1 /* 2 * Copyright (C) International Business Machines Corp., 2000-2004 3 * Copyright (C) Christoph Hellwig, 2002 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation; either version 2 of the License, or 8 * (at your option) any later version. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See 13 * the GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, write to the Free Software 17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 18 */ 19 20 #include <linux/capability.h> 21 #include <linux/fs.h> 22 #include <linux/xattr.h> 23 #include <linux/posix_acl_xattr.h> 24 #include <linux/quotaops.h> 25 #include <linux/security.h> 26 #include "jfs_incore.h" 27 #include "jfs_superblock.h" 28 #include "jfs_dmap.h" 29 #include "jfs_debug.h" 30 #include "jfs_dinode.h" 31 #include "jfs_extent.h" 32 #include "jfs_metapage.h" 33 #include "jfs_xattr.h" 34 #include "jfs_acl.h" 35 36 /* 37 * jfs_xattr.c: extended attribute service 38 * 39 * Overall design -- 40 * 41 * Format: 42 * 43 * Extended attribute lists (jfs_ea_list) consist of an overall size (32 bit 44 * value) and a variable (0 or more) number of extended attribute 45 * entries. Each extended attribute entry (jfs_ea) is a <name,value> double 46 * where <name> is constructed from a null-terminated ascii string 47 * (1 ... 255 bytes in the name) and <value> is arbitrary 8 bit data 48 * (1 ... 65535 bytes). The in-memory format is 49 * 50 * 0 1 2 4 4 + namelen + 1 51 * +-------+--------+--------+----------------+-------------------+ 52 * | Flags | Name | Value | Name String \0 | Data . . . . | 53 * | | Length | Length | | | 54 * +-------+--------+--------+----------------+-------------------+ 55 * 56 * A jfs_ea_list then is structured as 57 * 58 * 0 4 4 + EA_SIZE(ea1) 59 * +------------+-------------------+--------------------+----- 60 * | Overall EA | First FEA Element | Second FEA Element | ..... 61 * | List Size | | | 62 * +------------+-------------------+--------------------+----- 63 * 64 * On-disk: 65 * 66 * FEALISTs are stored on disk using blocks allocated by dbAlloc() and 67 * written directly. An EA list may be in-lined in the inode if there is 68 * sufficient room available. 69 */ 70 71 struct ea_buffer { 72 int flag; /* Indicates what storage xattr points to */ 73 int max_size; /* largest xattr that fits in current buffer */ 74 dxd_t new_ea; /* dxd to replace ea when modifying xattr */ 75 struct metapage *mp; /* metapage containing ea list */ 76 struct jfs_ea_list *xattr; /* buffer containing ea list */ 77 }; 78 79 /* 80 * ea_buffer.flag values 81 */ 82 #define EA_INLINE 0x0001 83 #define EA_EXTENT 0x0002 84 #define EA_NEW 0x0004 85 #define EA_MALLOC 0x0008 86 87 88 /* 89 * These three routines are used to recognize on-disk extended attributes 90 * that are in a recognized namespace. If the attribute is not recognized, 91 * "os2." is prepended to the name 92 */ 93 static inline int is_os2_xattr(struct jfs_ea *ea) 94 { 95 /* 96 * Check for "system." 97 */ 98 if ((ea->namelen >= XATTR_SYSTEM_PREFIX_LEN) && 99 !strncmp(ea->name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) 100 return false; 101 /* 102 * Check for "user." 103 */ 104 if ((ea->namelen >= XATTR_USER_PREFIX_LEN) && 105 !strncmp(ea->name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) 106 return false; 107 /* 108 * Check for "security." 109 */ 110 if ((ea->namelen >= XATTR_SECURITY_PREFIX_LEN) && 111 !strncmp(ea->name, XATTR_SECURITY_PREFIX, 112 XATTR_SECURITY_PREFIX_LEN)) 113 return false; 114 /* 115 * Check for "trusted." 116 */ 117 if ((ea->namelen >= XATTR_TRUSTED_PREFIX_LEN) && 118 !strncmp(ea->name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) 119 return false; 120 /* 121 * Add any other valid namespace prefixes here 122 */ 123 124 /* 125 * We assume it's OS/2's flat namespace 126 */ 127 return true; 128 } 129 130 static inline int name_size(struct jfs_ea *ea) 131 { 132 if (is_os2_xattr(ea)) 133 return ea->namelen + XATTR_OS2_PREFIX_LEN; 134 else 135 return ea->namelen; 136 } 137 138 static inline int copy_name(char *buffer, struct jfs_ea *ea) 139 { 140 int len = ea->namelen; 141 142 if (is_os2_xattr(ea)) { 143 memcpy(buffer, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN); 144 buffer += XATTR_OS2_PREFIX_LEN; 145 len += XATTR_OS2_PREFIX_LEN; 146 } 147 memcpy(buffer, ea->name, ea->namelen); 148 buffer[ea->namelen] = 0; 149 150 return len; 151 } 152 153 /* Forward references */ 154 static void ea_release(struct inode *inode, struct ea_buffer *ea_buf); 155 156 /* 157 * NAME: ea_write_inline 158 * 159 * FUNCTION: Attempt to write an EA inline if area is available 160 * 161 * PRE CONDITIONS: 162 * Already verified that the specified EA is small enough to fit inline 163 * 164 * PARAMETERS: 165 * ip - Inode pointer 166 * ealist - EA list pointer 167 * size - size of ealist in bytes 168 * ea - dxd_t structure to be filled in with necessary EA information 169 * if we successfully copy the EA inline 170 * 171 * NOTES: 172 * Checks if the inode's inline area is available. If so, copies EA inline 173 * and sets <ea> fields appropriately. Otherwise, returns failure, EA will 174 * have to be put into an extent. 175 * 176 * RETURNS: 0 for successful copy to inline area; -1 if area not available 177 */ 178 static int ea_write_inline(struct inode *ip, struct jfs_ea_list *ealist, 179 int size, dxd_t * ea) 180 { 181 struct jfs_inode_info *ji = JFS_IP(ip); 182 183 /* 184 * Make sure we have an EA -- the NULL EA list is valid, but you 185 * can't copy it! 186 */ 187 if (ealist && size > sizeof (struct jfs_ea_list)) { 188 assert(size <= sizeof (ji->i_inline_ea)); 189 190 /* 191 * See if the space is available or if it is already being 192 * used for an inline EA. 193 */ 194 if (!(ji->mode2 & INLINEEA) && !(ji->ea.flag & DXD_INLINE)) 195 return -EPERM; 196 197 DXDsize(ea, size); 198 DXDlength(ea, 0); 199 DXDaddress(ea, 0); 200 memcpy(ji->i_inline_ea, ealist, size); 201 ea->flag = DXD_INLINE; 202 ji->mode2 &= ~INLINEEA; 203 } else { 204 ea->flag = 0; 205 DXDsize(ea, 0); 206 DXDlength(ea, 0); 207 DXDaddress(ea, 0); 208 209 /* Free up INLINE area */ 210 if (ji->ea.flag & DXD_INLINE) 211 ji->mode2 |= INLINEEA; 212 } 213 214 return 0; 215 } 216 217 /* 218 * NAME: ea_write 219 * 220 * FUNCTION: Write an EA for an inode 221 * 222 * PRE CONDITIONS: EA has been verified 223 * 224 * PARAMETERS: 225 * ip - Inode pointer 226 * ealist - EA list pointer 227 * size - size of ealist in bytes 228 * ea - dxd_t structure to be filled in appropriately with where the 229 * EA was copied 230 * 231 * NOTES: Will write EA inline if able to, otherwise allocates blocks for an 232 * extent and synchronously writes it to those blocks. 233 * 234 * RETURNS: 0 for success; Anything else indicates failure 235 */ 236 static int ea_write(struct inode *ip, struct jfs_ea_list *ealist, int size, 237 dxd_t * ea) 238 { 239 struct super_block *sb = ip->i_sb; 240 struct jfs_inode_info *ji = JFS_IP(ip); 241 struct jfs_sb_info *sbi = JFS_SBI(sb); 242 int nblocks; 243 s64 blkno; 244 int rc = 0, i; 245 char *cp; 246 s32 nbytes, nb; 247 s32 bytes_to_write; 248 struct metapage *mp; 249 250 /* 251 * Quick check to see if this is an in-linable EA. Short EAs 252 * and empty EAs are all in-linable, provided the space exists. 253 */ 254 if (!ealist || size <= sizeof (ji->i_inline_ea)) { 255 if (!ea_write_inline(ip, ealist, size, ea)) 256 return 0; 257 } 258 259 /* figure out how many blocks we need */ 260 nblocks = (size + (sb->s_blocksize - 1)) >> sb->s_blocksize_bits; 261 262 /* Allocate new blocks to quota. */ 263 if (vfs_dq_alloc_block(ip, nblocks)) { 264 return -EDQUOT; 265 } 266 267 rc = dbAlloc(ip, INOHINT(ip), nblocks, &blkno); 268 if (rc) { 269 /*Rollback quota allocation. */ 270 vfs_dq_free_block(ip, nblocks); 271 return rc; 272 } 273 274 /* 275 * Now have nblocks worth of storage to stuff into the FEALIST. 276 * loop over the FEALIST copying data into the buffer one page at 277 * a time. 278 */ 279 cp = (char *) ealist; 280 nbytes = size; 281 for (i = 0; i < nblocks; i += sbi->nbperpage) { 282 /* 283 * Determine how many bytes for this request, and round up to 284 * the nearest aggregate block size 285 */ 286 nb = min(PSIZE, nbytes); 287 bytes_to_write = 288 ((((nb + sb->s_blocksize - 1)) >> sb->s_blocksize_bits)) 289 << sb->s_blocksize_bits; 290 291 if (!(mp = get_metapage(ip, blkno + i, bytes_to_write, 1))) { 292 rc = -EIO; 293 goto failed; 294 } 295 296 memcpy(mp->data, cp, nb); 297 298 /* 299 * We really need a way to propagate errors for 300 * forced writes like this one. --hch 301 * 302 * (__write_metapage => release_metapage => flush_metapage) 303 */ 304 #ifdef _JFS_FIXME 305 if ((rc = flush_metapage(mp))) { 306 /* 307 * the write failed -- this means that the buffer 308 * is still assigned and the blocks are not being 309 * used. this seems like the best error recovery 310 * we can get ... 311 */ 312 goto failed; 313 } 314 #else 315 flush_metapage(mp); 316 #endif 317 318 cp += PSIZE; 319 nbytes -= nb; 320 } 321 322 ea->flag = DXD_EXTENT; 323 DXDsize(ea, le32_to_cpu(ealist->size)); 324 DXDlength(ea, nblocks); 325 DXDaddress(ea, blkno); 326 327 /* Free up INLINE area */ 328 if (ji->ea.flag & DXD_INLINE) 329 ji->mode2 |= INLINEEA; 330 331 return 0; 332 333 failed: 334 /* Rollback quota allocation. */ 335 vfs_dq_free_block(ip, nblocks); 336 337 dbFree(ip, blkno, nblocks); 338 return rc; 339 } 340 341 /* 342 * NAME: ea_read_inline 343 * 344 * FUNCTION: Read an inlined EA into user's buffer 345 * 346 * PARAMETERS: 347 * ip - Inode pointer 348 * ealist - Pointer to buffer to fill in with EA 349 * 350 * RETURNS: 0 351 */ 352 static int ea_read_inline(struct inode *ip, struct jfs_ea_list *ealist) 353 { 354 struct jfs_inode_info *ji = JFS_IP(ip); 355 int ea_size = sizeDXD(&ji->ea); 356 357 if (ea_size == 0) { 358 ealist->size = 0; 359 return 0; 360 } 361 362 /* Sanity Check */ 363 if ((sizeDXD(&ji->ea) > sizeof (ji->i_inline_ea))) 364 return -EIO; 365 if (le32_to_cpu(((struct jfs_ea_list *) &ji->i_inline_ea)->size) 366 != ea_size) 367 return -EIO; 368 369 memcpy(ealist, ji->i_inline_ea, ea_size); 370 return 0; 371 } 372 373 /* 374 * NAME: ea_read 375 * 376 * FUNCTION: copy EA data into user's buffer 377 * 378 * PARAMETERS: 379 * ip - Inode pointer 380 * ealist - Pointer to buffer to fill in with EA 381 * 382 * NOTES: If EA is inline calls ea_read_inline() to copy EA. 383 * 384 * RETURNS: 0 for success; other indicates failure 385 */ 386 static int ea_read(struct inode *ip, struct jfs_ea_list *ealist) 387 { 388 struct super_block *sb = ip->i_sb; 389 struct jfs_inode_info *ji = JFS_IP(ip); 390 struct jfs_sb_info *sbi = JFS_SBI(sb); 391 int nblocks; 392 s64 blkno; 393 char *cp = (char *) ealist; 394 int i; 395 int nbytes, nb; 396 s32 bytes_to_read; 397 struct metapage *mp; 398 399 /* quick check for in-line EA */ 400 if (ji->ea.flag & DXD_INLINE) 401 return ea_read_inline(ip, ealist); 402 403 nbytes = sizeDXD(&ji->ea); 404 if (!nbytes) { 405 jfs_error(sb, "ea_read: nbytes is 0"); 406 return -EIO; 407 } 408 409 /* 410 * Figure out how many blocks were allocated when this EA list was 411 * originally written to disk. 412 */ 413 nblocks = lengthDXD(&ji->ea) << sbi->l2nbperpage; 414 blkno = addressDXD(&ji->ea) << sbi->l2nbperpage; 415 416 /* 417 * I have found the disk blocks which were originally used to store 418 * the FEALIST. now i loop over each contiguous block copying the 419 * data into the buffer. 420 */ 421 for (i = 0; i < nblocks; i += sbi->nbperpage) { 422 /* 423 * Determine how many bytes for this request, and round up to 424 * the nearest aggregate block size 425 */ 426 nb = min(PSIZE, nbytes); 427 bytes_to_read = 428 ((((nb + sb->s_blocksize - 1)) >> sb->s_blocksize_bits)) 429 << sb->s_blocksize_bits; 430 431 if (!(mp = read_metapage(ip, blkno + i, bytes_to_read, 1))) 432 return -EIO; 433 434 memcpy(cp, mp->data, nb); 435 release_metapage(mp); 436 437 cp += PSIZE; 438 nbytes -= nb; 439 } 440 441 return 0; 442 } 443 444 /* 445 * NAME: ea_get 446 * 447 * FUNCTION: Returns buffer containing existing extended attributes. 448 * The size of the buffer will be the larger of the existing 449 * attributes size, or min_size. 450 * 451 * The buffer, which may be inlined in the inode or in the 452 * page cache must be release by calling ea_release or ea_put 453 * 454 * PARAMETERS: 455 * inode - Inode pointer 456 * ea_buf - Structure to be populated with ealist and its metadata 457 * min_size- minimum size of buffer to be returned 458 * 459 * RETURNS: 0 for success; Other indicates failure 460 */ 461 static int ea_get(struct inode *inode, struct ea_buffer *ea_buf, int min_size) 462 { 463 struct jfs_inode_info *ji = JFS_IP(inode); 464 struct super_block *sb = inode->i_sb; 465 int size; 466 int ea_size = sizeDXD(&ji->ea); 467 int blocks_needed, current_blocks; 468 s64 blkno; 469 int rc; 470 int quota_allocation = 0; 471 472 /* When fsck.jfs clears a bad ea, it doesn't clear the size */ 473 if (ji->ea.flag == 0) 474 ea_size = 0; 475 476 if (ea_size == 0) { 477 if (min_size == 0) { 478 ea_buf->flag = 0; 479 ea_buf->max_size = 0; 480 ea_buf->xattr = NULL; 481 return 0; 482 } 483 if ((min_size <= sizeof (ji->i_inline_ea)) && 484 (ji->mode2 & INLINEEA)) { 485 ea_buf->flag = EA_INLINE | EA_NEW; 486 ea_buf->max_size = sizeof (ji->i_inline_ea); 487 ea_buf->xattr = (struct jfs_ea_list *) ji->i_inline_ea; 488 DXDlength(&ea_buf->new_ea, 0); 489 DXDaddress(&ea_buf->new_ea, 0); 490 ea_buf->new_ea.flag = DXD_INLINE; 491 DXDsize(&ea_buf->new_ea, min_size); 492 return 0; 493 } 494 current_blocks = 0; 495 } else if (ji->ea.flag & DXD_INLINE) { 496 if (min_size <= sizeof (ji->i_inline_ea)) { 497 ea_buf->flag = EA_INLINE; 498 ea_buf->max_size = sizeof (ji->i_inline_ea); 499 ea_buf->xattr = (struct jfs_ea_list *) ji->i_inline_ea; 500 goto size_check; 501 } 502 current_blocks = 0; 503 } else { 504 if (!(ji->ea.flag & DXD_EXTENT)) { 505 jfs_error(sb, "ea_get: invalid ea.flag)"); 506 return -EIO; 507 } 508 current_blocks = (ea_size + sb->s_blocksize - 1) >> 509 sb->s_blocksize_bits; 510 } 511 size = max(min_size, ea_size); 512 513 if (size > PSIZE) { 514 /* 515 * To keep the rest of the code simple. Allocate a 516 * contiguous buffer to work with 517 */ 518 ea_buf->xattr = kmalloc(size, GFP_KERNEL); 519 if (ea_buf->xattr == NULL) 520 return -ENOMEM; 521 522 ea_buf->flag = EA_MALLOC; 523 ea_buf->max_size = (size + sb->s_blocksize - 1) & 524 ~(sb->s_blocksize - 1); 525 526 if (ea_size == 0) 527 return 0; 528 529 if ((rc = ea_read(inode, ea_buf->xattr))) { 530 kfree(ea_buf->xattr); 531 ea_buf->xattr = NULL; 532 return rc; 533 } 534 goto size_check; 535 } 536 blocks_needed = (min_size + sb->s_blocksize - 1) >> 537 sb->s_blocksize_bits; 538 539 if (blocks_needed > current_blocks) { 540 /* Allocate new blocks to quota. */ 541 if (vfs_dq_alloc_block(inode, blocks_needed)) 542 return -EDQUOT; 543 544 quota_allocation = blocks_needed; 545 546 rc = dbAlloc(inode, INOHINT(inode), (s64) blocks_needed, 547 &blkno); 548 if (rc) 549 goto clean_up; 550 551 DXDlength(&ea_buf->new_ea, blocks_needed); 552 DXDaddress(&ea_buf->new_ea, blkno); 553 ea_buf->new_ea.flag = DXD_EXTENT; 554 DXDsize(&ea_buf->new_ea, min_size); 555 556 ea_buf->flag = EA_EXTENT | EA_NEW; 557 558 ea_buf->mp = get_metapage(inode, blkno, 559 blocks_needed << sb->s_blocksize_bits, 560 1); 561 if (ea_buf->mp == NULL) { 562 dbFree(inode, blkno, (s64) blocks_needed); 563 rc = -EIO; 564 goto clean_up; 565 } 566 ea_buf->xattr = ea_buf->mp->data; 567 ea_buf->max_size = (min_size + sb->s_blocksize - 1) & 568 ~(sb->s_blocksize - 1); 569 if (ea_size == 0) 570 return 0; 571 if ((rc = ea_read(inode, ea_buf->xattr))) { 572 discard_metapage(ea_buf->mp); 573 dbFree(inode, blkno, (s64) blocks_needed); 574 goto clean_up; 575 } 576 goto size_check; 577 } 578 ea_buf->flag = EA_EXTENT; 579 ea_buf->mp = read_metapage(inode, addressDXD(&ji->ea), 580 lengthDXD(&ji->ea) << sb->s_blocksize_bits, 581 1); 582 if (ea_buf->mp == NULL) { 583 rc = -EIO; 584 goto clean_up; 585 } 586 ea_buf->xattr = ea_buf->mp->data; 587 ea_buf->max_size = (ea_size + sb->s_blocksize - 1) & 588 ~(sb->s_blocksize - 1); 589 590 size_check: 591 if (EALIST_SIZE(ea_buf->xattr) != ea_size) { 592 printk(KERN_ERR "ea_get: invalid extended attribute\n"); 593 print_hex_dump(KERN_ERR, "", DUMP_PREFIX_ADDRESS, 16, 1, 594 ea_buf->xattr, ea_size, 1); 595 ea_release(inode, ea_buf); 596 rc = -EIO; 597 goto clean_up; 598 } 599 600 return ea_size; 601 602 clean_up: 603 /* Rollback quota allocation */ 604 if (quota_allocation) 605 vfs_dq_free_block(inode, quota_allocation); 606 607 return (rc); 608 } 609 610 static void ea_release(struct inode *inode, struct ea_buffer *ea_buf) 611 { 612 if (ea_buf->flag & EA_MALLOC) 613 kfree(ea_buf->xattr); 614 else if (ea_buf->flag & EA_EXTENT) { 615 assert(ea_buf->mp); 616 release_metapage(ea_buf->mp); 617 618 if (ea_buf->flag & EA_NEW) 619 dbFree(inode, addressDXD(&ea_buf->new_ea), 620 lengthDXD(&ea_buf->new_ea)); 621 } 622 } 623 624 static int ea_put(tid_t tid, struct inode *inode, struct ea_buffer *ea_buf, 625 int new_size) 626 { 627 struct jfs_inode_info *ji = JFS_IP(inode); 628 unsigned long old_blocks, new_blocks; 629 int rc = 0; 630 631 if (new_size == 0) { 632 ea_release(inode, ea_buf); 633 ea_buf = NULL; 634 } else if (ea_buf->flag & EA_INLINE) { 635 assert(new_size <= sizeof (ji->i_inline_ea)); 636 ji->mode2 &= ~INLINEEA; 637 ea_buf->new_ea.flag = DXD_INLINE; 638 DXDsize(&ea_buf->new_ea, new_size); 639 DXDaddress(&ea_buf->new_ea, 0); 640 DXDlength(&ea_buf->new_ea, 0); 641 } else if (ea_buf->flag & EA_MALLOC) { 642 rc = ea_write(inode, ea_buf->xattr, new_size, &ea_buf->new_ea); 643 kfree(ea_buf->xattr); 644 } else if (ea_buf->flag & EA_NEW) { 645 /* We have already allocated a new dxd */ 646 flush_metapage(ea_buf->mp); 647 } else { 648 /* ->xattr must point to original ea's metapage */ 649 rc = ea_write(inode, ea_buf->xattr, new_size, &ea_buf->new_ea); 650 discard_metapage(ea_buf->mp); 651 } 652 if (rc) 653 return rc; 654 655 old_blocks = new_blocks = 0; 656 657 if (ji->ea.flag & DXD_EXTENT) { 658 invalidate_dxd_metapages(inode, ji->ea); 659 old_blocks = lengthDXD(&ji->ea); 660 } 661 662 if (ea_buf) { 663 txEA(tid, inode, &ji->ea, &ea_buf->new_ea); 664 if (ea_buf->new_ea.flag & DXD_EXTENT) { 665 new_blocks = lengthDXD(&ea_buf->new_ea); 666 if (ji->ea.flag & DXD_INLINE) 667 ji->mode2 |= INLINEEA; 668 } 669 ji->ea = ea_buf->new_ea; 670 } else { 671 txEA(tid, inode, &ji->ea, NULL); 672 if (ji->ea.flag & DXD_INLINE) 673 ji->mode2 |= INLINEEA; 674 ji->ea.flag = 0; 675 ji->ea.size = 0; 676 } 677 678 /* If old blocks exist, they must be removed from quota allocation. */ 679 if (old_blocks) 680 vfs_dq_free_block(inode, old_blocks); 681 682 inode->i_ctime = CURRENT_TIME; 683 684 return 0; 685 } 686 687 /* 688 * can_set_system_xattr 689 * 690 * This code is specific to the system.* namespace. It contains policy 691 * which doesn't belong in the main xattr codepath. 692 */ 693 static int can_set_system_xattr(struct inode *inode, const char *name, 694 const void *value, size_t value_len) 695 { 696 #ifdef CONFIG_JFS_POSIX_ACL 697 struct posix_acl *acl; 698 int rc; 699 700 if (!is_owner_or_cap(inode)) 701 return -EPERM; 702 703 /* 704 * POSIX_ACL_XATTR_ACCESS is tied to i_mode 705 */ 706 if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0) { 707 acl = posix_acl_from_xattr(value, value_len); 708 if (IS_ERR(acl)) { 709 rc = PTR_ERR(acl); 710 printk(KERN_ERR "posix_acl_from_xattr returned %d\n", 711 rc); 712 return rc; 713 } 714 if (acl) { 715 mode_t mode = inode->i_mode; 716 rc = posix_acl_equiv_mode(acl, &mode); 717 posix_acl_release(acl); 718 if (rc < 0) { 719 printk(KERN_ERR 720 "posix_acl_equiv_mode returned %d\n", 721 rc); 722 return rc; 723 } 724 inode->i_mode = mode; 725 mark_inode_dirty(inode); 726 } 727 /* 728 * We're changing the ACL. Get rid of the cached one 729 */ 730 forget_cached_acl(inode, ACL_TYPE_ACCESS); 731 732 return 0; 733 } else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0) { 734 acl = posix_acl_from_xattr(value, value_len); 735 if (IS_ERR(acl)) { 736 rc = PTR_ERR(acl); 737 printk(KERN_ERR "posix_acl_from_xattr returned %d\n", 738 rc); 739 return rc; 740 } 741 posix_acl_release(acl); 742 743 /* 744 * We're changing the default ACL. Get rid of the cached one 745 */ 746 forget_cached_acl(inode, ACL_TYPE_DEFAULT); 747 748 return 0; 749 } 750 #endif /* CONFIG_JFS_POSIX_ACL */ 751 return -EOPNOTSUPP; 752 } 753 754 /* 755 * Most of the permission checking is done by xattr_permission in the vfs. 756 * The local file system is responsible for handling the system.* namespace. 757 * We also need to verify that this is a namespace that we recognize. 758 */ 759 static int can_set_xattr(struct inode *inode, const char *name, 760 const void *value, size_t value_len) 761 { 762 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) 763 return can_set_system_xattr(inode, name, value, value_len); 764 765 /* 766 * Don't allow setting an attribute in an unknown namespace. 767 */ 768 if (strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN) && 769 strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) && 770 strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN) && 771 strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN)) 772 return -EOPNOTSUPP; 773 774 return 0; 775 } 776 777 int __jfs_setxattr(tid_t tid, struct inode *inode, const char *name, 778 const void *value, size_t value_len, int flags) 779 { 780 struct jfs_ea_list *ealist; 781 struct jfs_ea *ea, *old_ea = NULL, *next_ea = NULL; 782 struct ea_buffer ea_buf; 783 int old_ea_size = 0; 784 int xattr_size; 785 int new_size; 786 int namelen = strlen(name); 787 char *os2name = NULL; 788 int found = 0; 789 int rc; 790 int length; 791 792 if (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) == 0) { 793 os2name = kmalloc(namelen - XATTR_OS2_PREFIX_LEN + 1, 794 GFP_KERNEL); 795 if (!os2name) 796 return -ENOMEM; 797 strcpy(os2name, name + XATTR_OS2_PREFIX_LEN); 798 name = os2name; 799 namelen -= XATTR_OS2_PREFIX_LEN; 800 } 801 802 down_write(&JFS_IP(inode)->xattr_sem); 803 804 xattr_size = ea_get(inode, &ea_buf, 0); 805 if (xattr_size < 0) { 806 rc = xattr_size; 807 goto out; 808 } 809 810 again: 811 ealist = (struct jfs_ea_list *) ea_buf.xattr; 812 new_size = sizeof (struct jfs_ea_list); 813 814 if (xattr_size) { 815 for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); 816 ea = NEXT_EA(ea)) { 817 if ((namelen == ea->namelen) && 818 (memcmp(name, ea->name, namelen) == 0)) { 819 found = 1; 820 if (flags & XATTR_CREATE) { 821 rc = -EEXIST; 822 goto release; 823 } 824 old_ea = ea; 825 old_ea_size = EA_SIZE(ea); 826 next_ea = NEXT_EA(ea); 827 } else 828 new_size += EA_SIZE(ea); 829 } 830 } 831 832 if (!found) { 833 if (flags & XATTR_REPLACE) { 834 rc = -ENODATA; 835 goto release; 836 } 837 if (value == NULL) { 838 rc = 0; 839 goto release; 840 } 841 } 842 if (value) 843 new_size += sizeof (struct jfs_ea) + namelen + 1 + value_len; 844 845 if (new_size > ea_buf.max_size) { 846 /* 847 * We need to allocate more space for merged ea list. 848 * We should only have loop to again: once. 849 */ 850 ea_release(inode, &ea_buf); 851 xattr_size = ea_get(inode, &ea_buf, new_size); 852 if (xattr_size < 0) { 853 rc = xattr_size; 854 goto out; 855 } 856 goto again; 857 } 858 859 /* Remove old ea of the same name */ 860 if (found) { 861 /* number of bytes following target EA */ 862 length = (char *) END_EALIST(ealist) - (char *) next_ea; 863 if (length > 0) 864 memmove(old_ea, next_ea, length); 865 xattr_size -= old_ea_size; 866 } 867 868 /* Add new entry to the end */ 869 if (value) { 870 if (xattr_size == 0) 871 /* Completely new ea list */ 872 xattr_size = sizeof (struct jfs_ea_list); 873 874 ea = (struct jfs_ea *) ((char *) ealist + xattr_size); 875 ea->flag = 0; 876 ea->namelen = namelen; 877 ea->valuelen = (cpu_to_le16(value_len)); 878 memcpy(ea->name, name, namelen); 879 ea->name[namelen] = 0; 880 if (value_len) 881 memcpy(&ea->name[namelen + 1], value, value_len); 882 xattr_size += EA_SIZE(ea); 883 } 884 885 /* DEBUG - If we did this right, these number match */ 886 if (xattr_size != new_size) { 887 printk(KERN_ERR 888 "jfs_xsetattr: xattr_size = %d, new_size = %d\n", 889 xattr_size, new_size); 890 891 rc = -EINVAL; 892 goto release; 893 } 894 895 /* 896 * If we're left with an empty list, there's no ea 897 */ 898 if (new_size == sizeof (struct jfs_ea_list)) 899 new_size = 0; 900 901 ealist->size = cpu_to_le32(new_size); 902 903 rc = ea_put(tid, inode, &ea_buf, new_size); 904 905 goto out; 906 release: 907 ea_release(inode, &ea_buf); 908 out: 909 up_write(&JFS_IP(inode)->xattr_sem); 910 911 kfree(os2name); 912 913 return rc; 914 } 915 916 int jfs_setxattr(struct dentry *dentry, const char *name, const void *value, 917 size_t value_len, int flags) 918 { 919 struct inode *inode = dentry->d_inode; 920 struct jfs_inode_info *ji = JFS_IP(inode); 921 int rc; 922 tid_t tid; 923 924 if ((rc = can_set_xattr(inode, name, value, value_len))) 925 return rc; 926 927 if (value == NULL) { /* empty EA, do not remove */ 928 value = ""; 929 value_len = 0; 930 } 931 932 tid = txBegin(inode->i_sb, 0); 933 mutex_lock(&ji->commit_mutex); 934 rc = __jfs_setxattr(tid, dentry->d_inode, name, value, value_len, 935 flags); 936 if (!rc) 937 rc = txCommit(tid, 1, &inode, 0); 938 txEnd(tid); 939 mutex_unlock(&ji->commit_mutex); 940 941 return rc; 942 } 943 944 ssize_t __jfs_getxattr(struct inode *inode, const char *name, void *data, 945 size_t buf_size) 946 { 947 struct jfs_ea_list *ealist; 948 struct jfs_ea *ea; 949 struct ea_buffer ea_buf; 950 int xattr_size; 951 ssize_t size; 952 int namelen = strlen(name); 953 char *os2name = NULL; 954 char *value; 955 956 if (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) == 0) { 957 os2name = kmalloc(namelen - XATTR_OS2_PREFIX_LEN + 1, 958 GFP_KERNEL); 959 if (!os2name) 960 return -ENOMEM; 961 strcpy(os2name, name + XATTR_OS2_PREFIX_LEN); 962 name = os2name; 963 namelen -= XATTR_OS2_PREFIX_LEN; 964 } 965 966 down_read(&JFS_IP(inode)->xattr_sem); 967 968 xattr_size = ea_get(inode, &ea_buf, 0); 969 970 if (xattr_size < 0) { 971 size = xattr_size; 972 goto out; 973 } 974 975 if (xattr_size == 0) 976 goto not_found; 977 978 ealist = (struct jfs_ea_list *) ea_buf.xattr; 979 980 /* Find the named attribute */ 981 for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea)) 982 if ((namelen == ea->namelen) && 983 memcmp(name, ea->name, namelen) == 0) { 984 /* Found it */ 985 size = le16_to_cpu(ea->valuelen); 986 if (!data) 987 goto release; 988 else if (size > buf_size) { 989 size = -ERANGE; 990 goto release; 991 } 992 value = ((char *) &ea->name) + ea->namelen + 1; 993 memcpy(data, value, size); 994 goto release; 995 } 996 not_found: 997 size = -ENODATA; 998 release: 999 ea_release(inode, &ea_buf); 1000 out: 1001 up_read(&JFS_IP(inode)->xattr_sem); 1002 1003 kfree(os2name); 1004 1005 return size; 1006 } 1007 1008 ssize_t jfs_getxattr(struct dentry *dentry, const char *name, void *data, 1009 size_t buf_size) 1010 { 1011 int err; 1012 1013 err = __jfs_getxattr(dentry->d_inode, name, data, buf_size); 1014 1015 return err; 1016 } 1017 1018 /* 1019 * No special permissions are needed to list attributes except for trusted.* 1020 */ 1021 static inline int can_list(struct jfs_ea *ea) 1022 { 1023 return (strncmp(ea->name, XATTR_TRUSTED_PREFIX, 1024 XATTR_TRUSTED_PREFIX_LEN) || 1025 capable(CAP_SYS_ADMIN)); 1026 } 1027 1028 ssize_t jfs_listxattr(struct dentry * dentry, char *data, size_t buf_size) 1029 { 1030 struct inode *inode = dentry->d_inode; 1031 char *buffer; 1032 ssize_t size = 0; 1033 int xattr_size; 1034 struct jfs_ea_list *ealist; 1035 struct jfs_ea *ea; 1036 struct ea_buffer ea_buf; 1037 1038 down_read(&JFS_IP(inode)->xattr_sem); 1039 1040 xattr_size = ea_get(inode, &ea_buf, 0); 1041 if (xattr_size < 0) { 1042 size = xattr_size; 1043 goto out; 1044 } 1045 1046 if (xattr_size == 0) 1047 goto release; 1048 1049 ealist = (struct jfs_ea_list *) ea_buf.xattr; 1050 1051 /* compute required size of list */ 1052 for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea)) { 1053 if (can_list(ea)) 1054 size += name_size(ea) + 1; 1055 } 1056 1057 if (!data) 1058 goto release; 1059 1060 if (size > buf_size) { 1061 size = -ERANGE; 1062 goto release; 1063 } 1064 1065 /* Copy attribute names to buffer */ 1066 buffer = data; 1067 for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea)) { 1068 if (can_list(ea)) { 1069 int namelen = copy_name(buffer, ea); 1070 buffer += namelen + 1; 1071 } 1072 } 1073 1074 release: 1075 ea_release(inode, &ea_buf); 1076 out: 1077 up_read(&JFS_IP(inode)->xattr_sem); 1078 return size; 1079 } 1080 1081 int jfs_removexattr(struct dentry *dentry, const char *name) 1082 { 1083 struct inode *inode = dentry->d_inode; 1084 struct jfs_inode_info *ji = JFS_IP(inode); 1085 int rc; 1086 tid_t tid; 1087 1088 if ((rc = can_set_xattr(inode, name, NULL, 0))) 1089 return rc; 1090 1091 tid = txBegin(inode->i_sb, 0); 1092 mutex_lock(&ji->commit_mutex); 1093 rc = __jfs_setxattr(tid, dentry->d_inode, name, NULL, 0, XATTR_REPLACE); 1094 if (!rc) 1095 rc = txCommit(tid, 1, &inode, 0); 1096 txEnd(tid); 1097 mutex_unlock(&ji->commit_mutex); 1098 1099 return rc; 1100 } 1101 1102 #ifdef CONFIG_JFS_SECURITY 1103 int jfs_init_security(tid_t tid, struct inode *inode, struct inode *dir) 1104 { 1105 int rc; 1106 size_t len; 1107 void *value; 1108 char *suffix; 1109 char *name; 1110 1111 rc = security_inode_init_security(inode, dir, &suffix, &value, &len); 1112 if (rc) { 1113 if (rc == -EOPNOTSUPP) 1114 return 0; 1115 return rc; 1116 } 1117 name = kmalloc(XATTR_SECURITY_PREFIX_LEN + 1 + strlen(suffix), 1118 GFP_NOFS); 1119 if (!name) { 1120 rc = -ENOMEM; 1121 goto kmalloc_failed; 1122 } 1123 strcpy(name, XATTR_SECURITY_PREFIX); 1124 strcpy(name + XATTR_SECURITY_PREFIX_LEN, suffix); 1125 1126 rc = __jfs_setxattr(tid, inode, name, value, len, 0); 1127 1128 kfree(name); 1129 kmalloc_failed: 1130 kfree(suffix); 1131 kfree(value); 1132 1133 return rc; 1134 } 1135 #endif 1136