4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 2011, Lawrence Livermore National Security, LLC.
24 * Extended attributes (xattr) on Solaris are implemented as files
25 * which exist in a hidden xattr directory. These extended attributes
26 * can be accessed using the attropen() system call which opens
27 * the extended attribute. It can then be manipulated just like
28 * a standard file descriptor. This has a couple advantages such
29 * as practically no size limit on the file, and the extended
30 * attributes permissions may differ from those of the parent file.
31 * This interface is really quite clever, but it's also completely
32 * different than what is supported on Linux. It also comes with a
33 * steep performance penalty when accessing small xattrs because they
34 * are not stored with the parent file.
36 * Under Linux extended attributes are manipulated by the system
37 * calls getxattr(2), setxattr(2), and listxattr(2). They consider
38 * extended attributes to be name/value pairs where the name is a
39 * NULL terminated string. The name must also include one of the
40 * following namespace prefixes:
42 * user - No restrictions and is available to user applications.
43 * trusted - Restricted to kernel and root (CAP_SYS_ADMIN) use.
44 * system - Used for access control lists (system.nfs4_acl, etc).
45 * security - Used by SELinux to store a files security context.
47 * The value under Linux to limited to 65536 bytes of binary data.
48 * In practice, individual xattrs tend to be much smaller than this
49 * and are typically less than 100 bytes. A good example of this
50 * are the security.selinux xattrs which are less than 100 bytes and
51 * exist for every file when xattr labeling is enabled.
53 * The Linux xattr implemenation has been written to take advantage of
54 * this typical usage. When the dataset property 'xattr=sa' is set,
55 * then xattrs will be preferentially stored as System Attributes (SA).
56 * This allows tiny xattrs (~100 bytes) to be stored with the dnode and
57 * up to 64k of xattrs to be stored in the spill block. If additional
58 * xattr space is required, which is unlikely under Linux, they will
59 * be stored using the traditional directory approach.
61 * This optimization results in roughly a 3x performance improvement
62 * when accessing xattrs because it avoids the need to perform a seek
63 * for every xattr value. When multiple xattrs are stored per-file
64 * the performance improvements are even greater because all of the
65 * xattrs stored in the spill block will be cached.
67 * However, by default SA based xattrs are disabled in the Linux port
68 * to maximize compatibility with other implementations. If you do
69 * enable SA based xattrs then they will not be visible on platforms
70 * which do not support this feature.
72 * NOTE: One additional consequence of the xattr directory implementation
73 * is that when an extended attribute is manipulated an inode is created.
74 * This inode will exist in the Linux inode cache but there will be no
75 * associated entry in the dentry cache which references it. This is
76 * safe but it may result in some confusion. Enabling SA based xattrs
77 * largely avoids the issue except in the overflow case.
80 #include <sys/zfs_vfsops.h>
81 #include <sys/zfs_vnops.h>
82 #include <sys/zfs_znode.h>
87 typedef struct xattr_filldir
{
95 zpl_xattr_filldir(xattr_filldir_t
*xf
, const char *name
, int name_len
)
97 if (strncmp(name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
) == 0)
98 if (!(ITOZSB(xf
->inode
)->z_flags
& ZSB_XATTR
))
101 if (strncmp(name
, XATTR_TRUSTED_PREFIX
, XATTR_TRUSTED_PREFIX_LEN
) == 0)
102 if (!capable(CAP_SYS_ADMIN
))
105 /* When xf->buf is NULL only calculate the required size. */
107 if (xf
->offset
+ name_len
+ 1 > xf
->size
)
110 memcpy(xf
->buf
+ xf
->offset
, name
, name_len
);
111 xf
->buf
[xf
->offset
+ name_len
] = '\0';
114 xf
->offset
+= (name_len
+ 1);
120 * Read as many directory entry names as will fit in to the provided buffer,
121 * or when no buffer is provided calculate the required buffer size.
124 zpl_xattr_readdir(struct inode
*dxip
, xattr_filldir_t
*xf
)
130 zap_cursor_init(&zc
, ITOZSB(dxip
)->z_os
, ITOZ(dxip
)->z_id
);
132 while ((error
= -zap_cursor_retrieve(&zc
, &zap
)) == 0) {
134 if (zap
.za_integer_length
!= 8 || zap
.za_num_integers
!= 1) {
139 error
= zpl_xattr_filldir(xf
, zap
.za_name
, strlen(zap
.za_name
));
143 zap_cursor_advance(&zc
);
146 zap_cursor_fini(&zc
);
148 if (error
== -ENOENT
)
155 zpl_xattr_list_dir(xattr_filldir_t
*xf
, cred_t
*cr
)
157 struct inode
*ip
= xf
->inode
;
158 struct inode
*dxip
= NULL
;
161 /* Lookup the xattr directory */
162 error
= -zfs_lookup(ip
, NULL
, &dxip
, LOOKUP_XATTR
, cr
, NULL
, NULL
);
164 if (error
== -ENOENT
)
170 error
= zpl_xattr_readdir(dxip
, xf
);
177 zpl_xattr_list_sa(xattr_filldir_t
*xf
)
179 znode_t
*zp
= ITOZ(xf
->inode
);
180 nvpair_t
*nvp
= NULL
;
183 mutex_enter(&zp
->z_lock
);
184 if (zp
->z_xattr_cached
== NULL
)
185 error
= -zfs_sa_get_xattr(zp
);
186 mutex_exit(&zp
->z_lock
);
191 ASSERT(zp
->z_xattr_cached
);
193 while ((nvp
= nvlist_next_nvpair(zp
->z_xattr_cached
, nvp
)) != NULL
) {
194 ASSERT3U(nvpair_type(nvp
), ==, DATA_TYPE_BYTE_ARRAY
);
196 error
= zpl_xattr_filldir(xf
, nvpair_name(nvp
),
197 strlen(nvpair_name(nvp
)));
206 zpl_xattr_list(struct dentry
*dentry
, char *buffer
, size_t buffer_size
)
208 znode_t
*zp
= ITOZ(dentry
->d_inode
);
209 zfs_sb_t
*zsb
= ZTOZSB(zp
);
210 xattr_filldir_t xf
= { buffer_size
, 0, buffer
, dentry
->d_inode
};
215 rw_enter(&zp
->z_xattr_lock
, RW_READER
);
217 if (zsb
->z_use_sa
&& zp
->z_is_sa
) {
218 error
= zpl_xattr_list_sa(&xf
);
223 error
= zpl_xattr_list_dir(&xf
, cr
);
230 rw_exit(&zp
->z_xattr_lock
);
237 zpl_xattr_get_dir(struct inode
*ip
, const char *name
, void *value
,
238 size_t size
, cred_t
*cr
)
240 struct inode
*dxip
= NULL
;
241 struct inode
*xip
= NULL
;
245 /* Lookup the xattr directory */
246 error
= -zfs_lookup(ip
, NULL
, &dxip
, LOOKUP_XATTR
, cr
, NULL
, NULL
);
250 /* Lookup a specific xattr name in the directory */
251 error
= -zfs_lookup(dxip
, (char *)name
, &xip
, 0, cr
, NULL
, NULL
);
256 error
= i_size_read(xip
);
260 if (size
< i_size_read(xip
)) {
265 error
= zpl_read_common(xip
, value
, size
, &pos
, UIO_SYSSPACE
, 0, cr
);
277 zpl_xattr_get_sa(struct inode
*ip
, const char *name
, void *value
, size_t size
)
279 znode_t
*zp
= ITOZ(ip
);
284 ASSERT(RW_LOCK_HELD(&zp
->z_xattr_lock
));
286 mutex_enter(&zp
->z_lock
);
287 if (zp
->z_xattr_cached
== NULL
)
288 error
= -zfs_sa_get_xattr(zp
);
289 mutex_exit(&zp
->z_lock
);
294 ASSERT(zp
->z_xattr_cached
);
295 error
= -nvlist_lookup_byte_array(zp
->z_xattr_cached
, name
,
296 &nv_value
, &nv_size
);
306 memcpy(value
, nv_value
, nv_size
);
312 __zpl_xattr_get(struct inode
*ip
, const char *name
, void *value
, size_t size
,
315 znode_t
*zp
= ITOZ(ip
);
316 zfs_sb_t
*zsb
= ZTOZSB(zp
);
319 ASSERT(RW_LOCK_HELD(&zp
->z_xattr_lock
));
321 if (zsb
->z_use_sa
&& zp
->z_is_sa
) {
322 error
= zpl_xattr_get_sa(ip
, name
, value
, size
);
323 if (error
!= -ENOENT
)
327 error
= zpl_xattr_get_dir(ip
, name
, value
, size
, cr
);
329 if (error
== -ENOENT
)
336 zpl_xattr_get(struct inode
*ip
, const char *name
, void *value
, size_t size
)
338 znode_t
*zp
= ITOZ(ip
);
343 rw_enter(&zp
->z_xattr_lock
, RW_READER
);
344 error
= __zpl_xattr_get(ip
, name
, value
, size
, cr
);
345 rw_exit(&zp
->z_xattr_lock
);
352 zpl_xattr_set_dir(struct inode
*ip
, const char *name
, const void *value
,
353 size_t size
, int flags
, cred_t
*cr
)
355 struct inode
*dxip
= NULL
;
356 struct inode
*xip
= NULL
;
359 int lookup_flags
, error
;
360 const int xattr_mode
= S_IFREG
| 0644;
364 * Lookup the xattr directory. When we're adding an entry pass
365 * CREATE_XATTR_DIR to ensure the xattr directory is created.
366 * When removing an entry this flag is not passed to avoid
367 * unnecessarily creating a new xattr directory.
369 lookup_flags
= LOOKUP_XATTR
;
371 lookup_flags
|= CREATE_XATTR_DIR
;
373 error
= -zfs_lookup(ip
, NULL
, &dxip
, lookup_flags
, cr
, NULL
, NULL
);
377 /* Lookup a specific xattr name in the directory */
378 error
= -zfs_lookup(dxip
, (char *)name
, &xip
, 0, cr
, NULL
, NULL
);
379 if (error
&& (error
!= -ENOENT
))
384 /* Remove a specific name xattr when value is set to NULL. */
387 error
= -zfs_remove(dxip
, (char *)name
, cr
);
392 /* Lookup failed create a new xattr. */
394 vap
= kmem_zalloc(sizeof (vattr_t
), KM_SLEEP
);
395 vap
->va_mode
= xattr_mode
;
396 vap
->va_mask
= ATTR_MODE
;
397 vap
->va_uid
= crgetfsuid(cr
);
398 vap
->va_gid
= crgetfsgid(cr
);
400 error
= -zfs_create(dxip
, (char *)name
, vap
, 0, 0644, &xip
,
408 error
= -zfs_freesp(ITOZ(xip
), 0, 0, xattr_mode
, TRUE
);
412 wrote
= zpl_write_common(xip
, value
, size
, &pos
, UIO_SYSSPACE
, 0, cr
);
418 kmem_free(vap
, sizeof (vattr_t
));
426 if (error
== -ENOENT
)
429 ASSERT3S(error
, <=, 0);
435 zpl_xattr_set_sa(struct inode
*ip
, const char *name
, const void *value
,
436 size_t size
, int flags
, cred_t
*cr
)
438 znode_t
*zp
= ITOZ(ip
);
443 ASSERT(zp
->z_xattr_cached
);
444 nvl
= zp
->z_xattr_cached
;
447 error
= -nvlist_remove(nvl
, name
, DATA_TYPE_BYTE_ARRAY
);
448 if (error
== -ENOENT
)
449 error
= zpl_xattr_set_dir(ip
, name
, NULL
, 0, flags
, cr
);
451 /* Limited to 32k to keep nvpair memory allocations small */
452 if (size
> DXATTR_MAX_ENTRY_SIZE
)
455 /* Prevent the DXATTR SA from consuming the entire SA region */
456 error
= -nvlist_size(nvl
, &sa_size
, NV_ENCODE_XDR
);
460 if (sa_size
> DXATTR_MAX_SA_SIZE
)
463 error
= -nvlist_add_byte_array(nvl
, name
,
464 (uchar_t
*)value
, size
);
469 /* Update the SA for additions, modifications, and removals. */
471 error
= -zfs_sa_set_xattr(zp
);
473 ASSERT3S(error
, <=, 0);
479 zpl_xattr_set(struct inode
*ip
, const char *name
, const void *value
,
480 size_t size
, int flags
)
482 znode_t
*zp
= ITOZ(ip
);
483 zfs_sb_t
*zsb
= ZTOZSB(zp
);
488 rw_enter(&ITOZ(ip
)->z_xattr_lock
, RW_WRITER
);
491 * Before setting the xattr check to see if it already exists.
492 * This is done to ensure the following optional flags are honored.
494 * XATTR_CREATE: fail if xattr already exists
495 * XATTR_REPLACE: fail if xattr does not exist
497 error
= __zpl_xattr_get(ip
, name
, NULL
, 0, cr
);
499 if (error
!= -ENODATA
)
502 if (flags
& XATTR_REPLACE
)
505 /* The xattr to be removed already doesn't exist */
511 if (flags
& XATTR_CREATE
)
515 /* Preferentially store the xattr as a SA for better performance */
516 if (zsb
->z_use_sa
&& zsb
->z_xattr_sa
&& zp
->z_is_sa
) {
517 error
= zpl_xattr_set_sa(ip
, name
, value
, size
, flags
, cr
);
522 error
= zpl_xattr_set_dir(ip
, name
, value
, size
, flags
, cr
);
524 rw_exit(&ITOZ(ip
)->z_xattr_lock
);
526 ASSERT3S(error
, <=, 0);
532 __zpl_xattr_user_get(struct inode
*ip
, const char *name
,
533 void *value
, size_t size
)
538 if (strcmp(name
, "") == 0)
541 if (!(ITOZSB(ip
)->z_flags
& ZSB_XATTR
))
542 return (-EOPNOTSUPP
);
544 xattr_name
= kmem_asprintf("%s%s", XATTR_USER_PREFIX
, name
);
545 error
= zpl_xattr_get(ip
, xattr_name
, value
, size
);
550 ZPL_XATTR_GET_WRAPPER(zpl_xattr_user_get
);
553 __zpl_xattr_user_set(struct inode
*ip
, const char *name
,
554 const void *value
, size_t size
, int flags
)
559 if (strcmp(name
, "") == 0)
562 if (!(ITOZSB(ip
)->z_flags
& ZSB_XATTR
))
563 return (-EOPNOTSUPP
);
565 xattr_name
= kmem_asprintf("%s%s", XATTR_USER_PREFIX
, name
);
566 error
= zpl_xattr_set(ip
, xattr_name
, value
, size
, flags
);
571 ZPL_XATTR_SET_WRAPPER(zpl_xattr_user_set
);
573 xattr_handler_t zpl_xattr_user_handler
= {
574 .prefix
= XATTR_USER_PREFIX
,
575 .get
= zpl_xattr_user_get
,
576 .set
= zpl_xattr_user_set
,
580 __zpl_xattr_trusted_get(struct inode
*ip
, const char *name
,
581 void *value
, size_t size
)
586 if (!capable(CAP_SYS_ADMIN
))
589 if (strcmp(name
, "") == 0)
592 xattr_name
= kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX
, name
);
593 error
= zpl_xattr_get(ip
, xattr_name
, value
, size
);
598 ZPL_XATTR_GET_WRAPPER(zpl_xattr_trusted_get
);
601 __zpl_xattr_trusted_set(struct inode
*ip
, const char *name
,
602 const void *value
, size_t size
, int flags
)
607 if (!capable(CAP_SYS_ADMIN
))
610 if (strcmp(name
, "") == 0)
613 xattr_name
= kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX
, name
);
614 error
= zpl_xattr_set(ip
, xattr_name
, value
, size
, flags
);
619 ZPL_XATTR_SET_WRAPPER(zpl_xattr_trusted_set
);
621 xattr_handler_t zpl_xattr_trusted_handler
= {
622 .prefix
= XATTR_TRUSTED_PREFIX
,
623 .get
= zpl_xattr_trusted_get
,
624 .set
= zpl_xattr_trusted_set
,
628 __zpl_xattr_security_get(struct inode
*ip
, const char *name
,
629 void *value
, size_t size
)
634 if (strcmp(name
, "") == 0)
637 xattr_name
= kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX
, name
);
638 error
= zpl_xattr_get(ip
, xattr_name
, value
, size
);
643 ZPL_XATTR_GET_WRAPPER(zpl_xattr_security_get
);
646 __zpl_xattr_security_set(struct inode
*ip
, const char *name
,
647 const void *value
, size_t size
, int flags
)
652 if (strcmp(name
, "") == 0)
655 xattr_name
= kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX
, name
);
656 error
= zpl_xattr_set(ip
, xattr_name
, value
, size
, flags
);
661 ZPL_XATTR_SET_WRAPPER(zpl_xattr_security_set
);
663 #ifdef HAVE_CALLBACK_SECURITY_INODE_INIT_SECURITY
665 __zpl_xattr_security_init(struct inode
*ip
, const struct xattr
*xattrs
,
668 const struct xattr
*xattr
;
671 for (xattr
= xattrs
; xattr
->name
!= NULL
; xattr
++) {
672 error
= __zpl_xattr_security_set(ip
,
673 xattr
->name
, xattr
->value
, xattr
->value_len
, 0);
683 zpl_xattr_security_init(struct inode
*ip
, struct inode
*dip
,
684 const struct qstr
*qstr
)
686 return security_inode_init_security(ip
, dip
, qstr
,
687 &__zpl_xattr_security_init
, NULL
);
692 zpl_xattr_security_init(struct inode
*ip
, struct inode
*dip
,
693 const struct qstr
*qstr
)
700 error
= zpl_security_inode_init_security(ip
, dip
, qstr
,
701 &name
, &value
, &len
);
703 if (error
== -EOPNOTSUPP
)
709 error
= __zpl_xattr_security_set(ip
, name
, value
, len
, 0);
716 #endif /* HAVE_CALLBACK_SECURITY_INODE_INIT_SECURITY */
718 xattr_handler_t zpl_xattr_security_handler
= {
719 .prefix
= XATTR_SECURITY_PREFIX
,
720 .get
= zpl_xattr_security_get
,
721 .set
= zpl_xattr_security_set
,
724 #ifdef CONFIG_FS_POSIX_ACL
727 zpl_set_acl(struct inode
*ip
, int type
, struct posix_acl
*acl
)
729 struct super_block
*sb
= ITOZSB(ip
)->z_sb
;
730 char *name
, *value
= NULL
;
734 if (S_ISLNK(ip
->i_mode
))
735 return (-EOPNOTSUPP
);
738 case ACL_TYPE_ACCESS
:
739 name
= POSIX_ACL_XATTR_ACCESS
;
741 zpl_equivmode_t mode
= ip
->i_mode
;
742 error
= posix_acl_equiv_mode(acl
, &mode
);
747 * The mode bits will have been set by
748 * ->zfs_setattr()->zfs_acl_chmod_setattr()
749 * using the ZFS ACL conversion. If they
750 * differ from the Posix ACL conversion dirty
751 * the inode to write the Posix mode bits.
753 if (ip
->i_mode
!= mode
) {
755 ip
->i_ctime
= current_fs_time(sb
);
756 zfs_mark_inode_dirty(ip
);
765 case ACL_TYPE_DEFAULT
:
766 name
= POSIX_ACL_XATTR_DEFAULT
;
767 if (!S_ISDIR(ip
->i_mode
))
768 return (acl
? -EACCES
: 0);
776 size
= posix_acl_xattr_size(acl
->a_count
);
777 value
= kmem_alloc(size
, KM_SLEEP
);
779 error
= zpl_acl_to_xattr(acl
, value
, size
);
781 kmem_free(value
, size
);
786 error
= zpl_xattr_set(ip
, name
, value
, size
, 0);
788 kmem_free(value
, size
);
792 zpl_set_cached_acl(ip
, type
, acl
);
794 zpl_forget_cached_acl(ip
, type
);
801 zpl_get_acl(struct inode
*ip
, int type
)
803 struct posix_acl
*acl
;
808 #ifdef HAVE_POSIX_ACL_CACHING
809 acl
= get_cached_acl(ip
, type
);
810 if (acl
!= ACL_NOT_CACHED
)
812 #endif /* HAVE_POSIX_ACL_CACHING */
815 case ACL_TYPE_ACCESS
:
816 name
= POSIX_ACL_XATTR_ACCESS
;
818 case ACL_TYPE_DEFAULT
:
819 name
= POSIX_ACL_XATTR_DEFAULT
;
822 return (ERR_PTR(-EINVAL
));
825 size
= zpl_xattr_get(ip
, name
, NULL
, 0);
827 value
= kmem_alloc(size
, KM_SLEEP
);
828 size
= zpl_xattr_get(ip
, name
, value
, size
);
832 acl
= zpl_acl_from_xattr(value
, size
);
833 } else if (size
== -ENODATA
|| size
== -ENOSYS
) {
840 kmem_free(value
, size
);
843 zpl_set_cached_acl(ip
, type
, acl
);
848 #if !defined(HAVE_GET_ACL)
850 __zpl_check_acl(struct inode
*ip
, int mask
)
852 struct posix_acl
*acl
;
855 acl
= zpl_get_acl(ip
, ACL_TYPE_ACCESS
);
857 return (PTR_ERR(acl
));
860 error
= posix_acl_permission(ip
, acl
, mask
);
861 zpl_posix_acl_release(acl
);
868 #if defined(HAVE_CHECK_ACL_WITH_FLAGS)
870 zpl_check_acl(struct inode
*ip
, int mask
, unsigned int flags
)
872 return (__zpl_check_acl(ip
, mask
));
874 #elif defined(HAVE_CHECK_ACL)
876 zpl_check_acl(struct inode
*ip
, int mask
)
878 return (__zpl_check_acl(ip
, mask
));
880 #elif defined(HAVE_PERMISSION_WITH_NAMEIDATA)
882 zpl_permission(struct inode
*ip
, int mask
, struct nameidata
*nd
)
884 return (generic_permission(ip
, mask
, __zpl_check_acl
));
886 #elif defined(HAVE_PERMISSION)
888 zpl_permission(struct inode
*ip
, int mask
)
890 return (generic_permission(ip
, mask
, __zpl_check_acl
));
892 #endif /* HAVE_CHECK_ACL | HAVE_PERMISSION */
893 #endif /* !HAVE_GET_ACL */
896 zpl_init_acl(struct inode
*ip
, struct inode
*dir
)
898 struct posix_acl
*acl
= NULL
;
901 if (ITOZSB(ip
)->z_acl_type
!= ZFS_ACLTYPE_POSIXACL
)
904 if (!S_ISLNK(ip
->i_mode
)) {
905 if (ITOZSB(ip
)->z_acl_type
== ZFS_ACLTYPE_POSIXACL
) {
906 acl
= zpl_get_acl(dir
, ACL_TYPE_DEFAULT
);
908 return (PTR_ERR(acl
));
912 ip
->i_mode
&= ~current_umask();
913 ip
->i_ctime
= current_fs_time(ITOZSB(ip
)->z_sb
);
914 zfs_mark_inode_dirty(ip
);
919 if ((ITOZSB(ip
)->z_acl_type
== ZFS_ACLTYPE_POSIXACL
) && acl
) {
922 if (S_ISDIR(ip
->i_mode
)) {
923 error
= zpl_set_acl(ip
, ACL_TYPE_DEFAULT
, acl
);
929 error
= __posix_acl_create(&acl
, GFP_KERNEL
, &mode
);
932 zfs_mark_inode_dirty(ip
);
934 error
= zpl_set_acl(ip
, ACL_TYPE_ACCESS
, acl
);
938 zpl_posix_acl_release(acl
);
944 zpl_chmod_acl(struct inode
*ip
)
946 struct posix_acl
*acl
;
949 if (ITOZSB(ip
)->z_acl_type
!= ZFS_ACLTYPE_POSIXACL
)
952 if (S_ISLNK(ip
->i_mode
))
953 return (-EOPNOTSUPP
);
955 acl
= zpl_get_acl(ip
, ACL_TYPE_ACCESS
);
956 if (IS_ERR(acl
) || !acl
)
957 return (PTR_ERR(acl
));
959 error
= __posix_acl_chmod(&acl
, GFP_KERNEL
, ip
->i_mode
);
961 error
= zpl_set_acl(ip
, ACL_TYPE_ACCESS
, acl
);
963 zpl_posix_acl_release(acl
);
969 zpl_xattr_acl_list(struct inode
*ip
, char *list
, size_t list_size
,
970 const char *name
, size_t name_len
, int type
)
975 if (ITOZSB(ip
)->z_acl_type
!= ZFS_ACLTYPE_POSIXACL
)
979 case ACL_TYPE_ACCESS
:
980 xattr_name
= POSIX_ACL_XATTR_ACCESS
;
981 xattr_size
= sizeof (xattr_name
);
983 case ACL_TYPE_DEFAULT
:
984 xattr_name
= POSIX_ACL_XATTR_DEFAULT
;
985 xattr_size
= sizeof (xattr_name
);
991 if (list
&& xattr_size
<= list_size
)
992 memcpy(list
, xattr_name
, xattr_size
);
997 #ifdef HAVE_DENTRY_XATTR_LIST
999 zpl_xattr_acl_list_access(struct dentry
*dentry
, char *list
,
1000 size_t list_size
, const char *name
, size_t name_len
, int type
)
1002 ASSERT3S(type
, ==, ACL_TYPE_ACCESS
);
1003 return zpl_xattr_acl_list(dentry
->d_inode
,
1004 list
, list_size
, name
, name_len
, type
);
1008 zpl_xattr_acl_list_default(struct dentry
*dentry
, char *list
,
1009 size_t list_size
, const char *name
, size_t name_len
, int type
)
1011 ASSERT3S(type
, ==, ACL_TYPE_DEFAULT
);
1012 return zpl_xattr_acl_list(dentry
->d_inode
,
1013 list
, list_size
, name
, name_len
, type
);
1019 zpl_xattr_acl_list_access(struct inode
*ip
, char *list
, size_t list_size
,
1020 const char *name
, size_t name_len
)
1022 return zpl_xattr_acl_list(ip
,
1023 list
, list_size
, name
, name_len
, ACL_TYPE_ACCESS
);
1027 zpl_xattr_acl_list_default(struct inode
*ip
, char *list
, size_t list_size
,
1028 const char *name
, size_t name_len
)
1030 return zpl_xattr_acl_list(ip
,
1031 list
, list_size
, name
, name_len
, ACL_TYPE_DEFAULT
);
1033 #endif /* HAVE_DENTRY_XATTR_LIST */
1036 zpl_xattr_acl_get(struct inode
*ip
, const char *name
,
1037 void *buffer
, size_t size
, int type
)
1039 struct posix_acl
*acl
;
1042 if (strcmp(name
, "") != 0)
1045 if (ITOZSB(ip
)->z_acl_type
!= ZFS_ACLTYPE_POSIXACL
)
1046 return (-EOPNOTSUPP
);
1048 acl
= zpl_get_acl(ip
, type
);
1050 return (PTR_ERR(acl
));
1054 error
= zpl_acl_to_xattr(acl
, buffer
, size
);
1055 zpl_posix_acl_release(acl
);
1060 #ifdef HAVE_DENTRY_XATTR_GET
1062 zpl_xattr_acl_get_access(struct dentry
*dentry
, const char *name
,
1063 void *buffer
, size_t size
, int type
)
1065 ASSERT3S(type
, ==, ACL_TYPE_ACCESS
);
1066 return (zpl_xattr_acl_get(dentry
->d_inode
, name
, buffer
, size
, type
));
1070 zpl_xattr_acl_get_default(struct dentry
*dentry
, const char *name
,
1071 void *buffer
, size_t size
, int type
)
1073 ASSERT3S(type
, ==, ACL_TYPE_DEFAULT
);
1074 return (zpl_xattr_acl_get(dentry
->d_inode
, name
, buffer
, size
, type
));
1080 zpl_xattr_acl_get_access(struct inode
*ip
, const char *name
,
1081 void *buffer
, size_t size
)
1083 return (zpl_xattr_acl_get(ip
, name
, buffer
, size
, ACL_TYPE_ACCESS
));
1087 zpl_xattr_acl_get_default(struct inode
*ip
, const char *name
,
1088 void *buffer
, size_t size
)
1090 return (zpl_xattr_acl_get(ip
, name
, buffer
, size
, ACL_TYPE_DEFAULT
));
1092 #endif /* HAVE_DENTRY_XATTR_GET */
1095 zpl_xattr_acl_set(struct inode
*ip
, const char *name
,
1096 const void *value
, size_t size
, int flags
, int type
)
1098 struct posix_acl
*acl
;
1101 if (strcmp(name
, "") != 0)
1104 if (ITOZSB(ip
)->z_acl_type
!= ZFS_ACLTYPE_POSIXACL
)
1105 return (-EOPNOTSUPP
);
1107 if (!zpl_inode_owner_or_capable(ip
))
1111 acl
= zpl_acl_from_xattr(value
, size
);
1113 return (PTR_ERR(acl
));
1115 error
= posix_acl_valid(acl
);
1117 zpl_posix_acl_release(acl
);
1125 error
= zpl_set_acl(ip
, type
, acl
);
1126 zpl_posix_acl_release(acl
);
1131 #ifdef HAVE_DENTRY_XATTR_SET
1133 zpl_xattr_acl_set_access(struct dentry
*dentry
, const char *name
,
1134 const void *value
, size_t size
, int flags
, int type
)
1136 ASSERT3S(type
, ==, ACL_TYPE_ACCESS
);
1137 return (zpl_xattr_acl_set(dentry
->d_inode
,
1138 name
, value
, size
, flags
, type
));
1142 zpl_xattr_acl_set_default(struct dentry
*dentry
, const char *name
,
1143 const void *value
, size_t size
, int flags
, int type
)
1145 ASSERT3S(type
, ==, ACL_TYPE_DEFAULT
);
1146 return zpl_xattr_acl_set(dentry
->d_inode
,
1147 name
, value
, size
, flags
, type
);
1153 zpl_xattr_acl_set_access(struct inode
*ip
, const char *name
,
1154 const void *value
, size_t size
, int flags
)
1156 return zpl_xattr_acl_set(ip
,
1157 name
, value
, size
, flags
, ACL_TYPE_ACCESS
);
1161 zpl_xattr_acl_set_default(struct inode
*ip
, const char *name
,
1162 const void *value
, size_t size
, int flags
)
1164 return zpl_xattr_acl_set(ip
,
1165 name
, value
, size
, flags
, ACL_TYPE_DEFAULT
);
1167 #endif /* HAVE_DENTRY_XATTR_SET */
1169 struct xattr_handler zpl_xattr_acl_access_handler
=
1171 .prefix
= POSIX_ACL_XATTR_ACCESS
,
1172 .list
= zpl_xattr_acl_list_access
,
1173 .get
= zpl_xattr_acl_get_access
,
1174 .set
= zpl_xattr_acl_set_access
,
1175 #ifdef HAVE_DENTRY_XATTR_LIST
1176 .flags
= ACL_TYPE_ACCESS
,
1177 #endif /* HAVE_DENTRY_XATTR_LIST */
1180 struct xattr_handler zpl_xattr_acl_default_handler
=
1182 .prefix
= POSIX_ACL_XATTR_DEFAULT
,
1183 .list
= zpl_xattr_acl_list_default
,
1184 .get
= zpl_xattr_acl_get_default
,
1185 .set
= zpl_xattr_acl_set_default
,
1186 #ifdef HAVE_DENTRY_XATTR_LIST
1187 .flags
= ACL_TYPE_DEFAULT
,
1188 #endif /* HAVE_DENTRY_XATTR_LIST */
1191 #endif /* CONFIG_FS_POSIX_ACL */
1193 xattr_handler_t
*zpl_xattr_handlers
[] = {
1194 &zpl_xattr_security_handler
,
1195 &zpl_xattr_trusted_handler
,
1196 &zpl_xattr_user_handler
,
1197 #ifdef CONFIG_FS_POSIX_ACL
1198 &zpl_xattr_acl_access_handler
,
1199 &zpl_xattr_acl_default_handler
,
1200 #endif /* CONFIG_FS_POSIX_ACL */