xref: /openbmc/linux/fs/ubifs/xattr.c (revision a10c9ede)
1  // SPDX-License-Identifier: GPL-2.0-only
2  /*
3   * This file is part of UBIFS.
4   *
5   * Copyright (C) 2006-2008 Nokia Corporation.
6   *
7   * Authors: Artem Bityutskiy (Битюцкий Артём)
8   *          Adrian Hunter
9   */
10  
11  /*
12   * This file implements UBIFS extended attributes support.
13   *
14   * Extended attributes are implemented as regular inodes with attached data,
15   * which limits extended attribute size to UBIFS block size (4KiB). Names of
16   * extended attributes are described by extended attribute entries (xentries),
17   * which are almost identical to directory entries, but have different key type.
18   *
19   * In other words, the situation with extended attributes is very similar to
20   * directories. Indeed, any inode (but of course not xattr inodes) may have a
21   * number of associated xentries, just like directory inodes have associated
22   * directory entries. Extended attribute entries store the name of the extended
23   * attribute, the host inode number, and the extended attribute inode number.
24   * Similarly, direntries store the name, the parent and the target inode
25   * numbers. Thus, most of the common UBIFS mechanisms may be re-used for
26   * extended attributes.
27   *
28   * The number of extended attributes is not limited, but there is Linux
29   * limitation on the maximum possible size of the list of all extended
30   * attributes associated with an inode (%XATTR_LIST_MAX), so UBIFS makes sure
31   * the sum of all extended attribute names of the inode does not exceed that
32   * limit.
33   *
34   * Extended attributes are synchronous, which means they are written to the
35   * flash media synchronously and there is no write-back for extended attribute
36   * inodes. The extended attribute values are not stored in compressed form on
37   * the media.
38   *
39   * Since extended attributes are represented by regular inodes, they are cached
40   * in the VFS inode cache. The xentries are cached in the LNC cache (see
41   * tnc.c).
42   *
43   * ACL support is not implemented.
44   */
45  
46  #include "ubifs.h"
47  #include <linux/fs.h>
48  #include <linux/slab.h>
49  #include <linux/xattr.h>
50  
51  /*
52   * Extended attribute type constants.
53   *
54   * USER_XATTR: user extended attribute ("user.*")
55   * TRUSTED_XATTR: trusted extended attribute ("trusted.*)
56   * SECURITY_XATTR: security extended attribute ("security.*")
57   */
58  enum {
59  	USER_XATTR,
60  	TRUSTED_XATTR,
61  	SECURITY_XATTR,
62  };
63  
64  static const struct inode_operations empty_iops;
65  static const struct file_operations empty_fops;
66  
67  /**
68   * create_xattr - create an extended attribute.
69   * @c: UBIFS file-system description object
70   * @host: host inode
71   * @nm: extended attribute name
72   * @value: extended attribute value
73   * @size: size of extended attribute value
74   *
75   * This is a helper function which creates an extended attribute of name @nm
76   * and value @value for inode @host. The host inode is also updated on flash
77   * because the ctime and extended attribute accounting data changes. This
78   * function returns zero in case of success and a negative error code in case
79   * of failure.
80   */
81  static int create_xattr(struct ubifs_info *c, struct inode *host,
82  			const struct fscrypt_name *nm, const void *value, int size)
83  {
84  	int err, names_len;
85  	struct inode *inode;
86  	struct ubifs_inode *ui, *host_ui = ubifs_inode(host);
87  	struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
88  				.new_ino_d = ALIGN(size, 8), .dirtied_ino = 1,
89  				.dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
90  
91  	if (host_ui->xattr_cnt >= ubifs_xattr_max_cnt(c)) {
92  		ubifs_err(c, "inode %lu already has too many xattrs (%d), cannot create more",
93  			  host->i_ino, host_ui->xattr_cnt);
94  		return -ENOSPC;
95  	}
96  	/*
97  	 * Linux limits the maximum size of the extended attribute names list
98  	 * to %XATTR_LIST_MAX. This means we should not allow creating more
99  	 * extended attributes if the name list becomes larger. This limitation
100  	 * is artificial for UBIFS, though.
101  	 */
102  	names_len = host_ui->xattr_names + host_ui->xattr_cnt + fname_len(nm) + 1;
103  	if (names_len > XATTR_LIST_MAX) {
104  		ubifs_err(c, "cannot add one more xattr name to inode %lu, total names length would become %d, max. is %d",
105  			  host->i_ino, names_len, XATTR_LIST_MAX);
106  		return -ENOSPC;
107  	}
108  
109  	err = ubifs_budget_space(c, &req);
110  	if (err)
111  		return err;
112  
113  	inode = ubifs_new_inode(c, host, S_IFREG | S_IRWXUGO);
114  	if (IS_ERR(inode)) {
115  		err = PTR_ERR(inode);
116  		goto out_budg;
117  	}
118  
119  	/* Re-define all operations to be "nothing" */
120  	inode->i_mapping->a_ops = &empty_aops;
121  	inode->i_op = &empty_iops;
122  	inode->i_fop = &empty_fops;
123  
124  	inode->i_flags |= S_SYNC | S_NOATIME | S_NOCMTIME;
125  	ui = ubifs_inode(inode);
126  	ui->xattr = 1;
127  	ui->flags |= UBIFS_XATTR_FL;
128  	ui->data = kmemdup(value, size, GFP_NOFS);
129  	if (!ui->data) {
130  		err = -ENOMEM;
131  		goto out_free;
132  	}
133  	inode->i_size = ui->ui_size = size;
134  	ui->data_len = size;
135  
136  	mutex_lock(&host_ui->ui_mutex);
137  	host->i_ctime = current_time(host);
138  	host_ui->xattr_cnt += 1;
139  	host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
140  	host_ui->xattr_size += CALC_XATTR_BYTES(size);
141  	host_ui->xattr_names += fname_len(nm);
142  
143  	/*
144  	 * We handle UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT here because we
145  	 * have to set the UBIFS_CRYPT_FL flag on the host inode.
146  	 * To avoid multiple updates of the same inode in the same operation,
147  	 * let's do it here.
148  	 */
149  	if (strcmp(fname_name(nm), UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
150  		host_ui->flags |= UBIFS_CRYPT_FL;
151  
152  	err = ubifs_jnl_update(c, host, nm, inode, 0, 1);
153  	if (err)
154  		goto out_cancel;
155  	ubifs_set_inode_flags(host);
156  	mutex_unlock(&host_ui->ui_mutex);
157  
158  	ubifs_release_budget(c, &req);
159  	insert_inode_hash(inode);
160  	iput(inode);
161  	return 0;
162  
163  out_cancel:
164  	host_ui->xattr_cnt -= 1;
165  	host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
166  	host_ui->xattr_size -= CALC_XATTR_BYTES(size);
167  	host_ui->xattr_names -= fname_len(nm);
168  	host_ui->flags &= ~UBIFS_CRYPT_FL;
169  	mutex_unlock(&host_ui->ui_mutex);
170  out_free:
171  	make_bad_inode(inode);
172  	iput(inode);
173  out_budg:
174  	ubifs_release_budget(c, &req);
175  	return err;
176  }
177  
178  /**
179   * change_xattr - change an extended attribute.
180   * @c: UBIFS file-system description object
181   * @host: host inode
182   * @inode: extended attribute inode
183   * @value: extended attribute value
184   * @size: size of extended attribute value
185   *
186   * This helper function changes the value of extended attribute @inode with new
187   * data from @value. Returns zero in case of success and a negative error code
188   * in case of failure.
189   */
190  static int change_xattr(struct ubifs_info *c, struct inode *host,
191  			struct inode *inode, const void *value, int size)
192  {
193  	int err;
194  	struct ubifs_inode *host_ui = ubifs_inode(host);
195  	struct ubifs_inode *ui = ubifs_inode(inode);
196  	void *buf = NULL;
197  	int old_size;
198  	struct ubifs_budget_req req = { .dirtied_ino = 2,
199  		.dirtied_ino_d = ALIGN(size, 8) + ALIGN(host_ui->data_len, 8) };
200  
201  	ubifs_assert(c, ui->data_len == inode->i_size);
202  	err = ubifs_budget_space(c, &req);
203  	if (err)
204  		return err;
205  
206  	buf = kmemdup(value, size, GFP_NOFS);
207  	if (!buf) {
208  		err = -ENOMEM;
209  		goto out_free;
210  	}
211  	kfree(ui->data);
212  	ui->data = buf;
213  	inode->i_size = ui->ui_size = size;
214  	old_size = ui->data_len;
215  	ui->data_len = size;
216  
217  	mutex_lock(&host_ui->ui_mutex);
218  	host->i_ctime = current_time(host);
219  	host_ui->xattr_size -= CALC_XATTR_BYTES(old_size);
220  	host_ui->xattr_size += CALC_XATTR_BYTES(size);
221  
222  	/*
223  	 * It is important to write the host inode after the xattr inode
224  	 * because if the host inode gets synchronized (via 'fsync()'), then
225  	 * the extended attribute inode gets synchronized, because it goes
226  	 * before the host inode in the write-buffer.
227  	 */
228  	err = ubifs_jnl_change_xattr(c, inode, host);
229  	if (err)
230  		goto out_cancel;
231  	mutex_unlock(&host_ui->ui_mutex);
232  
233  	ubifs_release_budget(c, &req);
234  	return 0;
235  
236  out_cancel:
237  	host_ui->xattr_size -= CALC_XATTR_BYTES(size);
238  	host_ui->xattr_size += CALC_XATTR_BYTES(old_size);
239  	mutex_unlock(&host_ui->ui_mutex);
240  	make_bad_inode(inode);
241  out_free:
242  	ubifs_release_budget(c, &req);
243  	return err;
244  }
245  
246  static struct inode *iget_xattr(struct ubifs_info *c, ino_t inum)
247  {
248  	struct inode *inode;
249  
250  	inode = ubifs_iget(c->vfs_sb, inum);
251  	if (IS_ERR(inode)) {
252  		ubifs_err(c, "dead extended attribute entry, error %d",
253  			  (int)PTR_ERR(inode));
254  		return inode;
255  	}
256  	if (ubifs_inode(inode)->xattr)
257  		return inode;
258  	ubifs_err(c, "corrupt extended attribute entry");
259  	iput(inode);
260  	return ERR_PTR(-EINVAL);
261  }
262  
263  int ubifs_xattr_set(struct inode *host, const char *name, const void *value,
264  		    size_t size, int flags, bool check_lock)
265  {
266  	struct inode *inode;
267  	struct ubifs_info *c = host->i_sb->s_fs_info;
268  	struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
269  	struct ubifs_dent_node *xent;
270  	union ubifs_key key;
271  	int err;
272  
273  	if (check_lock)
274  		ubifs_assert(c, inode_is_locked(host));
275  
276  	if (size > UBIFS_MAX_INO_DATA)
277  		return -ERANGE;
278  
279  	if (fname_len(&nm) > UBIFS_MAX_NLEN)
280  		return -ENAMETOOLONG;
281  
282  	xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
283  	if (!xent)
284  		return -ENOMEM;
285  
286  	down_write(&ubifs_inode(host)->xattr_sem);
287  	/*
288  	 * The extended attribute entries are stored in LNC, so multiple
289  	 * look-ups do not involve reading the flash.
290  	 */
291  	xent_key_init(c, &key, host->i_ino, &nm);
292  	err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
293  	if (err) {
294  		if (err != -ENOENT)
295  			goto out_free;
296  
297  		if (flags & XATTR_REPLACE)
298  			/* We are asked not to create the xattr */
299  			err = -ENODATA;
300  		else
301  			err = create_xattr(c, host, &nm, value, size);
302  		goto out_free;
303  	}
304  
305  	if (flags & XATTR_CREATE) {
306  		/* We are asked not to replace the xattr */
307  		err = -EEXIST;
308  		goto out_free;
309  	}
310  
311  	inode = iget_xattr(c, le64_to_cpu(xent->inum));
312  	if (IS_ERR(inode)) {
313  		err = PTR_ERR(inode);
314  		goto out_free;
315  	}
316  
317  	err = change_xattr(c, host, inode, value, size);
318  	iput(inode);
319  
320  out_free:
321  	up_write(&ubifs_inode(host)->xattr_sem);
322  	kfree(xent);
323  	return err;
324  }
325  
326  ssize_t ubifs_xattr_get(struct inode *host, const char *name, void *buf,
327  			size_t size)
328  {
329  	struct inode *inode;
330  	struct ubifs_info *c = host->i_sb->s_fs_info;
331  	struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
332  	struct ubifs_inode *ui;
333  	struct ubifs_dent_node *xent;
334  	union ubifs_key key;
335  	int err;
336  
337  	if (fname_len(&nm) > UBIFS_MAX_NLEN)
338  		return -ENAMETOOLONG;
339  
340  	xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
341  	if (!xent)
342  		return -ENOMEM;
343  
344  	down_read(&ubifs_inode(host)->xattr_sem);
345  	xent_key_init(c, &key, host->i_ino, &nm);
346  	err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
347  	if (err) {
348  		if (err == -ENOENT)
349  			err = -ENODATA;
350  		goto out_cleanup;
351  	}
352  
353  	inode = iget_xattr(c, le64_to_cpu(xent->inum));
354  	if (IS_ERR(inode)) {
355  		err = PTR_ERR(inode);
356  		goto out_cleanup;
357  	}
358  
359  	ui = ubifs_inode(inode);
360  	ubifs_assert(c, inode->i_size == ui->data_len);
361  	ubifs_assert(c, ubifs_inode(host)->xattr_size > ui->data_len);
362  
363  	if (buf) {
364  		/* If @buf is %NULL we are supposed to return the length */
365  		if (ui->data_len > size) {
366  			err = -ERANGE;
367  			goto out_iput;
368  		}
369  
370  		memcpy(buf, ui->data, ui->data_len);
371  	}
372  	err = ui->data_len;
373  
374  out_iput:
375  	iput(inode);
376  out_cleanup:
377  	up_read(&ubifs_inode(host)->xattr_sem);
378  	kfree(xent);
379  	return err;
380  }
381  
382  static bool xattr_visible(const char *name)
383  {
384  	/* File encryption related xattrs are for internal use only */
385  	if (strcmp(name, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
386  		return false;
387  
388  	/* Show trusted namespace only for "power" users */
389  	if (strncmp(name, XATTR_TRUSTED_PREFIX,
390  		    XATTR_TRUSTED_PREFIX_LEN) == 0 && !capable(CAP_SYS_ADMIN))
391  		return false;
392  
393  	return true;
394  }
395  
396  ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size)
397  {
398  	union ubifs_key key;
399  	struct inode *host = d_inode(dentry);
400  	struct ubifs_info *c = host->i_sb->s_fs_info;
401  	struct ubifs_inode *host_ui = ubifs_inode(host);
402  	struct ubifs_dent_node *xent, *pxent = NULL;
403  	int err, len, written = 0;
404  	struct fscrypt_name nm = {0};
405  
406  	dbg_gen("ino %lu ('%pd'), buffer size %zd", host->i_ino,
407  		dentry, size);
408  
409  	down_read(&host_ui->xattr_sem);
410  	len = host_ui->xattr_names + host_ui->xattr_cnt;
411  	if (!buffer) {
412  		/*
413  		 * We should return the minimum buffer size which will fit a
414  		 * null-terminated list of all the extended attribute names.
415  		 */
416  		err = len;
417  		goto out_err;
418  	}
419  
420  	if (len > size) {
421  		err = -ERANGE;
422  		goto out_err;
423  	}
424  
425  	lowest_xent_key(c, &key, host->i_ino);
426  	while (1) {
427  		xent = ubifs_tnc_next_ent(c, &key, &nm);
428  		if (IS_ERR(xent)) {
429  			err = PTR_ERR(xent);
430  			break;
431  		}
432  
433  		fname_name(&nm) = xent->name;
434  		fname_len(&nm) = le16_to_cpu(xent->nlen);
435  
436  		if (xattr_visible(xent->name)) {
437  			memcpy(buffer + written, fname_name(&nm), fname_len(&nm) + 1);
438  			written += fname_len(&nm) + 1;
439  		}
440  
441  		kfree(pxent);
442  		pxent = xent;
443  		key_read(c, &xent->key, &key);
444  	}
445  	kfree(pxent);
446  	up_read(&host_ui->xattr_sem);
447  
448  	if (err != -ENOENT) {
449  		ubifs_err(c, "cannot find next direntry, error %d", err);
450  		return err;
451  	}
452  
453  	ubifs_assert(c, written <= size);
454  	return written;
455  
456  out_err:
457  	up_read(&host_ui->xattr_sem);
458  	return err;
459  }
460  
461  static int remove_xattr(struct ubifs_info *c, struct inode *host,
462  			struct inode *inode, const struct fscrypt_name *nm)
463  {
464  	int err;
465  	struct ubifs_inode *host_ui = ubifs_inode(host);
466  	struct ubifs_inode *ui = ubifs_inode(inode);
467  	struct ubifs_budget_req req = { .dirtied_ino = 2, .mod_dent = 1,
468  				.dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
469  
470  	ubifs_assert(c, ui->data_len == inode->i_size);
471  
472  	err = ubifs_budget_space(c, &req);
473  	if (err)
474  		return err;
475  
476  	mutex_lock(&host_ui->ui_mutex);
477  	host->i_ctime = current_time(host);
478  	host_ui->xattr_cnt -= 1;
479  	host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
480  	host_ui->xattr_size -= CALC_XATTR_BYTES(ui->data_len);
481  	host_ui->xattr_names -= fname_len(nm);
482  
483  	err = ubifs_jnl_delete_xattr(c, host, inode, nm);
484  	if (err)
485  		goto out_cancel;
486  	mutex_unlock(&host_ui->ui_mutex);
487  
488  	ubifs_release_budget(c, &req);
489  	return 0;
490  
491  out_cancel:
492  	host_ui->xattr_cnt += 1;
493  	host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
494  	host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len);
495  	host_ui->xattr_names += fname_len(nm);
496  	mutex_unlock(&host_ui->ui_mutex);
497  	ubifs_release_budget(c, &req);
498  	make_bad_inode(inode);
499  	return err;
500  }
501  
502  int ubifs_purge_xattrs(struct inode *host)
503  {
504  	union ubifs_key key;
505  	struct ubifs_info *c = host->i_sb->s_fs_info;
506  	struct ubifs_dent_node *xent, *pxent = NULL;
507  	struct inode *xino;
508  	struct fscrypt_name nm = {0};
509  	int err;
510  
511  	if (ubifs_inode(host)->xattr_cnt <= ubifs_xattr_max_cnt(c))
512  		return 0;
513  
514  	ubifs_warn(c, "inode %lu has too many xattrs, doing a non-atomic deletion",
515  		   host->i_ino);
516  
517  	down_write(&ubifs_inode(host)->xattr_sem);
518  	lowest_xent_key(c, &key, host->i_ino);
519  	while (1) {
520  		xent = ubifs_tnc_next_ent(c, &key, &nm);
521  		if (IS_ERR(xent)) {
522  			err = PTR_ERR(xent);
523  			break;
524  		}
525  
526  		fname_name(&nm) = xent->name;
527  		fname_len(&nm) = le16_to_cpu(xent->nlen);
528  
529  		xino = ubifs_iget(c->vfs_sb, le64_to_cpu(xent->inum));
530  		if (IS_ERR(xino)) {
531  			err = PTR_ERR(xino);
532  			ubifs_err(c, "dead directory entry '%s', error %d",
533  				  xent->name, err);
534  			ubifs_ro_mode(c, err);
535  			kfree(pxent);
536  			kfree(xent);
537  			goto out_err;
538  		}
539  
540  		ubifs_assert(c, ubifs_inode(xino)->xattr);
541  
542  		clear_nlink(xino);
543  		err = remove_xattr(c, host, xino, &nm);
544  		if (err) {
545  			kfree(pxent);
546  			kfree(xent);
547  			iput(xino);
548  			ubifs_err(c, "cannot remove xattr, error %d", err);
549  			goto out_err;
550  		}
551  
552  		iput(xino);
553  
554  		kfree(pxent);
555  		pxent = xent;
556  		key_read(c, &xent->key, &key);
557  	}
558  	kfree(pxent);
559  	up_write(&ubifs_inode(host)->xattr_sem);
560  
561  	if (err != -ENOENT) {
562  		ubifs_err(c, "cannot find next direntry, error %d", err);
563  		return err;
564  	}
565  
566  	return 0;
567  
568  out_err:
569  	up_write(&ubifs_inode(host)->xattr_sem);
570  	return err;
571  }
572  
573  /**
574   * ubifs_evict_xattr_inode - Evict an xattr inode.
575   * @c: UBIFS file-system description object
576   * @xattr_inum: xattr inode number
577   *
578   * When an inode that hosts xattrs is being removed we have to make sure
579   * that cached inodes of the xattrs also get removed from the inode cache
580   * otherwise we'd waste memory. This function looks up an inode from the
581   * inode cache and clears the link counter such that iput() will evict
582   * the inode.
583   */
584  void ubifs_evict_xattr_inode(struct ubifs_info *c, ino_t xattr_inum)
585  {
586  	struct inode *inode;
587  
588  	inode = ilookup(c->vfs_sb, xattr_inum);
589  	if (inode) {
590  		clear_nlink(inode);
591  		iput(inode);
592  	}
593  }
594  
595  static int ubifs_xattr_remove(struct inode *host, const char *name)
596  {
597  	struct inode *inode;
598  	struct ubifs_info *c = host->i_sb->s_fs_info;
599  	struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
600  	struct ubifs_dent_node *xent;
601  	union ubifs_key key;
602  	int err;
603  
604  	ubifs_assert(c, inode_is_locked(host));
605  
606  	if (fname_len(&nm) > UBIFS_MAX_NLEN)
607  		return -ENAMETOOLONG;
608  
609  	xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
610  	if (!xent)
611  		return -ENOMEM;
612  
613  	down_write(&ubifs_inode(host)->xattr_sem);
614  	xent_key_init(c, &key, host->i_ino, &nm);
615  	err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
616  	if (err) {
617  		if (err == -ENOENT)
618  			err = -ENODATA;
619  		goto out_free;
620  	}
621  
622  	inode = iget_xattr(c, le64_to_cpu(xent->inum));
623  	if (IS_ERR(inode)) {
624  		err = PTR_ERR(inode);
625  		goto out_free;
626  	}
627  
628  	ubifs_assert(c, inode->i_nlink == 1);
629  	clear_nlink(inode);
630  	err = remove_xattr(c, host, inode, &nm);
631  	if (err)
632  		set_nlink(inode, 1);
633  
634  	/* If @i_nlink is 0, 'iput()' will delete the inode */
635  	iput(inode);
636  
637  out_free:
638  	up_write(&ubifs_inode(host)->xattr_sem);
639  	kfree(xent);
640  	return err;
641  }
642  
643  #ifdef CONFIG_UBIFS_FS_SECURITY
644  static int init_xattrs(struct inode *inode, const struct xattr *xattr_array,
645  		      void *fs_info)
646  {
647  	const struct xattr *xattr;
648  	char *name;
649  	int err = 0;
650  
651  	for (xattr = xattr_array; xattr->name != NULL; xattr++) {
652  		name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
653  			       strlen(xattr->name) + 1, GFP_NOFS);
654  		if (!name) {
655  			err = -ENOMEM;
656  			break;
657  		}
658  		strcpy(name, XATTR_SECURITY_PREFIX);
659  		strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
660  		/*
661  		 * creating a new inode without holding the inode rwsem,
662  		 * no need to check whether inode is locked.
663  		 */
664  		err = ubifs_xattr_set(inode, name, xattr->value,
665  				      xattr->value_len, 0, false);
666  		kfree(name);
667  		if (err < 0)
668  			break;
669  	}
670  
671  	return err;
672  }
673  
674  int ubifs_init_security(struct inode *dentry, struct inode *inode,
675  			const struct qstr *qstr)
676  {
677  	int err;
678  
679  	err = security_inode_init_security(inode, dentry, qstr,
680  					   &init_xattrs, NULL);
681  	if (err) {
682  		struct ubifs_info *c = dentry->i_sb->s_fs_info;
683  		ubifs_err(c, "cannot initialize security for inode %lu, error %d",
684  			  inode->i_ino, err);
685  	}
686  	return err;
687  }
688  #endif
689  
690  static int xattr_get(const struct xattr_handler *handler,
691  			   struct dentry *dentry, struct inode *inode,
692  			   const char *name, void *buffer, size_t size)
693  {
694  	dbg_gen("xattr '%s', ino %lu ('%pd'), buf size %zd", name,
695  		inode->i_ino, dentry, size);
696  
697  	name = xattr_full_name(handler, name);
698  	return ubifs_xattr_get(inode, name, buffer, size);
699  }
700  
701  static int xattr_set(const struct xattr_handler *handler,
702  			   struct user_namespace *mnt_userns,
703  			   struct dentry *dentry, struct inode *inode,
704  			   const char *name, const void *value,
705  			   size_t size, int flags)
706  {
707  	dbg_gen("xattr '%s', host ino %lu ('%pd'), size %zd",
708  		name, inode->i_ino, dentry, size);
709  
710  	name = xattr_full_name(handler, name);
711  
712  	if (value)
713  		return ubifs_xattr_set(inode, name, value, size, flags, true);
714  	else
715  		return ubifs_xattr_remove(inode, name);
716  }
717  
718  static const struct xattr_handler ubifs_user_xattr_handler = {
719  	.prefix = XATTR_USER_PREFIX,
720  	.get = xattr_get,
721  	.set = xattr_set,
722  };
723  
724  static const struct xattr_handler ubifs_trusted_xattr_handler = {
725  	.prefix = XATTR_TRUSTED_PREFIX,
726  	.get = xattr_get,
727  	.set = xattr_set,
728  };
729  
730  #ifdef CONFIG_UBIFS_FS_SECURITY
731  static const struct xattr_handler ubifs_security_xattr_handler = {
732  	.prefix = XATTR_SECURITY_PREFIX,
733  	.get = xattr_get,
734  	.set = xattr_set,
735  };
736  #endif
737  
738  const struct xattr_handler *ubifs_xattr_handlers[] = {
739  	&ubifs_user_xattr_handler,
740  	&ubifs_trusted_xattr_handler,
741  #ifdef CONFIG_UBIFS_FS_SECURITY
742  	&ubifs_security_xattr_handler,
743  #endif
744  	NULL
745  };
746