fs/btrfs/xattr.c

0001 // SPDX-License-Identifier: GPL-2.0
0002 /*
0003  * Copyright (C) 2007 Red Hat.  All rights reserved.
0004  */
0005
0006 #include <linux/init.h>
0007 #include <linux/fs.h>
0008 #include <linux/slab.h>
0009 #include <linux/rwsem.h>
0010 #include <linux/xattr.h>
0011 #include <linux/security.h>
0012 #include <linux/posix_acl_xattr.h>
0013 #include <linux/iversion.h>
0014 #include <linux/sched/mm.h>
0015 #include "ctree.h"
0016 #include "btrfs_inode.h"
0017 #include "transaction.h"
0018 #include "xattr.h"
0019 #include "disk-io.h"
0020 #include "props.h"
0021 #include "locking.h"
0022
0023 int btrfs_getxattr(struct inode *inode, const char *name,
0024                 void *buffer, size_t size)
0025 {
0026     struct btrfs_dir_item *di;
0027     struct btrfs_root *root = BTRFS_I(inode)->root;
0028     struct btrfs_path *path;
0029     struct extent_buffer *leaf;
0030     int ret = 0;
0031     unsigned long data_ptr;
0032
0033     path = btrfs_alloc_path();
0034     if (!path)
0035         return -ENOMEM;
0036
0037     /* lookup the xattr by name */
0038     di = btrfs_lookup_xattr(NULL, root, path, btrfs_ino(BTRFS_I(inode)),
0039             name, strlen(name), 0);
0040     if (!di) {
0041         ret = -ENODATA;
0042         goto out;
0043     } else if (IS_ERR(di)) {
0044         ret = PTR_ERR(di);
0045         goto out;
0046     }
0047
0048     leaf = path->nodes[0];
0049     /* if size is 0, that means we want the size of the attr */
0050     if (!size) {
0051         ret = btrfs_dir_data_len(leaf, di);
0052         goto out;
0053     }
0054
0055     /* now get the data out of our dir_item */
0056     if (btrfs_dir_data_len(leaf, di) > size) {
0057         ret = -ERANGE;
0058         goto out;
0059     }
0060
0061     /*
0062      * The way things are packed into the leaf is like this
0063      * |struct btrfs_dir_item|name|data|
0064      * where name is the xattr name, so security.foo, and data is the
0065      * content of the xattr.  data_ptr points to the location in memory
0066      * where the data starts in the in memory leaf
0067      */
0068     data_ptr = (unsigned long)((char *)(di + 1) +
0069                    btrfs_dir_name_len(leaf, di));
0070     read_extent_buffer(leaf, buffer, data_ptr,
0071                btrfs_dir_data_len(leaf, di));
0072     ret = btrfs_dir_data_len(leaf, di);
0073
0074 out:
0075     btrfs_free_path(path);
0076     return ret;
0077 }
0078
0079 int btrfs_setxattr(struct btrfs_trans_handle *trans, struct inode *inode,
0080            const char *name, const void *value, size_t size, int flags)
0081 {
0082     struct btrfs_dir_item *di = NULL;
0083     struct btrfs_root *root = BTRFS_I(inode)->root;
0084     struct btrfs_fs_info *fs_info = root->fs_info;
0085     struct btrfs_path *path;
0086     size_t name_len = strlen(name);
0087     int ret = 0;
0088
0089     ASSERT(trans);
0090
0091     if (name_len + size > BTRFS_MAX_XATTR_SIZE(root->fs_info))
0092         return -ENOSPC;
0093
0094     path = btrfs_alloc_path();
0095     if (!path)
0096         return -ENOMEM;
0097     path->skip_release_on_error = 1;
0098
0099     if (!value) {
0100         di = btrfs_lookup_xattr(trans, root, path,
0101                 btrfs_ino(BTRFS_I(inode)), name, name_len, -1);
0102         if (!di && (flags & XATTR_REPLACE))
0103             ret = -ENODATA;
0104         else if (IS_ERR(di))
0105             ret = PTR_ERR(di);
0106         else if (di)
0107             ret = btrfs_delete_one_dir_name(trans, root, path, di);
0108         goto out;
0109     }
0110
0111     /*
0112      * For a replace we can't just do the insert blindly.
0113      * Do a lookup first (read-only btrfs_search_slot), and return if xattr
0114      * doesn't exist. If it exists, fall down below to the insert/replace
0115      * path - we can't race with a concurrent xattr delete, because the VFS
0116      * locks the inode's i_mutex before calling setxattr or removexattr.
0117      */
0118     if (flags & XATTR_REPLACE) {
0119         ASSERT(inode_is_locked(inode));
0120         di = btrfs_lookup_xattr(NULL, root, path,
0121                 btrfs_ino(BTRFS_I(inode)), name, name_len, 0);
0122         if (!di)
0123             ret = -ENODATA;
0124         else if (IS_ERR(di))
0125             ret = PTR_ERR(di);
0126         if (ret)
0127             goto out;
0128         btrfs_release_path(path);
0129         di = NULL;
0130     }
0131
0132     ret = btrfs_insert_xattr_item(trans, root, path, btrfs_ino(BTRFS_I(inode)),
0133                       name, name_len, value, size);
0134     if (ret == -EOVERFLOW) {
0135         /*
0136          * We have an existing item in a leaf, split_leaf couldn't
0137          * expand it. That item might have or not a dir_item that
0138          * matches our target xattr, so lets check.
0139          */
0140         ret = 0;
0141         btrfs_assert_tree_write_locked(path->nodes[0]);
0142         di = btrfs_match_dir_item_name(fs_info, path, name, name_len);
0143         if (!di && !(flags & XATTR_REPLACE)) {
0144             ret = -ENOSPC;
0145             goto out;
0146         }
0147     } else if (ret == -EEXIST) {
0148         ret = 0;
0149         di = btrfs_match_dir_item_name(fs_info, path, name, name_len);
0150         ASSERT(di); /* logic error */
0151     } else if (ret) {
0152         goto out;
0153     }
0154
0155     if (di && (flags & XATTR_CREATE)) {
0156         ret = -EEXIST;
0157         goto out;
0158     }
0159
0160     if (di) {
0161         /*
0162          * We're doing a replace, and it must be atomic, that is, at
0163          * any point in time we have either the old or the new xattr
0164          * value in the tree. We don't want readers (getxattr and
0165          * listxattrs) to miss a value, this is specially important
0166          * for ACLs.
0167          */
0168         const int slot = path->slots[0];
0169         struct extent_buffer *leaf = path->nodes[0];
0170         const u16 old_data_len = btrfs_dir_data_len(leaf, di);
0171         const u32 item_size = btrfs_item_size(leaf, slot);
0172         const u32 data_size = sizeof(*di) + name_len + size;
0173         unsigned long data_ptr;
0174         char *ptr;
0175
0176         if (size > old_data_len) {
0177             if (btrfs_leaf_free_space(leaf) <
0178                 (size - old_data_len)) {
0179                 ret = -ENOSPC;
0180                 goto out;
0181             }
0182         }
0183
0184         if (old_data_len + name_len + sizeof(*di) == item_size) {
0185             /* No other xattrs packed in the same leaf item. */
0186             if (size > old_data_len)
0187                 btrfs_extend_item(path, size - old_data_len);
0188             else if (size < old_data_len)
0189                 btrfs_truncate_item(path, data_size, 1);
0190         } else {
0191             /* There are other xattrs packed in the same item. */
0192             ret = btrfs_delete_one_dir_name(trans, root, path, di);
0193             if (ret)
0194                 goto out;
0195             btrfs_extend_item(path, data_size);
0196         }
0197
0198         ptr = btrfs_item_ptr(leaf, slot, char);
0199         ptr += btrfs_item_size(leaf, slot) - data_size;
0200         di = (struct btrfs_dir_item *)ptr;
0201         btrfs_set_dir_data_len(leaf, di, size);
0202         data_ptr = ((unsigned long)(di + 1)) + name_len;
0203         write_extent_buffer(leaf, value, data_ptr, size);
0204         btrfs_mark_buffer_dirty(leaf);
0205     } else {
0206         /*
0207          * Insert, and we had space for the xattr, so path->slots[0] is
0208          * where our xattr dir_item is and btrfs_insert_xattr_item()
0209          * filled it.
0210          */
0211     }
0212 out:
0213     btrfs_free_path(path);
0214     if (!ret) {
0215         set_bit(BTRFS_INODE_COPY_EVERYTHING,
0216             &BTRFS_I(inode)->runtime_flags);
0217         clear_bit(BTRFS_INODE_NO_XATTRS, &BTRFS_I(inode)->runtime_flags);
0218     }
0219     return ret;
0220 }
0221
0222 /*
0223  * @value: "" makes the attribute to empty, NULL removes it
0224  */
0225 int btrfs_setxattr_trans(struct inode *inode, const char *name,
0226              const void *value, size_t size, int flags)
0227 {
0228     struct btrfs_root *root = BTRFS_I(inode)->root;
0229     struct btrfs_trans_handle *trans;
0230     const bool start_trans = (current->journal_info == NULL);
0231     int ret;
0232
0233     if (start_trans) {
0234         /*
0235          * 1 unit for inserting/updating/deleting the xattr
0236          * 1 unit for the inode item update
0237          */
0238         trans = btrfs_start_transaction(root, 2);
0239         if (IS_ERR(trans))
0240             return PTR_ERR(trans);
0241     } else {
0242         /*
0243          * This can happen when smack is enabled and a directory is being
0244          * created. It happens through d_instantiate_new(), which calls
0245          * smack_d_instantiate(), which in turn calls __vfs_setxattr() to
0246          * set the transmute xattr (XATTR_NAME_SMACKTRANSMUTE) on the
0247          * inode. We have already reserved space for the xattr and inode
0248          * update at btrfs_mkdir(), so just use the transaction handle.
0249          * We don't join or start a transaction, as that will reset the
0250          * block_rsv of the handle and trigger a warning for the start
0251          * case.
0252          */
0253         ASSERT(strncmp(name, XATTR_SECURITY_PREFIX,
0254                    XATTR_SECURITY_PREFIX_LEN) == 0);
0255         trans = current->journal_info;
0256     }
0257
0258     ret = btrfs_setxattr(trans, inode, name, value, size, flags);
0259     if (ret)
0260         goto out;
0261
0262     inode_inc_iversion(inode);
0263     inode->i_ctime = current_time(inode);
0264     ret = btrfs_update_inode(trans, root, BTRFS_I(inode));
0265     if (ret)
0266         btrfs_abort_transaction(trans, ret);
0267 out:
0268     if (start_trans)
0269         btrfs_end_transaction(trans);
0270     return ret;
0271 }
0272
0273 ssize_t btrfs_listxattr(struct dentry *dentry, char *buffer, size_t size)
0274 {
0275     struct btrfs_key found_key;
0276     struct btrfs_key key;
0277     struct inode *inode = d_inode(dentry);
0278     struct btrfs_root *root = BTRFS_I(inode)->root;
0279     struct btrfs_path *path;
0280     int iter_ret = 0;
0281     int ret = 0;
0282     size_t total_size = 0, size_left = size;
0283
0284     /*
0285      * ok we want all objects associated with this id.
0286      * NOTE: we set key.offset = 0; because we want to start with the
0287      * first xattr that we find and walk forward
0288      */
0289     key.objectid = btrfs_ino(BTRFS_I(inode));
0290     key.type = BTRFS_XATTR_ITEM_KEY;
0291     key.offset = 0;
0292
0293     path = btrfs_alloc_path();
0294     if (!path)
0295         return -ENOMEM;
0296     path->reada = READA_FORWARD;
0297
0298     /* search for our xattrs */
0299     btrfs_for_each_slot(root, &key, &found_key, path, iter_ret) {
0300         struct extent_buffer *leaf;
0301         int slot;
0302         struct btrfs_dir_item *di;
0303         u32 item_size;
0304         u32 cur;
0305
0306         leaf = path->nodes[0];
0307         slot = path->slots[0];
0308
0309         /* check to make sure this item is what we want */
0310         if (found_key.objectid != key.objectid)
0311             break;
0312         if (found_key.type > BTRFS_XATTR_ITEM_KEY)
0313             break;
0314         if (found_key.type < BTRFS_XATTR_ITEM_KEY)
0315             continue;
0316
0317         di = btrfs_item_ptr(leaf, slot, struct btrfs_dir_item);
0318         item_size = btrfs_item_size(leaf, slot);
0319         cur = 0;
0320         while (cur < item_size) {
0321             u16 name_len = btrfs_dir_name_len(leaf, di);
0322             u16 data_len = btrfs_dir_data_len(leaf, di);
0323             u32 this_len = sizeof(*di) + name_len + data_len;
0324             unsigned long name_ptr = (unsigned long)(di + 1);
0325
0326             total_size += name_len + 1;
0327             /*
0328              * We are just looking for how big our buffer needs to
0329              * be.
0330              */
0331             if (!size)
0332                 goto next;
0333
0334             if (!buffer || (name_len + 1) > size_left) {
0335                     iter_ret = -ERANGE;
0336                 break;
0337             }
0338
0339             read_extent_buffer(leaf, buffer, name_ptr, name_len);
0340             buffer[name_len] = '\0';
0341
0342             size_left -= name_len + 1;
0343             buffer += name_len + 1;
0344 next:
0345             cur += this_len;
0346             di = (struct btrfs_dir_item *)((char *)di + this_len);
0347         }
0348     }
0349
0350     if (iter_ret < 0)
0351         ret = iter_ret;
0352     else
0353         ret = total_size;
0354
0355     btrfs_free_path(path);
0356
0357     return ret;
0358 }
0359
0360 static int btrfs_xattr_handler_get(const struct xattr_handler *handler,
0361                    struct dentry *unused, struct inode *inode,
0362                    const char *name, void *buffer, size_t size)
0363 {
0364     name = xattr_full_name(handler, name);
0365     return btrfs_getxattr(inode, name, buffer, size);
0366 }
0367
0368 static int btrfs_xattr_handler_set(const struct xattr_handler *handler,
0369                    struct user_namespace *mnt_userns,
0370                    struct dentry *unused, struct inode *inode,
0371                    const char *name, const void *buffer,
0372                    size_t size, int flags)
0373 {
0374     if (btrfs_root_readonly(BTRFS_I(inode)->root))
0375         return -EROFS;
0376
0377     name = xattr_full_name(handler, name);
0378     return btrfs_setxattr_trans(inode, name, buffer, size, flags);
0379 }
0380
0381 static int btrfs_xattr_handler_set_prop(const struct xattr_handler *handler,
0382                     struct user_namespace *mnt_userns,
0383                     struct dentry *unused, struct inode *inode,
0384                     const char *name, const void *value,
0385                     size_t size, int flags)
0386 {
0387     int ret;
0388     struct btrfs_trans_handle *trans;
0389     struct btrfs_root *root = BTRFS_I(inode)->root;
0390
0391     name = xattr_full_name(handler, name);
0392     ret = btrfs_validate_prop(BTRFS_I(inode), name, value, size);
0393     if (ret)
0394         return ret;
0395
0396     if (btrfs_ignore_prop(BTRFS_I(inode), name))
0397         return 0;
0398
0399     trans = btrfs_start_transaction(root, 2);
0400     if (IS_ERR(trans))
0401         return PTR_ERR(trans);
0402
0403     ret = btrfs_set_prop(trans, inode, name, value, size, flags);
0404     if (!ret) {
0405         inode_inc_iversion(inode);
0406         inode->i_ctime = current_time(inode);
0407         ret = btrfs_update_inode(trans, root, BTRFS_I(inode));
0408         if (ret)
0409             btrfs_abort_transaction(trans, ret);
0410     }
0411
0412     btrfs_end_transaction(trans);
0413
0414     return ret;
0415 }
0416
0417 static const struct xattr_handler btrfs_security_xattr_handler = {
0418     .prefix = XATTR_SECURITY_PREFIX,
0419     .get = btrfs_xattr_handler_get,
0420     .set = btrfs_xattr_handler_set,
0421 };
0422
0423 static const struct xattr_handler btrfs_trusted_xattr_handler = {
0424     .prefix = XATTR_TRUSTED_PREFIX,
0425     .get = btrfs_xattr_handler_get,
0426     .set = btrfs_xattr_handler_set,
0427 };
0428
0429 static const struct xattr_handler btrfs_user_xattr_handler = {
0430     .prefix = XATTR_USER_PREFIX,
0431     .get = btrfs_xattr_handler_get,
0432     .set = btrfs_xattr_handler_set,
0433 };
0434
0435 static const struct xattr_handler btrfs_btrfs_xattr_handler = {
0436     .prefix = XATTR_BTRFS_PREFIX,
0437     .get = btrfs_xattr_handler_get,
0438     .set = btrfs_xattr_handler_set_prop,
0439 };
0440
0441 const struct xattr_handler *btrfs_xattr_handlers[] = {
0442     &btrfs_security_xattr_handler,
0443 #ifdef CONFIG_BTRFS_FS_POSIX_ACL
0444     &posix_acl_access_xattr_handler,
0445     &posix_acl_default_xattr_handler,
0446 #endif
0447     &btrfs_trusted_xattr_handler,
0448     &btrfs_user_xattr_handler,
0449     &btrfs_btrfs_xattr_handler,
0450     NULL,
0451 };
0452
0453 static int btrfs_initxattrs(struct inode *inode,
0454                 const struct xattr *xattr_array, void *fs_private)
0455 {
0456     struct btrfs_trans_handle *trans = fs_private;
0457     const struct xattr *xattr;
0458     unsigned int nofs_flag;
0459     char *name;
0460     int err = 0;
0461
0462     /*
0463      * We're holding a transaction handle, so use a NOFS memory allocation
0464      * context to avoid deadlock if reclaim happens.
0465      */
0466     nofs_flag = memalloc_nofs_save();
0467     for (xattr = xattr_array; xattr->name != NULL; xattr++) {
0468         name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
0469                    strlen(xattr->name) + 1, GFP_KERNEL);
0470         if (!name) {
0471             err = -ENOMEM;
0472             break;
0473         }
0474         strcpy(name, XATTR_SECURITY_PREFIX);
0475         strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
0476         err = btrfs_setxattr(trans, inode, name, xattr->value,
0477                      xattr->value_len, 0);
0478         kfree(name);
0479         if (err < 0)
0480             break;
0481     }
0482     memalloc_nofs_restore(nofs_flag);
0483     return err;
0484 }
0485
0486 int btrfs_xattr_security_init(struct btrfs_trans_handle *trans,
0487                   struct inode *inode, struct inode *dir,
0488                   const struct qstr *qstr)
0489 {
0490     return security_inode_init_security(inode, dir, qstr,
0491                         &btrfs_initxattrs, trans);
0492 }