acl.c source code [linux/fs/f2fs/acl.c]

1	// SPDX-License-Identifier: GPL-2.0
2	/*
3	* fs/f2fs/acl.c
4	*
5	* Copyright (c) 2012 Samsung Electronics Co., Ltd.
6	* http://www.samsung.com/
7	*
8	* Portions of this code from linux/fs/ext2/acl.c
9	*
10	* Copyright (C) 2001-2003 Andreas Gruenbacher, <agruen@suse.de>
11	*/
12	#include <linux/f2fs_fs.h>
13	#include "f2fs.h"
14	#include "xattr.h"
15	#include "acl.h"
16
17	static inline size_t f2fs_acl_size(int count)
18	{
19	if (count <= `4`) {
20	return sizeof(struct f2fs_acl_header) +
21	count * sizeof(struct f2fs_acl_entry_short);
22	} else {
23	return sizeof(struct f2fs_acl_header) +
24	`4` * sizeof(struct f2fs_acl_entry_short) +
25	(count - `4`) * sizeof(struct f2fs_acl_entry);
26	}
27	}
28
29	static inline int f2fs_acl_count(size_t size)
30	{
31	ssize_t s;
32
33	size -= sizeof(struct f2fs_acl_header);
34	s = size - `4` * sizeof(struct f2fs_acl_entry_short);
35	if (s < `0`) {
36	if (size % sizeof(struct f2fs_acl_entry_short))
37	return -`1`;
38	return size / sizeof(struct f2fs_acl_entry_short);
39	} else {
40	if (s % sizeof(struct f2fs_acl_entry))
41	return -`1`;
42	return s / sizeof(struct f2fs_acl_entry) + `4`;
43	}
44	}
45
46	static struct posix_acl f2fs_acl_from_disk(const* char *value, size_t size)
47	{
48	int i, count;
49	struct posix_acl *acl;
50	struct f2fs_acl_header hdr = (struct* f2fs_acl_header *)value;
51	struct f2fs_acl_entry entry = (struct* f2fs_acl_entry *)(hdr + `1`);
52	const char *end = value + size;
53
54	if (size < sizeof(struct f2fs_acl_header))
55	return ERR_PTR(error: -EINVAL);
56
57	if (hdr->a_version != cpu_to_le32(F2FS_ACL_VERSION))
58	return ERR_PTR(error: -EINVAL);
59
60	count = f2fs_acl_count(size);
61	if (count < `0`)
62	return ERR_PTR(error: -EINVAL);
63	if (count == `0`)
64	return NULL;
65
66	acl = posix_acl_alloc(count, GFP_NOFS);
67	if (!acl)
68	return ERR_PTR(error: -ENOMEM);
69
70	for (i = `0`; i < count; i++) {
71
72	if ((char *)entry > end)
73	goto fail;
74
75	acl->a_entries[i].e_tag = le16_to_cpu(entry->e_tag);
76	acl->a_entries[i].e_perm = le16_to_cpu(entry->e_perm);
77
78	switch (acl->a_entries[i].e_tag) {
79	case ACL_USER_OBJ:
80	case ACL_GROUP_OBJ:
81	case ACL_MASK:
82	case ACL_OTHER:
83	entry = (struct f2fs_acl_entry )((char* *)entry +
84	sizeof(struct f2fs_acl_entry_short));
85	break;
86
87	case ACL_USER:
88	acl->a_entries[i].e_uid =
89	make_kuid(from: &init_user_ns,
90	le32_to_cpu(entry->e_id));
91	entry = (struct f2fs_acl_entry )((char* *)entry +
92	sizeof(struct f2fs_acl_entry));
93	break;
94	case ACL_GROUP:
95	acl->a_entries[i].e_gid =
96	make_kgid(from: &init_user_ns,
97	le32_to_cpu(entry->e_id));
98	entry = (struct f2fs_acl_entry )((char* *)entry +
99	sizeof(struct f2fs_acl_entry));
100	break;
101	default:
102	goto fail;
103	}
104	}
105	if ((char *)entry != end)
106	goto fail;
107	return acl;
108	fail:
109	posix_acl_release(acl);
110	return ERR_PTR(error: -EINVAL);
111	}
112
113	static void f2fs_acl_to_disk(struct* f2fs_sb_info *sbi,
114	const struct posix_acl acl, size_t size)
115	{
116	struct f2fs_acl_header *f2fs_acl;
117	struct f2fs_acl_entry *entry;
118	int i;
119
120	f2fs_acl = f2fs_kmalloc(sbi, size: sizeof(struct f2fs_acl_header) +
121	acl->a_count * sizeof(struct f2fs_acl_entry),
122	GFP_NOFS);
123	if (!f2fs_acl)
124	return ERR_PTR(error: -ENOMEM);
125
126	f2fs_acl->a_version = cpu_to_le32(F2FS_ACL_VERSION);
127	entry = (struct f2fs_acl_entry *)(f2fs_acl + `1`);
128
129	for (i = `0`; i < acl->a_count; i++) {
130
131	entry->e_tag = cpu_to_le16(acl->a_entries[i].e_tag);
132	entry->e_perm = cpu_to_le16(acl->a_entries[i].e_perm);
133
134	switch (acl->a_entries[i].e_tag) {
135	case ACL_USER:
136	entry->e_id = cpu_to_le32(
137	from_kuid(&init_user_ns,
138	acl->a_entries[i].e_uid));
139	entry = (struct f2fs_acl_entry )((char* *)entry +
140	sizeof(struct f2fs_acl_entry));
141	break;
142	case ACL_GROUP:
143	entry->e_id = cpu_to_le32(
144	from_kgid(&init_user_ns,
145	acl->a_entries[i].e_gid));
146	entry = (struct f2fs_acl_entry )((char* *)entry +
147	sizeof(struct f2fs_acl_entry));
148	break;
149	case ACL_USER_OBJ:
150	case ACL_GROUP_OBJ:
151	case ACL_MASK:
152	case ACL_OTHER:
153	entry = (struct f2fs_acl_entry )((char* *)entry +
154	sizeof(struct f2fs_acl_entry_short));
155	break;
156	default:
157	goto fail;
158	}
159	}
160	*size = f2fs_acl_size(count: acl->a_count);
161	return (void *)f2fs_acl;
162
163	fail:
164	kfree(objp: f2fs_acl);
165	return ERR_PTR(error: -EINVAL);
166	}
167
168	static struct posix_acl __f2fs_get_acl(struct* inode inode, int* type,
169	struct page *dpage)
170	{
171	int name_index = F2FS_XATTR_INDEX_POSIX_ACL_DEFAULT;
172	void *value = NULL;
173	struct posix_acl *acl;
174	int retval;
175
176	if (type == ACL_TYPE_ACCESS)
177	name_index = F2FS_XATTR_INDEX_POSIX_ACL_ACCESS;
178
179	retval = f2fs_getxattr(inode, name_index, "", NULL, `0`, dpage);
180	if (retval > `0`) {
181	value = f2fs_kmalloc(sbi: F2FS_I_SB(inode), size: retval, GFP_F2FS_ZERO);
182	if (!value)
183	return ERR_PTR(error: -ENOMEM);
184	retval = f2fs_getxattr(inode, name_index, "", value,
185	retval, dpage);
186	}
187
188	if (retval > `0`)
189	acl = f2fs_acl_from_disk(value, size: retval);
190	else if (retval == -ENODATA)
191	acl = NULL;
192	else
193	acl = ERR_PTR(error: retval);
194	kfree(objp: value);
195
196	return acl;
197	}
198
199	struct posix_acl f2fs_get_acl(struct* inode inode, int* type, bool rcu)
200	{
201	if (rcu)
202	return ERR_PTR(error: -ECHILD);
203
204	return __f2fs_get_acl(inode, type, NULL);
205	}
206
207	static int f2fs_acl_update_mode(struct mnt_idmap *idmap,
208	struct inode inode, umode_t mode_p,
209	struct posix_acl **acl)
210	{
211	umode_t mode = inode->i_mode;
212	int error;
213
214	if (is_inode_flag_set(inode, flag: FI_ACL_MODE))
215	mode = F2FS_I(inode)->i_acl_mode;
216
217	error = posix_acl_equiv_mode(*acl, &mode);
218	if (error < `0`)
219	return error;
220	if (error == `0`)
221	*acl = NULL;
222	if (!vfsgid_in_group_p(vfsgid: i_gid_into_vfsgid(idmap, inode)) &&
223	!capable_wrt_inode_uidgid(idmap, inode, CAP_FSETID))
224	mode &= ~S_ISGID;
225	*mode_p = mode;
226	return `0`;
227	}
228
229	static int __f2fs_set_acl(struct mnt_idmap *idmap,
230	struct inode inode, int* type,
231	struct posix_acl acl, struct* page *ipage)
232	{
233	int name_index;
234	void *value = NULL;
235	size_t size = `0`;
236	int error;
237	umode_t mode = inode->i_mode;
238
239	switch (type) {
240	case ACL_TYPE_ACCESS:
241	name_index = F2FS_XATTR_INDEX_POSIX_ACL_ACCESS;
242	if (acl && !ipage) {
243	error = f2fs_acl_update_mode(idmap, inode,
244	mode_p: &mode, acl: &acl);
245	if (error)
246	return error;
247	set_acl_inode(inode, mode);
248	}
249	break;
250
251	case ACL_TYPE_DEFAULT:
252	name_index = F2FS_XATTR_INDEX_POSIX_ACL_DEFAULT;
253	if (!S_ISDIR(inode->i_mode))
254	return acl ? -EACCES : `0`;
255	break;
256
257	default:
258	return -EINVAL;
259	}
260
261	if (acl) {
262	value = f2fs_acl_to_disk(sbi: F2FS_I_SB(inode), acl, size: &size);
263	if (IS_ERR(ptr: value)) {
264	clear_inode_flag(inode, flag: FI_ACL_MODE);
265	return PTR_ERR(ptr: value);
266	}
267	}
268
269	error = f2fs_setxattr(inode, name_index, "", value, size, ipage, `0`);
270
271	kfree(objp: value);
272	if (!error)
273	set_cached_acl(inode, type, acl);
274
275	clear_inode_flag(inode, flag: FI_ACL_MODE);
276	return error;
277	}
278
279	int f2fs_set_acl(struct mnt_idmap idmap, struct* dentry *dentry,
280	struct posix_acl acl, int* type)
281	{
282	struct inode *inode = d_inode(dentry);
283
284	if (unlikely(f2fs_cp_error(F2FS_I_SB(inode))))
285	return -EIO;
286
287	return __f2fs_set_acl(idmap, inode, type, acl, NULL);
288	}
289
290	/*
291	* Most part of f2fs_acl_clone, f2fs_acl_create_masq, f2fs_acl_create
292	* are copied from posix_acl.c
293	*/
294	static struct posix_acl f2fs_acl_clone(const* struct posix_acl *acl,
295	gfp_t flags)
296	{
297	struct posix_acl *clone = NULL;
298
299	if (acl) {
300	int size = sizeof(struct posix_acl) + acl->a_count *
301	sizeof(struct posix_acl_entry);
302	clone = kmemdup(p: acl, size, gfp: flags);
303	if (clone)
304	refcount_set(r: &clone->a_refcount, n: `1`);
305	}
306	return clone;
307	}
308
309	static int f2fs_acl_create_masq(struct posix_acl acl, umode_t mode_p)
310	{
311	struct posix_acl_entry pa, pe;
312	struct posix_acl_entry group_obj = NULL, mask_obj = NULL;
313	umode_t mode = *mode_p;
314	int not_equiv = `0`;
315
316	/ assert(atomic_read(acl->a_refcount) == 1); /
317
318	FOREACH_ACL_ENTRY(pa, acl, pe) {
319	switch (pa->e_tag) {
320	case ACL_USER_OBJ:
321	pa->e_perm &= (mode >> `6`) \| ~S_IRWXO;
322	mode &= (pa->e_perm << `6`) \| ~S_IRWXU;
323	break;
324
325	case ACL_USER:
326	case ACL_GROUP:
327	not_equiv = `1`;
328	break;
329
330	case ACL_GROUP_OBJ:
331	group_obj = pa;
332	break;
333
334	case ACL_OTHER:
335	pa->e_perm &= mode \| ~S_IRWXO;
336	mode &= pa->e_perm \| ~S_IRWXO;
337	break;
338
339	case ACL_MASK:
340	mask_obj = pa;
341	not_equiv = `1`;
342	break;
343
344	default:
345	return -EIO;
346	}
347	}
348
349	if (mask_obj) {
350	mask_obj->e_perm &= (mode >> `3`) \| ~S_IRWXO;
351	mode &= (mask_obj->e_perm << `3`) \| ~S_IRWXG;
352	} else {
353	if (!group_obj)
354	return -EIO;
355	group_obj->e_perm &= (mode >> `3`) \| ~S_IRWXO;
356	mode &= (group_obj->e_perm << `3`) \| ~S_IRWXG;
357	}
358
359	mode_p = (mode_p & ~S_IRWXUGO) \| mode;
360	return not_equiv;
361	}
362
363	static int f2fs_acl_create(struct inode dir, umode_t mode,
364	struct posix_acl default_acl, struct posix_acl acl,
365	struct page *dpage)
366	{
367	struct posix_acl *p;
368	struct posix_acl *clone;
369	int ret;
370
371	*acl = NULL;
372	*default_acl = NULL;
373
374	if (S_ISLNK(*mode) \|\| !IS_POSIXACL(dir))
375	return `0`;
376
377	p = __f2fs_get_acl(inode: dir, ACL_TYPE_DEFAULT, dpage);
378	if (!p \|\| p == ERR_PTR(error: -EOPNOTSUPP)) {
379	*mode &= ~current_umask();
380	return `0`;
381	}
382	if (IS_ERR(ptr: p))
383	return PTR_ERR(ptr: p);
384
385	clone = f2fs_acl_clone(acl: p, GFP_NOFS);
386	if (!clone) {
387	ret = -ENOMEM;
388	goto release_acl;
389	}
390
391	ret = f2fs_acl_create_masq(acl: clone, mode_p: mode);
392	if (ret < `0`)
393	goto release_clone;
394
395	if (ret == `0`)
396	posix_acl_release(acl: clone);
397	else
398	*acl = clone;
399
400	if (!S_ISDIR(*mode))
401	posix_acl_release(acl: p);
402	else
403	*default_acl = p;
404
405	return `0`;
406
407	release_clone:
408	posix_acl_release(acl: clone);
409	release_acl:
410	posix_acl_release(acl: p);
411	return ret;
412	}
413
414	int f2fs_init_acl(struct inode inode, struct* inode dir, struct* page *ipage,
415	struct page *dpage)
416	{
417	struct posix_acl default_acl = NULL, acl = NULL;
418	int error;
419
420	error = f2fs_acl_create(dir, mode: &inode->i_mode, default_acl: &default_acl, acl: &acl, dpage);
421	if (error)
422	return error;
423
424	f2fs_mark_inode_dirty_sync(inode, sync: true);
425
426	if (default_acl) {
427	error = __f2fs_set_acl(NULL, inode, ACL_TYPE_DEFAULT, acl: default_acl,
428	ipage);
429	posix_acl_release(acl: default_acl);
430	} else {
431	inode->i_default_acl = NULL;
432	}
433	if (acl) {
434	if (!error)
435	error = __f2fs_set_acl(NULL, inode, ACL_TYPE_ACCESS, acl,
436	ipage);
437	posix_acl_release(acl);
438	} else {
439	inode->i_acl = NULL;
440	}
441
442	return error;
443	}
444

source code of linux/fs/f2fs/acl.c