1 // SPDX-License-Identifier: GPL-2.0-only
5 Extended attribute handling.
7 Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
8 Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
9 Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
12 #include <linux/slab.h>
13 #include <linux/file.h>
14 #include <linux/xattr.h>
15 #include <linux/mount.h>
16 #include <linux/namei.h>
17 #include <linux/security.h>
18 #include <linux/evm.h>
19 #include <linux/syscalls.h>
20 #include <linux/export.h>
21 #include <linux/fsnotify.h>
22 #include <linux/audit.h>
23 #include <linux/vmalloc.h>
24 #include <linux/posix_acl_xattr.h>
26 #include <linux/uaccess.h>
31 strcmp_prefix(const char *a, const char *a_prefix)
33 while (*a_prefix && *a == *a_prefix) {
37 return *a_prefix ? NULL : a;
41 * In order to implement different sets of xattr operations for each xattr
42 * prefix, a filesystem should create a null-terminated array of struct
43 * xattr_handler (one for each prefix) and hang a pointer to it off of the
44 * s_xattr field of the superblock.
46 #define for_each_xattr_handler(handlers, handler) \
48 for ((handler) = *(handlers)++; \
50 (handler) = *(handlers)++)
53 * Find the xattr_handler with the matching prefix.
55 static const struct xattr_handler *
56 xattr_resolve_name(struct inode *inode, const char **name)
58 const struct xattr_handler **handlers = inode->i_sb->s_xattr;
59 const struct xattr_handler *handler;
61 if (!(inode->i_opflags & IOP_XATTR)) {
62 if (unlikely(is_bad_inode(inode)))
64 return ERR_PTR(-EOPNOTSUPP);
66 for_each_xattr_handler(handlers, handler) {
69 n = strcmp_prefix(*name, xattr_prefix(handler));
71 if (!handler->prefix ^ !*n) {
74 return ERR_PTR(-EINVAL);
80 return ERR_PTR(-EOPNOTSUPP);
84 * Check permissions for extended attribute access. This is a bit complicated
85 * because different namespaces have very different rules.
88 xattr_permission(struct user_namespace *mnt_userns, struct inode *inode,
89 const char *name, int mask)
92 * We can never set or remove an extended attribute on a read-only
93 * filesystem or on an immutable / append-only inode.
95 if (mask & MAY_WRITE) {
96 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
99 * Updating an xattr will likely cause i_uid and i_gid
100 * to be writen back improperly if their true value is
101 * unknown to the vfs.
103 if (HAS_UNMAPPED_ID(mnt_userns, inode))
108 * No restriction for security.* and system.* from the VFS. Decision
109 * on these is left to the underlying filesystem / security module.
111 if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
112 !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
116 * The trusted.* namespace can only be accessed by privileged users.
118 if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
119 if (!capable(CAP_SYS_ADMIN))
120 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
125 * In the user.* namespace, only regular files and directories can have
126 * extended attributes. For sticky directories, only the owner and
127 * privileged users can write attributes.
129 if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
130 if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
131 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
132 if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
133 (mask & MAY_WRITE) &&
134 !inode_owner_or_capable(mnt_userns, inode))
138 return inode_permission(mnt_userns, inode, mask);
142 * Look for any handler that deals with the specified namespace.
145 xattr_supported_namespace(struct inode *inode, const char *prefix)
147 const struct xattr_handler **handlers = inode->i_sb->s_xattr;
148 const struct xattr_handler *handler;
151 if (!(inode->i_opflags & IOP_XATTR)) {
152 if (unlikely(is_bad_inode(inode)))
157 preflen = strlen(prefix);
159 for_each_xattr_handler(handlers, handler) {
160 if (!strncmp(xattr_prefix(handler), prefix, preflen))
166 EXPORT_SYMBOL(xattr_supported_namespace);
169 __vfs_setxattr(struct user_namespace *mnt_userns, struct dentry *dentry,
170 struct inode *inode, const char *name, const void *value,
171 size_t size, int flags)
173 const struct xattr_handler *handler;
175 handler = xattr_resolve_name(inode, &name);
177 return PTR_ERR(handler);
181 value = ""; /* empty EA, do not remove */
182 return handler->set(handler, mnt_userns, dentry, inode, name, value,
185 EXPORT_SYMBOL(__vfs_setxattr);
188 * __vfs_setxattr_noperm - perform setxattr operation without performing
191 * @mnt_userns: user namespace of the mount the inode was found from
192 * @dentry: object to perform setxattr on
193 * @name: xattr name to set
194 * @value: value to set @name to
195 * @size: size of @value
196 * @flags: flags to pass into filesystem operations
198 * returns the result of the internal setxattr or setsecurity operations.
200 * This function requires the caller to lock the inode's i_mutex before it
201 * is executed. It also assumes that the caller will make the appropriate
204 int __vfs_setxattr_noperm(struct user_namespace *mnt_userns,
205 struct dentry *dentry, const char *name,
206 const void *value, size_t size, int flags)
208 struct inode *inode = dentry->d_inode;
210 int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
211 XATTR_SECURITY_PREFIX_LEN);
214 inode->i_flags &= ~S_NOSEC;
215 if (inode->i_opflags & IOP_XATTR) {
216 error = __vfs_setxattr(mnt_userns, dentry, inode, name, value,
219 fsnotify_xattr(dentry);
220 security_inode_post_setxattr(dentry, name, value,
224 if (unlikely(is_bad_inode(inode)))
227 if (error == -EAGAIN) {
231 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
233 error = security_inode_setsecurity(inode, suffix, value,
236 fsnotify_xattr(dentry);
244 * __vfs_setxattr_locked - set an extended attribute while holding the inode
247 * @mnt_userns: user namespace of the mount of the target inode
248 * @dentry: object to perform setxattr on
249 * @name: xattr name to set
250 * @value: value to set @name to
251 * @size: size of @value
252 * @flags: flags to pass into filesystem operations
253 * @delegated_inode: on return, will contain an inode pointer that
254 * a delegation was broken on, NULL if none.
257 __vfs_setxattr_locked(struct user_namespace *mnt_userns, struct dentry *dentry,
258 const char *name, const void *value, size_t size,
259 int flags, struct inode **delegated_inode)
261 struct inode *inode = dentry->d_inode;
264 error = xattr_permission(mnt_userns, inode, name, MAY_WRITE);
268 error = security_inode_setxattr(mnt_userns, dentry, name, value, size,
273 error = try_break_deleg(inode, delegated_inode);
277 error = __vfs_setxattr_noperm(mnt_userns, dentry, name, value,
283 EXPORT_SYMBOL_GPL(__vfs_setxattr_locked);
286 vfs_setxattr(struct user_namespace *mnt_userns, struct dentry *dentry,
287 const char *name, const void *value, size_t size, int flags)
289 struct inode *inode = dentry->d_inode;
290 struct inode *delegated_inode = NULL;
291 const void *orig_value = value;
294 if (size && strcmp(name, XATTR_NAME_CAPS) == 0) {
295 error = cap_convert_nscap(mnt_userns, dentry, &value, size);
303 error = __vfs_setxattr_locked(mnt_userns, dentry, name, value, size,
304 flags, &delegated_inode);
307 if (delegated_inode) {
308 error = break_deleg_wait(&delegated_inode);
312 if (value != orig_value)
317 EXPORT_SYMBOL_GPL(vfs_setxattr);
320 xattr_getsecurity(struct user_namespace *mnt_userns, struct inode *inode,
321 const char *name, void *value, size_t size)
326 if (!value || !size) {
327 len = security_inode_getsecurity(mnt_userns, inode, name,
332 len = security_inode_getsecurity(mnt_userns, inode, name, &buffer,
340 memcpy(value, buffer, len);
348 * vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr
350 * Allocate memory, if not already allocated, or re-allocate correct size,
351 * before retrieving the extended attribute.
353 * Returns the result of alloc, if failed, or the getxattr operation.
356 vfs_getxattr_alloc(struct user_namespace *mnt_userns, struct dentry *dentry,
357 const char *name, char **xattr_value, size_t xattr_size,
360 const struct xattr_handler *handler;
361 struct inode *inode = dentry->d_inode;
362 char *value = *xattr_value;
365 error = xattr_permission(mnt_userns, inode, name, MAY_READ);
369 handler = xattr_resolve_name(inode, &name);
371 return PTR_ERR(handler);
374 error = handler->get(handler, dentry, inode, name, NULL, 0);
378 if (!value || (error > xattr_size)) {
379 value = krealloc(*xattr_value, error + 1, flags);
382 memset(value, 0, error + 1);
385 error = handler->get(handler, dentry, inode, name, value, error);
386 *xattr_value = value;
391 __vfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name,
392 void *value, size_t size)
394 const struct xattr_handler *handler;
396 handler = xattr_resolve_name(inode, &name);
398 return PTR_ERR(handler);
401 return handler->get(handler, dentry, inode, name, value, size);
403 EXPORT_SYMBOL(__vfs_getxattr);
406 vfs_getxattr(struct user_namespace *mnt_userns, struct dentry *dentry,
407 const char *name, void *value, size_t size)
409 struct inode *inode = dentry->d_inode;
412 error = xattr_permission(mnt_userns, inode, name, MAY_READ);
416 error = security_inode_getxattr(dentry, name);
420 if (!strncmp(name, XATTR_SECURITY_PREFIX,
421 XATTR_SECURITY_PREFIX_LEN)) {
422 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
423 int ret = xattr_getsecurity(mnt_userns, inode, suffix, value,
426 * Only overwrite the return value if a security module
427 * is actually active.
429 if (ret == -EOPNOTSUPP)
434 return __vfs_getxattr(dentry, inode, name, value, size);
436 EXPORT_SYMBOL_GPL(vfs_getxattr);
439 vfs_listxattr(struct dentry *dentry, char *list, size_t size)
441 struct inode *inode = d_inode(dentry);
444 error = security_inode_listxattr(dentry);
447 if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) {
448 error = inode->i_op->listxattr(dentry, list, size);
450 error = security_inode_listsecurity(inode, list, size);
451 if (size && error > size)
456 EXPORT_SYMBOL_GPL(vfs_listxattr);
459 __vfs_removexattr(struct user_namespace *mnt_userns, struct dentry *dentry,
462 struct inode *inode = d_inode(dentry);
463 const struct xattr_handler *handler;
465 handler = xattr_resolve_name(inode, &name);
467 return PTR_ERR(handler);
470 return handler->set(handler, mnt_userns, dentry, inode, name, NULL, 0,
473 EXPORT_SYMBOL(__vfs_removexattr);
476 * __vfs_removexattr_locked - set an extended attribute while holding the inode
479 * @mnt_userns: user namespace of the mount of the target inode
480 * @dentry: object to perform setxattr on
481 * @name: name of xattr to remove
482 * @delegated_inode: on return, will contain an inode pointer that
483 * a delegation was broken on, NULL if none.
486 __vfs_removexattr_locked(struct user_namespace *mnt_userns,
487 struct dentry *dentry, const char *name,
488 struct inode **delegated_inode)
490 struct inode *inode = dentry->d_inode;
493 error = xattr_permission(mnt_userns, inode, name, MAY_WRITE);
497 error = security_inode_removexattr(mnt_userns, dentry, name);
501 error = try_break_deleg(inode, delegated_inode);
505 error = __vfs_removexattr(mnt_userns, dentry, name);
508 fsnotify_xattr(dentry);
509 evm_inode_post_removexattr(dentry, name);
515 EXPORT_SYMBOL_GPL(__vfs_removexattr_locked);
518 vfs_removexattr(struct user_namespace *mnt_userns, struct dentry *dentry,
521 struct inode *inode = dentry->d_inode;
522 struct inode *delegated_inode = NULL;
527 error = __vfs_removexattr_locked(mnt_userns, dentry,
528 name, &delegated_inode);
531 if (delegated_inode) {
532 error = break_deleg_wait(&delegated_inode);
539 EXPORT_SYMBOL_GPL(vfs_removexattr);
542 * Extended attribute SET operations
545 int setxattr_copy(const char __user *name, struct xattr_ctx *ctx)
549 if (ctx->flags & ~(XATTR_CREATE|XATTR_REPLACE))
552 error = strncpy_from_user(ctx->kname->name, name,
553 sizeof(ctx->kname->name));
554 if (error == 0 || error == sizeof(ctx->kname->name))
561 if (ctx->size > XATTR_SIZE_MAX)
564 ctx->kvalue = vmemdup_user(ctx->cvalue, ctx->size);
565 if (IS_ERR(ctx->kvalue)) {
566 error = PTR_ERR(ctx->kvalue);
574 static void setxattr_convert(struct user_namespace *mnt_userns,
575 struct dentry *d, struct xattr_ctx *ctx)
578 ((strcmp(ctx->kname->name, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
579 (strcmp(ctx->kname->name, XATTR_NAME_POSIX_ACL_DEFAULT) == 0)))
580 posix_acl_fix_xattr_from_user(mnt_userns, d_inode(d),
581 ctx->kvalue, ctx->size);
584 int do_setxattr(struct user_namespace *mnt_userns, struct dentry *dentry,
585 struct xattr_ctx *ctx)
587 setxattr_convert(mnt_userns, dentry, ctx);
588 return vfs_setxattr(mnt_userns, dentry, ctx->kname->name,
589 ctx->kvalue, ctx->size, ctx->flags);
593 setxattr(struct user_namespace *mnt_userns, struct dentry *d,
594 const char __user *name, const void __user *value, size_t size,
597 struct xattr_name kname;
598 struct xattr_ctx ctx = {
607 error = setxattr_copy(name, &ctx);
611 error = do_setxattr(mnt_userns, d, &ctx);
617 static int path_setxattr(const char __user *pathname,
618 const char __user *name, const void __user *value,
619 size_t size, int flags, unsigned int lookup_flags)
625 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
628 error = mnt_want_write(path.mnt);
630 error = setxattr(mnt_user_ns(path.mnt), path.dentry, name,
632 mnt_drop_write(path.mnt);
635 if (retry_estale(error, lookup_flags)) {
636 lookup_flags |= LOOKUP_REVAL;
642 SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
643 const char __user *, name, const void __user *, value,
644 size_t, size, int, flags)
646 return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW);
649 SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
650 const char __user *, name, const void __user *, value,
651 size_t, size, int, flags)
653 return path_setxattr(pathname, name, value, size, flags, 0);
656 SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
657 const void __user *,value, size_t, size, int, flags)
659 struct fd f = fdget(fd);
665 error = mnt_want_write_file(f.file);
667 error = setxattr(file_mnt_user_ns(f.file),
668 f.file->f_path.dentry, name,
670 mnt_drop_write_file(f.file);
677 * Extended attribute GET operations
680 getxattr(struct user_namespace *mnt_userns, struct dentry *d,
681 const char __user *name, void __user *value, size_t size)
685 char kname[XATTR_NAME_MAX + 1];
687 error = strncpy_from_user(kname, name, sizeof(kname));
688 if (error == 0 || error == sizeof(kname))
694 if (size > XATTR_SIZE_MAX)
695 size = XATTR_SIZE_MAX;
696 kvalue = kvzalloc(size, GFP_KERNEL);
701 error = vfs_getxattr(mnt_userns, d, kname, kvalue, size);
703 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
704 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
705 posix_acl_fix_xattr_to_user(mnt_userns, d_inode(d),
707 if (size && copy_to_user(value, kvalue, error))
709 } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
710 /* The file system tried to returned a value bigger
711 than XATTR_SIZE_MAX bytes. Not possible. */
720 static ssize_t path_getxattr(const char __user *pathname,
721 const char __user *name, void __user *value,
722 size_t size, unsigned int lookup_flags)
727 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
730 error = getxattr(mnt_user_ns(path.mnt), path.dentry, name, value, size);
732 if (retry_estale(error, lookup_flags)) {
733 lookup_flags |= LOOKUP_REVAL;
739 SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
740 const char __user *, name, void __user *, value, size_t, size)
742 return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW);
745 SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
746 const char __user *, name, void __user *, value, size_t, size)
748 return path_getxattr(pathname, name, value, size, 0);
751 SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
752 void __user *, value, size_t, size)
754 struct fd f = fdget(fd);
755 ssize_t error = -EBADF;
760 error = getxattr(file_mnt_user_ns(f.file), f.file->f_path.dentry,
767 * Extended attribute LIST operations
770 listxattr(struct dentry *d, char __user *list, size_t size)
776 if (size > XATTR_LIST_MAX)
777 size = XATTR_LIST_MAX;
778 klist = kvmalloc(size, GFP_KERNEL);
783 error = vfs_listxattr(d, klist, size);
785 if (size && copy_to_user(list, klist, error))
787 } else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
788 /* The file system tried to returned a list bigger
789 than XATTR_LIST_MAX bytes. Not possible. */
798 static ssize_t path_listxattr(const char __user *pathname, char __user *list,
799 size_t size, unsigned int lookup_flags)
804 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
807 error = listxattr(path.dentry, list, size);
809 if (retry_estale(error, lookup_flags)) {
810 lookup_flags |= LOOKUP_REVAL;
816 SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
819 return path_listxattr(pathname, list, size, LOOKUP_FOLLOW);
822 SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
825 return path_listxattr(pathname, list, size, 0);
828 SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
830 struct fd f = fdget(fd);
831 ssize_t error = -EBADF;
836 error = listxattr(f.file->f_path.dentry, list, size);
842 * Extended attribute REMOVE operations
845 removexattr(struct user_namespace *mnt_userns, struct dentry *d,
846 const char __user *name)
849 char kname[XATTR_NAME_MAX + 1];
851 error = strncpy_from_user(kname, name, sizeof(kname));
852 if (error == 0 || error == sizeof(kname))
857 return vfs_removexattr(mnt_userns, d, kname);
860 static int path_removexattr(const char __user *pathname,
861 const char __user *name, unsigned int lookup_flags)
866 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
869 error = mnt_want_write(path.mnt);
871 error = removexattr(mnt_user_ns(path.mnt), path.dentry, name);
872 mnt_drop_write(path.mnt);
875 if (retry_estale(error, lookup_flags)) {
876 lookup_flags |= LOOKUP_REVAL;
882 SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
883 const char __user *, name)
885 return path_removexattr(pathname, name, LOOKUP_FOLLOW);
888 SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
889 const char __user *, name)
891 return path_removexattr(pathname, name, 0);
894 SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
896 struct fd f = fdget(fd);
902 error = mnt_want_write_file(f.file);
904 error = removexattr(file_mnt_user_ns(f.file),
905 f.file->f_path.dentry, name);
906 mnt_drop_write_file(f.file);
913 * Combine the results of the list() operation from every xattr_handler in the
917 generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
919 const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
920 unsigned int size = 0;
923 for_each_xattr_handler(handlers, handler) {
924 if (!handler->name ||
925 (handler->list && !handler->list(dentry)))
927 size += strlen(handler->name) + 1;
933 for_each_xattr_handler(handlers, handler) {
934 if (!handler->name ||
935 (handler->list && !handler->list(dentry)))
937 len = strlen(handler->name);
938 if (len + 1 > buffer_size)
940 memcpy(buf, handler->name, len + 1);
942 buffer_size -= len + 1;
948 EXPORT_SYMBOL(generic_listxattr);
951 * xattr_full_name - Compute full attribute name from suffix
953 * @handler: handler of the xattr_handler operation
954 * @name: name passed to the xattr_handler operation
956 * The get and set xattr handler operations are called with the remainder of
957 * the attribute name after skipping the handler's prefix: for example, "foo"
958 * is passed to the get operation of a handler with prefix "user." to get
959 * attribute "user.foo". The full name is still "there" in the name though.
961 * Note: the list xattr handler operation when called from the vfs is passed a
962 * NULL name; some file systems use this operation internally, with varying
965 const char *xattr_full_name(const struct xattr_handler *handler,
968 size_t prefix_len = strlen(xattr_prefix(handler));
970 return name - prefix_len;
972 EXPORT_SYMBOL(xattr_full_name);
975 * Allocate new xattr and copy in the value; but leave the name to callers.
977 struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
979 struct simple_xattr *new_xattr;
983 len = sizeof(*new_xattr) + size;
984 if (len < sizeof(*new_xattr))
987 new_xattr = kvmalloc(len, GFP_KERNEL);
991 new_xattr->size = size;
992 memcpy(new_xattr->value, value, size);
997 * xattr GET operation for in-memory/pseudo filesystems
999 int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
1000 void *buffer, size_t size)
1002 struct simple_xattr *xattr;
1005 spin_lock(&xattrs->lock);
1006 list_for_each_entry(xattr, &xattrs->head, list) {
1007 if (strcmp(name, xattr->name))
1012 if (size < xattr->size)
1015 memcpy(buffer, xattr->value, xattr->size);
1019 spin_unlock(&xattrs->lock);
1024 * simple_xattr_set - xattr SET operation for in-memory/pseudo filesystems
1025 * @xattrs: target simple_xattr list
1026 * @name: name of the extended attribute
1027 * @value: value of the xattr. If %NULL, will remove the attribute.
1028 * @size: size of the new xattr
1029 * @flags: %XATTR_{CREATE|REPLACE}
1030 * @removed_size: returns size of the removed xattr, -1 if none removed
1032 * %XATTR_CREATE is set, the xattr shouldn't exist already; otherwise fails
1033 * with -EEXIST. If %XATTR_REPLACE is set, the xattr should exist;
1034 * otherwise, fails with -ENODATA.
1036 * Returns 0 on success, -errno on failure.
1038 int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
1039 const void *value, size_t size, int flags,
1040 ssize_t *removed_size)
1042 struct simple_xattr *xattr;
1043 struct simple_xattr *new_xattr = NULL;
1049 /* value == NULL means remove */
1051 new_xattr = simple_xattr_alloc(value, size);
1055 new_xattr->name = kstrdup(name, GFP_KERNEL);
1056 if (!new_xattr->name) {
1062 spin_lock(&xattrs->lock);
1063 list_for_each_entry(xattr, &xattrs->head, list) {
1064 if (!strcmp(name, xattr->name)) {
1065 if (flags & XATTR_CREATE) {
1068 } else if (new_xattr) {
1069 list_replace(&xattr->list, &new_xattr->list);
1071 *removed_size = xattr->size;
1073 list_del(&xattr->list);
1075 *removed_size = xattr->size;
1080 if (flags & XATTR_REPLACE) {
1084 list_add(&new_xattr->list, &xattrs->head);
1088 spin_unlock(&xattrs->lock);
1097 static bool xattr_is_trusted(const char *name)
1099 return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
1102 static int xattr_list_one(char **buffer, ssize_t *remaining_size,
1105 size_t len = strlen(name) + 1;
1107 if (*remaining_size < len)
1109 memcpy(*buffer, name, len);
1112 *remaining_size -= len;
1117 * xattr LIST operation for in-memory/pseudo filesystems
1119 ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
1120 char *buffer, size_t size)
1122 bool trusted = capable(CAP_SYS_ADMIN);
1123 struct simple_xattr *xattr;
1124 ssize_t remaining_size = size;
1127 #ifdef CONFIG_FS_POSIX_ACL
1128 if (IS_POSIXACL(inode)) {
1130 err = xattr_list_one(&buffer, &remaining_size,
1131 XATTR_NAME_POSIX_ACL_ACCESS);
1135 if (inode->i_default_acl) {
1136 err = xattr_list_one(&buffer, &remaining_size,
1137 XATTR_NAME_POSIX_ACL_DEFAULT);
1144 spin_lock(&xattrs->lock);
1145 list_for_each_entry(xattr, &xattrs->head, list) {
1146 /* skip "trusted." attributes for unprivileged callers */
1147 if (!trusted && xattr_is_trusted(xattr->name))
1150 err = xattr_list_one(&buffer, &remaining_size, xattr->name);
1154 spin_unlock(&xattrs->lock);
1156 return err ? err : size - remaining_size;
1160 * Adds an extended attribute to the list
1162 void simple_xattr_list_add(struct simple_xattrs *xattrs,
1163 struct simple_xattr *new_xattr)
1165 spin_lock(&xattrs->lock);
1166 list_add(&new_xattr->list, &xattrs->head);
1167 spin_unlock(&xattrs->lock);
projects / platform / kernel / linux-rpi.git / blob