2006-10-11 01:20:50 -07:00
/*
2006-10-11 01:20:53 -07:00
* linux / fs / ext4 / acl . c
2006-10-11 01:20:50 -07:00
*
* Copyright ( C ) 2001 - 2003 Andreas Gruenbacher , < agruen @ suse . de >
*/
# include <linux/init.h>
# include <linux/sched.h>
# include <linux/slab.h>
# include <linux/capability.h>
# include <linux/fs.h>
2006-10-11 01:20:53 -07:00
# include <linux/ext4_jbd.h>
# include <linux/ext4_fs.h>
2006-10-11 01:20:50 -07:00
# include "xattr.h"
# include "acl.h"
/*
* Convert from filesystem to in - memory representation .
*/
static struct posix_acl *
2006-10-11 01:20:53 -07:00
ext4_acl_from_disk ( const void * value , size_t size )
2006-10-11 01:20:50 -07:00
{
const char * end = ( char * ) value + size ;
int n , count ;
struct posix_acl * acl ;
if ( ! value )
return NULL ;
2006-10-11 01:20:53 -07:00
if ( size < sizeof ( ext4_acl_header ) )
2006-10-11 01:20:50 -07:00
return ERR_PTR ( - EINVAL ) ;
2006-10-11 01:20:53 -07:00
if ( ( ( ext4_acl_header * ) value ) - > a_version ! =
cpu_to_le32 ( EXT4_ACL_VERSION ) )
2006-10-11 01:20:50 -07:00
return ERR_PTR ( - EINVAL ) ;
2006-10-11 01:20:53 -07:00
value = ( char * ) value + sizeof ( ext4_acl_header ) ;
count = ext4_acl_count ( size ) ;
2006-10-11 01:20:50 -07:00
if ( count < 0 )
return ERR_PTR ( - EINVAL ) ;
if ( count = = 0 )
return NULL ;
acl = posix_acl_alloc ( count , GFP_KERNEL ) ;
if ( ! acl )
return ERR_PTR ( - ENOMEM ) ;
for ( n = 0 ; n < count ; n + + ) {
2006-10-11 01:20:53 -07:00
ext4_acl_entry * entry =
( ext4_acl_entry * ) value ;
if ( ( char * ) value + sizeof ( ext4_acl_entry_short ) > end )
2006-10-11 01:20:50 -07:00
goto fail ;
acl - > a_entries [ n ] . e_tag = le16_to_cpu ( entry - > e_tag ) ;
acl - > a_entries [ n ] . e_perm = le16_to_cpu ( entry - > e_perm ) ;
switch ( acl - > a_entries [ n ] . e_tag ) {
case ACL_USER_OBJ :
case ACL_GROUP_OBJ :
case ACL_MASK :
case ACL_OTHER :
value = ( char * ) value +
2006-10-11 01:20:53 -07:00
sizeof ( ext4_acl_entry_short ) ;
2006-10-11 01:20:50 -07:00
acl - > a_entries [ n ] . e_id = ACL_UNDEFINED_ID ;
break ;
case ACL_USER :
case ACL_GROUP :
2006-10-11 01:20:53 -07:00
value = ( char * ) value + sizeof ( ext4_acl_entry ) ;
2006-10-11 01:20:50 -07:00
if ( ( char * ) value > end )
goto fail ;
acl - > a_entries [ n ] . e_id =
le32_to_cpu ( entry - > e_id ) ;
break ;
default :
goto fail ;
}
}
if ( value ! = end )
goto fail ;
return acl ;
fail :
posix_acl_release ( acl ) ;
return ERR_PTR ( - EINVAL ) ;
}
/*
* Convert from in - memory to filesystem representation .
*/
static void *
2006-10-11 01:20:53 -07:00
ext4_acl_to_disk ( const struct posix_acl * acl , size_t * size )
2006-10-11 01:20:50 -07:00
{
2006-10-11 01:20:53 -07:00
ext4_acl_header * ext_acl ;
2006-10-11 01:20:50 -07:00
char * e ;
size_t n ;
2006-10-11 01:20:53 -07:00
* size = ext4_acl_size ( acl - > a_count ) ;
ext_acl = kmalloc ( sizeof ( ext4_acl_header ) + acl - > a_count *
sizeof ( ext4_acl_entry ) , GFP_KERNEL ) ;
2006-10-11 01:20:50 -07:00
if ( ! ext_acl )
return ERR_PTR ( - ENOMEM ) ;
2006-10-11 01:20:53 -07:00
ext_acl - > a_version = cpu_to_le32 ( EXT4_ACL_VERSION ) ;
e = ( char * ) ext_acl + sizeof ( ext4_acl_header ) ;
2006-10-11 01:20:50 -07:00
for ( n = 0 ; n < acl - > a_count ; n + + ) {
2006-10-11 01:20:53 -07:00
ext4_acl_entry * entry = ( ext4_acl_entry * ) e ;
2006-10-11 01:20:50 -07:00
entry - > e_tag = cpu_to_le16 ( acl - > a_entries [ n ] . e_tag ) ;
entry - > e_perm = cpu_to_le16 ( acl - > a_entries [ n ] . e_perm ) ;
switch ( acl - > a_entries [ n ] . e_tag ) {
case ACL_USER :
case ACL_GROUP :
entry - > e_id =
cpu_to_le32 ( acl - > a_entries [ n ] . e_id ) ;
2006-10-11 01:20:53 -07:00
e + = sizeof ( ext4_acl_entry ) ;
2006-10-11 01:20:50 -07:00
break ;
case ACL_USER_OBJ :
case ACL_GROUP_OBJ :
case ACL_MASK :
case ACL_OTHER :
2006-10-11 01:20:53 -07:00
e + = sizeof ( ext4_acl_entry_short ) ;
2006-10-11 01:20:50 -07:00
break ;
default :
goto fail ;
}
}
return ( char * ) ext_acl ;
fail :
kfree ( ext_acl ) ;
return ERR_PTR ( - EINVAL ) ;
}
static inline struct posix_acl *
2006-10-11 01:20:53 -07:00
ext4_iget_acl ( struct inode * inode , struct posix_acl * * i_acl )
2006-10-11 01:20:50 -07:00
{
2006-10-11 01:20:53 -07:00
struct posix_acl * acl = EXT4_ACL_NOT_CACHED ;
2006-10-11 01:20:50 -07:00
spin_lock ( & inode - > i_lock ) ;
2006-10-11 01:20:53 -07:00
if ( * i_acl ! = EXT4_ACL_NOT_CACHED )
2006-10-11 01:20:50 -07:00
acl = posix_acl_dup ( * i_acl ) ;
spin_unlock ( & inode - > i_lock ) ;
return acl ;
}
static inline void
2006-10-11 01:20:53 -07:00
ext4_iset_acl ( struct inode * inode , struct posix_acl * * i_acl ,
2006-10-11 01:20:50 -07:00
struct posix_acl * acl )
{
spin_lock ( & inode - > i_lock ) ;
2006-10-11 01:20:53 -07:00
if ( * i_acl ! = EXT4_ACL_NOT_CACHED )
2006-10-11 01:20:50 -07:00
posix_acl_release ( * i_acl ) ;
* i_acl = posix_acl_dup ( acl ) ;
spin_unlock ( & inode - > i_lock ) ;
}
/*
* Inode operation get_posix_acl ( ) .
*
* inode - > i_mutex : don ' t care
*/
static struct posix_acl *
2006-10-11 01:20:53 -07:00
ext4_get_acl ( struct inode * inode , int type )
2006-10-11 01:20:50 -07:00
{
2006-10-11 01:20:53 -07:00
struct ext4_inode_info * ei = EXT4_I ( inode ) ;
2006-10-11 01:20:50 -07:00
int name_index ;
char * value = NULL ;
struct posix_acl * acl ;
int retval ;
if ( ! test_opt ( inode - > i_sb , POSIX_ACL ) )
return NULL ;
switch ( type ) {
case ACL_TYPE_ACCESS :
2006-10-11 01:20:53 -07:00
acl = ext4_iget_acl ( inode , & ei - > i_acl ) ;
if ( acl ! = EXT4_ACL_NOT_CACHED )
2006-10-11 01:20:50 -07:00
return acl ;
2006-10-11 01:20:53 -07:00
name_index = EXT4_XATTR_INDEX_POSIX_ACL_ACCESS ;
2006-10-11 01:20:50 -07:00
break ;
case ACL_TYPE_DEFAULT :
2006-10-11 01:20:53 -07:00
acl = ext4_iget_acl ( inode , & ei - > i_default_acl ) ;
if ( acl ! = EXT4_ACL_NOT_CACHED )
2006-10-11 01:20:50 -07:00
return acl ;
2006-10-11 01:20:53 -07:00
name_index = EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT ;
2006-10-11 01:20:50 -07:00
break ;
default :
return ERR_PTR ( - EINVAL ) ;
}
2006-10-11 01:20:53 -07:00
retval = ext4_xattr_get ( inode , name_index , " " , NULL , 0 ) ;
2006-10-11 01:20:50 -07:00
if ( retval > 0 ) {
value = kmalloc ( retval , GFP_KERNEL ) ;
if ( ! value )
return ERR_PTR ( - ENOMEM ) ;
2006-10-11 01:20:53 -07:00
retval = ext4_xattr_get ( inode , name_index , " " , value , retval ) ;
2006-10-11 01:20:50 -07:00
}
if ( retval > 0 )
2006-10-11 01:20:53 -07:00
acl = ext4_acl_from_disk ( value , retval ) ;
2006-10-11 01:20:50 -07:00
else if ( retval = = - ENODATA | | retval = = - ENOSYS )
acl = NULL ;
else
acl = ERR_PTR ( retval ) ;
kfree ( value ) ;
if ( ! IS_ERR ( acl ) ) {
switch ( type ) {
case ACL_TYPE_ACCESS :
2006-10-11 01:20:53 -07:00
ext4_iset_acl ( inode , & ei - > i_acl , acl ) ;
2006-10-11 01:20:50 -07:00
break ;
case ACL_TYPE_DEFAULT :
2006-10-11 01:20:53 -07:00
ext4_iset_acl ( inode , & ei - > i_default_acl , acl ) ;
2006-10-11 01:20:50 -07:00
break ;
}
}
return acl ;
}
/*
* Set the access or default ACL of an inode .
*
2006-10-11 01:20:53 -07:00
* inode - > i_mutex : down unless called from ext4_new_inode
2006-10-11 01:20:50 -07:00
*/
static int
2006-10-11 01:20:53 -07:00
ext4_set_acl ( handle_t * handle , struct inode * inode , int type ,
2006-10-11 01:20:50 -07:00
struct posix_acl * acl )
{
2006-10-11 01:20:53 -07:00
struct ext4_inode_info * ei = EXT4_I ( inode ) ;
2006-10-11 01:20:50 -07:00
int name_index ;
void * value = NULL ;
size_t size = 0 ;
int error ;
if ( S_ISLNK ( inode - > i_mode ) )
return - EOPNOTSUPP ;
switch ( type ) {
case ACL_TYPE_ACCESS :
2006-10-11 01:20:53 -07:00
name_index = EXT4_XATTR_INDEX_POSIX_ACL_ACCESS ;
2006-10-11 01:20:50 -07:00
if ( acl ) {
mode_t mode = inode - > i_mode ;
error = posix_acl_equiv_mode ( acl , & mode ) ;
if ( error < 0 )
return error ;
else {
inode - > i_mode = mode ;
2006-10-11 01:20:53 -07:00
ext4_mark_inode_dirty ( handle , inode ) ;
2006-10-11 01:20:50 -07:00
if ( error = = 0 )
acl = NULL ;
}
}
break ;
case ACL_TYPE_DEFAULT :
2006-10-11 01:20:53 -07:00
name_index = EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT ;
2006-10-11 01:20:50 -07:00
if ( ! S_ISDIR ( inode - > i_mode ) )
return acl ? - EACCES : 0 ;
break ;
default :
return - EINVAL ;
}
if ( acl ) {
2006-10-11 01:20:53 -07:00
value = ext4_acl_to_disk ( acl , & size ) ;
2006-10-11 01:20:50 -07:00
if ( IS_ERR ( value ) )
return ( int ) PTR_ERR ( value ) ;
}
2006-10-11 01:20:53 -07:00
error = ext4_xattr_set_handle ( handle , inode , name_index , " " ,
2006-10-11 01:20:50 -07:00
value , size , 0 ) ;
kfree ( value ) ;
if ( ! error ) {
switch ( type ) {
case ACL_TYPE_ACCESS :
2006-10-11 01:20:53 -07:00
ext4_iset_acl ( inode , & ei - > i_acl , acl ) ;
2006-10-11 01:20:50 -07:00
break ;
case ACL_TYPE_DEFAULT :
2006-10-11 01:20:53 -07:00
ext4_iset_acl ( inode , & ei - > i_default_acl , acl ) ;
2006-10-11 01:20:50 -07:00
break ;
}
}
return error ;
}
static int
2006-10-11 01:20:53 -07:00
ext4_check_acl ( struct inode * inode , int mask )
2006-10-11 01:20:50 -07:00
{
2006-10-11 01:20:53 -07:00
struct posix_acl * acl = ext4_get_acl ( inode , ACL_TYPE_ACCESS ) ;
2006-10-11 01:20:50 -07:00
if ( IS_ERR ( acl ) )
return PTR_ERR ( acl ) ;
if ( acl ) {
int error = posix_acl_permission ( inode , acl , mask ) ;
posix_acl_release ( acl ) ;
return error ;
}
return - EAGAIN ;
}
int
2006-10-11 01:20:53 -07:00
ext4_permission ( struct inode * inode , int mask , struct nameidata * nd )
2006-10-11 01:20:50 -07:00
{
2006-10-11 01:20:53 -07:00
return generic_permission ( inode , mask , ext4_check_acl ) ;
2006-10-11 01:20:50 -07:00
}
/*
2006-10-11 01:20:53 -07:00
* Initialize the ACLs of a new inode . Called from ext4_new_inode .
2006-10-11 01:20:50 -07:00
*
* dir - > i_mutex : down
* inode - > i_mutex : up ( access to inode is still exclusive )
*/
int
2006-10-11 01:20:53 -07:00
ext4_init_acl ( handle_t * handle , struct inode * inode , struct inode * dir )
2006-10-11 01:20:50 -07:00
{
struct posix_acl * acl = NULL ;
int error = 0 ;
if ( ! S_ISLNK ( inode - > i_mode ) ) {
if ( test_opt ( dir - > i_sb , POSIX_ACL ) ) {
2006-10-11 01:20:53 -07:00
acl = ext4_get_acl ( dir , ACL_TYPE_DEFAULT ) ;
2006-10-11 01:20:50 -07:00
if ( IS_ERR ( acl ) )
return PTR_ERR ( acl ) ;
}
if ( ! acl )
inode - > i_mode & = ~ current - > fs - > umask ;
}
if ( test_opt ( inode - > i_sb , POSIX_ACL ) & & acl ) {
struct posix_acl * clone ;
mode_t mode ;
if ( S_ISDIR ( inode - > i_mode ) ) {
2006-10-11 01:20:53 -07:00
error = ext4_set_acl ( handle , inode ,
2006-10-11 01:20:50 -07:00
ACL_TYPE_DEFAULT , acl ) ;
if ( error )
goto cleanup ;
}
clone = posix_acl_clone ( acl , GFP_KERNEL ) ;
error = - ENOMEM ;
if ( ! clone )
goto cleanup ;
mode = inode - > i_mode ;
error = posix_acl_create_masq ( clone , & mode ) ;
if ( error > = 0 ) {
inode - > i_mode = mode ;
if ( error > 0 ) {
/* This is an extended ACL */
2006-10-11 01:20:53 -07:00
error = ext4_set_acl ( handle , inode ,
2006-10-11 01:20:50 -07:00
ACL_TYPE_ACCESS , clone ) ;
}
}
posix_acl_release ( clone ) ;
}
cleanup :
posix_acl_release ( acl ) ;
return error ;
}
/*
* Does chmod for an inode that may have an Access Control List . The
* inode - > i_mode field must be updated to the desired value by the caller
* before calling this function .
* Returns 0 on success , or a negative error number .
*
* We change the ACL rather than storing some ACL entries in the file
* mode permission bits ( which would be more efficient ) , because that
* would break once additional permissions ( like ACL_APPEND , ACL_DELETE
* for directories ) are added . There are no more bits available in the
* file mode .
*
* inode - > i_mutex : down
*/
int
2006-10-11 01:20:53 -07:00
ext4_acl_chmod ( struct inode * inode )
2006-10-11 01:20:50 -07:00
{
struct posix_acl * acl , * clone ;
int error ;
if ( S_ISLNK ( inode - > i_mode ) )
return - EOPNOTSUPP ;
if ( ! test_opt ( inode - > i_sb , POSIX_ACL ) )
return 0 ;
2006-10-11 01:20:53 -07:00
acl = ext4_get_acl ( inode , ACL_TYPE_ACCESS ) ;
2006-10-11 01:20:50 -07:00
if ( IS_ERR ( acl ) | | ! acl )
return PTR_ERR ( acl ) ;
clone = posix_acl_clone ( acl , GFP_KERNEL ) ;
posix_acl_release ( acl ) ;
if ( ! clone )
return - ENOMEM ;
error = posix_acl_chmod_masq ( clone , inode - > i_mode ) ;
if ( ! error ) {
handle_t * handle ;
int retries = 0 ;
retry :
2006-10-11 01:20:53 -07:00
handle = ext4_journal_start ( inode ,
EXT4_DATA_TRANS_BLOCKS ( inode - > i_sb ) ) ;
2006-10-11 01:20:50 -07:00
if ( IS_ERR ( handle ) ) {
error = PTR_ERR ( handle ) ;
2006-10-11 01:20:53 -07:00
ext4_std_error ( inode - > i_sb , error ) ;
2006-10-11 01:20:50 -07:00
goto out ;
}
2006-10-11 01:20:53 -07:00
error = ext4_set_acl ( handle , inode , ACL_TYPE_ACCESS , clone ) ;
ext4_journal_stop ( handle ) ;
2006-10-11 01:20:50 -07:00
if ( error = = - ENOSPC & &
2006-10-11 01:20:53 -07:00
ext4_should_retry_alloc ( inode - > i_sb , & retries ) )
2006-10-11 01:20:50 -07:00
goto retry ;
}
out :
posix_acl_release ( clone ) ;
return error ;
}
/*
* Extended attribute handlers
*/
static size_t
2006-10-11 01:20:53 -07:00
ext4_xattr_list_acl_access ( struct inode * inode , char * list , size_t list_len ,
2006-10-11 01:20:50 -07:00
const char * name , size_t name_len )
{
const size_t size = sizeof ( POSIX_ACL_XATTR_ACCESS ) ;
if ( ! test_opt ( inode - > i_sb , POSIX_ACL ) )
return 0 ;
if ( list & & size < = list_len )
memcpy ( list , POSIX_ACL_XATTR_ACCESS , size ) ;
return size ;
}
static size_t
2006-10-11 01:20:53 -07:00
ext4_xattr_list_acl_default ( struct inode * inode , char * list , size_t list_len ,
2006-10-11 01:20:50 -07:00
const char * name , size_t name_len )
{
const size_t size = sizeof ( POSIX_ACL_XATTR_DEFAULT ) ;
if ( ! test_opt ( inode - > i_sb , POSIX_ACL ) )
return 0 ;
if ( list & & size < = list_len )
memcpy ( list , POSIX_ACL_XATTR_DEFAULT , size ) ;
return size ;
}
static int
2006-10-11 01:20:53 -07:00
ext4_xattr_get_acl ( struct inode * inode , int type , void * buffer , size_t size )
2006-10-11 01:20:50 -07:00
{
struct posix_acl * acl ;
int error ;
if ( ! test_opt ( inode - > i_sb , POSIX_ACL ) )
return - EOPNOTSUPP ;
2006-10-11 01:20:53 -07:00
acl = ext4_get_acl ( inode , type ) ;
2006-10-11 01:20:50 -07:00
if ( IS_ERR ( acl ) )
return PTR_ERR ( acl ) ;
if ( acl = = NULL )
return - ENODATA ;
error = posix_acl_to_xattr ( acl , buffer , size ) ;
posix_acl_release ( acl ) ;
return error ;
}
static int
2006-10-11 01:20:53 -07:00
ext4_xattr_get_acl_access ( struct inode * inode , const char * name ,
2006-10-11 01:20:50 -07:00
void * buffer , size_t size )
{
if ( strcmp ( name , " " ) ! = 0 )
return - EINVAL ;
2006-10-11 01:20:53 -07:00
return ext4_xattr_get_acl ( inode , ACL_TYPE_ACCESS , buffer , size ) ;
2006-10-11 01:20:50 -07:00
}
static int
2006-10-11 01:20:53 -07:00
ext4_xattr_get_acl_default ( struct inode * inode , const char * name ,
2006-10-11 01:20:50 -07:00
void * buffer , size_t size )
{
if ( strcmp ( name , " " ) ! = 0 )
return - EINVAL ;
2006-10-11 01:20:53 -07:00
return ext4_xattr_get_acl ( inode , ACL_TYPE_DEFAULT , buffer , size ) ;
2006-10-11 01:20:50 -07:00
}
static int
2006-10-11 01:20:53 -07:00
ext4_xattr_set_acl ( struct inode * inode , int type , const void * value ,
2006-10-11 01:20:50 -07:00
size_t size )
{
handle_t * handle ;
struct posix_acl * acl ;
int error , retries = 0 ;
if ( ! test_opt ( inode - > i_sb , POSIX_ACL ) )
return - EOPNOTSUPP ;
if ( ( current - > fsuid ! = inode - > i_uid ) & & ! capable ( CAP_FOWNER ) )
return - EPERM ;
if ( value ) {
acl = posix_acl_from_xattr ( value , size ) ;
if ( IS_ERR ( acl ) )
return PTR_ERR ( acl ) ;
else if ( acl ) {
error = posix_acl_valid ( acl ) ;
if ( error )
goto release_and_out ;
}
} else
acl = NULL ;
retry :
2006-10-11 01:20:53 -07:00
handle = ext4_journal_start ( inode , EXT4_DATA_TRANS_BLOCKS ( inode - > i_sb ) ) ;
2006-10-11 01:20:50 -07:00
if ( IS_ERR ( handle ) )
return PTR_ERR ( handle ) ;
2006-10-11 01:20:53 -07:00
error = ext4_set_acl ( handle , inode , type , acl ) ;
ext4_journal_stop ( handle ) ;
if ( error = = - ENOSPC & & ext4_should_retry_alloc ( inode - > i_sb , & retries ) )
2006-10-11 01:20:50 -07:00
goto retry ;
release_and_out :
posix_acl_release ( acl ) ;
return error ;
}
static int
2006-10-11 01:20:53 -07:00
ext4_xattr_set_acl_access ( struct inode * inode , const char * name ,
2006-10-11 01:20:50 -07:00
const void * value , size_t size , int flags )
{
if ( strcmp ( name , " " ) ! = 0 )
return - EINVAL ;
2006-10-11 01:20:53 -07:00
return ext4_xattr_set_acl ( inode , ACL_TYPE_ACCESS , value , size ) ;
2006-10-11 01:20:50 -07:00
}
static int
2006-10-11 01:20:53 -07:00
ext4_xattr_set_acl_default ( struct inode * inode , const char * name ,
2006-10-11 01:20:50 -07:00
const void * value , size_t size , int flags )
{
if ( strcmp ( name , " " ) ! = 0 )
return - EINVAL ;
2006-10-11 01:20:53 -07:00
return ext4_xattr_set_acl ( inode , ACL_TYPE_DEFAULT , value , size ) ;
2006-10-11 01:20:50 -07:00
}
2006-10-11 01:20:53 -07:00
struct xattr_handler ext4_xattr_acl_access_handler = {
2006-10-11 01:20:50 -07:00
. prefix = POSIX_ACL_XATTR_ACCESS ,
2006-10-11 01:20:53 -07:00
. list = ext4_xattr_list_acl_access ,
. get = ext4_xattr_get_acl_access ,
. set = ext4_xattr_set_acl_access ,
2006-10-11 01:20:50 -07:00
} ;
2006-10-11 01:20:53 -07:00
struct xattr_handler ext4_xattr_acl_default_handler = {
2006-10-11 01:20:50 -07:00
. prefix = POSIX_ACL_XATTR_DEFAULT ,
2006-10-11 01:20:53 -07:00
. list = ext4_xattr_list_acl_default ,
. get = ext4_xattr_get_acl_default ,
. set = ext4_xattr_set_acl_default ,
2006-10-11 01:20:50 -07:00
} ;