]>
Commit | Line | Data |
---|---|---|
1 | #include <linux/capability.h> | |
2 | #include <linux/fs.h> | |
3 | #include <linux/posix_acl.h> | |
4 | #include <linux/reiserfs_fs.h> | |
5 | #include <linux/errno.h> | |
6 | #include <linux/pagemap.h> | |
7 | #include <linux/xattr.h> | |
8 | #include <linux/posix_acl_xattr.h> | |
9 | #include <linux/reiserfs_xattr.h> | |
10 | #include <linux/reiserfs_acl.h> | |
11 | #include <asm/uaccess.h> | |
12 | ||
13 | static int reiserfs_set_acl(struct inode *inode, int type, | |
14 | struct posix_acl *acl); | |
15 | ||
16 | static int | |
17 | xattr_set_acl(struct inode *inode, int type, const void *value, size_t size) | |
18 | { | |
19 | struct posix_acl *acl; | |
20 | int error; | |
21 | ||
22 | if (!reiserfs_posixacl(inode->i_sb)) | |
23 | return -EOPNOTSUPP; | |
24 | if (!is_owner_or_cap(inode)) | |
25 | return -EPERM; | |
26 | ||
27 | if (value) { | |
28 | acl = posix_acl_from_xattr(value, size); | |
29 | if (IS_ERR(acl)) { | |
30 | return PTR_ERR(acl); | |
31 | } else if (acl) { | |
32 | error = posix_acl_valid(acl); | |
33 | if (error) | |
34 | goto release_and_out; | |
35 | } | |
36 | } else | |
37 | acl = NULL; | |
38 | ||
39 | error = reiserfs_set_acl(inode, type, acl); | |
40 | ||
41 | release_and_out: | |
42 | posix_acl_release(acl); | |
43 | return error; | |
44 | } | |
45 | ||
46 | static int | |
47 | xattr_get_acl(struct inode *inode, int type, void *buffer, size_t size) | |
48 | { | |
49 | struct posix_acl *acl; | |
50 | int error; | |
51 | ||
52 | if (!reiserfs_posixacl(inode->i_sb)) | |
53 | return -EOPNOTSUPP; | |
54 | ||
55 | acl = reiserfs_get_acl(inode, type); | |
56 | if (IS_ERR(acl)) | |
57 | return PTR_ERR(acl); | |
58 | if (acl == NULL) | |
59 | return -ENODATA; | |
60 | error = posix_acl_to_xattr(acl, buffer, size); | |
61 | posix_acl_release(acl); | |
62 | ||
63 | return error; | |
64 | } | |
65 | ||
66 | /* | |
67 | * Convert from filesystem to in-memory representation. | |
68 | */ | |
69 | static struct posix_acl *posix_acl_from_disk(const void *value, size_t size) | |
70 | { | |
71 | const char *end = (char *)value + size; | |
72 | int n, count; | |
73 | struct posix_acl *acl; | |
74 | ||
75 | if (!value) | |
76 | return NULL; | |
77 | if (size < sizeof(reiserfs_acl_header)) | |
78 | return ERR_PTR(-EINVAL); | |
79 | if (((reiserfs_acl_header *) value)->a_version != | |
80 | cpu_to_le32(REISERFS_ACL_VERSION)) | |
81 | return ERR_PTR(-EINVAL); | |
82 | value = (char *)value + sizeof(reiserfs_acl_header); | |
83 | count = reiserfs_acl_count(size); | |
84 | if (count < 0) | |
85 | return ERR_PTR(-EINVAL); | |
86 | if (count == 0) | |
87 | return NULL; | |
88 | acl = posix_acl_alloc(count, GFP_NOFS); | |
89 | if (!acl) | |
90 | return ERR_PTR(-ENOMEM); | |
91 | for (n = 0; n < count; n++) { | |
92 | reiserfs_acl_entry *entry = (reiserfs_acl_entry *) value; | |
93 | if ((char *)value + sizeof(reiserfs_acl_entry_short) > end) | |
94 | goto fail; | |
95 | acl->a_entries[n].e_tag = le16_to_cpu(entry->e_tag); | |
96 | acl->a_entries[n].e_perm = le16_to_cpu(entry->e_perm); | |
97 | switch (acl->a_entries[n].e_tag) { | |
98 | case ACL_USER_OBJ: | |
99 | case ACL_GROUP_OBJ: | |
100 | case ACL_MASK: | |
101 | case ACL_OTHER: | |
102 | value = (char *)value + | |
103 | sizeof(reiserfs_acl_entry_short); | |
104 | acl->a_entries[n].e_id = ACL_UNDEFINED_ID; | |
105 | break; | |
106 | ||
107 | case ACL_USER: | |
108 | case ACL_GROUP: | |
109 | value = (char *)value + sizeof(reiserfs_acl_entry); | |
110 | if ((char *)value > end) | |
111 | goto fail; | |
112 | acl->a_entries[n].e_id = le32_to_cpu(entry->e_id); | |
113 | break; | |
114 | ||
115 | default: | |
116 | goto fail; | |
117 | } | |
118 | } | |
119 | if (value != end) | |
120 | goto fail; | |
121 | return acl; | |
122 | ||
123 | fail: | |
124 | posix_acl_release(acl); | |
125 | return ERR_PTR(-EINVAL); | |
126 | } | |
127 | ||
128 | /* | |
129 | * Convert from in-memory to filesystem representation. | |
130 | */ | |
131 | static void *posix_acl_to_disk(const struct posix_acl *acl, size_t * size) | |
132 | { | |
133 | reiserfs_acl_header *ext_acl; | |
134 | char *e; | |
135 | int n; | |
136 | ||
137 | *size = reiserfs_acl_size(acl->a_count); | |
138 | ext_acl = kmalloc(sizeof(reiserfs_acl_header) + | |
139 | acl->a_count * | |
140 | sizeof(reiserfs_acl_entry), | |
141 | GFP_NOFS); | |
142 | if (!ext_acl) | |
143 | return ERR_PTR(-ENOMEM); | |
144 | ext_acl->a_version = cpu_to_le32(REISERFS_ACL_VERSION); | |
145 | e = (char *)ext_acl + sizeof(reiserfs_acl_header); | |
146 | for (n = 0; n < acl->a_count; n++) { | |
147 | reiserfs_acl_entry *entry = (reiserfs_acl_entry *) e; | |
148 | entry->e_tag = cpu_to_le16(acl->a_entries[n].e_tag); | |
149 | entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm); | |
150 | switch (acl->a_entries[n].e_tag) { | |
151 | case ACL_USER: | |
152 | case ACL_GROUP: | |
153 | entry->e_id = cpu_to_le32(acl->a_entries[n].e_id); | |
154 | e += sizeof(reiserfs_acl_entry); | |
155 | break; | |
156 | ||
157 | case ACL_USER_OBJ: | |
158 | case ACL_GROUP_OBJ: | |
159 | case ACL_MASK: | |
160 | case ACL_OTHER: | |
161 | e += sizeof(reiserfs_acl_entry_short); | |
162 | break; | |
163 | ||
164 | default: | |
165 | goto fail; | |
166 | } | |
167 | } | |
168 | return (char *)ext_acl; | |
169 | ||
170 | fail: | |
171 | kfree(ext_acl); | |
172 | return ERR_PTR(-EINVAL); | |
173 | } | |
174 | ||
175 | static inline void iset_acl(struct inode *inode, struct posix_acl **i_acl, | |
176 | struct posix_acl *acl) | |
177 | { | |
178 | spin_lock(&inode->i_lock); | |
179 | if (*i_acl != ERR_PTR(-ENODATA)) | |
180 | posix_acl_release(*i_acl); | |
181 | *i_acl = posix_acl_dup(acl); | |
182 | spin_unlock(&inode->i_lock); | |
183 | } | |
184 | ||
185 | static inline struct posix_acl *iget_acl(struct inode *inode, | |
186 | struct posix_acl **i_acl) | |
187 | { | |
188 | struct posix_acl *acl = ERR_PTR(-ENODATA); | |
189 | ||
190 | spin_lock(&inode->i_lock); | |
191 | if (*i_acl != ERR_PTR(-ENODATA)) | |
192 | acl = posix_acl_dup(*i_acl); | |
193 | spin_unlock(&inode->i_lock); | |
194 | ||
195 | return acl; | |
196 | } | |
197 | ||
198 | /* | |
199 | * Inode operation get_posix_acl(). | |
200 | * | |
201 | * inode->i_mutex: down | |
202 | * BKL held [before 2.5.x] | |
203 | */ | |
204 | struct posix_acl *reiserfs_get_acl(struct inode *inode, int type) | |
205 | { | |
206 | char *name, *value; | |
207 | struct posix_acl *acl, **p_acl; | |
208 | int size; | |
209 | int retval; | |
210 | struct reiserfs_inode_info *reiserfs_i = REISERFS_I(inode); | |
211 | ||
212 | switch (type) { | |
213 | case ACL_TYPE_ACCESS: | |
214 | name = POSIX_ACL_XATTR_ACCESS; | |
215 | p_acl = &reiserfs_i->i_acl_access; | |
216 | break; | |
217 | case ACL_TYPE_DEFAULT: | |
218 | name = POSIX_ACL_XATTR_DEFAULT; | |
219 | p_acl = &reiserfs_i->i_acl_default; | |
220 | break; | |
221 | default: | |
222 | return ERR_PTR(-EINVAL); | |
223 | } | |
224 | ||
225 | acl = iget_acl(inode, p_acl); | |
226 | if (acl && !IS_ERR(acl)) | |
227 | return acl; | |
228 | else if (PTR_ERR(acl) == -ENODATA) | |
229 | return NULL; | |
230 | ||
231 | size = reiserfs_xattr_get(inode, name, NULL, 0); | |
232 | if (size < 0) { | |
233 | if (size == -ENODATA || size == -ENOSYS) { | |
234 | *p_acl = ERR_PTR(-ENODATA); | |
235 | return NULL; | |
236 | } | |
237 | return ERR_PTR(size); | |
238 | } | |
239 | ||
240 | value = kmalloc(size, GFP_NOFS); | |
241 | if (!value) | |
242 | return ERR_PTR(-ENOMEM); | |
243 | ||
244 | retval = reiserfs_xattr_get(inode, name, value, size); | |
245 | if (retval == -ENODATA || retval == -ENOSYS) { | |
246 | /* This shouldn't actually happen as it should have | |
247 | been caught above.. but just in case */ | |
248 | acl = NULL; | |
249 | *p_acl = ERR_PTR(-ENODATA); | |
250 | } else if (retval < 0) { | |
251 | acl = ERR_PTR(retval); | |
252 | } else { | |
253 | acl = posix_acl_from_disk(value, retval); | |
254 | if (!IS_ERR(acl)) | |
255 | iset_acl(inode, p_acl, acl); | |
256 | } | |
257 | ||
258 | kfree(value); | |
259 | return acl; | |
260 | } | |
261 | ||
262 | /* | |
263 | * Inode operation set_posix_acl(). | |
264 | * | |
265 | * inode->i_mutex: down | |
266 | * BKL held [before 2.5.x] | |
267 | */ | |
268 | static int | |
269 | reiserfs_set_acl(struct inode *inode, int type, struct posix_acl *acl) | |
270 | { | |
271 | char *name; | |
272 | void *value = NULL; | |
273 | struct posix_acl **p_acl; | |
274 | size_t size = 0; | |
275 | int error; | |
276 | struct reiserfs_inode_info *reiserfs_i = REISERFS_I(inode); | |
277 | ||
278 | if (S_ISLNK(inode->i_mode)) | |
279 | return -EOPNOTSUPP; | |
280 | ||
281 | switch (type) { | |
282 | case ACL_TYPE_ACCESS: | |
283 | name = POSIX_ACL_XATTR_ACCESS; | |
284 | p_acl = &reiserfs_i->i_acl_access; | |
285 | if (acl) { | |
286 | mode_t mode = inode->i_mode; | |
287 | error = posix_acl_equiv_mode(acl, &mode); | |
288 | if (error < 0) | |
289 | return error; | |
290 | else { | |
291 | inode->i_mode = mode; | |
292 | if (error == 0) | |
293 | acl = NULL; | |
294 | } | |
295 | } | |
296 | break; | |
297 | case ACL_TYPE_DEFAULT: | |
298 | name = POSIX_ACL_XATTR_DEFAULT; | |
299 | p_acl = &reiserfs_i->i_acl_default; | |
300 | if (!S_ISDIR(inode->i_mode)) | |
301 | return acl ? -EACCES : 0; | |
302 | break; | |
303 | default: | |
304 | return -EINVAL; | |
305 | } | |
306 | ||
307 | if (acl) { | |
308 | value = posix_acl_to_disk(acl, &size); | |
309 | if (IS_ERR(value)) | |
310 | return (int)PTR_ERR(value); | |
311 | } | |
312 | ||
313 | error = __reiserfs_xattr_set(inode, name, value, size, 0); | |
314 | ||
315 | /* | |
316 | * Ensure that the inode gets dirtied if we're only using | |
317 | * the mode bits and an old ACL didn't exist. We don't need | |
318 | * to check if the inode is hashed here since we won't get | |
319 | * called by reiserfs_inherit_default_acl(). | |
320 | */ | |
321 | if (error == -ENODATA) { | |
322 | error = 0; | |
323 | if (type == ACL_TYPE_ACCESS) { | |
324 | inode->i_ctime = CURRENT_TIME_SEC; | |
325 | mark_inode_dirty(inode); | |
326 | } | |
327 | } | |
328 | ||
329 | kfree(value); | |
330 | ||
331 | if (!error) | |
332 | iset_acl(inode, p_acl, acl); | |
333 | ||
334 | return error; | |
335 | } | |
336 | ||
337 | /* dir->i_mutex: locked, | |
338 | * inode is new and not released into the wild yet */ | |
339 | int | |
340 | reiserfs_inherit_default_acl(struct inode *dir, struct dentry *dentry, | |
341 | struct inode *inode) | |
342 | { | |
343 | struct posix_acl *acl; | |
344 | int err = 0; | |
345 | ||
346 | /* ACLs only get applied to files and directories */ | |
347 | if (S_ISLNK(inode->i_mode)) | |
348 | return 0; | |
349 | ||
350 | /* ACLs can only be used on "new" objects, so if it's an old object | |
351 | * there is nothing to inherit from */ | |
352 | if (get_inode_sd_version(dir) == STAT_DATA_V1) | |
353 | goto apply_umask; | |
354 | ||
355 | /* Don't apply ACLs to objects in the .reiserfs_priv tree.. This | |
356 | * would be useless since permissions are ignored, and a pain because | |
357 | * it introduces locking cycles */ | |
358 | if (IS_PRIVATE(dir)) { | |
359 | inode->i_flags |= S_PRIVATE; | |
360 | goto apply_umask; | |
361 | } | |
362 | ||
363 | acl = reiserfs_get_acl(dir, ACL_TYPE_DEFAULT); | |
364 | if (IS_ERR(acl)) { | |
365 | if (PTR_ERR(acl) == -ENODATA) | |
366 | goto apply_umask; | |
367 | return PTR_ERR(acl); | |
368 | } | |
369 | ||
370 | if (acl) { | |
371 | struct posix_acl *acl_copy; | |
372 | mode_t mode = inode->i_mode; | |
373 | int need_acl; | |
374 | ||
375 | /* Copy the default ACL to the default ACL of a new directory */ | |
376 | if (S_ISDIR(inode->i_mode)) { | |
377 | err = reiserfs_set_acl(inode, ACL_TYPE_DEFAULT, acl); | |
378 | if (err) | |
379 | goto cleanup; | |
380 | } | |
381 | ||
382 | /* Now we reconcile the new ACL and the mode, | |
383 | potentially modifying both */ | |
384 | acl_copy = posix_acl_clone(acl, GFP_NOFS); | |
385 | if (!acl_copy) { | |
386 | err = -ENOMEM; | |
387 | goto cleanup; | |
388 | } | |
389 | ||
390 | need_acl = posix_acl_create_masq(acl_copy, &mode); | |
391 | if (need_acl >= 0) { | |
392 | if (mode != inode->i_mode) { | |
393 | inode->i_mode = mode; | |
394 | } | |
395 | ||
396 | /* If we need an ACL.. */ | |
397 | if (need_acl > 0) { | |
398 | err = | |
399 | reiserfs_set_acl(inode, ACL_TYPE_ACCESS, | |
400 | acl_copy); | |
401 | if (err) | |
402 | goto cleanup_copy; | |
403 | } | |
404 | } | |
405 | cleanup_copy: | |
406 | posix_acl_release(acl_copy); | |
407 | cleanup: | |
408 | posix_acl_release(acl); | |
409 | } else { | |
410 | apply_umask: | |
411 | /* no ACL, apply umask */ | |
412 | inode->i_mode &= ~current->fs->umask; | |
413 | } | |
414 | ||
415 | return err; | |
416 | } | |
417 | ||
418 | /* Looks up and caches the result of the default ACL. | |
419 | * We do this so that we don't need to carry the xattr_sem into | |
420 | * reiserfs_new_inode if we don't need to */ | |
421 | int reiserfs_cache_default_acl(struct inode *inode) | |
422 | { | |
423 | int ret = 0; | |
424 | if (reiserfs_posixacl(inode->i_sb) && !IS_PRIVATE(inode)) { | |
425 | struct posix_acl *acl; | |
426 | acl = reiserfs_get_acl(inode, ACL_TYPE_DEFAULT); | |
427 | ret = (acl && !IS_ERR(acl)); | |
428 | if (ret) | |
429 | posix_acl_release(acl); | |
430 | } | |
431 | ||
432 | return ret; | |
433 | } | |
434 | ||
435 | int reiserfs_acl_chmod(struct inode *inode) | |
436 | { | |
437 | struct posix_acl *acl, *clone; | |
438 | int error; | |
439 | ||
440 | if (S_ISLNK(inode->i_mode)) | |
441 | return -EOPNOTSUPP; | |
442 | ||
443 | if (get_inode_sd_version(inode) == STAT_DATA_V1 || | |
444 | !reiserfs_posixacl(inode->i_sb)) { | |
445 | return 0; | |
446 | } | |
447 | ||
448 | acl = reiserfs_get_acl(inode, ACL_TYPE_ACCESS); | |
449 | if (!acl) | |
450 | return 0; | |
451 | if (IS_ERR(acl)) | |
452 | return PTR_ERR(acl); | |
453 | clone = posix_acl_clone(acl, GFP_NOFS); | |
454 | posix_acl_release(acl); | |
455 | if (!clone) | |
456 | return -ENOMEM; | |
457 | error = posix_acl_chmod_masq(clone, inode->i_mode); | |
458 | if (!error) | |
459 | error = reiserfs_set_acl(inode, ACL_TYPE_ACCESS, clone); | |
460 | posix_acl_release(clone); | |
461 | return error; | |
462 | } | |
463 | ||
464 | static int | |
465 | posix_acl_access_get(struct inode *inode, const char *name, | |
466 | void *buffer, size_t size) | |
467 | { | |
468 | if (strlen(name) != sizeof(POSIX_ACL_XATTR_ACCESS) - 1) | |
469 | return -EINVAL; | |
470 | return xattr_get_acl(inode, ACL_TYPE_ACCESS, buffer, size); | |
471 | } | |
472 | ||
473 | static int | |
474 | posix_acl_access_set(struct inode *inode, const char *name, | |
475 | const void *value, size_t size, int flags) | |
476 | { | |
477 | if (strlen(name) != sizeof(POSIX_ACL_XATTR_ACCESS) - 1) | |
478 | return -EINVAL; | |
479 | return xattr_set_acl(inode, ACL_TYPE_ACCESS, value, size); | |
480 | } | |
481 | ||
482 | static size_t posix_acl_access_list(struct inode *inode, char *list, | |
483 | size_t list_size, const char *name, | |
484 | size_t name_len) | |
485 | { | |
486 | const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS); | |
487 | if (!reiserfs_posixacl(inode->i_sb)) | |
488 | return 0; | |
489 | if (list && size <= list_size) | |
490 | memcpy(list, POSIX_ACL_XATTR_ACCESS, size); | |
491 | return size; | |
492 | } | |
493 | ||
494 | struct xattr_handler reiserfs_posix_acl_access_handler = { | |
495 | .prefix = POSIX_ACL_XATTR_ACCESS, | |
496 | .get = posix_acl_access_get, | |
497 | .set = posix_acl_access_set, | |
498 | .list = posix_acl_access_list, | |
499 | }; | |
500 | ||
501 | static int | |
502 | posix_acl_default_get(struct inode *inode, const char *name, | |
503 | void *buffer, size_t size) | |
504 | { | |
505 | if (strlen(name) != sizeof(POSIX_ACL_XATTR_DEFAULT) - 1) | |
506 | return -EINVAL; | |
507 | return xattr_get_acl(inode, ACL_TYPE_DEFAULT, buffer, size); | |
508 | } | |
509 | ||
510 | static int | |
511 | posix_acl_default_set(struct inode *inode, const char *name, | |
512 | const void *value, size_t size, int flags) | |
513 | { | |
514 | if (strlen(name) != sizeof(POSIX_ACL_XATTR_DEFAULT) - 1) | |
515 | return -EINVAL; | |
516 | return xattr_set_acl(inode, ACL_TYPE_DEFAULT, value, size); | |
517 | } | |
518 | ||
519 | static size_t posix_acl_default_list(struct inode *inode, char *list, | |
520 | size_t list_size, const char *name, | |
521 | size_t name_len) | |
522 | { | |
523 | const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT); | |
524 | if (!reiserfs_posixacl(inode->i_sb)) | |
525 | return 0; | |
526 | if (list && size <= list_size) | |
527 | memcpy(list, POSIX_ACL_XATTR_DEFAULT, size); | |
528 | return size; | |
529 | } | |
530 | ||
531 | struct xattr_handler reiserfs_posix_acl_default_handler = { | |
532 | .prefix = POSIX_ACL_XATTR_DEFAULT, | |
533 | .get = posix_acl_default_get, | |
534 | .set = posix_acl_default_set, | |
535 | .list = posix_acl_default_list, | |
536 | }; |