1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * fs/ioprio.c
4  *
5  * Copyright (C) 2004 Jens Axboe <axboe@kernel.dk>
6  *
7  * Helper functions for setting/querying io priorities of processes. The
8  * system calls closely mimmick getpriority/setpriority, see the man page for
9  * those. The prio argument is a composite of prio class and prio data, where
10  * the data argument has meaning within that class. The standard scheduling
11  * classes have 8 distinct prio levels, with 0 being the highest prio and 7
12  * being the lowest.
13  *
14  * IOW, setting BE scheduling class with prio 2 is done ala:
15  *
16  * unsigned int prio = (IOPRIO_CLASS_BE << IOPRIO_CLASS_SHIFT) | 2;
17  *
18  * ioprio_set(PRIO_PROCESS, pid, prio);
19  *
20  * See also Documentation/block/ioprio.rst
21  *
22  */
23 #include <linux/gfp.h>
24 #include <linux/kernel.h>
25 #include <linux/export.h>
26 #include <linux/ioprio.h>
27 #include <linux/cred.h>
28 #include <linux/blkdev.h>
29 #include <linux/capability.h>
30 #include <linux/sched/user.h>
31 #include <linux/sched/task.h>
32 #include <linux/syscalls.h>
33 #include <linux/security.h>
34 #include <linux/pid_namespace.h>
35 
set_task_ioprio(struct task_struct * task,int ioprio)36 int set_task_ioprio(struct task_struct *task, int ioprio)
37 {
38 	int err;
39 	struct io_context *ioc;
40 	const struct cred *cred = current_cred(), *tcred;
41 
42 	rcu_read_lock();
43 	tcred = __task_cred(task);
44 	if (!uid_eq(tcred->uid, cred->euid) &&
45 	    !uid_eq(tcred->uid, cred->uid) && !capable(CAP_SYS_NICE)) {
46 		rcu_read_unlock();
47 		return -EPERM;
48 	}
49 	rcu_read_unlock();
50 
51 	err = security_task_setioprio(task, ioprio);
52 	if (err)
53 		return err;
54 
55 	ioc = get_task_io_context(task, GFP_ATOMIC, NUMA_NO_NODE);
56 	if (ioc) {
57 		ioc->ioprio = ioprio;
58 		put_io_context(ioc);
59 	}
60 
61 	return err;
62 }
63 EXPORT_SYMBOL_GPL(set_task_ioprio);
64 
ioprio_check_cap(int ioprio)65 int ioprio_check_cap(int ioprio)
66 {
67 	int class = IOPRIO_PRIO_CLASS(ioprio);
68 	int data = IOPRIO_PRIO_DATA(ioprio);
69 
70 	switch (class) {
71 		case IOPRIO_CLASS_RT:
72 			/*
73 			 * Originally this only checked for CAP_SYS_ADMIN,
74 			 * which was implicitly allowed for pid 0 by security
75 			 * modules such as SELinux. Make sure we check
76 			 * CAP_SYS_ADMIN first to avoid a denial/avc for
77 			 * possibly missing CAP_SYS_NICE permission.
78 			 */
79 			if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_NICE))
80 				return -EPERM;
81 			fallthrough;
82 			/* rt has prio field too */
83 		case IOPRIO_CLASS_BE:
84 			if (data >= IOPRIO_NR_LEVELS || data < 0)
85 				return -EINVAL;
86 			break;
87 		case IOPRIO_CLASS_IDLE:
88 			break;
89 		case IOPRIO_CLASS_NONE:
90 			if (data)
91 				return -EINVAL;
92 			break;
93 		default:
94 			return -EINVAL;
95 	}
96 
97 	return 0;
98 }
99 
SYSCALL_DEFINE3(ioprio_set,int,which,int,who,int,ioprio)100 SYSCALL_DEFINE3(ioprio_set, int, which, int, who, int, ioprio)
101 {
102 	struct task_struct *p, *g;
103 	struct user_struct *user;
104 	struct pid *pgrp;
105 	kuid_t uid;
106 	int ret;
107 
108 	ret = ioprio_check_cap(ioprio);
109 	if (ret)
110 		return ret;
111 
112 	ret = -ESRCH;
113 	rcu_read_lock();
114 	switch (which) {
115 		case IOPRIO_WHO_PROCESS:
116 			if (!who)
117 				p = current;
118 			else
119 				p = find_task_by_vpid(who);
120 			if (p)
121 				ret = set_task_ioprio(p, ioprio);
122 			break;
123 		case IOPRIO_WHO_PGRP:
124 			if (!who)
125 				pgrp = task_pgrp(current);
126 			else
127 				pgrp = find_vpid(who);
128 
129 			read_lock(&tasklist_lock);
130 			do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
131 				ret = set_task_ioprio(p, ioprio);
132 				if (ret) {
133 					read_unlock(&tasklist_lock);
134 					goto out;
135 				}
136 			} while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
137 			read_unlock(&tasklist_lock);
138 
139 			break;
140 		case IOPRIO_WHO_USER:
141 			uid = make_kuid(current_user_ns(), who);
142 			if (!uid_valid(uid))
143 				break;
144 			if (!who)
145 				user = current_user();
146 			else
147 				user = find_user(uid);
148 
149 			if (!user)
150 				break;
151 
152 			for_each_process_thread(g, p) {
153 				if (!uid_eq(task_uid(p), uid) ||
154 				    !task_pid_vnr(p))
155 					continue;
156 				ret = set_task_ioprio(p, ioprio);
157 				if (ret)
158 					goto free_uid;
159 			}
160 free_uid:
161 			if (who)
162 				free_uid(user);
163 			break;
164 		default:
165 			ret = -EINVAL;
166 	}
167 
168 out:
169 	rcu_read_unlock();
170 	return ret;
171 }
172 
get_task_ioprio(struct task_struct * p)173 static int get_task_ioprio(struct task_struct *p)
174 {
175 	int ret;
176 
177 	ret = security_task_getioprio(p);
178 	if (ret)
179 		goto out;
180 	ret = IOPRIO_DEFAULT;
181 	task_lock(p);
182 	if (p->io_context)
183 		ret = p->io_context->ioprio;
184 	task_unlock(p);
185 out:
186 	return ret;
187 }
188 
ioprio_best(unsigned short aprio,unsigned short bprio)189 int ioprio_best(unsigned short aprio, unsigned short bprio)
190 {
191 	if (!ioprio_valid(aprio))
192 		aprio = IOPRIO_DEFAULT;
193 	if (!ioprio_valid(bprio))
194 		bprio = IOPRIO_DEFAULT;
195 
196 	return min(aprio, bprio);
197 }
198 
SYSCALL_DEFINE2(ioprio_get,int,which,int,who)199 SYSCALL_DEFINE2(ioprio_get, int, which, int, who)
200 {
201 	struct task_struct *g, *p;
202 	struct user_struct *user;
203 	struct pid *pgrp;
204 	kuid_t uid;
205 	int ret = -ESRCH;
206 	int tmpio;
207 
208 	rcu_read_lock();
209 	switch (which) {
210 		case IOPRIO_WHO_PROCESS:
211 			if (!who)
212 				p = current;
213 			else
214 				p = find_task_by_vpid(who);
215 			if (p)
216 				ret = get_task_ioprio(p);
217 			break;
218 		case IOPRIO_WHO_PGRP:
219 			if (!who)
220 				pgrp = task_pgrp(current);
221 			else
222 				pgrp = find_vpid(who);
223 			read_lock(&tasklist_lock);
224 			do_each_pid_thread(pgrp, PIDTYPE_PGID, p) {
225 				tmpio = get_task_ioprio(p);
226 				if (tmpio < 0)
227 					continue;
228 				if (ret == -ESRCH)
229 					ret = tmpio;
230 				else
231 					ret = ioprio_best(ret, tmpio);
232 			} while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
233 			read_unlock(&tasklist_lock);
234 
235 			break;
236 		case IOPRIO_WHO_USER:
237 			uid = make_kuid(current_user_ns(), who);
238 			if (!who)
239 				user = current_user();
240 			else
241 				user = find_user(uid);
242 
243 			if (!user)
244 				break;
245 
246 			for_each_process_thread(g, p) {
247 				if (!uid_eq(task_uid(p), user->uid) ||
248 				    !task_pid_vnr(p))
249 					continue;
250 				tmpio = get_task_ioprio(p);
251 				if (tmpio < 0)
252 					continue;
253 				if (ret == -ESRCH)
254 					ret = tmpio;
255 				else
256 					ret = ioprio_best(ret, tmpio);
257 			}
258 
259 			if (who)
260 				free_uid(user);
261 			break;
262 		default:
263 			ret = -EINVAL;
264 	}
265 
266 	rcu_read_unlock();
267 	return ret;
268 }
269