1 /* 2 * linux/fs/ext4/acl.c 3 * 4 * Copyright (C) 2001-2003 Andreas Gruenbacher, <agruen@suse.de> 5 */ 6 7 #include "ext4_jbd2.h" 8 #include "ext4.h" 9 #include "xattr.h" 10 #include "acl.h" 11 12 /* 13 * Convert from filesystem to in-memory representation. 14 */ 15 static struct posix_acl * 16 ext4_acl_from_disk(const void *value, size_t size) 17 { 18 const char *end = (char *)value + size; 19 int n, count; 20 struct posix_acl *acl; 21 22 if (!value) 23 return NULL; 24 if (size < sizeof(ext4_acl_header)) 25 return ERR_PTR(-EINVAL); 26 if (((ext4_acl_header *)value)->a_version != 27 cpu_to_le32(EXT4_ACL_VERSION)) 28 return ERR_PTR(-EINVAL); 29 value = (char *)value + sizeof(ext4_acl_header); 30 count = ext4_acl_count(size); 31 if (count < 0) 32 return ERR_PTR(-EINVAL); 33 if (count == 0) 34 return NULL; 35 acl = posix_acl_alloc(count, GFP_NOFS); 36 if (!acl) 37 return ERR_PTR(-ENOMEM); 38 for (n = 0; n < count; n++) { 39 ext4_acl_entry *entry = 40 (ext4_acl_entry *)value; 41 if ((char *)value + sizeof(ext4_acl_entry_short) > end) 42 goto fail; 43 acl->a_entries[n].e_tag = le16_to_cpu(entry->e_tag); 44 acl->a_entries[n].e_perm = le16_to_cpu(entry->e_perm); 45 46 switch (acl->a_entries[n].e_tag) { 47 case ACL_USER_OBJ: 48 case ACL_GROUP_OBJ: 49 case ACL_MASK: 50 case ACL_OTHER: 51 value = (char *)value + 52 sizeof(ext4_acl_entry_short); 53 break; 54 55 case ACL_USER: 56 value = (char *)value + sizeof(ext4_acl_entry); 57 if ((char *)value > end) 58 goto fail; 59 acl->a_entries[n].e_uid = 60 make_kuid(&init_user_ns, 61 le32_to_cpu(entry->e_id)); 62 break; 63 case ACL_GROUP: 64 value = (char *)value + sizeof(ext4_acl_entry); 65 if ((char *)value > end) 66 goto fail; 67 acl->a_entries[n].e_gid = 68 make_kgid(&init_user_ns, 69 le32_to_cpu(entry->e_id)); 70 break; 71 72 default: 73 goto fail; 74 } 75 } 76 if (value != end) 77 goto fail; 78 return acl; 79 80 fail: 81 posix_acl_release(acl); 82 return ERR_PTR(-EINVAL); 83 } 84 85 /* 86 * Convert from in-memory to filesystem representation. 87 */ 88 static void * 89 ext4_acl_to_disk(const struct posix_acl *acl, size_t *size) 90 { 91 ext4_acl_header *ext_acl; 92 char *e; 93 size_t n; 94 95 *size = ext4_acl_size(acl->a_count); 96 ext_acl = kmalloc(sizeof(ext4_acl_header) + acl->a_count * 97 sizeof(ext4_acl_entry), GFP_NOFS); 98 if (!ext_acl) 99 return ERR_PTR(-ENOMEM); 100 ext_acl->a_version = cpu_to_le32(EXT4_ACL_VERSION); 101 e = (char *)ext_acl + sizeof(ext4_acl_header); 102 for (n = 0; n < acl->a_count; n++) { 103 const struct posix_acl_entry *acl_e = &acl->a_entries[n]; 104 ext4_acl_entry *entry = (ext4_acl_entry *)e; 105 entry->e_tag = cpu_to_le16(acl_e->e_tag); 106 entry->e_perm = cpu_to_le16(acl_e->e_perm); 107 switch (acl_e->e_tag) { 108 case ACL_USER: 109 entry->e_id = cpu_to_le32( 110 from_kuid(&init_user_ns, acl_e->e_uid)); 111 e += sizeof(ext4_acl_entry); 112 break; 113 case ACL_GROUP: 114 entry->e_id = cpu_to_le32( 115 from_kgid(&init_user_ns, acl_e->e_gid)); 116 e += sizeof(ext4_acl_entry); 117 break; 118 119 case ACL_USER_OBJ: 120 case ACL_GROUP_OBJ: 121 case ACL_MASK: 122 case ACL_OTHER: 123 e += sizeof(ext4_acl_entry_short); 124 break; 125 126 default: 127 goto fail; 128 } 129 } 130 return (char *)ext_acl; 131 132 fail: 133 kfree(ext_acl); 134 return ERR_PTR(-EINVAL); 135 } 136 137 /* 138 * Inode operation get_posix_acl(). 139 * 140 * inode->i_mutex: don't care 141 */ 142 struct posix_acl * 143 ext4_get_acl(struct inode *inode, int type) 144 { 145 int name_index; 146 char *value = NULL; 147 struct posix_acl *acl; 148 int retval; 149 150 switch (type) { 151 case ACL_TYPE_ACCESS: 152 name_index = EXT4_XATTR_INDEX_POSIX_ACL_ACCESS; 153 break; 154 case ACL_TYPE_DEFAULT: 155 name_index = EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT; 156 break; 157 default: 158 BUG(); 159 } 160 retval = ext4_xattr_get(inode, name_index, "", NULL, 0); 161 if (retval > 0) { 162 value = kmalloc(retval, GFP_NOFS); 163 if (!value) 164 return ERR_PTR(-ENOMEM); 165 retval = ext4_xattr_get(inode, name_index, "", value, retval); 166 } 167 if (retval > 0) 168 acl = ext4_acl_from_disk(value, retval); 169 else if (retval == -ENODATA || retval == -ENOSYS) 170 acl = NULL; 171 else 172 acl = ERR_PTR(retval); 173 kfree(value); 174 175 if (!IS_ERR(acl)) 176 set_cached_acl(inode, type, acl); 177 178 return acl; 179 } 180 181 /* 182 * Set the access or default ACL of an inode. 183 * 184 * inode->i_mutex: down unless called from ext4_new_inode 185 */ 186 static int 187 __ext4_set_acl(handle_t *handle, struct inode *inode, int type, 188 struct posix_acl *acl) 189 { 190 int name_index; 191 void *value = NULL; 192 size_t size = 0; 193 int error; 194 195 switch (type) { 196 case ACL_TYPE_ACCESS: 197 name_index = EXT4_XATTR_INDEX_POSIX_ACL_ACCESS; 198 if (acl) { 199 error = posix_acl_equiv_mode(acl, &inode->i_mode); 200 if (error < 0) 201 return error; 202 else { 203 inode->i_ctime = ext4_current_time(inode); 204 ext4_mark_inode_dirty(handle, inode); 205 if (error == 0) 206 acl = NULL; 207 } 208 } 209 break; 210 211 case ACL_TYPE_DEFAULT: 212 name_index = EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT; 213 if (!S_ISDIR(inode->i_mode)) 214 return acl ? -EACCES : 0; 215 break; 216 217 default: 218 return -EINVAL; 219 } 220 if (acl) { 221 value = ext4_acl_to_disk(acl, &size); 222 if (IS_ERR(value)) 223 return (int)PTR_ERR(value); 224 } 225 226 error = ext4_xattr_set_handle(handle, inode, name_index, "", 227 value, size, 0); 228 229 kfree(value); 230 if (!error) 231 set_cached_acl(inode, type, acl); 232 233 return error; 234 } 235 236 int 237 ext4_set_acl(struct inode *inode, struct posix_acl *acl, int type) 238 { 239 handle_t *handle; 240 int error, retries = 0; 241 242 retry: 243 handle = ext4_journal_start(inode, EXT4_HT_XATTR, 244 ext4_jbd2_credits_xattr(inode)); 245 if (IS_ERR(handle)) 246 return PTR_ERR(handle); 247 248 error = __ext4_set_acl(handle, inode, type, acl); 249 ext4_journal_stop(handle); 250 if (error == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) 251 goto retry; 252 return error; 253 } 254 255 /* 256 * Initialize the ACLs of a new inode. Called from ext4_new_inode. 257 * 258 * dir->i_mutex: down 259 * inode->i_mutex: up (access to inode is still exclusive) 260 */ 261 int 262 ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir) 263 { 264 struct posix_acl *default_acl, *acl; 265 int error; 266 267 error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); 268 if (error) 269 return error; 270 271 if (default_acl) { 272 error = __ext4_set_acl(handle, inode, ACL_TYPE_DEFAULT, 273 default_acl); 274 posix_acl_release(default_acl); 275 } 276 if (acl) { 277 if (!error) 278 error = __ext4_set_acl(handle, inode, ACL_TYPE_ACCESS, 279 acl); 280 posix_acl_release(acl); 281 } 282 return error; 283 } 284