1 /* 2 * Copyright (C) International Business Machines Corp., 2000-2004 3 * Copyright (C) Christoph Hellwig, 2002 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation; either version 2 of the License, or 8 * (at your option) any later version. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See 13 * the GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, write to the Free Software 17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 18 */ 19 20 #include <linux/capability.h> 21 #include <linux/fs.h> 22 #include <linux/xattr.h> 23 #include <linux/posix_acl_xattr.h> 24 #include <linux/quotaops.h> 25 #include <linux/security.h> 26 #include "jfs_incore.h" 27 #include "jfs_superblock.h" 28 #include "jfs_dmap.h" 29 #include "jfs_debug.h" 30 #include "jfs_dinode.h" 31 #include "jfs_extent.h" 32 #include "jfs_metapage.h" 33 #include "jfs_xattr.h" 34 #include "jfs_acl.h" 35 36 /* 37 * jfs_xattr.c: extended attribute service 38 * 39 * Overall design -- 40 * 41 * Format: 42 * 43 * Extended attribute lists (jfs_ea_list) consist of an overall size (32 bit 44 * value) and a variable (0 or more) number of extended attribute 45 * entries. Each extended attribute entry (jfs_ea) is a <name,value> double 46 * where <name> is constructed from a null-terminated ascii string 47 * (1 ... 255 bytes in the name) and <value> is arbitrary 8 bit data 48 * (1 ... 65535 bytes). The in-memory format is 49 * 50 * 0 1 2 4 4 + namelen + 1 51 * +-------+--------+--------+----------------+-------------------+ 52 * | Flags | Name | Value | Name String \0 | Data . . . . | 53 * | | Length | Length | | | 54 * +-------+--------+--------+----------------+-------------------+ 55 * 56 * A jfs_ea_list then is structured as 57 * 58 * 0 4 4 + EA_SIZE(ea1) 59 * +------------+-------------------+--------------------+----- 60 * | Overall EA | First FEA Element | Second FEA Element | ..... 61 * | List Size | | | 62 * +------------+-------------------+--------------------+----- 63 * 64 * On-disk: 65 * 66 * FEALISTs are stored on disk using blocks allocated by dbAlloc() and 67 * written directly. An EA list may be in-lined in the inode if there is 68 * sufficient room available. 69 */ 70 71 struct ea_buffer { 72 int flag; /* Indicates what storage xattr points to */ 73 int max_size; /* largest xattr that fits in current buffer */ 74 dxd_t new_ea; /* dxd to replace ea when modifying xattr */ 75 struct metapage *mp; /* metapage containing ea list */ 76 struct jfs_ea_list *xattr; /* buffer containing ea list */ 77 }; 78 79 /* 80 * ea_buffer.flag values 81 */ 82 #define EA_INLINE 0x0001 83 #define EA_EXTENT 0x0002 84 #define EA_NEW 0x0004 85 #define EA_MALLOC 0x0008 86 87 88 /* 89 * These three routines are used to recognize on-disk extended attributes 90 * that are in a recognized namespace. If the attribute is not recognized, 91 * "os2." is prepended to the name 92 */ 93 static inline int is_os2_xattr(struct jfs_ea *ea) 94 { 95 /* 96 * Check for "system." 97 */ 98 if ((ea->namelen >= XATTR_SYSTEM_PREFIX_LEN) && 99 !strncmp(ea->name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) 100 return FALSE; 101 /* 102 * Check for "user." 103 */ 104 if ((ea->namelen >= XATTR_USER_PREFIX_LEN) && 105 !strncmp(ea->name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) 106 return FALSE; 107 /* 108 * Check for "security." 109 */ 110 if ((ea->namelen >= XATTR_SECURITY_PREFIX_LEN) && 111 !strncmp(ea->name, XATTR_SECURITY_PREFIX, 112 XATTR_SECURITY_PREFIX_LEN)) 113 return FALSE; 114 /* 115 * Check for "trusted." 116 */ 117 if ((ea->namelen >= XATTR_TRUSTED_PREFIX_LEN) && 118 !strncmp(ea->name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) 119 return FALSE; 120 /* 121 * Add any other valid namespace prefixes here 122 */ 123 124 /* 125 * We assume it's OS/2's flat namespace 126 */ 127 return TRUE; 128 } 129 130 static inline int name_size(struct jfs_ea *ea) 131 { 132 if (is_os2_xattr(ea)) 133 return ea->namelen + XATTR_OS2_PREFIX_LEN; 134 else 135 return ea->namelen; 136 } 137 138 static inline int copy_name(char *buffer, struct jfs_ea *ea) 139 { 140 int len = ea->namelen; 141 142 if (is_os2_xattr(ea)) { 143 memcpy(buffer, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN); 144 buffer += XATTR_OS2_PREFIX_LEN; 145 len += XATTR_OS2_PREFIX_LEN; 146 } 147 memcpy(buffer, ea->name, ea->namelen); 148 buffer[ea->namelen] = 0; 149 150 return len; 151 } 152 153 /* Forward references */ 154 static void ea_release(struct inode *inode, struct ea_buffer *ea_buf); 155 156 /* 157 * NAME: ea_write_inline 158 * 159 * FUNCTION: Attempt to write an EA inline if area is available 160 * 161 * PRE CONDITIONS: 162 * Already verified that the specified EA is small enough to fit inline 163 * 164 * PARAMETERS: 165 * ip - Inode pointer 166 * ealist - EA list pointer 167 * size - size of ealist in bytes 168 * ea - dxd_t structure to be filled in with necessary EA information 169 * if we successfully copy the EA inline 170 * 171 * NOTES: 172 * Checks if the inode's inline area is available. If so, copies EA inline 173 * and sets <ea> fields appropriately. Otherwise, returns failure, EA will 174 * have to be put into an extent. 175 * 176 * RETURNS: 0 for successful copy to inline area; -1 if area not available 177 */ 178 static int ea_write_inline(struct inode *ip, struct jfs_ea_list *ealist, 179 int size, dxd_t * ea) 180 { 181 struct jfs_inode_info *ji = JFS_IP(ip); 182 183 /* 184 * Make sure we have an EA -- the NULL EA list is valid, but you 185 * can't copy it! 186 */ 187 if (ealist && size > sizeof (struct jfs_ea_list)) { 188 assert(size <= sizeof (ji->i_inline_ea)); 189 190 /* 191 * See if the space is available or if it is already being 192 * used for an inline EA. 193 */ 194 if (!(ji->mode2 & INLINEEA) && !(ji->ea.flag & DXD_INLINE)) 195 return -EPERM; 196 197 DXDsize(ea, size); 198 DXDlength(ea, 0); 199 DXDaddress(ea, 0); 200 memcpy(ji->i_inline_ea, ealist, size); 201 ea->flag = DXD_INLINE; 202 ji->mode2 &= ~INLINEEA; 203 } else { 204 ea->flag = 0; 205 DXDsize(ea, 0); 206 DXDlength(ea, 0); 207 DXDaddress(ea, 0); 208 209 /* Free up INLINE area */ 210 if (ji->ea.flag & DXD_INLINE) 211 ji->mode2 |= INLINEEA; 212 } 213 214 return 0; 215 } 216 217 /* 218 * NAME: ea_write 219 * 220 * FUNCTION: Write an EA for an inode 221 * 222 * PRE CONDITIONS: EA has been verified 223 * 224 * PARAMETERS: 225 * ip - Inode pointer 226 * ealist - EA list pointer 227 * size - size of ealist in bytes 228 * ea - dxd_t structure to be filled in appropriately with where the 229 * EA was copied 230 * 231 * NOTES: Will write EA inline if able to, otherwise allocates blocks for an 232 * extent and synchronously writes it to those blocks. 233 * 234 * RETURNS: 0 for success; Anything else indicates failure 235 */ 236 static int ea_write(struct inode *ip, struct jfs_ea_list *ealist, int size, 237 dxd_t * ea) 238 { 239 struct super_block *sb = ip->i_sb; 240 struct jfs_inode_info *ji = JFS_IP(ip); 241 struct jfs_sb_info *sbi = JFS_SBI(sb); 242 int nblocks; 243 s64 blkno; 244 int rc = 0, i; 245 char *cp; 246 s32 nbytes, nb; 247 s32 bytes_to_write; 248 struct metapage *mp; 249 250 /* 251 * Quick check to see if this is an in-linable EA. Short EAs 252 * and empty EAs are all in-linable, provided the space exists. 253 */ 254 if (!ealist || size <= sizeof (ji->i_inline_ea)) { 255 if (!ea_write_inline(ip, ealist, size, ea)) 256 return 0; 257 } 258 259 /* figure out how many blocks we need */ 260 nblocks = (size + (sb->s_blocksize - 1)) >> sb->s_blocksize_bits; 261 262 /* Allocate new blocks to quota. */ 263 if (DQUOT_ALLOC_BLOCK(ip, nblocks)) { 264 return -EDQUOT; 265 } 266 267 rc = dbAlloc(ip, INOHINT(ip), nblocks, &blkno); 268 if (rc) { 269 /*Rollback quota allocation. */ 270 DQUOT_FREE_BLOCK(ip, nblocks); 271 return rc; 272 } 273 274 /* 275 * Now have nblocks worth of storage to stuff into the FEALIST. 276 * loop over the FEALIST copying data into the buffer one page at 277 * a time. 278 */ 279 cp = (char *) ealist; 280 nbytes = size; 281 for (i = 0; i < nblocks; i += sbi->nbperpage) { 282 /* 283 * Determine how many bytes for this request, and round up to 284 * the nearest aggregate block size 285 */ 286 nb = min(PSIZE, nbytes); 287 bytes_to_write = 288 ((((nb + sb->s_blocksize - 1)) >> sb->s_blocksize_bits)) 289 << sb->s_blocksize_bits; 290 291 if (!(mp = get_metapage(ip, blkno + i, bytes_to_write, 1))) { 292 rc = -EIO; 293 goto failed; 294 } 295 296 memcpy(mp->data, cp, nb); 297 298 /* 299 * We really need a way to propagate errors for 300 * forced writes like this one. --hch 301 * 302 * (__write_metapage => release_metapage => flush_metapage) 303 */ 304 #ifdef _JFS_FIXME 305 if ((rc = flush_metapage(mp))) { 306 /* 307 * the write failed -- this means that the buffer 308 * is still assigned and the blocks are not being 309 * used. this seems like the best error recovery 310 * we can get ... 311 */ 312 goto failed; 313 } 314 #else 315 flush_metapage(mp); 316 #endif 317 318 cp += PSIZE; 319 nbytes -= nb; 320 } 321 322 ea->flag = DXD_EXTENT; 323 DXDsize(ea, le32_to_cpu(ealist->size)); 324 DXDlength(ea, nblocks); 325 DXDaddress(ea, blkno); 326 327 /* Free up INLINE area */ 328 if (ji->ea.flag & DXD_INLINE) 329 ji->mode2 |= INLINEEA; 330 331 return 0; 332 333 failed: 334 /* Rollback quota allocation. */ 335 DQUOT_FREE_BLOCK(ip, nblocks); 336 337 dbFree(ip, blkno, nblocks); 338 return rc; 339 } 340 341 /* 342 * NAME: ea_read_inline 343 * 344 * FUNCTION: Read an inlined EA into user's buffer 345 * 346 * PARAMETERS: 347 * ip - Inode pointer 348 * ealist - Pointer to buffer to fill in with EA 349 * 350 * RETURNS: 0 351 */ 352 static int ea_read_inline(struct inode *ip, struct jfs_ea_list *ealist) 353 { 354 struct jfs_inode_info *ji = JFS_IP(ip); 355 int ea_size = sizeDXD(&ji->ea); 356 357 if (ea_size == 0) { 358 ealist->size = 0; 359 return 0; 360 } 361 362 /* Sanity Check */ 363 if ((sizeDXD(&ji->ea) > sizeof (ji->i_inline_ea))) 364 return -EIO; 365 if (le32_to_cpu(((struct jfs_ea_list *) &ji->i_inline_ea)->size) 366 != ea_size) 367 return -EIO; 368 369 memcpy(ealist, ji->i_inline_ea, ea_size); 370 return 0; 371 } 372 373 /* 374 * NAME: ea_read 375 * 376 * FUNCTION: copy EA data into user's buffer 377 * 378 * PARAMETERS: 379 * ip - Inode pointer 380 * ealist - Pointer to buffer to fill in with EA 381 * 382 * NOTES: If EA is inline calls ea_read_inline() to copy EA. 383 * 384 * RETURNS: 0 for success; other indicates failure 385 */ 386 static int ea_read(struct inode *ip, struct jfs_ea_list *ealist) 387 { 388 struct super_block *sb = ip->i_sb; 389 struct jfs_inode_info *ji = JFS_IP(ip); 390 struct jfs_sb_info *sbi = JFS_SBI(sb); 391 int nblocks; 392 s64 blkno; 393 char *cp = (char *) ealist; 394 int i; 395 int nbytes, nb; 396 s32 bytes_to_read; 397 struct metapage *mp; 398 399 /* quick check for in-line EA */ 400 if (ji->ea.flag & DXD_INLINE) 401 return ea_read_inline(ip, ealist); 402 403 nbytes = sizeDXD(&ji->ea); 404 if (!nbytes) { 405 jfs_error(sb, "ea_read: nbytes is 0"); 406 return -EIO; 407 } 408 409 /* 410 * Figure out how many blocks were allocated when this EA list was 411 * originally written to disk. 412 */ 413 nblocks = lengthDXD(&ji->ea) << sbi->l2nbperpage; 414 blkno = addressDXD(&ji->ea) << sbi->l2nbperpage; 415 416 /* 417 * I have found the disk blocks which were originally used to store 418 * the FEALIST. now i loop over each contiguous block copying the 419 * data into the buffer. 420 */ 421 for (i = 0; i < nblocks; i += sbi->nbperpage) { 422 /* 423 * Determine how many bytes for this request, and round up to 424 * the nearest aggregate block size 425 */ 426 nb = min(PSIZE, nbytes); 427 bytes_to_read = 428 ((((nb + sb->s_blocksize - 1)) >> sb->s_blocksize_bits)) 429 << sb->s_blocksize_bits; 430 431 if (!(mp = read_metapage(ip, blkno + i, bytes_to_read, 1))) 432 return -EIO; 433 434 memcpy(cp, mp->data, nb); 435 release_metapage(mp); 436 437 cp += PSIZE; 438 nbytes -= nb; 439 } 440 441 return 0; 442 } 443 444 /* 445 * NAME: ea_get 446 * 447 * FUNCTION: Returns buffer containing existing extended attributes. 448 * The size of the buffer will be the larger of the existing 449 * attributes size, or min_size. 450 * 451 * The buffer, which may be inlined in the inode or in the 452 * page cache must be release by calling ea_release or ea_put 453 * 454 * PARAMETERS: 455 * inode - Inode pointer 456 * ea_buf - Structure to be populated with ealist and its metadata 457 * min_size- minimum size of buffer to be returned 458 * 459 * RETURNS: 0 for success; Other indicates failure 460 */ 461 static int ea_get(struct inode *inode, struct ea_buffer *ea_buf, int min_size) 462 { 463 struct jfs_inode_info *ji = JFS_IP(inode); 464 struct super_block *sb = inode->i_sb; 465 int size; 466 int ea_size = sizeDXD(&ji->ea); 467 int blocks_needed, current_blocks; 468 s64 blkno; 469 int rc; 470 int quota_allocation = 0; 471 472 /* When fsck.jfs clears a bad ea, it doesn't clear the size */ 473 if (ji->ea.flag == 0) 474 ea_size = 0; 475 476 if (ea_size == 0) { 477 if (min_size == 0) { 478 ea_buf->flag = 0; 479 ea_buf->max_size = 0; 480 ea_buf->xattr = NULL; 481 return 0; 482 } 483 if ((min_size <= sizeof (ji->i_inline_ea)) && 484 (ji->mode2 & INLINEEA)) { 485 ea_buf->flag = EA_INLINE | EA_NEW; 486 ea_buf->max_size = sizeof (ji->i_inline_ea); 487 ea_buf->xattr = (struct jfs_ea_list *) ji->i_inline_ea; 488 DXDlength(&ea_buf->new_ea, 0); 489 DXDaddress(&ea_buf->new_ea, 0); 490 ea_buf->new_ea.flag = DXD_INLINE; 491 DXDsize(&ea_buf->new_ea, min_size); 492 return 0; 493 } 494 current_blocks = 0; 495 } else if (ji->ea.flag & DXD_INLINE) { 496 if (min_size <= sizeof (ji->i_inline_ea)) { 497 ea_buf->flag = EA_INLINE; 498 ea_buf->max_size = sizeof (ji->i_inline_ea); 499 ea_buf->xattr = (struct jfs_ea_list *) ji->i_inline_ea; 500 goto size_check; 501 } 502 current_blocks = 0; 503 } else { 504 if (!(ji->ea.flag & DXD_EXTENT)) { 505 jfs_error(sb, "ea_get: invalid ea.flag)"); 506 return -EIO; 507 } 508 current_blocks = (ea_size + sb->s_blocksize - 1) >> 509 sb->s_blocksize_bits; 510 } 511 size = max(min_size, ea_size); 512 513 if (size > PSIZE) { 514 /* 515 * To keep the rest of the code simple. Allocate a 516 * contiguous buffer to work with 517 */ 518 ea_buf->xattr = kmalloc(size, GFP_KERNEL); 519 if (ea_buf->xattr == NULL) 520 return -ENOMEM; 521 522 ea_buf->flag = EA_MALLOC; 523 ea_buf->max_size = (size + sb->s_blocksize - 1) & 524 ~(sb->s_blocksize - 1); 525 526 if (ea_size == 0) 527 return 0; 528 529 if ((rc = ea_read(inode, ea_buf->xattr))) { 530 kfree(ea_buf->xattr); 531 ea_buf->xattr = NULL; 532 return rc; 533 } 534 goto size_check; 535 } 536 blocks_needed = (min_size + sb->s_blocksize - 1) >> 537 sb->s_blocksize_bits; 538 539 if (blocks_needed > current_blocks) { 540 /* Allocate new blocks to quota. */ 541 if (DQUOT_ALLOC_BLOCK(inode, blocks_needed)) 542 return -EDQUOT; 543 544 quota_allocation = blocks_needed; 545 546 rc = dbAlloc(inode, INOHINT(inode), (s64) blocks_needed, 547 &blkno); 548 if (rc) 549 goto clean_up; 550 551 DXDlength(&ea_buf->new_ea, blocks_needed); 552 DXDaddress(&ea_buf->new_ea, blkno); 553 ea_buf->new_ea.flag = DXD_EXTENT; 554 DXDsize(&ea_buf->new_ea, min_size); 555 556 ea_buf->flag = EA_EXTENT | EA_NEW; 557 558 ea_buf->mp = get_metapage(inode, blkno, 559 blocks_needed << sb->s_blocksize_bits, 560 1); 561 if (ea_buf->mp == NULL) { 562 dbFree(inode, blkno, (s64) blocks_needed); 563 rc = -EIO; 564 goto clean_up; 565 } 566 ea_buf->xattr = ea_buf->mp->data; 567 ea_buf->max_size = (min_size + sb->s_blocksize - 1) & 568 ~(sb->s_blocksize - 1); 569 if (ea_size == 0) 570 return 0; 571 if ((rc = ea_read(inode, ea_buf->xattr))) { 572 discard_metapage(ea_buf->mp); 573 dbFree(inode, blkno, (s64) blocks_needed); 574 goto clean_up; 575 } 576 goto size_check; 577 } 578 ea_buf->flag = EA_EXTENT; 579 ea_buf->mp = read_metapage(inode, addressDXD(&ji->ea), 580 lengthDXD(&ji->ea) << sb->s_blocksize_bits, 581 1); 582 if (ea_buf->mp == NULL) { 583 rc = -EIO; 584 goto clean_up; 585 } 586 ea_buf->xattr = ea_buf->mp->data; 587 ea_buf->max_size = (ea_size + sb->s_blocksize - 1) & 588 ~(sb->s_blocksize - 1); 589 590 size_check: 591 if (EALIST_SIZE(ea_buf->xattr) != ea_size) { 592 printk(KERN_ERR "ea_get: invalid extended attribute\n"); 593 dump_mem("xattr", ea_buf->xattr, ea_size); 594 ea_release(inode, ea_buf); 595 rc = -EIO; 596 goto clean_up; 597 } 598 599 return ea_size; 600 601 clean_up: 602 /* Rollback quota allocation */ 603 if (quota_allocation) 604 DQUOT_FREE_BLOCK(inode, quota_allocation); 605 606 return (rc); 607 } 608 609 static void ea_release(struct inode *inode, struct ea_buffer *ea_buf) 610 { 611 if (ea_buf->flag & EA_MALLOC) 612 kfree(ea_buf->xattr); 613 else if (ea_buf->flag & EA_EXTENT) { 614 assert(ea_buf->mp); 615 release_metapage(ea_buf->mp); 616 617 if (ea_buf->flag & EA_NEW) 618 dbFree(inode, addressDXD(&ea_buf->new_ea), 619 lengthDXD(&ea_buf->new_ea)); 620 } 621 } 622 623 static int ea_put(tid_t tid, struct inode *inode, struct ea_buffer *ea_buf, 624 int new_size) 625 { 626 struct jfs_inode_info *ji = JFS_IP(inode); 627 unsigned long old_blocks, new_blocks; 628 int rc = 0; 629 630 if (new_size == 0) { 631 ea_release(inode, ea_buf); 632 ea_buf = NULL; 633 } else if (ea_buf->flag & EA_INLINE) { 634 assert(new_size <= sizeof (ji->i_inline_ea)); 635 ji->mode2 &= ~INLINEEA; 636 ea_buf->new_ea.flag = DXD_INLINE; 637 DXDsize(&ea_buf->new_ea, new_size); 638 DXDaddress(&ea_buf->new_ea, 0); 639 DXDlength(&ea_buf->new_ea, 0); 640 } else if (ea_buf->flag & EA_MALLOC) { 641 rc = ea_write(inode, ea_buf->xattr, new_size, &ea_buf->new_ea); 642 kfree(ea_buf->xattr); 643 } else if (ea_buf->flag & EA_NEW) { 644 /* We have already allocated a new dxd */ 645 flush_metapage(ea_buf->mp); 646 } else { 647 /* ->xattr must point to original ea's metapage */ 648 rc = ea_write(inode, ea_buf->xattr, new_size, &ea_buf->new_ea); 649 discard_metapage(ea_buf->mp); 650 } 651 if (rc) 652 return rc; 653 654 old_blocks = new_blocks = 0; 655 656 if (ji->ea.flag & DXD_EXTENT) { 657 invalidate_dxd_metapages(inode, ji->ea); 658 old_blocks = lengthDXD(&ji->ea); 659 } 660 661 if (ea_buf) { 662 txEA(tid, inode, &ji->ea, &ea_buf->new_ea); 663 if (ea_buf->new_ea.flag & DXD_EXTENT) { 664 new_blocks = lengthDXD(&ea_buf->new_ea); 665 if (ji->ea.flag & DXD_INLINE) 666 ji->mode2 |= INLINEEA; 667 } 668 ji->ea = ea_buf->new_ea; 669 } else { 670 txEA(tid, inode, &ji->ea, NULL); 671 if (ji->ea.flag & DXD_INLINE) 672 ji->mode2 |= INLINEEA; 673 ji->ea.flag = 0; 674 ji->ea.size = 0; 675 } 676 677 /* If old blocks exist, they must be removed from quota allocation. */ 678 if (old_blocks) 679 DQUOT_FREE_BLOCK(inode, old_blocks); 680 681 inode->i_ctime = CURRENT_TIME; 682 683 return 0; 684 } 685 686 /* 687 * can_set_system_xattr 688 * 689 * This code is specific to the system.* namespace. It contains policy 690 * which doesn't belong in the main xattr codepath. 691 */ 692 static int can_set_system_xattr(struct inode *inode, const char *name, 693 const void *value, size_t value_len) 694 { 695 #ifdef CONFIG_JFS_POSIX_ACL 696 struct posix_acl *acl; 697 int rc; 698 699 if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER)) 700 return -EPERM; 701 702 /* 703 * POSIX_ACL_XATTR_ACCESS is tied to i_mode 704 */ 705 if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0) { 706 acl = posix_acl_from_xattr(value, value_len); 707 if (IS_ERR(acl)) { 708 rc = PTR_ERR(acl); 709 printk(KERN_ERR "posix_acl_from_xattr returned %d\n", 710 rc); 711 return rc; 712 } 713 if (acl) { 714 mode_t mode = inode->i_mode; 715 rc = posix_acl_equiv_mode(acl, &mode); 716 posix_acl_release(acl); 717 if (rc < 0) { 718 printk(KERN_ERR 719 "posix_acl_equiv_mode returned %d\n", 720 rc); 721 return rc; 722 } 723 inode->i_mode = mode; 724 mark_inode_dirty(inode); 725 } 726 /* 727 * We're changing the ACL. Get rid of the cached one 728 */ 729 acl =JFS_IP(inode)->i_acl; 730 if (acl != JFS_ACL_NOT_CACHED) 731 posix_acl_release(acl); 732 JFS_IP(inode)->i_acl = JFS_ACL_NOT_CACHED; 733 734 return 0; 735 } else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0) { 736 acl = posix_acl_from_xattr(value, value_len); 737 if (IS_ERR(acl)) { 738 rc = PTR_ERR(acl); 739 printk(KERN_ERR "posix_acl_from_xattr returned %d\n", 740 rc); 741 return rc; 742 } 743 posix_acl_release(acl); 744 745 /* 746 * We're changing the default ACL. Get rid of the cached one 747 */ 748 acl =JFS_IP(inode)->i_default_acl; 749 if (acl && (acl != JFS_ACL_NOT_CACHED)) 750 posix_acl_release(acl); 751 JFS_IP(inode)->i_default_acl = JFS_ACL_NOT_CACHED; 752 753 return 0; 754 } 755 #endif /* CONFIG_JFS_POSIX_ACL */ 756 return -EOPNOTSUPP; 757 } 758 759 static int can_set_xattr(struct inode *inode, const char *name, 760 const void *value, size_t value_len) 761 { 762 if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) 763 return can_set_system_xattr(inode, name, value, value_len); 764 765 /* 766 * Don't allow setting an attribute in an unknown namespace. 767 */ 768 if (strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN) && 769 strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) && 770 strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN) && 771 strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN)) 772 return -EOPNOTSUPP; 773 774 if (!S_ISREG(inode->i_mode) && 775 (!S_ISDIR(inode->i_mode) || inode->i_mode &S_ISVTX)) 776 return -EPERM; 777 778 return 0; 779 } 780 781 int __jfs_setxattr(tid_t tid, struct inode *inode, const char *name, 782 const void *value, size_t value_len, int flags) 783 { 784 struct jfs_ea_list *ealist; 785 struct jfs_ea *ea, *old_ea = NULL, *next_ea = NULL; 786 struct ea_buffer ea_buf; 787 int old_ea_size = 0; 788 int xattr_size; 789 int new_size; 790 int namelen = strlen(name); 791 char *os2name = NULL; 792 int found = 0; 793 int rc; 794 int length; 795 796 if (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) == 0) { 797 os2name = kmalloc(namelen - XATTR_OS2_PREFIX_LEN + 1, 798 GFP_KERNEL); 799 if (!os2name) 800 return -ENOMEM; 801 strcpy(os2name, name + XATTR_OS2_PREFIX_LEN); 802 name = os2name; 803 namelen -= XATTR_OS2_PREFIX_LEN; 804 } 805 806 down_write(&JFS_IP(inode)->xattr_sem); 807 808 xattr_size = ea_get(inode, &ea_buf, 0); 809 if (xattr_size < 0) { 810 rc = xattr_size; 811 goto out; 812 } 813 814 again: 815 ealist = (struct jfs_ea_list *) ea_buf.xattr; 816 new_size = sizeof (struct jfs_ea_list); 817 818 if (xattr_size) { 819 for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); 820 ea = NEXT_EA(ea)) { 821 if ((namelen == ea->namelen) && 822 (memcmp(name, ea->name, namelen) == 0)) { 823 found = 1; 824 if (flags & XATTR_CREATE) { 825 rc = -EEXIST; 826 goto release; 827 } 828 old_ea = ea; 829 old_ea_size = EA_SIZE(ea); 830 next_ea = NEXT_EA(ea); 831 } else 832 new_size += EA_SIZE(ea); 833 } 834 } 835 836 if (!found) { 837 if (flags & XATTR_REPLACE) { 838 rc = -ENODATA; 839 goto release; 840 } 841 if (value == NULL) { 842 rc = 0; 843 goto release; 844 } 845 } 846 if (value) 847 new_size += sizeof (struct jfs_ea) + namelen + 1 + value_len; 848 849 if (new_size > ea_buf.max_size) { 850 /* 851 * We need to allocate more space for merged ea list. 852 * We should only have loop to again: once. 853 */ 854 ea_release(inode, &ea_buf); 855 xattr_size = ea_get(inode, &ea_buf, new_size); 856 if (xattr_size < 0) { 857 rc = xattr_size; 858 goto out; 859 } 860 goto again; 861 } 862 863 /* Remove old ea of the same name */ 864 if (found) { 865 /* number of bytes following target EA */ 866 length = (char *) END_EALIST(ealist) - (char *) next_ea; 867 if (length > 0) 868 memmove(old_ea, next_ea, length); 869 xattr_size -= old_ea_size; 870 } 871 872 /* Add new entry to the end */ 873 if (value) { 874 if (xattr_size == 0) 875 /* Completely new ea list */ 876 xattr_size = sizeof (struct jfs_ea_list); 877 878 ea = (struct jfs_ea *) ((char *) ealist + xattr_size); 879 ea->flag = 0; 880 ea->namelen = namelen; 881 ea->valuelen = (cpu_to_le16(value_len)); 882 memcpy(ea->name, name, namelen); 883 ea->name[namelen] = 0; 884 if (value_len) 885 memcpy(&ea->name[namelen + 1], value, value_len); 886 xattr_size += EA_SIZE(ea); 887 } 888 889 /* DEBUG - If we did this right, these number match */ 890 if (xattr_size != new_size) { 891 printk(KERN_ERR 892 "jfs_xsetattr: xattr_size = %d, new_size = %d\n", 893 xattr_size, new_size); 894 895 rc = -EINVAL; 896 goto release; 897 } 898 899 /* 900 * If we're left with an empty list, there's no ea 901 */ 902 if (new_size == sizeof (struct jfs_ea_list)) 903 new_size = 0; 904 905 ealist->size = cpu_to_le32(new_size); 906 907 rc = ea_put(tid, inode, &ea_buf, new_size); 908 909 goto out; 910 release: 911 ea_release(inode, &ea_buf); 912 out: 913 up_write(&JFS_IP(inode)->xattr_sem); 914 915 kfree(os2name); 916 917 return rc; 918 } 919 920 int jfs_setxattr(struct dentry *dentry, const char *name, const void *value, 921 size_t value_len, int flags) 922 { 923 struct inode *inode = dentry->d_inode; 924 struct jfs_inode_info *ji = JFS_IP(inode); 925 int rc; 926 tid_t tid; 927 928 if ((rc = can_set_xattr(inode, name, value, value_len))) 929 return rc; 930 931 if (value == NULL) { /* empty EA, do not remove */ 932 value = ""; 933 value_len = 0; 934 } 935 936 tid = txBegin(inode->i_sb, 0); 937 mutex_lock(&ji->commit_mutex); 938 rc = __jfs_setxattr(tid, dentry->d_inode, name, value, value_len, 939 flags); 940 if (!rc) 941 rc = txCommit(tid, 1, &inode, 0); 942 txEnd(tid); 943 mutex_unlock(&ji->commit_mutex); 944 945 return rc; 946 } 947 948 ssize_t __jfs_getxattr(struct inode *inode, const char *name, void *data, 949 size_t buf_size) 950 { 951 struct jfs_ea_list *ealist; 952 struct jfs_ea *ea; 953 struct ea_buffer ea_buf; 954 int xattr_size; 955 ssize_t size; 956 int namelen = strlen(name); 957 char *os2name = NULL; 958 char *value; 959 960 if (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) == 0) { 961 os2name = kmalloc(namelen - XATTR_OS2_PREFIX_LEN + 1, 962 GFP_KERNEL); 963 if (!os2name) 964 return -ENOMEM; 965 strcpy(os2name, name + XATTR_OS2_PREFIX_LEN); 966 name = os2name; 967 namelen -= XATTR_OS2_PREFIX_LEN; 968 } 969 970 down_read(&JFS_IP(inode)->xattr_sem); 971 972 xattr_size = ea_get(inode, &ea_buf, 0); 973 974 if (xattr_size < 0) { 975 size = xattr_size; 976 goto out; 977 } 978 979 if (xattr_size == 0) 980 goto not_found; 981 982 ealist = (struct jfs_ea_list *) ea_buf.xattr; 983 984 /* Find the named attribute */ 985 for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea)) 986 if ((namelen == ea->namelen) && 987 memcmp(name, ea->name, namelen) == 0) { 988 /* Found it */ 989 size = le16_to_cpu(ea->valuelen); 990 if (!data) 991 goto release; 992 else if (size > buf_size) { 993 size = -ERANGE; 994 goto release; 995 } 996 value = ((char *) &ea->name) + ea->namelen + 1; 997 memcpy(data, value, size); 998 goto release; 999 } 1000 not_found: 1001 size = -ENODATA; 1002 release: 1003 ea_release(inode, &ea_buf); 1004 out: 1005 up_read(&JFS_IP(inode)->xattr_sem); 1006 1007 kfree(os2name); 1008 1009 return size; 1010 } 1011 1012 ssize_t jfs_getxattr(struct dentry *dentry, const char *name, void *data, 1013 size_t buf_size) 1014 { 1015 int err; 1016 1017 err = __jfs_getxattr(dentry->d_inode, name, data, buf_size); 1018 1019 return err; 1020 } 1021 1022 /* 1023 * No special permissions are needed to list attributes except for trusted.* 1024 */ 1025 static inline int can_list(struct jfs_ea *ea) 1026 { 1027 return (strncmp(ea->name, XATTR_TRUSTED_PREFIX, 1028 XATTR_TRUSTED_PREFIX_LEN) || 1029 capable(CAP_SYS_ADMIN)); 1030 } 1031 1032 ssize_t jfs_listxattr(struct dentry * dentry, char *data, size_t buf_size) 1033 { 1034 struct inode *inode = dentry->d_inode; 1035 char *buffer; 1036 ssize_t size = 0; 1037 int xattr_size; 1038 struct jfs_ea_list *ealist; 1039 struct jfs_ea *ea; 1040 struct ea_buffer ea_buf; 1041 1042 down_read(&JFS_IP(inode)->xattr_sem); 1043 1044 xattr_size = ea_get(inode, &ea_buf, 0); 1045 if (xattr_size < 0) { 1046 size = xattr_size; 1047 goto out; 1048 } 1049 1050 if (xattr_size == 0) 1051 goto release; 1052 1053 ealist = (struct jfs_ea_list *) ea_buf.xattr; 1054 1055 /* compute required size of list */ 1056 for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea)) { 1057 if (can_list(ea)) 1058 size += name_size(ea) + 1; 1059 } 1060 1061 if (!data) 1062 goto release; 1063 1064 if (size > buf_size) { 1065 size = -ERANGE; 1066 goto release; 1067 } 1068 1069 /* Copy attribute names to buffer */ 1070 buffer = data; 1071 for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea)) { 1072 if (can_list(ea)) { 1073 int namelen = copy_name(buffer, ea); 1074 buffer += namelen + 1; 1075 } 1076 } 1077 1078 release: 1079 ea_release(inode, &ea_buf); 1080 out: 1081 up_read(&JFS_IP(inode)->xattr_sem); 1082 return size; 1083 } 1084 1085 int jfs_removexattr(struct dentry *dentry, const char *name) 1086 { 1087 struct inode *inode = dentry->d_inode; 1088 struct jfs_inode_info *ji = JFS_IP(inode); 1089 int rc; 1090 tid_t tid; 1091 1092 if ((rc = can_set_xattr(inode, name, NULL, 0))) 1093 return rc; 1094 1095 tid = txBegin(inode->i_sb, 0); 1096 mutex_lock(&ji->commit_mutex); 1097 rc = __jfs_setxattr(tid, dentry->d_inode, name, NULL, 0, XATTR_REPLACE); 1098 if (!rc) 1099 rc = txCommit(tid, 1, &inode, 0); 1100 txEnd(tid); 1101 mutex_unlock(&ji->commit_mutex); 1102 1103 return rc; 1104 } 1105 1106 #ifdef CONFIG_JFS_SECURITY 1107 int jfs_init_security(tid_t tid, struct inode *inode, struct inode *dir) 1108 { 1109 int rc; 1110 size_t len; 1111 void *value; 1112 char *suffix; 1113 char *name; 1114 1115 rc = security_inode_init_security(inode, dir, &suffix, &value, &len); 1116 if (rc) { 1117 if (rc == -EOPNOTSUPP) 1118 return 0; 1119 return rc; 1120 } 1121 name = kmalloc(XATTR_SECURITY_PREFIX_LEN + 1 + strlen(suffix), 1122 GFP_NOFS); 1123 if (!name) { 1124 rc = -ENOMEM; 1125 goto kmalloc_failed; 1126 } 1127 strcpy(name, XATTR_SECURITY_PREFIX); 1128 strcpy(name + XATTR_SECURITY_PREFIX_LEN, suffix); 1129 1130 rc = __jfs_setxattr(tid, inode, name, value, len, 0); 1131 1132 kfree(name); 1133 kmalloc_failed: 1134 kfree(suffix); 1135 kfree(value); 1136 1137 return rc; 1138 } 1139 #endif 1140