LXR linux/fs/ubifs/xattr.c

   1// SPDX-License-Identifier: GPL-2.0-only
   2/*
   3 * This file is part of UBIFS.
   4 *
   5 * Copyright (C) 2006-2008 Nokia Corporation.
   6 *
   7 * Authors: Artem Bityutskiy (Битюцкий Артём)
   8 *          Adrian Hunter
   9 */
  10
  11/*
  12 * This file implements UBIFS extended attributes support.
  13 *
  14 * Extended attributes are implemented as regular inodes with attached data,
  15 * which limits extended attribute size to UBIFS block size (4KiB). Names of
  16 * extended attributes are described by extended attribute entries (xentries),
  17 * which are almost identical to directory entries, but have different key type.
  18 *
  19 * In other words, the situation with extended attributes is very similar to
  20 * directories. Indeed, any inode (but of course not xattr inodes) may have a
  21 * number of associated xentries, just like directory inodes have associated
  22 * directory entries. Extended attribute entries store the name of the extended
  23 * attribute, the host inode number, and the extended attribute inode number.
  24 * Similarly, direntries store the name, the parent and the target inode
  25 * numbers. Thus, most of the common UBIFS mechanisms may be re-used for
  26 * extended attributes.
  27 *
  28 * The number of extended attributes is not limited, but there is Linux
  29 * limitation on the maximum possible size of the list of all extended
  30 * attributes associated with an inode (%XATTR_LIST_MAX), so UBIFS makes sure
  31 * the sum of all extended attribute names of the inode does not exceed that
  32 * limit.
  33 *
  34 * Extended attributes are synchronous, which means they are written to the
  35 * flash media synchronously and there is no write-back for extended attribute
  36 * inodes. The extended attribute values are not stored in compressed form on
  37 * the media.
  38 *
  39 * Since extended attributes are represented by regular inodes, they are cached
  40 * in the VFS inode cache. The xentries are cached in the LNC cache (see
  41 * tnc.c).
  42 *
  43 * ACL support is not implemented.
  44 */
  45
  46#include "ubifs.h"
  47#include <linux/fs.h>
  48#include <linux/slab.h>
  49#include <linux/xattr.h>
  50
  51/*
  52 * Extended attribute type constants.
  53 *
  54 * USER_XATTR: user extended attribute ("user.*")
  55 * TRUSTED_XATTR: trusted extended attribute ("trusted.*)
  56 * SECURITY_XATTR: security extended attribute ("security.*")
  57 */
  58enum {
  59        USER_XATTR,
  60        TRUSTED_XATTR,
  61        SECURITY_XATTR,
  62};
  63
  64static const struct inode_operations empty_iops;
  65static const struct file_operations empty_fops;
  66
  67/**
  68 * create_xattr - create an extended attribute.
  69 * @c: UBIFS file-system description object
  70 * @host: host inode
  71 * @nm: extended attribute name
  72 * @value: extended attribute value
  73 * @size: size of extended attribute value
  74 *
  75 * This is a helper function which creates an extended attribute of name @nm
  76 * and value @value for inode @host. The host inode is also updated on flash
  77 * because the ctime and extended attribute accounting data changes. This
  78 * function returns zero in case of success and a negative error code in case
  79 * of failure.
  80 */
  81static int create_xattr(struct ubifs_info *c, struct inode *host,
  82                        const struct fscrypt_name *nm, const void *value, int size)
  83{
  84        int err, names_len;
  85        struct inode *inode;
  86        struct ubifs_inode *ui, *host_ui = ubifs_inode(host);
  87        struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
  88                                .new_ino_d = ALIGN(size, 8), .dirtied_ino = 1,
  89                                .dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
  90
  91        if (host_ui->xattr_cnt >= ubifs_xattr_max_cnt(c)) {
  92                ubifs_err(c, "inode %lu already has too many xattrs (%d), cannot create more",
  93                          host->i_ino, host_ui->xattr_cnt);
  94                return -ENOSPC;
  95        }
  96        /*
  97         * Linux limits the maximum size of the extended attribute names list
  98         * to %XATTR_LIST_MAX. This means we should not allow creating more
  99         * extended attributes if the name list becomes larger. This limitation
 100         * is artificial for UBIFS, though.
 101         */
 102        names_len = host_ui->xattr_names + host_ui->xattr_cnt + fname_len(nm) + 1;
 103        if (names_len > XATTR_LIST_MAX) {
 104                ubifs_err(c, "cannot add one more xattr name to inode %lu, total names length would become %d, max. is %d",
 105                          host->i_ino, names_len, XATTR_LIST_MAX);
 106                return -ENOSPC;
 107        }
 108
 109        err = ubifs_budget_space(c, &req);
 110        if (err)
 111                return err;
 112
 113        inode = ubifs_new_inode(c, host, S_IFREG | S_IRWXUGO);
 114        if (IS_ERR(inode)) {
 115                err = PTR_ERR(inode);
 116                goto out_budg;
 117        }
 118
 119        /* Re-define all operations to be "nothing" */
 120        inode->i_mapping->a_ops = &empty_aops;
 121        inode->i_op = &empty_iops;
 122        inode->i_fop = &empty_fops;
 123
 124        inode->i_flags |= S_SYNC | S_NOATIME | S_NOCMTIME;
 125        ui = ubifs_inode(inode);
 126        ui->xattr = 1;
 127        ui->flags |= UBIFS_XATTR_FL;
 128        ui->data = kmemdup(value, size, GFP_NOFS);
 129        if (!ui->data) {
 130                err = -ENOMEM;
 131                goto out_free;
 132        }
 133        inode->i_size = ui->ui_size = size;
 134        ui->data_len = size;
 135
 136        mutex_lock(&host_ui->ui_mutex);
 137        host->i_ctime = current_time(host);
 138        host_ui->xattr_cnt += 1;
 139        host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
 140        host_ui->xattr_size += CALC_XATTR_BYTES(size);
 141        host_ui->xattr_names += fname_len(nm);
 142
 143        /*
 144         * We handle UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT here because we
 145         * have to set the UBIFS_CRYPT_FL flag on the host inode.
 146         * To avoid multiple updates of the same inode in the same operation,
 147         * let's do it here.
 148         */
 149        if (strcmp(fname_name(nm), UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
 150                host_ui->flags |= UBIFS_CRYPT_FL;
 151
 152        err = ubifs_jnl_update(c, host, nm, inode, 0, 1);
 153        if (err)
 154                goto out_cancel;
 155        ubifs_set_inode_flags(host);
 156        mutex_unlock(&host_ui->ui_mutex);
 157
 158        ubifs_release_budget(c, &req);
 159        insert_inode_hash(inode);
 160        iput(inode);
 161        return 0;
 162
 163out_cancel:
 164        host_ui->xattr_cnt -= 1;
 165        host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
 166        host_ui->xattr_size -= CALC_XATTR_BYTES(size);
 167        host_ui->xattr_names -= fname_len(nm);
 168        host_ui->flags &= ~UBIFS_CRYPT_FL;
 169        mutex_unlock(&host_ui->ui_mutex);
 170out_free:
 171        make_bad_inode(inode);
 172        iput(inode);
 173out_budg:
 174        ubifs_release_budget(c, &req);
 175        return err;
 176}
 177
 178/**
 179 * change_xattr - change an extended attribute.
 180 * @c: UBIFS file-system description object
 181 * @host: host inode
 182 * @inode: extended attribute inode
 183 * @value: extended attribute value
 184 * @size: size of extended attribute value
 185 *
 186 * This helper function changes the value of extended attribute @inode with new
 187 * data from @value. Returns zero in case of success and a negative error code
 188 * in case of failure.
 189 */
 190static int change_xattr(struct ubifs_info *c, struct inode *host,
 191                        struct inode *inode, const void *value, int size)
 192{
 193        int err;
 194        struct ubifs_inode *host_ui = ubifs_inode(host);
 195        struct ubifs_inode *ui = ubifs_inode(inode);
 196        void *buf = NULL;
 197        int old_size;
 198        struct ubifs_budget_req req = { .dirtied_ino = 2,
 199                .dirtied_ino_d = ALIGN(size, 8) + ALIGN(host_ui->data_len, 8) };
 200
 201        ubifs_assert(c, ui->data_len == inode->i_size);
 202        err = ubifs_budget_space(c, &req);
 203        if (err)
 204                return err;
 205
 206        buf = kmemdup(value, size, GFP_NOFS);
 207        if (!buf) {
 208                err = -ENOMEM;
 209                goto out_free;
 210        }
 211        kfree(ui->data);
 212        ui->data = buf;
 213        inode->i_size = ui->ui_size = size;
 214        old_size = ui->data_len;
 215        ui->data_len = size;
 216
 217        mutex_lock(&host_ui->ui_mutex);
 218        host->i_ctime = current_time(host);
 219        host_ui->xattr_size -= CALC_XATTR_BYTES(old_size);
 220        host_ui->xattr_size += CALC_XATTR_BYTES(size);
 221
 222        /*
 223         * It is important to write the host inode after the xattr inode
 224         * because if the host inode gets synchronized (via 'fsync()'), then
 225         * the extended attribute inode gets synchronized, because it goes
 226         * before the host inode in the write-buffer.
 227         */
 228        err = ubifs_jnl_change_xattr(c, inode, host);
 229        if (err)
 230                goto out_cancel;
 231        mutex_unlock(&host_ui->ui_mutex);
 232
 233        ubifs_release_budget(c, &req);
 234        return 0;
 235
 236out_cancel:
 237        host_ui->xattr_size -= CALC_XATTR_BYTES(size);
 238        host_ui->xattr_size += CALC_XATTR_BYTES(old_size);
 239        mutex_unlock(&host_ui->ui_mutex);
 240        make_bad_inode(inode);
 241out_free:
 242        ubifs_release_budget(c, &req);
 243        return err;
 244}
 245
 246static struct inode *iget_xattr(struct ubifs_info *c, ino_t inum)
 247{
 248        struct inode *inode;
 249
 250        inode = ubifs_iget(c->vfs_sb, inum);
 251        if (IS_ERR(inode)) {
 252                ubifs_err(c, "dead extended attribute entry, error %d",
 253                          (int)PTR_ERR(inode));
 254                return inode;
 255        }
 256        if (ubifs_inode(inode)->xattr)
 257                return inode;
 258        ubifs_err(c, "corrupt extended attribute entry");
 259        iput(inode);
 260        return ERR_PTR(-EINVAL);
 261}
 262
 263int ubifs_xattr_set(struct inode *host, const char *name, const void *value,
 264                    size_t size, int flags, bool check_lock)
 265{
 266        struct inode *inode;
 267        struct ubifs_info *c = host->i_sb->s_fs_info;
 268        struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
 269        struct ubifs_dent_node *xent;
 270        union ubifs_key key;
 271        int err;
 272
 273        if (check_lock)
 274                ubifs_assert(c, inode_is_locked(host));
 275
 276        if (size > UBIFS_MAX_INO_DATA)
 277                return -ERANGE;
 278
 279        if (fname_len(&nm) > UBIFS_MAX_NLEN)
 280                return -ENAMETOOLONG;
 281
 282        xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
 283        if (!xent)
 284                return -ENOMEM;
 285
 286        down_write(&ubifs_inode(host)->xattr_sem);
 287        /*
 288         * The extended attribute entries are stored in LNC, so multiple
 289         * look-ups do not involve reading the flash.
 290         */
 291        xent_key_init(c, &key, host->i_ino, &nm);
 292        err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
 293        if (err) {
 294                if (err != -ENOENT)
 295                        goto out_free;
 296
 297                if (flags & XATTR_REPLACE)
 298                        /* We are asked not to create the xattr */
 299                        err = -ENODATA;
 300                else
 301                        err = create_xattr(c, host, &nm, value, size);
 302                goto out_free;
 303        }
 304
 305        if (flags & XATTR_CREATE) {
 306                /* We are asked not to replace the xattr */
 307                err = -EEXIST;
 308                goto out_free;
 309        }
 310
 311        inode = iget_xattr(c, le64_to_cpu(xent->inum));
 312        if (IS_ERR(inode)) {
 313                err = PTR_ERR(inode);
 314                goto out_free;
 315        }
 316
 317        err = change_xattr(c, host, inode, value, size);
 318        iput(inode);
 319
 320out_free:
 321        up_write(&ubifs_inode(host)->xattr_sem);
 322        kfree(xent);
 323        return err;
 324}
 325
 326ssize_t ubifs_xattr_get(struct inode *host, const char *name, void *buf,
 327                        size_t size)
 328{
 329        struct inode *inode;
 330        struct ubifs_info *c = host->i_sb->s_fs_info;
 331        struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
 332        struct ubifs_inode *ui;
 333        struct ubifs_dent_node *xent;
 334        union ubifs_key key;
 335        int err;
 336
 337        if (fname_len(&nm) > UBIFS_MAX_NLEN)
 338                return -ENAMETOOLONG;
 339
 340        xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
 341        if (!xent)
 342                return -ENOMEM;
 343
 344        down_read(&ubifs_inode(host)->xattr_sem);
 345        xent_key_init(c, &key, host->i_ino, &nm);
 346        err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
 347        if (err) {
 348                if (err == -ENOENT)
 349                        err = -ENODATA;
 350                goto out_cleanup;
 351        }
 352
 353        inode = iget_xattr(c, le64_to_cpu(xent->inum));
 354        if (IS_ERR(inode)) {
 355                err = PTR_ERR(inode);
 356                goto out_cleanup;
 357        }
 358
 359        ui = ubifs_inode(inode);
 360        ubifs_assert(c, inode->i_size == ui->data_len);
 361        ubifs_assert(c, ubifs_inode(host)->xattr_size > ui->data_len);
 362
 363        if (buf) {
 364                /* If @buf is %NULL we are supposed to return the length */
 365                if (ui->data_len > size) {
 366                        err = -ERANGE;
 367                        goto out_iput;
 368                }
 369
 370                memcpy(buf, ui->data, ui->data_len);
 371        }
 372        err = ui->data_len;
 373
 374out_iput:
 375        iput(inode);
 376out_cleanup:
 377        up_read(&ubifs_inode(host)->xattr_sem);
 378        kfree(xent);
 379        return err;
 380}
 381
 382static bool xattr_visible(const char *name)
 383{
 384        /* File encryption related xattrs are for internal use only */
 385        if (strcmp(name, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
 386                return false;
 387
 388        /* Show trusted namespace only for "power" users */
 389        if (strncmp(name, XATTR_TRUSTED_PREFIX,
 390                    XATTR_TRUSTED_PREFIX_LEN) == 0 && !capable(CAP_SYS_ADMIN))
 391                return false;
 392
 393        return true;
 394}
 395
 396ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size)
 397{
 398        union ubifs_key key;
 399        struct inode *host = d_inode(dentry);
 400        struct ubifs_info *c = host->i_sb->s_fs_info;
 401        struct ubifs_inode *host_ui = ubifs_inode(host);
 402        struct ubifs_dent_node *xent, *pxent = NULL;
 403        int err, len, written = 0;
 404        struct fscrypt_name nm = {0};
 405
 406        dbg_gen("ino %lu ('%pd'), buffer size %zd", host->i_ino,
 407                dentry, size);
 408
 409        down_read(&host_ui->xattr_sem);
 410        len = host_ui->xattr_names + host_ui->xattr_cnt;
 411        if (!buffer) {
 412                /*
 413                 * We should return the minimum buffer size which will fit a
 414                 * null-terminated list of all the extended attribute names.
 415                 */
 416                err = len;
 417                goto out_err;
 418        }
 419
 420        if (len > size) {
 421                err = -ERANGE;
 422                goto out_err;
 423        }
 424
 425        lowest_xent_key(c, &key, host->i_ino);
 426        while (1) {
 427                xent = ubifs_tnc_next_ent(c, &key, &nm);
 428                if (IS_ERR(xent)) {
 429                        err = PTR_ERR(xent);
 430                        break;
 431                }
 432
 433                fname_name(&nm) = xent->name;
 434                fname_len(&nm) = le16_to_cpu(xent->nlen);
 435
 436                if (xattr_visible(xent->name)) {
 437                        memcpy(buffer + written, fname_name(&nm), fname_len(&nm) + 1);
 438                        written += fname_len(&nm) + 1;
 439                }
 440
 441                kfree(pxent);
 442                pxent = xent;
 443                key_read(c, &xent->key, &key);
 444        }
 445        kfree(pxent);
 446        up_read(&host_ui->xattr_sem);
 447
 448        if (err != -ENOENT) {
 449                ubifs_err(c, "cannot find next direntry, error %d", err);
 450                return err;
 451        }
 452
 453        ubifs_assert(c, written <= size);
 454        return written;
 455
 456out_err:
 457        up_read(&host_ui->xattr_sem);
 458        return err;
 459}
 460
 461static int remove_xattr(struct ubifs_info *c, struct inode *host,
 462                        struct inode *inode, const struct fscrypt_name *nm)
 463{
 464        int err;
 465        struct ubifs_inode *host_ui = ubifs_inode(host);
 466        struct ubifs_inode *ui = ubifs_inode(inode);
 467        struct ubifs_budget_req req = { .dirtied_ino = 2, .mod_dent = 1,
 468                                .dirtied_ino_d = ALIGN(host_ui->data_len, 8) };
 469
 470        ubifs_assert(c, ui->data_len == inode->i_size);
 471
 472        err = ubifs_budget_space(c, &req);
 473        if (err)
 474                return err;
 475
 476        mutex_lock(&host_ui->ui_mutex);
 477        host->i_ctime = current_time(host);
 478        host_ui->xattr_cnt -= 1;
 479        host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm));
 480        host_ui->xattr_size -= CALC_XATTR_BYTES(ui->data_len);
 481        host_ui->xattr_names -= fname_len(nm);
 482
 483        err = ubifs_jnl_delete_xattr(c, host, inode, nm);
 484        if (err)
 485                goto out_cancel;
 486        mutex_unlock(&host_ui->ui_mutex);
 487
 488        ubifs_release_budget(c, &req);
 489        return 0;
 490
 491out_cancel:
 492        host_ui->xattr_cnt += 1;
 493        host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm));
 494        host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len);
 495        host_ui->xattr_names += fname_len(nm);
 496        mutex_unlock(&host_ui->ui_mutex);
 497        ubifs_release_budget(c, &req);
 498        make_bad_inode(inode);
 499        return err;
 500}
 501
 502int ubifs_purge_xattrs(struct inode *host)
 503{
 504        union ubifs_key key;
 505        struct ubifs_info *c = host->i_sb->s_fs_info;
 506        struct ubifs_dent_node *xent, *pxent = NULL;
 507        struct inode *xino;
 508        struct fscrypt_name nm = {0};
 509        int err;
 510
 511        if (ubifs_inode(host)->xattr_cnt <= ubifs_xattr_max_cnt(c))
 512                return 0;
 513
 514        ubifs_warn(c, "inode %lu has too many xattrs, doing a non-atomic deletion",
 515                   host->i_ino);
 516
 517        down_write(&ubifs_inode(host)->xattr_sem);
 518        lowest_xent_key(c, &key, host->i_ino);
 519        while (1) {
 520                xent = ubifs_tnc_next_ent(c, &key, &nm);
 521                if (IS_ERR(xent)) {
 522                        err = PTR_ERR(xent);
 523                        break;
 524                }
 525
 526                fname_name(&nm) = xent->name;
 527                fname_len(&nm) = le16_to_cpu(xent->nlen);
 528
 529                xino = ubifs_iget(c->vfs_sb, le64_to_cpu(xent->inum));
 530                if (IS_ERR(xino)) {
 531                        err = PTR_ERR(xino);
 532                        ubifs_err(c, "dead directory entry '%s', error %d",
 533                                  xent->name, err);
 534                        ubifs_ro_mode(c, err);
 535                        kfree(pxent);
 536                        kfree(xent);
 537                        goto out_err;
 538                }
 539
 540                ubifs_assert(c, ubifs_inode(xino)->xattr);
 541
 542                clear_nlink(xino);
 543                err = remove_xattr(c, host, xino, &nm);
 544                if (err) {
 545                        kfree(pxent);
 546                        kfree(xent);
 547                        iput(xino);
 548                        ubifs_err(c, "cannot remove xattr, error %d", err);
 549                        goto out_err;
 550                }
 551
 552                iput(xino);
 553
 554                kfree(pxent);
 555                pxent = xent;
 556                key_read(c, &xent->key, &key);
 557        }
 558        kfree(pxent);
 559        up_write(&ubifs_inode(host)->xattr_sem);
 560
 561        if (err != -ENOENT) {
 562                ubifs_err(c, "cannot find next direntry, error %d", err);
 563                return err;
 564        }
 565
 566        return 0;
 567
 568out_err:
 569        up_write(&ubifs_inode(host)->xattr_sem);
 570        return err;
 571}
 572
 573/**
 574 * ubifs_evict_xattr_inode - Evict an xattr inode.
 575 * @c: UBIFS file-system description object
 576 * @xattr_inum: xattr inode number
 577 *
 578 * When an inode that hosts xattrs is being removed we have to make sure
 579 * that cached inodes of the xattrs also get removed from the inode cache
 580 * otherwise we'd waste memory. This function looks up an inode from the
 581 * inode cache and clears the link counter such that iput() will evict
 582 * the inode.
 583 */
 584void ubifs_evict_xattr_inode(struct ubifs_info *c, ino_t xattr_inum)
 585{
 586        struct inode *inode;
 587
 588        inode = ilookup(c->vfs_sb, xattr_inum);
 589        if (inode) {
 590                clear_nlink(inode);
 591                iput(inode);
 592        }
 593}
 594
 595static int ubifs_xattr_remove(struct inode *host, const char *name)
 596{
 597        struct inode *inode;
 598        struct ubifs_info *c = host->i_sb->s_fs_info;
 599        struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))};
 600        struct ubifs_dent_node *xent;
 601        union ubifs_key key;
 602        int err;
 603
 604        ubifs_assert(c, inode_is_locked(host));
 605
 606        if (fname_len(&nm) > UBIFS_MAX_NLEN)
 607                return -ENAMETOOLONG;
 608
 609        xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS);
 610        if (!xent)
 611                return -ENOMEM;
 612
 613        down_write(&ubifs_inode(host)->xattr_sem);
 614        xent_key_init(c, &key, host->i_ino, &nm);
 615        err = ubifs_tnc_lookup_nm(c, &key, xent, &nm);
 616        if (err) {
 617                if (err == -ENOENT)
 618                        err = -ENODATA;
 619                goto out_free;
 620        }
 621
 622        inode = iget_xattr(c, le64_to_cpu(xent->inum));
 623        if (IS_ERR(inode)) {
 624                err = PTR_ERR(inode);
 625                goto out_free;
 626        }
 627
 628        ubifs_assert(c, inode->i_nlink == 1);
 629        clear_nlink(inode);
 630        err = remove_xattr(c, host, inode, &nm);
 631        if (err)
 632                set_nlink(inode, 1);
 633
 634        /* If @i_nlink is 0, 'iput()' will delete the inode */
 635        iput(inode);
 636
 637out_free:
 638        up_write(&ubifs_inode(host)->xattr_sem);
 639        kfree(xent);
 640        return err;
 641}
 642
 643#ifdef CONFIG_UBIFS_FS_SECURITY
 644static int init_xattrs(struct inode *inode, const struct xattr *xattr_array,
 645                      void *fs_info)
 646{
 647        const struct xattr *xattr;
 648        char *name;
 649        int err = 0;
 650
 651        for (xattr = xattr_array; xattr->name != NULL; xattr++) {
 652                name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
 653                               strlen(xattr->name) + 1, GFP_NOFS);
 654                if (!name) {
 655                        err = -ENOMEM;
 656                        break;
 657                }
 658                strcpy(name, XATTR_SECURITY_PREFIX);
 659                strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
 660                /*
 661                 * creating a new inode without holding the inode rwsem,
 662                 * no need to check whether inode is locked.
 663                 */
 664                err = ubifs_xattr_set(inode, name, xattr->value,
 665                                      xattr->value_len, 0, false);
 666                kfree(name);
 667                if (err < 0)
 668                        break;
 669        }
 670
 671        return err;
 672}
 673
 674int ubifs_init_security(struct inode *dentry, struct inode *inode,
 675                        const struct qstr *qstr)
 676{
 677        int err;
 678
 679        err = security_inode_init_security(inode, dentry, qstr,
 680                                           &init_xattrs, 0);
 681        if (err) {
 682                struct ubifs_info *c = dentry->i_sb->s_fs_info;
 683                ubifs_err(c, "cannot initialize security for inode %lu, error %d",
 684                          inode->i_ino, err);
 685        }
 686        return err;
 687}
 688#endif
 689
 690static int xattr_get(const struct xattr_handler *handler,
 691                           struct dentry *dentry, struct inode *inode,
 692                           const char *name, void *buffer, size_t size)
 693{
 694        dbg_gen("xattr '%s', ino %lu ('%pd'), buf size %zd", name,
 695                inode->i_ino, dentry, size);
 696
 697        name = xattr_full_name(handler, name);
 698        return ubifs_xattr_get(inode, name, buffer, size);
 699}
 700
 701static int xattr_set(const struct xattr_handler *handler,
 702                           struct user_namespace *mnt_userns,
 703                           struct dentry *dentry, struct inode *inode,
 704                           const char *name, const void *value,
 705                           size_t size, int flags)
 706{
 707        dbg_gen("xattr '%s', host ino %lu ('%pd'), size %zd",
 708                name, inode->i_ino, dentry, size);
 709
 710        name = xattr_full_name(handler, name);
 711
 712        if (value)
 713                return ubifs_xattr_set(inode, name, value, size, flags, true);
 714        else
 715                return ubifs_xattr_remove(inode, name);
 716}
 717
 718static const struct xattr_handler ubifs_user_xattr_handler = {
 719        .prefix = XATTR_USER_PREFIX,
 720        .get = xattr_get,
 721        .set = xattr_set,
 722};
 723
 724static const struct xattr_handler ubifs_trusted_xattr_handler = {
 725        .prefix = XATTR_TRUSTED_PREFIX,
 726        .get = xattr_get,
 727        .set = xattr_set,
 728};
 729
 730#ifdef CONFIG_UBIFS_FS_SECURITY
 731static const struct xattr_handler ubifs_security_xattr_handler = {
 732        .prefix = XATTR_SECURITY_PREFIX,
 733        .get = xattr_get,
 734        .set = xattr_set,
 735};
 736#endif
 737
 738const struct xattr_handler *ubifs_xattr_handlers[] = {
 739        &ubifs_user_xattr_handler,
 740        &ubifs_trusted_xattr_handler,
 741#ifdef CONFIG_UBIFS_FS_SECURITY
 742        &ubifs_security_xattr_handler,
 743#endif
 744        NULL
 745};
 746