Loading...
1// SPDX-License-Identifier: GPL-2.0
2/*
3 *
4 * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved.
5 *
6 */
7
8#include <linux/fs.h>
9#include <linux/posix_acl.h>
10#include <linux/posix_acl_xattr.h>
11#include <linux/xattr.h>
12
13#include "debug.h"
14#include "ntfs.h"
15#include "ntfs_fs.h"
16
17// clang-format off
18#define SYSTEM_DOS_ATTRIB "system.dos_attrib"
19#define SYSTEM_NTFS_ATTRIB "system.ntfs_attrib"
20#define SYSTEM_NTFS_ATTRIB_BE "system.ntfs_attrib_be"
21#define SYSTEM_NTFS_SECURITY "system.ntfs_security"
22// clang-format on
23
24static inline size_t unpacked_ea_size(const struct EA_FULL *ea)
25{
26 return ea->size ? le32_to_cpu(ea->size) :
27 ALIGN(struct_size(ea, name,
28 1 + ea->name_len +
29 le16_to_cpu(ea->elength)),
30 4);
31}
32
33static inline size_t packed_ea_size(const struct EA_FULL *ea)
34{
35 return struct_size(ea, name,
36 1 + ea->name_len + le16_to_cpu(ea->elength)) -
37 offsetof(struct EA_FULL, flags);
38}
39
40/*
41 * find_ea
42 *
43 * Assume there is at least one xattr in the list.
44 */
45static inline bool find_ea(const struct EA_FULL *ea_all, u32 bytes,
46 const char *name, u8 name_len, u32 *off, u32 *ea_sz)
47{
48 u32 ea_size;
49
50 *off = 0;
51 if (!ea_all)
52 return false;
53
54 for (; *off < bytes; *off += ea_size) {
55 const struct EA_FULL *ea = Add2Ptr(ea_all, *off);
56 ea_size = unpacked_ea_size(ea);
57 if (ea->name_len == name_len &&
58 !memcmp(ea->name, name, name_len)) {
59 if (ea_sz)
60 *ea_sz = ea_size;
61 return true;
62 }
63 }
64
65 return false;
66}
67
68/*
69 * ntfs_read_ea - Read all extended attributes.
70 * @ea: New allocated memory.
71 * @info: Pointer into resident data.
72 */
73static int ntfs_read_ea(struct ntfs_inode *ni, struct EA_FULL **ea,
74 size_t add_bytes, const struct EA_INFO **info)
75{
76 int err = -EINVAL;
77 struct ntfs_sb_info *sbi = ni->mi.sbi;
78 struct ATTR_LIST_ENTRY *le = NULL;
79 struct ATTRIB *attr_info, *attr_ea;
80 void *ea_p;
81 u32 size, off, ea_size;
82
83 static_assert(le32_to_cpu(ATTR_EA_INFO) < le32_to_cpu(ATTR_EA));
84
85 *ea = NULL;
86 *info = NULL;
87
88 attr_info =
89 ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, NULL);
90 attr_ea =
91 ni_find_attr(ni, attr_info, &le, ATTR_EA, NULL, 0, NULL, NULL);
92
93 if (!attr_ea || !attr_info)
94 return 0;
95
96 *info = resident_data_ex(attr_info, sizeof(struct EA_INFO));
97 if (!*info)
98 goto out;
99
100 /* Check Ea limit. */
101 size = le32_to_cpu((*info)->size);
102 if (size > sbi->ea_max_size) {
103 err = -EFBIG;
104 goto out;
105 }
106
107 if (attr_size(attr_ea) > sbi->ea_max_size) {
108 err = -EFBIG;
109 goto out;
110 }
111
112 if (!size) {
113 /* EA info persists, but xattr is empty. Looks like EA problem. */
114 goto out;
115 }
116
117 /* Allocate memory for packed Ea. */
118 ea_p = kmalloc(size_add(size, add_bytes), GFP_NOFS);
119 if (!ea_p)
120 return -ENOMEM;
121
122 if (attr_ea->non_res) {
123 struct runs_tree run;
124
125 run_init(&run);
126
127 err = attr_load_runs_range(ni, ATTR_EA, NULL, 0, &run, 0, size);
128 if (!err)
129 err = ntfs_read_run_nb(sbi, &run, 0, ea_p, size, NULL);
130 run_close(&run);
131
132 if (err)
133 goto out1;
134 } else {
135 void *p = resident_data_ex(attr_ea, size);
136
137 if (!p)
138 goto out1;
139 memcpy(ea_p, p, size);
140 }
141
142 memset(Add2Ptr(ea_p, size), 0, add_bytes);
143
144 err = -EINVAL;
145 /* Check all attributes for consistency. */
146 for (off = 0; off < size; off += ea_size) {
147 const struct EA_FULL *ef = Add2Ptr(ea_p, off);
148 u32 bytes = size - off;
149
150 /* Check if we can use field ea->size. */
151 if (bytes < sizeof(ef->size))
152 goto out1;
153
154 if (ef->size) {
155 ea_size = le32_to_cpu(ef->size);
156 if (ea_size > bytes)
157 goto out1;
158 continue;
159 }
160
161 /* Check if we can use fields ef->name_len and ef->elength. */
162 if (bytes < offsetof(struct EA_FULL, name))
163 goto out1;
164
165 ea_size = ALIGN(struct_size(ef, name,
166 1 + ef->name_len +
167 le16_to_cpu(ef->elength)),
168 4);
169 if (ea_size > bytes)
170 goto out1;
171 }
172
173 *ea = ea_p;
174 return 0;
175
176out1:
177 kfree(ea_p);
178out:
179 ntfs_set_state(sbi, NTFS_DIRTY_DIRTY);
180 return err;
181}
182
183/*
184 * ntfs_list_ea
185 *
186 * Copy a list of xattrs names into the buffer
187 * provided, or compute the buffer size required.
188 *
189 * Return:
190 * * Number of bytes used / required on
191 * * -ERRNO - on failure
192 */
193static ssize_t ntfs_list_ea(struct ntfs_inode *ni, char *buffer,
194 size_t bytes_per_buffer)
195{
196 const struct EA_INFO *info;
197 struct EA_FULL *ea_all = NULL;
198 u32 off, size;
199 int err;
200 size_t ret;
201
202 err = ntfs_read_ea(ni, &ea_all, 0, &info);
203 if (err)
204 return err;
205
206 if (!info || !ea_all)
207 return 0;
208
209 size = le32_to_cpu(info->size);
210
211 /* Enumerate all xattrs. */
212 ret = 0;
213 off = 0;
214 while (off + sizeof(struct EA_FULL) < size) {
215 const struct EA_FULL *ea = Add2Ptr(ea_all, off);
216 int ea_size = unpacked_ea_size(ea);
217 u8 name_len = ea->name_len;
218
219 if (!name_len)
220 break;
221
222 if (name_len > ea_size) {
223 ntfs_set_state(ni->mi.sbi, NTFS_DIRTY_ERROR);
224 err = -EINVAL; /* corrupted fs. */
225 break;
226 }
227
228 if (buffer) {
229 /* Check if we can use field ea->name */
230 if (off + ea_size > size)
231 break;
232
233 if (ret + name_len + 1 > bytes_per_buffer) {
234 err = -ERANGE;
235 goto out;
236 }
237
238 memcpy(buffer + ret, ea->name, name_len);
239 buffer[ret + name_len] = 0;
240 }
241
242 ret += name_len + 1;
243 off += ea_size;
244 }
245
246out:
247 kfree(ea_all);
248 return err ? err : ret;
249}
250
251static int ntfs_get_ea(struct inode *inode, const char *name, size_t name_len,
252 void *buffer, size_t size, size_t *required)
253{
254 struct ntfs_inode *ni = ntfs_i(inode);
255 const struct EA_INFO *info;
256 struct EA_FULL *ea_all = NULL;
257 const struct EA_FULL *ea;
258 u32 off, len;
259 int err;
260
261 if (!(ni->ni_flags & NI_FLAG_EA))
262 return -ENODATA;
263
264 if (!required)
265 ni_lock(ni);
266
267 len = 0;
268
269 if (name_len > 255) {
270 err = -ENAMETOOLONG;
271 goto out;
272 }
273
274 err = ntfs_read_ea(ni, &ea_all, 0, &info);
275 if (err)
276 goto out;
277
278 if (!info)
279 goto out;
280
281 /* Enumerate all xattrs. */
282 if (!find_ea(ea_all, le32_to_cpu(info->size), name, name_len, &off,
283 NULL)) {
284 err = -ENODATA;
285 goto out;
286 }
287 ea = Add2Ptr(ea_all, off);
288
289 len = le16_to_cpu(ea->elength);
290 if (!buffer) {
291 err = 0;
292 goto out;
293 }
294
295 if (len > size) {
296 err = -ERANGE;
297 if (required)
298 *required = len;
299 goto out;
300 }
301
302 memcpy(buffer, ea->name + ea->name_len + 1, len);
303 err = 0;
304
305out:
306 kfree(ea_all);
307 if (!required)
308 ni_unlock(ni);
309
310 return err ? err : len;
311}
312
313static noinline int ntfs_set_ea(struct inode *inode, const char *name,
314 size_t name_len, const void *value,
315 size_t val_size, int flags, bool locked,
316 __le16 *ea_size)
317{
318 struct ntfs_inode *ni = ntfs_i(inode);
319 struct ntfs_sb_info *sbi = ni->mi.sbi;
320 int err;
321 struct EA_INFO ea_info;
322 const struct EA_INFO *info;
323 struct EA_FULL *new_ea;
324 struct EA_FULL *ea_all = NULL;
325 size_t add, new_pack;
326 u32 off, size, ea_sz;
327 __le16 size_pack;
328 struct ATTRIB *attr;
329 struct ATTR_LIST_ENTRY *le;
330 struct mft_inode *mi;
331 struct runs_tree ea_run;
332 u64 new_sz;
333 void *p;
334
335 if (!locked)
336 ni_lock(ni);
337
338 run_init(&ea_run);
339
340 if (name_len > 255) {
341 err = -ENAMETOOLONG;
342 goto out;
343 }
344
345 add = ALIGN(struct_size(ea_all, name, 1 + name_len + val_size), 4);
346
347 err = ntfs_read_ea(ni, &ea_all, add, &info);
348 if (err)
349 goto out;
350
351 if (!info) {
352 memset(&ea_info, 0, sizeof(ea_info));
353 size = 0;
354 size_pack = 0;
355 } else {
356 memcpy(&ea_info, info, sizeof(ea_info));
357 size = le32_to_cpu(ea_info.size);
358 size_pack = ea_info.size_pack;
359 }
360
361 if (info && find_ea(ea_all, size, name, name_len, &off, &ea_sz)) {
362 struct EA_FULL *ea;
363
364 if (flags & XATTR_CREATE) {
365 err = -EEXIST;
366 goto out;
367 }
368
369 ea = Add2Ptr(ea_all, off);
370
371 /*
372 * Check simple case when we try to insert xattr with the same value
373 * e.g. ntfs_save_wsl_perm
374 */
375 if (val_size && le16_to_cpu(ea->elength) == val_size &&
376 !memcmp(ea->name + ea->name_len + 1, value, val_size)) {
377 /* xattr already contains the required value. */
378 goto out;
379 }
380
381 /* Remove current xattr. */
382 if (ea->flags & FILE_NEED_EA)
383 le16_add_cpu(&ea_info.count, -1);
384
385 le16_add_cpu(&ea_info.size_pack, 0 - packed_ea_size(ea));
386
387 memmove(ea, Add2Ptr(ea, ea_sz), size - off - ea_sz);
388
389 size -= ea_sz;
390 memset(Add2Ptr(ea_all, size), 0, ea_sz);
391
392 ea_info.size = cpu_to_le32(size);
393
394 if ((flags & XATTR_REPLACE) && !val_size) {
395 /* Remove xattr. */
396 goto update_ea;
397 }
398 } else {
399 if (flags & XATTR_REPLACE) {
400 err = -ENODATA;
401 goto out;
402 }
403
404 if (!ea_all) {
405 ea_all = kzalloc(add, GFP_NOFS);
406 if (!ea_all) {
407 err = -ENOMEM;
408 goto out;
409 }
410 }
411 }
412
413 /* Append new xattr. */
414 new_ea = Add2Ptr(ea_all, size);
415 new_ea->size = cpu_to_le32(add);
416 new_ea->flags = 0;
417 new_ea->name_len = name_len;
418 new_ea->elength = cpu_to_le16(val_size);
419 memcpy(new_ea->name, name, name_len);
420 new_ea->name[name_len] = 0;
421 memcpy(new_ea->name + name_len + 1, value, val_size);
422 new_pack = le16_to_cpu(ea_info.size_pack) + packed_ea_size(new_ea);
423 ea_info.size_pack = cpu_to_le16(new_pack);
424 /* New size of ATTR_EA. */
425 size += add;
426 ea_info.size = cpu_to_le32(size);
427
428 /*
429 * 1. Check ea_info.size_pack for overflow.
430 * 2. New attribute size must fit value from $AttrDef
431 */
432 if (new_pack > 0xffff || size > sbi->ea_max_size) {
433 ntfs_inode_warn(
434 inode,
435 "The size of extended attributes must not exceed 64KiB");
436 err = -EFBIG; // -EINVAL?
437 goto out;
438 }
439
440update_ea:
441
442 if (!info) {
443 /* Create xattr. */
444 if (!size) {
445 err = 0;
446 goto out;
447 }
448
449 err = ni_insert_resident(ni, sizeof(struct EA_INFO),
450 ATTR_EA_INFO, NULL, 0, NULL, NULL,
451 NULL);
452 if (err)
453 goto out;
454
455 err = ni_insert_resident(ni, 0, ATTR_EA, NULL, 0, NULL, NULL,
456 NULL);
457 if (err)
458 goto out;
459 }
460
461 new_sz = size;
462 err = attr_set_size(ni, ATTR_EA, NULL, 0, &ea_run, new_sz, &new_sz,
463 false, NULL);
464 if (err)
465 goto out;
466
467 le = NULL;
468 attr = ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, &mi);
469 if (!attr) {
470 err = -EINVAL;
471 goto out;
472 }
473
474 if (!size) {
475 /* Delete xattr, ATTR_EA_INFO */
476 ni_remove_attr_le(ni, attr, mi, le);
477 } else {
478 p = resident_data_ex(attr, sizeof(struct EA_INFO));
479 if (!p) {
480 err = -EINVAL;
481 goto out;
482 }
483 memcpy(p, &ea_info, sizeof(struct EA_INFO));
484 mi->dirty = true;
485 }
486
487 le = NULL;
488 attr = ni_find_attr(ni, NULL, &le, ATTR_EA, NULL, 0, NULL, &mi);
489 if (!attr) {
490 err = -EINVAL;
491 goto out;
492 }
493
494 if (!size) {
495 /* Delete xattr, ATTR_EA */
496 ni_remove_attr_le(ni, attr, mi, le);
497 } else if (attr->non_res) {
498 err = attr_load_runs_range(ni, ATTR_EA, NULL, 0, &ea_run, 0,
499 size);
500 if (err)
501 goto out;
502
503 err = ntfs_sb_write_run(sbi, &ea_run, 0, ea_all, size, 0);
504 if (err)
505 goto out;
506 } else {
507 p = resident_data_ex(attr, size);
508 if (!p) {
509 err = -EINVAL;
510 goto out;
511 }
512 memcpy(p, ea_all, size);
513 mi->dirty = true;
514 }
515
516 /* Check if we delete the last xattr. */
517 if (size)
518 ni->ni_flags |= NI_FLAG_EA;
519 else
520 ni->ni_flags &= ~NI_FLAG_EA;
521
522 if (ea_info.size_pack != size_pack)
523 ni->ni_flags |= NI_FLAG_UPDATE_PARENT;
524 if (ea_size)
525 *ea_size = ea_info.size_pack;
526 mark_inode_dirty(&ni->vfs_inode);
527
528out:
529 if (!locked)
530 ni_unlock(ni);
531
532 run_close(&ea_run);
533 kfree(ea_all);
534
535 return err;
536}
537
538#ifdef CONFIG_NTFS3_FS_POSIX_ACL
539
540/*
541 * ntfs_get_acl - inode_operations::get_acl
542 */
543struct posix_acl *ntfs_get_acl(struct mnt_idmap *idmap, struct dentry *dentry,
544 int type)
545{
546 struct inode *inode = d_inode(dentry);
547 struct ntfs_inode *ni = ntfs_i(inode);
548 const char *name;
549 size_t name_len;
550 struct posix_acl *acl;
551 size_t req;
552 int err;
553 void *buf;
554
555 /* Allocate PATH_MAX bytes. */
556 buf = __getname();
557 if (!buf)
558 return ERR_PTR(-ENOMEM);
559
560 /* Possible values of 'type' was already checked above. */
561 if (type == ACL_TYPE_ACCESS) {
562 name = XATTR_NAME_POSIX_ACL_ACCESS;
563 name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1;
564 } else {
565 name = XATTR_NAME_POSIX_ACL_DEFAULT;
566 name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1;
567 }
568
569 ni_lock(ni);
570
571 err = ntfs_get_ea(inode, name, name_len, buf, PATH_MAX, &req);
572
573 ni_unlock(ni);
574
575 /* Translate extended attribute to acl. */
576 if (err >= 0) {
577 acl = posix_acl_from_xattr(&init_user_ns, buf, err);
578 } else if (err == -ENODATA) {
579 acl = NULL;
580 } else {
581 acl = ERR_PTR(err);
582 }
583
584 if (!IS_ERR(acl))
585 set_cached_acl(inode, type, acl);
586
587 __putname(buf);
588
589 return acl;
590}
591
592static noinline int ntfs_set_acl_ex(struct mnt_idmap *idmap,
593 struct inode *inode, struct posix_acl *acl,
594 int type, bool init_acl)
595{
596 const char *name;
597 size_t size, name_len;
598 void *value;
599 int err;
600 int flags;
601 umode_t mode;
602
603 if (S_ISLNK(inode->i_mode))
604 return -EOPNOTSUPP;
605
606 mode = inode->i_mode;
607 switch (type) {
608 case ACL_TYPE_ACCESS:
609 /* Do not change i_mode if we are in init_acl */
610 if (acl && !init_acl) {
611 err = posix_acl_update_mode(idmap, inode, &mode, &acl);
612 if (err)
613 return err;
614 }
615 name = XATTR_NAME_POSIX_ACL_ACCESS;
616 name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1;
617 break;
618
619 case ACL_TYPE_DEFAULT:
620 if (!S_ISDIR(inode->i_mode))
621 return acl ? -EACCES : 0;
622 name = XATTR_NAME_POSIX_ACL_DEFAULT;
623 name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1;
624 break;
625
626 default:
627 return -EINVAL;
628 }
629
630 if (!acl) {
631 /* Remove xattr if it can be presented via mode. */
632 size = 0;
633 value = NULL;
634 flags = XATTR_REPLACE;
635 } else {
636 size = posix_acl_xattr_size(acl->a_count);
637 value = kmalloc(size, GFP_NOFS);
638 if (!value)
639 return -ENOMEM;
640 err = posix_acl_to_xattr(&init_user_ns, acl, value, size);
641 if (err < 0)
642 goto out;
643 flags = 0;
644 }
645
646 err = ntfs_set_ea(inode, name, name_len, value, size, flags, 0, NULL);
647 if (err == -ENODATA && !size)
648 err = 0; /* Removing non existed xattr. */
649 if (!err) {
650 set_cached_acl(inode, type, acl);
651 inode->i_mode = mode;
652 inode_set_ctime_current(inode);
653 mark_inode_dirty(inode);
654 }
655
656out:
657 kfree(value);
658
659 return err;
660}
661
662/*
663 * ntfs_set_acl - inode_operations::set_acl
664 */
665int ntfs_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
666 struct posix_acl *acl, int type)
667{
668 return ntfs_set_acl_ex(idmap, d_inode(dentry), acl, type, false);
669}
670
671/*
672 * ntfs_init_acl - Initialize the ACLs of a new inode.
673 *
674 * Called from ntfs_create_inode().
675 */
676int ntfs_init_acl(struct mnt_idmap *idmap, struct inode *inode,
677 struct inode *dir)
678{
679 struct posix_acl *default_acl, *acl;
680 int err;
681
682 err = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
683 if (err)
684 return err;
685
686 if (default_acl) {
687 err = ntfs_set_acl_ex(idmap, inode, default_acl,
688 ACL_TYPE_DEFAULT, true);
689 posix_acl_release(default_acl);
690 } else {
691 inode->i_default_acl = NULL;
692 }
693
694 if (acl) {
695 if (!err)
696 err = ntfs_set_acl_ex(idmap, inode, acl,
697 ACL_TYPE_ACCESS, true);
698 posix_acl_release(acl);
699 } else {
700 inode->i_acl = NULL;
701 }
702
703 return err;
704}
705#endif
706
707/*
708 * ntfs_acl_chmod - Helper for ntfs_setattr().
709 */
710int ntfs_acl_chmod(struct mnt_idmap *idmap, struct dentry *dentry)
711{
712 struct inode *inode = d_inode(dentry);
713 struct super_block *sb = inode->i_sb;
714
715 if (!(sb->s_flags & SB_POSIXACL))
716 return 0;
717
718 if (S_ISLNK(inode->i_mode))
719 return -EOPNOTSUPP;
720
721 return posix_acl_chmod(idmap, dentry, inode->i_mode);
722}
723
724/*
725 * ntfs_listxattr - inode_operations::listxattr
726 */
727ssize_t ntfs_listxattr(struct dentry *dentry, char *buffer, size_t size)
728{
729 struct inode *inode = d_inode(dentry);
730 struct ntfs_inode *ni = ntfs_i(inode);
731 ssize_t ret;
732
733 if (!(ni->ni_flags & NI_FLAG_EA)) {
734 /* no xattr in file */
735 return 0;
736 }
737
738 ni_lock(ni);
739
740 ret = ntfs_list_ea(ni, buffer, size);
741
742 ni_unlock(ni);
743
744 return ret;
745}
746
747static int ntfs_getxattr(const struct xattr_handler *handler, struct dentry *de,
748 struct inode *inode, const char *name, void *buffer,
749 size_t size)
750{
751 int err;
752 struct ntfs_inode *ni = ntfs_i(inode);
753
754 if (unlikely(ntfs3_forced_shutdown(inode->i_sb)))
755 return -EIO;
756
757 /* Dispatch request. */
758 if (!strcmp(name, SYSTEM_DOS_ATTRIB)) {
759 /* system.dos_attrib */
760 if (!buffer) {
761 err = sizeof(u8);
762 } else if (size < sizeof(u8)) {
763 err = -ENODATA;
764 } else {
765 err = sizeof(u8);
766 *(u8 *)buffer = le32_to_cpu(ni->std_fa);
767 }
768 goto out;
769 }
770
771 if (!strcmp(name, SYSTEM_NTFS_ATTRIB) ||
772 !strcmp(name, SYSTEM_NTFS_ATTRIB_BE)) {
773 /* system.ntfs_attrib */
774 if (!buffer) {
775 err = sizeof(u32);
776 } else if (size < sizeof(u32)) {
777 err = -ENODATA;
778 } else {
779 err = sizeof(u32);
780 *(u32 *)buffer = le32_to_cpu(ni->std_fa);
781 if (!strcmp(name, SYSTEM_NTFS_ATTRIB_BE))
782 *(__be32 *)buffer = cpu_to_be32(*(u32 *)buffer);
783 }
784 goto out;
785 }
786
787 if (!strcmp(name, SYSTEM_NTFS_SECURITY)) {
788 /* system.ntfs_security*/
789 struct SECURITY_DESCRIPTOR_RELATIVE *sd = NULL;
790 size_t sd_size = 0;
791
792 if (!is_ntfs3(ni->mi.sbi)) {
793 /* We should get nt4 security. */
794 err = -EINVAL;
795 goto out;
796 } else if (le32_to_cpu(ni->std_security_id) <
797 SECURITY_ID_FIRST) {
798 err = -ENOENT;
799 goto out;
800 }
801
802 err = ntfs_get_security_by_id(ni->mi.sbi, ni->std_security_id,
803 &sd, &sd_size);
804 if (err)
805 goto out;
806
807 if (!is_sd_valid(sd, sd_size)) {
808 ntfs_inode_warn(
809 inode,
810 "looks like you get incorrect security descriptor id=%u",
811 ni->std_security_id);
812 }
813
814 if (!buffer) {
815 err = sd_size;
816 } else if (size < sd_size) {
817 err = -ENODATA;
818 } else {
819 err = sd_size;
820 memcpy(buffer, sd, sd_size);
821 }
822 kfree(sd);
823 goto out;
824 }
825
826 /* Deal with NTFS extended attribute. */
827 err = ntfs_get_ea(inode, name, strlen(name), buffer, size, NULL);
828
829out:
830 return err;
831}
832
833/*
834 * ntfs_setxattr - inode_operations::setxattr
835 */
836static noinline int ntfs_setxattr(const struct xattr_handler *handler,
837 struct mnt_idmap *idmap, struct dentry *de,
838 struct inode *inode, const char *name,
839 const void *value, size_t size, int flags)
840{
841 int err = -EINVAL;
842 struct ntfs_inode *ni = ntfs_i(inode);
843 enum FILE_ATTRIBUTE new_fa;
844
845 /* Dispatch request. */
846 if (!strcmp(name, SYSTEM_DOS_ATTRIB)) {
847 if (sizeof(u8) != size)
848 goto out;
849 new_fa = cpu_to_le32(*(u8 *)value);
850 goto set_new_fa;
851 }
852
853 if (!strcmp(name, SYSTEM_NTFS_ATTRIB) ||
854 !strcmp(name, SYSTEM_NTFS_ATTRIB_BE)) {
855 if (size != sizeof(u32))
856 goto out;
857 if (!strcmp(name, SYSTEM_NTFS_ATTRIB_BE))
858 new_fa = cpu_to_le32(be32_to_cpu(*(__be32 *)value));
859 else
860 new_fa = cpu_to_le32(*(u32 *)value);
861
862 if (S_ISREG(inode->i_mode)) {
863 /* Process compressed/sparsed in special way. */
864 ni_lock(ni);
865 err = ni_new_attr_flags(ni, new_fa);
866 ni_unlock(ni);
867 if (err)
868 goto out;
869 }
870set_new_fa:
871 /*
872 * Thanks Mark Harmstone:
873 * Keep directory bit consistency.
874 */
875 if (S_ISDIR(inode->i_mode))
876 new_fa |= FILE_ATTRIBUTE_DIRECTORY;
877 else
878 new_fa &= ~FILE_ATTRIBUTE_DIRECTORY;
879
880 if (ni->std_fa != new_fa) {
881 ni->std_fa = new_fa;
882 if (new_fa & FILE_ATTRIBUTE_READONLY)
883 inode->i_mode &= ~0222;
884 else
885 inode->i_mode |= 0222;
886 /* Std attribute always in primary record. */
887 ni->mi.dirty = true;
888 mark_inode_dirty(inode);
889 }
890 err = 0;
891
892 goto out;
893 }
894
895 if (!strcmp(name, SYSTEM_NTFS_SECURITY)) {
896 /* system.ntfs_security*/
897 __le32 security_id;
898 bool inserted;
899 struct ATTR_STD_INFO5 *std;
900
901 if (!is_ntfs3(ni->mi.sbi)) {
902 /*
903 * We should replace ATTR_SECURE.
904 * Skip this way cause it is nt4 feature.
905 */
906 err = -EINVAL;
907 goto out;
908 }
909
910 if (!is_sd_valid(value, size)) {
911 err = -EINVAL;
912 ntfs_inode_warn(
913 inode,
914 "you try to set invalid security descriptor");
915 goto out;
916 }
917
918 err = ntfs_insert_security(ni->mi.sbi, value, size,
919 &security_id, &inserted);
920 if (err)
921 goto out;
922
923 ni_lock(ni);
924 std = ni_std5(ni);
925 if (!std) {
926 err = -EINVAL;
927 } else if (std->security_id != security_id) {
928 std->security_id = ni->std_security_id = security_id;
929 /* Std attribute always in primary record. */
930 ni->mi.dirty = true;
931 mark_inode_dirty(&ni->vfs_inode);
932 }
933 ni_unlock(ni);
934 goto out;
935 }
936
937 /* Deal with NTFS extended attribute. */
938 err = ntfs_set_ea(inode, name, strlen(name), value, size, flags, 0,
939 NULL);
940
941out:
942 inode_set_ctime_current(inode);
943 mark_inode_dirty(inode);
944
945 return err;
946}
947
948/*
949 * ntfs_save_wsl_perm
950 *
951 * save uid/gid/mode in xattr
952 */
953int ntfs_save_wsl_perm(struct inode *inode, __le16 *ea_size)
954{
955 int err;
956 __le32 value;
957 struct ntfs_inode *ni = ntfs_i(inode);
958
959 ni_lock(ni);
960 value = cpu_to_le32(i_uid_read(inode));
961 err = ntfs_set_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value,
962 sizeof(value), 0, true, ea_size);
963 if (err)
964 goto out;
965
966 value = cpu_to_le32(i_gid_read(inode));
967 err = ntfs_set_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value,
968 sizeof(value), 0, true, ea_size);
969 if (err)
970 goto out;
971
972 value = cpu_to_le32(inode->i_mode);
973 err = ntfs_set_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value,
974 sizeof(value), 0, true, ea_size);
975 if (err)
976 goto out;
977
978 if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode)) {
979 value = cpu_to_le32(inode->i_rdev);
980 err = ntfs_set_ea(inode, "$LXDEV", sizeof("$LXDEV") - 1, &value,
981 sizeof(value), 0, true, ea_size);
982 if (err)
983 goto out;
984 }
985
986out:
987 ni_unlock(ni);
988 /* In case of error should we delete all WSL xattr? */
989 return err;
990}
991
992/*
993 * ntfs_get_wsl_perm
994 *
995 * get uid/gid/mode from xattr
996 * it is called from ntfs_iget5->ntfs_read_mft
997 */
998void ntfs_get_wsl_perm(struct inode *inode)
999{
1000 size_t sz;
1001 __le32 value[3];
1002
1003 if (ntfs_get_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value[0],
1004 sizeof(value[0]), &sz) == sizeof(value[0]) &&
1005 ntfs_get_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value[1],
1006 sizeof(value[1]), &sz) == sizeof(value[1]) &&
1007 ntfs_get_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value[2],
1008 sizeof(value[2]), &sz) == sizeof(value[2])) {
1009 i_uid_write(inode, (uid_t)le32_to_cpu(value[0]));
1010 i_gid_write(inode, (gid_t)le32_to_cpu(value[1]));
1011 inode->i_mode = le32_to_cpu(value[2]);
1012
1013 if (ntfs_get_ea(inode, "$LXDEV", sizeof("$$LXDEV") - 1,
1014 &value[0], sizeof(value),
1015 &sz) == sizeof(value[0])) {
1016 inode->i_rdev = le32_to_cpu(value[0]);
1017 }
1018 }
1019}
1020
1021static bool ntfs_xattr_user_list(struct dentry *dentry)
1022{
1023 return true;
1024}
1025
1026// clang-format off
1027static const struct xattr_handler ntfs_other_xattr_handler = {
1028 .prefix = "",
1029 .get = ntfs_getxattr,
1030 .set = ntfs_setxattr,
1031 .list = ntfs_xattr_user_list,
1032};
1033
1034const struct xattr_handler * const ntfs_xattr_handlers[] = {
1035 &ntfs_other_xattr_handler,
1036 NULL,
1037};
1038// clang-format on
1// SPDX-License-Identifier: GPL-2.0
2/*
3 *
4 * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved.
5 *
6 */
7
8#include <linux/fs.h>
9#include <linux/posix_acl.h>
10#include <linux/posix_acl_xattr.h>
11#include <linux/xattr.h>
12
13#include "debug.h"
14#include "ntfs.h"
15#include "ntfs_fs.h"
16
17// clang-format off
18#define SYSTEM_DOS_ATTRIB "system.dos_attrib"
19#define SYSTEM_NTFS_ATTRIB "system.ntfs_attrib"
20#define SYSTEM_NTFS_ATTRIB_BE "system.ntfs_attrib_be"
21#define SYSTEM_NTFS_SECURITY "system.ntfs_security"
22// clang-format on
23
24static inline size_t unpacked_ea_size(const struct EA_FULL *ea)
25{
26 return ea->size ? le32_to_cpu(ea->size) :
27 ALIGN(struct_size(ea, name,
28 1 + ea->name_len +
29 le16_to_cpu(ea->elength)),
30 4);
31}
32
33static inline size_t packed_ea_size(const struct EA_FULL *ea)
34{
35 return struct_size(ea, name,
36 1 + ea->name_len + le16_to_cpu(ea->elength)) -
37 offsetof(struct EA_FULL, flags);
38}
39
40/*
41 * find_ea
42 *
43 * Assume there is at least one xattr in the list.
44 */
45static inline bool find_ea(const struct EA_FULL *ea_all, u32 bytes,
46 const char *name, u8 name_len, u32 *off, u32 *ea_sz)
47{
48 u32 ea_size;
49
50 *off = 0;
51 if (!ea_all)
52 return false;
53
54 for (; *off < bytes; *off += ea_size) {
55 const struct EA_FULL *ea = Add2Ptr(ea_all, *off);
56 ea_size = unpacked_ea_size(ea);
57 if (ea->name_len == name_len &&
58 !memcmp(ea->name, name, name_len)) {
59 if (ea_sz)
60 *ea_sz = ea_size;
61 return true;
62 }
63 }
64
65 return false;
66}
67
68/*
69 * ntfs_read_ea - Read all extended attributes.
70 * @ea: New allocated memory.
71 * @info: Pointer into resident data.
72 */
73static int ntfs_read_ea(struct ntfs_inode *ni, struct EA_FULL **ea,
74 size_t add_bytes, const struct EA_INFO **info)
75{
76 int err = -EINVAL;
77 struct ntfs_sb_info *sbi = ni->mi.sbi;
78 struct ATTR_LIST_ENTRY *le = NULL;
79 struct ATTRIB *attr_info, *attr_ea;
80 void *ea_p;
81 u32 size, off, ea_size;
82
83 static_assert(le32_to_cpu(ATTR_EA_INFO) < le32_to_cpu(ATTR_EA));
84
85 *ea = NULL;
86 *info = NULL;
87
88 attr_info =
89 ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, NULL);
90 attr_ea =
91 ni_find_attr(ni, attr_info, &le, ATTR_EA, NULL, 0, NULL, NULL);
92
93 if (!attr_ea || !attr_info)
94 return 0;
95
96 *info = resident_data_ex(attr_info, sizeof(struct EA_INFO));
97 if (!*info)
98 goto out;
99
100 /* Check Ea limit. */
101 size = le32_to_cpu((*info)->size);
102 if (size > sbi->ea_max_size) {
103 err = -EFBIG;
104 goto out;
105 }
106
107 if (attr_size(attr_ea) > sbi->ea_max_size) {
108 err = -EFBIG;
109 goto out;
110 }
111
112 if (!size) {
113 /* EA info persists, but xattr is empty. Looks like EA problem. */
114 goto out;
115 }
116
117 /* Allocate memory for packed Ea. */
118 ea_p = kmalloc(size_add(size, add_bytes), GFP_NOFS);
119 if (!ea_p)
120 return -ENOMEM;
121
122 if (attr_ea->non_res) {
123 struct runs_tree run;
124
125 run_init(&run);
126
127 err = attr_load_runs_range(ni, ATTR_EA, NULL, 0, &run, 0, size);
128 if (!err)
129 err = ntfs_read_run_nb(sbi, &run, 0, ea_p, size, NULL);
130 run_close(&run);
131
132 if (err)
133 goto out1;
134 } else {
135 void *p = resident_data_ex(attr_ea, size);
136
137 if (!p)
138 goto out1;
139 memcpy(ea_p, p, size);
140 }
141
142 memset(Add2Ptr(ea_p, size), 0, add_bytes);
143
144 err = -EINVAL;
145 /* Check all attributes for consistency. */
146 for (off = 0; off < size; off += ea_size) {
147 const struct EA_FULL *ef = Add2Ptr(ea_p, off);
148 u32 bytes = size - off;
149
150 /* Check if we can use field ea->size. */
151 if (bytes < sizeof(ef->size))
152 goto out1;
153
154 if (ef->size) {
155 ea_size = le32_to_cpu(ef->size);
156 if (ea_size > bytes)
157 goto out1;
158 continue;
159 }
160
161 /* Check if we can use fields ef->name_len and ef->elength. */
162 if (bytes < offsetof(struct EA_FULL, name))
163 goto out1;
164
165 ea_size = ALIGN(struct_size(ef, name,
166 1 + ef->name_len +
167 le16_to_cpu(ef->elength)),
168 4);
169 if (ea_size > bytes)
170 goto out1;
171 }
172
173 *ea = ea_p;
174 return 0;
175
176out1:
177 kfree(ea_p);
178out:
179 ntfs_set_state(sbi, NTFS_DIRTY_DIRTY);
180 return err;
181}
182
183/*
184 * ntfs_list_ea
185 *
186 * Copy a list of xattrs names into the buffer
187 * provided, or compute the buffer size required.
188 *
189 * Return:
190 * * Number of bytes used / required on
191 * * -ERRNO - on failure
192 */
193static ssize_t ntfs_list_ea(struct ntfs_inode *ni, char *buffer,
194 size_t bytes_per_buffer)
195{
196 const struct EA_INFO *info;
197 struct EA_FULL *ea_all = NULL;
198 const struct EA_FULL *ea;
199 u32 off, size;
200 int err;
201 int ea_size;
202 size_t ret;
203
204 err = ntfs_read_ea(ni, &ea_all, 0, &info);
205 if (err)
206 return err;
207
208 if (!info || !ea_all)
209 return 0;
210
211 size = le32_to_cpu(info->size);
212
213 /* Enumerate all xattrs. */
214 ret = 0;
215 for (off = 0; off + sizeof(struct EA_FULL) < size; off += ea_size) {
216 ea = Add2Ptr(ea_all, off);
217 ea_size = unpacked_ea_size(ea);
218
219 if (!ea->name_len)
220 break;
221
222 if (ea->name_len > ea_size)
223 break;
224
225 if (buffer) {
226 /* Check if we can use field ea->name */
227 if (off + ea_size > size)
228 break;
229
230 if (ret + ea->name_len + 1 > bytes_per_buffer) {
231 err = -ERANGE;
232 goto out;
233 }
234
235 memcpy(buffer + ret, ea->name, ea->name_len);
236 buffer[ret + ea->name_len] = 0;
237 }
238
239 ret += ea->name_len + 1;
240 }
241
242out:
243 kfree(ea_all);
244 return err ? err : ret;
245}
246
247static int ntfs_get_ea(struct inode *inode, const char *name, size_t name_len,
248 void *buffer, size_t size, size_t *required)
249{
250 struct ntfs_inode *ni = ntfs_i(inode);
251 const struct EA_INFO *info;
252 struct EA_FULL *ea_all = NULL;
253 const struct EA_FULL *ea;
254 u32 off, len;
255 int err;
256
257 if (!(ni->ni_flags & NI_FLAG_EA))
258 return -ENODATA;
259
260 if (!required)
261 ni_lock(ni);
262
263 len = 0;
264
265 if (name_len > 255) {
266 err = -ENAMETOOLONG;
267 goto out;
268 }
269
270 err = ntfs_read_ea(ni, &ea_all, 0, &info);
271 if (err)
272 goto out;
273
274 if (!info)
275 goto out;
276
277 /* Enumerate all xattrs. */
278 if (!find_ea(ea_all, le32_to_cpu(info->size), name, name_len, &off,
279 NULL)) {
280 err = -ENODATA;
281 goto out;
282 }
283 ea = Add2Ptr(ea_all, off);
284
285 len = le16_to_cpu(ea->elength);
286 if (!buffer) {
287 err = 0;
288 goto out;
289 }
290
291 if (len > size) {
292 err = -ERANGE;
293 if (required)
294 *required = len;
295 goto out;
296 }
297
298 memcpy(buffer, ea->name + ea->name_len + 1, len);
299 err = 0;
300
301out:
302 kfree(ea_all);
303 if (!required)
304 ni_unlock(ni);
305
306 return err ? err : len;
307}
308
309static noinline int ntfs_set_ea(struct inode *inode, const char *name,
310 size_t name_len, const void *value,
311 size_t val_size, int flags, bool locked,
312 __le16 *ea_size)
313{
314 struct ntfs_inode *ni = ntfs_i(inode);
315 struct ntfs_sb_info *sbi = ni->mi.sbi;
316 int err;
317 struct EA_INFO ea_info;
318 const struct EA_INFO *info;
319 struct EA_FULL *new_ea;
320 struct EA_FULL *ea_all = NULL;
321 size_t add, new_pack;
322 u32 off, size, ea_sz;
323 __le16 size_pack;
324 struct ATTRIB *attr;
325 struct ATTR_LIST_ENTRY *le;
326 struct mft_inode *mi;
327 struct runs_tree ea_run;
328 u64 new_sz;
329 void *p;
330
331 if (!locked)
332 ni_lock(ni);
333
334 run_init(&ea_run);
335
336 if (name_len > 255) {
337 err = -ENAMETOOLONG;
338 goto out;
339 }
340
341 add = ALIGN(struct_size(ea_all, name, 1 + name_len + val_size), 4);
342
343 err = ntfs_read_ea(ni, &ea_all, add, &info);
344 if (err)
345 goto out;
346
347 if (!info) {
348 memset(&ea_info, 0, sizeof(ea_info));
349 size = 0;
350 size_pack = 0;
351 } else {
352 memcpy(&ea_info, info, sizeof(ea_info));
353 size = le32_to_cpu(ea_info.size);
354 size_pack = ea_info.size_pack;
355 }
356
357 if (info && find_ea(ea_all, size, name, name_len, &off, &ea_sz)) {
358 struct EA_FULL *ea;
359
360 if (flags & XATTR_CREATE) {
361 err = -EEXIST;
362 goto out;
363 }
364
365 ea = Add2Ptr(ea_all, off);
366
367 /*
368 * Check simple case when we try to insert xattr with the same value
369 * e.g. ntfs_save_wsl_perm
370 */
371 if (val_size && le16_to_cpu(ea->elength) == val_size &&
372 !memcmp(ea->name + ea->name_len + 1, value, val_size)) {
373 /* xattr already contains the required value. */
374 goto out;
375 }
376
377 /* Remove current xattr. */
378 if (ea->flags & FILE_NEED_EA)
379 le16_add_cpu(&ea_info.count, -1);
380
381 le16_add_cpu(&ea_info.size_pack, 0 - packed_ea_size(ea));
382
383 memmove(ea, Add2Ptr(ea, ea_sz), size - off - ea_sz);
384
385 size -= ea_sz;
386 memset(Add2Ptr(ea_all, size), 0, ea_sz);
387
388 ea_info.size = cpu_to_le32(size);
389
390 if ((flags & XATTR_REPLACE) && !val_size) {
391 /* Remove xattr. */
392 goto update_ea;
393 }
394 } else {
395 if (flags & XATTR_REPLACE) {
396 err = -ENODATA;
397 goto out;
398 }
399
400 if (!ea_all) {
401 ea_all = kzalloc(add, GFP_NOFS);
402 if (!ea_all) {
403 err = -ENOMEM;
404 goto out;
405 }
406 }
407 }
408
409 /* Append new xattr. */
410 new_ea = Add2Ptr(ea_all, size);
411 new_ea->size = cpu_to_le32(add);
412 new_ea->flags = 0;
413 new_ea->name_len = name_len;
414 new_ea->elength = cpu_to_le16(val_size);
415 memcpy(new_ea->name, name, name_len);
416 new_ea->name[name_len] = 0;
417 memcpy(new_ea->name + name_len + 1, value, val_size);
418 new_pack = le16_to_cpu(ea_info.size_pack) + packed_ea_size(new_ea);
419 ea_info.size_pack = cpu_to_le16(new_pack);
420 /* New size of ATTR_EA. */
421 size += add;
422 ea_info.size = cpu_to_le32(size);
423
424 /*
425 * 1. Check ea_info.size_pack for overflow.
426 * 2. New attribute size must fit value from $AttrDef
427 */
428 if (new_pack > 0xffff || size > sbi->ea_max_size) {
429 ntfs_inode_warn(
430 inode,
431 "The size of extended attributes must not exceed 64KiB");
432 err = -EFBIG; // -EINVAL?
433 goto out;
434 }
435
436update_ea:
437
438 if (!info) {
439 /* Create xattr. */
440 if (!size) {
441 err = 0;
442 goto out;
443 }
444
445 err = ni_insert_resident(ni, sizeof(struct EA_INFO),
446 ATTR_EA_INFO, NULL, 0, NULL, NULL,
447 NULL);
448 if (err)
449 goto out;
450
451 err = ni_insert_resident(ni, 0, ATTR_EA, NULL, 0, NULL, NULL,
452 NULL);
453 if (err)
454 goto out;
455 }
456
457 new_sz = size;
458 err = attr_set_size(ni, ATTR_EA, NULL, 0, &ea_run, new_sz, &new_sz,
459 false, NULL);
460 if (err)
461 goto out;
462
463 le = NULL;
464 attr = ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, &mi);
465 if (!attr) {
466 err = -EINVAL;
467 goto out;
468 }
469
470 if (!size) {
471 /* Delete xattr, ATTR_EA_INFO */
472 ni_remove_attr_le(ni, attr, mi, le);
473 } else {
474 p = resident_data_ex(attr, sizeof(struct EA_INFO));
475 if (!p) {
476 err = -EINVAL;
477 goto out;
478 }
479 memcpy(p, &ea_info, sizeof(struct EA_INFO));
480 mi->dirty = true;
481 }
482
483 le = NULL;
484 attr = ni_find_attr(ni, NULL, &le, ATTR_EA, NULL, 0, NULL, &mi);
485 if (!attr) {
486 err = -EINVAL;
487 goto out;
488 }
489
490 if (!size) {
491 /* Delete xattr, ATTR_EA */
492 ni_remove_attr_le(ni, attr, mi, le);
493 } else if (attr->non_res) {
494 err = attr_load_runs_range(ni, ATTR_EA, NULL, 0, &ea_run, 0,
495 size);
496 if (err)
497 goto out;
498
499 err = ntfs_sb_write_run(sbi, &ea_run, 0, ea_all, size, 0);
500 if (err)
501 goto out;
502 } else {
503 p = resident_data_ex(attr, size);
504 if (!p) {
505 err = -EINVAL;
506 goto out;
507 }
508 memcpy(p, ea_all, size);
509 mi->dirty = true;
510 }
511
512 /* Check if we delete the last xattr. */
513 if (size)
514 ni->ni_flags |= NI_FLAG_EA;
515 else
516 ni->ni_flags &= ~NI_FLAG_EA;
517
518 if (ea_info.size_pack != size_pack)
519 ni->ni_flags |= NI_FLAG_UPDATE_PARENT;
520 if (ea_size)
521 *ea_size = ea_info.size_pack;
522 mark_inode_dirty(&ni->vfs_inode);
523
524out:
525 if (!locked)
526 ni_unlock(ni);
527
528 run_close(&ea_run);
529 kfree(ea_all);
530
531 return err;
532}
533
534#ifdef CONFIG_NTFS3_FS_POSIX_ACL
535
536/*
537 * ntfs_get_acl - inode_operations::get_acl
538 */
539struct posix_acl *ntfs_get_acl(struct mnt_idmap *idmap, struct dentry *dentry,
540 int type)
541{
542 struct inode *inode = d_inode(dentry);
543 struct ntfs_inode *ni = ntfs_i(inode);
544 const char *name;
545 size_t name_len;
546 struct posix_acl *acl;
547 size_t req;
548 int err;
549 void *buf;
550
551 /* Allocate PATH_MAX bytes. */
552 buf = __getname();
553 if (!buf)
554 return ERR_PTR(-ENOMEM);
555
556 /* Possible values of 'type' was already checked above. */
557 if (type == ACL_TYPE_ACCESS) {
558 name = XATTR_NAME_POSIX_ACL_ACCESS;
559 name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1;
560 } else {
561 name = XATTR_NAME_POSIX_ACL_DEFAULT;
562 name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1;
563 }
564
565 ni_lock(ni);
566
567 err = ntfs_get_ea(inode, name, name_len, buf, PATH_MAX, &req);
568
569 ni_unlock(ni);
570
571 /* Translate extended attribute to acl. */
572 if (err >= 0) {
573 acl = posix_acl_from_xattr(&init_user_ns, buf, err);
574 } else if (err == -ENODATA) {
575 acl = NULL;
576 } else {
577 acl = ERR_PTR(err);
578 }
579
580 if (!IS_ERR(acl))
581 set_cached_acl(inode, type, acl);
582
583 __putname(buf);
584
585 return acl;
586}
587
588static noinline int ntfs_set_acl_ex(struct mnt_idmap *idmap,
589 struct inode *inode, struct posix_acl *acl,
590 int type, bool init_acl)
591{
592 const char *name;
593 size_t size, name_len;
594 void *value;
595 int err;
596 int flags;
597 umode_t mode;
598
599 if (S_ISLNK(inode->i_mode))
600 return -EOPNOTSUPP;
601
602 mode = inode->i_mode;
603 switch (type) {
604 case ACL_TYPE_ACCESS:
605 /* Do not change i_mode if we are in init_acl */
606 if (acl && !init_acl) {
607 err = posix_acl_update_mode(idmap, inode, &mode, &acl);
608 if (err)
609 return err;
610 }
611 name = XATTR_NAME_POSIX_ACL_ACCESS;
612 name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1;
613 break;
614
615 case ACL_TYPE_DEFAULT:
616 if (!S_ISDIR(inode->i_mode))
617 return acl ? -EACCES : 0;
618 name = XATTR_NAME_POSIX_ACL_DEFAULT;
619 name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1;
620 break;
621
622 default:
623 return -EINVAL;
624 }
625
626 if (!acl) {
627 /* Remove xattr if it can be presented via mode. */
628 size = 0;
629 value = NULL;
630 flags = XATTR_REPLACE;
631 } else {
632 size = posix_acl_xattr_size(acl->a_count);
633 value = kmalloc(size, GFP_NOFS);
634 if (!value)
635 return -ENOMEM;
636 err = posix_acl_to_xattr(&init_user_ns, acl, value, size);
637 if (err < 0)
638 goto out;
639 flags = 0;
640 }
641
642 err = ntfs_set_ea(inode, name, name_len, value, size, flags, 0, NULL);
643 if (err == -ENODATA && !size)
644 err = 0; /* Removing non existed xattr. */
645 if (!err) {
646 set_cached_acl(inode, type, acl);
647 inode->i_mode = mode;
648 inode_set_ctime_current(inode);
649 mark_inode_dirty(inode);
650 }
651
652out:
653 kfree(value);
654
655 return err;
656}
657
658/*
659 * ntfs_set_acl - inode_operations::set_acl
660 */
661int ntfs_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
662 struct posix_acl *acl, int type)
663{
664 return ntfs_set_acl_ex(idmap, d_inode(dentry), acl, type, false);
665}
666
667/*
668 * ntfs_init_acl - Initialize the ACLs of a new inode.
669 *
670 * Called from ntfs_create_inode().
671 */
672int ntfs_init_acl(struct mnt_idmap *idmap, struct inode *inode,
673 struct inode *dir)
674{
675 struct posix_acl *default_acl, *acl;
676 int err;
677
678 err = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
679 if (err)
680 return err;
681
682 if (default_acl) {
683 err = ntfs_set_acl_ex(idmap, inode, default_acl,
684 ACL_TYPE_DEFAULT, true);
685 posix_acl_release(default_acl);
686 } else {
687 inode->i_default_acl = NULL;
688 }
689
690 if (acl) {
691 if (!err)
692 err = ntfs_set_acl_ex(idmap, inode, acl,
693 ACL_TYPE_ACCESS, true);
694 posix_acl_release(acl);
695 } else {
696 inode->i_acl = NULL;
697 }
698
699 return err;
700}
701#endif
702
703/*
704 * ntfs_acl_chmod - Helper for ntfs3_setattr().
705 */
706int ntfs_acl_chmod(struct mnt_idmap *idmap, struct dentry *dentry)
707{
708 struct inode *inode = d_inode(dentry);
709 struct super_block *sb = inode->i_sb;
710
711 if (!(sb->s_flags & SB_POSIXACL))
712 return 0;
713
714 if (S_ISLNK(inode->i_mode))
715 return -EOPNOTSUPP;
716
717 return posix_acl_chmod(idmap, dentry, inode->i_mode);
718}
719
720/*
721 * ntfs_listxattr - inode_operations::listxattr
722 */
723ssize_t ntfs_listxattr(struct dentry *dentry, char *buffer, size_t size)
724{
725 struct inode *inode = d_inode(dentry);
726 struct ntfs_inode *ni = ntfs_i(inode);
727 ssize_t ret;
728
729 if (!(ni->ni_flags & NI_FLAG_EA)) {
730 /* no xattr in file */
731 return 0;
732 }
733
734 ni_lock(ni);
735
736 ret = ntfs_list_ea(ni, buffer, size);
737
738 ni_unlock(ni);
739
740 return ret;
741}
742
743static int ntfs_getxattr(const struct xattr_handler *handler, struct dentry *de,
744 struct inode *inode, const char *name, void *buffer,
745 size_t size)
746{
747 int err;
748 struct ntfs_inode *ni = ntfs_i(inode);
749
750 if (unlikely(ntfs3_forced_shutdown(inode->i_sb)))
751 return -EIO;
752
753 /* Dispatch request. */
754 if (!strcmp(name, SYSTEM_DOS_ATTRIB)) {
755 /* system.dos_attrib */
756 if (!buffer) {
757 err = sizeof(u8);
758 } else if (size < sizeof(u8)) {
759 err = -ENODATA;
760 } else {
761 err = sizeof(u8);
762 *(u8 *)buffer = le32_to_cpu(ni->std_fa);
763 }
764 goto out;
765 }
766
767 if (!strcmp(name, SYSTEM_NTFS_ATTRIB) ||
768 !strcmp(name, SYSTEM_NTFS_ATTRIB_BE)) {
769 /* system.ntfs_attrib */
770 if (!buffer) {
771 err = sizeof(u32);
772 } else if (size < sizeof(u32)) {
773 err = -ENODATA;
774 } else {
775 err = sizeof(u32);
776 *(u32 *)buffer = le32_to_cpu(ni->std_fa);
777 if (!strcmp(name, SYSTEM_NTFS_ATTRIB_BE))
778 *(__be32 *)buffer = cpu_to_be32(*(u32 *)buffer);
779 }
780 goto out;
781 }
782
783 if (!strcmp(name, SYSTEM_NTFS_SECURITY)) {
784 /* system.ntfs_security*/
785 struct SECURITY_DESCRIPTOR_RELATIVE *sd = NULL;
786 size_t sd_size = 0;
787
788 if (!is_ntfs3(ni->mi.sbi)) {
789 /* We should get nt4 security. */
790 err = -EINVAL;
791 goto out;
792 } else if (le32_to_cpu(ni->std_security_id) <
793 SECURITY_ID_FIRST) {
794 err = -ENOENT;
795 goto out;
796 }
797
798 err = ntfs_get_security_by_id(ni->mi.sbi, ni->std_security_id,
799 &sd, &sd_size);
800 if (err)
801 goto out;
802
803 if (!is_sd_valid(sd, sd_size)) {
804 ntfs_inode_warn(
805 inode,
806 "looks like you get incorrect security descriptor id=%u",
807 ni->std_security_id);
808 }
809
810 if (!buffer) {
811 err = sd_size;
812 } else if (size < sd_size) {
813 err = -ENODATA;
814 } else {
815 err = sd_size;
816 memcpy(buffer, sd, sd_size);
817 }
818 kfree(sd);
819 goto out;
820 }
821
822 /* Deal with NTFS extended attribute. */
823 err = ntfs_get_ea(inode, name, strlen(name), buffer, size, NULL);
824
825out:
826 return err;
827}
828
829/*
830 * ntfs_setxattr - inode_operations::setxattr
831 */
832static noinline int ntfs_setxattr(const struct xattr_handler *handler,
833 struct mnt_idmap *idmap, struct dentry *de,
834 struct inode *inode, const char *name,
835 const void *value, size_t size, int flags)
836{
837 int err = -EINVAL;
838 struct ntfs_inode *ni = ntfs_i(inode);
839 enum FILE_ATTRIBUTE new_fa;
840
841 /* Dispatch request. */
842 if (!strcmp(name, SYSTEM_DOS_ATTRIB)) {
843 if (sizeof(u8) != size)
844 goto out;
845 new_fa = cpu_to_le32(*(u8 *)value);
846 goto set_new_fa;
847 }
848
849 if (!strcmp(name, SYSTEM_NTFS_ATTRIB) ||
850 !strcmp(name, SYSTEM_NTFS_ATTRIB_BE)) {
851 if (size != sizeof(u32))
852 goto out;
853 if (!strcmp(name, SYSTEM_NTFS_ATTRIB_BE))
854 new_fa = cpu_to_le32(be32_to_cpu(*(__be32 *)value));
855 else
856 new_fa = cpu_to_le32(*(u32 *)value);
857
858 if (S_ISREG(inode->i_mode)) {
859 /* Process compressed/sparsed in special way. */
860 ni_lock(ni);
861 err = ni_new_attr_flags(ni, new_fa);
862 ni_unlock(ni);
863 if (err)
864 goto out;
865 }
866set_new_fa:
867 /*
868 * Thanks Mark Harmstone:
869 * Keep directory bit consistency.
870 */
871 if (S_ISDIR(inode->i_mode))
872 new_fa |= FILE_ATTRIBUTE_DIRECTORY;
873 else
874 new_fa &= ~FILE_ATTRIBUTE_DIRECTORY;
875
876 if (ni->std_fa != new_fa) {
877 ni->std_fa = new_fa;
878 if (new_fa & FILE_ATTRIBUTE_READONLY)
879 inode->i_mode &= ~0222;
880 else
881 inode->i_mode |= 0222;
882 /* Std attribute always in primary record. */
883 ni->mi.dirty = true;
884 mark_inode_dirty(inode);
885 }
886 err = 0;
887
888 goto out;
889 }
890
891 if (!strcmp(name, SYSTEM_NTFS_SECURITY)) {
892 /* system.ntfs_security*/
893 __le32 security_id;
894 bool inserted;
895 struct ATTR_STD_INFO5 *std;
896
897 if (!is_ntfs3(ni->mi.sbi)) {
898 /*
899 * We should replace ATTR_SECURE.
900 * Skip this way cause it is nt4 feature.
901 */
902 err = -EINVAL;
903 goto out;
904 }
905
906 if (!is_sd_valid(value, size)) {
907 err = -EINVAL;
908 ntfs_inode_warn(
909 inode,
910 "you try to set invalid security descriptor");
911 goto out;
912 }
913
914 err = ntfs_insert_security(ni->mi.sbi, value, size,
915 &security_id, &inserted);
916 if (err)
917 goto out;
918
919 ni_lock(ni);
920 std = ni_std5(ni);
921 if (!std) {
922 err = -EINVAL;
923 } else if (std->security_id != security_id) {
924 std->security_id = ni->std_security_id = security_id;
925 /* Std attribute always in primary record. */
926 ni->mi.dirty = true;
927 mark_inode_dirty(&ni->vfs_inode);
928 }
929 ni_unlock(ni);
930 goto out;
931 }
932
933 /* Deal with NTFS extended attribute. */
934 err = ntfs_set_ea(inode, name, strlen(name), value, size, flags, 0,
935 NULL);
936
937out:
938 inode_set_ctime_current(inode);
939 mark_inode_dirty(inode);
940
941 return err;
942}
943
944/*
945 * ntfs_save_wsl_perm
946 *
947 * save uid/gid/mode in xattr
948 */
949int ntfs_save_wsl_perm(struct inode *inode, __le16 *ea_size)
950{
951 int err;
952 __le32 value;
953 struct ntfs_inode *ni = ntfs_i(inode);
954
955 ni_lock(ni);
956 value = cpu_to_le32(i_uid_read(inode));
957 err = ntfs_set_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value,
958 sizeof(value), 0, true, ea_size);
959 if (err)
960 goto out;
961
962 value = cpu_to_le32(i_gid_read(inode));
963 err = ntfs_set_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value,
964 sizeof(value), 0, true, ea_size);
965 if (err)
966 goto out;
967
968 value = cpu_to_le32(inode->i_mode);
969 err = ntfs_set_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value,
970 sizeof(value), 0, true, ea_size);
971 if (err)
972 goto out;
973
974 if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode)) {
975 value = cpu_to_le32(inode->i_rdev);
976 err = ntfs_set_ea(inode, "$LXDEV", sizeof("$LXDEV") - 1, &value,
977 sizeof(value), 0, true, ea_size);
978 if (err)
979 goto out;
980 }
981
982out:
983 ni_unlock(ni);
984 /* In case of error should we delete all WSL xattr? */
985 return err;
986}
987
988/*
989 * ntfs_get_wsl_perm
990 *
991 * get uid/gid/mode from xattr
992 * it is called from ntfs_iget5->ntfs_read_mft
993 */
994void ntfs_get_wsl_perm(struct inode *inode)
995{
996 size_t sz;
997 __le32 value[3];
998
999 if (ntfs_get_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value[0],
1000 sizeof(value[0]), &sz) == sizeof(value[0]) &&
1001 ntfs_get_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value[1],
1002 sizeof(value[1]), &sz) == sizeof(value[1]) &&
1003 ntfs_get_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value[2],
1004 sizeof(value[2]), &sz) == sizeof(value[2])) {
1005 i_uid_write(inode, (uid_t)le32_to_cpu(value[0]));
1006 i_gid_write(inode, (gid_t)le32_to_cpu(value[1]));
1007 inode->i_mode = le32_to_cpu(value[2]);
1008
1009 if (ntfs_get_ea(inode, "$LXDEV", sizeof("$$LXDEV") - 1,
1010 &value[0], sizeof(value),
1011 &sz) == sizeof(value[0])) {
1012 inode->i_rdev = le32_to_cpu(value[0]);
1013 }
1014 }
1015}
1016
1017static bool ntfs_xattr_user_list(struct dentry *dentry)
1018{
1019 return true;
1020}
1021
1022// clang-format off
1023static const struct xattr_handler ntfs_other_xattr_handler = {
1024 .prefix = "",
1025 .get = ntfs_getxattr,
1026 .set = ntfs_setxattr,
1027 .list = ntfs_xattr_user_list,
1028};
1029
1030const struct xattr_handler * const ntfs_xattr_handlers[] = {
1031 &ntfs_other_xattr_handler,
1032 NULL,
1033};
1034// clang-format on