xref: /openbmc/linux/fs/reiserfs/xattr.c (revision efdbd7345f8836f7495f3ac6ee237d86cb3bb6b0)
1 /*
2  * linux/fs/reiserfs/xattr.c
3  *
4  * Copyright (c) 2002 by Jeff Mahoney, <jeffm@suse.com>
5  *
6  */
7 
8 /*
9  * In order to implement EA/ACLs in a clean, backwards compatible manner,
10  * they are implemented as files in a "private" directory.
11  * Each EA is in it's own file, with the directory layout like so (/ is assumed
12  * to be relative to fs root). Inside the /.reiserfs_priv/xattrs directory,
13  * directories named using the capital-hex form of the objectid and
14  * generation number are used. Inside each directory are individual files
15  * named with the name of the extended attribute.
16  *
17  * So, for objectid 12648430, we could have:
18  * /.reiserfs_priv/xattrs/C0FFEE.0/system.posix_acl_access
19  * /.reiserfs_priv/xattrs/C0FFEE.0/system.posix_acl_default
20  * /.reiserfs_priv/xattrs/C0FFEE.0/user.Content-Type
21  * .. or similar.
22  *
23  * The file contents are the text of the EA. The size is known based on the
24  * stat data describing the file.
25  *
26  * In the case of system.posix_acl_access and system.posix_acl_default, since
27  * these are special cases for filesystem ACLs, they are interpreted by the
28  * kernel, in addition, they are negatively and positively cached and attached
29  * to the inode so that unnecessary lookups are avoided.
30  *
31  * Locking works like so:
32  * Directory components (xattr root, xattr dir) are protectd by their i_mutex.
33  * The xattrs themselves are protected by the xattr_sem.
34  */
35 
36 #include "reiserfs.h"
37 #include <linux/capability.h>
38 #include <linux/dcache.h>
39 #include <linux/namei.h>
40 #include <linux/errno.h>
41 #include <linux/gfp.h>
42 #include <linux/fs.h>
43 #include <linux/file.h>
44 #include <linux/pagemap.h>
45 #include <linux/xattr.h>
46 #include "xattr.h"
47 #include "acl.h"
48 #include <linux/uaccess.h>
49 #include <net/checksum.h>
50 #include <linux/stat.h>
51 #include <linux/quotaops.h>
52 #include <linux/security.h>
53 #include <linux/posix_acl_xattr.h>
54 
55 #define PRIVROOT_NAME ".reiserfs_priv"
56 #define XAROOT_NAME   "xattrs"
57 
58 
59 /*
60  * Helpers for inode ops. We do this so that we don't have all the VFS
61  * overhead and also for proper i_mutex annotation.
62  * dir->i_mutex must be held for all of them.
63  */
64 #ifdef CONFIG_REISERFS_FS_XATTR
65 static int xattr_create(struct inode *dir, struct dentry *dentry, int mode)
66 {
67 	BUG_ON(!mutex_is_locked(&dir->i_mutex));
68 	return dir->i_op->create(dir, dentry, mode, true);
69 }
70 #endif
71 
72 static int xattr_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
73 {
74 	BUG_ON(!mutex_is_locked(&dir->i_mutex));
75 	return dir->i_op->mkdir(dir, dentry, mode);
76 }
77 
78 /*
79  * We use I_MUTEX_CHILD here to silence lockdep. It's safe because xattr
80  * mutation ops aren't called during rename or splace, which are the
81  * only other users of I_MUTEX_CHILD. It violates the ordering, but that's
82  * better than allocating another subclass just for this code.
83  */
84 static int xattr_unlink(struct inode *dir, struct dentry *dentry)
85 {
86 	int error;
87 
88 	BUG_ON(!mutex_is_locked(&dir->i_mutex));
89 
90 	mutex_lock_nested(&d_inode(dentry)->i_mutex, I_MUTEX_CHILD);
91 	error = dir->i_op->unlink(dir, dentry);
92 	mutex_unlock(&d_inode(dentry)->i_mutex);
93 
94 	if (!error)
95 		d_delete(dentry);
96 	return error;
97 }
98 
99 static int xattr_rmdir(struct inode *dir, struct dentry *dentry)
100 {
101 	int error;
102 
103 	BUG_ON(!mutex_is_locked(&dir->i_mutex));
104 
105 	mutex_lock_nested(&d_inode(dentry)->i_mutex, I_MUTEX_CHILD);
106 	error = dir->i_op->rmdir(dir, dentry);
107 	if (!error)
108 		d_inode(dentry)->i_flags |= S_DEAD;
109 	mutex_unlock(&d_inode(dentry)->i_mutex);
110 	if (!error)
111 		d_delete(dentry);
112 
113 	return error;
114 }
115 
116 #define xattr_may_create(flags)	(!flags || flags & XATTR_CREATE)
117 
118 static struct dentry *open_xa_root(struct super_block *sb, int flags)
119 {
120 	struct dentry *privroot = REISERFS_SB(sb)->priv_root;
121 	struct dentry *xaroot;
122 
123 	if (d_really_is_negative(privroot))
124 		return ERR_PTR(-ENODATA);
125 
126 	mutex_lock_nested(&d_inode(privroot)->i_mutex, I_MUTEX_XATTR);
127 
128 	xaroot = dget(REISERFS_SB(sb)->xattr_root);
129 	if (!xaroot)
130 		xaroot = ERR_PTR(-ENODATA);
131 	else if (d_really_is_negative(xaroot)) {
132 		int err = -ENODATA;
133 
134 		if (xattr_may_create(flags))
135 			err = xattr_mkdir(d_inode(privroot), xaroot, 0700);
136 		if (err) {
137 			dput(xaroot);
138 			xaroot = ERR_PTR(err);
139 		}
140 	}
141 
142 	mutex_unlock(&d_inode(privroot)->i_mutex);
143 	return xaroot;
144 }
145 
146 static struct dentry *open_xa_dir(const struct inode *inode, int flags)
147 {
148 	struct dentry *xaroot, *xadir;
149 	char namebuf[17];
150 
151 	xaroot = open_xa_root(inode->i_sb, flags);
152 	if (IS_ERR(xaroot))
153 		return xaroot;
154 
155 	snprintf(namebuf, sizeof(namebuf), "%X.%X",
156 		 le32_to_cpu(INODE_PKEY(inode)->k_objectid),
157 		 inode->i_generation);
158 
159 	mutex_lock_nested(&d_inode(xaroot)->i_mutex, I_MUTEX_XATTR);
160 
161 	xadir = lookup_one_len(namebuf, xaroot, strlen(namebuf));
162 	if (!IS_ERR(xadir) && d_really_is_negative(xadir)) {
163 		int err = -ENODATA;
164 
165 		if (xattr_may_create(flags))
166 			err = xattr_mkdir(d_inode(xaroot), xadir, 0700);
167 		if (err) {
168 			dput(xadir);
169 			xadir = ERR_PTR(err);
170 		}
171 	}
172 
173 	mutex_unlock(&d_inode(xaroot)->i_mutex);
174 	dput(xaroot);
175 	return xadir;
176 }
177 
178 /*
179  * The following are side effects of other operations that aren't explicitly
180  * modifying extended attributes. This includes operations such as permissions
181  * or ownership changes, object deletions, etc.
182  */
183 struct reiserfs_dentry_buf {
184 	struct dir_context ctx;
185 	struct dentry *xadir;
186 	int count;
187 	struct dentry *dentries[8];
188 };
189 
190 static int
191 fill_with_dentries(struct dir_context *ctx, const char *name, int namelen,
192 		   loff_t offset, u64 ino, unsigned int d_type)
193 {
194 	struct reiserfs_dentry_buf *dbuf =
195 		container_of(ctx, struct reiserfs_dentry_buf, ctx);
196 	struct dentry *dentry;
197 
198 	WARN_ON_ONCE(!mutex_is_locked(&d_inode(dbuf->xadir)->i_mutex));
199 
200 	if (dbuf->count == ARRAY_SIZE(dbuf->dentries))
201 		return -ENOSPC;
202 
203 	if (name[0] == '.' && (namelen < 2 ||
204 			       (namelen == 2 && name[1] == '.')))
205 		return 0;
206 
207 	dentry = lookup_one_len(name, dbuf->xadir, namelen);
208 	if (IS_ERR(dentry)) {
209 		return PTR_ERR(dentry);
210 	} else if (d_really_is_negative(dentry)) {
211 		/* A directory entry exists, but no file? */
212 		reiserfs_error(dentry->d_sb, "xattr-20003",
213 			       "Corrupted directory: xattr %pd listed but "
214 			       "not found for file %pd.\n",
215 			       dentry, dbuf->xadir);
216 		dput(dentry);
217 		return -EIO;
218 	}
219 
220 	dbuf->dentries[dbuf->count++] = dentry;
221 	return 0;
222 }
223 
224 static void
225 cleanup_dentry_buf(struct reiserfs_dentry_buf *buf)
226 {
227 	int i;
228 
229 	for (i = 0; i < buf->count; i++)
230 		if (buf->dentries[i])
231 			dput(buf->dentries[i]);
232 }
233 
234 static int reiserfs_for_each_xattr(struct inode *inode,
235 				   int (*action)(struct dentry *, void *),
236 				   void *data)
237 {
238 	struct dentry *dir;
239 	int i, err = 0;
240 	struct reiserfs_dentry_buf buf = {
241 		.ctx.actor = fill_with_dentries,
242 	};
243 
244 	/* Skip out, an xattr has no xattrs associated with it */
245 	if (IS_PRIVATE(inode) || get_inode_sd_version(inode) == STAT_DATA_V1)
246 		return 0;
247 
248 	dir = open_xa_dir(inode, XATTR_REPLACE);
249 	if (IS_ERR(dir)) {
250 		err = PTR_ERR(dir);
251 		goto out;
252 	} else if (d_really_is_negative(dir)) {
253 		err = 0;
254 		goto out_dir;
255 	}
256 
257 	mutex_lock_nested(&d_inode(dir)->i_mutex, I_MUTEX_XATTR);
258 
259 	buf.xadir = dir;
260 	while (1) {
261 		err = reiserfs_readdir_inode(d_inode(dir), &buf.ctx);
262 		if (err)
263 			break;
264 		if (!buf.count)
265 			break;
266 		for (i = 0; !err && i < buf.count && buf.dentries[i]; i++) {
267 			struct dentry *dentry = buf.dentries[i];
268 
269 			if (!d_is_dir(dentry))
270 				err = action(dentry, data);
271 
272 			dput(dentry);
273 			buf.dentries[i] = NULL;
274 		}
275 		if (err)
276 			break;
277 		buf.count = 0;
278 	}
279 	mutex_unlock(&d_inode(dir)->i_mutex);
280 
281 	cleanup_dentry_buf(&buf);
282 
283 	if (!err) {
284 		/*
285 		 * We start a transaction here to avoid a ABBA situation
286 		 * between the xattr root's i_mutex and the journal lock.
287 		 * This doesn't incur much additional overhead since the
288 		 * new transaction will just nest inside the
289 		 * outer transaction.
290 		 */
291 		int blocks = JOURNAL_PER_BALANCE_CNT * 2 + 2 +
292 			     4 * REISERFS_QUOTA_TRANS_BLOCKS(inode->i_sb);
293 		struct reiserfs_transaction_handle th;
294 
295 		reiserfs_write_lock(inode->i_sb);
296 		err = journal_begin(&th, inode->i_sb, blocks);
297 		reiserfs_write_unlock(inode->i_sb);
298 		if (!err) {
299 			int jerror;
300 
301 			mutex_lock_nested(&d_inode(dir->d_parent)->i_mutex,
302 					  I_MUTEX_XATTR);
303 			err = action(dir, data);
304 			reiserfs_write_lock(inode->i_sb);
305 			jerror = journal_end(&th);
306 			reiserfs_write_unlock(inode->i_sb);
307 			mutex_unlock(&d_inode(dir->d_parent)->i_mutex);
308 			err = jerror ?: err;
309 		}
310 	}
311 out_dir:
312 	dput(dir);
313 out:
314 	/* -ENODATA isn't an error */
315 	if (err == -ENODATA)
316 		err = 0;
317 	return err;
318 }
319 
320 static int delete_one_xattr(struct dentry *dentry, void *data)
321 {
322 	struct inode *dir = d_inode(dentry->d_parent);
323 
324 	/* This is the xattr dir, handle specially. */
325 	if (d_is_dir(dentry))
326 		return xattr_rmdir(dir, dentry);
327 
328 	return xattr_unlink(dir, dentry);
329 }
330 
331 static int chown_one_xattr(struct dentry *dentry, void *data)
332 {
333 	struct iattr *attrs = data;
334 	int ia_valid = attrs->ia_valid;
335 	int err;
336 
337 	/*
338 	 * We only want the ownership bits. Otherwise, we'll do
339 	 * things like change a directory to a regular file if
340 	 * ATTR_MODE is set.
341 	 */
342 	attrs->ia_valid &= (ATTR_UID|ATTR_GID);
343 	err = reiserfs_setattr(dentry, attrs);
344 	attrs->ia_valid = ia_valid;
345 
346 	return err;
347 }
348 
349 /* No i_mutex, but the inode is unconnected. */
350 int reiserfs_delete_xattrs(struct inode *inode)
351 {
352 	int err = reiserfs_for_each_xattr(inode, delete_one_xattr, NULL);
353 
354 	if (err)
355 		reiserfs_warning(inode->i_sb, "jdm-20004",
356 				 "Couldn't delete all xattrs (%d)\n", err);
357 	return err;
358 }
359 
360 /* inode->i_mutex: down */
361 int reiserfs_chown_xattrs(struct inode *inode, struct iattr *attrs)
362 {
363 	int err = reiserfs_for_each_xattr(inode, chown_one_xattr, attrs);
364 
365 	if (err)
366 		reiserfs_warning(inode->i_sb, "jdm-20007",
367 				 "Couldn't chown all xattrs (%d)\n", err);
368 	return err;
369 }
370 
371 #ifdef CONFIG_REISERFS_FS_XATTR
372 /*
373  * Returns a dentry corresponding to a specific extended attribute file
374  * for the inode. If flags allow, the file is created. Otherwise, a
375  * valid or negative dentry, or an error is returned.
376  */
377 static struct dentry *xattr_lookup(struct inode *inode, const char *name,
378 				    int flags)
379 {
380 	struct dentry *xadir, *xafile;
381 	int err = 0;
382 
383 	xadir = open_xa_dir(inode, flags);
384 	if (IS_ERR(xadir))
385 		return ERR_CAST(xadir);
386 
387 	mutex_lock_nested(&d_inode(xadir)->i_mutex, I_MUTEX_XATTR);
388 	xafile = lookup_one_len(name, xadir, strlen(name));
389 	if (IS_ERR(xafile)) {
390 		err = PTR_ERR(xafile);
391 		goto out;
392 	}
393 
394 	if (d_really_is_positive(xafile) && (flags & XATTR_CREATE))
395 		err = -EEXIST;
396 
397 	if (d_really_is_negative(xafile)) {
398 		err = -ENODATA;
399 		if (xattr_may_create(flags))
400 			err = xattr_create(d_inode(xadir), xafile,
401 					      0700|S_IFREG);
402 	}
403 
404 	if (err)
405 		dput(xafile);
406 out:
407 	mutex_unlock(&d_inode(xadir)->i_mutex);
408 	dput(xadir);
409 	if (err)
410 		return ERR_PTR(err);
411 	return xafile;
412 }
413 
414 /* Internal operations on file data */
415 static inline void reiserfs_put_page(struct page *page)
416 {
417 	kunmap(page);
418 	page_cache_release(page);
419 }
420 
421 static struct page *reiserfs_get_page(struct inode *dir, size_t n)
422 {
423 	struct address_space *mapping = dir->i_mapping;
424 	struct page *page;
425 	/*
426 	 * We can deadlock if we try to free dentries,
427 	 * and an unlink/rmdir has just occurred - GFP_NOFS avoids this
428 	 */
429 	mapping_set_gfp_mask(mapping, GFP_NOFS);
430 	page = read_mapping_page(mapping, n >> PAGE_CACHE_SHIFT, NULL);
431 	if (!IS_ERR(page)) {
432 		kmap(page);
433 		if (PageError(page))
434 			goto fail;
435 	}
436 	return page;
437 
438 fail:
439 	reiserfs_put_page(page);
440 	return ERR_PTR(-EIO);
441 }
442 
443 static inline __u32 xattr_hash(const char *msg, int len)
444 {
445 	return csum_partial(msg, len, 0);
446 }
447 
448 int reiserfs_commit_write(struct file *f, struct page *page,
449 			  unsigned from, unsigned to);
450 
451 static void update_ctime(struct inode *inode)
452 {
453 	struct timespec now = current_fs_time(inode->i_sb);
454 
455 	if (inode_unhashed(inode) || !inode->i_nlink ||
456 	    timespec_equal(&inode->i_ctime, &now))
457 		return;
458 
459 	inode->i_ctime = CURRENT_TIME_SEC;
460 	mark_inode_dirty(inode);
461 }
462 
463 static int lookup_and_delete_xattr(struct inode *inode, const char *name)
464 {
465 	int err = 0;
466 	struct dentry *dentry, *xadir;
467 
468 	xadir = open_xa_dir(inode, XATTR_REPLACE);
469 	if (IS_ERR(xadir))
470 		return PTR_ERR(xadir);
471 
472 	mutex_lock_nested(&d_inode(xadir)->i_mutex, I_MUTEX_XATTR);
473 	dentry = lookup_one_len(name, xadir, strlen(name));
474 	if (IS_ERR(dentry)) {
475 		err = PTR_ERR(dentry);
476 		goto out_dput;
477 	}
478 
479 	if (d_really_is_positive(dentry)) {
480 		err = xattr_unlink(d_inode(xadir), dentry);
481 		update_ctime(inode);
482 	}
483 
484 	dput(dentry);
485 out_dput:
486 	mutex_unlock(&d_inode(xadir)->i_mutex);
487 	dput(xadir);
488 	return err;
489 }
490 
491 
492 /* Generic extended attribute operations that can be used by xa plugins */
493 
494 /*
495  * inode->i_mutex: down
496  */
497 int
498 reiserfs_xattr_set_handle(struct reiserfs_transaction_handle *th,
499 			  struct inode *inode, const char *name,
500 			  const void *buffer, size_t buffer_size, int flags)
501 {
502 	int err = 0;
503 	struct dentry *dentry;
504 	struct page *page;
505 	char *data;
506 	size_t file_pos = 0;
507 	size_t buffer_pos = 0;
508 	size_t new_size;
509 	__u32 xahash = 0;
510 
511 	if (get_inode_sd_version(inode) == STAT_DATA_V1)
512 		return -EOPNOTSUPP;
513 
514 	if (!buffer) {
515 		err = lookup_and_delete_xattr(inode, name);
516 		return err;
517 	}
518 
519 	dentry = xattr_lookup(inode, name, flags);
520 	if (IS_ERR(dentry))
521 		return PTR_ERR(dentry);
522 
523 	down_write(&REISERFS_I(inode)->i_xattr_sem);
524 
525 	xahash = xattr_hash(buffer, buffer_size);
526 	while (buffer_pos < buffer_size || buffer_pos == 0) {
527 		size_t chunk;
528 		size_t skip = 0;
529 		size_t page_offset = (file_pos & (PAGE_CACHE_SIZE - 1));
530 
531 		if (buffer_size - buffer_pos > PAGE_CACHE_SIZE)
532 			chunk = PAGE_CACHE_SIZE;
533 		else
534 			chunk = buffer_size - buffer_pos;
535 
536 		page = reiserfs_get_page(d_inode(dentry), file_pos);
537 		if (IS_ERR(page)) {
538 			err = PTR_ERR(page);
539 			goto out_unlock;
540 		}
541 
542 		lock_page(page);
543 		data = page_address(page);
544 
545 		if (file_pos == 0) {
546 			struct reiserfs_xattr_header *rxh;
547 
548 			skip = file_pos = sizeof(struct reiserfs_xattr_header);
549 			if (chunk + skip > PAGE_CACHE_SIZE)
550 				chunk = PAGE_CACHE_SIZE - skip;
551 			rxh = (struct reiserfs_xattr_header *)data;
552 			rxh->h_magic = cpu_to_le32(REISERFS_XATTR_MAGIC);
553 			rxh->h_hash = cpu_to_le32(xahash);
554 		}
555 
556 		reiserfs_write_lock(inode->i_sb);
557 		err = __reiserfs_write_begin(page, page_offset, chunk + skip);
558 		if (!err) {
559 			if (buffer)
560 				memcpy(data + skip, buffer + buffer_pos, chunk);
561 			err = reiserfs_commit_write(NULL, page, page_offset,
562 						    page_offset + chunk +
563 						    skip);
564 		}
565 		reiserfs_write_unlock(inode->i_sb);
566 		unlock_page(page);
567 		reiserfs_put_page(page);
568 		buffer_pos += chunk;
569 		file_pos += chunk;
570 		skip = 0;
571 		if (err || buffer_size == 0 || !buffer)
572 			break;
573 	}
574 
575 	new_size = buffer_size + sizeof(struct reiserfs_xattr_header);
576 	if (!err && new_size < i_size_read(d_inode(dentry))) {
577 		struct iattr newattrs = {
578 			.ia_ctime = current_fs_time(inode->i_sb),
579 			.ia_size = new_size,
580 			.ia_valid = ATTR_SIZE | ATTR_CTIME,
581 		};
582 
583 		mutex_lock_nested(&d_inode(dentry)->i_mutex, I_MUTEX_XATTR);
584 		inode_dio_wait(d_inode(dentry));
585 
586 		err = reiserfs_setattr(dentry, &newattrs);
587 		mutex_unlock(&d_inode(dentry)->i_mutex);
588 	} else
589 		update_ctime(inode);
590 out_unlock:
591 	up_write(&REISERFS_I(inode)->i_xattr_sem);
592 	dput(dentry);
593 	return err;
594 }
595 
596 /* We need to start a transaction to maintain lock ordering */
597 int reiserfs_xattr_set(struct inode *inode, const char *name,
598 		       const void *buffer, size_t buffer_size, int flags)
599 {
600 
601 	struct reiserfs_transaction_handle th;
602 	int error, error2;
603 	size_t jbegin_count = reiserfs_xattr_nblocks(inode, buffer_size);
604 
605 	if (!(flags & XATTR_REPLACE))
606 		jbegin_count += reiserfs_xattr_jcreate_nblocks(inode);
607 
608 	reiserfs_write_lock(inode->i_sb);
609 	error = journal_begin(&th, inode->i_sb, jbegin_count);
610 	reiserfs_write_unlock(inode->i_sb);
611 	if (error) {
612 		return error;
613 	}
614 
615 	error = reiserfs_xattr_set_handle(&th, inode, name,
616 					  buffer, buffer_size, flags);
617 
618 	reiserfs_write_lock(inode->i_sb);
619 	error2 = journal_end(&th);
620 	reiserfs_write_unlock(inode->i_sb);
621 	if (error == 0)
622 		error = error2;
623 
624 	return error;
625 }
626 
627 /*
628  * inode->i_mutex: down
629  */
630 int
631 reiserfs_xattr_get(struct inode *inode, const char *name, void *buffer,
632 		   size_t buffer_size)
633 {
634 	ssize_t err = 0;
635 	struct dentry *dentry;
636 	size_t isize;
637 	size_t file_pos = 0;
638 	size_t buffer_pos = 0;
639 	struct page *page;
640 	__u32 hash = 0;
641 
642 	if (name == NULL)
643 		return -EINVAL;
644 
645 	/*
646 	 * We can't have xattrs attached to v1 items since they don't have
647 	 * generation numbers
648 	 */
649 	if (get_inode_sd_version(inode) == STAT_DATA_V1)
650 		return -EOPNOTSUPP;
651 
652 	dentry = xattr_lookup(inode, name, XATTR_REPLACE);
653 	if (IS_ERR(dentry)) {
654 		err = PTR_ERR(dentry);
655 		goto out;
656 	}
657 
658 	down_read(&REISERFS_I(inode)->i_xattr_sem);
659 
660 	isize = i_size_read(d_inode(dentry));
661 
662 	/* Just return the size needed */
663 	if (buffer == NULL) {
664 		err = isize - sizeof(struct reiserfs_xattr_header);
665 		goto out_unlock;
666 	}
667 
668 	if (buffer_size < isize - sizeof(struct reiserfs_xattr_header)) {
669 		err = -ERANGE;
670 		goto out_unlock;
671 	}
672 
673 	while (file_pos < isize) {
674 		size_t chunk;
675 		char *data;
676 		size_t skip = 0;
677 
678 		if (isize - file_pos > PAGE_CACHE_SIZE)
679 			chunk = PAGE_CACHE_SIZE;
680 		else
681 			chunk = isize - file_pos;
682 
683 		page = reiserfs_get_page(d_inode(dentry), file_pos);
684 		if (IS_ERR(page)) {
685 			err = PTR_ERR(page);
686 			goto out_unlock;
687 		}
688 
689 		lock_page(page);
690 		data = page_address(page);
691 		if (file_pos == 0) {
692 			struct reiserfs_xattr_header *rxh =
693 			    (struct reiserfs_xattr_header *)data;
694 			skip = file_pos = sizeof(struct reiserfs_xattr_header);
695 			chunk -= skip;
696 			/* Magic doesn't match up.. */
697 			if (rxh->h_magic != cpu_to_le32(REISERFS_XATTR_MAGIC)) {
698 				unlock_page(page);
699 				reiserfs_put_page(page);
700 				reiserfs_warning(inode->i_sb, "jdm-20001",
701 						 "Invalid magic for xattr (%s) "
702 						 "associated with %k", name,
703 						 INODE_PKEY(inode));
704 				err = -EIO;
705 				goto out_unlock;
706 			}
707 			hash = le32_to_cpu(rxh->h_hash);
708 		}
709 		memcpy(buffer + buffer_pos, data + skip, chunk);
710 		unlock_page(page);
711 		reiserfs_put_page(page);
712 		file_pos += chunk;
713 		buffer_pos += chunk;
714 		skip = 0;
715 	}
716 	err = isize - sizeof(struct reiserfs_xattr_header);
717 
718 	if (xattr_hash(buffer, isize - sizeof(struct reiserfs_xattr_header)) !=
719 	    hash) {
720 		reiserfs_warning(inode->i_sb, "jdm-20002",
721 				 "Invalid hash for xattr (%s) associated "
722 				 "with %k", name, INODE_PKEY(inode));
723 		err = -EIO;
724 	}
725 
726 out_unlock:
727 	up_read(&REISERFS_I(inode)->i_xattr_sem);
728 	dput(dentry);
729 
730 out:
731 	return err;
732 }
733 
734 /*
735  * In order to implement different sets of xattr operations for each xattr
736  * prefix with the generic xattr API, a filesystem should create a
737  * null-terminated array of struct xattr_handler (one for each prefix) and
738  * hang a pointer to it off of the s_xattr field of the superblock.
739  *
740  * The generic_fooxattr() functions will use this list to dispatch xattr
741  * operations to the correct xattr_handler.
742  */
743 #define for_each_xattr_handler(handlers, handler)		\
744 		for ((handler) = *(handlers)++;			\
745 			(handler) != NULL;			\
746 			(handler) = *(handlers)++)
747 
748 /* This is the implementation for the xattr plugin infrastructure */
749 static inline const struct xattr_handler *
750 find_xattr_handler_prefix(const struct xattr_handler **handlers,
751 			   const char *name)
752 {
753 	const struct xattr_handler *xah;
754 
755 	if (!handlers)
756 		return NULL;
757 
758 	for_each_xattr_handler(handlers, xah) {
759 		if (strncmp(xah->prefix, name, strlen(xah->prefix)) == 0)
760 			break;
761 	}
762 
763 	return xah;
764 }
765 
766 
767 /*
768  * Inode operation getxattr()
769  */
770 ssize_t
771 reiserfs_getxattr(struct dentry * dentry, const char *name, void *buffer,
772 		  size_t size)
773 {
774 	const struct xattr_handler *handler;
775 
776 	handler = find_xattr_handler_prefix(dentry->d_sb->s_xattr, name);
777 
778 	if (!handler || get_inode_sd_version(d_inode(dentry)) == STAT_DATA_V1)
779 		return -EOPNOTSUPP;
780 
781 	return handler->get(dentry, name, buffer, size, handler->flags);
782 }
783 
784 /*
785  * Inode operation setxattr()
786  *
787  * d_inode(dentry)->i_mutex down
788  */
789 int
790 reiserfs_setxattr(struct dentry *dentry, const char *name, const void *value,
791 		  size_t size, int flags)
792 {
793 	const struct xattr_handler *handler;
794 
795 	handler = find_xattr_handler_prefix(dentry->d_sb->s_xattr, name);
796 
797 	if (!handler || get_inode_sd_version(d_inode(dentry)) == STAT_DATA_V1)
798 		return -EOPNOTSUPP;
799 
800 	return handler->set(dentry, name, value, size, flags, handler->flags);
801 }
802 
803 /*
804  * Inode operation removexattr()
805  *
806  * d_inode(dentry)->i_mutex down
807  */
808 int reiserfs_removexattr(struct dentry *dentry, const char *name)
809 {
810 	const struct xattr_handler *handler;
811 
812 	handler = find_xattr_handler_prefix(dentry->d_sb->s_xattr, name);
813 
814 	if (!handler || get_inode_sd_version(d_inode(dentry)) == STAT_DATA_V1)
815 		return -EOPNOTSUPP;
816 
817 	return handler->set(dentry, name, NULL, 0, XATTR_REPLACE, handler->flags);
818 }
819 
820 struct listxattr_buf {
821 	struct dir_context ctx;
822 	size_t size;
823 	size_t pos;
824 	char *buf;
825 	struct dentry *dentry;
826 };
827 
828 static int listxattr_filler(struct dir_context *ctx, const char *name,
829 			    int namelen, loff_t offset, u64 ino,
830 			    unsigned int d_type)
831 {
832 	struct listxattr_buf *b =
833 		container_of(ctx, struct listxattr_buf, ctx);
834 	size_t size;
835 
836 	if (name[0] != '.' ||
837 	    (namelen != 1 && (name[1] != '.' || namelen != 2))) {
838 		const struct xattr_handler *handler;
839 
840 		handler = find_xattr_handler_prefix(b->dentry->d_sb->s_xattr,
841 						    name);
842 		if (!handler)	/* Unsupported xattr name */
843 			return 0;
844 		if (b->buf) {
845 			size = handler->list(b->dentry, b->buf + b->pos,
846 					 b->size, name, namelen,
847 					 handler->flags);
848 			if (size > b->size)
849 				return -ERANGE;
850 		} else {
851 			size = handler->list(b->dentry, NULL, 0, name,
852 					     namelen, handler->flags);
853 		}
854 
855 		b->pos += size;
856 	}
857 	return 0;
858 }
859 
860 /*
861  * Inode operation listxattr()
862  *
863  * We totally ignore the generic listxattr here because it would be stupid
864  * not to. Since the xattrs are organized in a directory, we can just
865  * readdir to find them.
866  */
867 ssize_t reiserfs_listxattr(struct dentry * dentry, char *buffer, size_t size)
868 {
869 	struct dentry *dir;
870 	int err = 0;
871 	struct listxattr_buf buf = {
872 		.ctx.actor = listxattr_filler,
873 		.dentry = dentry,
874 		.buf = buffer,
875 		.size = buffer ? size : 0,
876 	};
877 
878 	if (d_really_is_negative(dentry))
879 		return -EINVAL;
880 
881 	if (!dentry->d_sb->s_xattr ||
882 	    get_inode_sd_version(d_inode(dentry)) == STAT_DATA_V1)
883 		return -EOPNOTSUPP;
884 
885 	dir = open_xa_dir(d_inode(dentry), XATTR_REPLACE);
886 	if (IS_ERR(dir)) {
887 		err = PTR_ERR(dir);
888 		if (err == -ENODATA)
889 			err = 0;  /* Not an error if there aren't any xattrs */
890 		goto out;
891 	}
892 
893 	mutex_lock_nested(&d_inode(dir)->i_mutex, I_MUTEX_XATTR);
894 	err = reiserfs_readdir_inode(d_inode(dir), &buf.ctx);
895 	mutex_unlock(&d_inode(dir)->i_mutex);
896 
897 	if (!err)
898 		err = buf.pos;
899 
900 	dput(dir);
901 out:
902 	return err;
903 }
904 
905 static int create_privroot(struct dentry *dentry)
906 {
907 	int err;
908 	struct inode *inode = d_inode(dentry->d_parent);
909 
910 	WARN_ON_ONCE(!mutex_is_locked(&inode->i_mutex));
911 
912 	err = xattr_mkdir(inode, dentry, 0700);
913 	if (err || d_really_is_negative(dentry)) {
914 		reiserfs_warning(dentry->d_sb, "jdm-20006",
915 				 "xattrs/ACLs enabled and couldn't "
916 				 "find/create .reiserfs_priv. "
917 				 "Failing mount.");
918 		return -EOPNOTSUPP;
919 	}
920 
921 	d_inode(dentry)->i_flags |= S_PRIVATE;
922 	reiserfs_info(dentry->d_sb, "Created %s - reserved for xattr "
923 		      "storage.\n", PRIVROOT_NAME);
924 
925 	return 0;
926 }
927 
928 #else
929 int __init reiserfs_xattr_register_handlers(void) { return 0; }
930 void reiserfs_xattr_unregister_handlers(void) {}
931 static int create_privroot(struct dentry *dentry) { return 0; }
932 #endif
933 
934 /* Actual operations that are exported to VFS-land */
935 static const struct xattr_handler *reiserfs_xattr_handlers[] = {
936 #ifdef CONFIG_REISERFS_FS_XATTR
937 	&reiserfs_xattr_user_handler,
938 	&reiserfs_xattr_trusted_handler,
939 #endif
940 #ifdef CONFIG_REISERFS_FS_SECURITY
941 	&reiserfs_xattr_security_handler,
942 #endif
943 #ifdef CONFIG_REISERFS_FS_POSIX_ACL
944 	&posix_acl_access_xattr_handler,
945 	&posix_acl_default_xattr_handler,
946 #endif
947 	NULL
948 };
949 
950 static int xattr_mount_check(struct super_block *s)
951 {
952 	/*
953 	 * We need generation numbers to ensure that the oid mapping is correct
954 	 * v3.5 filesystems don't have them.
955 	 */
956 	if (old_format_only(s)) {
957 		if (reiserfs_xattrs_optional(s)) {
958 			/*
959 			 * Old format filesystem, but optional xattrs have
960 			 * been enabled. Error out.
961 			 */
962 			reiserfs_warning(s, "jdm-2005",
963 					 "xattrs/ACLs not supported "
964 					 "on pre-v3.6 format filesystems. "
965 					 "Failing mount.");
966 			return -EOPNOTSUPP;
967 		}
968 	}
969 
970 	return 0;
971 }
972 
973 int reiserfs_permission(struct inode *inode, int mask)
974 {
975 	/*
976 	 * We don't do permission checks on the internal objects.
977 	 * Permissions are determined by the "owning" object.
978 	 */
979 	if (IS_PRIVATE(inode))
980 		return 0;
981 
982 	return generic_permission(inode, mask);
983 }
984 
985 static int xattr_hide_revalidate(struct dentry *dentry, unsigned int flags)
986 {
987 	return -EPERM;
988 }
989 
990 static const struct dentry_operations xattr_lookup_poison_ops = {
991 	.d_revalidate = xattr_hide_revalidate,
992 };
993 
994 int reiserfs_lookup_privroot(struct super_block *s)
995 {
996 	struct dentry *dentry;
997 	int err = 0;
998 
999 	/* If we don't have the privroot located yet - go find it */
1000 	mutex_lock(&d_inode(s->s_root)->i_mutex);
1001 	dentry = lookup_one_len(PRIVROOT_NAME, s->s_root,
1002 				strlen(PRIVROOT_NAME));
1003 	if (!IS_ERR(dentry)) {
1004 		REISERFS_SB(s)->priv_root = dentry;
1005 		d_set_d_op(dentry, &xattr_lookup_poison_ops);
1006 		if (d_really_is_positive(dentry))
1007 			d_inode(dentry)->i_flags |= S_PRIVATE;
1008 	} else
1009 		err = PTR_ERR(dentry);
1010 	mutex_unlock(&d_inode(s->s_root)->i_mutex);
1011 
1012 	return err;
1013 }
1014 
1015 /*
1016  * We need to take a copy of the mount flags since things like
1017  * MS_RDONLY don't get set until *after* we're called.
1018  * mount_flags != mount_options
1019  */
1020 int reiserfs_xattr_init(struct super_block *s, int mount_flags)
1021 {
1022 	int err = 0;
1023 	struct dentry *privroot = REISERFS_SB(s)->priv_root;
1024 
1025 	err = xattr_mount_check(s);
1026 	if (err)
1027 		goto error;
1028 
1029 	if (d_really_is_negative(privroot) && !(mount_flags & MS_RDONLY)) {
1030 		mutex_lock(&d_inode(s->s_root)->i_mutex);
1031 		err = create_privroot(REISERFS_SB(s)->priv_root);
1032 		mutex_unlock(&d_inode(s->s_root)->i_mutex);
1033 	}
1034 
1035 	if (d_really_is_positive(privroot)) {
1036 		s->s_xattr = reiserfs_xattr_handlers;
1037 		mutex_lock(&d_inode(privroot)->i_mutex);
1038 		if (!REISERFS_SB(s)->xattr_root) {
1039 			struct dentry *dentry;
1040 
1041 			dentry = lookup_one_len(XAROOT_NAME, privroot,
1042 						strlen(XAROOT_NAME));
1043 			if (!IS_ERR(dentry))
1044 				REISERFS_SB(s)->xattr_root = dentry;
1045 			else
1046 				err = PTR_ERR(dentry);
1047 		}
1048 		mutex_unlock(&d_inode(privroot)->i_mutex);
1049 	}
1050 
1051 error:
1052 	if (err) {
1053 		clear_bit(REISERFS_XATTRS_USER, &REISERFS_SB(s)->s_mount_opt);
1054 		clear_bit(REISERFS_POSIXACL, &REISERFS_SB(s)->s_mount_opt);
1055 	}
1056 
1057 	/* The super_block MS_POSIXACL must mirror the (no)acl mount option. */
1058 	if (reiserfs_posixacl(s))
1059 		s->s_flags |= MS_POSIXACL;
1060 	else
1061 		s->s_flags &= ~MS_POSIXACL;
1062 
1063 	return err;
1064 }
1065