4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 2011, Lawrence Livermore National Security, LLC.
24 * Extended attributes (xattr) on Solaris are implemented as files
25 * which exist in a hidden xattr directory. These extended attributes
26 * can be accessed using the attropen() system call which opens
27 * the extended attribute. It can then be manipulated just like
28 * a standard file descriptor. This has a couple advantages such
29 * as practically no size limit on the file, and the extended
30 * attributes permissions may differ from those of the parent file.
31 * This interface is really quite clever, but it's also completely
32 * different than what is supported on Linux.
34 * Under Linux extended attributes are manipulated by the system
35 * calls getxattr(2), setxattr(2), and listxattr(2). They consider
36 * extended attributes to be name/value pairs where the name is a
37 * NULL terminated string. The name must also include one of the
38 * following name space prefixes:
40 * user - No restrictions and is available to user applications.
41 * trusted - Restricted to kernel and root (CAP_SYS_ADMIN) use.
42 * system - Used for access control lists (system.nfs4_acl, etc).
43 * security - Used by SELinux to store a files security context.
45 * This Linux interface is implemented internally using the more
46 * flexible Solaris style extended attributes. Every extended
47 * attribute is store as a file in a hidden directory associated
48 * with the parent file. This ensures on disk compatibility with
49 * zfs implementations on other platforms (Solaris, FreeBSD, MacOS).
51 * One consequence of this implementation is that when an extended
52 * attribute is manipulated an inode is created. This inode will
53 * exist in the Linux inode cache but there will be no associated
54 * entry in the dentry cache which references it. This is safe
55 * but it may result in some confusion.
57 * Longer term I would like to see the 'security.selinux' extended
58 * attribute moved to a SA. This should significantly improve
59 * performance on a SELinux enabled system by minimizing the
60 * number of seeks required to access a file. However, for now
61 * this xattr is still stored in a file because I'm pretty sure
62 * adding a new SA will break on-disk compatibility.
66 #include <sys/zfs_vfsops.h>
67 #include <sys/zfs_vnops.h>
68 #include <sys/zfs_znode.h>
72 typedef struct xattr_filldir
{
80 zpl_xattr_filldir(void *arg
, const char *name
, int name_len
,
81 loff_t offset
, uint64_t objnum
, unsigned int d_type
)
83 xattr_filldir_t
*xf
= arg
;
85 if (!strncmp(name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
))
86 if (!(ITOZSB(xf
->inode
)->z_flags
& ZSB_XATTR_USER
))
89 if (!strncmp(name
, XATTR_TRUSTED_PREFIX
, XATTR_TRUSTED_PREFIX_LEN
))
90 if (!capable(CAP_SYS_ADMIN
))
93 /* When xf->buf is NULL only calculate the required size. */
95 if (xf
->offset
+ name_len
+ 1 > xf
->size
)
98 memcpy(xf
->buf
+ xf
->offset
, name
, name_len
);
99 xf
->buf
[xf
->offset
+ name_len
] = '\0';
102 xf
->offset
+= (name_len
+ 1);
108 zpl_xattr_list(struct dentry
*dentry
, char *buffer
, size_t buffer_size
)
110 struct inode
*ip
= dentry
->d_inode
;
111 struct inode
*dxip
= NULL
;
112 loff_t pos
= 3; /* skip '.', '..', and '.zfs' entries. */
115 xattr_filldir_t xf
= { buffer_size
, 0, buffer
, ip
};
119 /* Lookup the xattr directory */
120 error
= -zfs_lookup(ip
, NULL
, &dxip
, LOOKUP_XATTR
, cr
, NULL
, NULL
);
122 if (error
== -ENOENT
)
128 /* Fill provided buffer via zpl_zattr_filldir helper */
129 error
= -zfs_readdir(dxip
, (void *)&xf
, zpl_xattr_filldir
, &pos
, cr
);
144 zpl_xattr_get(struct inode
*ip
, const char *name
, void *buf
, size_t size
)
146 struct inode
*dxip
= NULL
;
147 struct inode
*xip
= NULL
;
153 /* Lookup the xattr directory */
154 error
= -zfs_lookup(ip
, NULL
, &dxip
, LOOKUP_XATTR
, cr
, NULL
, NULL
);
158 /* Lookup a specific xattr name in the directory */
159 error
= -zfs_lookup(dxip
, (char *)name
, &xip
, 0, cr
, NULL
, NULL
);
164 error
= i_size_read(xip
);
168 error
= zpl_read_common(xip
, buf
, size
, 0, UIO_SYSSPACE
, 0, cr
);
178 if (error
== -ENOENT
)
185 zpl_xattr_set(struct inode
*ip
, const char *name
, const void *value
,
186 size_t size
, int flags
)
188 struct inode
*dxip
= NULL
;
189 struct inode
*xip
= NULL
;
197 /* Lookup the xattr directory and create it if required. */
198 error
= -zfs_lookup(ip
, NULL
, &dxip
, LOOKUP_XATTR
| CREATE_XATTR_DIR
,
204 * Lookup a specific xattr name in the directory, two failure modes:
205 * XATTR_CREATE: fail if xattr already exists
206 * XATTR_REMOVE: fail if xattr does not exist
208 error
= -zfs_lookup(dxip
, (char *)name
, &xip
, 0, cr
, NULL
, NULL
);
210 if (error
!= -ENOENT
)
213 if ((error
== -ENOENT
) && (flags
& XATTR_REPLACE
))
217 if (flags
& XATTR_CREATE
)
222 /* Remove a specific name xattr when value is set to NULL. */
225 error
= -zfs_remove(dxip
, (char *)name
, cr
);
230 /* Lookup failed create a new xattr. */
232 vap
= kmem_zalloc(sizeof(vattr_t
), KM_SLEEP
);
233 vap
->va_mode
= S_IFREG
| 0644;
234 vap
->va_mask
= ATTR_MODE
;
235 vap
->va_uid
= crgetfsuid(cr
);
236 vap
->va_gid
= crgetfsgid(cr
);
238 error
= -zfs_create(dxip
, (char *)name
, vap
, 0, 0644, &xip
,
245 wrote
= zpl_write_common(xip
, value
, size
, 0, UIO_SYSSPACE
, 0, cr
);
251 kmem_free(vap
, sizeof(vattr_t
));
260 if (error
== -ENOENT
)
263 ASSERT3S(error
, <=, 0);
269 __zpl_xattr_user_get(struct inode
*ip
, const char *name
,
270 void *buffer
, size_t size
)
275 if (strcmp(name
, "") == 0)
278 if (!(ITOZSB(ip
)->z_flags
& ZSB_XATTR_USER
))
281 xattr_name
= kmem_asprintf("%s%s", XATTR_USER_PREFIX
, name
);
282 error
= zpl_xattr_get(ip
, xattr_name
, buffer
, size
);
287 ZPL_XATTR_GET_WRAPPER(zpl_xattr_user_get
);
290 __zpl_xattr_user_set(struct inode
*ip
, const char *name
,
291 const void *value
, size_t size
, int flags
)
296 if (strcmp(name
, "") == 0)
299 if (!(ITOZSB(ip
)->z_flags
& ZSB_XATTR_USER
))
302 xattr_name
= kmem_asprintf("%s%s", XATTR_USER_PREFIX
, name
);
303 error
= zpl_xattr_set(ip
, xattr_name
, value
, size
, flags
);
308 ZPL_XATTR_SET_WRAPPER(zpl_xattr_user_set
);
310 xattr_handler_t zpl_xattr_user_handler
= {
311 .prefix
= XATTR_USER_PREFIX
,
312 .get
= zpl_xattr_user_get
,
313 .set
= zpl_xattr_user_set
,
317 __zpl_xattr_trusted_get(struct inode
*ip
, const char *name
,
318 void *buffer
, size_t size
)
323 if (!capable(CAP_SYS_ADMIN
))
326 if (strcmp(name
, "") == 0)
329 xattr_name
= kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX
, name
);
330 error
= zpl_xattr_get(ip
, xattr_name
, buffer
, size
);
335 ZPL_XATTR_GET_WRAPPER(zpl_xattr_trusted_get
);
338 __zpl_xattr_trusted_set(struct inode
*ip
, const char *name
,
339 const void *value
, size_t size
, int flags
)
344 if (!capable(CAP_SYS_ADMIN
))
347 if (strcmp(name
, "") == 0)
350 xattr_name
= kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX
, name
);
351 error
= zpl_xattr_set(ip
, xattr_name
, value
, size
, flags
);
356 ZPL_XATTR_SET_WRAPPER(zpl_xattr_trusted_set
);
358 xattr_handler_t zpl_xattr_trusted_handler
= {
359 .prefix
= XATTR_TRUSTED_PREFIX
,
360 .get
= zpl_xattr_trusted_get
,
361 .set
= zpl_xattr_trusted_set
,
365 __zpl_xattr_security_get(struct inode
*ip
, const char *name
,
366 void *buffer
, size_t size
)
371 if (strcmp(name
, "") == 0)
374 xattr_name
= kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX
, name
);
375 error
= zpl_xattr_get(ip
, xattr_name
, buffer
, size
);
380 ZPL_XATTR_GET_WRAPPER(zpl_xattr_security_get
);
383 __zpl_xattr_security_set(struct inode
*ip
, const char *name
,
384 const void *value
, size_t size
, int flags
)
389 if (strcmp(name
, "") == 0)
392 xattr_name
= kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX
, name
);
393 error
= zpl_xattr_set(ip
, xattr_name
, value
, size
, flags
);
398 ZPL_XATTR_SET_WRAPPER(zpl_xattr_security_set
);
401 zpl_xattr_security_init(struct inode
*ip
, struct inode
*dip
)
408 error
= security_inode_init_security(ip
, dip
, &name
, &value
, &len
);
410 if (error
== -EOPNOTSUPP
)
416 error
= __zpl_xattr_security_set(ip
, name
, value
, len
, 0);
424 xattr_handler_t zpl_xattr_security_handler
= {
425 .prefix
= XATTR_SECURITY_PREFIX
,
426 .get
= zpl_xattr_security_get
,
427 .set
= zpl_xattr_security_set
,
430 xattr_handler_t
*zpl_xattr_handlers
[] = {
431 &zpl_xattr_security_handler
,
432 &zpl_xattr_trusted_handler
,
433 &zpl_xattr_user_handler
,
434 #ifdef HAVE_POSIX_ACLS
435 &zpl_xattr_acl_access_handler
,
436 &zpl_xattr_acl_default_handler
,
437 #endif /* HAVE_POSIX_ACLS */