xref: /openbmc/linux/fs/ext4/acl.c (revision 48c926cd) 
1 /*
2  * linux/fs/ext4/acl.c
3  *
4  * Copyright (C) 2001-2003 Andreas Gruenbacher, <agruen@suse.de>
5  */
6 
7 #include <linux/quotaops.h>
8 #include "ext4_jbd2.h"
9 #include "ext4.h"
10 #include "xattr.h"
11 #include "acl.h"
12 
13 /*
14  * Convert from filesystem to in-memory representation.
15  */
16 static struct posix_acl *
17 ext4_acl_from_disk(const void *value, size_t size)
18 {
19 	const char *end = (char *)value + size;
20 	int n, count;
21 	struct posix_acl *acl;
22 
23 	if (!value)
24 		return NULL;
25 	if (size < sizeof(ext4_acl_header))
26 		 return ERR_PTR(-EINVAL);
27 	if (((ext4_acl_header *)value)->a_version !=
28 	    cpu_to_le32(EXT4_ACL_VERSION))
29 		return ERR_PTR(-EINVAL);
30 	value = (char *)value + sizeof(ext4_acl_header);
31 	count = ext4_acl_count(size);
32 	if (count < 0)
33 		return ERR_PTR(-EINVAL);
34 	if (count == 0)
35 		return NULL;
36 	acl = posix_acl_alloc(count, GFP_NOFS);
37 	if (!acl)
38 		return ERR_PTR(-ENOMEM);
39 	for (n = 0; n < count; n++) {
40 		ext4_acl_entry *entry =
41 			(ext4_acl_entry *)value;
42 		if ((char *)value + sizeof(ext4_acl_entry_short) > end)
43 			goto fail;
44 		acl->a_entries[n].e_tag  = le16_to_cpu(entry->e_tag);
45 		acl->a_entries[n].e_perm = le16_to_cpu(entry->e_perm);
46 
47 		switch (acl->a_entries[n].e_tag) {
48 		case ACL_USER_OBJ:
49 		case ACL_GROUP_OBJ:
50 		case ACL_MASK:
51 		case ACL_OTHER:
52 			value = (char *)value +
53 				sizeof(ext4_acl_entry_short);
54 			break;
55 
56 		case ACL_USER:
57 			value = (char *)value + sizeof(ext4_acl_entry);
58 			if ((char *)value > end)
59 				goto fail;
60 			acl->a_entries[n].e_uid =
61 				make_kuid(&init_user_ns,
62 					  le32_to_cpu(entry->e_id));
63 			break;
64 		case ACL_GROUP:
65 			value = (char *)value + sizeof(ext4_acl_entry);
66 			if ((char *)value > end)
67 				goto fail;
68 			acl->a_entries[n].e_gid =
69 				make_kgid(&init_user_ns,
70 					  le32_to_cpu(entry->e_id));
71 			break;
72 
73 		default:
74 			goto fail;
75 		}
76 	}
77 	if (value != end)
78 		goto fail;
79 	return acl;
80 
81 fail:
82 	posix_acl_release(acl);
83 	return ERR_PTR(-EINVAL);
84 }
85 
86 /*
87  * Convert from in-memory to filesystem representation.
88  */
89 static void *
90 ext4_acl_to_disk(const struct posix_acl *acl, size_t *size)
91 {
92 	ext4_acl_header *ext_acl;
93 	char *e;
94 	size_t n;
95 
96 	*size = ext4_acl_size(acl->a_count);
97 	ext_acl = kmalloc(sizeof(ext4_acl_header) + acl->a_count *
98 			sizeof(ext4_acl_entry), GFP_NOFS);
99 	if (!ext_acl)
100 		return ERR_PTR(-ENOMEM);
101 	ext_acl->a_version = cpu_to_le32(EXT4_ACL_VERSION);
102 	e = (char *)ext_acl + sizeof(ext4_acl_header);
103 	for (n = 0; n < acl->a_count; n++) {
104 		const struct posix_acl_entry *acl_e = &acl->a_entries[n];
105 		ext4_acl_entry *entry = (ext4_acl_entry *)e;
106 		entry->e_tag  = cpu_to_le16(acl_e->e_tag);
107 		entry->e_perm = cpu_to_le16(acl_e->e_perm);
108 		switch (acl_e->e_tag) {
109 		case ACL_USER:
110 			entry->e_id = cpu_to_le32(
111 				from_kuid(&init_user_ns, acl_e->e_uid));
112 			e += sizeof(ext4_acl_entry);
113 			break;
114 		case ACL_GROUP:
115 			entry->e_id = cpu_to_le32(
116 				from_kgid(&init_user_ns, acl_e->e_gid));
117 			e += sizeof(ext4_acl_entry);
118 			break;
119 
120 		case ACL_USER_OBJ:
121 		case ACL_GROUP_OBJ:
122 		case ACL_MASK:
123 		case ACL_OTHER:
124 			e += sizeof(ext4_acl_entry_short);
125 			break;
126 
127 		default:
128 			goto fail;
129 		}
130 	}
131 	return (char *)ext_acl;
132 
133 fail:
134 	kfree(ext_acl);
135 	return ERR_PTR(-EINVAL);
136 }
137 
138 /*
139  * Inode operation get_posix_acl().
140  *
141  * inode->i_mutex: don't care
142  */
143 struct posix_acl *
144 ext4_get_acl(struct inode *inode, int type)
145 {
146 	int name_index;
147 	char *value = NULL;
148 	struct posix_acl *acl;
149 	int retval;
150 
151 	switch (type) {
152 	case ACL_TYPE_ACCESS:
153 		name_index = EXT4_XATTR_INDEX_POSIX_ACL_ACCESS;
154 		break;
155 	case ACL_TYPE_DEFAULT:
156 		name_index = EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT;
157 		break;
158 	default:
159 		BUG();
160 	}
161 	retval = ext4_xattr_get(inode, name_index, "", NULL, 0);
162 	if (retval > 0) {
163 		value = kmalloc(retval, GFP_NOFS);
164 		if (!value)
165 			return ERR_PTR(-ENOMEM);
166 		retval = ext4_xattr_get(inode, name_index, "", value, retval);
167 	}
168 	if (retval > 0)
169 		acl = ext4_acl_from_disk(value, retval);
170 	else if (retval == -ENODATA || retval == -ENOSYS)
171 		acl = NULL;
172 	else
173 		acl = ERR_PTR(retval);
174 	kfree(value);
175 
176 	return acl;
177 }
178 
179 /*
180  * Set the access or default ACL of an inode.
181  *
182  * inode->i_mutex: down unless called from ext4_new_inode
183  */
184 static int
185 __ext4_set_acl(handle_t *handle, struct inode *inode, int type,
186 	     struct posix_acl *acl, int xattr_flags)
187 {
188 	int name_index;
189 	void *value = NULL;
190 	size_t size = 0;
191 	int error;
192 
193 	switch (type) {
194 	case ACL_TYPE_ACCESS:
195 		name_index = EXT4_XATTR_INDEX_POSIX_ACL_ACCESS;
196 		break;
197 
198 	case ACL_TYPE_DEFAULT:
199 		name_index = EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT;
200 		if (!S_ISDIR(inode->i_mode))
201 			return acl ? -EACCES : 0;
202 		break;
203 
204 	default:
205 		return -EINVAL;
206 	}
207 	if (acl) {
208 		value = ext4_acl_to_disk(acl, &size);
209 		if (IS_ERR(value))
210 			return (int)PTR_ERR(value);
211 	}
212 
213 	error = ext4_xattr_set_handle(handle, inode, name_index, "",
214 				      value, size, xattr_flags);
215 
216 	kfree(value);
217 	if (!error) {
218 		set_cached_acl(inode, type, acl);
219 	}
220 
221 	return error;
222 }
223 
224 int
225 ext4_set_acl(struct inode *inode, struct posix_acl *acl, int type)
226 {
227 	handle_t *handle;
228 	int error, credits, retries = 0;
229 	size_t acl_size = acl ? ext4_acl_size(acl->a_count) : 0;
230 	umode_t mode = inode->i_mode;
231 	int update_mode = 0;
232 
233 	error = dquot_initialize(inode);
234 	if (error)
235 		return error;
236 retry:
237 	error = ext4_xattr_set_credits(inode, acl_size, false /* is_create */,
238 				       &credits);
239 	if (error)
240 		return error;
241 
242 	handle = ext4_journal_start(inode, EXT4_HT_XATTR, credits);
243 	if (IS_ERR(handle))
244 		return PTR_ERR(handle);
245 
246 	if ((type == ACL_TYPE_ACCESS) && acl) {
247 		error = posix_acl_update_mode(inode, &mode, &acl);
248 		if (error)
249 			goto out_stop;
250 		update_mode = 1;
251 	}
252 
253 	error = __ext4_set_acl(handle, inode, type, acl, 0 /* xattr_flags */);
254 	if (!error && update_mode) {
255 		inode->i_mode = mode;
256 		inode->i_ctime = current_time(inode);
257 		ext4_mark_inode_dirty(handle, inode);
258 	}
259 out_stop:
260 	ext4_journal_stop(handle);
261 	if (error == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries))
262 		goto retry;
263 	return error;
264 }
265 
266 /*
267  * Initialize the ACLs of a new inode. Called from ext4_new_inode.
268  *
269  * dir->i_mutex: down
270  * inode->i_mutex: up (access to inode is still exclusive)
271  */
272 int
273 ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir)
274 {
275 	struct posix_acl *default_acl, *acl;
276 	int error;
277 
278 	error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
279 	if (error)
280 		return error;
281 
282 	if (default_acl) {
283 		error = __ext4_set_acl(handle, inode, ACL_TYPE_DEFAULT,
284 				       default_acl, XATTR_CREATE);
285 		posix_acl_release(default_acl);
286 	}
287 	if (acl) {
288 		if (!error)
289 			error = __ext4_set_acl(handle, inode, ACL_TYPE_ACCESS,
290 					       acl, XATTR_CREATE);
291 		posix_acl_release(acl);
292 	}
293 	return error;
294 }
295