4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see
18 * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
20 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
21 * CA 95054 USA or visit www.sun.com if you need additional information or
27 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
28 * Use is subject to license terms.
30 * Copyright (c) 2011, 2015, Intel Corporation.
33 * This file is part of Lustre, http://www.lustre.org/
34 * Lustre is a trademark of Sun Microsystems, Inc.
38 #include <linux/sched.h>
40 #include <linux/selinux.h>
42 #define DEBUG_SUBSYSTEM S_LLITE
44 #include "../include/obd_support.h"
45 #include "../include/lustre_lite.h"
46 #include "../include/lustre_dlm.h"
47 #include "../include/lustre_ver.h"
48 #include "../include/lustre_eacl.h"
50 #include "llite_internal.h"
52 #define XATTR_USER_T (1)
53 #define XATTR_TRUSTED_T (2)
54 #define XATTR_SECURITY_T (3)
55 #define XATTR_ACL_ACCESS_T (4)
56 #define XATTR_ACL_DEFAULT_T (5)
57 #define XATTR_LUSTRE_T (6)
58 #define XATTR_OTHER_T (7)
61 int get_xattr_type(const char *name
)
63 if (!strcmp(name
, XATTR_NAME_POSIX_ACL_ACCESS
))
64 return XATTR_ACL_ACCESS_T
;
66 if (!strcmp(name
, XATTR_NAME_POSIX_ACL_DEFAULT
))
67 return XATTR_ACL_DEFAULT_T
;
69 if (!strncmp(name
, XATTR_USER_PREFIX
,
70 sizeof(XATTR_USER_PREFIX
) - 1))
73 if (!strncmp(name
, XATTR_TRUSTED_PREFIX
,
74 sizeof(XATTR_TRUSTED_PREFIX
) - 1))
75 return XATTR_TRUSTED_T
;
77 if (!strncmp(name
, XATTR_SECURITY_PREFIX
,
78 sizeof(XATTR_SECURITY_PREFIX
) - 1))
79 return XATTR_SECURITY_T
;
81 if (!strncmp(name
, XATTR_LUSTRE_PREFIX
,
82 sizeof(XATTR_LUSTRE_PREFIX
) - 1))
83 return XATTR_LUSTRE_T
;
89 int xattr_type_filter(struct ll_sb_info
*sbi
, int xattr_type
)
91 if ((xattr_type
== XATTR_ACL_ACCESS_T
||
92 xattr_type
== XATTR_ACL_DEFAULT_T
) &&
93 !(sbi
->ll_flags
& LL_SBI_ACL
))
96 if (xattr_type
== XATTR_USER_T
&& !(sbi
->ll_flags
& LL_SBI_USER_XATTR
))
98 if (xattr_type
== XATTR_TRUSTED_T
&& !capable(CFS_CAP_SYS_ADMIN
))
100 if (xattr_type
== XATTR_OTHER_T
)
107 int ll_setxattr_common(struct inode
*inode
, const char *name
,
108 const void *value
, size_t size
,
109 int flags
, __u64 valid
)
111 struct ll_sb_info
*sbi
= ll_i2sbi(inode
);
112 struct ptlrpc_request
*req
= NULL
;
114 #ifdef CONFIG_FS_POSIX_ACL
115 struct rmtacl_ctl_entry
*rce
= NULL
;
116 posix_acl_xattr_header
*new_value
= NULL
;
117 ext_acl_xattr_header
*acl
= NULL
;
119 const char *pv
= value
;
121 xattr_type
= get_xattr_type(name
);
122 rc
= xattr_type_filter(sbi
, xattr_type
);
126 if ((xattr_type
== XATTR_ACL_ACCESS_T
||
127 xattr_type
== XATTR_ACL_DEFAULT_T
) &&
128 !inode_owner_or_capable(inode
))
131 /* b10667: ignore lustre special xattr for now */
132 if ((xattr_type
== XATTR_TRUSTED_T
&& strcmp(name
, "trusted.lov") == 0) ||
133 (xattr_type
== XATTR_LUSTRE_T
&& strcmp(name
, "lustre.lov") == 0))
136 /* b15587: ignore security.capability xattr for now */
137 if ((xattr_type
== XATTR_SECURITY_T
&&
138 strcmp(name
, "security.capability") == 0))
141 /* LU-549: Disable security.selinux when selinux is disabled */
142 if (xattr_type
== XATTR_SECURITY_T
&& !selinux_is_enabled() &&
143 strcmp(name
, "security.selinux") == 0)
146 #ifdef CONFIG_FS_POSIX_ACL
147 if (sbi
->ll_flags
& LL_SBI_RMT_CLIENT
&&
148 (xattr_type
== XATTR_ACL_ACCESS_T
||
149 xattr_type
== XATTR_ACL_DEFAULT_T
)) {
150 rce
= rct_search(&sbi
->ll_rct
, current_pid());
152 (rce
->rce_ops
!= RMT_LSETFACL
&&
153 rce
->rce_ops
!= RMT_RSETFACL
))
156 if (rce
->rce_ops
== RMT_LSETFACL
) {
157 struct eacl_entry
*ee
;
159 ee
= et_search_del(&sbi
->ll_et
, current_pid(),
160 ll_inode2fid(inode
), xattr_type
);
161 if (valid
& OBD_MD_FLXATTR
) {
162 acl
= lustre_acl_xattr_merge2ext(
163 (posix_acl_xattr_header
*)value
,
169 size
= CFS_ACL_XATTR_SIZE(\
170 le32_to_cpu(acl
->a_count
), \
172 pv
= (const char *)acl
;
175 } else if (rce
->rce_ops
== RMT_RSETFACL
) {
176 rc
= lustre_posix_acl_xattr_filter(
177 (posix_acl_xattr_header
*)value
,
179 if (unlikely(rc
< 0))
183 pv
= (const char *)new_value
;
187 valid
|= rce_ops2valid(rce
->rce_ops
);
190 rc
= md_setxattr(sbi
->ll_md_exp
, ll_inode2fid(inode
),
191 valid
, name
, pv
, size
, 0, flags
,
192 ll_i2suppgid(inode
), &req
);
193 #ifdef CONFIG_FS_POSIX_ACL
195 * Release the posix ACL space.
199 lustre_ext_acl_xattr_free(acl
);
202 if (rc
== -EOPNOTSUPP
&& xattr_type
== XATTR_USER_T
) {
203 LCONSOLE_INFO("Disabling user_xattr feature because it is not supported on the server\n");
204 sbi
->ll_flags
&= ~LL_SBI_USER_XATTR
;
209 ptlrpc_req_finished(req
);
213 int ll_setxattr(struct dentry
*dentry
, const char *name
,
214 const void *value
, size_t size
, int flags
)
216 struct inode
*inode
= d_inode(dentry
);
221 CDEBUG(D_VFSTRACE
, "VFS Op:inode=%lu/%u(%p), xattr %s\n",
222 inode
->i_ino
, inode
->i_generation
, inode
, name
);
224 ll_stats_ops_tally(ll_i2sbi(inode
), LPROC_LL_SETXATTR
, 1);
226 if ((strncmp(name
, XATTR_TRUSTED_PREFIX
,
227 sizeof(XATTR_TRUSTED_PREFIX
) - 1) == 0 &&
228 strcmp(name
+ sizeof(XATTR_TRUSTED_PREFIX
) - 1, "lov") == 0) ||
229 (strncmp(name
, XATTR_LUSTRE_PREFIX
,
230 sizeof(XATTR_LUSTRE_PREFIX
) - 1) == 0 &&
231 strcmp(name
+ sizeof(XATTR_LUSTRE_PREFIX
) - 1, "lov") == 0)) {
232 struct lov_user_md
*lump
= (struct lov_user_md
*)value
;
235 if (size
!= 0 && size
< sizeof(struct lov_user_md
))
238 /* Attributes that are saved via getxattr will always have
239 * the stripe_offset as 0. Instead, the MDS should be
240 * allowed to pick the starting OST index. b=17846
242 if (lump
&& lump
->lmm_stripe_offset
== 0)
243 lump
->lmm_stripe_offset
= -1;
245 if (lump
&& S_ISREG(inode
->i_mode
)) {
246 int flags
= FMODE_WRITE
;
247 int lum_size
= (lump
->lmm_magic
== LOV_USER_MAGIC_V1
) ?
248 sizeof(*lump
) : sizeof(struct lov_user_md_v3
);
250 rc
= ll_lov_setstripe_ea_info(inode
, dentry
, flags
, lump
,
252 /* b10667: rc always be 0 here for now */
254 } else if (S_ISDIR(inode
->i_mode
)) {
255 rc
= ll_dir_setstripe(inode
, lump
, 0);
260 } else if (strcmp(name
, XATTR_NAME_LMA
) == 0 ||
261 strcmp(name
, XATTR_NAME_LINK
) == 0)
264 return ll_setxattr_common(inode
, name
, value
, size
, flags
,
268 int ll_removexattr(struct dentry
*dentry
, const char *name
)
270 struct inode
*inode
= d_inode(dentry
);
275 CDEBUG(D_VFSTRACE
, "VFS Op:inode=%lu/%u(%p), xattr %s\n",
276 inode
->i_ino
, inode
->i_generation
, inode
, name
);
278 ll_stats_ops_tally(ll_i2sbi(inode
), LPROC_LL_REMOVEXATTR
, 1);
279 return ll_setxattr_common(inode
, name
, NULL
, 0, 0,
284 int ll_getxattr_common(struct inode
*inode
, const char *name
,
285 void *buffer
, size_t size
, __u64 valid
)
287 struct ll_sb_info
*sbi
= ll_i2sbi(inode
);
288 struct ptlrpc_request
*req
= NULL
;
289 struct mdt_body
*body
;
292 struct rmtacl_ctl_entry
*rce
= NULL
;
293 struct ll_inode_info
*lli
= ll_i2info(inode
);
295 CDEBUG(D_VFSTRACE
, "VFS Op:inode=%lu/%u(%p)\n",
296 inode
->i_ino
, inode
->i_generation
, inode
);
298 /* listxattr have slightly different behavior from of ext3:
299 * without 'user_xattr' ext3 will list all xattr names but
300 * filtered out "^user..*"; we list them all for simplicity.
303 xattr_type
= XATTR_OTHER_T
;
307 xattr_type
= get_xattr_type(name
);
308 rc
= xattr_type_filter(sbi
, xattr_type
);
312 /* b15587: ignore security.capability xattr for now */
313 if ((xattr_type
== XATTR_SECURITY_T
&&
314 strcmp(name
, "security.capability") == 0))
317 /* LU-549: Disable security.selinux when selinux is disabled */
318 if (xattr_type
== XATTR_SECURITY_T
&& !selinux_is_enabled() &&
319 strcmp(name
, "security.selinux") == 0)
322 #ifdef CONFIG_FS_POSIX_ACL
323 if (sbi
->ll_flags
& LL_SBI_RMT_CLIENT
&&
324 (xattr_type
== XATTR_ACL_ACCESS_T
||
325 xattr_type
== XATTR_ACL_DEFAULT_T
)) {
326 rce
= rct_search(&sbi
->ll_rct
, current_pid());
328 (rce
->rce_ops
!= RMT_LSETFACL
&&
329 rce
->rce_ops
!= RMT_LGETFACL
&&
330 rce
->rce_ops
!= RMT_RSETFACL
&&
331 rce
->rce_ops
!= RMT_RGETFACL
))
335 /* posix acl is under protection of LOOKUP lock. when calling to this,
336 * we just have path resolution to the target inode, so we have great
337 * chance that cached ACL is uptodate.
339 if (xattr_type
== XATTR_ACL_ACCESS_T
&&
340 !(sbi
->ll_flags
& LL_SBI_RMT_CLIENT
)) {
342 struct posix_acl
*acl
;
344 spin_lock(&lli
->lli_lock
);
345 acl
= posix_acl_dup(lli
->lli_posix_acl
);
346 spin_unlock(&lli
->lli_lock
);
351 rc
= posix_acl_to_xattr(&init_user_ns
, acl
, buffer
, size
);
352 posix_acl_release(acl
);
355 if (xattr_type
== XATTR_ACL_DEFAULT_T
&& !S_ISDIR(inode
->i_mode
))
360 if (sbi
->ll_xattr_cache_enabled
&& xattr_type
!= XATTR_ACL_ACCESS_T
) {
361 rc
= ll_xattr_cache_get(inode
, name
, buffer
, size
, valid
);
363 goto getxattr_nocache
;
367 /* Add "system.posix_acl_access" to the list */
368 if (lli
->lli_posix_acl
&& valid
& OBD_MD_FLXATTRLS
) {
370 rc
+= sizeof(XATTR_NAME_ACL_ACCESS
);
371 } else if (size
- rc
>= sizeof(XATTR_NAME_ACL_ACCESS
)) {
372 memcpy(buffer
+ rc
, XATTR_NAME_ACL_ACCESS
,
373 sizeof(XATTR_NAME_ACL_ACCESS
));
374 rc
+= sizeof(XATTR_NAME_ACL_ACCESS
);
382 rc
= md_getxattr(sbi
->ll_md_exp
, ll_inode2fid(inode
),
383 valid
| (rce
? rce_ops2valid(rce
->rce_ops
) : 0),
384 name
, NULL
, 0, size
, 0, &req
);
389 body
= req_capsule_server_get(&req
->rq_pill
, &RMF_MDT_BODY
);
392 /* only detect the xattr size */
394 rc
= body
->eadatasize
;
398 if (size
< body
->eadatasize
) {
399 CERROR("server bug: replied size %u > %u\n",
400 body
->eadatasize
, (int)size
);
405 if (body
->eadatasize
== 0) {
410 /* do not need swab xattr data */
411 xdata
= req_capsule_server_sized_get(&req
->rq_pill
, &RMF_EADATA
,
418 memcpy(buffer
, xdata
, body
->eadatasize
);
419 rc
= body
->eadatasize
;
422 #ifdef CONFIG_FS_POSIX_ACL
423 if (rce
&& rce
->rce_ops
== RMT_LSETFACL
) {
424 ext_acl_xattr_header
*acl
;
426 acl
= lustre_posix_acl_xattr_2ext(
427 (posix_acl_xattr_header
*)buffer
, rc
);
433 rc
= ee_add(&sbi
->ll_et
, current_pid(), ll_inode2fid(inode
),
435 if (unlikely(rc
< 0)) {
436 lustre_ext_acl_xattr_free(acl
);
443 if (rc
== -EOPNOTSUPP
&& xattr_type
== XATTR_USER_T
) {
445 "%s: disabling user_xattr feature because it is not supported on the server: rc = %d\n",
446 ll_get_fsname(inode
->i_sb
, NULL
, 0), rc
);
447 sbi
->ll_flags
&= ~LL_SBI_USER_XATTR
;
450 ptlrpc_req_finished(req
);
454 ssize_t
ll_getxattr(struct dentry
*dentry
, const char *name
,
455 void *buffer
, size_t size
)
457 struct inode
*inode
= d_inode(dentry
);
462 CDEBUG(D_VFSTRACE
, "VFS Op:inode=%lu/%u(%p), xattr %s\n",
463 inode
->i_ino
, inode
->i_generation
, inode
, name
);
465 ll_stats_ops_tally(ll_i2sbi(inode
), LPROC_LL_GETXATTR
, 1);
467 if ((strncmp(name
, XATTR_TRUSTED_PREFIX
,
468 sizeof(XATTR_TRUSTED_PREFIX
) - 1) == 0 &&
469 strcmp(name
+ sizeof(XATTR_TRUSTED_PREFIX
) - 1, "lov") == 0) ||
470 (strncmp(name
, XATTR_LUSTRE_PREFIX
,
471 sizeof(XATTR_LUSTRE_PREFIX
) - 1) == 0 &&
472 strcmp(name
+ sizeof(XATTR_LUSTRE_PREFIX
) - 1, "lov") == 0)) {
473 struct lov_stripe_md
*lsm
;
474 struct lov_user_md
*lump
;
475 struct lov_mds_md
*lmm
= NULL
;
476 struct ptlrpc_request
*request
= NULL
;
477 int rc
= 0, lmmsize
= 0;
479 if (!S_ISREG(inode
->i_mode
) && !S_ISDIR(inode
->i_mode
))
482 if (size
== 0 && S_ISDIR(inode
->i_mode
)) {
483 /* XXX directory EA is fix for now, optimize to save
486 rc
= sizeof(struct lov_user_md
);
490 lsm
= ccc_inode_lsm_get(inode
);
492 if (S_ISDIR(inode
->i_mode
)) {
493 rc
= ll_dir_getstripe(inode
, &lmm
,
499 /* LSM is present already after lookup/getattr call.
500 * we need to grab layout lock once it is implemented
502 rc
= obd_packmd(ll_i2dtexp(inode
), &lmm
, lsm
);
505 ccc_inode_lsm_put(inode
, lsm
);
511 /* used to call ll_get_max_mdsize() forward to get
512 * the maximum buffer size, while some apps (such as
513 * rsync 3.0.x) care much about the exact xattr value
520 if (size
< lmmsize
) {
521 CERROR("server bug: replied size %d > %d for %pd (%s)\n",
522 lmmsize
, (int)size
, dentry
, name
);
528 memcpy(lump
, lmm
, lmmsize
);
529 /* do not return layout gen for getxattr otherwise it would
530 * confuse tar --xattr by recognizing layout gen as stripe
531 * offset when the file is restored. See LU-2809.
533 lump
->lmm_layout_gen
= 0;
538 ptlrpc_req_finished(request
);
540 obd_free_diskmd(ll_i2dtexp(inode
), &lmm
);
544 return ll_getxattr_common(inode
, name
, buffer
, size
, OBD_MD_FLXATTR
);
547 ssize_t
ll_listxattr(struct dentry
*dentry
, char *buffer
, size_t size
)
549 struct inode
*inode
= d_inode(dentry
);
551 struct lov_mds_md
*lmm
= NULL
;
552 struct ptlrpc_request
*request
= NULL
;
557 CDEBUG(D_VFSTRACE
, "VFS Op:inode=%lu/%u(%p)\n",
558 inode
->i_ino
, inode
->i_generation
, inode
);
560 ll_stats_ops_tally(ll_i2sbi(inode
), LPROC_LL_LISTXATTR
, 1);
562 rc
= ll_getxattr_common(inode
, NULL
, buffer
, size
, OBD_MD_FLXATTRLS
);
567 struct ll_sb_info
*sbi
= ll_i2sbi(inode
);
568 char *xattr_name
= buffer
;
572 xlen
= strnlen(xattr_name
, rem
- 1) + 1;
574 if (xattr_type_filter(sbi
,
575 get_xattr_type(xattr_name
)) == 0) {
576 /* skip OK xattr type
582 /* move up remaining xattrs in buffer
583 * removing the xattr that is not OK
585 memmove(xattr_name
, xattr_name
+ xlen
, rem
);
589 if (S_ISREG(inode
->i_mode
)) {
590 if (!ll_i2info(inode
)->lli_has_smd
)
592 } else if (S_ISDIR(inode
->i_mode
)) {
593 rc2
= ll_dir_getstripe(inode
, &lmm
, &lmmsize
, &request
);
599 } else if (S_ISREG(inode
->i_mode
) || S_ISDIR(inode
->i_mode
)) {
600 const int prefix_len
= sizeof(XATTR_LUSTRE_PREFIX
) - 1;
601 const size_t name_len
= sizeof("lov") - 1;
602 const size_t total_len
= prefix_len
+ name_len
+ 1;
604 if (((rc
+ total_len
) > size
) && buffer
) {
605 ptlrpc_req_finished(request
);
611 memcpy(buffer
, XATTR_LUSTRE_PREFIX
, prefix_len
);
612 memcpy(buffer
+ prefix_len
, "lov", name_len
);
613 buffer
[prefix_len
+ name_len
] = '\0';
618 ptlrpc_req_finished(request
);