4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 2011, Lawrence Livermore National Security, LLC.
24 * Extended attributes (xattr) on Solaris are implemented as files
25 * which exist in a hidden xattr directory. These extended attributes
26 * can be accessed using the attropen() system call which opens
27 * the extended attribute. It can then be manipulated just like
28 * a standard file descriptor. This has a couple advantages such
29 * as practically no size limit on the file, and the extended
30 * attributes permissions may differ from those of the parent file.
31 * This interface is really quite clever, but it's also completely
32 * different than what is supported on Linux.
34 * Under Linux extended attributes are manipulated by the system
35 * calls getxattr(2), setxattr(2), and listxattr(2). They consider
36 * extended attributes to be name/value pairs where the name is a
37 * NULL terminated string. The name must also include one of the
38 * following name space prefixes:
40 * user - No restrictions and is available to user applications.
41 * trusted - Restricted to kernel and root (CAP_SYS_ADMIN) use.
42 * system - Used for access control lists (system.nfs4_acl, etc).
43 * security - Used by SELinux to store a files security context.
45 * This Linux interface is implemented internally using the more
46 * flexible Solaris style extended attributes. Every extended
47 * attribute is store as a file in a hidden directory associated
48 * with the parent file. This ensures on disk compatibility with
49 * zfs implementations on other platforms (Solaris, FreeBSD, MacOS).
51 * One consequence of this implementation is that when an extended
52 * attribute is manipulated an inode is created. This inode will
53 * exist in the Linux inode cache but there will be no associated
54 * entry in the dentry cache which references it. This is safe
55 * but it may result in some confusion.
57 * Longer term I would like to see the 'security.selinux' extended
58 * attribute moved to a SA. This should significantly improve
59 * performance on a SELinux enabled system by minimizing the
60 * number of seeks required to access a file. However, for now
61 * this xattr is still stored in a file because I'm pretty sure
62 * adding a new SA will break on-disk compatibility.
66 #include <sys/zfs_vfsops.h>
67 #include <sys/zfs_vnops.h>
68 #include <sys/zfs_znode.h>
72 typedef struct xattr_filldir {
80 zpl_xattr_filldir(void *arg, const char *name, int name_len,
81 loff_t offset, uint64_t objnum, unsigned int d_type)
83 xattr_filldir_t *xf = arg;
85 if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN))
86 if (!(ITOZSB(xf->inode)->z_flags & ZSB_XATTR))
89 if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN))
90 if (!capable(CAP_SYS_ADMIN))
93 /* When xf->buf is NULL only calculate the required size. */
95 if (xf->offset + name_len + 1 > xf->size)
98 memcpy(xf->buf + xf->offset, name, name_len);
99 xf->buf[xf->offset + name_len] = '\0';
102 xf->offset += (name_len + 1);
108 zpl_xattr_list(struct dentry *dentry, char *buffer, size_t buffer_size)
110 struct inode *ip = dentry->d_inode;
111 struct inode *dxip = NULL;
112 loff_t pos = 3; /* skip '.', '..', and '.zfs' entries. */
115 xattr_filldir_t xf = { buffer_size, 0, buffer, ip };
119 /* Lookup the xattr directory */
120 error = -zfs_lookup(ip, NULL, &dxip, LOOKUP_XATTR, cr, NULL, NULL);
122 if (error == -ENOENT)
128 /* Fill provided buffer via zpl_zattr_filldir helper */
129 error = -zfs_readdir(dxip, (void *)&xf, zpl_xattr_filldir, &pos, cr);
144 zpl_xattr_get(struct inode *ip, const char *name, void *buf, size_t size)
146 struct inode *dxip = NULL;
147 struct inode *xip = NULL;
153 /* Lookup the xattr directory */
154 error = -zfs_lookup(ip, NULL, &dxip, LOOKUP_XATTR, cr, NULL, NULL);
158 /* Lookup a specific xattr name in the directory */
159 error = -zfs_lookup(dxip, (char *)name, &xip, 0, cr, NULL, NULL);
164 error = i_size_read(xip);
168 error = zpl_read_common(xip, buf, size, 0, UIO_SYSSPACE, 0, cr);
178 if (error == -ENOENT)
185 zpl_xattr_set(struct inode *ip, const char *name, const void *value,
186 size_t size, int flags)
188 struct inode *dxip = NULL;
189 struct inode *xip = NULL;
194 const int xattr_mode = S_IFREG | 0644;
198 /* Lookup the xattr directory and create it if required. */
199 error = -zfs_lookup(ip, NULL, &dxip, LOOKUP_XATTR | CREATE_XATTR_DIR,
205 * Lookup a specific xattr name in the directory, two failure modes:
206 * XATTR_CREATE: fail if xattr already exists
207 * XATTR_REMOVE: fail if xattr does not exist
209 error = -zfs_lookup(dxip, (char *)name, &xip, 0, cr, NULL, NULL);
211 if (error != -ENOENT)
214 if ((error == -ENOENT) && (flags & XATTR_REPLACE))
218 if (flags & XATTR_CREATE)
223 /* Remove a specific name xattr when value is set to NULL. */
226 error = -zfs_remove(dxip, (char *)name, cr);
231 /* Lookup failed create a new xattr. */
233 vap = kmem_zalloc(sizeof(vattr_t), KM_SLEEP);
234 vap->va_mode = xattr_mode;
235 vap->va_mask = ATTR_MODE;
236 vap->va_uid = crgetfsuid(cr);
237 vap->va_gid = crgetfsgid(cr);
239 error = -zfs_create(dxip, (char *)name, vap, 0, 0644, &xip,
247 error = -zfs_freesp(ITOZ(xip), 0, 0, xattr_mode, TRUE);
251 wrote = zpl_write_common(xip, value, size, 0, UIO_SYSSPACE, 0, cr);
257 kmem_free(vap, sizeof(vattr_t));
266 if (error == -ENOENT)
269 ASSERT3S(error, <=, 0);
275 __zpl_xattr_user_get(struct inode *ip, const char *name,
276 void *buffer, size_t size)
281 if (strcmp(name, "") == 0)
284 if (!(ITOZSB(ip)->z_flags & ZSB_XATTR))
287 xattr_name = kmem_asprintf("%s%s", XATTR_USER_PREFIX, name);
288 error = zpl_xattr_get(ip, xattr_name, buffer, size);
293 ZPL_XATTR_GET_WRAPPER(zpl_xattr_user_get);
296 __zpl_xattr_user_set(struct inode *ip, const char *name,
297 const void *value, size_t size, int flags)
302 if (strcmp(name, "") == 0)
305 if (!(ITOZSB(ip)->z_flags & ZSB_XATTR))
308 xattr_name = kmem_asprintf("%s%s", XATTR_USER_PREFIX, name);
309 error = zpl_xattr_set(ip, xattr_name, value, size, flags);
314 ZPL_XATTR_SET_WRAPPER(zpl_xattr_user_set);
316 xattr_handler_t zpl_xattr_user_handler = {
317 .prefix = XATTR_USER_PREFIX,
318 .get = zpl_xattr_user_get,
319 .set = zpl_xattr_user_set,
323 __zpl_xattr_trusted_get(struct inode *ip, const char *name,
324 void *buffer, size_t size)
329 if (!capable(CAP_SYS_ADMIN))
332 if (strcmp(name, "") == 0)
335 xattr_name = kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX, name);
336 error = zpl_xattr_get(ip, xattr_name, buffer, size);
341 ZPL_XATTR_GET_WRAPPER(zpl_xattr_trusted_get);
344 __zpl_xattr_trusted_set(struct inode *ip, const char *name,
345 const void *value, size_t size, int flags)
350 if (!capable(CAP_SYS_ADMIN))
353 if (strcmp(name, "") == 0)
356 xattr_name = kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX, name);
357 error = zpl_xattr_set(ip, xattr_name, value, size, flags);
362 ZPL_XATTR_SET_WRAPPER(zpl_xattr_trusted_set);
364 xattr_handler_t zpl_xattr_trusted_handler = {
365 .prefix = XATTR_TRUSTED_PREFIX,
366 .get = zpl_xattr_trusted_get,
367 .set = zpl_xattr_trusted_set,
371 __zpl_xattr_security_get(struct inode *ip, const char *name,
372 void *buffer, size_t size)
377 if (strcmp(name, "") == 0)
380 xattr_name = kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX, name);
381 error = zpl_xattr_get(ip, xattr_name, buffer, size);
386 ZPL_XATTR_GET_WRAPPER(zpl_xattr_security_get);
389 __zpl_xattr_security_set(struct inode *ip, const char *name,
390 const void *value, size_t size, int flags)
395 if (strcmp(name, "") == 0)
398 xattr_name = kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX, name);
399 error = zpl_xattr_set(ip, xattr_name, value, size, flags);
404 ZPL_XATTR_SET_WRAPPER(zpl_xattr_security_set);
407 zpl_xattr_security_init(struct inode *ip, struct inode *dip,
408 const struct qstr *qstr)
415 error = zpl_security_inode_init_security(ip, dip, qstr,
416 &name, &value, &len);
418 if (error == -EOPNOTSUPP)
424 error = __zpl_xattr_security_set(ip, name, value, len, 0);
432 xattr_handler_t zpl_xattr_security_handler = {
433 .prefix = XATTR_SECURITY_PREFIX,
434 .get = zpl_xattr_security_get,
435 .set = zpl_xattr_security_set,
438 xattr_handler_t *zpl_xattr_handlers[] = {
439 &zpl_xattr_security_handler,
440 &zpl_xattr_trusted_handler,
441 &zpl_xattr_user_handler,
442 #ifdef HAVE_POSIX_ACLS
443 &zpl_xattr_acl_access_handler,
444 &zpl_xattr_acl_default_handler,
445 #endif /* HAVE_POSIX_ACLS */