[linux-block.git] / fs / fuse / acl.c

/*
 * FUSE: Filesystem in Userspace
 * Copyright (C) 2016 Canonical Ltd. <seth.forshee@canonical.com>
 *
 * This program can be distributed under the terms of the GNU GPL.
 * See the file COPYING.
 */

#include "fuse_i.h"

#include <linux/posix_acl.h>
#include <linux/posix_acl_xattr.h>

struct posix_acl *fuse_get_acl(struct inode *inode, int type, bool rcu)
{
	struct fuse_conn *fc = get_fuse_conn(inode);
	int size;
	const char *name;
	void *value = NULL;
	struct posix_acl *acl;

	if (rcu)
		return ERR_PTR(-ECHILD);

	if (fuse_is_bad(inode))
		return ERR_PTR(-EIO);

	if (!fc->posix_acl || fc->no_getxattr)
		return NULL;

	if (type == ACL_TYPE_ACCESS)
		name = XATTR_NAME_POSIX_ACL_ACCESS;
	else if (type == ACL_TYPE_DEFAULT)
		name = XATTR_NAME_POSIX_ACL_DEFAULT;
	else
		return ERR_PTR(-EOPNOTSUPP);

	value = kmalloc(PAGE_SIZE, GFP_KERNEL);
	if (!value)
		return ERR_PTR(-ENOMEM);
	size = fuse_getxattr(inode, name, value, PAGE_SIZE);
	if (size > 0)
		acl = posix_acl_from_xattr(fc->user_ns, value, size);
	else if ((size == 0) || (size == -ENODATA) ||
		 (size == -EOPNOTSUPP && fc->no_getxattr))
		acl = NULL;
	else if (size == -ERANGE)
		acl = ERR_PTR(-E2BIG);
	else
		acl = ERR_PTR(size);

	kfree(value);
	return acl;
}

int fuse_set_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
		 struct posix_acl *acl, int type)
{
	struct inode *inode = d_inode(dentry);
	struct fuse_conn *fc = get_fuse_conn(inode);
	const char *name;
	int ret;

	if (fuse_is_bad(inode))
		return -EIO;

	if (!fc->posix_acl || fc->no_setxattr)
		return -EOPNOTSUPP;

	if (type == ACL_TYPE_ACCESS)
		name = XATTR_NAME_POSIX_ACL_ACCESS;
	else if (type == ACL_TYPE_DEFAULT)
		name = XATTR_NAME_POSIX_ACL_DEFAULT;
	else
		return -EINVAL;

	if (acl) {
		unsigned int extra_flags = 0;
		/*
		 * Fuse userspace is responsible for updating access
		 * permissions in the inode, if needed. fuse_setxattr
		 * invalidates the inode attributes, which will force
		 * them to be refreshed the next time they are used,
		 * and it also updates i_ctime.
		 */
		size_t size = posix_acl_xattr_size(acl->a_count);
		void *value;

		if (size > PAGE_SIZE)
			return -E2BIG;

		value = kmalloc(size, GFP_KERNEL);
		if (!value)
			return -ENOMEM;

		ret = posix_acl_to_xattr(fc->user_ns, acl, value, size);
		if (ret < 0) {
			kfree(value);
			return ret;
		}

		if (!vfsgid_in_group_p(i_gid_into_vfsgid(&init_user_ns, inode)) &&
		    !capable_wrt_inode_uidgid(&init_user_ns, inode, CAP_FSETID))
			extra_flags |= FUSE_SETXATTR_ACL_KILL_SGID;

		ret = fuse_setxattr(inode, name, value, size, 0, extra_flags);
		kfree(value);
	} else {
		ret = fuse_removexattr(inode, name);
	}
	forget_all_cached_acls(inode);
	fuse_invalidate_attr(inode);

	return ret;
}
Commit	Line	Data
60bcc88a SF	1	/*
	2	* FUSE: Filesystem in Userspace
	3	* Copyright (C) 2016 Canonical Ltd. <seth.forshee@canonical.com>
	4	*
	5	* This program can be distributed under the terms of the GNU GPL.
	6	* See the file COPYING.
	7	*/
	8
	9	#include "fuse_i.h"
	10
	11	#include <linux/posix_acl.h>
	12	#include <linux/posix_acl_xattr.h>
	13
0cad6246	14	struct posix_acl fuse_get_acl(struct inode inode, int type, bool rcu)
60bcc88a SF	15	{
	16	struct fuse_conn *fc = get_fuse_conn(inode);
	17	int size;
	18	const char *name;
	19	void *value = NULL;
	20	struct posix_acl *acl;
	21
0cad6246 MS	22	if (rcu)
	23	return ERR_PTR(-ECHILD);
	24
5d069dbe MS	25	if (fuse_is_bad(inode))
	26	return ERR_PTR(-EIO);
	27
60bcc88a SF	28	if (!fc->posix_acl \|\| fc->no_getxattr)
	29	return NULL;
	30
	31	if (type == ACL_TYPE_ACCESS)
	32	name = XATTR_NAME_POSIX_ACL_ACCESS;
	33	else if (type == ACL_TYPE_DEFAULT)
	34	name = XATTR_NAME_POSIX_ACL_DEFAULT;
	35	else
	36	return ERR_PTR(-EOPNOTSUPP);
	37
	38	value = kmalloc(PAGE_SIZE, GFP_KERNEL);
	39	if (!value)
	40	return ERR_PTR(-ENOMEM);
	41	size = fuse_getxattr(inode, name, value, PAGE_SIZE);
	42	if (size > 0)
8cb08329	43	acl = posix_acl_from_xattr(fc->user_ns, value, size);
60bcc88a SF	44	else if ((size == 0) \|\| (size == -ENODATA) \|\|
	45	(size == -EOPNOTSUPP && fc->no_getxattr))
	46	acl = NULL;
	47	else if (size == -ERANGE)
	48	acl = ERR_PTR(-E2BIG);
	49	else
	50	acl = ERR_PTR(size);
	51
	52	kfree(value);
	53	return acl;
	54	}
	55
138060ba	56	int fuse_set_acl(struct user_namespace mnt_userns, struct dentry dentry,
549c7297	57	struct posix_acl *acl, int type)
60bcc88a	58	{
138060ba	59	struct inode *inode = d_inode(dentry);
60bcc88a SF	60	struct fuse_conn *fc = get_fuse_conn(inode);
	61	const char *name;
	62	int ret;
	63
5d069dbe MS	64	if (fuse_is_bad(inode))
	65	return -EIO;
	66
60bcc88a SF	67	if (!fc->posix_acl \|\| fc->no_setxattr)
	68	return -EOPNOTSUPP;
	69
	70	if (type == ACL_TYPE_ACCESS)
	71	name = XATTR_NAME_POSIX_ACL_ACCESS;
	72	else if (type == ACL_TYPE_DEFAULT)
	73	name = XATTR_NAME_POSIX_ACL_DEFAULT;
	74	else
	75	return -EINVAL;
	76
	77	if (acl) {
550a7d3b	78	unsigned int extra_flags = 0;
60bcc88a SF	79	/*
	80	* Fuse userspace is responsible for updating access
	81	* permissions in the inode, if needed. fuse_setxattr
	82	* invalidates the inode attributes, which will force
	83	* them to be refreshed the next time they are used,
	84	* and it also updates i_ctime.
	85	*/
	86	size_t size = posix_acl_xattr_size(acl->a_count);
	87	void *value;
	88
	89	if (size > PAGE_SIZE)
	90	return -E2BIG;
	91
	92	value = kmalloc(size, GFP_KERNEL);
	93	if (!value)
	94	return -ENOMEM;
	95
8cb08329	96	ret = posix_acl_to_xattr(fc->user_ns, acl, value, size);
60bcc88a SF	97	if (ret < 0) {
	98	kfree(value);
	99	return ret;
	100	}
	101
a03a972b	102	if (!vfsgid_in_group_p(i_gid_into_vfsgid(&init_user_ns, inode)) &&
550a7d3b VG	103	!capable_wrt_inode_uidgid(&init_user_ns, inode, CAP_FSETID))
	104	extra_flags \|= FUSE_SETXATTR_ACL_KILL_SGID;
	105
	106	ret = fuse_setxattr(inode, name, value, size, 0, extra_flags);
60bcc88a SF	107	kfree(value);
	108	} else {
	109	ret = fuse_removexattr(inode, name);
	110	}
	111	forget_all_cached_acls(inode);
	112	fuse_invalidate_attr(inode);
	113
	114	return ret;
	115	}