len - 1;
260 if (end >= (uint64_t)i_size_read(bdev->bd_inode))
265 /* Invalidate the page cache, including dirty pages */
266 mapping = bdev->bd_inode->i_mapping;
267 truncate_inode_pages_range(mapping, start, end);
269 return blkdev_issue_zeroout(bdev, start >> 9, len >> 9, GFP_KERNEL,
270 BLKDEV_ZERO_NOUNMAP);
273 static int put_ushort(unsigned short __user *argp, unsigned short val)
275 return put_user(val, argp);
278 static int put_int(int __user *argp, int val)
280 return put_user(val, argp);
283 static int put_uint(unsigned int __user *argp, unsigned int val)
285 return put_user(val, argp);
288 static int put_long(long __user *argp, long val)
290 return put_user(val, argp);
293 static int put_ulong(unsigned long __user *argp, unsigned long val)
295 return put_user(val, argp);
298 static int put_u64(u64 __user *argp, u64 val)
300 return put_user(val, argp);
304 static int compat_put_long(compat_long_t *argp, long val)
306 return put_user(val, argp);
309 static int compat_put_ulong(compat_ulong_t *argp, compat_ulong_t val)
311 return put_user(val, argp);
315 int __blkdev_driver_ioctl(struct block_device *bdev, fmode_t mode,
316 unsigned cmd, unsigned long arg)
318 struct gendisk *disk = bdev->bd_disk;
320 if (disk->fops->ioctl)
321 return disk->fops->ioctl(bdev, mode, cmd, arg);
326 * For the record: _GPL here is only because somebody decided to slap it
327 * on the previous export. Sheer idiocy, since it wasn't copyrightable
328 * at all and could be open-coded without any exports by anybody who cares.
330 EXPORT_SYMBOL_GPL(__blkdev_driver_ioctl);
334 * This is the equivalent of compat_ptr_ioctl(), to be used by block
335 * drivers that implement only commands that are completely compatible
336 * between 32-bit and 64-bit user space
338 int blkdev_compat_ptr_ioctl(struct block_device *bdev, fmode_t mode,
339 unsigned cmd, unsigned long arg)
341 struct gendisk *disk = bdev->bd_disk;
343 if (disk->fops->ioctl)
344 return disk->fops->ioctl(bdev, mode, cmd,
345 (unsigned long)compat_ptr(arg));
349 EXPORT_SYMBOL(blkdev_compat_ptr_ioctl);
352 static int blkdev_pr_register(struct block_device *bdev,
353 struct pr_registration __user *arg)
355 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops;
356 struct pr_registration reg;
358 if (!capable(CAP_SYS_ADMIN))
360 if (!ops || !ops->pr_register)
362 if (copy_from_user(®, arg, sizeof(reg)))
365 if (reg.flags & ~PR_FL_IGNORE_KEY)
367 return ops->pr_register(bdev, reg.old_key, reg.new_key, reg.flags);
370 static int blkdev_pr_reserve(struct block_device *bdev,
371 struct pr_reservation __user *arg)
373 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops;
374 struct pr_reservation rsv;
376 if (!capable(CAP_SYS_ADMIN))
378 if (!ops || !ops->pr_reserve)
380 if (copy_from_user(&rsv, arg, sizeof(rsv)))
383 if (rsv.flags & ~PR_FL_IGNORE_KEY)
385 return ops->pr_reserve(bdev, rsv.key, rsv.type, rsv.flags);
388 static int blkdev_pr_release(struct block_device *bdev,
389 struct pr_reservation __user *arg)
391 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops;
392 struct pr_reservation rsv;
394 if (!capable(CAP_SYS_ADMIN))
396 if (!ops || !ops->pr_release)
398 if (copy_from_user(&rsv, arg, sizeof(rsv)))
403 return ops->pr_release(bdev, rsv.key, rsv.type);
406 static int blkdev_pr_preempt(struct block_device *bdev,
407 struct pr_preempt __user *arg, bool abort)
409 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops;
412 if (!capable(CAP_SYS_ADMIN))
414 if (!ops || !ops->pr_preempt)
416 if (copy_from_user(&p, arg, sizeof(p)))
421 return ops->pr_preempt(bdev, p.old_key, p.new_key, p.type, abort);
424 static int blkdev_pr_clear(struct block_device *bdev,
425 struct pr_clear __user *arg)
427 const struct pr_ops *ops = bdev->bd_disk->fops->pr_ops;
430 if (!capable(CAP_SYS_ADMIN))
432 if (!ops || !ops->pr_clear)
434 if (copy_from_user(&c, arg, sizeof(c)))
439 return ops->pr_clear(bdev, c.key);
443 * Is it an unrecognized ioctl? The correct returns are either
444 * ENOTTY (final) or ENOIOCTLCMD ("I don't know this one, try a
445 * fallback"). ENOIOCTLCMD gets turned into ENOTTY by the ioctl
446 * code before returning.
448 * Confused drivers sometimes return EINVAL, which is wrong. It
449 * means "I understood the ioctl command, but the parameters to
452 * We should aim to just fix the broken drivers, the EINVAL case
455 static inline int is_unrecognized_ioctl(int ret)
457 return ret == -EINVAL ||
462 static int blkdev_flushbuf(struct block_device *bdev, fmode_t mode,
463 unsigned cmd, unsigned long arg)
467 if (!capable(CAP_SYS_ADMIN))
470 ret = __blkdev_driver_ioctl(bdev, mode, cmd, arg);
471 if (!is_unrecognized_ioctl(ret))
475 invalidate_bdev(bdev);
479 static int blkdev_roset(struct block_device *bdev, fmode_t mode,
480 unsigned cmd, unsigned long arg)
484 if (!capable(CAP_SYS_ADMIN))
487 ret = __blkdev_driver_ioctl(bdev, mode, cmd, arg);
488 if (!is_unrecognized_ioctl(ret))
490 if (get_user(n, (int __user *)arg))
492 set_device_ro(bdev, n);
496 static int blkdev_getgeo(struct block_device *bdev,
497 struct hd_geometry __user *argp)
499 struct gendisk *disk = bdev->bd_disk;
500 struct hd_geometry geo;
505 if (!disk->fops->getgeo)
509 * We need to set the startsect first, the driver may
510 * want to override it.
512 memset(&geo, 0, sizeof(geo));
513 geo.start = get_start_sect(bdev);
514 ret = disk->fops->getgeo(bdev, &geo);
517 if (copy_to_user(argp, &geo, sizeof(geo)))
523 struct compat_hd_geometry {
525 unsigned char sectors;
526 unsigned short cylinders;
530 static int compat_hdio_getgeo(struct block_device *bdev,
531 struct compat_hd_geometry __user *ugeo)
533 struct gendisk *disk = bdev->bd_disk;
534 struct hd_geometry geo;
539 if (!disk->fops->getgeo)
542 memset(&geo, 0, sizeof(geo));
544 * We need to set the startsect first, the driver may
545 * want to override it.
547 geo.start = get_start_sect(bdev);
548 ret = disk->fops->getgeo(bdev, &geo);
552 ret = copy_to_user(ugeo, &geo, 4);
553 ret |= put_user(geo.start, &ugeo->start);
561 /* set the logical block size */
562 static int blkdev_bszset(struct block_device *bdev, fmode_t mode,
567 if (!capable(CAP_SYS_ADMIN))
571 if (get_user(n, argp))
574 if (!(mode & FMODE_EXCL)) {
576 if (blkdev_get(bdev, mode | FMODE_EXCL, &bdev) < 0)
580 ret = set_blocksize(bdev, n);
581 if (!(mode & FMODE_EXCL))
582 blkdev_put(bdev, mode | FMODE_EXCL);
587 * Common commands that are handled the same way on native and compat
588 * user space. Note the separate arg/argp parameters that are needed
589 * to deal with the compat_ptr() conversion.
591 static int blkdev_common_ioctl(struct block_device *bdev, fmode_t mode,
592 unsigned cmd, unsigned long arg, void __user *argp)
594 unsigned int max_sectors;
598 return blkdev_flushbuf(bdev, mode, cmd, arg);
600 return blkdev_roset(bdev, mode, cmd, arg);
602 return blk_ioctl_discard(bdev, mode, arg, 0);
604 return blk_ioctl_discard(bdev, mode, arg,
605 BLKDEV_DISCARD_SECURE);
607 return blk_ioctl_zeroout(bdev, mode, arg);
609 return blkdev_report_zones_ioctl(bdev, mode, cmd, arg);
614 return blkdev_zone_mgmt_ioctl(bdev, mode, cmd, arg);
616 return put_uint(argp, bdev_zone_sectors(bdev));
618 return put_uint(argp, blkdev_nr_zones(bdev->bd_disk));
620 return put_int(argp, bdev_read_only(bdev) != 0);
621 case BLKSSZGET: /* get block device logical block size */
622 return put_int(argp, bdev_logical_block_size(bdev));
623 case BLKPBSZGET: /* get block device physical block size */
624 return put_uint(argp, bdev_physical_block_size(bdev));
626 return put_uint(argp, bdev_io_min(bdev));
628 return put_uint(argp, bdev_io_opt(bdev));
630 return put_int(argp, bdev_alignment_offset(bdev));
631 case BLKDISCARDZEROES:
632 return put_uint(argp, 0);
634 max_sectors = min_t(unsigned int, USHRT_MAX,
635 queue_max_sectors(bdev_get_queue(bdev)));
636 return put_ushort(argp, max_sectors);
638 return put_ushort(argp, !blk_queue_nonrot(bdev_get_queue(bdev)));
641 if(!capable(CAP_SYS_ADMIN))
643 bdev->bd_bdi->ra_pages = (arg * 512) / PAGE_SIZE;
646 return blkdev_reread_part(bdev);
649 case BLKTRACETEARDOWN:
650 return blk_trace_ioctl(bdev, cmd, argp);
651 case IOC_PR_REGISTER:
652 return blkdev_pr_register(bdev, argp);
654 return blkdev_pr_reserve(bdev, argp);
656 return blkdev_pr_release(bdev, argp);
658 return blkdev_pr_preempt(bdev, argp, false);
659 case IOC_PR_PREEMPT_ABORT:
660 return blkdev_pr_preempt(bdev, argp, true);
662 return blkdev_pr_clear(bdev, argp);
669 * Always keep this in sync with compat_blkdev_ioctl()
670 * to handle all incompatible commands in both functions.
672 * New commands must be compatible and go into blkdev_common_ioctl
674 int blkdev_ioctl(struct block_device *bdev, fmode_t mode, unsigned cmd,
679 void __user *argp = (void __user *)arg;
682 /* These need separate implementations for the data structure */
684 return blkdev_getgeo(bdev, argp);
686 return blkpg_ioctl(bdev, argp);
688 /* Compat mode returns 32-bit data instead of 'long' */
693 return put_long(argp, (bdev->bd_bdi->ra_pages*PAGE_SIZE) / 512);
695 size = i_size_read(bdev->bd_inode);
696 if ((size >> 9) > ~0UL)
698 return put_ulong(argp, size >> 9);
700 /* The data is compatible, but the command number is different */
701 case BLKBSZGET: /* get block device soft block size (cf. BLKSSZGET) */
702 return put_int(argp, block_size(bdev));
704 return blkdev_bszset(bdev, mode, argp);
706 return put_u64(argp, i_size_read(bdev->bd_inode));
708 /* Incompatible alignment on i386 */
710 return blk_trace_ioctl(bdev, cmd, argp);
715 ret = blkdev_common_ioctl(bdev, mode, cmd, arg, argp);
716 if (ret == -ENOIOCTLCMD)
717 return __blkdev_driver_ioctl(bdev, mode, cmd, arg);
721 EXPORT_SYMBOL_GPL(blkdev_ioctl); /* for /dev/raw */
725 #define BLKBSZGET_32 _IOR(0x12, 112, int)
726 #define BLKBSZSET_32 _IOW(0x12, 113, int)
727 #define BLKGETSIZE64_32 _IOR(0x12, 114, int)
729 /* Most of the generic ioctls are handled in the normal fallback path.
730 This assumes the blkdev's low level compat_ioctl always returns
731 ENOIOCTLCMD for unknown ioctls. */
732 long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg)
735 void __user *argp = compat_ptr(arg);
736 struct inode *inode = file->f_mapping->host;
737 struct block_device *bdev = inode->i_bdev;
738 struct gendisk *disk = bdev->bd_disk;
739 fmode_t mode = file->f_mode;
743 * O_NDELAY can be altered using fcntl(.., F_SETFL, ..), so we have
744 * to updated it before every ioctl.
746 if (file->f_flags & O_NDELAY)
747 mode |= FMODE_NDELAY;
749 mode &= ~FMODE_NDELAY;
752 /* These need separate implementations for the data structure */
754 return compat_hdio_getgeo(bdev, argp);
756 return compat_blkpg_ioctl(bdev, argp);
758 /* Compat mode returns 32-bit data instead of 'long' */
763 return compat_put_long(argp,
764 (bdev->bd_bdi->ra_pages * PAGE_SIZE) / 512);
766 size = i_size_read(bdev->bd_inode);
767 if ((size >> 9) > ~0UL)
769 return compat_put_ulong(argp, size >> 9);
771 /* The data is compatible, but the command number is different */
772 case BLKBSZGET_32: /* get the logical block size (cf. BLKSSZGET) */
773 return put_int(argp, bdev_logical_block_size(bdev));
775 return blkdev_bszset(bdev, mode, argp);
776 case BLKGETSIZE64_32:
777 return put_u64(argp, i_size_read(bdev->bd_inode));
779 /* Incompatible alignment on i386 */
780 case BLKTRACESETUP32:
781 return blk_trace_ioctl(bdev, cmd, argp);
786 ret = blkdev_common_ioctl(bdev, mode, cmd, arg, argp);
787 if (ret == -ENOIOCTLCMD && disk->fops->compat_ioctl)
788 ret = disk->fops->compat_ioctl(bdev, mode, cmd, arg);