]>
Commit | Line | Data |
---|---|---|
cc5f931c BB |
1 | /* |
2 | * CDDL HEADER START | |
3 | * | |
4 | * The contents of this file are subject to the terms of the | |
5 | * Common Development and Distribution License (the "License"). | |
6 | * You may not use this file except in compliance with the License. | |
7 | * | |
8 | * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE | |
9 | * or http://www.opensolaris.org/os/licensing. | |
10 | * See the License for the specific language governing permissions | |
11 | * and limitations under the License. | |
12 | * | |
13 | * When distributing Covered Code, include this CDDL HEADER in each | |
14 | * file and include the License file at usr/src/OPENSOLARIS.LICENSE. | |
15 | * If applicable, add the following below this CDDL HEADER, with the | |
16 | * fields enclosed by brackets "[]" replaced with your own identifying | |
17 | * information: Portions Copyright [yyyy] [name of copyright owner] | |
18 | * | |
19 | * CDDL HEADER END | |
20 | */ | |
21 | /* | |
22 | * Copyright (c) 2011, Lawrence Livermore National Security, LLC. | |
23 | * | |
24 | * Extended attributes (xattr) on Solaris are implemented as files | |
25 | * which exist in a hidden xattr directory. These extended attributes | |
26 | * can be accessed using the attropen() system call which opens | |
27 | * the extended attribute. It can then be manipulated just like | |
28 | * a standard file descriptor. This has a couple advantages such | |
29 | * as practically no size limit on the file, and the extended | |
30 | * attributes permissions may differ from those of the parent file. | |
31 | * This interface is really quite clever, but it's also completely | |
82a37189 BB |
32 | * different than what is supported on Linux. It also comes with a |
33 | * steep performance penalty when accessing small xattrs because they | |
34 | * are not stored with the parent file. | |
cc5f931c BB |
35 | * |
36 | * Under Linux extended attributes are manipulated by the system | |
37 | * calls getxattr(2), setxattr(2), and listxattr(2). They consider | |
38 | * extended attributes to be name/value pairs where the name is a | |
39 | * NULL terminated string. The name must also include one of the | |
82a37189 | 40 | * following namespace prefixes: |
cc5f931c BB |
41 | * |
42 | * user - No restrictions and is available to user applications. | |
43 | * trusted - Restricted to kernel and root (CAP_SYS_ADMIN) use. | |
44 | * system - Used for access control lists (system.nfs4_acl, etc). | |
45 | * security - Used by SELinux to store a files security context. | |
46 | * | |
82a37189 BB |
47 | * The value under Linux to limited to 65536 bytes of binary data. |
48 | * In practice, individual xattrs tend to be much smaller than this | |
49 | * and are typically less than 100 bytes. A good example of this | |
50 | * are the security.selinux xattrs which are less than 100 bytes and | |
51 | * exist for every file when xattr labeling is enabled. | |
cc5f931c | 52 | * |
4e33ba4c | 53 | * The Linux xattr implementation has been written to take advantage of |
82a37189 BB |
54 | * this typical usage. When the dataset property 'xattr=sa' is set, |
55 | * then xattrs will be preferentially stored as System Attributes (SA). | |
56 | * This allows tiny xattrs (~100 bytes) to be stored with the dnode and | |
57 | * up to 64k of xattrs to be stored in the spill block. If additional | |
58 | * xattr space is required, which is unlikely under Linux, they will | |
59 | * be stored using the traditional directory approach. | |
cc5f931c | 60 | * |
82a37189 BB |
61 | * This optimization results in roughly a 3x performance improvement |
62 | * when accessing xattrs because it avoids the need to perform a seek | |
63 | * for every xattr value. When multiple xattrs are stored per-file | |
64 | * the performance improvements are even greater because all of the | |
65 | * xattrs stored in the spill block will be cached. | |
66 | * | |
67 | * However, by default SA based xattrs are disabled in the Linux port | |
68 | * to maximize compatibility with other implementations. If you do | |
69 | * enable SA based xattrs then they will not be visible on platforms | |
70 | * which do not support this feature. | |
71 | * | |
72 | * NOTE: One additional consequence of the xattr directory implementation | |
73 | * is that when an extended attribute is manipulated an inode is created. | |
74 | * This inode will exist in the Linux inode cache but there will be no | |
75 | * associated entry in the dentry cache which references it. This is | |
76 | * safe but it may result in some confusion. Enabling SA based xattrs | |
77 | * largely avoids the issue except in the overflow case. | |
cc5f931c BB |
78 | */ |
79 | ||
657ce253 | 80 | #include <sys/zfs_znode.h> |
cc5f931c BB |
81 | #include <sys/zfs_vfsops.h> |
82 | #include <sys/zfs_vnops.h> | |
0f37d0c8 | 83 | #include <sys/zap.h> |
cc5f931c BB |
84 | #include <sys/vfs.h> |
85 | #include <sys/zpl.h> | |
86 | ||
87 | typedef struct xattr_filldir { | |
88 | size_t size; | |
89 | size_t offset; | |
90 | char *buf; | |
4967a3eb | 91 | struct dentry *dentry; |
cc5f931c BB |
92 | } xattr_filldir_t; |
93 | ||
4967a3eb BB |
94 | static const struct xattr_handler *zpl_xattr_handler(const char *); |
95 | ||
cc5f931c | 96 | static int |
4967a3eb | 97 | zpl_xattr_permission(xattr_filldir_t *xf, const char *name, int name_len) |
cc5f931c | 98 | { |
4967a3eb BB |
99 | static const struct xattr_handler *handler; |
100 | struct dentry *d = xf->dentry; | |
cc5f931c | 101 | |
4967a3eb BB |
102 | handler = zpl_xattr_handler(name); |
103 | if (!handler) | |
104 | return (0); | |
105 | ||
106 | if (handler->list) { | |
107 | #if defined(HAVE_XATTR_LIST_SIMPLE) | |
108 | if (!handler->list(d)) | |
109 | return (0); | |
110 | #elif defined(HAVE_XATTR_LIST_DENTRY) | |
111 | if (!handler->list(d, NULL, 0, name, name_len, 0)) | |
cc5f931c | 112 | return (0); |
4967a3eb BB |
113 | #elif defined(HAVE_XATTR_LIST_HANDLER) |
114 | if (!handler->list(handler, d, NULL, 0, name, name_len)) | |
115 | return (0); | |
4967a3eb BB |
116 | #endif |
117 | } | |
118 | ||
119 | return (1); | |
120 | } | |
121 | ||
122 | /* | |
123 | * Determine is a given xattr name should be visible and if so copy it | |
124 | * in to the provided buffer (xf->buf). | |
125 | */ | |
126 | static int | |
127 | zpl_xattr_filldir(xattr_filldir_t *xf, const char *name, int name_len) | |
128 | { | |
129 | /* Check permissions using the per-namespace list xattr handler. */ | |
130 | if (!zpl_xattr_permission(xf, name, name_len)) | |
131 | return (0); | |
cc5f931c BB |
132 | |
133 | /* When xf->buf is NULL only calculate the required size. */ | |
134 | if (xf->buf) { | |
135 | if (xf->offset + name_len + 1 > xf->size) | |
136 | return (-ERANGE); | |
137 | ||
138 | memcpy(xf->buf + xf->offset, name, name_len); | |
139 | xf->buf[xf->offset + name_len] = '\0'; | |
140 | } | |
141 | ||
142 | xf->offset += (name_len + 1); | |
143 | ||
144 | return (0); | |
145 | } | |
146 | ||
0f37d0c8 RY |
147 | /* |
148 | * Read as many directory entry names as will fit in to the provided buffer, | |
149 | * or when no buffer is provided calculate the required buffer size. | |
150 | */ | |
65c7cc49 | 151 | static int |
0f37d0c8 RY |
152 | zpl_xattr_readdir(struct inode *dxip, xattr_filldir_t *xf) |
153 | { | |
154 | zap_cursor_t zc; | |
155 | zap_attribute_t zap; | |
156 | int error; | |
157 | ||
158 | zap_cursor_init(&zc, ITOZSB(dxip)->z_os, ITOZ(dxip)->z_id); | |
159 | ||
160 | while ((error = -zap_cursor_retrieve(&zc, &zap)) == 0) { | |
161 | ||
162 | if (zap.za_integer_length != 8 || zap.za_num_integers != 1) { | |
163 | error = -ENXIO; | |
164 | break; | |
165 | } | |
166 | ||
167 | error = zpl_xattr_filldir(xf, zap.za_name, strlen(zap.za_name)); | |
168 | if (error) | |
169 | break; | |
170 | ||
171 | zap_cursor_advance(&zc); | |
172 | } | |
173 | ||
174 | zap_cursor_fini(&zc); | |
175 | ||
176 | if (error == -ENOENT) | |
177 | error = 0; | |
178 | ||
179 | return (error); | |
180 | } | |
181 | ||
82a37189 BB |
182 | static ssize_t |
183 | zpl_xattr_list_dir(xattr_filldir_t *xf, cred_t *cr) | |
cc5f931c | 184 | { |
4967a3eb | 185 | struct inode *ip = xf->dentry->d_inode; |
cc5f931c | 186 | struct inode *dxip = NULL; |
657ce253 | 187 | znode_t *dxzp; |
cc5f931c | 188 | int error; |
cc5f931c BB |
189 | |
190 | /* Lookup the xattr directory */ | |
657ce253 MM |
191 | error = -zfs_lookup(ITOZ(ip), NULL, &dxzp, LOOKUP_XATTR, |
192 | cr, NULL, NULL); | |
cc5f931c BB |
193 | if (error) { |
194 | if (error == -ENOENT) | |
195 | error = 0; | |
196 | ||
82a37189 | 197 | return (error); |
cc5f931c BB |
198 | } |
199 | ||
657ce253 | 200 | dxip = ZTOI(dxzp); |
0f37d0c8 | 201 | error = zpl_xattr_readdir(dxip, xf); |
82a37189 BB |
202 | iput(dxip); |
203 | ||
204 | return (error); | |
205 | } | |
206 | ||
207 | static ssize_t | |
208 | zpl_xattr_list_sa(xattr_filldir_t *xf) | |
209 | { | |
4967a3eb | 210 | znode_t *zp = ITOZ(xf->dentry->d_inode); |
82a37189 BB |
211 | nvpair_t *nvp = NULL; |
212 | int error = 0; | |
213 | ||
214 | mutex_enter(&zp->z_lock); | |
215 | if (zp->z_xattr_cached == NULL) | |
216 | error = -zfs_sa_get_xattr(zp); | |
217 | mutex_exit(&zp->z_lock); | |
218 | ||
219 | if (error) | |
220 | return (error); | |
221 | ||
222 | ASSERT(zp->z_xattr_cached); | |
223 | ||
224 | while ((nvp = nvlist_next_nvpair(zp->z_xattr_cached, nvp)) != NULL) { | |
225 | ASSERT3U(nvpair_type(nvp), ==, DATA_TYPE_BYTE_ARRAY); | |
226 | ||
0f37d0c8 | 227 | error = zpl_xattr_filldir(xf, nvpair_name(nvp), |
d1d7e268 | 228 | strlen(nvpair_name(nvp))); |
82a37189 BB |
229 | if (error) |
230 | return (error); | |
231 | } | |
232 | ||
233 | return (0); | |
234 | } | |
235 | ||
236 | ssize_t | |
237 | zpl_xattr_list(struct dentry *dentry, char *buffer, size_t buffer_size) | |
238 | { | |
239 | znode_t *zp = ITOZ(dentry->d_inode); | |
0037b49e | 240 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
4967a3eb | 241 | xattr_filldir_t xf = { buffer_size, 0, buffer, dentry }; |
82a37189 | 242 | cred_t *cr = CRED(); |
7fad6290 | 243 | fstrans_cookie_t cookie; |
82a37189 BB |
244 | int error = 0; |
245 | ||
246 | crhold(cr); | |
7fad6290 | 247 | cookie = spl_fstrans_mark(); |
499b5497 JG |
248 | ZPL_ENTER(zfsvfs); |
249 | ZPL_VERIFY_ZP(zp); | |
82a37189 BB |
250 | rw_enter(&zp->z_xattr_lock, RW_READER); |
251 | ||
0037b49e | 252 | if (zfsvfs->z_use_sa && zp->z_is_sa) { |
82a37189 BB |
253 | error = zpl_xattr_list_sa(&xf); |
254 | if (error) | |
255 | goto out; | |
256 | } | |
257 | ||
258 | error = zpl_xattr_list_dir(&xf, cr); | |
cc5f931c BB |
259 | if (error) |
260 | goto out; | |
261 | ||
262 | error = xf.offset; | |
263 | out: | |
cc5f931c | 264 | |
82a37189 | 265 | rw_exit(&zp->z_xattr_lock); |
499b5497 | 266 | ZPL_EXIT(zfsvfs); |
7fad6290 | 267 | spl_fstrans_unmark(cookie); |
81e97e21 | 268 | crfree(cr); |
cc5f931c BB |
269 | |
270 | return (error); | |
271 | } | |
272 | ||
273 | static int | |
82a37189 BB |
274 | zpl_xattr_get_dir(struct inode *ip, const char *name, void *value, |
275 | size_t size, cred_t *cr) | |
cc5f931c | 276 | { |
1c2358c1 | 277 | fstrans_cookie_t cookie; |
cc5f931c | 278 | struct inode *xip = NULL; |
657ce253 MM |
279 | znode_t *dxzp = NULL; |
280 | znode_t *xzp = NULL; | |
cc5f931c BB |
281 | int error; |
282 | ||
cc5f931c | 283 | /* Lookup the xattr directory */ |
657ce253 MM |
284 | error = -zfs_lookup(ITOZ(ip), NULL, &dxzp, LOOKUP_XATTR, |
285 | cr, NULL, NULL); | |
cc5f931c BB |
286 | if (error) |
287 | goto out; | |
288 | ||
289 | /* Lookup a specific xattr name in the directory */ | |
657ce253 | 290 | error = -zfs_lookup(dxzp, (char *)name, &xzp, 0, cr, NULL, NULL); |
cc5f931c BB |
291 | if (error) |
292 | goto out; | |
293 | ||
657ce253 | 294 | xip = ZTOI(xzp); |
cc5f931c BB |
295 | if (!size) { |
296 | error = i_size_read(xip); | |
297 | goto out; | |
298 | } | |
299 | ||
f7064211 BB |
300 | if (size < i_size_read(xip)) { |
301 | error = -ERANGE; | |
302 | goto out; | |
303 | } | |
304 | ||
1c2358c1 BB |
305 | struct iovec iov; |
306 | iov.iov_base = (void *)value; | |
307 | iov.iov_len = size; | |
308 | ||
d0cd9a5c BA |
309 | zfs_uio_t uio; |
310 | zfs_uio_iovec_init(&uio, &iov, 1, 0, UIO_SYSSPACE, size, 0); | |
1c2358c1 BB |
311 | |
312 | cookie = spl_fstrans_mark(); | |
313 | error = -zfs_read(ITOZ(xip), &uio, 0, cr); | |
314 | spl_fstrans_unmark(cookie); | |
315 | ||
316 | if (error == 0) | |
d0cd9a5c | 317 | error = size - zfs_uio_resid(&uio); |
cc5f931c | 318 | out: |
657ce253 MM |
319 | if (xzp) |
320 | zrele(xzp); | |
cc5f931c | 321 | |
657ce253 MM |
322 | if (dxzp) |
323 | zrele(dxzp); | |
cc5f931c | 324 | |
82a37189 BB |
325 | return (error); |
326 | } | |
327 | ||
328 | static int | |
329 | zpl_xattr_get_sa(struct inode *ip, const char *name, void *value, size_t size) | |
330 | { | |
331 | znode_t *zp = ITOZ(ip); | |
332 | uchar_t *nv_value; | |
333 | uint_t nv_size; | |
334 | int error = 0; | |
cc5f931c | 335 | |
82a37189 BB |
336 | ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock)); |
337 | ||
338 | mutex_enter(&zp->z_lock); | |
339 | if (zp->z_xattr_cached == NULL) | |
340 | error = -zfs_sa_get_xattr(zp); | |
341 | mutex_exit(&zp->z_lock); | |
342 | ||
343 | if (error) | |
344 | return (error); | |
345 | ||
346 | ASSERT(zp->z_xattr_cached); | |
347 | error = -nvlist_lookup_byte_array(zp->z_xattr_cached, name, | |
348 | &nv_value, &nv_size); | |
349 | if (error) | |
350 | return (error); | |
351 | ||
94183a9d | 352 | if (size == 0 || value == NULL) |
82a37189 BB |
353 | return (nv_size); |
354 | ||
f7064211 BB |
355 | if (size < nv_size) |
356 | return (-ERANGE); | |
357 | ||
358 | memcpy(value, nv_value, nv_size); | |
82a37189 | 359 | |
f7064211 | 360 | return (nv_size); |
82a37189 BB |
361 | } |
362 | ||
363 | static int | |
364 | __zpl_xattr_get(struct inode *ip, const char *name, void *value, size_t size, | |
365 | cred_t *cr) | |
366 | { | |
367 | znode_t *zp = ITOZ(ip); | |
0037b49e | 368 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
82a37189 BB |
369 | int error; |
370 | ||
371 | ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock)); | |
372 | ||
0037b49e | 373 | if (zfsvfs->z_use_sa && zp->z_is_sa) { |
82a37189 | 374 | error = zpl_xattr_get_sa(ip, name, value, size); |
0377189b | 375 | if (error != -ENOENT) |
82a37189 BB |
376 | goto out; |
377 | } | |
378 | ||
379 | error = zpl_xattr_get_dir(ip, name, value, size, cr); | |
380 | out: | |
cc5f931c BB |
381 | if (error == -ENOENT) |
382 | error = -ENODATA; | |
383 | ||
384 | return (error); | |
385 | } | |
386 | ||
21f604d4 CC |
387 | #define XATTR_NOENT 0x0 |
388 | #define XATTR_IN_SA 0x1 | |
389 | #define XATTR_IN_DIR 0x2 | |
390 | /* check where the xattr resides */ | |
391 | static int | |
392 | __zpl_xattr_where(struct inode *ip, const char *name, int *where, cred_t *cr) | |
393 | { | |
394 | znode_t *zp = ITOZ(ip); | |
0037b49e | 395 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
21f604d4 CC |
396 | int error; |
397 | ||
398 | ASSERT(where); | |
399 | ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock)); | |
400 | ||
401 | *where = XATTR_NOENT; | |
0037b49e | 402 | if (zfsvfs->z_use_sa && zp->z_is_sa) { |
21f604d4 CC |
403 | error = zpl_xattr_get_sa(ip, name, NULL, 0); |
404 | if (error >= 0) | |
405 | *where |= XATTR_IN_SA; | |
406 | else if (error != -ENOENT) | |
407 | return (error); | |
408 | } | |
409 | ||
410 | error = zpl_xattr_get_dir(ip, name, NULL, 0, cr); | |
411 | if (error >= 0) | |
412 | *where |= XATTR_IN_DIR; | |
413 | else if (error != -ENOENT) | |
414 | return (error); | |
415 | ||
416 | if (*where == (XATTR_IN_SA|XATTR_IN_DIR)) | |
417 | cmn_err(CE_WARN, "ZFS: inode %p has xattr \"%s\"" | |
418 | " in both SA and dir", ip, name); | |
419 | if (*where == XATTR_NOENT) | |
420 | error = -ENODATA; | |
421 | else | |
422 | error = 0; | |
423 | return (error); | |
424 | } | |
425 | ||
cc5f931c | 426 | static int |
82a37189 BB |
427 | zpl_xattr_get(struct inode *ip, const char *name, void *value, size_t size) |
428 | { | |
429 | znode_t *zp = ITOZ(ip); | |
0037b49e | 430 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
82a37189 | 431 | cred_t *cr = CRED(); |
7fad6290 | 432 | fstrans_cookie_t cookie; |
82a37189 BB |
433 | int error; |
434 | ||
435 | crhold(cr); | |
7fad6290 | 436 | cookie = spl_fstrans_mark(); |
499b5497 JG |
437 | ZPL_ENTER(zfsvfs); |
438 | ZPL_VERIFY_ZP(zp); | |
82a37189 BB |
439 | rw_enter(&zp->z_xattr_lock, RW_READER); |
440 | error = __zpl_xattr_get(ip, name, value, size, cr); | |
441 | rw_exit(&zp->z_xattr_lock); | |
499b5497 | 442 | ZPL_EXIT(zfsvfs); |
7fad6290 | 443 | spl_fstrans_unmark(cookie); |
82a37189 BB |
444 | crfree(cr); |
445 | ||
446 | return (error); | |
447 | } | |
448 | ||
449 | static int | |
450 | zpl_xattr_set_dir(struct inode *ip, const char *name, const void *value, | |
451 | size_t size, int flags, cred_t *cr) | |
cc5f931c | 452 | { |
657ce253 MM |
453 | znode_t *dxzp = NULL; |
454 | znode_t *xzp = NULL; | |
cc5f931c | 455 | vattr_t *vap = NULL; |
fc9e0530 | 456 | int lookup_flags, error; |
bec30953 | 457 | const int xattr_mode = S_IFREG | 0644; |
cd3939c5 | 458 | loff_t pos = 0; |
cc5f931c | 459 | |
fc9e0530 BB |
460 | /* |
461 | * Lookup the xattr directory. When we're adding an entry pass | |
462 | * CREATE_XATTR_DIR to ensure the xattr directory is created. | |
463 | * When removing an entry this flag is not passed to avoid | |
464 | * unnecessarily creating a new xattr directory. | |
465 | */ | |
466 | lookup_flags = LOOKUP_XATTR; | |
467 | if (value != NULL) | |
468 | lookup_flags |= CREATE_XATTR_DIR; | |
469 | ||
657ce253 MM |
470 | error = -zfs_lookup(ITOZ(ip), NULL, &dxzp, lookup_flags, |
471 | cr, NULL, NULL); | |
cc5f931c BB |
472 | if (error) |
473 | goto out; | |
474 | ||
82a37189 | 475 | /* Lookup a specific xattr name in the directory */ |
657ce253 | 476 | error = -zfs_lookup(dxzp, (char *)name, &xzp, 0, cr, NULL, NULL); |
82a37189 BB |
477 | if (error && (error != -ENOENT)) |
478 | goto out; | |
cc5f931c | 479 | |
cc5f931c BB |
480 | error = 0; |
481 | ||
482 | /* Remove a specific name xattr when value is set to NULL. */ | |
483 | if (value == NULL) { | |
657ce253 MM |
484 | if (xzp) |
485 | error = -zfs_remove(dxzp, (char *)name, cr, 0); | |
cc5f931c BB |
486 | |
487 | goto out; | |
488 | } | |
489 | ||
490 | /* Lookup failed create a new xattr. */ | |
657ce253 | 491 | if (xzp == NULL) { |
d1d7e268 | 492 | vap = kmem_zalloc(sizeof (vattr_t), KM_SLEEP); |
bec30953 | 493 | vap->va_mode = xattr_mode; |
cc5f931c | 494 | vap->va_mask = ATTR_MODE; |
81e97e21 BB |
495 | vap->va_uid = crgetfsuid(cr); |
496 | vap->va_gid = crgetfsgid(cr); | |
cc5f931c | 497 | |
657ce253 | 498 | error = -zfs_create(dxzp, (char *)name, vap, 0, 0644, &xzp, |
cc5f931c BB |
499 | cr, 0, NULL); |
500 | if (error) | |
501 | goto out; | |
502 | } | |
503 | ||
657ce253 | 504 | ASSERT(xzp != NULL); |
bec30953 | 505 | |
657ce253 | 506 | error = -zfs_freesp(xzp, 0, 0, xattr_mode, TRUE); |
bec30953 GB |
507 | if (error) |
508 | goto out; | |
509 | ||
1c2358c1 | 510 | error = -zfs_write_simple(xzp, value, size, pos, NULL); |
cc5f931c | 511 | out: |
0107f698 GK |
512 | if (error == 0) { |
513 | ip->i_ctime = current_time(ip); | |
514 | zfs_mark_inode_dirty(ip); | |
515 | } | |
516 | ||
cc5f931c | 517 | if (vap) |
d1d7e268 | 518 | kmem_free(vap, sizeof (vattr_t)); |
cc5f931c | 519 | |
657ce253 MM |
520 | if (xzp) |
521 | zrele(xzp); | |
cc5f931c | 522 | |
657ce253 MM |
523 | if (dxzp) |
524 | zrele(dxzp); | |
cc5f931c | 525 | |
cc5f931c BB |
526 | if (error == -ENOENT) |
527 | error = -ENODATA; | |
528 | ||
529 | ASSERT3S(error, <=, 0); | |
530 | ||
531 | return (error); | |
532 | } | |
533 | ||
82a37189 BB |
534 | static int |
535 | zpl_xattr_set_sa(struct inode *ip, const char *name, const void *value, | |
536 | size_t size, int flags, cred_t *cr) | |
537 | { | |
538 | znode_t *zp = ITOZ(ip); | |
539 | nvlist_t *nvl; | |
540 | size_t sa_size; | |
21f604d4 CC |
541 | int error = 0; |
542 | ||
543 | mutex_enter(&zp->z_lock); | |
544 | if (zp->z_xattr_cached == NULL) | |
545 | error = -zfs_sa_get_xattr(zp); | |
546 | mutex_exit(&zp->z_lock); | |
547 | ||
548 | if (error) | |
549 | return (error); | |
82a37189 BB |
550 | |
551 | ASSERT(zp->z_xattr_cached); | |
552 | nvl = zp->z_xattr_cached; | |
553 | ||
554 | if (value == NULL) { | |
555 | error = -nvlist_remove(nvl, name, DATA_TYPE_BYTE_ARRAY); | |
556 | if (error == -ENOENT) | |
557 | error = zpl_xattr_set_dir(ip, name, NULL, 0, flags, cr); | |
558 | } else { | |
559 | /* Limited to 32k to keep nvpair memory allocations small */ | |
560 | if (size > DXATTR_MAX_ENTRY_SIZE) | |
561 | return (-EFBIG); | |
562 | ||
563 | /* Prevent the DXATTR SA from consuming the entire SA region */ | |
564 | error = -nvlist_size(nvl, &sa_size, NV_ENCODE_XDR); | |
565 | if (error) | |
566 | return (error); | |
567 | ||
568 | if (sa_size > DXATTR_MAX_SA_SIZE) | |
569 | return (-EFBIG); | |
570 | ||
571 | error = -nvlist_add_byte_array(nvl, name, | |
572 | (uchar_t *)value, size); | |
82a37189 BB |
573 | } |
574 | ||
43b4935e NB |
575 | /* |
576 | * Update the SA for additions, modifications, and removals. On | |
577 | * error drop the inconsistent cached version of the nvlist, it | |
578 | * will be reconstructed from the ARC when next accessed. | |
579 | */ | |
580 | if (error == 0) | |
82a37189 BB |
581 | error = -zfs_sa_set_xattr(zp); |
582 | ||
43b4935e NB |
583 | if (error) { |
584 | nvlist_free(nvl); | |
585 | zp->z_xattr_cached = NULL; | |
586 | } | |
587 | ||
82a37189 BB |
588 | ASSERT3S(error, <=, 0); |
589 | ||
590 | return (error); | |
591 | } | |
592 | ||
593 | static int | |
594 | zpl_xattr_set(struct inode *ip, const char *name, const void *value, | |
595 | size_t size, int flags) | |
596 | { | |
597 | znode_t *zp = ITOZ(ip); | |
0037b49e | 598 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
82a37189 | 599 | cred_t *cr = CRED(); |
7fad6290 | 600 | fstrans_cookie_t cookie; |
21f604d4 | 601 | int where; |
82a37189 BB |
602 | int error; |
603 | ||
604 | crhold(cr); | |
7fad6290 | 605 | cookie = spl_fstrans_mark(); |
499b5497 JG |
606 | ZPL_ENTER(zfsvfs); |
607 | ZPL_VERIFY_ZP(zp); | |
82a37189 BB |
608 | rw_enter(&ITOZ(ip)->z_xattr_lock, RW_WRITER); |
609 | ||
610 | /* | |
611 | * Before setting the xattr check to see if it already exists. | |
612 | * This is done to ensure the following optional flags are honored. | |
613 | * | |
614 | * XATTR_CREATE: fail if xattr already exists | |
615 | * XATTR_REPLACE: fail if xattr does not exist | |
21f604d4 CC |
616 | * |
617 | * We also want to know if it resides in sa or dir, so we can make | |
618 | * sure we don't end up with duplicate in both places. | |
82a37189 | 619 | */ |
21f604d4 | 620 | error = __zpl_xattr_where(ip, name, &where, cr); |
82a37189 BB |
621 | if (error < 0) { |
622 | if (error != -ENODATA) | |
623 | goto out; | |
fc9e0530 BB |
624 | if (flags & XATTR_REPLACE) |
625 | goto out; | |
626 | ||
627 | /* The xattr to be removed already doesn't exist */ | |
628 | error = 0; | |
629 | if (value == NULL) | |
82a37189 BB |
630 | goto out; |
631 | } else { | |
632 | error = -EEXIST; | |
633 | if (flags & XATTR_CREATE) | |
634 | goto out; | |
635 | } | |
636 | ||
637 | /* Preferentially store the xattr as a SA for better performance */ | |
0037b49e BB |
638 | if (zfsvfs->z_use_sa && zp->z_is_sa && |
639 | (zfsvfs->z_xattr_sa || (value == NULL && where & XATTR_IN_SA))) { | |
82a37189 | 640 | error = zpl_xattr_set_sa(ip, name, value, size, flags, cr); |
21f604d4 CC |
641 | if (error == 0) { |
642 | /* | |
643 | * Successfully put into SA, we need to clear the one | |
644 | * in dir. | |
645 | */ | |
646 | if (where & XATTR_IN_DIR) | |
647 | zpl_xattr_set_dir(ip, name, NULL, 0, 0, cr); | |
82a37189 | 648 | goto out; |
21f604d4 | 649 | } |
82a37189 BB |
650 | } |
651 | ||
652 | error = zpl_xattr_set_dir(ip, name, value, size, flags, cr); | |
21f604d4 CC |
653 | /* |
654 | * Successfully put into dir, we need to clear the one in SA. | |
655 | */ | |
656 | if (error == 0 && (where & XATTR_IN_SA)) | |
657 | zpl_xattr_set_sa(ip, name, NULL, 0, 0, cr); | |
82a37189 BB |
658 | out: |
659 | rw_exit(&ITOZ(ip)->z_xattr_lock); | |
499b5497 | 660 | ZPL_EXIT(zfsvfs); |
7fad6290 | 661 | spl_fstrans_unmark(cookie); |
82a37189 BB |
662 | crfree(cr); |
663 | ASSERT3S(error, <=, 0); | |
664 | ||
665 | return (error); | |
666 | } | |
667 | ||
4967a3eb BB |
668 | /* |
669 | * Extended user attributes | |
670 | * | |
671 | * "Extended user attributes may be assigned to files and directories for | |
672 | * storing arbitrary additional information such as the mime type, | |
673 | * character set or encoding of a file. The access permissions for user | |
674 | * attributes are defined by the file permission bits: read permission | |
675 | * is required to retrieve the attribute value, and writer permission is | |
676 | * required to change it. | |
677 | * | |
678 | * The file permission bits of regular files and directories are | |
679 | * interpreted differently from the file permission bits of special | |
680 | * files and symbolic links. For regular files and directories the file | |
681 | * permission bits define access to the file's contents, while for | |
682 | * device special files they define access to the device described by | |
683 | * the special file. The file permissions of symbolic links are not | |
684 | * used in access checks. These differences would allow users to | |
685 | * consume filesystem resources in a way not controllable by disk quotas | |
686 | * for group or world writable special files and directories. | |
687 | * | |
688 | * For this reason, extended user attributes are allowed only for | |
689 | * regular files and directories, and access to extended user attributes | |
690 | * is restricted to the owner and to users with appropriate capabilities | |
691 | * for directories with the sticky bit set (see the chmod(1) manual page | |
692 | * for an explanation of the sticky bit)." - xattr(7) | |
693 | * | |
694 | * ZFS allows extended user attributes to be disabled administratively | |
695 | * by setting the 'xattr=off' property on the dataset. | |
696 | */ | |
697 | static int | |
698 | __zpl_xattr_user_list(struct inode *ip, char *list, size_t list_size, | |
699 | const char *name, size_t name_len) | |
700 | { | |
701 | return (ITOZSB(ip)->z_flags & ZSB_XATTR); | |
702 | } | |
703 | ZPL_XATTR_LIST_WRAPPER(zpl_xattr_user_list); | |
704 | ||
cc5f931c | 705 | static int |
f9637c6c | 706 | __zpl_xattr_user_get(struct inode *ip, const char *name, |
82a37189 | 707 | void *value, size_t size) |
cc5f931c BB |
708 | { |
709 | char *xattr_name; | |
710 | int error; | |
232604b5 CC |
711 | /* xattr_resolve_name will do this for us if this is defined */ |
712 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 713 | if (strcmp(name, "") == 0) |
d1d7e268 | 714 | return (-EINVAL); |
232604b5 | 715 | #endif |
2cf7f52b | 716 | if (!(ITOZSB(ip)->z_flags & ZSB_XATTR)) |
d1d7e268 | 717 | return (-EOPNOTSUPP); |
cc5f931c BB |
718 | |
719 | xattr_name = kmem_asprintf("%s%s", XATTR_USER_PREFIX, name); | |
82a37189 | 720 | error = zpl_xattr_get(ip, xattr_name, value, size); |
e4f5fa12 | 721 | kmem_strfree(xattr_name); |
cc5f931c BB |
722 | |
723 | return (error); | |
724 | } | |
f9637c6c | 725 | ZPL_XATTR_GET_WRAPPER(zpl_xattr_user_get); |
cc5f931c BB |
726 | |
727 | static int | |
f9637c6c | 728 | __zpl_xattr_user_set(struct inode *ip, const char *name, |
cc5f931c BB |
729 | const void *value, size_t size, int flags) |
730 | { | |
731 | char *xattr_name; | |
732 | int error; | |
232604b5 CC |
733 | /* xattr_resolve_name will do this for us if this is defined */ |
734 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 735 | if (strcmp(name, "") == 0) |
d1d7e268 | 736 | return (-EINVAL); |
232604b5 | 737 | #endif |
2cf7f52b | 738 | if (!(ITOZSB(ip)->z_flags & ZSB_XATTR)) |
d1d7e268 | 739 | return (-EOPNOTSUPP); |
cc5f931c BB |
740 | |
741 | xattr_name = kmem_asprintf("%s%s", XATTR_USER_PREFIX, name); | |
742 | error = zpl_xattr_set(ip, xattr_name, value, size, flags); | |
e4f5fa12 | 743 | kmem_strfree(xattr_name); |
cc5f931c BB |
744 | |
745 | return (error); | |
746 | } | |
f9637c6c | 747 | ZPL_XATTR_SET_WRAPPER(zpl_xattr_user_set); |
cc5f931c | 748 | |
4967a3eb BB |
749 | xattr_handler_t zpl_xattr_user_handler = |
750 | { | |
cc5f931c | 751 | .prefix = XATTR_USER_PREFIX, |
4967a3eb | 752 | .list = zpl_xattr_user_list, |
cc5f931c BB |
753 | .get = zpl_xattr_user_get, |
754 | .set = zpl_xattr_user_set, | |
755 | }; | |
756 | ||
4967a3eb BB |
757 | /* |
758 | * Trusted extended attributes | |
759 | * | |
760 | * "Trusted extended attributes are visible and accessible only to | |
761 | * processes that have the CAP_SYS_ADMIN capability. Attributes in this | |
762 | * class are used to implement mechanisms in user space (i.e., outside | |
763 | * the kernel) which keep information in extended attributes to which | |
764 | * ordinary processes should not have access." - xattr(7) | |
765 | */ | |
766 | static int | |
767 | __zpl_xattr_trusted_list(struct inode *ip, char *list, size_t list_size, | |
768 | const char *name, size_t name_len) | |
769 | { | |
770 | return (capable(CAP_SYS_ADMIN)); | |
771 | } | |
772 | ZPL_XATTR_LIST_WRAPPER(zpl_xattr_trusted_list); | |
773 | ||
cc5f931c | 774 | static int |
f9637c6c | 775 | __zpl_xattr_trusted_get(struct inode *ip, const char *name, |
82a37189 | 776 | void *value, size_t size) |
cc5f931c BB |
777 | { |
778 | char *xattr_name; | |
779 | int error; | |
780 | ||
781 | if (!capable(CAP_SYS_ADMIN)) | |
d1d7e268 | 782 | return (-EACCES); |
232604b5 CC |
783 | /* xattr_resolve_name will do this for us if this is defined */ |
784 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 785 | if (strcmp(name, "") == 0) |
d1d7e268 | 786 | return (-EINVAL); |
232604b5 | 787 | #endif |
cc5f931c | 788 | xattr_name = kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX, name); |
82a37189 | 789 | error = zpl_xattr_get(ip, xattr_name, value, size); |
e4f5fa12 | 790 | kmem_strfree(xattr_name); |
cc5f931c BB |
791 | |
792 | return (error); | |
793 | } | |
f9637c6c | 794 | ZPL_XATTR_GET_WRAPPER(zpl_xattr_trusted_get); |
cc5f931c BB |
795 | |
796 | static int | |
f9637c6c | 797 | __zpl_xattr_trusted_set(struct inode *ip, const char *name, |
cc5f931c BB |
798 | const void *value, size_t size, int flags) |
799 | { | |
800 | char *xattr_name; | |
801 | int error; | |
802 | ||
803 | if (!capable(CAP_SYS_ADMIN)) | |
d1d7e268 | 804 | return (-EACCES); |
232604b5 CC |
805 | /* xattr_resolve_name will do this for us if this is defined */ |
806 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 807 | if (strcmp(name, "") == 0) |
d1d7e268 | 808 | return (-EINVAL); |
232604b5 | 809 | #endif |
cc5f931c BB |
810 | xattr_name = kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX, name); |
811 | error = zpl_xattr_set(ip, xattr_name, value, size, flags); | |
e4f5fa12 | 812 | kmem_strfree(xattr_name); |
cc5f931c BB |
813 | |
814 | return (error); | |
815 | } | |
f9637c6c | 816 | ZPL_XATTR_SET_WRAPPER(zpl_xattr_trusted_set); |
cc5f931c | 817 | |
4967a3eb BB |
818 | xattr_handler_t zpl_xattr_trusted_handler = |
819 | { | |
cc5f931c | 820 | .prefix = XATTR_TRUSTED_PREFIX, |
4967a3eb | 821 | .list = zpl_xattr_trusted_list, |
cc5f931c BB |
822 | .get = zpl_xattr_trusted_get, |
823 | .set = zpl_xattr_trusted_set, | |
824 | }; | |
825 | ||
4967a3eb BB |
826 | /* |
827 | * Extended security attributes | |
828 | * | |
829 | * "The security attribute namespace is used by kernel security modules, | |
830 | * such as Security Enhanced Linux, and also to implement file | |
831 | * capabilities (see capabilities(7)). Read and write access | |
832 | * permissions to security attributes depend on the policy implemented | |
833 | * for each security attribute by the security module. When no security | |
834 | * module is loaded, all processes have read access to extended security | |
835 | * attributes, and write access is limited to processes that have the | |
836 | * CAP_SYS_ADMIN capability." - xattr(7) | |
837 | */ | |
838 | static int | |
839 | __zpl_xattr_security_list(struct inode *ip, char *list, size_t list_size, | |
840 | const char *name, size_t name_len) | |
841 | { | |
842 | return (1); | |
843 | } | |
844 | ZPL_XATTR_LIST_WRAPPER(zpl_xattr_security_list); | |
845 | ||
cc5f931c | 846 | static int |
f9637c6c | 847 | __zpl_xattr_security_get(struct inode *ip, const char *name, |
82a37189 | 848 | void *value, size_t size) |
cc5f931c BB |
849 | { |
850 | char *xattr_name; | |
851 | int error; | |
232604b5 CC |
852 | /* xattr_resolve_name will do this for us if this is defined */ |
853 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 854 | if (strcmp(name, "") == 0) |
d1d7e268 | 855 | return (-EINVAL); |
232604b5 | 856 | #endif |
cc5f931c | 857 | xattr_name = kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX, name); |
82a37189 | 858 | error = zpl_xattr_get(ip, xattr_name, value, size); |
e4f5fa12 | 859 | kmem_strfree(xattr_name); |
cc5f931c BB |
860 | |
861 | return (error); | |
862 | } | |
f9637c6c | 863 | ZPL_XATTR_GET_WRAPPER(zpl_xattr_security_get); |
cc5f931c BB |
864 | |
865 | static int | |
f9637c6c | 866 | __zpl_xattr_security_set(struct inode *ip, const char *name, |
cc5f931c BB |
867 | const void *value, size_t size, int flags) |
868 | { | |
869 | char *xattr_name; | |
870 | int error; | |
232604b5 CC |
871 | /* xattr_resolve_name will do this for us if this is defined */ |
872 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 873 | if (strcmp(name, "") == 0) |
d1d7e268 | 874 | return (-EINVAL); |
232604b5 | 875 | #endif |
cc5f931c BB |
876 | xattr_name = kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX, name); |
877 | error = zpl_xattr_set(ip, xattr_name, value, size, flags); | |
e4f5fa12 | 878 | kmem_strfree(xattr_name); |
cc5f931c BB |
879 | |
880 | return (error); | |
881 | } | |
f9637c6c | 882 | ZPL_XATTR_SET_WRAPPER(zpl_xattr_security_set); |
cc5f931c | 883 | |
166dd49d | 884 | static int |
066e8252 | 885 | zpl_xattr_security_init_impl(struct inode *ip, const struct xattr *xattrs, |
166dd49d BB |
886 | void *fs_info) |
887 | { | |
888 | const struct xattr *xattr; | |
889 | int error = 0; | |
890 | ||
891 | for (xattr = xattrs; xattr->name != NULL; xattr++) { | |
892 | error = __zpl_xattr_security_set(ip, | |
893 | xattr->name, xattr->value, xattr->value_len, 0); | |
894 | ||
895 | if (error < 0) | |
896 | break; | |
897 | } | |
898 | ||
96b91ef0 | 899 | return (error); |
166dd49d BB |
900 | } |
901 | ||
902 | int | |
903 | zpl_xattr_security_init(struct inode *ip, struct inode *dip, | |
904 | const struct qstr *qstr) | |
905 | { | |
906 | return security_inode_init_security(ip, dip, qstr, | |
066e8252 | 907 | &zpl_xattr_security_init_impl, NULL); |
cc5f931c BB |
908 | } |
909 | ||
4967a3eb BB |
910 | /* |
911 | * Security xattr namespace handlers. | |
912 | */ | |
777d4af8 | 913 | xattr_handler_t zpl_xattr_security_handler = { |
cc5f931c | 914 | .prefix = XATTR_SECURITY_PREFIX, |
4967a3eb | 915 | .list = zpl_xattr_security_list, |
cc5f931c BB |
916 | .get = zpl_xattr_security_get, |
917 | .set = zpl_xattr_security_set, | |
918 | }; | |
919 | ||
4967a3eb BB |
920 | /* |
921 | * Extended system attributes | |
922 | * | |
923 | * "Extended system attributes are used by the kernel to store system | |
924 | * objects such as Access Control Lists. Read and write access permissions | |
925 | * to system attributes depend on the policy implemented for each system | |
926 | * attribute implemented by filesystems in the kernel." - xattr(7) | |
927 | */ | |
b695c34e | 928 | #ifdef CONFIG_FS_POSIX_ACL |
65c7cc49 AS |
929 | #ifndef HAVE_SET_ACL |
930 | static | |
931 | #endif | |
023699cd | 932 | int |
0420c126 | 933 | zpl_set_acl(struct inode *ip, struct posix_acl *acl, int type) |
023699cd | 934 | { |
023699cd MM |
935 | char *name, *value = NULL; |
936 | int error = 0; | |
937 | size_t size = 0; | |
938 | ||
939 | if (S_ISLNK(ip->i_mode)) | |
940 | return (-EOPNOTSUPP); | |
941 | ||
d1d7e268 | 942 | switch (type) { |
023699cd | 943 | case ACL_TYPE_ACCESS: |
4967a3eb | 944 | name = XATTR_NAME_POSIX_ACL_ACCESS; |
023699cd | 945 | if (acl) { |
066e8252 | 946 | umode_t mode = ip->i_mode; |
023699cd MM |
947 | error = posix_acl_equiv_mode(acl, &mode); |
948 | if (error < 0) { | |
949 | return (error); | |
950 | } else { | |
951 | /* | |
952 | * The mode bits will have been set by | |
953 | * ->zfs_setattr()->zfs_acl_chmod_setattr() | |
954 | * using the ZFS ACL conversion. If they | |
955 | * differ from the Posix ACL conversion dirty | |
956 | * the inode to write the Posix mode bits. | |
957 | */ | |
958 | if (ip->i_mode != mode) { | |
959 | ip->i_mode = mode; | |
2946a1a1 | 960 | ip->i_ctime = current_time(ip); |
1e8db771 | 961 | zfs_mark_inode_dirty(ip); |
023699cd MM |
962 | } |
963 | ||
964 | if (error == 0) | |
965 | acl = NULL; | |
966 | } | |
967 | } | |
968 | break; | |
969 | ||
970 | case ACL_TYPE_DEFAULT: | |
98f03691 | 971 | name = XATTR_NAME_POSIX_ACL_DEFAULT; |
023699cd MM |
972 | if (!S_ISDIR(ip->i_mode)) |
973 | return (acl ? -EACCES : 0); | |
974 | break; | |
975 | ||
976 | default: | |
977 | return (-EINVAL); | |
978 | } | |
979 | ||
980 | if (acl) { | |
981 | size = posix_acl_xattr_size(acl->a_count); | |
982 | value = kmem_alloc(size, KM_SLEEP); | |
983 | ||
984 | error = zpl_acl_to_xattr(acl, value, size); | |
985 | if (error < 0) { | |
986 | kmem_free(value, size); | |
987 | return (error); | |
988 | } | |
989 | } | |
990 | ||
991 | error = zpl_xattr_set(ip, name, value, size, 0); | |
992 | if (value) | |
993 | kmem_free(value, size); | |
994 | ||
995 | if (!error) { | |
996 | if (acl) | |
997 | zpl_set_cached_acl(ip, type, acl); | |
998 | else | |
999 | zpl_forget_cached_acl(ip, type); | |
1000 | } | |
1001 | ||
1002 | return (error); | |
1003 | } | |
1004 | ||
1005 | struct posix_acl * | |
1006 | zpl_get_acl(struct inode *ip, int type) | |
1007 | { | |
1008 | struct posix_acl *acl; | |
1009 | void *value = NULL; | |
1010 | char *name; | |
1011 | int size; | |
1012 | ||
afb6c031 CC |
1013 | /* |
1014 | * As of Linux 3.14, the kernel get_acl will check this for us. | |
1015 | * Also as of Linux 4.7, comparing against ACL_NOT_CACHED is wrong | |
1016 | * as the kernel get_acl will set it to temporary sentinel value. | |
1017 | */ | |
1018 | #ifndef HAVE_KERNEL_GET_ACL_HANDLE_CACHE | |
023699cd MM |
1019 | acl = get_cached_acl(ip, type); |
1020 | if (acl != ACL_NOT_CACHED) | |
1021 | return (acl); | |
afb6c031 | 1022 | #endif |
023699cd MM |
1023 | |
1024 | switch (type) { | |
1025 | case ACL_TYPE_ACCESS: | |
4967a3eb | 1026 | name = XATTR_NAME_POSIX_ACL_ACCESS; |
023699cd MM |
1027 | break; |
1028 | case ACL_TYPE_DEFAULT: | |
4967a3eb | 1029 | name = XATTR_NAME_POSIX_ACL_DEFAULT; |
023699cd MM |
1030 | break; |
1031 | default: | |
d1d7e268 | 1032 | return (ERR_PTR(-EINVAL)); |
023699cd MM |
1033 | } |
1034 | ||
1035 | size = zpl_xattr_get(ip, name, NULL, 0); | |
1036 | if (size > 0) { | |
79c76d5b | 1037 | value = kmem_alloc(size, KM_SLEEP); |
023699cd MM |
1038 | size = zpl_xattr_get(ip, name, value, size); |
1039 | } | |
1040 | ||
1041 | if (size > 0) { | |
1042 | acl = zpl_acl_from_xattr(value, size); | |
1043 | } else if (size == -ENODATA || size == -ENOSYS) { | |
1044 | acl = NULL; | |
1045 | } else { | |
1046 | acl = ERR_PTR(-EIO); | |
1047 | } | |
1048 | ||
1049 | if (size > 0) | |
1050 | kmem_free(value, size); | |
1051 | ||
afb6c031 CC |
1052 | /* As of Linux 4.7, the kernel get_acl will set this for us */ |
1053 | #ifndef HAVE_KERNEL_GET_ACL_HANDLE_CACHE | |
023699cd MM |
1054 | if (!IS_ERR(acl)) |
1055 | zpl_set_cached_acl(ip, type, acl); | |
afb6c031 | 1056 | #endif |
023699cd MM |
1057 | |
1058 | return (acl); | |
1059 | } | |
1060 | ||
023699cd MM |
1061 | int |
1062 | zpl_init_acl(struct inode *ip, struct inode *dir) | |
1063 | { | |
1064 | struct posix_acl *acl = NULL; | |
1065 | int error = 0; | |
1066 | ||
7ead2be3 | 1067 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX) |
023699cd MM |
1068 | return (0); |
1069 | ||
1070 | if (!S_ISLNK(ip->i_mode)) { | |
6993e012 TK |
1071 | acl = zpl_get_acl(dir, ACL_TYPE_DEFAULT); |
1072 | if (IS_ERR(acl)) | |
1073 | return (PTR_ERR(acl)); | |
023699cd MM |
1074 | if (!acl) { |
1075 | ip->i_mode &= ~current_umask(); | |
2946a1a1 | 1076 | ip->i_ctime = current_time(ip); |
1e8db771 | 1077 | zfs_mark_inode_dirty(ip); |
023699cd MM |
1078 | return (0); |
1079 | } | |
1080 | } | |
1081 | ||
6993e012 | 1082 | if (acl) { |
023699cd MM |
1083 | umode_t mode; |
1084 | ||
1085 | if (S_ISDIR(ip->i_mode)) { | |
0420c126 | 1086 | error = zpl_set_acl(ip, acl, ACL_TYPE_DEFAULT); |
023699cd MM |
1087 | if (error) |
1088 | goto out; | |
1089 | } | |
1090 | ||
1091 | mode = ip->i_mode; | |
408ec0d2 | 1092 | error = __posix_acl_create(&acl, GFP_KERNEL, &mode); |
023699cd MM |
1093 | if (error >= 0) { |
1094 | ip->i_mode = mode; | |
1e8db771 | 1095 | zfs_mark_inode_dirty(ip); |
023699cd | 1096 | if (error > 0) |
0420c126 | 1097 | error = zpl_set_acl(ip, acl, ACL_TYPE_ACCESS); |
023699cd MM |
1098 | } |
1099 | } | |
1100 | out: | |
1101 | zpl_posix_acl_release(acl); | |
1102 | ||
1103 | return (error); | |
1104 | } | |
1105 | ||
1106 | int | |
1107 | zpl_chmod_acl(struct inode *ip) | |
1108 | { | |
1109 | struct posix_acl *acl; | |
1110 | int error; | |
1111 | ||
7ead2be3 | 1112 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX) |
023699cd MM |
1113 | return (0); |
1114 | ||
1115 | if (S_ISLNK(ip->i_mode)) | |
1116 | return (-EOPNOTSUPP); | |
1117 | ||
1118 | acl = zpl_get_acl(ip, ACL_TYPE_ACCESS); | |
1119 | if (IS_ERR(acl) || !acl) | |
1120 | return (PTR_ERR(acl)); | |
1121 | ||
408ec0d2 | 1122 | error = __posix_acl_chmod(&acl, GFP_KERNEL, ip->i_mode); |
023699cd | 1123 | if (!error) |
0420c126 | 1124 | error = zpl_set_acl(ip, acl, ACL_TYPE_ACCESS); |
023699cd MM |
1125 | |
1126 | zpl_posix_acl_release(acl); | |
1127 | ||
1128 | return (error); | |
1129 | } | |
1130 | ||
4967a3eb BB |
1131 | static int |
1132 | __zpl_xattr_acl_list_access(struct inode *ip, char *list, size_t list_size, | |
1133 | const char *name, size_t name_len) | |
023699cd | 1134 | { |
4967a3eb BB |
1135 | char *xattr_name = XATTR_NAME_POSIX_ACL_ACCESS; |
1136 | size_t xattr_size = sizeof (XATTR_NAME_POSIX_ACL_ACCESS); | |
023699cd | 1137 | |
7ead2be3 | 1138 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX) |
023699cd MM |
1139 | return (0); |
1140 | ||
023699cd MM |
1141 | if (list && xattr_size <= list_size) |
1142 | memcpy(list, xattr_name, xattr_size); | |
1143 | ||
1144 | return (xattr_size); | |
1145 | } | |
4967a3eb | 1146 | ZPL_XATTR_LIST_WRAPPER(zpl_xattr_acl_list_access); |
023699cd | 1147 | |
4967a3eb BB |
1148 | static int |
1149 | __zpl_xattr_acl_list_default(struct inode *ip, char *list, size_t list_size, | |
1150 | const char *name, size_t name_len) | |
61d482f7 | 1151 | { |
4967a3eb BB |
1152 | char *xattr_name = XATTR_NAME_POSIX_ACL_DEFAULT; |
1153 | size_t xattr_size = sizeof (XATTR_NAME_POSIX_ACL_DEFAULT); | |
61d482f7 | 1154 | |
7ead2be3 | 1155 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX) |
4967a3eb | 1156 | return (0); |
023699cd | 1157 | |
4967a3eb BB |
1158 | if (list && xattr_size <= list_size) |
1159 | memcpy(list, xattr_name, xattr_size); | |
023699cd | 1160 | |
4967a3eb | 1161 | return (xattr_size); |
023699cd | 1162 | } |
4967a3eb | 1163 | ZPL_XATTR_LIST_WRAPPER(zpl_xattr_acl_list_default); |
023699cd MM |
1164 | |
1165 | static int | |
4967a3eb BB |
1166 | __zpl_xattr_acl_get_access(struct inode *ip, const char *name, |
1167 | void *buffer, size_t size) | |
023699cd MM |
1168 | { |
1169 | struct posix_acl *acl; | |
4967a3eb | 1170 | int type = ACL_TYPE_ACCESS; |
023699cd | 1171 | int error; |
232604b5 CC |
1172 | /* xattr_resolve_name will do this for us if this is defined */ |
1173 | #ifndef HAVE_XATTR_HANDLER_NAME | |
023699cd MM |
1174 | if (strcmp(name, "") != 0) |
1175 | return (-EINVAL); | |
232604b5 | 1176 | #endif |
7ead2be3 | 1177 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX) |
023699cd MM |
1178 | return (-EOPNOTSUPP); |
1179 | ||
1180 | acl = zpl_get_acl(ip, type); | |
1181 | if (IS_ERR(acl)) | |
1182 | return (PTR_ERR(acl)); | |
1183 | if (acl == NULL) | |
1184 | return (-ENODATA); | |
1185 | ||
1186 | error = zpl_acl_to_xattr(acl, buffer, size); | |
1187 | zpl_posix_acl_release(acl); | |
1188 | ||
1189 | return (error); | |
1190 | } | |
4967a3eb | 1191 | ZPL_XATTR_GET_WRAPPER(zpl_xattr_acl_get_access); |
023699cd MM |
1192 | |
1193 | static int | |
4967a3eb BB |
1194 | __zpl_xattr_acl_get_default(struct inode *ip, const char *name, |
1195 | void *buffer, size_t size) | |
023699cd | 1196 | { |
4967a3eb BB |
1197 | struct posix_acl *acl; |
1198 | int type = ACL_TYPE_DEFAULT; | |
1199 | int error; | |
232604b5 CC |
1200 | /* xattr_resolve_name will do this for us if this is defined */ |
1201 | #ifndef HAVE_XATTR_HANDLER_NAME | |
4967a3eb BB |
1202 | if (strcmp(name, "") != 0) |
1203 | return (-EINVAL); | |
232604b5 | 1204 | #endif |
7ead2be3 | 1205 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX) |
4967a3eb | 1206 | return (-EOPNOTSUPP); |
61d482f7 | 1207 | |
4967a3eb BB |
1208 | acl = zpl_get_acl(ip, type); |
1209 | if (IS_ERR(acl)) | |
1210 | return (PTR_ERR(acl)); | |
1211 | if (acl == NULL) | |
1212 | return (-ENODATA); | |
023699cd | 1213 | |
4967a3eb BB |
1214 | error = zpl_acl_to_xattr(acl, buffer, size); |
1215 | zpl_posix_acl_release(acl); | |
023699cd | 1216 | |
4967a3eb | 1217 | return (error); |
023699cd | 1218 | } |
4967a3eb | 1219 | ZPL_XATTR_GET_WRAPPER(zpl_xattr_acl_get_default); |
023699cd MM |
1220 | |
1221 | static int | |
4967a3eb BB |
1222 | __zpl_xattr_acl_set_access(struct inode *ip, const char *name, |
1223 | const void *value, size_t size, int flags) | |
023699cd MM |
1224 | { |
1225 | struct posix_acl *acl; | |
4967a3eb | 1226 | int type = ACL_TYPE_ACCESS; |
023699cd | 1227 | int error = 0; |
232604b5 CC |
1228 | /* xattr_resolve_name will do this for us if this is defined */ |
1229 | #ifndef HAVE_XATTR_HANDLER_NAME | |
023699cd MM |
1230 | if (strcmp(name, "") != 0) |
1231 | return (-EINVAL); | |
232604b5 | 1232 | #endif |
7ead2be3 | 1233 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX) |
023699cd MM |
1234 | return (-EOPNOTSUPP); |
1235 | ||
e2a82961 | 1236 | if (!zpl_inode_owner_or_capable(kcred->user_ns, ip)) |
023699cd MM |
1237 | return (-EPERM); |
1238 | ||
1239 | if (value) { | |
1240 | acl = zpl_acl_from_xattr(value, size); | |
1241 | if (IS_ERR(acl)) | |
1242 | return (PTR_ERR(acl)); | |
1243 | else if (acl) { | |
4b908d32 | 1244 | error = zpl_posix_acl_valid(ip, acl); |
023699cd MM |
1245 | if (error) { |
1246 | zpl_posix_acl_release(acl); | |
1247 | return (error); | |
1248 | } | |
1249 | } | |
1250 | } else { | |
1251 | acl = NULL; | |
1252 | } | |
1253 | ||
0420c126 | 1254 | error = zpl_set_acl(ip, acl, type); |
023699cd MM |
1255 | zpl_posix_acl_release(acl); |
1256 | ||
1257 | return (error); | |
1258 | } | |
4967a3eb | 1259 | ZPL_XATTR_SET_WRAPPER(zpl_xattr_acl_set_access); |
023699cd | 1260 | |
023699cd | 1261 | static int |
4967a3eb BB |
1262 | __zpl_xattr_acl_set_default(struct inode *ip, const char *name, |
1263 | const void *value, size_t size, int flags) | |
023699cd | 1264 | { |
4967a3eb BB |
1265 | struct posix_acl *acl; |
1266 | int type = ACL_TYPE_DEFAULT; | |
1267 | int error = 0; | |
232604b5 CC |
1268 | /* xattr_resolve_name will do this for us if this is defined */ |
1269 | #ifndef HAVE_XATTR_HANDLER_NAME | |
4967a3eb BB |
1270 | if (strcmp(name, "") != 0) |
1271 | return (-EINVAL); | |
232604b5 | 1272 | #endif |
7ead2be3 | 1273 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIX) |
4967a3eb | 1274 | return (-EOPNOTSUPP); |
61d482f7 | 1275 | |
e2a82961 | 1276 | if (!zpl_inode_owner_or_capable(kcred->user_ns, ip)) |
4967a3eb | 1277 | return (-EPERM); |
61d482f7 | 1278 | |
4967a3eb BB |
1279 | if (value) { |
1280 | acl = zpl_acl_from_xattr(value, size); | |
1281 | if (IS_ERR(acl)) | |
1282 | return (PTR_ERR(acl)); | |
1283 | else if (acl) { | |
4b908d32 | 1284 | error = zpl_posix_acl_valid(ip, acl); |
4967a3eb BB |
1285 | if (error) { |
1286 | zpl_posix_acl_release(acl); | |
1287 | return (error); | |
1288 | } | |
1289 | } | |
1290 | } else { | |
1291 | acl = NULL; | |
1292 | } | |
023699cd | 1293 | |
0420c126 | 1294 | error = zpl_set_acl(ip, acl, type); |
4967a3eb | 1295 | zpl_posix_acl_release(acl); |
023699cd | 1296 | |
4967a3eb | 1297 | return (error); |
023699cd | 1298 | } |
4967a3eb | 1299 | ZPL_XATTR_SET_WRAPPER(zpl_xattr_acl_set_default); |
023699cd | 1300 | |
4967a3eb BB |
1301 | /* |
1302 | * ACL access xattr namespace handlers. | |
232604b5 CC |
1303 | * |
1304 | * Use .name instead of .prefix when available. xattr_resolve_name will match | |
1305 | * whole name and reject anything that has .name only as prefix. | |
4967a3eb BB |
1306 | */ |
1307 | xattr_handler_t zpl_xattr_acl_access_handler = | |
023699cd | 1308 | { |
232604b5 CC |
1309 | #ifdef HAVE_XATTR_HANDLER_NAME |
1310 | .name = XATTR_NAME_POSIX_ACL_ACCESS, | |
1311 | #else | |
4967a3eb | 1312 | .prefix = XATTR_NAME_POSIX_ACL_ACCESS, |
232604b5 | 1313 | #endif |
023699cd MM |
1314 | .list = zpl_xattr_acl_list_access, |
1315 | .get = zpl_xattr_acl_get_access, | |
1316 | .set = zpl_xattr_acl_set_access, | |
4967a3eb BB |
1317 | #if defined(HAVE_XATTR_LIST_SIMPLE) || \ |
1318 | defined(HAVE_XATTR_LIST_DENTRY) || \ | |
1319 | defined(HAVE_XATTR_LIST_HANDLER) | |
023699cd | 1320 | .flags = ACL_TYPE_ACCESS, |
4967a3eb | 1321 | #endif |
023699cd MM |
1322 | }; |
1323 | ||
4967a3eb BB |
1324 | /* |
1325 | * ACL default xattr namespace handlers. | |
232604b5 CC |
1326 | * |
1327 | * Use .name instead of .prefix when available. xattr_resolve_name will match | |
1328 | * whole name and reject anything that has .name only as prefix. | |
4967a3eb BB |
1329 | */ |
1330 | xattr_handler_t zpl_xattr_acl_default_handler = | |
023699cd | 1331 | { |
232604b5 CC |
1332 | #ifdef HAVE_XATTR_HANDLER_NAME |
1333 | .name = XATTR_NAME_POSIX_ACL_DEFAULT, | |
1334 | #else | |
4967a3eb | 1335 | .prefix = XATTR_NAME_POSIX_ACL_DEFAULT, |
232604b5 | 1336 | #endif |
023699cd MM |
1337 | .list = zpl_xattr_acl_list_default, |
1338 | .get = zpl_xattr_acl_get_default, | |
1339 | .set = zpl_xattr_acl_set_default, | |
4967a3eb BB |
1340 | #if defined(HAVE_XATTR_LIST_SIMPLE) || \ |
1341 | defined(HAVE_XATTR_LIST_DENTRY) || \ | |
1342 | defined(HAVE_XATTR_LIST_HANDLER) | |
023699cd | 1343 | .flags = ACL_TYPE_DEFAULT, |
4967a3eb | 1344 | #endif |
023699cd MM |
1345 | }; |
1346 | ||
b695c34e MM |
1347 | #endif /* CONFIG_FS_POSIX_ACL */ |
1348 | ||
777d4af8 | 1349 | xattr_handler_t *zpl_xattr_handlers[] = { |
cc5f931c BB |
1350 | &zpl_xattr_security_handler, |
1351 | &zpl_xattr_trusted_handler, | |
1352 | &zpl_xattr_user_handler, | |
b695c34e | 1353 | #ifdef CONFIG_FS_POSIX_ACL |
cc5f931c | 1354 | &zpl_xattr_acl_access_handler, |
96b91ef0 | 1355 | &zpl_xattr_acl_default_handler, |
b695c34e | 1356 | #endif /* CONFIG_FS_POSIX_ACL */ |
77a405ae | 1357 | NULL |
cc5f931c | 1358 | }; |
4967a3eb BB |
1359 | |
1360 | static const struct xattr_handler * | |
1361 | zpl_xattr_handler(const char *name) | |
1362 | { | |
1363 | if (strncmp(name, XATTR_USER_PREFIX, | |
1364 | XATTR_USER_PREFIX_LEN) == 0) | |
1365 | return (&zpl_xattr_user_handler); | |
1366 | ||
1367 | if (strncmp(name, XATTR_TRUSTED_PREFIX, | |
1368 | XATTR_TRUSTED_PREFIX_LEN) == 0) | |
1369 | return (&zpl_xattr_trusted_handler); | |
1370 | ||
1371 | if (strncmp(name, XATTR_SECURITY_PREFIX, | |
1372 | XATTR_SECURITY_PREFIX_LEN) == 0) | |
1373 | return (&zpl_xattr_security_handler); | |
1374 | ||
1375 | #ifdef CONFIG_FS_POSIX_ACL | |
1376 | if (strncmp(name, XATTR_NAME_POSIX_ACL_ACCESS, | |
1377 | sizeof (XATTR_NAME_POSIX_ACL_ACCESS)) == 0) | |
1378 | return (&zpl_xattr_acl_access_handler); | |
1379 | ||
1380 | if (strncmp(name, XATTR_NAME_POSIX_ACL_DEFAULT, | |
1381 | sizeof (XATTR_NAME_POSIX_ACL_DEFAULT)) == 0) | |
1382 | return (&zpl_xattr_acl_default_handler); | |
1383 | #endif /* CONFIG_FS_POSIX_ACL */ | |
1384 | ||
1385 | return (NULL); | |
1386 | } | |
8e71ab99 CC |
1387 | |
1388 | #if !defined(HAVE_POSIX_ACL_RELEASE) || defined(HAVE_POSIX_ACL_RELEASE_GPL_ONLY) | |
1389 | struct acl_rel_struct { | |
1390 | struct acl_rel_struct *next; | |
1391 | struct posix_acl *acl; | |
1392 | clock_t time; | |
1393 | }; | |
1394 | ||
1395 | #define ACL_REL_GRACE (60*HZ) | |
1396 | #define ACL_REL_WINDOW (1*HZ) | |
1397 | #define ACL_REL_SCHED (ACL_REL_GRACE+ACL_REL_WINDOW) | |
1398 | ||
1399 | /* | |
1400 | * Lockless multi-producer single-consumer fifo list. | |
1401 | * Nodes are added to tail and removed from head. Tail pointer is our | |
1402 | * synchronization point. It always points to the next pointer of the last | |
1403 | * node, or head if list is empty. | |
1404 | */ | |
1405 | static struct acl_rel_struct *acl_rel_head = NULL; | |
1406 | static struct acl_rel_struct **acl_rel_tail = &acl_rel_head; | |
1407 | ||
1408 | static void | |
1409 | zpl_posix_acl_free(void *arg) | |
1410 | { | |
1411 | struct acl_rel_struct *freelist = NULL; | |
1412 | struct acl_rel_struct *a; | |
1413 | clock_t new_time; | |
1414 | boolean_t refire = B_FALSE; | |
1415 | ||
1416 | ASSERT3P(acl_rel_head, !=, NULL); | |
1417 | while (acl_rel_head) { | |
1418 | a = acl_rel_head; | |
1419 | if (ddi_get_lbolt() - a->time >= ACL_REL_GRACE) { | |
1420 | /* | |
1421 | * If a is the last node we need to reset tail, but we | |
1422 | * need to use cmpxchg to make sure it is still the | |
1423 | * last node. | |
1424 | */ | |
1425 | if (acl_rel_tail == &a->next) { | |
1426 | acl_rel_head = NULL; | |
1427 | if (cmpxchg(&acl_rel_tail, &a->next, | |
1428 | &acl_rel_head) == &a->next) { | |
1429 | ASSERT3P(a->next, ==, NULL); | |
1430 | a->next = freelist; | |
1431 | freelist = a; | |
1432 | break; | |
1433 | } | |
1434 | } | |
1435 | /* | |
1436 | * a is not last node, make sure next pointer is set | |
1437 | * by the adder and advance the head. | |
1438 | */ | |
93ce2b4c | 1439 | while (READ_ONCE(a->next) == NULL) |
8e71ab99 CC |
1440 | cpu_relax(); |
1441 | acl_rel_head = a->next; | |
1442 | a->next = freelist; | |
1443 | freelist = a; | |
1444 | } else { | |
1445 | /* | |
1446 | * a is still in grace period. We are responsible to | |
1447 | * reschedule the free task, since adder will only do | |
1448 | * so if list is empty. | |
1449 | */ | |
1450 | new_time = a->time + ACL_REL_SCHED; | |
1451 | refire = B_TRUE; | |
1452 | break; | |
1453 | } | |
1454 | } | |
1455 | ||
1456 | if (refire) | |
57ddcda1 CC |
1457 | taskq_dispatch_delay(system_delay_taskq, zpl_posix_acl_free, |
1458 | NULL, TQ_SLEEP, new_time); | |
8e71ab99 CC |
1459 | |
1460 | while (freelist) { | |
1461 | a = freelist; | |
1462 | freelist = a->next; | |
1463 | kfree(a->acl); | |
1464 | kmem_free(a, sizeof (struct acl_rel_struct)); | |
1465 | } | |
1466 | } | |
1467 | ||
1468 | void | |
1469 | zpl_posix_acl_release_impl(struct posix_acl *acl) | |
1470 | { | |
1471 | struct acl_rel_struct *a, **prev; | |
1472 | ||
1473 | a = kmem_alloc(sizeof (struct acl_rel_struct), KM_SLEEP); | |
1474 | a->next = NULL; | |
1475 | a->acl = acl; | |
1476 | a->time = ddi_get_lbolt(); | |
1477 | /* atomically points tail to us and get the previous tail */ | |
1478 | prev = xchg(&acl_rel_tail, &a->next); | |
1479 | ASSERT3P(*prev, ==, NULL); | |
1480 | *prev = a; | |
1481 | /* if it was empty before, schedule the free task */ | |
1482 | if (prev == &acl_rel_head) | |
57ddcda1 CC |
1483 | taskq_dispatch_delay(system_delay_taskq, zpl_posix_acl_free, |
1484 | NULL, TQ_SLEEP, ddi_get_lbolt() + ACL_REL_SCHED); | |
8e71ab99 CC |
1485 | } |
1486 | #endif |