4  * Copyright (C) 2001-2003 Andreas Gruenbacher, <agruen@suse.de>
 
   7 #include <linux/init.h>
 
   8 #include <linux/sched.h>
 
   9 #include <linux/slab.h>
 
  10 #include <linux/capability.h>
 
  12 #include <linux/ext4_jbd2.h>
 
  13 #include <linux/ext4_fs.h>
 
  18  * Convert from filesystem to in-memory representation.
 
  20 static struct posix_acl *
 
  21 ext4_acl_from_disk(const void *value, size_t size)
 
  23         const char *end = (char *)value + size;
 
  25         struct posix_acl *acl;
 
  29         if (size < sizeof(ext4_acl_header))
 
  30                  return ERR_PTR(-EINVAL);
 
  31         if (((ext4_acl_header *)value)->a_version !=
 
  32             cpu_to_le32(EXT4_ACL_VERSION))
 
  33                 return ERR_PTR(-EINVAL);
 
  34         value = (char *)value + sizeof(ext4_acl_header);
 
  35         count = ext4_acl_count(size);
 
  37                 return ERR_PTR(-EINVAL);
 
  40         acl = posix_acl_alloc(count, GFP_KERNEL);
 
  42                 return ERR_PTR(-ENOMEM);
 
  43         for (n=0; n < count; n++) {
 
  44                 ext4_acl_entry *entry =
 
  45                         (ext4_acl_entry *)value;
 
  46                 if ((char *)value + sizeof(ext4_acl_entry_short) > end)
 
  48                 acl->a_entries[n].e_tag  = le16_to_cpu(entry->e_tag);
 
  49                 acl->a_entries[n].e_perm = le16_to_cpu(entry->e_perm);
 
  50                 switch(acl->a_entries[n].e_tag) {
 
  55                                 value = (char *)value +
 
  56                                         sizeof(ext4_acl_entry_short);
 
  57                                 acl->a_entries[n].e_id = ACL_UNDEFINED_ID;
 
  62                                 value = (char *)value + sizeof(ext4_acl_entry);
 
  63                                 if ((char *)value > end)
 
  65                                 acl->a_entries[n].e_id =
 
  66                                         le32_to_cpu(entry->e_id);
 
  78         posix_acl_release(acl);
 
  79         return ERR_PTR(-EINVAL);
 
  83  * Convert from in-memory to filesystem representation.
 
  86 ext4_acl_to_disk(const struct posix_acl *acl, size_t *size)
 
  88         ext4_acl_header *ext_acl;
 
  92         *size = ext4_acl_size(acl->a_count);
 
  93         ext_acl = kmalloc(sizeof(ext4_acl_header) + acl->a_count *
 
  94                         sizeof(ext4_acl_entry), GFP_KERNEL);
 
  96                 return ERR_PTR(-ENOMEM);
 
  97         ext_acl->a_version = cpu_to_le32(EXT4_ACL_VERSION);
 
  98         e = (char *)ext_acl + sizeof(ext4_acl_header);
 
  99         for (n=0; n < acl->a_count; n++) {
 
 100                 ext4_acl_entry *entry = (ext4_acl_entry *)e;
 
 101                 entry->e_tag  = cpu_to_le16(acl->a_entries[n].e_tag);
 
 102                 entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm);
 
 103                 switch(acl->a_entries[n].e_tag) {
 
 107                                         cpu_to_le32(acl->a_entries[n].e_id);
 
 108                                 e += sizeof(ext4_acl_entry);
 
 115                                 e += sizeof(ext4_acl_entry_short);
 
 122         return (char *)ext_acl;
 
 126         return ERR_PTR(-EINVAL);
 
 129 static inline struct posix_acl *
 
 130 ext4_iget_acl(struct inode *inode, struct posix_acl **i_acl)
 
 132         struct posix_acl *acl = EXT4_ACL_NOT_CACHED;
 
 134         spin_lock(&inode->i_lock);
 
 135         if (*i_acl != EXT4_ACL_NOT_CACHED)
 
 136                 acl = posix_acl_dup(*i_acl);
 
 137         spin_unlock(&inode->i_lock);
 
 143 ext4_iset_acl(struct inode *inode, struct posix_acl **i_acl,
 
 144                 struct posix_acl *acl)
 
 146         spin_lock(&inode->i_lock);
 
 147         if (*i_acl != EXT4_ACL_NOT_CACHED)
 
 148                 posix_acl_release(*i_acl);
 
 149         *i_acl = posix_acl_dup(acl);
 
 150         spin_unlock(&inode->i_lock);
 
 154  * Inode operation get_posix_acl().
 
 156  * inode->i_mutex: don't care
 
 158 static struct posix_acl *
 
 159 ext4_get_acl(struct inode *inode, int type)
 
 161         struct ext4_inode_info *ei = EXT4_I(inode);
 
 164         struct posix_acl *acl;
 
 167         if (!test_opt(inode->i_sb, POSIX_ACL))
 
 171                 case ACL_TYPE_ACCESS:
 
 172                         acl = ext4_iget_acl(inode, &ei->i_acl);
 
 173                         if (acl != EXT4_ACL_NOT_CACHED)
 
 175                         name_index = EXT4_XATTR_INDEX_POSIX_ACL_ACCESS;
 
 178                 case ACL_TYPE_DEFAULT:
 
 179                         acl = ext4_iget_acl(inode, &ei->i_default_acl);
 
 180                         if (acl != EXT4_ACL_NOT_CACHED)
 
 182                         name_index = EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT;
 
 186                         return ERR_PTR(-EINVAL);
 
 188         retval = ext4_xattr_get(inode, name_index, "", NULL, 0);
 
 190                 value = kmalloc(retval, GFP_KERNEL);
 
 192                         return ERR_PTR(-ENOMEM);
 
 193                 retval = ext4_xattr_get(inode, name_index, "", value, retval);
 
 196                 acl = ext4_acl_from_disk(value, retval);
 
 197         else if (retval == -ENODATA || retval == -ENOSYS)
 
 200                 acl = ERR_PTR(retval);
 
 205                         case ACL_TYPE_ACCESS:
 
 206                                 ext4_iset_acl(inode, &ei->i_acl, acl);
 
 209                         case ACL_TYPE_DEFAULT:
 
 210                                 ext4_iset_acl(inode, &ei->i_default_acl, acl);
 
 218  * Set the access or default ACL of an inode.
 
 220  * inode->i_mutex: down unless called from ext4_new_inode
 
 223 ext4_set_acl(handle_t *handle, struct inode *inode, int type,
 
 224              struct posix_acl *acl)
 
 226         struct ext4_inode_info *ei = EXT4_I(inode);
 
 232         if (S_ISLNK(inode->i_mode))
 
 236                 case ACL_TYPE_ACCESS:
 
 237                         name_index = EXT4_XATTR_INDEX_POSIX_ACL_ACCESS;
 
 239                                 mode_t mode = inode->i_mode;
 
 240                                 error = posix_acl_equiv_mode(acl, &mode);
 
 244                                         inode->i_mode = mode;
 
 245                                         ext4_mark_inode_dirty(handle, inode);
 
 252                 case ACL_TYPE_DEFAULT:
 
 253                         name_index = EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT;
 
 254                         if (!S_ISDIR(inode->i_mode))
 
 255                                 return acl ? -EACCES : 0;
 
 262                 value = ext4_acl_to_disk(acl, &size);
 
 264                         return (int)PTR_ERR(value);
 
 267         error = ext4_xattr_set_handle(handle, inode, name_index, "",
 
 273                         case ACL_TYPE_ACCESS:
 
 274                                 ext4_iset_acl(inode, &ei->i_acl, acl);
 
 277                         case ACL_TYPE_DEFAULT:
 
 278                                 ext4_iset_acl(inode, &ei->i_default_acl, acl);
 
 286 ext4_check_acl(struct inode *inode, int mask)
 
 288         struct posix_acl *acl = ext4_get_acl(inode, ACL_TYPE_ACCESS);
 
 293                 int error = posix_acl_permission(inode, acl, mask);
 
 294                 posix_acl_release(acl);
 
 302 ext4_permission(struct inode *inode, int mask, struct nameidata *nd)
 
 304         return generic_permission(inode, mask, ext4_check_acl);
 
 308  * Initialize the ACLs of a new inode. Called from ext4_new_inode.
 
 311  * inode->i_mutex: up (access to inode is still exclusive)
 
 314 ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir)
 
 316         struct posix_acl *acl = NULL;
 
 319         if (!S_ISLNK(inode->i_mode)) {
 
 320                 if (test_opt(dir->i_sb, POSIX_ACL)) {
 
 321                         acl = ext4_get_acl(dir, ACL_TYPE_DEFAULT);
 
 326                         inode->i_mode &= ~current->fs->umask;
 
 328         if (test_opt(inode->i_sb, POSIX_ACL) && acl) {
 
 329                 struct posix_acl *clone;
 
 332                 if (S_ISDIR(inode->i_mode)) {
 
 333                         error = ext4_set_acl(handle, inode,
 
 334                                              ACL_TYPE_DEFAULT, acl);
 
 338                 clone = posix_acl_clone(acl, GFP_KERNEL);
 
 343                 mode = inode->i_mode;
 
 344                 error = posix_acl_create_masq(clone, &mode);
 
 346                         inode->i_mode = mode;
 
 348                                 /* This is an extended ACL */
 
 349                                 error = ext4_set_acl(handle, inode,
 
 350                                                      ACL_TYPE_ACCESS, clone);
 
 353                 posix_acl_release(clone);
 
 356         posix_acl_release(acl);
 
 361  * Does chmod for an inode that may have an Access Control List. The
 
 362  * inode->i_mode field must be updated to the desired value by the caller
 
 363  * before calling this function.
 
 364  * Returns 0 on success, or a negative error number.
 
 366  * We change the ACL rather than storing some ACL entries in the file
 
 367  * mode permission bits (which would be more efficient), because that
 
 368  * would break once additional permissions (like  ACL_APPEND, ACL_DELETE
 
 369  * for directories) are added. There are no more bits available in the
 
 372  * inode->i_mutex: down
 
 375 ext4_acl_chmod(struct inode *inode)
 
 377         struct posix_acl *acl, *clone;
 
 380         if (S_ISLNK(inode->i_mode))
 
 382         if (!test_opt(inode->i_sb, POSIX_ACL))
 
 384         acl = ext4_get_acl(inode, ACL_TYPE_ACCESS);
 
 385         if (IS_ERR(acl) || !acl)
 
 387         clone = posix_acl_clone(acl, GFP_KERNEL);
 
 388         posix_acl_release(acl);
 
 391         error = posix_acl_chmod_masq(clone, inode->i_mode);
 
 397                 handle = ext4_journal_start(inode,
 
 398                                 EXT4_DATA_TRANS_BLOCKS(inode->i_sb));
 
 399                 if (IS_ERR(handle)) {
 
 400                         error = PTR_ERR(handle);
 
 401                         ext4_std_error(inode->i_sb, error);
 
 404                 error = ext4_set_acl(handle, inode, ACL_TYPE_ACCESS, clone);
 
 405                 ext4_journal_stop(handle);
 
 406                 if (error == -ENOSPC &&
 
 407                     ext4_should_retry_alloc(inode->i_sb, &retries))
 
 411         posix_acl_release(clone);
 
 416  * Extended attribute handlers
 
 419 ext4_xattr_list_acl_access(struct inode *inode, char *list, size_t list_len,
 
 420                            const char *name, size_t name_len)
 
 422         const size_t size = sizeof(POSIX_ACL_XATTR_ACCESS);
 
 424         if (!test_opt(inode->i_sb, POSIX_ACL))
 
 426         if (list && size <= list_len)
 
 427                 memcpy(list, POSIX_ACL_XATTR_ACCESS, size);
 
 432 ext4_xattr_list_acl_default(struct inode *inode, char *list, size_t list_len,
 
 433                             const char *name, size_t name_len)
 
 435         const size_t size = sizeof(POSIX_ACL_XATTR_DEFAULT);
 
 437         if (!test_opt(inode->i_sb, POSIX_ACL))
 
 439         if (list && size <= list_len)
 
 440                 memcpy(list, POSIX_ACL_XATTR_DEFAULT, size);
 
 445 ext4_xattr_get_acl(struct inode *inode, int type, void *buffer, size_t size)
 
 447         struct posix_acl *acl;
 
 450         if (!test_opt(inode->i_sb, POSIX_ACL))
 
 453         acl = ext4_get_acl(inode, type);
 
 458         error = posix_acl_to_xattr(acl, buffer, size);
 
 459         posix_acl_release(acl);
 
 465 ext4_xattr_get_acl_access(struct inode *inode, const char *name,
 
 466                           void *buffer, size_t size)
 
 468         if (strcmp(name, "") != 0)
 
 470         return ext4_xattr_get_acl(inode, ACL_TYPE_ACCESS, buffer, size);
 
 474 ext4_xattr_get_acl_default(struct inode *inode, const char *name,
 
 475                            void *buffer, size_t size)
 
 477         if (strcmp(name, "") != 0)
 
 479         return ext4_xattr_get_acl(inode, ACL_TYPE_DEFAULT, buffer, size);
 
 483 ext4_xattr_set_acl(struct inode *inode, int type, const void *value,
 
 487         struct posix_acl *acl;
 
 488         int error, retries = 0;
 
 490         if (!test_opt(inode->i_sb, POSIX_ACL))
 
 492         if (!is_owner_or_cap(inode))
 
 496                 acl = posix_acl_from_xattr(value, size);
 
 500                         error = posix_acl_valid(acl);
 
 502                                 goto release_and_out;
 
 508         handle = ext4_journal_start(inode, EXT4_DATA_TRANS_BLOCKS(inode->i_sb));
 
 510                 return PTR_ERR(handle);
 
 511         error = ext4_set_acl(handle, inode, type, acl);
 
 512         ext4_journal_stop(handle);
 
 513         if (error == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries))
 
 517         posix_acl_release(acl);
 
 522 ext4_xattr_set_acl_access(struct inode *inode, const char *name,
 
 523                           const void *value, size_t size, int flags)
 
 525         if (strcmp(name, "") != 0)
 
 527         return ext4_xattr_set_acl(inode, ACL_TYPE_ACCESS, value, size);
 
 531 ext4_xattr_set_acl_default(struct inode *inode, const char *name,
 
 532                            const void *value, size_t size, int flags)
 
 534         if (strcmp(name, "") != 0)
 
 536         return ext4_xattr_set_acl(inode, ACL_TYPE_DEFAULT, value, size);
 
 539 struct xattr_handler ext4_xattr_acl_access_handler = {
 
 540         .prefix = POSIX_ACL_XATTR_ACCESS,
 
 541         .list   = ext4_xattr_list_acl_access,
 
 542         .get    = ext4_xattr_get_acl_access,
 
 543         .set    = ext4_xattr_set_acl_access,
 
 546 struct xattr_handler ext4_xattr_acl_default_handler = {
 
 547         .prefix = POSIX_ACL_XATTR_DEFAULT,
 
 548         .list   = ext4_xattr_list_acl_default,
 
 549         .get    = ext4_xattr_get_acl_default,
 
 550         .set    = ext4_xattr_set_acl_default,