PageRenderTime 35ms CodeModel.GetById 2ms app.highlight 28ms RepoModel.GetById 2ms app.codeStats 0ms

/linux-2.6.21.x/fs/xattr.c

https://bitbucket.org/altlc/wive-rtnl-ralink-rt305x-routers-firmware-amod
C | 615 lines | 462 code | 79 blank | 74 comment | 102 complexity | e3c65b49857bf49258ee5ccdeddab13a MD5 | raw file
  1/*
  2  File: fs/xattr.c
  3
  4  Extended attribute handling.
  5
  6  Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
  7  Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
  8  Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
  9 */
 10#include <linux/fs.h>
 11#include <linux/slab.h>
 12#include <linux/file.h>
 13#include <linux/xattr.h>
 14#include <linux/namei.h>
 15#include <linux/security.h>
 16#include <linux/syscalls.h>
 17#include <linux/module.h>
 18#include <linux/fsnotify.h>
 19#include <linux/audit.h>
 20#include <asm/uaccess.h>
 21
 22
 23/*
 24 * Check permissions for extended attribute access.  This is a bit complicated
 25 * because different namespaces have very different rules.
 26 */
 27static int
 28xattr_permission(struct inode *inode, const char *name, int mask)
 29{
 30	/*
 31	 * We can never set or remove an extended attribute on a read-only
 32	 * filesystem  or on an immutable / append-only inode.
 33	 */
 34	if (mask & MAY_WRITE) {
 35		if (IS_RDONLY(inode))
 36			return -EROFS;
 37		if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
 38			return -EPERM;
 39	}
 40
 41	/*
 42	 * No restriction for security.* and system.* from the VFS.  Decision
 43	 * on these is left to the underlying filesystem / security module.
 44	 */
 45	if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
 46	    !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
 47		return 0;
 48
 49	/*
 50	 * The trusted.* namespace can only be accessed by a privileged user.
 51	 */
 52	if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN))
 53		return (capable(CAP_SYS_ADMIN) ? 0 : -EPERM);
 54
 55	/* In user.* namespace, only regular files and directories can have
 56	 * extended attributes. For sticky directories, only the owner and
 57	 * privileged user can write attributes.
 58	 */
 59	if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
 60		if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
 61			return -EPERM;
 62		if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
 63		    (mask & MAY_WRITE) && (current->fsuid != inode->i_uid) &&
 64		    !capable(CAP_FOWNER))
 65			return -EPERM;
 66	}
 67
 68	return permission(inode, mask, NULL);
 69}
 70
 71int
 72vfs_setxattr(struct dentry *dentry, char *name, void *value,
 73		size_t size, int flags)
 74{
 75	struct inode *inode = dentry->d_inode;
 76	int error;
 77
 78	error = xattr_permission(inode, name, MAY_WRITE);
 79	if (error)
 80		return error;
 81
 82	mutex_lock(&inode->i_mutex);
 83	error = security_inode_setxattr(dentry, name, value, size, flags);
 84	if (error)
 85		goto out;
 86	error = -EOPNOTSUPP;
 87	if (inode->i_op->setxattr) {
 88		error = inode->i_op->setxattr(dentry, name, value, size, flags);
 89		if (!error) {
 90			fsnotify_xattr(dentry);
 91			security_inode_post_setxattr(dentry, name, value,
 92						     size, flags);
 93		}
 94	} else if (!strncmp(name, XATTR_SECURITY_PREFIX,
 95				XATTR_SECURITY_PREFIX_LEN)) {
 96		const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
 97		error = security_inode_setsecurity(inode, suffix, value,
 98						   size, flags);
 99		if (!error)
100			fsnotify_xattr(dentry);
101	}
102out:
103	mutex_unlock(&inode->i_mutex);
104	return error;
105}
106EXPORT_SYMBOL_GPL(vfs_setxattr);
107
108ssize_t
109vfs_getxattr(struct dentry *dentry, char *name, void *value, size_t size)
110{
111	struct inode *inode = dentry->d_inode;
112	int error;
113
114	error = xattr_permission(inode, name, MAY_READ);
115	if (error)
116		return error;
117
118	error = security_inode_getxattr(dentry, name);
119	if (error)
120		return error;
121
122	if (inode->i_op->getxattr)
123		error = inode->i_op->getxattr(dentry, name, value, size);
124	else
125		error = -EOPNOTSUPP;
126
127	if (!strncmp(name, XATTR_SECURITY_PREFIX,
128				XATTR_SECURITY_PREFIX_LEN)) {
129		const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
130		int ret = security_inode_getsecurity(inode, suffix, value,
131						     size, error);
132		/*
133		 * Only overwrite the return value if a security module
134		 * is actually active.
135		 */
136		if (ret != -EOPNOTSUPP)
137			error = ret;
138	}
139
140	return error;
141}
142EXPORT_SYMBOL_GPL(vfs_getxattr);
143
144ssize_t
145vfs_listxattr(struct dentry *d, char *list, size_t size)
146{
147	ssize_t error;
148
149	error = security_inode_listxattr(d);
150	if (error)
151		return error;
152	error = -EOPNOTSUPP;
153	if (d->d_inode->i_op && d->d_inode->i_op->listxattr) {
154		error = d->d_inode->i_op->listxattr(d, list, size);
155	} else {
156		error = security_inode_listsecurity(d->d_inode, list, size);
157		if (size && error > size)
158			error = -ERANGE;
159	}
160	return error;
161}
162EXPORT_SYMBOL_GPL(vfs_listxattr);
163
164int
165vfs_removexattr(struct dentry *dentry, char *name)
166{
167	struct inode *inode = dentry->d_inode;
168	int error;
169
170	if (!inode->i_op->removexattr)
171		return -EOPNOTSUPP;
172
173	error = xattr_permission(inode, name, MAY_WRITE);
174	if (error)
175		return error;
176
177	error = security_inode_removexattr(dentry, name);
178	if (error)
179		return error;
180
181	mutex_lock(&inode->i_mutex);
182	error = inode->i_op->removexattr(dentry, name);
183	mutex_unlock(&inode->i_mutex);
184
185	if (!error)
186		fsnotify_xattr(dentry);
187	return error;
188}
189EXPORT_SYMBOL_GPL(vfs_removexattr);
190
191
192/*
193 * Extended attribute SET operations
194 */
195static long
196setxattr(struct dentry *d, char __user *name, void __user *value,
197	 size_t size, int flags)
198{
199	int error;
200	void *kvalue = NULL;
201	char kname[XATTR_NAME_MAX + 1];
202
203	if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
204		return -EINVAL;
205
206	error = strncpy_from_user(kname, name, sizeof(kname));
207	if (error == 0 || error == sizeof(kname))
208		error = -ERANGE;
209	if (error < 0)
210		return error;
211
212	if (size) {
213		if (size > XATTR_SIZE_MAX)
214			return -E2BIG;
215		kvalue = memdup_user(value, size);
216		if (IS_ERR(kvalue))
217			return PTR_ERR(kvalue);
218	}
219
220	error = vfs_setxattr(d, kname, kvalue, size, flags);
221	kfree(kvalue);
222	return error;
223}
224
225asmlinkage long
226sys_setxattr(char __user *path, char __user *name, void __user *value,
227	     size_t size, int flags)
228{
229	struct nameidata nd;
230	int error;
231
232	error = user_path_walk(path, &nd);
233	if (error)
234		return error;
235	error = setxattr(nd.dentry, name, value, size, flags);
236	path_release(&nd);
237	return error;
238}
239
240asmlinkage long
241sys_lsetxattr(char __user *path, char __user *name, void __user *value,
242	      size_t size, int flags)
243{
244	struct nameidata nd;
245	int error;
246
247	error = user_path_walk_link(path, &nd);
248	if (error)
249		return error;
250	error = setxattr(nd.dentry, name, value, size, flags);
251	path_release(&nd);
252	return error;
253}
254
255asmlinkage long
256sys_fsetxattr(int fd, char __user *name, void __user *value,
257	      size_t size, int flags)
258{
259	struct file *f;
260	struct dentry *dentry;
261	int error = -EBADF;
262
263	f = fget(fd);
264	if (!f)
265		return error;
266	dentry = f->f_path.dentry;
267	audit_inode(NULL, dentry->d_inode);
268	error = setxattr(dentry, name, value, size, flags);
269	fput(f);
270	return error;
271}
272
273/*
274 * Extended attribute GET operations
275 */
276static ssize_t
277getxattr(struct dentry *d, char __user *name, void __user *value, size_t size)
278{
279	ssize_t error;
280	void *kvalue = NULL;
281	char kname[XATTR_NAME_MAX + 1];
282
283	error = strncpy_from_user(kname, name, sizeof(kname));
284	if (error == 0 || error == sizeof(kname))
285		error = -ERANGE;
286	if (error < 0)
287		return error;
288
289	if (size) {
290		if (size > XATTR_SIZE_MAX)
291			size = XATTR_SIZE_MAX;
292		kvalue = kzalloc(size, GFP_KERNEL);
293		if (!kvalue)
294			return -ENOMEM;
295	}
296
297	error = vfs_getxattr(d, kname, kvalue, size);
298	if (error > 0) {
299		if (size && copy_to_user(value, kvalue, error))
300			error = -EFAULT;
301	} else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
302		/* The file system tried to returned a value bigger
303		   than XATTR_SIZE_MAX bytes. Not possible. */
304		error = -E2BIG;
305	}
306	kfree(kvalue);
307	return error;
308}
309
310asmlinkage ssize_t
311sys_getxattr(char __user *path, char __user *name, void __user *value,
312	     size_t size)
313{
314	struct nameidata nd;
315	ssize_t error;
316
317	error = user_path_walk(path, &nd);
318	if (error)
319		return error;
320	error = getxattr(nd.dentry, name, value, size);
321	path_release(&nd);
322	return error;
323}
324
325asmlinkage ssize_t
326sys_lgetxattr(char __user *path, char __user *name, void __user *value,
327	      size_t size)
328{
329	struct nameidata nd;
330	ssize_t error;
331
332	error = user_path_walk_link(path, &nd);
333	if (error)
334		return error;
335	error = getxattr(nd.dentry, name, value, size);
336	path_release(&nd);
337	return error;
338}
339
340asmlinkage ssize_t
341sys_fgetxattr(int fd, char __user *name, void __user *value, size_t size)
342{
343	struct file *f;
344	ssize_t error = -EBADF;
345
346	f = fget(fd);
347	if (!f)
348		return error;
349	error = getxattr(f->f_path.dentry, name, value, size);
350	fput(f);
351	return error;
352}
353
354/*
355 * Extended attribute LIST operations
356 */
357static ssize_t
358listxattr(struct dentry *d, char __user *list, size_t size)
359{
360	ssize_t error;
361	char *klist = NULL;
362
363	if (size) {
364		if (size > XATTR_LIST_MAX)
365			size = XATTR_LIST_MAX;
366		klist = kmalloc(size, GFP_KERNEL);
367		if (!klist)
368			return -ENOMEM;
369	}
370
371	error = vfs_listxattr(d, klist, size);
372	if (error > 0) {
373		if (size && copy_to_user(list, klist, error))
374			error = -EFAULT;
375	} else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
376		/* The file system tried to returned a list bigger
377		   than XATTR_LIST_MAX bytes. Not possible. */
378		error = -E2BIG;
379	}
380	kfree(klist);
381	return error;
382}
383
384asmlinkage ssize_t
385sys_listxattr(char __user *path, char __user *list, size_t size)
386{
387	struct nameidata nd;
388	ssize_t error;
389
390	error = user_path_walk(path, &nd);
391	if (error)
392		return error;
393	error = listxattr(nd.dentry, list, size);
394	path_release(&nd);
395	return error;
396}
397
398asmlinkage ssize_t
399sys_llistxattr(char __user *path, char __user *list, size_t size)
400{
401	struct nameidata nd;
402	ssize_t error;
403
404	error = user_path_walk_link(path, &nd);
405	if (error)
406		return error;
407	error = listxattr(nd.dentry, list, size);
408	path_release(&nd);
409	return error;
410}
411
412asmlinkage ssize_t
413sys_flistxattr(int fd, char __user *list, size_t size)
414{
415	struct file *f;
416	ssize_t error = -EBADF;
417
418	f = fget(fd);
419	if (!f)
420		return error;
421	error = listxattr(f->f_path.dentry, list, size);
422	fput(f);
423	return error;
424}
425
426/*
427 * Extended attribute REMOVE operations
428 */
429static long
430removexattr(struct dentry *d, char __user *name)
431{
432	int error;
433	char kname[XATTR_NAME_MAX + 1];
434
435	error = strncpy_from_user(kname, name, sizeof(kname));
436	if (error == 0 || error == sizeof(kname))
437		error = -ERANGE;
438	if (error < 0)
439		return error;
440
441	return vfs_removexattr(d, kname);
442}
443
444asmlinkage long
445sys_removexattr(char __user *path, char __user *name)
446{
447	struct nameidata nd;
448	int error;
449
450	error = user_path_walk(path, &nd);
451	if (error)
452		return error;
453	error = removexattr(nd.dentry, name);
454	path_release(&nd);
455	return error;
456}
457
458asmlinkage long
459sys_lremovexattr(char __user *path, char __user *name)
460{
461	struct nameidata nd;
462	int error;
463
464	error = user_path_walk_link(path, &nd);
465	if (error)
466		return error;
467	error = removexattr(nd.dentry, name);
468	path_release(&nd);
469	return error;
470}
471
472asmlinkage long
473sys_fremovexattr(int fd, char __user *name)
474{
475	struct file *f;
476	struct dentry *dentry;
477	int error = -EBADF;
478
479	f = fget(fd);
480	if (!f)
481		return error;
482	dentry = f->f_path.dentry;
483	audit_inode(NULL, dentry->d_inode);
484	error = removexattr(dentry, name);
485	fput(f);
486	return error;
487}
488
489
490static const char *
491strcmp_prefix(const char *a, const char *a_prefix)
492{
493	while (*a_prefix && *a == *a_prefix) {
494		a++;
495		a_prefix++;
496	}
497	return *a_prefix ? NULL : a;
498}
499
500/*
501 * In order to implement different sets of xattr operations for each xattr
502 * prefix with the generic xattr API, a filesystem should create a
503 * null-terminated array of struct xattr_handler (one for each prefix) and
504 * hang a pointer to it off of the s_xattr field of the superblock.
505 *
506 * The generic_fooxattr() functions will use this list to dispatch xattr
507 * operations to the correct xattr_handler.
508 */
509#define for_each_xattr_handler(handlers, handler)		\
510		for ((handler) = *(handlers)++;			\
511			(handler) != NULL;			\
512			(handler) = *(handlers)++)
513
514/*
515 * Find the xattr_handler with the matching prefix.
516 */
517static struct xattr_handler *
518xattr_resolve_name(struct xattr_handler **handlers, const char **name)
519{
520	struct xattr_handler *handler;
521
522	if (!*name)
523		return NULL;
524
525	for_each_xattr_handler(handlers, handler) {
526		const char *n = strcmp_prefix(*name, handler->prefix);
527		if (n) {
528			*name = n;
529			break;
530		}
531	}
532	return handler;
533}
534
535/*
536 * Find the handler for the prefix and dispatch its get() operation.
537 */
538ssize_t
539generic_getxattr(struct dentry *dentry, const char *name, void *buffer, size_t size)
540{
541	struct xattr_handler *handler;
542	struct inode *inode = dentry->d_inode;
543
544	handler = xattr_resolve_name(inode->i_sb->s_xattr, &name);
545	if (!handler)
546		return -EOPNOTSUPP;
547	return handler->get(inode, name, buffer, size);
548}
549
550/*
551 * Combine the results of the list() operation from every xattr_handler in the
552 * list.
553 */
554ssize_t
555generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
556{
557	struct inode *inode = dentry->d_inode;
558	struct xattr_handler *handler, **handlers = inode->i_sb->s_xattr;
559	unsigned int size = 0;
560
561	if (!buffer) {
562		for_each_xattr_handler(handlers, handler)
563			size += handler->list(inode, NULL, 0, NULL, 0);
564	} else {
565		char *buf = buffer;
566
567		for_each_xattr_handler(handlers, handler) {
568			size = handler->list(inode, buf, buffer_size, NULL, 0);
569			if (size > buffer_size)
570				return -ERANGE;
571			buf += size;
572			buffer_size -= size;
573		}
574		size = buf - buffer;
575	}
576	return size;
577}
578
579/*
580 * Find the handler for the prefix and dispatch its set() operation.
581 */
582int
583generic_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags)
584{
585	struct xattr_handler *handler;
586	struct inode *inode = dentry->d_inode;
587
588	if (size == 0)
589		value = "";  /* empty EA, do not remove */
590	handler = xattr_resolve_name(inode->i_sb->s_xattr, &name);
591	if (!handler)
592		return -EOPNOTSUPP;
593	return handler->set(inode, name, value, size, flags);
594}
595
596/*
597 * Find the handler for the prefix and dispatch its set() operation to remove
598 * any associated extended attribute.
599 */
600int
601generic_removexattr(struct dentry *dentry, const char *name)
602{
603	struct xattr_handler *handler;
604	struct inode *inode = dentry->d_inode;
605
606	handler = xattr_resolve_name(inode->i_sb->s_xattr, &name);
607	if (!handler)
608		return -EOPNOTSUPP;
609	return handler->set(inode, name, NULL, 0, XATTR_REPLACE);
610}
611
612EXPORT_SYMBOL(generic_getxattr);
613EXPORT_SYMBOL(generic_listxattr);
614EXPORT_SYMBOL(generic_setxattr);
615EXPORT_SYMBOL(generic_removexattr);