xref: /openbmc/linux/fs/jfs/xattr.c (revision d5cb9783536a41df9f9cba5b0a1d78047ed787f7)
1 /*
2  *   Copyright (C) International Business Machines  Corp., 2000-2004
3  *   Copyright (C) Christoph Hellwig, 2002
4  *
5  *   This program is free software;  you can redistribute it and/or modify
6  *   it under the terms of the GNU General Public License as published by
7  *   the Free Software Foundation; either version 2 of the License, or
8  *   (at your option) any later version.
9  *
10  *   This program is distributed in the hope that it will be useful,
11  *   but WITHOUT ANY WARRANTY;  without even the implied warranty of
12  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
13  *   the GNU General Public License for more details.
14  *
15  *   You should have received a copy of the GNU General Public License
16  *   along with this program;  if not, write to the Free Software
17  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18  */
19 
20 #include <linux/fs.h>
21 #include <linux/xattr.h>
22 #include <linux/posix_acl_xattr.h>
23 #include <linux/quotaops.h>
24 #include <linux/security.h>
25 #include "jfs_incore.h"
26 #include "jfs_superblock.h"
27 #include "jfs_dmap.h"
28 #include "jfs_debug.h"
29 #include "jfs_dinode.h"
30 #include "jfs_extent.h"
31 #include "jfs_metapage.h"
32 #include "jfs_xattr.h"
33 #include "jfs_acl.h"
34 
35 /*
36  *	jfs_xattr.c: extended attribute service
37  *
38  * Overall design --
39  *
40  * Format:
41  *
42  *   Extended attribute lists (jfs_ea_list) consist of an overall size (32 bit
43  *   value) and a variable (0 or more) number of extended attribute
44  *   entries.  Each extended attribute entry (jfs_ea) is a <name,value> double
45  *   where <name> is constructed from a null-terminated ascii string
46  *   (1 ... 255 bytes in the name) and <value> is arbitrary 8 bit data
47  *   (1 ... 65535 bytes).  The in-memory format is
48  *
49  *   0       1        2        4                4 + namelen + 1
50  *   +-------+--------+--------+----------------+-------------------+
51  *   | Flags | Name   | Value  | Name String \0 | Data . . . .      |
52  *   |       | Length | Length |                |                   |
53  *   +-------+--------+--------+----------------+-------------------+
54  *
55  *   A jfs_ea_list then is structured as
56  *
57  *   0            4                   4 + EA_SIZE(ea1)
58  *   +------------+-------------------+--------------------+-----
59  *   | Overall EA | First FEA Element | Second FEA Element | .....
60  *   | List Size  |                   |                    |
61  *   +------------+-------------------+--------------------+-----
62  *
63  *   On-disk:
64  *
65  *     FEALISTs are stored on disk using blocks allocated by dbAlloc() and
66  *     written directly. An EA list may be in-lined in the inode if there is
67  *     sufficient room available.
68  */
69 
70 struct ea_buffer {
71 	int flag;		/* Indicates what storage xattr points to */
72 	int max_size;		/* largest xattr that fits in current buffer */
73 	dxd_t new_ea;		/* dxd to replace ea when modifying xattr */
74 	struct metapage *mp;	/* metapage containing ea list */
75 	struct jfs_ea_list *xattr;	/* buffer containing ea list */
76 };
77 
78 /*
79  * ea_buffer.flag values
80  */
81 #define EA_INLINE	0x0001
82 #define EA_EXTENT	0x0002
83 #define EA_NEW		0x0004
84 #define EA_MALLOC	0x0008
85 
86 /* Namespaces */
87 #define XATTR_SYSTEM_PREFIX "system."
88 #define XATTR_SYSTEM_PREFIX_LEN (sizeof (XATTR_SYSTEM_PREFIX) - 1)
89 
90 #define XATTR_USER_PREFIX "user."
91 #define XATTR_USER_PREFIX_LEN (sizeof (XATTR_USER_PREFIX) - 1)
92 
93 #define XATTR_OS2_PREFIX "os2."
94 #define XATTR_OS2_PREFIX_LEN (sizeof (XATTR_OS2_PREFIX) - 1)
95 
96 /* XATTR_SECURITY_PREFIX is defined in include/linux/xattr.h */
97 #define XATTR_SECURITY_PREFIX_LEN (sizeof (XATTR_SECURITY_PREFIX) - 1)
98 
99 #define XATTR_TRUSTED_PREFIX "trusted."
100 #define XATTR_TRUSTED_PREFIX_LEN (sizeof (XATTR_TRUSTED_PREFIX) - 1)
101 
102 /*
103  * These three routines are used to recognize on-disk extended attributes
104  * that are in a recognized namespace.  If the attribute is not recognized,
105  * "os2." is prepended to the name
106  */
107 static inline int is_os2_xattr(struct jfs_ea *ea)
108 {
109 	/*
110 	 * Check for "system."
111 	 */
112 	if ((ea->namelen >= XATTR_SYSTEM_PREFIX_LEN) &&
113 	    !strncmp(ea->name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
114 		return FALSE;
115 	/*
116 	 * Check for "user."
117 	 */
118 	if ((ea->namelen >= XATTR_USER_PREFIX_LEN) &&
119 	    !strncmp(ea->name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN))
120 		return FALSE;
121 	/*
122 	 * Check for "security."
123 	 */
124 	if ((ea->namelen >= XATTR_SECURITY_PREFIX_LEN) &&
125 	    !strncmp(ea->name, XATTR_SECURITY_PREFIX,
126 		     XATTR_SECURITY_PREFIX_LEN))
127 		return FALSE;
128 	/*
129 	 * Check for "trusted."
130 	 */
131 	if ((ea->namelen >= XATTR_TRUSTED_PREFIX_LEN) &&
132 	    !strncmp(ea->name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN))
133 		return FALSE;
134 	/*
135 	 * Add any other valid namespace prefixes here
136 	 */
137 
138 	/*
139 	 * We assume it's OS/2's flat namespace
140 	 */
141 	return TRUE;
142 }
143 
144 static inline int name_size(struct jfs_ea *ea)
145 {
146 	if (is_os2_xattr(ea))
147 		return ea->namelen + XATTR_OS2_PREFIX_LEN;
148 	else
149 		return ea->namelen;
150 }
151 
152 static inline int copy_name(char *buffer, struct jfs_ea *ea)
153 {
154 	int len = ea->namelen;
155 
156 	if (is_os2_xattr(ea)) {
157 		memcpy(buffer, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN);
158 		buffer += XATTR_OS2_PREFIX_LEN;
159 		len += XATTR_OS2_PREFIX_LEN;
160 	}
161 	memcpy(buffer, ea->name, ea->namelen);
162 	buffer[ea->namelen] = 0;
163 
164 	return len;
165 }
166 
167 /* Forward references */
168 static void ea_release(struct inode *inode, struct ea_buffer *ea_buf);
169 
170 /*
171  * NAME: ea_write_inline
172  *
173  * FUNCTION: Attempt to write an EA inline if area is available
174  *
175  * PRE CONDITIONS:
176  *	Already verified that the specified EA is small enough to fit inline
177  *
178  * PARAMETERS:
179  *	ip	- Inode pointer
180  *	ealist	- EA list pointer
181  *	size	- size of ealist in bytes
182  *	ea	- dxd_t structure to be filled in with necessary EA information
183  *		  if we successfully copy the EA inline
184  *
185  * NOTES:
186  *	Checks if the inode's inline area is available.  If so, copies EA inline
187  *	and sets <ea> fields appropriately.  Otherwise, returns failure, EA will
188  *	have to be put into an extent.
189  *
190  * RETURNS: 0 for successful copy to inline area; -1 if area not available
191  */
192 static int ea_write_inline(struct inode *ip, struct jfs_ea_list *ealist,
193 			   int size, dxd_t * ea)
194 {
195 	struct jfs_inode_info *ji = JFS_IP(ip);
196 
197 	/*
198 	 * Make sure we have an EA -- the NULL EA list is valid, but you
199 	 * can't copy it!
200 	 */
201 	if (ealist && size > sizeof (struct jfs_ea_list)) {
202 		assert(size <= sizeof (ji->i_inline_ea));
203 
204 		/*
205 		 * See if the space is available or if it is already being
206 		 * used for an inline EA.
207 		 */
208 		if (!(ji->mode2 & INLINEEA) && !(ji->ea.flag & DXD_INLINE))
209 			return -EPERM;
210 
211 		DXDsize(ea, size);
212 		DXDlength(ea, 0);
213 		DXDaddress(ea, 0);
214 		memcpy(ji->i_inline_ea, ealist, size);
215 		ea->flag = DXD_INLINE;
216 		ji->mode2 &= ~INLINEEA;
217 	} else {
218 		ea->flag = 0;
219 		DXDsize(ea, 0);
220 		DXDlength(ea, 0);
221 		DXDaddress(ea, 0);
222 
223 		/* Free up INLINE area */
224 		if (ji->ea.flag & DXD_INLINE)
225 			ji->mode2 |= INLINEEA;
226 	}
227 
228 	return 0;
229 }
230 
231 /*
232  * NAME: ea_write
233  *
234  * FUNCTION: Write an EA for an inode
235  *
236  * PRE CONDITIONS: EA has been verified
237  *
238  * PARAMETERS:
239  *	ip	- Inode pointer
240  *	ealist	- EA list pointer
241  *	size	- size of ealist in bytes
242  *	ea	- dxd_t structure to be filled in appropriately with where the
243  *		  EA was copied
244  *
245  * NOTES: Will write EA inline if able to, otherwise allocates blocks for an
246  *	extent and synchronously writes it to those blocks.
247  *
248  * RETURNS: 0 for success; Anything else indicates failure
249  */
250 static int ea_write(struct inode *ip, struct jfs_ea_list *ealist, int size,
251 		       dxd_t * ea)
252 {
253 	struct super_block *sb = ip->i_sb;
254 	struct jfs_inode_info *ji = JFS_IP(ip);
255 	struct jfs_sb_info *sbi = JFS_SBI(sb);
256 	int nblocks;
257 	s64 blkno;
258 	int rc = 0, i;
259 	char *cp;
260 	s32 nbytes, nb;
261 	s32 bytes_to_write;
262 	struct metapage *mp;
263 
264 	/*
265 	 * Quick check to see if this is an in-linable EA.  Short EAs
266 	 * and empty EAs are all in-linable, provided the space exists.
267 	 */
268 	if (!ealist || size <= sizeof (ji->i_inline_ea)) {
269 		if (!ea_write_inline(ip, ealist, size, ea))
270 			return 0;
271 	}
272 
273 	/* figure out how many blocks we need */
274 	nblocks = (size + (sb->s_blocksize - 1)) >> sb->s_blocksize_bits;
275 
276 	/* Allocate new blocks to quota. */
277 	if (DQUOT_ALLOC_BLOCK(ip, nblocks)) {
278 		return -EDQUOT;
279 	}
280 
281 	rc = dbAlloc(ip, INOHINT(ip), nblocks, &blkno);
282 	if (rc) {
283 		/*Rollback quota allocation. */
284 		DQUOT_FREE_BLOCK(ip, nblocks);
285 		return rc;
286 	}
287 
288 	/*
289 	 * Now have nblocks worth of storage to stuff into the FEALIST.
290 	 * loop over the FEALIST copying data into the buffer one page at
291 	 * a time.
292 	 */
293 	cp = (char *) ealist;
294 	nbytes = size;
295 	for (i = 0; i < nblocks; i += sbi->nbperpage) {
296 		/*
297 		 * Determine how many bytes for this request, and round up to
298 		 * the nearest aggregate block size
299 		 */
300 		nb = min(PSIZE, nbytes);
301 		bytes_to_write =
302 		    ((((nb + sb->s_blocksize - 1)) >> sb->s_blocksize_bits))
303 		    << sb->s_blocksize_bits;
304 
305 		if (!(mp = get_metapage(ip, blkno + i, bytes_to_write, 1))) {
306 			rc = -EIO;
307 			goto failed;
308 		}
309 
310 		memcpy(mp->data, cp, nb);
311 
312 		/*
313 		 * We really need a way to propagate errors for
314 		 * forced writes like this one.  --hch
315 		 *
316 		 * (__write_metapage => release_metapage => flush_metapage)
317 		 */
318 #ifdef _JFS_FIXME
319 		if ((rc = flush_metapage(mp))) {
320 			/*
321 			 * the write failed -- this means that the buffer
322 			 * is still assigned and the blocks are not being
323 			 * used.  this seems like the best error recovery
324 			 * we can get ...
325 			 */
326 			goto failed;
327 		}
328 #else
329 		flush_metapage(mp);
330 #endif
331 
332 		cp += PSIZE;
333 		nbytes -= nb;
334 	}
335 
336 	ea->flag = DXD_EXTENT;
337 	DXDsize(ea, le32_to_cpu(ealist->size));
338 	DXDlength(ea, nblocks);
339 	DXDaddress(ea, blkno);
340 
341 	/* Free up INLINE area */
342 	if (ji->ea.flag & DXD_INLINE)
343 		ji->mode2 |= INLINEEA;
344 
345 	return 0;
346 
347       failed:
348 	/* Rollback quota allocation. */
349 	DQUOT_FREE_BLOCK(ip, nblocks);
350 
351 	dbFree(ip, blkno, nblocks);
352 	return rc;
353 }
354 
355 /*
356  * NAME: ea_read_inline
357  *
358  * FUNCTION: Read an inlined EA into user's buffer
359  *
360  * PARAMETERS:
361  *	ip	- Inode pointer
362  *	ealist	- Pointer to buffer to fill in with EA
363  *
364  * RETURNS: 0
365  */
366 static int ea_read_inline(struct inode *ip, struct jfs_ea_list *ealist)
367 {
368 	struct jfs_inode_info *ji = JFS_IP(ip);
369 	int ea_size = sizeDXD(&ji->ea);
370 
371 	if (ea_size == 0) {
372 		ealist->size = 0;
373 		return 0;
374 	}
375 
376 	/* Sanity Check */
377 	if ((sizeDXD(&ji->ea) > sizeof (ji->i_inline_ea)))
378 		return -EIO;
379 	if (le32_to_cpu(((struct jfs_ea_list *) &ji->i_inline_ea)->size)
380 	    != ea_size)
381 		return -EIO;
382 
383 	memcpy(ealist, ji->i_inline_ea, ea_size);
384 	return 0;
385 }
386 
387 /*
388  * NAME: ea_read
389  *
390  * FUNCTION: copy EA data into user's buffer
391  *
392  * PARAMETERS:
393  *	ip	- Inode pointer
394  *	ealist	- Pointer to buffer to fill in with EA
395  *
396  * NOTES:  If EA is inline calls ea_read_inline() to copy EA.
397  *
398  * RETURNS: 0 for success; other indicates failure
399  */
400 static int ea_read(struct inode *ip, struct jfs_ea_list *ealist)
401 {
402 	struct super_block *sb = ip->i_sb;
403 	struct jfs_inode_info *ji = JFS_IP(ip);
404 	struct jfs_sb_info *sbi = JFS_SBI(sb);
405 	int nblocks;
406 	s64 blkno;
407 	char *cp = (char *) ealist;
408 	int i;
409 	int nbytes, nb;
410 	s32 bytes_to_read;
411 	struct metapage *mp;
412 
413 	/* quick check for in-line EA */
414 	if (ji->ea.flag & DXD_INLINE)
415 		return ea_read_inline(ip, ealist);
416 
417 	nbytes = sizeDXD(&ji->ea);
418 	if (!nbytes) {
419 		jfs_error(sb, "ea_read: nbytes is 0");
420 		return -EIO;
421 	}
422 
423 	/*
424 	 * Figure out how many blocks were allocated when this EA list was
425 	 * originally written to disk.
426 	 */
427 	nblocks = lengthDXD(&ji->ea) << sbi->l2nbperpage;
428 	blkno = addressDXD(&ji->ea) << sbi->l2nbperpage;
429 
430 	/*
431 	 * I have found the disk blocks which were originally used to store
432 	 * the FEALIST.  now i loop over each contiguous block copying the
433 	 * data into the buffer.
434 	 */
435 	for (i = 0; i < nblocks; i += sbi->nbperpage) {
436 		/*
437 		 * Determine how many bytes for this request, and round up to
438 		 * the nearest aggregate block size
439 		 */
440 		nb = min(PSIZE, nbytes);
441 		bytes_to_read =
442 		    ((((nb + sb->s_blocksize - 1)) >> sb->s_blocksize_bits))
443 		    << sb->s_blocksize_bits;
444 
445 		if (!(mp = read_metapage(ip, blkno + i, bytes_to_read, 1)))
446 			return -EIO;
447 
448 		memcpy(cp, mp->data, nb);
449 		release_metapage(mp);
450 
451 		cp += PSIZE;
452 		nbytes -= nb;
453 	}
454 
455 	return 0;
456 }
457 
458 /*
459  * NAME: ea_get
460  *
461  * FUNCTION: Returns buffer containing existing extended attributes.
462  *	     The size of the buffer will be the larger of the existing
463  *	     attributes size, or min_size.
464  *
465  *	     The buffer, which may be inlined in the inode or in the
466  * 	     page cache must be release by calling ea_release or ea_put
467  *
468  * PARAMETERS:
469  *	inode	- Inode pointer
470  *	ea_buf	- Structure to be populated with ealist and its metadata
471  *	min_size- minimum size of buffer to be returned
472  *
473  * RETURNS: 0 for success; Other indicates failure
474  */
475 static int ea_get(struct inode *inode, struct ea_buffer *ea_buf, int min_size)
476 {
477 	struct jfs_inode_info *ji = JFS_IP(inode);
478 	struct super_block *sb = inode->i_sb;
479 	int size;
480 	int ea_size = sizeDXD(&ji->ea);
481 	int blocks_needed, current_blocks;
482 	s64 blkno;
483 	int rc;
484 	int quota_allocation = 0;
485 
486 	/* When fsck.jfs clears a bad ea, it doesn't clear the size */
487 	if (ji->ea.flag == 0)
488 		ea_size = 0;
489 
490 	if (ea_size == 0) {
491 		if (min_size == 0) {
492 			ea_buf->flag = 0;
493 			ea_buf->max_size = 0;
494 			ea_buf->xattr = NULL;
495 			return 0;
496 		}
497 		if ((min_size <= sizeof (ji->i_inline_ea)) &&
498 		    (ji->mode2 & INLINEEA)) {
499 			ea_buf->flag = EA_INLINE | EA_NEW;
500 			ea_buf->max_size = sizeof (ji->i_inline_ea);
501 			ea_buf->xattr = (struct jfs_ea_list *) ji->i_inline_ea;
502 			DXDlength(&ea_buf->new_ea, 0);
503 			DXDaddress(&ea_buf->new_ea, 0);
504 			ea_buf->new_ea.flag = DXD_INLINE;
505 			DXDsize(&ea_buf->new_ea, min_size);
506 			return 0;
507 		}
508 		current_blocks = 0;
509 	} else if (ji->ea.flag & DXD_INLINE) {
510 		if (min_size <= sizeof (ji->i_inline_ea)) {
511 			ea_buf->flag = EA_INLINE;
512 			ea_buf->max_size = sizeof (ji->i_inline_ea);
513 			ea_buf->xattr = (struct jfs_ea_list *) ji->i_inline_ea;
514 			goto size_check;
515 		}
516 		current_blocks = 0;
517 	} else {
518 		if (!(ji->ea.flag & DXD_EXTENT)) {
519 			jfs_error(sb, "ea_get: invalid ea.flag)");
520 			return -EIO;
521 		}
522 		current_blocks = (ea_size + sb->s_blocksize - 1) >>
523 		    sb->s_blocksize_bits;
524 	}
525 	size = max(min_size, ea_size);
526 
527 	if (size > PSIZE) {
528 		/*
529 		 * To keep the rest of the code simple.  Allocate a
530 		 * contiguous buffer to work with
531 		 */
532 		ea_buf->xattr = kmalloc(size, GFP_KERNEL);
533 		if (ea_buf->xattr == NULL)
534 			return -ENOMEM;
535 
536 		ea_buf->flag = EA_MALLOC;
537 		ea_buf->max_size = (size + sb->s_blocksize - 1) &
538 		    ~(sb->s_blocksize - 1);
539 
540 		if (ea_size == 0)
541 			return 0;
542 
543 		if ((rc = ea_read(inode, ea_buf->xattr))) {
544 			kfree(ea_buf->xattr);
545 			ea_buf->xattr = NULL;
546 			return rc;
547 		}
548 		goto size_check;
549 	}
550 	blocks_needed = (min_size + sb->s_blocksize - 1) >>
551 	    sb->s_blocksize_bits;
552 
553 	if (blocks_needed > current_blocks) {
554 		/* Allocate new blocks to quota. */
555 		if (DQUOT_ALLOC_BLOCK(inode, blocks_needed))
556 			return -EDQUOT;
557 
558 		quota_allocation = blocks_needed;
559 
560 		rc = dbAlloc(inode, INOHINT(inode), (s64) blocks_needed,
561 			     &blkno);
562 		if (rc)
563 			goto clean_up;
564 
565 		DXDlength(&ea_buf->new_ea, blocks_needed);
566 		DXDaddress(&ea_buf->new_ea, blkno);
567 		ea_buf->new_ea.flag = DXD_EXTENT;
568 		DXDsize(&ea_buf->new_ea, min_size);
569 
570 		ea_buf->flag = EA_EXTENT | EA_NEW;
571 
572 		ea_buf->mp = get_metapage(inode, blkno,
573 					  blocks_needed << sb->s_blocksize_bits,
574 					  1);
575 		if (ea_buf->mp == NULL) {
576 			dbFree(inode, blkno, (s64) blocks_needed);
577 			rc = -EIO;
578 			goto clean_up;
579 		}
580 		ea_buf->xattr = ea_buf->mp->data;
581 		ea_buf->max_size = (min_size + sb->s_blocksize - 1) &
582 		    ~(sb->s_blocksize - 1);
583 		if (ea_size == 0)
584 			return 0;
585 		if ((rc = ea_read(inode, ea_buf->xattr))) {
586 			discard_metapage(ea_buf->mp);
587 			dbFree(inode, blkno, (s64) blocks_needed);
588 			goto clean_up;
589 		}
590 		goto size_check;
591 	}
592 	ea_buf->flag = EA_EXTENT;
593 	ea_buf->mp = read_metapage(inode, addressDXD(&ji->ea),
594 				   lengthDXD(&ji->ea) << sb->s_blocksize_bits,
595 				   1);
596 	if (ea_buf->mp == NULL) {
597 		rc = -EIO;
598 		goto clean_up;
599 	}
600 	ea_buf->xattr = ea_buf->mp->data;
601 	ea_buf->max_size = (ea_size + sb->s_blocksize - 1) &
602 	    ~(sb->s_blocksize - 1);
603 
604       size_check:
605 	if (EALIST_SIZE(ea_buf->xattr) != ea_size) {
606 		printk(KERN_ERR "ea_get: invalid extended attribute\n");
607 		dump_mem("xattr", ea_buf->xattr, ea_size);
608 		ea_release(inode, ea_buf);
609 		rc = -EIO;
610 		goto clean_up;
611 	}
612 
613 	return ea_size;
614 
615       clean_up:
616 	/* Rollback quota allocation */
617 	if (quota_allocation)
618 		DQUOT_FREE_BLOCK(inode, quota_allocation);
619 
620 	return (rc);
621 }
622 
623 static void ea_release(struct inode *inode, struct ea_buffer *ea_buf)
624 {
625 	if (ea_buf->flag & EA_MALLOC)
626 		kfree(ea_buf->xattr);
627 	else if (ea_buf->flag & EA_EXTENT) {
628 		assert(ea_buf->mp);
629 		release_metapage(ea_buf->mp);
630 
631 		if (ea_buf->flag & EA_NEW)
632 			dbFree(inode, addressDXD(&ea_buf->new_ea),
633 			       lengthDXD(&ea_buf->new_ea));
634 	}
635 }
636 
637 static int ea_put(tid_t tid, struct inode *inode, struct ea_buffer *ea_buf,
638 		  int new_size)
639 {
640 	struct jfs_inode_info *ji = JFS_IP(inode);
641 	unsigned long old_blocks, new_blocks;
642 	int rc = 0;
643 
644 	if (new_size == 0) {
645 		ea_release(inode, ea_buf);
646 		ea_buf = NULL;
647 	} else if (ea_buf->flag & EA_INLINE) {
648 		assert(new_size <= sizeof (ji->i_inline_ea));
649 		ji->mode2 &= ~INLINEEA;
650 		ea_buf->new_ea.flag = DXD_INLINE;
651 		DXDsize(&ea_buf->new_ea, new_size);
652 		DXDaddress(&ea_buf->new_ea, 0);
653 		DXDlength(&ea_buf->new_ea, 0);
654 	} else if (ea_buf->flag & EA_MALLOC) {
655 		rc = ea_write(inode, ea_buf->xattr, new_size, &ea_buf->new_ea);
656 		kfree(ea_buf->xattr);
657 	} else if (ea_buf->flag & EA_NEW) {
658 		/* We have already allocated a new dxd */
659 		flush_metapage(ea_buf->mp);
660 	} else {
661 		/* ->xattr must point to original ea's metapage */
662 		rc = ea_write(inode, ea_buf->xattr, new_size, &ea_buf->new_ea);
663 		discard_metapage(ea_buf->mp);
664 	}
665 	if (rc)
666 		return rc;
667 
668 	old_blocks = new_blocks = 0;
669 
670 	if (ji->ea.flag & DXD_EXTENT) {
671 		invalidate_dxd_metapages(inode, ji->ea);
672 		old_blocks = lengthDXD(&ji->ea);
673 	}
674 
675 	if (ea_buf) {
676 		txEA(tid, inode, &ji->ea, &ea_buf->new_ea);
677 		if (ea_buf->new_ea.flag & DXD_EXTENT) {
678 			new_blocks = lengthDXD(&ea_buf->new_ea);
679 			if (ji->ea.flag & DXD_INLINE)
680 				ji->mode2 |= INLINEEA;
681 		}
682 		ji->ea = ea_buf->new_ea;
683 	} else {
684 		txEA(tid, inode, &ji->ea, NULL);
685 		if (ji->ea.flag & DXD_INLINE)
686 			ji->mode2 |= INLINEEA;
687 		ji->ea.flag = 0;
688 		ji->ea.size = 0;
689 	}
690 
691 	/* If old blocks exist, they must be removed from quota allocation. */
692 	if (old_blocks)
693 		DQUOT_FREE_BLOCK(inode, old_blocks);
694 
695 	inode->i_ctime = CURRENT_TIME;
696 
697 	return 0;
698 }
699 
700 /*
701  * can_set_system_xattr
702  *
703  * This code is specific to the system.* namespace.  It contains policy
704  * which doesn't belong in the main xattr codepath.
705  */
706 static int can_set_system_xattr(struct inode *inode, const char *name,
707 				const void *value, size_t value_len)
708 {
709 #ifdef CONFIG_JFS_POSIX_ACL
710 	struct posix_acl *acl;
711 	int rc;
712 
713 	if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))
714 		return -EPERM;
715 
716 	/*
717 	 * POSIX_ACL_XATTR_ACCESS is tied to i_mode
718 	 */
719 	if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0) {
720 		acl = posix_acl_from_xattr(value, value_len);
721 		if (IS_ERR(acl)) {
722 			rc = PTR_ERR(acl);
723 			printk(KERN_ERR "posix_acl_from_xattr returned %d\n",
724 			       rc);
725 			return rc;
726 		}
727 		if (acl) {
728 			mode_t mode = inode->i_mode;
729 			rc = posix_acl_equiv_mode(acl, &mode);
730 			posix_acl_release(acl);
731 			if (rc < 0) {
732 				printk(KERN_ERR
733 				       "posix_acl_equiv_mode returned %d\n",
734 				       rc);
735 				return rc;
736 			}
737 			inode->i_mode = mode;
738 			mark_inode_dirty(inode);
739 		}
740 		/*
741 		 * We're changing the ACL.  Get rid of the cached one
742 		 */
743 		acl =JFS_IP(inode)->i_acl;
744 		if (acl != JFS_ACL_NOT_CACHED)
745 			posix_acl_release(acl);
746 		JFS_IP(inode)->i_acl = JFS_ACL_NOT_CACHED;
747 
748 		return 0;
749 	} else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0) {
750 		acl = posix_acl_from_xattr(value, value_len);
751 		if (IS_ERR(acl)) {
752 			rc = PTR_ERR(acl);
753 			printk(KERN_ERR "posix_acl_from_xattr returned %d\n",
754 			       rc);
755 			return rc;
756 		}
757 		posix_acl_release(acl);
758 
759 		/*
760 		 * We're changing the default ACL.  Get rid of the cached one
761 		 */
762 		acl =JFS_IP(inode)->i_default_acl;
763 		if (acl && (acl != JFS_ACL_NOT_CACHED))
764 			posix_acl_release(acl);
765 		JFS_IP(inode)->i_default_acl = JFS_ACL_NOT_CACHED;
766 
767 		return 0;
768 	}
769 #endif			/* CONFIG_JFS_POSIX_ACL */
770 	return -EOPNOTSUPP;
771 }
772 
773 static int can_set_xattr(struct inode *inode, const char *name,
774 			 const void *value, size_t value_len)
775 {
776 	if (IS_RDONLY(inode))
777 		return -EROFS;
778 
779 	if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
780 		return -EPERM;
781 
782 	if(strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN) == 0)
783 		/*
784 		 * "system.*"
785 		 */
786 		return can_set_system_xattr(inode, name, value, value_len);
787 
788 	if(strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN) == 0)
789 		return (capable(CAP_SYS_ADMIN) ? 0 : -EPERM);
790 
791 #ifdef CONFIG_JFS_SECURITY
792 	if (strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN)
793 	    == 0)
794 		return 0;	/* Leave it to the security module */
795 #endif
796 
797 	if((strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN) != 0) &&
798 	   (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) != 0))
799 		return -EOPNOTSUPP;
800 
801 	if (!S_ISREG(inode->i_mode) &&
802 	    (!S_ISDIR(inode->i_mode) || inode->i_mode &S_ISVTX))
803 		return -EPERM;
804 
805 	return permission(inode, MAY_WRITE, NULL);
806 }
807 
808 int __jfs_setxattr(tid_t tid, struct inode *inode, const char *name,
809 		   const void *value, size_t value_len, int flags)
810 {
811 	struct jfs_ea_list *ealist;
812 	struct jfs_ea *ea, *old_ea = NULL, *next_ea = NULL;
813 	struct ea_buffer ea_buf;
814 	int old_ea_size = 0;
815 	int xattr_size;
816 	int new_size;
817 	int namelen = strlen(name);
818 	char *os2name = NULL;
819 	int found = 0;
820 	int rc;
821 	int length;
822 
823 	if (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) == 0) {
824 		os2name = kmalloc(namelen - XATTR_OS2_PREFIX_LEN + 1,
825 				  GFP_KERNEL);
826 		if (!os2name)
827 			return -ENOMEM;
828 		strcpy(os2name, name + XATTR_OS2_PREFIX_LEN);
829 		name = os2name;
830 		namelen -= XATTR_OS2_PREFIX_LEN;
831 	}
832 
833 	down_write(&JFS_IP(inode)->xattr_sem);
834 
835 	xattr_size = ea_get(inode, &ea_buf, 0);
836 	if (xattr_size < 0) {
837 		rc = xattr_size;
838 		goto out;
839 	}
840 
841       again:
842 	ealist = (struct jfs_ea_list *) ea_buf.xattr;
843 	new_size = sizeof (struct jfs_ea_list);
844 
845 	if (xattr_size) {
846 		for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist);
847 		     ea = NEXT_EA(ea)) {
848 			if ((namelen == ea->namelen) &&
849 			    (memcmp(name, ea->name, namelen) == 0)) {
850 				found = 1;
851 				if (flags & XATTR_CREATE) {
852 					rc = -EEXIST;
853 					goto release;
854 				}
855 				old_ea = ea;
856 				old_ea_size = EA_SIZE(ea);
857 				next_ea = NEXT_EA(ea);
858 			} else
859 				new_size += EA_SIZE(ea);
860 		}
861 	}
862 
863 	if (!found) {
864 		if (flags & XATTR_REPLACE) {
865 			rc = -ENODATA;
866 			goto release;
867 		}
868 		if (value == NULL) {
869 			rc = 0;
870 			goto release;
871 		}
872 	}
873 	if (value)
874 		new_size += sizeof (struct jfs_ea) + namelen + 1 + value_len;
875 
876 	if (new_size > ea_buf.max_size) {
877 		/*
878 		 * We need to allocate more space for merged ea list.
879 		 * We should only have loop to again: once.
880 		 */
881 		ea_release(inode, &ea_buf);
882 		xattr_size = ea_get(inode, &ea_buf, new_size);
883 		if (xattr_size < 0) {
884 			rc = xattr_size;
885 			goto out;
886 		}
887 		goto again;
888 	}
889 
890 	/* Remove old ea of the same name */
891 	if (found) {
892 		/* number of bytes following target EA */
893 		length = (char *) END_EALIST(ealist) - (char *) next_ea;
894 		if (length > 0)
895 			memmove(old_ea, next_ea, length);
896 		xattr_size -= old_ea_size;
897 	}
898 
899 	/* Add new entry to the end */
900 	if (value) {
901 		if (xattr_size == 0)
902 			/* Completely new ea list */
903 			xattr_size = sizeof (struct jfs_ea_list);
904 
905 		ea = (struct jfs_ea *) ((char *) ealist + xattr_size);
906 		ea->flag = 0;
907 		ea->namelen = namelen;
908 		ea->valuelen = (cpu_to_le16(value_len));
909 		memcpy(ea->name, name, namelen);
910 		ea->name[namelen] = 0;
911 		if (value_len)
912 			memcpy(&ea->name[namelen + 1], value, value_len);
913 		xattr_size += EA_SIZE(ea);
914 	}
915 
916 	/* DEBUG - If we did this right, these number match */
917 	if (xattr_size != new_size) {
918 		printk(KERN_ERR
919 		       "jfs_xsetattr: xattr_size = %d, new_size = %d\n",
920 		       xattr_size, new_size);
921 
922 		rc = -EINVAL;
923 		goto release;
924 	}
925 
926 	/*
927 	 * If we're left with an empty list, there's no ea
928 	 */
929 	if (new_size == sizeof (struct jfs_ea_list))
930 		new_size = 0;
931 
932 	ealist->size = cpu_to_le32(new_size);
933 
934 	rc = ea_put(tid, inode, &ea_buf, new_size);
935 
936 	goto out;
937       release:
938 	ea_release(inode, &ea_buf);
939       out:
940 	up_write(&JFS_IP(inode)->xattr_sem);
941 
942 	kfree(os2name);
943 
944 	return rc;
945 }
946 
947 int jfs_setxattr(struct dentry *dentry, const char *name, const void *value,
948 		 size_t value_len, int flags)
949 {
950 	struct inode *inode = dentry->d_inode;
951 	struct jfs_inode_info *ji = JFS_IP(inode);
952 	int rc;
953 	tid_t tid;
954 
955 	if ((rc = can_set_xattr(inode, name, value, value_len)))
956 		return rc;
957 
958 	if (value == NULL) {	/* empty EA, do not remove */
959 		value = "";
960 		value_len = 0;
961 	}
962 
963 	tid = txBegin(inode->i_sb, 0);
964 	down(&ji->commit_sem);
965 	rc = __jfs_setxattr(tid, dentry->d_inode, name, value, value_len,
966 			    flags);
967 	if (!rc)
968 		rc = txCommit(tid, 1, &inode, 0);
969 	txEnd(tid);
970 	up(&ji->commit_sem);
971 
972 	return rc;
973 }
974 
975 static int can_get_xattr(struct inode *inode, const char *name)
976 {
977 #ifdef CONFIG_JFS_SECURITY
978 	if(strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) == 0)
979 		return 0;
980 #endif
981 
982 	if(strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN) == 0)
983 		return (capable(CAP_SYS_ADMIN) ? 0 : -EPERM);
984 
985 	if(strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN) == 0)
986 		return 0;
987 
988 	return permission(inode, MAY_READ, NULL);
989 }
990 
991 ssize_t __jfs_getxattr(struct inode *inode, const char *name, void *data,
992 		       size_t buf_size)
993 {
994 	struct jfs_ea_list *ealist;
995 	struct jfs_ea *ea;
996 	struct ea_buffer ea_buf;
997 	int xattr_size;
998 	ssize_t size;
999 	int namelen = strlen(name);
1000 	char *os2name = NULL;
1001 	int rc;
1002 	char *value;
1003 
1004 	if ((rc = can_get_xattr(inode, name)))
1005 		return rc;
1006 
1007 	if (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) == 0) {
1008 		os2name = kmalloc(namelen - XATTR_OS2_PREFIX_LEN + 1,
1009 				  GFP_KERNEL);
1010 		if (!os2name)
1011 			return -ENOMEM;
1012 		strcpy(os2name, name + XATTR_OS2_PREFIX_LEN);
1013 		name = os2name;
1014 		namelen -= XATTR_OS2_PREFIX_LEN;
1015 	}
1016 
1017 	down_read(&JFS_IP(inode)->xattr_sem);
1018 
1019 	xattr_size = ea_get(inode, &ea_buf, 0);
1020 
1021 	if (xattr_size < 0) {
1022 		size = xattr_size;
1023 		goto out;
1024 	}
1025 
1026 	if (xattr_size == 0)
1027 		goto not_found;
1028 
1029 	ealist = (struct jfs_ea_list *) ea_buf.xattr;
1030 
1031 	/* Find the named attribute */
1032 	for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea))
1033 		if ((namelen == ea->namelen) &&
1034 		    memcmp(name, ea->name, namelen) == 0) {
1035 			/* Found it */
1036 			size = le16_to_cpu(ea->valuelen);
1037 			if (!data)
1038 				goto release;
1039 			else if (size > buf_size) {
1040 				size = -ERANGE;
1041 				goto release;
1042 			}
1043 			value = ((char *) &ea->name) + ea->namelen + 1;
1044 			memcpy(data, value, size);
1045 			goto release;
1046 		}
1047       not_found:
1048 	size = -ENODATA;
1049       release:
1050 	ea_release(inode, &ea_buf);
1051       out:
1052 	up_read(&JFS_IP(inode)->xattr_sem);
1053 
1054 	kfree(os2name);
1055 
1056 	return size;
1057 }
1058 
1059 ssize_t jfs_getxattr(struct dentry *dentry, const char *name, void *data,
1060 		     size_t buf_size)
1061 {
1062 	int err;
1063 
1064 	err = __jfs_getxattr(dentry->d_inode, name, data, buf_size);
1065 
1066 	return err;
1067 }
1068 
1069 /*
1070  * No special permissions are needed to list attributes except for trusted.*
1071  */
1072 static inline int can_list(struct jfs_ea *ea)
1073 {
1074 	return (strncmp(ea->name, XATTR_TRUSTED_PREFIX,
1075 			    XATTR_TRUSTED_PREFIX_LEN) ||
1076 		capable(CAP_SYS_ADMIN));
1077 }
1078 
1079 ssize_t jfs_listxattr(struct dentry * dentry, char *data, size_t buf_size)
1080 {
1081 	struct inode *inode = dentry->d_inode;
1082 	char *buffer;
1083 	ssize_t size = 0;
1084 	int xattr_size;
1085 	struct jfs_ea_list *ealist;
1086 	struct jfs_ea *ea;
1087 	struct ea_buffer ea_buf;
1088 
1089 	down_read(&JFS_IP(inode)->xattr_sem);
1090 
1091 	xattr_size = ea_get(inode, &ea_buf, 0);
1092 	if (xattr_size < 0) {
1093 		size = xattr_size;
1094 		goto out;
1095 	}
1096 
1097 	if (xattr_size == 0)
1098 		goto release;
1099 
1100 	ealist = (struct jfs_ea_list *) ea_buf.xattr;
1101 
1102 	/* compute required size of list */
1103 	for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea)) {
1104 	    	if (can_list(ea))
1105 			size += name_size(ea) + 1;
1106 	}
1107 
1108 	if (!data)
1109 		goto release;
1110 
1111 	if (size > buf_size) {
1112 		size = -ERANGE;
1113 		goto release;
1114 	}
1115 
1116 	/* Copy attribute names to buffer */
1117 	buffer = data;
1118 	for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea)) {
1119 	    	if (can_list(ea)) {
1120 			int namelen = copy_name(buffer, ea);
1121 			buffer += namelen + 1;
1122 		}
1123 	}
1124 
1125       release:
1126 	ea_release(inode, &ea_buf);
1127       out:
1128 	up_read(&JFS_IP(inode)->xattr_sem);
1129 	return size;
1130 }
1131 
1132 int jfs_removexattr(struct dentry *dentry, const char *name)
1133 {
1134 	struct inode *inode = dentry->d_inode;
1135 	struct jfs_inode_info *ji = JFS_IP(inode);
1136 	int rc;
1137 	tid_t tid;
1138 
1139 	if ((rc = can_set_xattr(inode, name, NULL, 0)))
1140 		return rc;
1141 
1142 	tid = txBegin(inode->i_sb, 0);
1143 	down(&ji->commit_sem);
1144 	rc = __jfs_setxattr(tid, dentry->d_inode, name, NULL, 0, XATTR_REPLACE);
1145 	if (!rc)
1146 		rc = txCommit(tid, 1, &inode, 0);
1147 	txEnd(tid);
1148 	up(&ji->commit_sem);
1149 
1150 	return rc;
1151 }
1152 
1153 #ifdef CONFIG_JFS_SECURITY
1154 int jfs_init_security(tid_t tid, struct inode *inode, struct inode *dir)
1155 {
1156 	int rc;
1157 	size_t len;
1158 	void *value;
1159 	char *suffix;
1160 	char *name;
1161 
1162 	rc = security_inode_init_security(inode, dir, &suffix, &value, &len);
1163 	if (rc) {
1164 		if (rc == -EOPNOTSUPP)
1165 			return 0;
1166 		return rc;
1167 	}
1168 	name = kmalloc(XATTR_SECURITY_PREFIX_LEN + 1 + strlen(suffix),
1169 		       GFP_NOFS);
1170 	if (!name) {
1171 		rc = -ENOMEM;
1172 		goto kmalloc_failed;
1173 	}
1174 	strcpy(name, XATTR_SECURITY_PREFIX);
1175 	strcpy(name + XATTR_SECURITY_PREFIX_LEN, suffix);
1176 
1177 	rc = __jfs_setxattr(tid, inode, name, value, len, 0);
1178 
1179 	kfree(name);
1180 kmalloc_failed:
1181 	kfree(suffix);
1182 	kfree(value);
1183 
1184 	return rc;
1185 }
1186 #endif
1187