]>
Commit | Line | Data |
---|---|---|
e14748e8 SF |
1 | /* |
2 | * Copyright (C) 2014-2016 Junjiro R. Okajima | |
3 | * | |
4 | * This program, aufs is free software; you can redistribute it and/or modify | |
5 | * it under the terms of the GNU General Public License as published by | |
6 | * the Free Software Foundation; either version 2 of the License, or | |
7 | * (at your option) any later version. | |
8 | * | |
9 | * This program is distributed in the hope that it will be useful, | |
10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
12 | * GNU General Public License for more details. | |
13 | * | |
14 | * You should have received a copy of the GNU General Public License | |
15 | * along with this program. If not, see <http://www.gnu.org/licenses/>. | |
16 | */ | |
17 | ||
18 | /* | |
19 | * handling xattr functions | |
20 | */ | |
21 | ||
22 | #include <linux/fs.h> | |
23 | #include <linux/posix_acl_xattr.h> | |
24 | #include <linux/xattr.h> | |
25 | #include "aufs.h" | |
26 | ||
27 | static int au_xattr_ignore(int err, char *name, unsigned int ignore_flags) | |
28 | { | |
29 | if (!ignore_flags) | |
30 | goto out; | |
31 | switch (err) { | |
32 | case -ENOMEM: | |
33 | case -EDQUOT: | |
34 | goto out; | |
35 | } | |
36 | ||
37 | if ((ignore_flags & AuBrAttr_ICEX) == AuBrAttr_ICEX) { | |
38 | err = 0; | |
39 | goto out; | |
40 | } | |
41 | ||
42 | #define cmp(brattr, prefix) do { \ | |
43 | if (!strncmp(name, XATTR_##prefix##_PREFIX, \ | |
44 | XATTR_##prefix##_PREFIX_LEN)) { \ | |
45 | if (ignore_flags & AuBrAttr_ICEX_##brattr) \ | |
46 | err = 0; \ | |
47 | goto out; \ | |
48 | } \ | |
49 | } while (0) | |
50 | ||
51 | cmp(SEC, SECURITY); | |
52 | cmp(SYS, SYSTEM); | |
53 | cmp(TR, TRUSTED); | |
54 | cmp(USR, USER); | |
55 | #undef cmp | |
56 | ||
57 | if (ignore_flags & AuBrAttr_ICEX_OTH) | |
58 | err = 0; | |
59 | ||
60 | out: | |
61 | return err; | |
62 | } | |
63 | ||
64 | static const int au_xattr_out_of_list = AuBrAttr_ICEX_OTH << 1; | |
65 | ||
66 | static int au_do_cpup_xattr(struct dentry *h_dst, struct dentry *h_src, | |
67 | char *name, char **buf, unsigned int ignore_flags, | |
68 | unsigned int verbose) | |
69 | { | |
70 | int err; | |
71 | ssize_t ssz; | |
72 | struct inode *h_idst; | |
73 | ||
74 | ssz = vfs_getxattr_alloc(h_src, name, buf, 0, GFP_NOFS); | |
75 | err = ssz; | |
76 | if (unlikely(err <= 0)) { | |
77 | if (err == -ENODATA | |
78 | || (err == -EOPNOTSUPP | |
79 | && ((ignore_flags & au_xattr_out_of_list) | |
80 | || (au_test_nfs_noacl(d_inode(h_src)) | |
81 | && (!strcmp(name, XATTR_NAME_POSIX_ACL_ACCESS) | |
82 | || !strcmp(name, | |
83 | XATTR_NAME_POSIX_ACL_DEFAULT)))) | |
84 | )) | |
85 | err = 0; | |
86 | if (err && (verbose || au_debug_test())) | |
87 | pr_err("%s, err %d\n", name, err); | |
88 | goto out; | |
89 | } | |
90 | ||
91 | /* unlock it temporary */ | |
92 | h_idst = d_inode(h_dst); | |
93 | inode_unlock(h_idst); | |
94 | err = vfsub_setxattr(h_dst, name, *buf, ssz, /*flags*/0); | |
95 | inode_lock_nested(h_idst, AuLsc_I_CHILD2); | |
96 | if (unlikely(err)) { | |
97 | if (verbose || au_debug_test()) | |
98 | pr_err("%s, err %d\n", name, err); | |
99 | err = au_xattr_ignore(err, name, ignore_flags); | |
100 | } | |
101 | ||
102 | out: | |
103 | return err; | |
104 | } | |
105 | ||
106 | int au_cpup_xattr(struct dentry *h_dst, struct dentry *h_src, int ignore_flags, | |
107 | unsigned int verbose) | |
108 | { | |
109 | int err, unlocked, acl_access, acl_default; | |
110 | ssize_t ssz; | |
111 | struct inode *h_isrc, *h_idst; | |
112 | char *value, *p, *o, *e; | |
113 | ||
114 | /* try stopping to update the source inode while we are referencing */ | |
115 | /* there should not be the parent-child relationship between them */ | |
116 | h_isrc = d_inode(h_src); | |
117 | h_idst = d_inode(h_dst); | |
118 | inode_unlock(h_idst); | |
119 | inode_lock_nested(h_isrc, AuLsc_I_CHILD); | |
120 | inode_lock_nested(h_idst, AuLsc_I_CHILD2); | |
121 | unlocked = 0; | |
122 | ||
123 | /* some filesystems don't list POSIX ACL, for example tmpfs */ | |
124 | ssz = vfs_listxattr(h_src, NULL, 0); | |
125 | err = ssz; | |
126 | if (unlikely(err < 0)) { | |
127 | AuTraceErr(err); | |
128 | if (err == -ENODATA | |
129 | || err == -EOPNOTSUPP) | |
130 | err = 0; /* ignore */ | |
131 | goto out; | |
132 | } | |
133 | ||
134 | err = 0; | |
135 | p = NULL; | |
136 | o = NULL; | |
137 | if (ssz) { | |
138 | err = -ENOMEM; | |
139 | p = kmalloc(ssz, GFP_NOFS); | |
140 | o = p; | |
141 | if (unlikely(!p)) | |
142 | goto out; | |
143 | err = vfs_listxattr(h_src, p, ssz); | |
144 | } | |
145 | inode_unlock(h_isrc); | |
146 | unlocked = 1; | |
147 | AuDbg("err %d, ssz %zd\n", err, ssz); | |
148 | if (unlikely(err < 0)) | |
149 | goto out_free; | |
150 | ||
151 | err = 0; | |
152 | e = p + ssz; | |
153 | value = NULL; | |
154 | acl_access = 0; | |
155 | acl_default = 0; | |
156 | while (!err && p < e) { | |
157 | acl_access |= !strncmp(p, XATTR_NAME_POSIX_ACL_ACCESS, | |
158 | sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1); | |
159 | acl_default |= !strncmp(p, XATTR_NAME_POSIX_ACL_DEFAULT, | |
160 | sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) | |
161 | - 1); | |
162 | err = au_do_cpup_xattr(h_dst, h_src, p, &value, ignore_flags, | |
163 | verbose); | |
164 | p += strlen(p) + 1; | |
165 | } | |
166 | AuTraceErr(err); | |
167 | ignore_flags |= au_xattr_out_of_list; | |
168 | if (!err && !acl_access) { | |
169 | err = au_do_cpup_xattr(h_dst, h_src, | |
170 | XATTR_NAME_POSIX_ACL_ACCESS, &value, | |
171 | ignore_flags, verbose); | |
172 | AuTraceErr(err); | |
173 | } | |
174 | if (!err && !acl_default) { | |
175 | err = au_do_cpup_xattr(h_dst, h_src, | |
176 | XATTR_NAME_POSIX_ACL_DEFAULT, &value, | |
177 | ignore_flags, verbose); | |
178 | AuTraceErr(err); | |
179 | } | |
180 | ||
181 | if (value) | |
182 | au_delayed_kfree(value); | |
183 | ||
184 | out_free: | |
185 | if (o) | |
186 | au_delayed_kfree(o); | |
187 | out: | |
188 | if (!unlocked) | |
189 | inode_unlock(h_isrc); | |
190 | AuTraceErr(err); | |
191 | return err; | |
192 | } | |
193 | ||
194 | /* ---------------------------------------------------------------------- */ | |
195 | ||
196 | static int au_smack_reentering(struct super_block *sb) | |
197 | { | |
198 | #if IS_ENABLED(CONFIG_SECURITY_SMACK) | |
199 | /* | |
200 | * as a part of lookup, smack_d_instantiate() is called, and it calls | |
201 | * i_op->getxattr(). ouch. | |
202 | */ | |
203 | return si_pid_test(sb); | |
204 | #else | |
205 | return 0; | |
206 | #endif | |
207 | } | |
208 | ||
209 | enum { | |
210 | AU_XATTR_LIST, | |
211 | AU_XATTR_GET | |
212 | }; | |
213 | ||
214 | struct au_lgxattr { | |
215 | int type; | |
216 | union { | |
217 | struct { | |
218 | char *list; | |
219 | size_t size; | |
220 | } list; | |
221 | struct { | |
222 | const char *name; | |
223 | void *value; | |
224 | size_t size; | |
225 | } get; | |
226 | } u; | |
227 | }; | |
228 | ||
229 | static ssize_t au_lgxattr(struct dentry *dentry, struct au_lgxattr *arg) | |
230 | { | |
231 | ssize_t err; | |
232 | int reenter; | |
233 | struct path h_path; | |
234 | struct super_block *sb; | |
235 | ||
236 | sb = dentry->d_sb; | |
237 | reenter = au_smack_reentering(sb); | |
238 | if (!reenter) { | |
239 | err = si_read_lock(sb, AuLock_FLUSH | AuLock_NOPLM); | |
240 | if (unlikely(err)) | |
241 | goto out; | |
242 | } | |
243 | err = au_h_path_getattr(dentry, /*force*/1, &h_path, reenter); | |
244 | if (unlikely(err)) | |
245 | goto out_si; | |
246 | if (unlikely(!h_path.dentry)) | |
247 | /* illegally overlapped or something */ | |
248 | goto out_di; /* pretending success */ | |
249 | ||
250 | /* always topmost entry only */ | |
251 | switch (arg->type) { | |
252 | case AU_XATTR_LIST: | |
253 | err = vfs_listxattr(h_path.dentry, | |
254 | arg->u.list.list, arg->u.list.size); | |
255 | break; | |
256 | case AU_XATTR_GET: | |
257 | AuDebugOn(d_is_negative(h_path.dentry)); | |
258 | err = vfs_getxattr(h_path.dentry, | |
259 | arg->u.get.name, arg->u.get.value, | |
260 | arg->u.get.size); | |
261 | break; | |
262 | } | |
263 | ||
264 | out_di: | |
265 | if (!reenter) | |
266 | di_read_unlock(dentry, AuLock_IR); | |
267 | out_si: | |
268 | if (!reenter) | |
269 | si_read_unlock(sb); | |
270 | out: | |
271 | AuTraceErr(err); | |
272 | return err; | |
273 | } | |
274 | ||
275 | ssize_t aufs_listxattr(struct dentry *dentry, char *list, size_t size) | |
276 | { | |
277 | struct au_lgxattr arg = { | |
278 | .type = AU_XATTR_LIST, | |
279 | .u.list = { | |
280 | .list = list, | |
281 | .size = size | |
282 | }, | |
283 | }; | |
284 | ||
285 | return au_lgxattr(dentry, &arg); | |
286 | } | |
287 | ||
288 | static ssize_t au_getxattr(struct dentry *dentry, | |
289 | struct inode *inode __maybe_unused, | |
290 | const char *name, void *value, size_t size) | |
291 | { | |
292 | struct au_lgxattr arg = { | |
293 | .type = AU_XATTR_GET, | |
294 | .u.get = { | |
295 | .name = name, | |
296 | .value = value, | |
297 | .size = size | |
298 | }, | |
299 | }; | |
300 | ||
301 | return au_lgxattr(dentry, &arg); | |
302 | } | |
303 | ||
304 | static int au_setxattr(struct dentry *dentry, struct inode *inode, | |
305 | const char *name, const void *value, size_t size, | |
306 | int flags) | |
307 | { | |
308 | struct au_sxattr arg = { | |
309 | .type = AU_XATTR_SET, | |
310 | .u.set = { | |
311 | .name = name, | |
312 | .value = value, | |
313 | .size = size, | |
314 | .flags = flags | |
315 | }, | |
316 | }; | |
317 | ||
318 | return au_sxattr(dentry, inode, &arg); | |
319 | } | |
320 | ||
321 | /* ---------------------------------------------------------------------- */ | |
322 | ||
323 | static int au_xattr_get(const struct xattr_handler *handler, | |
324 | struct dentry *dentry, struct inode *inode, | |
325 | const char *name, void *buffer, size_t size) | |
326 | { | |
327 | return au_getxattr(dentry, inode, name, buffer, size); | |
328 | } | |
329 | ||
330 | static int au_xattr_set(const struct xattr_handler *handler, | |
331 | struct dentry *dentry, struct inode *inode, | |
332 | const char *name, const void *value, size_t size, | |
333 | int flags) | |
334 | { | |
335 | return au_setxattr(dentry, inode, name, value, size, flags); | |
336 | } | |
337 | ||
338 | static const struct xattr_handler au_xattr_handler = { | |
339 | .name = "", | |
340 | .prefix = "", | |
341 | .get = au_xattr_get, | |
342 | .set = au_xattr_set | |
343 | }; | |
344 | ||
345 | static const struct xattr_handler *au_xattr_handlers[] = { | |
346 | #ifdef CONFIG_FS_POSIX_ACL | |
347 | &posix_acl_access_xattr_handler, | |
348 | &posix_acl_default_xattr_handler, | |
349 | #endif | |
350 | &au_xattr_handler, /* must be last */ | |
351 | NULL | |
352 | }; | |
353 | ||
354 | void au_xattr_init(struct super_block *sb) | |
355 | { | |
356 | sb->s_xattr = au_xattr_handlers; | |
357 | } |