Loading...
1// SPDX-License-Identifier: GPL-2.0
2/*
3 *
4 * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved.
5 *
6 */
7
8#include <linux/fs.h>
9#include <linux/posix_acl.h>
10#include <linux/posix_acl_xattr.h>
11#include <linux/xattr.h>
12
13#include "debug.h"
14#include "ntfs.h"
15#include "ntfs_fs.h"
16
17// clang-format off
18#define SYSTEM_DOS_ATTRIB "system.dos_attrib"
19#define SYSTEM_NTFS_ATTRIB "system.ntfs_attrib"
20#define SYSTEM_NTFS_ATTRIB_BE "system.ntfs_attrib_be"
21#define SYSTEM_NTFS_SECURITY "system.ntfs_security"
22// clang-format on
23
24static inline size_t unpacked_ea_size(const struct EA_FULL *ea)
25{
26 return ea->size ? le32_to_cpu(ea->size)
27 : ALIGN(struct_size(ea, name,
28 1 + ea->name_len +
29 le16_to_cpu(ea->elength)),
30 4);
31}
32
33static inline size_t packed_ea_size(const struct EA_FULL *ea)
34{
35 return struct_size(ea, name,
36 1 + ea->name_len + le16_to_cpu(ea->elength)) -
37 offsetof(struct EA_FULL, flags);
38}
39
40/*
41 * find_ea
42 *
43 * Assume there is at least one xattr in the list.
44 */
45static inline bool find_ea(const struct EA_FULL *ea_all, u32 bytes,
46 const char *name, u8 name_len, u32 *off, u32 *ea_sz)
47{
48 u32 ea_size;
49
50 *off = 0;
51 if (!ea_all)
52 return false;
53
54 for (; *off < bytes; *off += ea_size) {
55 const struct EA_FULL *ea = Add2Ptr(ea_all, *off);
56 ea_size = unpacked_ea_size(ea);
57 if (ea->name_len == name_len &&
58 !memcmp(ea->name, name, name_len)) {
59 if (ea_sz)
60 *ea_sz = ea_size;
61 return true;
62 }
63 }
64
65 return false;
66}
67
68/*
69 * ntfs_read_ea - Read all extended attributes.
70 * @ea: New allocated memory.
71 * @info: Pointer into resident data.
72 */
73static int ntfs_read_ea(struct ntfs_inode *ni, struct EA_FULL **ea,
74 size_t add_bytes, const struct EA_INFO **info)
75{
76 int err = -EINVAL;
77 struct ntfs_sb_info *sbi = ni->mi.sbi;
78 struct ATTR_LIST_ENTRY *le = NULL;
79 struct ATTRIB *attr_info, *attr_ea;
80 void *ea_p;
81 u32 size, off, ea_size;
82
83 static_assert(le32_to_cpu(ATTR_EA_INFO) < le32_to_cpu(ATTR_EA));
84
85 *ea = NULL;
86 *info = NULL;
87
88 attr_info =
89 ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, NULL);
90 attr_ea =
91 ni_find_attr(ni, attr_info, &le, ATTR_EA, NULL, 0, NULL, NULL);
92
93 if (!attr_ea || !attr_info)
94 return 0;
95
96 *info = resident_data_ex(attr_info, sizeof(struct EA_INFO));
97 if (!*info)
98 goto out;
99
100 /* Check Ea limit. */
101 size = le32_to_cpu((*info)->size);
102 if (size > sbi->ea_max_size) {
103 err = -EFBIG;
104 goto out;
105 }
106
107 if (attr_size(attr_ea) > sbi->ea_max_size) {
108 err = -EFBIG;
109 goto out;
110 }
111
112 if (!size) {
113 /* EA info persists, but xattr is empty. Looks like EA problem. */
114 goto out;
115 }
116
117 /* Allocate memory for packed Ea. */
118 ea_p = kmalloc(size_add(size, add_bytes), GFP_NOFS);
119 if (!ea_p)
120 return -ENOMEM;
121
122 if (attr_ea->non_res) {
123 struct runs_tree run;
124
125 run_init(&run);
126
127 err = attr_load_runs_range(ni, ATTR_EA, NULL, 0, &run, 0, size);
128 if (!err)
129 err = ntfs_read_run_nb(sbi, &run, 0, ea_p, size, NULL);
130 run_close(&run);
131
132 if (err)
133 goto out1;
134 } else {
135 void *p = resident_data_ex(attr_ea, size);
136
137 if (!p)
138 goto out1;
139 memcpy(ea_p, p, size);
140 }
141
142 memset(Add2Ptr(ea_p, size), 0, add_bytes);
143
144 /* Check all attributes for consistency. */
145 for (off = 0; off < size; off += ea_size) {
146 const struct EA_FULL *ef = Add2Ptr(ea_p, off);
147 u32 bytes = size - off;
148
149 /* Check if we can use field ea->size. */
150 if (bytes < sizeof(ef->size))
151 goto out1;
152
153 if (ef->size) {
154 ea_size = le32_to_cpu(ef->size);
155 if (ea_size > bytes)
156 goto out1;
157 continue;
158 }
159
160 /* Check if we can use fields ef->name_len and ef->elength. */
161 if (bytes < offsetof(struct EA_FULL, name))
162 goto out1;
163
164 ea_size = ALIGN(struct_size(ef, name,
165 1 + ef->name_len +
166 le16_to_cpu(ef->elength)),
167 4);
168 if (ea_size > bytes)
169 goto out1;
170 }
171
172 *ea = ea_p;
173 return 0;
174
175out1:
176 kfree(ea_p);
177out:
178 ntfs_set_state(sbi, NTFS_DIRTY_DIRTY);
179 return err;
180}
181
182/*
183 * ntfs_list_ea
184 *
185 * Copy a list of xattrs names into the buffer
186 * provided, or compute the buffer size required.
187 *
188 * Return:
189 * * Number of bytes used / required on
190 * * -ERRNO - on failure
191 */
192static ssize_t ntfs_list_ea(struct ntfs_inode *ni, char *buffer,
193 size_t bytes_per_buffer)
194{
195 const struct EA_INFO *info;
196 struct EA_FULL *ea_all = NULL;
197 const struct EA_FULL *ea;
198 u32 off, size;
199 int err;
200 int ea_size;
201 size_t ret;
202
203 err = ntfs_read_ea(ni, &ea_all, 0, &info);
204 if (err)
205 return err;
206
207 if (!info || !ea_all)
208 return 0;
209
210 size = le32_to_cpu(info->size);
211
212 /* Enumerate all xattrs. */
213 for (ret = 0, off = 0; off < size; off += ea_size) {
214 ea = Add2Ptr(ea_all, off);
215 ea_size = unpacked_ea_size(ea);
216
217 if (buffer) {
218 if (ret + ea->name_len + 1 > bytes_per_buffer) {
219 err = -ERANGE;
220 goto out;
221 }
222
223 memcpy(buffer + ret, ea->name, ea->name_len);
224 buffer[ret + ea->name_len] = 0;
225 }
226
227 ret += ea->name_len + 1;
228 }
229
230out:
231 kfree(ea_all);
232 return err ? err : ret;
233}
234
235static int ntfs_get_ea(struct inode *inode, const char *name, size_t name_len,
236 void *buffer, size_t size, size_t *required)
237{
238 struct ntfs_inode *ni = ntfs_i(inode);
239 const struct EA_INFO *info;
240 struct EA_FULL *ea_all = NULL;
241 const struct EA_FULL *ea;
242 u32 off, len;
243 int err;
244
245 if (!(ni->ni_flags & NI_FLAG_EA))
246 return -ENODATA;
247
248 if (!required)
249 ni_lock(ni);
250
251 len = 0;
252
253 if (name_len > 255) {
254 err = -ENAMETOOLONG;
255 goto out;
256 }
257
258 err = ntfs_read_ea(ni, &ea_all, 0, &info);
259 if (err)
260 goto out;
261
262 if (!info)
263 goto out;
264
265 /* Enumerate all xattrs. */
266 if (!find_ea(ea_all, le32_to_cpu(info->size), name, name_len, &off,
267 NULL)) {
268 err = -ENODATA;
269 goto out;
270 }
271 ea = Add2Ptr(ea_all, off);
272
273 len = le16_to_cpu(ea->elength);
274 if (!buffer) {
275 err = 0;
276 goto out;
277 }
278
279 if (len > size) {
280 err = -ERANGE;
281 if (required)
282 *required = len;
283 goto out;
284 }
285
286 memcpy(buffer, ea->name + ea->name_len + 1, len);
287 err = 0;
288
289out:
290 kfree(ea_all);
291 if (!required)
292 ni_unlock(ni);
293
294 return err ? err : len;
295}
296
297static noinline int ntfs_set_ea(struct inode *inode, const char *name,
298 size_t name_len, const void *value,
299 size_t val_size, int flags, bool locked)
300{
301 struct ntfs_inode *ni = ntfs_i(inode);
302 struct ntfs_sb_info *sbi = ni->mi.sbi;
303 int err;
304 struct EA_INFO ea_info;
305 const struct EA_INFO *info;
306 struct EA_FULL *new_ea;
307 struct EA_FULL *ea_all = NULL;
308 size_t add, new_pack;
309 u32 off, size, ea_sz;
310 __le16 size_pack;
311 struct ATTRIB *attr;
312 struct ATTR_LIST_ENTRY *le;
313 struct mft_inode *mi;
314 struct runs_tree ea_run;
315 u64 new_sz;
316 void *p;
317
318 if (!locked)
319 ni_lock(ni);
320
321 run_init(&ea_run);
322
323 if (name_len > 255) {
324 err = -ENAMETOOLONG;
325 goto out;
326 }
327
328 add = ALIGN(struct_size(ea_all, name, 1 + name_len + val_size), 4);
329
330 err = ntfs_read_ea(ni, &ea_all, add, &info);
331 if (err)
332 goto out;
333
334 if (!info) {
335 memset(&ea_info, 0, sizeof(ea_info));
336 size = 0;
337 size_pack = 0;
338 } else {
339 memcpy(&ea_info, info, sizeof(ea_info));
340 size = le32_to_cpu(ea_info.size);
341 size_pack = ea_info.size_pack;
342 }
343
344 if (info && find_ea(ea_all, size, name, name_len, &off, &ea_sz)) {
345 struct EA_FULL *ea;
346
347 if (flags & XATTR_CREATE) {
348 err = -EEXIST;
349 goto out;
350 }
351
352 ea = Add2Ptr(ea_all, off);
353
354 /*
355 * Check simple case when we try to insert xattr with the same value
356 * e.g. ntfs_save_wsl_perm
357 */
358 if (val_size && le16_to_cpu(ea->elength) == val_size &&
359 !memcmp(ea->name + ea->name_len + 1, value, val_size)) {
360 /* xattr already contains the required value. */
361 goto out;
362 }
363
364 /* Remove current xattr. */
365 if (ea->flags & FILE_NEED_EA)
366 le16_add_cpu(&ea_info.count, -1);
367
368 le16_add_cpu(&ea_info.size_pack, 0 - packed_ea_size(ea));
369
370 memmove(ea, Add2Ptr(ea, ea_sz), size - off - ea_sz);
371
372 size -= ea_sz;
373 memset(Add2Ptr(ea_all, size), 0, ea_sz);
374
375 ea_info.size = cpu_to_le32(size);
376
377 if ((flags & XATTR_REPLACE) && !val_size) {
378 /* Remove xattr. */
379 goto update_ea;
380 }
381 } else {
382 if (flags & XATTR_REPLACE) {
383 err = -ENODATA;
384 goto out;
385 }
386
387 if (!ea_all) {
388 ea_all = kzalloc(add, GFP_NOFS);
389 if (!ea_all) {
390 err = -ENOMEM;
391 goto out;
392 }
393 }
394 }
395
396 /* Append new xattr. */
397 new_ea = Add2Ptr(ea_all, size);
398 new_ea->size = cpu_to_le32(add);
399 new_ea->flags = 0;
400 new_ea->name_len = name_len;
401 new_ea->elength = cpu_to_le16(val_size);
402 memcpy(new_ea->name, name, name_len);
403 new_ea->name[name_len] = 0;
404 memcpy(new_ea->name + name_len + 1, value, val_size);
405 new_pack = le16_to_cpu(ea_info.size_pack) + packed_ea_size(new_ea);
406 ea_info.size_pack = cpu_to_le16(new_pack);
407 /* New size of ATTR_EA. */
408 size += add;
409 ea_info.size = cpu_to_le32(size);
410
411 /*
412 * 1. Check ea_info.size_pack for overflow.
413 * 2. New attibute size must fit value from $AttrDef
414 */
415 if (new_pack > 0xffff || size > sbi->ea_max_size) {
416 ntfs_inode_warn(
417 inode,
418 "The size of extended attributes must not exceed 64KiB");
419 err = -EFBIG; // -EINVAL?
420 goto out;
421 }
422
423update_ea:
424
425 if (!info) {
426 /* Create xattr. */
427 if (!size) {
428 err = 0;
429 goto out;
430 }
431
432 err = ni_insert_resident(ni, sizeof(struct EA_INFO),
433 ATTR_EA_INFO, NULL, 0, NULL, NULL,
434 NULL);
435 if (err)
436 goto out;
437
438 err = ni_insert_resident(ni, 0, ATTR_EA, NULL, 0, NULL, NULL,
439 NULL);
440 if (err)
441 goto out;
442 }
443
444 new_sz = size;
445 err = attr_set_size(ni, ATTR_EA, NULL, 0, &ea_run, new_sz, &new_sz,
446 false, NULL);
447 if (err)
448 goto out;
449
450 le = NULL;
451 attr = ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, &mi);
452 if (!attr) {
453 err = -EINVAL;
454 goto out;
455 }
456
457 if (!size) {
458 /* Delete xattr, ATTR_EA_INFO */
459 ni_remove_attr_le(ni, attr, mi, le);
460 } else {
461 p = resident_data_ex(attr, sizeof(struct EA_INFO));
462 if (!p) {
463 err = -EINVAL;
464 goto out;
465 }
466 memcpy(p, &ea_info, sizeof(struct EA_INFO));
467 mi->dirty = true;
468 }
469
470 le = NULL;
471 attr = ni_find_attr(ni, NULL, &le, ATTR_EA, NULL, 0, NULL, &mi);
472 if (!attr) {
473 err = -EINVAL;
474 goto out;
475 }
476
477 if (!size) {
478 /* Delete xattr, ATTR_EA */
479 ni_remove_attr_le(ni, attr, mi, le);
480 } else if (attr->non_res) {
481 err = attr_load_runs_range(ni, ATTR_EA, NULL, 0, &ea_run, 0,
482 size);
483 if (err)
484 goto out;
485
486 err = ntfs_sb_write_run(sbi, &ea_run, 0, ea_all, size, 0);
487 if (err)
488 goto out;
489 } else {
490 p = resident_data_ex(attr, size);
491 if (!p) {
492 err = -EINVAL;
493 goto out;
494 }
495 memcpy(p, ea_all, size);
496 mi->dirty = true;
497 }
498
499 /* Check if we delete the last xattr. */
500 if (size)
501 ni->ni_flags |= NI_FLAG_EA;
502 else
503 ni->ni_flags &= ~NI_FLAG_EA;
504
505 if (ea_info.size_pack != size_pack)
506 ni->ni_flags |= NI_FLAG_UPDATE_PARENT;
507 mark_inode_dirty(&ni->vfs_inode);
508
509out:
510 if (!locked)
511 ni_unlock(ni);
512
513 run_close(&ea_run);
514 kfree(ea_all);
515
516 return err;
517}
518
519#ifdef CONFIG_NTFS3_FS_POSIX_ACL
520static struct posix_acl *ntfs_get_acl_ex(struct inode *inode, int type,
521 int locked)
522{
523 struct ntfs_inode *ni = ntfs_i(inode);
524 const char *name;
525 size_t name_len;
526 struct posix_acl *acl;
527 size_t req;
528 int err;
529 void *buf;
530
531 /* Allocate PATH_MAX bytes. */
532 buf = __getname();
533 if (!buf)
534 return ERR_PTR(-ENOMEM);
535
536 /* Possible values of 'type' was already checked above. */
537 if (type == ACL_TYPE_ACCESS) {
538 name = XATTR_NAME_POSIX_ACL_ACCESS;
539 name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1;
540 } else {
541 name = XATTR_NAME_POSIX_ACL_DEFAULT;
542 name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1;
543 }
544
545 if (!locked)
546 ni_lock(ni);
547
548 err = ntfs_get_ea(inode, name, name_len, buf, PATH_MAX, &req);
549
550 if (!locked)
551 ni_unlock(ni);
552
553 /* Translate extended attribute to acl. */
554 if (err >= 0) {
555 acl = posix_acl_from_xattr(&init_user_ns, buf, err);
556 } else if (err == -ENODATA) {
557 acl = NULL;
558 } else {
559 acl = ERR_PTR(err);
560 }
561
562 if (!IS_ERR(acl))
563 set_cached_acl(inode, type, acl);
564
565 __putname(buf);
566
567 return acl;
568}
569
570/*
571 * ntfs_get_acl - inode_operations::get_acl
572 */
573struct posix_acl *ntfs_get_acl(struct inode *inode, int type, bool rcu)
574{
575 if (rcu)
576 return ERR_PTR(-ECHILD);
577
578 return ntfs_get_acl_ex(inode, type, 0);
579}
580
581static noinline int ntfs_set_acl_ex(struct user_namespace *mnt_userns,
582 struct inode *inode, struct posix_acl *acl,
583 int type, bool init_acl)
584{
585 const char *name;
586 size_t size, name_len;
587 void *value;
588 int err;
589 int flags;
590 umode_t mode;
591
592 if (S_ISLNK(inode->i_mode))
593 return -EOPNOTSUPP;
594
595 mode = inode->i_mode;
596 switch (type) {
597 case ACL_TYPE_ACCESS:
598 /* Do not change i_mode if we are in init_acl */
599 if (acl && !init_acl) {
600 err = posix_acl_update_mode(mnt_userns, inode, &mode,
601 &acl);
602 if (err)
603 return err;
604 }
605 name = XATTR_NAME_POSIX_ACL_ACCESS;
606 name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1;
607 break;
608
609 case ACL_TYPE_DEFAULT:
610 if (!S_ISDIR(inode->i_mode))
611 return acl ? -EACCES : 0;
612 name = XATTR_NAME_POSIX_ACL_DEFAULT;
613 name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1;
614 break;
615
616 default:
617 return -EINVAL;
618 }
619
620 if (!acl) {
621 /* Remove xattr if it can be presented via mode. */
622 size = 0;
623 value = NULL;
624 flags = XATTR_REPLACE;
625 } else {
626 size = posix_acl_xattr_size(acl->a_count);
627 value = kmalloc(size, GFP_NOFS);
628 if (!value)
629 return -ENOMEM;
630 err = posix_acl_to_xattr(&init_user_ns, acl, value, size);
631 if (err < 0)
632 goto out;
633 flags = 0;
634 }
635
636 err = ntfs_set_ea(inode, name, name_len, value, size, flags, 0);
637 if (err == -ENODATA && !size)
638 err = 0; /* Removing non existed xattr. */
639 if (!err) {
640 set_cached_acl(inode, type, acl);
641 inode->i_mode = mode;
642 inode->i_ctime = current_time(inode);
643 mark_inode_dirty(inode);
644 }
645
646out:
647 kfree(value);
648
649 return err;
650}
651
652/*
653 * ntfs_set_acl - inode_operations::set_acl
654 */
655int ntfs_set_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
656 struct posix_acl *acl, int type)
657{
658 return ntfs_set_acl_ex(mnt_userns, d_inode(dentry), acl, type, false);
659}
660
661/*
662 * ntfs_init_acl - Initialize the ACLs of a new inode.
663 *
664 * Called from ntfs_create_inode().
665 */
666int ntfs_init_acl(struct user_namespace *mnt_userns, struct inode *inode,
667 struct inode *dir)
668{
669 struct posix_acl *default_acl, *acl;
670 int err;
671
672 err = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
673 if (err)
674 return err;
675
676 if (default_acl) {
677 err = ntfs_set_acl_ex(mnt_userns, inode, default_acl,
678 ACL_TYPE_DEFAULT, true);
679 posix_acl_release(default_acl);
680 } else {
681 inode->i_default_acl = NULL;
682 }
683
684 if (acl) {
685 if (!err)
686 err = ntfs_set_acl_ex(mnt_userns, inode, acl,
687 ACL_TYPE_ACCESS, true);
688 posix_acl_release(acl);
689 } else {
690 inode->i_acl = NULL;
691 }
692
693 return err;
694}
695#endif
696
697/*
698 * ntfs_acl_chmod - Helper for ntfs3_setattr().
699 */
700int ntfs_acl_chmod(struct user_namespace *mnt_userns, struct dentry *dentry)
701{
702 struct inode *inode = d_inode(dentry);
703 struct super_block *sb = inode->i_sb;
704
705 if (!(sb->s_flags & SB_POSIXACL))
706 return 0;
707
708 if (S_ISLNK(inode->i_mode))
709 return -EOPNOTSUPP;
710
711 return posix_acl_chmod(mnt_userns, dentry, inode->i_mode);
712}
713
714/*
715 * ntfs_permission - inode_operations::permission
716 */
717int ntfs_permission(struct user_namespace *mnt_userns, struct inode *inode,
718 int mask)
719{
720 if (ntfs_sb(inode->i_sb)->options->noacsrules) {
721 /* "No access rules" mode - Allow all changes. */
722 return 0;
723 }
724
725 return generic_permission(mnt_userns, inode, mask);
726}
727
728/*
729 * ntfs_listxattr - inode_operations::listxattr
730 */
731ssize_t ntfs_listxattr(struct dentry *dentry, char *buffer, size_t size)
732{
733 struct inode *inode = d_inode(dentry);
734 struct ntfs_inode *ni = ntfs_i(inode);
735 ssize_t ret;
736
737 if (!(ni->ni_flags & NI_FLAG_EA)) {
738 /* no xattr in file */
739 return 0;
740 }
741
742 ni_lock(ni);
743
744 ret = ntfs_list_ea(ni, buffer, size);
745
746 ni_unlock(ni);
747
748 return ret;
749}
750
751static int ntfs_getxattr(const struct xattr_handler *handler, struct dentry *de,
752 struct inode *inode, const char *name, void *buffer,
753 size_t size)
754{
755 int err;
756 struct ntfs_inode *ni = ntfs_i(inode);
757
758 /* Dispatch request. */
759 if (!strcmp(name, SYSTEM_DOS_ATTRIB)) {
760 /* system.dos_attrib */
761 if (!buffer) {
762 err = sizeof(u8);
763 } else if (size < sizeof(u8)) {
764 err = -ENODATA;
765 } else {
766 err = sizeof(u8);
767 *(u8 *)buffer = le32_to_cpu(ni->std_fa);
768 }
769 goto out;
770 }
771
772 if (!strcmp(name, SYSTEM_NTFS_ATTRIB) ||
773 !strcmp(name, SYSTEM_NTFS_ATTRIB_BE)) {
774 /* system.ntfs_attrib */
775 if (!buffer) {
776 err = sizeof(u32);
777 } else if (size < sizeof(u32)) {
778 err = -ENODATA;
779 } else {
780 err = sizeof(u32);
781 *(u32 *)buffer = le32_to_cpu(ni->std_fa);
782 if (!strcmp(name, SYSTEM_NTFS_ATTRIB_BE))
783 *(u32 *)buffer = cpu_to_be32(*(u32 *)buffer);
784 }
785 goto out;
786 }
787
788 if (!strcmp(name, SYSTEM_NTFS_SECURITY)) {
789 /* system.ntfs_security*/
790 struct SECURITY_DESCRIPTOR_RELATIVE *sd = NULL;
791 size_t sd_size = 0;
792
793 if (!is_ntfs3(ni->mi.sbi)) {
794 /* We should get nt4 security. */
795 err = -EINVAL;
796 goto out;
797 } else if (le32_to_cpu(ni->std_security_id) <
798 SECURITY_ID_FIRST) {
799 err = -ENOENT;
800 goto out;
801 }
802
803 err = ntfs_get_security_by_id(ni->mi.sbi, ni->std_security_id,
804 &sd, &sd_size);
805 if (err)
806 goto out;
807
808 if (!is_sd_valid(sd, sd_size)) {
809 ntfs_inode_warn(
810 inode,
811 "looks like you get incorrect security descriptor id=%u",
812 ni->std_security_id);
813 }
814
815 if (!buffer) {
816 err = sd_size;
817 } else if (size < sd_size) {
818 err = -ENODATA;
819 } else {
820 err = sd_size;
821 memcpy(buffer, sd, sd_size);
822 }
823 kfree(sd);
824 goto out;
825 }
826
827 /* Deal with NTFS extended attribute. */
828 err = ntfs_get_ea(inode, name, strlen(name), buffer, size, NULL);
829
830out:
831 return err;
832}
833
834/*
835 * ntfs_setxattr - inode_operations::setxattr
836 */
837static noinline int ntfs_setxattr(const struct xattr_handler *handler,
838 struct user_namespace *mnt_userns,
839 struct dentry *de, struct inode *inode,
840 const char *name, const void *value,
841 size_t size, int flags)
842{
843 int err = -EINVAL;
844 struct ntfs_inode *ni = ntfs_i(inode);
845 enum FILE_ATTRIBUTE new_fa;
846
847 /* Dispatch request. */
848 if (!strcmp(name, SYSTEM_DOS_ATTRIB)) {
849 if (sizeof(u8) != size)
850 goto out;
851 new_fa = cpu_to_le32(*(u8 *)value);
852 goto set_new_fa;
853 }
854
855 if (!strcmp(name, SYSTEM_NTFS_ATTRIB) ||
856 !strcmp(name, SYSTEM_NTFS_ATTRIB_BE)) {
857 if (size != sizeof(u32))
858 goto out;
859 if (!strcmp(name, SYSTEM_NTFS_ATTRIB_BE))
860 new_fa = cpu_to_le32(be32_to_cpu(*(u32 *)value));
861 else
862 new_fa = cpu_to_le32(*(u32 *)value);
863
864 if (S_ISREG(inode->i_mode)) {
865 /* Process compressed/sparsed in special way. */
866 ni_lock(ni);
867 err = ni_new_attr_flags(ni, new_fa);
868 ni_unlock(ni);
869 if (err)
870 goto out;
871 }
872set_new_fa:
873 /*
874 * Thanks Mark Harmstone:
875 * Keep directory bit consistency.
876 */
877 if (S_ISDIR(inode->i_mode))
878 new_fa |= FILE_ATTRIBUTE_DIRECTORY;
879 else
880 new_fa &= ~FILE_ATTRIBUTE_DIRECTORY;
881
882 if (ni->std_fa != new_fa) {
883 ni->std_fa = new_fa;
884 if (new_fa & FILE_ATTRIBUTE_READONLY)
885 inode->i_mode &= ~0222;
886 else
887 inode->i_mode |= 0222;
888 /* Std attribute always in primary record. */
889 ni->mi.dirty = true;
890 mark_inode_dirty(inode);
891 }
892 err = 0;
893
894 goto out;
895 }
896
897 if (!strcmp(name, SYSTEM_NTFS_SECURITY)) {
898 /* system.ntfs_security*/
899 __le32 security_id;
900 bool inserted;
901 struct ATTR_STD_INFO5 *std;
902
903 if (!is_ntfs3(ni->mi.sbi)) {
904 /*
905 * We should replace ATTR_SECURE.
906 * Skip this way cause it is nt4 feature.
907 */
908 err = -EINVAL;
909 goto out;
910 }
911
912 if (!is_sd_valid(value, size)) {
913 err = -EINVAL;
914 ntfs_inode_warn(
915 inode,
916 "you try to set invalid security descriptor");
917 goto out;
918 }
919
920 err = ntfs_insert_security(ni->mi.sbi, value, size,
921 &security_id, &inserted);
922 if (err)
923 goto out;
924
925 ni_lock(ni);
926 std = ni_std5(ni);
927 if (!std) {
928 err = -EINVAL;
929 } else if (std->security_id != security_id) {
930 std->security_id = ni->std_security_id = security_id;
931 /* Std attribute always in primary record. */
932 ni->mi.dirty = true;
933 mark_inode_dirty(&ni->vfs_inode);
934 }
935 ni_unlock(ni);
936 goto out;
937 }
938
939 /* Deal with NTFS extended attribute. */
940 err = ntfs_set_ea(inode, name, strlen(name), value, size, flags, 0);
941
942out:
943 inode->i_ctime = current_time(inode);
944 mark_inode_dirty(inode);
945
946 return err;
947}
948
949/*
950 * ntfs_save_wsl_perm
951 *
952 * save uid/gid/mode in xattr
953 */
954int ntfs_save_wsl_perm(struct inode *inode)
955{
956 int err;
957 __le32 value;
958 struct ntfs_inode *ni = ntfs_i(inode);
959
960 ni_lock(ni);
961 value = cpu_to_le32(i_uid_read(inode));
962 err = ntfs_set_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value,
963 sizeof(value), 0, true); /* true == already locked. */
964 if (err)
965 goto out;
966
967 value = cpu_to_le32(i_gid_read(inode));
968 err = ntfs_set_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value,
969 sizeof(value), 0, true);
970 if (err)
971 goto out;
972
973 value = cpu_to_le32(inode->i_mode);
974 err = ntfs_set_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value,
975 sizeof(value), 0, true);
976 if (err)
977 goto out;
978
979 if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode)) {
980 value = cpu_to_le32(inode->i_rdev);
981 err = ntfs_set_ea(inode, "$LXDEV", sizeof("$LXDEV") - 1, &value,
982 sizeof(value), 0, true);
983 if (err)
984 goto out;
985 }
986
987out:
988 ni_unlock(ni);
989 /* In case of error should we delete all WSL xattr? */
990 return err;
991}
992
993/*
994 * ntfs_get_wsl_perm
995 *
996 * get uid/gid/mode from xattr
997 * it is called from ntfs_iget5->ntfs_read_mft
998 */
999void ntfs_get_wsl_perm(struct inode *inode)
1000{
1001 size_t sz;
1002 __le32 value[3];
1003
1004 if (ntfs_get_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value[0],
1005 sizeof(value[0]), &sz) == sizeof(value[0]) &&
1006 ntfs_get_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value[1],
1007 sizeof(value[1]), &sz) == sizeof(value[1]) &&
1008 ntfs_get_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value[2],
1009 sizeof(value[2]), &sz) == sizeof(value[2])) {
1010 i_uid_write(inode, (uid_t)le32_to_cpu(value[0]));
1011 i_gid_write(inode, (gid_t)le32_to_cpu(value[1]));
1012 inode->i_mode = le32_to_cpu(value[2]);
1013
1014 if (ntfs_get_ea(inode, "$LXDEV", sizeof("$$LXDEV") - 1,
1015 &value[0], sizeof(value),
1016 &sz) == sizeof(value[0])) {
1017 inode->i_rdev = le32_to_cpu(value[0]);
1018 }
1019 }
1020}
1021
1022static bool ntfs_xattr_user_list(struct dentry *dentry)
1023{
1024 return true;
1025}
1026
1027// clang-format off
1028static const struct xattr_handler ntfs_other_xattr_handler = {
1029 .prefix = "",
1030 .get = ntfs_getxattr,
1031 .set = ntfs_setxattr,
1032 .list = ntfs_xattr_user_list,
1033};
1034
1035const struct xattr_handler *ntfs_xattr_handlers[] = {
1036#ifdef CONFIG_NTFS3_FS_POSIX_ACL
1037 &posix_acl_access_xattr_handler,
1038 &posix_acl_default_xattr_handler,
1039#endif
1040 &ntfs_other_xattr_handler,
1041 NULL,
1042};
1043// clang-format on
1// SPDX-License-Identifier: GPL-2.0
2/*
3 *
4 * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved.
5 *
6 */
7
8#include <linux/fs.h>
9#include <linux/posix_acl.h>
10#include <linux/posix_acl_xattr.h>
11#include <linux/xattr.h>
12
13#include "debug.h"
14#include "ntfs.h"
15#include "ntfs_fs.h"
16
17// clang-format off
18#define SYSTEM_DOS_ATTRIB "system.dos_attrib"
19#define SYSTEM_NTFS_ATTRIB "system.ntfs_attrib"
20#define SYSTEM_NTFS_ATTRIB_BE "system.ntfs_attrib_be"
21#define SYSTEM_NTFS_SECURITY "system.ntfs_security"
22// clang-format on
23
24static inline size_t unpacked_ea_size(const struct EA_FULL *ea)
25{
26 return ea->size ? le32_to_cpu(ea->size) :
27 ALIGN(struct_size(ea, name,
28 1 + ea->name_len +
29 le16_to_cpu(ea->elength)),
30 4);
31}
32
33static inline size_t packed_ea_size(const struct EA_FULL *ea)
34{
35 return struct_size(ea, name,
36 1 + ea->name_len + le16_to_cpu(ea->elength)) -
37 offsetof(struct EA_FULL, flags);
38}
39
40/*
41 * find_ea
42 *
43 * Assume there is at least one xattr in the list.
44 */
45static inline bool find_ea(const struct EA_FULL *ea_all, u32 bytes,
46 const char *name, u8 name_len, u32 *off, u32 *ea_sz)
47{
48 u32 ea_size;
49
50 *off = 0;
51 if (!ea_all)
52 return false;
53
54 for (; *off < bytes; *off += ea_size) {
55 const struct EA_FULL *ea = Add2Ptr(ea_all, *off);
56 ea_size = unpacked_ea_size(ea);
57 if (ea->name_len == name_len &&
58 !memcmp(ea->name, name, name_len)) {
59 if (ea_sz)
60 *ea_sz = ea_size;
61 return true;
62 }
63 }
64
65 return false;
66}
67
68/*
69 * ntfs_read_ea - Read all extended attributes.
70 * @ea: New allocated memory.
71 * @info: Pointer into resident data.
72 */
73static int ntfs_read_ea(struct ntfs_inode *ni, struct EA_FULL **ea,
74 size_t add_bytes, const struct EA_INFO **info)
75{
76 int err = -EINVAL;
77 struct ntfs_sb_info *sbi = ni->mi.sbi;
78 struct ATTR_LIST_ENTRY *le = NULL;
79 struct ATTRIB *attr_info, *attr_ea;
80 void *ea_p;
81 u32 size, off, ea_size;
82
83 static_assert(le32_to_cpu(ATTR_EA_INFO) < le32_to_cpu(ATTR_EA));
84
85 *ea = NULL;
86 *info = NULL;
87
88 attr_info =
89 ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, NULL);
90 attr_ea =
91 ni_find_attr(ni, attr_info, &le, ATTR_EA, NULL, 0, NULL, NULL);
92
93 if (!attr_ea || !attr_info)
94 return 0;
95
96 *info = resident_data_ex(attr_info, sizeof(struct EA_INFO));
97 if (!*info)
98 goto out;
99
100 /* Check Ea limit. */
101 size = le32_to_cpu((*info)->size);
102 if (size > sbi->ea_max_size) {
103 err = -EFBIG;
104 goto out;
105 }
106
107 if (attr_size(attr_ea) > sbi->ea_max_size) {
108 err = -EFBIG;
109 goto out;
110 }
111
112 if (!size) {
113 /* EA info persists, but xattr is empty. Looks like EA problem. */
114 goto out;
115 }
116
117 /* Allocate memory for packed Ea. */
118 ea_p = kmalloc(size_add(size, add_bytes), GFP_NOFS);
119 if (!ea_p)
120 return -ENOMEM;
121
122 if (attr_ea->non_res) {
123 struct runs_tree run;
124
125 run_init(&run);
126
127 err = attr_load_runs_range(ni, ATTR_EA, NULL, 0, &run, 0, size);
128 if (!err)
129 err = ntfs_read_run_nb(sbi, &run, 0, ea_p, size, NULL);
130 run_close(&run);
131
132 if (err)
133 goto out1;
134 } else {
135 void *p = resident_data_ex(attr_ea, size);
136
137 if (!p)
138 goto out1;
139 memcpy(ea_p, p, size);
140 }
141
142 memset(Add2Ptr(ea_p, size), 0, add_bytes);
143
144 err = -EINVAL;
145 /* Check all attributes for consistency. */
146 for (off = 0; off < size; off += ea_size) {
147 const struct EA_FULL *ef = Add2Ptr(ea_p, off);
148 u32 bytes = size - off;
149
150 /* Check if we can use field ea->size. */
151 if (bytes < sizeof(ef->size))
152 goto out1;
153
154 if (ef->size) {
155 ea_size = le32_to_cpu(ef->size);
156 if (ea_size > bytes)
157 goto out1;
158 continue;
159 }
160
161 /* Check if we can use fields ef->name_len and ef->elength. */
162 if (bytes < offsetof(struct EA_FULL, name))
163 goto out1;
164
165 ea_size = ALIGN(struct_size(ef, name,
166 1 + ef->name_len +
167 le16_to_cpu(ef->elength)),
168 4);
169 if (ea_size > bytes)
170 goto out1;
171 }
172
173 *ea = ea_p;
174 return 0;
175
176out1:
177 kfree(ea_p);
178out:
179 ntfs_set_state(sbi, NTFS_DIRTY_DIRTY);
180 return err;
181}
182
183/*
184 * ntfs_list_ea
185 *
186 * Copy a list of xattrs names into the buffer
187 * provided, or compute the buffer size required.
188 *
189 * Return:
190 * * Number of bytes used / required on
191 * * -ERRNO - on failure
192 */
193static ssize_t ntfs_list_ea(struct ntfs_inode *ni, char *buffer,
194 size_t bytes_per_buffer)
195{
196 const struct EA_INFO *info;
197 struct EA_FULL *ea_all = NULL;
198 const struct EA_FULL *ea;
199 u32 off, size;
200 int err;
201 int ea_size;
202 size_t ret;
203
204 err = ntfs_read_ea(ni, &ea_all, 0, &info);
205 if (err)
206 return err;
207
208 if (!info || !ea_all)
209 return 0;
210
211 size = le32_to_cpu(info->size);
212
213 /* Enumerate all xattrs. */
214 ret = 0;
215 for (off = 0; off + sizeof(struct EA_FULL) < size; off += ea_size) {
216 ea = Add2Ptr(ea_all, off);
217 ea_size = unpacked_ea_size(ea);
218
219 if (!ea->name_len)
220 break;
221
222 if (ea->name_len > ea_size)
223 break;
224
225 if (buffer) {
226 /* Check if we can use field ea->name */
227 if (off + ea_size > size)
228 break;
229
230 if (ret + ea->name_len + 1 > bytes_per_buffer) {
231 err = -ERANGE;
232 goto out;
233 }
234
235 memcpy(buffer + ret, ea->name, ea->name_len);
236 buffer[ret + ea->name_len] = 0;
237 }
238
239 ret += ea->name_len + 1;
240 }
241
242out:
243 kfree(ea_all);
244 return err ? err : ret;
245}
246
247static int ntfs_get_ea(struct inode *inode, const char *name, size_t name_len,
248 void *buffer, size_t size, size_t *required)
249{
250 struct ntfs_inode *ni = ntfs_i(inode);
251 const struct EA_INFO *info;
252 struct EA_FULL *ea_all = NULL;
253 const struct EA_FULL *ea;
254 u32 off, len;
255 int err;
256
257 if (!(ni->ni_flags & NI_FLAG_EA))
258 return -ENODATA;
259
260 if (!required)
261 ni_lock(ni);
262
263 len = 0;
264
265 if (name_len > 255) {
266 err = -ENAMETOOLONG;
267 goto out;
268 }
269
270 err = ntfs_read_ea(ni, &ea_all, 0, &info);
271 if (err)
272 goto out;
273
274 if (!info)
275 goto out;
276
277 /* Enumerate all xattrs. */
278 if (!find_ea(ea_all, le32_to_cpu(info->size), name, name_len, &off,
279 NULL)) {
280 err = -ENODATA;
281 goto out;
282 }
283 ea = Add2Ptr(ea_all, off);
284
285 len = le16_to_cpu(ea->elength);
286 if (!buffer) {
287 err = 0;
288 goto out;
289 }
290
291 if (len > size) {
292 err = -ERANGE;
293 if (required)
294 *required = len;
295 goto out;
296 }
297
298 memcpy(buffer, ea->name + ea->name_len + 1, len);
299 err = 0;
300
301out:
302 kfree(ea_all);
303 if (!required)
304 ni_unlock(ni);
305
306 return err ? err : len;
307}
308
309static noinline int ntfs_set_ea(struct inode *inode, const char *name,
310 size_t name_len, const void *value,
311 size_t val_size, int flags, bool locked,
312 __le16 *ea_size)
313{
314 struct ntfs_inode *ni = ntfs_i(inode);
315 struct ntfs_sb_info *sbi = ni->mi.sbi;
316 int err;
317 struct EA_INFO ea_info;
318 const struct EA_INFO *info;
319 struct EA_FULL *new_ea;
320 struct EA_FULL *ea_all = NULL;
321 size_t add, new_pack;
322 u32 off, size, ea_sz;
323 __le16 size_pack;
324 struct ATTRIB *attr;
325 struct ATTR_LIST_ENTRY *le;
326 struct mft_inode *mi;
327 struct runs_tree ea_run;
328 u64 new_sz;
329 void *p;
330
331 if (!locked)
332 ni_lock(ni);
333
334 run_init(&ea_run);
335
336 if (name_len > 255) {
337 err = -ENAMETOOLONG;
338 goto out;
339 }
340
341 add = ALIGN(struct_size(ea_all, name, 1 + name_len + val_size), 4);
342
343 err = ntfs_read_ea(ni, &ea_all, add, &info);
344 if (err)
345 goto out;
346
347 if (!info) {
348 memset(&ea_info, 0, sizeof(ea_info));
349 size = 0;
350 size_pack = 0;
351 } else {
352 memcpy(&ea_info, info, sizeof(ea_info));
353 size = le32_to_cpu(ea_info.size);
354 size_pack = ea_info.size_pack;
355 }
356
357 if (info && find_ea(ea_all, size, name, name_len, &off, &ea_sz)) {
358 struct EA_FULL *ea;
359
360 if (flags & XATTR_CREATE) {
361 err = -EEXIST;
362 goto out;
363 }
364
365 ea = Add2Ptr(ea_all, off);
366
367 /*
368 * Check simple case when we try to insert xattr with the same value
369 * e.g. ntfs_save_wsl_perm
370 */
371 if (val_size && le16_to_cpu(ea->elength) == val_size &&
372 !memcmp(ea->name + ea->name_len + 1, value, val_size)) {
373 /* xattr already contains the required value. */
374 goto out;
375 }
376
377 /* Remove current xattr. */
378 if (ea->flags & FILE_NEED_EA)
379 le16_add_cpu(&ea_info.count, -1);
380
381 le16_add_cpu(&ea_info.size_pack, 0 - packed_ea_size(ea));
382
383 memmove(ea, Add2Ptr(ea, ea_sz), size - off - ea_sz);
384
385 size -= ea_sz;
386 memset(Add2Ptr(ea_all, size), 0, ea_sz);
387
388 ea_info.size = cpu_to_le32(size);
389
390 if ((flags & XATTR_REPLACE) && !val_size) {
391 /* Remove xattr. */
392 goto update_ea;
393 }
394 } else {
395 if (flags & XATTR_REPLACE) {
396 err = -ENODATA;
397 goto out;
398 }
399
400 if (!ea_all) {
401 ea_all = kzalloc(add, GFP_NOFS);
402 if (!ea_all) {
403 err = -ENOMEM;
404 goto out;
405 }
406 }
407 }
408
409 /* Append new xattr. */
410 new_ea = Add2Ptr(ea_all, size);
411 new_ea->size = cpu_to_le32(add);
412 new_ea->flags = 0;
413 new_ea->name_len = name_len;
414 new_ea->elength = cpu_to_le16(val_size);
415 memcpy(new_ea->name, name, name_len);
416 new_ea->name[name_len] = 0;
417 memcpy(new_ea->name + name_len + 1, value, val_size);
418 new_pack = le16_to_cpu(ea_info.size_pack) + packed_ea_size(new_ea);
419 ea_info.size_pack = cpu_to_le16(new_pack);
420 /* New size of ATTR_EA. */
421 size += add;
422 ea_info.size = cpu_to_le32(size);
423
424 /*
425 * 1. Check ea_info.size_pack for overflow.
426 * 2. New attribute size must fit value from $AttrDef
427 */
428 if (new_pack > 0xffff || size > sbi->ea_max_size) {
429 ntfs_inode_warn(
430 inode,
431 "The size of extended attributes must not exceed 64KiB");
432 err = -EFBIG; // -EINVAL?
433 goto out;
434 }
435
436update_ea:
437
438 if (!info) {
439 /* Create xattr. */
440 if (!size) {
441 err = 0;
442 goto out;
443 }
444
445 err = ni_insert_resident(ni, sizeof(struct EA_INFO),
446 ATTR_EA_INFO, NULL, 0, NULL, NULL,
447 NULL);
448 if (err)
449 goto out;
450
451 err = ni_insert_resident(ni, 0, ATTR_EA, NULL, 0, NULL, NULL,
452 NULL);
453 if (err)
454 goto out;
455 }
456
457 new_sz = size;
458 err = attr_set_size(ni, ATTR_EA, NULL, 0, &ea_run, new_sz, &new_sz,
459 false, NULL);
460 if (err)
461 goto out;
462
463 le = NULL;
464 attr = ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, &mi);
465 if (!attr) {
466 err = -EINVAL;
467 goto out;
468 }
469
470 if (!size) {
471 /* Delete xattr, ATTR_EA_INFO */
472 ni_remove_attr_le(ni, attr, mi, le);
473 } else {
474 p = resident_data_ex(attr, sizeof(struct EA_INFO));
475 if (!p) {
476 err = -EINVAL;
477 goto out;
478 }
479 memcpy(p, &ea_info, sizeof(struct EA_INFO));
480 mi->dirty = true;
481 }
482
483 le = NULL;
484 attr = ni_find_attr(ni, NULL, &le, ATTR_EA, NULL, 0, NULL, &mi);
485 if (!attr) {
486 err = -EINVAL;
487 goto out;
488 }
489
490 if (!size) {
491 /* Delete xattr, ATTR_EA */
492 ni_remove_attr_le(ni, attr, mi, le);
493 } else if (attr->non_res) {
494 err = attr_load_runs_range(ni, ATTR_EA, NULL, 0, &ea_run, 0,
495 size);
496 if (err)
497 goto out;
498
499 err = ntfs_sb_write_run(sbi, &ea_run, 0, ea_all, size, 0);
500 if (err)
501 goto out;
502 } else {
503 p = resident_data_ex(attr, size);
504 if (!p) {
505 err = -EINVAL;
506 goto out;
507 }
508 memcpy(p, ea_all, size);
509 mi->dirty = true;
510 }
511
512 /* Check if we delete the last xattr. */
513 if (size)
514 ni->ni_flags |= NI_FLAG_EA;
515 else
516 ni->ni_flags &= ~NI_FLAG_EA;
517
518 if (ea_info.size_pack != size_pack)
519 ni->ni_flags |= NI_FLAG_UPDATE_PARENT;
520 if (ea_size)
521 *ea_size = ea_info.size_pack;
522 mark_inode_dirty(&ni->vfs_inode);
523
524out:
525 if (!locked)
526 ni_unlock(ni);
527
528 run_close(&ea_run);
529 kfree(ea_all);
530
531 return err;
532}
533
534#ifdef CONFIG_NTFS3_FS_POSIX_ACL
535
536/*
537 * ntfs_get_acl - inode_operations::get_acl
538 */
539struct posix_acl *ntfs_get_acl(struct mnt_idmap *idmap, struct dentry *dentry,
540 int type)
541{
542 struct inode *inode = d_inode(dentry);
543 struct ntfs_inode *ni = ntfs_i(inode);
544 const char *name;
545 size_t name_len;
546 struct posix_acl *acl;
547 size_t req;
548 int err;
549 void *buf;
550
551 /* Allocate PATH_MAX bytes. */
552 buf = __getname();
553 if (!buf)
554 return ERR_PTR(-ENOMEM);
555
556 /* Possible values of 'type' was already checked above. */
557 if (type == ACL_TYPE_ACCESS) {
558 name = XATTR_NAME_POSIX_ACL_ACCESS;
559 name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1;
560 } else {
561 name = XATTR_NAME_POSIX_ACL_DEFAULT;
562 name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1;
563 }
564
565 ni_lock(ni);
566
567 err = ntfs_get_ea(inode, name, name_len, buf, PATH_MAX, &req);
568
569 ni_unlock(ni);
570
571 /* Translate extended attribute to acl. */
572 if (err >= 0) {
573 acl = posix_acl_from_xattr(&init_user_ns, buf, err);
574 } else if (err == -ENODATA) {
575 acl = NULL;
576 } else {
577 acl = ERR_PTR(err);
578 }
579
580 if (!IS_ERR(acl))
581 set_cached_acl(inode, type, acl);
582
583 __putname(buf);
584
585 return acl;
586}
587
588static noinline int ntfs_set_acl_ex(struct mnt_idmap *idmap,
589 struct inode *inode, struct posix_acl *acl,
590 int type, bool init_acl)
591{
592 const char *name;
593 size_t size, name_len;
594 void *value;
595 int err;
596 int flags;
597 umode_t mode;
598
599 if (S_ISLNK(inode->i_mode))
600 return -EOPNOTSUPP;
601
602 mode = inode->i_mode;
603 switch (type) {
604 case ACL_TYPE_ACCESS:
605 /* Do not change i_mode if we are in init_acl */
606 if (acl && !init_acl) {
607 err = posix_acl_update_mode(idmap, inode, &mode, &acl);
608 if (err)
609 return err;
610 }
611 name = XATTR_NAME_POSIX_ACL_ACCESS;
612 name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1;
613 break;
614
615 case ACL_TYPE_DEFAULT:
616 if (!S_ISDIR(inode->i_mode))
617 return acl ? -EACCES : 0;
618 name = XATTR_NAME_POSIX_ACL_DEFAULT;
619 name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1;
620 break;
621
622 default:
623 return -EINVAL;
624 }
625
626 if (!acl) {
627 /* Remove xattr if it can be presented via mode. */
628 size = 0;
629 value = NULL;
630 flags = XATTR_REPLACE;
631 } else {
632 size = posix_acl_xattr_size(acl->a_count);
633 value = kmalloc(size, GFP_NOFS);
634 if (!value)
635 return -ENOMEM;
636 err = posix_acl_to_xattr(&init_user_ns, acl, value, size);
637 if (err < 0)
638 goto out;
639 flags = 0;
640 }
641
642 err = ntfs_set_ea(inode, name, name_len, value, size, flags, 0, NULL);
643 if (err == -ENODATA && !size)
644 err = 0; /* Removing non existed xattr. */
645 if (!err) {
646 set_cached_acl(inode, type, acl);
647 inode->i_mode = mode;
648 inode_set_ctime_current(inode);
649 mark_inode_dirty(inode);
650 }
651
652out:
653 kfree(value);
654
655 return err;
656}
657
658/*
659 * ntfs_set_acl - inode_operations::set_acl
660 */
661int ntfs_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
662 struct posix_acl *acl, int type)
663{
664 return ntfs_set_acl_ex(idmap, d_inode(dentry), acl, type, false);
665}
666
667/*
668 * ntfs_init_acl - Initialize the ACLs of a new inode.
669 *
670 * Called from ntfs_create_inode().
671 */
672int ntfs_init_acl(struct mnt_idmap *idmap, struct inode *inode,
673 struct inode *dir)
674{
675 struct posix_acl *default_acl, *acl;
676 int err;
677
678 err = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
679 if (err)
680 return err;
681
682 if (default_acl) {
683 err = ntfs_set_acl_ex(idmap, inode, default_acl,
684 ACL_TYPE_DEFAULT, true);
685 posix_acl_release(default_acl);
686 } else {
687 inode->i_default_acl = NULL;
688 }
689
690 if (acl) {
691 if (!err)
692 err = ntfs_set_acl_ex(idmap, inode, acl,
693 ACL_TYPE_ACCESS, true);
694 posix_acl_release(acl);
695 } else {
696 inode->i_acl = NULL;
697 }
698
699 return err;
700}
701#endif
702
703/*
704 * ntfs_acl_chmod - Helper for ntfs3_setattr().
705 */
706int ntfs_acl_chmod(struct mnt_idmap *idmap, struct dentry *dentry)
707{
708 struct inode *inode = d_inode(dentry);
709 struct super_block *sb = inode->i_sb;
710
711 if (!(sb->s_flags & SB_POSIXACL))
712 return 0;
713
714 if (S_ISLNK(inode->i_mode))
715 return -EOPNOTSUPP;
716
717 return posix_acl_chmod(idmap, dentry, inode->i_mode);
718}
719
720/*
721 * ntfs_listxattr - inode_operations::listxattr
722 */
723ssize_t ntfs_listxattr(struct dentry *dentry, char *buffer, size_t size)
724{
725 struct inode *inode = d_inode(dentry);
726 struct ntfs_inode *ni = ntfs_i(inode);
727 ssize_t ret;
728
729 if (!(ni->ni_flags & NI_FLAG_EA)) {
730 /* no xattr in file */
731 return 0;
732 }
733
734 ni_lock(ni);
735
736 ret = ntfs_list_ea(ni, buffer, size);
737
738 ni_unlock(ni);
739
740 return ret;
741}
742
743static int ntfs_getxattr(const struct xattr_handler *handler, struct dentry *de,
744 struct inode *inode, const char *name, void *buffer,
745 size_t size)
746{
747 int err;
748 struct ntfs_inode *ni = ntfs_i(inode);
749
750 if (unlikely(ntfs3_forced_shutdown(inode->i_sb)))
751 return -EIO;
752
753 /* Dispatch request. */
754 if (!strcmp(name, SYSTEM_DOS_ATTRIB)) {
755 /* system.dos_attrib */
756 if (!buffer) {
757 err = sizeof(u8);
758 } else if (size < sizeof(u8)) {
759 err = -ENODATA;
760 } else {
761 err = sizeof(u8);
762 *(u8 *)buffer = le32_to_cpu(ni->std_fa);
763 }
764 goto out;
765 }
766
767 if (!strcmp(name, SYSTEM_NTFS_ATTRIB) ||
768 !strcmp(name, SYSTEM_NTFS_ATTRIB_BE)) {
769 /* system.ntfs_attrib */
770 if (!buffer) {
771 err = sizeof(u32);
772 } else if (size < sizeof(u32)) {
773 err = -ENODATA;
774 } else {
775 err = sizeof(u32);
776 *(u32 *)buffer = le32_to_cpu(ni->std_fa);
777 if (!strcmp(name, SYSTEM_NTFS_ATTRIB_BE))
778 *(__be32 *)buffer = cpu_to_be32(*(u32 *)buffer);
779 }
780 goto out;
781 }
782
783 if (!strcmp(name, SYSTEM_NTFS_SECURITY)) {
784 /* system.ntfs_security*/
785 struct SECURITY_DESCRIPTOR_RELATIVE *sd = NULL;
786 size_t sd_size = 0;
787
788 if (!is_ntfs3(ni->mi.sbi)) {
789 /* We should get nt4 security. */
790 err = -EINVAL;
791 goto out;
792 } else if (le32_to_cpu(ni->std_security_id) <
793 SECURITY_ID_FIRST) {
794 err = -ENOENT;
795 goto out;
796 }
797
798 err = ntfs_get_security_by_id(ni->mi.sbi, ni->std_security_id,
799 &sd, &sd_size);
800 if (err)
801 goto out;
802
803 if (!is_sd_valid(sd, sd_size)) {
804 ntfs_inode_warn(
805 inode,
806 "looks like you get incorrect security descriptor id=%u",
807 ni->std_security_id);
808 }
809
810 if (!buffer) {
811 err = sd_size;
812 } else if (size < sd_size) {
813 err = -ENODATA;
814 } else {
815 err = sd_size;
816 memcpy(buffer, sd, sd_size);
817 }
818 kfree(sd);
819 goto out;
820 }
821
822 /* Deal with NTFS extended attribute. */
823 err = ntfs_get_ea(inode, name, strlen(name), buffer, size, NULL);
824
825out:
826 return err;
827}
828
829/*
830 * ntfs_setxattr - inode_operations::setxattr
831 */
832static noinline int ntfs_setxattr(const struct xattr_handler *handler,
833 struct mnt_idmap *idmap, struct dentry *de,
834 struct inode *inode, const char *name,
835 const void *value, size_t size, int flags)
836{
837 int err = -EINVAL;
838 struct ntfs_inode *ni = ntfs_i(inode);
839 enum FILE_ATTRIBUTE new_fa;
840
841 /* Dispatch request. */
842 if (!strcmp(name, SYSTEM_DOS_ATTRIB)) {
843 if (sizeof(u8) != size)
844 goto out;
845 new_fa = cpu_to_le32(*(u8 *)value);
846 goto set_new_fa;
847 }
848
849 if (!strcmp(name, SYSTEM_NTFS_ATTRIB) ||
850 !strcmp(name, SYSTEM_NTFS_ATTRIB_BE)) {
851 if (size != sizeof(u32))
852 goto out;
853 if (!strcmp(name, SYSTEM_NTFS_ATTRIB_BE))
854 new_fa = cpu_to_le32(be32_to_cpu(*(__be32 *)value));
855 else
856 new_fa = cpu_to_le32(*(u32 *)value);
857
858 if (S_ISREG(inode->i_mode)) {
859 /* Process compressed/sparsed in special way. */
860 ni_lock(ni);
861 err = ni_new_attr_flags(ni, new_fa);
862 ni_unlock(ni);
863 if (err)
864 goto out;
865 }
866set_new_fa:
867 /*
868 * Thanks Mark Harmstone:
869 * Keep directory bit consistency.
870 */
871 if (S_ISDIR(inode->i_mode))
872 new_fa |= FILE_ATTRIBUTE_DIRECTORY;
873 else
874 new_fa &= ~FILE_ATTRIBUTE_DIRECTORY;
875
876 if (ni->std_fa != new_fa) {
877 ni->std_fa = new_fa;
878 if (new_fa & FILE_ATTRIBUTE_READONLY)
879 inode->i_mode &= ~0222;
880 else
881 inode->i_mode |= 0222;
882 /* Std attribute always in primary record. */
883 ni->mi.dirty = true;
884 mark_inode_dirty(inode);
885 }
886 err = 0;
887
888 goto out;
889 }
890
891 if (!strcmp(name, SYSTEM_NTFS_SECURITY)) {
892 /* system.ntfs_security*/
893 __le32 security_id;
894 bool inserted;
895 struct ATTR_STD_INFO5 *std;
896
897 if (!is_ntfs3(ni->mi.sbi)) {
898 /*
899 * We should replace ATTR_SECURE.
900 * Skip this way cause it is nt4 feature.
901 */
902 err = -EINVAL;
903 goto out;
904 }
905
906 if (!is_sd_valid(value, size)) {
907 err = -EINVAL;
908 ntfs_inode_warn(
909 inode,
910 "you try to set invalid security descriptor");
911 goto out;
912 }
913
914 err = ntfs_insert_security(ni->mi.sbi, value, size,
915 &security_id, &inserted);
916 if (err)
917 goto out;
918
919 ni_lock(ni);
920 std = ni_std5(ni);
921 if (!std) {
922 err = -EINVAL;
923 } else if (std->security_id != security_id) {
924 std->security_id = ni->std_security_id = security_id;
925 /* Std attribute always in primary record. */
926 ni->mi.dirty = true;
927 mark_inode_dirty(&ni->vfs_inode);
928 }
929 ni_unlock(ni);
930 goto out;
931 }
932
933 /* Deal with NTFS extended attribute. */
934 err = ntfs_set_ea(inode, name, strlen(name), value, size, flags, 0,
935 NULL);
936
937out:
938 inode_set_ctime_current(inode);
939 mark_inode_dirty(inode);
940
941 return err;
942}
943
944/*
945 * ntfs_save_wsl_perm
946 *
947 * save uid/gid/mode in xattr
948 */
949int ntfs_save_wsl_perm(struct inode *inode, __le16 *ea_size)
950{
951 int err;
952 __le32 value;
953 struct ntfs_inode *ni = ntfs_i(inode);
954
955 ni_lock(ni);
956 value = cpu_to_le32(i_uid_read(inode));
957 err = ntfs_set_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value,
958 sizeof(value), 0, true, ea_size);
959 if (err)
960 goto out;
961
962 value = cpu_to_le32(i_gid_read(inode));
963 err = ntfs_set_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value,
964 sizeof(value), 0, true, ea_size);
965 if (err)
966 goto out;
967
968 value = cpu_to_le32(inode->i_mode);
969 err = ntfs_set_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value,
970 sizeof(value), 0, true, ea_size);
971 if (err)
972 goto out;
973
974 if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode)) {
975 value = cpu_to_le32(inode->i_rdev);
976 err = ntfs_set_ea(inode, "$LXDEV", sizeof("$LXDEV") - 1, &value,
977 sizeof(value), 0, true, ea_size);
978 if (err)
979 goto out;
980 }
981
982out:
983 ni_unlock(ni);
984 /* In case of error should we delete all WSL xattr? */
985 return err;
986}
987
988/*
989 * ntfs_get_wsl_perm
990 *
991 * get uid/gid/mode from xattr
992 * it is called from ntfs_iget5->ntfs_read_mft
993 */
994void ntfs_get_wsl_perm(struct inode *inode)
995{
996 size_t sz;
997 __le32 value[3];
998
999 if (ntfs_get_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value[0],
1000 sizeof(value[0]), &sz) == sizeof(value[0]) &&
1001 ntfs_get_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value[1],
1002 sizeof(value[1]), &sz) == sizeof(value[1]) &&
1003 ntfs_get_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value[2],
1004 sizeof(value[2]), &sz) == sizeof(value[2])) {
1005 i_uid_write(inode, (uid_t)le32_to_cpu(value[0]));
1006 i_gid_write(inode, (gid_t)le32_to_cpu(value[1]));
1007 inode->i_mode = le32_to_cpu(value[2]);
1008
1009 if (ntfs_get_ea(inode, "$LXDEV", sizeof("$$LXDEV") - 1,
1010 &value[0], sizeof(value),
1011 &sz) == sizeof(value[0])) {
1012 inode->i_rdev = le32_to_cpu(value[0]);
1013 }
1014 }
1015}
1016
1017static bool ntfs_xattr_user_list(struct dentry *dentry)
1018{
1019 return true;
1020}
1021
1022// clang-format off
1023static const struct xattr_handler ntfs_other_xattr_handler = {
1024 .prefix = "",
1025 .get = ntfs_getxattr,
1026 .set = ntfs_setxattr,
1027 .list = ntfs_xattr_user_list,
1028};
1029
1030const struct xattr_handler * const ntfs_xattr_handlers[] = {
1031 &ntfs_other_xattr_handler,
1032 NULL,
1033};
1034// clang-format on