Exemple #1
0
static int
ext4_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer,
		   size_t size, int type)
{
	struct posix_acl *acl;
	int error;

	if (strcmp(name, "") != 0)
		return -EINVAL;
	if (!test_opt(dentry->d_sb, POSIX_ACL))
		return -EOPNOTSUPP;

	acl = ext4_get_acl(dentry->d_inode, type);
	if (IS_ERR(acl))
		return PTR_ERR(acl);
	if (acl == NULL)
		return -ENODATA;
	error = posix_acl_to_xattr(acl, buffer, size);
	posix_acl_release(acl);

	return error;
}
Exemple #2
0
static int
xfs_xattr_system_get(struct inode *inode, const char *name,
		void *value, size_t size)
{
	struct posix_acl *acl;
	int type, error;

	type = xfs_decode_acl(name);
	if (type < 0)
		return type;

	acl = xfs_get_acl(inode, type);
	if (IS_ERR(acl))
		return PTR_ERR(acl);
	if (acl == NULL)
		return -ENODATA;

	error = posix_acl_to_xattr(acl, value, size);
	posix_acl_release(acl);

	return error;
}
Exemple #3
0
static int v9fs_set_acl(struct dentry *dentry, int type, struct posix_acl *acl)
{
	int retval;
	char *name;
	size_t size;
	void *buffer;
	struct inode *inode = dentry->d_inode;

	set_cached_acl(inode, type, acl);

	if (!acl)
		return 0;

	/* Set a setxattr request to server */
	size = posix_acl_xattr_size(acl->a_count);
	buffer = kmalloc(size, GFP_KERNEL);
	if (!buffer)
		return -ENOMEM;
	retval = posix_acl_to_xattr(acl, buffer, size);
	if (retval < 0)
		goto err_free_out;
	switch (type) {
	case ACL_TYPE_ACCESS:
		name = POSIX_ACL_XATTR_ACCESS;
		break;
	case ACL_TYPE_DEFAULT:
		name = POSIX_ACL_XATTR_DEFAULT;
		break;
	default:
		BUG();
	}
	retval = v9fs_xattr_set(dentry, name, buffer, size, 0);
err_free_out:
	kfree(buffer);
	return retval;
}
Exemple #4
0
static
int ll_getxattr_common(struct inode *inode, const char *name,
		       void *buffer, size_t size, __u64 valid)
{
	struct ll_sb_info *sbi = ll_i2sbi(inode);
	struct ptlrpc_request *req = NULL;
	struct mdt_body *body;
	int xattr_type, rc;
	void *xdata;
	struct obd_capa *oc;
	struct rmtacl_ctl_entry *rce = NULL;

	CDEBUG(D_VFSTRACE, "VFS Op:inode=%lu/%u(%p)\n",
	       inode->i_ino, inode->i_generation, inode);

	/* listxattr have slightly different behavior from of ext3:
	 * without 'user_xattr' ext3 will list all xattr names but
	 * filtered out "^user..*"; we list them all for simplicity.
	 */
	if (!name) {
		xattr_type = XATTR_OTHER_T;
		goto do_getxattr;
	}

	xattr_type = get_xattr_type(name);
	rc = xattr_type_filter(sbi, xattr_type);
	if (rc)
		return rc;

	/* b15587: ignore security.capability xattr for now */
	if ((xattr_type == XATTR_SECURITY_T &&
	    strcmp(name, "security.capability") == 0))
		return -ENODATA;

	/* LU-549:  Disable security.selinux when selinux is disabled */
	if (xattr_type == XATTR_SECURITY_T && !selinux_is_enabled() &&
	    strcmp(name, "security.selinux") == 0)
		return -EOPNOTSUPP;

#ifdef CONFIG_FS_POSIX_ACL
	if (sbi->ll_flags & LL_SBI_RMT_CLIENT &&
	    (xattr_type == XATTR_ACL_ACCESS_T ||
	    xattr_type == XATTR_ACL_DEFAULT_T)) {
		rce = rct_search(&sbi->ll_rct, current_pid());
		if (rce == NULL ||
		    (rce->rce_ops != RMT_LSETFACL &&
		    rce->rce_ops != RMT_LGETFACL &&
		    rce->rce_ops != RMT_RSETFACL &&
		    rce->rce_ops != RMT_RGETFACL))
			return -EOPNOTSUPP;
	}

	/* posix acl is under protection of LOOKUP lock. when calling to this,
	 * we just have path resolution to the target inode, so we have great
	 * chance that cached ACL is uptodate.
	 */
	if (xattr_type == XATTR_ACL_ACCESS_T &&
	    !(sbi->ll_flags & LL_SBI_RMT_CLIENT)) {
		struct ll_inode_info *lli = ll_i2info(inode);
		struct posix_acl *acl;

		spin_lock(&lli->lli_lock);
		acl = posix_acl_dup(lli->lli_posix_acl);
		spin_unlock(&lli->lli_lock);

		if (!acl)
			return -ENODATA;

		rc = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
		posix_acl_release(acl);
		return rc;
	}
	if (xattr_type == XATTR_ACL_DEFAULT_T && !S_ISDIR(inode->i_mode))
		return -ENODATA;
#endif

do_getxattr:
	if (sbi->ll_xattr_cache_enabled && (rce == NULL ||
					    rce->rce_ops == RMT_LGETFACL ||
					    rce->rce_ops == RMT_LSETFACL)) {
		rc = ll_xattr_cache_get(inode, name, buffer, size, valid);
		if (rc < 0)
			GOTO(out_xattr, rc);
	} else {
		oc = ll_mdscapa_get(inode);
		rc = md_getxattr(sbi->ll_md_exp, ll_inode2fid(inode), oc,
				valid | (rce ? rce_ops2valid(rce->rce_ops) : 0),
				name, NULL, 0, size, 0, &req);
		capa_put(oc);

		if (rc < 0)
			GOTO(out_xattr, rc);

		body = req_capsule_server_get(&req->rq_pill, &RMF_MDT_BODY);
		LASSERT(body);

		/* only detect the xattr size */
		if (size == 0)
			GOTO(out, rc = body->eadatasize);

		if (size < body->eadatasize) {
			CERROR("server bug: replied size %u > %u\n",
				body->eadatasize, (int)size);
			GOTO(out, rc = -ERANGE);
		}

		if (body->eadatasize == 0)
			GOTO(out, rc = -ENODATA);

		/* do not need swab xattr data */
		xdata = req_capsule_server_sized_get(&req->rq_pill, &RMF_EADATA,
							body->eadatasize);
		if (!xdata)
			GOTO(out, rc = -EFAULT);

		memcpy(buffer, xdata, body->eadatasize);
		rc = body->eadatasize;
	}

#ifdef CONFIG_FS_POSIX_ACL
	if (rce && rce->rce_ops == RMT_LSETFACL) {
		ext_acl_xattr_header *acl;

		acl = lustre_posix_acl_xattr_2ext(
					(posix_acl_xattr_header *)buffer, rc);
		if (IS_ERR(acl))
			GOTO(out, rc = PTR_ERR(acl));

		rc = ee_add(&sbi->ll_et, current_pid(), ll_inode2fid(inode),
			    xattr_type, acl);
		if (unlikely(rc < 0)) {
			lustre_ext_acl_xattr_free(acl);
			GOTO(out, rc);
		}
	}
#endif

out_xattr:
	if (rc == -EOPNOTSUPP && xattr_type == XATTR_USER_T) {
		LCONSOLE_INFO(
			"%s: disabling user_xattr feature because it is not supported on the server: rc = %d\n",
			ll_get_fsname(inode->i_sb, NULL, 0), rc);
		sbi->ll_flags &= ~LL_SBI_USER_XATTR;
	}
out:
	ptlrpc_req_finished(req);
	return rc;
}
Exemple #5
0
int ceph_set_acl(struct inode *inode, struct posix_acl *acl, int type)
{
    int ret = 0, size = 0;
    const char *name = NULL;
    char *value = NULL;
    struct iattr newattrs;
    umode_t new_mode = inode->i_mode, old_mode = inode->i_mode;

    switch (type) {
    case ACL_TYPE_ACCESS:
        name = XATTR_NAME_POSIX_ACL_ACCESS;
        if (acl) {
            ret = posix_acl_update_mode(inode, &new_mode, &acl);
            if (ret)
                goto out;
        }
        break;
    case ACL_TYPE_DEFAULT:
        if (!S_ISDIR(inode->i_mode)) {
            ret = acl ? -EINVAL : 0;
            goto out;
        }
        name = XATTR_NAME_POSIX_ACL_DEFAULT;
        break;
    default:
        ret = -EINVAL;
        goto out;
    }

    if (acl) {
        size = posix_acl_xattr_size(acl->a_count);
        value = kmalloc(size, GFP_NOFS);
        if (!value) {
            ret = -ENOMEM;
            goto out;
        }

        ret = posix_acl_to_xattr(&init_user_ns, acl, value, size);
        if (ret < 0)
            goto out_free;
    }

    if (new_mode != old_mode) {
        newattrs.ia_mode = new_mode;
        newattrs.ia_valid = ATTR_MODE;
        ret = __ceph_setattr(inode, &newattrs);
        if (ret)
            goto out_free;
    }

    ret = __ceph_setxattr(inode, name, value, size, 0);
    if (ret) {
        if (new_mode != old_mode) {
            newattrs.ia_mode = old_mode;
            newattrs.ia_valid = ATTR_MODE;
            __ceph_setattr(inode, &newattrs);
        }
        goto out_free;
    }

    ceph_set_cached_acl(inode, type, acl);

out_free:
    kfree(value);
out:
    return ret;
}
Exemple #6
0
int ceph_pre_init_acls(struct inode *dir, umode_t *mode,
                       struct ceph_acls_info *info)
{
    struct posix_acl *acl, *default_acl;
    size_t val_size1 = 0, val_size2 = 0;
    struct ceph_pagelist *pagelist = NULL;
    void *tmp_buf = NULL;
    int err;

    err = posix_acl_create(dir, mode, &default_acl, &acl);
    if (err)
        return err;

    if (acl) {
        int ret = posix_acl_equiv_mode(acl, mode);
        if (ret < 0)
            goto out_err;
        if (ret == 0) {
            posix_acl_release(acl);
            acl = NULL;
        }
    }

    if (!default_acl && !acl)
        return 0;

    if (acl)
        val_size1 = posix_acl_xattr_size(acl->a_count);
    if (default_acl)
        val_size2 = posix_acl_xattr_size(default_acl->a_count);

    err = -ENOMEM;
    tmp_buf = kmalloc(max(val_size1, val_size2), GFP_KERNEL);
    if (!tmp_buf)
        goto out_err;
    pagelist = kmalloc(sizeof(struct ceph_pagelist), GFP_KERNEL);
    if (!pagelist)
        goto out_err;
    ceph_pagelist_init(pagelist);

    err = ceph_pagelist_reserve(pagelist, PAGE_SIZE);
    if (err)
        goto out_err;

    ceph_pagelist_encode_32(pagelist, acl && default_acl ? 2 : 1);

    if (acl) {
        size_t len = strlen(XATTR_NAME_POSIX_ACL_ACCESS);
        err = ceph_pagelist_reserve(pagelist, len + val_size1 + 8);
        if (err)
            goto out_err;
        ceph_pagelist_encode_string(pagelist, XATTR_NAME_POSIX_ACL_ACCESS,
                                    len);
        err = posix_acl_to_xattr(&init_user_ns, acl,
                                 tmp_buf, val_size1);
        if (err < 0)
            goto out_err;
        ceph_pagelist_encode_32(pagelist, val_size1);
        ceph_pagelist_append(pagelist, tmp_buf, val_size1);
    }
    if (default_acl) {
        size_t len = strlen(XATTR_NAME_POSIX_ACL_DEFAULT);
        err = ceph_pagelist_reserve(pagelist, len + val_size2 + 8);
        if (err)
            goto out_err;
        err = ceph_pagelist_encode_string(pagelist,
                                          XATTR_NAME_POSIX_ACL_DEFAULT, len);
        err = posix_acl_to_xattr(&init_user_ns, default_acl,
                                 tmp_buf, val_size2);
        if (err < 0)
            goto out_err;
        ceph_pagelist_encode_32(pagelist, val_size2);
        ceph_pagelist_append(pagelist, tmp_buf, val_size2);
    }

    kfree(tmp_buf);

    info->acl = acl;
    info->default_acl = default_acl;
    info->pagelist = pagelist;
    return 0;

out_err:
    posix_acl_release(acl);
    posix_acl_release(default_acl);
    kfree(tmp_buf);
    if (pagelist)
        ceph_pagelist_release(pagelist);
    return err;
}
Exemple #7
0
int orangefs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
{
	struct orangefs_inode_s *orangefs_inode = ORANGEFS_I(inode);
	int error = 0;
	void *value = NULL;
	size_t size = 0;
	const char *name = NULL;

	switch (type) {
	case ACL_TYPE_ACCESS:
		name = XATTR_NAME_POSIX_ACL_ACCESS;
		if (acl) {
			umode_t mode;

			error = posix_acl_update_mode(inode, &mode, &acl);
			if (error) {
				gossip_err("%s: posix_acl_update_mode err: %d\n",
					   __func__,
					   error);
				return error;
			}

			if (inode->i_mode != mode)
				SetModeFlag(orangefs_inode);
			inode->i_mode = mode;
			mark_inode_dirty_sync(inode);
		}
		break;
	case ACL_TYPE_DEFAULT:
		name = XATTR_NAME_POSIX_ACL_DEFAULT;
		break;
	default:
		gossip_err("%s: invalid type %d!\n", __func__, type);
		return -EINVAL;
	}

	gossip_debug(GOSSIP_ACL_DEBUG,
		     "%s: inode %pU, key %s type %d\n",
		     __func__, get_khandle_from_ino(inode),
		     name,
		     type);

	if (acl) {
		size = posix_acl_xattr_size(acl->a_count);
		value = kmalloc(size, GFP_KERNEL);
		if (!value)
			return -ENOMEM;

		error = posix_acl_to_xattr(&init_user_ns, acl, value, size);
		if (error < 0)
			goto out;
	}

	gossip_debug(GOSSIP_ACL_DEBUG,
		     "%s: name %s, value %p, size %zd, acl %p\n",
		     __func__, name, value, size, acl);
	/*
	 * Go ahead and set the extended attribute now. NOTE: Suppose acl
	 * was NULL, then value will be NULL and size will be 0 and that
	 * will xlate to a removexattr. However, we don't want removexattr
	 * complain if attributes does not exist.
	 */
	error = orangefs_inode_setxattr(inode, name, value, size, 0);

out:
	kfree(value);
	if (!error)
		set_cached_acl(inode, type, acl);
	return error;
}