This source file includes following definitions.
- create_xattr
- change_xattr
- iget_xattr
- ubifs_xattr_set
- ubifs_xattr_get
- xattr_visible
- ubifs_listxattr
- remove_xattr
- ubifs_purge_xattrs
- ubifs_evict_xattr_inode
- ubifs_xattr_remove
- init_xattrs
- ubifs_init_security
- xattr_get
- xattr_set
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46 #include "ubifs.h"
47 #include <linux/fs.h>
48 #include <linux/slab.h>
49 #include <linux/xattr.h>
50
51
52
53
54
55
56
57
58 enum {
59 USER_XATTR,
60 TRUSTED_XATTR,
61 SECURITY_XATTR,
62 };
63
64 static const struct inode_operations empty_iops;
65 static const struct file_operations empty_fops;
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81 static int create_xattr(struct ubifs_info *c, struct inode *host,
82 const struct fscrypt_name *nm, const void *value, int size)
83 {
84 int err, names_len;
85 struct inode *inode;
86 struct ubifs_inode *ui, *host_ui = ubifs_inode(host);
87 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
88 .new_ino_d = ALIGN(size, 8), .dirtied_ino = 1,
89 .dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
90
91 if (host_ui->xattr_cnt >= ubifs_xattr_max_cnt(c)) {
92 ubifs_err(c, "inode %lu already has too many xattrs (%d), cannot create more",
93 host->i_ino, host_ui->xattr_cnt);
94 return -ENOSPC;
95 }
96
97
98
99
100
101
102 names_len = host_ui->xattr_names + host_ui->xattr_cnt + fname_len(nm) + 1;
103 if (names_len > XATTR_LIST_MAX) {
104 ubifs_err(c, "cannot add one more xattr name to inode %lu, total names length would become %d, max. is %d",
105 host->i_ino, names_len, XATTR_LIST_MAX);
106 return -ENOSPC;
107 }
108
109 err = ubifs_budget_space(c, &req);
110 if (err)
111 return err;
112
113 inode = ubifs_new_inode(c, host, S_IFREG | S_IRWXUGO);
114 if (IS_ERR(inode)) {
115 err = PTR_ERR(inode);
116 goto out_budg;
117 }
118
119
120 inode->i_mapping->a_ops = &empty_aops;
121 inode->i_op = &empty_iops;
122 inode->i_fop = &empty_fops;
123
124 inode->i_flags |= S_SYNC | S_NOATIME | S_NOCMTIME;
125 ui = ubifs_inode(inode);
126 ui->xattr = 1;
127 ui->flags |= UBIFS_XATTR_FL;
128 ui->data = kmemdup(value, size, GFP_NOFS);
129 if (!ui->data) {
130 err = -ENOMEM;
131 goto out_free;
132 }
133 inode->i_size = ui->ui_size = size;
134 ui->data_len = size;
135
136 mutex_lock(&host_ui->ui_mutex);
137 host->i_ctime = current_time(host);
138 host_ui->xattr_cnt += 1;
139 host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
140 host_ui->xattr_size += CALC_XATTR_BYTES(size);
141 host_ui->xattr_names += fname_len(nm);
142
143
144
145
146
147
148
149 if (strcmp(fname_name(nm), UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
150 host_ui->flags |= UBIFS_CRYPT_FL;
151
152 err = ubifs_jnl_update(c, host, nm, inode, 0, 1);
153 if (err)
154 goto out_cancel;
155 ubifs_set_inode_flags(host);
156 mutex_unlock(&host_ui->ui_mutex);
157
158 ubifs_release_budget(c, &req);
159 insert_inode_hash(inode);
160 iput(inode);
161 return 0;
162
163 out_cancel:
164 host_ui->xattr_cnt -= 1;
165 host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
166 host_ui->xattr_size -= CALC_XATTR_BYTES(size);
167 host_ui->xattr_names -= fname_len(nm);
168 host_ui->flags &= ~UBIFS_CRYPT_FL;
169 mutex_unlock(&host_ui->ui_mutex);
170 out_free:
171 make_bad_inode(inode);
172 iput(inode);
173 out_budg:
174 ubifs_release_budget(c, &req);
175 return err;
176 }
177
178
179
180
181
182
183
184
185
186
187
188
189
190 static int change_xattr(struct ubifs_info *c, struct inode *host,
191 struct inode *inode, const void *value, int size)
192 {
193 int err;
194 struct ubifs_inode *host_ui = ubifs_inode(host);
195 struct ubifs_inode *ui = ubifs_inode(inode);
196 void *buf = NULL;
197 int old_size;
198 struct ubifs_budget_req req = { .dirtied_ino = 2,
199 .dirtied_ino_d = ALIGN(size, 8) + ALIGN(host_ui->data_len, 8) };
200
201 ubifs_assert(c, ui->data_len == inode->i_size);
202 err = ubifs_budget_space(c, &req);
203 if (err)
204 return err;
205
206 buf = kmemdup(value, size, GFP_NOFS);
207 if (!buf) {
208 err = -ENOMEM;
209 goto out_free;
210 }
211 mutex_lock(&ui->ui_mutex);
212 kfree(ui->data);
213 ui->data = buf;
214 inode->i_size = ui->ui_size = size;
215 old_size = ui->data_len;
216 ui->data_len = size;
217 mutex_unlock(&ui->ui_mutex);
218
219 mutex_lock(&host_ui->ui_mutex);
220 host->i_ctime = current_time(host);
221 host_ui->xattr_size -= CALC_XATTR_BYTES(old_size);
222 host_ui->xattr_size += CALC_XATTR_BYTES(size);
223
224
225
226
227
228
229
230 err = ubifs_jnl_change_xattr(c, inode, host);
231 if (err)
232 goto out_cancel;
233 mutex_unlock(&host_ui->ui_mutex);
234
235 ubifs_release_budget(c, &req);
236 return 0;
237
238 out_cancel:
239 host_ui->xattr_size -= CALC_XATTR_BYTES(size);
240 host_ui->xattr_size += CALC_XATTR_BYTES(old_size);
241 mutex_unlock(&host_ui->ui_mutex);
242 make_bad_inode(inode);
243 out_free:
244 ubifs_release_budget(c, &req);
245 return err;
246 }
247
248 static struct inode *iget_xattr(struct ubifs_info *c, ino_t inum)
249 {
250 struct inode *inode;
251
252 inode = ubifs_iget(c->vfs_sb, inum);
253 if (IS_ERR(inode)) {
254 ubifs_err(c, "dead extended attribute entry, error %d",
255 (int)PTR_ERR(inode));
256 return inode;
257 }
258 if (ubifs_inode(inode)->xattr)
259 return inode;
260 ubifs_err(c, "corrupt extended attribute entry");
261 iput(inode);
262 return ERR_PTR(-EINVAL);
263 }
264
265 int ubifs_xattr_set(struct inode *host, const char *name, const void *value,
266 size_t size, int flags, bool check_lock)
267 {
268 struct inode *inode;
269 struct ubifs_info *c = host->i_sb->s_fs_info;
270 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
271 struct ubifs_dent_node *xent;
272 union ubifs_key key;
273 int err;
274
275 if (check_lock)
276 ubifs_assert(c, inode_is_locked(host));
277
278 if (size > UBIFS_MAX_INO_DATA)
279 return -ERANGE;
280
281 if (fname_len(&nm) > UBIFS_MAX_NLEN)
282 return -ENAMETOOLONG;
283
284 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
285 if (!xent)
286 return -ENOMEM;
287
288
289
290
291
292 xent_key_init(c, &key, host->i_ino, &nm);
293 err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
294 if (err) {
295 if (err != -ENOENT)
296 goto out_free;
297
298 if (flags & XATTR_REPLACE)
299
300 err = -ENODATA;
301 else
302 err = create_xattr(c, host, &nm, value, size);
303 goto out_free;
304 }
305
306 if (flags & XATTR_CREATE) {
307
308 err = -EEXIST;
309 goto out_free;
310 }
311
312 inode = iget_xattr(c, le64_to_cpu(xent->inum));
313 if (IS_ERR(inode)) {
314 err = PTR_ERR(inode);
315 goto out_free;
316 }
317
318 err = change_xattr(c, host, inode, value, size);
319 iput(inode);
320
321 out_free:
322 kfree(xent);
323 return err;
324 }
325
326 ssize_t ubifs_xattr_get(struct inode *host, const char *name, void *buf,
327 size_t size)
328 {
329 struct inode *inode;
330 struct ubifs_info *c = host->i_sb->s_fs_info;
331 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
332 struct ubifs_inode *ui;
333 struct ubifs_dent_node *xent;
334 union ubifs_key key;
335 int err;
336
337 if (fname_len(&nm) > UBIFS_MAX_NLEN)
338 return -ENAMETOOLONG;
339
340 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
341 if (!xent)
342 return -ENOMEM;
343
344 xent_key_init(c, &key, host->i_ino, &nm);
345 err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
346 if (err) {
347 if (err == -ENOENT)
348 err = -ENODATA;
349 goto out_unlock;
350 }
351
352 inode = iget_xattr(c, le64_to_cpu(xent->inum));
353 if (IS_ERR(inode)) {
354 err = PTR_ERR(inode);
355 goto out_unlock;
356 }
357
358 ui = ubifs_inode(inode);
359 ubifs_assert(c, inode->i_size == ui->data_len);
360 ubifs_assert(c, ubifs_inode(host)->xattr_size > ui->data_len);
361
362 mutex_lock(&ui->ui_mutex);
363 if (buf) {
364
365 if (ui->data_len > size) {
366 err = -ERANGE;
367 goto out_iput;
368 }
369
370 memcpy(buf, ui->data, ui->data_len);
371 }
372 err = ui->data_len;
373
374 out_iput:
375 mutex_unlock(&ui->ui_mutex);
376 iput(inode);
377 out_unlock:
378 kfree(xent);
379 return err;
380 }
381
382 static bool xattr_visible(const char *name)
383 {
384
385 if (strcmp(name, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
386 return false;
387
388
389 if (strncmp(name, XATTR_TRUSTED_PREFIX,
390 XATTR_TRUSTED_PREFIX_LEN) == 0 && !capable(CAP_SYS_ADMIN))
391 return false;
392
393 return true;
394 }
395
396 ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size)
397 {
398 union ubifs_key key;
399 struct inode *host = d_inode(dentry);
400 struct ubifs_info *c = host->i_sb->s_fs_info;
401 struct ubifs_inode *host_ui = ubifs_inode(host);
402 struct ubifs_dent_node *xent, *pxent = NULL;
403 int err, len, written = 0;
404 struct fscrypt_name nm = {0};
405
406 dbg_gen("ino %lu ('%pd'), buffer size %zd", host->i_ino,
407 dentry, size);
408
409 len = host_ui->xattr_names + host_ui->xattr_cnt;
410 if (!buffer)
411
412
413
414
415 return len;
416
417 if (len > size)
418 return -ERANGE;
419
420 lowest_xent_key(c, &key, host->i_ino);
421 while (1) {
422 xent = ubifs_tnc_next_ent(c, &key, &nm);
423 if (IS_ERR(xent)) {
424 err = PTR_ERR(xent);
425 break;
426 }
427
428 fname_name(&nm) = xent->name;
429 fname_len(&nm) = le16_to_cpu(xent->nlen);
430
431 if (xattr_visible(xent->name)) {
432 memcpy(buffer + written, fname_name(&nm), fname_len(&nm) + 1);
433 written += fname_len(&nm) + 1;
434 }
435
436 kfree(pxent);
437 pxent = xent;
438 key_read(c, &xent->key, &key);
439 }
440
441 kfree(pxent);
442 if (err != -ENOENT) {
443 ubifs_err(c, "cannot find next direntry, error %d", err);
444 return err;
445 }
446
447 ubifs_assert(c, written <= size);
448 return written;
449 }
450
451 static int remove_xattr(struct ubifs_info *c, struct inode *host,
452 struct inode *inode, const struct fscrypt_name *nm)
453 {
454 int err;
455 struct ubifs_inode *host_ui = ubifs_inode(host);
456 struct ubifs_inode *ui = ubifs_inode(inode);
457 struct ubifs_budget_req req = { .dirtied_ino = 2, .mod_dent = 1,
458 .dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
459
460 ubifs_assert(c, ui->data_len == inode->i_size);
461
462 err = ubifs_budget_space(c, &req);
463 if (err)
464 return err;
465
466 mutex_lock(&host_ui->ui_mutex);
467 host->i_ctime = current_time(host);
468 host_ui->xattr_cnt -= 1;
469 host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
470 host_ui->xattr_size -= CALC_XATTR_BYTES(ui->data_len);
471 host_ui->xattr_names -= fname_len(nm);
472
473 err = ubifs_jnl_delete_xattr(c, host, inode, nm);
474 if (err)
475 goto out_cancel;
476 mutex_unlock(&host_ui->ui_mutex);
477
478 ubifs_release_budget(c, &req);
479 return 0;
480
481 out_cancel:
482 host_ui->xattr_cnt += 1;
483 host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
484 host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len);
485 host_ui->xattr_names += fname_len(nm);
486 mutex_unlock(&host_ui->ui_mutex);
487 ubifs_release_budget(c, &req);
488 make_bad_inode(inode);
489 return err;
490 }
491
492 int ubifs_purge_xattrs(struct inode *host)
493 {
494 union ubifs_key key;
495 struct ubifs_info *c = host->i_sb->s_fs_info;
496 struct ubifs_dent_node *xent, *pxent = NULL;
497 struct inode *xino;
498 struct fscrypt_name nm = {0};
499 int err;
500
501 if (ubifs_inode(host)->xattr_cnt < ubifs_xattr_max_cnt(c))
502 return 0;
503
504 ubifs_warn(c, "inode %lu has too many xattrs, doing a non-atomic deletion",
505 host->i_ino);
506
507 lowest_xent_key(c, &key, host->i_ino);
508 while (1) {
509 xent = ubifs_tnc_next_ent(c, &key, &nm);
510 if (IS_ERR(xent)) {
511 err = PTR_ERR(xent);
512 break;
513 }
514
515 fname_name(&nm) = xent->name;
516 fname_len(&nm) = le16_to_cpu(xent->nlen);
517
518 xino = ubifs_iget(c->vfs_sb, le64_to_cpu(xent->inum));
519 if (IS_ERR(xino)) {
520 err = PTR_ERR(xino);
521 ubifs_err(c, "dead directory entry '%s', error %d",
522 xent->name, err);
523 ubifs_ro_mode(c, err);
524 kfree(pxent);
525 return err;
526 }
527
528 ubifs_assert(c, ubifs_inode(xino)->xattr);
529
530 clear_nlink(xino);
531 err = remove_xattr(c, host, xino, &nm);
532 if (err) {
533 kfree(pxent);
534 iput(xino);
535 ubifs_err(c, "cannot remove xattr, error %d", err);
536 return err;
537 }
538
539 iput(xino);
540
541 kfree(pxent);
542 pxent = xent;
543 key_read(c, &xent->key, &key);
544 }
545
546 kfree(pxent);
547 if (err != -ENOENT) {
548 ubifs_err(c, "cannot find next direntry, error %d", err);
549 return err;
550 }
551
552 return 0;
553 }
554
555
556
557
558
559
560
561
562
563
564
565
566 void ubifs_evict_xattr_inode(struct ubifs_info *c, ino_t xattr_inum)
567 {
568 struct inode *inode;
569
570 inode = ilookup(c->vfs_sb, xattr_inum);
571 if (inode) {
572 clear_nlink(inode);
573 iput(inode);
574 }
575 }
576
577 static int ubifs_xattr_remove(struct inode *host, const char *name)
578 {
579 struct inode *inode;
580 struct ubifs_info *c = host->i_sb->s_fs_info;
581 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
582 struct ubifs_dent_node *xent;
583 union ubifs_key key;
584 int err;
585
586 ubifs_assert(c, inode_is_locked(host));
587
588 if (fname_len(&nm) > UBIFS_MAX_NLEN)
589 return -ENAMETOOLONG;
590
591 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
592 if (!xent)
593 return -ENOMEM;
594
595 xent_key_init(c, &key, host->i_ino, &nm);
596 err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
597 if (err) {
598 if (err == -ENOENT)
599 err = -ENODATA;
600 goto out_free;
601 }
602
603 inode = iget_xattr(c, le64_to_cpu(xent->inum));
604 if (IS_ERR(inode)) {
605 err = PTR_ERR(inode);
606 goto out_free;
607 }
608
609 ubifs_assert(c, inode->i_nlink == 1);
610 clear_nlink(inode);
611 err = remove_xattr(c, host, inode, &nm);
612 if (err)
613 set_nlink(inode, 1);
614
615
616 iput(inode);
617
618 out_free:
619 kfree(xent);
620 return err;
621 }
622
623 #ifdef CONFIG_UBIFS_FS_SECURITY
624 static int init_xattrs(struct inode *inode, const struct xattr *xattr_array,
625 void *fs_info)
626 {
627 const struct xattr *xattr;
628 char *name;
629 int err = 0;
630
631 for (xattr = xattr_array; xattr->name != NULL; xattr++) {
632 name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
633 strlen(xattr->name) + 1, GFP_NOFS);
634 if (!name) {
635 err = -ENOMEM;
636 break;
637 }
638 strcpy(name, XATTR_SECURITY_PREFIX);
639 strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
640
641
642
643
644 err = ubifs_xattr_set(inode, name, xattr->value,
645 xattr->value_len, 0, false);
646 kfree(name);
647 if (err < 0)
648 break;
649 }
650
651 return err;
652 }
653
654 int ubifs_init_security(struct inode *dentry, struct inode *inode,
655 const struct qstr *qstr)
656 {
657 int err;
658
659 err = security_inode_init_security(inode, dentry, qstr,
660 &init_xattrs, 0);
661 if (err) {
662 struct ubifs_info *c = dentry->i_sb->s_fs_info;
663 ubifs_err(c, "cannot initialize security for inode %lu, error %d",
664 inode->i_ino, err);
665 }
666 return err;
667 }
668 #endif
669
670 static int xattr_get(const struct xattr_handler *handler,
671 struct dentry *dentry, struct inode *inode,
672 const char *name, void *buffer, size_t size)
673 {
674 dbg_gen("xattr '%s', ino %lu ('%pd'), buf size %zd", name,
675 inode->i_ino, dentry, size);
676
677 name = xattr_full_name(handler, name);
678 return ubifs_xattr_get(inode, name, buffer, size);
679 }
680
681 static int xattr_set(const struct xattr_handler *handler,
682 struct dentry *dentry, struct inode *inode,
683 const char *name, const void *value,
684 size_t size, int flags)
685 {
686 dbg_gen("xattr '%s', host ino %lu ('%pd'), size %zd",
687 name, inode->i_ino, dentry, size);
688
689 name = xattr_full_name(handler, name);
690
691 if (value)
692 return ubifs_xattr_set(inode, name, value, size, flags, true);
693 else
694 return ubifs_xattr_remove(inode, name);
695 }
696
697 static const struct xattr_handler ubifs_user_xattr_handler = {
698 .prefix = XATTR_USER_PREFIX,
699 .get = xattr_get,
700 .set = xattr_set,
701 };
702
703 static const struct xattr_handler ubifs_trusted_xattr_handler = {
704 .prefix = XATTR_TRUSTED_PREFIX,
705 .get = xattr_get,
706 .set = xattr_set,
707 };
708
709 #ifdef CONFIG_UBIFS_FS_SECURITY
710 static const struct xattr_handler ubifs_security_xattr_handler = {
711 .prefix = XATTR_SECURITY_PREFIX,
712 .get = xattr_get,
713 .set = xattr_set,
714 };
715 #endif
716
717 const struct xattr_handler *ubifs_xattr_handlers[] = {
718 &ubifs_user_xattr_handler,
719 &ubifs_trusted_xattr_handler,
720 #ifdef CONFIG_UBIFS_FS_SECURITY
721 &ubifs_security_xattr_handler,
722 #endif
723 NULL
724 };