]>
Commit | Line | Data |
---|---|---|
be71b5cb KK |
1 | // SPDX-License-Identifier: GPL-2.0 |
2 | /* | |
3 | * | |
4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. | |
5 | * | |
6 | */ | |
7 | ||
be71b5cb | 8 | #include <linux/fs.h> |
be71b5cb KK |
9 | #include <linux/posix_acl.h> |
10 | #include <linux/posix_acl_xattr.h> | |
11 | #include <linux/xattr.h> | |
12 | ||
13 | #include "debug.h" | |
14 | #include "ntfs.h" | |
15 | #include "ntfs_fs.h" | |
16 | ||
17 | // clang-format off | |
18 | #define SYSTEM_DOS_ATTRIB "system.dos_attrib" | |
19 | #define SYSTEM_NTFS_ATTRIB "system.ntfs_attrib" | |
20 | #define SYSTEM_NTFS_SECURITY "system.ntfs_security" | |
21 | // clang-format on | |
22 | ||
23 | static inline size_t unpacked_ea_size(const struct EA_FULL *ea) | |
24 | { | |
25 | return ea->size ? le32_to_cpu(ea->size) | |
d3624466 KK |
26 | : ALIGN(struct_size(ea, name, |
27 | 1 + ea->name_len + | |
28 | le16_to_cpu(ea->elength)), | |
29 | 4); | |
be71b5cb KK |
30 | } |
31 | ||
32 | static inline size_t packed_ea_size(const struct EA_FULL *ea) | |
33 | { | |
34 | return struct_size(ea, name, | |
35 | 1 + ea->name_len + le16_to_cpu(ea->elength)) - | |
36 | offsetof(struct EA_FULL, flags); | |
37 | } | |
38 | ||
39 | /* | |
40 | * find_ea | |
41 | * | |
e8b8e97f | 42 | * Assume there is at least one xattr in the list. |
be71b5cb KK |
43 | */ |
44 | static inline bool find_ea(const struct EA_FULL *ea_all, u32 bytes, | |
45 | const char *name, u8 name_len, u32 *off) | |
46 | { | |
47 | *off = 0; | |
48 | ||
49 | if (!ea_all || !bytes) | |
50 | return false; | |
51 | ||
52 | for (;;) { | |
53 | const struct EA_FULL *ea = Add2Ptr(ea_all, *off); | |
54 | u32 next_off = *off + unpacked_ea_size(ea); | |
55 | ||
56 | if (next_off > bytes) | |
57 | return false; | |
58 | ||
59 | if (ea->name_len == name_len && | |
60 | !memcmp(ea->name, name, name_len)) | |
61 | return true; | |
62 | ||
63 | *off = next_off; | |
64 | if (next_off >= bytes) | |
65 | return false; | |
66 | } | |
67 | } | |
68 | ||
69 | /* | |
e8b8e97f KA |
70 | * ntfs_read_ea - Read all extended attributes. |
71 | * @ea: New allocated memory. | |
72 | * @info: Pointer into resident data. | |
be71b5cb KK |
73 | */ |
74 | static int ntfs_read_ea(struct ntfs_inode *ni, struct EA_FULL **ea, | |
75 | size_t add_bytes, const struct EA_INFO **info) | |
76 | { | |
77 | int err; | |
cff32466 | 78 | struct ntfs_sb_info *sbi = ni->mi.sbi; |
be71b5cb KK |
79 | struct ATTR_LIST_ENTRY *le = NULL; |
80 | struct ATTRIB *attr_info, *attr_ea; | |
81 | void *ea_p; | |
82 | u32 size; | |
83 | ||
84 | static_assert(le32_to_cpu(ATTR_EA_INFO) < le32_to_cpu(ATTR_EA)); | |
85 | ||
86 | *ea = NULL; | |
87 | *info = NULL; | |
88 | ||
89 | attr_info = | |
90 | ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, NULL); | |
91 | attr_ea = | |
92 | ni_find_attr(ni, attr_info, &le, ATTR_EA, NULL, 0, NULL, NULL); | |
93 | ||
94 | if (!attr_ea || !attr_info) | |
95 | return 0; | |
96 | ||
97 | *info = resident_data_ex(attr_info, sizeof(struct EA_INFO)); | |
98 | if (!*info) | |
99 | return -EINVAL; | |
100 | ||
e8b8e97f | 101 | /* Check Ea limit. */ |
be71b5cb | 102 | size = le32_to_cpu((*info)->size); |
cff32466 | 103 | if (size > sbi->ea_max_size) |
be71b5cb KK |
104 | return -EFBIG; |
105 | ||
cff32466 | 106 | if (attr_size(attr_ea) > sbi->ea_max_size) |
be71b5cb KK |
107 | return -EFBIG; |
108 | ||
e8b8e97f | 109 | /* Allocate memory for packed Ea. */ |
195c52bd | 110 | ea_p = kmalloc(size + add_bytes, GFP_NOFS); |
be71b5cb KK |
111 | if (!ea_p) |
112 | return -ENOMEM; | |
113 | ||
cff32466 | 114 | if (!size) { |
87e21c99 | 115 | /* EA info persists, but xattr is empty. Looks like EA problem. */ |
cff32466 | 116 | } else if (attr_ea->non_res) { |
be71b5cb KK |
117 | struct runs_tree run; |
118 | ||
119 | run_init(&run); | |
120 | ||
42f86b12 | 121 | err = attr_load_runs_range(ni, ATTR_EA, NULL, 0, &run, 0, size); |
be71b5cb | 122 | if (!err) |
cff32466 | 123 | err = ntfs_read_run_nb(sbi, &run, 0, ea_p, size, NULL); |
be71b5cb KK |
124 | run_close(&run); |
125 | ||
126 | if (err) | |
127 | goto out; | |
128 | } else { | |
129 | void *p = resident_data_ex(attr_ea, size); | |
130 | ||
131 | if (!p) { | |
132 | err = -EINVAL; | |
133 | goto out; | |
134 | } | |
135 | memcpy(ea_p, p, size); | |
136 | } | |
137 | ||
138 | memset(Add2Ptr(ea_p, size), 0, add_bytes); | |
139 | *ea = ea_p; | |
140 | return 0; | |
141 | ||
142 | out: | |
195c52bd | 143 | kfree(ea_p); |
be71b5cb KK |
144 | *ea = NULL; |
145 | return err; | |
146 | } | |
147 | ||
148 | /* | |
149 | * ntfs_list_ea | |
150 | * | |
e8b8e97f KA |
151 | * Copy a list of xattrs names into the buffer |
152 | * provided, or compute the buffer size required. | |
be71b5cb | 153 | * |
e8b8e97f KA |
154 | * Return: |
155 | * * Number of bytes used / required on | |
156 | * * -ERRNO - on failure | |
be71b5cb KK |
157 | */ |
158 | static ssize_t ntfs_list_ea(struct ntfs_inode *ni, char *buffer, | |
159 | size_t bytes_per_buffer) | |
160 | { | |
161 | const struct EA_INFO *info; | |
162 | struct EA_FULL *ea_all = NULL; | |
163 | const struct EA_FULL *ea; | |
164 | u32 off, size; | |
165 | int err; | |
166 | size_t ret; | |
167 | ||
168 | err = ntfs_read_ea(ni, &ea_all, 0, &info); | |
169 | if (err) | |
170 | return err; | |
171 | ||
172 | if (!info || !ea_all) | |
173 | return 0; | |
174 | ||
175 | size = le32_to_cpu(info->size); | |
176 | ||
e8b8e97f | 177 | /* Enumerate all xattrs. */ |
be71b5cb KK |
178 | for (ret = 0, off = 0; off < size; off += unpacked_ea_size(ea)) { |
179 | ea = Add2Ptr(ea_all, off); | |
180 | ||
181 | if (buffer) { | |
182 | if (ret + ea->name_len + 1 > bytes_per_buffer) { | |
183 | err = -ERANGE; | |
184 | goto out; | |
185 | } | |
186 | ||
187 | memcpy(buffer + ret, ea->name, ea->name_len); | |
188 | buffer[ret + ea->name_len] = 0; | |
189 | } | |
190 | ||
191 | ret += ea->name_len + 1; | |
192 | } | |
193 | ||
194 | out: | |
195c52bd | 195 | kfree(ea_all); |
be71b5cb KK |
196 | return err ? err : ret; |
197 | } | |
198 | ||
199 | static int ntfs_get_ea(struct inode *inode, const char *name, size_t name_len, | |
200 | void *buffer, size_t size, size_t *required) | |
201 | { | |
202 | struct ntfs_inode *ni = ntfs_i(inode); | |
203 | const struct EA_INFO *info; | |
204 | struct EA_FULL *ea_all = NULL; | |
205 | const struct EA_FULL *ea; | |
206 | u32 off, len; | |
207 | int err; | |
208 | ||
209 | if (!(ni->ni_flags & NI_FLAG_EA)) | |
210 | return -ENODATA; | |
211 | ||
212 | if (!required) | |
213 | ni_lock(ni); | |
214 | ||
215 | len = 0; | |
216 | ||
217 | if (name_len > 255) { | |
218 | err = -ENAMETOOLONG; | |
219 | goto out; | |
220 | } | |
221 | ||
222 | err = ntfs_read_ea(ni, &ea_all, 0, &info); | |
223 | if (err) | |
224 | goto out; | |
225 | ||
226 | if (!info) | |
227 | goto out; | |
228 | ||
e8b8e97f | 229 | /* Enumerate all xattrs. */ |
be71b5cb KK |
230 | if (!find_ea(ea_all, le32_to_cpu(info->size), name, name_len, &off)) { |
231 | err = -ENODATA; | |
232 | goto out; | |
233 | } | |
234 | ea = Add2Ptr(ea_all, off); | |
235 | ||
236 | len = le16_to_cpu(ea->elength); | |
237 | if (!buffer) { | |
238 | err = 0; | |
239 | goto out; | |
240 | } | |
241 | ||
242 | if (len > size) { | |
243 | err = -ERANGE; | |
244 | if (required) | |
245 | *required = len; | |
246 | goto out; | |
247 | } | |
248 | ||
249 | memcpy(buffer, ea->name + ea->name_len + 1, len); | |
250 | err = 0; | |
251 | ||
252 | out: | |
195c52bd | 253 | kfree(ea_all); |
be71b5cb KK |
254 | if (!required) |
255 | ni_unlock(ni); | |
256 | ||
257 | return err ? err : len; | |
258 | } | |
259 | ||
260 | static noinline int ntfs_set_ea(struct inode *inode, const char *name, | |
261 | size_t name_len, const void *value, | |
3a2154b2 | 262 | size_t val_size, int flags, bool locked) |
be71b5cb KK |
263 | { |
264 | struct ntfs_inode *ni = ntfs_i(inode); | |
265 | struct ntfs_sb_info *sbi = ni->mi.sbi; | |
266 | int err; | |
267 | struct EA_INFO ea_info; | |
268 | const struct EA_INFO *info; | |
269 | struct EA_FULL *new_ea; | |
270 | struct EA_FULL *ea_all = NULL; | |
271 | size_t add, new_pack; | |
272 | u32 off, size; | |
273 | __le16 size_pack; | |
274 | struct ATTRIB *attr; | |
275 | struct ATTR_LIST_ENTRY *le; | |
276 | struct mft_inode *mi; | |
277 | struct runs_tree ea_run; | |
278 | u64 new_sz; | |
279 | void *p; | |
280 | ||
3a2154b2 KK |
281 | if (!locked) |
282 | ni_lock(ni); | |
be71b5cb KK |
283 | |
284 | run_init(&ea_run); | |
285 | ||
286 | if (name_len > 255) { | |
287 | err = -ENAMETOOLONG; | |
288 | goto out; | |
289 | } | |
290 | ||
fa3cacf5 | 291 | add = ALIGN(struct_size(ea_all, name, 1 + name_len + val_size), 4); |
be71b5cb KK |
292 | |
293 | err = ntfs_read_ea(ni, &ea_all, add, &info); | |
294 | if (err) | |
295 | goto out; | |
296 | ||
297 | if (!info) { | |
298 | memset(&ea_info, 0, sizeof(ea_info)); | |
299 | size = 0; | |
300 | size_pack = 0; | |
301 | } else { | |
302 | memcpy(&ea_info, info, sizeof(ea_info)); | |
303 | size = le32_to_cpu(ea_info.size); | |
304 | size_pack = ea_info.size_pack; | |
305 | } | |
306 | ||
307 | if (info && find_ea(ea_all, size, name, name_len, &off)) { | |
308 | struct EA_FULL *ea; | |
309 | size_t ea_sz; | |
310 | ||
311 | if (flags & XATTR_CREATE) { | |
312 | err = -EEXIST; | |
313 | goto out; | |
314 | } | |
315 | ||
316 | ea = Add2Ptr(ea_all, off); | |
317 | ||
318 | /* | |
319 | * Check simple case when we try to insert xattr with the same value | |
320 | * e.g. ntfs_save_wsl_perm | |
321 | */ | |
322 | if (val_size && le16_to_cpu(ea->elength) == val_size && | |
323 | !memcmp(ea->name + ea->name_len + 1, value, val_size)) { | |
e8b8e97f | 324 | /* xattr already contains the required value. */ |
be71b5cb KK |
325 | goto out; |
326 | } | |
327 | ||
e8b8e97f | 328 | /* Remove current xattr. */ |
be71b5cb KK |
329 | if (ea->flags & FILE_NEED_EA) |
330 | le16_add_cpu(&ea_info.count, -1); | |
331 | ||
332 | ea_sz = unpacked_ea_size(ea); | |
333 | ||
334 | le16_add_cpu(&ea_info.size_pack, 0 - packed_ea_size(ea)); | |
335 | ||
336 | memmove(ea, Add2Ptr(ea, ea_sz), size - off - ea_sz); | |
337 | ||
338 | size -= ea_sz; | |
339 | memset(Add2Ptr(ea_all, size), 0, ea_sz); | |
340 | ||
341 | ea_info.size = cpu_to_le32(size); | |
342 | ||
343 | if ((flags & XATTR_REPLACE) && !val_size) { | |
e8b8e97f | 344 | /* Remove xattr. */ |
be71b5cb KK |
345 | goto update_ea; |
346 | } | |
347 | } else { | |
348 | if (flags & XATTR_REPLACE) { | |
349 | err = -ENODATA; | |
350 | goto out; | |
351 | } | |
352 | ||
353 | if (!ea_all) { | |
195c52bd | 354 | ea_all = kzalloc(add, GFP_NOFS); |
be71b5cb KK |
355 | if (!ea_all) { |
356 | err = -ENOMEM; | |
357 | goto out; | |
358 | } | |
359 | } | |
360 | } | |
361 | ||
e8b8e97f | 362 | /* Append new xattr. */ |
be71b5cb KK |
363 | new_ea = Add2Ptr(ea_all, size); |
364 | new_ea->size = cpu_to_le32(add); | |
365 | new_ea->flags = 0; | |
366 | new_ea->name_len = name_len; | |
367 | new_ea->elength = cpu_to_le16(val_size); | |
368 | memcpy(new_ea->name, name, name_len); | |
369 | new_ea->name[name_len] = 0; | |
370 | memcpy(new_ea->name + name_len + 1, value, val_size); | |
371 | new_pack = le16_to_cpu(ea_info.size_pack) + packed_ea_size(new_ea); | |
be71b5cb | 372 | ea_info.size_pack = cpu_to_le16(new_pack); |
e8b8e97f | 373 | /* New size of ATTR_EA. */ |
be71b5cb | 374 | size += add; |
cff32466 KK |
375 | ea_info.size = cpu_to_le32(size); |
376 | ||
377 | /* | |
378 | * 1. Check ea_info.size_pack for overflow. | |
379 | * 2. New attibute size must fit value from $AttrDef | |
380 | */ | |
381 | if (new_pack > 0xffff || size > sbi->ea_max_size) { | |
382 | ntfs_inode_warn( | |
383 | inode, | |
384 | "The size of extended attributes must not exceed 64KiB"); | |
be71b5cb KK |
385 | err = -EFBIG; // -EINVAL? |
386 | goto out; | |
387 | } | |
be71b5cb KK |
388 | |
389 | update_ea: | |
390 | ||
391 | if (!info) { | |
e8b8e97f | 392 | /* Create xattr. */ |
be71b5cb KK |
393 | if (!size) { |
394 | err = 0; | |
395 | goto out; | |
396 | } | |
397 | ||
398 | err = ni_insert_resident(ni, sizeof(struct EA_INFO), | |
78ab59fe KK |
399 | ATTR_EA_INFO, NULL, 0, NULL, NULL, |
400 | NULL); | |
be71b5cb KK |
401 | if (err) |
402 | goto out; | |
403 | ||
78ab59fe KK |
404 | err = ni_insert_resident(ni, 0, ATTR_EA, NULL, 0, NULL, NULL, |
405 | NULL); | |
be71b5cb KK |
406 | if (err) |
407 | goto out; | |
408 | } | |
409 | ||
410 | new_sz = size; | |
411 | err = attr_set_size(ni, ATTR_EA, NULL, 0, &ea_run, new_sz, &new_sz, | |
412 | false, NULL); | |
413 | if (err) | |
414 | goto out; | |
415 | ||
416 | le = NULL; | |
417 | attr = ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, &mi); | |
418 | if (!attr) { | |
419 | err = -EINVAL; | |
420 | goto out; | |
421 | } | |
422 | ||
423 | if (!size) { | |
e8b8e97f | 424 | /* Delete xattr, ATTR_EA_INFO */ |
78ab59fe | 425 | ni_remove_attr_le(ni, attr, mi, le); |
be71b5cb KK |
426 | } else { |
427 | p = resident_data_ex(attr, sizeof(struct EA_INFO)); | |
428 | if (!p) { | |
429 | err = -EINVAL; | |
430 | goto out; | |
431 | } | |
432 | memcpy(p, &ea_info, sizeof(struct EA_INFO)); | |
433 | mi->dirty = true; | |
434 | } | |
435 | ||
436 | le = NULL; | |
437 | attr = ni_find_attr(ni, NULL, &le, ATTR_EA, NULL, 0, NULL, &mi); | |
438 | if (!attr) { | |
439 | err = -EINVAL; | |
440 | goto out; | |
441 | } | |
442 | ||
443 | if (!size) { | |
e8b8e97f | 444 | /* Delete xattr, ATTR_EA */ |
78ab59fe | 445 | ni_remove_attr_le(ni, attr, mi, le); |
be71b5cb | 446 | } else if (attr->non_res) { |
42f86b12 KK |
447 | err = attr_load_runs_range(ni, ATTR_EA, NULL, 0, &ea_run, 0, |
448 | size); | |
449 | if (err) | |
450 | goto out; | |
451 | ||
63544672 | 452 | err = ntfs_sb_write_run(sbi, &ea_run, 0, ea_all, size, 0); |
be71b5cb KK |
453 | if (err) |
454 | goto out; | |
455 | } else { | |
456 | p = resident_data_ex(attr, size); | |
457 | if (!p) { | |
458 | err = -EINVAL; | |
459 | goto out; | |
460 | } | |
461 | memcpy(p, ea_all, size); | |
462 | mi->dirty = true; | |
463 | } | |
464 | ||
e8b8e97f | 465 | /* Check if we delete the last xattr. */ |
be71b5cb KK |
466 | if (size) |
467 | ni->ni_flags |= NI_FLAG_EA; | |
468 | else | |
469 | ni->ni_flags &= ~NI_FLAG_EA; | |
470 | ||
471 | if (ea_info.size_pack != size_pack) | |
472 | ni->ni_flags |= NI_FLAG_UPDATE_PARENT; | |
473 | mark_inode_dirty(&ni->vfs_inode); | |
474 | ||
475 | out: | |
3a2154b2 KK |
476 | if (!locked) |
477 | ni_unlock(ni); | |
be71b5cb KK |
478 | |
479 | run_close(&ea_run); | |
195c52bd | 480 | kfree(ea_all); |
be71b5cb KK |
481 | |
482 | return err; | |
483 | } | |
484 | ||
485 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL | |
0c3bc789 | 486 | static struct posix_acl *ntfs_get_acl_ex(struct inode *inode, int type, |
be71b5cb KK |
487 | int locked) |
488 | { | |
489 | struct ntfs_inode *ni = ntfs_i(inode); | |
490 | const char *name; | |
491 | size_t name_len; | |
492 | struct posix_acl *acl; | |
493 | size_t req; | |
494 | int err; | |
495 | void *buf; | |
496 | ||
e8b8e97f | 497 | /* Allocate PATH_MAX bytes. */ |
be71b5cb KK |
498 | buf = __getname(); |
499 | if (!buf) | |
500 | return ERR_PTR(-ENOMEM); | |
501 | ||
e8b8e97f | 502 | /* Possible values of 'type' was already checked above. */ |
be71b5cb KK |
503 | if (type == ACL_TYPE_ACCESS) { |
504 | name = XATTR_NAME_POSIX_ACL_ACCESS; | |
505 | name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1; | |
506 | } else { | |
507 | name = XATTR_NAME_POSIX_ACL_DEFAULT; | |
508 | name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1; | |
509 | } | |
510 | ||
511 | if (!locked) | |
512 | ni_lock(ni); | |
513 | ||
514 | err = ntfs_get_ea(inode, name, name_len, buf, PATH_MAX, &req); | |
515 | ||
516 | if (!locked) | |
517 | ni_unlock(ni); | |
518 | ||
e8b8e97f | 519 | /* Translate extended attribute to acl. */ |
2926e429 | 520 | if (err >= 0) { |
0c3bc789 | 521 | acl = posix_acl_from_xattr(&init_user_ns, buf, err); |
0bd5fdb8 KK |
522 | } else if (err == -ENODATA) { |
523 | acl = NULL; | |
be71b5cb | 524 | } else { |
0bd5fdb8 | 525 | acl = ERR_PTR(err); |
be71b5cb KK |
526 | } |
527 | ||
0bd5fdb8 KK |
528 | if (!IS_ERR(acl)) |
529 | set_cached_acl(inode, type, acl); | |
530 | ||
be71b5cb KK |
531 | __putname(buf); |
532 | ||
533 | return acl; | |
534 | } | |
535 | ||
536 | /* | |
e8b8e97f | 537 | * ntfs_get_acl - inode_operations::get_acl |
be71b5cb | 538 | */ |
f7464060 | 539 | struct posix_acl *ntfs_get_acl(struct inode *inode, int type, bool rcu) |
be71b5cb | 540 | { |
f7464060 LT |
541 | if (rcu) |
542 | return ERR_PTR(-ECHILD); | |
543 | ||
0c3bc789 | 544 | return ntfs_get_acl_ex(inode, type, 0); |
be71b5cb KK |
545 | } |
546 | ||
547 | static noinline int ntfs_set_acl_ex(struct user_namespace *mnt_userns, | |
548 | struct inode *inode, struct posix_acl *acl, | |
9186d472 | 549 | int type, bool init_acl) |
be71b5cb KK |
550 | { |
551 | const char *name; | |
552 | size_t size, name_len; | |
460bbf29 KK |
553 | void *value; |
554 | int err; | |
398c35f4 | 555 | int flags; |
460bbf29 | 556 | umode_t mode; |
be71b5cb KK |
557 | |
558 | if (S_ISLNK(inode->i_mode)) | |
559 | return -EOPNOTSUPP; | |
560 | ||
460bbf29 | 561 | mode = inode->i_mode; |
be71b5cb KK |
562 | switch (type) { |
563 | case ACL_TYPE_ACCESS: | |
9186d472 KK |
564 | /* Do not change i_mode if we are in init_acl */ |
565 | if (acl && !init_acl) { | |
ba77237e KK |
566 | err = posix_acl_update_mode(mnt_userns, inode, &mode, |
567 | &acl); | |
568 | if (err) | |
d4073595 | 569 | return err; |
be71b5cb KK |
570 | } |
571 | name = XATTR_NAME_POSIX_ACL_ACCESS; | |
572 | name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1; | |
573 | break; | |
574 | ||
575 | case ACL_TYPE_DEFAULT: | |
576 | if (!S_ISDIR(inode->i_mode)) | |
577 | return acl ? -EACCES : 0; | |
578 | name = XATTR_NAME_POSIX_ACL_DEFAULT; | |
579 | name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1; | |
580 | break; | |
581 | ||
582 | default: | |
583 | return -EINVAL; | |
584 | } | |
585 | ||
586 | if (!acl) { | |
398c35f4 | 587 | /* Remove xattr if it can be presented via mode. */ |
be71b5cb KK |
588 | size = 0; |
589 | value = NULL; | |
398c35f4 | 590 | flags = XATTR_REPLACE; |
be71b5cb KK |
591 | } else { |
592 | size = posix_acl_xattr_size(acl->a_count); | |
195c52bd | 593 | value = kmalloc(size, GFP_NOFS); |
be71b5cb KK |
594 | if (!value) |
595 | return -ENOMEM; | |
0c3bc789 | 596 | err = posix_acl_to_xattr(&init_user_ns, acl, value, size); |
be71b5cb KK |
597 | if (err < 0) |
598 | goto out; | |
398c35f4 | 599 | flags = 0; |
be71b5cb KK |
600 | } |
601 | ||
3a2154b2 | 602 | err = ntfs_set_ea(inode, name, name_len, value, size, flags, 0); |
398c35f4 KK |
603 | if (err == -ENODATA && !size) |
604 | err = 0; /* Removing non existed xattr. */ | |
460bbf29 | 605 | if (!err) { |
be71b5cb | 606 | set_cached_acl(inode, type, acl); |
460bbf29 KK |
607 | if (inode->i_mode != mode) { |
608 | inode->i_mode = mode; | |
609 | mark_inode_dirty(inode); | |
610 | } | |
611 | } | |
be71b5cb KK |
612 | |
613 | out: | |
195c52bd | 614 | kfree(value); |
be71b5cb KK |
615 | |
616 | return err; | |
617 | } | |
618 | ||
619 | /* | |
e8b8e97f | 620 | * ntfs_set_acl - inode_operations::set_acl |
be71b5cb KK |
621 | */ |
622 | int ntfs_set_acl(struct user_namespace *mnt_userns, struct inode *inode, | |
623 | struct posix_acl *acl, int type) | |
624 | { | |
9186d472 | 625 | return ntfs_set_acl_ex(mnt_userns, inode, acl, type, false); |
be71b5cb KK |
626 | } |
627 | ||
87e21c99 KK |
628 | static int ntfs_xattr_get_acl(struct user_namespace *mnt_userns, |
629 | struct inode *inode, int type, void *buffer, | |
630 | size_t size) | |
631 | { | |
632 | struct posix_acl *acl; | |
633 | int err; | |
634 | ||
635 | if (!(inode->i_sb->s_flags & SB_POSIXACL)) { | |
636 | ntfs_inode_warn(inode, "add mount option \"acl\" to use acl"); | |
637 | return -EOPNOTSUPP; | |
638 | } | |
639 | ||
640 | acl = ntfs_get_acl(inode, type, false); | |
641 | if (IS_ERR(acl)) | |
642 | return PTR_ERR(acl); | |
643 | ||
644 | if (!acl) | |
645 | return -ENODATA; | |
646 | ||
0c3bc789 | 647 | err = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); |
87e21c99 KK |
648 | posix_acl_release(acl); |
649 | ||
650 | return err; | |
651 | } | |
652 | ||
653 | static int ntfs_xattr_set_acl(struct user_namespace *mnt_userns, | |
654 | struct inode *inode, int type, const void *value, | |
655 | size_t size) | |
656 | { | |
657 | struct posix_acl *acl; | |
658 | int err; | |
659 | ||
660 | if (!(inode->i_sb->s_flags & SB_POSIXACL)) { | |
661 | ntfs_inode_warn(inode, "add mount option \"acl\" to use acl"); | |
662 | return -EOPNOTSUPP; | |
663 | } | |
664 | ||
665 | if (!inode_owner_or_capable(mnt_userns, inode)) | |
666 | return -EPERM; | |
667 | ||
668 | if (!value) { | |
669 | acl = NULL; | |
670 | } else { | |
0c3bc789 | 671 | acl = posix_acl_from_xattr(&init_user_ns, value, size); |
87e21c99 KK |
672 | if (IS_ERR(acl)) |
673 | return PTR_ERR(acl); | |
674 | ||
675 | if (acl) { | |
0c3bc789 | 676 | err = posix_acl_valid(&init_user_ns, acl); |
87e21c99 KK |
677 | if (err) |
678 | goto release_and_out; | |
679 | } | |
680 | } | |
681 | ||
682 | err = ntfs_set_acl(mnt_userns, inode, acl, type); | |
683 | ||
684 | release_and_out: | |
685 | posix_acl_release(acl); | |
686 | return err; | |
687 | } | |
688 | ||
be71b5cb | 689 | /* |
e8b8e97f KA |
690 | * ntfs_init_acl - Initialize the ACLs of a new inode. |
691 | * | |
692 | * Called from ntfs_create_inode(). | |
be71b5cb KK |
693 | */ |
694 | int ntfs_init_acl(struct user_namespace *mnt_userns, struct inode *inode, | |
695 | struct inode *dir) | |
696 | { | |
697 | struct posix_acl *default_acl, *acl; | |
698 | int err; | |
699 | ||
66019837 KK |
700 | err = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); |
701 | if (err) | |
702 | return err; | |
be71b5cb | 703 | |
66019837 | 704 | if (default_acl) { |
be71b5cb | 705 | err = ntfs_set_acl_ex(mnt_userns, inode, default_acl, |
9186d472 | 706 | ACL_TYPE_DEFAULT, true); |
be71b5cb | 707 | posix_acl_release(default_acl); |
66019837 KK |
708 | } else { |
709 | inode->i_default_acl = NULL; | |
be71b5cb KK |
710 | } |
711 | ||
19e890ff | 712 | if (acl) { |
66019837 KK |
713 | if (!err) |
714 | err = ntfs_set_acl_ex(mnt_userns, inode, acl, | |
9186d472 | 715 | ACL_TYPE_ACCESS, true); |
66019837 | 716 | posix_acl_release(acl); |
19e890ff YX |
717 | } else { |
718 | inode->i_acl = NULL; | |
66019837 | 719 | } |
be71b5cb | 720 | |
be71b5cb KK |
721 | return err; |
722 | } | |
723 | #endif | |
724 | ||
725 | /* | |
e8b8e97f | 726 | * ntfs_acl_chmod - Helper for ntfs3_setattr(). |
be71b5cb KK |
727 | */ |
728 | int ntfs_acl_chmod(struct user_namespace *mnt_userns, struct inode *inode) | |
729 | { | |
730 | struct super_block *sb = inode->i_sb; | |
731 | ||
732 | if (!(sb->s_flags & SB_POSIXACL)) | |
733 | return 0; | |
734 | ||
735 | if (S_ISLNK(inode->i_mode)) | |
736 | return -EOPNOTSUPP; | |
737 | ||
738 | return posix_acl_chmod(mnt_userns, inode, inode->i_mode); | |
739 | } | |
740 | ||
741 | /* | |
e8b8e97f | 742 | * ntfs_permission - inode_operations::permission |
be71b5cb KK |
743 | */ |
744 | int ntfs_permission(struct user_namespace *mnt_userns, struct inode *inode, | |
745 | int mask) | |
746 | { | |
28a941ff | 747 | if (ntfs_sb(inode->i_sb)->options->noacsrules) { |
e8b8e97f | 748 | /* "No access rules" mode - Allow all changes. */ |
be71b5cb KK |
749 | return 0; |
750 | } | |
751 | ||
752 | return generic_permission(mnt_userns, inode, mask); | |
753 | } | |
754 | ||
755 | /* | |
e8b8e97f | 756 | * ntfs_listxattr - inode_operations::listxattr |
be71b5cb KK |
757 | */ |
758 | ssize_t ntfs_listxattr(struct dentry *dentry, char *buffer, size_t size) | |
759 | { | |
760 | struct inode *inode = d_inode(dentry); | |
761 | struct ntfs_inode *ni = ntfs_i(inode); | |
762 | ssize_t ret; | |
763 | ||
764 | if (!(ni->ni_flags & NI_FLAG_EA)) { | |
765 | /* no xattr in file */ | |
766 | return 0; | |
767 | } | |
768 | ||
769 | ni_lock(ni); | |
770 | ||
771 | ret = ntfs_list_ea(ni, buffer, size); | |
772 | ||
773 | ni_unlock(ni); | |
774 | ||
775 | return ret; | |
776 | } | |
777 | ||
778 | static int ntfs_getxattr(const struct xattr_handler *handler, struct dentry *de, | |
779 | struct inode *inode, const char *name, void *buffer, | |
780 | size_t size) | |
781 | { | |
782 | int err; | |
783 | struct ntfs_inode *ni = ntfs_i(inode); | |
784 | size_t name_len = strlen(name); | |
785 | ||
e8b8e97f | 786 | /* Dispatch request. */ |
be71b5cb KK |
787 | if (name_len == sizeof(SYSTEM_DOS_ATTRIB) - 1 && |
788 | !memcmp(name, SYSTEM_DOS_ATTRIB, sizeof(SYSTEM_DOS_ATTRIB))) { | |
789 | /* system.dos_attrib */ | |
790 | if (!buffer) { | |
791 | err = sizeof(u8); | |
792 | } else if (size < sizeof(u8)) { | |
793 | err = -ENODATA; | |
794 | } else { | |
795 | err = sizeof(u8); | |
796 | *(u8 *)buffer = le32_to_cpu(ni->std_fa); | |
797 | } | |
798 | goto out; | |
799 | } | |
800 | ||
801 | if (name_len == sizeof(SYSTEM_NTFS_ATTRIB) - 1 && | |
802 | !memcmp(name, SYSTEM_NTFS_ATTRIB, sizeof(SYSTEM_NTFS_ATTRIB))) { | |
803 | /* system.ntfs_attrib */ | |
804 | if (!buffer) { | |
805 | err = sizeof(u32); | |
806 | } else if (size < sizeof(u32)) { | |
807 | err = -ENODATA; | |
808 | } else { | |
809 | err = sizeof(u32); | |
810 | *(u32 *)buffer = le32_to_cpu(ni->std_fa); | |
811 | } | |
812 | goto out; | |
813 | } | |
814 | ||
815 | if (name_len == sizeof(SYSTEM_NTFS_SECURITY) - 1 && | |
816 | !memcmp(name, SYSTEM_NTFS_SECURITY, sizeof(SYSTEM_NTFS_SECURITY))) { | |
817 | /* system.ntfs_security*/ | |
818 | struct SECURITY_DESCRIPTOR_RELATIVE *sd = NULL; | |
819 | size_t sd_size = 0; | |
820 | ||
821 | if (!is_ntfs3(ni->mi.sbi)) { | |
e8b8e97f | 822 | /* We should get nt4 security. */ |
be71b5cb KK |
823 | err = -EINVAL; |
824 | goto out; | |
825 | } else if (le32_to_cpu(ni->std_security_id) < | |
826 | SECURITY_ID_FIRST) { | |
827 | err = -ENOENT; | |
828 | goto out; | |
829 | } | |
830 | ||
831 | err = ntfs_get_security_by_id(ni->mi.sbi, ni->std_security_id, | |
832 | &sd, &sd_size); | |
833 | if (err) | |
834 | goto out; | |
835 | ||
836 | if (!is_sd_valid(sd, sd_size)) { | |
837 | ntfs_inode_warn( | |
838 | inode, | |
839 | "looks like you get incorrect security descriptor id=%u", | |
840 | ni->std_security_id); | |
841 | } | |
842 | ||
843 | if (!buffer) { | |
844 | err = sd_size; | |
845 | } else if (size < sd_size) { | |
846 | err = -ENODATA; | |
847 | } else { | |
848 | err = sd_size; | |
849 | memcpy(buffer, sd, sd_size); | |
850 | } | |
195c52bd | 851 | kfree(sd); |
be71b5cb KK |
852 | goto out; |
853 | } | |
854 | ||
87e21c99 KK |
855 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL |
856 | if ((name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 && | |
857 | !memcmp(name, XATTR_NAME_POSIX_ACL_ACCESS, | |
858 | sizeof(XATTR_NAME_POSIX_ACL_ACCESS))) || | |
859 | (name_len == sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1 && | |
860 | !memcmp(name, XATTR_NAME_POSIX_ACL_DEFAULT, | |
861 | sizeof(XATTR_NAME_POSIX_ACL_DEFAULT)))) { | |
862 | /* TODO: init_user_ns? */ | |
863 | err = ntfs_xattr_get_acl( | |
864 | &init_user_ns, inode, | |
865 | name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 | |
866 | ? ACL_TYPE_ACCESS | |
867 | : ACL_TYPE_DEFAULT, | |
868 | buffer, size); | |
869 | goto out; | |
870 | } | |
871 | #endif | |
e8b8e97f | 872 | /* Deal with NTFS extended attribute. */ |
be71b5cb KK |
873 | err = ntfs_get_ea(inode, name, name_len, buffer, size, NULL); |
874 | ||
875 | out: | |
876 | return err; | |
877 | } | |
878 | ||
879 | /* | |
e8b8e97f | 880 | * ntfs_setxattr - inode_operations::setxattr |
be71b5cb KK |
881 | */ |
882 | static noinline int ntfs_setxattr(const struct xattr_handler *handler, | |
883 | struct user_namespace *mnt_userns, | |
884 | struct dentry *de, struct inode *inode, | |
885 | const char *name, const void *value, | |
886 | size_t size, int flags) | |
887 | { | |
888 | int err = -EINVAL; | |
889 | struct ntfs_inode *ni = ntfs_i(inode); | |
890 | size_t name_len = strlen(name); | |
891 | enum FILE_ATTRIBUTE new_fa; | |
892 | ||
e8b8e97f | 893 | /* Dispatch request. */ |
be71b5cb KK |
894 | if (name_len == sizeof(SYSTEM_DOS_ATTRIB) - 1 && |
895 | !memcmp(name, SYSTEM_DOS_ATTRIB, sizeof(SYSTEM_DOS_ATTRIB))) { | |
896 | if (sizeof(u8) != size) | |
897 | goto out; | |
898 | new_fa = cpu_to_le32(*(u8 *)value); | |
899 | goto set_new_fa; | |
900 | } | |
901 | ||
902 | if (name_len == sizeof(SYSTEM_NTFS_ATTRIB) - 1 && | |
903 | !memcmp(name, SYSTEM_NTFS_ATTRIB, sizeof(SYSTEM_NTFS_ATTRIB))) { | |
904 | if (size != sizeof(u32)) | |
905 | goto out; | |
906 | new_fa = cpu_to_le32(*(u32 *)value); | |
907 | ||
908 | if (S_ISREG(inode->i_mode)) { | |
e8b8e97f | 909 | /* Process compressed/sparsed in special way. */ |
be71b5cb KK |
910 | ni_lock(ni); |
911 | err = ni_new_attr_flags(ni, new_fa); | |
912 | ni_unlock(ni); | |
913 | if (err) | |
914 | goto out; | |
915 | } | |
916 | set_new_fa: | |
917 | /* | |
918 | * Thanks Mark Harmstone: | |
e8b8e97f | 919 | * Keep directory bit consistency. |
be71b5cb KK |
920 | */ |
921 | if (S_ISDIR(inode->i_mode)) | |
922 | new_fa |= FILE_ATTRIBUTE_DIRECTORY; | |
923 | else | |
924 | new_fa &= ~FILE_ATTRIBUTE_DIRECTORY; | |
925 | ||
926 | if (ni->std_fa != new_fa) { | |
927 | ni->std_fa = new_fa; | |
928 | if (new_fa & FILE_ATTRIBUTE_READONLY) | |
929 | inode->i_mode &= ~0222; | |
930 | else | |
931 | inode->i_mode |= 0222; | |
e8b8e97f | 932 | /* Std attribute always in primary record. */ |
be71b5cb KK |
933 | ni->mi.dirty = true; |
934 | mark_inode_dirty(inode); | |
935 | } | |
936 | err = 0; | |
937 | ||
938 | goto out; | |
939 | } | |
940 | ||
941 | if (name_len == sizeof(SYSTEM_NTFS_SECURITY) - 1 && | |
942 | !memcmp(name, SYSTEM_NTFS_SECURITY, sizeof(SYSTEM_NTFS_SECURITY))) { | |
943 | /* system.ntfs_security*/ | |
944 | __le32 security_id; | |
945 | bool inserted; | |
946 | struct ATTR_STD_INFO5 *std; | |
947 | ||
948 | if (!is_ntfs3(ni->mi.sbi)) { | |
949 | /* | |
e8b8e97f KA |
950 | * We should replace ATTR_SECURE. |
951 | * Skip this way cause it is nt4 feature. | |
be71b5cb KK |
952 | */ |
953 | err = -EINVAL; | |
954 | goto out; | |
955 | } | |
956 | ||
957 | if (!is_sd_valid(value, size)) { | |
958 | err = -EINVAL; | |
959 | ntfs_inode_warn( | |
960 | inode, | |
961 | "you try to set invalid security descriptor"); | |
962 | goto out; | |
963 | } | |
964 | ||
965 | err = ntfs_insert_security(ni->mi.sbi, value, size, | |
966 | &security_id, &inserted); | |
967 | if (err) | |
968 | goto out; | |
969 | ||
970 | ni_lock(ni); | |
971 | std = ni_std5(ni); | |
972 | if (!std) { | |
973 | err = -EINVAL; | |
974 | } else if (std->security_id != security_id) { | |
975 | std->security_id = ni->std_security_id = security_id; | |
e8b8e97f | 976 | /* Std attribute always in primary record. */ |
be71b5cb KK |
977 | ni->mi.dirty = true; |
978 | mark_inode_dirty(&ni->vfs_inode); | |
979 | } | |
980 | ni_unlock(ni); | |
981 | goto out; | |
982 | } | |
983 | ||
87e21c99 KK |
984 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL |
985 | if ((name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 && | |
986 | !memcmp(name, XATTR_NAME_POSIX_ACL_ACCESS, | |
987 | sizeof(XATTR_NAME_POSIX_ACL_ACCESS))) || | |
988 | (name_len == sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1 && | |
989 | !memcmp(name, XATTR_NAME_POSIX_ACL_DEFAULT, | |
990 | sizeof(XATTR_NAME_POSIX_ACL_DEFAULT)))) { | |
991 | err = ntfs_xattr_set_acl( | |
992 | mnt_userns, inode, | |
993 | name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 | |
994 | ? ACL_TYPE_ACCESS | |
995 | : ACL_TYPE_DEFAULT, | |
996 | value, size); | |
997 | goto out; | |
998 | } | |
999 | #endif | |
e8b8e97f | 1000 | /* Deal with NTFS extended attribute. */ |
3a2154b2 | 1001 | err = ntfs_set_ea(inode, name, name_len, value, size, flags, 0); |
be71b5cb KK |
1002 | |
1003 | out: | |
2d44667c KK |
1004 | inode->i_ctime = current_time(inode); |
1005 | mark_inode_dirty(inode); | |
1006 | ||
be71b5cb KK |
1007 | return err; |
1008 | } | |
1009 | ||
1010 | /* | |
1011 | * ntfs_save_wsl_perm | |
1012 | * | |
1013 | * save uid/gid/mode in xattr | |
1014 | */ | |
1015 | int ntfs_save_wsl_perm(struct inode *inode) | |
1016 | { | |
1017 | int err; | |
1018 | __le32 value; | |
3a2154b2 | 1019 | struct ntfs_inode *ni = ntfs_i(inode); |
be71b5cb | 1020 | |
3a2154b2 | 1021 | ni_lock(ni); |
be71b5cb KK |
1022 | value = cpu_to_le32(i_uid_read(inode)); |
1023 | err = ntfs_set_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value, | |
3a2154b2 | 1024 | sizeof(value), 0, true); /* true == already locked. */ |
be71b5cb KK |
1025 | if (err) |
1026 | goto out; | |
1027 | ||
1028 | value = cpu_to_le32(i_gid_read(inode)); | |
1029 | err = ntfs_set_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value, | |
3a2154b2 | 1030 | sizeof(value), 0, true); |
be71b5cb KK |
1031 | if (err) |
1032 | goto out; | |
1033 | ||
1034 | value = cpu_to_le32(inode->i_mode); | |
1035 | err = ntfs_set_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value, | |
3a2154b2 | 1036 | sizeof(value), 0, true); |
be71b5cb KK |
1037 | if (err) |
1038 | goto out; | |
1039 | ||
1040 | if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode)) { | |
1041 | value = cpu_to_le32(inode->i_rdev); | |
1042 | err = ntfs_set_ea(inode, "$LXDEV", sizeof("$LXDEV") - 1, &value, | |
3a2154b2 | 1043 | sizeof(value), 0, true); |
be71b5cb KK |
1044 | if (err) |
1045 | goto out; | |
1046 | } | |
1047 | ||
1048 | out: | |
3a2154b2 | 1049 | ni_unlock(ni); |
be71b5cb KK |
1050 | /* In case of error should we delete all WSL xattr? */ |
1051 | return err; | |
1052 | } | |
1053 | ||
1054 | /* | |
1055 | * ntfs_get_wsl_perm | |
1056 | * | |
1057 | * get uid/gid/mode from xattr | |
1058 | * it is called from ntfs_iget5->ntfs_read_mft | |
1059 | */ | |
1060 | void ntfs_get_wsl_perm(struct inode *inode) | |
1061 | { | |
1062 | size_t sz; | |
1063 | __le32 value[3]; | |
1064 | ||
1065 | if (ntfs_get_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value[0], | |
1066 | sizeof(value[0]), &sz) == sizeof(value[0]) && | |
1067 | ntfs_get_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value[1], | |
1068 | sizeof(value[1]), &sz) == sizeof(value[1]) && | |
1069 | ntfs_get_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value[2], | |
1070 | sizeof(value[2]), &sz) == sizeof(value[2])) { | |
1071 | i_uid_write(inode, (uid_t)le32_to_cpu(value[0])); | |
1072 | i_gid_write(inode, (gid_t)le32_to_cpu(value[1])); | |
1073 | inode->i_mode = le32_to_cpu(value[2]); | |
1074 | ||
1075 | if (ntfs_get_ea(inode, "$LXDEV", sizeof("$$LXDEV") - 1, | |
1076 | &value[0], sizeof(value), | |
1077 | &sz) == sizeof(value[0])) { | |
1078 | inode->i_rdev = le32_to_cpu(value[0]); | |
1079 | } | |
1080 | } | |
1081 | } | |
1082 | ||
1083 | static bool ntfs_xattr_user_list(struct dentry *dentry) | |
1084 | { | |
1085 | return true; | |
1086 | } | |
1087 | ||
1088 | // clang-format off | |
1089 | static const struct xattr_handler ntfs_xattr_handler = { | |
1090 | .prefix = "", | |
1091 | .get = ntfs_getxattr, | |
1092 | .set = ntfs_setxattr, | |
1093 | .list = ntfs_xattr_user_list, | |
1094 | }; | |
1095 | ||
1096 | const struct xattr_handler *ntfs_xattr_handlers[] = { | |
1097 | &ntfs_xattr_handler, | |
1098 | NULL, | |
1099 | }; | |
1100 | // clang-format on |