xref: /linux/fs/ext4/acl.c (revision 827634added7f38b7d724cab1dccdb2b004c13c3)
1 /*
2  * linux/fs/ext4/acl.c
3  *
4  * Copyright (C) 2001-2003 Andreas Gruenbacher, <agruen@suse.de>
5  */
6 
7 #include "ext4_jbd2.h"
8 #include "ext4.h"
9 #include "xattr.h"
10 #include "acl.h"
11 
12 /*
13  * Convert from filesystem to in-memory representation.
14  */
15 static struct posix_acl *
16 ext4_acl_from_disk(const void *value, size_t size)
17 {
18 	const char *end = (char *)value + size;
19 	int n, count;
20 	struct posix_acl *acl;
21 
22 	if (!value)
23 		return NULL;
24 	if (size < sizeof(ext4_acl_header))
25 		 return ERR_PTR(-EINVAL);
26 	if (((ext4_acl_header *)value)->a_version !=
27 	    cpu_to_le32(EXT4_ACL_VERSION))
28 		return ERR_PTR(-EINVAL);
29 	value = (char *)value + sizeof(ext4_acl_header);
30 	count = ext4_acl_count(size);
31 	if (count < 0)
32 		return ERR_PTR(-EINVAL);
33 	if (count == 0)
34 		return NULL;
35 	acl = posix_acl_alloc(count, GFP_NOFS);
36 	if (!acl)
37 		return ERR_PTR(-ENOMEM);
38 	for (n = 0; n < count; n++) {
39 		ext4_acl_entry *entry =
40 			(ext4_acl_entry *)value;
41 		if ((char *)value + sizeof(ext4_acl_entry_short) > end)
42 			goto fail;
43 		acl->a_entries[n].e_tag  = le16_to_cpu(entry->e_tag);
44 		acl->a_entries[n].e_perm = le16_to_cpu(entry->e_perm);
45 
46 		switch (acl->a_entries[n].e_tag) {
47 		case ACL_USER_OBJ:
48 		case ACL_GROUP_OBJ:
49 		case ACL_MASK:
50 		case ACL_OTHER:
51 			value = (char *)value +
52 				sizeof(ext4_acl_entry_short);
53 			break;
54 
55 		case ACL_USER:
56 			value = (char *)value + sizeof(ext4_acl_entry);
57 			if ((char *)value > end)
58 				goto fail;
59 			acl->a_entries[n].e_uid =
60 				make_kuid(&init_user_ns,
61 					  le32_to_cpu(entry->e_id));
62 			break;
63 		case ACL_GROUP:
64 			value = (char *)value + sizeof(ext4_acl_entry);
65 			if ((char *)value > end)
66 				goto fail;
67 			acl->a_entries[n].e_gid =
68 				make_kgid(&init_user_ns,
69 					  le32_to_cpu(entry->e_id));
70 			break;
71 
72 		default:
73 			goto fail;
74 		}
75 	}
76 	if (value != end)
77 		goto fail;
78 	return acl;
79 
80 fail:
81 	posix_acl_release(acl);
82 	return ERR_PTR(-EINVAL);
83 }
84 
85 /*
86  * Convert from in-memory to filesystem representation.
87  */
88 static void *
89 ext4_acl_to_disk(const struct posix_acl *acl, size_t *size)
90 {
91 	ext4_acl_header *ext_acl;
92 	char *e;
93 	size_t n;
94 
95 	*size = ext4_acl_size(acl->a_count);
96 	ext_acl = kmalloc(sizeof(ext4_acl_header) + acl->a_count *
97 			sizeof(ext4_acl_entry), GFP_NOFS);
98 	if (!ext_acl)
99 		return ERR_PTR(-ENOMEM);
100 	ext_acl->a_version = cpu_to_le32(EXT4_ACL_VERSION);
101 	e = (char *)ext_acl + sizeof(ext4_acl_header);
102 	for (n = 0; n < acl->a_count; n++) {
103 		const struct posix_acl_entry *acl_e = &acl->a_entries[n];
104 		ext4_acl_entry *entry = (ext4_acl_entry *)e;
105 		entry->e_tag  = cpu_to_le16(acl_e->e_tag);
106 		entry->e_perm = cpu_to_le16(acl_e->e_perm);
107 		switch (acl_e->e_tag) {
108 		case ACL_USER:
109 			entry->e_id = cpu_to_le32(
110 				from_kuid(&init_user_ns, acl_e->e_uid));
111 			e += sizeof(ext4_acl_entry);
112 			break;
113 		case ACL_GROUP:
114 			entry->e_id = cpu_to_le32(
115 				from_kgid(&init_user_ns, acl_e->e_gid));
116 			e += sizeof(ext4_acl_entry);
117 			break;
118 
119 		case ACL_USER_OBJ:
120 		case ACL_GROUP_OBJ:
121 		case ACL_MASK:
122 		case ACL_OTHER:
123 			e += sizeof(ext4_acl_entry_short);
124 			break;
125 
126 		default:
127 			goto fail;
128 		}
129 	}
130 	return (char *)ext_acl;
131 
132 fail:
133 	kfree(ext_acl);
134 	return ERR_PTR(-EINVAL);
135 }
136 
137 /*
138  * Inode operation get_posix_acl().
139  *
140  * inode->i_mutex: don't care
141  */
142 struct posix_acl *
143 ext4_get_acl(struct inode *inode, int type)
144 {
145 	int name_index;
146 	char *value = NULL;
147 	struct posix_acl *acl;
148 	int retval;
149 
150 	switch (type) {
151 	case ACL_TYPE_ACCESS:
152 		name_index = EXT4_XATTR_INDEX_POSIX_ACL_ACCESS;
153 		break;
154 	case ACL_TYPE_DEFAULT:
155 		name_index = EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT;
156 		break;
157 	default:
158 		BUG();
159 	}
160 	retval = ext4_xattr_get(inode, name_index, "", NULL, 0);
161 	if (retval > 0) {
162 		value = kmalloc(retval, GFP_NOFS);
163 		if (!value)
164 			return ERR_PTR(-ENOMEM);
165 		retval = ext4_xattr_get(inode, name_index, "", value, retval);
166 	}
167 	if (retval > 0)
168 		acl = ext4_acl_from_disk(value, retval);
169 	else if (retval == -ENODATA || retval == -ENOSYS)
170 		acl = NULL;
171 	else
172 		acl = ERR_PTR(retval);
173 	kfree(value);
174 
175 	if (!IS_ERR(acl))
176 		set_cached_acl(inode, type, acl);
177 
178 	return acl;
179 }
180 
181 /*
182  * Set the access or default ACL of an inode.
183  *
184  * inode->i_mutex: down unless called from ext4_new_inode
185  */
186 static int
187 __ext4_set_acl(handle_t *handle, struct inode *inode, int type,
188 	     struct posix_acl *acl)
189 {
190 	int name_index;
191 	void *value = NULL;
192 	size_t size = 0;
193 	int error;
194 
195 	switch (type) {
196 	case ACL_TYPE_ACCESS:
197 		name_index = EXT4_XATTR_INDEX_POSIX_ACL_ACCESS;
198 		if (acl) {
199 			error = posix_acl_equiv_mode(acl, &inode->i_mode);
200 			if (error < 0)
201 				return error;
202 			else {
203 				inode->i_ctime = ext4_current_time(inode);
204 				ext4_mark_inode_dirty(handle, inode);
205 				if (error == 0)
206 					acl = NULL;
207 			}
208 		}
209 		break;
210 
211 	case ACL_TYPE_DEFAULT:
212 		name_index = EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT;
213 		if (!S_ISDIR(inode->i_mode))
214 			return acl ? -EACCES : 0;
215 		break;
216 
217 	default:
218 		return -EINVAL;
219 	}
220 	if (acl) {
221 		value = ext4_acl_to_disk(acl, &size);
222 		if (IS_ERR(value))
223 			return (int)PTR_ERR(value);
224 	}
225 
226 	error = ext4_xattr_set_handle(handle, inode, name_index, "",
227 				      value, size, 0);
228 
229 	kfree(value);
230 	if (!error)
231 		set_cached_acl(inode, type, acl);
232 
233 	return error;
234 }
235 
236 int
237 ext4_set_acl(struct inode *inode, struct posix_acl *acl, int type)
238 {
239 	handle_t *handle;
240 	int error, retries = 0;
241 
242 retry:
243 	handle = ext4_journal_start(inode, EXT4_HT_XATTR,
244 				    ext4_jbd2_credits_xattr(inode));
245 	if (IS_ERR(handle))
246 		return PTR_ERR(handle);
247 
248 	error = __ext4_set_acl(handle, inode, type, acl);
249 	ext4_journal_stop(handle);
250 	if (error == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries))
251 		goto retry;
252 	return error;
253 }
254 
255 /*
256  * Initialize the ACLs of a new inode. Called from ext4_new_inode.
257  *
258  * dir->i_mutex: down
259  * inode->i_mutex: up (access to inode is still exclusive)
260  */
261 int
262 ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir)
263 {
264 	struct posix_acl *default_acl, *acl;
265 	int error;
266 
267 	error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
268 	if (error)
269 		return error;
270 
271 	if (default_acl) {
272 		error = __ext4_set_acl(handle, inode, ACL_TYPE_DEFAULT,
273 				       default_acl);
274 		posix_acl_release(default_acl);
275 	}
276 	if (acl) {
277 		if (!error)
278 			error = __ext4_set_acl(handle, inode, ACL_TYPE_ACCESS,
279 					       acl);
280 		posix_acl_release(acl);
281 	}
282 	return error;
283 }
284