1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2017-2018 HUAWEI, Inc. 4 * https://www.huawei.com/ 5 * Created by Gao Xiang <gaoxiang25@huawei.com> 6 */ 7 #include <linux/security.h> 8 #include "xattr.h" 9 10 struct xattr_iter { 11 struct super_block *sb; 12 struct page *page; 13 void *kaddr; 14 15 erofs_blk_t blkaddr; 16 unsigned int ofs; 17 }; 18 19 static inline void xattr_iter_end(struct xattr_iter *it, bool atomic) 20 { 21 /* the only user of kunmap() is 'init_inode_xattrs' */ 22 if (!atomic) 23 kunmap(it->page); 24 else 25 kunmap_atomic(it->kaddr); 26 27 unlock_page(it->page); 28 put_page(it->page); 29 } 30 31 static inline void xattr_iter_end_final(struct xattr_iter *it) 32 { 33 if (!it->page) 34 return; 35 36 xattr_iter_end(it, true); 37 } 38 39 static int init_inode_xattrs(struct inode *inode) 40 { 41 struct erofs_inode *const vi = EROFS_I(inode); 42 struct xattr_iter it; 43 unsigned int i; 44 struct erofs_xattr_ibody_header *ih; 45 struct super_block *sb; 46 struct erofs_sb_info *sbi; 47 bool atomic_map; 48 int ret = 0; 49 50 /* the most case is that xattrs of this inode are initialized. */ 51 if (test_bit(EROFS_I_EA_INITED_BIT, &vi->flags)) 52 return 0; 53 54 if (wait_on_bit_lock(&vi->flags, EROFS_I_BL_XATTR_BIT, TASK_KILLABLE)) 55 return -ERESTARTSYS; 56 57 /* someone has initialized xattrs for us? */ 58 if (test_bit(EROFS_I_EA_INITED_BIT, &vi->flags)) 59 goto out_unlock; 60 61 /* 62 * bypass all xattr operations if ->xattr_isize is not greater than 63 * sizeof(struct erofs_xattr_ibody_header), in detail: 64 * 1) it is not enough to contain erofs_xattr_ibody_header then 65 * ->xattr_isize should be 0 (it means no xattr); 66 * 2) it is just to contain erofs_xattr_ibody_header, which is on-disk 67 * undefined right now (maybe use later with some new sb feature). 68 */ 69 if (vi->xattr_isize == sizeof(struct erofs_xattr_ibody_header)) { 70 erofs_err(inode->i_sb, 71 "xattr_isize %d of nid %llu is not supported yet", 72 vi->xattr_isize, vi->nid); 73 ret = -EOPNOTSUPP; 74 goto out_unlock; 75 } else if (vi->xattr_isize < sizeof(struct erofs_xattr_ibody_header)) { 76 if (vi->xattr_isize) { 77 erofs_err(inode->i_sb, 78 "bogus xattr ibody @ nid %llu", vi->nid); 79 DBG_BUGON(1); 80 ret = -EFSCORRUPTED; 81 goto out_unlock; /* xattr ondisk layout error */ 82 } 83 ret = -ENOATTR; 84 goto out_unlock; 85 } 86 87 sb = inode->i_sb; 88 sbi = EROFS_SB(sb); 89 it.blkaddr = erofs_blknr(iloc(sbi, vi->nid) + vi->inode_isize); 90 it.ofs = erofs_blkoff(iloc(sbi, vi->nid) + vi->inode_isize); 91 92 it.page = erofs_get_meta_page(sb, it.blkaddr); 93 if (IS_ERR(it.page)) { 94 ret = PTR_ERR(it.page); 95 goto out_unlock; 96 } 97 98 /* read in shared xattr array (non-atomic, see kmalloc below) */ 99 it.kaddr = kmap(it.page); 100 atomic_map = false; 101 102 ih = (struct erofs_xattr_ibody_header *)(it.kaddr + it.ofs); 103 104 vi->xattr_shared_count = ih->h_shared_count; 105 vi->xattr_shared_xattrs = kmalloc_array(vi->xattr_shared_count, 106 sizeof(uint), GFP_KERNEL); 107 if (!vi->xattr_shared_xattrs) { 108 xattr_iter_end(&it, atomic_map); 109 ret = -ENOMEM; 110 goto out_unlock; 111 } 112 113 /* let's skip ibody header */ 114 it.ofs += sizeof(struct erofs_xattr_ibody_header); 115 116 for (i = 0; i < vi->xattr_shared_count; ++i) { 117 if (it.ofs >= EROFS_BLKSIZ) { 118 /* cannot be unaligned */ 119 DBG_BUGON(it.ofs != EROFS_BLKSIZ); 120 xattr_iter_end(&it, atomic_map); 121 122 it.page = erofs_get_meta_page(sb, ++it.blkaddr); 123 if (IS_ERR(it.page)) { 124 kfree(vi->xattr_shared_xattrs); 125 vi->xattr_shared_xattrs = NULL; 126 ret = PTR_ERR(it.page); 127 goto out_unlock; 128 } 129 130 it.kaddr = kmap_atomic(it.page); 131 atomic_map = true; 132 it.ofs = 0; 133 } 134 vi->xattr_shared_xattrs[i] = 135 le32_to_cpu(*(__le32 *)(it.kaddr + it.ofs)); 136 it.ofs += sizeof(__le32); 137 } 138 xattr_iter_end(&it, atomic_map); 139 140 set_bit(EROFS_I_EA_INITED_BIT, &vi->flags); 141 142 out_unlock: 143 clear_and_wake_up_bit(EROFS_I_BL_XATTR_BIT, &vi->flags); 144 return ret; 145 } 146 147 /* 148 * the general idea for these return values is 149 * if 0 is returned, go on processing the current xattr; 150 * 1 (> 0) is returned, skip this round to process the next xattr; 151 * -err (< 0) is returned, an error (maybe ENOXATTR) occurred 152 * and need to be handled 153 */ 154 struct xattr_iter_handlers { 155 int (*entry)(struct xattr_iter *_it, struct erofs_xattr_entry *entry); 156 int (*name)(struct xattr_iter *_it, unsigned int processed, char *buf, 157 unsigned int len); 158 int (*alloc_buffer)(struct xattr_iter *_it, unsigned int value_sz); 159 void (*value)(struct xattr_iter *_it, unsigned int processed, char *buf, 160 unsigned int len); 161 }; 162 163 static inline int xattr_iter_fixup(struct xattr_iter *it) 164 { 165 if (it->ofs < EROFS_BLKSIZ) 166 return 0; 167 168 xattr_iter_end(it, true); 169 170 it->blkaddr += erofs_blknr(it->ofs); 171 172 it->page = erofs_get_meta_page(it->sb, it->blkaddr); 173 if (IS_ERR(it->page)) { 174 int err = PTR_ERR(it->page); 175 176 it->page = NULL; 177 return err; 178 } 179 180 it->kaddr = kmap_atomic(it->page); 181 it->ofs = erofs_blkoff(it->ofs); 182 return 0; 183 } 184 185 static int inline_xattr_iter_begin(struct xattr_iter *it, 186 struct inode *inode) 187 { 188 struct erofs_inode *const vi = EROFS_I(inode); 189 struct erofs_sb_info *const sbi = EROFS_SB(inode->i_sb); 190 unsigned int xattr_header_sz, inline_xattr_ofs; 191 192 xattr_header_sz = inlinexattr_header_size(inode); 193 if (xattr_header_sz >= vi->xattr_isize) { 194 DBG_BUGON(xattr_header_sz > vi->xattr_isize); 195 return -ENOATTR; 196 } 197 198 inline_xattr_ofs = vi->inode_isize + xattr_header_sz; 199 200 it->blkaddr = erofs_blknr(iloc(sbi, vi->nid) + inline_xattr_ofs); 201 it->ofs = erofs_blkoff(iloc(sbi, vi->nid) + inline_xattr_ofs); 202 203 it->page = erofs_get_meta_page(inode->i_sb, it->blkaddr); 204 if (IS_ERR(it->page)) 205 return PTR_ERR(it->page); 206 207 it->kaddr = kmap_atomic(it->page); 208 return vi->xattr_isize - xattr_header_sz; 209 } 210 211 /* 212 * Regardless of success or failure, `xattr_foreach' will end up with 213 * `ofs' pointing to the next xattr item rather than an arbitrary position. 214 */ 215 static int xattr_foreach(struct xattr_iter *it, 216 const struct xattr_iter_handlers *op, 217 unsigned int *tlimit) 218 { 219 struct erofs_xattr_entry entry; 220 unsigned int value_sz, processed, slice; 221 int err; 222 223 /* 0. fixup blkaddr, ofs, ipage */ 224 err = xattr_iter_fixup(it); 225 if (err) 226 return err; 227 228 /* 229 * 1. read xattr entry to the memory, 230 * since we do EROFS_XATTR_ALIGN 231 * therefore entry should be in the page 232 */ 233 entry = *(struct erofs_xattr_entry *)(it->kaddr + it->ofs); 234 if (tlimit) { 235 unsigned int entry_sz = erofs_xattr_entry_size(&entry); 236 237 /* xattr on-disk corruption: xattr entry beyond xattr_isize */ 238 if (*tlimit < entry_sz) { 239 DBG_BUGON(1); 240 return -EFSCORRUPTED; 241 } 242 *tlimit -= entry_sz; 243 } 244 245 it->ofs += sizeof(struct erofs_xattr_entry); 246 value_sz = le16_to_cpu(entry.e_value_size); 247 248 /* handle entry */ 249 err = op->entry(it, &entry); 250 if (err) { 251 it->ofs += entry.e_name_len + value_sz; 252 goto out; 253 } 254 255 /* 2. handle xattr name (ofs will finally be at the end of name) */ 256 processed = 0; 257 258 while (processed < entry.e_name_len) { 259 if (it->ofs >= EROFS_BLKSIZ) { 260 DBG_BUGON(it->ofs > EROFS_BLKSIZ); 261 262 err = xattr_iter_fixup(it); 263 if (err) 264 goto out; 265 it->ofs = 0; 266 } 267 268 slice = min_t(unsigned int, PAGE_SIZE - it->ofs, 269 entry.e_name_len - processed); 270 271 /* handle name */ 272 err = op->name(it, processed, it->kaddr + it->ofs, slice); 273 if (err) { 274 it->ofs += entry.e_name_len - processed + value_sz; 275 goto out; 276 } 277 278 it->ofs += slice; 279 processed += slice; 280 } 281 282 /* 3. handle xattr value */ 283 processed = 0; 284 285 if (op->alloc_buffer) { 286 err = op->alloc_buffer(it, value_sz); 287 if (err) { 288 it->ofs += value_sz; 289 goto out; 290 } 291 } 292 293 while (processed < value_sz) { 294 if (it->ofs >= EROFS_BLKSIZ) { 295 DBG_BUGON(it->ofs > EROFS_BLKSIZ); 296 297 err = xattr_iter_fixup(it); 298 if (err) 299 goto out; 300 it->ofs = 0; 301 } 302 303 slice = min_t(unsigned int, PAGE_SIZE - it->ofs, 304 value_sz - processed); 305 op->value(it, processed, it->kaddr + it->ofs, slice); 306 it->ofs += slice; 307 processed += slice; 308 } 309 310 out: 311 /* xattrs should be 4-byte aligned (on-disk constraint) */ 312 it->ofs = EROFS_XATTR_ALIGN(it->ofs); 313 return err < 0 ? err : 0; 314 } 315 316 struct getxattr_iter { 317 struct xattr_iter it; 318 319 char *buffer; 320 int buffer_size, index; 321 struct qstr name; 322 }; 323 324 static int xattr_entrymatch(struct xattr_iter *_it, 325 struct erofs_xattr_entry *entry) 326 { 327 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it); 328 329 return (it->index != entry->e_name_index || 330 it->name.len != entry->e_name_len) ? -ENOATTR : 0; 331 } 332 333 static int xattr_namematch(struct xattr_iter *_it, 334 unsigned int processed, char *buf, unsigned int len) 335 { 336 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it); 337 338 return memcmp(buf, it->name.name + processed, len) ? -ENOATTR : 0; 339 } 340 341 static int xattr_checkbuffer(struct xattr_iter *_it, 342 unsigned int value_sz) 343 { 344 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it); 345 int err = it->buffer_size < value_sz ? -ERANGE : 0; 346 347 it->buffer_size = value_sz; 348 return !it->buffer ? 1 : err; 349 } 350 351 static void xattr_copyvalue(struct xattr_iter *_it, 352 unsigned int processed, 353 char *buf, unsigned int len) 354 { 355 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it); 356 357 memcpy(it->buffer + processed, buf, len); 358 } 359 360 static const struct xattr_iter_handlers find_xattr_handlers = { 361 .entry = xattr_entrymatch, 362 .name = xattr_namematch, 363 .alloc_buffer = xattr_checkbuffer, 364 .value = xattr_copyvalue 365 }; 366 367 static int inline_getxattr(struct inode *inode, struct getxattr_iter *it) 368 { 369 int ret; 370 unsigned int remaining; 371 372 ret = inline_xattr_iter_begin(&it->it, inode); 373 if (ret < 0) 374 return ret; 375 376 remaining = ret; 377 while (remaining) { 378 ret = xattr_foreach(&it->it, &find_xattr_handlers, &remaining); 379 if (ret != -ENOATTR) 380 break; 381 } 382 xattr_iter_end_final(&it->it); 383 384 return ret ? ret : it->buffer_size; 385 } 386 387 static int shared_getxattr(struct inode *inode, struct getxattr_iter *it) 388 { 389 struct erofs_inode *const vi = EROFS_I(inode); 390 struct super_block *const sb = inode->i_sb; 391 struct erofs_sb_info *const sbi = EROFS_SB(sb); 392 unsigned int i; 393 int ret = -ENOATTR; 394 395 for (i = 0; i < vi->xattr_shared_count; ++i) { 396 erofs_blk_t blkaddr = 397 xattrblock_addr(sbi, vi->xattr_shared_xattrs[i]); 398 399 it->it.ofs = xattrblock_offset(sbi, vi->xattr_shared_xattrs[i]); 400 401 if (!i || blkaddr != it->it.blkaddr) { 402 if (i) 403 xattr_iter_end(&it->it, true); 404 405 it->it.page = erofs_get_meta_page(sb, blkaddr); 406 if (IS_ERR(it->it.page)) 407 return PTR_ERR(it->it.page); 408 409 it->it.kaddr = kmap_atomic(it->it.page); 410 it->it.blkaddr = blkaddr; 411 } 412 413 ret = xattr_foreach(&it->it, &find_xattr_handlers, NULL); 414 if (ret != -ENOATTR) 415 break; 416 } 417 if (vi->xattr_shared_count) 418 xattr_iter_end_final(&it->it); 419 420 return ret ? ret : it->buffer_size; 421 } 422 423 static bool erofs_xattr_user_list(struct dentry *dentry) 424 { 425 return test_opt(&EROFS_SB(dentry->d_sb)->ctx, XATTR_USER); 426 } 427 428 static bool erofs_xattr_trusted_list(struct dentry *dentry) 429 { 430 return capable(CAP_SYS_ADMIN); 431 } 432 433 int erofs_getxattr(struct inode *inode, int index, 434 const char *name, 435 void *buffer, size_t buffer_size) 436 { 437 int ret; 438 struct getxattr_iter it; 439 440 if (!name) 441 return -EINVAL; 442 443 ret = init_inode_xattrs(inode); 444 if (ret) 445 return ret; 446 447 it.index = index; 448 449 it.name.len = strlen(name); 450 if (it.name.len > EROFS_NAME_LEN) 451 return -ERANGE; 452 it.name.name = name; 453 454 it.buffer = buffer; 455 it.buffer_size = buffer_size; 456 457 it.it.sb = inode->i_sb; 458 ret = inline_getxattr(inode, &it); 459 if (ret == -ENOATTR) 460 ret = shared_getxattr(inode, &it); 461 return ret; 462 } 463 464 static int erofs_xattr_generic_get(const struct xattr_handler *handler, 465 struct dentry *unused, struct inode *inode, 466 const char *name, void *buffer, size_t size) 467 { 468 struct erofs_sb_info *const sbi = EROFS_I_SB(inode); 469 470 switch (handler->flags) { 471 case EROFS_XATTR_INDEX_USER: 472 if (!test_opt(&sbi->ctx, XATTR_USER)) 473 return -EOPNOTSUPP; 474 break; 475 case EROFS_XATTR_INDEX_TRUSTED: 476 if (!capable(CAP_SYS_ADMIN)) 477 return -EPERM; 478 break; 479 case EROFS_XATTR_INDEX_SECURITY: 480 break; 481 default: 482 return -EINVAL; 483 } 484 485 return erofs_getxattr(inode, handler->flags, name, buffer, size); 486 } 487 488 const struct xattr_handler erofs_xattr_user_handler = { 489 .prefix = XATTR_USER_PREFIX, 490 .flags = EROFS_XATTR_INDEX_USER, 491 .list = erofs_xattr_user_list, 492 .get = erofs_xattr_generic_get, 493 }; 494 495 const struct xattr_handler erofs_xattr_trusted_handler = { 496 .prefix = XATTR_TRUSTED_PREFIX, 497 .flags = EROFS_XATTR_INDEX_TRUSTED, 498 .list = erofs_xattr_trusted_list, 499 .get = erofs_xattr_generic_get, 500 }; 501 502 #ifdef CONFIG_EROFS_FS_SECURITY 503 const struct xattr_handler __maybe_unused erofs_xattr_security_handler = { 504 .prefix = XATTR_SECURITY_PREFIX, 505 .flags = EROFS_XATTR_INDEX_SECURITY, 506 .get = erofs_xattr_generic_get, 507 }; 508 #endif 509 510 const struct xattr_handler *erofs_xattr_handlers[] = { 511 &erofs_xattr_user_handler, 512 #ifdef CONFIG_EROFS_FS_POSIX_ACL 513 &posix_acl_access_xattr_handler, 514 &posix_acl_default_xattr_handler, 515 #endif 516 &erofs_xattr_trusted_handler, 517 #ifdef CONFIG_EROFS_FS_SECURITY 518 &erofs_xattr_security_handler, 519 #endif 520 NULL, 521 }; 522 523 struct listxattr_iter { 524 struct xattr_iter it; 525 526 struct dentry *dentry; 527 char *buffer; 528 int buffer_size, buffer_ofs; 529 }; 530 531 static int xattr_entrylist(struct xattr_iter *_it, 532 struct erofs_xattr_entry *entry) 533 { 534 struct listxattr_iter *it = 535 container_of(_it, struct listxattr_iter, it); 536 unsigned int prefix_len; 537 const char *prefix; 538 539 const struct xattr_handler *h = 540 erofs_xattr_handler(entry->e_name_index); 541 542 if (!h || (h->list && !h->list(it->dentry))) 543 return 1; 544 545 prefix = xattr_prefix(h); 546 prefix_len = strlen(prefix); 547 548 if (!it->buffer) { 549 it->buffer_ofs += prefix_len + entry->e_name_len + 1; 550 return 1; 551 } 552 553 if (it->buffer_ofs + prefix_len 554 + entry->e_name_len + 1 > it->buffer_size) 555 return -ERANGE; 556 557 memcpy(it->buffer + it->buffer_ofs, prefix, prefix_len); 558 it->buffer_ofs += prefix_len; 559 return 0; 560 } 561 562 static int xattr_namelist(struct xattr_iter *_it, 563 unsigned int processed, char *buf, unsigned int len) 564 { 565 struct listxattr_iter *it = 566 container_of(_it, struct listxattr_iter, it); 567 568 memcpy(it->buffer + it->buffer_ofs, buf, len); 569 it->buffer_ofs += len; 570 return 0; 571 } 572 573 static int xattr_skipvalue(struct xattr_iter *_it, 574 unsigned int value_sz) 575 { 576 struct listxattr_iter *it = 577 container_of(_it, struct listxattr_iter, it); 578 579 it->buffer[it->buffer_ofs++] = '\0'; 580 return 1; 581 } 582 583 static const struct xattr_iter_handlers list_xattr_handlers = { 584 .entry = xattr_entrylist, 585 .name = xattr_namelist, 586 .alloc_buffer = xattr_skipvalue, 587 .value = NULL 588 }; 589 590 static int inline_listxattr(struct listxattr_iter *it) 591 { 592 int ret; 593 unsigned int remaining; 594 595 ret = inline_xattr_iter_begin(&it->it, d_inode(it->dentry)); 596 if (ret < 0) 597 return ret; 598 599 remaining = ret; 600 while (remaining) { 601 ret = xattr_foreach(&it->it, &list_xattr_handlers, &remaining); 602 if (ret) 603 break; 604 } 605 xattr_iter_end_final(&it->it); 606 return ret ? ret : it->buffer_ofs; 607 } 608 609 static int shared_listxattr(struct listxattr_iter *it) 610 { 611 struct inode *const inode = d_inode(it->dentry); 612 struct erofs_inode *const vi = EROFS_I(inode); 613 struct super_block *const sb = inode->i_sb; 614 struct erofs_sb_info *const sbi = EROFS_SB(sb); 615 unsigned int i; 616 int ret = 0; 617 618 for (i = 0; i < vi->xattr_shared_count; ++i) { 619 erofs_blk_t blkaddr = 620 xattrblock_addr(sbi, vi->xattr_shared_xattrs[i]); 621 622 it->it.ofs = xattrblock_offset(sbi, vi->xattr_shared_xattrs[i]); 623 if (!i || blkaddr != it->it.blkaddr) { 624 if (i) 625 xattr_iter_end(&it->it, true); 626 627 it->it.page = erofs_get_meta_page(sb, blkaddr); 628 if (IS_ERR(it->it.page)) 629 return PTR_ERR(it->it.page); 630 631 it->it.kaddr = kmap_atomic(it->it.page); 632 it->it.blkaddr = blkaddr; 633 } 634 635 ret = xattr_foreach(&it->it, &list_xattr_handlers, NULL); 636 if (ret) 637 break; 638 } 639 if (vi->xattr_shared_count) 640 xattr_iter_end_final(&it->it); 641 642 return ret ? ret : it->buffer_ofs; 643 } 644 645 ssize_t erofs_listxattr(struct dentry *dentry, 646 char *buffer, size_t buffer_size) 647 { 648 int ret; 649 struct listxattr_iter it; 650 651 ret = init_inode_xattrs(d_inode(dentry)); 652 if (ret == -ENOATTR) 653 return 0; 654 if (ret) 655 return ret; 656 657 it.dentry = dentry; 658 it.buffer = buffer; 659 it.buffer_size = buffer_size; 660 it.buffer_ofs = 0; 661 662 it.it.sb = dentry->d_sb; 663 664 ret = inline_listxattr(&it); 665 if (ret < 0 && ret != -ENOATTR) 666 return ret; 667 return shared_listxattr(&it); 668 } 669 670 #ifdef CONFIG_EROFS_FS_POSIX_ACL 671 struct posix_acl *erofs_get_acl(struct inode *inode, int type) 672 { 673 struct posix_acl *acl; 674 int prefix, rc; 675 char *value = NULL; 676 677 switch (type) { 678 case ACL_TYPE_ACCESS: 679 prefix = EROFS_XATTR_INDEX_POSIX_ACL_ACCESS; 680 break; 681 case ACL_TYPE_DEFAULT: 682 prefix = EROFS_XATTR_INDEX_POSIX_ACL_DEFAULT; 683 break; 684 default: 685 return ERR_PTR(-EINVAL); 686 } 687 688 rc = erofs_getxattr(inode, prefix, "", NULL, 0); 689 if (rc > 0) { 690 value = kmalloc(rc, GFP_KERNEL); 691 if (!value) 692 return ERR_PTR(-ENOMEM); 693 rc = erofs_getxattr(inode, prefix, "", value, rc); 694 } 695 696 if (rc == -ENOATTR) 697 acl = NULL; 698 else if (rc < 0) 699 acl = ERR_PTR(rc); 700 else 701 acl = posix_acl_from_xattr(&init_user_ns, value, rc); 702 kfree(value); 703 return acl; 704 } 705 #endif 706 707