18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-only 28c2ecf20Sopenharmony_ci/* 38c2ecf20Sopenharmony_ci * linux/fs/ceph/acl.c 48c2ecf20Sopenharmony_ci * 58c2ecf20Sopenharmony_ci * Copyright (C) 2013 Guangliang Zhao, <lucienchao@gmail.com> 68c2ecf20Sopenharmony_ci */ 78c2ecf20Sopenharmony_ci 88c2ecf20Sopenharmony_ci#include <linux/ceph/ceph_debug.h> 98c2ecf20Sopenharmony_ci#include <linux/fs.h> 108c2ecf20Sopenharmony_ci#include <linux/string.h> 118c2ecf20Sopenharmony_ci#include <linux/xattr.h> 128c2ecf20Sopenharmony_ci#include <linux/posix_acl_xattr.h> 138c2ecf20Sopenharmony_ci#include <linux/posix_acl.h> 148c2ecf20Sopenharmony_ci#include <linux/sched.h> 158c2ecf20Sopenharmony_ci#include <linux/slab.h> 168c2ecf20Sopenharmony_ci 178c2ecf20Sopenharmony_ci#include "super.h" 188c2ecf20Sopenharmony_ci 198c2ecf20Sopenharmony_cistatic inline void ceph_set_cached_acl(struct inode *inode, 208c2ecf20Sopenharmony_ci int type, struct posix_acl *acl) 218c2ecf20Sopenharmony_ci{ 228c2ecf20Sopenharmony_ci struct ceph_inode_info *ci = ceph_inode(inode); 238c2ecf20Sopenharmony_ci 248c2ecf20Sopenharmony_ci spin_lock(&ci->i_ceph_lock); 258c2ecf20Sopenharmony_ci if (__ceph_caps_issued_mask_metric(ci, CEPH_CAP_XATTR_SHARED, 0)) 268c2ecf20Sopenharmony_ci set_cached_acl(inode, type, acl); 278c2ecf20Sopenharmony_ci else 288c2ecf20Sopenharmony_ci forget_cached_acl(inode, type); 298c2ecf20Sopenharmony_ci spin_unlock(&ci->i_ceph_lock); 308c2ecf20Sopenharmony_ci} 318c2ecf20Sopenharmony_ci 328c2ecf20Sopenharmony_cistruct posix_acl *ceph_get_acl(struct inode *inode, int type) 338c2ecf20Sopenharmony_ci{ 348c2ecf20Sopenharmony_ci int size; 358c2ecf20Sopenharmony_ci unsigned int retry_cnt = 0; 368c2ecf20Sopenharmony_ci const char *name; 378c2ecf20Sopenharmony_ci char *value = NULL; 388c2ecf20Sopenharmony_ci struct posix_acl *acl; 398c2ecf20Sopenharmony_ci 408c2ecf20Sopenharmony_ci switch (type) { 418c2ecf20Sopenharmony_ci case ACL_TYPE_ACCESS: 428c2ecf20Sopenharmony_ci name = XATTR_NAME_POSIX_ACL_ACCESS; 438c2ecf20Sopenharmony_ci break; 448c2ecf20Sopenharmony_ci case ACL_TYPE_DEFAULT: 458c2ecf20Sopenharmony_ci name = XATTR_NAME_POSIX_ACL_DEFAULT; 468c2ecf20Sopenharmony_ci break; 478c2ecf20Sopenharmony_ci default: 488c2ecf20Sopenharmony_ci BUG(); 498c2ecf20Sopenharmony_ci } 508c2ecf20Sopenharmony_ci 518c2ecf20Sopenharmony_ciretry: 528c2ecf20Sopenharmony_ci size = __ceph_getxattr(inode, name, "", 0); 538c2ecf20Sopenharmony_ci if (size > 0) { 548c2ecf20Sopenharmony_ci value = kzalloc(size, GFP_NOFS); 558c2ecf20Sopenharmony_ci if (!value) 568c2ecf20Sopenharmony_ci return ERR_PTR(-ENOMEM); 578c2ecf20Sopenharmony_ci size = __ceph_getxattr(inode, name, value, size); 588c2ecf20Sopenharmony_ci } 598c2ecf20Sopenharmony_ci 608c2ecf20Sopenharmony_ci if (size == -ERANGE && retry_cnt < 10) { 618c2ecf20Sopenharmony_ci retry_cnt++; 628c2ecf20Sopenharmony_ci kfree(value); 638c2ecf20Sopenharmony_ci value = NULL; 648c2ecf20Sopenharmony_ci goto retry; 658c2ecf20Sopenharmony_ci } 668c2ecf20Sopenharmony_ci 678c2ecf20Sopenharmony_ci if (size > 0) { 688c2ecf20Sopenharmony_ci acl = posix_acl_from_xattr(&init_user_ns, value, size); 698c2ecf20Sopenharmony_ci } else if (size == -ENODATA || size == 0) { 708c2ecf20Sopenharmony_ci acl = NULL; 718c2ecf20Sopenharmony_ci } else { 728c2ecf20Sopenharmony_ci pr_err_ratelimited("get acl %llx.%llx failed, err=%d\n", 738c2ecf20Sopenharmony_ci ceph_vinop(inode), size); 748c2ecf20Sopenharmony_ci acl = ERR_PTR(-EIO); 758c2ecf20Sopenharmony_ci } 768c2ecf20Sopenharmony_ci 778c2ecf20Sopenharmony_ci kfree(value); 788c2ecf20Sopenharmony_ci 798c2ecf20Sopenharmony_ci if (!IS_ERR(acl)) 808c2ecf20Sopenharmony_ci ceph_set_cached_acl(inode, type, acl); 818c2ecf20Sopenharmony_ci 828c2ecf20Sopenharmony_ci return acl; 838c2ecf20Sopenharmony_ci} 848c2ecf20Sopenharmony_ci 858c2ecf20Sopenharmony_ciint ceph_set_acl(struct inode *inode, struct posix_acl *acl, int type) 868c2ecf20Sopenharmony_ci{ 878c2ecf20Sopenharmony_ci int ret = 0, size = 0; 888c2ecf20Sopenharmony_ci const char *name = NULL; 898c2ecf20Sopenharmony_ci char *value = NULL; 908c2ecf20Sopenharmony_ci struct iattr newattrs; 918c2ecf20Sopenharmony_ci struct timespec64 old_ctime = inode->i_ctime; 928c2ecf20Sopenharmony_ci umode_t new_mode = inode->i_mode, old_mode = inode->i_mode; 938c2ecf20Sopenharmony_ci 948c2ecf20Sopenharmony_ci if (ceph_snap(inode) != CEPH_NOSNAP) { 958c2ecf20Sopenharmony_ci ret = -EROFS; 968c2ecf20Sopenharmony_ci goto out; 978c2ecf20Sopenharmony_ci } 988c2ecf20Sopenharmony_ci 998c2ecf20Sopenharmony_ci switch (type) { 1008c2ecf20Sopenharmony_ci case ACL_TYPE_ACCESS: 1018c2ecf20Sopenharmony_ci name = XATTR_NAME_POSIX_ACL_ACCESS; 1028c2ecf20Sopenharmony_ci if (acl) { 1038c2ecf20Sopenharmony_ci ret = posix_acl_update_mode(inode, &new_mode, &acl); 1048c2ecf20Sopenharmony_ci if (ret) 1058c2ecf20Sopenharmony_ci goto out; 1068c2ecf20Sopenharmony_ci } 1078c2ecf20Sopenharmony_ci break; 1088c2ecf20Sopenharmony_ci case ACL_TYPE_DEFAULT: 1098c2ecf20Sopenharmony_ci if (!S_ISDIR(inode->i_mode)) { 1108c2ecf20Sopenharmony_ci ret = acl ? -EINVAL : 0; 1118c2ecf20Sopenharmony_ci goto out; 1128c2ecf20Sopenharmony_ci } 1138c2ecf20Sopenharmony_ci name = XATTR_NAME_POSIX_ACL_DEFAULT; 1148c2ecf20Sopenharmony_ci break; 1158c2ecf20Sopenharmony_ci default: 1168c2ecf20Sopenharmony_ci ret = -EINVAL; 1178c2ecf20Sopenharmony_ci goto out; 1188c2ecf20Sopenharmony_ci } 1198c2ecf20Sopenharmony_ci 1208c2ecf20Sopenharmony_ci if (acl) { 1218c2ecf20Sopenharmony_ci size = posix_acl_xattr_size(acl->a_count); 1228c2ecf20Sopenharmony_ci value = kmalloc(size, GFP_NOFS); 1238c2ecf20Sopenharmony_ci if (!value) { 1248c2ecf20Sopenharmony_ci ret = -ENOMEM; 1258c2ecf20Sopenharmony_ci goto out; 1268c2ecf20Sopenharmony_ci } 1278c2ecf20Sopenharmony_ci 1288c2ecf20Sopenharmony_ci ret = posix_acl_to_xattr(&init_user_ns, acl, value, size); 1298c2ecf20Sopenharmony_ci if (ret < 0) 1308c2ecf20Sopenharmony_ci goto out_free; 1318c2ecf20Sopenharmony_ci } 1328c2ecf20Sopenharmony_ci 1338c2ecf20Sopenharmony_ci if (new_mode != old_mode) { 1348c2ecf20Sopenharmony_ci newattrs.ia_ctime = current_time(inode); 1358c2ecf20Sopenharmony_ci newattrs.ia_mode = new_mode; 1368c2ecf20Sopenharmony_ci newattrs.ia_valid = ATTR_MODE | ATTR_CTIME; 1378c2ecf20Sopenharmony_ci ret = __ceph_setattr(inode, &newattrs); 1388c2ecf20Sopenharmony_ci if (ret) 1398c2ecf20Sopenharmony_ci goto out_free; 1408c2ecf20Sopenharmony_ci } 1418c2ecf20Sopenharmony_ci 1428c2ecf20Sopenharmony_ci ret = __ceph_setxattr(inode, name, value, size, 0); 1438c2ecf20Sopenharmony_ci if (ret) { 1448c2ecf20Sopenharmony_ci if (new_mode != old_mode) { 1458c2ecf20Sopenharmony_ci newattrs.ia_ctime = old_ctime; 1468c2ecf20Sopenharmony_ci newattrs.ia_mode = old_mode; 1478c2ecf20Sopenharmony_ci newattrs.ia_valid = ATTR_MODE | ATTR_CTIME; 1488c2ecf20Sopenharmony_ci __ceph_setattr(inode, &newattrs); 1498c2ecf20Sopenharmony_ci } 1508c2ecf20Sopenharmony_ci goto out_free; 1518c2ecf20Sopenharmony_ci } 1528c2ecf20Sopenharmony_ci 1538c2ecf20Sopenharmony_ci ceph_set_cached_acl(inode, type, acl); 1548c2ecf20Sopenharmony_ci 1558c2ecf20Sopenharmony_ciout_free: 1568c2ecf20Sopenharmony_ci kfree(value); 1578c2ecf20Sopenharmony_ciout: 1588c2ecf20Sopenharmony_ci return ret; 1598c2ecf20Sopenharmony_ci} 1608c2ecf20Sopenharmony_ci 1618c2ecf20Sopenharmony_ciint ceph_pre_init_acls(struct inode *dir, umode_t *mode, 1628c2ecf20Sopenharmony_ci struct ceph_acl_sec_ctx *as_ctx) 1638c2ecf20Sopenharmony_ci{ 1648c2ecf20Sopenharmony_ci struct posix_acl *acl, *default_acl; 1658c2ecf20Sopenharmony_ci size_t val_size1 = 0, val_size2 = 0; 1668c2ecf20Sopenharmony_ci struct ceph_pagelist *pagelist = NULL; 1678c2ecf20Sopenharmony_ci void *tmp_buf = NULL; 1688c2ecf20Sopenharmony_ci int err; 1698c2ecf20Sopenharmony_ci 1708c2ecf20Sopenharmony_ci err = posix_acl_create(dir, mode, &default_acl, &acl); 1718c2ecf20Sopenharmony_ci if (err) 1728c2ecf20Sopenharmony_ci return err; 1738c2ecf20Sopenharmony_ci 1748c2ecf20Sopenharmony_ci if (acl) { 1758c2ecf20Sopenharmony_ci err = posix_acl_equiv_mode(acl, mode); 1768c2ecf20Sopenharmony_ci if (err < 0) 1778c2ecf20Sopenharmony_ci goto out_err; 1788c2ecf20Sopenharmony_ci if (err == 0) { 1798c2ecf20Sopenharmony_ci posix_acl_release(acl); 1808c2ecf20Sopenharmony_ci acl = NULL; 1818c2ecf20Sopenharmony_ci } 1828c2ecf20Sopenharmony_ci } 1838c2ecf20Sopenharmony_ci 1848c2ecf20Sopenharmony_ci if (!default_acl && !acl) 1858c2ecf20Sopenharmony_ci return 0; 1868c2ecf20Sopenharmony_ci 1878c2ecf20Sopenharmony_ci if (acl) 1888c2ecf20Sopenharmony_ci val_size1 = posix_acl_xattr_size(acl->a_count); 1898c2ecf20Sopenharmony_ci if (default_acl) 1908c2ecf20Sopenharmony_ci val_size2 = posix_acl_xattr_size(default_acl->a_count); 1918c2ecf20Sopenharmony_ci 1928c2ecf20Sopenharmony_ci err = -ENOMEM; 1938c2ecf20Sopenharmony_ci tmp_buf = kmalloc(max(val_size1, val_size2), GFP_KERNEL); 1948c2ecf20Sopenharmony_ci if (!tmp_buf) 1958c2ecf20Sopenharmony_ci goto out_err; 1968c2ecf20Sopenharmony_ci pagelist = ceph_pagelist_alloc(GFP_KERNEL); 1978c2ecf20Sopenharmony_ci if (!pagelist) 1988c2ecf20Sopenharmony_ci goto out_err; 1998c2ecf20Sopenharmony_ci 2008c2ecf20Sopenharmony_ci err = ceph_pagelist_reserve(pagelist, PAGE_SIZE); 2018c2ecf20Sopenharmony_ci if (err) 2028c2ecf20Sopenharmony_ci goto out_err; 2038c2ecf20Sopenharmony_ci 2048c2ecf20Sopenharmony_ci ceph_pagelist_encode_32(pagelist, acl && default_acl ? 2 : 1); 2058c2ecf20Sopenharmony_ci 2068c2ecf20Sopenharmony_ci if (acl) { 2078c2ecf20Sopenharmony_ci size_t len = strlen(XATTR_NAME_POSIX_ACL_ACCESS); 2088c2ecf20Sopenharmony_ci err = ceph_pagelist_reserve(pagelist, len + val_size1 + 8); 2098c2ecf20Sopenharmony_ci if (err) 2108c2ecf20Sopenharmony_ci goto out_err; 2118c2ecf20Sopenharmony_ci ceph_pagelist_encode_string(pagelist, XATTR_NAME_POSIX_ACL_ACCESS, 2128c2ecf20Sopenharmony_ci len); 2138c2ecf20Sopenharmony_ci err = posix_acl_to_xattr(&init_user_ns, acl, 2148c2ecf20Sopenharmony_ci tmp_buf, val_size1); 2158c2ecf20Sopenharmony_ci if (err < 0) 2168c2ecf20Sopenharmony_ci goto out_err; 2178c2ecf20Sopenharmony_ci ceph_pagelist_encode_32(pagelist, val_size1); 2188c2ecf20Sopenharmony_ci ceph_pagelist_append(pagelist, tmp_buf, val_size1); 2198c2ecf20Sopenharmony_ci } 2208c2ecf20Sopenharmony_ci if (default_acl) { 2218c2ecf20Sopenharmony_ci size_t len = strlen(XATTR_NAME_POSIX_ACL_DEFAULT); 2228c2ecf20Sopenharmony_ci err = ceph_pagelist_reserve(pagelist, len + val_size2 + 8); 2238c2ecf20Sopenharmony_ci if (err) 2248c2ecf20Sopenharmony_ci goto out_err; 2258c2ecf20Sopenharmony_ci ceph_pagelist_encode_string(pagelist, 2268c2ecf20Sopenharmony_ci XATTR_NAME_POSIX_ACL_DEFAULT, len); 2278c2ecf20Sopenharmony_ci err = posix_acl_to_xattr(&init_user_ns, default_acl, 2288c2ecf20Sopenharmony_ci tmp_buf, val_size2); 2298c2ecf20Sopenharmony_ci if (err < 0) 2308c2ecf20Sopenharmony_ci goto out_err; 2318c2ecf20Sopenharmony_ci ceph_pagelist_encode_32(pagelist, val_size2); 2328c2ecf20Sopenharmony_ci ceph_pagelist_append(pagelist, tmp_buf, val_size2); 2338c2ecf20Sopenharmony_ci } 2348c2ecf20Sopenharmony_ci 2358c2ecf20Sopenharmony_ci kfree(tmp_buf); 2368c2ecf20Sopenharmony_ci 2378c2ecf20Sopenharmony_ci as_ctx->acl = acl; 2388c2ecf20Sopenharmony_ci as_ctx->default_acl = default_acl; 2398c2ecf20Sopenharmony_ci as_ctx->pagelist = pagelist; 2408c2ecf20Sopenharmony_ci return 0; 2418c2ecf20Sopenharmony_ci 2428c2ecf20Sopenharmony_ciout_err: 2438c2ecf20Sopenharmony_ci posix_acl_release(acl); 2448c2ecf20Sopenharmony_ci posix_acl_release(default_acl); 2458c2ecf20Sopenharmony_ci kfree(tmp_buf); 2468c2ecf20Sopenharmony_ci if (pagelist) 2478c2ecf20Sopenharmony_ci ceph_pagelist_release(pagelist); 2488c2ecf20Sopenharmony_ci return err; 2498c2ecf20Sopenharmony_ci} 2508c2ecf20Sopenharmony_ci 2518c2ecf20Sopenharmony_civoid ceph_init_inode_acls(struct inode *inode, struct ceph_acl_sec_ctx *as_ctx) 2528c2ecf20Sopenharmony_ci{ 2538c2ecf20Sopenharmony_ci if (!inode) 2548c2ecf20Sopenharmony_ci return; 2558c2ecf20Sopenharmony_ci ceph_set_cached_acl(inode, ACL_TYPE_ACCESS, as_ctx->acl); 2568c2ecf20Sopenharmony_ci ceph_set_cached_acl(inode, ACL_TYPE_DEFAULT, as_ctx->default_acl); 2578c2ecf20Sopenharmony_ci} 258