]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blob - fs/xattr.c
projects / mirror_ubuntu-zesty-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
UBUNTU: SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root
[mirror_ubuntu-zesty-kernel.git] / fs / xattr.c
1 /*
2 File: fs/xattr.c
3
4 Extended attribute handling.
5
6 Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
7 Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
8 Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
9 */
10 #include <linux/fs.h>
11 #include <linux/slab.h>
12 #include <linux/file.h>
13 #include <linux/xattr.h>
14 #include <linux/mount.h>
15 #include <linux/namei.h>
16 #include <linux/security.h>
17 #include <linux/evm.h>
18 #include <linux/syscalls.h>
19 #include <linux/export.h>
20 #include <linux/fsnotify.h>
21 #include <linux/audit.h>
22 #include <linux/vmalloc.h>
23 #include <linux/posix_acl_xattr.h>
24
25 #include <linux/uaccess.h>
26
27 static const char *
28 strcmp_prefix(const char *a, const char *a_prefix)
29 {
30 while (*a_prefix && *a == *a_prefix) {
31 a++;
32 a_prefix++;
33 }
34 return *a_prefix ? NULL : a;
35 }
36
37 /*
38 * In order to implement different sets of xattr operations for each xattr
39 * prefix, a filesystem should create a null-terminated array of struct
40 * xattr_handler (one for each prefix) and hang a pointer to it off of the
41 * s_xattr field of the superblock.
42 */
43 #define for_each_xattr_handler(handlers, handler) \
44 if (handlers) \
45 for ((handler) = *(handlers)++; \
46 (handler) != NULL; \
47 (handler) = *(handlers)++)
48
49 /*
50 * Find the xattr_handler with the matching prefix.
51 */
52 static const struct xattr_handler *
53 xattr_resolve_name(struct inode *inode, const char **name)
54 {
55 const struct xattr_handler **handlers = inode->i_sb->s_xattr;
56 const struct xattr_handler *handler;
57
58 if (!(inode->i_opflags & IOP_XATTR)) {
59 if (unlikely(is_bad_inode(inode)))
60 return ERR_PTR(-EIO);
61 return ERR_PTR(-EOPNOTSUPP);
62 }
63 for_each_xattr_handler(handlers, handler) {
64 const char *n;
65
66 n = strcmp_prefix(*name, xattr_prefix(handler));
67 if (n) {
68 if (!handler->prefix ^ !*n) {
69 if (*n)
70 continue;
71 return ERR_PTR(-EINVAL);
72 }
73 *name = n;
74 return handler;
75 }
76 }
77 return ERR_PTR(-EOPNOTSUPP);
78 }
79
80 /*
81 * Check permissions for extended attribute access. This is a bit complicated
82 * because different namespaces have very different rules.
83 */
84 static int
85 xattr_permission(struct inode *inode, const char *name, int mask)
86 {
87 /*
88 * We can never set or remove an extended attribute on a read-only
89 * filesystem or on an immutable / append-only inode.
90 */
91 if (mask & MAY_WRITE) {
92 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
93 return -EPERM;
94 /*
95 * Updating an xattr will likely cause i_uid and i_gid
96 * to be writen back improperly if their true value is
97 * unknown to the vfs.
98 */
99 if (HAS_UNMAPPED_ID(inode))
100 return -EPERM;
101 }
102
103 /*
104 * No restriction for security.* and system.* from the VFS. Decision
105 * on these is left to the underlying filesystem / security module.
106 */
107 if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
108 !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
109 return 0;
110
111 /*
112 * The trusted.* namespace can only be accessed by privileged users.
113 */
114 if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
115 if (!capable(CAP_SYS_ADMIN))
116 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
117 return 0;
118 }
119
120 /*
121 * In the user.* namespace, only regular files and directories can have
122 * extended attributes. For sticky directories, only the owner and
123 * privileged users can write attributes.
124 */
125 if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
126 if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
127 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
128 if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
129 (mask & MAY_WRITE) && !inode_owner_or_capable(inode))
130 return -EPERM;
131 }
132
133 return inode_permission(inode, mask);
134 }
135
136 int
137 __vfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name,
138 const void *value, size_t size, int flags)
139 {
140 const struct xattr_handler *handler;
141
142 handler = xattr_resolve_name(inode, &name);
143 if (IS_ERR(handler))
144 return PTR_ERR(handler);
145 if (!handler->set)
146 return -EOPNOTSUPP;
147 if (size == 0)
148 value = ""; /* empty EA, do not remove */
149 return handler->set(handler, dentry, inode, name, value, size, flags);
150 }
151 EXPORT_SYMBOL(__vfs_setxattr);
152
153 /**
154 * __vfs_setxattr_noperm - perform setxattr operation without performing
155 * permission checks.
156 *
157 * @dentry - object to perform setxattr on
158 * @name - xattr name to set
159 * @value - value to set @name to
160 * @size - size of @value
161 * @flags - flags to pass into filesystem operations
162 *
163 * returns the result of the internal setxattr or setsecurity operations.
164 *
165 * This function requires the caller to lock the inode's i_mutex before it
166 * is executed. It also assumes that the caller will make the appropriate
167 * permission checks.
168 */
169 int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
170 const void *value, size_t size, int flags)
171 {
172 struct inode *inode = dentry->d_inode;
173 int error = -EAGAIN;
174 int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
175 XATTR_SECURITY_PREFIX_LEN);
176
177 if (issec)
178 inode->i_flags &= ~S_NOSEC;
179 if (inode->i_opflags & IOP_XATTR) {
180 error = __vfs_setxattr(dentry, inode, name, value, size, flags);
181 if (!error) {
182 fsnotify_xattr(dentry);
183 security_inode_post_setxattr(dentry, name, value,
184 size, flags);
185 }
186 } else {
187 if (unlikely(is_bad_inode(inode)))
188 return -EIO;
189 }
190 if (error == -EAGAIN) {
191 error = -EOPNOTSUPP;
192
193 if (issec) {
194 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
195
196 error = security_inode_setsecurity(inode, suffix, value,
197 size, flags);
198 if (!error)
199 fsnotify_xattr(dentry);
200 }
201 }
202
203 return error;
204 }
205 EXPORT_SYMBOL_GPL(__vfs_setxattr_noperm);
206
207
208 int
209 vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
210 size_t size, int flags)
211 {
212 struct inode *inode = dentry->d_inode;
213 int error;
214
215 error = xattr_permission(inode, name, MAY_WRITE);
216 if (error)
217 return error;
218
219 inode_lock(inode);
220 error = security_inode_setxattr(dentry, name, value, size, flags);
221 if (error)
222 goto out;
223
224 error = __vfs_setxattr_noperm(dentry, name, value, size, flags);
225
226 out:
227 inode_unlock(inode);
228 return error;
229 }
230 EXPORT_SYMBOL_GPL(vfs_setxattr);
231
232 ssize_t
233 xattr_getsecurity(struct inode *inode, const char *name, void *value,
234 size_t size)
235 {
236 void *buffer = NULL;
237 ssize_t len;
238
239 if (!value || !size) {
240 len = security_inode_getsecurity(inode, name, &buffer, false);
241 goto out_noalloc;
242 }
243
244 len = security_inode_getsecurity(inode, name, &buffer, true);
245 if (len < 0)
246 return len;
247 if (size < len) {
248 len = -ERANGE;
249 goto out;
250 }
251 memcpy(value, buffer, len);
252 out:
253 security_release_secctx(buffer, len);
254 out_noalloc:
255 return len;
256 }
257 EXPORT_SYMBOL_GPL(xattr_getsecurity);
258
259 /*
260 * vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr
261 *
262 * Allocate memory, if not already allocated, or re-allocate correct size,
263 * before retrieving the extended attribute.
264 *
265 * Returns the result of alloc, if failed, or the getxattr operation.
266 */
267 ssize_t
268 vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
269 size_t xattr_size, gfp_t flags)
270 {
271 const struct xattr_handler *handler;
272 struct inode *inode = dentry->d_inode;
273 char *value = *xattr_value;
274 int error;
275
276 error = xattr_permission(inode, name, MAY_READ);
277 if (error)
278 return error;
279
280 handler = xattr_resolve_name(inode, &name);
281 if (IS_ERR(handler))
282 return PTR_ERR(handler);
283 if (!handler->get)
284 return -EOPNOTSUPP;
285 error = handler->get(handler, dentry, inode, name, NULL, 0);
286 if (error < 0)
287 return error;
288
289 if (!value || (error > xattr_size)) {
290 value = krealloc(*xattr_value, error + 1, flags);
291 if (!value)
292 return -ENOMEM;
293 memset(value, 0, error + 1);
294 }
295
296 error = handler->get(handler, dentry, inode, name, value, error);
297 *xattr_value = value;
298 return error;
299 }
300
301 ssize_t
302 __vfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name,
303 void *value, size_t size)
304 {
305 const struct xattr_handler *handler;
306
307 handler = xattr_resolve_name(inode, &name);
308 if (IS_ERR(handler))
309 return PTR_ERR(handler);
310 if (!handler->get)
311 return -EOPNOTSUPP;
312 return handler->get(handler, dentry, inode, name, value, size);
313 }
314 EXPORT_SYMBOL(__vfs_getxattr);
315
316 ssize_t
317 vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size)
318 {
319 struct inode *inode = dentry->d_inode;
320 int error;
321
322 error = xattr_permission(inode, name, MAY_READ);
323 if (error)
324 return error;
325
326 error = security_inode_getxattr(dentry, name);
327 if (error)
328 return error;
329
330 if (!strncmp(name, XATTR_SECURITY_PREFIX,
331 XATTR_SECURITY_PREFIX_LEN)) {
332 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
333 int ret = xattr_getsecurity(inode, suffix, value, size);
334 /*
335 * Only overwrite the return value if a security module
336 * is actually active.
337 */
338 if (ret == -EOPNOTSUPP)
339 goto nolsm;
340 return ret;
341 }
342 nolsm:
343 return __vfs_getxattr(dentry, inode, name, value, size);
344 }
345 EXPORT_SYMBOL_GPL(vfs_getxattr);
346
347 ssize_t
348 vfs_listxattr(struct dentry *dentry, char *list, size_t size)
349 {
350 struct inode *inode = d_inode(dentry);
351 ssize_t error;
352
353 error = security_inode_listxattr(dentry);
354 if (error)
355 return error;
356 if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) {
357 error = -EOPNOTSUPP;
358 error = inode->i_op->listxattr(dentry, list, size);
359 } else {
360 error = security_inode_listsecurity(inode, list, size);
361 if (size && error > size)
362 error = -ERANGE;
363 }
364 return error;
365 }
366 EXPORT_SYMBOL_GPL(vfs_listxattr);
367
368 /**
369 * __vfs_removexattr_noperm - perform removexattr operation without
370 * performing permission checks.
371 *
372 * @dentry - object to perform setxattr on
373 * @name - xattr name to set
374 *
375 * returns the result of the internal setxattr or setsecurity operations.
376 *
377 * This function requires the caller to lock the inode's i_mutex before it
378 * is executed. It also assumes that the caller will make the appropriate
379 * permission checks.
380 */
381 int __vfs_removexattr_noperm(struct dentry *dentry, const char *name)
382 {
383 struct inode *inode = dentry->d_inode;
384 int error = -EOPNOTSUPP;
385
386 if (inode->i_op->removexattr) {
387 error = inode->i_op->removexattr(dentry, name);
388 if (!error) {
389 fsnotify_xattr(dentry);
390 evm_inode_post_removexattr(dentry, name);
391 }
392 }
393
394 return error;
395 }
396 EXPORT_SYMBOL_GPL(__vfs_removexattr_noperm);
397
398 int
399 __vfs_removexattr(struct dentry *dentry, const char *name)
400 {
401 struct inode *inode = d_inode(dentry);
402 const struct xattr_handler *handler;
403
404 handler = xattr_resolve_name(inode, &name);
405 if (IS_ERR(handler))
406 return PTR_ERR(handler);
407 if (!handler->set)
408 return -EOPNOTSUPP;
409 return handler->set(handler, dentry, inode, name, NULL, 0, XATTR_REPLACE);
410 }
411 EXPORT_SYMBOL(__vfs_removexattr);
412
413 int
414 vfs_removexattr(struct dentry *dentry, const char *name)
415 {
416 struct inode *inode = dentry->d_inode;
417 int error;
418
419 error = xattr_permission(inode, name, MAY_WRITE);
420 if (error)
421 return error;
422
423 inode_lock(inode);
424 error = security_inode_removexattr(dentry, name);
425 if (error)
426 goto out;
427
428 error = __vfs_removexattr_noperm(dentry, name);
429
430 if (!error) {
431 fsnotify_xattr(dentry);
432 evm_inode_post_removexattr(dentry, name);
433 }
434
435 out:
436 inode_unlock(inode);
437 return error;
438 }
439 EXPORT_SYMBOL_GPL(vfs_removexattr);
440
441
442 /*
443 * Extended attribute SET operations
444 */
445 static long
446 setxattr(struct dentry *d, const char __user *name, const void __user *value,
447 size_t size, int flags)
448 {
449 int error;
450 void *kvalue = NULL;
451 char kname[XATTR_NAME_MAX + 1];
452
453 if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
454 return -EINVAL;
455
456 error = strncpy_from_user(kname, name, sizeof(kname));
457 if (error == 0 || error == sizeof(kname))
458 error = -ERANGE;
459 if (error < 0)
460 return error;
461
462 if (size) {
463 if (size > XATTR_SIZE_MAX)
464 return -E2BIG;
465 kvalue = kmalloc(size, GFP_KERNEL | __GFP_NOWARN);
466 if (!kvalue) {
467 kvalue = vmalloc(size);
468 if (!kvalue)
469 return -ENOMEM;
470 }
471 if (copy_from_user(kvalue, value, size)) {
472 error = -EFAULT;
473 goto out;
474 }
475 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
476 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
477 posix_acl_fix_xattr_from_user(kvalue, size);
478 }
479
480 error = vfs_setxattr(d, kname, kvalue, size, flags);
481 out:
482 kvfree(kvalue);
483
484 return error;
485 }
486
487 static int path_setxattr(const char __user *pathname,
488 const char __user *name, const void __user *value,
489 size_t size, int flags, unsigned int lookup_flags)
490 {
491 struct path path;
492 int error;
493 retry:
494 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
495 if (error)
496 return error;
497 error = mnt_want_write(path.mnt);
498 if (!error) {
499 error = setxattr(path.dentry, name, value, size, flags);
500 mnt_drop_write(path.mnt);
501 }
502 path_put(&path);
503 if (retry_estale(error, lookup_flags)) {
504 lookup_flags |= LOOKUP_REVAL;
505 goto retry;
506 }
507 return error;
508 }
509
510 SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
511 const char __user *, name, const void __user *, value,
512 size_t, size, int, flags)
513 {
514 return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW);
515 }
516
517 SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
518 const char __user *, name, const void __user *, value,
519 size_t, size, int, flags)
520 {
521 return path_setxattr(pathname, name, value, size, flags, 0);
522 }
523
524 SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
525 const void __user *,value, size_t, size, int, flags)
526 {
527 struct fd f = fdget(fd);
528 int error = -EBADF;
529
530 if (!f.file)
531 return error;
532 audit_file(f.file);
533 error = mnt_want_write_file(f.file);
534 if (!error) {
535 error = setxattr(f.file->f_path.dentry, name, value, size, flags);
536 mnt_drop_write_file(f.file);
537 }
538 fdput(f);
539 return error;
540 }
541
542 /*
543 * Extended attribute GET operations
544 */
545 static ssize_t
546 getxattr(struct dentry *d, const char __user *name, void __user *value,
547 size_t size)
548 {
549 ssize_t error;
550 void *kvalue = NULL;
551 char kname[XATTR_NAME_MAX + 1];
552
553 error = strncpy_from_user(kname, name, sizeof(kname));
554 if (error == 0 || error == sizeof(kname))
555 error = -ERANGE;
556 if (error < 0)
557 return error;
558
559 if (size) {
560 if (size > XATTR_SIZE_MAX)
561 size = XATTR_SIZE_MAX;
562 kvalue = kzalloc(size, GFP_KERNEL | __GFP_NOWARN);
563 if (!kvalue) {
564 kvalue = vmalloc(size);
565 if (!kvalue)
566 return -ENOMEM;
567 }
568 }
569
570 error = vfs_getxattr(d, kname, kvalue, size);
571 if (error > 0) {
572 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
573 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
574 posix_acl_fix_xattr_to_user(kvalue, size);
575 if (size && copy_to_user(value, kvalue, error))
576 error = -EFAULT;
577 } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
578 /* The file system tried to returned a value bigger
579 than XATTR_SIZE_MAX bytes. Not possible. */
580 error = -E2BIG;
581 }
582
583 kvfree(kvalue);
584
585 return error;
586 }
587
588 static ssize_t path_getxattr(const char __user *pathname,
589 const char __user *name, void __user *value,
590 size_t size, unsigned int lookup_flags)
591 {
592 struct path path;
593 ssize_t error;
594 retry:
595 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
596 if (error)
597 return error;
598 error = getxattr(path.dentry, name, value, size);
599 path_put(&path);
600 if (retry_estale(error, lookup_flags)) {
601 lookup_flags |= LOOKUP_REVAL;
602 goto retry;
603 }
604 return error;
605 }
606
607 SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
608 const char __user *, name, void __user *, value, size_t, size)
609 {
610 return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW);
611 }
612
613 SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
614 const char __user *, name, void __user *, value, size_t, size)
615 {
616 return path_getxattr(pathname, name, value, size, 0);
617 }
618
619 SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
620 void __user *, value, size_t, size)
621 {
622 struct fd f = fdget(fd);
623 ssize_t error = -EBADF;
624
625 if (!f.file)
626 return error;
627 audit_file(f.file);
628 error = getxattr(f.file->f_path.dentry, name, value, size);
629 fdput(f);
630 return error;
631 }
632
633 /*
634 * Extended attribute LIST operations
635 */
636 static ssize_t
637 listxattr(struct dentry *d, char __user *list, size_t size)
638 {
639 ssize_t error;
640 char *klist = NULL;
641
642 if (size) {
643 if (size > XATTR_LIST_MAX)
644 size = XATTR_LIST_MAX;
645 klist = kmalloc(size, __GFP_NOWARN | GFP_KERNEL);
646 if (!klist) {
647 klist = vmalloc(size);
648 if (!klist)
649 return -ENOMEM;
650 }
651 }
652
653 error = vfs_listxattr(d, klist, size);
654 if (error > 0) {
655 if (size && copy_to_user(list, klist, error))
656 error = -EFAULT;
657 } else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
658 /* The file system tried to returned a list bigger
659 than XATTR_LIST_MAX bytes. Not possible. */
660 error = -E2BIG;
661 }
662
663 kvfree(klist);
664
665 return error;
666 }
667
668 static ssize_t path_listxattr(const char __user *pathname, char __user *list,
669 size_t size, unsigned int lookup_flags)
670 {
671 struct path path;
672 ssize_t error;
673 retry:
674 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
675 if (error)
676 return error;
677 error = listxattr(path.dentry, list, size);
678 path_put(&path);
679 if (retry_estale(error, lookup_flags)) {
680 lookup_flags |= LOOKUP_REVAL;
681 goto retry;
682 }
683 return error;
684 }
685
686 SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
687 size_t, size)
688 {
689 return path_listxattr(pathname, list, size, LOOKUP_FOLLOW);
690 }
691
692 SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
693 size_t, size)
694 {
695 return path_listxattr(pathname, list, size, 0);
696 }
697
698 SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
699 {
700 struct fd f = fdget(fd);
701 ssize_t error = -EBADF;
702
703 if (!f.file)
704 return error;
705 audit_file(f.file);
706 error = listxattr(f.file->f_path.dentry, list, size);
707 fdput(f);
708 return error;
709 }
710
711 /*
712 * Extended attribute REMOVE operations
713 */
714 static long
715 removexattr(struct dentry *d, const char __user *name)
716 {
717 int error;
718 char kname[XATTR_NAME_MAX + 1];
719
720 error = strncpy_from_user(kname, name, sizeof(kname));
721 if (error == 0 || error == sizeof(kname))
722 error = -ERANGE;
723 if (error < 0)
724 return error;
725
726 return vfs_removexattr(d, kname);
727 }
728
729 static int path_removexattr(const char __user *pathname,
730 const char __user *name, unsigned int lookup_flags)
731 {
732 struct path path;
733 int error;
734 retry:
735 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
736 if (error)
737 return error;
738 error = mnt_want_write(path.mnt);
739 if (!error) {
740 error = removexattr(path.dentry, name);
741 mnt_drop_write(path.mnt);
742 }
743 path_put(&path);
744 if (retry_estale(error, lookup_flags)) {
745 lookup_flags |= LOOKUP_REVAL;
746 goto retry;
747 }
748 return error;
749 }
750
751 SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
752 const char __user *, name)
753 {
754 return path_removexattr(pathname, name, LOOKUP_FOLLOW);
755 }
756
757 SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
758 const char __user *, name)
759 {
760 return path_removexattr(pathname, name, 0);
761 }
762
763 SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
764 {
765 struct fd f = fdget(fd);
766 int error = -EBADF;
767
768 if (!f.file)
769 return error;
770 audit_file(f.file);
771 error = mnt_want_write_file(f.file);
772 if (!error) {
773 error = removexattr(f.file->f_path.dentry, name);
774 mnt_drop_write_file(f.file);
775 }
776 fdput(f);
777 return error;
778 }
779
780 /*
781 * Combine the results of the list() operation from every xattr_handler in the
782 * list.
783 */
784 ssize_t
785 generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
786 {
787 const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
788 unsigned int size = 0;
789
790 if (!buffer) {
791 for_each_xattr_handler(handlers, handler) {
792 if (!handler->name ||
793 (handler->list && !handler->list(dentry)))
794 continue;
795 size += strlen(handler->name) + 1;
796 }
797 } else {
798 char *buf = buffer;
799 size_t len;
800
801 for_each_xattr_handler(handlers, handler) {
802 if (!handler->name ||
803 (handler->list && !handler->list(dentry)))
804 continue;
805 len = strlen(handler->name);
806 if (len + 1 > buffer_size)
807 return -ERANGE;
808 memcpy(buf, handler->name, len + 1);
809 buf += len + 1;
810 buffer_size -= len + 1;
811 }
812 size = buf - buffer;
813 }
814 return size;
815 }
816 EXPORT_SYMBOL(generic_listxattr);
817
818 /**
819 * xattr_full_name - Compute full attribute name from suffix
820 *
821 * @handler: handler of the xattr_handler operation
822 * @name: name passed to the xattr_handler operation
823 *
824 * The get and set xattr handler operations are called with the remainder of
825 * the attribute name after skipping the handler's prefix: for example, "foo"
826 * is passed to the get operation of a handler with prefix "user." to get
827 * attribute "user.foo". The full name is still "there" in the name though.
828 *
829 * Note: the list xattr handler operation when called from the vfs is passed a
830 * NULL name; some file systems use this operation internally, with varying
831 * semantics.
832 */
833 const char *xattr_full_name(const struct xattr_handler *handler,
834 const char *name)
835 {
836 size_t prefix_len = strlen(xattr_prefix(handler));
837
838 return name - prefix_len;
839 }
840 EXPORT_SYMBOL(xattr_full_name);
841
842 /*
843 * Allocate new xattr and copy in the value; but leave the name to callers.
844 */
845 struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
846 {
847 struct simple_xattr *new_xattr;
848 size_t len;
849
850 /* wrap around? */
851 len = sizeof(*new_xattr) + size;
852 if (len < sizeof(*new_xattr))
853 return NULL;
854
855 new_xattr = kmalloc(len, GFP_KERNEL);
856 if (!new_xattr)
857 return NULL;
858
859 new_xattr->size = size;
860 memcpy(new_xattr->value, value, size);
861 return new_xattr;
862 }
863
864 /*
865 * xattr GET operation for in-memory/pseudo filesystems
866 */
867 int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
868 void *buffer, size_t size)
869 {
870 struct simple_xattr *xattr;
871 int ret = -ENODATA;
872
873 spin_lock(&xattrs->lock);
874 list_for_each_entry(xattr, &xattrs->head, list) {
875 if (strcmp(name, xattr->name))
876 continue;
877
878 ret = xattr->size;
879 if (buffer) {
880 if (size < xattr->size)
881 ret = -ERANGE;
882 else
883 memcpy(buffer, xattr->value, xattr->size);
884 }
885 break;
886 }
887 spin_unlock(&xattrs->lock);
888 return ret;
889 }
890
891 /**
892 * simple_xattr_set - xattr SET operation for in-memory/pseudo filesystems
893 * @xattrs: target simple_xattr list
894 * @name: name of the extended attribute
895 * @value: value of the xattr. If %NULL, will remove the attribute.
896 * @size: size of the new xattr
897 * @flags: %XATTR_{CREATE|REPLACE}
898 *
899 * %XATTR_CREATE is set, the xattr shouldn't exist already; otherwise fails
900 * with -EEXIST. If %XATTR_REPLACE is set, the xattr should exist;
901 * otherwise, fails with -ENODATA.
902 *
903 * Returns 0 on success, -errno on failure.
904 */
905 int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
906 const void *value, size_t size, int flags)
907 {
908 struct simple_xattr *xattr;
909 struct simple_xattr *new_xattr = NULL;
910 int err = 0;
911
912 /* value == NULL means remove */
913 if (value) {
914 new_xattr = simple_xattr_alloc(value, size);
915 if (!new_xattr)
916 return -ENOMEM;
917
918 new_xattr->name = kstrdup(name, GFP_KERNEL);
919 if (!new_xattr->name) {
920 kfree(new_xattr);
921 return -ENOMEM;
922 }
923 }
924
925 spin_lock(&xattrs->lock);
926 list_for_each_entry(xattr, &xattrs->head, list) {
927 if (!strcmp(name, xattr->name)) {
928 if (flags & XATTR_CREATE) {
929 xattr = new_xattr;
930 err = -EEXIST;
931 } else if (new_xattr) {
932 list_replace(&xattr->list, &new_xattr->list);
933 } else {
934 list_del(&xattr->list);
935 }
936 goto out;
937 }
938 }
939 if (flags & XATTR_REPLACE) {
940 xattr = new_xattr;
941 err = -ENODATA;
942 } else {
943 list_add(&new_xattr->list, &xattrs->head);
944 xattr = NULL;
945 }
946 out:
947 spin_unlock(&xattrs->lock);
948 if (xattr) {
949 kfree(xattr->name);
950 kfree(xattr);
951 }
952 return err;
953
954 }
955
956 static bool xattr_is_trusted(const char *name)
957 {
958 return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
959 }
960
961 static int xattr_list_one(char **buffer, ssize_t *remaining_size,
962 const char *name)
963 {
964 size_t len = strlen(name) + 1;
965 if (*buffer) {
966 if (*remaining_size < len)
967 return -ERANGE;
968 memcpy(*buffer, name, len);
969 *buffer += len;
970 }
971 *remaining_size -= len;
972 return 0;
973 }
974
975 /*
976 * xattr LIST operation for in-memory/pseudo filesystems
977 */
978 ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
979 char *buffer, size_t size)
980 {
981 bool trusted = capable(CAP_SYS_ADMIN);
982 struct simple_xattr *xattr;
983 ssize_t remaining_size = size;
984 int err = 0;
985
986 #ifdef CONFIG_FS_POSIX_ACL
987 if (inode->i_acl) {
988 err = xattr_list_one(&buffer, &remaining_size,
989 XATTR_NAME_POSIX_ACL_ACCESS);
990 if (err)
991 return err;
992 }
993 if (inode->i_default_acl) {
994 err = xattr_list_one(&buffer, &remaining_size,
995 XATTR_NAME_POSIX_ACL_DEFAULT);
996 if (err)
997 return err;
998 }
999 #endif
1000
1001 spin_lock(&xattrs->lock);
1002 list_for_each_entry(xattr, &xattrs->head, list) {
1003 /* skip "trusted." attributes for unprivileged callers */
1004 if (!trusted && xattr_is_trusted(xattr->name))
1005 continue;
1006
1007 err = xattr_list_one(&buffer, &remaining_size, xattr->name);
1008 if (err)
1009 break;
1010 }
1011 spin_unlock(&xattrs->lock);
1012
1013 return err ? err : size - remaining_size;
1014 }
1015
1016 /*
1017 * Adds an extended attribute to the list
1018 */
1019 void simple_xattr_list_add(struct simple_xattrs *xattrs,
1020 struct simple_xattr *new_xattr)
1021 {
1022 spin_lock(&xattrs->lock);
1023 list_add(&new_xattr->list, &xattrs->head);
1024 spin_unlock(&xattrs->lock);
1025 }
ubuntu-zesty-kernel mirror