Loading...
1/*
2 * Copyright (C) 2008 Christoph Hellwig.
3 * Portions Copyright (C) 2000-2008 Silicon Graphics, Inc.
4 *
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it would be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write the Free Software Foundation,
16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19#include "xfs.h"
20#include "xfs_format.h"
21#include "xfs_log_format.h"
22#include "xfs_trans_resv.h"
23#include "xfs_mount.h"
24#include "xfs_da_format.h"
25#include "xfs_inode.h"
26#include "xfs_attr.h"
27#include "xfs_attr_leaf.h"
28#include "xfs_acl.h"
29
30#include <linux/posix_acl_xattr.h>
31#include <linux/xattr.h>
32
33
34static int
35xfs_xattr_get(const struct xattr_handler *handler, struct dentry *unused,
36 struct inode *inode, const char *name, void *value, size_t size)
37{
38 int xflags = handler->flags;
39 struct xfs_inode *ip = XFS_I(inode);
40 int error, asize = size;
41
42 /* Convert Linux syscall to XFS internal ATTR flags */
43 if (!size) {
44 xflags |= ATTR_KERNOVAL;
45 value = NULL;
46 }
47
48 error = xfs_attr_get(ip, (unsigned char *)name, value, &asize, xflags);
49 if (error)
50 return error;
51 return asize;
52}
53
54void
55xfs_forget_acl(
56 struct inode *inode,
57 const char *name,
58 int xflags)
59{
60 /*
61 * Invalidate any cached ACLs if the user has bypassed the ACL
62 * interface. We don't validate the content whatsoever so it is caller
63 * responsibility to provide data in valid format and ensure i_mode is
64 * consistent.
65 */
66 if (xflags & ATTR_ROOT) {
67#ifdef CONFIG_XFS_POSIX_ACL
68 if (!strcmp(name, SGI_ACL_FILE))
69 forget_cached_acl(inode, ACL_TYPE_ACCESS);
70 else if (!strcmp(name, SGI_ACL_DEFAULT))
71 forget_cached_acl(inode, ACL_TYPE_DEFAULT);
72#endif
73 }
74}
75
76static int
77xfs_xattr_set(const struct xattr_handler *handler, struct dentry *unused,
78 struct inode *inode, const char *name, const void *value,
79 size_t size, int flags)
80{
81 int xflags = handler->flags;
82 struct xfs_inode *ip = XFS_I(inode);
83 int error;
84
85 /* Convert Linux syscall to XFS internal ATTR flags */
86 if (flags & XATTR_CREATE)
87 xflags |= ATTR_CREATE;
88 if (flags & XATTR_REPLACE)
89 xflags |= ATTR_REPLACE;
90
91 if (!value)
92 return xfs_attr_remove(ip, (unsigned char *)name, xflags);
93 error = xfs_attr_set(ip, (unsigned char *)name,
94 (void *)value, size, xflags);
95 if (!error)
96 xfs_forget_acl(inode, name, xflags);
97
98 return error;
99}
100
101static const struct xattr_handler xfs_xattr_user_handler = {
102 .prefix = XATTR_USER_PREFIX,
103 .flags = 0, /* no flags implies user namespace */
104 .get = xfs_xattr_get,
105 .set = xfs_xattr_set,
106};
107
108static const struct xattr_handler xfs_xattr_trusted_handler = {
109 .prefix = XATTR_TRUSTED_PREFIX,
110 .flags = ATTR_ROOT,
111 .get = xfs_xattr_get,
112 .set = xfs_xattr_set,
113};
114
115static const struct xattr_handler xfs_xattr_security_handler = {
116 .prefix = XATTR_SECURITY_PREFIX,
117 .flags = ATTR_SECURE,
118 .get = xfs_xattr_get,
119 .set = xfs_xattr_set,
120};
121
122const struct xattr_handler *xfs_xattr_handlers[] = {
123 &xfs_xattr_user_handler,
124 &xfs_xattr_trusted_handler,
125 &xfs_xattr_security_handler,
126#ifdef CONFIG_XFS_POSIX_ACL
127 &posix_acl_access_xattr_handler,
128 &posix_acl_default_xattr_handler,
129#endif
130 NULL
131};
132
133static void
134__xfs_xattr_put_listent(
135 struct xfs_attr_list_context *context,
136 char *prefix,
137 int prefix_len,
138 unsigned char *name,
139 int namelen)
140{
141 char *offset;
142 int arraytop;
143
144 if (!context->alist)
145 goto compute_size;
146
147 arraytop = context->count + prefix_len + namelen + 1;
148 if (arraytop > context->firstu) {
149 context->count = -1; /* insufficient space */
150 context->seen_enough = 1;
151 return;
152 }
153 offset = (char *)context->alist + context->count;
154 strncpy(offset, prefix, prefix_len);
155 offset += prefix_len;
156 strncpy(offset, (char *)name, namelen); /* real name */
157 offset += namelen;
158 *offset = '\0';
159
160compute_size:
161 context->count += prefix_len + namelen + 1;
162 return;
163}
164
165static void
166xfs_xattr_put_listent(
167 struct xfs_attr_list_context *context,
168 int flags,
169 unsigned char *name,
170 int namelen,
171 int valuelen)
172{
173 char *prefix;
174 int prefix_len;
175
176 ASSERT(context->count >= 0);
177
178 if (flags & XFS_ATTR_ROOT) {
179#ifdef CONFIG_XFS_POSIX_ACL
180 if (namelen == SGI_ACL_FILE_SIZE &&
181 strncmp(name, SGI_ACL_FILE,
182 SGI_ACL_FILE_SIZE) == 0) {
183 __xfs_xattr_put_listent(
184 context, XATTR_SYSTEM_PREFIX,
185 XATTR_SYSTEM_PREFIX_LEN,
186 XATTR_POSIX_ACL_ACCESS,
187 strlen(XATTR_POSIX_ACL_ACCESS));
188 } else if (namelen == SGI_ACL_DEFAULT_SIZE &&
189 strncmp(name, SGI_ACL_DEFAULT,
190 SGI_ACL_DEFAULT_SIZE) == 0) {
191 __xfs_xattr_put_listent(
192 context, XATTR_SYSTEM_PREFIX,
193 XATTR_SYSTEM_PREFIX_LEN,
194 XATTR_POSIX_ACL_DEFAULT,
195 strlen(XATTR_POSIX_ACL_DEFAULT));
196 }
197#endif
198
199 /*
200 * Only show root namespace entries if we are actually allowed to
201 * see them.
202 */
203 if (!capable(CAP_SYS_ADMIN))
204 return;
205
206 prefix = XATTR_TRUSTED_PREFIX;
207 prefix_len = XATTR_TRUSTED_PREFIX_LEN;
208 } else if (flags & XFS_ATTR_SECURE) {
209 prefix = XATTR_SECURITY_PREFIX;
210 prefix_len = XATTR_SECURITY_PREFIX_LEN;
211 } else {
212 prefix = XATTR_USER_PREFIX;
213 prefix_len = XATTR_USER_PREFIX_LEN;
214 }
215
216 __xfs_xattr_put_listent(context, prefix, prefix_len, name,
217 namelen);
218 return;
219}
220
221ssize_t
222xfs_vn_listxattr(
223 struct dentry *dentry,
224 char *data,
225 size_t size)
226{
227 struct xfs_attr_list_context context;
228 struct attrlist_cursor_kern cursor = { 0 };
229 struct inode *inode = d_inode(dentry);
230 int error;
231
232 /*
233 * First read the regular on-disk attributes.
234 */
235 memset(&context, 0, sizeof(context));
236 context.dp = XFS_I(inode);
237 context.cursor = &cursor;
238 context.resynch = 1;
239 context.alist = size ? data : NULL;
240 context.bufsize = size;
241 context.firstu = context.bufsize;
242 context.put_listent = xfs_xattr_put_listent;
243
244 error = xfs_attr_list_int(&context);
245 if (error)
246 return error;
247 if (context.count < 0)
248 return -ERANGE;
249
250 return context.count;
251}
1// SPDX-License-Identifier: GPL-2.0
2/*
3 * Copyright (C) 2008 Christoph Hellwig.
4 * Portions Copyright (C) 2000-2008 Silicon Graphics, Inc.
5 */
6
7#include "xfs.h"
8#include "xfs_shared.h"
9#include "xfs_format.h"
10#include "xfs_log_format.h"
11#include "xfs_da_format.h"
12#include "xfs_trans_resv.h"
13#include "xfs_mount.h"
14#include "xfs_inode.h"
15#include "xfs_da_btree.h"
16#include "xfs_attr.h"
17#include "xfs_acl.h"
18#include "xfs_log.h"
19#include "xfs_xattr.h"
20#include "xfs_quota.h"
21
22#include <linux/posix_acl_xattr.h>
23
24/*
25 * Get permission to use log-assisted atomic exchange of file extents.
26 * Callers must not be running any transactions or hold any ILOCKs.
27 */
28static inline int
29xfs_attr_grab_log_assist(
30 struct xfs_mount *mp)
31{
32 int error = 0;
33
34 /* xattr update log intent items are already enabled */
35 if (xfs_is_using_logged_xattrs(mp))
36 return 0;
37
38 /*
39 * Check if the filesystem featureset is new enough to set this log
40 * incompat feature bit. Strictly speaking, the minimum requirement is
41 * a V5 filesystem for the superblock field, but we'll require rmap
42 * or reflink to avoid having to deal with really old kernels.
43 */
44 if (!xfs_has_reflink(mp) && !xfs_has_rmapbt(mp))
45 return -EOPNOTSUPP;
46
47 /* Enable log-assisted xattrs. */
48 error = xfs_add_incompat_log_feature(mp,
49 XFS_SB_FEAT_INCOMPAT_LOG_XATTRS);
50 if (error)
51 return error;
52 xfs_set_using_logged_xattrs(mp);
53
54 xfs_warn_experimental(mp, XFS_EXPERIMENTAL_LARP);
55
56 return 0;
57}
58
59static inline bool
60xfs_attr_want_log_assist(
61 struct xfs_mount *mp)
62{
63#ifdef DEBUG
64 /* Logged xattrs require a V5 super for log_incompat */
65 return xfs_has_crc(mp) && xfs_globals.larp;
66#else
67 return false;
68#endif
69}
70
71/*
72 * Set or remove an xattr, having grabbed the appropriate logging resources
73 * prior to calling libxfs. Callers of this function are only required to
74 * initialize the inode, attr_filter, name, namelen, value, and valuelen fields
75 * of @args.
76 */
77int
78xfs_attr_change(
79 struct xfs_da_args *args,
80 enum xfs_attr_update op)
81{
82 struct xfs_mount *mp = args->dp->i_mount;
83 int error;
84
85 if (xfs_is_shutdown(mp))
86 return -EIO;
87
88 error = xfs_qm_dqattach(args->dp);
89 if (error)
90 return error;
91
92 /*
93 * We have no control over the attribute names that userspace passes us
94 * to remove, so we have to allow the name lookup prior to attribute
95 * removal to fail as well.
96 */
97 args->op_flags = XFS_DA_OP_OKNOENT;
98
99 if (xfs_attr_want_log_assist(mp)) {
100 error = xfs_attr_grab_log_assist(mp);
101 if (error)
102 return error;
103
104 args->op_flags |= XFS_DA_OP_LOGGED;
105 }
106
107 args->owner = args->dp->i_ino;
108 args->geo = mp->m_attr_geo;
109 args->whichfork = XFS_ATTR_FORK;
110 xfs_attr_sethash(args);
111
112 /*
113 * Some xattrs must be resistant to allocation failure at ENOSPC, e.g.
114 * creating an inode with ACLs or security attributes requires the
115 * allocation of the xattr holding that information to succeed. Hence
116 * we allow xattrs in the VFS TRUSTED, SYSTEM, POSIX_ACL and SECURITY
117 * (LSM xattr) namespaces to dip into the reserve block pool to allow
118 * manipulation of these xattrs when at ENOSPC. These VFS xattr
119 * namespaces translate to the XFS_ATTR_ROOT and XFS_ATTR_SECURE on-disk
120 * namespaces.
121 *
122 * For most of these cases, these special xattrs will fit in the inode
123 * itself and so consume no extra space or only require temporary extra
124 * space while an overwrite is being made. Hence the use of the reserved
125 * pool is largely to avoid the worst case reservation from preventing
126 * the xattr from being created at ENOSPC.
127 */
128 return xfs_attr_set(args, op,
129 args->attr_filter & (XFS_ATTR_ROOT | XFS_ATTR_SECURE));
130}
131
132
133static int
134xfs_xattr_get(const struct xattr_handler *handler, struct dentry *unused,
135 struct inode *inode, const char *name, void *value, size_t size)
136{
137 struct xfs_da_args args = {
138 .dp = XFS_I(inode),
139 .attr_filter = handler->flags,
140 .name = name,
141 .namelen = strlen(name),
142 .value = value,
143 .valuelen = size,
144 };
145 int error;
146
147 if (xfs_ifork_zapped(XFS_I(inode), XFS_ATTR_FORK))
148 return -EIO;
149
150 error = xfs_attr_get(&args);
151 if (error)
152 return error;
153 return args.valuelen;
154}
155
156static inline enum xfs_attr_update
157xfs_xattr_flags_to_op(
158 int flags,
159 const void *value)
160{
161 if (!value)
162 return XFS_ATTRUPDATE_REMOVE;
163 if (flags & XATTR_CREATE)
164 return XFS_ATTRUPDATE_CREATE;
165 if (flags & XATTR_REPLACE)
166 return XFS_ATTRUPDATE_REPLACE;
167 return XFS_ATTRUPDATE_UPSERT;
168}
169
170static int
171xfs_xattr_set(const struct xattr_handler *handler,
172 struct mnt_idmap *idmap, struct dentry *unused,
173 struct inode *inode, const char *name, const void *value,
174 size_t size, int flags)
175{
176 struct xfs_da_args args = {
177 .dp = XFS_I(inode),
178 .attr_filter = handler->flags,
179 .name = name,
180 .namelen = strlen(name),
181 .value = (void *)value,
182 .valuelen = size,
183 };
184 int error;
185
186 error = xfs_attr_change(&args, xfs_xattr_flags_to_op(flags, value));
187 if (!error && (handler->flags & XFS_ATTR_ROOT))
188 xfs_forget_acl(inode, name);
189 return error;
190}
191
192static const struct xattr_handler xfs_xattr_user_handler = {
193 .prefix = XATTR_USER_PREFIX,
194 .flags = 0, /* no flags implies user namespace */
195 .get = xfs_xattr_get,
196 .set = xfs_xattr_set,
197};
198
199static const struct xattr_handler xfs_xattr_trusted_handler = {
200 .prefix = XATTR_TRUSTED_PREFIX,
201 .flags = XFS_ATTR_ROOT,
202 .get = xfs_xattr_get,
203 .set = xfs_xattr_set,
204};
205
206static const struct xattr_handler xfs_xattr_security_handler = {
207 .prefix = XATTR_SECURITY_PREFIX,
208 .flags = XFS_ATTR_SECURE,
209 .get = xfs_xattr_get,
210 .set = xfs_xattr_set,
211};
212
213const struct xattr_handler * const xfs_xattr_handlers[] = {
214 &xfs_xattr_user_handler,
215 &xfs_xattr_trusted_handler,
216 &xfs_xattr_security_handler,
217 NULL
218};
219
220static void
221__xfs_xattr_put_listent(
222 struct xfs_attr_list_context *context,
223 char *prefix,
224 int prefix_len,
225 unsigned char *name,
226 int namelen)
227{
228 char *offset;
229 int arraytop;
230
231 if (context->count < 0 || context->seen_enough)
232 return;
233
234 if (!context->buffer)
235 goto compute_size;
236
237 arraytop = context->count + prefix_len + namelen + 1;
238 if (arraytop > context->firstu) {
239 context->count = -1; /* insufficient space */
240 context->seen_enough = 1;
241 return;
242 }
243 offset = context->buffer + context->count;
244 memcpy(offset, prefix, prefix_len);
245 offset += prefix_len;
246 strncpy(offset, (char *)name, namelen); /* real name */
247 offset += namelen;
248 *offset = '\0';
249
250compute_size:
251 context->count += prefix_len + namelen + 1;
252 return;
253}
254
255static void
256xfs_xattr_put_listent(
257 struct xfs_attr_list_context *context,
258 int flags,
259 unsigned char *name,
260 int namelen,
261 void *value,
262 int valuelen)
263{
264 char *prefix;
265 int prefix_len;
266
267 ASSERT(context->count >= 0);
268
269 /* Don't expose private xattr namespaces. */
270 if (flags & XFS_ATTR_PRIVATE_NSP_MASK)
271 return;
272
273 if (flags & XFS_ATTR_ROOT) {
274#ifdef CONFIG_XFS_POSIX_ACL
275 if (namelen == SGI_ACL_FILE_SIZE &&
276 strncmp(name, SGI_ACL_FILE,
277 SGI_ACL_FILE_SIZE) == 0) {
278 __xfs_xattr_put_listent(
279 context, XATTR_SYSTEM_PREFIX,
280 XATTR_SYSTEM_PREFIX_LEN,
281 XATTR_POSIX_ACL_ACCESS,
282 strlen(XATTR_POSIX_ACL_ACCESS));
283 } else if (namelen == SGI_ACL_DEFAULT_SIZE &&
284 strncmp(name, SGI_ACL_DEFAULT,
285 SGI_ACL_DEFAULT_SIZE) == 0) {
286 __xfs_xattr_put_listent(
287 context, XATTR_SYSTEM_PREFIX,
288 XATTR_SYSTEM_PREFIX_LEN,
289 XATTR_POSIX_ACL_DEFAULT,
290 strlen(XATTR_POSIX_ACL_DEFAULT));
291 }
292#endif
293
294 /*
295 * Only show root namespace entries if we are actually allowed to
296 * see them.
297 */
298 if (!capable(CAP_SYS_ADMIN))
299 return;
300
301 prefix = XATTR_TRUSTED_PREFIX;
302 prefix_len = XATTR_TRUSTED_PREFIX_LEN;
303 } else if (flags & XFS_ATTR_SECURE) {
304 prefix = XATTR_SECURITY_PREFIX;
305 prefix_len = XATTR_SECURITY_PREFIX_LEN;
306 } else {
307 prefix = XATTR_USER_PREFIX;
308 prefix_len = XATTR_USER_PREFIX_LEN;
309 }
310
311 __xfs_xattr_put_listent(context, prefix, prefix_len, name,
312 namelen);
313 return;
314}
315
316ssize_t
317xfs_vn_listxattr(
318 struct dentry *dentry,
319 char *data,
320 size_t size)
321{
322 struct xfs_attr_list_context context;
323 struct inode *inode = d_inode(dentry);
324 int error;
325
326 if (xfs_ifork_zapped(XFS_I(inode), XFS_ATTR_FORK))
327 return -EIO;
328
329 /*
330 * First read the regular on-disk attributes.
331 */
332 memset(&context, 0, sizeof(context));
333 context.dp = XFS_I(inode);
334 context.resynch = 1;
335 context.buffer = size ? data : NULL;
336 context.bufsize = size;
337 context.firstu = context.bufsize;
338 context.put_listent = xfs_xattr_put_listent;
339
340 error = xfs_attr_list(&context);
341 if (error)
342 return error;
343 if (context.count < 0)
344 return -ERANGE;
345
346 return context.count;
347}