1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * linux/fs/reiserfs/xattr.c 4 * 5 * Copyright (c) 2002 by Jeff Mahoney, <jeffm@suse.com> 6 * 7 */ 8 9 /* 10 * In order to implement EA/ACLs in a clean, backwards compatible manner, 11 * they are implemented as files in a "private" directory. 12 * Each EA is in it's own file, with the directory layout like so (/ is assumed 13 * to be relative to fs root). Inside the /.reiserfs_priv/xattrs directory, 14 * directories named using the capital-hex form of the objectid and 15 * generation number are used. Inside each directory are individual files 16 * named with the name of the extended attribute. 17 * 18 * So, for objectid 12648430, we could have: 19 * /.reiserfs_priv/xattrs/C0FFEE.0/system.posix_acl_access 20 * /.reiserfs_priv/xattrs/C0FFEE.0/system.posix_acl_default 21 * /.reiserfs_priv/xattrs/C0FFEE.0/user.Content-Type 22 * .. or similar. 23 * 24 * The file contents are the text of the EA. The size is known based on the 25 * stat data describing the file. 26 * 27 * In the case of system.posix_acl_access and system.posix_acl_default, since 28 * these are special cases for filesystem ACLs, they are interpreted by the 29 * kernel, in addition, they are negatively and positively cached and attached 30 * to the inode so that unnecessary lookups are avoided. 31 * 32 * Locking works like so: 33 * Directory components (xattr root, xattr dir) are protectd by their i_mutex. 34 * The xattrs themselves are protected by the xattr_sem. 35 */ 36 37 #include "reiserfs.h" 38 #include <linux/capability.h> 39 #include <linux/dcache.h> 40 #include <linux/namei.h> 41 #include <linux/errno.h> 42 #include <linux/gfp.h> 43 #include <linux/fs.h> 44 #include <linux/file.h> 45 #include <linux/pagemap.h> 46 #include <linux/xattr.h> 47 #include "xattr.h" 48 #include "acl.h" 49 #include <linux/uaccess.h> 50 #include <net/checksum.h> 51 #include <linux/stat.h> 52 #include <linux/quotaops.h> 53 #include <linux/security.h> 54 #include <linux/posix_acl_xattr.h> 55 #include <linux/xattr.h> 56 57 #define PRIVROOT_NAME ".reiserfs_priv" 58 #define XAROOT_NAME "xattrs" 59 60 61 /* 62 * Helpers for inode ops. We do this so that we don't have all the VFS 63 * overhead and also for proper i_mutex annotation. 64 * dir->i_mutex must be held for all of them. 65 */ 66 #ifdef CONFIG_REISERFS_FS_XATTR 67 static int xattr_create(struct inode *dir, struct dentry *dentry, int mode) 68 { 69 BUG_ON(!inode_is_locked(dir)); 70 return dir->i_op->create(&nop_mnt_idmap, dir, dentry, mode, true); 71 } 72 #endif 73 74 static int xattr_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 75 { 76 BUG_ON(!inode_is_locked(dir)); 77 return dir->i_op->mkdir(&nop_mnt_idmap, dir, dentry, mode); 78 } 79 80 /* 81 * We use I_MUTEX_CHILD here to silence lockdep. It's safe because xattr 82 * mutation ops aren't called during rename or splace, which are the 83 * only other users of I_MUTEX_CHILD. It violates the ordering, but that's 84 * better than allocating another subclass just for this code. 85 */ 86 static int xattr_unlink(struct inode *dir, struct dentry *dentry) 87 { 88 int error; 89 90 BUG_ON(!inode_is_locked(dir)); 91 92 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD); 93 error = dir->i_op->unlink(dir, dentry); 94 inode_unlock(d_inode(dentry)); 95 96 if (!error) 97 d_delete(dentry); 98 return error; 99 } 100 101 static int xattr_rmdir(struct inode *dir, struct dentry *dentry) 102 { 103 int error; 104 105 BUG_ON(!inode_is_locked(dir)); 106 107 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD); 108 error = dir->i_op->rmdir(dir, dentry); 109 if (!error) 110 d_inode(dentry)->i_flags |= S_DEAD; 111 inode_unlock(d_inode(dentry)); 112 if (!error) 113 d_delete(dentry); 114 115 return error; 116 } 117 118 #define xattr_may_create(flags) (!flags || flags & XATTR_CREATE) 119 120 static struct dentry *open_xa_root(struct super_block *sb, int flags) 121 { 122 struct dentry *privroot = REISERFS_SB(sb)->priv_root; 123 struct dentry *xaroot; 124 125 if (d_really_is_negative(privroot)) 126 return ERR_PTR(-EOPNOTSUPP); 127 128 inode_lock_nested(d_inode(privroot), I_MUTEX_XATTR); 129 130 xaroot = dget(REISERFS_SB(sb)->xattr_root); 131 if (!xaroot) 132 xaroot = ERR_PTR(-EOPNOTSUPP); 133 else if (d_really_is_negative(xaroot)) { 134 int err = -ENODATA; 135 136 if (xattr_may_create(flags)) 137 err = xattr_mkdir(d_inode(privroot), xaroot, 0700); 138 if (err) { 139 dput(xaroot); 140 xaroot = ERR_PTR(err); 141 } 142 } 143 144 inode_unlock(d_inode(privroot)); 145 return xaroot; 146 } 147 148 static struct dentry *open_xa_dir(const struct inode *inode, int flags) 149 { 150 struct dentry *xaroot, *xadir; 151 char namebuf[17]; 152 153 xaroot = open_xa_root(inode->i_sb, flags); 154 if (IS_ERR(xaroot)) 155 return xaroot; 156 157 snprintf(namebuf, sizeof(namebuf), "%X.%X", 158 le32_to_cpu(INODE_PKEY(inode)->k_objectid), 159 inode->i_generation); 160 161 inode_lock_nested(d_inode(xaroot), I_MUTEX_XATTR); 162 163 xadir = lookup_one_len(namebuf, xaroot, strlen(namebuf)); 164 if (!IS_ERR(xadir) && d_really_is_negative(xadir)) { 165 int err = -ENODATA; 166 167 if (xattr_may_create(flags)) 168 err = xattr_mkdir(d_inode(xaroot), xadir, 0700); 169 if (err) { 170 dput(xadir); 171 xadir = ERR_PTR(err); 172 } 173 } 174 175 inode_unlock(d_inode(xaroot)); 176 dput(xaroot); 177 return xadir; 178 } 179 180 /* 181 * The following are side effects of other operations that aren't explicitly 182 * modifying extended attributes. This includes operations such as permissions 183 * or ownership changes, object deletions, etc. 184 */ 185 struct reiserfs_dentry_buf { 186 struct dir_context ctx; 187 struct dentry *xadir; 188 int count; 189 int err; 190 struct dentry *dentries[8]; 191 }; 192 193 static bool 194 fill_with_dentries(struct dir_context *ctx, const char *name, int namelen, 195 loff_t offset, u64 ino, unsigned int d_type) 196 { 197 struct reiserfs_dentry_buf *dbuf = 198 container_of(ctx, struct reiserfs_dentry_buf, ctx); 199 struct dentry *dentry; 200 201 WARN_ON_ONCE(!inode_is_locked(d_inode(dbuf->xadir))); 202 203 if (dbuf->count == ARRAY_SIZE(dbuf->dentries)) 204 return false; 205 206 if (name[0] == '.' && (namelen < 2 || 207 (namelen == 2 && name[1] == '.'))) 208 return true; 209 210 dentry = lookup_one_len(name, dbuf->xadir, namelen); 211 if (IS_ERR(dentry)) { 212 dbuf->err = PTR_ERR(dentry); 213 return false; 214 } else if (d_really_is_negative(dentry)) { 215 /* A directory entry exists, but no file? */ 216 reiserfs_error(dentry->d_sb, "xattr-20003", 217 "Corrupted directory: xattr %pd listed but " 218 "not found for file %pd.\n", 219 dentry, dbuf->xadir); 220 dput(dentry); 221 dbuf->err = -EIO; 222 return false; 223 } 224 225 dbuf->dentries[dbuf->count++] = dentry; 226 return true; 227 } 228 229 static void 230 cleanup_dentry_buf(struct reiserfs_dentry_buf *buf) 231 { 232 int i; 233 234 for (i = 0; i < buf->count; i++) 235 if (buf->dentries[i]) 236 dput(buf->dentries[i]); 237 } 238 239 static int reiserfs_for_each_xattr(struct inode *inode, 240 int (*action)(struct dentry *, void *), 241 void *data) 242 { 243 struct dentry *dir; 244 int i, err = 0; 245 struct reiserfs_dentry_buf buf = { 246 .ctx.actor = fill_with_dentries, 247 }; 248 249 /* Skip out, an xattr has no xattrs associated with it */ 250 if (IS_PRIVATE(inode) || get_inode_sd_version(inode) == STAT_DATA_V1) 251 return 0; 252 253 dir = open_xa_dir(inode, XATTR_REPLACE); 254 if (IS_ERR(dir)) { 255 err = PTR_ERR(dir); 256 goto out; 257 } else if (d_really_is_negative(dir)) { 258 err = 0; 259 goto out_dir; 260 } 261 262 inode_lock_nested(d_inode(dir), I_MUTEX_XATTR); 263 264 buf.xadir = dir; 265 while (1) { 266 err = reiserfs_readdir_inode(d_inode(dir), &buf.ctx); 267 if (err) 268 break; 269 if (buf.err) { 270 err = buf.err; 271 break; 272 } 273 if (!buf.count) 274 break; 275 for (i = 0; !err && i < buf.count && buf.dentries[i]; i++) { 276 struct dentry *dentry = buf.dentries[i]; 277 278 if (!d_is_dir(dentry)) 279 err = action(dentry, data); 280 281 dput(dentry); 282 buf.dentries[i] = NULL; 283 } 284 if (err) 285 break; 286 buf.count = 0; 287 } 288 inode_unlock(d_inode(dir)); 289 290 cleanup_dentry_buf(&buf); 291 292 if (!err) { 293 /* 294 * We start a transaction here to avoid a ABBA situation 295 * between the xattr root's i_mutex and the journal lock. 296 * This doesn't incur much additional overhead since the 297 * new transaction will just nest inside the 298 * outer transaction. 299 */ 300 int blocks = JOURNAL_PER_BALANCE_CNT * 2 + 2 + 301 4 * REISERFS_QUOTA_TRANS_BLOCKS(inode->i_sb); 302 struct reiserfs_transaction_handle th; 303 304 reiserfs_write_lock(inode->i_sb); 305 err = journal_begin(&th, inode->i_sb, blocks); 306 reiserfs_write_unlock(inode->i_sb); 307 if (!err) { 308 int jerror; 309 310 inode_lock_nested(d_inode(dir->d_parent), 311 I_MUTEX_XATTR); 312 err = action(dir, data); 313 reiserfs_write_lock(inode->i_sb); 314 jerror = journal_end(&th); 315 reiserfs_write_unlock(inode->i_sb); 316 inode_unlock(d_inode(dir->d_parent)); 317 err = jerror ?: err; 318 } 319 } 320 out_dir: 321 dput(dir); 322 out: 323 /* 324 * -ENODATA: this object doesn't have any xattrs 325 * -EOPNOTSUPP: this file system doesn't have xattrs enabled on disk. 326 * Neither are errors 327 */ 328 if (err == -ENODATA || err == -EOPNOTSUPP) 329 err = 0; 330 return err; 331 } 332 333 static int delete_one_xattr(struct dentry *dentry, void *data) 334 { 335 struct inode *dir = d_inode(dentry->d_parent); 336 337 /* This is the xattr dir, handle specially. */ 338 if (d_is_dir(dentry)) 339 return xattr_rmdir(dir, dentry); 340 341 return xattr_unlink(dir, dentry); 342 } 343 344 static int chown_one_xattr(struct dentry *dentry, void *data) 345 { 346 struct iattr *attrs = data; 347 int ia_valid = attrs->ia_valid; 348 int err; 349 350 /* 351 * We only want the ownership bits. Otherwise, we'll do 352 * things like change a directory to a regular file if 353 * ATTR_MODE is set. 354 */ 355 attrs->ia_valid &= (ATTR_UID|ATTR_GID); 356 err = reiserfs_setattr(&nop_mnt_idmap, dentry, attrs); 357 attrs->ia_valid = ia_valid; 358 359 return err; 360 } 361 362 /* No i_mutex, but the inode is unconnected. */ 363 int reiserfs_delete_xattrs(struct inode *inode) 364 { 365 int err = reiserfs_for_each_xattr(inode, delete_one_xattr, NULL); 366 367 if (err) 368 reiserfs_warning(inode->i_sb, "jdm-20004", 369 "Couldn't delete all xattrs (%d)\n", err); 370 return err; 371 } 372 373 /* inode->i_mutex: down */ 374 int reiserfs_chown_xattrs(struct inode *inode, struct iattr *attrs) 375 { 376 int err = reiserfs_for_each_xattr(inode, chown_one_xattr, attrs); 377 378 if (err) 379 reiserfs_warning(inode->i_sb, "jdm-20007", 380 "Couldn't chown all xattrs (%d)\n", err); 381 return err; 382 } 383 384 #ifdef CONFIG_REISERFS_FS_XATTR 385 /* 386 * Returns a dentry corresponding to a specific extended attribute file 387 * for the inode. If flags allow, the file is created. Otherwise, a 388 * valid or negative dentry, or an error is returned. 389 */ 390 static struct dentry *xattr_lookup(struct inode *inode, const char *name, 391 int flags) 392 { 393 struct dentry *xadir, *xafile; 394 int err = 0; 395 396 xadir = open_xa_dir(inode, flags); 397 if (IS_ERR(xadir)) 398 return ERR_CAST(xadir); 399 400 inode_lock_nested(d_inode(xadir), I_MUTEX_XATTR); 401 xafile = lookup_one_len(name, xadir, strlen(name)); 402 if (IS_ERR(xafile)) { 403 err = PTR_ERR(xafile); 404 goto out; 405 } 406 407 if (d_really_is_positive(xafile) && (flags & XATTR_CREATE)) 408 err = -EEXIST; 409 410 if (d_really_is_negative(xafile)) { 411 err = -ENODATA; 412 if (xattr_may_create(flags)) 413 err = xattr_create(d_inode(xadir), xafile, 414 0700|S_IFREG); 415 } 416 417 if (err) 418 dput(xafile); 419 out: 420 inode_unlock(d_inode(xadir)); 421 dput(xadir); 422 if (err) 423 return ERR_PTR(err); 424 return xafile; 425 } 426 427 /* Internal operations on file data */ 428 static inline void reiserfs_put_page(struct page *page) 429 { 430 kunmap(page); 431 put_page(page); 432 } 433 434 static struct page *reiserfs_get_page(struct inode *dir, size_t n) 435 { 436 struct address_space *mapping = dir->i_mapping; 437 struct page *page; 438 /* 439 * We can deadlock if we try to free dentries, 440 * and an unlink/rmdir has just occurred - GFP_NOFS avoids this 441 */ 442 mapping_set_gfp_mask(mapping, GFP_NOFS); 443 page = read_mapping_page(mapping, n >> PAGE_SHIFT, NULL); 444 if (!IS_ERR(page)) 445 kmap(page); 446 return page; 447 } 448 449 static inline __u32 xattr_hash(const char *msg, int len) 450 { 451 /* 452 * csum_partial() gives different results for little-endian and 453 * big endian hosts. Images created on little-endian hosts and 454 * mounted on big-endian hosts(and vice versa) will see csum mismatches 455 * when trying to fetch xattrs. Treating the hash as __wsum_t would 456 * lower the frequency of mismatch. This is an endianness bug in 457 * reiserfs. The return statement would result in a sparse warning. Do 458 * not fix the sparse warning so as to not hide a reminder of the bug. 459 */ 460 return csum_partial(msg, len, 0); 461 } 462 463 int reiserfs_commit_write(struct file *f, struct page *page, 464 unsigned from, unsigned to); 465 466 static void update_ctime(struct inode *inode) 467 { 468 struct timespec64 now = current_time(inode); 469 470 if (inode_unhashed(inode) || !inode->i_nlink || 471 timespec64_equal(&inode->i_ctime, &now)) 472 return; 473 474 inode->i_ctime = current_time(inode); 475 mark_inode_dirty(inode); 476 } 477 478 static int lookup_and_delete_xattr(struct inode *inode, const char *name) 479 { 480 int err = 0; 481 struct dentry *dentry, *xadir; 482 483 xadir = open_xa_dir(inode, XATTR_REPLACE); 484 if (IS_ERR(xadir)) 485 return PTR_ERR(xadir); 486 487 inode_lock_nested(d_inode(xadir), I_MUTEX_XATTR); 488 dentry = lookup_one_len(name, xadir, strlen(name)); 489 if (IS_ERR(dentry)) { 490 err = PTR_ERR(dentry); 491 goto out_dput; 492 } 493 494 if (d_really_is_positive(dentry)) { 495 err = xattr_unlink(d_inode(xadir), dentry); 496 update_ctime(inode); 497 } 498 499 dput(dentry); 500 out_dput: 501 inode_unlock(d_inode(xadir)); 502 dput(xadir); 503 return err; 504 } 505 506 507 /* Generic extended attribute operations that can be used by xa plugins */ 508 509 /* 510 * inode->i_mutex: down 511 */ 512 int 513 reiserfs_xattr_set_handle(struct reiserfs_transaction_handle *th, 514 struct inode *inode, const char *name, 515 const void *buffer, size_t buffer_size, int flags) 516 { 517 int err = 0; 518 struct dentry *dentry; 519 struct page *page; 520 char *data; 521 size_t file_pos = 0; 522 size_t buffer_pos = 0; 523 size_t new_size; 524 __u32 xahash = 0; 525 526 if (get_inode_sd_version(inode) == STAT_DATA_V1) 527 return -EOPNOTSUPP; 528 529 if (!buffer) { 530 err = lookup_and_delete_xattr(inode, name); 531 return err; 532 } 533 534 dentry = xattr_lookup(inode, name, flags); 535 if (IS_ERR(dentry)) 536 return PTR_ERR(dentry); 537 538 down_write(&REISERFS_I(inode)->i_xattr_sem); 539 540 xahash = xattr_hash(buffer, buffer_size); 541 while (buffer_pos < buffer_size || buffer_pos == 0) { 542 size_t chunk; 543 size_t skip = 0; 544 size_t page_offset = (file_pos & (PAGE_SIZE - 1)); 545 546 if (buffer_size - buffer_pos > PAGE_SIZE) 547 chunk = PAGE_SIZE; 548 else 549 chunk = buffer_size - buffer_pos; 550 551 page = reiserfs_get_page(d_inode(dentry), file_pos); 552 if (IS_ERR(page)) { 553 err = PTR_ERR(page); 554 goto out_unlock; 555 } 556 557 lock_page(page); 558 data = page_address(page); 559 560 if (file_pos == 0) { 561 struct reiserfs_xattr_header *rxh; 562 563 skip = file_pos = sizeof(struct reiserfs_xattr_header); 564 if (chunk + skip > PAGE_SIZE) 565 chunk = PAGE_SIZE - skip; 566 rxh = (struct reiserfs_xattr_header *)data; 567 rxh->h_magic = cpu_to_le32(REISERFS_XATTR_MAGIC); 568 rxh->h_hash = cpu_to_le32(xahash); 569 } 570 571 reiserfs_write_lock(inode->i_sb); 572 err = __reiserfs_write_begin(page, page_offset, chunk + skip); 573 if (!err) { 574 if (buffer) 575 memcpy(data + skip, buffer + buffer_pos, chunk); 576 err = reiserfs_commit_write(NULL, page, page_offset, 577 page_offset + chunk + 578 skip); 579 } 580 reiserfs_write_unlock(inode->i_sb); 581 unlock_page(page); 582 reiserfs_put_page(page); 583 buffer_pos += chunk; 584 file_pos += chunk; 585 skip = 0; 586 if (err || buffer_size == 0 || !buffer) 587 break; 588 } 589 590 new_size = buffer_size + sizeof(struct reiserfs_xattr_header); 591 if (!err && new_size < i_size_read(d_inode(dentry))) { 592 struct iattr newattrs = { 593 .ia_ctime = current_time(inode), 594 .ia_size = new_size, 595 .ia_valid = ATTR_SIZE | ATTR_CTIME, 596 }; 597 598 inode_lock_nested(d_inode(dentry), I_MUTEX_XATTR); 599 inode_dio_wait(d_inode(dentry)); 600 601 err = reiserfs_setattr(&nop_mnt_idmap, dentry, &newattrs); 602 inode_unlock(d_inode(dentry)); 603 } else 604 update_ctime(inode); 605 out_unlock: 606 up_write(&REISERFS_I(inode)->i_xattr_sem); 607 dput(dentry); 608 return err; 609 } 610 611 /* We need to start a transaction to maintain lock ordering */ 612 int reiserfs_xattr_set(struct inode *inode, const char *name, 613 const void *buffer, size_t buffer_size, int flags) 614 { 615 616 struct reiserfs_transaction_handle th; 617 int error, error2; 618 size_t jbegin_count = reiserfs_xattr_nblocks(inode, buffer_size); 619 620 /* Check before we start a transaction and then do nothing. */ 621 if (!d_really_is_positive(REISERFS_SB(inode->i_sb)->priv_root)) 622 return -EOPNOTSUPP; 623 624 if (!(flags & XATTR_REPLACE)) 625 jbegin_count += reiserfs_xattr_jcreate_nblocks(inode); 626 627 reiserfs_write_lock(inode->i_sb); 628 error = journal_begin(&th, inode->i_sb, jbegin_count); 629 reiserfs_write_unlock(inode->i_sb); 630 if (error) { 631 return error; 632 } 633 634 error = reiserfs_xattr_set_handle(&th, inode, name, 635 buffer, buffer_size, flags); 636 637 reiserfs_write_lock(inode->i_sb); 638 error2 = journal_end(&th); 639 reiserfs_write_unlock(inode->i_sb); 640 if (error == 0) 641 error = error2; 642 643 return error; 644 } 645 646 /* 647 * inode->i_mutex: down 648 */ 649 int 650 reiserfs_xattr_get(struct inode *inode, const char *name, void *buffer, 651 size_t buffer_size) 652 { 653 ssize_t err = 0; 654 struct dentry *dentry; 655 size_t isize; 656 size_t file_pos = 0; 657 size_t buffer_pos = 0; 658 struct page *page; 659 __u32 hash = 0; 660 661 if (name == NULL) 662 return -EINVAL; 663 664 /* 665 * We can't have xattrs attached to v1 items since they don't have 666 * generation numbers 667 */ 668 if (get_inode_sd_version(inode) == STAT_DATA_V1) 669 return -EOPNOTSUPP; 670 671 /* 672 * priv_root needn't be initialized during mount so allow initial 673 * lookups to succeed. 674 */ 675 if (!REISERFS_SB(inode->i_sb)->priv_root) 676 return 0; 677 678 dentry = xattr_lookup(inode, name, XATTR_REPLACE); 679 if (IS_ERR(dentry)) { 680 err = PTR_ERR(dentry); 681 goto out; 682 } 683 684 down_read(&REISERFS_I(inode)->i_xattr_sem); 685 686 isize = i_size_read(d_inode(dentry)); 687 688 /* Just return the size needed */ 689 if (buffer == NULL) { 690 err = isize - sizeof(struct reiserfs_xattr_header); 691 goto out_unlock; 692 } 693 694 if (buffer_size < isize - sizeof(struct reiserfs_xattr_header)) { 695 err = -ERANGE; 696 goto out_unlock; 697 } 698 699 while (file_pos < isize) { 700 size_t chunk; 701 char *data; 702 size_t skip = 0; 703 704 if (isize - file_pos > PAGE_SIZE) 705 chunk = PAGE_SIZE; 706 else 707 chunk = isize - file_pos; 708 709 page = reiserfs_get_page(d_inode(dentry), file_pos); 710 if (IS_ERR(page)) { 711 err = PTR_ERR(page); 712 goto out_unlock; 713 } 714 715 lock_page(page); 716 data = page_address(page); 717 if (file_pos == 0) { 718 struct reiserfs_xattr_header *rxh = 719 (struct reiserfs_xattr_header *)data; 720 skip = file_pos = sizeof(struct reiserfs_xattr_header); 721 chunk -= skip; 722 /* Magic doesn't match up.. */ 723 if (rxh->h_magic != cpu_to_le32(REISERFS_XATTR_MAGIC)) { 724 unlock_page(page); 725 reiserfs_put_page(page); 726 reiserfs_warning(inode->i_sb, "jdm-20001", 727 "Invalid magic for xattr (%s) " 728 "associated with %k", name, 729 INODE_PKEY(inode)); 730 err = -EIO; 731 goto out_unlock; 732 } 733 hash = le32_to_cpu(rxh->h_hash); 734 } 735 memcpy(buffer + buffer_pos, data + skip, chunk); 736 unlock_page(page); 737 reiserfs_put_page(page); 738 file_pos += chunk; 739 buffer_pos += chunk; 740 skip = 0; 741 } 742 err = isize - sizeof(struct reiserfs_xattr_header); 743 744 if (xattr_hash(buffer, isize - sizeof(struct reiserfs_xattr_header)) != 745 hash) { 746 reiserfs_warning(inode->i_sb, "jdm-20002", 747 "Invalid hash for xattr (%s) associated " 748 "with %k", name, INODE_PKEY(inode)); 749 err = -EIO; 750 } 751 752 out_unlock: 753 up_read(&REISERFS_I(inode)->i_xattr_sem); 754 dput(dentry); 755 756 out: 757 return err; 758 } 759 760 /* 761 * In order to implement different sets of xattr operations for each xattr 762 * prefix with the generic xattr API, a filesystem should create a 763 * null-terminated array of struct xattr_handler (one for each prefix) and 764 * hang a pointer to it off of the s_xattr field of the superblock. 765 * 766 * The generic_fooxattr() functions will use this list to dispatch xattr 767 * operations to the correct xattr_handler. 768 */ 769 #define for_each_xattr_handler(handlers, handler) \ 770 for ((handler) = *(handlers)++; \ 771 (handler) != NULL; \ 772 (handler) = *(handlers)++) 773 774 static inline bool reiserfs_posix_acl_list(const char *name, 775 struct dentry *dentry) 776 { 777 return (posix_acl_type(name) >= 0) && 778 IS_POSIXACL(d_backing_inode(dentry)); 779 } 780 781 /* This is the implementation for the xattr plugin infrastructure */ 782 static inline bool reiserfs_xattr_list(const struct xattr_handler **handlers, 783 const char *name, struct dentry *dentry) 784 { 785 if (handlers) { 786 const struct xattr_handler *xah = NULL; 787 788 for_each_xattr_handler(handlers, xah) { 789 const char *prefix = xattr_prefix(xah); 790 791 if (strncmp(prefix, name, strlen(prefix))) 792 continue; 793 794 if (!xattr_handler_can_list(xah, dentry)) 795 return false; 796 797 return true; 798 } 799 } 800 801 return reiserfs_posix_acl_list(name, dentry); 802 } 803 804 struct listxattr_buf { 805 struct dir_context ctx; 806 size_t size; 807 size_t pos; 808 char *buf; 809 struct dentry *dentry; 810 }; 811 812 static bool listxattr_filler(struct dir_context *ctx, const char *name, 813 int namelen, loff_t offset, u64 ino, 814 unsigned int d_type) 815 { 816 struct listxattr_buf *b = 817 container_of(ctx, struct listxattr_buf, ctx); 818 size_t size; 819 820 if (name[0] != '.' || 821 (namelen != 1 && (name[1] != '.' || namelen != 2))) { 822 if (!reiserfs_xattr_list(b->dentry->d_sb->s_xattr, name, 823 b->dentry)) 824 return true; 825 size = namelen + 1; 826 if (b->buf) { 827 if (b->pos + size > b->size) { 828 b->pos = -ERANGE; 829 return false; 830 } 831 memcpy(b->buf + b->pos, name, namelen); 832 b->buf[b->pos + namelen] = 0; 833 } 834 b->pos += size; 835 } 836 return true; 837 } 838 839 /* 840 * Inode operation listxattr() 841 * 842 * We totally ignore the generic listxattr here because it would be stupid 843 * not to. Since the xattrs are organized in a directory, we can just 844 * readdir to find them. 845 */ 846 ssize_t reiserfs_listxattr(struct dentry * dentry, char *buffer, size_t size) 847 { 848 struct dentry *dir; 849 int err = 0; 850 struct listxattr_buf buf = { 851 .ctx.actor = listxattr_filler, 852 .dentry = dentry, 853 .buf = buffer, 854 .size = buffer ? size : 0, 855 }; 856 857 if (d_really_is_negative(dentry)) 858 return -EINVAL; 859 860 if (get_inode_sd_version(d_inode(dentry)) == STAT_DATA_V1) 861 return -EOPNOTSUPP; 862 863 dir = open_xa_dir(d_inode(dentry), XATTR_REPLACE); 864 if (IS_ERR(dir)) { 865 err = PTR_ERR(dir); 866 if (err == -ENODATA) 867 err = 0; /* Not an error if there aren't any xattrs */ 868 goto out; 869 } 870 871 inode_lock_nested(d_inode(dir), I_MUTEX_XATTR); 872 err = reiserfs_readdir_inode(d_inode(dir), &buf.ctx); 873 inode_unlock(d_inode(dir)); 874 875 if (!err) 876 err = buf.pos; 877 878 dput(dir); 879 out: 880 return err; 881 } 882 883 static int create_privroot(struct dentry *dentry) 884 { 885 int err; 886 struct inode *inode = d_inode(dentry->d_parent); 887 888 WARN_ON_ONCE(!inode_is_locked(inode)); 889 890 err = xattr_mkdir(inode, dentry, 0700); 891 if (err || d_really_is_negative(dentry)) { 892 reiserfs_warning(dentry->d_sb, "jdm-20006", 893 "xattrs/ACLs enabled and couldn't " 894 "find/create .reiserfs_priv. " 895 "Failing mount."); 896 return -EOPNOTSUPP; 897 } 898 899 reiserfs_init_priv_inode(d_inode(dentry)); 900 reiserfs_info(dentry->d_sb, "Created %s - reserved for xattr " 901 "storage.\n", PRIVROOT_NAME); 902 903 return 0; 904 } 905 906 #else 907 int __init reiserfs_xattr_register_handlers(void) { return 0; } 908 void reiserfs_xattr_unregister_handlers(void) {} 909 static int create_privroot(struct dentry *dentry) { return 0; } 910 #endif 911 912 /* Actual operations that are exported to VFS-land */ 913 const struct xattr_handler *reiserfs_xattr_handlers[] = { 914 #ifdef CONFIG_REISERFS_FS_XATTR 915 &reiserfs_xattr_user_handler, 916 &reiserfs_xattr_trusted_handler, 917 #endif 918 #ifdef CONFIG_REISERFS_FS_SECURITY 919 &reiserfs_xattr_security_handler, 920 #endif 921 NULL 922 }; 923 924 static int xattr_mount_check(struct super_block *s) 925 { 926 /* 927 * We need generation numbers to ensure that the oid mapping is correct 928 * v3.5 filesystems don't have them. 929 */ 930 if (old_format_only(s)) { 931 if (reiserfs_xattrs_optional(s)) { 932 /* 933 * Old format filesystem, but optional xattrs have 934 * been enabled. Error out. 935 */ 936 reiserfs_warning(s, "jdm-2005", 937 "xattrs/ACLs not supported " 938 "on pre-v3.6 format filesystems. " 939 "Failing mount."); 940 return -EOPNOTSUPP; 941 } 942 } 943 944 return 0; 945 } 946 947 int reiserfs_permission(struct mnt_idmap *idmap, struct inode *inode, 948 int mask) 949 { 950 /* 951 * We don't do permission checks on the internal objects. 952 * Permissions are determined by the "owning" object. 953 */ 954 if (IS_PRIVATE(inode)) 955 return 0; 956 957 return generic_permission(&nop_mnt_idmap, inode, mask); 958 } 959 960 static int xattr_hide_revalidate(struct dentry *dentry, unsigned int flags) 961 { 962 return -EPERM; 963 } 964 965 static const struct dentry_operations xattr_lookup_poison_ops = { 966 .d_revalidate = xattr_hide_revalidate, 967 }; 968 969 int reiserfs_lookup_privroot(struct super_block *s) 970 { 971 struct dentry *dentry; 972 int err = 0; 973 974 /* If we don't have the privroot located yet - go find it */ 975 inode_lock(d_inode(s->s_root)); 976 dentry = lookup_one_len(PRIVROOT_NAME, s->s_root, 977 strlen(PRIVROOT_NAME)); 978 if (!IS_ERR(dentry)) { 979 REISERFS_SB(s)->priv_root = dentry; 980 d_set_d_op(dentry, &xattr_lookup_poison_ops); 981 if (d_really_is_positive(dentry)) 982 reiserfs_init_priv_inode(d_inode(dentry)); 983 } else 984 err = PTR_ERR(dentry); 985 inode_unlock(d_inode(s->s_root)); 986 987 return err; 988 } 989 990 /* 991 * We need to take a copy of the mount flags since things like 992 * SB_RDONLY don't get set until *after* we're called. 993 * mount_flags != mount_options 994 */ 995 int reiserfs_xattr_init(struct super_block *s, int mount_flags) 996 { 997 int err = 0; 998 struct dentry *privroot = REISERFS_SB(s)->priv_root; 999 1000 err = xattr_mount_check(s); 1001 if (err) 1002 goto error; 1003 1004 if (d_really_is_negative(privroot) && !(mount_flags & SB_RDONLY)) { 1005 inode_lock(d_inode(s->s_root)); 1006 err = create_privroot(REISERFS_SB(s)->priv_root); 1007 inode_unlock(d_inode(s->s_root)); 1008 } 1009 1010 if (d_really_is_positive(privroot)) { 1011 inode_lock(d_inode(privroot)); 1012 if (!REISERFS_SB(s)->xattr_root) { 1013 struct dentry *dentry; 1014 1015 dentry = lookup_one_len(XAROOT_NAME, privroot, 1016 strlen(XAROOT_NAME)); 1017 if (!IS_ERR(dentry)) 1018 REISERFS_SB(s)->xattr_root = dentry; 1019 else 1020 err = PTR_ERR(dentry); 1021 } 1022 inode_unlock(d_inode(privroot)); 1023 } 1024 1025 error: 1026 if (err) { 1027 clear_bit(REISERFS_XATTRS_USER, &REISERFS_SB(s)->s_mount_opt); 1028 clear_bit(REISERFS_POSIXACL, &REISERFS_SB(s)->s_mount_opt); 1029 } 1030 1031 /* The super_block SB_POSIXACL must mirror the (no)acl mount option. */ 1032 if (reiserfs_posixacl(s)) 1033 s->s_flags |= SB_POSIXACL; 1034 else 1035 s->s_flags &= ~SB_POSIXACL; 1036 1037 return err; 1038 } 1039