LXR linux/fs/ubifs/xattr.c

   1// SPDX-License-Identifier: GPL-2.0-only
   2/*
   3 * This file is part of UBIFS.
   4 *
   5 * Copyright (C) 2006-2008 Nokia Corporation.
   6 *
   7 * Authors: Artem Bityutskiy (Битюцкий Артём)
   8 *          Adrian Hunter
   9 */
  10
  11/*
  12 * This file implements UBIFS extended attributes support.
  13 *
  14 * Extended attributes are implemented as regular inodes with attached data,
  15 * which limits extended attribute size to UBIFS block size (4KiB). Names of
  16 * extended attributes are described by extended attribute entries (xentries),
  17 * which are almost identical to directory entries, but have different key type.
  18 *
  19 * In other words, the situation with extended attributes is very similar to
  20 * directories. Indeed, any inode (but of course not xattr inodes) may have a
  21 * number of associated xentries, just like directory inodes have associated
  22 * directory entries. Extended attribute entries store the name of the extended
  23 * attribute, the host inode number, and the extended attribute inode number.
  24 * Similarly, direntries store the name, the parent and the target inode
  25 * numbers. Thus, most of the common UBIFS mechanisms may be re-used for
  26 * extended attributes.
  27 *
  28 * The number of extended attributes is not limited, but there is Linux
  29 * limitation on the maximum possible size of the list of all extended
  30 * attributes associated with an inode (%XATTR_LIST_MAX), so UBIFS makes sure
  31 * the sum of all extended attribute names of the inode does not exceed that
  32 * limit.
  33 *
  34 * Extended attributes are synchronous, which means they are written to the
  35 * flash media synchronously and there is no write-back for extended attribute
  36 * inodes. The extended attribute values are not stored in compressed form on
  37 * the media.
  38 *
  39 * Since extended attributes are represented by regular inodes, they are cached
  40 * in the VFS inode cache. The xentries are cached in the LNC cache (see
  41 * tnc.c).
  42 *
  43 * ACL support is not implemented.
  44 */
  45
  46#include "ubifs.h"
  47#include <linux/fs.h>
  48#include <linux/slab.h>
  49#include <linux/xattr.h>
  50
  51/*
  52 * Extended attribute type constants.
  53 *
  54 * USER_XATTR: user extended attribute ("user.*")
  55 * TRUSTED_XATTR: trusted extended attribute ("trusted.*)
  56 * SECURITY_XATTR: security extended attribute ("security.*")
  57 */
  58enum {
  59        USER_XATTR,
  60        TRUSTED_XATTR,
  61        SECURITY_XATTR,
  62};
  63
  64static const struct inode_operations empty_iops;
  65static const struct file_operations empty_fops;
  66
  67/**
  68 * create_xattr - create an extended attribute.
  69 * @c: UBIFS file-system description object
  70 * @host: host inode
  71 * @nm: extended attribute name
  72 * @value: extended attribute value
  73 * @size: size of extended attribute value
  74 *
  75 * This is a helper function which creates an extended attribute of name @nm
  76 * and value @value for inode @host. The host inode is also updated on flash
  77 * because the ctime and extended attribute accounting data changes. This
  78 * function returns zero in case of success and a negative error code in case
  79 * of failure.
  80 */
  81static int create_xattr(struct ubifs_info *c, struct inode *host,
  82                        const struct fscrypt_name *nm, const void *value, int size)
  83{
  84        int err, names_len;
  85        struct inode *inode;
  86        struct ubifs_inode *ui, *host_ui = ubifs_inode(host);
  87        struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
  88                                .new_ino_d = ALIGN(size, 8), .dirtied_ino = 1,
  89                                .dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
  90
  91        if (host_ui->xattr_cnt >= ubifs_xattr_max_cnt(c)) {
  92                ubifs_err(c, "inode %lu already has too many xattrs (%d), cannot create more",
  93                          host->i_ino, host_ui->xattr_cnt);
  94                return -ENOSPC;
  95        }
  96        /*
  97         * Linux limits the maximum size of the extended attribute names list
  98         * to %XATTR_LIST_MAX. This means we should not allow creating more
  99         * extended attributes if the name list becomes larger. This limitation
 100         * is artificial for UBIFS, though.
 101         */
 102        names_len = host_ui->xattr_names + host_ui->xattr_cnt + fname_len(nm) + 1;
 103        if (names_len > XATTR_LIST_MAX) {
 104                ubifs_err(c, "cannot add one more xattr name to inode %lu, total names length would become %d, max. is %d",
 105                          host->i_ino, names_len, XATTR_LIST_MAX);
 106                return -ENOSPC;
 107        }
 108
 109        err = ubifs_budget_space(c, &req);
 110        if (err)
 111                return err;
 112
 113        inode = ubifs_new_inode(c, host, S_IFREG | S_IRWXUGO);
 114        if (IS_ERR(inode)) {
 115                err = PTR_ERR(inode);
 116                goto out_budg;
 117        }
 118
 119        /* Re-define all operations to be "nothing" */
 120        inode->i_mapping->a_ops = &empty_aops;
 121        inode->i_op = &empty_iops;
 122        inode->i_fop = &empty_fops;
 123
 124        inode->i_flags |= S_SYNC | S_NOATIME | S_NOCMTIME;
 125        ui = ubifs_inode(inode);
 126        ui->xattr = 1;
 127        ui->flags |= UBIFS_XATTR_FL;
 128        ui->data = kmemdup(value, size, GFP_NOFS);
 129        if (!ui->data) {
 130                err = -ENOMEM;
 131                goto out_free;
 132        }
 133        inode->i_size = ui->ui_size = size;
 134        ui->data_len = size;
 135
 136        mutex_lock(&host_ui->ui_mutex);
 137        host->i_ctime = current_time(host);
 138        host_ui->xattr_cnt += 1;
 139        host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
 140        host_ui->xattr_size += CALC_XATTR_BYTES(size);
 141        host_ui->xattr_names += fname_len(nm);
 142
 143        /*
 144         * We handle UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT here because we
 145         * have to set the UBIFS_CRYPT_FL flag on the host inode.
 146         * To avoid multiple updates of the same inode in the same operation,
 147         * let's do it here.
 148         */
 149        if (strcmp(fname_name(nm), UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
 150                host_ui->flags |= UBIFS_CRYPT_FL;
 151
 152        err = ubifs_jnl_update(c, host, nm, inode, 0, 1);
 153        if (err)
 154                goto out_cancel;
 155        ubifs_set_inode_flags(host);
 156        mutex_unlock(&host_ui->ui_mutex);
 157
 158        ubifs_release_budget(c, &req);
 159        insert_inode_hash(inode);
 160        iput(inode);
 161        return 0;
 162
 163out_cancel:
 164        host_ui->xattr_cnt -= 1;
 165        host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
 166        host_ui->xattr_size -= CALC_XATTR_BYTES(size);
 167        host_ui->xattr_names -= fname_len(nm);
 168        host_ui->flags &= ~UBIFS_CRYPT_FL;
 169        mutex_unlock(&host_ui->ui_mutex);
 170out_free:
 171        make_bad_inode(inode);
 172        iput(inode);
 173out_budg:
 174        ubifs_release_budget(c, &req);
 175        return err;
 176}
 177
 178/**
 179 * change_xattr - change an extended attribute.
 180 * @c: UBIFS file-system description object
 181 * @host: host inode
 182 * @inode: extended attribute inode
 183 * @value: extended attribute value
 184 * @size: size of extended attribute value
 185 *
 186 * This helper function changes the value of extended attribute @inode with new
 187 * data from @value. Returns zero in case of success and a negative error code
 188 * in case of failure.
 189 */
 190static int change_xattr(struct ubifs_info *c, struct inode *host,
 191                        struct inode *inode, const void *value, int size)
 192{
 193        int err;
 194        struct ubifs_inode *host_ui = ubifs_inode(host);
 195        struct ubifs_inode *ui = ubifs_inode(inode);
 196        void *buf = NULL;
 197        int old_size;
 198        struct ubifs_budget_req req = { .dirtied_ino = 2,
 199                .dirtied_ino_d = ALIGN(size, 8) + ALIGN(host_ui->data_len, 8) };
 200
 201        ubifs_assert(c, ui->data_len == inode->i_size);
 202        err = ubifs_budget_space(c, &req);
 203        if (err)
 204                return err;
 205
 206        buf = kmemdup(value, size, GFP_NOFS);
 207        if (!buf) {
 208                err = -ENOMEM;
 209                goto out_free;
 210        }
 211        mutex_lock(&ui->ui_mutex);
 212        kfree(ui->data);
 213        ui->data = buf;
 214        inode->i_size = ui->ui_size = size;
 215        old_size = ui->data_len;
 216        ui->data_len = size;
 217        mutex_unlock(&ui->ui_mutex);
 218
 219        mutex_lock(&host_ui->ui_mutex);
 220        host->i_ctime = current_time(host);
 221        host_ui->xattr_size -= CALC_XATTR_BYTES(old_size);
 222        host_ui->xattr_size += CALC_XATTR_BYTES(size);
 223
 224        /*
 225         * It is important to write the host inode after the xattr inode
 226         * because if the host inode gets synchronized (via 'fsync()'), then
 227         * the extended attribute inode gets synchronized, because it goes
 228         * before the host inode in the write-buffer.
 229         */
 230        err = ubifs_jnl_change_xattr(c, inode, host);
 231        if (err)
 232                goto out_cancel;
 233        mutex_unlock(&host_ui->ui_mutex);
 234
 235        ubifs_release_budget(c, &req);
 236        return 0;
 237
 238out_cancel:
 239        host_ui->xattr_size -= CALC_XATTR_BYTES(size);
 240        host_ui->xattr_size += CALC_XATTR_BYTES(old_size);
 241        mutex_unlock(&host_ui->ui_mutex);
 242        make_bad_inode(inode);
 243out_free:
 244        ubifs_release_budget(c, &req);
 245        return err;
 246}
 247
 248static struct inode *iget_xattr(struct ubifs_info *c, ino_t inum)
 249{
 250        struct inode *inode;
 251
 252        inode = ubifs_iget(c->vfs_sb, inum);
 253        if (IS_ERR(inode)) {
 254                ubifs_err(c, "dead extended attribute entry, error %d",
 255                          (int)PTR_ERR(inode));
 256                return inode;
 257        }
 258        if (ubifs_inode(inode)->xattr)
 259                return inode;
 260        ubifs_err(c, "corrupt extended attribute entry");
 261        iput(inode);
 262        return ERR_PTR(-EINVAL);
 263}
 264
 265int ubifs_xattr_set(struct inode *host, const char *name, const void *value,
 266                    size_t size, int flags, bool check_lock)
 267{
 268        struct inode *inode;
 269        struct ubifs_info *c = host->i_sb->s_fs_info;
 270        struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
 271        struct ubifs_dent_node *xent;
 272        union ubifs_key key;
 273        int err;
 274
 275        if (check_lock)
 276                ubifs_assert(c, inode_is_locked(host));
 277
 278        if (size > UBIFS_MAX_INO_DATA)
 279                return -ERANGE;
 280
 281        if (fname_len(&nm) > UBIFS_MAX_NLEN)
 282                return -ENAMETOOLONG;
 283
 284        xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
 285        if (!xent)
 286                return -ENOMEM;
 287
 288        /*
 289         * The extended attribute entries are stored in LNC, so multiple
 290         * look-ups do not involve reading the flash.
 291         */
 292        xent_key_init(c, &key, host->i_ino, &nm);
 293        err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
 294        if (err) {
 295                if (err != -ENOENT)
 296                        goto out_free;
 297
 298                if (flags & XATTR_REPLACE)
 299                        /* We are asked not to create the xattr */
 300                        err = -ENODATA;
 301                else
 302                        err = create_xattr(c, host, &nm, value, size);
 303                goto out_free;
 304        }
 305
 306        if (flags & XATTR_CREATE) {
 307                /* We are asked not to replace the xattr */
 308                err = -EEXIST;
 309                goto out_free;
 310        }
 311
 312        inode = iget_xattr(c, le64_to_cpu(xent->inum));
 313        if (IS_ERR(inode)) {
 314                err = PTR_ERR(inode);
 315                goto out_free;
 316        }
 317
 318        err = change_xattr(c, host, inode, value, size);
 319        iput(inode);
 320
 321out_free:
 322        kfree(xent);
 323        return err;
 324}
 325
 326ssize_t ubifs_xattr_get(struct inode *host, const char *name, void *buf,
 327                        size_t size)
 328{
 329        struct inode *inode;
 330        struct ubifs_info *c = host->i_sb->s_fs_info;
 331        struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
 332        struct ubifs_inode *ui;
 333        struct ubifs_dent_node *xent;
 334        union ubifs_key key;
 335        int err;
 336
 337        if (fname_len(&nm) > UBIFS_MAX_NLEN)
 338                return -ENAMETOOLONG;
 339
 340        xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
 341        if (!xent)
 342                return -ENOMEM;
 343
 344        xent_key_init(c, &key, host->i_ino, &nm);
 345        err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
 346        if (err) {
 347                if (err == -ENOENT)
 348                        err = -ENODATA;
 349                goto out_unlock;
 350        }
 351
 352        inode = iget_xattr(c, le64_to_cpu(xent->inum));
 353        if (IS_ERR(inode)) {
 354                err = PTR_ERR(inode);
 355                goto out_unlock;
 356        }
 357
 358        ui = ubifs_inode(inode);
 359        ubifs_assert(c, inode->i_size == ui->data_len);
 360        ubifs_assert(c, ubifs_inode(host)->xattr_size > ui->data_len);
 361
 362        mutex_lock(&ui->ui_mutex);
 363        if (buf) {
 364                /* If @buf is %NULL we are supposed to return the length */
 365                if (ui->data_len > size) {
 366                        err = -ERANGE;
 367                        goto out_iput;
 368                }
 369
 370                memcpy(buf, ui->data, ui->data_len);
 371        }
 372        err = ui->data_len;
 373
 374out_iput:
 375        mutex_unlock(&ui->ui_mutex);
 376        iput(inode);
 377out_unlock:
 378        kfree(xent);
 379        return err;
 380}
 381
 382static bool xattr_visible(const char *name)
 383{
 384        /* File encryption related xattrs are for internal use only */
 385        if (strcmp(name, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
 386                return false;
 387
 388        /* Show trusted namespace only for "power" users */
 389        if (strncmp(name, XATTR_TRUSTED_PREFIX,
 390                    XATTR_TRUSTED_PREFIX_LEN) == 0 && !capable(CAP_SYS_ADMIN))
 391                return false;
 392
 393        return true;
 394}
 395
 396ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size)
 397{
 398        union ubifs_key key;
 399        struct inode *host = d_inode(dentry);
 400        struct ubifs_info *c = host->i_sb->s_fs_info;
 401        struct ubifs_inode *host_ui = ubifs_inode(host);
 402        struct ubifs_dent_node *xent, *pxent = NULL;
 403        int err, len, written = 0;
 404        struct fscrypt_name nm = {0};
 405
 406        dbg_gen("ino %lu ('%pd'), buffer size %zd", host->i_ino,
 407                dentry, size);
 408
 409        len = host_ui->xattr_names + host_ui->xattr_cnt;
 410        if (!buffer)
 411                /*
 412                 * We should return the minimum buffer size which will fit a
 413                 * null-terminated list of all the extended attribute names.
 414                 */
 415                return len;
 416
 417        if (len > size)
 418                return -ERANGE;
 419
 420        lowest_xent_key(c, &key, host->i_ino);
 421        while (1) {
 422                xent = ubifs_tnc_next_ent(c, &key, &nm);
 423                if (IS_ERR(xent)) {
 424                        err = PTR_ERR(xent);
 425                        break;
 426                }
 427
 428                fname_name(&nm) = xent->name;
 429                fname_len(&nm) = le16_to_cpu(xent->nlen);
 430
 431                if (xattr_visible(xent->name)) {
 432                        memcpy(buffer + written, fname_name(&nm), fname_len(&nm) + 1);
 433                        written += fname_len(&nm) + 1;
 434                }
 435
 436                kfree(pxent);
 437                pxent = xent;
 438                key_read(c, &xent->key, &key);
 439        }
 440
 441        kfree(pxent);
 442        if (err != -ENOENT) {
 443                ubifs_err(c, "cannot find next direntry, error %d", err);
 444                return err;
 445        }
 446
 447        ubifs_assert(c, written <= size);
 448        return written;
 449}
 450
 451static int remove_xattr(struct ubifs_info *c, struct inode *host,
 452                        struct inode *inode, const struct fscrypt_name *nm)
 453{
 454        int err;
 455        struct ubifs_inode *host_ui = ubifs_inode(host);
 456        struct ubifs_inode *ui = ubifs_inode(inode);
 457        struct ubifs_budget_req req = { .dirtied_ino = 2, .mod_dent = 1,
 458                                .dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
 459
 460        ubifs_assert(c, ui->data_len == inode->i_size);
 461
 462        err = ubifs_budget_space(c, &req);
 463        if (err)
 464                return err;
 465
 466        mutex_lock(&host_ui->ui_mutex);
 467        host->i_ctime = current_time(host);
 468        host_ui->xattr_cnt -= 1;
 469        host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
 470        host_ui->xattr_size -= CALC_XATTR_BYTES(ui->data_len);
 471        host_ui->xattr_names -= fname_len(nm);
 472
 473        err = ubifs_jnl_delete_xattr(c, host, inode, nm);
 474        if (err)
 475                goto out_cancel;
 476        mutex_unlock(&host_ui->ui_mutex);
 477
 478        ubifs_release_budget(c, &req);
 479        return 0;
 480
 481out_cancel:
 482        host_ui->xattr_cnt += 1;
 483        host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
 484        host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len);
 485        host_ui->xattr_names += fname_len(nm);
 486        mutex_unlock(&host_ui->ui_mutex);
 487        ubifs_release_budget(c, &req);
 488        make_bad_inode(inode);
 489        return err;
 490}
 491
 492int ubifs_purge_xattrs(struct inode *host)
 493{
 494        union ubifs_key key;
 495        struct ubifs_info *c = host->i_sb->s_fs_info;
 496        struct ubifs_dent_node *xent, *pxent = NULL;
 497        struct inode *xino;
 498        struct fscrypt_name nm = {0};
 499        int err;
 500
 501        if (ubifs_inode(host)->xattr_cnt < ubifs_xattr_max_cnt(c))
 502                return 0;
 503
 504        ubifs_warn(c, "inode %lu has too many xattrs, doing a non-atomic deletion",
 505                   host->i_ino);
 506
 507        lowest_xent_key(c, &key, host->i_ino);
 508        while (1) {
 509                xent = ubifs_tnc_next_ent(c, &key, &nm);
 510                if (IS_ERR(xent)) {
 511                        err = PTR_ERR(xent);
 512                        break;
 513                }
 514
 515                fname_name(&nm) = xent->name;
 516                fname_len(&nm) = le16_to_cpu(xent->nlen);
 517
 518                xino = ubifs_iget(c->vfs_sb, le64_to_cpu(xent->inum));
 519                if (IS_ERR(xino)) {
 520                        err = PTR_ERR(xino);
 521                        ubifs_err(c, "dead directory entry '%s', error %d",
 522                                  xent->name, err);
 523                        ubifs_ro_mode(c, err);
 524                        kfree(pxent);
 525                        return err;
 526                }
 527
 528                ubifs_assert(c, ubifs_inode(xino)->xattr);
 529
 530                clear_nlink(xino);
 531                err = remove_xattr(c, host, xino, &nm);
 532                if (err) {
 533                        kfree(pxent);
 534                        iput(xino);
 535                        ubifs_err(c, "cannot remove xattr, error %d", err);
 536                        return err;
 537                }
 538
 539                iput(xino);
 540
 541                kfree(pxent);
 542                pxent = xent;
 543                key_read(c, &xent->key, &key);
 544        }
 545
 546        kfree(pxent);
 547        if (err != -ENOENT) {
 548                ubifs_err(c, "cannot find next direntry, error %d", err);
 549                return err;
 550        }
 551
 552        return 0;
 553}
 554
 555/**
 556 * ubifs_evict_xattr_inode - Evict an xattr inode.
 557 * @c: UBIFS file-system description object
 558 * @xattr_inum: xattr inode number
 559 *
 560 * When an inode that hosts xattrs is being removed we have to make sure
 561 * that cached inodes of the xattrs also get removed from the inode cache
 562 * otherwise we'd waste memory. This function looks up an inode from the
 563 * inode cache and clears the link counter such that iput() will evict
 564 * the inode.
 565 */
 566void ubifs_evict_xattr_inode(struct ubifs_info *c, ino_t xattr_inum)
 567{
 568        struct inode *inode;
 569
 570        inode = ilookup(c->vfs_sb, xattr_inum);
 571        if (inode) {
 572                clear_nlink(inode);
 573                iput(inode);
 574        }
 575}
 576
 577static int ubifs_xattr_remove(struct inode *host, const char *name)
 578{
 579        struct inode *inode;
 580        struct ubifs_info *c = host->i_sb->s_fs_info;
 581        struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
 582        struct ubifs_dent_node *xent;
 583        union ubifs_key key;
 584        int err;
 585
 586        ubifs_assert(c, inode_is_locked(host));
 587
 588        if (fname_len(&nm) > UBIFS_MAX_NLEN)
 589                return -ENAMETOOLONG;
 590
 591        xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
 592        if (!xent)
 593                return -ENOMEM;
 594
 595        xent_key_init(c, &key, host->i_ino, &nm);
 596        err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
 597        if (err) {
 598                if (err == -ENOENT)
 599                        err = -ENODATA;
 600                goto out_free;
 601        }
 602
 603        inode = iget_xattr(c, le64_to_cpu(xent->inum));
 604        if (IS_ERR(inode)) {
 605                err = PTR_ERR(inode);
 606                goto out_free;
 607        }
 608
 609        ubifs_assert(c, inode->i_nlink == 1);
 610        clear_nlink(inode);
 611        err = remove_xattr(c, host, inode, &nm);
 612        if (err)
 613                set_nlink(inode, 1);
 614
 615        /* If @i_nlink is 0, 'iput()' will delete the inode */
 616        iput(inode);
 617
 618out_free:
 619        kfree(xent);
 620        return err;
 621}
 622
 623#ifdef CONFIG_UBIFS_FS_SECURITY
 624static int init_xattrs(struct inode *inode, const struct xattr *xattr_array,
 625                      void *fs_info)
 626{
 627        const struct xattr *xattr;
 628        char *name;
 629        int err = 0;
 630
 631        for (xattr = xattr_array; xattr->name != NULL; xattr++) {
 632                name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
 633                               strlen(xattr->name) + 1, GFP_NOFS);
 634                if (!name) {
 635                        err = -ENOMEM;
 636                        break;
 637                }
 638                strcpy(name, XATTR_SECURITY_PREFIX);
 639                strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
 640                /*
 641                 * creating a new inode without holding the inode rwsem,
 642                 * no need to check whether inode is locked.
 643                 */
 644                err = ubifs_xattr_set(inode, name, xattr->value,
 645                                      xattr->value_len, 0, false);
 646                kfree(name);
 647                if (err < 0)
 648                        break;
 649        }
 650
 651        return err;
 652}
 653
 654int ubifs_init_security(struct inode *dentry, struct inode *inode,
 655                        const struct qstr *qstr)
 656{
 657        int err;
 658
 659        err = security_inode_init_security(inode, dentry, qstr,
 660                                           &init_xattrs, 0);
 661        if (err) {
 662                struct ubifs_info *c = dentry->i_sb->s_fs_info;
 663                ubifs_err(c, "cannot initialize security for inode %lu, error %d",
 664                          inode->i_ino, err);
 665        }
 666        return err;
 667}
 668#endif
 669
 670static int xattr_get(const struct xattr_handler *handler,
 671                           struct dentry *dentry, struct inode *inode,
 672                           const char *name, void *buffer, size_t size)
 673{
 674        dbg_gen("xattr '%s', ino %lu ('%pd'), buf size %zd", name,
 675                inode->i_ino, dentry, size);
 676
 677        name = xattr_full_name(handler, name);
 678        return ubifs_xattr_get(inode, name, buffer, size);
 679}
 680
 681static int xattr_set(const struct xattr_handler *handler,
 682                           struct dentry *dentry, struct inode *inode,
 683                           const char *name, const void *value,
 684                           size_t size, int flags)
 685{
 686        dbg_gen("xattr '%s', host ino %lu ('%pd'), size %zd",
 687                name, inode->i_ino, dentry, size);
 688
 689        name = xattr_full_name(handler, name);
 690
 691        if (value)
 692                return ubifs_xattr_set(inode, name, value, size, flags, true);
 693        else
 694                return ubifs_xattr_remove(inode, name);
 695}
 696
 697static const struct xattr_handler ubifs_user_xattr_handler = {
 698        .prefix = XATTR_USER_PREFIX,
 699        .get = xattr_get,
 700        .set = xattr_set,
 701};
 702
 703static const struct xattr_handler ubifs_trusted_xattr_handler = {
 704        .prefix = XATTR_TRUSTED_PREFIX,
 705        .get = xattr_get,
 706        .set = xattr_set,
 707};
 708
 709#ifdef CONFIG_UBIFS_FS_SECURITY
 710static const struct xattr_handler ubifs_security_xattr_handler = {
 711        .prefix = XATTR_SECURITY_PREFIX,
 712        .get = xattr_get,
 713        .set = xattr_set,
 714};
 715#endif
 716
 717const struct xattr_handler *ubifs_xattr_handlers[] = {
 718        &ubifs_user_xattr_handler,
 719        &ubifs_trusted_xattr_handler,
 720#ifdef CONFIG_UBIFS_FS_SECURITY
 721        &ubifs_security_xattr_handler,
 722#endif
 723        NULL
 724};
 725