1 /*
2 * Copyright (C) 2008 Christoph Hellwig.
3 * Portions Copyright (C) 2000-2008 Silicon Graphics, Inc.
4 *
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it would be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write the Free Software Foundation,
16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 #include "xfs.h"
20 #include "xfs_format.h"
21 #include "xfs_log_format.h"
22 #include "xfs_trans_resv.h"
23 #include "xfs_mount.h"
24 #include "xfs_da_format.h"
25 #include "xfs_inode.h"
26 #include "xfs_attr.h"
27 #include "xfs_attr_leaf.h"
28 #include "xfs_acl.h"
29
30 #include <linux/posix_acl_xattr.h>
31 #include <linux/xattr.h>
32
33
34 static int
xfs_xattr_get(const struct xattr_handler * handler,struct dentry * dentry,const char * name,void * value,size_t size)35 xfs_xattr_get(const struct xattr_handler *handler, struct dentry *dentry,
36 const char *name, void *value, size_t size)
37 {
38 int xflags = handler->flags;
39 struct xfs_inode *ip = XFS_I(d_inode(dentry));
40 int error, asize = size;
41
42 if (strcmp(name, "") == 0)
43 return -EINVAL;
44
45 /* Convert Linux syscall to XFS internal ATTR flags */
46 if (!size) {
47 xflags |= ATTR_KERNOVAL;
48 value = NULL;
49 }
50
51 error = xfs_attr_get(ip, (unsigned char *)name, value, &asize, xflags);
52 if (error)
53 return error;
54 return asize;
55 }
56
57 void
xfs_forget_acl(struct inode * inode,const char * name,int xflags)58 xfs_forget_acl(
59 struct inode *inode,
60 const char *name,
61 int xflags)
62 {
63 /*
64 * Invalidate any cached ACLs if the user has bypassed the ACL
65 * interface. We don't validate the content whatsoever so it is caller
66 * responsibility to provide data in valid format and ensure i_mode is
67 * consistent.
68 */
69 if (xflags & ATTR_ROOT) {
70 #ifdef CONFIG_XFS_POSIX_ACL
71 if (!strcmp(name, SGI_ACL_FILE))
72 forget_cached_acl(inode, ACL_TYPE_ACCESS);
73 else if (!strcmp(name, SGI_ACL_DEFAULT))
74 forget_cached_acl(inode, ACL_TYPE_DEFAULT);
75 #endif
76 }
77 }
78
79 static int
xfs_xattr_set(const struct xattr_handler * handler,struct dentry * dentry,const char * name,const void * value,size_t size,int flags)80 xfs_xattr_set(const struct xattr_handler *handler, struct dentry *dentry,
81 const char *name, const void *value, size_t size, int flags)
82 {
83 int xflags = handler->flags;
84 struct xfs_inode *ip = XFS_I(d_inode(dentry));
85 int error;
86
87 if (strcmp(name, "") == 0)
88 return -EINVAL;
89
90 /* Convert Linux syscall to XFS internal ATTR flags */
91 if (flags & XATTR_CREATE)
92 xflags |= ATTR_CREATE;
93 if (flags & XATTR_REPLACE)
94 xflags |= ATTR_REPLACE;
95
96 if (!value)
97 return xfs_attr_remove(ip, (unsigned char *)name, xflags);
98 error = xfs_attr_set(ip, (unsigned char *)name,
99 (void *)value, size, xflags);
100 if (!error)
101 xfs_forget_acl(d_inode(dentry), name, xflags);
102
103 return error;
104 }
105
106 static const struct xattr_handler xfs_xattr_user_handler = {
107 .prefix = XATTR_USER_PREFIX,
108 .flags = 0, /* no flags implies user namespace */
109 .get = xfs_xattr_get,
110 .set = xfs_xattr_set,
111 };
112
113 static const struct xattr_handler xfs_xattr_trusted_handler = {
114 .prefix = XATTR_TRUSTED_PREFIX,
115 .flags = ATTR_ROOT,
116 .get = xfs_xattr_get,
117 .set = xfs_xattr_set,
118 };
119
120 static const struct xattr_handler xfs_xattr_security_handler = {
121 .prefix = XATTR_SECURITY_PREFIX,
122 .flags = ATTR_SECURE,
123 .get = xfs_xattr_get,
124 .set = xfs_xattr_set,
125 };
126
127 const struct xattr_handler *xfs_xattr_handlers[] = {
128 &xfs_xattr_user_handler,
129 &xfs_xattr_trusted_handler,
130 &xfs_xattr_security_handler,
131 #ifdef CONFIG_XFS_POSIX_ACL
132 &posix_acl_access_xattr_handler,
133 &posix_acl_default_xattr_handler,
134 #endif
135 NULL
136 };
137
xfs_xattr_prefix_len(int flags)138 static unsigned int xfs_xattr_prefix_len(int flags)
139 {
140 if (flags & XFS_ATTR_SECURE)
141 return sizeof("security");
142 else if (flags & XFS_ATTR_ROOT)
143 return sizeof("trusted");
144 else
145 return sizeof("user");
146 }
147
xfs_xattr_prefix(int flags)148 static const char *xfs_xattr_prefix(int flags)
149 {
150 if (flags & XFS_ATTR_SECURE)
151 return xfs_xattr_security_handler.prefix;
152 else if (flags & XFS_ATTR_ROOT)
153 return xfs_xattr_trusted_handler.prefix;
154 else
155 return xfs_xattr_user_handler.prefix;
156 }
157
158 static int
xfs_xattr_put_listent(struct xfs_attr_list_context * context,int flags,unsigned char * name,int namelen,int valuelen,unsigned char * value)159 xfs_xattr_put_listent(
160 struct xfs_attr_list_context *context,
161 int flags,
162 unsigned char *name,
163 int namelen,
164 int valuelen,
165 unsigned char *value)
166 {
167 unsigned int prefix_len = xfs_xattr_prefix_len(flags);
168 char *offset;
169 int arraytop;
170
171 ASSERT(context->count >= 0);
172
173 /*
174 * Only show root namespace entries if we are actually allowed to
175 * see them.
176 */
177 if ((flags & XFS_ATTR_ROOT) && !capable(CAP_SYS_ADMIN))
178 return 0;
179
180 arraytop = context->count + prefix_len + namelen + 1;
181 if (arraytop > context->firstu) {
182 context->count = -1; /* insufficient space */
183 context->seen_enough = 1;
184 return 0;
185 }
186 offset = (char *)context->alist + context->count;
187 strncpy(offset, xfs_xattr_prefix(flags), prefix_len);
188 offset += prefix_len;
189 strncpy(offset, (char *)name, namelen); /* real name */
190 offset += namelen;
191 *offset = '\0';
192 context->count += prefix_len + namelen + 1;
193 return 0;
194 }
195
196 static int
xfs_xattr_put_listent_sizes(struct xfs_attr_list_context * context,int flags,unsigned char * name,int namelen,int valuelen,unsigned char * value)197 xfs_xattr_put_listent_sizes(
198 struct xfs_attr_list_context *context,
199 int flags,
200 unsigned char *name,
201 int namelen,
202 int valuelen,
203 unsigned char *value)
204 {
205 context->count += xfs_xattr_prefix_len(flags) + namelen + 1;
206 return 0;
207 }
208
209 static int
list_one_attr(const char * name,const size_t len,void * data,size_t size,ssize_t * result)210 list_one_attr(const char *name, const size_t len, void *data,
211 size_t size, ssize_t *result)
212 {
213 char *p = data + *result;
214
215 *result += len;
216 if (!size)
217 return 0;
218 if (*result > size)
219 return -ERANGE;
220
221 strcpy(p, name);
222 return 0;
223 }
224
225 ssize_t
xfs_vn_listxattr(struct dentry * dentry,char * data,size_t size)226 xfs_vn_listxattr(
227 struct dentry *dentry,
228 char *data,
229 size_t size)
230 {
231 struct xfs_attr_list_context context;
232 struct attrlist_cursor_kern cursor = { 0 };
233 struct inode *inode = d_inode(dentry);
234 int error;
235
236 /*
237 * First read the regular on-disk attributes.
238 */
239 memset(&context, 0, sizeof(context));
240 context.dp = XFS_I(inode);
241 context.cursor = &cursor;
242 context.resynch = 1;
243 context.alist = data;
244 context.bufsize = size;
245 context.firstu = context.bufsize;
246
247 if (size)
248 context.put_listent = xfs_xattr_put_listent;
249 else
250 context.put_listent = xfs_xattr_put_listent_sizes;
251
252 error = xfs_attr_list_int(&context);
253 if (error)
254 return error;
255 if (context.count < 0)
256 return -ERANGE;
257
258 /*
259 * Then add the two synthetic ACL attributes.
260 */
261 if (posix_acl_access_exists(inode)) {
262 error = list_one_attr(POSIX_ACL_XATTR_ACCESS,
263 strlen(POSIX_ACL_XATTR_ACCESS) + 1,
264 data, size, &context.count);
265 if (error)
266 return error;
267 }
268
269 if (posix_acl_default_exists(inode)) {
270 error = list_one_attr(POSIX_ACL_XATTR_DEFAULT,
271 strlen(POSIX_ACL_XATTR_DEFAULT) + 1,
272 data, size, &context.count);
273 if (error)
274 return error;
275 }
276
277 return context.count;
278 }
279