1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2017-2018 HUAWEI, Inc. 4 * https://www.huawei.com/ 5 * Created by Gao Xiang <gaoxiang25@huawei.com> 6 */ 7 #include <linux/security.h> 8 #include "xattr.h" 9 10 struct xattr_iter { 11 struct super_block *sb; 12 struct page *page; 13 void *kaddr; 14 15 erofs_blk_t blkaddr; 16 unsigned int ofs; 17 }; 18 19 static inline void xattr_iter_end(struct xattr_iter *it, bool atomic) 20 { 21 /* the only user of kunmap() is 'init_inode_xattrs' */ 22 if (!atomic) 23 kunmap(it->page); 24 else 25 kunmap_atomic(it->kaddr); 26 27 unlock_page(it->page); 28 put_page(it->page); 29 } 30 31 static inline void xattr_iter_end_final(struct xattr_iter *it) 32 { 33 if (!it->page) 34 return; 35 36 xattr_iter_end(it, true); 37 } 38 39 static int init_inode_xattrs(struct inode *inode) 40 { 41 struct erofs_inode *const vi = EROFS_I(inode); 42 struct xattr_iter it; 43 unsigned int i; 44 struct erofs_xattr_ibody_header *ih; 45 struct super_block *sb; 46 struct erofs_sb_info *sbi; 47 bool atomic_map; 48 int ret = 0; 49 50 /* the most case is that xattrs of this inode are initialized. */ 51 if (test_bit(EROFS_I_EA_INITED_BIT, &vi->flags)) 52 return 0; 53 54 if (wait_on_bit_lock(&vi->flags, EROFS_I_BL_XATTR_BIT, TASK_KILLABLE)) 55 return -ERESTARTSYS; 56 57 /* someone has initialized xattrs for us? */ 58 if (test_bit(EROFS_I_EA_INITED_BIT, &vi->flags)) 59 goto out_unlock; 60 61 /* 62 * bypass all xattr operations if ->xattr_isize is not greater than 63 * sizeof(struct erofs_xattr_ibody_header), in detail: 64 * 1) it is not enough to contain erofs_xattr_ibody_header then 65 * ->xattr_isize should be 0 (it means no xattr); 66 * 2) it is just to contain erofs_xattr_ibody_header, which is on-disk 67 * undefined right now (maybe use later with some new sb feature). 68 */ 69 if (vi->xattr_isize == sizeof(struct erofs_xattr_ibody_header)) { 70 erofs_err(inode->i_sb, 71 "xattr_isize %d of nid %llu is not supported yet", 72 vi->xattr_isize, vi->nid); 73 ret = -EOPNOTSUPP; 74 goto out_unlock; 75 } else if (vi->xattr_isize < sizeof(struct erofs_xattr_ibody_header)) { 76 if (vi->xattr_isize) { 77 erofs_err(inode->i_sb, 78 "bogus xattr ibody @ nid %llu", vi->nid); 79 DBG_BUGON(1); 80 ret = -EFSCORRUPTED; 81 goto out_unlock; /* xattr ondisk layout error */ 82 } 83 ret = -ENOATTR; 84 goto out_unlock; 85 } 86 87 sb = inode->i_sb; 88 sbi = EROFS_SB(sb); 89 it.blkaddr = erofs_blknr(iloc(sbi, vi->nid) + vi->inode_isize); 90 it.ofs = erofs_blkoff(iloc(sbi, vi->nid) + vi->inode_isize); 91 92 it.page = erofs_get_meta_page(sb, it.blkaddr); 93 if (IS_ERR(it.page)) { 94 ret = PTR_ERR(it.page); 95 goto out_unlock; 96 } 97 98 /* read in shared xattr array (non-atomic, see kmalloc below) */ 99 it.kaddr = kmap(it.page); 100 atomic_map = false; 101 102 ih = (struct erofs_xattr_ibody_header *)(it.kaddr + it.ofs); 103 104 vi->xattr_shared_count = ih->h_shared_count; 105 vi->xattr_shared_xattrs = kmalloc_array(vi->xattr_shared_count, 106 sizeof(uint), GFP_KERNEL); 107 if (!vi->xattr_shared_xattrs) { 108 xattr_iter_end(&it, atomic_map); 109 ret = -ENOMEM; 110 goto out_unlock; 111 } 112 113 /* let's skip ibody header */ 114 it.ofs += sizeof(struct erofs_xattr_ibody_header); 115 116 for (i = 0; i < vi->xattr_shared_count; ++i) { 117 if (it.ofs >= EROFS_BLKSIZ) { 118 /* cannot be unaligned */ 119 DBG_BUGON(it.ofs != EROFS_BLKSIZ); 120 xattr_iter_end(&it, atomic_map); 121 122 it.page = erofs_get_meta_page(sb, ++it.blkaddr); 123 if (IS_ERR(it.page)) { 124 kfree(vi->xattr_shared_xattrs); 125 vi->xattr_shared_xattrs = NULL; 126 ret = PTR_ERR(it.page); 127 goto out_unlock; 128 } 129 130 it.kaddr = kmap_atomic(it.page); 131 atomic_map = true; 132 it.ofs = 0; 133 } 134 vi->xattr_shared_xattrs[i] = 135 le32_to_cpu(*(__le32 *)(it.kaddr + it.ofs)); 136 it.ofs += sizeof(__le32); 137 } 138 xattr_iter_end(&it, atomic_map); 139 140 set_bit(EROFS_I_EA_INITED_BIT, &vi->flags); 141 142 out_unlock: 143 clear_and_wake_up_bit(EROFS_I_BL_XATTR_BIT, &vi->flags); 144 return ret; 145 } 146 147 /* 148 * the general idea for these return values is 149 * if 0 is returned, go on processing the current xattr; 150 * 1 (> 0) is returned, skip this round to process the next xattr; 151 * -err (< 0) is returned, an error (maybe ENOXATTR) occurred 152 * and need to be handled 153 */ 154 struct xattr_iter_handlers { 155 int (*entry)(struct xattr_iter *_it, struct erofs_xattr_entry *entry); 156 int (*name)(struct xattr_iter *_it, unsigned int processed, char *buf, 157 unsigned int len); 158 int (*alloc_buffer)(struct xattr_iter *_it, unsigned int value_sz); 159 void (*value)(struct xattr_iter *_it, unsigned int processed, char *buf, 160 unsigned int len); 161 }; 162 163 static inline int xattr_iter_fixup(struct xattr_iter *it) 164 { 165 if (it->ofs < EROFS_BLKSIZ) 166 return 0; 167 168 xattr_iter_end(it, true); 169 170 it->blkaddr += erofs_blknr(it->ofs); 171 172 it->page = erofs_get_meta_page(it->sb, it->blkaddr); 173 if (IS_ERR(it->page)) { 174 int err = PTR_ERR(it->page); 175 176 it->page = NULL; 177 return err; 178 } 179 180 it->kaddr = kmap_atomic(it->page); 181 it->ofs = erofs_blkoff(it->ofs); 182 return 0; 183 } 184 185 static int inline_xattr_iter_begin(struct xattr_iter *it, 186 struct inode *inode) 187 { 188 struct erofs_inode *const vi = EROFS_I(inode); 189 struct erofs_sb_info *const sbi = EROFS_SB(inode->i_sb); 190 unsigned int xattr_header_sz, inline_xattr_ofs; 191 192 xattr_header_sz = inlinexattr_header_size(inode); 193 if (xattr_header_sz >= vi->xattr_isize) { 194 DBG_BUGON(xattr_header_sz > vi->xattr_isize); 195 return -ENOATTR; 196 } 197 198 inline_xattr_ofs = vi->inode_isize + xattr_header_sz; 199 200 it->blkaddr = erofs_blknr(iloc(sbi, vi->nid) + inline_xattr_ofs); 201 it->ofs = erofs_blkoff(iloc(sbi, vi->nid) + inline_xattr_ofs); 202 203 it->page = erofs_get_meta_page(inode->i_sb, it->blkaddr); 204 if (IS_ERR(it->page)) 205 return PTR_ERR(it->page); 206 207 it->kaddr = kmap_atomic(it->page); 208 return vi->xattr_isize - xattr_header_sz; 209 } 210 211 /* 212 * Regardless of success or failure, `xattr_foreach' will end up with 213 * `ofs' pointing to the next xattr item rather than an arbitrary position. 214 */ 215 static int xattr_foreach(struct xattr_iter *it, 216 const struct xattr_iter_handlers *op, 217 unsigned int *tlimit) 218 { 219 struct erofs_xattr_entry entry; 220 unsigned int value_sz, processed, slice; 221 int err; 222 223 /* 0. fixup blkaddr, ofs, ipage */ 224 err = xattr_iter_fixup(it); 225 if (err) 226 return err; 227 228 /* 229 * 1. read xattr entry to the memory, 230 * since we do EROFS_XATTR_ALIGN 231 * therefore entry should be in the page 232 */ 233 entry = *(struct erofs_xattr_entry *)(it->kaddr + it->ofs); 234 if (tlimit) { 235 unsigned int entry_sz = erofs_xattr_entry_size(&entry); 236 237 /* xattr on-disk corruption: xattr entry beyond xattr_isize */ 238 if (*tlimit < entry_sz) { 239 DBG_BUGON(1); 240 return -EFSCORRUPTED; 241 } 242 *tlimit -= entry_sz; 243 } 244 245 it->ofs += sizeof(struct erofs_xattr_entry); 246 value_sz = le16_to_cpu(entry.e_value_size); 247 248 /* handle entry */ 249 err = op->entry(it, &entry); 250 if (err) { 251 it->ofs += entry.e_name_len + value_sz; 252 goto out; 253 } 254 255 /* 2. handle xattr name (ofs will finally be at the end of name) */ 256 processed = 0; 257 258 while (processed < entry.e_name_len) { 259 if (it->ofs >= EROFS_BLKSIZ) { 260 DBG_BUGON(it->ofs > EROFS_BLKSIZ); 261 262 err = xattr_iter_fixup(it); 263 if (err) 264 goto out; 265 it->ofs = 0; 266 } 267 268 slice = min_t(unsigned int, PAGE_SIZE - it->ofs, 269 entry.e_name_len - processed); 270 271 /* handle name */ 272 err = op->name(it, processed, it->kaddr + it->ofs, slice); 273 if (err) { 274 it->ofs += entry.e_name_len - processed + value_sz; 275 goto out; 276 } 277 278 it->ofs += slice; 279 processed += slice; 280 } 281 282 /* 3. handle xattr value */ 283 processed = 0; 284 285 if (op->alloc_buffer) { 286 err = op->alloc_buffer(it, value_sz); 287 if (err) { 288 it->ofs += value_sz; 289 goto out; 290 } 291 } 292 293 while (processed < value_sz) { 294 if (it->ofs >= EROFS_BLKSIZ) { 295 DBG_BUGON(it->ofs > EROFS_BLKSIZ); 296 297 err = xattr_iter_fixup(it); 298 if (err) 299 goto out; 300 it->ofs = 0; 301 } 302 303 slice = min_t(unsigned int, PAGE_SIZE - it->ofs, 304 value_sz - processed); 305 op->value(it, processed, it->kaddr + it->ofs, slice); 306 it->ofs += slice; 307 processed += slice; 308 } 309 310 out: 311 /* xattrs should be 4-byte aligned (on-disk constraint) */ 312 it->ofs = EROFS_XATTR_ALIGN(it->ofs); 313 return err < 0 ? err : 0; 314 } 315 316 struct getxattr_iter { 317 struct xattr_iter it; 318 319 char *buffer; 320 int buffer_size, index; 321 struct qstr name; 322 }; 323 324 static int xattr_entrymatch(struct xattr_iter *_it, 325 struct erofs_xattr_entry *entry) 326 { 327 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it); 328 329 return (it->index != entry->e_name_index || 330 it->name.len != entry->e_name_len) ? -ENOATTR : 0; 331 } 332 333 static int xattr_namematch(struct xattr_iter *_it, 334 unsigned int processed, char *buf, unsigned int len) 335 { 336 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it); 337 338 return memcmp(buf, it->name.name + processed, len) ? -ENOATTR : 0; 339 } 340 341 static int xattr_checkbuffer(struct xattr_iter *_it, 342 unsigned int value_sz) 343 { 344 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it); 345 int err = it->buffer_size < value_sz ? -ERANGE : 0; 346 347 it->buffer_size = value_sz; 348 return !it->buffer ? 1 : err; 349 } 350 351 static void xattr_copyvalue(struct xattr_iter *_it, 352 unsigned int processed, 353 char *buf, unsigned int len) 354 { 355 struct getxattr_iter *it = container_of(_it, struct getxattr_iter, it); 356 357 memcpy(it->buffer + processed, buf, len); 358 } 359 360 static const struct xattr_iter_handlers find_xattr_handlers = { 361 .entry = xattr_entrymatch, 362 .name = xattr_namematch, 363 .alloc_buffer = xattr_checkbuffer, 364 .value = xattr_copyvalue 365 }; 366 367 static int inline_getxattr(struct inode *inode, struct getxattr_iter *it) 368 { 369 int ret; 370 unsigned int remaining; 371 372 ret = inline_xattr_iter_begin(&it->it, inode); 373 if (ret < 0) 374 return ret; 375 376 remaining = ret; 377 while (remaining) { 378 ret = xattr_foreach(&it->it, &find_xattr_handlers, &remaining); 379 if (ret != -ENOATTR) 380 break; 381 } 382 xattr_iter_end_final(&it->it); 383 384 return ret ? ret : it->buffer_size; 385 } 386 387 static int shared_getxattr(struct inode *inode, struct getxattr_iter *it) 388 { 389 struct erofs_inode *const vi = EROFS_I(inode); 390 struct super_block *const sb = inode->i_sb; 391 struct erofs_sb_info *const sbi = EROFS_SB(sb); 392 unsigned int i; 393 int ret = -ENOATTR; 394 395 for (i = 0; i < vi->xattr_shared_count; ++i) { 396 erofs_blk_t blkaddr = 397 xattrblock_addr(sbi, vi->xattr_shared_xattrs[i]); 398 399 it->it.ofs = xattrblock_offset(sbi, vi->xattr_shared_xattrs[i]); 400 401 if (!i || blkaddr != it->it.blkaddr) { 402 if (i) 403 xattr_iter_end(&it->it, true); 404 405 it->it.page = erofs_get_meta_page(sb, blkaddr); 406 if (IS_ERR(it->it.page)) 407 return PTR_ERR(it->it.page); 408 409 it->it.kaddr = kmap_atomic(it->it.page); 410 it->it.blkaddr = blkaddr; 411 } 412 413 ret = xattr_foreach(&it->it, &find_xattr_handlers, NULL); 414 if (ret != -ENOATTR) 415 break; 416 } 417 if (vi->xattr_shared_count) 418 xattr_iter_end_final(&it->it); 419 420 return ret ? ret : it->buffer_size; 421 } 422 423 static bool erofs_xattr_user_list(struct dentry *dentry) 424 { 425 return test_opt(&EROFS_SB(dentry->d_sb)->ctx, XATTR_USER); 426 } 427 428 static bool erofs_xattr_trusted_list(struct dentry *dentry) 429 { 430 return capable(CAP_SYS_ADMIN); 431 } 432 433 int erofs_getxattr(struct inode *inode, int index, 434 const char *name, 435 void *buffer, size_t buffer_size) 436 { 437 int ret; 438 struct getxattr_iter it; 439 440 if (!name) 441 return -EINVAL; 442 443 ret = init_inode_xattrs(inode); 444 if (ret) 445 return ret; 446 447 it.index = index; 448 449 it.name.len = strlen(name); 450 if (it.name.len > EROFS_NAME_LEN) 451 return -ERANGE; 452 it.name.name = name; 453 454 it.buffer = buffer; 455 it.buffer_size = buffer_size; 456 457 it.it.sb = inode->i_sb; 458 ret = inline_getxattr(inode, &it); 459 if (ret == -ENOATTR) 460 ret = shared_getxattr(inode, &it); 461 return ret; 462 } 463 464 static int erofs_xattr_generic_get(const struct xattr_handler *handler, 465 struct dentry *unused, struct inode *inode, 466 const char *name, void *buffer, size_t size) 467 { 468 struct erofs_sb_info *const sbi = EROFS_I_SB(inode); 469 470 switch (handler->flags) { 471 case EROFS_XATTR_INDEX_USER: 472 if (!test_opt(&sbi->ctx, XATTR_USER)) 473 return -EOPNOTSUPP; 474 break; 475 case EROFS_XATTR_INDEX_TRUSTED: 476 break; 477 case EROFS_XATTR_INDEX_SECURITY: 478 break; 479 default: 480 return -EINVAL; 481 } 482 483 return erofs_getxattr(inode, handler->flags, name, buffer, size); 484 } 485 486 const struct xattr_handler erofs_xattr_user_handler = { 487 .prefix = XATTR_USER_PREFIX, 488 .flags = EROFS_XATTR_INDEX_USER, 489 .list = erofs_xattr_user_list, 490 .get = erofs_xattr_generic_get, 491 }; 492 493 const struct xattr_handler erofs_xattr_trusted_handler = { 494 .prefix = XATTR_TRUSTED_PREFIX, 495 .flags = EROFS_XATTR_INDEX_TRUSTED, 496 .list = erofs_xattr_trusted_list, 497 .get = erofs_xattr_generic_get, 498 }; 499 500 #ifdef CONFIG_EROFS_FS_SECURITY 501 const struct xattr_handler __maybe_unused erofs_xattr_security_handler = { 502 .prefix = XATTR_SECURITY_PREFIX, 503 .flags = EROFS_XATTR_INDEX_SECURITY, 504 .get = erofs_xattr_generic_get, 505 }; 506 #endif 507 508 const struct xattr_handler *erofs_xattr_handlers[] = { 509 &erofs_xattr_user_handler, 510 #ifdef CONFIG_EROFS_FS_POSIX_ACL 511 &posix_acl_access_xattr_handler, 512 &posix_acl_default_xattr_handler, 513 #endif 514 &erofs_xattr_trusted_handler, 515 #ifdef CONFIG_EROFS_FS_SECURITY 516 &erofs_xattr_security_handler, 517 #endif 518 NULL, 519 }; 520 521 struct listxattr_iter { 522 struct xattr_iter it; 523 524 struct dentry *dentry; 525 char *buffer; 526 int buffer_size, buffer_ofs; 527 }; 528 529 static int xattr_entrylist(struct xattr_iter *_it, 530 struct erofs_xattr_entry *entry) 531 { 532 struct listxattr_iter *it = 533 container_of(_it, struct listxattr_iter, it); 534 unsigned int prefix_len; 535 const char *prefix; 536 537 const struct xattr_handler *h = 538 erofs_xattr_handler(entry->e_name_index); 539 540 if (!h || (h->list && !h->list(it->dentry))) 541 return 1; 542 543 prefix = xattr_prefix(h); 544 prefix_len = strlen(prefix); 545 546 if (!it->buffer) { 547 it->buffer_ofs += prefix_len + entry->e_name_len + 1; 548 return 1; 549 } 550 551 if (it->buffer_ofs + prefix_len 552 + entry->e_name_len + 1 > it->buffer_size) 553 return -ERANGE; 554 555 memcpy(it->buffer + it->buffer_ofs, prefix, prefix_len); 556 it->buffer_ofs += prefix_len; 557 return 0; 558 } 559 560 static int xattr_namelist(struct xattr_iter *_it, 561 unsigned int processed, char *buf, unsigned int len) 562 { 563 struct listxattr_iter *it = 564 container_of(_it, struct listxattr_iter, it); 565 566 memcpy(it->buffer + it->buffer_ofs, buf, len); 567 it->buffer_ofs += len; 568 return 0; 569 } 570 571 static int xattr_skipvalue(struct xattr_iter *_it, 572 unsigned int value_sz) 573 { 574 struct listxattr_iter *it = 575 container_of(_it, struct listxattr_iter, it); 576 577 it->buffer[it->buffer_ofs++] = '\0'; 578 return 1; 579 } 580 581 static const struct xattr_iter_handlers list_xattr_handlers = { 582 .entry = xattr_entrylist, 583 .name = xattr_namelist, 584 .alloc_buffer = xattr_skipvalue, 585 .value = NULL 586 }; 587 588 static int inline_listxattr(struct listxattr_iter *it) 589 { 590 int ret; 591 unsigned int remaining; 592 593 ret = inline_xattr_iter_begin(&it->it, d_inode(it->dentry)); 594 if (ret < 0) 595 return ret; 596 597 remaining = ret; 598 while (remaining) { 599 ret = xattr_foreach(&it->it, &list_xattr_handlers, &remaining); 600 if (ret) 601 break; 602 } 603 xattr_iter_end_final(&it->it); 604 return ret ? ret : it->buffer_ofs; 605 } 606 607 static int shared_listxattr(struct listxattr_iter *it) 608 { 609 struct inode *const inode = d_inode(it->dentry); 610 struct erofs_inode *const vi = EROFS_I(inode); 611 struct super_block *const sb = inode->i_sb; 612 struct erofs_sb_info *const sbi = EROFS_SB(sb); 613 unsigned int i; 614 int ret = 0; 615 616 for (i = 0; i < vi->xattr_shared_count; ++i) { 617 erofs_blk_t blkaddr = 618 xattrblock_addr(sbi, vi->xattr_shared_xattrs[i]); 619 620 it->it.ofs = xattrblock_offset(sbi, vi->xattr_shared_xattrs[i]); 621 if (!i || blkaddr != it->it.blkaddr) { 622 if (i) 623 xattr_iter_end(&it->it, true); 624 625 it->it.page = erofs_get_meta_page(sb, blkaddr); 626 if (IS_ERR(it->it.page)) 627 return PTR_ERR(it->it.page); 628 629 it->it.kaddr = kmap_atomic(it->it.page); 630 it->it.blkaddr = blkaddr; 631 } 632 633 ret = xattr_foreach(&it->it, &list_xattr_handlers, NULL); 634 if (ret) 635 break; 636 } 637 if (vi->xattr_shared_count) 638 xattr_iter_end_final(&it->it); 639 640 return ret ? ret : it->buffer_ofs; 641 } 642 643 ssize_t erofs_listxattr(struct dentry *dentry, 644 char *buffer, size_t buffer_size) 645 { 646 int ret; 647 struct listxattr_iter it; 648 649 ret = init_inode_xattrs(d_inode(dentry)); 650 if (ret == -ENOATTR) 651 return 0; 652 if (ret) 653 return ret; 654 655 it.dentry = dentry; 656 it.buffer = buffer; 657 it.buffer_size = buffer_size; 658 it.buffer_ofs = 0; 659 660 it.it.sb = dentry->d_sb; 661 662 ret = inline_listxattr(&it); 663 if (ret < 0 && ret != -ENOATTR) 664 return ret; 665 return shared_listxattr(&it); 666 } 667 668 #ifdef CONFIG_EROFS_FS_POSIX_ACL 669 struct posix_acl *erofs_get_acl(struct inode *inode, int type) 670 { 671 struct posix_acl *acl; 672 int prefix, rc; 673 char *value = NULL; 674 675 switch (type) { 676 case ACL_TYPE_ACCESS: 677 prefix = EROFS_XATTR_INDEX_POSIX_ACL_ACCESS; 678 break; 679 case ACL_TYPE_DEFAULT: 680 prefix = EROFS_XATTR_INDEX_POSIX_ACL_DEFAULT; 681 break; 682 default: 683 return ERR_PTR(-EINVAL); 684 } 685 686 rc = erofs_getxattr(inode, prefix, "", NULL, 0); 687 if (rc > 0) { 688 value = kmalloc(rc, GFP_KERNEL); 689 if (!value) 690 return ERR_PTR(-ENOMEM); 691 rc = erofs_getxattr(inode, prefix, "", value, rc); 692 } 693 694 if (rc == -ENOATTR) 695 acl = NULL; 696 else if (rc < 0) 697 acl = ERR_PTR(rc); 698 else 699 acl = posix_acl_from_xattr(&init_user_ns, value, rc); 700 kfree(value); 701 return acl; 702 } 703 #endif 704 705