LXR linux/fs/ubifs/xattr.c

   1// SPDX-License-Identifier: GPL-2.0-only
   2/*
   3 * This file is part of UBIFS.
   4 *
   5 * Copyright (C) 2006-2008 Nokia Corporation.
   6 *
   7 * Authors: Artem Bityutskiy (Битюцкий Артём)
   8 *          Adrian Hunter
   9 */
  10
  11/*
  12 * This file implements UBIFS extended attributes support.
  13 *
  14 * Extended attributes are implemented as regular inodes with attached data,
  15 * which limits extended attribute size to UBIFS block size (4KiB). Names of
  16 * extended attributes are described by extended attribute entries (xentries),
  17 * which are almost identical to directory entries, but have different key type.
  18 *
  19 * In other words, the situation with extended attributes is very similar to
  20 * directories. Indeed, any inode (but of course not xattr inodes) may have a
  21 * number of associated xentries, just like directory inodes have associated
  22 * directory entries. Extended attribute entries store the name of the extended
  23 * attribute, the host inode number, and the extended attribute inode number.
  24 * Similarly, direntries store the name, the parent and the target inode
  25 * numbers. Thus, most of the common UBIFS mechanisms may be re-used for
  26 * extended attributes.
  27 *
  28 * The number of extended attributes is not limited, but there is Linux
  29 * limitation on the maximum possible size of the list of all extended
  30 * attributes associated with an inode (%XATTR_LIST_MAX), so UBIFS makes sure
  31 * the sum of all extended attribute names of the inode does not exceed that
  32 * limit.
  33 *
  34 * Extended attributes are synchronous, which means they are written to the
  35 * flash media synchronously and there is no write-back for extended attribute
  36 * inodes. The extended attribute values are not stored in compressed form on
  37 * the media.
  38 *
  39 * Since extended attributes are represented by regular inodes, they are cached
  40 * in the VFS inode cache. The xentries are cached in the LNC cache (see
  41 * tnc.c).
  42 *
  43 * ACL support is not implemented.
  44 */
  45
  46#include "ubifs.h"
  47#include <linux/fs.h>
  48#include <linux/slab.h>
  49#include <linux/xattr.h>
  50
  51/*
  52 * Extended attribute type constants.
  53 *
  54 * USER_XATTR: user extended attribute ("user.*")
  55 * TRUSTED_XATTR: trusted extended attribute ("trusted.*)
  56 * SECURITY_XATTR: security extended attribute ("security.*")
  57 */
  58enum {
  59        USER_XATTR,
  60        TRUSTED_XATTR,
  61        SECURITY_XATTR,
  62};
  63
  64static const struct inode_operations empty_iops;
  65static const struct file_operations empty_fops;
  66
  67/**
  68 * create_xattr - create an extended attribute.
  69 * @c: UBIFS file-system description object
  70 * @host: host inode
  71 * @nm: extended attribute name
  72 * @value: extended attribute value
  73 * @size: size of extended attribute value
  74 *
  75 * This is a helper function which creates an extended attribute of name @nm
  76 * and value @value for inode @host. The host inode is also updated on flash
  77 * because the ctime and extended attribute accounting data changes. This
  78 * function returns zero in case of success and a negative error code in case
  79 * of failure.
  80 */
  81static int create_xattr(struct ubifs_info *c, struct inode *host,
  82                        const struct fscrypt_name *nm, const void *value, int size)
  83{
  84        int err, names_len;
  85        struct inode *inode;
  86        struct ubifs_inode *ui, *host_ui = ubifs_inode(host);
  87        struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
  88                                .new_ino_d = ALIGN(size, 8), .dirtied_ino = 1,
  89                                .dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
  90
  91        if (host_ui->xattr_cnt >= ubifs_xattr_max_cnt(c)) {
  92                ubifs_err(c, "inode %lu already has too many xattrs (%d), cannot create more",
  93                          host->i_ino, host_ui->xattr_cnt);
  94                return -ENOSPC;
  95        }
  96        /*
  97         * Linux limits the maximum size of the extended attribute names list
  98         * to %XATTR_LIST_MAX. This means we should not allow creating more
  99         * extended attributes if the name list becomes larger. This limitation
 100         * is artificial for UBIFS, though.
 101         */
 102        names_len = host_ui->xattr_names + host_ui->xattr_cnt + fname_len(nm) + 1;
 103        if (names_len > XATTR_LIST_MAX) {
 104                ubifs_err(c, "cannot add one more xattr name to inode %lu, total names length would become %d, max. is %d",
 105                          host->i_ino, names_len, XATTR_LIST_MAX);
 106                return -ENOSPC;
 107        }
 108
 109        err = ubifs_budget_space(c, &req);
 110        if (err)
 111                return err;
 112
 113        inode = ubifs_new_inode(c, host, S_IFREG | S_IRWXUGO);
 114        if (IS_ERR(inode)) {
 115                err = PTR_ERR(inode);
 116                goto out_budg;
 117        }
 118
 119        /* Re-define all operations to be "nothing" */
 120        inode->i_mapping->a_ops = &empty_aops;
 121        inode->i_op = &empty_iops;
 122        inode->i_fop = &empty_fops;
 123
 124        inode->i_flags |= S_SYNC | S_NOATIME | S_NOCMTIME;
 125        ui = ubifs_inode(inode);
 126        ui->xattr = 1;
 127        ui->flags |= UBIFS_XATTR_FL;
 128        ui->data = kmemdup(value, size, GFP_NOFS);
 129        if (!ui->data) {
 130                err = -ENOMEM;
 131                goto out_free;
 132        }
 133        inode->i_size = ui->ui_size = size;
 134        ui->data_len = size;
 135
 136        mutex_lock(&host_ui->ui_mutex);
 137        host->i_ctime = current_time(host);
 138        host_ui->xattr_cnt += 1;
 139        host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
 140        host_ui->xattr_size += CALC_XATTR_BYTES(size);
 141        host_ui->xattr_names += fname_len(nm);
 142
 143        /*
 144         * We handle UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT here because we
 145         * have to set the UBIFS_CRYPT_FL flag on the host inode.
 146         * To avoid multiple updates of the same inode in the same operation,
 147         * let's do it here.
 148         */
 149        if (strcmp(fname_name(nm), UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
 150                host_ui->flags |= UBIFS_CRYPT_FL;
 151
 152        err = ubifs_jnl_update(c, host, nm, inode, 0, 1);
 153        if (err)
 154                goto out_cancel;
 155        ubifs_set_inode_flags(host);
 156        mutex_unlock(&host_ui->ui_mutex);
 157
 158        ubifs_release_budget(c, &req);
 159        insert_inode_hash(inode);
 160        iput(inode);
 161        return 0;
 162
 163out_cancel:
 164        host_ui->xattr_cnt -= 1;
 165        host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
 166        host_ui->xattr_size -= CALC_XATTR_BYTES(size);
 167        host_ui->xattr_names -= fname_len(nm);
 168        host_ui->flags &= ~UBIFS_CRYPT_FL;
 169        mutex_unlock(&host_ui->ui_mutex);
 170out_free:
 171        make_bad_inode(inode);
 172        iput(inode);
 173out_budg:
 174        ubifs_release_budget(c, &req);
 175        return err;
 176}
 177
 178/**
 179 * change_xattr - change an extended attribute.
 180 * @c: UBIFS file-system description object
 181 * @host: host inode
 182 * @inode: extended attribute inode
 183 * @value: extended attribute value
 184 * @size: size of extended attribute value
 185 *
 186 * This helper function changes the value of extended attribute @inode with new
 187 * data from @value. Returns zero in case of success and a negative error code
 188 * in case of failure.
 189 */
 190static int change_xattr(struct ubifs_info *c, struct inode *host,
 191                        struct inode *inode, const void *value, int size)
 192{
 193        int err;
 194        struct ubifs_inode *host_ui = ubifs_inode(host);
 195        struct ubifs_inode *ui = ubifs_inode(inode);
 196        void *buf = NULL;
 197        int old_size;
 198        struct ubifs_budget_req req = { .dirtied_ino = 2,
 199                .dirtied_ino_d = ALIGN(size, 8) + ALIGN(host_ui->data_len, 8) };
 200
 201        ubifs_assert(c, ui->data_len == inode->i_size);
 202        err = ubifs_budget_space(c, &req);
 203        if (err)
 204                return err;
 205
 206        buf = kmemdup(value, size, GFP_NOFS);
 207        if (!buf) {
 208                err = -ENOMEM;
 209                goto out_free;
 210        }
 211        mutex_lock(&ui->ui_mutex);
 212        kfree(ui->data);
 213        ui->data = buf;
 214        inode->i_size = ui->ui_size = size;
 215        old_size = ui->data_len;
 216        ui->data_len = size;
 217        mutex_unlock(&ui->ui_mutex);
 218
 219        mutex_lock(&host_ui->ui_mutex);
 220        host->i_ctime = current_time(host);
 221        host_ui->xattr_size -= CALC_XATTR_BYTES(old_size);
 222        host_ui->xattr_size += CALC_XATTR_BYTES(size);
 223
 224        /*
 225         * It is important to write the host inode after the xattr inode
 226         * because if the host inode gets synchronized (via 'fsync()'), then
 227         * the extended attribute inode gets synchronized, because it goes
 228         * before the host inode in the write-buffer.
 229         */
 230        err = ubifs_jnl_change_xattr(c, inode, host);
 231        if (err)
 232                goto out_cancel;
 233        mutex_unlock(&host_ui->ui_mutex);
 234
 235        ubifs_release_budget(c, &req);
 236        return 0;
 237
 238out_cancel:
 239        host_ui->xattr_size -= CALC_XATTR_BYTES(size);
 240        host_ui->xattr_size += CALC_XATTR_BYTES(old_size);
 241        mutex_unlock(&host_ui->ui_mutex);
 242        make_bad_inode(inode);
 243out_free:
 244        ubifs_release_budget(c, &req);
 245        return err;
 246}
 247
 248static struct inode *iget_xattr(struct ubifs_info *c, ino_t inum)
 249{
 250        struct inode *inode;
 251
 252        inode = ubifs_iget(c->vfs_sb, inum);
 253        if (IS_ERR(inode)) {
 254                ubifs_err(c, "dead extended attribute entry, error %d",
 255                          (int)PTR_ERR(inode));
 256                return inode;
 257        }
 258        if (ubifs_inode(inode)->xattr)
 259                return inode;
 260        ubifs_err(c, "corrupt extended attribute entry");
 261        iput(inode);
 262        return ERR_PTR(-EINVAL);
 263}
 264
 265int ubifs_xattr_set(struct inode *host, const char *name, const void *value,
 266                    size_t size, int flags, bool check_lock)
 267{
 268        struct inode *inode;
 269        struct ubifs_info *c = host->i_sb->s_fs_info;
 270        struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
 271        struct ubifs_dent_node *xent;
 272        union ubifs_key key;
 273        int err;
 274
 275        if (check_lock)
 276                ubifs_assert(c, inode_is_locked(host));
 277
 278        if (size > UBIFS_MAX_INO_DATA)
 279                return -ERANGE;
 280
 281        if (fname_len(&nm) > UBIFS_MAX_NLEN)
 282                return -ENAMETOOLONG;
 283
 284        xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
 285        if (!xent)
 286                return -ENOMEM;
 287
 288        /*
 289         * The extended attribute entries are stored in LNC, so multiple
 290         * look-ups do not involve reading the flash.
 291         */
 292        xent_key_init(c, &key, host->i_ino, &nm);
 293        err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
 294        if (err) {
 295                if (err != -ENOENT)
 296                        goto out_free;
 297
 298                if (flags & XATTR_REPLACE)
 299                        /* We are asked not to create the xattr */
 300                        err = -ENODATA;
 301                else
 302                        err = create_xattr(c, host, &nm, value, size);
 303                goto out_free;
 304        }
 305
 306        if (flags & XATTR_CREATE) {
 307                /* We are asked not to replace the xattr */
 308                err = -EEXIST;
 309                goto out_free;
 310        }
 311
 312        inode = iget_xattr(c, le64_to_cpu(xent->inum));
 313        if (IS_ERR(inode)) {
 314                err = PTR_ERR(inode);
 315                goto out_free;
 316        }
 317
 318        err = change_xattr(c, host, inode, value, size);
 319        iput(inode);
 320
 321out_free:
 322        kfree(xent);
 323        return err;
 324}
 325
 326ssize_t ubifs_xattr_get(struct inode *host, const char *name, void *buf,
 327                        size_t size)
 328{
 329        struct inode *inode;
 330        struct ubifs_info *c = host->i_sb->s_fs_info;
 331        struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
 332        struct ubifs_inode *ui;
 333        struct ubifs_dent_node *xent;
 334        union ubifs_key key;
 335        int err;
 336
 337        if (fname_len(&nm) > UBIFS_MAX_NLEN)
 338                return -ENAMETOOLONG;
 339
 340        xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
 341        if (!xent)
 342                return -ENOMEM;
 343
 344        xent_key_init(c, &key, host->i_ino, &nm);
 345        err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
 346        if (err) {
 347                if (err == -ENOENT)
 348                        err = -ENODATA;
 349                goto out_unlock;
 350        }
 351
 352        inode = iget_xattr(c, le64_to_cpu(xent->inum));
 353        if (IS_ERR(inode)) {
 354                err = PTR_ERR(inode);
 355                goto out_unlock;
 356        }
 357
 358        ui = ubifs_inode(inode);
 359        ubifs_assert(c, inode->i_size == ui->data_len);
 360        ubifs_assert(c, ubifs_inode(host)->xattr_size > ui->data_len);
 361
 362        mutex_lock(&ui->ui_mutex);
 363        if (buf) {
 364                /* If @buf is %NULL we are supposed to return the length */
 365                if (ui->data_len > size) {
 366                        err = -ERANGE;
 367                        goto out_iput;
 368                }
 369
 370                memcpy(buf, ui->data, ui->data_len);
 371        }
 372        err = ui->data_len;
 373
 374out_iput:
 375        mutex_unlock(&ui->ui_mutex);
 376        iput(inode);
 377out_unlock:
 378        kfree(xent);
 379        return err;
 380}
 381
 382static bool xattr_visible(const char *name)
 383{
 384        /* File encryption related xattrs are for internal use only */
 385        if (strcmp(name, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
 386                return false;
 387
 388        /* Show trusted namespace only for "power" users */
 389        if (strncmp(name, XATTR_TRUSTED_PREFIX,
 390                    XATTR_TRUSTED_PREFIX_LEN) == 0 && !capable(CAP_SYS_ADMIN))
 391                return false;
 392
 393        return true;
 394}
 395
 396ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size)
 397{
 398        union ubifs_key key;
 399        struct inode *host = d_inode(dentry);
 400        struct ubifs_info *c = host->i_sb->s_fs_info;
 401        struct ubifs_inode *host_ui = ubifs_inode(host);
 402        struct ubifs_dent_node *xent, *pxent = NULL;
 403        int err, len, written = 0;
 404        struct fscrypt_name nm = {0};
 405
 406        dbg_gen("ino %lu ('%pd'), buffer size %zd", host->i_ino,
 407                dentry, size);
 408
 409        len = host_ui->xattr_names + host_ui->xattr_cnt;
 410        if (!buffer)
 411                /*
 412                 * We should return the minimum buffer size which will fit a
 413                 * null-terminated list of all the extended attribute names.
 414                 */
 415                return len;
 416
 417        if (len > size)
 418                return -ERANGE;
 419
 420        lowest_xent_key(c, &key, host->i_ino);
 421        while (1) {
 422                xent = ubifs_tnc_next_ent(c, &key, &nm);
 423                if (IS_ERR(xent)) {
 424                        err = PTR_ERR(xent);
 425                        break;
 426                }
 427
 428                fname_name(&nm) = xent->name;
 429                fname_len(&nm) = le16_to_cpu(xent->nlen);
 430
 431                if (xattr_visible(xent->name)) {
 432                        memcpy(buffer + written, fname_name(&nm), fname_len(&nm) + 1);
 433                        written += fname_len(&nm) + 1;
 434                }
 435
 436                kfree(pxent);
 437                pxent = xent;
 438                key_read(c, &xent->key, &key);
 439        }
 440
 441        kfree(pxent);
 442        if (err != -ENOENT) {
 443                ubifs_err(c, "cannot find next direntry, error %d", err);
 444                return err;
 445        }
 446
 447        ubifs_assert(c, written <= size);
 448        return written;
 449}
 450
 451static int remove_xattr(struct ubifs_info *c, struct inode *host,
 452                        struct inode *inode, const struct fscrypt_name *nm)
 453{
 454        int err;
 455        struct ubifs_inode *host_ui = ubifs_inode(host);
 456        struct ubifs_inode *ui = ubifs_inode(inode);
 457        struct ubifs_budget_req req = { .dirtied_ino = 2, .mod_dent = 1,
 458                                .dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
 459
 460        ubifs_assert(c, ui->data_len == inode->i_size);
 461
 462        err = ubifs_budget_space(c, &req);
 463        if (err)
 464                return err;
 465
 466        mutex_lock(&host_ui->ui_mutex);
 467        host->i_ctime = current_time(host);
 468        host_ui->xattr_cnt -= 1;
 469        host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
 470        host_ui->xattr_size -= CALC_XATTR_BYTES(ui->data_len);
 471        host_ui->xattr_names -= fname_len(nm);
 472
 473        err = ubifs_jnl_delete_xattr(c, host, inode, nm);
 474        if (err)
 475                goto out_cancel;
 476        mutex_unlock(&host_ui->ui_mutex);
 477
 478        ubifs_release_budget(c, &req);
 479        return 0;
 480
 481out_cancel:
 482        host_ui->xattr_cnt += 1;
 483        host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
 484        host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len);
 485        host_ui->xattr_names += fname_len(nm);
 486        mutex_unlock(&host_ui->ui_mutex);
 487        ubifs_release_budget(c, &req);
 488        make_bad_inode(inode);
 489        return err;
 490}
 491
 492int ubifs_purge_xattrs(struct inode *host)
 493{
 494        union ubifs_key key;
 495        struct ubifs_info *c = host->i_sb->s_fs_info;
 496        struct ubifs_dent_node *xent, *pxent = NULL;
 497        struct inode *xino;
 498        struct fscrypt_name nm = {0};
 499        int err;
 500
 501        if (ubifs_inode(host)->xattr_cnt < ubifs_xattr_max_cnt(c))
 502                return 0;
 503
 504        ubifs_warn(c, "inode %lu has too many xattrs, doing a non-atomic deletion",
 505                   host->i_ino);
 506
 507        lowest_xent_key(c, &key, host->i_ino);
 508        while (1) {
 509                xent = ubifs_tnc_next_ent(c, &key, &nm);
 510                if (IS_ERR(xent)) {
 511                        err = PTR_ERR(xent);
 512                        break;
 513                }
 514
 515                fname_name(&nm) = xent->name;
 516                fname_len(&nm) = le16_to_cpu(xent->nlen);
 517
 518                xino = ubifs_iget(c->vfs_sb, le64_to_cpu(xent->inum));
 519                if (IS_ERR(xino)) {
 520                        err = PTR_ERR(xino);
 521                        ubifs_err(c, "dead directory entry '%s', error %d",
 522                                  xent->name, err);
 523                        ubifs_ro_mode(c, err);
 524                        kfree(pxent);
 525                        kfree(xent);
 526                        return err;
 527                }
 528
 529                ubifs_assert(c, ubifs_inode(xino)->xattr);
 530
 531                clear_nlink(xino);
 532                err = remove_xattr(c, host, xino, &nm);
 533                if (err) {
 534                        kfree(pxent);
 535                        kfree(xent);
 536                        iput(xino);
 537                        ubifs_err(c, "cannot remove xattr, error %d", err);
 538                        return err;
 539                }
 540
 541                iput(xino);
 542
 543                kfree(pxent);
 544                pxent = xent;
 545                key_read(c, &xent->key, &key);
 546        }
 547
 548        kfree(pxent);
 549        if (err != -ENOENT) {
 550                ubifs_err(c, "cannot find next direntry, error %d", err);
 551                return err;
 552        }
 553
 554        return 0;
 555}
 556
 557/**
 558 * ubifs_evict_xattr_inode - Evict an xattr inode.
 559 * @c: UBIFS file-system description object
 560 * @xattr_inum: xattr inode number
 561 *
 562 * When an inode that hosts xattrs is being removed we have to make sure
 563 * that cached inodes of the xattrs also get removed from the inode cache
 564 * otherwise we'd waste memory. This function looks up an inode from the
 565 * inode cache and clears the link counter such that iput() will evict
 566 * the inode.
 567 */
 568void ubifs_evict_xattr_inode(struct ubifs_info *c, ino_t xattr_inum)
 569{
 570        struct inode *inode;
 571
 572        inode = ilookup(c->vfs_sb, xattr_inum);
 573        if (inode) {
 574                clear_nlink(inode);
 575                iput(inode);
 576        }
 577}
 578
 579static int ubifs_xattr_remove(struct inode *host, const char *name)
 580{
 581        struct inode *inode;
 582        struct ubifs_info *c = host->i_sb->s_fs_info;
 583        struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
 584        struct ubifs_dent_node *xent;
 585        union ubifs_key key;
 586        int err;
 587
 588        ubifs_assert(c, inode_is_locked(host));
 589
 590        if (fname_len(&nm) > UBIFS_MAX_NLEN)
 591                return -ENAMETOOLONG;
 592
 593        xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
 594        if (!xent)
 595                return -ENOMEM;
 596
 597        xent_key_init(c, &key, host->i_ino, &nm);
 598        err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
 599        if (err) {
 600                if (err == -ENOENT)
 601                        err = -ENODATA;
 602                goto out_free;
 603        }
 604
 605        inode = iget_xattr(c, le64_to_cpu(xent->inum));
 606        if (IS_ERR(inode)) {
 607                err = PTR_ERR(inode);
 608                goto out_free;
 609        }
 610
 611        ubifs_assert(c, inode->i_nlink == 1);
 612        clear_nlink(inode);
 613        err = remove_xattr(c, host, inode, &nm);
 614        if (err)
 615                set_nlink(inode, 1);
 616
 617        /* If @i_nlink is 0, 'iput()' will delete the inode */
 618        iput(inode);
 619
 620out_free:
 621        kfree(xent);
 622        return err;
 623}
 624
 625#ifdef CONFIG_UBIFS_FS_SECURITY
 626static int init_xattrs(struct inode *inode, const struct xattr *xattr_array,
 627                      void *fs_info)
 628{
 629        const struct xattr *xattr;
 630        char *name;
 631        int err = 0;
 632
 633        for (xattr = xattr_array; xattr->name != NULL; xattr++) {
 634                name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
 635                               strlen(xattr->name) + 1, GFP_NOFS);
 636                if (!name) {
 637                        err = -ENOMEM;
 638                        break;
 639                }
 640                strcpy(name, XATTR_SECURITY_PREFIX);
 641                strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
 642                /*
 643                 * creating a new inode without holding the inode rwsem,
 644                 * no need to check whether inode is locked.
 645                 */
 646                err = ubifs_xattr_set(inode, name, xattr->value,
 647                                      xattr->value_len, 0, false);
 648                kfree(name);
 649                if (err < 0)
 650                        break;
 651        }
 652
 653        return err;
 654}
 655
 656int ubifs_init_security(struct inode *dentry, struct inode *inode,
 657                        const struct qstr *qstr)
 658{
 659        int err;
 660
 661        err = security_inode_init_security(inode, dentry, qstr,
 662                                           &init_xattrs, 0);
 663        if (err) {
 664                struct ubifs_info *c = dentry->i_sb->s_fs_info;
 665                ubifs_err(c, "cannot initialize security for inode %lu, error %d",
 666                          inode->i_ino, err);
 667        }
 668        return err;
 669}
 670#endif
 671
 672static int xattr_get(const struct xattr_handler *handler,
 673                           struct dentry *dentry, struct inode *inode,
 674                           const char *name, void *buffer, size_t size)
 675{
 676        dbg_gen("xattr '%s', ino %lu ('%pd'), buf size %zd", name,
 677                inode->i_ino, dentry, size);
 678
 679        name = xattr_full_name(handler, name);
 680        return ubifs_xattr_get(inode, name, buffer, size);
 681}
 682
 683static int xattr_set(const struct xattr_handler *handler,
 684                           struct dentry *dentry, struct inode *inode,
 685                           const char *name, const void *value,
 686                           size_t size, int flags)
 687{
 688        dbg_gen("xattr '%s', host ino %lu ('%pd'), size %zd",
 689                name, inode->i_ino, dentry, size);
 690
 691        name = xattr_full_name(handler, name);
 692
 693        if (value)
 694                return ubifs_xattr_set(inode, name, value, size, flags, true);
 695        else
 696                return ubifs_xattr_remove(inode, name);
 697}
 698
 699static const struct xattr_handler ubifs_user_xattr_handler = {
 700        .prefix = XATTR_USER_PREFIX,
 701        .get = xattr_get,
 702        .set = xattr_set,
 703};
 704
 705static const struct xattr_handler ubifs_trusted_xattr_handler = {
 706        .prefix = XATTR_TRUSTED_PREFIX,
 707        .get = xattr_get,
 708        .set = xattr_set,
 709};
 710
 711#ifdef CONFIG_UBIFS_FS_SECURITY
 712static const struct xattr_handler ubifs_security_xattr_handler = {
 713        .prefix = XATTR_SECURITY_PREFIX,
 714        .get = xattr_get,
 715        .set = xattr_set,
 716};
 717#endif
 718
 719const struct xattr_handler *ubifs_xattr_handlers[] = {
 720        &ubifs_user_xattr_handler,
 721        &ubifs_trusted_xattr_handler,
 722#ifdef CONFIG_UBIFS_FS_SECURITY
 723        &ubifs_security_xattr_handler,
 724#endif
 725        NULL
 726};
 727