1	// SPDX-License-Identifier: GPL-2.0
2	/*
3	* linux/fs/ext4/xattr.c
4	*
5	* Copyright (C) 2001-2003 Andreas Gruenbacher, <agruen@suse.de>
6	*
7	* Fix by Harrison Xing <harrison@mountainviewdata.com>.
8	* Ext4 code with a lot of help from Eric Jarman <ejarman@acm.org>.
9	* Extended attributes for symlinks and special files added per
10	* suggestion of Luka Renko <luka.renko@hermes.si>.
11	* xattr consolidation Copyright (c) 2004 James Morris <jmorris@redhat.com>,
12	* Red Hat Inc.
13	* ea-in-inode support by Alex Tomas <alex@clusterfs.com> aka bzzz
14	* and Andreas Gruenbacher <agruen@suse.de>.
15	*/
16
17	/*
18	* Extended attributes are stored directly in inodes (on file systems with
19	* inodes bigger than 128 bytes) and on additional disk blocks. The i_file_acl
20	* field contains the block number if an inode uses an additional block. All
21	* attributes must fit in the inode and one additional block. Blocks that
22	* contain the identical set of attributes may be shared among several inodes.
23	* Identical blocks are detected by keeping a cache of blocks that have
24	* recently been accessed.
25	*
26	* The attributes in inodes and on blocks have a different header; the entries
27	* are stored in the same format:
28	*
29	* +------------------+
30	* | header |
31	* | entry 1 | |
32	* | entry 2 | | growing downwards
33	* | entry 3 | v
34	* | four null bytes |
35	* | . . . |
36	* | value 1 | ^
37	* | value 3 | | growing upwards
38	* | value 2 | |
39	* +------------------+
40	*
41	* The header is followed by multiple entry descriptors. In disk blocks, the
42	* entry descriptors are kept sorted. In inodes, they are unsorted. The
43	* attribute values are aligned to the end of the block in no specific order.
44	*
45	* Locking strategy
46	* ----------------
47	* EXT4_I(inode)->i_file_acl is protected by EXT4_I(inode)->xattr_sem.
48	* EA blocks are only changed if they are exclusive to an inode, so
49	* holding xattr_sem also means that nothing but the EA block's reference
50	* count can change. Multiple writers to the same block are synchronized
51	* by the buffer lock.
52	*/
53
54	#include <linux/init.h>
55	#include <linux/fs.h>
56	#include <linux/slab.h>
57	#include <linux/mbcache.h>
58	#include <linux/quotaops.h>
59	#include <linux/iversion.h>
60	#include "ext4_jbd2.h"
61	#include "ext4.h"
62	#include "xattr.h"
63	#include "acl.h"
64
65	#ifdef EXT4_XATTR_DEBUG
66	# define ea_idebug(inode, fmt, ...) \
67	printk(KERN_DEBUG "inode %s:%lu: " fmt "\n", \
68	inode->i_sb->s_id, inode->i_ino, ##__VA_ARGS__)
69	# define ea_bdebug(bh, fmt, ...) \
70	printk(KERN_DEBUG "block %pg:%lu: " fmt "\n", \
71	bh->b_bdev, (unsigned long)bh->b_blocknr, ##__VA_ARGS__)
72	#else
73	# define ea_idebug(inode, fmt, ...) no_printk(fmt, ##__VA_ARGS__)
74	# define ea_bdebug(bh, fmt, ...) no_printk(fmt, ##__VA_ARGS__)
75	#endif
76
77	static void ext4_xattr_block_cache_insert(struct mb_cache *,
78	struct buffer_head *);
79	static struct buffer_head *
80	ext4_xattr_block_cache_find(struct inode *, struct ext4_xattr_header *,
81	struct mb_cache_entry **);
82	static __le32 ext4_xattr_hash_entry(char *name, size_t name_len, __le32 *value,
83	size_t value_count);
84	static __le32 ext4_xattr_hash_entry_signed(char *name, size_t name_len, __le32 *value,
85	size_t value_count);
86	static void ext4_xattr_rehash(struct ext4_xattr_header *);
87
88	static const struct xattr_handler * const ext4_xattr_handler_map[] = {
89	[EXT4_XATTR_INDEX_USER] = &ext4_xattr_user_handler,
90	#ifdef CONFIG_EXT4_FS_POSIX_ACL
91	[EXT4_XATTR_INDEX_POSIX_ACL_ACCESS] = &nop_posix_acl_access,
92	[EXT4_XATTR_INDEX_POSIX_ACL_DEFAULT] = &nop_posix_acl_default,
93	#endif
94	[EXT4_XATTR_INDEX_TRUSTED] = &ext4_xattr_trusted_handler,
95	#ifdef CONFIG_EXT4_FS_SECURITY
96	[EXT4_XATTR_INDEX_SECURITY] = &ext4_xattr_security_handler,
97	#endif
98	[EXT4_XATTR_INDEX_HURD] = &ext4_xattr_hurd_handler,
99	};
100
101	const struct xattr_handler * const ext4_xattr_handlers[] = {
102	&ext4_xattr_user_handler,
103	&ext4_xattr_trusted_handler,
104	#ifdef CONFIG_EXT4_FS_SECURITY
105	&ext4_xattr_security_handler,
106	#endif
107	&ext4_xattr_hurd_handler,
108	NULL
109	};
110
111	#define EA_BLOCK_CACHE(inode) (((struct ext4_sb_info *) \
112	inode->i_sb->s_fs_info)->s_ea_block_cache)
113
114	#define EA_INODE_CACHE(inode) (((struct ext4_sb_info *) \
115	inode->i_sb->s_fs_info)->s_ea_inode_cache)
116
117	static int
118	ext4_expand_inode_array(struct ext4_xattr_inode_array **ea_inode_array,
119	struct inode *inode);
120
121	#ifdef CONFIG_LOCKDEP
122	void ext4_xattr_inode_set_class(struct inode *ea_inode)
123	{
124	struct ext4_inode_info *ei = EXT4_I(inode: ea_inode);
125
126	lockdep_set_subclass(&ea_inode->i_rwsem, 1);
127	(void) ei; /* shut up clang warning if !CONFIG_LOCKDEP */
128	lockdep_set_subclass(&ei->i_data_sem, I_DATA_SEM_EA);
129	}
130	#endif
131
132	static __le32 ext4_xattr_block_csum(struct inode *inode,
133	sector_t block_nr,
134	struct ext4_xattr_header *hdr)
135	{
136	struct ext4_sb_info *sbi = EXT4_SB(sb: inode->i_sb);
137	__u32 csum;
138	__le64 dsk_block_nr = cpu_to_le64(block_nr);
139	__u32 dummy_csum = 0;
140	int offset = offsetof(struct ext4_xattr_header, h_checksum);
141
142	csum = ext4_chksum(sbi, crc: sbi->s_csum_seed, address: (__u8 *)&dsk_block_nr,
143	length: sizeof(dsk_block_nr));
144	csum = ext4_chksum(sbi, crc: csum, address: (__u8 *)hdr, length: offset);
145	csum = ext4_chksum(sbi, crc: csum, address: (__u8 *)&dummy_csum, length: sizeof(dummy_csum));
146	offset += sizeof(dummy_csum);
147	csum = ext4_chksum(sbi, crc: csum, address: (__u8 *)hdr + offset,
148	EXT4_BLOCK_SIZE(inode->i_sb) - offset);
149
150	return cpu_to_le32(csum);
151	}
152
153	static int ext4_xattr_block_csum_verify(struct inode *inode,
154	struct buffer_head *bh)
155	{
156	struct ext4_xattr_header *hdr = BHDR(bh);
157	int ret = 1;
158
159	if (ext4_has_metadata_csum(sb: inode->i_sb)) {
160	lock_buffer(bh);
161	ret = (hdr->h_checksum == ext4_xattr_block_csum(inode,
162	block_nr: bh->b_blocknr, hdr));
163	unlock_buffer(bh);
164	}
165	return ret;
166	}
167
168	static void ext4_xattr_block_csum_set(struct inode *inode,
169	struct buffer_head *bh)
170	{
171	if (ext4_has_metadata_csum(sb: inode->i_sb))
172	BHDR(bh)->h_checksum = ext4_xattr_block_csum(inode,
173	block_nr: bh->b_blocknr, BHDR(bh));
174	}
175
176	static inline const char *ext4_xattr_prefix(int name_index,
177	struct dentry *dentry)
178	{
179	const struct xattr_handler *handler = NULL;
180
181	if (name_index > 0 && name_index < ARRAY_SIZE(ext4_xattr_handler_map))
182	handler = ext4_xattr_handler_map[name_index];
183
184	if (!xattr_handler_can_list(handler, dentry))
185	return NULL;
186
187	return xattr_prefix(handler);
188	}
189
190	static int
191	check_xattrs(struct inode *inode, struct buffer_head *bh,
192	struct ext4_xattr_entry *entry, void *end, void *value_start,
193	const char *function, unsigned int line)
194	{
195	struct ext4_xattr_entry *e = entry;
196	int err = -EFSCORRUPTED;
197	char *err_str;
198
199	if (bh) {
200	if (BHDR(bh)->h_magic != cpu_to_le32(EXT4_XATTR_MAGIC) ||
201	BHDR(bh)->h_blocks != cpu_to_le32(1)) {
202	err_str = "invalid header";
203	goto errout;
204	}
205	if (buffer_verified(bh))
206	return 0;
207	if (!ext4_xattr_block_csum_verify(inode, bh)) {
208	err = -EFSBADCRC;
209	err_str = "invalid checksum";
210	goto errout;
211	}
212	} else {
213	struct ext4_xattr_ibody_header *header = value_start;
214
215	header -= 1;
216	if (end - (void *)header < sizeof(*header) + sizeof(u32)) {
217	err_str = "in-inode xattr block too small";
218	goto errout;
219	}
220	if (header->h_magic != cpu_to_le32(EXT4_XATTR_MAGIC)) {
221	err_str = "bad magic number in in-inode xattr";
222	goto errout;
223	}
224	}
225
226	/* Find the end of the names list */
227	while (!IS_LAST_ENTRY(e)) {
228	struct ext4_xattr_entry *next = EXT4_XATTR_NEXT(e);
229	if ((void *)next >= end) {
230	err_str = "e_name out of bounds";
231	goto errout;
232	}
233	if (strnlen(p: e->e_name, maxlen: e->e_name_len) != e->e_name_len) {
234	err_str = "bad e_name length";
235	goto errout;
236	}
237	e = next;
238	}
239
240	/* Check the values */
241	while (!IS_LAST_ENTRY(entry)) {
242	u32 size = le32_to_cpu(entry->e_value_size);
243	unsigned long ea_ino = le32_to_cpu(entry->e_value_inum);
244
245	if (!ext4_has_feature_ea_inode(sb: inode->i_sb) && ea_ino) {
246	err_str = "ea_inode specified without ea_inode feature enabled";
247	goto errout;
248	}
249	if (ea_ino && ((ea_ino == EXT4_ROOT_INO) ||
250	!ext4_valid_inum(sb: inode->i_sb, ino: ea_ino))) {
251	err_str = "invalid ea_ino";
252	goto errout;
253	}
254	if (size > EXT4_XATTR_SIZE_MAX) {
255	err_str = "e_value size too large";
256	goto errout;
257	}
258
259	if (size != 0 && entry->e_value_inum == 0) {
260	u16 offs = le16_to_cpu(entry->e_value_offs);
261	void *value;
262
263	/*
264	* The value cannot overlap the names, and the value
265	* with padding cannot extend beyond 'end'. Check both
266	* the padded and unpadded sizes, since the size may
267	* overflow to 0 when adding padding.
268	*/
269	if (offs > end - value_start) {
270	err_str = "e_value out of bounds";
271	goto errout;
272	}
273	value = value_start + offs;
274	if (value < (void *)e + sizeof(u32) ||
275	size > end - value ||
276	EXT4_XATTR_SIZE(size) > end - value) {
277	err_str = "overlapping e_value ";
278	goto errout;
279	}
280	}
281	entry = EXT4_XATTR_NEXT(entry);
282	}
283	if (bh)
284	set_buffer_verified(bh);
285	return 0;
286
287	errout:
288	if (bh)
289	__ext4_error_inode(inode, function, line, 0, -err,
290	"corrupted xattr block %llu: %s",
291	(unsigned long long) bh->b_blocknr,
292	err_str);
293	else
294	__ext4_error_inode(inode, function, line, 0, -err,
295	"corrupted in-inode xattr: %s", err_str);
296	return err;
297	}
298
299	static inline int
300	__ext4_xattr_check_block(struct inode *inode, struct buffer_head *bh,
301	const char *function, unsigned int line)
302	{
303	return check_xattrs(inode, bh, BFIRST(bh), end: bh->b_data + bh->b_size,
304	value_start: bh->b_data, function, line);
305	}
306
307	#define ext4_xattr_check_block(inode, bh) \
308	__ext4_xattr_check_block((inode), (bh), __func__, __LINE__)
309
310
311	static inline int
312	__xattr_check_inode(struct inode *inode, struct ext4_xattr_ibody_header *header,
313	void *end, const char *function, unsigned int line)
314	{
315	return check_xattrs(inode, NULL, IFIRST(header), end, IFIRST(header),
316	function, line);
317	}
318
319	#define xattr_check_inode(inode, header, end) \
320	__xattr_check_inode((inode), (header), (end), __func__, __LINE__)
321
322	static int
323	xattr_find_entry(struct inode *inode, struct ext4_xattr_entry **pentry,
324	void *end, int name_index, const char *name, int sorted)
325	{
326	struct ext4_xattr_entry *entry, *next;
327	size_t name_len;
328	int cmp = 1;
329
330	if (name == NULL)
331	return -EINVAL;
332	name_len = strlen(name);
333	for (entry = *pentry; !IS_LAST_ENTRY(entry); entry = next) {
334	next = EXT4_XATTR_NEXT(entry);
335	if ((void *) next >= end) {
336	EXT4_ERROR_INODE(inode, "corrupted xattr entries");
337	return -EFSCORRUPTED;
338	}
339	cmp = name_index - entry->e_name_index;
340	if (!cmp)
341	cmp = name_len - entry->e_name_len;
342	if (!cmp)
343	cmp = memcmp(p: name, q: entry->e_name, size: name_len);
344	if (cmp <= 0 && (sorted || cmp == 0))
345	break;
346	}
347	*pentry = entry;
348	return cmp ? -ENODATA : 0;
349	}
350
351	static u32
352	ext4_xattr_inode_hash(struct ext4_sb_info *sbi, const void *buffer, size_t size)
353	{
354	return ext4_chksum(sbi, crc: sbi->s_csum_seed, address: buffer, length: size);
355	}
356
357	static u64 ext4_xattr_inode_get_ref(struct inode *ea_inode)
358	{
359	return ((u64) inode_get_ctime_sec(inode: ea_inode) << 32) |
360	(u32) inode_peek_iversion_raw(inode: ea_inode);
361	}
362
363	static void ext4_xattr_inode_set_ref(struct inode *ea_inode, u64 ref_count)
364	{
365	inode_set_ctime(inode: ea_inode, sec: (u32)(ref_count >> 32), nsec: 0);
366	inode_set_iversion_raw(inode: ea_inode, val: ref_count & 0xffffffff);
367	}
368
369	static u32 ext4_xattr_inode_get_hash(struct inode *ea_inode)
370	{
371	return (u32) inode_get_atime_sec(inode: ea_inode);
372	}
373
374	static void ext4_xattr_inode_set_hash(struct inode *ea_inode, u32 hash)
375	{
376	inode_set_atime(inode: ea_inode, sec: hash, nsec: 0);
377	}
378
379	/*
380	* Read the EA value from an inode.
381	*/
382	static int ext4_xattr_inode_read(struct inode *ea_inode, void *buf, size_t size)
383	{
384	int blocksize = 1 << ea_inode->i_blkbits;
385	int bh_count = (size + blocksize - 1) >> ea_inode->i_blkbits;
386	int tail_size = (size % blocksize) ?: blocksize;
387	struct buffer_head *bhs_inline[8];
388	struct buffer_head **bhs = bhs_inline;
389	int i, ret;
390
391	if (bh_count > ARRAY_SIZE(bhs_inline)) {
392	bhs = kmalloc_array(n: bh_count, size: sizeof(*bhs), GFP_NOFS);
393	if (!bhs)
394	return -ENOMEM;
395	}
396
397	ret = ext4_bread_batch(inode: ea_inode, block: 0 /* block */, bh_count,
398	wait: true /* wait */, bhs);
399	if (ret)
400	goto free_bhs;
401
402	for (i = 0; i < bh_count; i++) {
403	/* There shouldn't be any holes in ea_inode. */
404	if (!bhs[i]) {
405	ret = -EFSCORRUPTED;
406	goto put_bhs;
407	}
408	memcpy((char *)buf + blocksize * i, bhs[i]->b_data,
409	i < bh_count - 1 ? blocksize : tail_size);
410	}
411	ret = 0;
412	put_bhs:
413	for (i = 0; i < bh_count; i++)
414	brelse(bh: bhs[i]);
415	free_bhs:
416	if (bhs != bhs_inline)
417	kfree(objp: bhs);
418	return ret;
419	}
420
421	#define EXT4_XATTR_INODE_GET_PARENT(inode) ((__u32)(inode_get_mtime_sec(inode)))
422
423	static int ext4_xattr_inode_iget(struct inode *parent, unsigned long ea_ino,
424	u32 ea_inode_hash, struct inode **ea_inode)
425	{
426	struct inode *inode;
427	int err;
428
429	/*
430	* We have to check for this corruption early as otherwise
431	* iget_locked() could wait indefinitely for the state of our
432	* parent inode.
433	*/
434	if (parent->i_ino == ea_ino) {
435	ext4_error(parent->i_sb,
436	"Parent and EA inode have the same ino %lu", ea_ino);
437	return -EFSCORRUPTED;
438	}
439
440	inode = ext4_iget(parent->i_sb, ea_ino, EXT4_IGET_EA_INODE);
441	if (IS_ERR(ptr: inode)) {
442	err = PTR_ERR(ptr: inode);
443	ext4_error(parent->i_sb,
444	"error while reading EA inode %lu err=%d", ea_ino,
445	err);
446	return err;
447	}
448	ext4_xattr_inode_set_class(ea_inode: inode);
449
450	/*
451	* Check whether this is an old Lustre-style xattr inode. Lustre
452	* implementation does not have hash validation, rather it has a
453	* backpointer from ea_inode to the parent inode.
454	*/
455	if (ea_inode_hash != ext4_xattr_inode_get_hash(ea_inode: inode) &&
456	EXT4_XATTR_INODE_GET_PARENT(inode) == parent->i_ino &&
457	inode->i_generation == parent->i_generation) {
458	ext4_set_inode_state(inode, bit: EXT4_STATE_LUSTRE_EA_INODE);
459	ext4_xattr_inode_set_ref(ea_inode: inode, ref_count: 1);
460	} else {
461	inode_lock(inode);
462	inode->i_flags |= S_NOQUOTA;
463	inode_unlock(inode);
464	}
465
466	*ea_inode = inode;
467	return 0;
468	}
469
470	/* Remove entry from mbcache when EA inode is getting evicted */
471	void ext4_evict_ea_inode(struct inode *inode)
472	{
473	struct mb_cache_entry *oe;
474
475	if (!EA_INODE_CACHE(inode))
476	return;
477	/* Wait for entry to get unused so that we can remove it */
478	while ((oe = mb_cache_entry_delete_or_get(EA_INODE_CACHE(inode),
479	key: ext4_xattr_inode_get_hash(ea_inode: inode), value: inode->i_ino))) {
480	mb_cache_entry_wait_unused(entry: oe);
481	mb_cache_entry_put(EA_INODE_CACHE(inode), entry: oe);
482	}
483	}
484
485	static int
486	ext4_xattr_inode_verify_hashes(struct inode *ea_inode,
487	struct ext4_xattr_entry *entry, void *buffer,
488	size_t size)
489	{
490	u32 hash;
491
492	/* Verify stored hash matches calculated hash. */
493	hash = ext4_xattr_inode_hash(sbi: EXT4_SB(sb: ea_inode->i_sb), buffer, size);
494	if (hash != ext4_xattr_inode_get_hash(ea_inode))
495	return -EFSCORRUPTED;
496
497	if (entry) {
498	__le32 e_hash, tmp_data;
499
500	/* Verify entry hash. */
501	tmp_data = cpu_to_le32(hash);
502	e_hash = ext4_xattr_hash_entry(name: entry->e_name, name_len: entry->e_name_len,
503	value: &tmp_data, value_count: 1);
504	/* All good? */
505	if (e_hash == entry->e_hash)
506	return 0;
507
508	/*
509	* Not good. Maybe the entry hash was calculated
510	* using the buggy signed char version?
511	*/
512	e_hash = ext4_xattr_hash_entry_signed(name: entry->e_name, name_len: entry->e_name_len,
513	value: &tmp_data, value_count: 1);
514	/* Still no match - bad */
515	if (e_hash != entry->e_hash)
516	return -EFSCORRUPTED;
517
518	/* Let people know about old hash */
519	pr_warn_once("ext4: filesystem with signed xattr name hash");
520	}
521	return 0;
522	}
523
524	/*
525	* Read xattr value from the EA inode.
526	*/
527	static int
528	ext4_xattr_inode_get(struct inode *inode, struct ext4_xattr_entry *entry,
529	void *buffer, size_t size)
530	{
531	struct mb_cache *ea_inode_cache = EA_INODE_CACHE(inode);
532	struct inode *ea_inode;
533	int err;
534
535	err = ext4_xattr_inode_iget(parent: inode, le32_to_cpu(entry->e_value_inum),
536	le32_to_cpu(entry->e_hash), ea_inode: &ea_inode);
537	if (err) {
538	ea_inode = NULL;
539	goto out;
540	}
541
542	if (i_size_read(inode: ea_inode) != size) {
543	ext4_warning_inode(ea_inode,
544	"ea_inode file size=%llu entry size=%zu",
545	i_size_read(ea_inode), size);
546	err = -EFSCORRUPTED;
547	goto out;
548	}
549
550	err = ext4_xattr_inode_read(ea_inode, buf: buffer, size);
551	if (err)
552	goto out;
553
554	if (!ext4_test_inode_state(inode: ea_inode, bit: EXT4_STATE_LUSTRE_EA_INODE)) {
555	err = ext4_xattr_inode_verify_hashes(ea_inode, entry, buffer,
556	size);
557	if (err) {
558	ext4_warning_inode(ea_inode,
559	"EA inode hash validation failed");
560	goto out;
561	}
562
563	if (ea_inode_cache)
564	mb_cache_entry_create(cache: ea_inode_cache, GFP_NOFS,
565	key: ext4_xattr_inode_get_hash(ea_inode),
566	value: ea_inode->i_ino, reusable: true /* reusable */);
567	}
568	out:
569	iput(ea_inode);
570	return err;
571	}
572
573	static int
574	ext4_xattr_block_get(struct inode *inode, int name_index, const char *name,
575	void *buffer, size_t buffer_size)
576	{
577	struct buffer_head *bh = NULL;
578	struct ext4_xattr_entry *entry;
579	size_t size;
580	void *end;
581	int error;
582	struct mb_cache *ea_block_cache = EA_BLOCK_CACHE(inode);
583
584	ea_idebug(inode, "name=%d.%s, buffer=%p, buffer_size=%ld",
585	name_index, name, buffer, (long)buffer_size);
586
587	if (!EXT4_I(inode)->i_file_acl)
588	return -ENODATA;
589	ea_idebug(inode, "reading block %llu",
590	(unsigned long long)EXT4_I(inode)->i_file_acl);
591	bh = ext4_sb_bread(sb: inode->i_sb, block: EXT4_I(inode)->i_file_acl, REQ_PRIO);
592	if (IS_ERR(ptr: bh))
593	return PTR_ERR(ptr: bh);
594	ea_bdebug(bh, "b_count=%d, refcount=%d",
595	atomic_read(&(bh->b_count)), le32_to_cpu(BHDR(bh)->h_refcount));
596	error = ext4_xattr_check_block(inode, bh);
597	if (error)
598	goto cleanup;
599	ext4_xattr_block_cache_insert(ea_block_cache, bh);
600	entry = BFIRST(bh);
601	end = bh->b_data + bh->b_size;
602	error = xattr_find_entry(inode, pentry: &entry, end, name_index, name, sorted: 1);
603	if (error)
604	goto cleanup;
605	size = le32_to_cpu(entry->e_value_size);
606	error = -ERANGE;
607	if (unlikely(size > EXT4_XATTR_SIZE_MAX))
608	goto cleanup;
609	if (buffer) {
610	if (size > buffer_size)
611	goto cleanup;
612	if (entry->e_value_inum) {
613	error = ext4_xattr_inode_get(inode, entry, buffer,
614	size);
615	if (error)
616	goto cleanup;
617	} else {
618	u16 offset = le16_to_cpu(entry->e_value_offs);
619	void *p = bh->b_data + offset;
620
621	if (unlikely(p + size > end))
622	goto cleanup;
623	memcpy(buffer, p, size);
624	}
625	}
626	error = size;
627
628	cleanup:
629	brelse(bh);
630	return error;
631	}
632
633	int
634	ext4_xattr_ibody_get(struct inode *inode, int name_index, const char *name,
635	void *buffer, size_t buffer_size)
636	{
637	struct ext4_xattr_ibody_header *header;
638	struct ext4_xattr_entry *entry;
639	struct ext4_inode *raw_inode;
640	struct ext4_iloc iloc;
641	size_t size;
642	void *end;
643	int error;
644
645	if (!ext4_test_inode_state(inode, bit: EXT4_STATE_XATTR))
646	return -ENODATA;
647	error = ext4_get_inode_loc(inode, &iloc);
648	if (error)
649	return error;
650	raw_inode = ext4_raw_inode(iloc: &iloc);
651	header = IHDR(inode, raw_inode);
652	end = (void *)raw_inode + EXT4_SB(sb: inode->i_sb)->s_inode_size;
653	error = xattr_check_inode(inode, header, end);
654	if (error)
655	goto cleanup;
656	entry = IFIRST(header);
657	error = xattr_find_entry(inode, pentry: &entry, end, name_index, name, sorted: 0);
658	if (error)
659	goto cleanup;
660	size = le32_to_cpu(entry->e_value_size);
661	error = -ERANGE;
662	if (unlikely(size > EXT4_XATTR_SIZE_MAX))
663	goto cleanup;
664	if (buffer) {
665	if (size > buffer_size)
666	goto cleanup;
667	if (entry->e_value_inum) {
668	error = ext4_xattr_inode_get(inode, entry, buffer,
669	size);
670	if (error)
671	goto cleanup;
672	} else {
673	u16 offset = le16_to_cpu(entry->e_value_offs);
674	void *p = (void *)IFIRST(header) + offset;
675
676	if (unlikely(p + size > end))
677	goto cleanup;
678	memcpy(buffer, p, size);
679	}
680	}
681	error = size;
682
683	cleanup:
684	brelse(bh: iloc.bh);
685	return error;
686	}
687
688	/*
689	* ext4_xattr_get()
690	*
691	* Copy an extended attribute into the buffer
692	* provided, or compute the buffer size required.
693	* Buffer is NULL to compute the size of the buffer required.
694	*
695	* Returns a negative error number on failure, or the number of bytes
696	* used / required on success.
697	*/
698	int
699	ext4_xattr_get(struct inode *inode, int name_index, const char *name,
700	void *buffer, size_t buffer_size)
701	{
702	int error;
703
704	if (unlikely(ext4_forced_shutdown(inode->i_sb)))
705	return -EIO;
706
707	if (strlen(name) > 255)
708	return -ERANGE;
709
710	down_read(sem: &EXT4_I(inode)->xattr_sem);
711	error = ext4_xattr_ibody_get(inode, name_index, name, buffer,
712	buffer_size);
713	if (error == -ENODATA)
714	error = ext4_xattr_block_get(inode, name_index, name, buffer,
715	buffer_size);
716	up_read(sem: &EXT4_I(inode)->xattr_sem);
717	return error;
718	}
719
720	static int
721	ext4_xattr_list_entries(struct dentry *dentry, struct ext4_xattr_entry *entry,
722	char *buffer, size_t buffer_size)
723	{
724	size_t rest = buffer_size;
725
726	for (; !IS_LAST_ENTRY(entry); entry = EXT4_XATTR_NEXT(entry)) {
727	const char *prefix;
728
729	prefix = ext4_xattr_prefix(name_index: entry->e_name_index, dentry);
730	if (prefix) {
731	size_t prefix_len = strlen(prefix);
732	size_t size = prefix_len + entry->e_name_len + 1;
733
734	if (buffer) {
735	if (size > rest)
736	return -ERANGE;
737	memcpy(buffer, prefix, prefix_len);
738	buffer += prefix_len;
739	memcpy(buffer, entry->e_name, entry->e_name_len);
740	buffer += entry->e_name_len;
741	*buffer++ = 0;
742	}
743	rest -= size;
744	}
745	}
746	return buffer_size - rest; /* total size */
747	}
748
749	static int
750	ext4_xattr_block_list(struct dentry *dentry, char *buffer, size_t buffer_size)
751	{
752	struct inode *inode = d_inode(dentry);
753	struct buffer_head *bh = NULL;
754	int error;
755
756	ea_idebug(inode, "buffer=%p, buffer_size=%ld",
757	buffer, (long)buffer_size);
758
759	if (!EXT4_I(inode)->i_file_acl)
760	return 0;
761	ea_idebug(inode, "reading block %llu",
762	(unsigned long long)EXT4_I(inode)->i_file_acl);
763	bh = ext4_sb_bread(sb: inode->i_sb, block: EXT4_I(inode)->i_file_acl, REQ_PRIO);
764	if (IS_ERR(ptr: bh))
765	return PTR_ERR(ptr: bh);
766	ea_bdebug(bh, "b_count=%d, refcount=%d",
767	atomic_read(&(bh->b_count)), le32_to_cpu(BHDR(bh)->h_refcount));
768	error = ext4_xattr_check_block(inode, bh);
769	if (error)
770	goto cleanup;
771	ext4_xattr_block_cache_insert(EA_BLOCK_CACHE(inode), bh);
772	error = ext4_xattr_list_entries(dentry, BFIRST(bh), buffer,
773	buffer_size);
774	cleanup:
775	brelse(bh);
776	return error;
777	}
778
779	static int
780	ext4_xattr_ibody_list(struct dentry *dentry, char *buffer, size_t buffer_size)
781	{
782	struct inode *inode = d_inode(dentry);
783	struct ext4_xattr_ibody_header *header;
784	struct ext4_inode *raw_inode;
785	struct ext4_iloc iloc;
786	void *end;
787	int error;
788
789	if (!ext4_test_inode_state(inode, bit: EXT4_STATE_XATTR))
790	return 0;
791	error = ext4_get_inode_loc(inode, &iloc);
792	if (error)
793	return error;
794	raw_inode = ext4_raw_inode(iloc: &iloc);
795	header = IHDR(inode, raw_inode);
796	end = (void *)raw_inode + EXT4_SB(sb: inode->i_sb)->s_inode_size;
797	error = xattr_check_inode(inode, header, end);
798	if (error)
799	goto cleanup;
800	error = ext4_xattr_list_entries(dentry, IFIRST(header),
801	buffer, buffer_size);
802
803	cleanup:
804	brelse(bh: iloc.bh);
805	return error;
806	}
807
808	/*
809	* Inode operation listxattr()
810	*
811	* d_inode(dentry)->i_rwsem: don't care
812	*
813	* Copy a list of attribute names into the buffer
814	* provided, or compute the buffer size required.
815	* Buffer is NULL to compute the size of the buffer required.
816	*
817	* Returns a negative error number on failure, or the number of bytes
818	* used / required on success.
819	*/
820	ssize_t
821	ext4_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
822	{
823	int ret, ret2;
824
825	down_read(sem: &EXT4_I(inode: d_inode(dentry))->xattr_sem);
826	ret = ret2 = ext4_xattr_ibody_list(dentry, buffer, buffer_size);
827	if (ret < 0)
828	goto errout;
829	if (buffer) {
830	buffer += ret;
831	buffer_size -= ret;
832	}
833	ret = ext4_xattr_block_list(dentry, buffer, buffer_size);
834	if (ret < 0)
835	goto errout;
836	ret += ret2;
837	errout:
838	up_read(sem: &EXT4_I(inode: d_inode(dentry))->xattr_sem);
839	return ret;
840	}
841
842	/*
843	* If the EXT4_FEATURE_COMPAT_EXT_ATTR feature of this file system is
844	* not set, set it.
845	*/
846	static void ext4_xattr_update_super_block(handle_t *handle,
847	struct super_block *sb)
848	{
849	if (ext4_has_feature_xattr(sb))
850	return;
851
852	BUFFER_TRACE(EXT4_SB(sb)->s_sbh, "get_write_access");
853	if (ext4_journal_get_write_access(handle, sb, EXT4_SB(sb)->s_sbh,
854	EXT4_JTR_NONE) == 0) {
855	lock_buffer(bh: EXT4_SB(sb)->s_sbh);
856	ext4_set_feature_xattr(sb);
857	ext4_superblock_csum_set(sb);
858	unlock_buffer(bh: EXT4_SB(sb)->s_sbh);
859	ext4_handle_dirty_metadata(handle, NULL, EXT4_SB(sb)->s_sbh);
860	}
861	}
862
863	int ext4_get_inode_usage(struct inode *inode, qsize_t *usage)
864	{
865	struct ext4_iloc iloc = { .bh = NULL };
866	struct buffer_head *bh = NULL;
867	struct ext4_inode *raw_inode;
868	struct ext4_xattr_ibody_header *header;
869	struct ext4_xattr_entry *entry;
870	qsize_t ea_inode_refs = 0;
871	void *end;
872	int ret;
873
874	lockdep_assert_held_read(&EXT4_I(inode)->xattr_sem);
875
876	if (ext4_test_inode_state(inode, bit: EXT4_STATE_XATTR)) {
877	ret = ext4_get_inode_loc(inode, &iloc);
878	if (ret)
879	goto out;
880	raw_inode = ext4_raw_inode(iloc: &iloc);
881	header = IHDR(inode, raw_inode);
882	end = (void *)raw_inode + EXT4_SB(sb: inode->i_sb)->s_inode_size;
883	ret = xattr_check_inode(inode, header, end);
884	if (ret)
885	goto out;
886
887	for (entry = IFIRST(header); !IS_LAST_ENTRY(entry);
888	entry = EXT4_XATTR_NEXT(entry))
889	if (entry->e_value_inum)
890	ea_inode_refs++;
891	}
892
893	if (EXT4_I(inode)->i_file_acl) {
894	bh = ext4_sb_bread(sb: inode->i_sb, block: EXT4_I(inode)->i_file_acl, REQ_PRIO);
895	if (IS_ERR(ptr: bh)) {
896	ret = PTR_ERR(ptr: bh);
897	bh = NULL;
898	goto out;
899	}
900
901	ret = ext4_xattr_check_block(inode, bh);
902	if (ret)
903	goto out;
904
905	for (entry = BFIRST(bh); !IS_LAST_ENTRY(entry);
906	entry = EXT4_XATTR_NEXT(entry))
907	if (entry->e_value_inum)
908	ea_inode_refs++;
909	}
910	*usage = ea_inode_refs + 1;
911	ret = 0;
912	out:
913	brelse(bh: iloc.bh);
914	brelse(bh);
915	return ret;
916	}
917
918	static inline size_t round_up_cluster(struct inode *inode, size_t length)
919	{
920	struct super_block *sb = inode->i_sb;
921	size_t cluster_size = 1 << (EXT4_SB(sb)->s_cluster_bits +
922	inode->i_blkbits);
923	size_t mask = ~(cluster_size - 1);
924
925	return (length + cluster_size - 1) & mask;
926	}
927
928	static int ext4_xattr_inode_alloc_quota(struct inode *inode, size_t len)
929	{
930	int err;
931
932	err = dquot_alloc_inode(inode);
933	if (err)
934	return err;
935	err = dquot_alloc_space_nodirty(inode, nr: round_up_cluster(inode, length: len));
936	if (err)
937	dquot_free_inode(inode);
938	return err;
939	}
940
941	static void ext4_xattr_inode_free_quota(struct inode *parent,
942	struct inode *ea_inode,
943	size_t len)
944	{
945	if (ea_inode &&
946	ext4_test_inode_state(inode: ea_inode, bit: EXT4_STATE_LUSTRE_EA_INODE))
947	return;
948	dquot_free_space_nodirty(inode: parent, nr: round_up_cluster(inode: parent, length: len));
949	dquot_free_inode(inode: parent);
950	}
951
952	int __ext4_xattr_set_credits(struct super_block *sb, struct inode *inode,
953	struct buffer_head *block_bh, size_t value_len,
954	bool is_create)
955	{
956	int credits;
957	int blocks;
958
959	/*
960	* 1) Owner inode update
961	* 2) Ref count update on old xattr block
962	* 3) new xattr block
963	* 4) block bitmap update for new xattr block
964	* 5) group descriptor for new xattr block
965	* 6) block bitmap update for old xattr block
966	* 7) group descriptor for old block
967	*
968	* 6 & 7 can happen if we have two racing threads T_a and T_b
969	* which are each trying to set an xattr on inodes I_a and I_b
970	* which were both initially sharing an xattr block.
971	*/
972	credits = 7;
973
974	/* Quota updates. */
975	credits += EXT4_MAXQUOTAS_TRANS_BLOCKS(sb);
976
977	/*
978	* In case of inline data, we may push out the data to a block,
979	* so we need to reserve credits for this eventuality
980	*/
981	if (inode && ext4_has_inline_data(inode))
982	credits += ext4_writepage_trans_blocks(inode) + 1;
983
984	/* We are done if ea_inode feature is not enabled. */
985	if (!ext4_has_feature_ea_inode(sb))
986	return credits;
987
988	/* New ea_inode, inode map, block bitmap, group descriptor. */
989	credits += 4;
990
991	/* Data blocks. */
992	blocks = (value_len + sb->s_blocksize - 1) >> sb->s_blocksize_bits;
993
994	/* Indirection block or one level of extent tree. */
995	blocks += 1;
996
997	/* Block bitmap and group descriptor updates for each block. */
998	credits += blocks * 2;
999
1000	/* Blocks themselves. */
1001	credits += blocks;
1002
1003	if (!is_create) {
1004	/* Dereference ea_inode holding old xattr value.
1005	* Old ea_inode, inode map, block bitmap, group descriptor.
1006	*/
1007	credits += 4;
1008
1009	/* Data blocks for old ea_inode. */
1010	blocks = XATTR_SIZE_MAX >> sb->s_blocksize_bits;
1011
1012	/* Indirection block or one level of extent tree for old
1013	* ea_inode.
1014	*/
1015	blocks += 1;
1016
1017	/* Block bitmap and group descriptor updates for each block. */
1018	credits += blocks * 2;
1019	}
1020
1021	/* We may need to clone the existing xattr block in which case we need
1022	* to increment ref counts for existing ea_inodes referenced by it.
1023	*/
1024	if (block_bh) {
1025	struct ext4_xattr_entry *entry = BFIRST(block_bh);
1026
1027	for (; !IS_LAST_ENTRY(entry); entry = EXT4_XATTR_NEXT(entry))
1028	if (entry->e_value_inum)
1029	/* Ref count update on ea_inode. */
1030	credits += 1;
1031	}
1032	return credits;
1033	}
1034
1035	static int ext4_xattr_inode_update_ref(handle_t *handle, struct inode *ea_inode,
1036	int ref_change)
1037	{
1038	struct ext4_iloc iloc;
1039	s64 ref_count;
1040	int ret;
1041
1042	inode_lock(inode: ea_inode);
1043
1044	ret = ext4_reserve_inode_write(handle, inode: ea_inode, iloc: &iloc);
1045	if (ret)
1046	goto out;
1047
1048	ref_count = ext4_xattr_inode_get_ref(ea_inode);
1049	ref_count += ref_change;
1050	ext4_xattr_inode_set_ref(ea_inode, ref_count);
1051
1052	if (ref_change > 0) {
1053	WARN_ONCE(ref_count <= 0, "EA inode %lu ref_count=%lld",
1054	ea_inode->i_ino, ref_count);
1055
1056	if (ref_count == 1) {
1057	WARN_ONCE(ea_inode->i_nlink, "EA inode %lu i_nlink=%u",
1058	ea_inode->i_ino, ea_inode->i_nlink);
1059
1060	set_nlink(inode: ea_inode, nlink: 1);
1061	ext4_orphan_del(handle, ea_inode);
1062	}
1063	} else {
1064	WARN_ONCE(ref_count < 0, "EA inode %lu ref_count=%lld",
1065	ea_inode->i_ino, ref_count);
1066
1067	if (ref_count == 0) {
1068	WARN_ONCE(ea_inode->i_nlink != 1,
1069	"EA inode %lu i_nlink=%u",
1070	ea_inode->i_ino, ea_inode->i_nlink);
1071
1072	clear_nlink(inode: ea_inode);
1073	ext4_orphan_add(handle, ea_inode);
1074	}
1075	}
1076
1077	ret = ext4_mark_iloc_dirty(handle, inode: ea_inode, iloc: &iloc);
1078	if (ret)
1079	ext4_warning_inode(ea_inode,
1080	"ext4_mark_iloc_dirty() failed ret=%d", ret);
1081	out:
1082	inode_unlock(inode: ea_inode);
1083	return ret;
1084	}
1085
1086	static int ext4_xattr_inode_inc_ref(handle_t *handle, struct inode *ea_inode)
1087	{
1088	return ext4_xattr_inode_update_ref(handle, ea_inode, ref_change: 1);
1089	}
1090
1091	static int ext4_xattr_inode_dec_ref(handle_t *handle, struct inode *ea_inode)
1092	{
1093	return ext4_xattr_inode_update_ref(handle, ea_inode, ref_change: -1);
1094	}
1095
1096	static int ext4_xattr_inode_inc_ref_all(handle_t *handle, struct inode *parent,
1097	struct ext4_xattr_entry *first)
1098	{
1099	struct inode *ea_inode;
1100	struct ext4_xattr_entry *entry;
1101	struct ext4_xattr_entry *failed_entry;
1102	unsigned int ea_ino;
1103	int err, saved_err;
1104
1105	for (entry = first; !IS_LAST_ENTRY(entry);
1106	entry = EXT4_XATTR_NEXT(entry)) {
1107	if (!entry->e_value_inum)
1108	continue;
1109	ea_ino = le32_to_cpu(entry->e_value_inum);
1110	err = ext4_xattr_inode_iget(parent, ea_ino,
1111	le32_to_cpu(entry->e_hash),
1112	ea_inode: &ea_inode);
1113	if (err)
1114	goto cleanup;
1115	err = ext4_xattr_inode_inc_ref(handle, ea_inode);
1116	if (err) {
1117	ext4_warning_inode(ea_inode, "inc ref error %d", err);
1118	iput(ea_inode);
1119	goto cleanup;
1120	}
1121	iput(ea_inode);
1122	}
1123	return 0;
1124
1125	cleanup:
1126	saved_err = err;
1127	failed_entry = entry;
1128
1129	for (entry = first; entry != failed_entry;
1130	entry = EXT4_XATTR_NEXT(entry)) {
1131	if (!entry->e_value_inum)
1132	continue;
1133	ea_ino = le32_to_cpu(entry->e_value_inum);
1134	err = ext4_xattr_inode_iget(parent, ea_ino,
1135	le32_to_cpu(entry->e_hash),
1136	ea_inode: &ea_inode);
1137	if (err) {
1138	ext4_warning(parent->i_sb,
1139	"cleanup ea_ino %u iget error %d", ea_ino,
1140	err);
1141	continue;
1142	}
1143	err = ext4_xattr_inode_dec_ref(handle, ea_inode);
1144	if (err)
1145	ext4_warning_inode(ea_inode, "cleanup dec ref error %d",
1146	err);
1147	iput(ea_inode);
1148	}
1149	return saved_err;
1150	}
1151
1152	static int ext4_xattr_restart_fn(handle_t *handle, struct inode *inode,
1153	struct buffer_head *bh, bool block_csum, bool dirty)
1154	{
1155	int error;
1156
1157	if (bh && dirty) {
1158	if (block_csum)
1159	ext4_xattr_block_csum_set(inode, bh);
1160	error = ext4_handle_dirty_metadata(handle, NULL, bh);
1161	if (error) {
1162	ext4_warning(inode->i_sb, "Handle metadata (error %d)",
1163	error);
1164	return error;
1165	}
1166	}
1167	return 0;
1168	}
1169
1170	static void
1171	ext4_xattr_inode_dec_ref_all(handle_t *handle, struct inode *parent,
1172	struct buffer_head *bh,
1173	struct ext4_xattr_entry *first, bool block_csum,
1174	struct ext4_xattr_inode_array **ea_inode_array,
1175	int extra_credits, bool skip_quota)
1176	{
1177	struct inode *ea_inode;
1178	struct ext4_xattr_entry *entry;
1179	bool dirty = false;
1180	unsigned int ea_ino;
1181	int err;
1182	int credits;
1183
1184	/* One credit for dec ref on ea_inode, one for orphan list addition, */
1185	credits = 2 + extra_credits;
1186
1187	for (entry = first; !IS_LAST_ENTRY(entry);
1188	entry = EXT4_XATTR_NEXT(entry)) {
1189	if (!entry->e_value_inum)
1190	continue;
1191	ea_ino = le32_to_cpu(entry->e_value_inum);
1192	err = ext4_xattr_inode_iget(parent, ea_ino,
1193	le32_to_cpu(entry->e_hash),
1194	ea_inode: &ea_inode);
1195	if (err)
1196	continue;
1197
1198	err = ext4_expand_inode_array(ea_inode_array, inode: ea_inode);
1199	if (err) {
1200	ext4_warning_inode(ea_inode,
1201	"Expand inode array err=%d", err);
1202	iput(ea_inode);
1203	continue;
1204	}
1205
1206	err = ext4_journal_ensure_credits_fn(handle, credits, credits,
1207	ext4_free_metadata_revoke_credits(parent->i_sb, 1),
1208	ext4_xattr_restart_fn(handle, parent, bh, block_csum,
1209	dirty));
1210	if (err < 0) {
1211	ext4_warning_inode(ea_inode, "Ensure credits err=%d",
1212	err);
1213	continue;
1214	}
1215	if (err > 0) {
1216	err = ext4_journal_get_write_access(handle,
1217	parent->i_sb, bh, EXT4_JTR_NONE);
1218	if (err) {
1219	ext4_warning_inode(ea_inode,
1220	"Re-get write access err=%d",
1221	err);
1222	continue;
1223	}
1224	}
1225
1226	err = ext4_xattr_inode_dec_ref(handle, ea_inode);
1227	if (err) {
1228	ext4_warning_inode(ea_inode, "ea_inode dec ref err=%d",
1229	err);
1230	continue;
1231	}
1232
1233	if (!skip_quota)
1234	ext4_xattr_inode_free_quota(parent, ea_inode,
1235	le32_to_cpu(entry->e_value_size));
1236
1237	/*
1238	* Forget about ea_inode within the same transaction that
1239	* decrements the ref count. This avoids duplicate decrements in
1240	* case the rest of the work spills over to subsequent
1241	* transactions.
1242	*/
1243	entry->e_value_inum = 0;
1244	entry->e_value_size = 0;
1245
1246	dirty = true;
1247	}
1248
1249	if (dirty) {
1250	/*
1251	* Note that we are deliberately skipping csum calculation for
1252	* the final update because we do not expect any journal
1253	* restarts until xattr block is freed.
1254	*/
1255
1256	err = ext4_handle_dirty_metadata(handle, NULL, bh);
1257	if (err)
1258	ext4_warning_inode(parent,
1259	"handle dirty metadata err=%d", err);
1260	}
1261	}
1262
1263	/*
1264	* Release the xattr block BH: If the reference count is > 1, decrement it;
1265	* otherwise free the block.
1266	*/
1267	static void
1268	ext4_xattr_release_block(handle_t *handle, struct inode *inode,
1269	struct buffer_head *bh,
1270	struct ext4_xattr_inode_array **ea_inode_array,
1271	int extra_credits)
1272	{
1273	struct mb_cache *ea_block_cache = EA_BLOCK_CACHE(inode);
1274	u32 hash, ref;
1275	int error = 0;
1276
1277	BUFFER_TRACE(bh, "get_write_access");
1278	error = ext4_journal_get_write_access(handle, inode->i_sb, bh,
1279	EXT4_JTR_NONE);
1280	if (error)
1281	goto out;
1282
1283	retry_ref:
1284	lock_buffer(bh);
1285	hash = le32_to_cpu(BHDR(bh)->h_hash);
1286	ref = le32_to_cpu(BHDR(bh)->h_refcount);
1287	if (ref == 1) {
1288	ea_bdebug(bh, "refcount now=0; freeing");
1289	/*
1290	* This must happen under buffer lock for
1291	* ext4_xattr_block_set() to reliably detect freed block
1292	*/
1293	if (ea_block_cache) {
1294	struct mb_cache_entry *oe;
1295
1296	oe = mb_cache_entry_delete_or_get(cache: ea_block_cache, key: hash,
1297	value: bh->b_blocknr);
1298	if (oe) {
1299	unlock_buffer(bh);
1300	mb_cache_entry_wait_unused(entry: oe);
1301	mb_cache_entry_put(cache: ea_block_cache, entry: oe);
1302	goto retry_ref;
1303	}
1304	}
1305	get_bh(bh);
1306	unlock_buffer(bh);
1307
1308	if (ext4_has_feature_ea_inode(sb: inode->i_sb))
1309	ext4_xattr_inode_dec_ref_all(handle, parent: inode, bh,
1310	BFIRST(bh),
1311	block_csum: true /* block_csum */,
1312	ea_inode_array,
1313	extra_credits,
1314	skip_quota: true /* skip_quota */);
1315	ext4_free_blocks(handle, inode, bh, block: 0, count: 1,
1316	EXT4_FREE_BLOCKS_METADATA |
1317	EXT4_FREE_BLOCKS_FORGET);
1318	} else {
1319	ref--;
1320	BHDR(bh)->h_refcount = cpu_to_le32(ref);
1321	if (ref == EXT4_XATTR_REFCOUNT_MAX - 1) {
1322	struct mb_cache_entry *ce;
1323
1324	if (ea_block_cache) {
1325	ce = mb_cache_entry_get(cache: ea_block_cache, key: hash,
1326	value: bh->b_blocknr);
1327	if (ce) {
1328	set_bit(nr: MBE_REUSABLE_B, addr: &ce->e_flags);
1329	mb_cache_entry_put(cache: ea_block_cache, entry: ce);
1330	}
1331	}
1332	}
1333
1334	ext4_xattr_block_csum_set(inode, bh);
1335	/*
1336	* Beware of this ugliness: Releasing of xattr block references
1337	* from different inodes can race and so we have to protect
1338	* from a race where someone else frees the block (and releases
1339	* its journal_head) before we are done dirtying the buffer. In
1340	* nojournal mode this race is harmless and we actually cannot
1341	* call ext4_handle_dirty_metadata() with locked buffer as
1342	* that function can call sync_dirty_buffer() so for that case
1343	* we handle the dirtying after unlocking the buffer.
1344	*/
1345	if (ext4_handle_valid(handle))
1346	error = ext4_handle_dirty_metadata(handle, inode, bh);
1347	unlock_buffer(bh);
1348	if (!ext4_handle_valid(handle))
1349	error = ext4_handle_dirty_metadata(handle, inode, bh);
1350	if (IS_SYNC(inode))
1351	ext4_handle_sync(handle);
1352	dquot_free_block(inode, EXT4_C2B(EXT4_SB(inode->i_sb), 1));
1353	ea_bdebug(bh, "refcount now=%d; releasing",
1354	le32_to_cpu(BHDR(bh)->h_refcount));
1355	}
1356	out:
1357	ext4_std_error(inode->i_sb, error);
1358	return;
1359	}
1360
1361	/*
1362	* Find the available free space for EAs. This also returns the total number of
1363	* bytes used by EA entries.
1364	*/
1365	static size_t ext4_xattr_free_space(struct ext4_xattr_entry *last,
1366	size_t *min_offs, void *base, int *total)
1367	{
1368	for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) {
1369	if (!last->e_value_inum && last->e_value_size) {
1370	size_t offs = le16_to_cpu(last->e_value_offs);
1371	if (offs < *min_offs)
1372	*min_offs = offs;
1373	}
1374	if (total)
1375	*total += EXT4_XATTR_LEN(last->e_name_len);
1376	}
1377	return (*min_offs - ((void *)last - base) - sizeof(__u32));
1378	}
1379
1380	/*
1381	* Write the value of the EA in an inode.
1382	*/
1383	static int ext4_xattr_inode_write(handle_t *handle, struct inode *ea_inode,
1384	const void *buf, int bufsize)
1385	{
1386	struct buffer_head *bh = NULL;
1387	unsigned long block = 0;
1388	int blocksize = ea_inode->i_sb->s_blocksize;
1389	int max_blocks = (bufsize + blocksize - 1) >> ea_inode->i_blkbits;
1390	int csize, wsize = 0;
1391	int ret = 0, ret2 = 0;
1392	int retries = 0;
1393
1394	retry:
1395	while (ret >= 0 && ret < max_blocks) {
1396	struct ext4_map_blocks map;
1397	map.m_lblk = block += ret;
1398	map.m_len = max_blocks -= ret;
1399
1400	ret = ext4_map_blocks(handle, inode: ea_inode, map: &map,
1401	EXT4_GET_BLOCKS_CREATE);
1402	if (ret <= 0) {
1403	ext4_mark_inode_dirty(handle, ea_inode);
1404	if (ret == -ENOSPC &&
1405	ext4_should_retry_alloc(sb: ea_inode->i_sb, retries: &retries)) {
1406	ret = 0;
1407	goto retry;
1408	}
1409	break;
1410	}
1411	}
1412
1413	if (ret < 0)
1414	return ret;
1415
1416	block = 0;
1417	while (wsize < bufsize) {
1418	brelse(bh);
1419	csize = (bufsize - wsize) > blocksize ? blocksize :
1420	bufsize - wsize;
1421	bh = ext4_getblk(handle, ea_inode, block, 0);
1422	if (IS_ERR(ptr: bh))
1423	return PTR_ERR(ptr: bh);
1424	if (!bh) {
1425	WARN_ON_ONCE(1);
1426	EXT4_ERROR_INODE(ea_inode,
1427	"ext4_getblk() return bh = NULL");
1428	return -EFSCORRUPTED;
1429	}
1430	ret = ext4_journal_get_write_access(handle, ea_inode->i_sb, bh,
1431	EXT4_JTR_NONE);
1432	if (ret)
1433	goto out;
1434
1435	memcpy(bh->b_data, buf, csize);
1436	set_buffer_uptodate(bh);
1437	ext4_handle_dirty_metadata(handle, ea_inode, bh);
1438
1439	buf += csize;
1440	wsize += csize;
1441	block += 1;
1442	}
1443
1444	inode_lock(inode: ea_inode);
1445	i_size_write(inode: ea_inode, i_size: wsize);
1446	ext4_update_i_disksize(inode: ea_inode, newsize: wsize);
1447	inode_unlock(inode: ea_inode);
1448
1449	ret2 = ext4_mark_inode_dirty(handle, ea_inode);
1450	if (unlikely(ret2 && !ret))
1451	ret = ret2;
1452
1453	out:
1454	brelse(bh);
1455
1456	return ret;
1457	}
1458
1459	/*
1460	* Create an inode to store the value of a large EA.
1461	*/
1462	static struct inode *ext4_xattr_inode_create(handle_t *handle,
1463	struct inode *inode, u32 hash)
1464	{
1465	struct inode *ea_inode = NULL;
1466	uid_t owner[2] = { i_uid_read(inode), i_gid_read(inode) };
1467	int err;
1468
1469	if (inode->i_sb->s_root == NULL) {
1470	ext4_warning(inode->i_sb,
1471	"refuse to create EA inode when umounting");
1472	WARN_ON(1);
1473	return ERR_PTR(error: -EINVAL);
1474	}
1475
1476	/*
1477	* Let the next inode be the goal, so we try and allocate the EA inode
1478	* in the same group, or nearby one.
1479	*/
1480	ea_inode = ext4_new_inode(handle, inode->i_sb->s_root->d_inode,
1481	S_IFREG | 0600, NULL, inode->i_ino + 1, owner,
1482	EXT4_EA_INODE_FL);
1483	if (!IS_ERR(ptr: ea_inode)) {
1484	ea_inode->i_op = &ext4_file_inode_operations;
1485	ea_inode->i_fop = &ext4_file_operations;
1486	ext4_set_aops(inode: ea_inode);
1487	ext4_xattr_inode_set_class(ea_inode);
1488	unlock_new_inode(ea_inode);
1489	ext4_xattr_inode_set_ref(ea_inode, ref_count: 1);
1490	ext4_xattr_inode_set_hash(ea_inode, hash);
1491	err = ext4_mark_inode_dirty(handle, ea_inode);
1492	if (!err)
1493	err = ext4_inode_attach_jinode(inode: ea_inode);
1494	if (err) {
1495	if (ext4_xattr_inode_dec_ref(handle, ea_inode))
1496	ext4_warning_inode(ea_inode,
1497	"cleanup dec ref error %d", err);
1498	iput(ea_inode);
1499	return ERR_PTR(error: err);
1500	}
1501
1502	/*
1503	* Xattr inodes are shared therefore quota charging is performed
1504	* at a higher level.
1505	*/
1506	dquot_free_inode(inode: ea_inode);
1507	dquot_drop(inode: ea_inode);
1508	inode_lock(inode: ea_inode);
1509	ea_inode->i_flags |= S_NOQUOTA;
1510	inode_unlock(inode: ea_inode);
1511	}
1512
1513	return ea_inode;
1514	}
1515
1516	static struct inode *
1517	ext4_xattr_inode_cache_find(struct inode *inode, const void *value,
1518	size_t value_len, u32 hash)
1519	{
1520	struct inode *ea_inode;
1521	struct mb_cache_entry *ce;
1522	struct mb_cache *ea_inode_cache = EA_INODE_CACHE(inode);
1523	void *ea_data;
1524
1525	if (!ea_inode_cache)
1526	return NULL;
1527
1528	ce = mb_cache_entry_find_first(cache: ea_inode_cache, key: hash);
1529	if (!ce)
1530	return NULL;
1531
1532	WARN_ON_ONCE(ext4_handle_valid(journal_current_handle()) &&
1533	!(current->flags & PF_MEMALLOC_NOFS));
1534
1535	ea_data = kvmalloc(size: value_len, GFP_KERNEL);
1536	if (!ea_data) {
1537	mb_cache_entry_put(cache: ea_inode_cache, entry: ce);
1538	return NULL;
1539	}
1540
1541	while (ce) {
1542	ea_inode = ext4_iget(inode->i_sb, ce->e_value,
1543	EXT4_IGET_EA_INODE);
1544	if (IS_ERR(ptr: ea_inode))
1545	goto next_entry;
1546	ext4_xattr_inode_set_class(ea_inode);
1547	if (i_size_read(inode: ea_inode) == value_len &&
1548	!ext4_xattr_inode_read(ea_inode, buf: ea_data, size: value_len) &&
1549	!ext4_xattr_inode_verify_hashes(ea_inode, NULL, buffer: ea_data,
1550	size: value_len) &&
1551	!memcmp(p: value, q: ea_data, size: value_len)) {
1552	mb_cache_entry_touch(cache: ea_inode_cache, entry: ce);
1553	mb_cache_entry_put(cache: ea_inode_cache, entry: ce);
1554	kvfree(addr: ea_data);
1555	return ea_inode;
1556	}
1557	iput(ea_inode);
1558	next_entry:
1559	ce = mb_cache_entry_find_next(cache: ea_inode_cache, entry: ce);
1560	}
1561	kvfree(addr: ea_data);
1562	return NULL;
1563	}
1564
1565	/*
1566	* Add value of the EA in an inode.
1567	*/
1568	static struct inode *ext4_xattr_inode_lookup_create(handle_t *handle,
1569	struct inode *inode, const void *value, size_t value_len)
1570	{
1571	struct inode *ea_inode;
1572	u32 hash;
1573	int err;
1574
1575	/* Account inode & space to quota even if sharing... */
1576	err = ext4_xattr_inode_alloc_quota(inode, len: value_len);
1577	if (err)
1578	return ERR_PTR(error: err);
1579
1580	hash = ext4_xattr_inode_hash(sbi: EXT4_SB(sb: inode->i_sb), buffer: value, size: value_len);
1581	ea_inode = ext4_xattr_inode_cache_find(inode, value, value_len, hash);
1582	if (ea_inode) {
1583	err = ext4_xattr_inode_inc_ref(handle, ea_inode);
1584	if (err)
1585	goto out_err;
1586	return ea_inode;
1587	}
1588
1589	/* Create an inode for the EA value */
1590	ea_inode = ext4_xattr_inode_create(handle, inode, hash);
1591	if (IS_ERR(ptr: ea_inode)) {
1592	ext4_xattr_inode_free_quota(parent: inode, NULL, len: value_len);
1593	return ea_inode;
1594	}
1595
1596	err = ext4_xattr_inode_write(handle, ea_inode, buf: value, bufsize: value_len);
1597	if (err) {
1598	if (ext4_xattr_inode_dec_ref(handle, ea_inode))
1599	ext4_warning_inode(ea_inode, "cleanup dec ref error %d", err);
1600	goto out_err;
1601	}
1602
1603	if (EA_INODE_CACHE(inode))
1604	mb_cache_entry_create(EA_INODE_CACHE(inode), GFP_NOFS, key: hash,
1605	value: ea_inode->i_ino, reusable: true /* reusable */);
1606	return ea_inode;
1607	out_err:
1608	iput(ea_inode);
1609	ext4_xattr_inode_free_quota(parent: inode, NULL, len: value_len);
1610	return ERR_PTR(error: err);
1611	}
1612
1613	/*
1614	* Reserve min(block_size/8, 1024) bytes for xattr entries/names if ea_inode
1615	* feature is enabled.
1616	*/
1617	#define EXT4_XATTR_BLOCK_RESERVE(inode) min(i_blocksize(inode)/8, 1024U)
1618
1619	static int ext4_xattr_set_entry(struct ext4_xattr_info *i,
1620	struct ext4_xattr_search *s,
1621	handle_t *handle, struct inode *inode,
1622	bool is_block)
1623	{
1624	struct ext4_xattr_entry *last, *next;
1625	struct ext4_xattr_entry *here = s->here;
1626	size_t min_offs = s->end - s->base, name_len = strlen(i->name);
1627	int in_inode = i->in_inode;
1628	struct inode *old_ea_inode = NULL;
1629	struct inode *new_ea_inode = NULL;
1630	size_t old_size, new_size;
1631	int ret;
1632
1633	/* Space used by old and new values. */
1634	old_size = (!s->not_found && !here->e_value_inum) ?
1635	EXT4_XATTR_SIZE(le32_to_cpu(here->e_value_size)) : 0;
1636	new_size = (i->value && !in_inode) ? EXT4_XATTR_SIZE(i->value_len) : 0;
1637
1638	/*
1639	* Optimization for the simple case when old and new values have the
1640	* same padded sizes. Not applicable if external inodes are involved.
1641	*/
1642	if (new_size && new_size == old_size) {
1643	size_t offs = le16_to_cpu(here->e_value_offs);
1644	void *val = s->base + offs;
1645
1646	here->e_value_size = cpu_to_le32(i->value_len);
1647	if (i->value == EXT4_ZERO_XATTR_VALUE) {
1648	memset(val, 0, new_size);
1649	} else {
1650	memcpy(val, i->value, i->value_len);
1651	/* Clear padding bytes. */
1652	memset(val + i->value_len, 0, new_size - i->value_len);
1653	}
1654	goto update_hash;
1655	}
1656
1657	/* Compute min_offs and last. */
1658	last = s->first;
1659	for (; !IS_LAST_ENTRY(last); last = next) {
1660	next = EXT4_XATTR_NEXT(last);
1661	if ((void *)next >= s->end) {
1662	EXT4_ERROR_INODE(inode, "corrupted xattr entries");
1663	ret = -EFSCORRUPTED;
1664	goto out;
1665	}
1666	if (!last->e_value_inum && last->e_value_size) {
1667	size_t offs = le16_to_cpu(last->e_value_offs);
1668	if (offs < min_offs)
1669	min_offs = offs;
1670	}
1671	}
1672
1673	/* Check whether we have enough space. */
1674	if (i->value) {
1675	size_t free;
1676
1677	free = min_offs - ((void *)last - s->base) - sizeof(__u32);
1678	if (!s->not_found)
1679	free += EXT4_XATTR_LEN(name_len) + old_size;
1680
1681	if (free < EXT4_XATTR_LEN(name_len) + new_size) {
1682	ret = -ENOSPC;
1683	goto out;
1684	}
1685
1686	/*
1687	* If storing the value in an external inode is an option,
1688	* reserve space for xattr entries/names in the external
1689	* attribute block so that a long value does not occupy the
1690	* whole space and prevent further entries being added.
1691	*/
1692	if (ext4_has_feature_ea_inode(sb: inode->i_sb) &&
1693	new_size && is_block &&
1694	(min_offs + old_size - new_size) <
1695	EXT4_XATTR_BLOCK_RESERVE(inode)) {
1696	ret = -ENOSPC;
1697	goto out;
1698	}
1699	}
1700
1701	/*
1702	* Getting access to old and new ea inodes is subject to failures.
1703	* Finish that work before doing any modifications to the xattr data.
1704	*/
1705	if (!s->not_found && here->e_value_inum) {
1706	ret = ext4_xattr_inode_iget(parent: inode,
1707	le32_to_cpu(here->e_value_inum),
1708	le32_to_cpu(here->e_hash),
1709	ea_inode: &old_ea_inode);
1710	if (ret) {
1711	old_ea_inode = NULL;
1712	goto out;
1713	}
1714	}
1715	if (i->value && in_inode) {
1716	WARN_ON_ONCE(!i->value_len);
1717
1718	new_ea_inode = ext4_xattr_inode_lookup_create(handle, inode,
1719	value: i->value, value_len: i->value_len);
1720	if (IS_ERR(ptr: new_ea_inode)) {
1721	ret = PTR_ERR(ptr: new_ea_inode);
1722	new_ea_inode = NULL;
1723	goto out;
1724	}
1725	}
1726
1727	if (old_ea_inode) {
1728	/* We are ready to release ref count on the old_ea_inode. */
1729	ret = ext4_xattr_inode_dec_ref(handle, ea_inode: old_ea_inode);
1730	if (ret) {
1731	/* Release newly required ref count on new_ea_inode. */
1732	if (new_ea_inode) {
1733	int err;
1734
1735	err = ext4_xattr_inode_dec_ref(handle,
1736	ea_inode: new_ea_inode);
1737	if (err)
1738	ext4_warning_inode(new_ea_inode,
1739	"dec ref new_ea_inode err=%d",
1740	err);
1741	ext4_xattr_inode_free_quota(parent: inode, ea_inode: new_ea_inode,
1742	len: i->value_len);
1743	}
1744	goto out;
1745	}
1746
1747	ext4_xattr_inode_free_quota(parent: inode, ea_inode: old_ea_inode,
1748	le32_to_cpu(here->e_value_size));
1749	}
1750
1751	/* No failures allowed past this point. */
1752
1753	if (!s->not_found && here->e_value_size && !here->e_value_inum) {
1754	/* Remove the old value. */
1755	void *first_val = s->base + min_offs;
1756	size_t offs = le16_to_cpu(here->e_value_offs);
1757	void *val = s->base + offs;
1758
1759	memmove(first_val + old_size, first_val, val - first_val);
1760	memset(first_val, 0, old_size);
1761	min_offs += old_size;
1762
1763	/* Adjust all value offsets. */
1764	last = s->first;
1765	while (!IS_LAST_ENTRY(last)) {
1766	size_t o = le16_to_cpu(last->e_value_offs);
1767
1768	if (!last->e_value_inum &&
1769	last->e_value_size && o < offs)
1770	last->e_value_offs = cpu_to_le16(o + old_size);
1771	last = EXT4_XATTR_NEXT(last);
1772	}
1773	}
1774
1775	if (!i->value) {
1776	/* Remove old name. */
1777	size_t size = EXT4_XATTR_LEN(name_len);
1778
1779	last = ENTRY((void *)last - size);
1780	memmove(here, (void *)here + size,
1781	(void *)last - (void *)here + sizeof(__u32));
1782	memset(last, 0, size);
1783
1784	/*
1785	* Update i_inline_off - moved ibody region might contain
1786	* system.data attribute. Handling a failure here won't
1787	* cause other complications for setting an xattr.
1788	*/
1789	if (!is_block && ext4_has_inline_data(inode)) {
1790	ret = ext4_find_inline_data_nolock(inode);
1791	if (ret) {
1792	ext4_warning_inode(inode,
1793	"unable to update i_inline_off");
1794	goto out;
1795	}
1796	}
1797	} else if (s->not_found) {
1798	/* Insert new name. */
1799	size_t size = EXT4_XATTR_LEN(name_len);
1800	size_t rest = (void *)last - (void *)here + sizeof(__u32);
1801
1802	memmove((void *)here + size, here, rest);
1803	memset(here, 0, size);
1804	here->e_name_index = i->name_index;
1805	here->e_name_len = name_len;
1806	memcpy(here->e_name, i->name, name_len);
1807	} else {
1808	/* This is an update, reset value info. */
1809	here->e_value_inum = 0;
1810	here->e_value_offs = 0;
1811	here->e_value_size = 0;
1812	}
1813
1814	if (i->value) {
1815	/* Insert new value. */
1816	if (in_inode) {
1817	here->e_value_inum = cpu_to_le32(new_ea_inode->i_ino);
1818	} else if (i->value_len) {
1819	void *val = s->base + min_offs - new_size;
1820
1821	here->e_value_offs = cpu_to_le16(min_offs - new_size);
1822	if (i->value == EXT4_ZERO_XATTR_VALUE) {
1823	memset(val, 0, new_size);
1824	} else {
1825	memcpy(val, i->value, i->value_len);
1826	/* Clear padding bytes. */
1827	memset(val + i->value_len, 0,
1828	new_size - i->value_len);
1829	}
1830	}
1831	here->e_value_size = cpu_to_le32(i->value_len);
1832	}
1833
1834	update_hash:
1835	if (i->value) {
1836	__le32 hash = 0;
1837
1838	/* Entry hash calculation. */
1839	if (in_inode) {
1840	__le32 crc32c_hash;
1841
1842	/*
1843	* Feed crc32c hash instead of the raw value for entry
1844	* hash calculation. This is to avoid walking
1845	* potentially long value buffer again.
1846	*/
1847	crc32c_hash = cpu_to_le32(
1848	ext4_xattr_inode_get_hash(new_ea_inode));
1849	hash = ext4_xattr_hash_entry(name: here->e_name,
1850	name_len: here->e_name_len,
1851	value: &crc32c_hash, value_count: 1);
1852	} else if (is_block) {
1853	__le32 *value = s->base + le16_to_cpu(
1854	here->e_value_offs);
1855
1856	hash = ext4_xattr_hash_entry(name: here->e_name,
1857	name_len: here->e_name_len, value,
1858	value_count: new_size >> 2);
1859	}
1860	here->e_hash = hash;
1861	}
1862
1863	if (is_block)
1864	ext4_xattr_rehash((struct ext4_xattr_header *)s->base);
1865
1866	ret = 0;
1867	out:
1868	iput(old_ea_inode);
1869	iput(new_ea_inode);
1870	return ret;
1871	}
1872
1873	struct ext4_xattr_block_find {
1874	struct ext4_xattr_search s;
1875	struct buffer_head *bh;
1876	};
1877
1878	static int
1879	ext4_xattr_block_find(struct inode *inode, struct ext4_xattr_info *i,
1880	struct ext4_xattr_block_find *bs)
1881	{
1882	struct super_block *sb = inode->i_sb;
1883	int error;
1884
1885	ea_idebug(inode, "name=%d.%s, value=%p, value_len=%ld",
1886	i->name_index, i->name, i->value, (long)i->value_len);
1887
1888	if (EXT4_I(inode)->i_file_acl) {
1889	/* The inode already has an extended attribute block. */
1890	bs->bh = ext4_sb_bread(sb, block: EXT4_I(inode)->i_file_acl, REQ_PRIO);
1891	if (IS_ERR(ptr: bs->bh)) {
1892	error = PTR_ERR(ptr: bs->bh);
1893	bs->bh = NULL;
1894	return error;
1895	}
1896	ea_bdebug(bs->bh, "b_count=%d, refcount=%d",
1897	atomic_read(&(bs->bh->b_count)),
1898	le32_to_cpu(BHDR(bs->bh)->h_refcount));
1899	error = ext4_xattr_check_block(inode, bs->bh);
1900	if (error)
1901	return error;
1902	/* Find the named attribute. */
1903	bs->s.base = BHDR(bs->bh);
1904	bs->s.first = BFIRST(bs->bh);
1905	bs->s.end = bs->bh->b_data + bs->bh->b_size;
1906	bs->s.here = bs->s.first;
1907	error = xattr_find_entry(inode, pentry: &bs->s.here, end: bs->s.end,
1908	name_index: i->name_index, name: i->name, sorted: 1);
1909	if (error && error != -ENODATA)
1910	return error;
1911	bs->s.not_found = error;
1912	}
1913	return 0;
1914	}
1915
1916	static int
1917	ext4_xattr_block_set(handle_t *handle, struct inode *inode,
1918	struct ext4_xattr_info *i,
1919	struct ext4_xattr_block_find *bs)
1920	{
1921	struct super_block *sb = inode->i_sb;
1922	struct buffer_head *new_bh = NULL;
1923	struct ext4_xattr_search s_copy = bs->s;
1924	struct ext4_xattr_search *s = &s_copy;
1925	struct mb_cache_entry *ce = NULL;
1926	int error = 0;
1927	struct mb_cache *ea_block_cache = EA_BLOCK_CACHE(inode);
1928	struct inode *ea_inode = NULL, *tmp_inode;
1929	size_t old_ea_inode_quota = 0;
1930	unsigned int ea_ino;
1931
1932
1933	#define header(x) ((struct ext4_xattr_header *)(x))
1934
1935	if (s->base) {
1936	int offset = (char *)s->here - bs->bh->b_data;
1937
1938	BUFFER_TRACE(bs->bh, "get_write_access");
1939	error = ext4_journal_get_write_access(handle, sb, bs->bh,
1940	EXT4_JTR_NONE);
1941	if (error)
1942	goto cleanup;
1943	lock_buffer(bh: bs->bh);
1944
1945	if (header(s->base)->h_refcount == cpu_to_le32(1)) {
1946	__u32 hash = le32_to_cpu(BHDR(bs->bh)->h_hash);
1947
1948	/*
1949	* This must happen under buffer lock for
1950	* ext4_xattr_block_set() to reliably detect modified
1951	* block
1952	*/
1953	if (ea_block_cache) {
1954	struct mb_cache_entry *oe;
1955
1956	oe = mb_cache_entry_delete_or_get(cache: ea_block_cache,
1957	key: hash, value: bs->bh->b_blocknr);
1958	if (oe) {
1959	/*
1960	* Xattr block is getting reused. Leave
1961	* it alone.
1962	*/
1963	mb_cache_entry_put(cache: ea_block_cache, entry: oe);
1964	goto clone_block;
1965	}
1966	}
1967	ea_bdebug(bs->bh, "modifying in-place");
1968	error = ext4_xattr_set_entry(i, s, handle, inode,
1969	is_block: true /* is_block */);
1970	ext4_xattr_block_csum_set(inode, bh: bs->bh);
1971	unlock_buffer(bh: bs->bh);
1972	if (error == -EFSCORRUPTED)
1973	goto bad_block;
1974	if (!error)
1975	error = ext4_handle_dirty_metadata(handle,
1976	inode,
1977	bs->bh);
1978	if (error)
1979	goto cleanup;
1980	goto inserted;
1981	}
1982	clone_block:
1983	unlock_buffer(bh: bs->bh);
1984	ea_bdebug(bs->bh, "cloning");
1985	s->base = kmemdup(BHDR(bs->bh), size: bs->bh->b_size, GFP_NOFS);
1986	error = -ENOMEM;
1987	if (s->base == NULL)
1988	goto cleanup;
1989	s->first = ENTRY(header(s->base)+1);
1990	header(s->base)->h_refcount = cpu_to_le32(1);
1991	s->here = ENTRY(s->base + offset);
1992	s->end = s->base + bs->bh->b_size;
1993
1994	/*
1995	* If existing entry points to an xattr inode, we need
1996	* to prevent ext4_xattr_set_entry() from decrementing
1997	* ref count on it because the reference belongs to the
1998	* original block. In this case, make the entry look
1999	* like it has an empty value.
2000	*/
2001	if (!s->not_found && s->here->e_value_inum) {
2002	ea_ino = le32_to_cpu(s->here->e_value_inum);
2003	error = ext4_xattr_inode_iget(parent: inode, ea_ino,
2004	le32_to_cpu(s->here->e_hash),
2005	ea_inode: &tmp_inode);
2006	if (error)
2007	goto cleanup;
2008
2009	if (!ext4_test_inode_state(inode: tmp_inode,
2010	bit: EXT4_STATE_LUSTRE_EA_INODE)) {
2011	/*
2012	* Defer quota free call for previous
2013	* inode until success is guaranteed.
2014	*/
2015	old_ea_inode_quota = le32_to_cpu(
2016	s->here->e_value_size);
2017	}
2018	iput(tmp_inode);
2019
2020	s->here->e_value_inum = 0;
2021	s->here->e_value_size = 0;
2022	}
2023	} else {
2024	/* Allocate a buffer where we construct the new block. */
2025	s->base = kzalloc(size: sb->s_blocksize, GFP_NOFS);
2026	error = -ENOMEM;
2027	if (s->base == NULL)
2028	goto cleanup;
2029	header(s->base)->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC);
2030	header(s->base)->h_blocks = cpu_to_le32(1);
2031	header(s->base)->h_refcount = cpu_to_le32(1);
2032	s->first = ENTRY(header(s->base)+1);
2033	s->here = ENTRY(header(s->base)+1);
2034	s->end = s->base + sb->s_blocksize;
2035	}
2036
2037	error = ext4_xattr_set_entry(i, s, handle, inode, is_block: true /* is_block */);
2038	if (error == -EFSCORRUPTED)
2039	goto bad_block;
2040	if (error)
2041	goto cleanup;
2042
2043	if (i->value && s->here->e_value_inum) {
2044	/*
2045	* A ref count on ea_inode has been taken as part of the call to
2046	* ext4_xattr_set_entry() above. We would like to drop this
2047	* extra ref but we have to wait until the xattr block is
2048	* initialized and has its own ref count on the ea_inode.
2049	*/
2050	ea_ino = le32_to_cpu(s->here->e_value_inum);
2051	error = ext4_xattr_inode_iget(parent: inode, ea_ino,
2052	le32_to_cpu(s->here->e_hash),
2053	ea_inode: &ea_inode);
2054	if (error) {
2055	ea_inode = NULL;
2056	goto cleanup;
2057	}
2058	}
2059
2060	inserted:
2061	if (!IS_LAST_ENTRY(s->first)) {
2062	new_bh = ext4_xattr_block_cache_find(inode, header(s->base),
2063	&ce);
2064	if (new_bh) {
2065	/* We found an identical block in the cache. */
2066	if (new_bh == bs->bh)
2067	ea_bdebug(new_bh, "keeping");
2068	else {
2069	u32 ref;
2070
2071	#ifdef EXT4_XATTR_DEBUG
2072	WARN_ON_ONCE(dquot_initialize_needed(inode));
2073	#endif
2074	/* The old block is released after updating
2075	the inode. */
2076	error = dquot_alloc_block(inode,
2077	EXT4_C2B(EXT4_SB(sb), 1));
2078	if (error)
2079	goto cleanup;
2080	BUFFER_TRACE(new_bh, "get_write_access");
2081	error = ext4_journal_get_write_access(
2082	handle, sb, new_bh,
2083	EXT4_JTR_NONE);
2084	if (error)
2085	goto cleanup_dquot;
2086	lock_buffer(bh: new_bh);
2087	/*
2088	* We have to be careful about races with
2089	* adding references to xattr block. Once we
2090	* hold buffer lock xattr block's state is
2091	* stable so we can check the additional
2092	* reference fits.
2093	*/
2094	ref = le32_to_cpu(BHDR(new_bh)->h_refcount) + 1;
2095	if (ref > EXT4_XATTR_REFCOUNT_MAX) {
2096	/*
2097	* Undo everything and check mbcache
2098	* again.
2099	*/
2100	unlock_buffer(bh: new_bh);
2101	dquot_free_block(inode,
2102	EXT4_C2B(EXT4_SB(sb),
2103	1));
2104	brelse(bh: new_bh);
2105	mb_cache_entry_put(cache: ea_block_cache, entry: ce);
2106	ce = NULL;
2107	new_bh = NULL;
2108	goto inserted;
2109	}
2110	BHDR(new_bh)->h_refcount = cpu_to_le32(ref);
2111	if (ref == EXT4_XATTR_REFCOUNT_MAX)
2112	clear_bit(nr: MBE_REUSABLE_B, addr: &ce->e_flags);
2113	ea_bdebug(new_bh, "reusing; refcount now=%d",
2114	ref);
2115	ext4_xattr_block_csum_set(inode, bh: new_bh);
2116	unlock_buffer(bh: new_bh);
2117	error = ext4_handle_dirty_metadata(handle,
2118	inode,
2119	new_bh);
2120	if (error)
2121	goto cleanup_dquot;
2122	}
2123	mb_cache_entry_touch(cache: ea_block_cache, entry: ce);
2124	mb_cache_entry_put(cache: ea_block_cache, entry: ce);
2125	ce = NULL;
2126	} else if (bs->bh && s->base == bs->bh->b_data) {
2127	/* We were modifying this block in-place. */
2128	ea_bdebug(bs->bh, "keeping this block");
2129	ext4_xattr_block_cache_insert(ea_block_cache, bs->bh);
2130	new_bh = bs->bh;
2131	get_bh(bh: new_bh);
2132	} else {
2133	/* We need to allocate a new block */
2134	ext4_fsblk_t goal, block;
2135
2136	#ifdef EXT4_XATTR_DEBUG
2137	WARN_ON_ONCE(dquot_initialize_needed(inode));
2138	#endif
2139	goal = ext4_group_first_block_no(sb,
2140	group_no: EXT4_I(inode)->i_block_group);
2141	block = ext4_new_meta_blocks(handle, inode, goal, flags: 0,
2142	NULL, errp: &error);
2143	if (error)
2144	goto cleanup;
2145
2146	ea_idebug(inode, "creating block %llu",
2147	(unsigned long long)block);
2148
2149	new_bh = sb_getblk(sb, block);
2150	if (unlikely(!new_bh)) {
2151	error = -ENOMEM;
2152	getblk_failed:
2153	ext4_free_blocks(handle, inode, NULL, block, count: 1,
2154	EXT4_FREE_BLOCKS_METADATA);
2155	goto cleanup;
2156	}
2157	error = ext4_xattr_inode_inc_ref_all(handle, parent: inode,
2158	ENTRY(header(s->base)+1));
2159	if (error)
2160	goto getblk_failed;
2161
2162	lock_buffer(bh: new_bh);
2163	error = ext4_journal_get_create_access(handle, sb,
2164	new_bh, EXT4_JTR_NONE);
2165	if (error) {
2166	unlock_buffer(bh: new_bh);
2167	error = -EIO;
2168	goto getblk_failed;
2169	}
2170	memcpy(new_bh->b_data, s->base, new_bh->b_size);
2171	ext4_xattr_block_csum_set(inode, bh: new_bh);
2172	set_buffer_uptodate(new_bh);
2173	unlock_buffer(bh: new_bh);
2174	ext4_xattr_block_cache_insert(ea_block_cache, new_bh);
2175	error = ext4_handle_dirty_metadata(handle, inode,
2176	new_bh);
2177	if (error)
2178	goto cleanup;
2179	}
2180	}
2181
2182	if (old_ea_inode_quota)
2183	ext4_xattr_inode_free_quota(parent: inode, NULL, len: old_ea_inode_quota);
2184
2185	/* Update the inode. */
2186	EXT4_I(inode)->i_file_acl = new_bh ? new_bh->b_blocknr : 0;
2187
2188	/* Drop the previous xattr block. */
2189	if (bs->bh && bs->bh != new_bh) {
2190	struct ext4_xattr_inode_array *ea_inode_array = NULL;
2191
2192	ext4_xattr_release_block(handle, inode, bh: bs->bh,
2193	ea_inode_array: &ea_inode_array,
2194	extra_credits: 0 /* extra_credits */);
2195	ext4_xattr_inode_array_free(array: ea_inode_array);
2196	}
2197	error = 0;
2198
2199	cleanup:
2200	if (ea_inode) {
2201	int error2;
2202
2203	error2 = ext4_xattr_inode_dec_ref(handle, ea_inode);
2204	if (error2)
2205	ext4_warning_inode(ea_inode, "dec ref error=%d",
2206	error2);
2207
2208	/* If there was an error, revert the quota charge. */
2209	if (error)
2210	ext4_xattr_inode_free_quota(parent: inode, ea_inode,
2211	len: i_size_read(inode: ea_inode));
2212	iput(ea_inode);
2213	}
2214	if (ce)
2215	mb_cache_entry_put(cache: ea_block_cache, entry: ce);
2216	brelse(bh: new_bh);
2217	if (!(bs->bh && s->base == bs->bh->b_data))
2218	kfree(objp: s->base);
2219
2220	return error;
2221
2222	cleanup_dquot:
2223	dquot_free_block(inode, EXT4_C2B(EXT4_SB(sb), 1));
2224	goto cleanup;
2225
2226	bad_block:
2227	EXT4_ERROR_INODE(inode, "bad block %llu",
2228	EXT4_I(inode)->i_file_acl);
2229	goto cleanup;
2230
2231	#undef header
2232	}
2233
2234	int ext4_xattr_ibody_find(struct inode *inode, struct ext4_xattr_info *i,
2235	struct ext4_xattr_ibody_find *is)
2236	{
2237	struct ext4_xattr_ibody_header *header;
2238	struct ext4_inode *raw_inode;
2239	int error;
2240
2241	if (!EXT4_INODE_HAS_XATTR_SPACE(inode))
2242	return 0;
2243
2244	raw_inode = ext4_raw_inode(iloc: &is->iloc);
2245	header = IHDR(inode, raw_inode);
2246	is->s.base = is->s.first = IFIRST(header);
2247	is->s.here = is->s.first;
2248	is->s.end = (void *)raw_inode + EXT4_SB(sb: inode->i_sb)->s_inode_size;
2249	if (ext4_test_inode_state(inode, bit: EXT4_STATE_XATTR)) {
2250	error = xattr_check_inode(inode, header, is->s.end);
2251	if (error)
2252	return error;
2253	/* Find the named attribute. */
2254	error = xattr_find_entry(inode, pentry: &is->s.here, end: is->s.end,
2255	name_index: i->name_index, name: i->name, sorted: 0);
2256	if (error && error != -ENODATA)
2257	return error;
2258	is->s.not_found = error;
2259	}
2260	return 0;
2261	}
2262
2263	int ext4_xattr_ibody_set(handle_t *handle, struct inode *inode,
2264	struct ext4_xattr_info *i,
2265	struct ext4_xattr_ibody_find *is)
2266	{
2267	struct ext4_xattr_ibody_header *header;
2268	struct ext4_xattr_search *s = &is->s;
2269	int error;
2270
2271	if (!EXT4_INODE_HAS_XATTR_SPACE(inode))
2272	return -ENOSPC;
2273
2274	error = ext4_xattr_set_entry(i, s, handle, inode, is_block: false /* is_block */);
2275	if (error)
2276	return error;
2277	header = IHDR(inode, ext4_raw_inode(&is->iloc));
2278	if (!IS_LAST_ENTRY(s->first)) {
2279	header->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC);
2280	ext4_set_inode_state(inode, bit: EXT4_STATE_XATTR);
2281	} else {
2282	header->h_magic = cpu_to_le32(0);
2283	ext4_clear_inode_state(inode, bit: EXT4_STATE_XATTR);
2284	}
2285	return 0;
2286	}
2287
2288	static int ext4_xattr_value_same(struct ext4_xattr_search *s,
2289	struct ext4_xattr_info *i)
2290	{
2291	void *value;
2292
2293	/* When e_value_inum is set the value is stored externally. */
2294	if (s->here->e_value_inum)
2295	return 0;
2296	if (le32_to_cpu(s->here->e_value_size) != i->value_len)
2297	return 0;
2298	value = ((void *)s->base) + le16_to_cpu(s->here->e_value_offs);
2299	return !memcmp(p: value, q: i->value, size: i->value_len);
2300	}
2301
2302	static struct buffer_head *ext4_xattr_get_block(struct inode *inode)
2303	{
2304	struct buffer_head *bh;
2305	int error;
2306
2307	if (!EXT4_I(inode)->i_file_acl)
2308	return NULL;
2309	bh = ext4_sb_bread(sb: inode->i_sb, block: EXT4_I(inode)->i_file_acl, REQ_PRIO);
2310	if (IS_ERR(ptr: bh))
2311	return bh;
2312	error = ext4_xattr_check_block(inode, bh);
2313	if (error) {
2314	brelse(bh);
2315	return ERR_PTR(error);
2316	}
2317	return bh;
2318	}
2319
2320	/*
2321	* ext4_xattr_set_handle()
2322	*
2323	* Create, replace or remove an extended attribute for this inode. Value
2324	* is NULL to remove an existing extended attribute, and non-NULL to
2325	* either replace an existing extended attribute, or create a new extended
2326	* attribute. The flags XATTR_REPLACE and XATTR_CREATE
2327	* specify that an extended attribute must exist and must not exist
2328	* previous to the call, respectively.
2329	*
2330	* Returns 0, or a negative error number on failure.
2331	*/
2332	int
2333	ext4_xattr_set_handle(handle_t *handle, struct inode *inode, int name_index,
2334	const char *name, const void *value, size_t value_len,
2335	int flags)
2336	{
2337	struct ext4_xattr_info i = {
2338	.name_index = name_index,
2339	.name = name,
2340	.value = value,
2341	.value_len = value_len,
2342	.in_inode = 0,
2343	};
2344	struct ext4_xattr_ibody_find is = {
2345	.s = { .not_found = -ENODATA, },
2346	};
2347	struct ext4_xattr_block_find bs = {
2348	.s = { .not_found = -ENODATA, },
2349	};
2350	int no_expand;
2351	int error;
2352
2353	if (!name)
2354	return -EINVAL;
2355	if (strlen(name) > 255)
2356	return -ERANGE;
2357
2358	ext4_write_lock_xattr(inode, save: &no_expand);
2359
2360	/* Check journal credits under write lock. */
2361	if (ext4_handle_valid(handle)) {
2362	struct buffer_head *bh;
2363	int credits;
2364
2365	bh = ext4_xattr_get_block(inode);
2366	if (IS_ERR(ptr: bh)) {
2367	error = PTR_ERR(ptr: bh);
2368	goto cleanup;
2369	}
2370
2371	credits = __ext4_xattr_set_credits(sb: inode->i_sb, inode, block_bh: bh,
2372	value_len,
2373	is_create: flags & XATTR_CREATE);
2374	brelse(bh);
2375
2376	if (jbd2_handle_buffer_credits(handle) < credits) {
2377	error = -ENOSPC;
2378	goto cleanup;
2379	}
2380	WARN_ON_ONCE(!(current->flags & PF_MEMALLOC_NOFS));
2381	}
2382
2383	error = ext4_reserve_inode_write(handle, inode, iloc: &is.iloc);
2384	if (error)
2385	goto cleanup;
2386
2387	if (ext4_test_inode_state(inode, bit: EXT4_STATE_NEW)) {
2388	struct ext4_inode *raw_inode = ext4_raw_inode(iloc: &is.iloc);
2389	memset(raw_inode, 0, EXT4_SB(inode->i_sb)->s_inode_size);
2390	ext4_clear_inode_state(inode, bit: EXT4_STATE_NEW);
2391	}
2392
2393	error = ext4_xattr_ibody_find(inode, i: &i, is: &is);
2394	if (error)
2395	goto cleanup;
2396	if (is.s.not_found)
2397	error = ext4_xattr_block_find(inode, i: &i, bs: &bs);
2398	if (error)
2399	goto cleanup;
2400	if (is.s.not_found && bs.s.not_found) {
2401	error = -ENODATA;
2402	if (flags & XATTR_REPLACE)
2403	goto cleanup;
2404	error = 0;
2405	if (!value)
2406	goto cleanup;
2407	} else {
2408	error = -EEXIST;
2409	if (flags & XATTR_CREATE)
2410	goto cleanup;
2411	}
2412
2413	if (!value) {
2414	if (!is.s.not_found)
2415	error = ext4_xattr_ibody_set(handle, inode, i: &i, is: &is);
2416	else if (!bs.s.not_found)
2417	error = ext4_xattr_block_set(handle, inode, i: &i, bs: &bs);
2418	} else {
2419	error = 0;
2420	/* Xattr value did not change? Save us some work and bail out */
2421	if (!is.s.not_found && ext4_xattr_value_same(s: &is.s, i: &i))
2422	goto cleanup;
2423	if (!bs.s.not_found && ext4_xattr_value_same(s: &bs.s, i: &i))
2424	goto cleanup;
2425
2426	if (ext4_has_feature_ea_inode(sb: inode->i_sb) &&
2427	(EXT4_XATTR_SIZE(i.value_len) >
2428	EXT4_XATTR_MIN_LARGE_EA_SIZE(inode->i_sb->s_blocksize)))
2429	i.in_inode = 1;
2430	retry_inode:
2431	error = ext4_xattr_ibody_set(handle, inode, i: &i, is: &is);
2432	if (!error && !bs.s.not_found) {
2433	i.value = NULL;
2434	error = ext4_xattr_block_set(handle, inode, i: &i, bs: &bs);
2435	} else if (error == -ENOSPC) {
2436	if (EXT4_I(inode)->i_file_acl && !bs.s.base) {
2437	brelse(bh: bs.bh);
2438	bs.bh = NULL;
2439	error = ext4_xattr_block_find(inode, i: &i, bs: &bs);
2440	if (error)
2441	goto cleanup;
2442	}
2443	error = ext4_xattr_block_set(handle, inode, i: &i, bs: &bs);
2444	if (!error && !is.s.not_found) {
2445	i.value = NULL;
2446	error = ext4_xattr_ibody_set(handle, inode, i: &i,
2447	is: &is);
2448	} else if (error == -ENOSPC) {
2449	/*
2450	* Xattr does not fit in the block, store at
2451	* external inode if possible.
2452	*/
2453	if (ext4_has_feature_ea_inode(sb: inode->i_sb) &&
2454	i.value_len && !i.in_inode) {
2455	i.in_inode = 1;
2456	goto retry_inode;
2457	}
2458	}
2459	}
2460	}
2461	if (!error) {
2462	ext4_xattr_update_super_block(handle, sb: inode->i_sb);
2463	inode_set_ctime_current(inode);
2464	inode_inc_iversion(inode);
2465	if (!value)
2466	no_expand = 0;
2467	error = ext4_mark_iloc_dirty(handle, inode, iloc: &is.iloc);
2468	/*
2469	* The bh is consumed by ext4_mark_iloc_dirty, even with
2470	* error != 0.
2471	*/
2472	is.iloc.bh = NULL;
2473	if (IS_SYNC(inode))
2474	ext4_handle_sync(handle);
2475	}
2476	ext4_fc_mark_ineligible(sb: inode->i_sb, reason: EXT4_FC_REASON_XATTR, handle);
2477
2478	cleanup:
2479	brelse(bh: is.iloc.bh);
2480	brelse(bh: bs.bh);
2481	ext4_write_unlock_xattr(inode, save: &no_expand);
2482	return error;
2483	}
2484
2485	int ext4_xattr_set_credits(struct inode *inode, size_t value_len,
2486	bool is_create, int *credits)
2487	{
2488	struct buffer_head *bh;
2489	int err;
2490
2491	*credits = 0;
2492
2493	if (!EXT4_SB(sb: inode->i_sb)->s_journal)
2494	return 0;
2495
2496	down_read(sem: &EXT4_I(inode)->xattr_sem);
2497
2498	bh = ext4_xattr_get_block(inode);
2499	if (IS_ERR(ptr: bh)) {
2500	err = PTR_ERR(ptr: bh);
2501	} else {
2502	*credits = __ext4_xattr_set_credits(sb: inode->i_sb, inode, block_bh: bh,
2503	value_len, is_create);
2504	brelse(bh);
2505	err = 0;
2506	}
2507
2508	up_read(sem: &EXT4_I(inode)->xattr_sem);
2509	return err;
2510	}
2511
2512	/*
2513	* ext4_xattr_set()
2514	*
2515	* Like ext4_xattr_set_handle, but start from an inode. This extended
2516	* attribute modification is a filesystem transaction by itself.
2517	*
2518	* Returns 0, or a negative error number on failure.
2519	*/
2520	int
2521	ext4_xattr_set(struct inode *inode, int name_index, const char *name,
2522	const void *value, size_t value_len, int flags)
2523	{
2524	handle_t *handle;
2525	struct super_block *sb = inode->i_sb;
2526	int error, retries = 0;
2527	int credits;
2528
2529	error = dquot_initialize(inode);
2530	if (error)
2531	return error;
2532
2533	retry:
2534	error = ext4_xattr_set_credits(inode, value_len, is_create: flags & XATTR_CREATE,
2535	credits: &credits);
2536	if (error)
2537	return error;
2538
2539	handle = ext4_journal_start(inode, EXT4_HT_XATTR, credits);
2540	if (IS_ERR(ptr: handle)) {
2541	error = PTR_ERR(ptr: handle);
2542	} else {
2543	int error2;
2544
2545	error = ext4_xattr_set_handle(handle, inode, name_index, name,
2546	value, value_len, flags);
2547	error2 = ext4_journal_stop(handle);
2548	if (error == -ENOSPC &&
2549	ext4_should_retry_alloc(sb, retries: &retries))
2550	goto retry;
2551	if (error == 0)
2552	error = error2;
2553	}
2554	ext4_fc_mark_ineligible(sb: inode->i_sb, reason: EXT4_FC_REASON_XATTR, NULL);
2555
2556	return error;
2557	}
2558
2559	/*
2560	* Shift the EA entries in the inode to create space for the increased
2561	* i_extra_isize.
2562	*/
2563	static void ext4_xattr_shift_entries(struct ext4_xattr_entry *entry,
2564	int value_offs_shift, void *to,
2565	void *from, size_t n)
2566	{
2567	struct ext4_xattr_entry *last = entry;
2568	int new_offs;
2569
2570	/* We always shift xattr headers further thus offsets get lower */
2571	BUG_ON(value_offs_shift > 0);
2572
2573	/* Adjust the value offsets of the entries */
2574	for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) {
2575	if (!last->e_value_inum && last->e_value_size) {
2576	new_offs = le16_to_cpu(last->e_value_offs) +
2577	value_offs_shift;
2578	last->e_value_offs = cpu_to_le16(new_offs);
2579	}
2580	}
2581	/* Shift the entries by n bytes */
2582	memmove(to, from, n);
2583	}
2584
2585	/*
2586	* Move xattr pointed to by 'entry' from inode into external xattr block
2587	*/
2588	static int ext4_xattr_move_to_block(handle_t *handle, struct inode *inode,
2589	struct ext4_inode *raw_inode,
2590	struct ext4_xattr_entry *entry)
2591	{
2592	struct ext4_xattr_ibody_find *is = NULL;
2593	struct ext4_xattr_block_find *bs = NULL;
2594	char *buffer = NULL, *b_entry_name = NULL;
2595	size_t value_size = le32_to_cpu(entry->e_value_size);
2596	struct ext4_xattr_info i = {
2597	.value = NULL,
2598	.value_len = 0,
2599	.name_index = entry->e_name_index,
2600	.in_inode = !!entry->e_value_inum,
2601	};
2602	struct ext4_xattr_ibody_header *header = IHDR(inode, raw_inode);
2603	int needs_kvfree = 0;
2604	int error;
2605
2606	is = kzalloc(size: sizeof(struct ext4_xattr_ibody_find), GFP_NOFS);
2607	bs = kzalloc(size: sizeof(struct ext4_xattr_block_find), GFP_NOFS);
2608	b_entry_name = kmalloc(size: entry->e_name_len + 1, GFP_NOFS);
2609	if (!is || !bs || !b_entry_name) {
2610	error = -ENOMEM;
2611	goto out;
2612	}
2613
2614	is->s.not_found = -ENODATA;
2615	bs->s.not_found = -ENODATA;
2616	is->iloc.bh = NULL;
2617	bs->bh = NULL;
2618
2619	/* Save the entry name and the entry value */
2620	if (entry->e_value_inum) {
2621	buffer = kvmalloc(size: value_size, GFP_NOFS);
2622	if (!buffer) {
2623	error = -ENOMEM;
2624	goto out;
2625	}
2626	needs_kvfree = 1;
2627	error = ext4_xattr_inode_get(inode, entry, buffer, size: value_size);
2628	if (error)
2629	goto out;
2630	} else {
2631	size_t value_offs = le16_to_cpu(entry->e_value_offs);
2632	buffer = (void *)IFIRST(header) + value_offs;
2633	}
2634
2635	memcpy(b_entry_name, entry->e_name, entry->e_name_len);
2636	b_entry_name[entry->e_name_len] = '\0';
2637	i.name = b_entry_name;
2638
2639	error = ext4_get_inode_loc(inode, &is->iloc);
2640	if (error)
2641	goto out;
2642
2643	error = ext4_xattr_ibody_find(inode, i: &i, is);
2644	if (error)
2645	goto out;
2646
2647	i.value = buffer;
2648	i.value_len = value_size;
2649	error = ext4_xattr_block_find(inode, i: &i, bs);
2650	if (error)
2651	goto out;
2652
2653	/* Move ea entry from the inode into the block */
2654	error = ext4_xattr_block_set(handle, inode, i: &i, bs);
2655	if (error)
2656	goto out;
2657
2658	/* Remove the chosen entry from the inode */
2659	i.value = NULL;
2660	i.value_len = 0;
2661	error = ext4_xattr_ibody_set(handle, inode, i: &i, is);
2662
2663	out:
2664	kfree(objp: b_entry_name);
2665	if (needs_kvfree && buffer)
2666	kvfree(addr: buffer);
2667	if (is)
2668	brelse(bh: is->iloc.bh);
2669	if (bs)
2670	brelse(bh: bs->bh);
2671	kfree(objp: is);
2672	kfree(objp: bs);
2673
2674	return error;
2675	}
2676
2677	static int ext4_xattr_make_inode_space(handle_t *handle, struct inode *inode,
2678	struct ext4_inode *raw_inode,
2679	int isize_diff, size_t ifree,
2680	size_t bfree, int *total_ino)
2681	{
2682	struct ext4_xattr_ibody_header *header = IHDR(inode, raw_inode);
2683	struct ext4_xattr_entry *small_entry;
2684	struct ext4_xattr_entry *entry;
2685	struct ext4_xattr_entry *last;
2686	unsigned int entry_size; /* EA entry size */
2687	unsigned int total_size; /* EA entry size + value size */
2688	unsigned int min_total_size;
2689	int error;
2690
2691	while (isize_diff > ifree) {
2692	entry = NULL;
2693	small_entry = NULL;
2694	min_total_size = ~0U;
2695	last = IFIRST(header);
2696	/* Find the entry best suited to be pushed into EA block */
2697	for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) {
2698	/* never move system.data out of the inode */
2699	if ((last->e_name_len == 4) &&
2700	(last->e_name_index == EXT4_XATTR_INDEX_SYSTEM) &&
2701	!memcmp(p: last->e_name, q: "data", size: 4))
2702	continue;
2703	total_size = EXT4_XATTR_LEN(last->e_name_len);
2704	if (!last->e_value_inum)
2705	total_size += EXT4_XATTR_SIZE(
2706	le32_to_cpu(last->e_value_size));
2707	if (total_size <= bfree &&
2708	total_size < min_total_size) {
2709	if (total_size + ifree < isize_diff) {
2710	small_entry = last;
2711	} else {
2712	entry = last;
2713	min_total_size = total_size;
2714	}
2715	}
2716	}
2717
2718	if (entry == NULL) {
2719	if (small_entry == NULL)
2720	return -ENOSPC;
2721	entry = small_entry;
2722	}
2723
2724	entry_size = EXT4_XATTR_LEN(entry->e_name_len);
2725	total_size = entry_size;
2726	if (!entry->e_value_inum)
2727	total_size += EXT4_XATTR_SIZE(
2728	le32_to_cpu(entry->e_value_size));
2729	error = ext4_xattr_move_to_block(handle, inode, raw_inode,
2730	entry);
2731	if (error)
2732	return error;
2733
2734	*total_ino -= entry_size;
2735	ifree += total_size;
2736	bfree -= total_size;
2737	}
2738
2739	return 0;
2740	}
2741
2742	/*
2743	* Expand an inode by new_extra_isize bytes when EAs are present.
2744	* Returns 0 on success or negative error number on failure.
2745	*/
2746	int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
2747	struct ext4_inode *raw_inode, handle_t *handle)
2748	{
2749	struct ext4_xattr_ibody_header *header;
2750	struct ext4_sb_info *sbi = EXT4_SB(sb: inode->i_sb);
2751	static unsigned int mnt_count;
2752	size_t min_offs;
2753	size_t ifree, bfree;
2754	int total_ino;
2755	void *base, *end;
2756	int error = 0, tried_min_extra_isize = 0;
2757	int s_min_extra_isize = le16_to_cpu(sbi->s_es->s_min_extra_isize);
2758	int isize_diff; /* How much do we need to grow i_extra_isize */
2759
2760	retry:
2761	isize_diff = new_extra_isize - EXT4_I(inode)->i_extra_isize;
2762	if (EXT4_I(inode)->i_extra_isize >= new_extra_isize)
2763	return 0;
2764
2765	header = IHDR(inode, raw_inode);
2766
2767	/*
2768	* Check if enough free space is available in the inode to shift the
2769	* entries ahead by new_extra_isize.
2770	*/
2771
2772	base = IFIRST(header);
2773	end = (void *)raw_inode + EXT4_SB(sb: inode->i_sb)->s_inode_size;
2774	min_offs = end - base;
2775	total_ino = sizeof(struct ext4_xattr_ibody_header) + sizeof(u32);
2776
2777	error = xattr_check_inode(inode, header, end);
2778	if (error)
2779	goto cleanup;
2780
2781	ifree = ext4_xattr_free_space(last: base, min_offs: &min_offs, base, total: &total_ino);
2782	if (ifree >= isize_diff)
2783	goto shift;
2784
2785	/*
2786	* Enough free space isn't available in the inode, check if
2787	* EA block can hold new_extra_isize bytes.
2788	*/
2789	if (EXT4_I(inode)->i_file_acl) {
2790	struct buffer_head *bh;
2791
2792	bh = ext4_sb_bread(sb: inode->i_sb, block: EXT4_I(inode)->i_file_acl, REQ_PRIO);
2793	if (IS_ERR(ptr: bh)) {
2794	error = PTR_ERR(ptr: bh);
2795	goto cleanup;
2796	}
2797	error = ext4_xattr_check_block(inode, bh);
2798	if (error) {
2799	brelse(bh);
2800	goto cleanup;
2801	}
2802	base = BHDR(bh);
2803	end = bh->b_data + bh->b_size;
2804	min_offs = end - base;
2805	bfree = ext4_xattr_free_space(BFIRST(bh), min_offs: &min_offs, base,
2806	NULL);
2807	brelse(bh);
2808	if (bfree + ifree < isize_diff) {
2809	if (!tried_min_extra_isize && s_min_extra_isize) {
2810	tried_min_extra_isize++;
2811	new_extra_isize = s_min_extra_isize;
2812	goto retry;
2813	}
2814	error = -ENOSPC;
2815	goto cleanup;
2816	}
2817	} else {
2818	bfree = inode->i_sb->s_blocksize;
2819	}
2820
2821	error = ext4_xattr_make_inode_space(handle, inode, raw_inode,
2822	isize_diff, ifree, bfree,
2823	total_ino: &total_ino);
2824	if (error) {
2825	if (error == -ENOSPC && !tried_min_extra_isize &&
2826	s_min_extra_isize) {
2827	tried_min_extra_isize++;
2828	new_extra_isize = s_min_extra_isize;
2829	goto retry;
2830	}
2831	goto cleanup;
2832	}
2833	shift:
2834	/* Adjust the offsets and shift the remaining entries ahead */
2835	ext4_xattr_shift_entries(IFIRST(header), value_offs_shift: EXT4_I(inode)->i_extra_isize
2836	- new_extra_isize, to: (void *)raw_inode +
2837	EXT4_GOOD_OLD_INODE_SIZE + new_extra_isize,
2838	from: (void *)header, n: total_ino);
2839	EXT4_I(inode)->i_extra_isize = new_extra_isize;
2840
2841	if (ext4_has_inline_data(inode))
2842	error = ext4_find_inline_data_nolock(inode);
2843
2844	cleanup:
2845	if (error && (mnt_count != le16_to_cpu(sbi->s_es->s_mnt_count))) {
2846	ext4_warning(inode->i_sb, "Unable to expand inode %lu. Delete some EAs or run e2fsck.",
2847	inode->i_ino);
2848	mnt_count = le16_to_cpu(sbi->s_es->s_mnt_count);
2849	}
2850	return error;
2851	}
2852
2853	#define EIA_INCR 16 /* must be 2^n */
2854	#define EIA_MASK (EIA_INCR - 1)
2855
2856	/* Add the large xattr @inode into @ea_inode_array for deferred iput().
2857	* If @ea_inode_array is new or full it will be grown and the old
2858	* contents copied over.
2859	*/
2860	static int
2861	ext4_expand_inode_array(struct ext4_xattr_inode_array **ea_inode_array,
2862	struct inode *inode)
2863	{
2864	if (*ea_inode_array == NULL) {
2865	/*
2866	* Start with 15 inodes, so it fits into a power-of-two size.
2867	* If *ea_inode_array is NULL, this is essentially offsetof()
2868	*/
2869	(*ea_inode_array) =
2870	kmalloc(offsetof(struct ext4_xattr_inode_array,
2871	inodes[EIA_MASK]),
2872	GFP_NOFS);
2873	if (*ea_inode_array == NULL)
2874	return -ENOMEM;
2875	(*ea_inode_array)->count = 0;
2876	} else if (((*ea_inode_array)->count & EIA_MASK) == EIA_MASK) {
2877	/* expand the array once all 15 + n * 16 slots are full */
2878	struct ext4_xattr_inode_array *new_array = NULL;
2879	int count = (*ea_inode_array)->count;
2880
2881	/* if new_array is NULL, this is essentially offsetof() */
2882	new_array = kmalloc(
2883	offsetof(struct ext4_xattr_inode_array,
2884	inodes[count + EIA_INCR]),
2885	GFP_NOFS);
2886	if (new_array == NULL)
2887	return -ENOMEM;
2888	memcpy(new_array, *ea_inode_array,
2889	offsetof(struct ext4_xattr_inode_array, inodes[count]));
2890	kfree(objp: *ea_inode_array);
2891	*ea_inode_array = new_array;
2892	}
2893	(*ea_inode_array)->inodes[(*ea_inode_array)->count++] = inode;
2894	return 0;
2895	}
2896
2897	/*
2898	* ext4_xattr_delete_inode()
2899	*
2900	* Free extended attribute resources associated with this inode. Traverse
2901	* all entries and decrement reference on any xattr inodes associated with this
2902	* inode. This is called immediately before an inode is freed. We have exclusive
2903	* access to the inode. If an orphan inode is deleted it will also release its
2904	* references on xattr block and xattr inodes.
2905	*/
2906	int ext4_xattr_delete_inode(handle_t *handle, struct inode *inode,
2907	struct ext4_xattr_inode_array **ea_inode_array,
2908	int extra_credits)
2909	{
2910	struct buffer_head *bh = NULL;
2911	struct ext4_xattr_ibody_header *header;
2912	struct ext4_iloc iloc = { .bh = NULL };
2913	struct ext4_xattr_entry *entry;
2914	struct inode *ea_inode;
2915	int error;
2916
2917	error = ext4_journal_ensure_credits(handle, credits: extra_credits,
2918	revoke_creds: ext4_free_metadata_revoke_credits(sb: inode->i_sb, blocks: 1));
2919	if (error < 0) {
2920	EXT4_ERROR_INODE(inode, "ensure credits (error %d)", error);
2921	goto cleanup;
2922	}
2923
2924	if (ext4_has_feature_ea_inode(sb: inode->i_sb) &&
2925	ext4_test_inode_state(inode, bit: EXT4_STATE_XATTR)) {
2926
2927	error = ext4_get_inode_loc(inode, &iloc);
2928	if (error) {
2929	EXT4_ERROR_INODE(inode, "inode loc (error %d)", error);
2930	goto cleanup;
2931	}
2932
2933	error = ext4_journal_get_write_access(handle, inode->i_sb,
2934	iloc.bh, EXT4_JTR_NONE);
2935	if (error) {
2936	EXT4_ERROR_INODE(inode, "write access (error %d)",
2937	error);
2938	goto cleanup;
2939	}
2940
2941	header = IHDR(inode, ext4_raw_inode(&iloc));
2942	if (header->h_magic == cpu_to_le32(EXT4_XATTR_MAGIC))
2943	ext4_xattr_inode_dec_ref_all(handle, parent: inode, bh: iloc.bh,
2944	IFIRST(header),
2945	block_csum: false /* block_csum */,
2946	ea_inode_array,
2947	extra_credits,
2948	skip_quota: false /* skip_quota */);
2949	}
2950
2951	if (EXT4_I(inode)->i_file_acl) {
2952	bh = ext4_sb_bread(sb: inode->i_sb, block: EXT4_I(inode)->i_file_acl, REQ_PRIO);
2953	if (IS_ERR(ptr: bh)) {
2954	error = PTR_ERR(ptr: bh);
2955	if (error == -EIO) {
2956	EXT4_ERROR_INODE_ERR(inode, EIO,
2957	"block %llu read error",
2958	EXT4_I(inode)->i_file_acl);
2959	}
2960	bh = NULL;
2961	goto cleanup;
2962	}
2963	error = ext4_xattr_check_block(inode, bh);
2964	if (error)
2965	goto cleanup;
2966
2967	if (ext4_has_feature_ea_inode(sb: inode->i_sb)) {
2968	for (entry = BFIRST(bh); !IS_LAST_ENTRY(entry);
2969	entry = EXT4_XATTR_NEXT(entry)) {
2970	if (!entry->e_value_inum)
2971	continue;
2972	error = ext4_xattr_inode_iget(parent: inode,
2973	le32_to_cpu(entry->e_value_inum),
2974	le32_to_cpu(entry->e_hash),
2975	ea_inode: &ea_inode);
2976	if (error)
2977	continue;
2978	ext4_xattr_inode_free_quota(parent: inode, ea_inode,
2979	le32_to_cpu(entry->e_value_size));
2980	iput(ea_inode);
2981	}
2982
2983	}
2984
2985	ext4_xattr_release_block(handle, inode, bh, ea_inode_array,
2986	extra_credits);
2987	/*
2988	* Update i_file_acl value in the same transaction that releases
2989	* block.
2990	*/
2991	EXT4_I(inode)->i_file_acl = 0;
2992	error = ext4_mark_inode_dirty(handle, inode);
2993	if (error) {
2994	EXT4_ERROR_INODE(inode, "mark inode dirty (error %d)",
2995	error);
2996	goto cleanup;
2997	}
2998	ext4_fc_mark_ineligible(sb: inode->i_sb, reason: EXT4_FC_REASON_XATTR, handle);
2999	}
3000	error = 0;
3001	cleanup:
3002	brelse(bh: iloc.bh);
3003	brelse(bh);
3004	return error;
3005	}
3006
3007	void ext4_xattr_inode_array_free(struct ext4_xattr_inode_array *ea_inode_array)
3008	{
3009	int idx;
3010
3011	if (ea_inode_array == NULL)
3012	return;
3013
3014	for (idx = 0; idx < ea_inode_array->count; ++idx)
3015	iput(ea_inode_array->inodes[idx]);
3016	kfree(objp: ea_inode_array);
3017	}
3018
3019	/*
3020	* ext4_xattr_block_cache_insert()
3021	*
3022	* Create a new entry in the extended attribute block cache, and insert
3023	* it unless such an entry is already in the cache.
3024	*
3025	* Returns 0, or a negative error number on failure.
3026	*/
3027	static void
3028	ext4_xattr_block_cache_insert(struct mb_cache *ea_block_cache,
3029	struct buffer_head *bh)
3030	{
3031	struct ext4_xattr_header *header = BHDR(bh);
3032	__u32 hash = le32_to_cpu(header->h_hash);
3033	int reusable = le32_to_cpu(header->h_refcount) <
3034	EXT4_XATTR_REFCOUNT_MAX;
3035	int error;
3036
3037	if (!ea_block_cache)
3038	return;
3039	error = mb_cache_entry_create(cache: ea_block_cache, GFP_NOFS, key: hash,
3040	value: bh->b_blocknr, reusable);
3041	if (error) {
3042	if (error == -EBUSY)
3043	ea_bdebug(bh, "already in cache");
3044	} else
3045	ea_bdebug(bh, "inserting [%x]", (int)hash);
3046	}
3047
3048	/*
3049	* ext4_xattr_cmp()
3050	*
3051	* Compare two extended attribute blocks for equality.
3052	*
3053	* Returns 0 if the blocks are equal, 1 if they differ, and
3054	* a negative error number on errors.
3055	*/
3056	static int
3057	ext4_xattr_cmp(struct ext4_xattr_header *header1,
3058	struct ext4_xattr_header *header2)
3059	{
3060	struct ext4_xattr_entry *entry1, *entry2;
3061
3062	entry1 = ENTRY(header1+1);
3063	entry2 = ENTRY(header2+1);
3064	while (!IS_LAST_ENTRY(entry1)) {
3065	if (IS_LAST_ENTRY(entry2))
3066	return 1;
3067	if (entry1->e_hash != entry2->e_hash ||
3068	entry1->e_name_index != entry2->e_name_index ||
3069	entry1->e_name_len != entry2->e_name_len ||
3070	entry1->e_value_size != entry2->e_value_size ||
3071	entry1->e_value_inum != entry2->e_value_inum ||
3072	memcmp(p: entry1->e_name, q: entry2->e_name, size: entry1->e_name_len))
3073	return 1;
3074	if (!entry1->e_value_inum &&
3075	memcmp(p: (char *)header1 + le16_to_cpu(entry1->e_value_offs),
3076	q: (char *)header2 + le16_to_cpu(entry2->e_value_offs),
3077	le32_to_cpu(entry1->e_value_size)))
3078	return 1;
3079
3080	entry1 = EXT4_XATTR_NEXT(entry1);
3081	entry2 = EXT4_XATTR_NEXT(entry2);
3082	}
3083	if (!IS_LAST_ENTRY(entry2))
3084	return 1;
3085	return 0;
3086	}
3087
3088	/*
3089	* ext4_xattr_block_cache_find()
3090	*
3091	* Find an identical extended attribute block.
3092	*
3093	* Returns a pointer to the block found, or NULL if such a block was
3094	* not found or an error occurred.
3095	*/
3096	static struct buffer_head *
3097	ext4_xattr_block_cache_find(struct inode *inode,
3098	struct ext4_xattr_header *header,
3099	struct mb_cache_entry **pce)
3100	{
3101	__u32 hash = le32_to_cpu(header->h_hash);
3102	struct mb_cache_entry *ce;
3103	struct mb_cache *ea_block_cache = EA_BLOCK_CACHE(inode);
3104
3105	if (!ea_block_cache)
3106	return NULL;
3107	if (!header->h_hash)
3108	return NULL; /* never share */
3109	ea_idebug(inode, "looking for cached blocks [%x]", (int)hash);
3110	ce = mb_cache_entry_find_first(cache: ea_block_cache, key: hash);
3111	while (ce) {
3112	struct buffer_head *bh;
3113
3114	bh = ext4_sb_bread(sb: inode->i_sb, block: ce->e_value, REQ_PRIO);
3115	if (IS_ERR(ptr: bh)) {
3116	if (PTR_ERR(ptr: bh) == -ENOMEM)
3117	return NULL;
3118	bh = NULL;
3119	EXT4_ERROR_INODE(inode, "block %lu read error",
3120	(unsigned long)ce->e_value);
3121	} else if (ext4_xattr_cmp(header1: header, BHDR(bh)) == 0) {
3122	*pce = ce;
3123	return bh;
3124	}
3125	brelse(bh);
3126	ce = mb_cache_entry_find_next(cache: ea_block_cache, entry: ce);
3127	}
3128	return NULL;
3129	}
3130
3131	#define NAME_HASH_SHIFT 5
3132	#define VALUE_HASH_SHIFT 16
3133
3134	/*
3135	* ext4_xattr_hash_entry()
3136	*
3137	* Compute the hash of an extended attribute.
3138	*/
3139	static __le32 ext4_xattr_hash_entry(char *name, size_t name_len, __le32 *value,
3140	size_t value_count)
3141	{
3142	__u32 hash = 0;
3143
3144	while (name_len--) {
3145	hash = (hash << NAME_HASH_SHIFT) ^
3146	(hash >> (8*sizeof(hash) - NAME_HASH_SHIFT)) ^
3147	(unsigned char)*name++;
3148	}
3149	while (value_count--) {
3150	hash = (hash << VALUE_HASH_SHIFT) ^
3151	(hash >> (8*sizeof(hash) - VALUE_HASH_SHIFT)) ^
3152	le32_to_cpu(*value++);
3153	}
3154	return cpu_to_le32(hash);
3155	}
3156
3157	/*
3158	* ext4_xattr_hash_entry_signed()
3159	*
3160	* Compute the hash of an extended attribute incorrectly.
3161	*/
3162	static __le32 ext4_xattr_hash_entry_signed(char *name, size_t name_len, __le32 *value, size_t value_count)
3163	{
3164	__u32 hash = 0;
3165
3166	while (name_len--) {
3167	hash = (hash << NAME_HASH_SHIFT) ^
3168	(hash >> (8*sizeof(hash) - NAME_HASH_SHIFT)) ^
3169	(signed char)*name++;
3170	}
3171	while (value_count--) {
3172	hash = (hash << VALUE_HASH_SHIFT) ^
3173	(hash >> (8*sizeof(hash) - VALUE_HASH_SHIFT)) ^
3174	le32_to_cpu(*value++);
3175	}
3176	return cpu_to_le32(hash);
3177	}
3178
3179	#undef NAME_HASH_SHIFT
3180	#undef VALUE_HASH_SHIFT
3181
3182	#define BLOCK_HASH_SHIFT 16
3183
3184	/*
3185	* ext4_xattr_rehash()
3186	*
3187	* Re-compute the extended attribute hash value after an entry has changed.
3188	*/
3189	static void ext4_xattr_rehash(struct ext4_xattr_header *header)
3190	{
3191	struct ext4_xattr_entry *here;
3192	__u32 hash = 0;
3193
3194	here = ENTRY(header+1);
3195	while (!IS_LAST_ENTRY(here)) {
3196	if (!here->e_hash) {
3197	/* Block is not shared if an entry's hash value == 0 */
3198	hash = 0;
3199	break;
3200	}
3201	hash = (hash << BLOCK_HASH_SHIFT) ^
3202	(hash >> (8*sizeof(hash) - BLOCK_HASH_SHIFT)) ^
3203	le32_to_cpu(here->e_hash);
3204	here = EXT4_XATTR_NEXT(here);
3205	}
3206	header->h_hash = cpu_to_le32(hash);
3207	}
3208
3209	#undef BLOCK_HASH_SHIFT
3210
3211	#define HASH_BUCKET_BITS 10
3212
3213	struct mb_cache *
3214	ext4_xattr_create_cache(void)
3215	{
3216	return mb_cache_create(HASH_BUCKET_BITS);
3217	}
3218
3219	void ext4_xattr_destroy_cache(struct mb_cache *cache)
3220	{
3221	if (cache)
3222	mb_cache_destroy(cache);
3223	}
3224
3225