Loading...
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Copyright (C) 2017-2018 HUAWEI, Inc.
4 * https://www.huawei.com/
5 * Copyright (C) 2021-2022, Alibaba Cloud
6 */
7#include <linux/security.h>
8#include <linux/xxhash.h>
9#include "xattr.h"
10
11struct erofs_xattr_iter {
12 struct super_block *sb;
13 struct erofs_buf buf;
14 erofs_off_t pos;
15 void *kaddr;
16
17 char *buffer;
18 int buffer_size, buffer_ofs;
19
20 /* getxattr */
21 int index, infix_len;
22 struct qstr name;
23
24 /* listxattr */
25 struct dentry *dentry;
26};
27
28static int erofs_init_inode_xattrs(struct inode *inode)
29{
30 struct erofs_inode *const vi = EROFS_I(inode);
31 struct erofs_xattr_iter it;
32 unsigned int i;
33 struct erofs_xattr_ibody_header *ih;
34 struct super_block *sb = inode->i_sb;
35 int ret = 0;
36
37 /* the most case is that xattrs of this inode are initialized. */
38 if (test_bit(EROFS_I_EA_INITED_BIT, &vi->flags)) {
39 /*
40 * paired with smp_mb() at the end of the function to ensure
41 * fields will only be observed after the bit is set.
42 */
43 smp_mb();
44 return 0;
45 }
46
47 if (wait_on_bit_lock(&vi->flags, EROFS_I_BL_XATTR_BIT, TASK_KILLABLE))
48 return -ERESTARTSYS;
49
50 /* someone has initialized xattrs for us? */
51 if (test_bit(EROFS_I_EA_INITED_BIT, &vi->flags))
52 goto out_unlock;
53
54 /*
55 * bypass all xattr operations if ->xattr_isize is not greater than
56 * sizeof(struct erofs_xattr_ibody_header), in detail:
57 * 1) it is not enough to contain erofs_xattr_ibody_header then
58 * ->xattr_isize should be 0 (it means no xattr);
59 * 2) it is just to contain erofs_xattr_ibody_header, which is on-disk
60 * undefined right now (maybe use later with some new sb feature).
61 */
62 if (vi->xattr_isize == sizeof(struct erofs_xattr_ibody_header)) {
63 erofs_err(sb,
64 "xattr_isize %d of nid %llu is not supported yet",
65 vi->xattr_isize, vi->nid);
66 ret = -EOPNOTSUPP;
67 goto out_unlock;
68 } else if (vi->xattr_isize < sizeof(struct erofs_xattr_ibody_header)) {
69 if (vi->xattr_isize) {
70 erofs_err(sb, "bogus xattr ibody @ nid %llu", vi->nid);
71 DBG_BUGON(1);
72 ret = -EFSCORRUPTED;
73 goto out_unlock; /* xattr ondisk layout error */
74 }
75 ret = -ENOATTR;
76 goto out_unlock;
77 }
78
79 it.buf = __EROFS_BUF_INITIALIZER;
80 erofs_init_metabuf(&it.buf, sb);
81 it.pos = erofs_iloc(inode) + vi->inode_isize;
82
83 /* read in shared xattr array (non-atomic, see kmalloc below) */
84 it.kaddr = erofs_bread(&it.buf, erofs_blknr(sb, it.pos), EROFS_KMAP);
85 if (IS_ERR(it.kaddr)) {
86 ret = PTR_ERR(it.kaddr);
87 goto out_unlock;
88 }
89
90 ih = it.kaddr + erofs_blkoff(sb, it.pos);
91 vi->xattr_name_filter = le32_to_cpu(ih->h_name_filter);
92 vi->xattr_shared_count = ih->h_shared_count;
93 vi->xattr_shared_xattrs = kmalloc_array(vi->xattr_shared_count,
94 sizeof(uint), GFP_KERNEL);
95 if (!vi->xattr_shared_xattrs) {
96 erofs_put_metabuf(&it.buf);
97 ret = -ENOMEM;
98 goto out_unlock;
99 }
100
101 /* let's skip ibody header */
102 it.pos += sizeof(struct erofs_xattr_ibody_header);
103
104 for (i = 0; i < vi->xattr_shared_count; ++i) {
105 it.kaddr = erofs_bread(&it.buf, erofs_blknr(sb, it.pos),
106 EROFS_KMAP);
107 if (IS_ERR(it.kaddr)) {
108 kfree(vi->xattr_shared_xattrs);
109 vi->xattr_shared_xattrs = NULL;
110 ret = PTR_ERR(it.kaddr);
111 goto out_unlock;
112 }
113 vi->xattr_shared_xattrs[i] = le32_to_cpu(*(__le32 *)
114 (it.kaddr + erofs_blkoff(sb, it.pos)));
115 it.pos += sizeof(__le32);
116 }
117 erofs_put_metabuf(&it.buf);
118
119 /* paired with smp_mb() at the beginning of the function. */
120 smp_mb();
121 set_bit(EROFS_I_EA_INITED_BIT, &vi->flags);
122
123out_unlock:
124 clear_and_wake_up_bit(EROFS_I_BL_XATTR_BIT, &vi->flags);
125 return ret;
126}
127
128static bool erofs_xattr_user_list(struct dentry *dentry)
129{
130 return test_opt(&EROFS_SB(dentry->d_sb)->opt, XATTR_USER);
131}
132
133static bool erofs_xattr_trusted_list(struct dentry *dentry)
134{
135 return capable(CAP_SYS_ADMIN);
136}
137
138static int erofs_xattr_generic_get(const struct xattr_handler *handler,
139 struct dentry *unused, struct inode *inode,
140 const char *name, void *buffer, size_t size)
141{
142 if (handler->flags == EROFS_XATTR_INDEX_USER &&
143 !test_opt(&EROFS_I_SB(inode)->opt, XATTR_USER))
144 return -EOPNOTSUPP;
145
146 return erofs_getxattr(inode, handler->flags, name, buffer, size);
147}
148
149const struct xattr_handler erofs_xattr_user_handler = {
150 .prefix = XATTR_USER_PREFIX,
151 .flags = EROFS_XATTR_INDEX_USER,
152 .list = erofs_xattr_user_list,
153 .get = erofs_xattr_generic_get,
154};
155
156const struct xattr_handler erofs_xattr_trusted_handler = {
157 .prefix = XATTR_TRUSTED_PREFIX,
158 .flags = EROFS_XATTR_INDEX_TRUSTED,
159 .list = erofs_xattr_trusted_list,
160 .get = erofs_xattr_generic_get,
161};
162
163#ifdef CONFIG_EROFS_FS_SECURITY
164const struct xattr_handler __maybe_unused erofs_xattr_security_handler = {
165 .prefix = XATTR_SECURITY_PREFIX,
166 .flags = EROFS_XATTR_INDEX_SECURITY,
167 .get = erofs_xattr_generic_get,
168};
169#endif
170
171const struct xattr_handler * const erofs_xattr_handlers[] = {
172 &erofs_xattr_user_handler,
173 &erofs_xattr_trusted_handler,
174#ifdef CONFIG_EROFS_FS_SECURITY
175 &erofs_xattr_security_handler,
176#endif
177 NULL,
178};
179
180static int erofs_xattr_copy_to_buffer(struct erofs_xattr_iter *it,
181 unsigned int len)
182{
183 unsigned int slice, processed;
184 struct super_block *sb = it->sb;
185 void *src;
186
187 for (processed = 0; processed < len; processed += slice) {
188 it->kaddr = erofs_bread(&it->buf, erofs_blknr(sb, it->pos),
189 EROFS_KMAP);
190 if (IS_ERR(it->kaddr))
191 return PTR_ERR(it->kaddr);
192
193 src = it->kaddr + erofs_blkoff(sb, it->pos);
194 slice = min_t(unsigned int, sb->s_blocksize -
195 erofs_blkoff(sb, it->pos), len - processed);
196 memcpy(it->buffer + it->buffer_ofs, src, slice);
197 it->buffer_ofs += slice;
198 it->pos += slice;
199 }
200 return 0;
201}
202
203static int erofs_listxattr_foreach(struct erofs_xattr_iter *it)
204{
205 struct erofs_xattr_entry entry;
206 unsigned int base_index, name_total, prefix_len, infix_len = 0;
207 const char *prefix, *infix = NULL;
208 int err;
209
210 /* 1. handle xattr entry */
211 entry = *(struct erofs_xattr_entry *)
212 (it->kaddr + erofs_blkoff(it->sb, it->pos));
213 it->pos += sizeof(struct erofs_xattr_entry);
214
215 base_index = entry.e_name_index;
216 if (entry.e_name_index & EROFS_XATTR_LONG_PREFIX) {
217 struct erofs_sb_info *sbi = EROFS_SB(it->sb);
218 struct erofs_xattr_prefix_item *pf = sbi->xattr_prefixes +
219 (entry.e_name_index & EROFS_XATTR_LONG_PREFIX_MASK);
220
221 if (pf >= sbi->xattr_prefixes + sbi->xattr_prefix_count)
222 return 0;
223 infix = pf->prefix->infix;
224 infix_len = pf->infix_len;
225 base_index = pf->prefix->base_index;
226 }
227
228 prefix = erofs_xattr_prefix(base_index, it->dentry);
229 if (!prefix)
230 return 0;
231 prefix_len = strlen(prefix);
232 name_total = prefix_len + infix_len + entry.e_name_len + 1;
233
234 if (!it->buffer) {
235 it->buffer_ofs += name_total;
236 return 0;
237 }
238
239 if (it->buffer_ofs + name_total > it->buffer_size)
240 return -ERANGE;
241
242 memcpy(it->buffer + it->buffer_ofs, prefix, prefix_len);
243 memcpy(it->buffer + it->buffer_ofs + prefix_len, infix, infix_len);
244 it->buffer_ofs += prefix_len + infix_len;
245
246 /* 2. handle xattr name */
247 err = erofs_xattr_copy_to_buffer(it, entry.e_name_len);
248 if (err)
249 return err;
250
251 it->buffer[it->buffer_ofs++] = '\0';
252 return 0;
253}
254
255static int erofs_getxattr_foreach(struct erofs_xattr_iter *it)
256{
257 struct super_block *sb = it->sb;
258 struct erofs_xattr_entry entry;
259 unsigned int slice, processed, value_sz;
260
261 /* 1. handle xattr entry */
262 entry = *(struct erofs_xattr_entry *)
263 (it->kaddr + erofs_blkoff(sb, it->pos));
264 it->pos += sizeof(struct erofs_xattr_entry);
265 value_sz = le16_to_cpu(entry.e_value_size);
266
267 /* should also match the infix for long name prefixes */
268 if (entry.e_name_index & EROFS_XATTR_LONG_PREFIX) {
269 struct erofs_sb_info *sbi = EROFS_SB(sb);
270 struct erofs_xattr_prefix_item *pf = sbi->xattr_prefixes +
271 (entry.e_name_index & EROFS_XATTR_LONG_PREFIX_MASK);
272
273 if (pf >= sbi->xattr_prefixes + sbi->xattr_prefix_count)
274 return -ENOATTR;
275
276 if (it->index != pf->prefix->base_index ||
277 it->name.len != entry.e_name_len + pf->infix_len)
278 return -ENOATTR;
279
280 if (memcmp(it->name.name, pf->prefix->infix, pf->infix_len))
281 return -ENOATTR;
282
283 it->infix_len = pf->infix_len;
284 } else {
285 if (it->index != entry.e_name_index ||
286 it->name.len != entry.e_name_len)
287 return -ENOATTR;
288
289 it->infix_len = 0;
290 }
291
292 /* 2. handle xattr name */
293 for (processed = 0; processed < entry.e_name_len; processed += slice) {
294 it->kaddr = erofs_bread(&it->buf, erofs_blknr(sb, it->pos),
295 EROFS_KMAP);
296 if (IS_ERR(it->kaddr))
297 return PTR_ERR(it->kaddr);
298
299 slice = min_t(unsigned int,
300 sb->s_blocksize - erofs_blkoff(sb, it->pos),
301 entry.e_name_len - processed);
302 if (memcmp(it->name.name + it->infix_len + processed,
303 it->kaddr + erofs_blkoff(sb, it->pos), slice))
304 return -ENOATTR;
305 it->pos += slice;
306 }
307
308 /* 3. handle xattr value */
309 if (!it->buffer) {
310 it->buffer_ofs = value_sz;
311 return 0;
312 }
313
314 if (it->buffer_size < value_sz)
315 return -ERANGE;
316
317 return erofs_xattr_copy_to_buffer(it, value_sz);
318}
319
320static int erofs_xattr_iter_inline(struct erofs_xattr_iter *it,
321 struct inode *inode, bool getxattr)
322{
323 struct erofs_inode *const vi = EROFS_I(inode);
324 unsigned int xattr_header_sz, remaining, entry_sz;
325 erofs_off_t next_pos;
326 int ret;
327
328 xattr_header_sz = sizeof(struct erofs_xattr_ibody_header) +
329 sizeof(u32) * vi->xattr_shared_count;
330 if (xattr_header_sz >= vi->xattr_isize) {
331 DBG_BUGON(xattr_header_sz > vi->xattr_isize);
332 return -ENOATTR;
333 }
334
335 remaining = vi->xattr_isize - xattr_header_sz;
336 it->pos = erofs_iloc(inode) + vi->inode_isize + xattr_header_sz;
337
338 while (remaining) {
339 it->kaddr = erofs_bread(&it->buf, erofs_blknr(it->sb, it->pos),
340 EROFS_KMAP);
341 if (IS_ERR(it->kaddr))
342 return PTR_ERR(it->kaddr);
343
344 entry_sz = erofs_xattr_entry_size(it->kaddr +
345 erofs_blkoff(it->sb, it->pos));
346 /* xattr on-disk corruption: xattr entry beyond xattr_isize */
347 if (remaining < entry_sz) {
348 DBG_BUGON(1);
349 return -EFSCORRUPTED;
350 }
351 remaining -= entry_sz;
352 next_pos = it->pos + entry_sz;
353
354 if (getxattr)
355 ret = erofs_getxattr_foreach(it);
356 else
357 ret = erofs_listxattr_foreach(it);
358 if ((getxattr && ret != -ENOATTR) || (!getxattr && ret))
359 break;
360
361 it->pos = next_pos;
362 }
363 return ret;
364}
365
366static int erofs_xattr_iter_shared(struct erofs_xattr_iter *it,
367 struct inode *inode, bool getxattr)
368{
369 struct erofs_inode *const vi = EROFS_I(inode);
370 struct super_block *const sb = it->sb;
371 struct erofs_sb_info *sbi = EROFS_SB(sb);
372 unsigned int i;
373 int ret = -ENOATTR;
374
375 for (i = 0; i < vi->xattr_shared_count; ++i) {
376 it->pos = erofs_pos(sb, sbi->xattr_blkaddr) +
377 vi->xattr_shared_xattrs[i] * sizeof(__le32);
378 it->kaddr = erofs_bread(&it->buf, erofs_blknr(sb, it->pos),
379 EROFS_KMAP);
380 if (IS_ERR(it->kaddr))
381 return PTR_ERR(it->kaddr);
382
383 if (getxattr)
384 ret = erofs_getxattr_foreach(it);
385 else
386 ret = erofs_listxattr_foreach(it);
387 if ((getxattr && ret != -ENOATTR) || (!getxattr && ret))
388 break;
389 }
390 return ret;
391}
392
393int erofs_getxattr(struct inode *inode, int index, const char *name,
394 void *buffer, size_t buffer_size)
395{
396 int ret;
397 unsigned int hashbit;
398 struct erofs_xattr_iter it;
399 struct erofs_inode *vi = EROFS_I(inode);
400 struct erofs_sb_info *sbi = EROFS_SB(inode->i_sb);
401
402 if (!name)
403 return -EINVAL;
404
405 ret = erofs_init_inode_xattrs(inode);
406 if (ret)
407 return ret;
408
409 /* reserved flag is non-zero if there's any change of on-disk format */
410 if (erofs_sb_has_xattr_filter(sbi) && !sbi->xattr_filter_reserved) {
411 hashbit = xxh32(name, strlen(name),
412 EROFS_XATTR_FILTER_SEED + index);
413 hashbit &= EROFS_XATTR_FILTER_BITS - 1;
414 if (vi->xattr_name_filter & (1U << hashbit))
415 return -ENOATTR;
416 }
417
418 it.index = index;
419 it.name = (struct qstr)QSTR_INIT(name, strlen(name));
420 if (it.name.len > EROFS_NAME_LEN)
421 return -ERANGE;
422
423 it.sb = inode->i_sb;
424 it.buf = __EROFS_BUF_INITIALIZER;
425 erofs_init_metabuf(&it.buf, it.sb);
426 it.buffer = buffer;
427 it.buffer_size = buffer_size;
428 it.buffer_ofs = 0;
429
430 ret = erofs_xattr_iter_inline(&it, inode, true);
431 if (ret == -ENOATTR)
432 ret = erofs_xattr_iter_shared(&it, inode, true);
433 erofs_put_metabuf(&it.buf);
434 return ret ? ret : it.buffer_ofs;
435}
436
437ssize_t erofs_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
438{
439 int ret;
440 struct erofs_xattr_iter it;
441 struct inode *inode = d_inode(dentry);
442
443 ret = erofs_init_inode_xattrs(inode);
444 if (ret == -ENOATTR)
445 return 0;
446 if (ret)
447 return ret;
448
449 it.sb = dentry->d_sb;
450 it.buf = __EROFS_BUF_INITIALIZER;
451 erofs_init_metabuf(&it.buf, it.sb);
452 it.dentry = dentry;
453 it.buffer = buffer;
454 it.buffer_size = buffer_size;
455 it.buffer_ofs = 0;
456
457 ret = erofs_xattr_iter_inline(&it, inode, false);
458 if (!ret || ret == -ENOATTR)
459 ret = erofs_xattr_iter_shared(&it, inode, false);
460 if (ret == -ENOATTR)
461 ret = 0;
462 erofs_put_metabuf(&it.buf);
463 return ret ? ret : it.buffer_ofs;
464}
465
466void erofs_xattr_prefixes_cleanup(struct super_block *sb)
467{
468 struct erofs_sb_info *sbi = EROFS_SB(sb);
469 int i;
470
471 if (sbi->xattr_prefixes) {
472 for (i = 0; i < sbi->xattr_prefix_count; i++)
473 kfree(sbi->xattr_prefixes[i].prefix);
474 kfree(sbi->xattr_prefixes);
475 sbi->xattr_prefixes = NULL;
476 }
477}
478
479int erofs_xattr_prefixes_init(struct super_block *sb)
480{
481 struct erofs_sb_info *sbi = EROFS_SB(sb);
482 struct erofs_buf buf = __EROFS_BUF_INITIALIZER;
483 erofs_off_t pos = (erofs_off_t)sbi->xattr_prefix_start << 2;
484 struct erofs_xattr_prefix_item *pfs;
485 int ret = 0, i, len;
486
487 if (!sbi->xattr_prefix_count)
488 return 0;
489
490 pfs = kzalloc(sbi->xattr_prefix_count * sizeof(*pfs), GFP_KERNEL);
491 if (!pfs)
492 return -ENOMEM;
493
494 if (sbi->packed_inode)
495 buf.inode = sbi->packed_inode;
496 else
497 erofs_init_metabuf(&buf, sb);
498
499 for (i = 0; i < sbi->xattr_prefix_count; i++) {
500 void *ptr = erofs_read_metadata(sb, &buf, &pos, &len);
501
502 if (IS_ERR(ptr)) {
503 ret = PTR_ERR(ptr);
504 break;
505 } else if (len < sizeof(*pfs->prefix) ||
506 len > EROFS_NAME_LEN + sizeof(*pfs->prefix)) {
507 kfree(ptr);
508 ret = -EFSCORRUPTED;
509 break;
510 }
511 pfs[i].prefix = ptr;
512 pfs[i].infix_len = len - sizeof(struct erofs_xattr_long_prefix);
513 }
514
515 erofs_put_metabuf(&buf);
516 sbi->xattr_prefixes = pfs;
517 if (ret)
518 erofs_xattr_prefixes_cleanup(sb);
519 return ret;
520}
521
522#ifdef CONFIG_EROFS_FS_POSIX_ACL
523struct posix_acl *erofs_get_acl(struct inode *inode, int type, bool rcu)
524{
525 struct posix_acl *acl;
526 int prefix, rc;
527 char *value = NULL;
528
529 if (rcu)
530 return ERR_PTR(-ECHILD);
531
532 switch (type) {
533 case ACL_TYPE_ACCESS:
534 prefix = EROFS_XATTR_INDEX_POSIX_ACL_ACCESS;
535 break;
536 case ACL_TYPE_DEFAULT:
537 prefix = EROFS_XATTR_INDEX_POSIX_ACL_DEFAULT;
538 break;
539 default:
540 return ERR_PTR(-EINVAL);
541 }
542
543 rc = erofs_getxattr(inode, prefix, "", NULL, 0);
544 if (rc > 0) {
545 value = kmalloc(rc, GFP_KERNEL);
546 if (!value)
547 return ERR_PTR(-ENOMEM);
548 rc = erofs_getxattr(inode, prefix, "", value, rc);
549 }
550
551 if (rc == -ENOATTR)
552 acl = NULL;
553 else if (rc < 0)
554 acl = ERR_PTR(rc);
555 else
556 acl = posix_acl_from_xattr(&init_user_ns, value, rc);
557 kfree(value);
558 return acl;
559}
560#endif
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Copyright (C) 2017-2018 HUAWEI, Inc.
4 * https://www.huawei.com/
5 * Copyright (C) 2021-2022, Alibaba Cloud
6 */
7#include <linux/security.h>
8#include "xattr.h"
9
10struct xattr_iter {
11 struct super_block *sb;
12 struct erofs_buf buf;
13 void *kaddr;
14
15 erofs_blk_t blkaddr;
16 unsigned int ofs;
17};
18
19static int init_inode_xattrs(struct inode *inode)
20{
21 struct erofs_inode *const vi = EROFS_I(inode);
22 struct xattr_iter it;
23 unsigned int i;
24 struct erofs_xattr_ibody_header *ih;
25 struct super_block *sb;
26 struct erofs_sb_info *sbi;
27 int ret = 0;
28
29 /* the most case is that xattrs of this inode are initialized. */
30 if (test_bit(EROFS_I_EA_INITED_BIT, &vi->flags)) {
31 /*
32 * paired with smp_mb() at the end of the function to ensure
33 * fields will only be observed after the bit is set.
34 */
35 smp_mb();
36 return 0;
37 }
38
39 if (wait_on_bit_lock(&vi->flags, EROFS_I_BL_XATTR_BIT, TASK_KILLABLE))
40 return -ERESTARTSYS;
41
42 /* someone has initialized xattrs for us? */
43 if (test_bit(EROFS_I_EA_INITED_BIT, &vi->flags))
44 goto out_unlock;
45
46 /*
47 * bypass all xattr operations if ->xattr_isize is not greater than
48 * sizeof(struct erofs_xattr_ibody_header), in detail:
49 * 1) it is not enough to contain erofs_xattr_ibody_header then
50 * ->xattr_isize should be 0 (it means no xattr);
51 * 2) it is just to contain erofs_xattr_ibody_header, which is on-disk
52 * undefined right now (maybe use later with some new sb feature).
53 */
54 if (vi->xattr_isize == sizeof(struct erofs_xattr_ibody_header)) {
55 erofs_err(inode->i_sb,
56 "xattr_isize %d of nid %llu is not supported yet",
57 vi->xattr_isize, vi->nid);
58 ret = -EOPNOTSUPP;
59 goto out_unlock;
60 } else if (vi->xattr_isize < sizeof(struct erofs_xattr_ibody_header)) {
61 if (vi->xattr_isize) {
62 erofs_err(inode->i_sb,
63 "bogus xattr ibody @ nid %llu", vi->nid);
64 DBG_BUGON(1);
65 ret = -EFSCORRUPTED;
66 goto out_unlock; /* xattr ondisk layout error */
67 }
68 ret = -ENOATTR;
69 goto out_unlock;
70 }
71
72 sb = inode->i_sb;
73 sbi = EROFS_SB(sb);
74 it.buf = __EROFS_BUF_INITIALIZER;
75 it.blkaddr = erofs_blknr(iloc(sbi, vi->nid) + vi->inode_isize);
76 it.ofs = erofs_blkoff(iloc(sbi, vi->nid) + vi->inode_isize);
77
78 /* read in shared xattr array (non-atomic, see kmalloc below) */
79 it.kaddr = erofs_read_metabuf(&it.buf, sb, it.blkaddr, EROFS_KMAP);
80 if (IS_ERR(it.kaddr)) {
81 ret = PTR_ERR(it.kaddr);
82 goto out_unlock;
83 }
84
85 ih = (struct erofs_xattr_ibody_header *)(it.kaddr + it.ofs);
86 vi->xattr_shared_count = ih->h_shared_count;
87 vi->xattr_shared_xattrs = kmalloc_array(vi->xattr_shared_count,
88 sizeof(uint), GFP_KERNEL);
89 if (!vi->xattr_shared_xattrs) {
90 erofs_put_metabuf(&it.buf);
91 ret = -ENOMEM;
92 goto out_unlock;
93 }
94
95 /* let's skip ibody header */
96 it.ofs += sizeof(struct erofs_xattr_ibody_header);
97
98 for (i = 0; i < vi->xattr_shared_count; ++i) {
99 if (it.ofs >= EROFS_BLKSIZ) {
100 /* cannot be unaligned */
101 DBG_BUGON(it.ofs != EROFS_BLKSIZ);
102
103 it.kaddr = erofs_read_metabuf(&it.buf, sb, ++it.blkaddr,
104 EROFS_KMAP);
105 if (IS_ERR(it.kaddr)) {
106 kfree(vi->xattr_shared_xattrs);
107 vi->xattr_shared_xattrs = NULL;
108 ret = PTR_ERR(it.kaddr);
109 goto out_unlock;
110 }
111 it.ofs = 0;
112 }
113 vi->xattr_shared_xattrs[i] =
114 le32_to_cpu(*(__le32 *)(it.kaddr + it.ofs));
115 it.ofs += sizeof(__le32);
116 }
117 erofs_put_metabuf(&it.buf);
118
119 /* paired with smp_mb() at the beginning of the function. */
120 smp_mb();
121 set_bit(EROFS_I_EA_INITED_BIT, &vi->flags);
122
123out_unlock:
124 clear_and_wake_up_bit(EROFS_I_BL_XATTR_BIT, &vi->flags);
125 return ret;
126}
127
128/*
129 * the general idea for these return values is
130 * if 0 is returned, go on processing the current xattr;
131 * 1 (> 0) is returned, skip this round to process the next xattr;
132 * -err (< 0) is returned, an error (maybe ENOXATTR) occurred
133 * and need to be handled
134 */
135struct xattr_iter_handlers {
136 int (*entry)(struct xattr_iter *_it, struct erofs_xattr_entry *entry);
137 int (*name)(struct xattr_iter *_it, unsigned int processed, char *buf,
138 unsigned int len);
139 int (*alloc_buffer)(struct xattr_iter *_it, unsigned int value_sz);
140 void (*value)(struct xattr_iter *_it, unsigned int processed, char *buf,
141 unsigned int len);
142};
143
144static inline int xattr_iter_fixup(struct xattr_iter *it)
145{
146 if (it->ofs < EROFS_BLKSIZ)
147 return 0;
148
149 it->blkaddr += erofs_blknr(it->ofs);
150 it->kaddr = erofs_read_metabuf(&it->buf, it->sb, it->blkaddr,
151 EROFS_KMAP);
152 if (IS_ERR(it->kaddr))
153 return PTR_ERR(it->kaddr);
154 it->ofs = erofs_blkoff(it->ofs);
155 return 0;
156}
157
158static int inline_xattr_iter_begin(struct xattr_iter *it,
159 struct inode *inode)
160{
161 struct erofs_inode *const vi = EROFS_I(inode);
162 struct erofs_sb_info *const sbi = EROFS_SB(inode->i_sb);
163 unsigned int xattr_header_sz, inline_xattr_ofs;
164
165 xattr_header_sz = inlinexattr_header_size(inode);
166 if (xattr_header_sz >= vi->xattr_isize) {
167 DBG_BUGON(xattr_header_sz > vi->xattr_isize);
168 return -ENOATTR;
169 }
170
171 inline_xattr_ofs = vi->inode_isize + xattr_header_sz;
172
173 it->blkaddr = erofs_blknr(iloc(sbi, vi->nid) + inline_xattr_ofs);
174 it->ofs = erofs_blkoff(iloc(sbi, vi->nid) + inline_xattr_ofs);
175
176 it->kaddr = erofs_read_metabuf(&it->buf, inode->i_sb, it->blkaddr,
177 EROFS_KMAP);
178 if (IS_ERR(it->kaddr))
179 return PTR_ERR(it->kaddr);
180 return vi->xattr_isize - xattr_header_sz;
181}
182
183/*
184 * Regardless of success or failure, `xattr_foreach' will end up with
185 * `ofs' pointing to the next xattr item rather than an arbitrary position.
186 */
187static int xattr_foreach(struct xattr_iter *it,
188 const struct xattr_iter_handlers *op,
189 unsigned int *tlimit)
190{
191 struct erofs_xattr_entry entry;
192 unsigned int value_sz, processed, slice;
193 int err;
194
195 /* 0. fixup blkaddr, ofs, ipage */
196 err = xattr_iter_fixup(it);
197 if (err)
198 return err;
199
200 /*
201 * 1. read xattr entry to the memory,
202 * since we do EROFS_XATTR_ALIGN
203 * therefore entry should be in the page
204 */
205 entry = *(struct erofs_xattr_entry *)(it->kaddr + it->ofs);
206 if (tlimit) {
207 unsigned int entry_sz = erofs_xattr_entry_size(&entry);
208
209 /* xattr on-disk corruption: xattr entry beyond xattr_isize */
210 if (*tlimit < entry_sz) {
211 DBG_BUGON(1);
212 return -EFSCORRUPTED;
213 }
214 *tlimit -= entry_sz;
215 }
216
217 it->ofs += sizeof(struct erofs_xattr_entry);
218 value_sz = le16_to_cpu(entry.e_value_size);
219
220 /* handle entry */
221 err = op->entry(it, &entry);
222 if (err) {
223 it->ofs += entry.e_name_len + value_sz;
224 goto out;
225 }
226
227 /* 2. handle xattr name (ofs will finally be at the end of name) */
228 processed = 0;
229
230 while (processed < entry.e_name_len) {
231 if (it->ofs >= EROFS_BLKSIZ) {
232 DBG_BUGON(it->ofs > EROFS_BLKSIZ);
233
234 err = xattr_iter_fixup(it);
235 if (err)
236 goto out;
237 it->ofs = 0;
238 }
239
240 slice = min_t(unsigned int, EROFS_BLKSIZ - it->ofs,
241 entry.e_name_len - processed);
242
243 /* handle name */
244 err = op->name(it, processed, it->kaddr + it->ofs, slice);
245 if (err) {
246 it->ofs += entry.e_name_len - processed + value_sz;
247 goto out;
248 }
249
250 it->ofs += slice;
251 processed += slice;
252 }
253
254 /* 3. handle xattr value */
255 processed = 0;
256
257 if (op->alloc_buffer) {
258 err = op->alloc_buffer(it, value_sz);
259 if (err) {
260 it->ofs += value_sz;
261 goto out;
262 }
263 }
264
265 while (processed < value_sz) {
266 if (it->ofs >= EROFS_BLKSIZ) {
267 DBG_BUGON(it->ofs > EROFS_BLKSIZ);
268
269 err = xattr_iter_fixup(it);
270 if (err)
271 goto out;
272 it->ofs = 0;
273 }
274
275 slice = min_t(unsigned int, EROFS_BLKSIZ - it->ofs,
276 value_sz - processed);
277 op->value(it, processed, it->kaddr + it->ofs, slice);
278 it->ofs += slice;
279 processed += slice;
280 }
281
282out:
283 /* xattrs should be 4-byte aligned (on-disk constraint) */
284 it->ofs = EROFS_XATTR_ALIGN(it->ofs);
285 return err < 0 ? err : 0;
286}
287
288struct getxattr_iter {
289 struct xattr_iter it;
290
291 char *buffer;
292 int buffer_size, index;
293 struct qstr name;
294};
295
296static int xattr_entrymatch(struct xattr_iter *_it,
297 struct erofs_xattr_entry *entry)
298{
299 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it);
300
301 return (it->index != entry->e_name_index ||
302 it->name.len != entry->e_name_len) ? -ENOATTR : 0;
303}
304
305static int xattr_namematch(struct xattr_iter *_it,
306 unsigned int processed, char *buf, unsigned int len)
307{
308 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it);
309
310 return memcmp(buf, it->name.name + processed, len) ? -ENOATTR : 0;
311}
312
313static int xattr_checkbuffer(struct xattr_iter *_it,
314 unsigned int value_sz)
315{
316 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it);
317 int err = it->buffer_size < value_sz ? -ERANGE : 0;
318
319 it->buffer_size = value_sz;
320 return !it->buffer ? 1 : err;
321}
322
323static void xattr_copyvalue(struct xattr_iter *_it,
324 unsigned int processed,
325 char *buf, unsigned int len)
326{
327 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it);
328
329 memcpy(it->buffer + processed, buf, len);
330}
331
332static const struct xattr_iter_handlers find_xattr_handlers = {
333 .entry = xattr_entrymatch,
334 .name = xattr_namematch,
335 .alloc_buffer = xattr_checkbuffer,
336 .value = xattr_copyvalue
337};
338
339static int inline_getxattr(struct inode *inode, struct getxattr_iter *it)
340{
341 int ret;
342 unsigned int remaining;
343
344 ret = inline_xattr_iter_begin(&it->it, inode);
345 if (ret < 0)
346 return ret;
347
348 remaining = ret;
349 while (remaining) {
350 ret = xattr_foreach(&it->it, &find_xattr_handlers, &remaining);
351 if (ret != -ENOATTR)
352 break;
353 }
354 return ret ? ret : it->buffer_size;
355}
356
357static int shared_getxattr(struct inode *inode, struct getxattr_iter *it)
358{
359 struct erofs_inode *const vi = EROFS_I(inode);
360 struct super_block *const sb = inode->i_sb;
361 struct erofs_sb_info *const sbi = EROFS_SB(sb);
362 unsigned int i;
363 int ret = -ENOATTR;
364
365 for (i = 0; i < vi->xattr_shared_count; ++i) {
366 erofs_blk_t blkaddr =
367 xattrblock_addr(sbi, vi->xattr_shared_xattrs[i]);
368
369 it->it.ofs = xattrblock_offset(sbi, vi->xattr_shared_xattrs[i]);
370 it->it.kaddr = erofs_read_metabuf(&it->it.buf, sb, blkaddr,
371 EROFS_KMAP);
372 if (IS_ERR(it->it.kaddr))
373 return PTR_ERR(it->it.kaddr);
374 it->it.blkaddr = blkaddr;
375
376 ret = xattr_foreach(&it->it, &find_xattr_handlers, NULL);
377 if (ret != -ENOATTR)
378 break;
379 }
380 return ret ? ret : it->buffer_size;
381}
382
383static bool erofs_xattr_user_list(struct dentry *dentry)
384{
385 return test_opt(&EROFS_SB(dentry->d_sb)->opt, XATTR_USER);
386}
387
388static bool erofs_xattr_trusted_list(struct dentry *dentry)
389{
390 return capable(CAP_SYS_ADMIN);
391}
392
393int erofs_getxattr(struct inode *inode, int index,
394 const char *name,
395 void *buffer, size_t buffer_size)
396{
397 int ret;
398 struct getxattr_iter it;
399
400 if (!name)
401 return -EINVAL;
402
403 ret = init_inode_xattrs(inode);
404 if (ret)
405 return ret;
406
407 it.index = index;
408 it.name.len = strlen(name);
409 if (it.name.len > EROFS_NAME_LEN)
410 return -ERANGE;
411
412 it.it.buf = __EROFS_BUF_INITIALIZER;
413 it.name.name = name;
414
415 it.buffer = buffer;
416 it.buffer_size = buffer_size;
417
418 it.it.sb = inode->i_sb;
419 ret = inline_getxattr(inode, &it);
420 if (ret == -ENOATTR)
421 ret = shared_getxattr(inode, &it);
422 erofs_put_metabuf(&it.it.buf);
423 return ret;
424}
425
426static int erofs_xattr_generic_get(const struct xattr_handler *handler,
427 struct dentry *unused, struct inode *inode,
428 const char *name, void *buffer, size_t size)
429{
430 struct erofs_sb_info *const sbi = EROFS_I_SB(inode);
431
432 switch (handler->flags) {
433 case EROFS_XATTR_INDEX_USER:
434 if (!test_opt(&sbi->opt, XATTR_USER))
435 return -EOPNOTSUPP;
436 break;
437 case EROFS_XATTR_INDEX_TRUSTED:
438 break;
439 case EROFS_XATTR_INDEX_SECURITY:
440 break;
441 default:
442 return -EINVAL;
443 }
444
445 return erofs_getxattr(inode, handler->flags, name, buffer, size);
446}
447
448const struct xattr_handler erofs_xattr_user_handler = {
449 .prefix = XATTR_USER_PREFIX,
450 .flags = EROFS_XATTR_INDEX_USER,
451 .list = erofs_xattr_user_list,
452 .get = erofs_xattr_generic_get,
453};
454
455const struct xattr_handler erofs_xattr_trusted_handler = {
456 .prefix = XATTR_TRUSTED_PREFIX,
457 .flags = EROFS_XATTR_INDEX_TRUSTED,
458 .list = erofs_xattr_trusted_list,
459 .get = erofs_xattr_generic_get,
460};
461
462#ifdef CONFIG_EROFS_FS_SECURITY
463const struct xattr_handler __maybe_unused erofs_xattr_security_handler = {
464 .prefix = XATTR_SECURITY_PREFIX,
465 .flags = EROFS_XATTR_INDEX_SECURITY,
466 .get = erofs_xattr_generic_get,
467};
468#endif
469
470const struct xattr_handler *erofs_xattr_handlers[] = {
471 &erofs_xattr_user_handler,
472#ifdef CONFIG_EROFS_FS_POSIX_ACL
473 &posix_acl_access_xattr_handler,
474 &posix_acl_default_xattr_handler,
475#endif
476 &erofs_xattr_trusted_handler,
477#ifdef CONFIG_EROFS_FS_SECURITY
478 &erofs_xattr_security_handler,
479#endif
480 NULL,
481};
482
483struct listxattr_iter {
484 struct xattr_iter it;
485
486 struct dentry *dentry;
487 char *buffer;
488 int buffer_size, buffer_ofs;
489};
490
491static int xattr_entrylist(struct xattr_iter *_it,
492 struct erofs_xattr_entry *entry)
493{
494 struct listxattr_iter *it =
495 container_of(_it, struct listxattr_iter, it);
496 unsigned int prefix_len;
497 const char *prefix;
498
499 const struct xattr_handler *h =
500 erofs_xattr_handler(entry->e_name_index);
501
502 if (!h || (h->list && !h->list(it->dentry)))
503 return 1;
504
505 prefix = xattr_prefix(h);
506 prefix_len = strlen(prefix);
507
508 if (!it->buffer) {
509 it->buffer_ofs += prefix_len + entry->e_name_len + 1;
510 return 1;
511 }
512
513 if (it->buffer_ofs + prefix_len
514 + entry->e_name_len + 1 > it->buffer_size)
515 return -ERANGE;
516
517 memcpy(it->buffer + it->buffer_ofs, prefix, prefix_len);
518 it->buffer_ofs += prefix_len;
519 return 0;
520}
521
522static int xattr_namelist(struct xattr_iter *_it,
523 unsigned int processed, char *buf, unsigned int len)
524{
525 struct listxattr_iter *it =
526 container_of(_it, struct listxattr_iter, it);
527
528 memcpy(it->buffer + it->buffer_ofs, buf, len);
529 it->buffer_ofs += len;
530 return 0;
531}
532
533static int xattr_skipvalue(struct xattr_iter *_it,
534 unsigned int value_sz)
535{
536 struct listxattr_iter *it =
537 container_of(_it, struct listxattr_iter, it);
538
539 it->buffer[it->buffer_ofs++] = '\0';
540 return 1;
541}
542
543static const struct xattr_iter_handlers list_xattr_handlers = {
544 .entry = xattr_entrylist,
545 .name = xattr_namelist,
546 .alloc_buffer = xattr_skipvalue,
547 .value = NULL
548};
549
550static int inline_listxattr(struct listxattr_iter *it)
551{
552 int ret;
553 unsigned int remaining;
554
555 ret = inline_xattr_iter_begin(&it->it, d_inode(it->dentry));
556 if (ret < 0)
557 return ret;
558
559 remaining = ret;
560 while (remaining) {
561 ret = xattr_foreach(&it->it, &list_xattr_handlers, &remaining);
562 if (ret)
563 break;
564 }
565 return ret ? ret : it->buffer_ofs;
566}
567
568static int shared_listxattr(struct listxattr_iter *it)
569{
570 struct inode *const inode = d_inode(it->dentry);
571 struct erofs_inode *const vi = EROFS_I(inode);
572 struct super_block *const sb = inode->i_sb;
573 struct erofs_sb_info *const sbi = EROFS_SB(sb);
574 unsigned int i;
575 int ret = 0;
576
577 for (i = 0; i < vi->xattr_shared_count; ++i) {
578 erofs_blk_t blkaddr =
579 xattrblock_addr(sbi, vi->xattr_shared_xattrs[i]);
580
581 it->it.ofs = xattrblock_offset(sbi, vi->xattr_shared_xattrs[i]);
582 it->it.kaddr = erofs_read_metabuf(&it->it.buf, sb, blkaddr,
583 EROFS_KMAP);
584 if (IS_ERR(it->it.kaddr))
585 return PTR_ERR(it->it.kaddr);
586 it->it.blkaddr = blkaddr;
587
588 ret = xattr_foreach(&it->it, &list_xattr_handlers, NULL);
589 if (ret)
590 break;
591 }
592 return ret ? ret : it->buffer_ofs;
593}
594
595ssize_t erofs_listxattr(struct dentry *dentry,
596 char *buffer, size_t buffer_size)
597{
598 int ret;
599 struct listxattr_iter it;
600
601 ret = init_inode_xattrs(d_inode(dentry));
602 if (ret == -ENOATTR)
603 return 0;
604 if (ret)
605 return ret;
606
607 it.it.buf = __EROFS_BUF_INITIALIZER;
608 it.dentry = dentry;
609 it.buffer = buffer;
610 it.buffer_size = buffer_size;
611 it.buffer_ofs = 0;
612
613 it.it.sb = dentry->d_sb;
614
615 ret = inline_listxattr(&it);
616 if (ret >= 0 || ret == -ENOATTR)
617 ret = shared_listxattr(&it);
618 erofs_put_metabuf(&it.it.buf);
619 return ret;
620}
621
622#ifdef CONFIG_EROFS_FS_POSIX_ACL
623struct posix_acl *erofs_get_acl(struct inode *inode, int type, bool rcu)
624{
625 struct posix_acl *acl;
626 int prefix, rc;
627 char *value = NULL;
628
629 if (rcu)
630 return ERR_PTR(-ECHILD);
631
632 switch (type) {
633 case ACL_TYPE_ACCESS:
634 prefix = EROFS_XATTR_INDEX_POSIX_ACL_ACCESS;
635 break;
636 case ACL_TYPE_DEFAULT:
637 prefix = EROFS_XATTR_INDEX_POSIX_ACL_DEFAULT;
638 break;
639 default:
640 return ERR_PTR(-EINVAL);
641 }
642
643 rc = erofs_getxattr(inode, prefix, "", NULL, 0);
644 if (rc > 0) {
645 value = kmalloc(rc, GFP_KERNEL);
646 if (!value)
647 return ERR_PTR(-ENOMEM);
648 rc = erofs_getxattr(inode, prefix, "", value, rc);
649 }
650
651 if (rc == -ENOATTR)
652 acl = NULL;
653 else if (rc < 0)
654 acl = ERR_PTR(rc);
655 else
656 acl = posix_acl_from_xattr(&init_user_ns, value, rc);
657 kfree(value);
658 return acl;
659}
660#endif