4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 2011, Lawrence Livermore National Security, LLC.
24 * Extended attributes (xattr) on Solaris are implemented as files
25 * which exist in a hidden xattr directory. These extended attributes
26 * can be accessed using the attropen() system call which opens
27 * the extended attribute. It can then be manipulated just like
28 * a standard file descriptor. This has a couple advantages such
29 * as practically no size limit on the file, and the extended
30 * attributes permissions may differ from those of the parent file.
31 * This interface is really quite clever, but it's also completely
32 * different than what is supported on Linux. It also comes with a
33 * steep performance penalty when accessing small xattrs because they
34 * are not stored with the parent file.
36 * Under Linux extended attributes are manipulated by the system
37 * calls getxattr(2), setxattr(2), and listxattr(2). They consider
38 * extended attributes to be name/value pairs where the name is a
39 * NULL terminated string. The name must also include one of the
40 * following namespace prefixes:
42 * user - No restrictions and is available to user applications.
43 * trusted - Restricted to kernel and root (CAP_SYS_ADMIN) use.
44 * system - Used for access control lists (system.nfs4_acl, etc).
45 * security - Used by SELinux to store a files security context.
47 * The value under Linux to limited to 65536 bytes of binary data.
48 * In practice, individual xattrs tend to be much smaller than this
49 * and are typically less than 100 bytes. A good example of this
50 * are the security.selinux xattrs which are less than 100 bytes and
51 * exist for every file when xattr labeling is enabled.
53 * The Linux xattr implemenation has been written to take advantage of
54 * this typical usage. When the dataset property 'xattr=sa' is set,
55 * then xattrs will be preferentially stored as System Attributes (SA).
56 * This allows tiny xattrs (~100 bytes) to be stored with the dnode and
57 * up to 64k of xattrs to be stored in the spill block. If additional
58 * xattr space is required, which is unlikely under Linux, they will
59 * be stored using the traditional directory approach.
61 * This optimization results in roughly a 3x performance improvement
62 * when accessing xattrs because it avoids the need to perform a seek
63 * for every xattr value. When multiple xattrs are stored per-file
64 * the performance improvements are even greater because all of the
65 * xattrs stored in the spill block will be cached.
67 * However, by default SA based xattrs are disabled in the Linux port
68 * to maximize compatibility with other implementations. If you do
69 * enable SA based xattrs then they will not be visible on platforms
70 * which do not support this feature.
72 * NOTE: One additional consequence of the xattr directory implementation
73 * is that when an extended attribute is manipulated an inode is created.
74 * This inode will exist in the Linux inode cache but there will be no
75 * associated entry in the dentry cache which references it. This is
76 * safe but it may result in some confusion. Enabling SA based xattrs
77 * largely avoids the issue except in the overflow case.
80 #include <sys/zfs_vfsops.h>
81 #include <sys/zfs_vnops.h>
82 #include <sys/zfs_znode.h>
87 typedef struct xattr_filldir {
95 zpl_xattr_filldir(xattr_filldir_t *xf, const char *name, int name_len)
97 if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN))
98 if (!(ITOZSB(xf->inode)->z_flags & ZSB_XATTR))
101 if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN))
102 if (!capable(CAP_SYS_ADMIN))
105 /* When xf->buf is NULL only calculate the required size. */
107 if (xf->offset + name_len + 1 > xf->size)
110 memcpy(xf->buf + xf->offset, name, name_len);
111 xf->buf[xf->offset + name_len] = '\0';
114 xf->offset += (name_len + 1);
120 * Read as many directory entry names as will fit in to the provided buffer,
121 * or when no buffer is provided calculate the required buffer size.
124 zpl_xattr_readdir(struct inode *dxip, xattr_filldir_t *xf)
130 zap_cursor_init(&zc, ITOZSB(dxip)->z_os, ITOZ(dxip)->z_id);
132 while ((error = -zap_cursor_retrieve(&zc, &zap)) == 0) {
134 if (zap.za_integer_length != 8 || zap.za_num_integers != 1) {
139 error = zpl_xattr_filldir(xf, zap.za_name, strlen(zap.za_name));
143 zap_cursor_advance(&zc);
146 zap_cursor_fini(&zc);
148 if (error == -ENOENT)
155 zpl_xattr_list_dir(xattr_filldir_t *xf, cred_t *cr)
157 struct inode *ip = xf->inode;
158 struct inode *dxip = NULL;
161 /* Lookup the xattr directory */
162 error = -zfs_lookup(ip, NULL, &dxip, LOOKUP_XATTR, cr, NULL, NULL);
164 if (error == -ENOENT)
170 error = zpl_xattr_readdir(dxip, xf);
177 zpl_xattr_list_sa(xattr_filldir_t *xf)
179 znode_t *zp = ITOZ(xf->inode);
180 nvpair_t *nvp = NULL;
183 mutex_enter(&zp->z_lock);
184 if (zp->z_xattr_cached == NULL)
185 error = -zfs_sa_get_xattr(zp);
186 mutex_exit(&zp->z_lock);
191 ASSERT(zp->z_xattr_cached);
193 while ((nvp = nvlist_next_nvpair(zp->z_xattr_cached, nvp)) != NULL) {
194 ASSERT3U(nvpair_type(nvp), ==, DATA_TYPE_BYTE_ARRAY);
196 error = zpl_xattr_filldir(xf, nvpair_name(nvp),
197 strlen(nvpair_name(nvp)));
206 zpl_xattr_list(struct dentry *dentry, char *buffer, size_t buffer_size)
208 znode_t *zp = ITOZ(dentry->d_inode);
209 zfs_sb_t *zsb = ZTOZSB(zp);
210 xattr_filldir_t xf = { buffer_size, 0, buffer, dentry->d_inode };
215 rw_enter(&zp->z_xattr_lock, RW_READER);
217 if (zsb->z_use_sa && zp->z_is_sa) {
218 error = zpl_xattr_list_sa(&xf);
223 error = zpl_xattr_list_dir(&xf, cr);
230 rw_exit(&zp->z_xattr_lock);
237 zpl_xattr_get_dir(struct inode *ip, const char *name, void *value,
238 size_t size, cred_t *cr)
240 struct inode *dxip = NULL;
241 struct inode *xip = NULL;
244 /* Lookup the xattr directory */
245 error = -zfs_lookup(ip, NULL, &dxip, LOOKUP_XATTR, cr, NULL, NULL);
249 /* Lookup a specific xattr name in the directory */
250 error = -zfs_lookup(dxip, (char *)name, &xip, 0, cr, NULL, NULL);
255 error = i_size_read(xip);
259 if (size < i_size_read(xip)) {
264 error = zpl_read_common(xip, value, size, 0, UIO_SYSSPACE, 0, cr);
276 zpl_xattr_get_sa(struct inode *ip, const char *name, void *value, size_t size)
278 znode_t *zp = ITOZ(ip);
283 ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock));
285 mutex_enter(&zp->z_lock);
286 if (zp->z_xattr_cached == NULL)
287 error = -zfs_sa_get_xattr(zp);
288 mutex_exit(&zp->z_lock);
293 ASSERT(zp->z_xattr_cached);
294 error = -nvlist_lookup_byte_array(zp->z_xattr_cached, name,
295 &nv_value, &nv_size);
305 memcpy(value, nv_value, nv_size);
311 __zpl_xattr_get(struct inode *ip, const char *name, void *value, size_t size,
314 znode_t *zp = ITOZ(ip);
315 zfs_sb_t *zsb = ZTOZSB(zp);
318 ASSERT(RW_LOCK_HELD(&zp->z_xattr_lock));
320 if (zsb->z_use_sa && zp->z_is_sa) {
321 error = zpl_xattr_get_sa(ip, name, value, size);
322 if (error != -ENOENT)
326 error = zpl_xattr_get_dir(ip, name, value, size, cr);
328 if (error == -ENOENT)
335 zpl_xattr_get(struct inode *ip, const char *name, void *value, size_t size)
337 znode_t *zp = ITOZ(ip);
342 rw_enter(&zp->z_xattr_lock, RW_READER);
343 error = __zpl_xattr_get(ip, name, value, size, cr);
344 rw_exit(&zp->z_xattr_lock);
351 zpl_xattr_set_dir(struct inode *ip, const char *name, const void *value,
352 size_t size, int flags, cred_t *cr)
354 struct inode *dxip = NULL;
355 struct inode *xip = NULL;
359 const int xattr_mode = S_IFREG | 0644;
361 /* Lookup the xattr directory and create it if required. */
362 error = -zfs_lookup(ip, NULL, &dxip, LOOKUP_XATTR | CREATE_XATTR_DIR,
367 /* Lookup a specific xattr name in the directory */
368 error = -zfs_lookup(dxip, (char *)name, &xip, 0, cr, NULL, NULL);
369 if (error && (error != -ENOENT))
374 /* Remove a specific name xattr when value is set to NULL. */
377 error = -zfs_remove(dxip, (char *)name, cr);
382 /* Lookup failed create a new xattr. */
384 vap = kmem_zalloc(sizeof(vattr_t), KM_SLEEP);
385 vap->va_mode = xattr_mode;
386 vap->va_mask = ATTR_MODE;
387 vap->va_uid = crgetfsuid(cr);
388 vap->va_gid = crgetfsgid(cr);
390 error = -zfs_create(dxip, (char *)name, vap, 0, 0644, &xip,
398 error = -zfs_freesp(ITOZ(xip), 0, 0, xattr_mode, TRUE);
402 wrote = zpl_write_common(xip, value, size, 0, UIO_SYSSPACE, 0, cr);
408 kmem_free(vap, sizeof(vattr_t));
416 if (error == -ENOENT)
419 ASSERT3S(error, <=, 0);
425 zpl_xattr_set_sa(struct inode *ip, const char *name, const void *value,
426 size_t size, int flags, cred_t *cr)
428 znode_t *zp = ITOZ(ip);
433 ASSERT(zp->z_xattr_cached);
434 nvl = zp->z_xattr_cached;
437 error = -nvlist_remove(nvl, name, DATA_TYPE_BYTE_ARRAY);
438 if (error == -ENOENT)
439 error = zpl_xattr_set_dir(ip, name, NULL, 0, flags, cr);
441 /* Limited to 32k to keep nvpair memory allocations small */
442 if (size > DXATTR_MAX_ENTRY_SIZE)
445 /* Prevent the DXATTR SA from consuming the entire SA region */
446 error = -nvlist_size(nvl, &sa_size, NV_ENCODE_XDR);
450 if (sa_size > DXATTR_MAX_SA_SIZE)
453 error = -nvlist_add_byte_array(nvl, name,
454 (uchar_t *)value, size);
459 /* Update the SA for additions, modifications, and removals. */
461 error = -zfs_sa_set_xattr(zp);
463 ASSERT3S(error, <=, 0);
469 zpl_xattr_set(struct inode *ip, const char *name, const void *value,
470 size_t size, int flags)
472 znode_t *zp = ITOZ(ip);
473 zfs_sb_t *zsb = ZTOZSB(zp);
478 rw_enter(&ITOZ(ip)->z_xattr_lock, RW_WRITER);
481 * Before setting the xattr check to see if it already exists.
482 * This is done to ensure the following optional flags are honored.
484 * XATTR_CREATE: fail if xattr already exists
485 * XATTR_REPLACE: fail if xattr does not exist
487 error = __zpl_xattr_get(ip, name, NULL, 0, cr);
489 if (error != -ENODATA)
492 if ((error == -ENODATA) && (flags & XATTR_REPLACE))
496 if (flags & XATTR_CREATE)
500 /* Preferentially store the xattr as a SA for better performance */
501 if (zsb->z_use_sa && zsb->z_xattr_sa && zp->z_is_sa) {
502 error = zpl_xattr_set_sa(ip, name, value, size, flags, cr);
507 error = zpl_xattr_set_dir(ip, name, value, size, flags, cr);
509 rw_exit(&ITOZ(ip)->z_xattr_lock);
511 ASSERT3S(error, <=, 0);
517 __zpl_xattr_user_get(struct inode *ip, const char *name,
518 void *value, size_t size)
523 if (strcmp(name, "") == 0)
526 if (!(ITOZSB(ip)->z_flags & ZSB_XATTR))
529 xattr_name = kmem_asprintf("%s%s", XATTR_USER_PREFIX, name);
530 error = zpl_xattr_get(ip, xattr_name, value, size);
535 ZPL_XATTR_GET_WRAPPER(zpl_xattr_user_get);
538 __zpl_xattr_user_set(struct inode *ip, const char *name,
539 const void *value, size_t size, int flags)
544 if (strcmp(name, "") == 0)
547 if (!(ITOZSB(ip)->z_flags & ZSB_XATTR))
550 xattr_name = kmem_asprintf("%s%s", XATTR_USER_PREFIX, name);
551 error = zpl_xattr_set(ip, xattr_name, value, size, flags);
556 ZPL_XATTR_SET_WRAPPER(zpl_xattr_user_set);
558 xattr_handler_t zpl_xattr_user_handler = {
559 .prefix = XATTR_USER_PREFIX,
560 .get = zpl_xattr_user_get,
561 .set = zpl_xattr_user_set,
565 __zpl_xattr_trusted_get(struct inode *ip, const char *name,
566 void *value, size_t size)
571 if (!capable(CAP_SYS_ADMIN))
574 if (strcmp(name, "") == 0)
577 xattr_name = kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX, name);
578 error = zpl_xattr_get(ip, xattr_name, value, size);
583 ZPL_XATTR_GET_WRAPPER(zpl_xattr_trusted_get);
586 __zpl_xattr_trusted_set(struct inode *ip, const char *name,
587 const void *value, size_t size, int flags)
592 if (!capable(CAP_SYS_ADMIN))
595 if (strcmp(name, "") == 0)
598 xattr_name = kmem_asprintf("%s%s", XATTR_TRUSTED_PREFIX, name);
599 error = zpl_xattr_set(ip, xattr_name, value, size, flags);
604 ZPL_XATTR_SET_WRAPPER(zpl_xattr_trusted_set);
606 xattr_handler_t zpl_xattr_trusted_handler = {
607 .prefix = XATTR_TRUSTED_PREFIX,
608 .get = zpl_xattr_trusted_get,
609 .set = zpl_xattr_trusted_set,
613 __zpl_xattr_security_get(struct inode *ip, const char *name,
614 void *value, size_t size)
619 if (strcmp(name, "") == 0)
622 xattr_name = kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX, name);
623 error = zpl_xattr_get(ip, xattr_name, value, size);
628 ZPL_XATTR_GET_WRAPPER(zpl_xattr_security_get);
631 __zpl_xattr_security_set(struct inode *ip, const char *name,
632 const void *value, size_t size, int flags)
637 if (strcmp(name, "") == 0)
640 xattr_name = kmem_asprintf("%s%s", XATTR_SECURITY_PREFIX, name);
641 error = zpl_xattr_set(ip, xattr_name, value, size, flags);
646 ZPL_XATTR_SET_WRAPPER(zpl_xattr_security_set);
648 #ifdef HAVE_CALLBACK_SECURITY_INODE_INIT_SECURITY
650 __zpl_xattr_security_init(struct inode *ip, const struct xattr *xattrs,
653 const struct xattr *xattr;
656 for (xattr = xattrs; xattr->name != NULL; xattr++) {
657 error = __zpl_xattr_security_set(ip,
658 xattr->name, xattr->value, xattr->value_len, 0);
668 zpl_xattr_security_init(struct inode *ip, struct inode *dip,
669 const struct qstr *qstr)
671 return security_inode_init_security(ip, dip, qstr,
672 &__zpl_xattr_security_init, NULL);
677 zpl_xattr_security_init(struct inode *ip, struct inode *dip,
678 const struct qstr *qstr)
685 error = zpl_security_inode_init_security(ip, dip, qstr,
686 &name, &value, &len);
688 if (error == -EOPNOTSUPP)
693 error = __zpl_xattr_security_set(ip, name, value, len, 0);
700 #endif /* HAVE_CALLBACK_SECURITY_INODE_INIT_SECURITY */
702 xattr_handler_t zpl_xattr_security_handler = {
703 .prefix = XATTR_SECURITY_PREFIX,
704 .get = zpl_xattr_security_get,
705 .set = zpl_xattr_security_set,
708 xattr_handler_t *zpl_xattr_handlers[] = {
709 &zpl_xattr_security_handler,
710 &zpl_xattr_trusted_handler,
711 &zpl_xattr_user_handler,
712 #ifdef HAVE_POSIX_ACLS
713 &zpl_xattr_acl_access_handler,
714 &zpl_xattr_acl_default_handler,
715 #endif /* HAVE_POSIX_ACLS */