]>
Commit | Line | Data |
---|---|---|
cc5f931c BB |
1 | /* |
2 | * CDDL HEADER START | |
3 | * | |
4 | * The contents of this file are subject to the terms of the | |
5 | * Common Development and Distribution License (the "License"). | |
6 | * You may not use this file except in compliance with the License. | |
7 | * | |
8 | * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE | |
9 | * or http://www.opensolaris.org/os/licensing. | |
10 | * See the License for the specific language governing permissions | |
11 | * and limitations under the License. | |
12 | * | |
13 | * When distributing Covered Code, include this CDDL HEADER in each | |
14 | * file and include the License file at usr/src/OPENSOLARIS.LICENSE. | |
15 | * If applicable, add the following below this CDDL HEADER, with the | |
16 | * fields enclosed by brackets "[]" replaced with your own identifying | |
17 | * information: Portions Copyright [yyyy] [name of copyright owner] | |
18 | * | |
19 | * CDDL HEADER END | |
20 | */ | |
21 | /* | |
22 | * Copyright (c) 2011, Lawrence Livermore National Security, LLC. | |
23 | * | |
24 | * Extended attributes (xattr) on Solaris are implemented as files | |
25 | * which exist in a hidden xattr directory. These extended attributes | |
26 | * can be accessed using the attropen() system call which opens | |
27 | * the extended attribute. It can then be manipulated just like | |
28 | * a standard file descriptor. This has a couple advantages such | |
29 | * as practically no size limit on the file, and the extended | |
30 | * attributes permissions may differ from those of the parent file. | |
31 | * This interface is really quite clever, but it's also completely | |
82a37189 BB |
32 | * different than what is supported on Linux. It also comes with a |
33 | * steep performance penalty when accessing small xattrs because they | |
34 | * are not stored with the parent file. | |
cc5f931c BB |
35 | * |
36 | * Under Linux extended attributes are manipulated by the system | |
37 | * calls getxattr(2), setxattr(2), and listxattr(2). They consider | |
38 | * extended attributes to be name/value pairs where the name is a | |
39 | * NULL terminated string. The name must also include one of the | |
82a37189 | 40 | * following namespace prefixes: |
cc5f931c BB |
41 | * |
42 | * user - No restrictions and is available to user applications. | |
43 | * trusted - Restricted to kernel and root (CAP_SYS_ADMIN) use. | |
44 | * system - Used for access control lists (system.nfs4_acl, etc). | |
45 | * security - Used by SELinux to store a files security context. | |
46 | * | |
82a37189 BB |
47 | * The value under Linux to limited to 65536 bytes of binary data. |
48 | * In practice, individual xattrs tend to be much smaller than this | |
49 | * and are typically less than 100 bytes. A good example of this | |
50 | * are the security.selinux xattrs which are less than 100 bytes and | |
51 | * exist for every file when xattr labeling is enabled. | |
cc5f931c | 52 | * |
4e33ba4c | 53 | * The Linux xattr implementation has been written to take advantage of |
82a37189 BB |
54 | * this typical usage. When the dataset property 'xattr=sa' is set, |
55 | * then xattrs will be preferentially stored as System Attributes (SA). | |
56 | * This allows tiny xattrs (~100 bytes) to be stored with the dnode and | |
57 | * up to 64k of xattrs to be stored in the spill block. If additional | |
58 | * xattr space is required, which is unlikely under Linux, they will | |
59 | * be stored using the traditional directory approach. | |
cc5f931c | 60 | * |
82a37189 BB |
61 | * This optimization results in roughly a 3x performance improvement |
62 | * when accessing xattrs because it avoids the need to perform a seek | |
63 | * for every xattr value. When multiple xattrs are stored per-file | |
64 | * the performance improvements are even greater because all of the | |
65 | * xattrs stored in the spill block will be cached. | |
66 | * | |
67 | * However, by default SA based xattrs are disabled in the Linux port | |
68 | * to maximize compatibility with other implementations. If you do | |
69 | * enable SA based xattrs then they will not be visible on platforms | |
70 | * which do not support this feature. | |
71 | * | |
72 | * NOTE: One additional consequence of the xattr directory implementation | |
73 | * is that when an extended attribute is manipulated an inode is created. | |
74 | * This inode will exist in the Linux inode cache but there will be no | |
75 | * associated entry in the dentry cache which references it. This is | |
76 | * safe but it may result in some confusion. Enabling SA based xattrs | |
77 | * largely avoids the issue except in the overflow case. | |
cc5f931c BB |
78 | */ |
79 | ||
cc5f931c BB |
80 | #include <sys/zfs_vfsops.h> |
81 | #include <sys/zfs_vnops.h> | |
82 | #include <sys/zfs_znode.h> | |
0f37d0c8 | 83 | #include <sys/zap.h> |
cc5f931c BB |
84 | #include <sys/vfs.h> |
85 | #include <sys/zpl.h> | |
86 | ||
87 | typedef struct xattr_filldir { | |
88 | size_t size; | |
89 | size_t offset; | |
90 | char *buf; | |
4967a3eb | 91 | struct dentry *dentry; |
cc5f931c BB |
92 | } xattr_filldir_t; |
93 | ||
4967a3eb BB |
94 | static const struct xattr_handler *zpl_xattr_handler(const char *); |
95 | ||
cc5f931c | 96 | static int |
4967a3eb | 97 | zpl_xattr_permission(xattr_filldir_t *xf, const char *name, int name_len) |
cc5f931c | 98 | { |
4967a3eb BB |
99 | static const struct xattr_handler *handler; |
100 | struct dentry *d = xf->dentry; | |
cc5f931c | 101 | |
4967a3eb BB |
102 | handler = zpl_xattr_handler(name); |
103 | if (!handler) | |
104 | return (0); | |
105 | ||
106 | if (handler->list) { | |
107 | #if defined(HAVE_XATTR_LIST_SIMPLE) | |
108 | if (!handler->list(d)) | |
109 | return (0); | |
110 | #elif defined(HAVE_XATTR_LIST_DENTRY) | |
111 | if (!handler->list(d, NULL, 0, name, name_len, 0)) | |
cc5f931c | 112 | return (0); |
4967a3eb BB |
113 | #elif defined(HAVE_XATTR_LIST_HANDLER) |
114 | if (!handler->list(handler, d, NULL, 0, name, name_len)) | |
115 | return (0); | |
116 | #elif defined(HAVE_XATTR_LIST_INODE) | |
117 | if (!handler->list(d->d_inode, NULL, 0, name, name_len)) | |
118 | return (0); | |
119 | #endif | |
120 | } | |
121 | ||
122 | return (1); | |
123 | } | |
124 | ||
125 | /* | |
126 | * Determine is a given xattr name should be visible and if so copy it | |
127 | * in to the provided buffer (xf->buf). | |
128 | */ | |
129 | static int | |
130 | zpl_xattr_filldir(xattr_filldir_t *xf, const char *name, int name_len) | |
131 | { | |
132 | /* Check permissions using the per-namespace list xattr handler. */ | |
133 | if (!zpl_xattr_permission(xf, name, name_len)) | |
134 | return (0); | |
cc5f931c BB |
135 | |
136 | /* When xf->buf is NULL only calculate the required size. */ | |
137 | if (xf->buf) { | |
138 | if (xf->offset + name_len + 1 > xf->size) | |
139 | return (-ERANGE); | |
140 | ||
141 | memcpy(xf->buf + xf->offset, name, name_len); | |
142 | xf->buf[xf->offset + name_len] = '\0'; | |
143 | } | |
144 | ||
145 | xf->offset += (name_len + 1); | |
146 | ||
147 | return (0); | |
148 | } | |
149 | ||
0f37d0c8 RY |
150 | /* |
151 | * Read as many directory entry names as will fit in to the provided buffer, | |
152 | * or when no buffer is provided calculate the required buffer size. | |
153 | */ | |
154 | int | |
155 | zpl_xattr_readdir(struct inode *dxip, xattr_filldir_t *xf) | |
156 | { | |
157 | zap_cursor_t zc; | |
158 | zap_attribute_t zap; | |
159 | int error; | |
160 | ||
161 | zap_cursor_init(&zc, ITOZSB(dxip)->z_os, ITOZ(dxip)->z_id); | |
162 | ||
163 | while ((error = -zap_cursor_retrieve(&zc, &zap)) == 0) { | |
164 | ||
165 | if (zap.za_integer_length != 8 || zap.za_num_integers != 1) { | |
166 | error = -ENXIO; | |
167 | break; | |
168 | } | |
169 | ||
170 | error = zpl_xattr_filldir(xf, zap.za_name, strlen(zap.za_name)); | |
171 | if (error) | |
172 | break; | |
173 | ||
174 | zap_cursor_advance(&zc); | |
175 | } | |
176 | ||
177 | zap_cursor_fini(&zc); | |
178 | ||
179 | if (error == -ENOENT) | |
180 | error = 0; | |
181 | ||
182 | return (error); | |
183 | } | |
184 | ||
82a37189 BB |
185 | static ssize_t |
186 | zpl_xattr_list_dir(xattr_filldir_t *xf, cred_t *cr) | |
cc5f931c | 187 | { |
4967a3eb | 188 | struct inode *ip = xf->dentry->d_inode; |
cc5f931c | 189 | struct inode *dxip = NULL; |
cc5f931c | 190 | int error; |
cc5f931c BB |
191 | |
192 | /* Lookup the xattr directory */ | |
193 | error = -zfs_lookup(ip, NULL, &dxip, LOOKUP_XATTR, cr, NULL, NULL); | |
194 | if (error) { | |
195 | if (error == -ENOENT) | |
196 | error = 0; | |
197 | ||
82a37189 | 198 | return (error); |
cc5f931c BB |
199 | } |
200 | ||
0f37d0c8 | 201 | error = zpl_xattr_readdir(dxip, xf); |
82a37189 BB |
202 | iput(dxip); |
203 | ||
204 | return (error); | |
205 | } | |
206 | ||
207 | static ssize_t | |
208 | zpl_xattr_list_sa(xattr_filldir_t *xf) | |
209 | { | |
4967a3eb | 210 | znode_t *zp = ITOZ(xf->dentry->d_inode); |
82a37189 BB |
211 | nvpair_t *nvp = NULL; |
212 | int error = 0; | |
213 | ||
214 | mutex_enter(&zp->z_lock); | |
215 | if (zp->z_xattr_cached == NULL) | |
216 | error = -zfs_sa_get_xattr(zp); | |
217 | mutex_exit(&zp->z_lock); | |
218 | ||
219 | if (error) | |
220 | return (error); | |
221 | ||
222 | ASSERT(zp->z_xattr_cached); | |
223 | ||
224 | while ((nvp = nvlist_next_nvpair(zp->z_xattr_cached, nvp)) != NULL) { | |
225 | ASSERT3U(nvpair_type(nvp), ==, DATA_TYPE_BYTE_ARRAY); | |
226 | ||
0f37d0c8 | 227 | error = zpl_xattr_filldir(xf, nvpair_name(nvp), |
d1d7e268 | 228 | strlen(nvpair_name(nvp))); |
82a37189 BB |
229 | if (error) |
230 | return (error); | |
231 | } | |
232 | ||
233 | return (0); | |
234 | } | |
235 | ||
236 | ssize_t | |
237 | zpl_xattr_list(struct dentry *dentry, char *buffer, size_t buffer_size) | |
238 | { | |
239 | znode_t *zp = ITOZ(dentry->d_inode); | |
0037b49e | 240 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
4967a3eb | 241 | xattr_filldir_t xf = { buffer_size, 0, buffer, dentry }; |
82a37189 | 242 | cred_t *cr = CRED(); |
7fad6290 | 243 | fstrans_cookie_t cookie; |
82a37189 BB |
244 | int error = 0; |
245 | ||
246 | crhold(cr); | |
7fad6290 | 247 | cookie = spl_fstrans_mark(); |
499b5497 JG |
248 | ZPL_ENTER(zfsvfs); |
249 | ZPL_VERIFY_ZP(zp); | |
82a37189 BB |
250 | rw_enter(&zp->z_xattr_lock, RW_READER); |
251 | ||
0037b49e | 252 | if (zfsvfs->z_use_sa && zp->z_is_sa) { |
82a37189 BB |
253 | error = zpl_xattr_list_sa(&xf); |
254 | if (error) | |
255 | goto out; | |
256 | } | |
257 | ||
258 | error = zpl_xattr_list_dir(&xf, cr); | |
cc5f931c BB |
259 | if (error) |
260 | goto out; | |
261 | ||
262 | error = xf.offset; | |
263 | out: | |
cc5f931c | 264 | |
82a37189 | 265 | rw_exit(&zp->z_xattr_lock); |
499b5497 | 266 | ZPL_EXIT(zfsvfs); |
7fad6290 | 267 | spl_fstrans_unmark(cookie); |
81e97e21 | 268 | crfree(cr); |
cc5f931c BB |
269 | |
270 | return (error); | |
271 | } | |
272 | ||
273 | static int | |
82a37189 BB |
274 | zpl_xattr_get_dir(struct inode *ip, const char *name, void *value, |
275 | size_t size, cred_t *cr) | |
cc5f931c BB |
276 | { |
277 | struct inode *dxip = NULL; | |
278 | struct inode *xip = NULL; | |
cd3939c5 | 279 | loff_t pos = 0; |
cc5f931c BB |
280 | int error; |
281 | ||
cc5f931c BB |
282 | /* Lookup the xattr directory */ |
283 | error = -zfs_lookup(ip, NULL, &dxip, LOOKUP_XATTR, cr, NULL, NULL); | |
284 | if (error) | |
285 | goto out; | |
286 | ||
287 | /* Lookup a specific xattr name in the directory */ | |
288 | error = -zfs_lookup(dxip, (char *)name, &xip, 0, cr, NULL, NULL); | |
289 | if (error) | |
290 | goto out; | |
291 | ||
292 | if (!size) { | |
293 | error = i_size_read(xip); | |
294 | goto out; | |
295 | } | |
296 | ||
f7064211 BB |
297 | if (size < i_size_read(xip)) { |
298 | error = -ERANGE; | |
299 | goto out; | |
300 | } | |
301 | ||
cd3939c5 | 302 | error = zpl_read_common(xip, value, size, &pos, UIO_SYSSPACE, 0, cr); |
cc5f931c BB |
303 | out: |
304 | if (xip) | |
305 | iput(xip); | |
306 | ||
307 | if (dxip) | |
308 | iput(dxip); | |
309 | ||
82a37189 BB |
310 | return (error); |
311 | } | |
312 | ||
313 | static int | |
314 | zpl_xattr_get_sa(struct inode *ip, const char *name, void *value, size_t size) | |
315 | { | |
316 | znode_t *zp = ITOZ(ip); | |
317 | uchar_t *nv_value; | |
318 | uint_t nv_size; | |
319 | int error = 0; | |
cc5f931c | 320 | |
82a37189 BB |
321 | ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock)); |
322 | ||
323 | mutex_enter(&zp->z_lock); | |
324 | if (zp->z_xattr_cached == NULL) | |
325 | error = -zfs_sa_get_xattr(zp); | |
326 | mutex_exit(&zp->z_lock); | |
327 | ||
328 | if (error) | |
329 | return (error); | |
330 | ||
331 | ASSERT(zp->z_xattr_cached); | |
332 | error = -nvlist_lookup_byte_array(zp->z_xattr_cached, name, | |
333 | &nv_value, &nv_size); | |
334 | if (error) | |
335 | return (error); | |
336 | ||
94183a9d | 337 | if (size == 0 || value == NULL) |
82a37189 BB |
338 | return (nv_size); |
339 | ||
f7064211 BB |
340 | if (size < nv_size) |
341 | return (-ERANGE); | |
342 | ||
343 | memcpy(value, nv_value, nv_size); | |
82a37189 | 344 | |
f7064211 | 345 | return (nv_size); |
82a37189 BB |
346 | } |
347 | ||
348 | static int | |
349 | __zpl_xattr_get(struct inode *ip, const char *name, void *value, size_t size, | |
350 | cred_t *cr) | |
351 | { | |
352 | znode_t *zp = ITOZ(ip); | |
0037b49e | 353 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
82a37189 BB |
354 | int error; |
355 | ||
356 | ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock)); | |
357 | ||
0037b49e | 358 | if (zfsvfs->z_use_sa && zp->z_is_sa) { |
82a37189 | 359 | error = zpl_xattr_get_sa(ip, name, value, size); |
0377189b | 360 | if (error != -ENOENT) |
82a37189 BB |
361 | goto out; |
362 | } | |
363 | ||
364 | error = zpl_xattr_get_dir(ip, name, value, size, cr); | |
365 | out: | |
cc5f931c BB |
366 | if (error == -ENOENT) |
367 | error = -ENODATA; | |
368 | ||
369 | return (error); | |
370 | } | |
371 | ||
21f604d4 CC |
372 | #define XATTR_NOENT 0x0 |
373 | #define XATTR_IN_SA 0x1 | |
374 | #define XATTR_IN_DIR 0x2 | |
375 | /* check where the xattr resides */ | |
376 | static int | |
377 | __zpl_xattr_where(struct inode *ip, const char *name, int *where, cred_t *cr) | |
378 | { | |
379 | znode_t *zp = ITOZ(ip); | |
0037b49e | 380 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
21f604d4 CC |
381 | int error; |
382 | ||
383 | ASSERT(where); | |
384 | ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock)); | |
385 | ||
386 | *where = XATTR_NOENT; | |
0037b49e | 387 | if (zfsvfs->z_use_sa && zp->z_is_sa) { |
21f604d4 CC |
388 | error = zpl_xattr_get_sa(ip, name, NULL, 0); |
389 | if (error >= 0) | |
390 | *where |= XATTR_IN_SA; | |
391 | else if (error != -ENOENT) | |
392 | return (error); | |
393 | } | |
394 | ||
395 | error = zpl_xattr_get_dir(ip, name, NULL, 0, cr); | |
396 | if (error >= 0) | |
397 | *where |= XATTR_IN_DIR; | |
398 | else if (error != -ENOENT) | |
399 | return (error); | |
400 | ||
401 | if (*where == (XATTR_IN_SA|XATTR_IN_DIR)) | |
402 | cmn_err(CE_WARN, "ZFS: inode %p has xattr \"%s\"" | |
403 | " in both SA and dir", ip, name); | |
404 | if (*where == XATTR_NOENT) | |
405 | error = -ENODATA; | |
406 | else | |
407 | error = 0; | |
408 | return (error); | |
409 | } | |
410 | ||
cc5f931c | 411 | static int |
82a37189 BB |
412 | zpl_xattr_get(struct inode *ip, const char *name, void *value, size_t size) |
413 | { | |
414 | znode_t *zp = ITOZ(ip); | |
0037b49e | 415 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
82a37189 | 416 | cred_t *cr = CRED(); |
7fad6290 | 417 | fstrans_cookie_t cookie; |
82a37189 BB |
418 | int error; |
419 | ||
420 | crhold(cr); | |
7fad6290 | 421 | cookie = spl_fstrans_mark(); |
499b5497 JG |
422 | ZPL_ENTER(zfsvfs); |
423 | ZPL_VERIFY_ZP(zp); | |
82a37189 BB |
424 | rw_enter(&zp->z_xattr_lock, RW_READER); |
425 | error = __zpl_xattr_get(ip, name, value, size, cr); | |
426 | rw_exit(&zp->z_xattr_lock); | |
499b5497 | 427 | ZPL_EXIT(zfsvfs); |
7fad6290 | 428 | spl_fstrans_unmark(cookie); |
82a37189 BB |
429 | crfree(cr); |
430 | ||
431 | return (error); | |
432 | } | |
433 | ||
434 | static int | |
435 | zpl_xattr_set_dir(struct inode *ip, const char *name, const void *value, | |
436 | size_t size, int flags, cred_t *cr) | |
cc5f931c BB |
437 | { |
438 | struct inode *dxip = NULL; | |
439 | struct inode *xip = NULL; | |
440 | vattr_t *vap = NULL; | |
cc5f931c | 441 | ssize_t wrote; |
fc9e0530 | 442 | int lookup_flags, error; |
bec30953 | 443 | const int xattr_mode = S_IFREG | 0644; |
cd3939c5 | 444 | loff_t pos = 0; |
cc5f931c | 445 | |
fc9e0530 BB |
446 | /* |
447 | * Lookup the xattr directory. When we're adding an entry pass | |
448 | * CREATE_XATTR_DIR to ensure the xattr directory is created. | |
449 | * When removing an entry this flag is not passed to avoid | |
450 | * unnecessarily creating a new xattr directory. | |
451 | */ | |
452 | lookup_flags = LOOKUP_XATTR; | |
453 | if (value != NULL) | |
454 | lookup_flags |= CREATE_XATTR_DIR; | |
455 | ||
456 | error = -zfs_lookup(ip, NULL, &dxip, lookup_flags, cr, NULL, NULL); | |
cc5f931c BB |
457 | if (error) |
458 | goto out; | |
459 | ||
82a37189 | 460 | /* Lookup a specific xattr name in the directory */ |
cc5f931c | 461 | error = -zfs_lookup(dxip, (char *)name, &xip, 0, cr, NULL, NULL); |
82a37189 BB |
462 | if (error && (error != -ENOENT)) |
463 | goto out; | |
cc5f931c | 464 | |
cc5f931c BB |
465 | error = 0; |
466 | ||
467 | /* Remove a specific name xattr when value is set to NULL. */ | |
468 | if (value == NULL) { | |
469 | if (xip) | |
da5e151f | 470 | error = -zfs_remove(dxip, (char *)name, cr, 0); |
cc5f931c BB |
471 | |
472 | goto out; | |
473 | } | |
474 | ||
475 | /* Lookup failed create a new xattr. */ | |
476 | if (xip == NULL) { | |
d1d7e268 | 477 | vap = kmem_zalloc(sizeof (vattr_t), KM_SLEEP); |
bec30953 | 478 | vap->va_mode = xattr_mode; |
cc5f931c | 479 | vap->va_mask = ATTR_MODE; |
81e97e21 BB |
480 | vap->va_uid = crgetfsuid(cr); |
481 | vap->va_gid = crgetfsgid(cr); | |
cc5f931c BB |
482 | |
483 | error = -zfs_create(dxip, (char *)name, vap, 0, 0644, &xip, | |
484 | cr, 0, NULL); | |
485 | if (error) | |
486 | goto out; | |
487 | } | |
488 | ||
489 | ASSERT(xip != NULL); | |
bec30953 GB |
490 | |
491 | error = -zfs_freesp(ITOZ(xip), 0, 0, xattr_mode, TRUE); | |
492 | if (error) | |
493 | goto out; | |
494 | ||
cd3939c5 | 495 | wrote = zpl_write_common(xip, value, size, &pos, UIO_SYSSPACE, 0, cr); |
cc5f931c BB |
496 | if (wrote < 0) |
497 | error = wrote; | |
498 | ||
499 | out: | |
0107f698 GK |
500 | |
501 | if (error == 0) { | |
502 | ip->i_ctime = current_time(ip); | |
503 | zfs_mark_inode_dirty(ip); | |
504 | } | |
505 | ||
cc5f931c | 506 | if (vap) |
d1d7e268 | 507 | kmem_free(vap, sizeof (vattr_t)); |
cc5f931c BB |
508 | |
509 | if (xip) | |
510 | iput(xip); | |
511 | ||
512 | if (dxip) | |
513 | iput(dxip); | |
514 | ||
cc5f931c BB |
515 | if (error == -ENOENT) |
516 | error = -ENODATA; | |
517 | ||
518 | ASSERT3S(error, <=, 0); | |
519 | ||
520 | return (error); | |
521 | } | |
522 | ||
82a37189 BB |
523 | static int |
524 | zpl_xattr_set_sa(struct inode *ip, const char *name, const void *value, | |
525 | size_t size, int flags, cred_t *cr) | |
526 | { | |
527 | znode_t *zp = ITOZ(ip); | |
528 | nvlist_t *nvl; | |
529 | size_t sa_size; | |
21f604d4 CC |
530 | int error = 0; |
531 | ||
532 | mutex_enter(&zp->z_lock); | |
533 | if (zp->z_xattr_cached == NULL) | |
534 | error = -zfs_sa_get_xattr(zp); | |
535 | mutex_exit(&zp->z_lock); | |
536 | ||
537 | if (error) | |
538 | return (error); | |
82a37189 BB |
539 | |
540 | ASSERT(zp->z_xattr_cached); | |
541 | nvl = zp->z_xattr_cached; | |
542 | ||
543 | if (value == NULL) { | |
544 | error = -nvlist_remove(nvl, name, DATA_TYPE_BYTE_ARRAY); | |
545 | if (error == -ENOENT) | |
546 | error = zpl_xattr_set_dir(ip, name, NULL, 0, flags, cr); | |
547 | } else { | |
548 | /* Limited to 32k to keep nvpair memory allocations small */ | |
549 | if (size > DXATTR_MAX_ENTRY_SIZE) | |
550 | return (-EFBIG); | |
551 | ||
552 | /* Prevent the DXATTR SA from consuming the entire SA region */ | |
553 | error = -nvlist_size(nvl, &sa_size, NV_ENCODE_XDR); | |
554 | if (error) | |
555 | return (error); | |
556 | ||
557 | if (sa_size > DXATTR_MAX_SA_SIZE) | |
558 | return (-EFBIG); | |
559 | ||
560 | error = -nvlist_add_byte_array(nvl, name, | |
561 | (uchar_t *)value, size); | |
82a37189 BB |
562 | } |
563 | ||
43b4935e NB |
564 | /* |
565 | * Update the SA for additions, modifications, and removals. On | |
566 | * error drop the inconsistent cached version of the nvlist, it | |
567 | * will be reconstructed from the ARC when next accessed. | |
568 | */ | |
569 | if (error == 0) | |
82a37189 BB |
570 | error = -zfs_sa_set_xattr(zp); |
571 | ||
43b4935e NB |
572 | if (error) { |
573 | nvlist_free(nvl); | |
574 | zp->z_xattr_cached = NULL; | |
575 | } | |
576 | ||
82a37189 BB |
577 | ASSERT3S(error, <=, 0); |
578 | ||
579 | return (error); | |
580 | } | |
581 | ||
582 | static int | |
583 | zpl_xattr_set(struct inode *ip, const char *name, const void *value, | |
584 | size_t size, int flags) | |
585 | { | |
586 | znode_t *zp = ITOZ(ip); | |
0037b49e | 587 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
82a37189 | 588 | cred_t *cr = CRED(); |
7fad6290 | 589 | fstrans_cookie_t cookie; |
21f604d4 | 590 | int where; |
82a37189 BB |
591 | int error; |
592 | ||
593 | crhold(cr); | |
7fad6290 | 594 | cookie = spl_fstrans_mark(); |
499b5497 JG |
595 | ZPL_ENTER(zfsvfs); |
596 | ZPL_VERIFY_ZP(zp); | |
82a37189 BB |
597 | rw_enter(&ITOZ(ip)->z_xattr_lock, RW_WRITER); |
598 | ||
599 | /* | |
600 | * Before setting the xattr check to see if it already exists. | |
601 | * This is done to ensure the following optional flags are honored. | |
602 | * | |
603 | * XATTR_CREATE: fail if xattr already exists | |
604 | * XATTR_REPLACE: fail if xattr does not exist | |
21f604d4 CC |
605 | * |
606 | * We also want to know if it resides in sa or dir, so we can make | |
607 | * sure we don't end up with duplicate in both places. | |
82a37189 | 608 | */ |
21f604d4 | 609 | error = __zpl_xattr_where(ip, name, &where, cr); |
82a37189 BB |
610 | if (error < 0) { |
611 | if (error != -ENODATA) | |
612 | goto out; | |
fc9e0530 BB |
613 | if (flags & XATTR_REPLACE) |
614 | goto out; | |
615 | ||
616 | /* The xattr to be removed already doesn't exist */ | |
617 | error = 0; | |
618 | if (value == NULL) | |
82a37189 BB |
619 | goto out; |
620 | } else { | |
621 | error = -EEXIST; | |
622 | if (flags & XATTR_CREATE) | |
623 | goto out; | |
624 | } | |
625 | ||
626 | /* Preferentially store the xattr as a SA for better performance */ | |
0037b49e BB |
627 | if (zfsvfs->z_use_sa && zp->z_is_sa && |
628 | (zfsvfs->z_xattr_sa || (value == NULL && where & XATTR_IN_SA))) { | |
82a37189 | 629 | error = zpl_xattr_set_sa(ip, name, value, size, flags, cr); |
21f604d4 CC |
630 | if (error == 0) { |
631 | /* | |
632 | * Successfully put into SA, we need to clear the one | |
633 | * in dir. | |
634 | */ | |
635 | if (where & XATTR_IN_DIR) | |
636 | zpl_xattr_set_dir(ip, name, NULL, 0, 0, cr); | |
82a37189 | 637 | goto out; |
21f604d4 | 638 | } |
82a37189 BB |
639 | } |
640 | ||
641 | error = zpl_xattr_set_dir(ip, name, value, size, flags, cr); | |
21f604d4 CC |
642 | /* |
643 | * Successfully put into dir, we need to clear the one in SA. | |
644 | */ | |
645 | if (error == 0 && (where & XATTR_IN_SA)) | |
646 | zpl_xattr_set_sa(ip, name, NULL, 0, 0, cr); | |
82a37189 BB |
647 | out: |
648 | rw_exit(&ITOZ(ip)->z_xattr_lock); | |
499b5497 | 649 | ZPL_EXIT(zfsvfs); |
7fad6290 | 650 | spl_fstrans_unmark(cookie); |
82a37189 BB |
651 | crfree(cr); |
652 | ASSERT3S(error, <=, 0); | |
653 | ||
654 | return (error); | |
655 | } | |
656 | ||
4967a3eb BB |
657 | /* |
658 | * Extended user attributes | |
659 | * | |
660 | * "Extended user attributes may be assigned to files and directories for | |
661 | * storing arbitrary additional information such as the mime type, | |
662 | * character set or encoding of a file. The access permissions for user | |
663 | * attributes are defined by the file permission bits: read permission | |
664 | * is required to retrieve the attribute value, and writer permission is | |
665 | * required to change it. | |
666 | * | |
667 | * The file permission bits of regular files and directories are | |
668 | * interpreted differently from the file permission bits of special | |
669 | * files and symbolic links. For regular files and directories the file | |
670 | * permission bits define access to the file's contents, while for | |
671 | * device special files they define access to the device described by | |
672 | * the special file. The file permissions of symbolic links are not | |
673 | * used in access checks. These differences would allow users to | |
674 | * consume filesystem resources in a way not controllable by disk quotas | |
675 | * for group or world writable special files and directories. | |
676 | * | |
677 | * For this reason, extended user attributes are allowed only for | |
678 | * regular files and directories, and access to extended user attributes | |
679 | * is restricted to the owner and to users with appropriate capabilities | |
680 | * for directories with the sticky bit set (see the chmod(1) manual page | |
681 | * for an explanation of the sticky bit)." - xattr(7) | |
682 | * | |
683 | * ZFS allows extended user attributes to be disabled administratively | |
684 | * by setting the 'xattr=off' property on the dataset. | |
685 | */ | |
686 | static int | |
687 | __zpl_xattr_user_list(struct inode *ip, char *list, size_t list_size, | |
688 | const char *name, size_t name_len) | |
689 | { | |
690 | return (ITOZSB(ip)->z_flags & ZSB_XATTR); | |
691 | } | |
692 | ZPL_XATTR_LIST_WRAPPER(zpl_xattr_user_list); | |
693 | ||
cc5f931c | 694 | static int |
f9637c6c | 695 | __zpl_xattr_user_get(struct inode *ip, const char *name, |
82a37189 | 696 | void *value, size_t size) |
cc5f931c BB |
697 | { |
698 | char *xattr_name; | |
699 | int error; | |
232604b5 CC |
700 | /* xattr_resolve_name will do this for us if this is defined */ |
701 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 702 | if (strcmp(name, "") == 0) |
d1d7e268 | 703 | return (-EINVAL); |
232604b5 | 704 | #endif |
2cf7f52b | 705 | if (!(ITOZSB(ip)->z_flags & ZSB_XATTR)) |
d1d7e268 | 706 | return (-EOPNOTSUPP); |
cc5f931c BB |
707 | |
708 | xattr_name = kmem_asprintf("%s%s", XATTR_USER_PREFIX, name); | |
82a37189 | 709 | error = zpl_xattr_get(ip, xattr_name, value, size); |
cc5f931c BB |
710 | strfree(xattr_name); |
711 | ||
712 | return (error); | |
713 | } | |
f9637c6c | 714 | ZPL_XATTR_GET_WRAPPER(zpl_xattr_user_get); |
cc5f931c BB |
715 | |
716 | static int | |
f9637c6c | 717 | __zpl_xattr_user_set(struct inode *ip, const char *name, |
cc5f931c BB |
718 | const void *value, size_t size, int flags) |
719 | { | |
720 | char *xattr_name; | |
721 | int error; | |
232604b5 CC |
722 | /* xattr_resolve_name will do this for us if this is defined */ |
723 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 724 | if (strcmp(name, "") == 0) |
d1d7e268 | 725 | return (-EINVAL); |
232604b5 | 726 | #endif |
2cf7f52b | 727 | if (!(ITOZSB(ip)->z_flags & ZSB_XATTR)) |
d1d7e268 | 728 | return (-EOPNOTSUPP); |
cc5f931c BB |
729 | |
730 | xattr_name = kmem_asprintf("%s%s", XATTR_USER_PREFIX, name); | |
731 | error = zpl_xattr_set(ip, xattr_name, value, size, flags); | |
732 | strfree(xattr_name); | |
733 | ||
734 | return (error); | |
735 | } | |
f9637c6c | 736 | ZPL_XATTR_SET_WRAPPER(zpl_xattr_user_set); |
cc5f931c | 737 | |
4967a3eb BB |
738 | xattr_handler_t zpl_xattr_user_handler = |
739 | { | |
cc5f931c | 740 | .prefix = XATTR_USER_PREFIX, |
4967a3eb | 741 | .list = zpl_xattr_user_list, |
cc5f931c BB |
742 | .get = zpl_xattr_user_get, |
743 | .set = zpl_xattr_user_set, | |
744 | }; | |
745 | ||
4967a3eb BB |
746 | /* |
747 | * Trusted extended attributes | |
748 | * | |
749 | * "Trusted extended attributes are visible and accessible only to | |
750 | * processes that have the CAP_SYS_ADMIN capability. Attributes in this | |
751 | * class are used to implement mechanisms in user space (i.e., outside | |
752 | * the kernel) which keep information in extended attributes to which | |
753 | * ordinary processes should not have access." - xattr(7) | |
754 | */ | |
755 | static int | |
756 | __zpl_xattr_trusted_list(struct inode *ip, char *list, size_t list_size, | |
757 | const char *name, size_t name_len) | |
758 | { | |
759 | return (capable(CAP_SYS_ADMIN)); | |
760 | } | |
761 | ZPL_XATTR_LIST_WRAPPER(zpl_xattr_trusted_list); | |
762 | ||
cc5f931c | 763 | static int |
f9637c6c | 764 | __zpl_xattr_trusted_get(struct inode *ip, const char *name, |
82a37189 | 765 | void *value, size_t size) |
cc5f931c BB |
766 | { |
767 | char *xattr_name; | |
768 | int error; | |
769 | ||
770 | if (!capable(CAP_SYS_ADMIN)) | |
d1d7e268 | 771 | return (-EACCES); |
232604b5 CC |
772 | /* xattr_resolve_name will do this for us if this is defined */ |
773 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 774 | if (strcmp(name, "") == 0) |
d1d7e268 | 775 | return (-EINVAL); |
232604b5 | 776 | #endif |
cc5f931c | 777 | xattr_name = kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX, name); |
82a37189 | 778 | error = zpl_xattr_get(ip, xattr_name, value, size); |
cc5f931c BB |
779 | strfree(xattr_name); |
780 | ||
781 | return (error); | |
782 | } | |
f9637c6c | 783 | ZPL_XATTR_GET_WRAPPER(zpl_xattr_trusted_get); |
cc5f931c BB |
784 | |
785 | static int | |
f9637c6c | 786 | __zpl_xattr_trusted_set(struct inode *ip, const char *name, |
cc5f931c BB |
787 | const void *value, size_t size, int flags) |
788 | { | |
789 | char *xattr_name; | |
790 | int error; | |
791 | ||
792 | if (!capable(CAP_SYS_ADMIN)) | |
d1d7e268 | 793 | return (-EACCES); |
232604b5 CC |
794 | /* xattr_resolve_name will do this for us if this is defined */ |
795 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 796 | if (strcmp(name, "") == 0) |
d1d7e268 | 797 | return (-EINVAL); |
232604b5 | 798 | #endif |
cc5f931c BB |
799 | xattr_name = kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX, name); |
800 | error = zpl_xattr_set(ip, xattr_name, value, size, flags); | |
801 | strfree(xattr_name); | |
802 | ||
803 | return (error); | |
804 | } | |
f9637c6c | 805 | ZPL_XATTR_SET_WRAPPER(zpl_xattr_trusted_set); |
cc5f931c | 806 | |
4967a3eb BB |
807 | xattr_handler_t zpl_xattr_trusted_handler = |
808 | { | |
cc5f931c | 809 | .prefix = XATTR_TRUSTED_PREFIX, |
4967a3eb | 810 | .list = zpl_xattr_trusted_list, |
cc5f931c BB |
811 | .get = zpl_xattr_trusted_get, |
812 | .set = zpl_xattr_trusted_set, | |
813 | }; | |
814 | ||
4967a3eb BB |
815 | /* |
816 | * Extended security attributes | |
817 | * | |
818 | * "The security attribute namespace is used by kernel security modules, | |
819 | * such as Security Enhanced Linux, and also to implement file | |
820 | * capabilities (see capabilities(7)). Read and write access | |
821 | * permissions to security attributes depend on the policy implemented | |
822 | * for each security attribute by the security module. When no security | |
823 | * module is loaded, all processes have read access to extended security | |
824 | * attributes, and write access is limited to processes that have the | |
825 | * CAP_SYS_ADMIN capability." - xattr(7) | |
826 | */ | |
827 | static int | |
828 | __zpl_xattr_security_list(struct inode *ip, char *list, size_t list_size, | |
829 | const char *name, size_t name_len) | |
830 | { | |
831 | return (1); | |
832 | } | |
833 | ZPL_XATTR_LIST_WRAPPER(zpl_xattr_security_list); | |
834 | ||
cc5f931c | 835 | static int |
f9637c6c | 836 | __zpl_xattr_security_get(struct inode *ip, const char *name, |
82a37189 | 837 | void *value, size_t size) |
cc5f931c BB |
838 | { |
839 | char *xattr_name; | |
840 | int error; | |
232604b5 CC |
841 | /* xattr_resolve_name will do this for us if this is defined */ |
842 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 843 | if (strcmp(name, "") == 0) |
d1d7e268 | 844 | return (-EINVAL); |
232604b5 | 845 | #endif |
cc5f931c | 846 | xattr_name = kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX, name); |
82a37189 | 847 | error = zpl_xattr_get(ip, xattr_name, value, size); |
cc5f931c BB |
848 | strfree(xattr_name); |
849 | ||
850 | return (error); | |
851 | } | |
f9637c6c | 852 | ZPL_XATTR_GET_WRAPPER(zpl_xattr_security_get); |
cc5f931c BB |
853 | |
854 | static int | |
f9637c6c | 855 | __zpl_xattr_security_set(struct inode *ip, const char *name, |
cc5f931c BB |
856 | const void *value, size_t size, int flags) |
857 | { | |
858 | char *xattr_name; | |
859 | int error; | |
232604b5 CC |
860 | /* xattr_resolve_name will do this for us if this is defined */ |
861 | #ifndef HAVE_XATTR_HANDLER_NAME | |
cc5f931c | 862 | if (strcmp(name, "") == 0) |
d1d7e268 | 863 | return (-EINVAL); |
232604b5 | 864 | #endif |
cc5f931c BB |
865 | xattr_name = kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX, name); |
866 | error = zpl_xattr_set(ip, xattr_name, value, size, flags); | |
867 | strfree(xattr_name); | |
868 | ||
869 | return (error); | |
870 | } | |
f9637c6c | 871 | ZPL_XATTR_SET_WRAPPER(zpl_xattr_security_set); |
cc5f931c | 872 | |
166dd49d BB |
873 | #ifdef HAVE_CALLBACK_SECURITY_INODE_INIT_SECURITY |
874 | static int | |
875 | __zpl_xattr_security_init(struct inode *ip, const struct xattr *xattrs, | |
876 | void *fs_info) | |
877 | { | |
878 | const struct xattr *xattr; | |
879 | int error = 0; | |
880 | ||
881 | for (xattr = xattrs; xattr->name != NULL; xattr++) { | |
882 | error = __zpl_xattr_security_set(ip, | |
883 | xattr->name, xattr->value, xattr->value_len, 0); | |
884 | ||
885 | if (error < 0) | |
886 | break; | |
887 | } | |
888 | ||
96b91ef0 | 889 | return (error); |
166dd49d BB |
890 | } |
891 | ||
892 | int | |
893 | zpl_xattr_security_init(struct inode *ip, struct inode *dip, | |
894 | const struct qstr *qstr) | |
895 | { | |
896 | return security_inode_init_security(ip, dip, qstr, | |
897 | &__zpl_xattr_security_init, NULL); | |
898 | } | |
899 | ||
900 | #else | |
cc5f931c | 901 | int |
5c03efc3 BB |
902 | zpl_xattr_security_init(struct inode *ip, struct inode *dip, |
903 | const struct qstr *qstr) | |
cc5f931c | 904 | { |
96b91ef0 DH |
905 | int error; |
906 | size_t len; | |
907 | void *value; | |
908 | char *name; | |
cc5f931c | 909 | |
96b91ef0 | 910 | error = zpl_security_inode_init_security(ip, dip, qstr, |
d1d7e268 | 911 | &name, &value, &len); |
96b91ef0 DH |
912 | if (error) { |
913 | if (error == -EOPNOTSUPP) | |
d1d7e268 MK |
914 | return (0); |
915 | ||
96b91ef0 DH |
916 | return (error); |
917 | } | |
cc5f931c | 918 | |
f9637c6c | 919 | error = __zpl_xattr_security_set(ip, name, value, len, 0); |
cc5f931c | 920 | |
96b91ef0 DH |
921 | kfree(name); |
922 | kfree(value); | |
cc5f931c | 923 | |
96b91ef0 | 924 | return (error); |
cc5f931c | 925 | } |
166dd49d | 926 | #endif /* HAVE_CALLBACK_SECURITY_INODE_INIT_SECURITY */ |
cc5f931c | 927 | |
4967a3eb BB |
928 | /* |
929 | * Security xattr namespace handlers. | |
930 | */ | |
777d4af8 | 931 | xattr_handler_t zpl_xattr_security_handler = { |
cc5f931c | 932 | .prefix = XATTR_SECURITY_PREFIX, |
4967a3eb | 933 | .list = zpl_xattr_security_list, |
cc5f931c BB |
934 | .get = zpl_xattr_security_get, |
935 | .set = zpl_xattr_security_set, | |
936 | }; | |
937 | ||
4967a3eb BB |
938 | /* |
939 | * Extended system attributes | |
940 | * | |
941 | * "Extended system attributes are used by the kernel to store system | |
942 | * objects such as Access Control Lists. Read and write access permissions | |
943 | * to system attributes depend on the policy implemented for each system | |
944 | * attribute implemented by filesystems in the kernel." - xattr(7) | |
945 | */ | |
b695c34e | 946 | #ifdef CONFIG_FS_POSIX_ACL |
023699cd | 947 | int |
0420c126 | 948 | zpl_set_acl(struct inode *ip, struct posix_acl *acl, int type) |
023699cd | 949 | { |
023699cd MM |
950 | char *name, *value = NULL; |
951 | int error = 0; | |
952 | size_t size = 0; | |
953 | ||
954 | if (S_ISLNK(ip->i_mode)) | |
955 | return (-EOPNOTSUPP); | |
956 | ||
d1d7e268 | 957 | switch (type) { |
023699cd | 958 | case ACL_TYPE_ACCESS: |
4967a3eb | 959 | name = XATTR_NAME_POSIX_ACL_ACCESS; |
023699cd MM |
960 | if (acl) { |
961 | zpl_equivmode_t mode = ip->i_mode; | |
962 | error = posix_acl_equiv_mode(acl, &mode); | |
963 | if (error < 0) { | |
964 | return (error); | |
965 | } else { | |
966 | /* | |
967 | * The mode bits will have been set by | |
968 | * ->zfs_setattr()->zfs_acl_chmod_setattr() | |
969 | * using the ZFS ACL conversion. If they | |
970 | * differ from the Posix ACL conversion dirty | |
971 | * the inode to write the Posix mode bits. | |
972 | */ | |
973 | if (ip->i_mode != mode) { | |
974 | ip->i_mode = mode; | |
2946a1a1 | 975 | ip->i_ctime = current_time(ip); |
1e8db771 | 976 | zfs_mark_inode_dirty(ip); |
023699cd MM |
977 | } |
978 | ||
979 | if (error == 0) | |
980 | acl = NULL; | |
981 | } | |
982 | } | |
983 | break; | |
984 | ||
985 | case ACL_TYPE_DEFAULT: | |
98f03691 | 986 | name = XATTR_NAME_POSIX_ACL_DEFAULT; |
023699cd MM |
987 | if (!S_ISDIR(ip->i_mode)) |
988 | return (acl ? -EACCES : 0); | |
989 | break; | |
990 | ||
991 | default: | |
992 | return (-EINVAL); | |
993 | } | |
994 | ||
995 | if (acl) { | |
996 | size = posix_acl_xattr_size(acl->a_count); | |
997 | value = kmem_alloc(size, KM_SLEEP); | |
998 | ||
999 | error = zpl_acl_to_xattr(acl, value, size); | |
1000 | if (error < 0) { | |
1001 | kmem_free(value, size); | |
1002 | return (error); | |
1003 | } | |
1004 | } | |
1005 | ||
1006 | error = zpl_xattr_set(ip, name, value, size, 0); | |
1007 | if (value) | |
1008 | kmem_free(value, size); | |
1009 | ||
1010 | if (!error) { | |
1011 | if (acl) | |
1012 | zpl_set_cached_acl(ip, type, acl); | |
1013 | else | |
1014 | zpl_forget_cached_acl(ip, type); | |
1015 | } | |
1016 | ||
1017 | return (error); | |
1018 | } | |
1019 | ||
1020 | struct posix_acl * | |
1021 | zpl_get_acl(struct inode *ip, int type) | |
1022 | { | |
1023 | struct posix_acl *acl; | |
1024 | void *value = NULL; | |
1025 | char *name; | |
1026 | int size; | |
1027 | ||
afb6c031 CC |
1028 | /* |
1029 | * As of Linux 3.14, the kernel get_acl will check this for us. | |
1030 | * Also as of Linux 4.7, comparing against ACL_NOT_CACHED is wrong | |
1031 | * as the kernel get_acl will set it to temporary sentinel value. | |
1032 | */ | |
1033 | #ifndef HAVE_KERNEL_GET_ACL_HANDLE_CACHE | |
023699cd MM |
1034 | acl = get_cached_acl(ip, type); |
1035 | if (acl != ACL_NOT_CACHED) | |
1036 | return (acl); | |
afb6c031 | 1037 | #endif |
023699cd MM |
1038 | |
1039 | switch (type) { | |
1040 | case ACL_TYPE_ACCESS: | |
4967a3eb | 1041 | name = XATTR_NAME_POSIX_ACL_ACCESS; |
023699cd MM |
1042 | break; |
1043 | case ACL_TYPE_DEFAULT: | |
4967a3eb | 1044 | name = XATTR_NAME_POSIX_ACL_DEFAULT; |
023699cd MM |
1045 | break; |
1046 | default: | |
d1d7e268 | 1047 | return (ERR_PTR(-EINVAL)); |
023699cd MM |
1048 | } |
1049 | ||
1050 | size = zpl_xattr_get(ip, name, NULL, 0); | |
1051 | if (size > 0) { | |
79c76d5b | 1052 | value = kmem_alloc(size, KM_SLEEP); |
023699cd MM |
1053 | size = zpl_xattr_get(ip, name, value, size); |
1054 | } | |
1055 | ||
1056 | if (size > 0) { | |
1057 | acl = zpl_acl_from_xattr(value, size); | |
1058 | } else if (size == -ENODATA || size == -ENOSYS) { | |
1059 | acl = NULL; | |
1060 | } else { | |
1061 | acl = ERR_PTR(-EIO); | |
1062 | } | |
1063 | ||
1064 | if (size > 0) | |
1065 | kmem_free(value, size); | |
1066 | ||
afb6c031 CC |
1067 | /* As of Linux 4.7, the kernel get_acl will set this for us */ |
1068 | #ifndef HAVE_KERNEL_GET_ACL_HANDLE_CACHE | |
023699cd MM |
1069 | if (!IS_ERR(acl)) |
1070 | zpl_set_cached_acl(ip, type, acl); | |
afb6c031 | 1071 | #endif |
023699cd MM |
1072 | |
1073 | return (acl); | |
1074 | } | |
1075 | ||
1076 | #if !defined(HAVE_GET_ACL) | |
1077 | static int | |
1078 | __zpl_check_acl(struct inode *ip, int mask) | |
1079 | { | |
1080 | struct posix_acl *acl; | |
1081 | int error; | |
1082 | ||
1083 | acl = zpl_get_acl(ip, ACL_TYPE_ACCESS); | |
1084 | if (IS_ERR(acl)) | |
1085 | return (PTR_ERR(acl)); | |
1086 | ||
1087 | if (acl) { | |
1088 | error = posix_acl_permission(ip, acl, mask); | |
1089 | zpl_posix_acl_release(acl); | |
1090 | return (error); | |
1091 | } | |
1092 | ||
1093 | return (-EAGAIN); | |
1094 | } | |
1095 | ||
1096 | #if defined(HAVE_CHECK_ACL_WITH_FLAGS) | |
1097 | int | |
1098 | zpl_check_acl(struct inode *ip, int mask, unsigned int flags) | |
1099 | { | |
d1d7e268 | 1100 | return (__zpl_check_acl(ip, mask)); |
023699cd MM |
1101 | } |
1102 | #elif defined(HAVE_CHECK_ACL) | |
1103 | int | |
1104 | zpl_check_acl(struct inode *ip, int mask) | |
1105 | { | |
d1d7e268 | 1106 | return (__zpl_check_acl(ip, mask)); |
023699cd MM |
1107 | } |
1108 | #elif defined(HAVE_PERMISSION_WITH_NAMEIDATA) | |
1109 | int | |
1110 | zpl_permission(struct inode *ip, int mask, struct nameidata *nd) | |
1111 | { | |
d1d7e268 | 1112 | return (generic_permission(ip, mask, __zpl_check_acl)); |
023699cd MM |
1113 | } |
1114 | #elif defined(HAVE_PERMISSION) | |
1115 | int | |
1116 | zpl_permission(struct inode *ip, int mask) | |
1117 | { | |
d1d7e268 | 1118 | return (generic_permission(ip, mask, __zpl_check_acl)); |
023699cd MM |
1119 | } |
1120 | #endif /* HAVE_CHECK_ACL | HAVE_PERMISSION */ | |
1121 | #endif /* !HAVE_GET_ACL */ | |
1122 | ||
1123 | int | |
1124 | zpl_init_acl(struct inode *ip, struct inode *dir) | |
1125 | { | |
1126 | struct posix_acl *acl = NULL; | |
1127 | int error = 0; | |
1128 | ||
1129 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIXACL) | |
1130 | return (0); | |
1131 | ||
1132 | if (!S_ISLNK(ip->i_mode)) { | |
1133 | if (ITOZSB(ip)->z_acl_type == ZFS_ACLTYPE_POSIXACL) { | |
1134 | acl = zpl_get_acl(dir, ACL_TYPE_DEFAULT); | |
1135 | if (IS_ERR(acl)) | |
1136 | return (PTR_ERR(acl)); | |
1137 | } | |
1138 | ||
1139 | if (!acl) { | |
1140 | ip->i_mode &= ~current_umask(); | |
2946a1a1 | 1141 | ip->i_ctime = current_time(ip); |
1e8db771 | 1142 | zfs_mark_inode_dirty(ip); |
023699cd MM |
1143 | return (0); |
1144 | } | |
1145 | } | |
1146 | ||
1147 | if ((ITOZSB(ip)->z_acl_type == ZFS_ACLTYPE_POSIXACL) && acl) { | |
1148 | umode_t mode; | |
1149 | ||
1150 | if (S_ISDIR(ip->i_mode)) { | |
0420c126 | 1151 | error = zpl_set_acl(ip, acl, ACL_TYPE_DEFAULT); |
023699cd MM |
1152 | if (error) |
1153 | goto out; | |
1154 | } | |
1155 | ||
1156 | mode = ip->i_mode; | |
408ec0d2 | 1157 | error = __posix_acl_create(&acl, GFP_KERNEL, &mode); |
023699cd MM |
1158 | if (error >= 0) { |
1159 | ip->i_mode = mode; | |
1e8db771 | 1160 | zfs_mark_inode_dirty(ip); |
023699cd | 1161 | if (error > 0) |
0420c126 | 1162 | error = zpl_set_acl(ip, acl, ACL_TYPE_ACCESS); |
023699cd MM |
1163 | } |
1164 | } | |
1165 | out: | |
1166 | zpl_posix_acl_release(acl); | |
1167 | ||
1168 | return (error); | |
1169 | } | |
1170 | ||
1171 | int | |
1172 | zpl_chmod_acl(struct inode *ip) | |
1173 | { | |
1174 | struct posix_acl *acl; | |
1175 | int error; | |
1176 | ||
1177 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIXACL) | |
1178 | return (0); | |
1179 | ||
1180 | if (S_ISLNK(ip->i_mode)) | |
1181 | return (-EOPNOTSUPP); | |
1182 | ||
1183 | acl = zpl_get_acl(ip, ACL_TYPE_ACCESS); | |
1184 | if (IS_ERR(acl) || !acl) | |
1185 | return (PTR_ERR(acl)); | |
1186 | ||
408ec0d2 | 1187 | error = __posix_acl_chmod(&acl, GFP_KERNEL, ip->i_mode); |
023699cd | 1188 | if (!error) |
0420c126 | 1189 | error = zpl_set_acl(ip, acl, ACL_TYPE_ACCESS); |
023699cd MM |
1190 | |
1191 | zpl_posix_acl_release(acl); | |
1192 | ||
1193 | return (error); | |
1194 | } | |
1195 | ||
4967a3eb BB |
1196 | static int |
1197 | __zpl_xattr_acl_list_access(struct inode *ip, char *list, size_t list_size, | |
1198 | const char *name, size_t name_len) | |
023699cd | 1199 | { |
4967a3eb BB |
1200 | char *xattr_name = XATTR_NAME_POSIX_ACL_ACCESS; |
1201 | size_t xattr_size = sizeof (XATTR_NAME_POSIX_ACL_ACCESS); | |
023699cd MM |
1202 | |
1203 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIXACL) | |
1204 | return (0); | |
1205 | ||
023699cd MM |
1206 | if (list && xattr_size <= list_size) |
1207 | memcpy(list, xattr_name, xattr_size); | |
1208 | ||
1209 | return (xattr_size); | |
1210 | } | |
4967a3eb | 1211 | ZPL_XATTR_LIST_WRAPPER(zpl_xattr_acl_list_access); |
023699cd | 1212 | |
4967a3eb BB |
1213 | static int |
1214 | __zpl_xattr_acl_list_default(struct inode *ip, char *list, size_t list_size, | |
1215 | const char *name, size_t name_len) | |
61d482f7 | 1216 | { |
4967a3eb BB |
1217 | char *xattr_name = XATTR_NAME_POSIX_ACL_DEFAULT; |
1218 | size_t xattr_size = sizeof (XATTR_NAME_POSIX_ACL_DEFAULT); | |
61d482f7 | 1219 | |
4967a3eb BB |
1220 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIXACL) |
1221 | return (0); | |
023699cd | 1222 | |
4967a3eb BB |
1223 | if (list && xattr_size <= list_size) |
1224 | memcpy(list, xattr_name, xattr_size); | |
023699cd | 1225 | |
4967a3eb | 1226 | return (xattr_size); |
023699cd | 1227 | } |
4967a3eb | 1228 | ZPL_XATTR_LIST_WRAPPER(zpl_xattr_acl_list_default); |
023699cd MM |
1229 | |
1230 | static int | |
4967a3eb BB |
1231 | __zpl_xattr_acl_get_access(struct inode *ip, const char *name, |
1232 | void *buffer, size_t size) | |
023699cd MM |
1233 | { |
1234 | struct posix_acl *acl; | |
4967a3eb | 1235 | int type = ACL_TYPE_ACCESS; |
023699cd | 1236 | int error; |
232604b5 CC |
1237 | /* xattr_resolve_name will do this for us if this is defined */ |
1238 | #ifndef HAVE_XATTR_HANDLER_NAME | |
023699cd MM |
1239 | if (strcmp(name, "") != 0) |
1240 | return (-EINVAL); | |
232604b5 | 1241 | #endif |
023699cd MM |
1242 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIXACL) |
1243 | return (-EOPNOTSUPP); | |
1244 | ||
1245 | acl = zpl_get_acl(ip, type); | |
1246 | if (IS_ERR(acl)) | |
1247 | return (PTR_ERR(acl)); | |
1248 | if (acl == NULL) | |
1249 | return (-ENODATA); | |
1250 | ||
1251 | error = zpl_acl_to_xattr(acl, buffer, size); | |
1252 | zpl_posix_acl_release(acl); | |
1253 | ||
1254 | return (error); | |
1255 | } | |
4967a3eb | 1256 | ZPL_XATTR_GET_WRAPPER(zpl_xattr_acl_get_access); |
023699cd MM |
1257 | |
1258 | static int | |
4967a3eb BB |
1259 | __zpl_xattr_acl_get_default(struct inode *ip, const char *name, |
1260 | void *buffer, size_t size) | |
023699cd | 1261 | { |
4967a3eb BB |
1262 | struct posix_acl *acl; |
1263 | int type = ACL_TYPE_DEFAULT; | |
1264 | int error; | |
232604b5 CC |
1265 | /* xattr_resolve_name will do this for us if this is defined */ |
1266 | #ifndef HAVE_XATTR_HANDLER_NAME | |
4967a3eb BB |
1267 | if (strcmp(name, "") != 0) |
1268 | return (-EINVAL); | |
232604b5 | 1269 | #endif |
4967a3eb BB |
1270 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIXACL) |
1271 | return (-EOPNOTSUPP); | |
61d482f7 | 1272 | |
4967a3eb BB |
1273 | acl = zpl_get_acl(ip, type); |
1274 | if (IS_ERR(acl)) | |
1275 | return (PTR_ERR(acl)); | |
1276 | if (acl == NULL) | |
1277 | return (-ENODATA); | |
023699cd | 1278 | |
4967a3eb BB |
1279 | error = zpl_acl_to_xattr(acl, buffer, size); |
1280 | zpl_posix_acl_release(acl); | |
023699cd | 1281 | |
4967a3eb | 1282 | return (error); |
023699cd | 1283 | } |
4967a3eb | 1284 | ZPL_XATTR_GET_WRAPPER(zpl_xattr_acl_get_default); |
023699cd MM |
1285 | |
1286 | static int | |
4967a3eb BB |
1287 | __zpl_xattr_acl_set_access(struct inode *ip, const char *name, |
1288 | const void *value, size_t size, int flags) | |
023699cd MM |
1289 | { |
1290 | struct posix_acl *acl; | |
4967a3eb | 1291 | int type = ACL_TYPE_ACCESS; |
023699cd | 1292 | int error = 0; |
232604b5 CC |
1293 | /* xattr_resolve_name will do this for us if this is defined */ |
1294 | #ifndef HAVE_XATTR_HANDLER_NAME | |
023699cd MM |
1295 | if (strcmp(name, "") != 0) |
1296 | return (-EINVAL); | |
232604b5 | 1297 | #endif |
023699cd MM |
1298 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIXACL) |
1299 | return (-EOPNOTSUPP); | |
1300 | ||
1301 | if (!zpl_inode_owner_or_capable(ip)) | |
1302 | return (-EPERM); | |
1303 | ||
1304 | if (value) { | |
1305 | acl = zpl_acl_from_xattr(value, size); | |
1306 | if (IS_ERR(acl)) | |
1307 | return (PTR_ERR(acl)); | |
1308 | else if (acl) { | |
4b908d32 | 1309 | error = zpl_posix_acl_valid(ip, acl); |
023699cd MM |
1310 | if (error) { |
1311 | zpl_posix_acl_release(acl); | |
1312 | return (error); | |
1313 | } | |
1314 | } | |
1315 | } else { | |
1316 | acl = NULL; | |
1317 | } | |
1318 | ||
0420c126 | 1319 | error = zpl_set_acl(ip, acl, type); |
023699cd MM |
1320 | zpl_posix_acl_release(acl); |
1321 | ||
1322 | return (error); | |
1323 | } | |
4967a3eb | 1324 | ZPL_XATTR_SET_WRAPPER(zpl_xattr_acl_set_access); |
023699cd | 1325 | |
023699cd | 1326 | static int |
4967a3eb BB |
1327 | __zpl_xattr_acl_set_default(struct inode *ip, const char *name, |
1328 | const void *value, size_t size, int flags) | |
023699cd | 1329 | { |
4967a3eb BB |
1330 | struct posix_acl *acl; |
1331 | int type = ACL_TYPE_DEFAULT; | |
1332 | int error = 0; | |
232604b5 CC |
1333 | /* xattr_resolve_name will do this for us if this is defined */ |
1334 | #ifndef HAVE_XATTR_HANDLER_NAME | |
4967a3eb BB |
1335 | if (strcmp(name, "") != 0) |
1336 | return (-EINVAL); | |
232604b5 | 1337 | #endif |
4967a3eb BB |
1338 | if (ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_POSIXACL) |
1339 | return (-EOPNOTSUPP); | |
61d482f7 | 1340 | |
4967a3eb BB |
1341 | if (!zpl_inode_owner_or_capable(ip)) |
1342 | return (-EPERM); | |
61d482f7 | 1343 | |
4967a3eb BB |
1344 | if (value) { |
1345 | acl = zpl_acl_from_xattr(value, size); | |
1346 | if (IS_ERR(acl)) | |
1347 | return (PTR_ERR(acl)); | |
1348 | else if (acl) { | |
4b908d32 | 1349 | error = zpl_posix_acl_valid(ip, acl); |
4967a3eb BB |
1350 | if (error) { |
1351 | zpl_posix_acl_release(acl); | |
1352 | return (error); | |
1353 | } | |
1354 | } | |
1355 | } else { | |
1356 | acl = NULL; | |
1357 | } | |
023699cd | 1358 | |
0420c126 | 1359 | error = zpl_set_acl(ip, acl, type); |
4967a3eb | 1360 | zpl_posix_acl_release(acl); |
023699cd | 1361 | |
4967a3eb | 1362 | return (error); |
023699cd | 1363 | } |
4967a3eb | 1364 | ZPL_XATTR_SET_WRAPPER(zpl_xattr_acl_set_default); |
023699cd | 1365 | |
4967a3eb BB |
1366 | /* |
1367 | * ACL access xattr namespace handlers. | |
232604b5 CC |
1368 | * |
1369 | * Use .name instead of .prefix when available. xattr_resolve_name will match | |
1370 | * whole name and reject anything that has .name only as prefix. | |
4967a3eb BB |
1371 | */ |
1372 | xattr_handler_t zpl_xattr_acl_access_handler = | |
023699cd | 1373 | { |
232604b5 CC |
1374 | #ifdef HAVE_XATTR_HANDLER_NAME |
1375 | .name = XATTR_NAME_POSIX_ACL_ACCESS, | |
1376 | #else | |
4967a3eb | 1377 | .prefix = XATTR_NAME_POSIX_ACL_ACCESS, |
232604b5 | 1378 | #endif |
023699cd MM |
1379 | .list = zpl_xattr_acl_list_access, |
1380 | .get = zpl_xattr_acl_get_access, | |
1381 | .set = zpl_xattr_acl_set_access, | |
4967a3eb BB |
1382 | #if defined(HAVE_XATTR_LIST_SIMPLE) || \ |
1383 | defined(HAVE_XATTR_LIST_DENTRY) || \ | |
1384 | defined(HAVE_XATTR_LIST_HANDLER) | |
023699cd | 1385 | .flags = ACL_TYPE_ACCESS, |
4967a3eb | 1386 | #endif |
023699cd MM |
1387 | }; |
1388 | ||
4967a3eb BB |
1389 | /* |
1390 | * ACL default xattr namespace handlers. | |
232604b5 CC |
1391 | * |
1392 | * Use .name instead of .prefix when available. xattr_resolve_name will match | |
1393 | * whole name and reject anything that has .name only as prefix. | |
4967a3eb BB |
1394 | */ |
1395 | xattr_handler_t zpl_xattr_acl_default_handler = | |
023699cd | 1396 | { |
232604b5 CC |
1397 | #ifdef HAVE_XATTR_HANDLER_NAME |
1398 | .name = XATTR_NAME_POSIX_ACL_DEFAULT, | |
1399 | #else | |
4967a3eb | 1400 | .prefix = XATTR_NAME_POSIX_ACL_DEFAULT, |
232604b5 | 1401 | #endif |
023699cd MM |
1402 | .list = zpl_xattr_acl_list_default, |
1403 | .get = zpl_xattr_acl_get_default, | |
1404 | .set = zpl_xattr_acl_set_default, | |
4967a3eb BB |
1405 | #if defined(HAVE_XATTR_LIST_SIMPLE) || \ |
1406 | defined(HAVE_XATTR_LIST_DENTRY) || \ | |
1407 | defined(HAVE_XATTR_LIST_HANDLER) | |
023699cd | 1408 | .flags = ACL_TYPE_DEFAULT, |
4967a3eb | 1409 | #endif |
023699cd MM |
1410 | }; |
1411 | ||
b695c34e MM |
1412 | #endif /* CONFIG_FS_POSIX_ACL */ |
1413 | ||
777d4af8 | 1414 | xattr_handler_t *zpl_xattr_handlers[] = { |
cc5f931c BB |
1415 | &zpl_xattr_security_handler, |
1416 | &zpl_xattr_trusted_handler, | |
1417 | &zpl_xattr_user_handler, | |
b695c34e | 1418 | #ifdef CONFIG_FS_POSIX_ACL |
cc5f931c | 1419 | &zpl_xattr_acl_access_handler, |
96b91ef0 | 1420 | &zpl_xattr_acl_default_handler, |
b695c34e | 1421 | #endif /* CONFIG_FS_POSIX_ACL */ |
77a405ae | 1422 | NULL |
cc5f931c | 1423 | }; |
4967a3eb BB |
1424 | |
1425 | static const struct xattr_handler * | |
1426 | zpl_xattr_handler(const char *name) | |
1427 | { | |
1428 | if (strncmp(name, XATTR_USER_PREFIX, | |
1429 | XATTR_USER_PREFIX_LEN) == 0) | |
1430 | return (&zpl_xattr_user_handler); | |
1431 | ||
1432 | if (strncmp(name, XATTR_TRUSTED_PREFIX, | |
1433 | XATTR_TRUSTED_PREFIX_LEN) == 0) | |
1434 | return (&zpl_xattr_trusted_handler); | |
1435 | ||
1436 | if (strncmp(name, XATTR_SECURITY_PREFIX, | |
1437 | XATTR_SECURITY_PREFIX_LEN) == 0) | |
1438 | return (&zpl_xattr_security_handler); | |
1439 | ||
1440 | #ifdef CONFIG_FS_POSIX_ACL | |
1441 | if (strncmp(name, XATTR_NAME_POSIX_ACL_ACCESS, | |
1442 | sizeof (XATTR_NAME_POSIX_ACL_ACCESS)) == 0) | |
1443 | return (&zpl_xattr_acl_access_handler); | |
1444 | ||
1445 | if (strncmp(name, XATTR_NAME_POSIX_ACL_DEFAULT, | |
1446 | sizeof (XATTR_NAME_POSIX_ACL_DEFAULT)) == 0) | |
1447 | return (&zpl_xattr_acl_default_handler); | |
1448 | #endif /* CONFIG_FS_POSIX_ACL */ | |
1449 | ||
1450 | return (NULL); | |
1451 | } | |
8e71ab99 CC |
1452 | |
1453 | #if !defined(HAVE_POSIX_ACL_RELEASE) || defined(HAVE_POSIX_ACL_RELEASE_GPL_ONLY) | |
1454 | struct acl_rel_struct { | |
1455 | struct acl_rel_struct *next; | |
1456 | struct posix_acl *acl; | |
1457 | clock_t time; | |
1458 | }; | |
1459 | ||
1460 | #define ACL_REL_GRACE (60*HZ) | |
1461 | #define ACL_REL_WINDOW (1*HZ) | |
1462 | #define ACL_REL_SCHED (ACL_REL_GRACE+ACL_REL_WINDOW) | |
1463 | ||
1464 | /* | |
1465 | * Lockless multi-producer single-consumer fifo list. | |
1466 | * Nodes are added to tail and removed from head. Tail pointer is our | |
1467 | * synchronization point. It always points to the next pointer of the last | |
1468 | * node, or head if list is empty. | |
1469 | */ | |
1470 | static struct acl_rel_struct *acl_rel_head = NULL; | |
1471 | static struct acl_rel_struct **acl_rel_tail = &acl_rel_head; | |
1472 | ||
1473 | static void | |
1474 | zpl_posix_acl_free(void *arg) | |
1475 | { | |
1476 | struct acl_rel_struct *freelist = NULL; | |
1477 | struct acl_rel_struct *a; | |
1478 | clock_t new_time; | |
1479 | boolean_t refire = B_FALSE; | |
1480 | ||
1481 | ASSERT3P(acl_rel_head, !=, NULL); | |
1482 | while (acl_rel_head) { | |
1483 | a = acl_rel_head; | |
1484 | if (ddi_get_lbolt() - a->time >= ACL_REL_GRACE) { | |
1485 | /* | |
1486 | * If a is the last node we need to reset tail, but we | |
1487 | * need to use cmpxchg to make sure it is still the | |
1488 | * last node. | |
1489 | */ | |
1490 | if (acl_rel_tail == &a->next) { | |
1491 | acl_rel_head = NULL; | |
1492 | if (cmpxchg(&acl_rel_tail, &a->next, | |
1493 | &acl_rel_head) == &a->next) { | |
1494 | ASSERT3P(a->next, ==, NULL); | |
1495 | a->next = freelist; | |
1496 | freelist = a; | |
1497 | break; | |
1498 | } | |
1499 | } | |
1500 | /* | |
1501 | * a is not last node, make sure next pointer is set | |
1502 | * by the adder and advance the head. | |
1503 | */ | |
93ce2b4c | 1504 | while (READ_ONCE(a->next) == NULL) |
8e71ab99 CC |
1505 | cpu_relax(); |
1506 | acl_rel_head = a->next; | |
1507 | a->next = freelist; | |
1508 | freelist = a; | |
1509 | } else { | |
1510 | /* | |
1511 | * a is still in grace period. We are responsible to | |
1512 | * reschedule the free task, since adder will only do | |
1513 | * so if list is empty. | |
1514 | */ | |
1515 | new_time = a->time + ACL_REL_SCHED; | |
1516 | refire = B_TRUE; | |
1517 | break; | |
1518 | } | |
1519 | } | |
1520 | ||
1521 | if (refire) | |
57ddcda1 CC |
1522 | taskq_dispatch_delay(system_delay_taskq, zpl_posix_acl_free, |
1523 | NULL, TQ_SLEEP, new_time); | |
8e71ab99 CC |
1524 | |
1525 | while (freelist) { | |
1526 | a = freelist; | |
1527 | freelist = a->next; | |
1528 | kfree(a->acl); | |
1529 | kmem_free(a, sizeof (struct acl_rel_struct)); | |
1530 | } | |
1531 | } | |
1532 | ||
1533 | void | |
1534 | zpl_posix_acl_release_impl(struct posix_acl *acl) | |
1535 | { | |
1536 | struct acl_rel_struct *a, **prev; | |
1537 | ||
1538 | a = kmem_alloc(sizeof (struct acl_rel_struct), KM_SLEEP); | |
1539 | a->next = NULL; | |
1540 | a->acl = acl; | |
1541 | a->time = ddi_get_lbolt(); | |
1542 | /* atomically points tail to us and get the previous tail */ | |
1543 | prev = xchg(&acl_rel_tail, &a->next); | |
1544 | ASSERT3P(*prev, ==, NULL); | |
1545 | *prev = a; | |
1546 | /* if it was empty before, schedule the free task */ | |
1547 | if (prev == &acl_rel_head) | |
57ddcda1 CC |
1548 | taskq_dispatch_delay(system_delay_taskq, zpl_posix_acl_free, |
1549 | NULL, TQ_SLEEP, ddi_get_lbolt() + ACL_REL_SCHED); | |
8e71ab99 CC |
1550 | } |
1551 | #endif |