4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 2011, Lawrence Livermore National Security, LLC.
24 * Extended attributes (xattr) on Solaris are implemented as files
25 * which exist in a hidden xattr directory. These extended attributes
26 * can be accessed using the attropen() system call which opens
27 * the extended attribute. It can then be manipulated just like
28 * a standard file descriptor. This has a couple advantages such
29 * as practically no size limit on the file, and the extended
30 * attributes permissions may differ from those of the parent file.
31 * This interface is really quite clever, but it's also completely
32 * different than what is supported on Linux. It also comes with a
33 * steep performance penalty when accessing small xattrs because they
34 * are not stored with the parent file.
36 * Under Linux extended attributes are manipulated by the system
37 * calls getxattr(2), setxattr(2), and listxattr(2). They consider
38 * extended attributes to be name/value pairs where the name is a
39 * NULL terminated string. The name must also include one of the
40 * following namespace prefixes:
42 * user - No restrictions and is available to user applications.
43 * trusted - Restricted to kernel and root (CAP_SYS_ADMIN) use.
44 * system - Used for access control lists (system.nfs4_acl, etc).
45 * security - Used by SELinux to store a files security context.
47 * The value under Linux to limited to 65536 bytes of binary data.
48 * In practice, individual xattrs tend to be much smaller than this
49 * and are typically less than 100 bytes. A good example of this
50 * are the security.selinux xattrs which are less than 100 bytes and
51 * exist for every file when xattr labeling is enabled.
53 * The Linux xattr implemenation has been written to take advantage of
54 * this typical usage. When the dataset property 'xattr=sa' is set,
55 * then xattrs will be preferentially stored as System Attributes (SA).
56 * This allows tiny xattrs (~100 bytes) to be stored with the dnode and
57 * up to 64k of xattrs to be stored in the spill block. If additional
58 * xattr space is required, which is unlikely under Linux, they will
59 * be stored using the traditional directory approach.
61 * This optimization results in roughly a 3x performance improvement
62 * when accessing xattrs because it avoids the need to perform a seek
63 * for every xattr value. When multiple xattrs are stored per-file
64 * the performance improvements are even greater because all of the
65 * xattrs stored in the spill block will be cached.
67 * However, by default SA based xattrs are disabled in the Linux port
68 * to maximize compatibility with other implementations. If you do
69 * enable SA based xattrs then they will not be visible on platforms
70 * which do not support this feature.
72 * NOTE: One additional consequence of the xattr directory implementation
73 * is that when an extended attribute is manipulated an inode is created.
74 * This inode will exist in the Linux inode cache but there will be no
75 * associated entry in the dentry cache which references it. This is
76 * safe but it may result in some confusion. Enabling SA based xattrs
77 * largely avoids the issue except in the overflow case.
80 #include <sys/zfs_vfsops.h>
81 #include <sys/zfs_vnops.h>
82 #include <sys/zfs_znode.h>
87 typedef struct xattr_filldir
{
95 zpl_xattr_filldir(xattr_filldir_t
*xf
, const char *name
, int name_len
)
97 if (strncmp(name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
) == 0)
98 if (!(ITOZSB(xf
->inode
)->z_flags
& ZSB_XATTR
))
101 if (strncmp(name
, XATTR_TRUSTED_PREFIX
, XATTR_TRUSTED_PREFIX_LEN
) == 0)
102 if (!capable(CAP_SYS_ADMIN
))
105 /* When xf->buf is NULL only calculate the required size. */
107 if (xf
->offset
+ name_len
+ 1 > xf
->size
)
110 memcpy(xf
->buf
+ xf
->offset
, name
, name_len
);
111 xf
->buf
[xf
->offset
+ name_len
] = '\0';
114 xf
->offset
+= (name_len
+ 1);
120 * Read as many directory entry names as will fit in to the provided buffer,
121 * or when no buffer is provided calculate the required buffer size.
124 zpl_xattr_readdir(struct inode
*dxip
, xattr_filldir_t
*xf
)
130 zap_cursor_init(&zc
, ITOZSB(dxip
)->z_os
, ITOZ(dxip
)->z_id
);
132 while ((error
= -zap_cursor_retrieve(&zc
, &zap
)) == 0) {
134 if (zap
.za_integer_length
!= 8 || zap
.za_num_integers
!= 1) {
139 error
= zpl_xattr_filldir(xf
, zap
.za_name
, strlen(zap
.za_name
));
143 zap_cursor_advance(&zc
);
146 zap_cursor_fini(&zc
);
148 if (error
== -ENOENT
)
155 zpl_xattr_list_dir(xattr_filldir_t
*xf
, cred_t
*cr
)
157 struct inode
*ip
= xf
->inode
;
158 struct inode
*dxip
= NULL
;
161 /* Lookup the xattr directory */
162 error
= -zfs_lookup(ip
, NULL
, &dxip
, LOOKUP_XATTR
, cr
, NULL
, NULL
);
164 if (error
== -ENOENT
)
170 error
= zpl_xattr_readdir(dxip
, xf
);
177 zpl_xattr_list_sa(xattr_filldir_t
*xf
)
179 znode_t
*zp
= ITOZ(xf
->inode
);
180 nvpair_t
*nvp
= NULL
;
183 mutex_enter(&zp
->z_lock
);
184 if (zp
->z_xattr_cached
== NULL
)
185 error
= -zfs_sa_get_xattr(zp
);
186 mutex_exit(&zp
->z_lock
);
191 ASSERT(zp
->z_xattr_cached
);
193 while ((nvp
= nvlist_next_nvpair(zp
->z_xattr_cached
, nvp
)) != NULL
) {
194 ASSERT3U(nvpair_type(nvp
), ==, DATA_TYPE_BYTE_ARRAY
);
196 error
= zpl_xattr_filldir(xf
, nvpair_name(nvp
),
197 strlen(nvpair_name(nvp
)));
206 zpl_xattr_list(struct dentry
*dentry
, char *buffer
, size_t buffer_size
)
208 znode_t
*zp
= ITOZ(dentry
->d_inode
);
209 zfs_sb_t
*zsb
= ZTOZSB(zp
);
210 xattr_filldir_t xf
= { buffer_size
, 0, buffer
, dentry
->d_inode
};
212 fstrans_cookie_t cookie
;
216 cookie
= spl_fstrans_mark();
217 rw_enter(&zp
->z_xattr_lock
, RW_READER
);
219 if (zsb
->z_use_sa
&& zp
->z_is_sa
) {
220 error
= zpl_xattr_list_sa(&xf
);
225 error
= zpl_xattr_list_dir(&xf
, cr
);
232 rw_exit(&zp
->z_xattr_lock
);
233 spl_fstrans_unmark(cookie
);
240 zpl_xattr_get_dir(struct inode
*ip
, const char *name
, void *value
,
241 size_t size
, cred_t
*cr
)
243 struct inode
*dxip
= NULL
;
244 struct inode
*xip
= NULL
;
248 /* Lookup the xattr directory */
249 error
= -zfs_lookup(ip
, NULL
, &dxip
, LOOKUP_XATTR
, cr
, NULL
, NULL
);
253 /* Lookup a specific xattr name in the directory */
254 error
= -zfs_lookup(dxip
, (char *)name
, &xip
, 0, cr
, NULL
, NULL
);
259 error
= i_size_read(xip
);
263 if (size
< i_size_read(xip
)) {
268 error
= zpl_read_common(xip
, value
, size
, &pos
, UIO_SYSSPACE
, 0, cr
);
280 zpl_xattr_get_sa(struct inode
*ip
, const char *name
, void *value
, size_t size
)
282 znode_t
*zp
= ITOZ(ip
);
287 ASSERT(RW_LOCK_HELD(&zp
->z_xattr_lock
));
289 mutex_enter(&zp
->z_lock
);
290 if (zp
->z_xattr_cached
== NULL
)
291 error
= -zfs_sa_get_xattr(zp
);
292 mutex_exit(&zp
->z_lock
);
297 ASSERT(zp
->z_xattr_cached
);
298 error
= -nvlist_lookup_byte_array(zp
->z_xattr_cached
, name
,
299 &nv_value
, &nv_size
);
309 memcpy(value
, nv_value
, nv_size
);
315 __zpl_xattr_get(struct inode
*ip
, const char *name
, void *value
, size_t size
,
318 znode_t
*zp
= ITOZ(ip
);
319 zfs_sb_t
*zsb
= ZTOZSB(zp
);
322 ASSERT(RW_LOCK_HELD(&zp
->z_xattr_lock
));
324 if (zsb
->z_use_sa
&& zp
->z_is_sa
) {
325 error
= zpl_xattr_get_sa(ip
, name
, value
, size
);
326 if (error
!= -ENOENT
)
330 error
= zpl_xattr_get_dir(ip
, name
, value
, size
, cr
);
332 if (error
== -ENOENT
)
339 zpl_xattr_get(struct inode
*ip
, const char *name
, void *value
, size_t size
)
341 znode_t
*zp
= ITOZ(ip
);
343 fstrans_cookie_t cookie
;
347 cookie
= spl_fstrans_mark();
348 rw_enter(&zp
->z_xattr_lock
, RW_READER
);
349 error
= __zpl_xattr_get(ip
, name
, value
, size
, cr
);
350 rw_exit(&zp
->z_xattr_lock
);
351 spl_fstrans_unmark(cookie
);
358 zpl_xattr_set_dir(struct inode
*ip
, const char *name
, const void *value
,
359 size_t size
, int flags
, cred_t
*cr
)
361 struct inode
*dxip
= NULL
;
362 struct inode
*xip
= NULL
;
365 int lookup_flags
, error
;
366 const int xattr_mode
= S_IFREG
| 0644;
370 * Lookup the xattr directory. When we're adding an entry pass
371 * CREATE_XATTR_DIR to ensure the xattr directory is created.
372 * When removing an entry this flag is not passed to avoid
373 * unnecessarily creating a new xattr directory.
375 lookup_flags
= LOOKUP_XATTR
;
377 lookup_flags
|= CREATE_XATTR_DIR
;
379 error
= -zfs_lookup(ip
, NULL
, &dxip
, lookup_flags
, cr
, NULL
, NULL
);
383 /* Lookup a specific xattr name in the directory */
384 error
= -zfs_lookup(dxip
, (char *)name
, &xip
, 0, cr
, NULL
, NULL
);
385 if (error
&& (error
!= -ENOENT
))
390 /* Remove a specific name xattr when value is set to NULL. */
393 error
= -zfs_remove(dxip
, (char *)name
, cr
);
398 /* Lookup failed create a new xattr. */
400 vap
= kmem_zalloc(sizeof (vattr_t
), KM_SLEEP
);
401 vap
->va_mode
= xattr_mode
;
402 vap
->va_mask
= ATTR_MODE
;
403 vap
->va_uid
= crgetfsuid(cr
);
404 vap
->va_gid
= crgetfsgid(cr
);
406 error
= -zfs_create(dxip
, (char *)name
, vap
, 0, 0644, &xip
,
414 error
= -zfs_freesp(ITOZ(xip
), 0, 0, xattr_mode
, TRUE
);
418 wrote
= zpl_write_common(xip
, value
, size
, &pos
, UIO_SYSSPACE
, 0, cr
);
424 kmem_free(vap
, sizeof (vattr_t
));
432 if (error
== -ENOENT
)
435 ASSERT3S(error
, <=, 0);
441 zpl_xattr_set_sa(struct inode
*ip
, const char *name
, const void *value
,
442 size_t size
, int flags
, cred_t
*cr
)
444 znode_t
*zp
= ITOZ(ip
);
449 ASSERT(zp
->z_xattr_cached
);
450 nvl
= zp
->z_xattr_cached
;
453 error
= -nvlist_remove(nvl
, name
, DATA_TYPE_BYTE_ARRAY
);
454 if (error
== -ENOENT
)
455 error
= zpl_xattr_set_dir(ip
, name
, NULL
, 0, flags
, cr
);
457 /* Limited to 32k to keep nvpair memory allocations small */
458 if (size
> DXATTR_MAX_ENTRY_SIZE
)
461 /* Prevent the DXATTR SA from consuming the entire SA region */
462 error
= -nvlist_size(nvl
, &sa_size
, NV_ENCODE_XDR
);
466 if (sa_size
> DXATTR_MAX_SA_SIZE
)
469 error
= -nvlist_add_byte_array(nvl
, name
,
470 (uchar_t
*)value
, size
);
475 /* Update the SA for additions, modifications, and removals. */
477 error
= -zfs_sa_set_xattr(zp
);
479 ASSERT3S(error
, <=, 0);
485 zpl_xattr_set(struct inode
*ip
, const char *name
, const void *value
,
486 size_t size
, int flags
)
488 znode_t
*zp
= ITOZ(ip
);
489 zfs_sb_t
*zsb
= ZTOZSB(zp
);
491 fstrans_cookie_t cookie
;
495 cookie
= spl_fstrans_mark();
496 rw_enter(&ITOZ(ip
)->z_xattr_lock
, RW_WRITER
);
499 * Before setting the xattr check to see if it already exists.
500 * This is done to ensure the following optional flags are honored.
502 * XATTR_CREATE: fail if xattr already exists
503 * XATTR_REPLACE: fail if xattr does not exist
505 error
= __zpl_xattr_get(ip
, name
, NULL
, 0, cr
);
507 if (error
!= -ENODATA
)
510 if (flags
& XATTR_REPLACE
)
513 /* The xattr to be removed already doesn't exist */
519 if (flags
& XATTR_CREATE
)
523 /* Preferentially store the xattr as a SA for better performance */
524 if (zsb
->z_use_sa
&& zsb
->z_xattr_sa
&& zp
->z_is_sa
) {
525 error
= zpl_xattr_set_sa(ip
, name
, value
, size
, flags
, cr
);
530 error
= zpl_xattr_set_dir(ip
, name
, value
, size
, flags
, cr
);
532 rw_exit(&ITOZ(ip
)->z_xattr_lock
);
533 spl_fstrans_unmark(cookie
);
535 ASSERT3S(error
, <=, 0);
541 __zpl_xattr_user_get(struct inode
*ip
, const char *name
,
542 void *value
, size_t size
)
547 if (strcmp(name
, "") == 0)
550 if (!(ITOZSB(ip
)->z_flags
& ZSB_XATTR
))
551 return (-EOPNOTSUPP
);
553 xattr_name
= kmem_asprintf("%s%s", XATTR_USER_PREFIX
, name
);
554 error
= zpl_xattr_get(ip
, xattr_name
, value
, size
);
559 ZPL_XATTR_GET_WRAPPER(zpl_xattr_user_get
);
562 __zpl_xattr_user_set(struct inode
*ip
, const char *name
,
563 const void *value
, size_t size
, int flags
)
568 if (strcmp(name
, "") == 0)
571 if (!(ITOZSB(ip
)->z_flags
& ZSB_XATTR
))
572 return (-EOPNOTSUPP
);
574 xattr_name
= kmem_asprintf("%s%s", XATTR_USER_PREFIX
, name
);
575 error
= zpl_xattr_set(ip
, xattr_name
, value
, size
, flags
);
580 ZPL_XATTR_SET_WRAPPER(zpl_xattr_user_set
);
582 xattr_handler_t zpl_xattr_user_handler
= {
583 .prefix
= XATTR_USER_PREFIX
,
584 .get
= zpl_xattr_user_get
,
585 .set
= zpl_xattr_user_set
,
589 __zpl_xattr_trusted_get(struct inode
*ip
, const char *name
,
590 void *value
, size_t size
)
595 if (!capable(CAP_SYS_ADMIN
))
598 if (strcmp(name
, "") == 0)
601 xattr_name
= kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX
, name
);
602 error
= zpl_xattr_get(ip
, xattr_name
, value
, size
);
607 ZPL_XATTR_GET_WRAPPER(zpl_xattr_trusted_get
);
610 __zpl_xattr_trusted_set(struct inode
*ip
, const char *name
,
611 const void *value
, size_t size
, int flags
)
616 if (!capable(CAP_SYS_ADMIN
))
619 if (strcmp(name
, "") == 0)
622 xattr_name
= kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX
, name
);
623 error
= zpl_xattr_set(ip
, xattr_name
, value
, size
, flags
);
628 ZPL_XATTR_SET_WRAPPER(zpl_xattr_trusted_set
);
630 xattr_handler_t zpl_xattr_trusted_handler
= {
631 .prefix
= XATTR_TRUSTED_PREFIX
,
632 .get
= zpl_xattr_trusted_get
,
633 .set
= zpl_xattr_trusted_set
,
637 __zpl_xattr_security_get(struct inode
*ip
, const char *name
,
638 void *value
, size_t size
)
643 if (strcmp(name
, "") == 0)
646 xattr_name
= kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX
, name
);
647 error
= zpl_xattr_get(ip
, xattr_name
, value
, size
);
652 ZPL_XATTR_GET_WRAPPER(zpl_xattr_security_get
);
655 __zpl_xattr_security_set(struct inode
*ip
, const char *name
,
656 const void *value
, size_t size
, int flags
)
661 if (strcmp(name
, "") == 0)
664 xattr_name
= kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX
, name
);
665 error
= zpl_xattr_set(ip
, xattr_name
, value
, size
, flags
);
670 ZPL_XATTR_SET_WRAPPER(zpl_xattr_security_set
);
672 #ifdef HAVE_CALLBACK_SECURITY_INODE_INIT_SECURITY
674 __zpl_xattr_security_init(struct inode
*ip
, const struct xattr
*xattrs
,
677 const struct xattr
*xattr
;
680 for (xattr
= xattrs
; xattr
->name
!= NULL
; xattr
++) {
681 error
= __zpl_xattr_security_set(ip
,
682 xattr
->name
, xattr
->value
, xattr
->value_len
, 0);
692 zpl_xattr_security_init(struct inode
*ip
, struct inode
*dip
,
693 const struct qstr
*qstr
)
695 return security_inode_init_security(ip
, dip
, qstr
,
696 &__zpl_xattr_security_init
, NULL
);
701 zpl_xattr_security_init(struct inode
*ip
, struct inode
*dip
,
702 const struct qstr
*qstr
)
709 error
= zpl_security_inode_init_security(ip
, dip
, qstr
,
710 &name
, &value
, &len
);
712 if (error
== -EOPNOTSUPP
)
718 error
= __zpl_xattr_security_set(ip
, name
, value
, len
, 0);
725 #endif /* HAVE_CALLBACK_SECURITY_INODE_INIT_SECURITY */
727 xattr_handler_t zpl_xattr_security_handler
= {
728 .prefix
= XATTR_SECURITY_PREFIX
,
729 .get
= zpl_xattr_security_get
,
730 .set
= zpl_xattr_security_set
,
733 #ifdef CONFIG_FS_POSIX_ACL
736 zpl_set_acl(struct inode
*ip
, int type
, struct posix_acl
*acl
)
738 struct super_block
*sb
= ITOZSB(ip
)->z_sb
;
739 char *name
, *value
= NULL
;
743 if (S_ISLNK(ip
->i_mode
))
744 return (-EOPNOTSUPP
);
747 case ACL_TYPE_ACCESS
:
748 name
= POSIX_ACL_XATTR_ACCESS
;
750 zpl_equivmode_t mode
= ip
->i_mode
;
751 error
= posix_acl_equiv_mode(acl
, &mode
);
756 * The mode bits will have been set by
757 * ->zfs_setattr()->zfs_acl_chmod_setattr()
758 * using the ZFS ACL conversion. If they
759 * differ from the Posix ACL conversion dirty
760 * the inode to write the Posix mode bits.
762 if (ip
->i_mode
!= mode
) {
764 ip
->i_ctime
= current_fs_time(sb
);
765 zfs_mark_inode_dirty(ip
);
774 case ACL_TYPE_DEFAULT
:
775 name
= POSIX_ACL_XATTR_DEFAULT
;
776 if (!S_ISDIR(ip
->i_mode
))
777 return (acl
? -EACCES
: 0);
785 size
= posix_acl_xattr_size(acl
->a_count
);
786 value
= kmem_alloc(size
, KM_SLEEP
);
788 error
= zpl_acl_to_xattr(acl
, value
, size
);
790 kmem_free(value
, size
);
795 error
= zpl_xattr_set(ip
, name
, value
, size
, 0);
797 kmem_free(value
, size
);
801 zpl_set_cached_acl(ip
, type
, acl
);
803 zpl_forget_cached_acl(ip
, type
);
810 zpl_get_acl(struct inode
*ip
, int type
)
812 struct posix_acl
*acl
;
817 #ifdef HAVE_POSIX_ACL_CACHING
818 acl
= get_cached_acl(ip
, type
);
819 if (acl
!= ACL_NOT_CACHED
)
821 #endif /* HAVE_POSIX_ACL_CACHING */
824 case ACL_TYPE_ACCESS
:
825 name
= POSIX_ACL_XATTR_ACCESS
;
827 case ACL_TYPE_DEFAULT
:
828 name
= POSIX_ACL_XATTR_DEFAULT
;
831 return (ERR_PTR(-EINVAL
));
834 size
= zpl_xattr_get(ip
, name
, NULL
, 0);
836 value
= kmem_alloc(size
, KM_SLEEP
);
837 size
= zpl_xattr_get(ip
, name
, value
, size
);
841 acl
= zpl_acl_from_xattr(value
, size
);
842 } else if (size
== -ENODATA
|| size
== -ENOSYS
) {
849 kmem_free(value
, size
);
852 zpl_set_cached_acl(ip
, type
, acl
);
857 #if !defined(HAVE_GET_ACL)
859 __zpl_check_acl(struct inode
*ip
, int mask
)
861 struct posix_acl
*acl
;
864 acl
= zpl_get_acl(ip
, ACL_TYPE_ACCESS
);
866 return (PTR_ERR(acl
));
869 error
= posix_acl_permission(ip
, acl
, mask
);
870 zpl_posix_acl_release(acl
);
877 #if defined(HAVE_CHECK_ACL_WITH_FLAGS)
879 zpl_check_acl(struct inode
*ip
, int mask
, unsigned int flags
)
881 return (__zpl_check_acl(ip
, mask
));
883 #elif defined(HAVE_CHECK_ACL)
885 zpl_check_acl(struct inode
*ip
, int mask
)
887 return (__zpl_check_acl(ip
, mask
));
889 #elif defined(HAVE_PERMISSION_WITH_NAMEIDATA)
891 zpl_permission(struct inode
*ip
, int mask
, struct nameidata
*nd
)
893 return (generic_permission(ip
, mask
, __zpl_check_acl
));
895 #elif defined(HAVE_PERMISSION)
897 zpl_permission(struct inode
*ip
, int mask
)
899 return (generic_permission(ip
, mask
, __zpl_check_acl
));
901 #endif /* HAVE_CHECK_ACL | HAVE_PERMISSION */
902 #endif /* !HAVE_GET_ACL */
905 zpl_init_acl(struct inode
*ip
, struct inode
*dir
)
907 struct posix_acl
*acl
= NULL
;
910 if (ITOZSB(ip
)->z_acl_type
!= ZFS_ACLTYPE_POSIXACL
)
913 if (!S_ISLNK(ip
->i_mode
)) {
914 if (ITOZSB(ip
)->z_acl_type
== ZFS_ACLTYPE_POSIXACL
) {
915 acl
= zpl_get_acl(dir
, ACL_TYPE_DEFAULT
);
917 return (PTR_ERR(acl
));
921 ip
->i_mode
&= ~current_umask();
922 ip
->i_ctime
= current_fs_time(ITOZSB(ip
)->z_sb
);
923 zfs_mark_inode_dirty(ip
);
928 if ((ITOZSB(ip
)->z_acl_type
== ZFS_ACLTYPE_POSIXACL
) && acl
) {
931 if (S_ISDIR(ip
->i_mode
)) {
932 error
= zpl_set_acl(ip
, ACL_TYPE_DEFAULT
, acl
);
938 error
= __posix_acl_create(&acl
, GFP_KERNEL
, &mode
);
941 zfs_mark_inode_dirty(ip
);
943 error
= zpl_set_acl(ip
, ACL_TYPE_ACCESS
, acl
);
947 zpl_posix_acl_release(acl
);
953 zpl_chmod_acl(struct inode
*ip
)
955 struct posix_acl
*acl
;
958 if (ITOZSB(ip
)->z_acl_type
!= ZFS_ACLTYPE_POSIXACL
)
961 if (S_ISLNK(ip
->i_mode
))
962 return (-EOPNOTSUPP
);
964 acl
= zpl_get_acl(ip
, ACL_TYPE_ACCESS
);
965 if (IS_ERR(acl
) || !acl
)
966 return (PTR_ERR(acl
));
968 error
= __posix_acl_chmod(&acl
, GFP_KERNEL
, ip
->i_mode
);
970 error
= zpl_set_acl(ip
, ACL_TYPE_ACCESS
, acl
);
972 zpl_posix_acl_release(acl
);
978 zpl_xattr_acl_list(struct inode
*ip
, char *list
, size_t list_size
,
979 const char *name
, size_t name_len
, int type
)
984 if (ITOZSB(ip
)->z_acl_type
!= ZFS_ACLTYPE_POSIXACL
)
988 case ACL_TYPE_ACCESS
:
989 xattr_name
= POSIX_ACL_XATTR_ACCESS
;
990 xattr_size
= sizeof (xattr_name
);
992 case ACL_TYPE_DEFAULT
:
993 xattr_name
= POSIX_ACL_XATTR_DEFAULT
;
994 xattr_size
= sizeof (xattr_name
);
1000 if (list
&& xattr_size
<= list_size
)
1001 memcpy(list
, xattr_name
, xattr_size
);
1003 return (xattr_size
);
1006 #ifdef HAVE_DENTRY_XATTR_LIST
1008 zpl_xattr_acl_list_access(struct dentry
*dentry
, char *list
,
1009 size_t list_size
, const char *name
, size_t name_len
, int type
)
1011 ASSERT3S(type
, ==, ACL_TYPE_ACCESS
);
1012 return zpl_xattr_acl_list(dentry
->d_inode
,
1013 list
, list_size
, name
, name_len
, type
);
1017 zpl_xattr_acl_list_default(struct dentry
*dentry
, char *list
,
1018 size_t list_size
, const char *name
, size_t name_len
, int type
)
1020 ASSERT3S(type
, ==, ACL_TYPE_DEFAULT
);
1021 return zpl_xattr_acl_list(dentry
->d_inode
,
1022 list
, list_size
, name
, name_len
, type
);
1028 zpl_xattr_acl_list_access(struct inode
*ip
, char *list
, size_t list_size
,
1029 const char *name
, size_t name_len
)
1031 return zpl_xattr_acl_list(ip
,
1032 list
, list_size
, name
, name_len
, ACL_TYPE_ACCESS
);
1036 zpl_xattr_acl_list_default(struct inode
*ip
, char *list
, size_t list_size
,
1037 const char *name
, size_t name_len
)
1039 return zpl_xattr_acl_list(ip
,
1040 list
, list_size
, name
, name_len
, ACL_TYPE_DEFAULT
);
1042 #endif /* HAVE_DENTRY_XATTR_LIST */
1045 zpl_xattr_acl_get(struct inode
*ip
, const char *name
,
1046 void *buffer
, size_t size
, int type
)
1048 struct posix_acl
*acl
;
1051 if (strcmp(name
, "") != 0)
1054 if (ITOZSB(ip
)->z_acl_type
!= ZFS_ACLTYPE_POSIXACL
)
1055 return (-EOPNOTSUPP
);
1057 acl
= zpl_get_acl(ip
, type
);
1059 return (PTR_ERR(acl
));
1063 error
= zpl_acl_to_xattr(acl
, buffer
, size
);
1064 zpl_posix_acl_release(acl
);
1069 #ifdef HAVE_DENTRY_XATTR_GET
1071 zpl_xattr_acl_get_access(struct dentry
*dentry
, const char *name
,
1072 void *buffer
, size_t size
, int type
)
1074 ASSERT3S(type
, ==, ACL_TYPE_ACCESS
);
1075 return (zpl_xattr_acl_get(dentry
->d_inode
, name
, buffer
, size
, type
));
1079 zpl_xattr_acl_get_default(struct dentry
*dentry
, const char *name
,
1080 void *buffer
, size_t size
, int type
)
1082 ASSERT3S(type
, ==, ACL_TYPE_DEFAULT
);
1083 return (zpl_xattr_acl_get(dentry
->d_inode
, name
, buffer
, size
, type
));
1089 zpl_xattr_acl_get_access(struct inode
*ip
, const char *name
,
1090 void *buffer
, size_t size
)
1092 return (zpl_xattr_acl_get(ip
, name
, buffer
, size
, ACL_TYPE_ACCESS
));
1096 zpl_xattr_acl_get_default(struct inode
*ip
, const char *name
,
1097 void *buffer
, size_t size
)
1099 return (zpl_xattr_acl_get(ip
, name
, buffer
, size
, ACL_TYPE_DEFAULT
));
1101 #endif /* HAVE_DENTRY_XATTR_GET */
1104 zpl_xattr_acl_set(struct inode
*ip
, const char *name
,
1105 const void *value
, size_t size
, int flags
, int type
)
1107 struct posix_acl
*acl
;
1110 if (strcmp(name
, "") != 0)
1113 if (ITOZSB(ip
)->z_acl_type
!= ZFS_ACLTYPE_POSIXACL
)
1114 return (-EOPNOTSUPP
);
1116 if (!zpl_inode_owner_or_capable(ip
))
1120 acl
= zpl_acl_from_xattr(value
, size
);
1122 return (PTR_ERR(acl
));
1124 error
= posix_acl_valid(acl
);
1126 zpl_posix_acl_release(acl
);
1134 error
= zpl_set_acl(ip
, type
, acl
);
1135 zpl_posix_acl_release(acl
);
1140 #ifdef HAVE_DENTRY_XATTR_SET
1142 zpl_xattr_acl_set_access(struct dentry
*dentry
, const char *name
,
1143 const void *value
, size_t size
, int flags
, int type
)
1145 ASSERT3S(type
, ==, ACL_TYPE_ACCESS
);
1146 return (zpl_xattr_acl_set(dentry
->d_inode
,
1147 name
, value
, size
, flags
, type
));
1151 zpl_xattr_acl_set_default(struct dentry
*dentry
, const char *name
,
1152 const void *value
, size_t size
, int flags
, int type
)
1154 ASSERT3S(type
, ==, ACL_TYPE_DEFAULT
);
1155 return zpl_xattr_acl_set(dentry
->d_inode
,
1156 name
, value
, size
, flags
, type
);
1162 zpl_xattr_acl_set_access(struct inode
*ip
, const char *name
,
1163 const void *value
, size_t size
, int flags
)
1165 return zpl_xattr_acl_set(ip
,
1166 name
, value
, size
, flags
, ACL_TYPE_ACCESS
);
1170 zpl_xattr_acl_set_default(struct inode
*ip
, const char *name
,
1171 const void *value
, size_t size
, int flags
)
1173 return zpl_xattr_acl_set(ip
,
1174 name
, value
, size
, flags
, ACL_TYPE_DEFAULT
);
1176 #endif /* HAVE_DENTRY_XATTR_SET */
1178 struct xattr_handler zpl_xattr_acl_access_handler
=
1180 .prefix
= POSIX_ACL_XATTR_ACCESS
,
1181 .list
= zpl_xattr_acl_list_access
,
1182 .get
= zpl_xattr_acl_get_access
,
1183 .set
= zpl_xattr_acl_set_access
,
1184 #ifdef HAVE_DENTRY_XATTR_LIST
1185 .flags
= ACL_TYPE_ACCESS
,
1186 #endif /* HAVE_DENTRY_XATTR_LIST */
1189 struct xattr_handler zpl_xattr_acl_default_handler
=
1191 .prefix
= POSIX_ACL_XATTR_DEFAULT
,
1192 .list
= zpl_xattr_acl_list_default
,
1193 .get
= zpl_xattr_acl_get_default
,
1194 .set
= zpl_xattr_acl_set_default
,
1195 #ifdef HAVE_DENTRY_XATTR_LIST
1196 .flags
= ACL_TYPE_DEFAULT
,
1197 #endif /* HAVE_DENTRY_XATTR_LIST */
1200 #endif /* CONFIG_FS_POSIX_ACL */
1202 xattr_handler_t
*zpl_xattr_handlers
[] = {
1203 &zpl_xattr_security_handler
,
1204 &zpl_xattr_trusted_handler
,
1205 &zpl_xattr_user_handler
,
1206 #ifdef CONFIG_FS_POSIX_ACL
1207 &zpl_xattr_acl_access_handler
,
1208 &zpl_xattr_acl_default_handler
,
1209 #endif /* CONFIG_FS_POSIX_ACL */