1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46#include "ubifs.h"
47#include <linux/fs.h>
48#include <linux/slab.h>
49#include <linux/xattr.h>
50
51
52
53
54
55
56
57
58enum {
59 USER_XATTR,
60 TRUSTED_XATTR,
61 SECURITY_XATTR,
62};
63
64static const struct inode_operations empty_iops;
65static const struct file_operations empty_fops;
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81static int create_xattr(struct ubifs_info *c, struct inode *host,
82 const struct fscrypt_name *nm, const void *value, int size)
83{
84 int err, names_len;
85 struct inode *inode;
86 struct ubifs_inode *ui, *host_ui = ubifs_inode(host);
87 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
88 .new_ino_d = ALIGN(size, 8), .dirtied_ino = 1,
89 .dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
90
91 if (host_ui->xattr_cnt >= ubifs_xattr_max_cnt(c)) {
92 ubifs_err(c, "inode %lu already has too many xattrs (%d), cannot create more",
93 host->i_ino, host_ui->xattr_cnt);
94 return -ENOSPC;
95 }
96
97
98
99
100
101
102 names_len = host_ui->xattr_names + host_ui->xattr_cnt + fname_len(nm) + 1;
103 if (names_len > XATTR_LIST_MAX) {
104 ubifs_err(c, "cannot add one more xattr name to inode %lu, total names length would become %d, max. is %d",
105 host->i_ino, names_len, XATTR_LIST_MAX);
106 return -ENOSPC;
107 }
108
109 err = ubifs_budget_space(c, &req);
110 if (err)
111 return err;
112
113 inode = ubifs_new_inode(c, host, S_IFREG | S_IRWXUGO);
114 if (IS_ERR(inode)) {
115 err = PTR_ERR(inode);
116 goto out_budg;
117 }
118
119
120 inode->i_mapping->a_ops = &empty_aops;
121 inode->i_op = &empty_iops;
122 inode->i_fop = &empty_fops;
123
124 inode->i_flags |= S_SYNC | S_NOATIME | S_NOCMTIME;
125 ui = ubifs_inode(inode);
126 ui->xattr = 1;
127 ui->flags |= UBIFS_XATTR_FL;
128 ui->data = kmemdup(value, size, GFP_NOFS);
129 if (!ui->data) {
130 err = -ENOMEM;
131 goto out_free;
132 }
133 inode->i_size = ui->ui_size = size;
134 ui->data_len = size;
135
136 mutex_lock(&host_ui->ui_mutex);
137 host->i_ctime = current_time(host);
138 host_ui->xattr_cnt += 1;
139 host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
140 host_ui->xattr_size += CALC_XATTR_BYTES(size);
141 host_ui->xattr_names += fname_len(nm);
142
143
144
145
146
147
148
149 if (strcmp(fname_name(nm), UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
150 host_ui->flags |= UBIFS_CRYPT_FL;
151
152 err = ubifs_jnl_update(c, host, nm, inode, 0, 1);
153 if (err)
154 goto out_cancel;
155 ubifs_set_inode_flags(host);
156 mutex_unlock(&host_ui->ui_mutex);
157
158 ubifs_release_budget(c, &req);
159 insert_inode_hash(inode);
160 iput(inode);
161 return 0;
162
163out_cancel:
164 host_ui->xattr_cnt -= 1;
165 host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
166 host_ui->xattr_size -= CALC_XATTR_BYTES(size);
167 host_ui->xattr_names -= fname_len(nm);
168 host_ui->flags &= ~UBIFS_CRYPT_FL;
169 mutex_unlock(&host_ui->ui_mutex);
170out_free:
171 make_bad_inode(inode);
172 iput(inode);
173out_budg:
174 ubifs_release_budget(c, &req);
175 return err;
176}
177
178
179
180
181
182
183
184
185
186
187
188
189
190static int change_xattr(struct ubifs_info *c, struct inode *host,
191 struct inode *inode, const void *value, int size)
192{
193 int err;
194 struct ubifs_inode *host_ui = ubifs_inode(host);
195 struct ubifs_inode *ui = ubifs_inode(inode);
196 void *buf = NULL;
197 int old_size;
198 struct ubifs_budget_req req = { .dirtied_ino = 2,
199 .dirtied_ino_d = ALIGN(size, 8) + ALIGN(host_ui->data_len, 8) };
200
201 ubifs_assert(c, ui->data_len == inode->i_size);
202 err = ubifs_budget_space(c, &req);
203 if (err)
204 return err;
205
206 buf = kmemdup(value, size, GFP_NOFS);
207 if (!buf) {
208 err = -ENOMEM;
209 goto out_free;
210 }
211 kfree(ui->data);
212 ui->data = buf;
213 inode->i_size = ui->ui_size = size;
214 old_size = ui->data_len;
215 ui->data_len = size;
216
217 mutex_lock(&host_ui->ui_mutex);
218 host->i_ctime = current_time(host);
219 host_ui->xattr_size -= CALC_XATTR_BYTES(old_size);
220 host_ui->xattr_size += CALC_XATTR_BYTES(size);
221
222
223
224
225
226
227
228 err = ubifs_jnl_change_xattr(c, inode, host);
229 if (err)
230 goto out_cancel;
231 mutex_unlock(&host_ui->ui_mutex);
232
233 ubifs_release_budget(c, &req);
234 return 0;
235
236out_cancel:
237 host_ui->xattr_size -= CALC_XATTR_BYTES(size);
238 host_ui->xattr_size += CALC_XATTR_BYTES(old_size);
239 mutex_unlock(&host_ui->ui_mutex);
240 make_bad_inode(inode);
241out_free:
242 ubifs_release_budget(c, &req);
243 return err;
244}
245
246static struct inode *iget_xattr(struct ubifs_info *c, ino_t inum)
247{
248 struct inode *inode;
249
250 inode = ubifs_iget(c->vfs_sb, inum);
251 if (IS_ERR(inode)) {
252 ubifs_err(c, "dead extended attribute entry, error %d",
253 (int)PTR_ERR(inode));
254 return inode;
255 }
256 if (ubifs_inode(inode)->xattr)
257 return inode;
258 ubifs_err(c, "corrupt extended attribute entry");
259 iput(inode);
260 return ERR_PTR(-EINVAL);
261}
262
263int ubifs_xattr_set(struct inode *host, const char *name, const void *value,
264 size_t size, int flags, bool check_lock)
265{
266 struct inode *inode;
267 struct ubifs_info *c = host->i_sb->s_fs_info;
268 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
269 struct ubifs_dent_node *xent;
270 union ubifs_key key;
271 int err;
272
273 if (check_lock)
274 ubifs_assert(c, inode_is_locked(host));
275
276 if (size > UBIFS_MAX_INO_DATA)
277 return -ERANGE;
278
279 if (fname_len(&nm) > UBIFS_MAX_NLEN)
280 return -ENAMETOOLONG;
281
282 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
283 if (!xent)
284 return -ENOMEM;
285
286 down_write(&ubifs_inode(host)->xattr_sem);
287
288
289
290
291 xent_key_init(c, &key, host->i_ino, &nm);
292 err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
293 if (err) {
294 if (err != -ENOENT)
295 goto out_free;
296
297 if (flags & XATTR_REPLACE)
298
299 err = -ENODATA;
300 else
301 err = create_xattr(c, host, &nm, value, size);
302 goto out_free;
303 }
304
305 if (flags & XATTR_CREATE) {
306
307 err = -EEXIST;
308 goto out_free;
309 }
310
311 inode = iget_xattr(c, le64_to_cpu(xent->inum));
312 if (IS_ERR(inode)) {
313 err = PTR_ERR(inode);
314 goto out_free;
315 }
316
317 err = change_xattr(c, host, inode, value, size);
318 iput(inode);
319
320out_free:
321 up_write(&ubifs_inode(host)->xattr_sem);
322 kfree(xent);
323 return err;
324}
325
326ssize_t ubifs_xattr_get(struct inode *host, const char *name, void *buf,
327 size_t size)
328{
329 struct inode *inode;
330 struct ubifs_info *c = host->i_sb->s_fs_info;
331 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
332 struct ubifs_inode *ui;
333 struct ubifs_dent_node *xent;
334 union ubifs_key key;
335 int err;
336
337 if (fname_len(&nm) > UBIFS_MAX_NLEN)
338 return -ENAMETOOLONG;
339
340 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
341 if (!xent)
342 return -ENOMEM;
343
344 down_read(&ubifs_inode(host)->xattr_sem);
345 xent_key_init(c, &key, host->i_ino, &nm);
346 err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
347 if (err) {
348 if (err == -ENOENT)
349 err = -ENODATA;
350 goto out_cleanup;
351 }
352
353 inode = iget_xattr(c, le64_to_cpu(xent->inum));
354 if (IS_ERR(inode)) {
355 err = PTR_ERR(inode);
356 goto out_cleanup;
357 }
358
359 ui = ubifs_inode(inode);
360 ubifs_assert(c, inode->i_size == ui->data_len);
361 ubifs_assert(c, ubifs_inode(host)->xattr_size > ui->data_len);
362
363 if (buf) {
364
365 if (ui->data_len > size) {
366 err = -ERANGE;
367 goto out_iput;
368 }
369
370 memcpy(buf, ui->data, ui->data_len);
371 }
372 err = ui->data_len;
373
374out_iput:
375 iput(inode);
376out_cleanup:
377 up_read(&ubifs_inode(host)->xattr_sem);
378 kfree(xent);
379 return err;
380}
381
382static bool xattr_visible(const char *name)
383{
384
385 if (strcmp(name, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
386 return false;
387
388
389 if (strncmp(name, XATTR_TRUSTED_PREFIX,
390 XATTR_TRUSTED_PREFIX_LEN) == 0 && !capable(CAP_SYS_ADMIN))
391 return false;
392
393 return true;
394}
395
396ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size)
397{
398 union ubifs_key key;
399 struct inode *host = d_inode(dentry);
400 struct ubifs_info *c = host->i_sb->s_fs_info;
401 struct ubifs_inode *host_ui = ubifs_inode(host);
402 struct ubifs_dent_node *xent, *pxent = NULL;
403 int err, len, written = 0;
404 struct fscrypt_name nm = {0};
405
406 dbg_gen("ino %lu ('%pd'), buffer size %zd", host->i_ino,
407 dentry, size);
408
409 down_read(&host_ui->xattr_sem);
410 len = host_ui->xattr_names + host_ui->xattr_cnt;
411 if (!buffer) {
412
413
414
415
416 err = len;
417 goto out_err;
418 }
419
420 if (len > size) {
421 err = -ERANGE;
422 goto out_err;
423 }
424
425 lowest_xent_key(c, &key, host->i_ino);
426 while (1) {
427 xent = ubifs_tnc_next_ent(c, &key, &nm);
428 if (IS_ERR(xent)) {
429 err = PTR_ERR(xent);
430 break;
431 }
432
433 fname_name(&nm) = xent->name;
434 fname_len(&nm) = le16_to_cpu(xent->nlen);
435
436 if (xattr_visible(xent->name)) {
437 memcpy(buffer + written, fname_name(&nm), fname_len(&nm) + 1);
438 written += fname_len(&nm) + 1;
439 }
440
441 kfree(pxent);
442 pxent = xent;
443 key_read(c, &xent->key, &key);
444 }
445 kfree(pxent);
446 up_read(&host_ui->xattr_sem);
447
448 if (err != -ENOENT) {
449 ubifs_err(c, "cannot find next direntry, error %d", err);
450 return err;
451 }
452
453 ubifs_assert(c, written <= size);
454 return written;
455
456out_err:
457 up_read(&host_ui->xattr_sem);
458 return err;
459}
460
461static int remove_xattr(struct ubifs_info *c, struct inode *host,
462 struct inode *inode, const struct fscrypt_name *nm)
463{
464 int err;
465 struct ubifs_inode *host_ui = ubifs_inode(host);
466 struct ubifs_inode *ui = ubifs_inode(inode);
467 struct ubifs_budget_req req = { .dirtied_ino = 2, .mod_dent = 1,
468 .dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
469
470 ubifs_assert(c, ui->data_len == inode->i_size);
471
472 err = ubifs_budget_space(c, &req);
473 if (err)
474 return err;
475
476 mutex_lock(&host_ui->ui_mutex);
477 host->i_ctime = current_time(host);
478 host_ui->xattr_cnt -= 1;
479 host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
480 host_ui->xattr_size -= CALC_XATTR_BYTES(ui->data_len);
481 host_ui->xattr_names -= fname_len(nm);
482
483 err = ubifs_jnl_delete_xattr(c, host, inode, nm);
484 if (err)
485 goto out_cancel;
486 mutex_unlock(&host_ui->ui_mutex);
487
488 ubifs_release_budget(c, &req);
489 return 0;
490
491out_cancel:
492 host_ui->xattr_cnt += 1;
493 host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
494 host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len);
495 host_ui->xattr_names += fname_len(nm);
496 mutex_unlock(&host_ui->ui_mutex);
497 ubifs_release_budget(c, &req);
498 make_bad_inode(inode);
499 return err;
500}
501
502int ubifs_purge_xattrs(struct inode *host)
503{
504 union ubifs_key key;
505 struct ubifs_info *c = host->i_sb->s_fs_info;
506 struct ubifs_dent_node *xent, *pxent = NULL;
507 struct inode *xino;
508 struct fscrypt_name nm = {0};
509 int err;
510
511 if (ubifs_inode(host)->xattr_cnt <= ubifs_xattr_max_cnt(c))
512 return 0;
513
514 ubifs_warn(c, "inode %lu has too many xattrs, doing a non-atomic deletion",
515 host->i_ino);
516
517 down_write(&ubifs_inode(host)->xattr_sem);
518 lowest_xent_key(c, &key, host->i_ino);
519 while (1) {
520 xent = ubifs_tnc_next_ent(c, &key, &nm);
521 if (IS_ERR(xent)) {
522 err = PTR_ERR(xent);
523 break;
524 }
525
526 fname_name(&nm) = xent->name;
527 fname_len(&nm) = le16_to_cpu(xent->nlen);
528
529 xino = ubifs_iget(c->vfs_sb, le64_to_cpu(xent->inum));
530 if (IS_ERR(xino)) {
531 err = PTR_ERR(xino);
532 ubifs_err(c, "dead directory entry '%s', error %d",
533 xent->name, err);
534 ubifs_ro_mode(c, err);
535 kfree(pxent);
536 kfree(xent);
537 goto out_err;
538 }
539
540 ubifs_assert(c, ubifs_inode(xino)->xattr);
541
542 clear_nlink(xino);
543 err = remove_xattr(c, host, xino, &nm);
544 if (err) {
545 kfree(pxent);
546 kfree(xent);
547 iput(xino);
548 ubifs_err(c, "cannot remove xattr, error %d", err);
549 goto out_err;
550 }
551
552 iput(xino);
553
554 kfree(pxent);
555 pxent = xent;
556 key_read(c, &xent->key, &key);
557 }
558 kfree(pxent);
559 up_write(&ubifs_inode(host)->xattr_sem);
560
561 if (err != -ENOENT) {
562 ubifs_err(c, "cannot find next direntry, error %d", err);
563 return err;
564 }
565
566 return 0;
567
568out_err:
569 up_write(&ubifs_inode(host)->xattr_sem);
570 return err;
571}
572
573
574
575
576
577
578
579
580
581
582
583
584void ubifs_evict_xattr_inode(struct ubifs_info *c, ino_t xattr_inum)
585{
586 struct inode *inode;
587
588 inode = ilookup(c->vfs_sb, xattr_inum);
589 if (inode) {
590 clear_nlink(inode);
591 iput(inode);
592 }
593}
594
595static int ubifs_xattr_remove(struct inode *host, const char *name)
596{
597 struct inode *inode;
598 struct ubifs_info *c = host->i_sb->s_fs_info;
599 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
600 struct ubifs_dent_node *xent;
601 union ubifs_key key;
602 int err;
603
604 ubifs_assert(c, inode_is_locked(host));
605
606 if (fname_len(&nm) > UBIFS_MAX_NLEN)
607 return -ENAMETOOLONG;
608
609 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
610 if (!xent)
611 return -ENOMEM;
612
613 down_write(&ubifs_inode(host)->xattr_sem);
614 xent_key_init(c, &key, host->i_ino, &nm);
615 err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
616 if (err) {
617 if (err == -ENOENT)
618 err = -ENODATA;
619 goto out_free;
620 }
621
622 inode = iget_xattr(c, le64_to_cpu(xent->inum));
623 if (IS_ERR(inode)) {
624 err = PTR_ERR(inode);
625 goto out_free;
626 }
627
628 ubifs_assert(c, inode->i_nlink == 1);
629 clear_nlink(inode);
630 err = remove_xattr(c, host, inode, &nm);
631 if (err)
632 set_nlink(inode, 1);
633
634
635 iput(inode);
636
637out_free:
638 up_write(&ubifs_inode(host)->xattr_sem);
639 kfree(xent);
640 return err;
641}
642
643#ifdef CONFIG_UBIFS_FS_SECURITY
644static int init_xattrs(struct inode *inode, const struct xattr *xattr_array,
645 void *fs_info)
646{
647 const struct xattr *xattr;
648 char *name;
649 int err = 0;
650
651 for (xattr = xattr_array; xattr->name != NULL; xattr++) {
652 name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
653 strlen(xattr->name) + 1, GFP_NOFS);
654 if (!name) {
655 err = -ENOMEM;
656 break;
657 }
658 strcpy(name, XATTR_SECURITY_PREFIX);
659 strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
660
661
662
663
664 err = ubifs_xattr_set(inode, name, xattr->value,
665 xattr->value_len, 0, false);
666 kfree(name);
667 if (err < 0)
668 break;
669 }
670
671 return err;
672}
673
674int ubifs_init_security(struct inode *dentry, struct inode *inode,
675 const struct qstr *qstr)
676{
677 int err;
678
679 err = security_inode_init_security(inode, dentry, qstr,
680 &init_xattrs, 0);
681 if (err) {
682 struct ubifs_info *c = dentry->i_sb->s_fs_info;
683 ubifs_err(c, "cannot initialize security for inode %lu, error %d",
684 inode->i_ino, err);
685 }
686 return err;
687}
688#endif
689
690static int xattr_get(const struct xattr_handler *handler,
691 struct dentry *dentry, struct inode *inode,
692 const char *name, void *buffer, size_t size)
693{
694 dbg_gen("xattr '%s', ino %lu ('%pd'), buf size %zd", name,
695 inode->i_ino, dentry, size);
696
697 name = xattr_full_name(handler, name);
698 return ubifs_xattr_get(inode, name, buffer, size);
699}
700
701static int xattr_set(const struct xattr_handler *handler,
702 struct user_namespace *mnt_userns,
703 struct dentry *dentry, struct inode *inode,
704 const char *name, const void *value,
705 size_t size, int flags)
706{
707 dbg_gen("xattr '%s', host ino %lu ('%pd'), size %zd",
708 name, inode->i_ino, dentry, size);
709
710 name = xattr_full_name(handler, name);
711
712 if (value)
713 return ubifs_xattr_set(inode, name, value, size, flags, true);
714 else
715 return ubifs_xattr_remove(inode, name);
716}
717
718static const struct xattr_handler ubifs_user_xattr_handler = {
719 .prefix = XATTR_USER_PREFIX,
720 .get = xattr_get,
721 .set = xattr_set,
722};
723
724static const struct xattr_handler ubifs_trusted_xattr_handler = {
725 .prefix = XATTR_TRUSTED_PREFIX,
726 .get = xattr_get,
727 .set = xattr_set,
728};
729
730#ifdef CONFIG_UBIFS_FS_SECURITY
731static const struct xattr_handler ubifs_security_xattr_handler = {
732 .prefix = XATTR_SECURITY_PREFIX,
733 .get = xattr_get,
734 .set = xattr_set,
735};
736#endif
737
738const struct xattr_handler *ubifs_xattr_handlers[] = {
739 &ubifs_user_xattr_handler,
740 &ubifs_trusted_xattr_handler,
741#ifdef CONFIG_UBIFS_FS_SECURITY
742 &ubifs_security_xattr_handler,
743#endif
744 NULL
745};
746