linux/fs/ceph/acl.c
<<
>>
Prefs
   1// SPDX-License-Identifier: GPL-2.0-only
   2/*
   3 * linux/fs/ceph/acl.c
   4 *
   5 * Copyright (C) 2013 Guangliang Zhao, <lucienchao@gmail.com>
   6 */
   7
   8#include <linux/ceph/ceph_debug.h>
   9#include <linux/fs.h>
  10#include <linux/string.h>
  11#include <linux/xattr.h>
  12#include <linux/posix_acl_xattr.h>
  13#include <linux/posix_acl.h>
  14#include <linux/sched.h>
  15#include <linux/slab.h>
  16
  17#include "super.h"
  18
  19static inline void ceph_set_cached_acl(struct inode *inode,
  20                                        int type, struct posix_acl *acl)
  21{
  22        struct ceph_inode_info *ci = ceph_inode(inode);
  23
  24        spin_lock(&ci->i_ceph_lock);
  25        if (__ceph_caps_issued_mask_metric(ci, CEPH_CAP_XATTR_SHARED, 0))
  26                set_cached_acl(inode, type, acl);
  27        else
  28                forget_cached_acl(inode, type);
  29        spin_unlock(&ci->i_ceph_lock);
  30}
  31
  32struct posix_acl *ceph_get_acl(struct inode *inode, int type)
  33{
  34        int size;
  35        unsigned int retry_cnt = 0;
  36        const char *name;
  37        char *value = NULL;
  38        struct posix_acl *acl;
  39
  40        switch (type) {
  41        case ACL_TYPE_ACCESS:
  42                name = XATTR_NAME_POSIX_ACL_ACCESS;
  43                break;
  44        case ACL_TYPE_DEFAULT:
  45                name = XATTR_NAME_POSIX_ACL_DEFAULT;
  46                break;
  47        default:
  48                BUG();
  49        }
  50
  51retry:
  52        size = __ceph_getxattr(inode, name, "", 0);
  53        if (size > 0) {
  54                value = kzalloc(size, GFP_NOFS);
  55                if (!value)
  56                        return ERR_PTR(-ENOMEM);
  57                size = __ceph_getxattr(inode, name, value, size);
  58        }
  59
  60        if (size == -ERANGE && retry_cnt < 10) {
  61                retry_cnt++;
  62                kfree(value);
  63                value = NULL;
  64                goto retry;
  65        }
  66
  67        if (size > 0) {
  68                acl = posix_acl_from_xattr(&init_user_ns, value, size);
  69        } else if (size == -ENODATA || size == 0) {
  70                acl = NULL;
  71        } else {
  72                pr_err_ratelimited("get acl %llx.%llx failed, err=%d\n",
  73                                   ceph_vinop(inode), size);
  74                acl = ERR_PTR(-EIO);
  75        }
  76
  77        kfree(value);
  78
  79        if (!IS_ERR(acl))
  80                ceph_set_cached_acl(inode, type, acl);
  81
  82        return acl;
  83}
  84
  85int ceph_set_acl(struct user_namespace *mnt_userns, struct inode *inode,
  86                 struct posix_acl *acl, int type)
  87{
  88        int ret = 0, size = 0;
  89        const char *name = NULL;
  90        char *value = NULL;
  91        struct iattr newattrs;
  92        struct timespec64 old_ctime = inode->i_ctime;
  93        umode_t new_mode = inode->i_mode, old_mode = inode->i_mode;
  94
  95        if (ceph_snap(inode) != CEPH_NOSNAP) {
  96                ret = -EROFS;
  97                goto out;
  98        }
  99
 100        switch (type) {
 101        case ACL_TYPE_ACCESS:
 102                name = XATTR_NAME_POSIX_ACL_ACCESS;
 103                if (acl) {
 104                        ret = posix_acl_update_mode(&init_user_ns, inode,
 105                                                    &new_mode, &acl);
 106                        if (ret)
 107                                goto out;
 108                }
 109                break;
 110        case ACL_TYPE_DEFAULT:
 111                if (!S_ISDIR(inode->i_mode)) {
 112                        ret = acl ? -EINVAL : 0;
 113                        goto out;
 114                }
 115                name = XATTR_NAME_POSIX_ACL_DEFAULT;
 116                break;
 117        default:
 118                ret = -EINVAL;
 119                goto out;
 120        }
 121
 122        if (acl) {
 123                size = posix_acl_xattr_size(acl->a_count);
 124                value = kmalloc(size, GFP_NOFS);
 125                if (!value) {
 126                        ret = -ENOMEM;
 127                        goto out;
 128                }
 129
 130                ret = posix_acl_to_xattr(&init_user_ns, acl, value, size);
 131                if (ret < 0)
 132                        goto out_free;
 133        }
 134
 135        if (new_mode != old_mode) {
 136                newattrs.ia_ctime = current_time(inode);
 137                newattrs.ia_mode = new_mode;
 138                newattrs.ia_valid = ATTR_MODE | ATTR_CTIME;
 139                ret = __ceph_setattr(inode, &newattrs);
 140                if (ret)
 141                        goto out_free;
 142        }
 143
 144        ret = __ceph_setxattr(inode, name, value, size, 0);
 145        if (ret) {
 146                if (new_mode != old_mode) {
 147                        newattrs.ia_ctime = old_ctime;
 148                        newattrs.ia_mode = old_mode;
 149                        newattrs.ia_valid = ATTR_MODE | ATTR_CTIME;
 150                        __ceph_setattr(inode, &newattrs);
 151                }
 152                goto out_free;
 153        }
 154
 155        ceph_set_cached_acl(inode, type, acl);
 156
 157out_free:
 158        kfree(value);
 159out:
 160        return ret;
 161}
 162
 163int ceph_pre_init_acls(struct inode *dir, umode_t *mode,
 164                       struct ceph_acl_sec_ctx *as_ctx)
 165{
 166        struct posix_acl *acl, *default_acl;
 167        size_t val_size1 = 0, val_size2 = 0;
 168        struct ceph_pagelist *pagelist = NULL;
 169        void *tmp_buf = NULL;
 170        int err;
 171
 172        err = posix_acl_create(dir, mode, &default_acl, &acl);
 173        if (err)
 174                return err;
 175
 176        if (acl) {
 177                err = posix_acl_equiv_mode(acl, mode);
 178                if (err < 0)
 179                        goto out_err;
 180                if (err == 0) {
 181                        posix_acl_release(acl);
 182                        acl = NULL;
 183                }
 184        }
 185
 186        if (!default_acl && !acl)
 187                return 0;
 188
 189        if (acl)
 190                val_size1 = posix_acl_xattr_size(acl->a_count);
 191        if (default_acl)
 192                val_size2 = posix_acl_xattr_size(default_acl->a_count);
 193
 194        err = -ENOMEM;
 195        tmp_buf = kmalloc(max(val_size1, val_size2), GFP_KERNEL);
 196        if (!tmp_buf)
 197                goto out_err;
 198        pagelist = ceph_pagelist_alloc(GFP_KERNEL);
 199        if (!pagelist)
 200                goto out_err;
 201
 202        err = ceph_pagelist_reserve(pagelist, PAGE_SIZE);
 203        if (err)
 204                goto out_err;
 205
 206        ceph_pagelist_encode_32(pagelist, acl && default_acl ? 2 : 1);
 207
 208        if (acl) {
 209                size_t len = strlen(XATTR_NAME_POSIX_ACL_ACCESS);
 210                err = ceph_pagelist_reserve(pagelist, len + val_size1 + 8);
 211                if (err)
 212                        goto out_err;
 213                ceph_pagelist_encode_string(pagelist, XATTR_NAME_POSIX_ACL_ACCESS,
 214                                            len);
 215                err = posix_acl_to_xattr(&init_user_ns, acl,
 216                                         tmp_buf, val_size1);
 217                if (err < 0)
 218                        goto out_err;
 219                ceph_pagelist_encode_32(pagelist, val_size1);
 220                ceph_pagelist_append(pagelist, tmp_buf, val_size1);
 221        }
 222        if (default_acl) {
 223                size_t len = strlen(XATTR_NAME_POSIX_ACL_DEFAULT);
 224                err = ceph_pagelist_reserve(pagelist, len + val_size2 + 8);
 225                if (err)
 226                        goto out_err;
 227                ceph_pagelist_encode_string(pagelist,
 228                                          XATTR_NAME_POSIX_ACL_DEFAULT, len);
 229                err = posix_acl_to_xattr(&init_user_ns, default_acl,
 230                                         tmp_buf, val_size2);
 231                if (err < 0)
 232                        goto out_err;
 233                ceph_pagelist_encode_32(pagelist, val_size2);
 234                ceph_pagelist_append(pagelist, tmp_buf, val_size2);
 235        }
 236
 237        kfree(tmp_buf);
 238
 239        as_ctx->acl = acl;
 240        as_ctx->default_acl = default_acl;
 241        as_ctx->pagelist = pagelist;
 242        return 0;
 243
 244out_err:
 245        posix_acl_release(acl);
 246        posix_acl_release(default_acl);
 247        kfree(tmp_buf);
 248        if (pagelist)
 249                ceph_pagelist_release(pagelist);
 250        return err;
 251}
 252
 253void ceph_init_inode_acls(struct inode *inode, struct ceph_acl_sec_ctx *as_ctx)
 254{
 255        if (!inode)
 256                return;
 257        ceph_set_cached_acl(inode, ACL_TYPE_ACCESS, as_ctx->acl);
 258        ceph_set_cached_acl(inode, ACL_TYPE_DEFAULT, as_ctx->default_acl);
 259}
 260