Commit | Line | Data |
---|---|---|
be71b5cb KK |
1 | // SPDX-License-Identifier: GPL-2.0 |
2 | /* | |
3 | * | |
4 | * Copyright (C) 2019-2021 Paragon Software GmbH, All rights reserved. | |
5 | * | |
6 | */ | |
7 | ||
be71b5cb | 8 | #include <linux/fs.h> |
be71b5cb KK |
9 | #include <linux/posix_acl.h> |
10 | #include <linux/posix_acl_xattr.h> | |
11 | #include <linux/xattr.h> | |
12 | ||
13 | #include "debug.h" | |
14 | #include "ntfs.h" | |
15 | #include "ntfs_fs.h" | |
16 | ||
17 | // clang-format off | |
18 | #define SYSTEM_DOS_ATTRIB "system.dos_attrib" | |
19 | #define SYSTEM_NTFS_ATTRIB "system.ntfs_attrib" | |
20 | #define SYSTEM_NTFS_SECURITY "system.ntfs_security" | |
21 | // clang-format on | |
22 | ||
23 | static inline size_t unpacked_ea_size(const struct EA_FULL *ea) | |
24 | { | |
25 | return ea->size ? le32_to_cpu(ea->size) | |
d3624466 KK |
26 | : ALIGN(struct_size(ea, name, |
27 | 1 + ea->name_len + | |
28 | le16_to_cpu(ea->elength)), | |
29 | 4); | |
be71b5cb KK |
30 | } |
31 | ||
32 | static inline size_t packed_ea_size(const struct EA_FULL *ea) | |
33 | { | |
34 | return struct_size(ea, name, | |
35 | 1 + ea->name_len + le16_to_cpu(ea->elength)) - | |
36 | offsetof(struct EA_FULL, flags); | |
37 | } | |
38 | ||
39 | /* | |
40 | * find_ea | |
41 | * | |
e8b8e97f | 42 | * Assume there is at least one xattr in the list. |
be71b5cb KK |
43 | */ |
44 | static inline bool find_ea(const struct EA_FULL *ea_all, u32 bytes, | |
45 | const char *name, u8 name_len, u32 *off) | |
46 | { | |
47 | *off = 0; | |
48 | ||
49 | if (!ea_all || !bytes) | |
50 | return false; | |
51 | ||
52 | for (;;) { | |
53 | const struct EA_FULL *ea = Add2Ptr(ea_all, *off); | |
54 | u32 next_off = *off + unpacked_ea_size(ea); | |
55 | ||
56 | if (next_off > bytes) | |
57 | return false; | |
58 | ||
59 | if (ea->name_len == name_len && | |
60 | !memcmp(ea->name, name, name_len)) | |
61 | return true; | |
62 | ||
63 | *off = next_off; | |
64 | if (next_off >= bytes) | |
65 | return false; | |
66 | } | |
67 | } | |
68 | ||
69 | /* | |
e8b8e97f KA |
70 | * ntfs_read_ea - Read all extended attributes. |
71 | * @ea: New allocated memory. | |
72 | * @info: Pointer into resident data. | |
be71b5cb KK |
73 | */ |
74 | static int ntfs_read_ea(struct ntfs_inode *ni, struct EA_FULL **ea, | |
75 | size_t add_bytes, const struct EA_INFO **info) | |
76 | { | |
77 | int err; | |
cff32466 | 78 | struct ntfs_sb_info *sbi = ni->mi.sbi; |
be71b5cb KK |
79 | struct ATTR_LIST_ENTRY *le = NULL; |
80 | struct ATTRIB *attr_info, *attr_ea; | |
81 | void *ea_p; | |
82 | u32 size; | |
83 | ||
84 | static_assert(le32_to_cpu(ATTR_EA_INFO) < le32_to_cpu(ATTR_EA)); | |
85 | ||
86 | *ea = NULL; | |
87 | *info = NULL; | |
88 | ||
89 | attr_info = | |
90 | ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, NULL); | |
91 | attr_ea = | |
92 | ni_find_attr(ni, attr_info, &le, ATTR_EA, NULL, 0, NULL, NULL); | |
93 | ||
94 | if (!attr_ea || !attr_info) | |
95 | return 0; | |
96 | ||
97 | *info = resident_data_ex(attr_info, sizeof(struct EA_INFO)); | |
98 | if (!*info) | |
99 | return -EINVAL; | |
100 | ||
e8b8e97f | 101 | /* Check Ea limit. */ |
be71b5cb | 102 | size = le32_to_cpu((*info)->size); |
cff32466 | 103 | if (size > sbi->ea_max_size) |
be71b5cb KK |
104 | return -EFBIG; |
105 | ||
cff32466 | 106 | if (attr_size(attr_ea) > sbi->ea_max_size) |
be71b5cb KK |
107 | return -EFBIG; |
108 | ||
e8b8e97f | 109 | /* Allocate memory for packed Ea. */ |
195c52bd | 110 | ea_p = kmalloc(size + add_bytes, GFP_NOFS); |
be71b5cb KK |
111 | if (!ea_p) |
112 | return -ENOMEM; | |
113 | ||
cff32466 | 114 | if (!size) { |
87e21c99 | 115 | /* EA info persists, but xattr is empty. Looks like EA problem. */ |
cff32466 | 116 | } else if (attr_ea->non_res) { |
be71b5cb KK |
117 | struct runs_tree run; |
118 | ||
119 | run_init(&run); | |
120 | ||
121 | err = attr_load_runs(attr_ea, ni, &run, NULL); | |
122 | if (!err) | |
cff32466 | 123 | err = ntfs_read_run_nb(sbi, &run, 0, ea_p, size, NULL); |
be71b5cb KK |
124 | run_close(&run); |
125 | ||
126 | if (err) | |
127 | goto out; | |
128 | } else { | |
129 | void *p = resident_data_ex(attr_ea, size); | |
130 | ||
131 | if (!p) { | |
132 | err = -EINVAL; | |
133 | goto out; | |
134 | } | |
135 | memcpy(ea_p, p, size); | |
136 | } | |
137 | ||
138 | memset(Add2Ptr(ea_p, size), 0, add_bytes); | |
139 | *ea = ea_p; | |
140 | return 0; | |
141 | ||
142 | out: | |
195c52bd | 143 | kfree(ea_p); |
be71b5cb KK |
144 | *ea = NULL; |
145 | return err; | |
146 | } | |
147 | ||
148 | /* | |
149 | * ntfs_list_ea | |
150 | * | |
e8b8e97f KA |
151 | * Copy a list of xattrs names into the buffer |
152 | * provided, or compute the buffer size required. | |
be71b5cb | 153 | * |
e8b8e97f KA |
154 | * Return: |
155 | * * Number of bytes used / required on | |
156 | * * -ERRNO - on failure | |
be71b5cb KK |
157 | */ |
158 | static ssize_t ntfs_list_ea(struct ntfs_inode *ni, char *buffer, | |
159 | size_t bytes_per_buffer) | |
160 | { | |
161 | const struct EA_INFO *info; | |
162 | struct EA_FULL *ea_all = NULL; | |
163 | const struct EA_FULL *ea; | |
164 | u32 off, size; | |
165 | int err; | |
166 | size_t ret; | |
167 | ||
168 | err = ntfs_read_ea(ni, &ea_all, 0, &info); | |
169 | if (err) | |
170 | return err; | |
171 | ||
172 | if (!info || !ea_all) | |
173 | return 0; | |
174 | ||
175 | size = le32_to_cpu(info->size); | |
176 | ||
e8b8e97f | 177 | /* Enumerate all xattrs. */ |
be71b5cb KK |
178 | for (ret = 0, off = 0; off < size; off += unpacked_ea_size(ea)) { |
179 | ea = Add2Ptr(ea_all, off); | |
180 | ||
181 | if (buffer) { | |
182 | if (ret + ea->name_len + 1 > bytes_per_buffer) { | |
183 | err = -ERANGE; | |
184 | goto out; | |
185 | } | |
186 | ||
187 | memcpy(buffer + ret, ea->name, ea->name_len); | |
188 | buffer[ret + ea->name_len] = 0; | |
189 | } | |
190 | ||
191 | ret += ea->name_len + 1; | |
192 | } | |
193 | ||
194 | out: | |
195c52bd | 195 | kfree(ea_all); |
be71b5cb KK |
196 | return err ? err : ret; |
197 | } | |
198 | ||
199 | static int ntfs_get_ea(struct inode *inode, const char *name, size_t name_len, | |
200 | void *buffer, size_t size, size_t *required) | |
201 | { | |
202 | struct ntfs_inode *ni = ntfs_i(inode); | |
203 | const struct EA_INFO *info; | |
204 | struct EA_FULL *ea_all = NULL; | |
205 | const struct EA_FULL *ea; | |
206 | u32 off, len; | |
207 | int err; | |
208 | ||
209 | if (!(ni->ni_flags & NI_FLAG_EA)) | |
210 | return -ENODATA; | |
211 | ||
212 | if (!required) | |
213 | ni_lock(ni); | |
214 | ||
215 | len = 0; | |
216 | ||
217 | if (name_len > 255) { | |
218 | err = -ENAMETOOLONG; | |
219 | goto out; | |
220 | } | |
221 | ||
222 | err = ntfs_read_ea(ni, &ea_all, 0, &info); | |
223 | if (err) | |
224 | goto out; | |
225 | ||
226 | if (!info) | |
227 | goto out; | |
228 | ||
e8b8e97f | 229 | /* Enumerate all xattrs. */ |
be71b5cb KK |
230 | if (!find_ea(ea_all, le32_to_cpu(info->size), name, name_len, &off)) { |
231 | err = -ENODATA; | |
232 | goto out; | |
233 | } | |
234 | ea = Add2Ptr(ea_all, off); | |
235 | ||
236 | len = le16_to_cpu(ea->elength); | |
237 | if (!buffer) { | |
238 | err = 0; | |
239 | goto out; | |
240 | } | |
241 | ||
242 | if (len > size) { | |
243 | err = -ERANGE; | |
244 | if (required) | |
245 | *required = len; | |
246 | goto out; | |
247 | } | |
248 | ||
249 | memcpy(buffer, ea->name + ea->name_len + 1, len); | |
250 | err = 0; | |
251 | ||
252 | out: | |
195c52bd | 253 | kfree(ea_all); |
be71b5cb KK |
254 | if (!required) |
255 | ni_unlock(ni); | |
256 | ||
257 | return err ? err : len; | |
258 | } | |
259 | ||
260 | static noinline int ntfs_set_ea(struct inode *inode, const char *name, | |
261 | size_t name_len, const void *value, | |
3a2154b2 | 262 | size_t val_size, int flags, bool locked) |
be71b5cb KK |
263 | { |
264 | struct ntfs_inode *ni = ntfs_i(inode); | |
265 | struct ntfs_sb_info *sbi = ni->mi.sbi; | |
266 | int err; | |
267 | struct EA_INFO ea_info; | |
268 | const struct EA_INFO *info; | |
269 | struct EA_FULL *new_ea; | |
270 | struct EA_FULL *ea_all = NULL; | |
271 | size_t add, new_pack; | |
272 | u32 off, size; | |
273 | __le16 size_pack; | |
274 | struct ATTRIB *attr; | |
275 | struct ATTR_LIST_ENTRY *le; | |
276 | struct mft_inode *mi; | |
277 | struct runs_tree ea_run; | |
278 | u64 new_sz; | |
279 | void *p; | |
280 | ||
3a2154b2 KK |
281 | if (!locked) |
282 | ni_lock(ni); | |
be71b5cb KK |
283 | |
284 | run_init(&ea_run); | |
285 | ||
286 | if (name_len > 255) { | |
287 | err = -ENAMETOOLONG; | |
288 | goto out; | |
289 | } | |
290 | ||
fa3cacf5 | 291 | add = ALIGN(struct_size(ea_all, name, 1 + name_len + val_size), 4); |
be71b5cb KK |
292 | |
293 | err = ntfs_read_ea(ni, &ea_all, add, &info); | |
294 | if (err) | |
295 | goto out; | |
296 | ||
297 | if (!info) { | |
298 | memset(&ea_info, 0, sizeof(ea_info)); | |
299 | size = 0; | |
300 | size_pack = 0; | |
301 | } else { | |
302 | memcpy(&ea_info, info, sizeof(ea_info)); | |
303 | size = le32_to_cpu(ea_info.size); | |
304 | size_pack = ea_info.size_pack; | |
305 | } | |
306 | ||
307 | if (info && find_ea(ea_all, size, name, name_len, &off)) { | |
308 | struct EA_FULL *ea; | |
309 | size_t ea_sz; | |
310 | ||
311 | if (flags & XATTR_CREATE) { | |
312 | err = -EEXIST; | |
313 | goto out; | |
314 | } | |
315 | ||
316 | ea = Add2Ptr(ea_all, off); | |
317 | ||
318 | /* | |
319 | * Check simple case when we try to insert xattr with the same value | |
320 | * e.g. ntfs_save_wsl_perm | |
321 | */ | |
322 | if (val_size && le16_to_cpu(ea->elength) == val_size && | |
323 | !memcmp(ea->name + ea->name_len + 1, value, val_size)) { | |
e8b8e97f | 324 | /* xattr already contains the required value. */ |
be71b5cb KK |
325 | goto out; |
326 | } | |
327 | ||
e8b8e97f | 328 | /* Remove current xattr. */ |
be71b5cb KK |
329 | if (ea->flags & FILE_NEED_EA) |
330 | le16_add_cpu(&ea_info.count, -1); | |
331 | ||
332 | ea_sz = unpacked_ea_size(ea); | |
333 | ||
334 | le16_add_cpu(&ea_info.size_pack, 0 - packed_ea_size(ea)); | |
335 | ||
336 | memmove(ea, Add2Ptr(ea, ea_sz), size - off - ea_sz); | |
337 | ||
338 | size -= ea_sz; | |
339 | memset(Add2Ptr(ea_all, size), 0, ea_sz); | |
340 | ||
341 | ea_info.size = cpu_to_le32(size); | |
342 | ||
343 | if ((flags & XATTR_REPLACE) && !val_size) { | |
e8b8e97f | 344 | /* Remove xattr. */ |
be71b5cb KK |
345 | goto update_ea; |
346 | } | |
347 | } else { | |
348 | if (flags & XATTR_REPLACE) { | |
349 | err = -ENODATA; | |
350 | goto out; | |
351 | } | |
352 | ||
353 | if (!ea_all) { | |
195c52bd | 354 | ea_all = kzalloc(add, GFP_NOFS); |
be71b5cb KK |
355 | if (!ea_all) { |
356 | err = -ENOMEM; | |
357 | goto out; | |
358 | } | |
359 | } | |
360 | } | |
361 | ||
e8b8e97f | 362 | /* Append new xattr. */ |
be71b5cb KK |
363 | new_ea = Add2Ptr(ea_all, size); |
364 | new_ea->size = cpu_to_le32(add); | |
365 | new_ea->flags = 0; | |
366 | new_ea->name_len = name_len; | |
367 | new_ea->elength = cpu_to_le16(val_size); | |
368 | memcpy(new_ea->name, name, name_len); | |
369 | new_ea->name[name_len] = 0; | |
370 | memcpy(new_ea->name + name_len + 1, value, val_size); | |
371 | new_pack = le16_to_cpu(ea_info.size_pack) + packed_ea_size(new_ea); | |
be71b5cb | 372 | ea_info.size_pack = cpu_to_le16(new_pack); |
e8b8e97f | 373 | /* New size of ATTR_EA. */ |
be71b5cb | 374 | size += add; |
cff32466 KK |
375 | ea_info.size = cpu_to_le32(size); |
376 | ||
377 | /* | |
378 | * 1. Check ea_info.size_pack for overflow. | |
379 | * 2. New attibute size must fit value from $AttrDef | |
380 | */ | |
381 | if (new_pack > 0xffff || size > sbi->ea_max_size) { | |
382 | ntfs_inode_warn( | |
383 | inode, | |
384 | "The size of extended attributes must not exceed 64KiB"); | |
be71b5cb KK |
385 | err = -EFBIG; // -EINVAL? |
386 | goto out; | |
387 | } | |
be71b5cb KK |
388 | |
389 | update_ea: | |
390 | ||
391 | if (!info) { | |
e8b8e97f | 392 | /* Create xattr. */ |
be71b5cb KK |
393 | if (!size) { |
394 | err = 0; | |
395 | goto out; | |
396 | } | |
397 | ||
398 | err = ni_insert_resident(ni, sizeof(struct EA_INFO), | |
78ab59fe KK |
399 | ATTR_EA_INFO, NULL, 0, NULL, NULL, |
400 | NULL); | |
be71b5cb KK |
401 | if (err) |
402 | goto out; | |
403 | ||
78ab59fe KK |
404 | err = ni_insert_resident(ni, 0, ATTR_EA, NULL, 0, NULL, NULL, |
405 | NULL); | |
be71b5cb KK |
406 | if (err) |
407 | goto out; | |
408 | } | |
409 | ||
410 | new_sz = size; | |
411 | err = attr_set_size(ni, ATTR_EA, NULL, 0, &ea_run, new_sz, &new_sz, | |
412 | false, NULL); | |
413 | if (err) | |
414 | goto out; | |
415 | ||
416 | le = NULL; | |
417 | attr = ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, &mi); | |
418 | if (!attr) { | |
419 | err = -EINVAL; | |
420 | goto out; | |
421 | } | |
422 | ||
423 | if (!size) { | |
e8b8e97f | 424 | /* Delete xattr, ATTR_EA_INFO */ |
78ab59fe | 425 | ni_remove_attr_le(ni, attr, mi, le); |
be71b5cb KK |
426 | } else { |
427 | p = resident_data_ex(attr, sizeof(struct EA_INFO)); | |
428 | if (!p) { | |
429 | err = -EINVAL; | |
430 | goto out; | |
431 | } | |
432 | memcpy(p, &ea_info, sizeof(struct EA_INFO)); | |
433 | mi->dirty = true; | |
434 | } | |
435 | ||
436 | le = NULL; | |
437 | attr = ni_find_attr(ni, NULL, &le, ATTR_EA, NULL, 0, NULL, &mi); | |
438 | if (!attr) { | |
439 | err = -EINVAL; | |
440 | goto out; | |
441 | } | |
442 | ||
443 | if (!size) { | |
e8b8e97f | 444 | /* Delete xattr, ATTR_EA */ |
78ab59fe | 445 | ni_remove_attr_le(ni, attr, mi, le); |
be71b5cb | 446 | } else if (attr->non_res) { |
63544672 | 447 | err = ntfs_sb_write_run(sbi, &ea_run, 0, ea_all, size, 0); |
be71b5cb KK |
448 | if (err) |
449 | goto out; | |
450 | } else { | |
451 | p = resident_data_ex(attr, size); | |
452 | if (!p) { | |
453 | err = -EINVAL; | |
454 | goto out; | |
455 | } | |
456 | memcpy(p, ea_all, size); | |
457 | mi->dirty = true; | |
458 | } | |
459 | ||
e8b8e97f | 460 | /* Check if we delete the last xattr. */ |
be71b5cb KK |
461 | if (size) |
462 | ni->ni_flags |= NI_FLAG_EA; | |
463 | else | |
464 | ni->ni_flags &= ~NI_FLAG_EA; | |
465 | ||
466 | if (ea_info.size_pack != size_pack) | |
467 | ni->ni_flags |= NI_FLAG_UPDATE_PARENT; | |
468 | mark_inode_dirty(&ni->vfs_inode); | |
469 | ||
470 | out: | |
3a2154b2 KK |
471 | if (!locked) |
472 | ni_unlock(ni); | |
be71b5cb KK |
473 | |
474 | run_close(&ea_run); | |
195c52bd | 475 | kfree(ea_all); |
be71b5cb KK |
476 | |
477 | return err; | |
478 | } | |
479 | ||
480 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL | |
be71b5cb KK |
481 | static struct posix_acl *ntfs_get_acl_ex(struct user_namespace *mnt_userns, |
482 | struct inode *inode, int type, | |
483 | int locked) | |
484 | { | |
485 | struct ntfs_inode *ni = ntfs_i(inode); | |
486 | const char *name; | |
487 | size_t name_len; | |
488 | struct posix_acl *acl; | |
489 | size_t req; | |
490 | int err; | |
491 | void *buf; | |
492 | ||
e8b8e97f | 493 | /* Allocate PATH_MAX bytes. */ |
be71b5cb KK |
494 | buf = __getname(); |
495 | if (!buf) | |
496 | return ERR_PTR(-ENOMEM); | |
497 | ||
e8b8e97f | 498 | /* Possible values of 'type' was already checked above. */ |
be71b5cb KK |
499 | if (type == ACL_TYPE_ACCESS) { |
500 | name = XATTR_NAME_POSIX_ACL_ACCESS; | |
501 | name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1; | |
502 | } else { | |
503 | name = XATTR_NAME_POSIX_ACL_DEFAULT; | |
504 | name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1; | |
505 | } | |
506 | ||
507 | if (!locked) | |
508 | ni_lock(ni); | |
509 | ||
510 | err = ntfs_get_ea(inode, name, name_len, buf, PATH_MAX, &req); | |
511 | ||
512 | if (!locked) | |
513 | ni_unlock(ni); | |
514 | ||
e8b8e97f | 515 | /* Translate extended attribute to acl. */ |
2926e429 | 516 | if (err >= 0) { |
be71b5cb | 517 | acl = posix_acl_from_xattr(mnt_userns, buf, err); |
0bd5fdb8 KK |
518 | } else if (err == -ENODATA) { |
519 | acl = NULL; | |
be71b5cb | 520 | } else { |
0bd5fdb8 | 521 | acl = ERR_PTR(err); |
be71b5cb KK |
522 | } |
523 | ||
0bd5fdb8 KK |
524 | if (!IS_ERR(acl)) |
525 | set_cached_acl(inode, type, acl); | |
526 | ||
be71b5cb KK |
527 | __putname(buf); |
528 | ||
529 | return acl; | |
530 | } | |
531 | ||
532 | /* | |
e8b8e97f | 533 | * ntfs_get_acl - inode_operations::get_acl |
be71b5cb | 534 | */ |
f7464060 | 535 | struct posix_acl *ntfs_get_acl(struct inode *inode, int type, bool rcu) |
be71b5cb | 536 | { |
f7464060 LT |
537 | if (rcu) |
538 | return ERR_PTR(-ECHILD); | |
539 | ||
be71b5cb KK |
540 | /* TODO: init_user_ns? */ |
541 | return ntfs_get_acl_ex(&init_user_ns, inode, type, 0); | |
542 | } | |
543 | ||
544 | static noinline int ntfs_set_acl_ex(struct user_namespace *mnt_userns, | |
545 | struct inode *inode, struct posix_acl *acl, | |
9186d472 | 546 | int type, bool init_acl) |
be71b5cb KK |
547 | { |
548 | const char *name; | |
549 | size_t size, name_len; | |
550 | void *value = NULL; | |
551 | int err = 0; | |
398c35f4 | 552 | int flags; |
be71b5cb KK |
553 | |
554 | if (S_ISLNK(inode->i_mode)) | |
555 | return -EOPNOTSUPP; | |
556 | ||
557 | switch (type) { | |
558 | case ACL_TYPE_ACCESS: | |
9186d472 KK |
559 | /* Do not change i_mode if we are in init_acl */ |
560 | if (acl && !init_acl) { | |
561 | umode_t mode; | |
be71b5cb | 562 | |
ba77237e KK |
563 | err = posix_acl_update_mode(mnt_userns, inode, &mode, |
564 | &acl); | |
565 | if (err) | |
566 | goto out; | |
be71b5cb KK |
567 | |
568 | if (inode->i_mode != mode) { | |
569 | inode->i_mode = mode; | |
570 | mark_inode_dirty(inode); | |
571 | } | |
be71b5cb KK |
572 | } |
573 | name = XATTR_NAME_POSIX_ACL_ACCESS; | |
574 | name_len = sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1; | |
575 | break; | |
576 | ||
577 | case ACL_TYPE_DEFAULT: | |
578 | if (!S_ISDIR(inode->i_mode)) | |
579 | return acl ? -EACCES : 0; | |
580 | name = XATTR_NAME_POSIX_ACL_DEFAULT; | |
581 | name_len = sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1; | |
582 | break; | |
583 | ||
584 | default: | |
585 | return -EINVAL; | |
586 | } | |
587 | ||
588 | if (!acl) { | |
398c35f4 | 589 | /* Remove xattr if it can be presented via mode. */ |
be71b5cb KK |
590 | size = 0; |
591 | value = NULL; | |
398c35f4 | 592 | flags = XATTR_REPLACE; |
be71b5cb KK |
593 | } else { |
594 | size = posix_acl_xattr_size(acl->a_count); | |
195c52bd | 595 | value = kmalloc(size, GFP_NOFS); |
be71b5cb KK |
596 | if (!value) |
597 | return -ENOMEM; | |
be71b5cb KK |
598 | err = posix_acl_to_xattr(mnt_userns, acl, value, size); |
599 | if (err < 0) | |
600 | goto out; | |
398c35f4 | 601 | flags = 0; |
be71b5cb KK |
602 | } |
603 | ||
3a2154b2 | 604 | err = ntfs_set_ea(inode, name, name_len, value, size, flags, 0); |
398c35f4 KK |
605 | if (err == -ENODATA && !size) |
606 | err = 0; /* Removing non existed xattr. */ | |
be71b5cb KK |
607 | if (!err) |
608 | set_cached_acl(inode, type, acl); | |
609 | ||
610 | out: | |
195c52bd | 611 | kfree(value); |
be71b5cb KK |
612 | |
613 | return err; | |
614 | } | |
615 | ||
616 | /* | |
e8b8e97f | 617 | * ntfs_set_acl - inode_operations::set_acl |
be71b5cb KK |
618 | */ |
619 | int ntfs_set_acl(struct user_namespace *mnt_userns, struct inode *inode, | |
620 | struct posix_acl *acl, int type) | |
621 | { | |
9186d472 | 622 | return ntfs_set_acl_ex(mnt_userns, inode, acl, type, false); |
be71b5cb KK |
623 | } |
624 | ||
87e21c99 KK |
625 | static int ntfs_xattr_get_acl(struct user_namespace *mnt_userns, |
626 | struct inode *inode, int type, void *buffer, | |
627 | size_t size) | |
628 | { | |
629 | struct posix_acl *acl; | |
630 | int err; | |
631 | ||
632 | if (!(inode->i_sb->s_flags & SB_POSIXACL)) { | |
633 | ntfs_inode_warn(inode, "add mount option \"acl\" to use acl"); | |
634 | return -EOPNOTSUPP; | |
635 | } | |
636 | ||
637 | acl = ntfs_get_acl(inode, type, false); | |
638 | if (IS_ERR(acl)) | |
639 | return PTR_ERR(acl); | |
640 | ||
641 | if (!acl) | |
642 | return -ENODATA; | |
643 | ||
644 | err = posix_acl_to_xattr(mnt_userns, acl, buffer, size); | |
645 | posix_acl_release(acl); | |
646 | ||
647 | return err; | |
648 | } | |
649 | ||
650 | static int ntfs_xattr_set_acl(struct user_namespace *mnt_userns, | |
651 | struct inode *inode, int type, const void *value, | |
652 | size_t size) | |
653 | { | |
654 | struct posix_acl *acl; | |
655 | int err; | |
656 | ||
657 | if (!(inode->i_sb->s_flags & SB_POSIXACL)) { | |
658 | ntfs_inode_warn(inode, "add mount option \"acl\" to use acl"); | |
659 | return -EOPNOTSUPP; | |
660 | } | |
661 | ||
662 | if (!inode_owner_or_capable(mnt_userns, inode)) | |
663 | return -EPERM; | |
664 | ||
665 | if (!value) { | |
666 | acl = NULL; | |
667 | } else { | |
668 | acl = posix_acl_from_xattr(mnt_userns, value, size); | |
669 | if (IS_ERR(acl)) | |
670 | return PTR_ERR(acl); | |
671 | ||
672 | if (acl) { | |
673 | err = posix_acl_valid(mnt_userns, acl); | |
674 | if (err) | |
675 | goto release_and_out; | |
676 | } | |
677 | } | |
678 | ||
679 | err = ntfs_set_acl(mnt_userns, inode, acl, type); | |
680 | ||
681 | release_and_out: | |
682 | posix_acl_release(acl); | |
683 | return err; | |
684 | } | |
685 | ||
be71b5cb | 686 | /* |
e8b8e97f KA |
687 | * ntfs_init_acl - Initialize the ACLs of a new inode. |
688 | * | |
689 | * Called from ntfs_create_inode(). | |
be71b5cb KK |
690 | */ |
691 | int ntfs_init_acl(struct user_namespace *mnt_userns, struct inode *inode, | |
692 | struct inode *dir) | |
693 | { | |
694 | struct posix_acl *default_acl, *acl; | |
695 | int err; | |
696 | ||
66019837 KK |
697 | err = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl); |
698 | if (err) | |
699 | return err; | |
be71b5cb | 700 | |
66019837 | 701 | if (default_acl) { |
be71b5cb | 702 | err = ntfs_set_acl_ex(mnt_userns, inode, default_acl, |
9186d472 | 703 | ACL_TYPE_DEFAULT, true); |
be71b5cb | 704 | posix_acl_release(default_acl); |
66019837 KK |
705 | } else { |
706 | inode->i_default_acl = NULL; | |
be71b5cb KK |
707 | } |
708 | ||
be71b5cb KK |
709 | if (!acl) |
710 | inode->i_acl = NULL; | |
66019837 KK |
711 | else { |
712 | if (!err) | |
713 | err = ntfs_set_acl_ex(mnt_userns, inode, acl, | |
9186d472 | 714 | ACL_TYPE_ACCESS, true); |
66019837 KK |
715 | posix_acl_release(acl); |
716 | } | |
be71b5cb | 717 | |
be71b5cb KK |
718 | return err; |
719 | } | |
720 | #endif | |
721 | ||
722 | /* | |
e8b8e97f | 723 | * ntfs_acl_chmod - Helper for ntfs3_setattr(). |
be71b5cb KK |
724 | */ |
725 | int ntfs_acl_chmod(struct user_namespace *mnt_userns, struct inode *inode) | |
726 | { | |
727 | struct super_block *sb = inode->i_sb; | |
728 | ||
729 | if (!(sb->s_flags & SB_POSIXACL)) | |
730 | return 0; | |
731 | ||
732 | if (S_ISLNK(inode->i_mode)) | |
733 | return -EOPNOTSUPP; | |
734 | ||
735 | return posix_acl_chmod(mnt_userns, inode, inode->i_mode); | |
736 | } | |
737 | ||
738 | /* | |
e8b8e97f | 739 | * ntfs_permission - inode_operations::permission |
be71b5cb KK |
740 | */ |
741 | int ntfs_permission(struct user_namespace *mnt_userns, struct inode *inode, | |
742 | int mask) | |
743 | { | |
28a941ff | 744 | if (ntfs_sb(inode->i_sb)->options->noacsrules) { |
e8b8e97f | 745 | /* "No access rules" mode - Allow all changes. */ |
be71b5cb KK |
746 | return 0; |
747 | } | |
748 | ||
749 | return generic_permission(mnt_userns, inode, mask); | |
750 | } | |
751 | ||
752 | /* | |
e8b8e97f | 753 | * ntfs_listxattr - inode_operations::listxattr |
be71b5cb KK |
754 | */ |
755 | ssize_t ntfs_listxattr(struct dentry *dentry, char *buffer, size_t size) | |
756 | { | |
757 | struct inode *inode = d_inode(dentry); | |
758 | struct ntfs_inode *ni = ntfs_i(inode); | |
759 | ssize_t ret; | |
760 | ||
761 | if (!(ni->ni_flags & NI_FLAG_EA)) { | |
762 | /* no xattr in file */ | |
763 | return 0; | |
764 | } | |
765 | ||
766 | ni_lock(ni); | |
767 | ||
768 | ret = ntfs_list_ea(ni, buffer, size); | |
769 | ||
770 | ni_unlock(ni); | |
771 | ||
772 | return ret; | |
773 | } | |
774 | ||
775 | static int ntfs_getxattr(const struct xattr_handler *handler, struct dentry *de, | |
776 | struct inode *inode, const char *name, void *buffer, | |
777 | size_t size) | |
778 | { | |
779 | int err; | |
780 | struct ntfs_inode *ni = ntfs_i(inode); | |
781 | size_t name_len = strlen(name); | |
782 | ||
e8b8e97f | 783 | /* Dispatch request. */ |
be71b5cb KK |
784 | if (name_len == sizeof(SYSTEM_DOS_ATTRIB) - 1 && |
785 | !memcmp(name, SYSTEM_DOS_ATTRIB, sizeof(SYSTEM_DOS_ATTRIB))) { | |
786 | /* system.dos_attrib */ | |
787 | if (!buffer) { | |
788 | err = sizeof(u8); | |
789 | } else if (size < sizeof(u8)) { | |
790 | err = -ENODATA; | |
791 | } else { | |
792 | err = sizeof(u8); | |
793 | *(u8 *)buffer = le32_to_cpu(ni->std_fa); | |
794 | } | |
795 | goto out; | |
796 | } | |
797 | ||
798 | if (name_len == sizeof(SYSTEM_NTFS_ATTRIB) - 1 && | |
799 | !memcmp(name, SYSTEM_NTFS_ATTRIB, sizeof(SYSTEM_NTFS_ATTRIB))) { | |
800 | /* system.ntfs_attrib */ | |
801 | if (!buffer) { | |
802 | err = sizeof(u32); | |
803 | } else if (size < sizeof(u32)) { | |
804 | err = -ENODATA; | |
805 | } else { | |
806 | err = sizeof(u32); | |
807 | *(u32 *)buffer = le32_to_cpu(ni->std_fa); | |
808 | } | |
809 | goto out; | |
810 | } | |
811 | ||
812 | if (name_len == sizeof(SYSTEM_NTFS_SECURITY) - 1 && | |
813 | !memcmp(name, SYSTEM_NTFS_SECURITY, sizeof(SYSTEM_NTFS_SECURITY))) { | |
814 | /* system.ntfs_security*/ | |
815 | struct SECURITY_DESCRIPTOR_RELATIVE *sd = NULL; | |
816 | size_t sd_size = 0; | |
817 | ||
818 | if (!is_ntfs3(ni->mi.sbi)) { | |
e8b8e97f | 819 | /* We should get nt4 security. */ |
be71b5cb KK |
820 | err = -EINVAL; |
821 | goto out; | |
822 | } else if (le32_to_cpu(ni->std_security_id) < | |
823 | SECURITY_ID_FIRST) { | |
824 | err = -ENOENT; | |
825 | goto out; | |
826 | } | |
827 | ||
828 | err = ntfs_get_security_by_id(ni->mi.sbi, ni->std_security_id, | |
829 | &sd, &sd_size); | |
830 | if (err) | |
831 | goto out; | |
832 | ||
833 | if (!is_sd_valid(sd, sd_size)) { | |
834 | ntfs_inode_warn( | |
835 | inode, | |
836 | "looks like you get incorrect security descriptor id=%u", | |
837 | ni->std_security_id); | |
838 | } | |
839 | ||
840 | if (!buffer) { | |
841 | err = sd_size; | |
842 | } else if (size < sd_size) { | |
843 | err = -ENODATA; | |
844 | } else { | |
845 | err = sd_size; | |
846 | memcpy(buffer, sd, sd_size); | |
847 | } | |
195c52bd | 848 | kfree(sd); |
be71b5cb KK |
849 | goto out; |
850 | } | |
851 | ||
87e21c99 KK |
852 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL |
853 | if ((name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 && | |
854 | !memcmp(name, XATTR_NAME_POSIX_ACL_ACCESS, | |
855 | sizeof(XATTR_NAME_POSIX_ACL_ACCESS))) || | |
856 | (name_len == sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1 && | |
857 | !memcmp(name, XATTR_NAME_POSIX_ACL_DEFAULT, | |
858 | sizeof(XATTR_NAME_POSIX_ACL_DEFAULT)))) { | |
859 | /* TODO: init_user_ns? */ | |
860 | err = ntfs_xattr_get_acl( | |
861 | &init_user_ns, inode, | |
862 | name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 | |
863 | ? ACL_TYPE_ACCESS | |
864 | : ACL_TYPE_DEFAULT, | |
865 | buffer, size); | |
866 | goto out; | |
867 | } | |
868 | #endif | |
e8b8e97f | 869 | /* Deal with NTFS extended attribute. */ |
be71b5cb KK |
870 | err = ntfs_get_ea(inode, name, name_len, buffer, size, NULL); |
871 | ||
872 | out: | |
873 | return err; | |
874 | } | |
875 | ||
876 | /* | |
e8b8e97f | 877 | * ntfs_setxattr - inode_operations::setxattr |
be71b5cb KK |
878 | */ |
879 | static noinline int ntfs_setxattr(const struct xattr_handler *handler, | |
880 | struct user_namespace *mnt_userns, | |
881 | struct dentry *de, struct inode *inode, | |
882 | const char *name, const void *value, | |
883 | size_t size, int flags) | |
884 | { | |
885 | int err = -EINVAL; | |
886 | struct ntfs_inode *ni = ntfs_i(inode); | |
887 | size_t name_len = strlen(name); | |
888 | enum FILE_ATTRIBUTE new_fa; | |
889 | ||
e8b8e97f | 890 | /* Dispatch request. */ |
be71b5cb KK |
891 | if (name_len == sizeof(SYSTEM_DOS_ATTRIB) - 1 && |
892 | !memcmp(name, SYSTEM_DOS_ATTRIB, sizeof(SYSTEM_DOS_ATTRIB))) { | |
893 | if (sizeof(u8) != size) | |
894 | goto out; | |
895 | new_fa = cpu_to_le32(*(u8 *)value); | |
896 | goto set_new_fa; | |
897 | } | |
898 | ||
899 | if (name_len == sizeof(SYSTEM_NTFS_ATTRIB) - 1 && | |
900 | !memcmp(name, SYSTEM_NTFS_ATTRIB, sizeof(SYSTEM_NTFS_ATTRIB))) { | |
901 | if (size != sizeof(u32)) | |
902 | goto out; | |
903 | new_fa = cpu_to_le32(*(u32 *)value); | |
904 | ||
905 | if (S_ISREG(inode->i_mode)) { | |
e8b8e97f | 906 | /* Process compressed/sparsed in special way. */ |
be71b5cb KK |
907 | ni_lock(ni); |
908 | err = ni_new_attr_flags(ni, new_fa); | |
909 | ni_unlock(ni); | |
910 | if (err) | |
911 | goto out; | |
912 | } | |
913 | set_new_fa: | |
914 | /* | |
915 | * Thanks Mark Harmstone: | |
e8b8e97f | 916 | * Keep directory bit consistency. |
be71b5cb KK |
917 | */ |
918 | if (S_ISDIR(inode->i_mode)) | |
919 | new_fa |= FILE_ATTRIBUTE_DIRECTORY; | |
920 | else | |
921 | new_fa &= ~FILE_ATTRIBUTE_DIRECTORY; | |
922 | ||
923 | if (ni->std_fa != new_fa) { | |
924 | ni->std_fa = new_fa; | |
925 | if (new_fa & FILE_ATTRIBUTE_READONLY) | |
926 | inode->i_mode &= ~0222; | |
927 | else | |
928 | inode->i_mode |= 0222; | |
e8b8e97f | 929 | /* Std attribute always in primary record. */ |
be71b5cb KK |
930 | ni->mi.dirty = true; |
931 | mark_inode_dirty(inode); | |
932 | } | |
933 | err = 0; | |
934 | ||
935 | goto out; | |
936 | } | |
937 | ||
938 | if (name_len == sizeof(SYSTEM_NTFS_SECURITY) - 1 && | |
939 | !memcmp(name, SYSTEM_NTFS_SECURITY, sizeof(SYSTEM_NTFS_SECURITY))) { | |
940 | /* system.ntfs_security*/ | |
941 | __le32 security_id; | |
942 | bool inserted; | |
943 | struct ATTR_STD_INFO5 *std; | |
944 | ||
945 | if (!is_ntfs3(ni->mi.sbi)) { | |
946 | /* | |
e8b8e97f KA |
947 | * We should replace ATTR_SECURE. |
948 | * Skip this way cause it is nt4 feature. | |
be71b5cb KK |
949 | */ |
950 | err = -EINVAL; | |
951 | goto out; | |
952 | } | |
953 | ||
954 | if (!is_sd_valid(value, size)) { | |
955 | err = -EINVAL; | |
956 | ntfs_inode_warn( | |
957 | inode, | |
958 | "you try to set invalid security descriptor"); | |
959 | goto out; | |
960 | } | |
961 | ||
962 | err = ntfs_insert_security(ni->mi.sbi, value, size, | |
963 | &security_id, &inserted); | |
964 | if (err) | |
965 | goto out; | |
966 | ||
967 | ni_lock(ni); | |
968 | std = ni_std5(ni); | |
969 | if (!std) { | |
970 | err = -EINVAL; | |
971 | } else if (std->security_id != security_id) { | |
972 | std->security_id = ni->std_security_id = security_id; | |
e8b8e97f | 973 | /* Std attribute always in primary record. */ |
be71b5cb KK |
974 | ni->mi.dirty = true; |
975 | mark_inode_dirty(&ni->vfs_inode); | |
976 | } | |
977 | ni_unlock(ni); | |
978 | goto out; | |
979 | } | |
980 | ||
87e21c99 KK |
981 | #ifdef CONFIG_NTFS3_FS_POSIX_ACL |
982 | if ((name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 && | |
983 | !memcmp(name, XATTR_NAME_POSIX_ACL_ACCESS, | |
984 | sizeof(XATTR_NAME_POSIX_ACL_ACCESS))) || | |
985 | (name_len == sizeof(XATTR_NAME_POSIX_ACL_DEFAULT) - 1 && | |
986 | !memcmp(name, XATTR_NAME_POSIX_ACL_DEFAULT, | |
987 | sizeof(XATTR_NAME_POSIX_ACL_DEFAULT)))) { | |
988 | err = ntfs_xattr_set_acl( | |
989 | mnt_userns, inode, | |
990 | name_len == sizeof(XATTR_NAME_POSIX_ACL_ACCESS) - 1 | |
991 | ? ACL_TYPE_ACCESS | |
992 | : ACL_TYPE_DEFAULT, | |
993 | value, size); | |
994 | goto out; | |
995 | } | |
996 | #endif | |
e8b8e97f | 997 | /* Deal with NTFS extended attribute. */ |
3a2154b2 | 998 | err = ntfs_set_ea(inode, name, name_len, value, size, flags, 0); |
be71b5cb KK |
999 | |
1000 | out: | |
2d44667c KK |
1001 | inode->i_ctime = current_time(inode); |
1002 | mark_inode_dirty(inode); | |
1003 | ||
be71b5cb KK |
1004 | return err; |
1005 | } | |
1006 | ||
1007 | /* | |
1008 | * ntfs_save_wsl_perm | |
1009 | * | |
1010 | * save uid/gid/mode in xattr | |
1011 | */ | |
1012 | int ntfs_save_wsl_perm(struct inode *inode) | |
1013 | { | |
1014 | int err; | |
1015 | __le32 value; | |
3a2154b2 | 1016 | struct ntfs_inode *ni = ntfs_i(inode); |
be71b5cb | 1017 | |
3a2154b2 | 1018 | ni_lock(ni); |
be71b5cb KK |
1019 | value = cpu_to_le32(i_uid_read(inode)); |
1020 | err = ntfs_set_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value, | |
3a2154b2 | 1021 | sizeof(value), 0, true); /* true == already locked. */ |
be71b5cb KK |
1022 | if (err) |
1023 | goto out; | |
1024 | ||
1025 | value = cpu_to_le32(i_gid_read(inode)); | |
1026 | err = ntfs_set_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value, | |
3a2154b2 | 1027 | sizeof(value), 0, true); |
be71b5cb KK |
1028 | if (err) |
1029 | goto out; | |
1030 | ||
1031 | value = cpu_to_le32(inode->i_mode); | |
1032 | err = ntfs_set_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value, | |
3a2154b2 | 1033 | sizeof(value), 0, true); |
be71b5cb KK |
1034 | if (err) |
1035 | goto out; | |
1036 | ||
1037 | if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode)) { | |
1038 | value = cpu_to_le32(inode->i_rdev); | |
1039 | err = ntfs_set_ea(inode, "$LXDEV", sizeof("$LXDEV") - 1, &value, | |
3a2154b2 | 1040 | sizeof(value), 0, true); |
be71b5cb KK |
1041 | if (err) |
1042 | goto out; | |
1043 | } | |
1044 | ||
1045 | out: | |
3a2154b2 | 1046 | ni_unlock(ni); |
be71b5cb KK |
1047 | /* In case of error should we delete all WSL xattr? */ |
1048 | return err; | |
1049 | } | |
1050 | ||
1051 | /* | |
1052 | * ntfs_get_wsl_perm | |
1053 | * | |
1054 | * get uid/gid/mode from xattr | |
1055 | * it is called from ntfs_iget5->ntfs_read_mft | |
1056 | */ | |
1057 | void ntfs_get_wsl_perm(struct inode *inode) | |
1058 | { | |
1059 | size_t sz; | |
1060 | __le32 value[3]; | |
1061 | ||
1062 | if (ntfs_get_ea(inode, "$LXUID", sizeof("$LXUID") - 1, &value[0], | |
1063 | sizeof(value[0]), &sz) == sizeof(value[0]) && | |
1064 | ntfs_get_ea(inode, "$LXGID", sizeof("$LXGID") - 1, &value[1], | |
1065 | sizeof(value[1]), &sz) == sizeof(value[1]) && | |
1066 | ntfs_get_ea(inode, "$LXMOD", sizeof("$LXMOD") - 1, &value[2], | |
1067 | sizeof(value[2]), &sz) == sizeof(value[2])) { | |
1068 | i_uid_write(inode, (uid_t)le32_to_cpu(value[0])); | |
1069 | i_gid_write(inode, (gid_t)le32_to_cpu(value[1])); | |
1070 | inode->i_mode = le32_to_cpu(value[2]); | |
1071 | ||
1072 | if (ntfs_get_ea(inode, "$LXDEV", sizeof("$$LXDEV") - 1, | |
1073 | &value[0], sizeof(value), | |
1074 | &sz) == sizeof(value[0])) { | |
1075 | inode->i_rdev = le32_to_cpu(value[0]); | |
1076 | } | |
1077 | } | |
1078 | } | |
1079 | ||
1080 | static bool ntfs_xattr_user_list(struct dentry *dentry) | |
1081 | { | |
1082 | return true; | |
1083 | } | |
1084 | ||
1085 | // clang-format off | |
1086 | static const struct xattr_handler ntfs_xattr_handler = { | |
1087 | .prefix = "", | |
1088 | .get = ntfs_getxattr, | |
1089 | .set = ntfs_setxattr, | |
1090 | .list = ntfs_xattr_user_list, | |
1091 | }; | |
1092 | ||
1093 | const struct xattr_handler *ntfs_xattr_handlers[] = { | |
1094 | &ntfs_xattr_handler, | |
1095 | NULL, | |
1096 | }; | |
1097 | // clang-format on |