[linux.git] / fs / f2fs / acl.c

// SPDX-License-Identifier: GPL-2.0
/*
 * fs/f2fs/acl.c
 *
 * Copyright (c) 2012 Samsung Electronics Co., Ltd.
 *             http://www.samsung.com/
 *
 * Portions of this code from linux/fs/ext2/acl.c
 *
 * Copyright (C) 2001-2003 Andreas Gruenbacher, <[email protected]>
 */
#include <linux/f2fs_fs.h>
#include "f2fs.h"
#include "xattr.h"
#include "acl.h"

static inline size_t f2fs_acl_size(int count)
{
	if (count <= 4) {
		return sizeof(struct f2fs_acl_header) +
			count * sizeof(struct f2fs_acl_entry_short);
	} else {
		return sizeof(struct f2fs_acl_header) +
			4 * sizeof(struct f2fs_acl_entry_short) +
			(count - 4) * sizeof(struct f2fs_acl_entry);
	}
}

static inline int f2fs_acl_count(size_t size)
{
	ssize_t s;

	size -= sizeof(struct f2fs_acl_header);
	s = size - 4 * sizeof(struct f2fs_acl_entry_short);
	if (s < 0) {
		if (size % sizeof(struct f2fs_acl_entry_short))
			return -1;
		return size / sizeof(struct f2fs_acl_entry_short);
	} else {
		if (s % sizeof(struct f2fs_acl_entry))
			return -1;
		return s / sizeof(struct f2fs_acl_entry) + 4;
	}
}

static struct posix_acl *f2fs_acl_from_disk(const char *value, size_t size)
{
	int i, count;
	struct posix_acl *acl;
	struct f2fs_acl_header *hdr = (struct f2fs_acl_header *)value;
	struct f2fs_acl_entry *entry = (struct f2fs_acl_entry *)(hdr + 1);
	const char *end = value + size;

	if (size < sizeof(struct f2fs_acl_header))
		return ERR_PTR(-EINVAL);

	if (hdr->a_version != cpu_to_le32(F2FS_ACL_VERSION))
		return ERR_PTR(-EINVAL);

	count = f2fs_acl_count(size);
	if (count < 0)
		return ERR_PTR(-EINVAL);
	if (count == 0)
		return NULL;

	acl = posix_acl_alloc(count, GFP_NOFS);
	if (!acl)
		return ERR_PTR(-ENOMEM);

	for (i = 0; i < count; i++) {

		if ((char *)entry > end)
			goto fail;

		acl->a_entries[i].e_tag  = le16_to_cpu(entry->e_tag);
		acl->a_entries[i].e_perm = le16_to_cpu(entry->e_perm);

		switch (acl->a_entries[i].e_tag) {
		case ACL_USER_OBJ:
		case ACL_GROUP_OBJ:
		case ACL_MASK:
		case ACL_OTHER:
			entry = (struct f2fs_acl_entry *)((char *)entry +
					sizeof(struct f2fs_acl_entry_short));
			break;

		case ACL_USER:
			acl->a_entries[i].e_uid =
				make_kuid(&init_user_ns,
						le32_to_cpu(entry->e_id));
			entry = (struct f2fs_acl_entry *)((char *)entry +
					sizeof(struct f2fs_acl_entry));
			break;
		case ACL_GROUP:
			acl->a_entries[i].e_gid =
				make_kgid(&init_user_ns,
						le32_to_cpu(entry->e_id));
			entry = (struct f2fs_acl_entry *)((char *)entry +
					sizeof(struct f2fs_acl_entry));
			break;
		default:
			goto fail;
		}
	}
	if ((char *)entry != end)
		goto fail;
	return acl;
fail:
	posix_acl_release(acl);
	return ERR_PTR(-EINVAL);
}

static void *f2fs_acl_to_disk(struct f2fs_sb_info *sbi,
				const struct posix_acl *acl, size_t *size)
{
	struct f2fs_acl_header *f2fs_acl;
	struct f2fs_acl_entry *entry;
	int i;

	f2fs_acl = f2fs_kmalloc(sbi, sizeof(struct f2fs_acl_header) +
			acl->a_count * sizeof(struct f2fs_acl_entry),
			GFP_NOFS);
	if (!f2fs_acl)
		return ERR_PTR(-ENOMEM);

	f2fs_acl->a_version = cpu_to_le32(F2FS_ACL_VERSION);
	entry = (struct f2fs_acl_entry *)(f2fs_acl + 1);

	for (i = 0; i < acl->a_count; i++) {

		entry->e_tag  = cpu_to_le16(acl->a_entries[i].e_tag);
		entry->e_perm = cpu_to_le16(acl->a_entries[i].e_perm);

		switch (acl->a_entries[i].e_tag) {
		case ACL_USER:
			entry->e_id = cpu_to_le32(
					from_kuid(&init_user_ns,
						acl->a_entries[i].e_uid));
			entry = (struct f2fs_acl_entry *)((char *)entry +
					sizeof(struct f2fs_acl_entry));
			break;
		case ACL_GROUP:
			entry->e_id = cpu_to_le32(
					from_kgid(&init_user_ns,
						acl->a_entries[i].e_gid));
			entry = (struct f2fs_acl_entry *)((char *)entry +
					sizeof(struct f2fs_acl_entry));
			break;
		case ACL_USER_OBJ:
		case ACL_GROUP_OBJ:
		case ACL_MASK:
		case ACL_OTHER:
			entry = (struct f2fs_acl_entry *)((char *)entry +
					sizeof(struct f2fs_acl_entry_short));
			break;
		default:
			goto fail;
		}
	}
	*size = f2fs_acl_size(acl->a_count);
	return (void *)f2fs_acl;

fail:
	kfree(f2fs_acl);
	return ERR_PTR(-EINVAL);
}

static struct posix_acl *__f2fs_get_acl(struct inode *inode, int type,
						struct page *dpage)
{
	int name_index = F2FS_XATTR_INDEX_POSIX_ACL_DEFAULT;
	void *value = NULL;
	struct posix_acl *acl;
	int retval;

	if (type == ACL_TYPE_ACCESS)
		name_index = F2FS_XATTR_INDEX_POSIX_ACL_ACCESS;

	retval = f2fs_getxattr(inode, name_index, "", NULL, 0, dpage);
	if (retval > 0) {
		value = f2fs_kmalloc(F2FS_I_SB(inode), retval, GFP_F2FS_ZERO);
		if (!value)
			return ERR_PTR(-ENOMEM);
		retval = f2fs_getxattr(inode, name_index, "", value,
							retval, dpage);
	}

	if (retval > 0)
		acl = f2fs_acl_from_disk(value, retval);
	else if (retval == -ENODATA)
		acl = NULL;
	else
		acl = ERR_PTR(retval);
	kfree(value);

	return acl;
}

struct posix_acl *f2fs_get_acl(struct inode *inode, int type, bool rcu)
{
	if (rcu)
		return ERR_PTR(-ECHILD);

	return __f2fs_get_acl(inode, type, NULL);
}

static int f2fs_acl_update_mode(struct mnt_idmap *idmap,
				struct inode *inode, umode_t *mode_p,
				struct posix_acl **acl)
{
	umode_t mode = inode->i_mode;
	int error;

	if (is_inode_flag_set(inode, FI_ACL_MODE))
		mode = F2FS_I(inode)->i_acl_mode;

	error = posix_acl_equiv_mode(*acl, &mode);
	if (error < 0)
		return error;
	if (error == 0)
		*acl = NULL;
	if (!vfsgid_in_group_p(i_gid_into_vfsgid(idmap, inode)) &&
	    !capable_wrt_inode_uidgid(idmap, inode, CAP_FSETID))
		mode &= ~S_ISGID;
	*mode_p = mode;
	return 0;
}

static int __f2fs_set_acl(struct mnt_idmap *idmap,
			struct inode *inode, int type,
			struct posix_acl *acl, struct page *ipage)
{
	int name_index;
	void *value = NULL;
	size_t size = 0;
	int error;
	umode_t mode = inode->i_mode;

	switch (type) {
	case ACL_TYPE_ACCESS:
		name_index = F2FS_XATTR_INDEX_POSIX_ACL_ACCESS;
		if (acl && !ipage) {
			error = f2fs_acl_update_mode(idmap, inode,
								&mode, &acl);
			if (error)
				return error;
			set_acl_inode(inode, mode);
		}
		break;

	case ACL_TYPE_DEFAULT:
		name_index = F2FS_XATTR_INDEX_POSIX_ACL_DEFAULT;
		if (!S_ISDIR(inode->i_mode))
			return acl ? -EACCES : 0;
		break;

	default:
		return -EINVAL;
	}

	if (acl) {
		value = f2fs_acl_to_disk(F2FS_I_SB(inode), acl, &size);
		if (IS_ERR(value)) {
			clear_inode_flag(inode, FI_ACL_MODE);
			return PTR_ERR(value);
		}
	}

	error = f2fs_setxattr(inode, name_index, "", value, size, ipage, 0);

	kfree(value);
	if (!error)
		set_cached_acl(inode, type, acl);

	clear_inode_flag(inode, FI_ACL_MODE);
	return error;
}

int f2fs_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
		 struct posix_acl *acl, int type)
{
	struct inode *inode = d_inode(dentry);

	if (unlikely(f2fs_cp_error(F2FS_I_SB(inode))))
		return -EIO;

	return __f2fs_set_acl(idmap, inode, type, acl, NULL);
}

/*
 * Most part of f2fs_acl_clone, f2fs_acl_create_masq, f2fs_acl_create
 * are copied from posix_acl.c
 */
static struct posix_acl *f2fs_acl_clone(const struct posix_acl *acl,
							gfp_t flags)
{
	struct posix_acl *clone = NULL;

	if (acl) {
		int size = sizeof(struct posix_acl) + acl->a_count *
				sizeof(struct posix_acl_entry);
		clone = kmemdup(acl, size, flags);
		if (clone)
			refcount_set(&clone->a_refcount, 1);
	}
	return clone;
}

static int f2fs_acl_create_masq(struct posix_acl *acl, umode_t *mode_p)
{
	struct posix_acl_entry *pa, *pe;
	struct posix_acl_entry *group_obj = NULL, *mask_obj = NULL;
	umode_t mode = *mode_p;
	int not_equiv = 0;

	/* assert(atomic_read(acl->a_refcount) == 1); */

	FOREACH_ACL_ENTRY(pa, acl, pe) {
		switch (pa->e_tag) {
		case ACL_USER_OBJ:
			pa->e_perm &= (mode >> 6) | ~S_IRWXO;
			mode &= (pa->e_perm << 6) | ~S_IRWXU;
			break;

		case ACL_USER:
		case ACL_GROUP:
			not_equiv = 1;
			break;

		case ACL_GROUP_OBJ:
			group_obj = pa;
			break;

		case ACL_OTHER:
			pa->e_perm &= mode | ~S_IRWXO;
			mode &= pa->e_perm | ~S_IRWXO;
			break;

		case ACL_MASK:
			mask_obj = pa;
			not_equiv = 1;
			break;

		default:
			return -EIO;
		}
	}

	if (mask_obj) {
		mask_obj->e_perm &= (mode >> 3) | ~S_IRWXO;
		mode &= (mask_obj->e_perm << 3) | ~S_IRWXG;
	} else {
		if (!group_obj)
			return -EIO;
		group_obj->e_perm &= (mode >> 3) | ~S_IRWXO;
		mode &= (group_obj->e_perm << 3) | ~S_IRWXG;
	}

	*mode_p = (*mode_p & ~S_IRWXUGO) | mode;
	return not_equiv;
}

static int f2fs_acl_create(struct inode *dir, umode_t *mode,
		struct posix_acl **default_acl, struct posix_acl **acl,
		struct page *dpage)
{
	struct posix_acl *p;
	struct posix_acl *clone;
	int ret;

	*acl = NULL;
	*default_acl = NULL;

	if (S_ISLNK(*mode) || !IS_POSIXACL(dir))
		return 0;

	p = __f2fs_get_acl(dir, ACL_TYPE_DEFAULT, dpage);
	if (!p || p == ERR_PTR(-EOPNOTSUPP)) {
		*mode &= ~current_umask();
		return 0;
	}
	if (IS_ERR(p))
		return PTR_ERR(p);

	clone = f2fs_acl_clone(p, GFP_NOFS);
	if (!clone) {
		ret = -ENOMEM;
		goto release_acl;
	}

	ret = f2fs_acl_create_masq(clone, mode);
	if (ret < 0)
		goto release_clone;

	if (ret == 0)
		posix_acl_release(clone);
	else
		*acl = clone;

	if (!S_ISDIR(*mode))
		posix_acl_release(p);
	else
		*default_acl = p;

	return 0;

release_clone:
	posix_acl_release(clone);
release_acl:
	posix_acl_release(p);
	return ret;
}

int f2fs_init_acl(struct inode *inode, struct inode *dir, struct page *ipage,
							struct page *dpage)
{
	struct posix_acl *default_acl = NULL, *acl = NULL;
	int error;

	error = f2fs_acl_create(dir, &inode->i_mode, &default_acl, &acl, dpage);
	if (error)
		return error;

	f2fs_mark_inode_dirty_sync(inode, true);

	if (default_acl) {
		error = __f2fs_set_acl(NULL, inode, ACL_TYPE_DEFAULT, default_acl,
				       ipage);
		posix_acl_release(default_acl);
	} else {
		inode->i_default_acl = NULL;
	}
	if (acl) {
		if (!error)
			error = __f2fs_set_acl(NULL, inode, ACL_TYPE_ACCESS, acl,
					       ipage);
		posix_acl_release(acl);
	} else {
		inode->i_acl = NULL;
	}

	return error;
}
Commit	Line	Data
7c1a000d	1	// SPDX-License-Identifier: GPL-2.0
0a8165d7	2	/*
af48b85b JK	3	* fs/f2fs/acl.c
	4	*
	5	* Copyright (c) 2012 Samsung Electronics Co., Ltd.
	6	* http://www.samsung.com/
	7	*
	8	* Portions of this code from linux/fs/ext2/acl.c
	9	*
	10	* Copyright (C) 2001-2003 Andreas Gruenbacher, <[email protected]>
af48b85b JK	11	*/
	12	#include <linux/f2fs_fs.h>
	13	#include "f2fs.h"
	14	#include "xattr.h"
	15	#include "acl.h"
	16
af48b85b JK	17	static inline size_t f2fs_acl_size(int count)
	18	{
	19	if (count <= 4) {
	20	return sizeof(struct f2fs_acl_header) +
	21	count * sizeof(struct f2fs_acl_entry_short);
	22	} else {
	23	return sizeof(struct f2fs_acl_header) +
	24	4 * sizeof(struct f2fs_acl_entry_short) +
	25	(count - 4) * sizeof(struct f2fs_acl_entry);
	26	}
	27	}
	28
	29	static inline int f2fs_acl_count(size_t size)
	30	{
	31	ssize_t s;
5f029c04	32
af48b85b JK	33	size -= sizeof(struct f2fs_acl_header);
	34	s = size - 4 * sizeof(struct f2fs_acl_entry_short);
	35	if (s < 0) {
	36	if (size % sizeof(struct f2fs_acl_entry_short))
	37	return -1;
	38	return size / sizeof(struct f2fs_acl_entry_short);
	39	} else {
	40	if (s % sizeof(struct f2fs_acl_entry))
	41	return -1;
	42	return s / sizeof(struct f2fs_acl_entry) + 4;
	43	}
	44	}
	45
	46	static struct posix_acl f2fs_acl_from_disk(const char value, size_t size)
	47	{
	48	int i, count;
	49	struct posix_acl *acl;
	50	struct f2fs_acl_header hdr = (struct f2fs_acl_header )value;
	51	struct f2fs_acl_entry entry = (struct f2fs_acl_entry )(hdr + 1);
	52	const char *end = value + size;
	53
1618e6e2 CX	54	if (size < sizeof(struct f2fs_acl_header))
	55	return ERR_PTR(-EINVAL);
	56
af48b85b JK	57	if (hdr->a_version != cpu_to_le32(F2FS_ACL_VERSION))
	58	return ERR_PTR(-EINVAL);
	59
	60	count = f2fs_acl_count(size);
	61	if (count < 0)
	62	return ERR_PTR(-EINVAL);
	63	if (count == 0)
	64	return NULL;
	65
dd802406	66	acl = posix_acl_alloc(count, GFP_NOFS);
af48b85b JK	67	if (!acl)
	68	return ERR_PTR(-ENOMEM);
	69
	70	for (i = 0; i < count; i++) {
	71
	72	if ((char *)entry > end)
	73	goto fail;
	74
	75	acl->a_entries[i].e_tag = le16_to_cpu(entry->e_tag);
	76	acl->a_entries[i].e_perm = le16_to_cpu(entry->e_perm);
	77
	78	switch (acl->a_entries[i].e_tag) {
	79	case ACL_USER_OBJ:
	80	case ACL_GROUP_OBJ:
	81	case ACL_MASK:
	82	case ACL_OTHER:
af48b85b JK	83	entry = (struct f2fs_acl_entry )((char )entry +
	84	sizeof(struct f2fs_acl_entry_short));
	85	break;
	86
	87	case ACL_USER:
	88	acl->a_entries[i].e_uid =
	89	make_kuid(&init_user_ns,
	90	le32_to_cpu(entry->e_id));
	91	entry = (struct f2fs_acl_entry )((char )entry +
	92	sizeof(struct f2fs_acl_entry));
	93	break;
	94	case ACL_GROUP:
	95	acl->a_entries[i].e_gid =
	96	make_kgid(&init_user_ns,
	97	le32_to_cpu(entry->e_id));
	98	entry = (struct f2fs_acl_entry )((char )entry +
	99	sizeof(struct f2fs_acl_entry));
	100	break;
	101	default:
	102	goto fail;
	103	}
	104	}
	105	if ((char *)entry != end)
	106	goto fail;
	107	return acl;
	108	fail:
	109	posix_acl_release(acl);
	110	return ERR_PTR(-EINVAL);
	111	}
	112
1ecc0c5c CY	113	static void f2fs_acl_to_disk(struct f2fs_sb_info sbi,
1ecc0c5c CY	114	const struct posix_acl acl, size_t size)
af48b85b JK	115	{
	116	struct f2fs_acl_header *f2fs_acl;
	117	struct f2fs_acl_entry *entry;
	118	int i;
	119
1ecc0c5c CY	120	f2fs_acl = f2fs_kmalloc(sbi, sizeof(struct f2fs_acl_header) +
	121	acl->a_count * sizeof(struct f2fs_acl_entry),
	122	GFP_NOFS);
af48b85b JK	123	if (!f2fs_acl)
	124	return ERR_PTR(-ENOMEM);
	125
	126	f2fs_acl->a_version = cpu_to_le32(F2FS_ACL_VERSION);
	127	entry = (struct f2fs_acl_entry *)(f2fs_acl + 1);
	128
	129	for (i = 0; i < acl->a_count; i++) {
	130
	131	entry->e_tag = cpu_to_le16(acl->a_entries[i].e_tag);
	132	entry->e_perm = cpu_to_le16(acl->a_entries[i].e_perm);
	133
	134	switch (acl->a_entries[i].e_tag) {
	135	case ACL_USER:
	136	entry->e_id = cpu_to_le32(
	137	from_kuid(&init_user_ns,
	138	acl->a_entries[i].e_uid));
	139	entry = (struct f2fs_acl_entry )((char )entry +
	140	sizeof(struct f2fs_acl_entry));
	141	break;
	142	case ACL_GROUP:
	143	entry->e_id = cpu_to_le32(
	144	from_kgid(&init_user_ns,
	145	acl->a_entries[i].e_gid));
	146	entry = (struct f2fs_acl_entry )((char )entry +
	147	sizeof(struct f2fs_acl_entry));
	148	break;
	149	case ACL_USER_OBJ:
	150	case ACL_GROUP_OBJ:
	151	case ACL_MASK:
	152	case ACL_OTHER:
	153	entry = (struct f2fs_acl_entry )((char )entry +
	154	sizeof(struct f2fs_acl_entry_short));
	155	break;
	156	default:
	157	goto fail;
	158	}
	159	}
	160	*size = f2fs_acl_size(acl->a_count);
	161	return (void *)f2fs_acl;
	162
	163	fail:
c8eb7024	164	kfree(f2fs_acl);
af48b85b JK	165	return ERR_PTR(-EINVAL);
	166	}
	167
bce8d112 JK	168	static struct posix_acl __f2fs_get_acl(struct inode inode, int type,
bce8d112 JK	169	struct page *dpage)
af48b85b	170	{
af48b85b JK	171	int name_index = F2FS_XATTR_INDEX_POSIX_ACL_DEFAULT;
	172	void *value = NULL;
	173	struct posix_acl *acl;
	174	int retval;
	175
af48b85b JK	176	if (type == ACL_TYPE_ACCESS)
	177	name_index = F2FS_XATTR_INDEX_POSIX_ACL_ACCESS;
	178
bce8d112	179	retval = f2fs_getxattr(inode, name_index, "", NULL, 0, dpage);
af48b85b	180	if (retval > 0) {
1ecc0c5c	181	value = f2fs_kmalloc(F2FS_I_SB(inode), retval, GFP_F2FS_ZERO);
af48b85b JK	182	if (!value)
af48b85b JK	183	return ERR_PTR(-ENOMEM);
bce8d112 JK	184	retval = f2fs_getxattr(inode, name_index, "", value,
bce8d112 JK	185	retval, dpage);
af48b85b JK	186	}
af48b85b JK	187
c1b75eab	188	if (retval > 0)
af48b85b	189	acl = f2fs_acl_from_disk(value, retval);
c1b75eab JK	190	else if (retval == -ENODATA)
	191	acl = NULL;
	192	else
	193	acl = ERR_PTR(retval);
c8eb7024	194	kfree(value);
c1b75eab	195
af48b85b JK	196	return acl;
	197	}
	198
0cad6246	199	struct posix_acl f2fs_get_acl(struct inode inode, int type, bool rcu)
bce8d112	200	{
0cad6246 MS	201	if (rcu)
	202	return ERR_PTR(-ECHILD);
	203
bce8d112 JK	204	return __f2fs_get_acl(inode, type, NULL);
	205	}
	206
9452e93e	207	static int f2fs_acl_update_mode(struct mnt_idmap *idmap,
984fc4e7 CY	208	struct inode inode, umode_t mode_p,
984fc4e7 CY	209	struct posix_acl **acl)
17232e83 CY	210	{
	211	umode_t mode = inode->i_mode;
	212	int error;
	213
	214	if (is_inode_flag_set(inode, FI_ACL_MODE))
	215	mode = F2FS_I(inode)->i_acl_mode;
	216
	217	error = posix_acl_equiv_mode(*acl, &mode);
	218	if (error < 0)
	219	return error;
	220	if (error == 0)
	221	*acl = NULL;
e67fe633	222	if (!vfsgid_in_group_p(i_gid_into_vfsgid(idmap, inode)) &&
9452e93e	223	!capable_wrt_inode_uidgid(idmap, inode, CAP_FSETID))
17232e83 CY	224	mode &= ~S_ISGID;
	225	*mode_p = mode;
	226	return 0;
	227	}
	228
9452e93e	229	static int __f2fs_set_acl(struct mnt_idmap *idmap,
984fc4e7	230	struct inode *inode, int type,
2ed2d5b3	231	struct posix_acl acl, struct page ipage)
af48b85b	232	{
af48b85b JK	233	int name_index;
	234	void *value = NULL;
	235	size_t size = 0;
	236	int error;
14af20fc	237	umode_t mode = inode->i_mode;
af48b85b	238
af48b85b JK	239	switch (type) {
	240	case ACL_TYPE_ACCESS:
	241	name_index = F2FS_XATTR_INDEX_POSIX_ACL_ACCESS;
c925dc16	242	if (acl && !ipage) {
9452e93e	243	error = f2fs_acl_update_mode(idmap, inode,
984fc4e7	244	&mode, &acl);
07393101	245	if (error)
af48b85b	246	return error;
14af20fc	247	set_acl_inode(inode, mode);
af48b85b JK	248	}
	249	break;
	250
	251	case ACL_TYPE_DEFAULT:
	252	name_index = F2FS_XATTR_INDEX_POSIX_ACL_DEFAULT;
	253	if (!S_ISDIR(inode->i_mode))
	254	return acl ? -EACCES : 0;
	255	break;
	256
	257	default:
	258	return -EINVAL;
	259	}
	260
	261	if (acl) {
1ecc0c5c	262	value = f2fs_acl_to_disk(F2FS_I_SB(inode), acl, &size);
af48b85b	263	if (IS_ERR(value)) {
91942321	264	clear_inode_flag(inode, FI_ACL_MODE);
68390dd9	265	return PTR_ERR(value);
af48b85b JK	266	}
	267	}
	268
c02745ef	269	error = f2fs_setxattr(inode, name_index, "", value, size, ipage, 0);
af48b85b	270
c8eb7024	271	kfree(value);
af48b85b JK	272	if (!error)
	273	set_cached_acl(inode, type, acl);
	274
91942321	275	clear_inode_flag(inode, FI_ACL_MODE);
af48b85b JK	276	return error;
	277	}
	278
13e83a49	279	int f2fs_set_acl(struct mnt_idmap idmap, struct dentry dentry,
549c7297	280	struct posix_acl *acl, int type)
af48b85b	281	{
138060ba CB	282	struct inode *inode = d_inode(dentry);
138060ba CB	283
1f227a3e JK	284	if (unlikely(f2fs_cp_error(F2FS_I_SB(inode))))
	285	return -EIO;
	286
9452e93e	287	return __f2fs_set_acl(idmap, inode, type, acl, NULL);
af48b85b JK	288	}
af48b85b JK	289
bce8d112 JK	290	/*
	291	* Most part of f2fs_acl_clone, f2fs_acl_create_masq, f2fs_acl_create
	292	* are copied from posix_acl.c
	293	*/
	294	static struct posix_acl f2fs_acl_clone(const struct posix_acl acl,
	295	gfp_t flags)
	296	{
	297	struct posix_acl *clone = NULL;
	298
	299	if (acl) {
	300	int size = sizeof(struct posix_acl) + acl->a_count *
	301	sizeof(struct posix_acl_entry);
	302	clone = kmemdup(acl, size, flags);
	303	if (clone)
66717260	304	refcount_set(&clone->a_refcount, 1);
bce8d112 JK	305	}
	306	return clone;
	307	}
	308
	309	static int f2fs_acl_create_masq(struct posix_acl acl, umode_t mode_p)
	310	{
	311	struct posix_acl_entry pa, pe;
	312	struct posix_acl_entry group_obj = NULL, mask_obj = NULL;
	313	umode_t mode = *mode_p;
	314	int not_equiv = 0;
	315
	316	/* assert(atomic_read(acl->a_refcount) == 1); */
	317
	318	FOREACH_ACL_ENTRY(pa, acl, pe) {
c456362b	319	switch (pa->e_tag) {
bce8d112 JK	320	case ACL_USER_OBJ:
	321	pa->e_perm &= (mode >> 6) \| ~S_IRWXO;
	322	mode &= (pa->e_perm << 6) \| ~S_IRWXU;
	323	break;
	324
	325	case ACL_USER:
	326	case ACL_GROUP:
	327	not_equiv = 1;
	328	break;
	329
	330	case ACL_GROUP_OBJ:
	331	group_obj = pa;
	332	break;
	333
	334	case ACL_OTHER:
	335	pa->e_perm &= mode \| ~S_IRWXO;
	336	mode &= pa->e_perm \| ~S_IRWXO;
	337	break;
	338
	339	case ACL_MASK:
	340	mask_obj = pa;
	341	not_equiv = 1;
	342	break;
	343
	344	default:
	345	return -EIO;
	346	}
	347	}
	348
	349	if (mask_obj) {
	350	mask_obj->e_perm &= (mode >> 3) \| ~S_IRWXO;
	351	mode &= (mask_obj->e_perm << 3) \| ~S_IRWXG;
	352	} else {
	353	if (!group_obj)
	354	return -EIO;
	355	group_obj->e_perm &= (mode >> 3) \| ~S_IRWXO;
	356	mode &= (group_obj->e_perm << 3) \| ~S_IRWXG;
	357	}
	358
	359	mode_p = (mode_p & ~S_IRWXUGO) \| mode;
3a912b77	360	return not_equiv;
bce8d112 JK	361	}
	362
	363	static int f2fs_acl_create(struct inode dir, umode_t mode,
	364	struct posix_acl default_acl, struct posix_acl acl,
	365	struct page *dpage)
	366	{
	367	struct posix_acl *p;
272e083f	368	struct posix_acl *clone;
bce8d112 JK	369	int ret;
bce8d112 JK	370
272e083f CY	371	*acl = NULL;
	372	*default_acl = NULL;
	373
bce8d112	374	if (S_ISLNK(*mode) \|\| !IS_POSIXACL(dir))
272e083f	375	return 0;
bce8d112 JK	376
bce8d112 JK	377	p = __f2fs_get_acl(dir, ACL_TYPE_DEFAULT, dpage);
272e083f CY	378	if (!p \|\| p == ERR_PTR(-EOPNOTSUPP)) {
	379	*mode &= ~current_umask();
	380	return 0;
bce8d112	381	}
272e083f CY	382	if (IS_ERR(p))
272e083f CY	383	return PTR_ERR(p);
bce8d112	384
272e083f	385	clone = f2fs_acl_clone(p, GFP_NOFS);
f6176473 TY	386	if (!clone) {
	387	ret = -ENOMEM;
	388	goto release_acl;
	389	}
bce8d112	390
272e083f	391	ret = f2fs_acl_create_masq(clone, mode);
83dfe53c	392	if (ret < 0)
f6176473	393	goto release_clone;
bce8d112	394
272e083f CY	395	if (ret == 0)
	396	posix_acl_release(clone);
	397	else
	398	*acl = clone;
bce8d112	399
272e083f	400	if (!S_ISDIR(*mode))
bce8d112	401	posix_acl_release(p);
272e083f	402	else
bce8d112	403	*default_acl = p;
bce8d112	404
bce8d112	405	return 0;
83dfe53c	406
f6176473	407	release_clone:
272e083f	408	posix_acl_release(clone);
f6176473	409	release_acl:
83dfe53c	410	posix_acl_release(p);
f6176473	411	return ret;
bce8d112 JK	412	}
	413
	414	int f2fs_init_acl(struct inode inode, struct inode dir, struct page *ipage,
	415	struct page *dpage)
af48b85b	416	{
bce8d112	417	struct posix_acl default_acl = NULL, acl = NULL;
beb78181	418	int error;
af48b85b	419
bce8d112	420	error = f2fs_acl_create(dir, &inode->i_mode, &default_acl, &acl, dpage);
af48b85b JK	421	if (error)
af48b85b JK	422	return error;
b8b60e1a	423
7c45729a	424	f2fs_mark_inode_dirty_sync(inode, true);
205b9822	425
a6dda0e6	426	if (default_acl) {
984fc4e7	427	error = __f2fs_set_acl(NULL, inode, ACL_TYPE_DEFAULT, default_acl,
a6dda0e6 CH	428	ipage);
a6dda0e6 CH	429	posix_acl_release(default_acl);
313ed62a CX	430	} else {
313ed62a CX	431	inode->i_default_acl = NULL;
a6dda0e6 CH	432	}
a6dda0e6 CH	433	if (acl) {
3b6709b7	434	if (!error)
984fc4e7	435	error = __f2fs_set_acl(NULL, inode, ACL_TYPE_ACCESS, acl,
a6dda0e6 CH	436	ipage);
a6dda0e6 CH	437	posix_acl_release(acl);
313ed62a CX	438	} else {
313ed62a CX	439	inode->i_acl = NULL;
af48b85b JK	440	}
af48b85b JK	441
af48b85b JK	442	return error;
af48b85b JK	443	}