1 // SPDX-License-Identifier: LGPL-2.1 2 /* 3 * 4 * Copyright (c) International Business Machines Corp., 2003, 2007 5 * Author(s): Steve French (sfrench@us.ibm.com) 6 * 7 */ 8 9 #include <linux/fs.h> 10 #include <linux/posix_acl_xattr.h> 11 #include <linux/slab.h> 12 #include <linux/xattr.h> 13 #include "cifsfs.h" 14 #include "cifspdu.h" 15 #include "cifsglob.h" 16 #include "cifsproto.h" 17 #include "cifs_debug.h" 18 #include "cifs_fs_sb.h" 19 #include "cifs_unicode.h" 20 #include "cifs_ioctl.h" 21 22 #define MAX_EA_VALUE_SIZE CIFSMaxBufSize 23 #define CIFS_XATTR_CIFS_ACL "system.cifs_acl" /* DACL only */ 24 #define CIFS_XATTR_CIFS_NTSD "system.cifs_ntsd" /* owner plus DACL */ 25 #define CIFS_XATTR_CIFS_NTSD_FULL "system.cifs_ntsd_full" /* owner/DACL/SACL */ 26 #define CIFS_XATTR_ATTRIB "cifs.dosattrib" /* full name: user.cifs.dosattrib */ 27 #define CIFS_XATTR_CREATETIME "cifs.creationtime" /* user.cifs.creationtime */ 28 /* 29 * Although these three are just aliases for the above, need to move away from 30 * confusing users and using the 20+ year old term 'cifs' when it is no longer 31 * secure, replaced by SMB2 (then even more highly secure SMB3) many years ago 32 */ 33 #define SMB3_XATTR_CIFS_ACL "system.smb3_acl" /* DACL only */ 34 #define SMB3_XATTR_CIFS_NTSD_SACL "system.smb3_ntsd_sacl" /* SACL only */ 35 #define SMB3_XATTR_CIFS_NTSD "system.smb3_ntsd" /* owner plus DACL */ 36 #define SMB3_XATTR_CIFS_NTSD_FULL "system.smb3_ntsd_full" /* owner/DACL/SACL */ 37 #define SMB3_XATTR_ATTRIB "smb3.dosattrib" /* full name: user.smb3.dosattrib */ 38 #define SMB3_XATTR_CREATETIME "smb3.creationtime" /* user.smb3.creationtime */ 39 /* BB need to add server (Samba e.g) support for security and trusted prefix */ 40 41 enum { XATTR_USER, XATTR_CIFS_ACL, XATTR_ACL_ACCESS, XATTR_ACL_DEFAULT, 42 XATTR_CIFS_NTSD_SACL, 43 XATTR_CIFS_NTSD, XATTR_CIFS_NTSD_FULL }; 44 45 static int cifs_attrib_set(unsigned int xid, struct cifs_tcon *pTcon, 46 struct inode *inode, const char *full_path, 47 const void *value, size_t size) 48 { 49 ssize_t rc = -EOPNOTSUPP; 50 __u32 *pattrib = (__u32 *)value; 51 __u32 attrib; 52 FILE_BASIC_INFO info_buf; 53 54 if ((value == NULL) || (size != sizeof(__u32))) 55 return -ERANGE; 56 57 memset(&info_buf, 0, sizeof(info_buf)); 58 attrib = *pattrib; 59 info_buf.Attributes = cpu_to_le32(attrib); 60 if (pTcon->ses->server->ops->set_file_info) 61 rc = pTcon->ses->server->ops->set_file_info(inode, full_path, 62 &info_buf, xid); 63 if (rc == 0) 64 CIFS_I(inode)->cifsAttrs = attrib; 65 66 return rc; 67 } 68 69 static int cifs_creation_time_set(unsigned int xid, struct cifs_tcon *pTcon, 70 struct inode *inode, const char *full_path, 71 const void *value, size_t size) 72 { 73 ssize_t rc = -EOPNOTSUPP; 74 __u64 *pcreation_time = (__u64 *)value; 75 __u64 creation_time; 76 FILE_BASIC_INFO info_buf; 77 78 if ((value == NULL) || (size != sizeof(__u64))) 79 return -ERANGE; 80 81 memset(&info_buf, 0, sizeof(info_buf)); 82 creation_time = *pcreation_time; 83 info_buf.CreationTime = cpu_to_le64(creation_time); 84 if (pTcon->ses->server->ops->set_file_info) 85 rc = pTcon->ses->server->ops->set_file_info(inode, full_path, 86 &info_buf, xid); 87 if (rc == 0) 88 CIFS_I(inode)->createtime = creation_time; 89 90 return rc; 91 } 92 93 static int cifs_xattr_set(const struct xattr_handler *handler, 94 struct mnt_idmap *idmap, 95 struct dentry *dentry, struct inode *inode, 96 const char *name, const void *value, 97 size_t size, int flags) 98 { 99 int rc = -EOPNOTSUPP; 100 unsigned int xid; 101 struct super_block *sb = dentry->d_sb; 102 struct cifs_sb_info *cifs_sb = CIFS_SB(sb); 103 struct tcon_link *tlink; 104 struct cifs_tcon *pTcon; 105 const char *full_path; 106 void *page; 107 108 tlink = cifs_sb_tlink(cifs_sb); 109 if (IS_ERR(tlink)) 110 return PTR_ERR(tlink); 111 pTcon = tlink_tcon(tlink); 112 113 xid = get_xid(); 114 page = alloc_dentry_path(); 115 116 full_path = build_path_from_dentry(dentry, page); 117 if (IS_ERR(full_path)) { 118 rc = PTR_ERR(full_path); 119 goto out; 120 } 121 /* return dos attributes as pseudo xattr */ 122 /* return alt name if available as pseudo attr */ 123 124 /* if proc/fs/cifs/streamstoxattr is set then 125 search server for EAs or streams to 126 returns as xattrs */ 127 if (size > MAX_EA_VALUE_SIZE) { 128 cifs_dbg(FYI, "size of EA value too large\n"); 129 rc = -EOPNOTSUPP; 130 goto out; 131 } 132 133 switch (handler->flags) { 134 case XATTR_USER: 135 cifs_dbg(FYI, "%s:setting user xattr %s\n", __func__, name); 136 if ((strcmp(name, CIFS_XATTR_ATTRIB) == 0) || 137 (strcmp(name, SMB3_XATTR_ATTRIB) == 0)) { 138 rc = cifs_attrib_set(xid, pTcon, inode, full_path, 139 value, size); 140 if (rc == 0) /* force revalidate of the inode */ 141 CIFS_I(inode)->time = 0; 142 break; 143 } else if ((strcmp(name, CIFS_XATTR_CREATETIME) == 0) || 144 (strcmp(name, SMB3_XATTR_CREATETIME) == 0)) { 145 rc = cifs_creation_time_set(xid, pTcon, inode, 146 full_path, value, size); 147 if (rc == 0) /* force revalidate of the inode */ 148 CIFS_I(inode)->time = 0; 149 break; 150 } 151 152 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NO_XATTR) 153 goto out; 154 155 if (pTcon->ses->server->ops->set_EA) { 156 rc = pTcon->ses->server->ops->set_EA(xid, pTcon, 157 full_path, name, value, (__u16)size, 158 cifs_sb->local_nls, cifs_sb); 159 if (rc == 0) 160 inode_set_ctime_current(inode); 161 } 162 break; 163 164 case XATTR_CIFS_ACL: 165 case XATTR_CIFS_NTSD_SACL: 166 case XATTR_CIFS_NTSD: 167 case XATTR_CIFS_NTSD_FULL: { 168 struct smb_ntsd *pacl; 169 170 if (!value) 171 goto out; 172 pacl = kmalloc(size, GFP_KERNEL); 173 if (!pacl) { 174 rc = -ENOMEM; 175 } else { 176 memcpy(pacl, value, size); 177 if (pTcon->ses->server->ops->set_acl) { 178 int aclflags = 0; 179 rc = 0; 180 181 switch (handler->flags) { 182 case XATTR_CIFS_NTSD_FULL: 183 aclflags = (CIFS_ACL_OWNER | 184 CIFS_ACL_GROUP | 185 CIFS_ACL_DACL | 186 CIFS_ACL_SACL); 187 break; 188 case XATTR_CIFS_NTSD: 189 aclflags = (CIFS_ACL_OWNER | 190 CIFS_ACL_GROUP | 191 CIFS_ACL_DACL); 192 break; 193 case XATTR_CIFS_NTSD_SACL: 194 aclflags = CIFS_ACL_SACL; 195 break; 196 case XATTR_CIFS_ACL: 197 default: 198 aclflags = CIFS_ACL_DACL; 199 } 200 201 rc = pTcon->ses->server->ops->set_acl(pacl, 202 size, inode, full_path, aclflags); 203 } else { 204 rc = -EOPNOTSUPP; 205 } 206 if (rc == 0) /* force revalidate of the inode */ 207 CIFS_I(inode)->time = 0; 208 kfree(pacl); 209 } 210 break; 211 } 212 } 213 214 out: 215 free_dentry_path(page); 216 free_xid(xid); 217 cifs_put_tlink(tlink); 218 return rc; 219 } 220 221 static int cifs_attrib_get(struct dentry *dentry, 222 struct inode *inode, void *value, 223 size_t size) 224 { 225 ssize_t rc; 226 __u32 *pattribute; 227 228 rc = cifs_revalidate_dentry_attr(dentry); 229 230 if (rc) 231 return rc; 232 233 if ((value == NULL) || (size == 0)) 234 return sizeof(__u32); 235 else if (size < sizeof(__u32)) 236 return -ERANGE; 237 238 /* return dos attributes as pseudo xattr */ 239 pattribute = (__u32 *)value; 240 *pattribute = CIFS_I(inode)->cifsAttrs; 241 242 return sizeof(__u32); 243 } 244 245 static int cifs_creation_time_get(struct dentry *dentry, struct inode *inode, 246 void *value, size_t size) 247 { 248 ssize_t rc; 249 __u64 *pcreatetime; 250 251 rc = cifs_revalidate_dentry_attr(dentry); 252 if (rc) 253 return rc; 254 255 if ((value == NULL) || (size == 0)) 256 return sizeof(__u64); 257 else if (size < sizeof(__u64)) 258 return -ERANGE; 259 260 /* return dos attributes as pseudo xattr */ 261 pcreatetime = (__u64 *)value; 262 *pcreatetime = CIFS_I(inode)->createtime; 263 return sizeof(__u64); 264 } 265 266 267 static int cifs_xattr_get(const struct xattr_handler *handler, 268 struct dentry *dentry, struct inode *inode, 269 const char *name, void *value, size_t size) 270 { 271 ssize_t rc = -EOPNOTSUPP; 272 unsigned int xid; 273 struct super_block *sb = dentry->d_sb; 274 struct cifs_sb_info *cifs_sb = CIFS_SB(sb); 275 struct tcon_link *tlink; 276 struct cifs_tcon *pTcon; 277 const char *full_path; 278 void *page; 279 280 tlink = cifs_sb_tlink(cifs_sb); 281 if (IS_ERR(tlink)) 282 return PTR_ERR(tlink); 283 pTcon = tlink_tcon(tlink); 284 285 xid = get_xid(); 286 page = alloc_dentry_path(); 287 288 full_path = build_path_from_dentry(dentry, page); 289 if (IS_ERR(full_path)) { 290 rc = PTR_ERR(full_path); 291 goto out; 292 } 293 294 /* return alt name if available as pseudo attr */ 295 switch (handler->flags) { 296 case XATTR_USER: 297 cifs_dbg(FYI, "%s:querying user xattr %s\n", __func__, name); 298 if ((strcmp(name, CIFS_XATTR_ATTRIB) == 0) || 299 (strcmp(name, SMB3_XATTR_ATTRIB) == 0)) { 300 rc = cifs_attrib_get(dentry, inode, value, size); 301 break; 302 } else if ((strcmp(name, CIFS_XATTR_CREATETIME) == 0) || 303 (strcmp(name, SMB3_XATTR_CREATETIME) == 0)) { 304 rc = cifs_creation_time_get(dentry, inode, value, size); 305 break; 306 } 307 308 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NO_XATTR) 309 goto out; 310 311 if (pTcon->ses->server->ops->query_all_EAs) 312 rc = pTcon->ses->server->ops->query_all_EAs(xid, pTcon, 313 full_path, name, value, size, cifs_sb); 314 break; 315 316 case XATTR_CIFS_ACL: 317 case XATTR_CIFS_NTSD_SACL: 318 case XATTR_CIFS_NTSD: 319 case XATTR_CIFS_NTSD_FULL: { 320 /* 321 * fetch owner, DACL, and SACL if asked for full descriptor, 322 * fetch owner and DACL otherwise 323 */ 324 u32 acllen, extra_info; 325 struct smb_ntsd *pacl; 326 327 if (pTcon->ses->server->ops->get_acl == NULL) 328 goto out; /* rc already EOPNOTSUPP */ 329 330 switch (handler->flags) { 331 case XATTR_CIFS_NTSD_FULL: 332 extra_info = OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO | SACL_SECINFO; 333 break; 334 case XATTR_CIFS_NTSD: 335 extra_info = OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO; 336 break; 337 case XATTR_CIFS_NTSD_SACL: 338 extra_info = SACL_SECINFO; 339 break; 340 case XATTR_CIFS_ACL: 341 default: 342 extra_info = DACL_SECINFO; 343 break; 344 } 345 pacl = pTcon->ses->server->ops->get_acl(cifs_sb, 346 inode, full_path, &acllen, extra_info); 347 if (IS_ERR(pacl)) { 348 rc = PTR_ERR(pacl); 349 cifs_dbg(VFS, "%s: error %zd getting sec desc\n", 350 __func__, rc); 351 } else { 352 if (value) { 353 if (acllen > size) 354 acllen = -ERANGE; 355 else 356 memcpy(value, pacl, acllen); 357 } 358 rc = acllen; 359 kfree(pacl); 360 } 361 break; 362 } 363 } 364 365 /* We could add an additional check for streams ie 366 if proc/fs/cifs/streamstoxattr is set then 367 search server for EAs or streams to 368 returns as xattrs */ 369 370 if (rc == -EINVAL) 371 rc = -EOPNOTSUPP; 372 373 out: 374 free_dentry_path(page); 375 free_xid(xid); 376 cifs_put_tlink(tlink); 377 return rc; 378 } 379 380 ssize_t cifs_listxattr(struct dentry *direntry, char *data, size_t buf_size) 381 { 382 ssize_t rc = -EOPNOTSUPP; 383 unsigned int xid; 384 struct cifs_sb_info *cifs_sb = CIFS_SB(direntry->d_sb); 385 struct tcon_link *tlink; 386 struct cifs_tcon *pTcon; 387 const char *full_path; 388 void *page; 389 390 if (unlikely(cifs_forced_shutdown(cifs_sb))) 391 return -EIO; 392 393 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NO_XATTR) 394 return -EOPNOTSUPP; 395 396 tlink = cifs_sb_tlink(cifs_sb); 397 if (IS_ERR(tlink)) 398 return PTR_ERR(tlink); 399 pTcon = tlink_tcon(tlink); 400 401 xid = get_xid(); 402 page = alloc_dentry_path(); 403 404 full_path = build_path_from_dentry(direntry, page); 405 if (IS_ERR(full_path)) { 406 rc = PTR_ERR(full_path); 407 goto list_ea_exit; 408 } 409 /* return dos attributes as pseudo xattr */ 410 /* return alt name if available as pseudo attr */ 411 412 /* if proc/fs/cifs/streamstoxattr is set then 413 search server for EAs or streams to 414 returns as xattrs */ 415 416 if (pTcon->ses->server->ops->query_all_EAs) 417 rc = pTcon->ses->server->ops->query_all_EAs(xid, pTcon, 418 full_path, NULL, data, buf_size, cifs_sb); 419 list_ea_exit: 420 free_dentry_path(page); 421 free_xid(xid); 422 cifs_put_tlink(tlink); 423 return rc; 424 } 425 426 static const struct xattr_handler cifs_user_xattr_handler = { 427 .prefix = XATTR_USER_PREFIX, 428 .flags = XATTR_USER, 429 .get = cifs_xattr_get, 430 .set = cifs_xattr_set, 431 }; 432 433 /* os2.* attributes are treated like user.* attributes */ 434 static const struct xattr_handler cifs_os2_xattr_handler = { 435 .prefix = XATTR_OS2_PREFIX, 436 .flags = XATTR_USER, 437 .get = cifs_xattr_get, 438 .set = cifs_xattr_set, 439 }; 440 441 static const struct xattr_handler cifs_cifs_acl_xattr_handler = { 442 .name = CIFS_XATTR_CIFS_ACL, 443 .flags = XATTR_CIFS_ACL, 444 .get = cifs_xattr_get, 445 .set = cifs_xattr_set, 446 }; 447 448 /* 449 * Although this is just an alias for the above, need to move away from 450 * confusing users and using the 20 year old term 'cifs' when it is no 451 * longer secure and was replaced by SMB2/SMB3 a long time ago, and 452 * SMB3 and later are highly secure. 453 */ 454 static const struct xattr_handler smb3_acl_xattr_handler = { 455 .name = SMB3_XATTR_CIFS_ACL, 456 .flags = XATTR_CIFS_ACL, 457 .get = cifs_xattr_get, 458 .set = cifs_xattr_set, 459 }; 460 461 static const struct xattr_handler smb3_ntsd_sacl_xattr_handler = { 462 .name = SMB3_XATTR_CIFS_NTSD_SACL, 463 .flags = XATTR_CIFS_NTSD_SACL, 464 .get = cifs_xattr_get, 465 .set = cifs_xattr_set, 466 }; 467 468 static const struct xattr_handler cifs_cifs_ntsd_xattr_handler = { 469 .name = CIFS_XATTR_CIFS_NTSD, 470 .flags = XATTR_CIFS_NTSD, 471 .get = cifs_xattr_get, 472 .set = cifs_xattr_set, 473 }; 474 475 /* 476 * Although this is just an alias for the above, need to move away from 477 * confusing users and using the 20 year old term 'cifs' when it is no 478 * longer secure and was replaced by SMB2/SMB3 a long time ago, and 479 * SMB3 and later are highly secure. 480 */ 481 static const struct xattr_handler smb3_ntsd_xattr_handler = { 482 .name = SMB3_XATTR_CIFS_NTSD, 483 .flags = XATTR_CIFS_NTSD, 484 .get = cifs_xattr_get, 485 .set = cifs_xattr_set, 486 }; 487 488 static const struct xattr_handler cifs_cifs_ntsd_full_xattr_handler = { 489 .name = CIFS_XATTR_CIFS_NTSD_FULL, 490 .flags = XATTR_CIFS_NTSD_FULL, 491 .get = cifs_xattr_get, 492 .set = cifs_xattr_set, 493 }; 494 495 /* 496 * Although this is just an alias for the above, need to move away from 497 * confusing users and using the 20 year old term 'cifs' when it is no 498 * longer secure and was replaced by SMB2/SMB3 a long time ago, and 499 * SMB3 and later are highly secure. 500 */ 501 static const struct xattr_handler smb3_ntsd_full_xattr_handler = { 502 .name = SMB3_XATTR_CIFS_NTSD_FULL, 503 .flags = XATTR_CIFS_NTSD_FULL, 504 .get = cifs_xattr_get, 505 .set = cifs_xattr_set, 506 }; 507 508 const struct xattr_handler * const cifs_xattr_handlers[] = { 509 &cifs_user_xattr_handler, 510 &cifs_os2_xattr_handler, 511 &cifs_cifs_acl_xattr_handler, 512 &smb3_acl_xattr_handler, /* alias for above since avoiding "cifs" */ 513 &smb3_ntsd_sacl_xattr_handler, 514 &cifs_cifs_ntsd_xattr_handler, 515 &smb3_ntsd_xattr_handler, /* alias for above since avoiding "cifs" */ 516 &cifs_cifs_ntsd_full_xattr_handler, 517 &smb3_ntsd_full_xattr_handler, /* alias for above since avoiding "cifs" */ 518 NULL 519 }; 520