file.c 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * linux/fs/fat/file.c
  4. *
  5. * Written 1992,1993 by Werner Almesberger
  6. *
  7. * regular file handling primitives for fat-based filesystems
  8. */
  9. #include <linux/capability.h>
  10. #include <linux/module.h>
  11. #include <linux/compat.h>
  12. #include <linux/mount.h>
  13. #include <linux/blkdev.h>
  14. #include <linux/backing-dev.h>
  15. #include <linux/filelock.h>
  16. #include <linux/fsnotify.h>
  17. #include <linux/security.h>
  18. #include <linux/falloc.h>
  19. #include "fat.h"
  20. static long fat_fallocate(struct file *file, int mode,
  21. loff_t offset, loff_t len);
  22. static int fat_ioctl_get_attributes(struct inode *inode, u32 __user *user_attr)
  23. {
  24. u32 attr;
  25. inode_lock_shared(inode);
  26. attr = fat_make_attrs(inode);
  27. inode_unlock_shared(inode);
  28. return put_user(attr, user_attr);
  29. }
  30. static int fat_ioctl_set_attributes(struct file *file, u32 __user *user_attr)
  31. {
  32. struct inode *inode = file_inode(file);
  33. struct msdos_sb_info *sbi = MSDOS_SB(inode->i_sb);
  34. int is_dir = S_ISDIR(inode->i_mode);
  35. u32 attr, oldattr;
  36. struct iattr ia;
  37. int err;
  38. err = get_user(attr, user_attr);
  39. if (err)
  40. goto out;
  41. err = mnt_want_write_file(file);
  42. if (err)
  43. goto out;
  44. inode_lock(inode);
  45. /*
  46. * ATTR_VOLUME and ATTR_DIR cannot be changed; this also
  47. * prevents the user from turning us into a VFAT
  48. * longname entry. Also, we obviously can't set
  49. * any of the NTFS attributes in the high 24 bits.
  50. */
  51. attr &= 0xff & ~(ATTR_VOLUME | ATTR_DIR);
  52. /* Merge in ATTR_VOLUME and ATTR_DIR */
  53. attr |= (MSDOS_I(inode)->i_attrs & ATTR_VOLUME) |
  54. (is_dir ? ATTR_DIR : 0);
  55. oldattr = fat_make_attrs(inode);
  56. /* Equivalent to a chmod() */
  57. ia.ia_valid = ATTR_MODE | ATTR_CTIME;
  58. ia.ia_ctime = current_time(inode);
  59. if (is_dir)
  60. ia.ia_mode = fat_make_mode(sbi, attr, S_IRWXUGO);
  61. else {
  62. ia.ia_mode = fat_make_mode(sbi, attr,
  63. S_IRUGO | S_IWUGO | (inode->i_mode & S_IXUGO));
  64. }
  65. /* The root directory has no attributes */
  66. if (inode->i_ino == MSDOS_ROOT_INO && attr != ATTR_DIR) {
  67. err = -EINVAL;
  68. goto out_unlock_inode;
  69. }
  70. if (sbi->options.sys_immutable &&
  71. ((attr | oldattr) & ATTR_SYS) &&
  72. !capable(CAP_LINUX_IMMUTABLE)) {
  73. err = -EPERM;
  74. goto out_unlock_inode;
  75. }
  76. /*
  77. * The security check is questionable... We single
  78. * out the RO attribute for checking by the security
  79. * module, just because it maps to a file mode.
  80. */
  81. err = security_inode_setattr(file_mnt_idmap(file),
  82. file->f_path.dentry, &ia);
  83. if (err)
  84. goto out_unlock_inode;
  85. /* This MUST be done before doing anything irreversible... */
  86. err = fat_setattr(file_mnt_idmap(file), file->f_path.dentry, &ia);
  87. if (err)
  88. goto out_unlock_inode;
  89. fsnotify_change(file->f_path.dentry, ia.ia_valid);
  90. if (sbi->options.sys_immutable) {
  91. if (attr & ATTR_SYS)
  92. inode->i_flags |= S_IMMUTABLE;
  93. else
  94. inode->i_flags &= ~S_IMMUTABLE;
  95. }
  96. fat_save_attrs(inode, attr);
  97. mark_inode_dirty(inode);
  98. out_unlock_inode:
  99. inode_unlock(inode);
  100. mnt_drop_write_file(file);
  101. out:
  102. return err;
  103. }
  104. static int fat_ioctl_get_volume_id(struct inode *inode, u32 __user *user_attr)
  105. {
  106. struct msdos_sb_info *sbi = MSDOS_SB(inode->i_sb);
  107. return put_user(sbi->vol_id, user_attr);
  108. }
  109. static int fat_ioctl_fitrim(struct inode *inode, unsigned long arg)
  110. {
  111. struct super_block *sb = inode->i_sb;
  112. struct fstrim_range __user *user_range;
  113. struct fstrim_range range;
  114. int err;
  115. if (!capable(CAP_SYS_ADMIN))
  116. return -EPERM;
  117. if (!bdev_max_discard_sectors(sb->s_bdev))
  118. return -EOPNOTSUPP;
  119. user_range = (struct fstrim_range __user *)arg;
  120. if (copy_from_user(&range, user_range, sizeof(range)))
  121. return -EFAULT;
  122. range.minlen = max(range.minlen, bdev_discard_granularity(sb->s_bdev));
  123. err = fat_trim_fs(inode, &range);
  124. if (err < 0)
  125. return err;
  126. if (copy_to_user(user_range, &range, sizeof(range)))
  127. return -EFAULT;
  128. return 0;
  129. }
  130. long fat_generic_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
  131. {
  132. struct inode *inode = file_inode(filp);
  133. u32 __user *user_attr = (u32 __user *)arg;
  134. switch (cmd) {
  135. case FAT_IOCTL_GET_ATTRIBUTES:
  136. return fat_ioctl_get_attributes(inode, user_attr);
  137. case FAT_IOCTL_SET_ATTRIBUTES:
  138. return fat_ioctl_set_attributes(filp, user_attr);
  139. case FAT_IOCTL_GET_VOLUME_ID:
  140. return fat_ioctl_get_volume_id(inode, user_attr);
  141. case FITRIM:
  142. return fat_ioctl_fitrim(inode, arg);
  143. default:
  144. return -ENOTTY; /* Inappropriate ioctl for device */
  145. }
  146. }
  147. static int fat_file_release(struct inode *inode, struct file *filp)
  148. {
  149. if ((filp->f_mode & FMODE_WRITE) &&
  150. MSDOS_SB(inode->i_sb)->options.flush) {
  151. fat_flush_inodes(inode->i_sb, inode, NULL);
  152. set_current_state(TASK_UNINTERRUPTIBLE);
  153. io_schedule_timeout(HZ/10);
  154. }
  155. return 0;
  156. }
  157. int fat_file_fsync(struct file *filp, loff_t start, loff_t end, int datasync)
  158. {
  159. struct inode *inode = filp->f_mapping->host;
  160. int err;
  161. err = __generic_file_fsync(filp, start, end, datasync);
  162. if (err)
  163. return err;
  164. err = sync_mapping_buffers(MSDOS_SB(inode->i_sb)->fat_inode->i_mapping);
  165. if (err)
  166. return err;
  167. return blkdev_issue_flush(inode->i_sb->s_bdev);
  168. }
  169. const struct file_operations fat_file_operations = {
  170. .llseek = generic_file_llseek,
  171. .read_iter = generic_file_read_iter,
  172. .write_iter = generic_file_write_iter,
  173. .mmap_prepare = generic_file_mmap_prepare,
  174. .release = fat_file_release,
  175. .unlocked_ioctl = fat_generic_ioctl,
  176. .compat_ioctl = compat_ptr_ioctl,
  177. .fsync = fat_file_fsync,
  178. .splice_read = filemap_splice_read,
  179. .splice_write = iter_file_splice_write,
  180. .fallocate = fat_fallocate,
  181. .setlease = generic_setlease,
  182. };
  183. static int fat_cont_expand(struct inode *inode, loff_t size)
  184. {
  185. struct address_space *mapping = inode->i_mapping;
  186. loff_t start = inode->i_size, count = size - inode->i_size;
  187. int err;
  188. err = generic_cont_expand_simple(inode, size);
  189. if (err)
  190. goto out;
  191. fat_truncate_time(inode, NULL, FAT_UPDATE_CMTIME);
  192. mark_inode_dirty(inode);
  193. if (IS_SYNC(inode)) {
  194. int err2;
  195. /*
  196. * Opencode syncing since we don't have a file open to use
  197. * standard fsync path.
  198. */
  199. err = filemap_fdatawrite_range(mapping, start,
  200. start + count - 1);
  201. err2 = sync_mapping_buffers(mapping);
  202. if (!err)
  203. err = err2;
  204. err2 = write_inode_now(inode, 1);
  205. if (!err)
  206. err = err2;
  207. if (!err) {
  208. err = filemap_fdatawait_range(mapping, start,
  209. start + count - 1);
  210. }
  211. }
  212. out:
  213. return err;
  214. }
  215. /*
  216. * Preallocate space for a file. This implements fat's fallocate file
  217. * operation, which gets called from sys_fallocate system call. User
  218. * space requests len bytes at offset. If FALLOC_FL_KEEP_SIZE is set
  219. * we just allocate clusters without zeroing them out. Otherwise we
  220. * allocate and zero out clusters via an expanding truncate.
  221. */
  222. static long fat_fallocate(struct file *file, int mode,
  223. loff_t offset, loff_t len)
  224. {
  225. int nr_cluster; /* Number of clusters to be allocated */
  226. loff_t mm_bytes; /* Number of bytes to be allocated for file */
  227. loff_t ondisksize; /* block aligned on-disk size in bytes*/
  228. struct inode *inode = file->f_mapping->host;
  229. struct super_block *sb = inode->i_sb;
  230. struct msdos_sb_info *sbi = MSDOS_SB(sb);
  231. int err = 0;
  232. /* No support for hole punch or other fallocate flags. */
  233. if (mode & ~FALLOC_FL_KEEP_SIZE)
  234. return -EOPNOTSUPP;
  235. /* No support for dir */
  236. if (!S_ISREG(inode->i_mode))
  237. return -EOPNOTSUPP;
  238. inode_lock(inode);
  239. if (mode & FALLOC_FL_KEEP_SIZE) {
  240. ondisksize = inode->i_blocks << 9;
  241. if ((offset + len) <= ondisksize)
  242. goto error;
  243. /* First compute the number of clusters to be allocated */
  244. mm_bytes = offset + len - ondisksize;
  245. nr_cluster = (mm_bytes + (sbi->cluster_size - 1)) >>
  246. sbi->cluster_bits;
  247. /* Start the allocation.We are not zeroing out the clusters */
  248. while (nr_cluster-- > 0) {
  249. err = fat_add_cluster(inode);
  250. if (err)
  251. goto error;
  252. }
  253. } else {
  254. if ((offset + len) <= i_size_read(inode))
  255. goto error;
  256. /* This is just an expanding truncate */
  257. err = fat_cont_expand(inode, (offset + len));
  258. }
  259. error:
  260. inode_unlock(inode);
  261. return err;
  262. }
  263. /* Free all clusters after the skip'th cluster. */
  264. static int fat_free(struct inode *inode, int skip)
  265. {
  266. struct super_block *sb = inode->i_sb;
  267. int err, wait, free_start, i_start, i_logstart;
  268. if (MSDOS_I(inode)->i_start == 0)
  269. return 0;
  270. fat_cache_inval_inode(inode);
  271. wait = IS_DIRSYNC(inode);
  272. i_start = free_start = MSDOS_I(inode)->i_start;
  273. i_logstart = MSDOS_I(inode)->i_logstart;
  274. /* First, we write the new file size. */
  275. if (!skip) {
  276. MSDOS_I(inode)->i_start = 0;
  277. MSDOS_I(inode)->i_logstart = 0;
  278. }
  279. MSDOS_I(inode)->i_attrs |= ATTR_ARCH;
  280. fat_truncate_time(inode, NULL, FAT_UPDATE_CMTIME);
  281. if (wait) {
  282. err = fat_sync_inode(inode);
  283. if (err) {
  284. MSDOS_I(inode)->i_start = i_start;
  285. MSDOS_I(inode)->i_logstart = i_logstart;
  286. return err;
  287. }
  288. } else
  289. mark_inode_dirty(inode);
  290. /* Write a new EOF, and get the remaining cluster chain for freeing. */
  291. if (skip) {
  292. struct fat_entry fatent;
  293. int ret, fclus, dclus;
  294. ret = fat_get_cluster(inode, skip - 1, &fclus, &dclus);
  295. if (ret < 0)
  296. return ret;
  297. else if (ret == FAT_ENT_EOF)
  298. return 0;
  299. fatent_init(&fatent);
  300. ret = fat_ent_read(inode, &fatent, dclus);
  301. if (ret == FAT_ENT_EOF) {
  302. fatent_brelse(&fatent);
  303. return 0;
  304. } else if (ret == FAT_ENT_FREE) {
  305. fat_fs_error(sb,
  306. "%s: invalid cluster chain (i_pos %lld)",
  307. __func__, MSDOS_I(inode)->i_pos);
  308. ret = -EIO;
  309. } else if (ret > 0) {
  310. err = fat_ent_write(inode, &fatent, FAT_ENT_EOF, wait);
  311. if (err)
  312. ret = err;
  313. }
  314. fatent_brelse(&fatent);
  315. if (ret < 0)
  316. return ret;
  317. free_start = ret;
  318. }
  319. inode->i_blocks = skip << (MSDOS_SB(sb)->cluster_bits - 9);
  320. /* Freeing the remained cluster chain */
  321. return fat_free_clusters(inode, free_start);
  322. }
  323. void fat_truncate_blocks(struct inode *inode, loff_t offset)
  324. {
  325. struct msdos_sb_info *sbi = MSDOS_SB(inode->i_sb);
  326. const unsigned int cluster_size = sbi->cluster_size;
  327. int nr_clusters;
  328. /*
  329. * This protects against truncating a file bigger than it was then
  330. * trying to write into the hole.
  331. */
  332. if (MSDOS_I(inode)->mmu_private > offset)
  333. MSDOS_I(inode)->mmu_private = offset;
  334. nr_clusters = (offset + (cluster_size - 1)) >> sbi->cluster_bits;
  335. fat_free(inode, nr_clusters);
  336. fat_flush_inodes(inode->i_sb, inode, NULL);
  337. }
  338. int fat_getattr(struct mnt_idmap *idmap, const struct path *path,
  339. struct kstat *stat, u32 request_mask, unsigned int flags)
  340. {
  341. struct inode *inode = d_inode(path->dentry);
  342. struct msdos_sb_info *sbi = MSDOS_SB(inode->i_sb);
  343. generic_fillattr(idmap, request_mask, inode, stat);
  344. stat->blksize = sbi->cluster_size;
  345. if (sbi->options.nfs == FAT_NFS_NOSTALE_RO) {
  346. /* Use i_pos for ino. This is used as fileid of nfs. */
  347. stat->ino = fat_i_pos_read(sbi, inode);
  348. }
  349. if (sbi->options.isvfat && request_mask & STATX_BTIME) {
  350. stat->result_mask |= STATX_BTIME;
  351. stat->btime = MSDOS_I(inode)->i_crtime;
  352. }
  353. return 0;
  354. }
  355. EXPORT_SYMBOL_GPL(fat_getattr);
  356. static int fat_sanitize_mode(const struct msdos_sb_info *sbi,
  357. struct inode *inode, umode_t *mode_ptr)
  358. {
  359. umode_t mask, perm;
  360. /*
  361. * Note, the basic check is already done by a caller of
  362. * (attr->ia_mode & ~FAT_VALID_MODE)
  363. */
  364. if (S_ISREG(inode->i_mode))
  365. mask = sbi->options.fs_fmask;
  366. else
  367. mask = sbi->options.fs_dmask;
  368. perm = *mode_ptr & ~(S_IFMT | mask);
  369. /*
  370. * Of the r and x bits, all (subject to umask) must be present. Of the
  371. * w bits, either all (subject to umask) or none must be present.
  372. *
  373. * If fat_mode_can_hold_ro(inode) is false, can't change w bits.
  374. */
  375. if ((perm & (S_IRUGO | S_IXUGO)) != (inode->i_mode & (S_IRUGO|S_IXUGO)))
  376. return -EPERM;
  377. if (fat_mode_can_hold_ro(inode)) {
  378. if ((perm & S_IWUGO) && ((perm & S_IWUGO) != (S_IWUGO & ~mask)))
  379. return -EPERM;
  380. } else {
  381. if ((perm & S_IWUGO) != (S_IWUGO & ~mask))
  382. return -EPERM;
  383. }
  384. *mode_ptr &= S_IFMT | perm;
  385. return 0;
  386. }
  387. static int fat_allow_set_time(struct mnt_idmap *idmap,
  388. struct msdos_sb_info *sbi, struct inode *inode)
  389. {
  390. umode_t allow_utime = sbi->options.allow_utime;
  391. if (!vfsuid_eq_kuid(i_uid_into_vfsuid(idmap, inode),
  392. current_fsuid())) {
  393. if (vfsgid_in_group_p(i_gid_into_vfsgid(idmap, inode)))
  394. allow_utime >>= 3;
  395. if (allow_utime & MAY_WRITE)
  396. return 1;
  397. }
  398. /* use a default check */
  399. return 0;
  400. }
  401. #define TIMES_SET_FLAGS (ATTR_MTIME_SET | ATTR_ATIME_SET | ATTR_TIMES_SET)
  402. /* valid file mode bits */
  403. #define FAT_VALID_MODE (S_IFREG | S_IFDIR | S_IRWXUGO)
  404. int fat_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
  405. struct iattr *attr)
  406. {
  407. struct msdos_sb_info *sbi = MSDOS_SB(dentry->d_sb);
  408. struct inode *inode = d_inode(dentry);
  409. unsigned int ia_valid;
  410. int error;
  411. /* Check for setting the inode time. */
  412. ia_valid = attr->ia_valid;
  413. if (ia_valid & TIMES_SET_FLAGS) {
  414. if (fat_allow_set_time(idmap, sbi, inode))
  415. attr->ia_valid &= ~TIMES_SET_FLAGS;
  416. }
  417. error = setattr_prepare(idmap, dentry, attr);
  418. attr->ia_valid = ia_valid;
  419. if (error) {
  420. if (sbi->options.quiet)
  421. error = 0;
  422. goto out;
  423. }
  424. /*
  425. * Expand the file. Since inode_setattr() updates ->i_size
  426. * before calling the ->truncate(), but FAT needs to fill the
  427. * hole before it. XXX: this is no longer true with new truncate
  428. * sequence.
  429. */
  430. if (attr->ia_valid & ATTR_SIZE) {
  431. inode_dio_wait(inode);
  432. if (attr->ia_size > inode->i_size) {
  433. error = fat_cont_expand(inode, attr->ia_size);
  434. if (error || attr->ia_valid == ATTR_SIZE)
  435. goto out;
  436. attr->ia_valid &= ~ATTR_SIZE;
  437. }
  438. }
  439. if (((attr->ia_valid & ATTR_UID) &&
  440. (!uid_eq(from_vfsuid(idmap, i_user_ns(inode), attr->ia_vfsuid),
  441. sbi->options.fs_uid))) ||
  442. ((attr->ia_valid & ATTR_GID) &&
  443. (!gid_eq(from_vfsgid(idmap, i_user_ns(inode), attr->ia_vfsgid),
  444. sbi->options.fs_gid))) ||
  445. ((attr->ia_valid & ATTR_MODE) &&
  446. (attr->ia_mode & ~FAT_VALID_MODE)))
  447. error = -EPERM;
  448. if (error) {
  449. if (sbi->options.quiet)
  450. error = 0;
  451. goto out;
  452. }
  453. /*
  454. * We don't return -EPERM here. Yes, strange, but this is too
  455. * old behavior.
  456. */
  457. if (attr->ia_valid & ATTR_MODE) {
  458. if (fat_sanitize_mode(sbi, inode, &attr->ia_mode) < 0)
  459. attr->ia_valid &= ~ATTR_MODE;
  460. }
  461. if (attr->ia_valid & ATTR_SIZE) {
  462. error = fat_block_truncate_page(inode, attr->ia_size);
  463. if (error)
  464. goto out;
  465. down_write(&MSDOS_I(inode)->truncate_lock);
  466. truncate_setsize(inode, attr->ia_size);
  467. fat_truncate_blocks(inode, attr->ia_size);
  468. up_write(&MSDOS_I(inode)->truncate_lock);
  469. }
  470. /*
  471. * setattr_copy can't truncate these appropriately, so we'll copy them
  472. * ourselves. See fat_truncate_time for the c/mtime logic on fat.
  473. */
  474. if (attr->ia_valid & ATTR_ATIME)
  475. fat_truncate_time(inode, &attr->ia_atime, FAT_UPDATE_ATIME);
  476. if (attr->ia_valid & ATTR_MTIME)
  477. fat_truncate_time(inode, &attr->ia_mtime, FAT_UPDATE_CMTIME);
  478. attr->ia_valid &= ~(ATTR_ATIME|ATTR_CTIME|ATTR_MTIME);
  479. setattr_copy(idmap, inode, attr);
  480. mark_inode_dirty(inode);
  481. out:
  482. return error;
  483. }
  484. EXPORT_SYMBOL_GPL(fat_setattr);
  485. const struct inode_operations fat_file_inode_operations = {
  486. .setattr = fat_setattr,
  487. .getattr = fat_getattr,
  488. .update_time = fat_update_time,
  489. };