]>
Commit | Line | Data |
---|---|---|
be71b5cb KK |
1 | // SPDX-License-Identifier: GPL-2.0 |
2 | /* | |
3 | * | |
4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. | |
5 | * | |
6 | */ | |
7 | ||
8 | #include <linux/blkdev.h> | |
9 | #include <linux/buffer_head.h> | |
10 | #include <linux/fs.h> | |
11 | #include <linux/nls.h> | |
12 | #include <linux/posix_acl.h> | |
13 | #include <linux/posix_acl_xattr.h> | |
14 | #include <linux/xattr.h> | |
15 | ||
16 | #include "debug.h" | |
17 | #include "ntfs.h" | |
18 | #include "ntfs_fs.h" | |
19 | ||
20 | // clang-format off | |
21 | #define SYSTEM_DOS_ATTRIB "system.dos_attrib" | |
22 | #define SYSTEM_NTFS_ATTRIB "system.ntfs_attrib" | |
23 | #define SYSTEM_NTFS_SECURITY "system.ntfs_security" | |
24 | // clang-format on | |
25 | ||
26 | static inline size_t unpacked_ea_size(const struct EA_FULL *ea) | |
27 | { | |
28 | return ea->size ? le32_to_cpu(ea->size) | |
fa3cacf5 KA |
29 | : ALIGN(struct_size( |
30 | ea, name, | |
31 | 1 + ea->name_len + le16_to_cpu(ea->elength)), 4); | |
be71b5cb KK |
32 | } |
33 | ||
34 | static inline size_t packed_ea_size(const struct EA_FULL *ea) | |
35 | { | |
36 | return struct_size(ea, name, | |
37 | 1 + ea->name_len + le16_to_cpu(ea->elength)) - | |
38 | offsetof(struct EA_FULL, flags); | |
39 | } | |
40 | ||
41 | /* | |
42 | * find_ea | |
43 | * | |
e8b8e97f | 44 | * Assume there is at least one xattr in the list. |
be71b5cb KK |
45 | */ |
46 | static inline bool find_ea(const struct EA_FULL *ea_all, u32 bytes, | |
47 | const char *name, u8 name_len, u32 *off) | |
48 | { | |
49 | *off = 0; | |
50 | ||
51 | if (!ea_all || !bytes) | |
52 | return false; | |
53 | ||
54 | for (;;) { | |
55 | const struct EA_FULL *ea = Add2Ptr(ea_all, *off); | |
56 | u32 next_off = *off + unpacked_ea_size(ea); | |
57 | ||
58 | if (next_off > bytes) | |
59 | return false; | |
60 | ||
61 | if (ea->name_len == name_len && | |
62 | !memcmp(ea->name, name, name_len)) | |
63 | return true; | |
64 | ||
65 | *off = next_off; | |
66 | if (next_off >= bytes) | |
67 | return false; | |
68 | } | |
69 | } | |
70 | ||
71 | /* | |
e8b8e97f KA |
72 | * ntfs_read_ea - Read all extended attributes. |
73 | * @ea: New allocated memory. | |
74 | * @info: Pointer into resident data. | |
be71b5cb KK |
75 | */ |
76 | static int ntfs_read_ea(struct ntfs_inode *ni, struct EA_FULL **ea, | |
77 | size_t add_bytes, const struct EA_INFO **info) | |
78 | { | |
79 | int err; | |
80 | struct ATTR_LIST_ENTRY *le = NULL; | |
81 | struct ATTRIB *attr_info, *attr_ea; | |
82 | void *ea_p; | |
83 | u32 size; | |
84 | ||
85 | static_assert(le32_to_cpu(ATTR_EA_INFO) < le32_to_cpu(ATTR_EA)); | |
86 | ||
87 | *ea = NULL; | |
88 | *info = NULL; | |
89 | ||
90 | attr_info = | |
91 | ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, NULL); | |
92 | attr_ea = | |
93 | ni_find_attr(ni, attr_info, &le, ATTR_EA, NULL, 0, NULL, NULL); | |
94 | ||
95 | if (!attr_ea || !attr_info) | |
96 | return 0; | |
97 | ||
98 | *info = resident_data_ex(attr_info, sizeof(struct EA_INFO)); | |
99 | if (!*info) | |
100 | return -EINVAL; | |
101 | ||
e8b8e97f | 102 | /* Check Ea limit. */ |
be71b5cb KK |
103 | size = le32_to_cpu((*info)->size); |
104 | if (size > ni->mi.sbi->ea_max_size) | |
105 | return -EFBIG; | |
106 | ||
107 | if (attr_size(attr_ea) > ni->mi.sbi->ea_max_size) | |
108 | return -EFBIG; | |
109 | ||
e8b8e97f | 110 | /* Allocate memory for packed Ea. */ |
195c52bd | 111 | ea_p = kmalloc(size + add_bytes, GFP_NOFS); |
be71b5cb KK |
112 | if (!ea_p) |
113 | return -ENOMEM; | |
114 | ||
115 | if (attr_ea->non_res) { | |
116 | struct runs_tree run; | |
117 | ||
118 | run_init(&run); | |
119 | ||
120 | err = attr_load_runs(attr_ea, ni, &run, NULL); | |
121 | if (!err) | |
122 | err = ntfs_read_run_nb(ni->mi.sbi, &run, 0, ea_p, size, | |
123 | NULL); | |
124 | run_close(&run); | |
125 | ||
126 | if (err) | |
127 | goto out; | |
128 | } else { | |
129 | void *p = resident_data_ex(attr_ea, size); | |
130 | ||
131 | if (!p) { | |
132 | err = -EINVAL; | |
133 | goto out; | |
134 | } | |
135 | memcpy(ea_p, p, size); | |
136 | } | |
137 | ||
138 | memset(Add2Ptr(ea_p, size), 0, add_bytes); | |
139 | *ea = ea_p; | |
140 | return 0; | |
141 | ||
142 | out: | |
195c52bd | 143 | kfree(ea_p); |
be71b5cb KK |
144 | *ea = NULL; |
145 | return err; | |
146 | } | |
147 | ||
148 | /* | |
149 | * ntfs_list_ea | |
150 | * | |
e8b8e97f KA |
151 | * Copy a list of xattrs names into the buffer |
152 | * provided, or compute the buffer size required. | |
be71b5cb | 153 | * |
e8b8e97f KA |
154 | * Return: |
155 | * * Number of bytes used / required on | |
156 | * * -ERRNO - on failure | |
be71b5cb KK |
157 | */ |
158 | static ssize_t ntfs_list_ea(struct ntfs_inode *ni, char *buffer, | |
159 | size_t bytes_per_buffer) | |
160 | { | |
161 | const struct EA_INFO *info; | |
162 | struct EA_FULL *ea_all = NULL; | |
163 | const struct EA_FULL *ea; | |
164 | u32 off, size; | |
165 | int err; | |
166 | size_t ret; | |
167 | ||
168 | err = ntfs_read_ea(ni, &ea_all, 0, &info); | |
169 | if (err) | |
170 | return err; | |
171 | ||
172 | if (!info || !ea_all) | |
173 | return 0; | |
174 | ||
175 | size = le32_to_cpu(info->size); | |
176 | ||
e8b8e97f | 177 | /* Enumerate all xattrs. */ |
be71b5cb KK |
178 | for (ret = 0, off = 0; off < size; off += unpacked_ea_size(ea)) { |
179 | ea = Add2Ptr(ea_all, off); | |
180 | ||
181 | if (buffer) { | |
182 | if (ret + ea->name_len + 1 > bytes_per_buffer) { | |
183 | err = -ERANGE; | |
184 | goto out; | |
185 | } | |
186 | ||
187 | memcpy(buffer + ret, ea->name, ea->name_len); | |
188 | buffer[ret + ea->name_len] = 0; | |
189 | } | |
190 | ||
191 | ret += ea->name_len + 1; | |
192 | } | |
193 | ||
194 | out: | |
195c52bd | 195 | kfree(ea_all); |
be71b5cb KK |
196 | return err ? err : ret; |
197 | } | |
198 | ||
199 | static int ntfs_get_ea(struct inode *inode, const char *name, size_t name_len, | |
200 | void *buffer, size_t size, size_t *required) | |
201 | { | |
202 | struct ntfs_inode *ni = ntfs_i(inode); | |
203 | const struct EA_INFO *info; | |
204 | struct EA_FULL *ea_all = NULL; | |
205 | const struct EA_FULL *ea; | |
206 | u32 off, len; | |
207 | int err; | |
208 | ||
209 | if (!(ni->ni_flags & NI_FLAG_EA)) | |
210 | return -ENODATA; | |
211 | ||
212 | if (!required) | |
213 | ni_lock(ni); | |
214 | ||
215 | len = 0; | |
216 | ||
217 | if (name_len > 255) { | |
218 | err = -ENAMETOOLONG; | |
219 | goto out; | |
220 | } | |
221 | ||
222 | err = ntfs_read_ea(ni, &ea_all, 0, &info); | |
223 | if (err) | |
224 | goto out; | |
225 | ||
226 | if (!info) | |
227 | goto out; | |
228 | ||
e8b8e97f | 229 | /* Enumerate all xattrs. */ |
be71b5cb KK |
230 | if (!find_ea(ea_all, le32_to_cpu(info->size), name, name_len, &off)) { |
231 | err = -ENODATA; | |
232 | goto out; | |
233 | } | |
234 | ea = Add2Ptr(ea_all, off); | |
235 | ||
236 | len = le16_to_cpu(ea->elength); | |
237 | if (!buffer) { | |
238 | err = 0; | |
239 | goto out; | |
240 | } | |
241 | ||
242 | if (len > size) { | |
243 | err = -ERANGE; | |
244 | if (required) | |
245 | *required = len; | |
246 | goto out; | |
247 | } | |
248 | ||
249 | memcpy(buffer, ea->name + ea->name_len + 1, len); | |
250 | err = 0; | |
251 | ||
252 | out: | |
195c52bd | 253 | kfree(ea_all); |
be71b5cb KK |
254 | if (!required) |
255 | ni_unlock(ni); | |
256 | ||
257 | return err ? err : len; | |
258 | } | |
259 | ||
260 | static noinline int ntfs_set_ea(struct inode *inode, const char *name, | |
261 | size_t name_len, const void *value, | |
262 | size_t val_size, int flags, int locked) | |
263 | { | |
264 | struct ntfs_inode *ni = ntfs_i(inode); | |
265 | struct ntfs_sb_info *sbi = ni->mi.sbi; | |
266 | int err; | |
267 | struct EA_INFO ea_info; | |
268 | const struct EA_INFO *info; | |
269 | struct EA_FULL *new_ea; | |
270 | struct EA_FULL *ea_all = NULL; | |
271 | size_t add, new_pack; | |
272 | u32 off, size; | |
273 | __le16 size_pack; | |
274 | struct ATTRIB *attr; | |
275 | struct ATTR_LIST_ENTRY *le; | |
276 | struct mft_inode *mi; | |
277 | struct runs_tree ea_run; | |
278 | u64 new_sz; | |
279 | void *p; | |
280 | ||
281 | if (!locked) | |
282 | ni_lock(ni); | |
283 | ||
284 | run_init(&ea_run); | |
285 | ||
286 | if (name_len > 255) { | |
287 | err = -ENAMETOOLONG; | |
288 | goto out; | |
289 | } | |
290 | ||
fa3cacf5 | 291 | add = ALIGN(struct_size(ea_all, name, 1 + name_len + val_size), 4); |
be71b5cb KK |
292 | |
293 | err = ntfs_read_ea(ni, &ea_all, add, &info); | |
294 | if (err) | |
295 | goto out; | |
296 | ||
297 | if (!info) { | |
298 | memset(&ea_info, 0, sizeof(ea_info)); | |
299 | size = 0; | |
300 | size_pack = 0; | |
301 | } else { | |
302 | memcpy(&ea_info, info, sizeof(ea_info)); | |
303 | size = le32_to_cpu(ea_info.size); | |
304 | size_pack = ea_info.size_pack; | |
305 | } | |
306 | ||
307 | if (info && find_ea(ea_all, size, name, name_len, &off)) { | |
308 | struct EA_FULL *ea; | |
309 | size_t ea_sz; | |
310 | ||
311 | if (flags & XATTR_CREATE) { | |
312 | err = -EEXIST; | |
313 | goto out; | |
314 | } | |
315 | ||
316 | ea = Add2Ptr(ea_all, off); | |
317 | ||
318 | /* | |
319 | * Check simple case when we try to insert xattr with the same value | |
320 | * e.g. ntfs_save_wsl_perm | |
321 | */ | |
322 | if (val_size && le16_to_cpu(ea->elength) == val_size && | |
323 | !memcmp(ea->name + ea->name_len + 1, value, val_size)) { | |
e8b8e97f | 324 | /* xattr already contains the required value. */ |
be71b5cb KK |
325 | goto out; |
326 | } | |
327 | ||
e8b8e97f | 328 | /* Remove current xattr. */ |
be71b5cb KK |
329 | if (ea->flags & FILE_NEED_EA) |
330 | le16_add_cpu(&ea_info.count, -1); | |
331 | ||
332 | ea_sz = unpacked_ea_size(ea); | |
333 | ||
334 | le16_add_cpu(&ea_info.size_pack, 0 - packed_ea_size(ea)); | |
335 | ||
336 | memmove(ea, Add2Ptr(ea, ea_sz), size - off - ea_sz); | |
337 | ||
338 | size -= ea_sz; | |
339 | memset(Add2Ptr(ea_all, size), 0, ea_sz); | |
340 | ||
341 | ea_info.size = cpu_to_le32(size); | |
342 | ||
343 | if ((flags & XATTR_REPLACE) && !val_size) { | |
e8b8e97f | 344 | /* Remove xattr. */ |
be71b5cb KK |
345 | goto update_ea; |
346 | } | |
347 | } else { | |
348 | if (flags & XATTR_REPLACE) { | |
349 | err = -ENODATA; | |
350 | goto out; | |
351 | } | |
352 | ||
353 | if (!ea_all) { | |
195c52bd | 354 | ea_all = kzalloc(add, GFP_NOFS); |
be71b5cb KK |
355 | if (!ea_all) { |
356 | err = -ENOMEM; | |
357 | goto out; | |
358 | } | |
359 | } | |
360 | } | |
361 | ||
e8b8e97f | 362 | /* Append new xattr. */ |
be71b5cb KK |
363 | new_ea = Add2Ptr(ea_all, size); |
364 | new_ea->size = cpu_to_le32(add); | |
365 | new_ea->flags = 0; | |
366 | new_ea->name_len = name_len; | |
367 | new_ea->elength = cpu_to_le16(val_size); | |
368 | memcpy(new_ea->name, name, name_len); | |
369 | new_ea->name[name_len] = 0; | |
370 | memcpy(new_ea->name + name_len + 1, value, val_size); | |
371 | new_pack = le16_to_cpu(ea_info.size_pack) + packed_ea_size(new_ea); | |
372 | ||
e8b8e97f | 373 | /* Should fit into 16 bits. */ |
be71b5cb KK |
374 | if (new_pack > 0xffff) { |
375 | err = -EFBIG; // -EINVAL? | |
376 | goto out; | |
377 | } | |
378 | ea_info.size_pack = cpu_to_le16(new_pack); | |
379 | ||
e8b8e97f | 380 | /* New size of ATTR_EA. */ |
be71b5cb KK |
381 | size += add; |
382 | if (size > sbi->ea_max_size) { | |
383 | err = -EFBIG; // -EINVAL? | |
384 | goto out; | |
385 | } | |
386 | ea_info.size = cpu_to_le32(size); | |
387 | ||
388 | update_ea: | |
389 | ||
390 | if (!info) { | |
e8b8e97f | 391 | /* Create xattr. */ |
be71b5cb KK |
392 | if (!size) { |
393 | err = 0; | |
394 | goto out; | |
395 | } | |
396 | ||
397 | err = ni_insert_resident(ni, sizeof(struct EA_INFO), | |
398 | ATTR_EA_INFO, NULL, 0, NULL, NULL); | |
399 | if (err) | |
400 | goto out; | |
401 | ||
402 | err = ni_insert_resident(ni, 0, ATTR_EA, NULL, 0, NULL, NULL); | |
403 | if (err) | |
404 | goto out; | |
405 | } | |
406 | ||
407 | new_sz = size; | |
408 | err = attr_set_size(ni, ATTR_EA, NULL, 0, &ea_run, new_sz, &new_sz, | |
409 | false, NULL); | |
410 | if (err) | |
411 | goto out; | |
412 | ||
413 | le = NULL; | |
414 | attr = ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, &mi); | |
415 | if (!attr) { | |
416 | err = -EINVAL; | |
417 | goto out; | |
418 | } | |
419 | ||
420 | if (!size) { | |
e8b8e97f | 421 | /* Delete xattr, ATTR_EA_INFO */ |
be71b5cb KK |
422 | err = ni_remove_attr_le(ni, attr, le); |
423 | if (err) | |
424 | goto out; | |
425 | } else { | |
426 | p = resident_data_ex(attr, sizeof(struct EA_INFO)); | |
427 | if (!p) { | |
428 | err = -EINVAL; | |
429 | goto out; | |
430 | } | |
431 | memcpy(p, &ea_info, sizeof(struct EA_INFO)); | |
432 | mi->dirty = true; | |
433 | } | |
434 | ||
435 | le = NULL; | |
436 | attr = ni_find_attr(ni, NULL, &le, ATTR_EA, NULL, 0, NULL, &mi); | |
437 | if (!attr) { | |
438 | err = -EINVAL; | |
439 | goto out; | |
440 | } | |
441 | ||
442 | if (!size) { | |
e8b8e97f | 443 | /* Delete xattr, ATTR_EA */ |
be71b5cb KK |
444 | err = ni_remove_attr_le(ni, attr, le); |
445 | if (err) | |
446 | goto out; | |
447 | } else if (attr->non_res) { | |
448 | err = ntfs_sb_write_run(sbi, &ea_run, 0, ea_all, size); | |
449 | if (err) | |
450 | goto out; | |
451 | } else { | |
452 | p = resident_data_ex(attr, size); | |
453 | if (!p) { | |
454 | err = -EINVAL; | |
455 | goto out; | |
456 | } | |
457 | memcpy(p, ea_all, size); | |
458 | mi->dirty = true; | |
459 | } | |
460 | ||
e8b8e97f | 461 | /* Check if we delete the last xattr. */ |
be71b5cb KK |
462 | if (size) |
463 | ni->ni_flags |= NI_FLAG_EA; | |
464 | else | |
465 | ni->ni_flags &= ~NI_FLAG_EA; | |
466 | ||
467 | if (ea_info.size_pack != size_pack) | |
468 | ni->ni_flags |= NI_FLAG_UPDATE_PARENT; | |
469 | mark_inode_dirty(&ni->vfs_inode); | |
470 | ||
471 | out: | |
472 | if (!locked) | |
473 | ni_unlock(ni); | |
474 | ||
475 | run_close(&ea_run); | |
195c52bd | 476 | kfree(ea_all); |
be71b5cb KK |
477 | |
478 | return err; | |
479 | } | |
480 | ||
481 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL | |
482 | static inline void ntfs_posix_acl_release(struct posix_acl *acl) | |
483 | { | |
484 | if (acl && refcount_dec_and_test(&acl->a_refcount)) | |
485 | kfree(acl); | |
486 | } | |
487 | ||
488 | static struct posix_acl *ntfs_get_acl_ex(struct user_namespace *mnt_userns, | |
489 | struct inode *inode, int type, | |
490 | int locked) | |
491 | { | |
492 | struct ntfs_inode *ni = ntfs_i(inode); | |
493 | const char *name; | |
494 | size_t name_len; | |
495 | struct posix_acl *acl; | |
496 | size_t req; | |
497 | int err; | |
498 | void *buf; | |
499 | ||
e8b8e97f | 500 | /* Allocate PATH_MAX bytes. */ |
be71b5cb KK |
501 | buf = __getname(); |
502 | if (!buf) | |
503 | return ERR_PTR(-ENOMEM); | |
504 | ||
e8b8e97f | 505 | /* Possible values of 'type' was already checked above. */ |
be71b5cb KK |
506 | if (type == ACL_TYPE_ACCESS) { |
507 | name = XATTR_NAME_POSIX_ACL_ACCESS; | |
508 | name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1; | |
509 | } else { | |
510 | name = XATTR_NAME_POSIX_ACL_DEFAULT; | |
511 | name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1; | |
512 | } | |
513 | ||
514 | if (!locked) | |
515 | ni_lock(ni); | |
516 | ||
517 | err = ntfs_get_ea(inode, name, name_len, buf, PATH_MAX, &req); | |
518 | ||
519 | if (!locked) | |
520 | ni_unlock(ni); | |
521 | ||
e8b8e97f | 522 | /* Translate extended attribute to acl. */ |
2926e429 | 523 | if (err >= 0) { |
be71b5cb KK |
524 | acl = posix_acl_from_xattr(mnt_userns, buf, err); |
525 | if (!IS_ERR(acl)) | |
526 | set_cached_acl(inode, type, acl); | |
527 | } else { | |
528 | acl = err == -ENODATA ? NULL : ERR_PTR(err); | |
529 | } | |
530 | ||
531 | __putname(buf); | |
532 | ||
533 | return acl; | |
534 | } | |
535 | ||
536 | /* | |
e8b8e97f | 537 | * ntfs_get_acl - inode_operations::get_acl |
be71b5cb KK |
538 | */ |
539 | struct posix_acl *ntfs_get_acl(struct inode *inode, int type) | |
540 | { | |
541 | /* TODO: init_user_ns? */ | |
542 | return ntfs_get_acl_ex(&init_user_ns, inode, type, 0); | |
543 | } | |
544 | ||
545 | static noinline int ntfs_set_acl_ex(struct user_namespace *mnt_userns, | |
546 | struct inode *inode, struct posix_acl *acl, | |
547 | int type, int locked) | |
548 | { | |
549 | const char *name; | |
550 | size_t size, name_len; | |
551 | void *value = NULL; | |
552 | int err = 0; | |
553 | ||
554 | if (S_ISLNK(inode->i_mode)) | |
555 | return -EOPNOTSUPP; | |
556 | ||
557 | switch (type) { | |
558 | case ACL_TYPE_ACCESS: | |
559 | if (acl) { | |
560 | umode_t mode = inode->i_mode; | |
561 | ||
562 | err = posix_acl_equiv_mode(acl, &mode); | |
563 | if (err < 0) | |
564 | return err; | |
565 | ||
566 | if (inode->i_mode != mode) { | |
567 | inode->i_mode = mode; | |
568 | mark_inode_dirty(inode); | |
569 | } | |
570 | ||
571 | if (!err) { | |
572 | /* | |
e8b8e97f KA |
573 | * ACL can be exactly represented in the |
574 | * traditional file mode permission bits. | |
be71b5cb KK |
575 | */ |
576 | acl = NULL; | |
577 | } | |
578 | } | |
579 | name = XATTR_NAME_POSIX_ACL_ACCESS; | |
580 | name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1; | |
581 | break; | |
582 | ||
583 | case ACL_TYPE_DEFAULT: | |
584 | if (!S_ISDIR(inode->i_mode)) | |
585 | return acl ? -EACCES : 0; | |
586 | name = XATTR_NAME_POSIX_ACL_DEFAULT; | |
587 | name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1; | |
588 | break; | |
589 | ||
590 | default: | |
591 | return -EINVAL; | |
592 | } | |
593 | ||
594 | if (!acl) { | |
595 | size = 0; | |
596 | value = NULL; | |
597 | } else { | |
598 | size = posix_acl_xattr_size(acl->a_count); | |
195c52bd | 599 | value = kmalloc(size, GFP_NOFS); |
be71b5cb KK |
600 | if (!value) |
601 | return -ENOMEM; | |
602 | ||
603 | err = posix_acl_to_xattr(mnt_userns, acl, value, size); | |
604 | if (err < 0) | |
605 | goto out; | |
606 | } | |
607 | ||
608 | err = ntfs_set_ea(inode, name, name_len, value, size, | |
609 | acl ? 0 : XATTR_REPLACE, locked); | |
610 | if (!err) | |
611 | set_cached_acl(inode, type, acl); | |
612 | ||
613 | out: | |
195c52bd | 614 | kfree(value); |
be71b5cb KK |
615 | |
616 | return err; | |
617 | } | |
618 | ||
619 | /* | |
e8b8e97f | 620 | * ntfs_set_acl - inode_operations::set_acl |
be71b5cb KK |
621 | */ |
622 | int ntfs_set_acl(struct user_namespace *mnt_userns, struct inode *inode, | |
623 | struct posix_acl *acl, int type) | |
624 | { | |
625 | return ntfs_set_acl_ex(mnt_userns, inode, acl, type, 0); | |
626 | } | |
627 | ||
628 | static int ntfs_xattr_get_acl(struct user_namespace *mnt_userns, | |
629 | struct inode *inode, int type, void *buffer, | |
630 | size_t size) | |
631 | { | |
632 | struct posix_acl *acl; | |
633 | int err; | |
634 | ||
635 | if (!(inode->i_sb->s_flags & SB_POSIXACL)) | |
636 | return -EOPNOTSUPP; | |
637 | ||
638 | acl = ntfs_get_acl(inode, type); | |
639 | if (IS_ERR(acl)) | |
640 | return PTR_ERR(acl); | |
641 | ||
642 | if (!acl) | |
643 | return -ENODATA; | |
644 | ||
645 | err = posix_acl_to_xattr(mnt_userns, acl, buffer, size); | |
646 | ntfs_posix_acl_release(acl); | |
647 | ||
648 | return err; | |
649 | } | |
650 | ||
651 | static int ntfs_xattr_set_acl(struct user_namespace *mnt_userns, | |
652 | struct inode *inode, int type, const void *value, | |
653 | size_t size) | |
654 | { | |
655 | struct posix_acl *acl; | |
656 | int err; | |
657 | ||
658 | if (!(inode->i_sb->s_flags & SB_POSIXACL)) | |
659 | return -EOPNOTSUPP; | |
660 | ||
661 | if (!inode_owner_or_capable(mnt_userns, inode)) | |
662 | return -EPERM; | |
663 | ||
664 | if (!value) { | |
665 | acl = NULL; | |
666 | } else { | |
667 | acl = posix_acl_from_xattr(mnt_userns, value, size); | |
668 | if (IS_ERR(acl)) | |
669 | return PTR_ERR(acl); | |
670 | ||
671 | if (acl) { | |
672 | err = posix_acl_valid(mnt_userns, acl); | |
673 | if (err) | |
674 | goto release_and_out; | |
675 | } | |
676 | } | |
677 | ||
678 | err = ntfs_set_acl(mnt_userns, inode, acl, type); | |
679 | ||
680 | release_and_out: | |
681 | ntfs_posix_acl_release(acl); | |
682 | return err; | |
683 | } | |
684 | ||
685 | /* | |
e8b8e97f KA |
686 | * ntfs_init_acl - Initialize the ACLs of a new inode. |
687 | * | |
688 | * Called from ntfs_create_inode(). | |
be71b5cb KK |
689 | */ |
690 | int ntfs_init_acl(struct user_namespace *mnt_userns, struct inode *inode, | |
691 | struct inode *dir) | |
692 | { | |
693 | struct posix_acl *default_acl, *acl; | |
694 | int err; | |
695 | ||
696 | /* | |
e8b8e97f | 697 | * TODO: Refactoring lock. |
be71b5cb KK |
698 | * ni_lock(dir) ... -> posix_acl_create(dir,...) -> ntfs_get_acl -> ni_lock(dir) |
699 | */ | |
700 | inode->i_default_acl = NULL; | |
701 | ||
702 | default_acl = ntfs_get_acl_ex(mnt_userns, dir, ACL_TYPE_DEFAULT, 1); | |
703 | ||
704 | if (!default_acl || default_acl == ERR_PTR(-EOPNOTSUPP)) { | |
705 | inode->i_mode &= ~current_umask(); | |
706 | err = 0; | |
707 | goto out; | |
708 | } | |
709 | ||
710 | if (IS_ERR(default_acl)) { | |
711 | err = PTR_ERR(default_acl); | |
712 | goto out; | |
713 | } | |
714 | ||
715 | acl = default_acl; | |
716 | err = __posix_acl_create(&acl, GFP_NOFS, &inode->i_mode); | |
717 | if (err < 0) | |
718 | goto out1; | |
719 | if (!err) { | |
720 | posix_acl_release(acl); | |
721 | acl = NULL; | |
722 | } | |
723 | ||
724 | if (!S_ISDIR(inode->i_mode)) { | |
725 | posix_acl_release(default_acl); | |
726 | default_acl = NULL; | |
727 | } | |
728 | ||
729 | if (default_acl) | |
730 | err = ntfs_set_acl_ex(mnt_userns, inode, default_acl, | |
731 | ACL_TYPE_DEFAULT, 1); | |
732 | ||
733 | if (!acl) | |
734 | inode->i_acl = NULL; | |
735 | else if (!err) | |
736 | err = ntfs_set_acl_ex(mnt_userns, inode, acl, ACL_TYPE_ACCESS, | |
737 | 1); | |
738 | ||
739 | posix_acl_release(acl); | |
740 | out1: | |
741 | posix_acl_release(default_acl); | |
742 | ||
743 | out: | |
744 | return err; | |
745 | } | |
746 | #endif | |
747 | ||
748 | /* | |
e8b8e97f | 749 | * ntfs_acl_chmod - Helper for ntfs3_setattr(). |
be71b5cb KK |
750 | */ |
751 | int ntfs_acl_chmod(struct user_namespace *mnt_userns, struct inode *inode) | |
752 | { | |
753 | struct super_block *sb = inode->i_sb; | |
754 | ||
755 | if (!(sb->s_flags & SB_POSIXACL)) | |
756 | return 0; | |
757 | ||
758 | if (S_ISLNK(inode->i_mode)) | |
759 | return -EOPNOTSUPP; | |
760 | ||
761 | return posix_acl_chmod(mnt_userns, inode, inode->i_mode); | |
762 | } | |
763 | ||
764 | /* | |
e8b8e97f | 765 | * ntfs_permission - inode_operations::permission |
be71b5cb KK |
766 | */ |
767 | int ntfs_permission(struct user_namespace *mnt_userns, struct inode *inode, | |
768 | int mask) | |
769 | { | |
770 | if (ntfs_sb(inode->i_sb)->options.no_acs_rules) { | |
e8b8e97f | 771 | /* "No access rules" mode - Allow all changes. */ |
be71b5cb KK |
772 | return 0; |
773 | } | |
774 | ||
775 | return generic_permission(mnt_userns, inode, mask); | |
776 | } | |
777 | ||
778 | /* | |
e8b8e97f | 779 | * ntfs_listxattr - inode_operations::listxattr |
be71b5cb KK |
780 | */ |
781 | ssize_t ntfs_listxattr(struct dentry *dentry, char *buffer, size_t size) | |
782 | { | |
783 | struct inode *inode = d_inode(dentry); | |
784 | struct ntfs_inode *ni = ntfs_i(inode); | |
785 | ssize_t ret; | |
786 | ||
787 | if (!(ni->ni_flags & NI_FLAG_EA)) { | |
788 | /* no xattr in file */ | |
789 | return 0; | |
790 | } | |
791 | ||
792 | ni_lock(ni); | |
793 | ||
794 | ret = ntfs_list_ea(ni, buffer, size); | |
795 | ||
796 | ni_unlock(ni); | |
797 | ||
798 | return ret; | |
799 | } | |
800 | ||
801 | static int ntfs_getxattr(const struct xattr_handler *handler, struct dentry *de, | |
802 | struct inode *inode, const char *name, void *buffer, | |
803 | size_t size) | |
804 | { | |
805 | int err; | |
806 | struct ntfs_inode *ni = ntfs_i(inode); | |
807 | size_t name_len = strlen(name); | |
808 | ||
e8b8e97f | 809 | /* Dispatch request. */ |
be71b5cb KK |
810 | if (name_len == sizeof(SYSTEM_DOS_ATTRIB) - 1 && |
811 | !memcmp(name, SYSTEM_DOS_ATTRIB, sizeof(SYSTEM_DOS_ATTRIB))) { | |
812 | /* system.dos_attrib */ | |
813 | if (!buffer) { | |
814 | err = sizeof(u8); | |
815 | } else if (size < sizeof(u8)) { | |
816 | err = -ENODATA; | |
817 | } else { | |
818 | err = sizeof(u8); | |
819 | *(u8 *)buffer = le32_to_cpu(ni->std_fa); | |
820 | } | |
821 | goto out; | |
822 | } | |
823 | ||
824 | if (name_len == sizeof(SYSTEM_NTFS_ATTRIB) - 1 && | |
825 | !memcmp(name, SYSTEM_NTFS_ATTRIB, sizeof(SYSTEM_NTFS_ATTRIB))) { | |
826 | /* system.ntfs_attrib */ | |
827 | if (!buffer) { | |
828 | err = sizeof(u32); | |
829 | } else if (size < sizeof(u32)) { | |
830 | err = -ENODATA; | |
831 | } else { | |
832 | err = sizeof(u32); | |
833 | *(u32 *)buffer = le32_to_cpu(ni->std_fa); | |
834 | } | |
835 | goto out; | |
836 | } | |
837 | ||
838 | if (name_len == sizeof(SYSTEM_NTFS_SECURITY) - 1 && | |
839 | !memcmp(name, SYSTEM_NTFS_SECURITY, sizeof(SYSTEM_NTFS_SECURITY))) { | |
840 | /* system.ntfs_security*/ | |
841 | struct SECURITY_DESCRIPTOR_RELATIVE *sd = NULL; | |
842 | size_t sd_size = 0; | |
843 | ||
844 | if (!is_ntfs3(ni->mi.sbi)) { | |
e8b8e97f | 845 | /* We should get nt4 security. */ |
be71b5cb KK |
846 | err = -EINVAL; |
847 | goto out; | |
848 | } else if (le32_to_cpu(ni->std_security_id) < | |
849 | SECURITY_ID_FIRST) { | |
850 | err = -ENOENT; | |
851 | goto out; | |
852 | } | |
853 | ||
854 | err = ntfs_get_security_by_id(ni->mi.sbi, ni->std_security_id, | |
855 | &sd, &sd_size); | |
856 | if (err) | |
857 | goto out; | |
858 | ||
859 | if (!is_sd_valid(sd, sd_size)) { | |
860 | ntfs_inode_warn( | |
861 | inode, | |
862 | "looks like you get incorrect security descriptor id=%u", | |
863 | ni->std_security_id); | |
864 | } | |
865 | ||
866 | if (!buffer) { | |
867 | err = sd_size; | |
868 | } else if (size < sd_size) { | |
869 | err = -ENODATA; | |
870 | } else { | |
871 | err = sd_size; | |
872 | memcpy(buffer, sd, sd_size); | |
873 | } | |
195c52bd | 874 | kfree(sd); |
be71b5cb KK |
875 | goto out; |
876 | } | |
877 | ||
878 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL | |
879 | if ((name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 && | |
880 | !memcmp(name, XATTR_NAME_POSIX_ACL_ACCESS, | |
881 | sizeof(XATTR_NAME_POSIX_ACL_ACCESS))) || | |
882 | (name_len == sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1 && | |
883 | !memcmp(name, XATTR_NAME_POSIX_ACL_DEFAULT, | |
884 | sizeof(XATTR_NAME_POSIX_ACL_DEFAULT)))) { | |
885 | /* TODO: init_user_ns? */ | |
886 | err = ntfs_xattr_get_acl( | |
887 | &init_user_ns, inode, | |
888 | name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 | |
889 | ? ACL_TYPE_ACCESS | |
890 | : ACL_TYPE_DEFAULT, | |
891 | buffer, size); | |
892 | goto out; | |
893 | } | |
894 | #endif | |
e8b8e97f | 895 | /* Deal with NTFS extended attribute. */ |
be71b5cb KK |
896 | err = ntfs_get_ea(inode, name, name_len, buffer, size, NULL); |
897 | ||
898 | out: | |
899 | return err; | |
900 | } | |
901 | ||
902 | /* | |
e8b8e97f | 903 | * ntfs_setxattr - inode_operations::setxattr |
be71b5cb KK |
904 | */ |
905 | static noinline int ntfs_setxattr(const struct xattr_handler *handler, | |
906 | struct user_namespace *mnt_userns, | |
907 | struct dentry *de, struct inode *inode, | |
908 | const char *name, const void *value, | |
909 | size_t size, int flags) | |
910 | { | |
911 | int err = -EINVAL; | |
912 | struct ntfs_inode *ni = ntfs_i(inode); | |
913 | size_t name_len = strlen(name); | |
914 | enum FILE_ATTRIBUTE new_fa; | |
915 | ||
e8b8e97f | 916 | /* Dispatch request. */ |
be71b5cb KK |
917 | if (name_len == sizeof(SYSTEM_DOS_ATTRIB) - 1 && |
918 | !memcmp(name, SYSTEM_DOS_ATTRIB, sizeof(SYSTEM_DOS_ATTRIB))) { | |
919 | if (sizeof(u8) != size) | |
920 | goto out; | |
921 | new_fa = cpu_to_le32(*(u8 *)value); | |
922 | goto set_new_fa; | |
923 | } | |
924 | ||
925 | if (name_len == sizeof(SYSTEM_NTFS_ATTRIB) - 1 && | |
926 | !memcmp(name, SYSTEM_NTFS_ATTRIB, sizeof(SYSTEM_NTFS_ATTRIB))) { | |
927 | if (size != sizeof(u32)) | |
928 | goto out; | |
929 | new_fa = cpu_to_le32(*(u32 *)value); | |
930 | ||
931 | if (S_ISREG(inode->i_mode)) { | |
e8b8e97f | 932 | /* Process compressed/sparsed in special way. */ |
be71b5cb KK |
933 | ni_lock(ni); |
934 | err = ni_new_attr_flags(ni, new_fa); | |
935 | ni_unlock(ni); | |
936 | if (err) | |
937 | goto out; | |
938 | } | |
939 | set_new_fa: | |
940 | /* | |
941 | * Thanks Mark Harmstone: | |
e8b8e97f | 942 | * Keep directory bit consistency. |
be71b5cb KK |
943 | */ |
944 | if (S_ISDIR(inode->i_mode)) | |
945 | new_fa |= FILE_ATTRIBUTE_DIRECTORY; | |
946 | else | |
947 | new_fa &= ~FILE_ATTRIBUTE_DIRECTORY; | |
948 | ||
949 | if (ni->std_fa != new_fa) { | |
950 | ni->std_fa = new_fa; | |
951 | if (new_fa & FILE_ATTRIBUTE_READONLY) | |
952 | inode->i_mode &= ~0222; | |
953 | else | |
954 | inode->i_mode |= 0222; | |
e8b8e97f | 955 | /* Std attribute always in primary record. */ |
be71b5cb KK |
956 | ni->mi.dirty = true; |
957 | mark_inode_dirty(inode); | |
958 | } | |
959 | err = 0; | |
960 | ||
961 | goto out; | |
962 | } | |
963 | ||
964 | if (name_len == sizeof(SYSTEM_NTFS_SECURITY) - 1 && | |
965 | !memcmp(name, SYSTEM_NTFS_SECURITY, sizeof(SYSTEM_NTFS_SECURITY))) { | |
966 | /* system.ntfs_security*/ | |
967 | __le32 security_id; | |
968 | bool inserted; | |
969 | struct ATTR_STD_INFO5 *std; | |
970 | ||
971 | if (!is_ntfs3(ni->mi.sbi)) { | |
972 | /* | |
e8b8e97f KA |
973 | * We should replace ATTR_SECURE. |
974 | * Skip this way cause it is nt4 feature. | |
be71b5cb KK |
975 | */ |
976 | err = -EINVAL; | |
977 | goto out; | |
978 | } | |
979 | ||
980 | if (!is_sd_valid(value, size)) { | |
981 | err = -EINVAL; | |
982 | ntfs_inode_warn( | |
983 | inode, | |
984 | "you try to set invalid security descriptor"); | |
985 | goto out; | |
986 | } | |
987 | ||
988 | err = ntfs_insert_security(ni->mi.sbi, value, size, | |
989 | &security_id, &inserted); | |
990 | if (err) | |
991 | goto out; | |
992 | ||
993 | ni_lock(ni); | |
994 | std = ni_std5(ni); | |
995 | if (!std) { | |
996 | err = -EINVAL; | |
997 | } else if (std->security_id != security_id) { | |
998 | std->security_id = ni->std_security_id = security_id; | |
e8b8e97f | 999 | /* Std attribute always in primary record. */ |
be71b5cb KK |
1000 | ni->mi.dirty = true; |
1001 | mark_inode_dirty(&ni->vfs_inode); | |
1002 | } | |
1003 | ni_unlock(ni); | |
1004 | goto out; | |
1005 | } | |
1006 | ||
1007 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL | |
1008 | if ((name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 && | |
1009 | !memcmp(name, XATTR_NAME_POSIX_ACL_ACCESS, | |
1010 | sizeof(XATTR_NAME_POSIX_ACL_ACCESS))) || | |
1011 | (name_len == sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1 && | |
1012 | !memcmp(name, XATTR_NAME_POSIX_ACL_DEFAULT, | |
1013 | sizeof(XATTR_NAME_POSIX_ACL_DEFAULT)))) { | |
1014 | err = ntfs_xattr_set_acl( | |
1015 | mnt_userns, inode, | |
1016 | name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 | |
1017 | ? ACL_TYPE_ACCESS | |
1018 | : ACL_TYPE_DEFAULT, | |
1019 | value, size); | |
1020 | goto out; | |
1021 | } | |
1022 | #endif | |
e8b8e97f | 1023 | /* Deal with NTFS extended attribute. */ |
be71b5cb KK |
1024 | err = ntfs_set_ea(inode, name, name_len, value, size, flags, 0); |
1025 | ||
1026 | out: | |
1027 | return err; | |
1028 | } | |
1029 | ||
1030 | /* | |
1031 | * ntfs_save_wsl_perm | |
1032 | * | |
1033 | * save uid/gid/mode in xattr | |
1034 | */ | |
1035 | int ntfs_save_wsl_perm(struct inode *inode) | |
1036 | { | |
1037 | int err; | |
1038 | __le32 value; | |
1039 | ||
1040 | value = cpu_to_le32(i_uid_read(inode)); | |
1041 | err = ntfs_set_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value, | |
1042 | sizeof(value), 0, 0); | |
1043 | if (err) | |
1044 | goto out; | |
1045 | ||
1046 | value = cpu_to_le32(i_gid_read(inode)); | |
1047 | err = ntfs_set_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value, | |
1048 | sizeof(value), 0, 0); | |
1049 | if (err) | |
1050 | goto out; | |
1051 | ||
1052 | value = cpu_to_le32(inode->i_mode); | |
1053 | err = ntfs_set_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value, | |
1054 | sizeof(value), 0, 0); | |
1055 | if (err) | |
1056 | goto out; | |
1057 | ||
1058 | if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode)) { | |
1059 | value = cpu_to_le32(inode->i_rdev); | |
1060 | err = ntfs_set_ea(inode, "$LXDEV", sizeof("$LXDEV") - 1, &value, | |
1061 | sizeof(value), 0, 0); | |
1062 | if (err) | |
1063 | goto out; | |
1064 | } | |
1065 | ||
1066 | out: | |
1067 | /* In case of error should we delete all WSL xattr? */ | |
1068 | return err; | |
1069 | } | |
1070 | ||
1071 | /* | |
1072 | * ntfs_get_wsl_perm | |
1073 | * | |
1074 | * get uid/gid/mode from xattr | |
1075 | * it is called from ntfs_iget5->ntfs_read_mft | |
1076 | */ | |
1077 | void ntfs_get_wsl_perm(struct inode *inode) | |
1078 | { | |
1079 | size_t sz; | |
1080 | __le32 value[3]; | |
1081 | ||
1082 | if (ntfs_get_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value[0], | |
1083 | sizeof(value[0]), &sz) == sizeof(value[0]) && | |
1084 | ntfs_get_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value[1], | |
1085 | sizeof(value[1]), &sz) == sizeof(value[1]) && | |
1086 | ntfs_get_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value[2], | |
1087 | sizeof(value[2]), &sz) == sizeof(value[2])) { | |
1088 | i_uid_write(inode, (uid_t)le32_to_cpu(value[0])); | |
1089 | i_gid_write(inode, (gid_t)le32_to_cpu(value[1])); | |
1090 | inode->i_mode = le32_to_cpu(value[2]); | |
1091 | ||
1092 | if (ntfs_get_ea(inode, "$LXDEV", sizeof("$$LXDEV") - 1, | |
1093 | &value[0], sizeof(value), | |
1094 | &sz) == sizeof(value[0])) { | |
1095 | inode->i_rdev = le32_to_cpu(value[0]); | |
1096 | } | |
1097 | } | |
1098 | } | |
1099 | ||
1100 | static bool ntfs_xattr_user_list(struct dentry *dentry) | |
1101 | { | |
1102 | return true; | |
1103 | } | |
1104 | ||
1105 | // clang-format off | |
1106 | static const struct xattr_handler ntfs_xattr_handler = { | |
1107 | .prefix = "", | |
1108 | .get = ntfs_getxattr, | |
1109 | .set = ntfs_setxattr, | |
1110 | .list = ntfs_xattr_user_list, | |
1111 | }; | |
1112 | ||
1113 | const struct xattr_handler *ntfs_xattr_handlers[] = { | |
1114 | &ntfs_xattr_handler, | |
1115 | NULL, | |
1116 | }; | |
1117 | // clang-format on |