]> git.proxmox.com Git - mirror_zfs.git/blame - module/os/linux/zfs/zpl_xattr.c
projects / mirror_zfs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Linux 6.6 compat: use inode_get/set_ctime*(...)
[mirror_zfs.git] / module / os / linux / zfs / zpl_xattr.c
CommitLineData
cc5f931c
BB		 1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
1d3ba0bf 9 * or https://opensource.org/licenses/CDDL-1.0.
cc5f931c
BB		 10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright (c) 2011, Lawrence Livermore National Security, LLC.
23 *
24 * Extended attributes (xattr) on Solaris are implemented as files
25 * which exist in a hidden xattr directory. These extended attributes
26 * can be accessed using the attropen() system call which opens
27 * the extended attribute. It can then be manipulated just like
28 * a standard file descriptor. This has a couple advantages such
29 * as practically no size limit on the file, and the extended
30 * attributes permissions may differ from those of the parent file.
31 * This interface is really quite clever, but it's also completely
82a37189
BB		 32 * different than what is supported on Linux. It also comes with a
33 * steep performance penalty when accessing small xattrs because they
34 * are not stored with the parent file.
cc5f931c
BB		 35 *
36 * Under Linux extended attributes are manipulated by the system
37 * calls getxattr(2), setxattr(2), and listxattr(2). They consider
38 * extended attributes to be name/value pairs where the name is a
39 * NULL terminated string. The name must also include one of the
82a37189 40 * following namespace prefixes:
cc5f931c
BB		 41 *
42 * user - No restrictions and is available to user applications.
43 * trusted - Restricted to kernel and root (CAP_SYS_ADMIN) use.
44 * system - Used for access control lists (system.nfs4_acl, etc).
45 * security - Used by SELinux to store a files security context.
46 *
82a37189
BB		 47 * The value under Linux to limited to 65536 bytes of binary data.
48 * In practice, individual xattrs tend to be much smaller than this
49 * and are typically less than 100 bytes. A good example of this
50 * are the security.selinux xattrs which are less than 100 bytes and
51 * exist for every file when xattr labeling is enabled.
cc5f931c 52 *
4e33ba4c 53 * The Linux xattr implementation has been written to take advantage of
82a37189
BB		 54 * this typical usage. When the dataset property 'xattr=sa' is set,
55 * then xattrs will be preferentially stored as System Attributes (SA).
56 * This allows tiny xattrs (~100 bytes) to be stored with the dnode and
57 * up to 64k of xattrs to be stored in the spill block. If additional
58 * xattr space is required, which is unlikely under Linux, they will
59 * be stored using the traditional directory approach.
cc5f931c 60 *
82a37189
BB		 61 * This optimization results in roughly a 3x performance improvement
62 * when accessing xattrs because it avoids the need to perform a seek
63 * for every xattr value. When multiple xattrs are stored per-file
64 * the performance improvements are even greater because all of the
65 * xattrs stored in the spill block will be cached.
66 *
67 * However, by default SA based xattrs are disabled in the Linux port
68 * to maximize compatibility with other implementations. If you do
69 * enable SA based xattrs then they will not be visible on platforms
70 * which do not support this feature.
71 *
72 * NOTE: One additional consequence of the xattr directory implementation
73 * is that when an extended attribute is manipulated an inode is created.
74 * This inode will exist in the Linux inode cache but there will be no
75 * associated entry in the dentry cache which references it. This is
76 * safe but it may result in some confusion. Enabling SA based xattrs
77 * largely avoids the issue except in the overflow case.
cc5f931c
BB		 78 */
79
657ce253 80#include <sys/zfs_znode.h>
cc5f931c
BB		 81#include <sys/zfs_vfsops.h>
82#include <sys/zfs_vnops.h>
0f37d0c8 83#include <sys/zap.h>
cc5f931c
BB		 84#include <sys/vfs.h>
85#include <sys/zpl.h>
98843196 86#include <linux/vfs_compat.h>
cc5f931c 87
5c006134
RM		 88enum xattr_permission {
89 XAPERM_DENY,
90 XAPERM_ALLOW,
91 XAPERM_COMPAT,
92};
93
cc5f931c
BB		 94typedef struct xattr_filldir {
95 size_t size;
96 size_t offset;
97 char *buf;
4967a3eb 98 struct dentry *dentry;
cc5f931c
BB		 99} xattr_filldir_t;
100
5c006134
RM		 101static enum xattr_permission zpl_xattr_permission(xattr_filldir_t *,
102 const char *, int);
4967a3eb 103
5c006134 104static int zfs_xattr_compat = 0;
4967a3eb
BB		 105
106/*
107 * Determine is a given xattr name should be visible and if so copy it
108 * in to the provided buffer (xf->buf).
109 */
110static int
111zpl_xattr_filldir(xattr_filldir_t *xf, const char *name, int name_len)
112{
5c006134
RM		 113 enum xattr_permission perm;
114
4967a3eb 115 /* Check permissions using the per-namespace list xattr handler. */
5c006134
RM		 116 perm = zpl_xattr_permission(xf, name, name_len);
117 if (perm == XAPERM_DENY)
4967a3eb 118 return (0);
cc5f931c 119
5c006134
RM		 120 /* Prefix the name with "user." if it does not have a namespace. */
121 if (perm == XAPERM_COMPAT) {
122 if (xf->buf) {
123 if (xf->offset + XATTR_USER_PREFIX_LEN + 1 > xf->size)
124 return (-ERANGE);
125
126 memcpy(xf->buf + xf->offset, XATTR_USER_PREFIX,
127 XATTR_USER_PREFIX_LEN);
128 xf->buf[xf->offset + XATTR_USER_PREFIX_LEN] = '\0';
129 }
130
131 xf->offset += XATTR_USER_PREFIX_LEN;
132 }
133
cc5f931c
BB		 134 /* When xf->buf is NULL only calculate the required size. */
135 if (xf->buf) {
136 if (xf->offset + name_len + 1 > xf->size)
137 return (-ERANGE);
138
139 memcpy(xf->buf + xf->offset, name, name_len);
140 xf->buf[xf->offset + name_len] = '\0';
141 }
142
143 xf->offset += (name_len + 1);
144
145 return (0);
146}
147
0f37d0c8
RY		 148/*
149 * Read as many directory entry names as will fit in to the provided buffer,
150 * or when no buffer is provided calculate the required buffer size.
151 */
65c7cc49 152static int
0f37d0c8
RY		 153zpl_xattr_readdir(struct inode *dxip, xattr_filldir_t *xf)
154{
155 zap_cursor_t zc;
156 zap_attribute_t zap;
157 int error;
158
159 zap_cursor_init(&zc, ITOZSB(dxip)->z_os, ITOZ(dxip)->z_id);
160
161 while ((error = -zap_cursor_retrieve(&zc, &zap)) == 0) {
162
163 if (zap.za_integer_length != 8 || zap.za_num_integers != 1) {
164 error = -ENXIO;
165 break;
166 }
167
168 error = zpl_xattr_filldir(xf, zap.za_name, strlen(zap.za_name));
169 if (error)
170 break;
171
172 zap_cursor_advance(&zc);
173 }
174
175 zap_cursor_fini(&zc);
176
177 if (error == -ENOENT)
178 error = 0;
179
180 return (error);
181}
182
82a37189
BB		 183static ssize_t
184zpl_xattr_list_dir(xattr_filldir_t *xf, cred_t *cr)
cc5f931c 185{
4967a3eb 186 struct inode *ip = xf->dentry->d_inode;
cc5f931c 187 struct inode *dxip = NULL;
657ce253 188 znode_t *dxzp;
cc5f931c 189 int error;
cc5f931c
BB		 190
191 /* Lookup the xattr directory */
657ce253
MM		 192 error = -zfs_lookup(ITOZ(ip), NULL, &dxzp, LOOKUP_XATTR,
193 cr, NULL, NULL);
cc5f931c
BB		 194 if (error) {
195 if (error == -ENOENT)
196 error = 0;
197
82a37189 198 return (error);
cc5f931c
BB		 199 }
200
657ce253 201 dxip = ZTOI(dxzp);
0f37d0c8 202 error = zpl_xattr_readdir(dxip, xf);
82a37189
BB		 203 iput(dxip);
204
205 return (error);
206}
207
208static ssize_t
209zpl_xattr_list_sa(xattr_filldir_t *xf)
210{
4967a3eb 211 znode_t *zp = ITOZ(xf->dentry->d_inode);
82a37189
BB		 212 nvpair_t *nvp = NULL;
213 int error = 0;
214
215 mutex_enter(&zp->z_lock);
216 if (zp->z_xattr_cached == NULL)
217 error = -zfs_sa_get_xattr(zp);
218 mutex_exit(&zp->z_lock);
219
220 if (error)
221 return (error);
222
223 ASSERT(zp->z_xattr_cached);
224
225 while ((nvp = nvlist_next_nvpair(zp->z_xattr_cached, nvp)) != NULL) {
226 ASSERT3U(nvpair_type(nvp), ==, DATA_TYPE_BYTE_ARRAY);
227
0f37d0c8 228 error = zpl_xattr_filldir(xf, nvpair_name(nvp),
d1d7e268 229 strlen(nvpair_name(nvp)));
82a37189
BB		 230 if (error)
231 return (error);
232 }
233
234 return (0);
235}
236
237ssize_t
238zpl_xattr_list(struct dentry *dentry, char *buffer, size_t buffer_size)
239{
240 znode_t *zp = ITOZ(dentry->d_inode);
0037b49e 241 zfsvfs_t *zfsvfs = ZTOZSB(zp);
4967a3eb 242 xattr_filldir_t xf = { buffer_size, 0, buffer, dentry };
82a37189 243 cred_t *cr = CRED();
7fad6290 244 fstrans_cookie_t cookie;
82a37189
BB		 245 int error = 0;
246
247 crhold(cr);
7fad6290 248 cookie = spl_fstrans_mark();
768eaced
CC		 249 if ((error = zpl_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
250 goto out1;
82a37189
BB		 251 rw_enter(&zp->z_xattr_lock, RW_READER);
252
0037b49e 253 if (zfsvfs->z_use_sa && zp->z_is_sa) {
82a37189
BB		 254 error = zpl_xattr_list_sa(&xf);
255 if (error)
256 goto out;
257 }
258
259 error = zpl_xattr_list_dir(&xf, cr);
cc5f931c
BB		 260 if (error)
261 goto out;
262
263 error = xf.offset;
264out:
cc5f931c 265
82a37189 266 rw_exit(&zp->z_xattr_lock);
768eaced
CC		 267 zpl_exit(zfsvfs, FTAG);
268out1:
7fad6290 269 spl_fstrans_unmark(cookie);
81e97e21 270 crfree(cr);
cc5f931c
BB		 271
272 return (error);
273}
274
275static int
82a37189
BB		 276zpl_xattr_get_dir(struct inode *ip, const char *name, void *value,
277 size_t size, cred_t *cr)
cc5f931c 278{
1c2358c1 279 fstrans_cookie_t cookie;
cc5f931c 280 struct inode *xip = NULL;
657ce253
MM		 281 znode_t *dxzp = NULL;
282 znode_t *xzp = NULL;
cc5f931c
BB		 283 int error;
284
cc5f931c 285 /* Lookup the xattr directory */
657ce253
MM		 286 error = -zfs_lookup(ITOZ(ip), NULL, &dxzp, LOOKUP_XATTR,
287 cr, NULL, NULL);
cc5f931c
BB		 288 if (error)
289 goto out;
290
291 /* Lookup a specific xattr name in the directory */
657ce253 292 error = -zfs_lookup(dxzp, (char *)name, &xzp, 0, cr, NULL, NULL);
cc5f931c
BB		 293 if (error)
294 goto out;
295
657ce253 296 xip = ZTOI(xzp);
cc5f931c
BB		 297 if (!size) {
298 error = i_size_read(xip);
299 goto out;
300 }
301
f7064211
BB		 302 if (size < i_size_read(xip)) {
303 error = -ERANGE;
304 goto out;
305 }
306
1c2358c1
BB		 307 struct iovec iov;
308 iov.iov_base = (void *)value;
309 iov.iov_len = size;
310
d0cd9a5c
BA		 311 zfs_uio_t uio;
312 zfs_uio_iovec_init(&uio, &iov, 1, 0, UIO_SYSSPACE, size, 0);
1c2358c1
BB		 313
314 cookie = spl_fstrans_mark();
315 error = -zfs_read(ITOZ(xip), &uio, 0, cr);
316 spl_fstrans_unmark(cookie);
317
318 if (error == 0)
d0cd9a5c 319 error = size - zfs_uio_resid(&uio);
cc5f931c 320out:
657ce253
MM		 321 if (xzp)
322 zrele(xzp);
cc5f931c 323
657ce253
MM		 324 if (dxzp)
325 zrele(dxzp);
cc5f931c 326
82a37189
BB		 327 return (error);
328}
329
330static int
331zpl_xattr_get_sa(struct inode *ip, const char *name, void *value, size_t size)
332{
333 znode_t *zp = ITOZ(ip);
334 uchar_t *nv_value;
335 uint_t nv_size;
336 int error = 0;
cc5f931c 337
82a37189
BB		 338 ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock));
339
340 mutex_enter(&zp->z_lock);
341 if (zp->z_xattr_cached == NULL)
342 error = -zfs_sa_get_xattr(zp);
343 mutex_exit(&zp->z_lock);
344
345 if (error)
346 return (error);
347
348 ASSERT(zp->z_xattr_cached);
349 error = -nvlist_lookup_byte_array(zp->z_xattr_cached, name,
350 &nv_value, &nv_size);
351 if (error)
352 return (error);
353
94183a9d 354 if (size == 0 || value == NULL)
82a37189
BB		 355 return (nv_size);
356
f7064211
BB		 357 if (size < nv_size)
358 return (-ERANGE);
359
360 memcpy(value, nv_value, nv_size);
82a37189 361
f7064211 362 return (nv_size);
82a37189
BB		 363}
364
365static int
366__zpl_xattr_get(struct inode *ip, const char *name, void *value, size_t size,
367 cred_t *cr)
368{
369 znode_t *zp = ITOZ(ip);
0037b49e 370 zfsvfs_t *zfsvfs = ZTOZSB(zp);
82a37189
BB		 371 int error;
372
373 ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock));
374
0037b49e 375 if (zfsvfs->z_use_sa && zp->z_is_sa) {
82a37189 376 error = zpl_xattr_get_sa(ip, name, value, size);
0377189b 377 if (error != -ENOENT)
82a37189
BB		 378 goto out;
379 }
380
381 error = zpl_xattr_get_dir(ip, name, value, size, cr);
382out:
cc5f931c
BB		 383 if (error == -ENOENT)
384 error = -ENODATA;
385
386 return (error);
387}
388
21f604d4
CC		 389#define XATTR_NOENT 0x0
390#define XATTR_IN_SA 0x1
391#define XATTR_IN_DIR 0x2
392/* check where the xattr resides */
393static int
394__zpl_xattr_where(struct inode *ip, const char *name, int *where, cred_t *cr)
395{
396 znode_t *zp = ITOZ(ip);
0037b49e 397 zfsvfs_t *zfsvfs = ZTOZSB(zp);
21f604d4
CC		 398 int error;
399
400 ASSERT(where);
401 ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock));
402
403 *where = XATTR_NOENT;
0037b49e 404 if (zfsvfs->z_use_sa && zp->z_is_sa) {
21f604d4
CC		 405 error = zpl_xattr_get_sa(ip, name, NULL, 0);
406 if (error >= 0)
407 *where |= XATTR_IN_SA;
408 else if (error != -ENOENT)
409 return (error);
410 }
411
412 error = zpl_xattr_get_dir(ip, name, NULL, 0, cr);
413 if (error >= 0)
414 *where |= XATTR_IN_DIR;
415 else if (error != -ENOENT)
416 return (error);
417
418 if (*where == (XATTR_IN_SA|XATTR_IN_DIR))
419 cmn_err(CE_WARN, "ZFS: inode %p has xattr \"%s\""
420 " in both SA and dir", ip, name);
421 if (*where == XATTR_NOENT)
422 error = -ENODATA;
423 else
424 error = 0;
425 return (error);
426}
427
cc5f931c 428static int
82a37189
BB		 429zpl_xattr_get(struct inode *ip, const char *name, void *value, size_t size)
430{
431 znode_t *zp = ITOZ(ip);
0037b49e 432 zfsvfs_t *zfsvfs = ZTOZSB(zp);
82a37189 433 cred_t *cr = CRED();
7fad6290 434 fstrans_cookie_t cookie;
82a37189
BB		 435 int error;
436
437 crhold(cr);
7fad6290 438 cookie = spl_fstrans_mark();
768eaced
CC		 439 if ((error = zpl_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
440 goto out;
82a37189
BB		 441 rw_enter(&zp->z_xattr_lock, RW_READER);
442 error = __zpl_xattr_get(ip, name, value, size, cr);
443 rw_exit(&zp->z_xattr_lock);
768eaced
CC		 444 zpl_exit(zfsvfs, FTAG);
445out:
7fad6290 446 spl_fstrans_unmark(cookie);
82a37189
BB		 447 crfree(cr);
448
449 return (error);
450}
451
452static int
453zpl_xattr_set_dir(struct inode *ip, const char *name, const void *value,
454 size_t size, int flags, cred_t *cr)
cc5f931c 455{
657ce253
MM		 456 znode_t *dxzp = NULL;
457 znode_t *xzp = NULL;
cc5f931c 458 vattr_t *vap = NULL;
fc9e0530 459 int lookup_flags, error;
bec30953 460 const int xattr_mode = S_IFREG | 0644;
cd3939c5 461 loff_t pos = 0;
cc5f931c 462
fc9e0530
BB		 463 /*
464 * Lookup the xattr directory. When we're adding an entry pass
465 * CREATE_XATTR_DIR to ensure the xattr directory is created.
466 * When removing an entry this flag is not passed to avoid
467 * unnecessarily creating a new xattr directory.
468 */
469 lookup_flags = LOOKUP_XATTR;
470 if (value != NULL)
471 lookup_flags |= CREATE_XATTR_DIR;
472
657ce253
MM		 473 error = -zfs_lookup(ITOZ(ip), NULL, &dxzp, lookup_flags,
474 cr, NULL, NULL);
cc5f931c
BB		 475 if (error)
476 goto out;
477
82a37189 478 /* Lookup a specific xattr name in the directory */
657ce253 479 error = -zfs_lookup(dxzp, (char *)name, &xzp, 0, cr, NULL, NULL);
82a37189
BB		 480 if (error && (error != -ENOENT))
481 goto out;
cc5f931c 482
cc5f931c
BB		 483 error = 0;
484
485 /* Remove a specific name xattr when value is set to NULL. */
486 if (value == NULL) {
657ce253
MM		 487 if (xzp)
488 error = -zfs_remove(dxzp, (char *)name, cr, 0);
cc5f931c
BB		 489
490 goto out;
491 }
492
493 /* Lookup failed create a new xattr. */
657ce253 494 if (xzp == NULL) {
d1d7e268 495 vap = kmem_zalloc(sizeof (vattr_t), KM_SLEEP);
bec30953 496 vap->va_mode = xattr_mode;
cc5f931c 497 vap->va_mask = ATTR_MODE;
d42979c6
RM		 498 vap->va_uid = crgetuid(cr);
499 vap->va_gid = crgetgid(cr);
cc5f931c 500
657ce253 501 error = -zfs_create(dxzp, (char *)name, vap, 0, 0644, &xzp,
d4dc53da 502 cr, ATTR_NOACLCHECK, NULL, zfs_init_idmap);
cc5f931c
BB		 503 if (error)
504 goto out;
505 }
506
657ce253 507 ASSERT(xzp != NULL);
bec30953 508
657ce253 509 error = -zfs_freesp(xzp, 0, 0, xattr_mode, TRUE);
bec30953
GB		 510 if (error)
511 goto out;
512
1c2358c1 513 error = -zfs_write_simple(xzp, value, size, pos, NULL);
cc5f931c 514out:
0107f698 515 if (error == 0) {
b37f2934 516 zpl_inode_set_ctime_to_ts(ip, current_time(ip));
0107f698
GK		 517 zfs_mark_inode_dirty(ip);
518 }
519
cc5f931c 520 if (vap)
d1d7e268 521 kmem_free(vap, sizeof (vattr_t));
cc5f931c 522
657ce253
MM		 523 if (xzp)
524 zrele(xzp);
cc5f931c 525
657ce253
MM		 526 if (dxzp)
527 zrele(dxzp);
cc5f931c 528
cc5f931c
BB		 529 if (error == -ENOENT)
530 error = -ENODATA;
531
532 ASSERT3S(error, <=, 0);
533
534 return (error);
535}
536
82a37189
BB		 537static int
538zpl_xattr_set_sa(struct inode *ip, const char *name, const void *value,
539 size_t size, int flags, cred_t *cr)
540{
541 znode_t *zp = ITOZ(ip);
542 nvlist_t *nvl;
543 size_t sa_size;
21f604d4
CC		 544 int error = 0;
545
546 mutex_enter(&zp->z_lock);
547 if (zp->z_xattr_cached == NULL)
548 error = -zfs_sa_get_xattr(zp);
549 mutex_exit(&zp->z_lock);
550
551 if (error)
552 return (error);
82a37189
BB		 553
554 ASSERT(zp->z_xattr_cached);
555 nvl = zp->z_xattr_cached;
556
557 if (value == NULL) {
558 error = -nvlist_remove(nvl, name, DATA_TYPE_BYTE_ARRAY);
559 if (error == -ENOENT)
560 error = zpl_xattr_set_dir(ip, name, NULL, 0, flags, cr);
561 } else {
562 /* Limited to 32k to keep nvpair memory allocations small */
563 if (size > DXATTR_MAX_ENTRY_SIZE)
564 return (-EFBIG);
565
566 /* Prevent the DXATTR SA from consuming the entire SA region */
567 error = -nvlist_size(nvl, &sa_size, NV_ENCODE_XDR);
568 if (error)
569 return (error);
570
571 if (sa_size > DXATTR_MAX_SA_SIZE)
572 return (-EFBIG);
573
574 error = -nvlist_add_byte_array(nvl, name,
575 (uchar_t *)value, size);
82a37189
BB		 576 }
577
43b4935e
NB		 578 /*
579 * Update the SA for additions, modifications, and removals. On
580 * error drop the inconsistent cached version of the nvlist, it
581 * will be reconstructed from the ARC when next accessed.
582 */
583 if (error == 0)
361a7e82 584 error = -zfs_sa_set_xattr(zp, name, value, size);
82a37189 585
43b4935e
NB		 586 if (error) {
587 nvlist_free(nvl);
588 zp->z_xattr_cached = NULL;
589 }
590
82a37189
BB		 591 ASSERT3S(error, <=, 0);
592
593 return (error);
594}
595
596static int
597zpl_xattr_set(struct inode *ip, const char *name, const void *value,
598 size_t size, int flags)
599{
600 znode_t *zp = ITOZ(ip);
0037b49e 601 zfsvfs_t *zfsvfs = ZTOZSB(zp);
82a37189 602 cred_t *cr = CRED();
7fad6290 603 fstrans_cookie_t cookie;
21f604d4 604 int where;
82a37189
BB		 605 int error;
606
607 crhold(cr);
7fad6290 608 cookie = spl_fstrans_mark();
768eaced
CC		 609 if ((error = zpl_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
610 goto out1;
c903a756 611 rw_enter(&zp->z_xattr_lock, RW_WRITER);
82a37189
BB		 612
613 /*
614 * Before setting the xattr check to see if it already exists.
615 * This is done to ensure the following optional flags are honored.
616 *
617 * XATTR_CREATE: fail if xattr already exists
618 * XATTR_REPLACE: fail if xattr does not exist
21f604d4
CC		 619 *
620 * We also want to know if it resides in sa or dir, so we can make
621 * sure we don't end up with duplicate in both places.
82a37189 622 */
21f604d4 623 error = __zpl_xattr_where(ip, name, &where, cr);
82a37189
BB		 624 if (error < 0) {
625 if (error != -ENODATA)
626 goto out;
fc9e0530
BB		 627 if (flags & XATTR_REPLACE)
628 goto out;
629
630 /* The xattr to be removed already doesn't exist */
631 error = 0;
632 if (value == NULL)
82a37189
BB		 633 goto out;
634 } else {
635 error = -EEXIST;
636 if (flags & XATTR_CREATE)
637 goto out;
638 }
639
640 /* Preferentially store the xattr as a SA for better performance */
0037b49e
BB		 641 if (zfsvfs->z_use_sa && zp->z_is_sa &&
642 (zfsvfs->z_xattr_sa || (value == NULL && where & XATTR_IN_SA))) {
82a37189 643 error = zpl_xattr_set_sa(ip, name, value, size, flags, cr);
21f604d4
CC		 644 if (error == 0) {
645 /*
646 * Successfully put into SA, we need to clear the one
647 * in dir.
648 */
649 if (where & XATTR_IN_DIR)
650 zpl_xattr_set_dir(ip, name, NULL, 0, 0, cr);
82a37189 651 goto out;
21f604d4 652 }
82a37189
BB		 653 }
654
655 error = zpl_xattr_set_dir(ip, name, value, size, flags, cr);
21f604d4
CC		 656 /*
657 * Successfully put into dir, we need to clear the one in SA.
658 */
659 if (error == 0 && (where & XATTR_IN_SA))
660 zpl_xattr_set_sa(ip, name, NULL, 0, 0, cr);
82a37189 661out:
c903a756 662 rw_exit(&zp->z_xattr_lock);
768eaced
CC		 663 zpl_exit(zfsvfs, FTAG);
664out1:
7fad6290 665 spl_fstrans_unmark(cookie);
82a37189
BB		 666 crfree(cr);
667 ASSERT3S(error, <=, 0);
668
669 return (error);
670}
671
4967a3eb
BB		 672/*
673 * Extended user attributes
674 *
675 * "Extended user attributes may be assigned to files and directories for
676 * storing arbitrary additional information such as the mime type,
677 * character set or encoding of a file. The access permissions for user
678 * attributes are defined by the file permission bits: read permission
679 * is required to retrieve the attribute value, and writer permission is
680 * required to change it.
681 *
682 * The file permission bits of regular files and directories are
683 * interpreted differently from the file permission bits of special
684 * files and symbolic links. For regular files and directories the file
685 * permission bits define access to the file's contents, while for
686 * device special files they define access to the device described by
687 * the special file. The file permissions of symbolic links are not
688 * used in access checks. These differences would allow users to
689 * consume filesystem resources in a way not controllable by disk quotas
690 * for group or world writable special files and directories.
691 *
692 * For this reason, extended user attributes are allowed only for
693 * regular files and directories, and access to extended user attributes
694 * is restricted to the owner and to users with appropriate capabilities
695 * for directories with the sticky bit set (see the chmod(1) manual page
696 * for an explanation of the sticky bit)." - xattr(7)
697 *
698 * ZFS allows extended user attributes to be disabled administratively
699 * by setting the 'xattr=off' property on the dataset.
700 */
701static int
702__zpl_xattr_user_list(struct inode *ip, char *list, size_t list_size,
703 const char *name, size_t name_len)
704{
705 return (ITOZSB(ip)->z_flags & ZSB_XATTR);
706}
707ZPL_XATTR_LIST_WRAPPER(zpl_xattr_user_list);
708
cc5f931c 709static int
f9637c6c 710__zpl_xattr_user_get(struct inode *ip, const char *name,
82a37189 711 void *value, size_t size)
cc5f931c 712{
cc5f931c 713 int error;
232604b5
CC		 714 /* xattr_resolve_name will do this for us if this is defined */
715#ifndef HAVE_XATTR_HANDLER_NAME
cc5f931c 716 if (strcmp(name, "") == 0)
d1d7e268 717 return (-EINVAL);
232604b5 718#endif
5c006134
RM		 719 if (ZFS_XA_NS_PREFIX_FORBIDDEN(name))
720 return (-EINVAL);
2cf7f52b 721 if (!(ITOZSB(ip)->z_flags & ZSB_XATTR))
d1d7e268 722 return (-EOPNOTSUPP);
cc5f931c 723
5c006134
RM		 724 /*
725 * Try to look up the name with the namespace prefix first for
726 * compatibility with xattrs from this platform. If that fails,
727 * try again without the namespace prefix for compatibility with
728 * other platforms.
729 */
730 char *xattr_name = kmem_asprintf("%s%s", XATTR_USER_PREFIX, name);
82a37189 731 error = zpl_xattr_get(ip, xattr_name, value, size);
e4f5fa12 732 kmem_strfree(xattr_name);
5c006134
RM		 733 if (error == -ENODATA)
734 error = zpl_xattr_get(ip, name, value, size);
cc5f931c
BB		 735
736 return (error);
737}
f9637c6c 738ZPL_XATTR_GET_WRAPPER(zpl_xattr_user_get);
cc5f931c
BB		 739
740static int
d4dc53da 741__zpl_xattr_user_set(zidmap_t *user_ns,
f224eddf 742 struct inode *ip, const char *name,
cc5f931c
BB		 743 const void *value, size_t size, int flags)
744{
f224eddf 745 (void) user_ns;
5c006134 746 int error = 0;
232604b5
CC		 747 /* xattr_resolve_name will do this for us if this is defined */
748#ifndef HAVE_XATTR_HANDLER_NAME
cc5f931c 749 if (strcmp(name, "") == 0)
d1d7e268 750 return (-EINVAL);
232604b5 751#endif
5c006134
RM		 752 if (ZFS_XA_NS_PREFIX_FORBIDDEN(name))
753 return (-EINVAL);
2cf7f52b 754 if (!(ITOZSB(ip)->z_flags & ZSB_XATTR))
d1d7e268 755 return (-EOPNOTSUPP);
cc5f931c 756
5c006134
RM		 757 /*
758 * Remove alternate compat version of the xattr so we only set the
759 * version specified by the zfs_xattr_compat tunable.
760 *
761 * The following flags must be handled correctly:
762 *
763 * XATTR_CREATE: fail if xattr already exists
764 * XATTR_REPLACE: fail if xattr does not exist
765 */
766 char *prefixed_name = kmem_asprintf("%s%s", XATTR_USER_PREFIX, name);
767 const char *clear_name, *set_name;
768 if (zfs_xattr_compat) {
769 clear_name = prefixed_name;
770 set_name = name;
771 } else {
772 clear_name = name;
773 set_name = prefixed_name;
774 }
775 /*
776 * Clear the old value with the alternative name format, if it exists.
777 */
778 error = zpl_xattr_set(ip, clear_name, NULL, 0, flags);
779 /*
780 * XATTR_CREATE was specified and we failed to clear the xattr
781 * because it already exists. Stop here.
782 */
783 if (error == -EEXIST)
784 goto out;
785 /*
786 * If XATTR_REPLACE was specified and we succeeded to clear
787 * an xattr, we don't need to replace anything when setting
788 * the new value. If we failed with -ENODATA that's fine,
789 * there was nothing to be cleared and we can ignore the error.
790 */
791 if (error == 0)
792 flags &= ~XATTR_REPLACE;
793 /*
794 * Set the new value with the configured name format.
795 */
796 error = zpl_xattr_set(ip, set_name, value, size, flags);
797out:
798 kmem_strfree(prefixed_name);
cc5f931c
BB		 799 return (error);
800}
f9637c6c 801ZPL_XATTR_SET_WRAPPER(zpl_xattr_user_set);
cc5f931c 802
18168da7 803static xattr_handler_t zpl_xattr_user_handler =
4967a3eb 804{
cc5f931c 805 .prefix = XATTR_USER_PREFIX,
4967a3eb 806 .list = zpl_xattr_user_list,
cc5f931c
BB		 807 .get = zpl_xattr_user_get,
808 .set = zpl_xattr_user_set,
809};
810
4967a3eb
BB		 811/*
812 * Trusted extended attributes
813 *
814 * "Trusted extended attributes are visible and accessible only to
815 * processes that have the CAP_SYS_ADMIN capability. Attributes in this
816 * class are used to implement mechanisms in user space (i.e., outside
817 * the kernel) which keep information in extended attributes to which
818 * ordinary processes should not have access." - xattr(7)
819 */
820static int
821__zpl_xattr_trusted_list(struct inode *ip, char *list, size_t list_size,
822 const char *name, size_t name_len)
823{
824 return (capable(CAP_SYS_ADMIN));
825}
826ZPL_XATTR_LIST_WRAPPER(zpl_xattr_trusted_list);
827
cc5f931c 828static int
f9637c6c 829__zpl_xattr_trusted_get(struct inode *ip, const char *name,
82a37189 830 void *value, size_t size)
cc5f931c
BB		 831{
832 char *xattr_name;
833 int error;
834
835 if (!capable(CAP_SYS_ADMIN))
d1d7e268 836 return (-EACCES);
232604b5
CC		 837 /* xattr_resolve_name will do this for us if this is defined */
838#ifndef HAVE_XATTR_HANDLER_NAME
cc5f931c 839 if (strcmp(name, "") == 0)
d1d7e268 840 return (-EINVAL);
232604b5 841#endif
cc5f931c 842 xattr_name = kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX, name);
82a37189 843 error = zpl_xattr_get(ip, xattr_name, value, size);
e4f5fa12 844 kmem_strfree(xattr_name);
cc5f931c
BB		 845
846 return (error);
847}
f9637c6c 848ZPL_XATTR_GET_WRAPPER(zpl_xattr_trusted_get);
cc5f931c
BB		 849
850static int
d4dc53da 851__zpl_xattr_trusted_set(zidmap_t *user_ns,
f224eddf 852 struct inode *ip, const char *name,
cc5f931c
BB		 853 const void *value, size_t size, int flags)
854{
f224eddf 855 (void) user_ns;
cc5f931c
BB		 856 char *xattr_name;
857 int error;
858
859 if (!capable(CAP_SYS_ADMIN))
d1d7e268 860 return (-EACCES);
232604b5
CC		 861 /* xattr_resolve_name will do this for us if this is defined */
862#ifndef HAVE_XATTR_HANDLER_NAME
cc5f931c 863 if (strcmp(name, "") == 0)
d1d7e268 864 return (-EINVAL);
232604b5 865#endif
cc5f931c
BB		 866 xattr_name = kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX, name);
867 error = zpl_xattr_set(ip, xattr_name, value, size, flags);
e4f5fa12 868 kmem_strfree(xattr_name);
cc5f931c
BB		 869
870 return (error);
871}
f9637c6c 872ZPL_XATTR_SET_WRAPPER(zpl_xattr_trusted_set);
cc5f931c 873
18168da7 874static xattr_handler_t zpl_xattr_trusted_handler = {
cc5f931c 875 .prefix = XATTR_TRUSTED_PREFIX,
4967a3eb 876 .list = zpl_xattr_trusted_list,
cc5f931c
BB		 877 .get = zpl_xattr_trusted_get,
878 .set = zpl_xattr_trusted_set,
879};
880
4967a3eb
BB		 881/*
882 * Extended security attributes
883 *
884 * "The security attribute namespace is used by kernel security modules,
885 * such as Security Enhanced Linux, and also to implement file
886 * capabilities (see capabilities(7)). Read and write access
887 * permissions to security attributes depend on the policy implemented
888 * for each security attribute by the security module. When no security
889 * module is loaded, all processes have read access to extended security
890 * attributes, and write access is limited to processes that have the
891 * CAP_SYS_ADMIN capability." - xattr(7)
892 */
893static int
894__zpl_xattr_security_list(struct inode *ip, char *list, size_t list_size,
895 const char *name, size_t name_len)
896{
897 return (1);
898}
899ZPL_XATTR_LIST_WRAPPER(zpl_xattr_security_list);
900
cc5f931c 901static int
f9637c6c 902__zpl_xattr_security_get(struct inode *ip, const char *name,
82a37189 903 void *value, size_t size)
cc5f931c
BB		 904{
905 char *xattr_name;
906 int error;
232604b5
CC		 907 /* xattr_resolve_name will do this for us if this is defined */
908#ifndef HAVE_XATTR_HANDLER_NAME
cc5f931c 909 if (strcmp(name, "") == 0)
d1d7e268 910 return (-EINVAL);
232604b5 911#endif
cc5f931c 912 xattr_name = kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX, name);
82a37189 913 error = zpl_xattr_get(ip, xattr_name, value, size);
e4f5fa12 914 kmem_strfree(xattr_name);
cc5f931c
BB		 915
916 return (error);
917}
f9637c6c 918ZPL_XATTR_GET_WRAPPER(zpl_xattr_security_get);
cc5f931c
BB		 919
920static int
d4dc53da 921__zpl_xattr_security_set(zidmap_t *user_ns,
f224eddf 922 struct inode *ip, const char *name,
cc5f931c
BB		 923 const void *value, size_t size, int flags)
924{
f224eddf 925 (void) user_ns;
cc5f931c
BB		 926 char *xattr_name;
927 int error;
232604b5
CC		 928 /* xattr_resolve_name will do this for us if this is defined */
929#ifndef HAVE_XATTR_HANDLER_NAME
cc5f931c 930 if (strcmp(name, "") == 0)
d1d7e268 931 return (-EINVAL);
232604b5 932#endif
cc5f931c
BB		 933 xattr_name = kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX, name);
934 error = zpl_xattr_set(ip, xattr_name, value, size, flags);
e4f5fa12 935 kmem_strfree(xattr_name);
cc5f931c
BB		 936
937 return (error);
938}
f9637c6c 939ZPL_XATTR_SET_WRAPPER(zpl_xattr_security_set);
cc5f931c 940
166dd49d 941static int
066e8252 942zpl_xattr_security_init_impl(struct inode *ip, const struct xattr *xattrs,
166dd49d
BB		 943 void *fs_info)
944{
945 const struct xattr *xattr;
946 int error = 0;
947
948 for (xattr = xattrs; xattr->name != NULL; xattr++) {
f224eddf 949 error = __zpl_xattr_security_set(NULL, ip,
166dd49d
BB		 950 xattr->name, xattr->value, xattr->value_len, 0);
951
952 if (error < 0)
953 break;
954 }
955
96b91ef0 956 return (error);
166dd49d
BB		 957}
958
959int
960zpl_xattr_security_init(struct inode *ip, struct inode *dip,
961 const struct qstr *qstr)
962{
963 return security_inode_init_security(ip, dip, qstr,
066e8252 964 &zpl_xattr_security_init_impl, NULL);
cc5f931c
BB		 965}
966
4967a3eb
BB		 967/*
968 * Security xattr namespace handlers.
969 */
18168da7 970static xattr_handler_t zpl_xattr_security_handler = {
cc5f931c 971 .prefix = XATTR_SECURITY_PREFIX,
4967a3eb 972 .list = zpl_xattr_security_list,
cc5f931c
BB		 973 .get = zpl_xattr_security_get,
974 .set = zpl_xattr_security_set,
975};
976
4967a3eb
BB		 977/*
978 * Extended system attributes
979 *
980 * "Extended system attributes are used by the kernel to store system
981 * objects such as Access Control Lists. Read and write access permissions
982 * to system attributes depend on the policy implemented for each system
983 * attribute implemented by filesystems in the kernel." - xattr(7)
984 */
b695c34e 985#ifdef CONFIG_FS_POSIX_ACL
ba646e3e
RE		 986static int
987zpl_set_acl_impl(struct inode *ip, struct posix_acl *acl, int type)
023699cd 988{
023699cd
MM		 989 char *name, *value = NULL;
990 int error = 0;
991 size_t size = 0;
992
993 if (S_ISLNK(ip->i_mode))
994 return (-EOPNOTSUPP);
995
d1d7e268 996 switch (type) {
023699cd 997 case ACL_TYPE_ACCESS:
4967a3eb 998 name = XATTR_NAME_POSIX_ACL_ACCESS;
023699cd 999 if (acl) {
066e8252 1000 umode_t mode = ip->i_mode;
023699cd
MM		 1001 error = posix_acl_equiv_mode(acl, &mode);
1002 if (error < 0) {
1003 return (error);
1004 } else {
1005 /*
1006 * The mode bits will have been set by
1007 * ->zfs_setattr()->zfs_acl_chmod_setattr()
1008 * using the ZFS ACL conversion. If they
1009 * differ from the Posix ACL conversion dirty
1010 * the inode to write the Posix mode bits.
1011 */
1012 if (ip->i_mode != mode) {
e7d90362 1013 ip->i_mode = ITOZ(ip)->z_mode = mode;
b37f2934
CK		 1014 zpl_inode_set_ctime_to_ts(ip,
1015 current_time(ip));
1e8db771 1016 zfs_mark_inode_dirty(ip);
023699cd
MM		 1017 }
1018
1019 if (error == 0)
1020 acl = NULL;
1021 }
1022 }
1023 break;
1024
1025 case ACL_TYPE_DEFAULT:
98f03691 1026 name = XATTR_NAME_POSIX_ACL_DEFAULT;
023699cd
MM		 1027 if (!S_ISDIR(ip->i_mode))
1028 return (acl ? -EACCES : 0);
1029 break;
1030
1031 default:
1032 return (-EINVAL);
1033 }
1034
1035 if (acl) {
1036 size = posix_acl_xattr_size(acl->a_count);
1037 value = kmem_alloc(size, KM_SLEEP);
1038
1039 error = zpl_acl_to_xattr(acl, value, size);
1040 if (error < 0) {
1041 kmem_free(value, size);
1042 return (error);
1043 }
1044 }
1045
1046 error = zpl_xattr_set(ip, name, value, size, 0);
1047 if (value)
1048 kmem_free(value, size);
1049
1050 if (!error) {
1051 if (acl)
1052 zpl_set_cached_acl(ip, type, acl);
1053 else
1054 zpl_forget_cached_acl(ip, type);
1055 }
1056
1057 return (error);
1058}
1059
ba646e3e
RE		 1060#ifdef HAVE_SET_ACL
1061int
1062#ifdef HAVE_SET_ACL_USERNS
1063zpl_set_acl(struct user_namespace *userns, struct inode *ip,
1064 struct posix_acl *acl, int type)
d4dc53da
YY		 1065#elif defined(HAVE_SET_ACL_IDMAP_DENTRY)
1066zpl_set_acl(struct mnt_idmap *userns, struct dentry *dentry,
1067 struct posix_acl *acl, int type)
9cd71c86
CK		 1068#elif defined(HAVE_SET_ACL_USERNS_DENTRY_ARG2)
1069zpl_set_acl(struct user_namespace *userns, struct dentry *dentry,
1070 struct posix_acl *acl, int type)
ba646e3e
RE		 1071#else
1072zpl_set_acl(struct inode *ip, struct posix_acl *acl, int type)
1073#endif /* HAVE_SET_ACL_USERNS */
1074{
9cd71c86
CK		 1075#ifdef HAVE_SET_ACL_USERNS_DENTRY_ARG2
1076 return (zpl_set_acl_impl(d_inode(dentry), acl, type));
d4dc53da
YY		 1077#elif defined(HAVE_SET_ACL_IDMAP_DENTRY)
1078 return (zpl_set_acl_impl(d_inode(dentry), acl, type));
9cd71c86 1079#else
ba646e3e 1080 return (zpl_set_acl_impl(ip, acl, type));
9cd71c86 1081#endif /* HAVE_SET_ACL_USERNS_DENTRY_ARG2 */
ba646e3e
RE		 1082}
1083#endif /* HAVE_SET_ACL */
1084
2079111f
BB		 1085static struct posix_acl *
1086zpl_get_acl_impl(struct inode *ip, int type)
023699cd
MM		 1087{
1088 struct posix_acl *acl;
1089 void *value = NULL;
1090 char *name;
023699cd 1091
afb6c031
CC		 1092 /*
1093 * As of Linux 3.14, the kernel get_acl will check this for us.
1094 * Also as of Linux 4.7, comparing against ACL_NOT_CACHED is wrong
1095 * as the kernel get_acl will set it to temporary sentinel value.
1096 */
1097#ifndef HAVE_KERNEL_GET_ACL_HANDLE_CACHE
023699cd
MM		 1098 acl = get_cached_acl(ip, type);
1099 if (acl != ACL_NOT_CACHED)
1100 return (acl);
afb6c031 1101#endif
023699cd
MM		 1102
1103 switch (type) {
1104 case ACL_TYPE_ACCESS:
4967a3eb 1105 name = XATTR_NAME_POSIX_ACL_ACCESS;
023699cd
MM		 1106 break;
1107 case ACL_TYPE_DEFAULT:
4967a3eb 1108 name = XATTR_NAME_POSIX_ACL_DEFAULT;
023699cd
MM		 1109 break;
1110 default:
d1d7e268 1111 return (ERR_PTR(-EINVAL));
023699cd
MM		 1112 }
1113
2079111f 1114 int size = zpl_xattr_get(ip, name, NULL, 0);
023699cd 1115 if (size > 0) {
79c76d5b 1116 value = kmem_alloc(size, KM_SLEEP);
023699cd
MM		 1117 size = zpl_xattr_get(ip, name, value, size);
1118 }
1119
1120 if (size > 0) {
1121 acl = zpl_acl_from_xattr(value, size);
1122 } else if (size == -ENODATA || size == -ENOSYS) {
1123 acl = NULL;
1124 } else {
1125 acl = ERR_PTR(-EIO);
1126 }
1127
1128 if (size > 0)
1129 kmem_free(value, size);
1130
afb6c031
CC		 1131 /* As of Linux 4.7, the kernel get_acl will set this for us */
1132#ifndef HAVE_KERNEL_GET_ACL_HANDLE_CACHE
023699cd
MM		 1133 if (!IS_ERR(acl))
1134 zpl_set_cached_acl(ip, type, acl);
afb6c031 1135#endif
023699cd
MM		 1136
1137 return (acl);
1138}
1139
884a6935 1140#if defined(HAVE_GET_ACL_RCU) || defined(HAVE_GET_INODE_ACL)
2079111f
BB		 1141struct posix_acl *
1142zpl_get_acl(struct inode *ip, int type, bool rcu)
1143{
1144 if (rcu)
1145 return (ERR_PTR(-ECHILD));
1146
1147 return (zpl_get_acl_impl(ip, type));
1148}
1149#elif defined(HAVE_GET_ACL)
1150struct posix_acl *
1151zpl_get_acl(struct inode *ip, int type)
1152{
1153 return (zpl_get_acl_impl(ip, type));
1154}
1155#else
1156#error "Unsupported iops->get_acl() implementation"
1157#endif /* HAVE_GET_ACL_RCU */
1158
023699cd
MM		 1159int
1160zpl_init_acl(struct inode *ip, struct inode *dir)
1161{
1162 struct posix_acl *acl = NULL;
1163 int error = 0;
1164
7ead2be3 1165 if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX)
023699cd
MM		 1166 return (0);
1167
1168 if (!S_ISLNK(ip->i_mode)) {
2079111f 1169 acl = zpl_get_acl_impl(dir, ACL_TYPE_DEFAULT);
6993e012
TK		 1170 if (IS_ERR(acl))
1171 return (PTR_ERR(acl));
023699cd 1172 if (!acl) {
e7d90362 1173 ITOZ(ip)->z_mode = (ip->i_mode &= ~current_umask());
b37f2934 1174 zpl_inode_set_ctime_to_ts(ip, current_time(ip));
1e8db771 1175 zfs_mark_inode_dirty(ip);
023699cd
MM		 1176 return (0);
1177 }
1178 }
1179
6993e012 1180 if (acl) {
023699cd
MM		 1181 umode_t mode;
1182
1183 if (S_ISDIR(ip->i_mode)) {
ba646e3e 1184 error = zpl_set_acl_impl(ip, acl, ACL_TYPE_DEFAULT);
023699cd
MM		 1185 if (error)
1186 goto out;
1187 }
1188
1189 mode = ip->i_mode;
408ec0d2 1190 error = __posix_acl_create(&acl, GFP_KERNEL, &mode);
023699cd 1191 if (error >= 0) {
e7d90362 1192 ip->i_mode = ITOZ(ip)->z_mode = mode;
1e8db771 1193 zfs_mark_inode_dirty(ip);
ba646e3e
RE		 1194 if (error > 0) {
1195 error = zpl_set_acl_impl(ip, acl,
1196 ACL_TYPE_ACCESS);
1197 }
023699cd
MM		 1198 }
1199 }
1200out:
1201 zpl_posix_acl_release(acl);
1202
1203 return (error);
1204}
1205
1206int
1207zpl_chmod_acl(struct inode *ip)
1208{
1209 struct posix_acl *acl;
1210 int error;
1211
7ead2be3 1212 if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX)
023699cd
MM		 1213 return (0);
1214
1215 if (S_ISLNK(ip->i_mode))
1216 return (-EOPNOTSUPP);
1217
2079111f 1218 acl = zpl_get_acl_impl(ip, ACL_TYPE_ACCESS);
023699cd
MM		 1219 if (IS_ERR(acl) || !acl)
1220 return (PTR_ERR(acl));
1221
408ec0d2 1222 error = __posix_acl_chmod(&acl, GFP_KERNEL, ip->i_mode);
023699cd 1223 if (!error)
ba646e3e 1224 error = zpl_set_acl_impl(ip, acl, ACL_TYPE_ACCESS);
023699cd
MM		 1225
1226 zpl_posix_acl_release(acl);
1227
1228 return (error);
1229}
1230
4967a3eb
BB		 1231static int
1232__zpl_xattr_acl_list_access(struct inode *ip, char *list, size_t list_size,
1233 const char *name, size_t name_len)
023699cd 1234{
4967a3eb
BB		 1235 char *xattr_name = XATTR_NAME_POSIX_ACL_ACCESS;
1236 size_t xattr_size = sizeof (XATTR_NAME_POSIX_ACL_ACCESS);
023699cd 1237
7ead2be3 1238 if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX)
023699cd
MM		 1239 return (0);
1240
023699cd
MM		 1241 if (list && xattr_size <= list_size)
1242 memcpy(list, xattr_name, xattr_size);
1243
1244 return (xattr_size);
1245}
4967a3eb 1246ZPL_XATTR_LIST_WRAPPER(zpl_xattr_acl_list_access);
023699cd 1247
4967a3eb
BB		 1248static int
1249__zpl_xattr_acl_list_default(struct inode *ip, char *list, size_t list_size,
1250 const char *name, size_t name_len)
61d482f7 1251{
4967a3eb
BB		 1252 char *xattr_name = XATTR_NAME_POSIX_ACL_DEFAULT;
1253 size_t xattr_size = sizeof (XATTR_NAME_POSIX_ACL_DEFAULT);
61d482f7 1254
7ead2be3 1255 if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX)
4967a3eb 1256 return (0);
023699cd 1257
4967a3eb
BB		 1258 if (list && xattr_size <= list_size)
1259 memcpy(list, xattr_name, xattr_size);
023699cd 1260
4967a3eb 1261 return (xattr_size);
023699cd 1262}
4967a3eb 1263ZPL_XATTR_LIST_WRAPPER(zpl_xattr_acl_list_default);
023699cd
MM		 1264
1265static int
4967a3eb
BB		 1266__zpl_xattr_acl_get_access(struct inode *ip, const char *name,
1267 void *buffer, size_t size)
023699cd
MM		 1268{
1269 struct posix_acl *acl;
4967a3eb 1270 int type = ACL_TYPE_ACCESS;
023699cd 1271 int error;
232604b5
CC		 1272 /* xattr_resolve_name will do this for us if this is defined */
1273#ifndef HAVE_XATTR_HANDLER_NAME
023699cd
MM		 1274 if (strcmp(name, "") != 0)
1275 return (-EINVAL);
232604b5 1276#endif
7ead2be3 1277 if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX)
023699cd
MM		 1278 return (-EOPNOTSUPP);
1279
2079111f 1280 acl = zpl_get_acl_impl(ip, type);
023699cd
MM		 1281 if (IS_ERR(acl))
1282 return (PTR_ERR(acl));
1283 if (acl == NULL)
1284 return (-ENODATA);
1285
1286 error = zpl_acl_to_xattr(acl, buffer, size);
1287 zpl_posix_acl_release(acl);
1288
1289 return (error);
1290}
4967a3eb 1291ZPL_XATTR_GET_WRAPPER(zpl_xattr_acl_get_access);
023699cd
MM		 1292
1293static int
4967a3eb
BB		 1294__zpl_xattr_acl_get_default(struct inode *ip, const char *name,
1295 void *buffer, size_t size)
023699cd 1296{
4967a3eb
BB		 1297 struct posix_acl *acl;
1298 int type = ACL_TYPE_DEFAULT;
1299 int error;
232604b5
CC		 1300 /* xattr_resolve_name will do this for us if this is defined */
1301#ifndef HAVE_XATTR_HANDLER_NAME
4967a3eb
BB		 1302 if (strcmp(name, "") != 0)
1303 return (-EINVAL);
232604b5 1304#endif
7ead2be3 1305 if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX)
4967a3eb 1306 return (-EOPNOTSUPP);
61d482f7 1307
2079111f 1308 acl = zpl_get_acl_impl(ip, type);
4967a3eb
BB		 1309 if (IS_ERR(acl))
1310 return (PTR_ERR(acl));
1311 if (acl == NULL)
1312 return (-ENODATA);
023699cd 1313
4967a3eb
BB		 1314 error = zpl_acl_to_xattr(acl, buffer, size);
1315 zpl_posix_acl_release(acl);
023699cd 1316
4967a3eb 1317 return (error);
023699cd 1318}
4967a3eb 1319ZPL_XATTR_GET_WRAPPER(zpl_xattr_acl_get_default);
023699cd
MM		 1320
1321static int
d4dc53da 1322__zpl_xattr_acl_set_access(zidmap_t *mnt_ns,
f224eddf 1323 struct inode *ip, const char *name,
4967a3eb 1324 const void *value, size_t size, int flags)
023699cd
MM		 1325{
1326 struct posix_acl *acl;
4967a3eb 1327 int type = ACL_TYPE_ACCESS;
023699cd 1328 int error = 0;
232604b5
CC		 1329 /* xattr_resolve_name will do this for us if this is defined */
1330#ifndef HAVE_XATTR_HANDLER_NAME
023699cd
MM		 1331 if (strcmp(name, "") != 0)
1332 return (-EINVAL);
232604b5 1333#endif
7ead2be3 1334 if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX)
023699cd
MM		 1335 return (-EOPNOTSUPP);
1336
d4dc53da 1337#if defined(HAVE_XATTR_SET_USERNS) || defined(HAVE_XATTR_SET_IDMAP)
f224eddf
YY		 1338 if (!zpl_inode_owner_or_capable(mnt_ns, ip))
1339 return (-EPERM);
1340#else
1341 (void) mnt_ns;
d4dc53da 1342 if (!zpl_inode_owner_or_capable(zfs_init_idmap, ip))
023699cd 1343 return (-EPERM);
f224eddf 1344#endif
023699cd
MM		 1345
1346 if (value) {
1347 acl = zpl_acl_from_xattr(value, size);
1348 if (IS_ERR(acl))
1349 return (PTR_ERR(acl));
1350 else if (acl) {
4b908d32 1351 error = zpl_posix_acl_valid(ip, acl);
023699cd
MM		 1352 if (error) {
1353 zpl_posix_acl_release(acl);
1354 return (error);
1355 }
1356 }
1357 } else {
1358 acl = NULL;
1359 }
ba646e3e 1360 error = zpl_set_acl_impl(ip, acl, type);
023699cd
MM		 1361 zpl_posix_acl_release(acl);
1362
1363 return (error);
1364}
4967a3eb 1365ZPL_XATTR_SET_WRAPPER(zpl_xattr_acl_set_access);
023699cd 1366
023699cd 1367static int
d4dc53da 1368__zpl_xattr_acl_set_default(zidmap_t *mnt_ns,
f224eddf 1369 struct inode *ip, const char *name,
4967a3eb 1370 const void *value, size_t size, int flags)
023699cd 1371{
4967a3eb
BB		 1372 struct posix_acl *acl;
1373 int type = ACL_TYPE_DEFAULT;
1374 int error = 0;
232604b5
CC		 1375 /* xattr_resolve_name will do this for us if this is defined */
1376#ifndef HAVE_XATTR_HANDLER_NAME
4967a3eb
BB		 1377 if (strcmp(name, "") != 0)
1378 return (-EINVAL);
232604b5 1379#endif
7ead2be3 1380 if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX)
4967a3eb 1381 return (-EOPNOTSUPP);
61d482f7 1382
d4dc53da 1383#if defined(HAVE_XATTR_SET_USERNS) || defined(HAVE_XATTR_SET_IDMAP)
f224eddf
YY		 1384 if (!zpl_inode_owner_or_capable(mnt_ns, ip))
1385 return (-EPERM);
1386#else
1387 (void) mnt_ns;
d4dc53da 1388 if (!zpl_inode_owner_or_capable(zfs_init_idmap, ip))
4967a3eb 1389 return (-EPERM);
f224eddf 1390#endif
61d482f7 1391
4967a3eb
BB		 1392 if (value) {
1393 acl = zpl_acl_from_xattr(value, size);
1394 if (IS_ERR(acl))
1395 return (PTR_ERR(acl));
1396 else if (acl) {
4b908d32 1397 error = zpl_posix_acl_valid(ip, acl);
4967a3eb
BB		 1398 if (error) {
1399 zpl_posix_acl_release(acl);
1400 return (error);
1401 }
1402 }
1403 } else {
1404 acl = NULL;
1405 }
023699cd 1406
ba646e3e 1407 error = zpl_set_acl_impl(ip, acl, type);
4967a3eb 1408 zpl_posix_acl_release(acl);
023699cd 1409
4967a3eb 1410 return (error);
023699cd 1411}
4967a3eb 1412ZPL_XATTR_SET_WRAPPER(zpl_xattr_acl_set_default);
023699cd 1413
4967a3eb
BB		 1414/*
1415 * ACL access xattr namespace handlers.
232604b5
CC		 1416 *
1417 * Use .name instead of .prefix when available. xattr_resolve_name will match
1418 * whole name and reject anything that has .name only as prefix.
4967a3eb 1419 */
18168da7 1420static xattr_handler_t zpl_xattr_acl_access_handler = {
232604b5
CC		 1421#ifdef HAVE_XATTR_HANDLER_NAME
1422 .name = XATTR_NAME_POSIX_ACL_ACCESS,
1423#else
4967a3eb 1424 .prefix = XATTR_NAME_POSIX_ACL_ACCESS,
232604b5 1425#endif
023699cd
MM		 1426 .list = zpl_xattr_acl_list_access,
1427 .get = zpl_xattr_acl_get_access,
1428 .set = zpl_xattr_acl_set_access,
4967a3eb
BB		 1429#if defined(HAVE_XATTR_LIST_SIMPLE) || \
1430 defined(HAVE_XATTR_LIST_DENTRY) || \
1431 defined(HAVE_XATTR_LIST_HANDLER)
023699cd 1432 .flags = ACL_TYPE_ACCESS,
4967a3eb 1433#endif
023699cd
MM		 1434};
1435
4967a3eb
BB		 1436/*
1437 * ACL default xattr namespace handlers.
232604b5
CC		 1438 *
1439 * Use .name instead of .prefix when available. xattr_resolve_name will match
1440 * whole name and reject anything that has .name only as prefix.
4967a3eb 1441 */
18168da7 1442static xattr_handler_t zpl_xattr_acl_default_handler = {
232604b5
CC		 1443#ifdef HAVE_XATTR_HANDLER_NAME
1444 .name = XATTR_NAME_POSIX_ACL_DEFAULT,
1445#else
4967a3eb 1446 .prefix = XATTR_NAME_POSIX_ACL_DEFAULT,
232604b5 1447#endif
023699cd
MM		 1448 .list = zpl_xattr_acl_list_default,
1449 .get = zpl_xattr_acl_get_default,
1450 .set = zpl_xattr_acl_set_default,
4967a3eb
BB		 1451#if defined(HAVE_XATTR_LIST_SIMPLE) || \
1452 defined(HAVE_XATTR_LIST_DENTRY) || \
1453 defined(HAVE_XATTR_LIST_HANDLER)
023699cd 1454 .flags = ACL_TYPE_DEFAULT,
4967a3eb 1455#endif
023699cd
MM		 1456};
1457
b695c34e
MM		 1458#endif /* CONFIG_FS_POSIX_ACL */
1459
777d4af8 1460xattr_handler_t *zpl_xattr_handlers[] = {
cc5f931c
BB		 1461 &zpl_xattr_security_handler,
1462 &zpl_xattr_trusted_handler,
1463 &zpl_xattr_user_handler,
b695c34e 1464#ifdef CONFIG_FS_POSIX_ACL
cc5f931c 1465 &zpl_xattr_acl_access_handler,
96b91ef0 1466 &zpl_xattr_acl_default_handler,
b695c34e 1467#endif /* CONFIG_FS_POSIX_ACL */
77a405ae 1468 NULL
cc5f931c 1469};
4967a3eb
BB		 1470
1471static const struct xattr_handler *
1472zpl_xattr_handler(const char *name)
1473{
1474 if (strncmp(name, XATTR_USER_PREFIX,
1475 XATTR_USER_PREFIX_LEN) == 0)
1476 return (&zpl_xattr_user_handler);
1477
1478 if (strncmp(name, XATTR_TRUSTED_PREFIX,
1479 XATTR_TRUSTED_PREFIX_LEN) == 0)
1480 return (&zpl_xattr_trusted_handler);
1481
1482 if (strncmp(name, XATTR_SECURITY_PREFIX,
1483 XATTR_SECURITY_PREFIX_LEN) == 0)
1484 return (&zpl_xattr_security_handler);
1485
1486#ifdef CONFIG_FS_POSIX_ACL
1487 if (strncmp(name, XATTR_NAME_POSIX_ACL_ACCESS,
1488 sizeof (XATTR_NAME_POSIX_ACL_ACCESS)) == 0)
1489 return (&zpl_xattr_acl_access_handler);
1490
1491 if (strncmp(name, XATTR_NAME_POSIX_ACL_DEFAULT,
1492 sizeof (XATTR_NAME_POSIX_ACL_DEFAULT)) == 0)
1493 return (&zpl_xattr_acl_default_handler);
1494#endif /* CONFIG_FS_POSIX_ACL */
1495
1496 return (NULL);
1497}
8e71ab99 1498
5c006134
RM		 1499static enum xattr_permission
1500zpl_xattr_permission(xattr_filldir_t *xf, const char *name, int name_len)
1501{
1502 const struct xattr_handler *handler;
1503 struct dentry *d __maybe_unused = xf->dentry;
1504 enum xattr_permission perm = XAPERM_ALLOW;
1505
1506 handler = zpl_xattr_handler(name);
1507 if (handler == NULL) {
1508 /* Do not expose FreeBSD system namespace xattrs. */
1509 if (ZFS_XA_NS_PREFIX_MATCH(FREEBSD, name))
1510 return (XAPERM_DENY);
1511 /*
1512 * Anything that doesn't match a known namespace gets put in the
1513 * user namespace for compatibility with other platforms.
1514 */
1515 perm = XAPERM_COMPAT;
1516 handler = &zpl_xattr_user_handler;
1517 }
1518
1519 if (handler->list) {
1520#if defined(HAVE_XATTR_LIST_SIMPLE)
1521 if (!handler->list(d))
1522 return (XAPERM_DENY);
1523#elif defined(HAVE_XATTR_LIST_DENTRY)
1524 if (!handler->list(d, NULL, 0, name, name_len, 0))
1525 return (XAPERM_DENY);
1526#elif defined(HAVE_XATTR_LIST_HANDLER)
1527 if (!handler->list(handler, d, NULL, 0, name, name_len))
1528 return (XAPERM_DENY);
1529#endif
1530 }
1531
1532 return (perm);
1533}
1534
98843196
DS		 1535#if defined(CONFIG_FS_POSIX_ACL) && \
1536 (!defined(HAVE_POSIX_ACL_RELEASE) || \
1537 defined(HAVE_POSIX_ACL_RELEASE_GPL_ONLY))
8e71ab99
CC		 1538struct acl_rel_struct {
1539 struct acl_rel_struct *next;
1540 struct posix_acl *acl;
1541 clock_t time;
1542};
1543
1544#define ACL_REL_GRACE (60*HZ)
1545#define ACL_REL_WINDOW (1*HZ)
1546#define ACL_REL_SCHED (ACL_REL_GRACE+ACL_REL_WINDOW)
1547
1548/*
1549 * Lockless multi-producer single-consumer fifo list.
1550 * Nodes are added to tail and removed from head. Tail pointer is our
1551 * synchronization point. It always points to the next pointer of the last
1552 * node, or head if list is empty.
1553 */
1554static struct acl_rel_struct *acl_rel_head = NULL;
1555static struct acl_rel_struct **acl_rel_tail = &acl_rel_head;
1556
1557static void
1558zpl_posix_acl_free(void *arg)
1559{
1560 struct acl_rel_struct *freelist = NULL;
1561 struct acl_rel_struct *a;
1562 clock_t new_time;
1563 boolean_t refire = B_FALSE;
1564
1565 ASSERT3P(acl_rel_head, !=, NULL);
1566 while (acl_rel_head) {
1567 a = acl_rel_head;
1568 if (ddi_get_lbolt() - a->time >= ACL_REL_GRACE) {
1569 /*
1570 * If a is the last node we need to reset tail, but we
1571 * need to use cmpxchg to make sure it is still the
1572 * last node.
1573 */
1574 if (acl_rel_tail == &a->next) {
1575 acl_rel_head = NULL;
1576 if (cmpxchg(&acl_rel_tail, &a->next,
1577 &acl_rel_head) == &a->next) {
1578 ASSERT3P(a->next, ==, NULL);
1579 a->next = freelist;
1580 freelist = a;
1581 break;
1582 }
1583 }
1584 /*
1585 * a is not last node, make sure next pointer is set
1586 * by the adder and advance the head.
1587 */
93ce2b4c 1588 while (READ_ONCE(a->next) == NULL)
8e71ab99
CC		 1589 cpu_relax();
1590 acl_rel_head = a->next;
1591 a->next = freelist;
1592 freelist = a;
1593 } else {
1594 /*
1595 * a is still in grace period. We are responsible to
1596 * reschedule the free task, since adder will only do
1597 * so if list is empty.
1598 */
1599 new_time = a->time + ACL_REL_SCHED;
1600 refire = B_TRUE;
1601 break;
1602 }
1603 }
1604
1605 if (refire)
57ddcda1
CC		 1606 taskq_dispatch_delay(system_delay_taskq, zpl_posix_acl_free,
1607 NULL, TQ_SLEEP, new_time);
8e71ab99
CC		 1608
1609 while (freelist) {
1610 a = freelist;
1611 freelist = a->next;
1612 kfree(a->acl);
1613 kmem_free(a, sizeof (struct acl_rel_struct));
1614 }
1615}
1616
1617void
1618zpl_posix_acl_release_impl(struct posix_acl *acl)
1619{
1620 struct acl_rel_struct *a, **prev;
1621
1622 a = kmem_alloc(sizeof (struct acl_rel_struct), KM_SLEEP);
1623 a->next = NULL;
1624 a->acl = acl;
1625 a->time = ddi_get_lbolt();
1626 /* atomically points tail to us and get the previous tail */
1627 prev = xchg(&acl_rel_tail, &a->next);
1628 ASSERT3P(*prev, ==, NULL);
1629 *prev = a;
1630 /* if it was empty before, schedule the free task */
1631 if (prev == &acl_rel_head)
57ddcda1
CC		 1632 taskq_dispatch_delay(system_delay_taskq, zpl_posix_acl_free,
1633 NULL, TQ_SLEEP, ddi_get_lbolt() + ACL_REL_SCHED);
8e71ab99
CC		 1634}
1635#endif
5c006134
RM		 1636
1637ZFS_MODULE_PARAM(zfs, zfs_, xattr_compat, INT, ZMOD_RW,
1638 "Use legacy ZFS xattr naming for writing new user namespace xattrs");
ZFS On Linux mirror for PVE