xref: /openbmc/linux/fs/ext4/xattr.c (revision 2572f00d)
1 /*
2  * linux/fs/ext4/xattr.c
3  *
4  * Copyright (C) 2001-2003 Andreas Gruenbacher, <agruen@suse.de>
5  *
6  * Fix by Harrison Xing <harrison@mountainviewdata.com>.
7  * Ext4 code with a lot of help from Eric Jarman <ejarman@acm.org>.
8  * Extended attributes for symlinks and special files added per
9  *  suggestion of Luka Renko <luka.renko@hermes.si>.
10  * xattr consolidation Copyright (c) 2004 James Morris <jmorris@redhat.com>,
11  *  Red Hat Inc.
12  * ea-in-inode support by Alex Tomas <alex@clusterfs.com> aka bzzz
13  *  and Andreas Gruenbacher <agruen@suse.de>.
14  */
15 
16 /*
17  * Extended attributes are stored directly in inodes (on file systems with
18  * inodes bigger than 128 bytes) and on additional disk blocks. The i_file_acl
19  * field contains the block number if an inode uses an additional block. All
20  * attributes must fit in the inode and one additional block. Blocks that
21  * contain the identical set of attributes may be shared among several inodes.
22  * Identical blocks are detected by keeping a cache of blocks that have
23  * recently been accessed.
24  *
25  * The attributes in inodes and on blocks have a different header; the entries
26  * are stored in the same format:
27  *
28  *   +------------------+
29  *   | header           |
30  *   | entry 1          | |
31  *   | entry 2          | | growing downwards
32  *   | entry 3          | v
33  *   | four null bytes  |
34  *   | . . .            |
35  *   | value 1          | ^
36  *   | value 3          | | growing upwards
37  *   | value 2          | |
38  *   +------------------+
39  *
40  * The header is followed by multiple entry descriptors. In disk blocks, the
41  * entry descriptors are kept sorted. In inodes, they are unsorted. The
42  * attribute values are aligned to the end of the block in no specific order.
43  *
44  * Locking strategy
45  * ----------------
46  * EXT4_I(inode)->i_file_acl is protected by EXT4_I(inode)->xattr_sem.
47  * EA blocks are only changed if they are exclusive to an inode, so
48  * holding xattr_sem also means that nothing but the EA block's reference
49  * count can change. Multiple writers to the same block are synchronized
50  * by the buffer lock.
51  */
52 
53 #include <linux/init.h>
54 #include <linux/fs.h>
55 #include <linux/slab.h>
56 #include <linux/mbcache.h>
57 #include <linux/quotaops.h>
58 #include "ext4_jbd2.h"
59 #include "ext4.h"
60 #include "xattr.h"
61 #include "acl.h"
62 
63 #ifdef EXT4_XATTR_DEBUG
64 # define ea_idebug(inode, f...) do { \
65 		printk(KERN_DEBUG "inode %s:%lu: ", \
66 			inode->i_sb->s_id, inode->i_ino); \
67 		printk(f); \
68 		printk("\n"); \
69 	} while (0)
70 # define ea_bdebug(bh, f...) do { \
71 		char b[BDEVNAME_SIZE]; \
72 		printk(KERN_DEBUG "block %s:%lu: ", \
73 			bdevname(bh->b_bdev, b), \
74 			(unsigned long) bh->b_blocknr); \
75 		printk(f); \
76 		printk("\n"); \
77 	} while (0)
78 #else
79 # define ea_idebug(inode, fmt, ...)	no_printk(fmt, ##__VA_ARGS__)
80 # define ea_bdebug(bh, fmt, ...)	no_printk(fmt, ##__VA_ARGS__)
81 #endif
82 
83 static void ext4_xattr_cache_insert(struct mb_cache *, struct buffer_head *);
84 static struct buffer_head *ext4_xattr_cache_find(struct inode *,
85 						 struct ext4_xattr_header *,
86 						 struct mb_cache_entry **);
87 static void ext4_xattr_rehash(struct ext4_xattr_header *,
88 			      struct ext4_xattr_entry *);
89 static int ext4_xattr_list(struct dentry *dentry, char *buffer,
90 			   size_t buffer_size);
91 
92 static const struct xattr_handler *ext4_xattr_handler_map[] = {
93 	[EXT4_XATTR_INDEX_USER]		     = &ext4_xattr_user_handler,
94 #ifdef CONFIG_EXT4_FS_POSIX_ACL
95 	[EXT4_XATTR_INDEX_POSIX_ACL_ACCESS]  = &posix_acl_access_xattr_handler,
96 	[EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT] = &posix_acl_default_xattr_handler,
97 #endif
98 	[EXT4_XATTR_INDEX_TRUSTED]	     = &ext4_xattr_trusted_handler,
99 #ifdef CONFIG_EXT4_FS_SECURITY
100 	[EXT4_XATTR_INDEX_SECURITY]	     = &ext4_xattr_security_handler,
101 #endif
102 };
103 
104 const struct xattr_handler *ext4_xattr_handlers[] = {
105 	&ext4_xattr_user_handler,
106 	&ext4_xattr_trusted_handler,
107 #ifdef CONFIG_EXT4_FS_POSIX_ACL
108 	&posix_acl_access_xattr_handler,
109 	&posix_acl_default_xattr_handler,
110 #endif
111 #ifdef CONFIG_EXT4_FS_SECURITY
112 	&ext4_xattr_security_handler,
113 #endif
114 	NULL
115 };
116 
117 #define EXT4_GET_MB_CACHE(inode)	(((struct ext4_sb_info *) \
118 				inode->i_sb->s_fs_info)->s_mb_cache)
119 
120 static __le32 ext4_xattr_block_csum(struct inode *inode,
121 				    sector_t block_nr,
122 				    struct ext4_xattr_header *hdr)
123 {
124 	struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
125 	__u32 csum;
126 	__le32 save_csum;
127 	__le64 dsk_block_nr = cpu_to_le64(block_nr);
128 
129 	save_csum = hdr->h_checksum;
130 	hdr->h_checksum = 0;
131 	csum = ext4_chksum(sbi, sbi->s_csum_seed, (__u8 *)&dsk_block_nr,
132 			   sizeof(dsk_block_nr));
133 	csum = ext4_chksum(sbi, csum, (__u8 *)hdr,
134 			   EXT4_BLOCK_SIZE(inode->i_sb));
135 
136 	hdr->h_checksum = save_csum;
137 	return cpu_to_le32(csum);
138 }
139 
140 static int ext4_xattr_block_csum_verify(struct inode *inode,
141 					sector_t block_nr,
142 					struct ext4_xattr_header *hdr)
143 {
144 	if (ext4_has_metadata_csum(inode->i_sb) &&
145 	    (hdr->h_checksum != ext4_xattr_block_csum(inode, block_nr, hdr)))
146 		return 0;
147 	return 1;
148 }
149 
150 static void ext4_xattr_block_csum_set(struct inode *inode,
151 				      sector_t block_nr,
152 				      struct ext4_xattr_header *hdr)
153 {
154 	if (!ext4_has_metadata_csum(inode->i_sb))
155 		return;
156 
157 	hdr->h_checksum = ext4_xattr_block_csum(inode, block_nr, hdr);
158 }
159 
160 static inline int ext4_handle_dirty_xattr_block(handle_t *handle,
161 						struct inode *inode,
162 						struct buffer_head *bh)
163 {
164 	ext4_xattr_block_csum_set(inode, bh->b_blocknr, BHDR(bh));
165 	return ext4_handle_dirty_metadata(handle, inode, bh);
166 }
167 
168 static inline const struct xattr_handler *
169 ext4_xattr_handler(int name_index)
170 {
171 	const struct xattr_handler *handler = NULL;
172 
173 	if (name_index > 0 && name_index < ARRAY_SIZE(ext4_xattr_handler_map))
174 		handler = ext4_xattr_handler_map[name_index];
175 	return handler;
176 }
177 
178 /*
179  * Inode operation listxattr()
180  *
181  * d_inode(dentry)->i_mutex: don't care
182  */
183 ssize_t
184 ext4_listxattr(struct dentry *dentry, char *buffer, size_t size)
185 {
186 	return ext4_xattr_list(dentry, buffer, size);
187 }
188 
189 static int
190 ext4_xattr_check_names(struct ext4_xattr_entry *entry, void *end,
191 		       void *value_start)
192 {
193 	struct ext4_xattr_entry *e = entry;
194 
195 	while (!IS_LAST_ENTRY(e)) {
196 		struct ext4_xattr_entry *next = EXT4_XATTR_NEXT(e);
197 		if ((void *)next >= end)
198 			return -EFSCORRUPTED;
199 		e = next;
200 	}
201 
202 	while (!IS_LAST_ENTRY(entry)) {
203 		if (entry->e_value_size != 0 &&
204 		    (value_start + le16_to_cpu(entry->e_value_offs) <
205 		     (void *)e + sizeof(__u32) ||
206 		     value_start + le16_to_cpu(entry->e_value_offs) +
207 		    le32_to_cpu(entry->e_value_size) > end))
208 			return -EFSCORRUPTED;
209 		entry = EXT4_XATTR_NEXT(entry);
210 	}
211 
212 	return 0;
213 }
214 
215 static inline int
216 ext4_xattr_check_block(struct inode *inode, struct buffer_head *bh)
217 {
218 	int error;
219 
220 	if (buffer_verified(bh))
221 		return 0;
222 
223 	if (BHDR(bh)->h_magic != cpu_to_le32(EXT4_XATTR_MAGIC) ||
224 	    BHDR(bh)->h_blocks != cpu_to_le32(1))
225 		return -EFSCORRUPTED;
226 	if (!ext4_xattr_block_csum_verify(inode, bh->b_blocknr, BHDR(bh)))
227 		return -EFSBADCRC;
228 	error = ext4_xattr_check_names(BFIRST(bh), bh->b_data + bh->b_size,
229 				       bh->b_data);
230 	if (!error)
231 		set_buffer_verified(bh);
232 	return error;
233 }
234 
235 static inline int
236 ext4_xattr_check_entry(struct ext4_xattr_entry *entry, size_t size)
237 {
238 	size_t value_size = le32_to_cpu(entry->e_value_size);
239 
240 	if (entry->e_value_block != 0 || value_size > size ||
241 	    le16_to_cpu(entry->e_value_offs) + value_size > size)
242 		return -EFSCORRUPTED;
243 	return 0;
244 }
245 
246 static int
247 ext4_xattr_find_entry(struct ext4_xattr_entry **pentry, int name_index,
248 		      const char *name, size_t size, int sorted)
249 {
250 	struct ext4_xattr_entry *entry;
251 	size_t name_len;
252 	int cmp = 1;
253 
254 	if (name == NULL)
255 		return -EINVAL;
256 	name_len = strlen(name);
257 	entry = *pentry;
258 	for (; !IS_LAST_ENTRY(entry); entry = EXT4_XATTR_NEXT(entry)) {
259 		cmp = name_index - entry->e_name_index;
260 		if (!cmp)
261 			cmp = name_len - entry->e_name_len;
262 		if (!cmp)
263 			cmp = memcmp(name, entry->e_name, name_len);
264 		if (cmp <= 0 && (sorted || cmp == 0))
265 			break;
266 	}
267 	*pentry = entry;
268 	if (!cmp && ext4_xattr_check_entry(entry, size))
269 		return -EFSCORRUPTED;
270 	return cmp ? -ENODATA : 0;
271 }
272 
273 static int
274 ext4_xattr_block_get(struct inode *inode, int name_index, const char *name,
275 		     void *buffer, size_t buffer_size)
276 {
277 	struct buffer_head *bh = NULL;
278 	struct ext4_xattr_entry *entry;
279 	size_t size;
280 	int error;
281 	struct mb_cache *ext4_mb_cache = EXT4_GET_MB_CACHE(inode);
282 
283 	ea_idebug(inode, "name=%d.%s, buffer=%p, buffer_size=%ld",
284 		  name_index, name, buffer, (long)buffer_size);
285 
286 	error = -ENODATA;
287 	if (!EXT4_I(inode)->i_file_acl)
288 		goto cleanup;
289 	ea_idebug(inode, "reading block %llu",
290 		  (unsigned long long)EXT4_I(inode)->i_file_acl);
291 	bh = sb_bread(inode->i_sb, EXT4_I(inode)->i_file_acl);
292 	if (!bh)
293 		goto cleanup;
294 	ea_bdebug(bh, "b_count=%d, refcount=%d",
295 		atomic_read(&(bh->b_count)), le32_to_cpu(BHDR(bh)->h_refcount));
296 	if (ext4_xattr_check_block(inode, bh)) {
297 bad_block:
298 		EXT4_ERROR_INODE(inode, "bad block %llu",
299 				 EXT4_I(inode)->i_file_acl);
300 		error = -EFSCORRUPTED;
301 		goto cleanup;
302 	}
303 	ext4_xattr_cache_insert(ext4_mb_cache, bh);
304 	entry = BFIRST(bh);
305 	error = ext4_xattr_find_entry(&entry, name_index, name, bh->b_size, 1);
306 	if (error == -EFSCORRUPTED)
307 		goto bad_block;
308 	if (error)
309 		goto cleanup;
310 	size = le32_to_cpu(entry->e_value_size);
311 	if (buffer) {
312 		error = -ERANGE;
313 		if (size > buffer_size)
314 			goto cleanup;
315 		memcpy(buffer, bh->b_data + le16_to_cpu(entry->e_value_offs),
316 		       size);
317 	}
318 	error = size;
319 
320 cleanup:
321 	brelse(bh);
322 	return error;
323 }
324 
325 int
326 ext4_xattr_ibody_get(struct inode *inode, int name_index, const char *name,
327 		     void *buffer, size_t buffer_size)
328 {
329 	struct ext4_xattr_ibody_header *header;
330 	struct ext4_xattr_entry *entry;
331 	struct ext4_inode *raw_inode;
332 	struct ext4_iloc iloc;
333 	size_t size;
334 	void *end;
335 	int error;
336 
337 	if (!ext4_test_inode_state(inode, EXT4_STATE_XATTR))
338 		return -ENODATA;
339 	error = ext4_get_inode_loc(inode, &iloc);
340 	if (error)
341 		return error;
342 	raw_inode = ext4_raw_inode(&iloc);
343 	header = IHDR(inode, raw_inode);
344 	entry = IFIRST(header);
345 	end = (void *)raw_inode + EXT4_SB(inode->i_sb)->s_inode_size;
346 	error = ext4_xattr_check_names(entry, end, entry);
347 	if (error)
348 		goto cleanup;
349 	error = ext4_xattr_find_entry(&entry, name_index, name,
350 				      end - (void *)entry, 0);
351 	if (error)
352 		goto cleanup;
353 	size = le32_to_cpu(entry->e_value_size);
354 	if (buffer) {
355 		error = -ERANGE;
356 		if (size > buffer_size)
357 			goto cleanup;
358 		memcpy(buffer, (void *)IFIRST(header) +
359 		       le16_to_cpu(entry->e_value_offs), size);
360 	}
361 	error = size;
362 
363 cleanup:
364 	brelse(iloc.bh);
365 	return error;
366 }
367 
368 /*
369  * ext4_xattr_get()
370  *
371  * Copy an extended attribute into the buffer
372  * provided, or compute the buffer size required.
373  * Buffer is NULL to compute the size of the buffer required.
374  *
375  * Returns a negative error number on failure, or the number of bytes
376  * used / required on success.
377  */
378 int
379 ext4_xattr_get(struct inode *inode, int name_index, const char *name,
380 	       void *buffer, size_t buffer_size)
381 {
382 	int error;
383 
384 	if (strlen(name) > 255)
385 		return -ERANGE;
386 
387 	down_read(&EXT4_I(inode)->xattr_sem);
388 	error = ext4_xattr_ibody_get(inode, name_index, name, buffer,
389 				     buffer_size);
390 	if (error == -ENODATA)
391 		error = ext4_xattr_block_get(inode, name_index, name, buffer,
392 					     buffer_size);
393 	up_read(&EXT4_I(inode)->xattr_sem);
394 	return error;
395 }
396 
397 static int
398 ext4_xattr_list_entries(struct dentry *dentry, struct ext4_xattr_entry *entry,
399 			char *buffer, size_t buffer_size)
400 {
401 	size_t rest = buffer_size;
402 
403 	for (; !IS_LAST_ENTRY(entry); entry = EXT4_XATTR_NEXT(entry)) {
404 		const struct xattr_handler *handler =
405 			ext4_xattr_handler(entry->e_name_index);
406 
407 		if (handler) {
408 			size_t size = handler->list(handler, dentry, buffer,
409 						    rest, entry->e_name,
410 						    entry->e_name_len);
411 			if (buffer) {
412 				if (size > rest)
413 					return -ERANGE;
414 				buffer += size;
415 			}
416 			rest -= size;
417 		}
418 	}
419 	return buffer_size - rest;
420 }
421 
422 static int
423 ext4_xattr_block_list(struct dentry *dentry, char *buffer, size_t buffer_size)
424 {
425 	struct inode *inode = d_inode(dentry);
426 	struct buffer_head *bh = NULL;
427 	int error;
428 	struct mb_cache *ext4_mb_cache = EXT4_GET_MB_CACHE(inode);
429 
430 	ea_idebug(inode, "buffer=%p, buffer_size=%ld",
431 		  buffer, (long)buffer_size);
432 
433 	error = 0;
434 	if (!EXT4_I(inode)->i_file_acl)
435 		goto cleanup;
436 	ea_idebug(inode, "reading block %llu",
437 		  (unsigned long long)EXT4_I(inode)->i_file_acl);
438 	bh = sb_bread(inode->i_sb, EXT4_I(inode)->i_file_acl);
439 	error = -EIO;
440 	if (!bh)
441 		goto cleanup;
442 	ea_bdebug(bh, "b_count=%d, refcount=%d",
443 		atomic_read(&(bh->b_count)), le32_to_cpu(BHDR(bh)->h_refcount));
444 	if (ext4_xattr_check_block(inode, bh)) {
445 		EXT4_ERROR_INODE(inode, "bad block %llu",
446 				 EXT4_I(inode)->i_file_acl);
447 		error = -EFSCORRUPTED;
448 		goto cleanup;
449 	}
450 	ext4_xattr_cache_insert(ext4_mb_cache, bh);
451 	error = ext4_xattr_list_entries(dentry, BFIRST(bh), buffer, buffer_size);
452 
453 cleanup:
454 	brelse(bh);
455 
456 	return error;
457 }
458 
459 static int
460 ext4_xattr_ibody_list(struct dentry *dentry, char *buffer, size_t buffer_size)
461 {
462 	struct inode *inode = d_inode(dentry);
463 	struct ext4_xattr_ibody_header *header;
464 	struct ext4_inode *raw_inode;
465 	struct ext4_iloc iloc;
466 	void *end;
467 	int error;
468 
469 	if (!ext4_test_inode_state(inode, EXT4_STATE_XATTR))
470 		return 0;
471 	error = ext4_get_inode_loc(inode, &iloc);
472 	if (error)
473 		return error;
474 	raw_inode = ext4_raw_inode(&iloc);
475 	header = IHDR(inode, raw_inode);
476 	end = (void *)raw_inode + EXT4_SB(inode->i_sb)->s_inode_size;
477 	error = ext4_xattr_check_names(IFIRST(header), end, IFIRST(header));
478 	if (error)
479 		goto cleanup;
480 	error = ext4_xattr_list_entries(dentry, IFIRST(header),
481 					buffer, buffer_size);
482 
483 cleanup:
484 	brelse(iloc.bh);
485 	return error;
486 }
487 
488 /*
489  * ext4_xattr_list()
490  *
491  * Copy a list of attribute names into the buffer
492  * provided, or compute the buffer size required.
493  * Buffer is NULL to compute the size of the buffer required.
494  *
495  * Returns a negative error number on failure, or the number of bytes
496  * used / required on success.
497  */
498 static int
499 ext4_xattr_list(struct dentry *dentry, char *buffer, size_t buffer_size)
500 {
501 	int ret, ret2;
502 
503 	down_read(&EXT4_I(d_inode(dentry))->xattr_sem);
504 	ret = ret2 = ext4_xattr_ibody_list(dentry, buffer, buffer_size);
505 	if (ret < 0)
506 		goto errout;
507 	if (buffer) {
508 		buffer += ret;
509 		buffer_size -= ret;
510 	}
511 	ret = ext4_xattr_block_list(dentry, buffer, buffer_size);
512 	if (ret < 0)
513 		goto errout;
514 	ret += ret2;
515 errout:
516 	up_read(&EXT4_I(d_inode(dentry))->xattr_sem);
517 	return ret;
518 }
519 
520 /*
521  * If the EXT4_FEATURE_COMPAT_EXT_ATTR feature of this file system is
522  * not set, set it.
523  */
524 static void ext4_xattr_update_super_block(handle_t *handle,
525 					  struct super_block *sb)
526 {
527 	if (ext4_has_feature_xattr(sb))
528 		return;
529 
530 	BUFFER_TRACE(EXT4_SB(sb)->s_sbh, "get_write_access");
531 	if (ext4_journal_get_write_access(handle, EXT4_SB(sb)->s_sbh) == 0) {
532 		ext4_set_feature_xattr(sb);
533 		ext4_handle_dirty_super(handle, sb);
534 	}
535 }
536 
537 /*
538  * Release the xattr block BH: If the reference count is > 1, decrement it;
539  * otherwise free the block.
540  */
541 static void
542 ext4_xattr_release_block(handle_t *handle, struct inode *inode,
543 			 struct buffer_head *bh)
544 {
545 	struct mb_cache_entry *ce = NULL;
546 	int error = 0;
547 	struct mb_cache *ext4_mb_cache = EXT4_GET_MB_CACHE(inode);
548 
549 	ce = mb_cache_entry_get(ext4_mb_cache, bh->b_bdev, bh->b_blocknr);
550 	BUFFER_TRACE(bh, "get_write_access");
551 	error = ext4_journal_get_write_access(handle, bh);
552 	if (error)
553 		goto out;
554 
555 	lock_buffer(bh);
556 	if (BHDR(bh)->h_refcount == cpu_to_le32(1)) {
557 		ea_bdebug(bh, "refcount now=0; freeing");
558 		if (ce)
559 			mb_cache_entry_free(ce);
560 		get_bh(bh);
561 		unlock_buffer(bh);
562 		ext4_free_blocks(handle, inode, bh, 0, 1,
563 				 EXT4_FREE_BLOCKS_METADATA |
564 				 EXT4_FREE_BLOCKS_FORGET);
565 	} else {
566 		le32_add_cpu(&BHDR(bh)->h_refcount, -1);
567 		if (ce)
568 			mb_cache_entry_release(ce);
569 		/*
570 		 * Beware of this ugliness: Releasing of xattr block references
571 		 * from different inodes can race and so we have to protect
572 		 * from a race where someone else frees the block (and releases
573 		 * its journal_head) before we are done dirtying the buffer. In
574 		 * nojournal mode this race is harmless and we actually cannot
575 		 * call ext4_handle_dirty_xattr_block() with locked buffer as
576 		 * that function can call sync_dirty_buffer() so for that case
577 		 * we handle the dirtying after unlocking the buffer.
578 		 */
579 		if (ext4_handle_valid(handle))
580 			error = ext4_handle_dirty_xattr_block(handle, inode,
581 							      bh);
582 		unlock_buffer(bh);
583 		if (!ext4_handle_valid(handle))
584 			error = ext4_handle_dirty_xattr_block(handle, inode,
585 							      bh);
586 		if (IS_SYNC(inode))
587 			ext4_handle_sync(handle);
588 		dquot_free_block(inode, EXT4_C2B(EXT4_SB(inode->i_sb), 1));
589 		ea_bdebug(bh, "refcount now=%d; releasing",
590 			  le32_to_cpu(BHDR(bh)->h_refcount));
591 	}
592 out:
593 	ext4_std_error(inode->i_sb, error);
594 	return;
595 }
596 
597 /*
598  * Find the available free space for EAs. This also returns the total number of
599  * bytes used by EA entries.
600  */
601 static size_t ext4_xattr_free_space(struct ext4_xattr_entry *last,
602 				    size_t *min_offs, void *base, int *total)
603 {
604 	for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) {
605 		if (!last->e_value_block && last->e_value_size) {
606 			size_t offs = le16_to_cpu(last->e_value_offs);
607 			if (offs < *min_offs)
608 				*min_offs = offs;
609 		}
610 		if (total)
611 			*total += EXT4_XATTR_LEN(last->e_name_len);
612 	}
613 	return (*min_offs - ((void *)last - base) - sizeof(__u32));
614 }
615 
616 static int
617 ext4_xattr_set_entry(struct ext4_xattr_info *i, struct ext4_xattr_search *s)
618 {
619 	struct ext4_xattr_entry *last;
620 	size_t free, min_offs = s->end - s->base, name_len = strlen(i->name);
621 
622 	/* Compute min_offs and last. */
623 	last = s->first;
624 	for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) {
625 		if (!last->e_value_block && last->e_value_size) {
626 			size_t offs = le16_to_cpu(last->e_value_offs);
627 			if (offs < min_offs)
628 				min_offs = offs;
629 		}
630 	}
631 	free = min_offs - ((void *)last - s->base) - sizeof(__u32);
632 	if (!s->not_found) {
633 		if (!s->here->e_value_block && s->here->e_value_size) {
634 			size_t size = le32_to_cpu(s->here->e_value_size);
635 			free += EXT4_XATTR_SIZE(size);
636 		}
637 		free += EXT4_XATTR_LEN(name_len);
638 	}
639 	if (i->value) {
640 		if (free < EXT4_XATTR_LEN(name_len) +
641 			   EXT4_XATTR_SIZE(i->value_len))
642 			return -ENOSPC;
643 	}
644 
645 	if (i->value && s->not_found) {
646 		/* Insert the new name. */
647 		size_t size = EXT4_XATTR_LEN(name_len);
648 		size_t rest = (void *)last - (void *)s->here + sizeof(__u32);
649 		memmove((void *)s->here + size, s->here, rest);
650 		memset(s->here, 0, size);
651 		s->here->e_name_index = i->name_index;
652 		s->here->e_name_len = name_len;
653 		memcpy(s->here->e_name, i->name, name_len);
654 	} else {
655 		if (!s->here->e_value_block && s->here->e_value_size) {
656 			void *first_val = s->base + min_offs;
657 			size_t offs = le16_to_cpu(s->here->e_value_offs);
658 			void *val = s->base + offs;
659 			size_t size = EXT4_XATTR_SIZE(
660 				le32_to_cpu(s->here->e_value_size));
661 
662 			if (i->value && size == EXT4_XATTR_SIZE(i->value_len)) {
663 				/* The old and the new value have the same
664 				   size. Just replace. */
665 				s->here->e_value_size =
666 					cpu_to_le32(i->value_len);
667 				if (i->value == EXT4_ZERO_XATTR_VALUE) {
668 					memset(val, 0, size);
669 				} else {
670 					/* Clear pad bytes first. */
671 					memset(val + size - EXT4_XATTR_PAD, 0,
672 					       EXT4_XATTR_PAD);
673 					memcpy(val, i->value, i->value_len);
674 				}
675 				return 0;
676 			}
677 
678 			/* Remove the old value. */
679 			memmove(first_val + size, first_val, val - first_val);
680 			memset(first_val, 0, size);
681 			s->here->e_value_size = 0;
682 			s->here->e_value_offs = 0;
683 			min_offs += size;
684 
685 			/* Adjust all value offsets. */
686 			last = s->first;
687 			while (!IS_LAST_ENTRY(last)) {
688 				size_t o = le16_to_cpu(last->e_value_offs);
689 				if (!last->e_value_block &&
690 				    last->e_value_size && o < offs)
691 					last->e_value_offs =
692 						cpu_to_le16(o + size);
693 				last = EXT4_XATTR_NEXT(last);
694 			}
695 		}
696 		if (!i->value) {
697 			/* Remove the old name. */
698 			size_t size = EXT4_XATTR_LEN(name_len);
699 			last = ENTRY((void *)last - size);
700 			memmove(s->here, (void *)s->here + size,
701 				(void *)last - (void *)s->here + sizeof(__u32));
702 			memset(last, 0, size);
703 		}
704 	}
705 
706 	if (i->value) {
707 		/* Insert the new value. */
708 		s->here->e_value_size = cpu_to_le32(i->value_len);
709 		if (i->value_len) {
710 			size_t size = EXT4_XATTR_SIZE(i->value_len);
711 			void *val = s->base + min_offs - size;
712 			s->here->e_value_offs = cpu_to_le16(min_offs - size);
713 			if (i->value == EXT4_ZERO_XATTR_VALUE) {
714 				memset(val, 0, size);
715 			} else {
716 				/* Clear the pad bytes first. */
717 				memset(val + size - EXT4_XATTR_PAD, 0,
718 				       EXT4_XATTR_PAD);
719 				memcpy(val, i->value, i->value_len);
720 			}
721 		}
722 	}
723 	return 0;
724 }
725 
726 struct ext4_xattr_block_find {
727 	struct ext4_xattr_search s;
728 	struct buffer_head *bh;
729 };
730 
731 static int
732 ext4_xattr_block_find(struct inode *inode, struct ext4_xattr_info *i,
733 		      struct ext4_xattr_block_find *bs)
734 {
735 	struct super_block *sb = inode->i_sb;
736 	int error;
737 
738 	ea_idebug(inode, "name=%d.%s, value=%p, value_len=%ld",
739 		  i->name_index, i->name, i->value, (long)i->value_len);
740 
741 	if (EXT4_I(inode)->i_file_acl) {
742 		/* The inode already has an extended attribute block. */
743 		bs->bh = sb_bread(sb, EXT4_I(inode)->i_file_acl);
744 		error = -EIO;
745 		if (!bs->bh)
746 			goto cleanup;
747 		ea_bdebug(bs->bh, "b_count=%d, refcount=%d",
748 			atomic_read(&(bs->bh->b_count)),
749 			le32_to_cpu(BHDR(bs->bh)->h_refcount));
750 		if (ext4_xattr_check_block(inode, bs->bh)) {
751 			EXT4_ERROR_INODE(inode, "bad block %llu",
752 					 EXT4_I(inode)->i_file_acl);
753 			error = -EFSCORRUPTED;
754 			goto cleanup;
755 		}
756 		/* Find the named attribute. */
757 		bs->s.base = BHDR(bs->bh);
758 		bs->s.first = BFIRST(bs->bh);
759 		bs->s.end = bs->bh->b_data + bs->bh->b_size;
760 		bs->s.here = bs->s.first;
761 		error = ext4_xattr_find_entry(&bs->s.here, i->name_index,
762 					      i->name, bs->bh->b_size, 1);
763 		if (error && error != -ENODATA)
764 			goto cleanup;
765 		bs->s.not_found = error;
766 	}
767 	error = 0;
768 
769 cleanup:
770 	return error;
771 }
772 
773 static int
774 ext4_xattr_block_set(handle_t *handle, struct inode *inode,
775 		     struct ext4_xattr_info *i,
776 		     struct ext4_xattr_block_find *bs)
777 {
778 	struct super_block *sb = inode->i_sb;
779 	struct buffer_head *new_bh = NULL;
780 	struct ext4_xattr_search *s = &bs->s;
781 	struct mb_cache_entry *ce = NULL;
782 	int error = 0;
783 	struct mb_cache *ext4_mb_cache = EXT4_GET_MB_CACHE(inode);
784 
785 #define header(x) ((struct ext4_xattr_header *)(x))
786 
787 	if (i->value && i->value_len > sb->s_blocksize)
788 		return -ENOSPC;
789 	if (s->base) {
790 		ce = mb_cache_entry_get(ext4_mb_cache, bs->bh->b_bdev,
791 					bs->bh->b_blocknr);
792 		BUFFER_TRACE(bs->bh, "get_write_access");
793 		error = ext4_journal_get_write_access(handle, bs->bh);
794 		if (error)
795 			goto cleanup;
796 		lock_buffer(bs->bh);
797 
798 		if (header(s->base)->h_refcount == cpu_to_le32(1)) {
799 			if (ce) {
800 				mb_cache_entry_free(ce);
801 				ce = NULL;
802 			}
803 			ea_bdebug(bs->bh, "modifying in-place");
804 			error = ext4_xattr_set_entry(i, s);
805 			if (!error) {
806 				if (!IS_LAST_ENTRY(s->first))
807 					ext4_xattr_rehash(header(s->base),
808 							  s->here);
809 				ext4_xattr_cache_insert(ext4_mb_cache,
810 					bs->bh);
811 			}
812 			unlock_buffer(bs->bh);
813 			if (error == -EFSCORRUPTED)
814 				goto bad_block;
815 			if (!error)
816 				error = ext4_handle_dirty_xattr_block(handle,
817 								      inode,
818 								      bs->bh);
819 			if (error)
820 				goto cleanup;
821 			goto inserted;
822 		} else {
823 			int offset = (char *)s->here - bs->bh->b_data;
824 
825 			unlock_buffer(bs->bh);
826 			if (ce) {
827 				mb_cache_entry_release(ce);
828 				ce = NULL;
829 			}
830 			ea_bdebug(bs->bh, "cloning");
831 			s->base = kmalloc(bs->bh->b_size, GFP_NOFS);
832 			error = -ENOMEM;
833 			if (s->base == NULL)
834 				goto cleanup;
835 			memcpy(s->base, BHDR(bs->bh), bs->bh->b_size);
836 			s->first = ENTRY(header(s->base)+1);
837 			header(s->base)->h_refcount = cpu_to_le32(1);
838 			s->here = ENTRY(s->base + offset);
839 			s->end = s->base + bs->bh->b_size;
840 		}
841 	} else {
842 		/* Allocate a buffer where we construct the new block. */
843 		s->base = kzalloc(sb->s_blocksize, GFP_NOFS);
844 		/* assert(header == s->base) */
845 		error = -ENOMEM;
846 		if (s->base == NULL)
847 			goto cleanup;
848 		header(s->base)->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC);
849 		header(s->base)->h_blocks = cpu_to_le32(1);
850 		header(s->base)->h_refcount = cpu_to_le32(1);
851 		s->first = ENTRY(header(s->base)+1);
852 		s->here = ENTRY(header(s->base)+1);
853 		s->end = s->base + sb->s_blocksize;
854 	}
855 
856 	error = ext4_xattr_set_entry(i, s);
857 	if (error == -EFSCORRUPTED)
858 		goto bad_block;
859 	if (error)
860 		goto cleanup;
861 	if (!IS_LAST_ENTRY(s->first))
862 		ext4_xattr_rehash(header(s->base), s->here);
863 
864 inserted:
865 	if (!IS_LAST_ENTRY(s->first)) {
866 		new_bh = ext4_xattr_cache_find(inode, header(s->base), &ce);
867 		if (new_bh) {
868 			/* We found an identical block in the cache. */
869 			if (new_bh == bs->bh)
870 				ea_bdebug(new_bh, "keeping");
871 			else {
872 				/* The old block is released after updating
873 				   the inode. */
874 				error = dquot_alloc_block(inode,
875 						EXT4_C2B(EXT4_SB(sb), 1));
876 				if (error)
877 					goto cleanup;
878 				BUFFER_TRACE(new_bh, "get_write_access");
879 				error = ext4_journal_get_write_access(handle,
880 								      new_bh);
881 				if (error)
882 					goto cleanup_dquot;
883 				lock_buffer(new_bh);
884 				le32_add_cpu(&BHDR(new_bh)->h_refcount, 1);
885 				ea_bdebug(new_bh, "reusing; refcount now=%d",
886 					le32_to_cpu(BHDR(new_bh)->h_refcount));
887 				unlock_buffer(new_bh);
888 				error = ext4_handle_dirty_xattr_block(handle,
889 								      inode,
890 								      new_bh);
891 				if (error)
892 					goto cleanup_dquot;
893 			}
894 			mb_cache_entry_release(ce);
895 			ce = NULL;
896 		} else if (bs->bh && s->base == bs->bh->b_data) {
897 			/* We were modifying this block in-place. */
898 			ea_bdebug(bs->bh, "keeping this block");
899 			new_bh = bs->bh;
900 			get_bh(new_bh);
901 		} else {
902 			/* We need to allocate a new block */
903 			ext4_fsblk_t goal, block;
904 
905 			goal = ext4_group_first_block_no(sb,
906 						EXT4_I(inode)->i_block_group);
907 
908 			/* non-extent files can't have physical blocks past 2^32 */
909 			if (!(ext4_test_inode_flag(inode, EXT4_INODE_EXTENTS)))
910 				goal = goal & EXT4_MAX_BLOCK_FILE_PHYS;
911 
912 			block = ext4_new_meta_blocks(handle, inode, goal, 0,
913 						     NULL, &error);
914 			if (error)
915 				goto cleanup;
916 
917 			if (!(ext4_test_inode_flag(inode, EXT4_INODE_EXTENTS)))
918 				BUG_ON(block > EXT4_MAX_BLOCK_FILE_PHYS);
919 
920 			ea_idebug(inode, "creating block %llu",
921 				  (unsigned long long)block);
922 
923 			new_bh = sb_getblk(sb, block);
924 			if (unlikely(!new_bh)) {
925 				error = -ENOMEM;
926 getblk_failed:
927 				ext4_free_blocks(handle, inode, NULL, block, 1,
928 						 EXT4_FREE_BLOCKS_METADATA);
929 				goto cleanup;
930 			}
931 			lock_buffer(new_bh);
932 			error = ext4_journal_get_create_access(handle, new_bh);
933 			if (error) {
934 				unlock_buffer(new_bh);
935 				error = -EIO;
936 				goto getblk_failed;
937 			}
938 			memcpy(new_bh->b_data, s->base, new_bh->b_size);
939 			set_buffer_uptodate(new_bh);
940 			unlock_buffer(new_bh);
941 			ext4_xattr_cache_insert(ext4_mb_cache, new_bh);
942 			error = ext4_handle_dirty_xattr_block(handle,
943 							      inode, new_bh);
944 			if (error)
945 				goto cleanup;
946 		}
947 	}
948 
949 	/* Update the inode. */
950 	EXT4_I(inode)->i_file_acl = new_bh ? new_bh->b_blocknr : 0;
951 
952 	/* Drop the previous xattr block. */
953 	if (bs->bh && bs->bh != new_bh)
954 		ext4_xattr_release_block(handle, inode, bs->bh);
955 	error = 0;
956 
957 cleanup:
958 	if (ce)
959 		mb_cache_entry_release(ce);
960 	brelse(new_bh);
961 	if (!(bs->bh && s->base == bs->bh->b_data))
962 		kfree(s->base);
963 
964 	return error;
965 
966 cleanup_dquot:
967 	dquot_free_block(inode, EXT4_C2B(EXT4_SB(sb), 1));
968 	goto cleanup;
969 
970 bad_block:
971 	EXT4_ERROR_INODE(inode, "bad block %llu",
972 			 EXT4_I(inode)->i_file_acl);
973 	goto cleanup;
974 
975 #undef header
976 }
977 
978 int ext4_xattr_ibody_find(struct inode *inode, struct ext4_xattr_info *i,
979 			  struct ext4_xattr_ibody_find *is)
980 {
981 	struct ext4_xattr_ibody_header *header;
982 	struct ext4_inode *raw_inode;
983 	int error;
984 
985 	if (EXT4_I(inode)->i_extra_isize == 0)
986 		return 0;
987 	raw_inode = ext4_raw_inode(&is->iloc);
988 	header = IHDR(inode, raw_inode);
989 	is->s.base = is->s.first = IFIRST(header);
990 	is->s.here = is->s.first;
991 	is->s.end = (void *)raw_inode + EXT4_SB(inode->i_sb)->s_inode_size;
992 	if (ext4_test_inode_state(inode, EXT4_STATE_XATTR)) {
993 		error = ext4_xattr_check_names(IFIRST(header), is->s.end,
994 					       IFIRST(header));
995 		if (error)
996 			return error;
997 		/* Find the named attribute. */
998 		error = ext4_xattr_find_entry(&is->s.here, i->name_index,
999 					      i->name, is->s.end -
1000 					      (void *)is->s.base, 0);
1001 		if (error && error != -ENODATA)
1002 			return error;
1003 		is->s.not_found = error;
1004 	}
1005 	return 0;
1006 }
1007 
1008 int ext4_xattr_ibody_inline_set(handle_t *handle, struct inode *inode,
1009 				struct ext4_xattr_info *i,
1010 				struct ext4_xattr_ibody_find *is)
1011 {
1012 	struct ext4_xattr_ibody_header *header;
1013 	struct ext4_xattr_search *s = &is->s;
1014 	int error;
1015 
1016 	if (EXT4_I(inode)->i_extra_isize == 0)
1017 		return -ENOSPC;
1018 	error = ext4_xattr_set_entry(i, s);
1019 	if (error) {
1020 		if (error == -ENOSPC &&
1021 		    ext4_has_inline_data(inode)) {
1022 			error = ext4_try_to_evict_inline_data(handle, inode,
1023 					EXT4_XATTR_LEN(strlen(i->name) +
1024 					EXT4_XATTR_SIZE(i->value_len)));
1025 			if (error)
1026 				return error;
1027 			error = ext4_xattr_ibody_find(inode, i, is);
1028 			if (error)
1029 				return error;
1030 			error = ext4_xattr_set_entry(i, s);
1031 		}
1032 		if (error)
1033 			return error;
1034 	}
1035 	header = IHDR(inode, ext4_raw_inode(&is->iloc));
1036 	if (!IS_LAST_ENTRY(s->first)) {
1037 		header->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC);
1038 		ext4_set_inode_state(inode, EXT4_STATE_XATTR);
1039 	} else {
1040 		header->h_magic = cpu_to_le32(0);
1041 		ext4_clear_inode_state(inode, EXT4_STATE_XATTR);
1042 	}
1043 	return 0;
1044 }
1045 
1046 static int ext4_xattr_ibody_set(handle_t *handle, struct inode *inode,
1047 				struct ext4_xattr_info *i,
1048 				struct ext4_xattr_ibody_find *is)
1049 {
1050 	struct ext4_xattr_ibody_header *header;
1051 	struct ext4_xattr_search *s = &is->s;
1052 	int error;
1053 
1054 	if (EXT4_I(inode)->i_extra_isize == 0)
1055 		return -ENOSPC;
1056 	error = ext4_xattr_set_entry(i, s);
1057 	if (error)
1058 		return error;
1059 	header = IHDR(inode, ext4_raw_inode(&is->iloc));
1060 	if (!IS_LAST_ENTRY(s->first)) {
1061 		header->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC);
1062 		ext4_set_inode_state(inode, EXT4_STATE_XATTR);
1063 	} else {
1064 		header->h_magic = cpu_to_le32(0);
1065 		ext4_clear_inode_state(inode, EXT4_STATE_XATTR);
1066 	}
1067 	return 0;
1068 }
1069 
1070 /*
1071  * ext4_xattr_set_handle()
1072  *
1073  * Create, replace or remove an extended attribute for this inode.  Value
1074  * is NULL to remove an existing extended attribute, and non-NULL to
1075  * either replace an existing extended attribute, or create a new extended
1076  * attribute. The flags XATTR_REPLACE and XATTR_CREATE
1077  * specify that an extended attribute must exist and must not exist
1078  * previous to the call, respectively.
1079  *
1080  * Returns 0, or a negative error number on failure.
1081  */
1082 int
1083 ext4_xattr_set_handle(handle_t *handle, struct inode *inode, int name_index,
1084 		      const char *name, const void *value, size_t value_len,
1085 		      int flags)
1086 {
1087 	struct ext4_xattr_info i = {
1088 		.name_index = name_index,
1089 		.name = name,
1090 		.value = value,
1091 		.value_len = value_len,
1092 
1093 	};
1094 	struct ext4_xattr_ibody_find is = {
1095 		.s = { .not_found = -ENODATA, },
1096 	};
1097 	struct ext4_xattr_block_find bs = {
1098 		.s = { .not_found = -ENODATA, },
1099 	};
1100 	unsigned long no_expand;
1101 	int error;
1102 
1103 	if (!name)
1104 		return -EINVAL;
1105 	if (strlen(name) > 255)
1106 		return -ERANGE;
1107 	down_write(&EXT4_I(inode)->xattr_sem);
1108 	no_expand = ext4_test_inode_state(inode, EXT4_STATE_NO_EXPAND);
1109 	ext4_set_inode_state(inode, EXT4_STATE_NO_EXPAND);
1110 
1111 	error = ext4_reserve_inode_write(handle, inode, &is.iloc);
1112 	if (error)
1113 		goto cleanup;
1114 
1115 	if (ext4_test_inode_state(inode, EXT4_STATE_NEW)) {
1116 		struct ext4_inode *raw_inode = ext4_raw_inode(&is.iloc);
1117 		memset(raw_inode, 0, EXT4_SB(inode->i_sb)->s_inode_size);
1118 		ext4_clear_inode_state(inode, EXT4_STATE_NEW);
1119 	}
1120 
1121 	error = ext4_xattr_ibody_find(inode, &i, &is);
1122 	if (error)
1123 		goto cleanup;
1124 	if (is.s.not_found)
1125 		error = ext4_xattr_block_find(inode, &i, &bs);
1126 	if (error)
1127 		goto cleanup;
1128 	if (is.s.not_found && bs.s.not_found) {
1129 		error = -ENODATA;
1130 		if (flags & XATTR_REPLACE)
1131 			goto cleanup;
1132 		error = 0;
1133 		if (!value)
1134 			goto cleanup;
1135 	} else {
1136 		error = -EEXIST;
1137 		if (flags & XATTR_CREATE)
1138 			goto cleanup;
1139 	}
1140 	if (!value) {
1141 		if (!is.s.not_found)
1142 			error = ext4_xattr_ibody_set(handle, inode, &i, &is);
1143 		else if (!bs.s.not_found)
1144 			error = ext4_xattr_block_set(handle, inode, &i, &bs);
1145 	} else {
1146 		error = ext4_xattr_ibody_set(handle, inode, &i, &is);
1147 		if (!error && !bs.s.not_found) {
1148 			i.value = NULL;
1149 			error = ext4_xattr_block_set(handle, inode, &i, &bs);
1150 		} else if (error == -ENOSPC) {
1151 			if (EXT4_I(inode)->i_file_acl && !bs.s.base) {
1152 				error = ext4_xattr_block_find(inode, &i, &bs);
1153 				if (error)
1154 					goto cleanup;
1155 			}
1156 			error = ext4_xattr_block_set(handle, inode, &i, &bs);
1157 			if (error)
1158 				goto cleanup;
1159 			if (!is.s.not_found) {
1160 				i.value = NULL;
1161 				error = ext4_xattr_ibody_set(handle, inode, &i,
1162 							     &is);
1163 			}
1164 		}
1165 	}
1166 	if (!error) {
1167 		ext4_xattr_update_super_block(handle, inode->i_sb);
1168 		inode->i_ctime = ext4_current_time(inode);
1169 		if (!value)
1170 			ext4_clear_inode_state(inode, EXT4_STATE_NO_EXPAND);
1171 		error = ext4_mark_iloc_dirty(handle, inode, &is.iloc);
1172 		/*
1173 		 * The bh is consumed by ext4_mark_iloc_dirty, even with
1174 		 * error != 0.
1175 		 */
1176 		is.iloc.bh = NULL;
1177 		if (IS_SYNC(inode))
1178 			ext4_handle_sync(handle);
1179 	}
1180 
1181 cleanup:
1182 	brelse(is.iloc.bh);
1183 	brelse(bs.bh);
1184 	if (no_expand == 0)
1185 		ext4_clear_inode_state(inode, EXT4_STATE_NO_EXPAND);
1186 	up_write(&EXT4_I(inode)->xattr_sem);
1187 	return error;
1188 }
1189 
1190 /*
1191  * ext4_xattr_set()
1192  *
1193  * Like ext4_xattr_set_handle, but start from an inode. This extended
1194  * attribute modification is a filesystem transaction by itself.
1195  *
1196  * Returns 0, or a negative error number on failure.
1197  */
1198 int
1199 ext4_xattr_set(struct inode *inode, int name_index, const char *name,
1200 	       const void *value, size_t value_len, int flags)
1201 {
1202 	handle_t *handle;
1203 	int error, retries = 0;
1204 	int credits = ext4_jbd2_credits_xattr(inode);
1205 
1206 retry:
1207 	handle = ext4_journal_start(inode, EXT4_HT_XATTR, credits);
1208 	if (IS_ERR(handle)) {
1209 		error = PTR_ERR(handle);
1210 	} else {
1211 		int error2;
1212 
1213 		error = ext4_xattr_set_handle(handle, inode, name_index, name,
1214 					      value, value_len, flags);
1215 		error2 = ext4_journal_stop(handle);
1216 		if (error == -ENOSPC &&
1217 		    ext4_should_retry_alloc(inode->i_sb, &retries))
1218 			goto retry;
1219 		if (error == 0)
1220 			error = error2;
1221 	}
1222 
1223 	return error;
1224 }
1225 
1226 /*
1227  * Shift the EA entries in the inode to create space for the increased
1228  * i_extra_isize.
1229  */
1230 static void ext4_xattr_shift_entries(struct ext4_xattr_entry *entry,
1231 				     int value_offs_shift, void *to,
1232 				     void *from, size_t n, int blocksize)
1233 {
1234 	struct ext4_xattr_entry *last = entry;
1235 	int new_offs;
1236 
1237 	/* Adjust the value offsets of the entries */
1238 	for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) {
1239 		if (!last->e_value_block && last->e_value_size) {
1240 			new_offs = le16_to_cpu(last->e_value_offs) +
1241 							value_offs_shift;
1242 			BUG_ON(new_offs + le32_to_cpu(last->e_value_size)
1243 				 > blocksize);
1244 			last->e_value_offs = cpu_to_le16(new_offs);
1245 		}
1246 	}
1247 	/* Shift the entries by n bytes */
1248 	memmove(to, from, n);
1249 }
1250 
1251 /*
1252  * Expand an inode by new_extra_isize bytes when EAs are present.
1253  * Returns 0 on success or negative error number on failure.
1254  */
1255 int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
1256 			       struct ext4_inode *raw_inode, handle_t *handle)
1257 {
1258 	struct ext4_xattr_ibody_header *header;
1259 	struct ext4_xattr_entry *entry, *last, *first;
1260 	struct buffer_head *bh = NULL;
1261 	struct ext4_xattr_ibody_find *is = NULL;
1262 	struct ext4_xattr_block_find *bs = NULL;
1263 	char *buffer = NULL, *b_entry_name = NULL;
1264 	size_t min_offs, free;
1265 	int total_ino;
1266 	void *base, *start, *end;
1267 	int extra_isize = 0, error = 0, tried_min_extra_isize = 0;
1268 	int s_min_extra_isize = le16_to_cpu(EXT4_SB(inode->i_sb)->s_es->s_min_extra_isize);
1269 
1270 	down_write(&EXT4_I(inode)->xattr_sem);
1271 retry:
1272 	if (EXT4_I(inode)->i_extra_isize >= new_extra_isize) {
1273 		up_write(&EXT4_I(inode)->xattr_sem);
1274 		return 0;
1275 	}
1276 
1277 	header = IHDR(inode, raw_inode);
1278 	entry = IFIRST(header);
1279 
1280 	/*
1281 	 * Check if enough free space is available in the inode to shift the
1282 	 * entries ahead by new_extra_isize.
1283 	 */
1284 
1285 	base = start = entry;
1286 	end = (void *)raw_inode + EXT4_SB(inode->i_sb)->s_inode_size;
1287 	min_offs = end - base;
1288 	last = entry;
1289 	total_ino = sizeof(struct ext4_xattr_ibody_header);
1290 
1291 	free = ext4_xattr_free_space(last, &min_offs, base, &total_ino);
1292 	if (free >= new_extra_isize) {
1293 		entry = IFIRST(header);
1294 		ext4_xattr_shift_entries(entry,	EXT4_I(inode)->i_extra_isize
1295 				- new_extra_isize, (void *)raw_inode +
1296 				EXT4_GOOD_OLD_INODE_SIZE + new_extra_isize,
1297 				(void *)header, total_ino,
1298 				inode->i_sb->s_blocksize);
1299 		EXT4_I(inode)->i_extra_isize = new_extra_isize;
1300 		error = 0;
1301 		goto cleanup;
1302 	}
1303 
1304 	/*
1305 	 * Enough free space isn't available in the inode, check if
1306 	 * EA block can hold new_extra_isize bytes.
1307 	 */
1308 	if (EXT4_I(inode)->i_file_acl) {
1309 		bh = sb_bread(inode->i_sb, EXT4_I(inode)->i_file_acl);
1310 		error = -EIO;
1311 		if (!bh)
1312 			goto cleanup;
1313 		if (ext4_xattr_check_block(inode, bh)) {
1314 			EXT4_ERROR_INODE(inode, "bad block %llu",
1315 					 EXT4_I(inode)->i_file_acl);
1316 			error = -EFSCORRUPTED;
1317 			goto cleanup;
1318 		}
1319 		base = BHDR(bh);
1320 		first = BFIRST(bh);
1321 		end = bh->b_data + bh->b_size;
1322 		min_offs = end - base;
1323 		free = ext4_xattr_free_space(first, &min_offs, base, NULL);
1324 		if (free < new_extra_isize) {
1325 			if (!tried_min_extra_isize && s_min_extra_isize) {
1326 				tried_min_extra_isize++;
1327 				new_extra_isize = s_min_extra_isize;
1328 				brelse(bh);
1329 				goto retry;
1330 			}
1331 			error = -1;
1332 			goto cleanup;
1333 		}
1334 	} else {
1335 		free = inode->i_sb->s_blocksize;
1336 	}
1337 
1338 	while (new_extra_isize > 0) {
1339 		size_t offs, size, entry_size;
1340 		struct ext4_xattr_entry *small_entry = NULL;
1341 		struct ext4_xattr_info i = {
1342 			.value = NULL,
1343 			.value_len = 0,
1344 		};
1345 		unsigned int total_size;  /* EA entry size + value size */
1346 		unsigned int shift_bytes; /* No. of bytes to shift EAs by? */
1347 		unsigned int min_total_size = ~0U;
1348 
1349 		is = kzalloc(sizeof(struct ext4_xattr_ibody_find), GFP_NOFS);
1350 		bs = kzalloc(sizeof(struct ext4_xattr_block_find), GFP_NOFS);
1351 		if (!is || !bs) {
1352 			error = -ENOMEM;
1353 			goto cleanup;
1354 		}
1355 
1356 		is->s.not_found = -ENODATA;
1357 		bs->s.not_found = -ENODATA;
1358 		is->iloc.bh = NULL;
1359 		bs->bh = NULL;
1360 
1361 		last = IFIRST(header);
1362 		/* Find the entry best suited to be pushed into EA block */
1363 		entry = NULL;
1364 		for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) {
1365 			total_size =
1366 			EXT4_XATTR_SIZE(le32_to_cpu(last->e_value_size)) +
1367 					EXT4_XATTR_LEN(last->e_name_len);
1368 			if (total_size <= free && total_size < min_total_size) {
1369 				if (total_size < new_extra_isize) {
1370 					small_entry = last;
1371 				} else {
1372 					entry = last;
1373 					min_total_size = total_size;
1374 				}
1375 			}
1376 		}
1377 
1378 		if (entry == NULL) {
1379 			if (small_entry) {
1380 				entry = small_entry;
1381 			} else {
1382 				if (!tried_min_extra_isize &&
1383 				    s_min_extra_isize) {
1384 					tried_min_extra_isize++;
1385 					new_extra_isize = s_min_extra_isize;
1386 					kfree(is); is = NULL;
1387 					kfree(bs); bs = NULL;
1388 					brelse(bh);
1389 					goto retry;
1390 				}
1391 				error = -1;
1392 				goto cleanup;
1393 			}
1394 		}
1395 		offs = le16_to_cpu(entry->e_value_offs);
1396 		size = le32_to_cpu(entry->e_value_size);
1397 		entry_size = EXT4_XATTR_LEN(entry->e_name_len);
1398 		i.name_index = entry->e_name_index,
1399 		buffer = kmalloc(EXT4_XATTR_SIZE(size), GFP_NOFS);
1400 		b_entry_name = kmalloc(entry->e_name_len + 1, GFP_NOFS);
1401 		if (!buffer || !b_entry_name) {
1402 			error = -ENOMEM;
1403 			goto cleanup;
1404 		}
1405 		/* Save the entry name and the entry value */
1406 		memcpy(buffer, (void *)IFIRST(header) + offs,
1407 		       EXT4_XATTR_SIZE(size));
1408 		memcpy(b_entry_name, entry->e_name, entry->e_name_len);
1409 		b_entry_name[entry->e_name_len] = '\0';
1410 		i.name = b_entry_name;
1411 
1412 		error = ext4_get_inode_loc(inode, &is->iloc);
1413 		if (error)
1414 			goto cleanup;
1415 
1416 		error = ext4_xattr_ibody_find(inode, &i, is);
1417 		if (error)
1418 			goto cleanup;
1419 
1420 		/* Remove the chosen entry from the inode */
1421 		error = ext4_xattr_ibody_set(handle, inode, &i, is);
1422 		if (error)
1423 			goto cleanup;
1424 
1425 		entry = IFIRST(header);
1426 		if (entry_size + EXT4_XATTR_SIZE(size) >= new_extra_isize)
1427 			shift_bytes = new_extra_isize;
1428 		else
1429 			shift_bytes = entry_size + size;
1430 		/* Adjust the offsets and shift the remaining entries ahead */
1431 		ext4_xattr_shift_entries(entry, EXT4_I(inode)->i_extra_isize -
1432 			shift_bytes, (void *)raw_inode +
1433 			EXT4_GOOD_OLD_INODE_SIZE + extra_isize + shift_bytes,
1434 			(void *)header, total_ino - entry_size,
1435 			inode->i_sb->s_blocksize);
1436 
1437 		extra_isize += shift_bytes;
1438 		new_extra_isize -= shift_bytes;
1439 		EXT4_I(inode)->i_extra_isize = extra_isize;
1440 
1441 		i.name = b_entry_name;
1442 		i.value = buffer;
1443 		i.value_len = size;
1444 		error = ext4_xattr_block_find(inode, &i, bs);
1445 		if (error)
1446 			goto cleanup;
1447 
1448 		/* Add entry which was removed from the inode into the block */
1449 		error = ext4_xattr_block_set(handle, inode, &i, bs);
1450 		if (error)
1451 			goto cleanup;
1452 		kfree(b_entry_name);
1453 		kfree(buffer);
1454 		b_entry_name = NULL;
1455 		buffer = NULL;
1456 		brelse(is->iloc.bh);
1457 		kfree(is);
1458 		kfree(bs);
1459 	}
1460 	brelse(bh);
1461 	up_write(&EXT4_I(inode)->xattr_sem);
1462 	return 0;
1463 
1464 cleanup:
1465 	kfree(b_entry_name);
1466 	kfree(buffer);
1467 	if (is)
1468 		brelse(is->iloc.bh);
1469 	kfree(is);
1470 	kfree(bs);
1471 	brelse(bh);
1472 	up_write(&EXT4_I(inode)->xattr_sem);
1473 	return error;
1474 }
1475 
1476 
1477 
1478 /*
1479  * ext4_xattr_delete_inode()
1480  *
1481  * Free extended attribute resources associated with this inode. This
1482  * is called immediately before an inode is freed. We have exclusive
1483  * access to the inode.
1484  */
1485 void
1486 ext4_xattr_delete_inode(handle_t *handle, struct inode *inode)
1487 {
1488 	struct buffer_head *bh = NULL;
1489 
1490 	if (!EXT4_I(inode)->i_file_acl)
1491 		goto cleanup;
1492 	bh = sb_bread(inode->i_sb, EXT4_I(inode)->i_file_acl);
1493 	if (!bh) {
1494 		EXT4_ERROR_INODE(inode, "block %llu read error",
1495 				 EXT4_I(inode)->i_file_acl);
1496 		goto cleanup;
1497 	}
1498 	if (BHDR(bh)->h_magic != cpu_to_le32(EXT4_XATTR_MAGIC) ||
1499 	    BHDR(bh)->h_blocks != cpu_to_le32(1)) {
1500 		EXT4_ERROR_INODE(inode, "bad block %llu",
1501 				 EXT4_I(inode)->i_file_acl);
1502 		goto cleanup;
1503 	}
1504 	ext4_xattr_release_block(handle, inode, bh);
1505 	EXT4_I(inode)->i_file_acl = 0;
1506 
1507 cleanup:
1508 	brelse(bh);
1509 }
1510 
1511 /*
1512  * ext4_xattr_put_super()
1513  *
1514  * This is called when a file system is unmounted.
1515  */
1516 void
1517 ext4_xattr_put_super(struct super_block *sb)
1518 {
1519 	mb_cache_shrink(sb->s_bdev);
1520 }
1521 
1522 /*
1523  * ext4_xattr_cache_insert()
1524  *
1525  * Create a new entry in the extended attribute cache, and insert
1526  * it unless such an entry is already in the cache.
1527  *
1528  * Returns 0, or a negative error number on failure.
1529  */
1530 static void
1531 ext4_xattr_cache_insert(struct mb_cache *ext4_mb_cache, struct buffer_head *bh)
1532 {
1533 	__u32 hash = le32_to_cpu(BHDR(bh)->h_hash);
1534 	struct mb_cache_entry *ce;
1535 	int error;
1536 
1537 	ce = mb_cache_entry_alloc(ext4_mb_cache, GFP_NOFS);
1538 	if (!ce) {
1539 		ea_bdebug(bh, "out of memory");
1540 		return;
1541 	}
1542 	error = mb_cache_entry_insert(ce, bh->b_bdev, bh->b_blocknr, hash);
1543 	if (error) {
1544 		mb_cache_entry_free(ce);
1545 		if (error == -EBUSY) {
1546 			ea_bdebug(bh, "already in cache");
1547 			error = 0;
1548 		}
1549 	} else {
1550 		ea_bdebug(bh, "inserting [%x]", (int)hash);
1551 		mb_cache_entry_release(ce);
1552 	}
1553 }
1554 
1555 /*
1556  * ext4_xattr_cmp()
1557  *
1558  * Compare two extended attribute blocks for equality.
1559  *
1560  * Returns 0 if the blocks are equal, 1 if they differ, and
1561  * a negative error number on errors.
1562  */
1563 static int
1564 ext4_xattr_cmp(struct ext4_xattr_header *header1,
1565 	       struct ext4_xattr_header *header2)
1566 {
1567 	struct ext4_xattr_entry *entry1, *entry2;
1568 
1569 	entry1 = ENTRY(header1+1);
1570 	entry2 = ENTRY(header2+1);
1571 	while (!IS_LAST_ENTRY(entry1)) {
1572 		if (IS_LAST_ENTRY(entry2))
1573 			return 1;
1574 		if (entry1->e_hash != entry2->e_hash ||
1575 		    entry1->e_name_index != entry2->e_name_index ||
1576 		    entry1->e_name_len != entry2->e_name_len ||
1577 		    entry1->e_value_size != entry2->e_value_size ||
1578 		    memcmp(entry1->e_name, entry2->e_name, entry1->e_name_len))
1579 			return 1;
1580 		if (entry1->e_value_block != 0 || entry2->e_value_block != 0)
1581 			return -EFSCORRUPTED;
1582 		if (memcmp((char *)header1 + le16_to_cpu(entry1->e_value_offs),
1583 			   (char *)header2 + le16_to_cpu(entry2->e_value_offs),
1584 			   le32_to_cpu(entry1->e_value_size)))
1585 			return 1;
1586 
1587 		entry1 = EXT4_XATTR_NEXT(entry1);
1588 		entry2 = EXT4_XATTR_NEXT(entry2);
1589 	}
1590 	if (!IS_LAST_ENTRY(entry2))
1591 		return 1;
1592 	return 0;
1593 }
1594 
1595 /*
1596  * ext4_xattr_cache_find()
1597  *
1598  * Find an identical extended attribute block.
1599  *
1600  * Returns a pointer to the block found, or NULL if such a block was
1601  * not found or an error occurred.
1602  */
1603 static struct buffer_head *
1604 ext4_xattr_cache_find(struct inode *inode, struct ext4_xattr_header *header,
1605 		      struct mb_cache_entry **pce)
1606 {
1607 	__u32 hash = le32_to_cpu(header->h_hash);
1608 	struct mb_cache_entry *ce;
1609 	struct mb_cache *ext4_mb_cache = EXT4_GET_MB_CACHE(inode);
1610 
1611 	if (!header->h_hash)
1612 		return NULL;  /* never share */
1613 	ea_idebug(inode, "looking for cached blocks [%x]", (int)hash);
1614 again:
1615 	ce = mb_cache_entry_find_first(ext4_mb_cache, inode->i_sb->s_bdev,
1616 				       hash);
1617 	while (ce) {
1618 		struct buffer_head *bh;
1619 
1620 		if (IS_ERR(ce)) {
1621 			if (PTR_ERR(ce) == -EAGAIN)
1622 				goto again;
1623 			break;
1624 		}
1625 		bh = sb_bread(inode->i_sb, ce->e_block);
1626 		if (!bh) {
1627 			EXT4_ERROR_INODE(inode, "block %lu read error",
1628 					 (unsigned long) ce->e_block);
1629 		} else if (le32_to_cpu(BHDR(bh)->h_refcount) >=
1630 				EXT4_XATTR_REFCOUNT_MAX) {
1631 			ea_idebug(inode, "block %lu refcount %d>=%d",
1632 				  (unsigned long) ce->e_block,
1633 				  le32_to_cpu(BHDR(bh)->h_refcount),
1634 					  EXT4_XATTR_REFCOUNT_MAX);
1635 		} else if (ext4_xattr_cmp(header, BHDR(bh)) == 0) {
1636 			*pce = ce;
1637 			return bh;
1638 		}
1639 		brelse(bh);
1640 		ce = mb_cache_entry_find_next(ce, inode->i_sb->s_bdev, hash);
1641 	}
1642 	return NULL;
1643 }
1644 
1645 #define NAME_HASH_SHIFT 5
1646 #define VALUE_HASH_SHIFT 16
1647 
1648 /*
1649  * ext4_xattr_hash_entry()
1650  *
1651  * Compute the hash of an extended attribute.
1652  */
1653 static inline void ext4_xattr_hash_entry(struct ext4_xattr_header *header,
1654 					 struct ext4_xattr_entry *entry)
1655 {
1656 	__u32 hash = 0;
1657 	char *name = entry->e_name;
1658 	int n;
1659 
1660 	for (n = 0; n < entry->e_name_len; n++) {
1661 		hash = (hash << NAME_HASH_SHIFT) ^
1662 		       (hash >> (8*sizeof(hash) - NAME_HASH_SHIFT)) ^
1663 		       *name++;
1664 	}
1665 
1666 	if (entry->e_value_block == 0 && entry->e_value_size != 0) {
1667 		__le32 *value = (__le32 *)((char *)header +
1668 			le16_to_cpu(entry->e_value_offs));
1669 		for (n = (le32_to_cpu(entry->e_value_size) +
1670 		     EXT4_XATTR_ROUND) >> EXT4_XATTR_PAD_BITS; n; n--) {
1671 			hash = (hash << VALUE_HASH_SHIFT) ^
1672 			       (hash >> (8*sizeof(hash) - VALUE_HASH_SHIFT)) ^
1673 			       le32_to_cpu(*value++);
1674 		}
1675 	}
1676 	entry->e_hash = cpu_to_le32(hash);
1677 }
1678 
1679 #undef NAME_HASH_SHIFT
1680 #undef VALUE_HASH_SHIFT
1681 
1682 #define BLOCK_HASH_SHIFT 16
1683 
1684 /*
1685  * ext4_xattr_rehash()
1686  *
1687  * Re-compute the extended attribute hash value after an entry has changed.
1688  */
1689 static void ext4_xattr_rehash(struct ext4_xattr_header *header,
1690 			      struct ext4_xattr_entry *entry)
1691 {
1692 	struct ext4_xattr_entry *here;
1693 	__u32 hash = 0;
1694 
1695 	ext4_xattr_hash_entry(header, entry);
1696 	here = ENTRY(header+1);
1697 	while (!IS_LAST_ENTRY(here)) {
1698 		if (!here->e_hash) {
1699 			/* Block is not shared if an entry's hash value == 0 */
1700 			hash = 0;
1701 			break;
1702 		}
1703 		hash = (hash << BLOCK_HASH_SHIFT) ^
1704 		       (hash >> (8*sizeof(hash) - BLOCK_HASH_SHIFT)) ^
1705 		       le32_to_cpu(here->e_hash);
1706 		here = EXT4_XATTR_NEXT(here);
1707 	}
1708 	header->h_hash = cpu_to_le32(hash);
1709 }
1710 
1711 #undef BLOCK_HASH_SHIFT
1712 
1713 #define	HASH_BUCKET_BITS	10
1714 
1715 struct mb_cache *
1716 ext4_xattr_create_cache(char *name)
1717 {
1718 	return mb_cache_create(name, HASH_BUCKET_BITS);
1719 }
1720 
1721 void ext4_xattr_destroy_cache(struct mb_cache *cache)
1722 {
1723 	if (cache)
1724 		mb_cache_destroy(cache);
1725 }
1726 
1727