]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blob - fs/xattr.c
projects / mirror_ubuntu-zesty-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
UBUNTU: SAUCE: Import aufs driver
[mirror_ubuntu-zesty-kernel.git] / fs / xattr.c
1 /*
2 File: fs/xattr.c
3
4 Extended attribute handling.
5
6 Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
7 Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
8 Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
9 */
10 #include <linux/fs.h>
11 #include <linux/slab.h>
12 #include <linux/file.h>
13 #include <linux/xattr.h>
14 #include <linux/mount.h>
15 #include <linux/namei.h>
16 #include <linux/security.h>
17 #include <linux/evm.h>
18 #include <linux/syscalls.h>
19 #include <linux/export.h>
20 #include <linux/fsnotify.h>
21 #include <linux/audit.h>
22 #include <linux/vmalloc.h>
23 #include <linux/posix_acl_xattr.h>
24
25 #include <linux/uaccess.h>
26
27 static const char *
28 strcmp_prefix(const char *a, const char *a_prefix)
29 {
30 while (*a_prefix && *a == *a_prefix) {
31 a++;
32 a_prefix++;
33 }
34 return *a_prefix ? NULL : a;
35 }
36
37 /*
38 * In order to implement different sets of xattr operations for each xattr
39 * prefix, a filesystem should create a null-terminated array of struct
40 * xattr_handler (one for each prefix) and hang a pointer to it off of the
41 * s_xattr field of the superblock.
42 */
43 #define for_each_xattr_handler(handlers, handler) \
44 if (handlers) \
45 for ((handler) = *(handlers)++; \
46 (handler) != NULL; \
47 (handler) = *(handlers)++)
48
49 /*
50 * Find the xattr_handler with the matching prefix.
51 */
52 static const struct xattr_handler *
53 xattr_resolve_name(struct inode *inode, const char **name)
54 {
55 const struct xattr_handler **handlers = inode->i_sb->s_xattr;
56 const struct xattr_handler *handler;
57
58 if (!(inode->i_opflags & IOP_XATTR)) {
59 if (unlikely(is_bad_inode(inode)))
60 return ERR_PTR(-EIO);
61 return ERR_PTR(-EOPNOTSUPP);
62 }
63 for_each_xattr_handler(handlers, handler) {
64 const char *n;
65
66 n = strcmp_prefix(*name, xattr_prefix(handler));
67 if (n) {
68 if (!handler->prefix ^ !*n) {
69 if (*n)
70 continue;
71 return ERR_PTR(-EINVAL);
72 }
73 *name = n;
74 return handler;
75 }
76 }
77 return ERR_PTR(-EOPNOTSUPP);
78 }
79
80 /*
81 * Check permissions for extended attribute access. This is a bit complicated
82 * because different namespaces have very different rules.
83 */
84 static int
85 xattr_permission(struct inode *inode, const char *name, int mask)
86 {
87 /*
88 * We can never set or remove an extended attribute on a read-only
89 * filesystem or on an immutable / append-only inode.
90 */
91 if (mask & MAY_WRITE) {
92 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
93 return -EPERM;
94 /*
95 * Updating an xattr will likely cause i_uid and i_gid
96 * to be writen back improperly if their true value is
97 * unknown to the vfs.
98 */
99 if (HAS_UNMAPPED_ID(inode))
100 return -EPERM;
101 }
102
103 /*
104 * No restriction for security.* and system.* from the VFS. Decision
105 * on these is left to the underlying filesystem / security module.
106 */
107 if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
108 !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
109 return 0;
110
111 /*
112 * The trusted.* namespace can only be accessed by privileged users.
113 */
114 if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
115 if (!capable(CAP_SYS_ADMIN))
116 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
117 return 0;
118 }
119
120 /*
121 * In the user.* namespace, only regular files and directories can have
122 * extended attributes. For sticky directories, only the owner and
123 * privileged users can write attributes.
124 */
125 if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
126 if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
127 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
128 if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
129 (mask & MAY_WRITE) && !inode_owner_or_capable(inode))
130 return -EPERM;
131 }
132
133 return inode_permission(inode, mask);
134 }
135
136 int
137 __vfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name,
138 const void *value, size_t size, int flags)
139 {
140 const struct xattr_handler *handler;
141
142 handler = xattr_resolve_name(inode, &name);
143 if (IS_ERR(handler))
144 return PTR_ERR(handler);
145 if (!handler->set)
146 return -EOPNOTSUPP;
147 if (size == 0)
148 value = ""; /* empty EA, do not remove */
149 return handler->set(handler, dentry, inode, name, value, size, flags);
150 }
151 EXPORT_SYMBOL(__vfs_setxattr);
152
153 /**
154 * __vfs_setxattr_noperm - perform setxattr operation without performing
155 * permission checks.
156 *
157 * @dentry - object to perform setxattr on
158 * @name - xattr name to set
159 * @value - value to set @name to
160 * @size - size of @value
161 * @flags - flags to pass into filesystem operations
162 *
163 * returns the result of the internal setxattr or setsecurity operations.
164 *
165 * This function requires the caller to lock the inode's i_mutex before it
166 * is executed. It also assumes that the caller will make the appropriate
167 * permission checks.
168 */
169 int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
170 const void *value, size_t size, int flags)
171 {
172 struct inode *inode = dentry->d_inode;
173 int error = -EAGAIN;
174 int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
175 XATTR_SECURITY_PREFIX_LEN);
176
177 if (issec)
178 inode->i_flags &= ~S_NOSEC;
179 if (inode->i_opflags & IOP_XATTR) {
180 error = __vfs_setxattr(dentry, inode, name, value, size, flags);
181 if (!error) {
182 fsnotify_xattr(dentry);
183 security_inode_post_setxattr(dentry, name, value,
184 size, flags);
185 }
186 } else {
187 if (unlikely(is_bad_inode(inode)))
188 return -EIO;
189 }
190 if (error == -EAGAIN) {
191 error = -EOPNOTSUPP;
192
193 if (issec) {
194 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
195
196 error = security_inode_setsecurity(inode, suffix, value,
197 size, flags);
198 if (!error)
199 fsnotify_xattr(dentry);
200 }
201 }
202
203 return error;
204 }
205
206
207 int
208 vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
209 size_t size, int flags)
210 {
211 struct inode *inode = dentry->d_inode;
212 int error;
213
214 error = xattr_permission(inode, name, MAY_WRITE);
215 if (error)
216 return error;
217
218 inode_lock(inode);
219 error = security_inode_setxattr(dentry, name, value, size, flags);
220 if (error)
221 goto out;
222
223 error = __vfs_setxattr_noperm(dentry, name, value, size, flags);
224
225 out:
226 inode_unlock(inode);
227 return error;
228 }
229 EXPORT_SYMBOL_GPL(vfs_setxattr);
230
231 ssize_t
232 xattr_getsecurity(struct inode *inode, const char *name, void *value,
233 size_t size)
234 {
235 void *buffer = NULL;
236 ssize_t len;
237
238 if (!value || !size) {
239 len = security_inode_getsecurity(inode, name, &buffer, false);
240 goto out_noalloc;
241 }
242
243 len = security_inode_getsecurity(inode, name, &buffer, true);
244 if (len < 0)
245 return len;
246 if (size < len) {
247 len = -ERANGE;
248 goto out;
249 }
250 memcpy(value, buffer, len);
251 out:
252 security_release_secctx(buffer, len);
253 out_noalloc:
254 return len;
255 }
256 EXPORT_SYMBOL_GPL(xattr_getsecurity);
257
258 /*
259 * vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr
260 *
261 * Allocate memory, if not already allocated, or re-allocate correct size,
262 * before retrieving the extended attribute.
263 *
264 * Returns the result of alloc, if failed, or the getxattr operation.
265 */
266 ssize_t
267 vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
268 size_t xattr_size, gfp_t flags)
269 {
270 const struct xattr_handler *handler;
271 struct inode *inode = dentry->d_inode;
272 char *value = *xattr_value;
273 int error;
274
275 error = xattr_permission(inode, name, MAY_READ);
276 if (error)
277 return error;
278
279 handler = xattr_resolve_name(inode, &name);
280 if (IS_ERR(handler))
281 return PTR_ERR(handler);
282 if (!handler->get)
283 return -EOPNOTSUPP;
284 error = handler->get(handler, dentry, inode, name, NULL, 0);
285 if (error < 0)
286 return error;
287
288 if (!value || (error > xattr_size)) {
289 value = krealloc(*xattr_value, error + 1, flags);
290 if (!value)
291 return -ENOMEM;
292 memset(value, 0, error + 1);
293 }
294
295 error = handler->get(handler, dentry, inode, name, value, error);
296 *xattr_value = value;
297 return error;
298 }
299 EXPORT_SYMBOL_GPL(vfs_getxattr_alloc);
300
301 ssize_t
302 __vfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name,
303 void *value, size_t size)
304 {
305 const struct xattr_handler *handler;
306
307 handler = xattr_resolve_name(inode, &name);
308 if (IS_ERR(handler))
309 return PTR_ERR(handler);
310 if (!handler->get)
311 return -EOPNOTSUPP;
312 return handler->get(handler, dentry, inode, name, value, size);
313 }
314 EXPORT_SYMBOL(__vfs_getxattr);
315
316 ssize_t
317 vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size)
318 {
319 struct inode *inode = dentry->d_inode;
320 int error;
321
322 error = xattr_permission(inode, name, MAY_READ);
323 if (error)
324 return error;
325
326 error = security_inode_getxattr(dentry, name);
327 if (error)
328 return error;
329
330 if (!strncmp(name, XATTR_SECURITY_PREFIX,
331 XATTR_SECURITY_PREFIX_LEN)) {
332 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
333 int ret = xattr_getsecurity(inode, suffix, value, size);
334 /*
335 * Only overwrite the return value if a security module
336 * is actually active.
337 */
338 if (ret == -EOPNOTSUPP)
339 goto nolsm;
340 return ret;
341 }
342 nolsm:
343 return __vfs_getxattr(dentry, inode, name, value, size);
344 }
345 EXPORT_SYMBOL_GPL(vfs_getxattr);
346
347 ssize_t
348 vfs_listxattr(struct dentry *dentry, char *list, size_t size)
349 {
350 struct inode *inode = d_inode(dentry);
351 ssize_t error;
352
353 error = security_inode_listxattr(dentry);
354 if (error)
355 return error;
356 if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) {
357 error = -EOPNOTSUPP;
358 error = inode->i_op->listxattr(dentry, list, size);
359 } else {
360 error = security_inode_listsecurity(inode, list, size);
361 if (size && error > size)
362 error = -ERANGE;
363 }
364 return error;
365 }
366 EXPORT_SYMBOL_GPL(vfs_listxattr);
367
368 int
369 __vfs_removexattr(struct dentry *dentry, const char *name)
370 {
371 struct inode *inode = d_inode(dentry);
372 const struct xattr_handler *handler;
373
374 handler = xattr_resolve_name(inode, &name);
375 if (IS_ERR(handler))
376 return PTR_ERR(handler);
377 if (!handler->set)
378 return -EOPNOTSUPP;
379 return handler->set(handler, dentry, inode, name, NULL, 0, XATTR_REPLACE);
380 }
381 EXPORT_SYMBOL(__vfs_removexattr);
382
383 int
384 vfs_removexattr(struct dentry *dentry, const char *name)
385 {
386 struct inode *inode = dentry->d_inode;
387 int error;
388
389 error = xattr_permission(inode, name, MAY_WRITE);
390 if (error)
391 return error;
392
393 inode_lock(inode);
394 error = security_inode_removexattr(dentry, name);
395 if (error)
396 goto out;
397
398 error = __vfs_removexattr(dentry, name);
399
400 if (!error) {
401 fsnotify_xattr(dentry);
402 evm_inode_post_removexattr(dentry, name);
403 }
404
405 out:
406 inode_unlock(inode);
407 return error;
408 }
409 EXPORT_SYMBOL_GPL(vfs_removexattr);
410
411
412 /*
413 * Extended attribute SET operations
414 */
415 static long
416 setxattr(struct dentry *d, const char __user *name, const void __user *value,
417 size_t size, int flags)
418 {
419 int error;
420 void *kvalue = NULL;
421 char kname[XATTR_NAME_MAX + 1];
422
423 if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
424 return -EINVAL;
425
426 error = strncpy_from_user(kname, name, sizeof(kname));
427 if (error == 0 || error == sizeof(kname))
428 error = -ERANGE;
429 if (error < 0)
430 return error;
431
432 if (size) {
433 if (size > XATTR_SIZE_MAX)
434 return -E2BIG;
435 kvalue = kmalloc(size, GFP_KERNEL | __GFP_NOWARN);
436 if (!kvalue) {
437 kvalue = vmalloc(size);
438 if (!kvalue)
439 return -ENOMEM;
440 }
441 if (copy_from_user(kvalue, value, size)) {
442 error = -EFAULT;
443 goto out;
444 }
445 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
446 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
447 posix_acl_fix_xattr_from_user(kvalue, size);
448 }
449
450 error = vfs_setxattr(d, kname, kvalue, size, flags);
451 out:
452 kvfree(kvalue);
453
454 return error;
455 }
456
457 static int path_setxattr(const char __user *pathname,
458 const char __user *name, const void __user *value,
459 size_t size, int flags, unsigned int lookup_flags)
460 {
461 struct path path;
462 int error;
463 retry:
464 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
465 if (error)
466 return error;
467 error = mnt_want_write(path.mnt);
468 if (!error) {
469 error = setxattr(path.dentry, name, value, size, flags);
470 mnt_drop_write(path.mnt);
471 }
472 path_put(&path);
473 if (retry_estale(error, lookup_flags)) {
474 lookup_flags |= LOOKUP_REVAL;
475 goto retry;
476 }
477 return error;
478 }
479
480 SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
481 const char __user *, name, const void __user *, value,
482 size_t, size, int, flags)
483 {
484 return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW);
485 }
486
487 SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
488 const char __user *, name, const void __user *, value,
489 size_t, size, int, flags)
490 {
491 return path_setxattr(pathname, name, value, size, flags, 0);
492 }
493
494 SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
495 const void __user *,value, size_t, size, int, flags)
496 {
497 struct fd f = fdget(fd);
498 int error = -EBADF;
499
500 if (!f.file)
501 return error;
502 audit_file(f.file);
503 error = mnt_want_write_file(f.file);
504 if (!error) {
505 error = setxattr(f.file->f_path.dentry, name, value, size, flags);
506 mnt_drop_write_file(f.file);
507 }
508 fdput(f);
509 return error;
510 }
511
512 /*
513 * Extended attribute GET operations
514 */
515 static ssize_t
516 getxattr(struct dentry *d, const char __user *name, void __user *value,
517 size_t size)
518 {
519 ssize_t error;
520 void *kvalue = NULL;
521 char kname[XATTR_NAME_MAX + 1];
522
523 error = strncpy_from_user(kname, name, sizeof(kname));
524 if (error == 0 || error == sizeof(kname))
525 error = -ERANGE;
526 if (error < 0)
527 return error;
528
529 if (size) {
530 if (size > XATTR_SIZE_MAX)
531 size = XATTR_SIZE_MAX;
532 kvalue = kzalloc(size, GFP_KERNEL | __GFP_NOWARN);
533 if (!kvalue) {
534 kvalue = vmalloc(size);
535 if (!kvalue)
536 return -ENOMEM;
537 }
538 }
539
540 error = vfs_getxattr(d, kname, kvalue, size);
541 if (error > 0) {
542 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
543 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
544 posix_acl_fix_xattr_to_user(kvalue, size);
545 if (size && copy_to_user(value, kvalue, error))
546 error = -EFAULT;
547 } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
548 /* The file system tried to returned a value bigger
549 than XATTR_SIZE_MAX bytes. Not possible. */
550 error = -E2BIG;
551 }
552
553 kvfree(kvalue);
554
555 return error;
556 }
557
558 static ssize_t path_getxattr(const char __user *pathname,
559 const char __user *name, void __user *value,
560 size_t size, unsigned int lookup_flags)
561 {
562 struct path path;
563 ssize_t error;
564 retry:
565 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
566 if (error)
567 return error;
568 error = getxattr(path.dentry, name, value, size);
569 path_put(&path);
570 if (retry_estale(error, lookup_flags)) {
571 lookup_flags |= LOOKUP_REVAL;
572 goto retry;
573 }
574 return error;
575 }
576
577 SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
578 const char __user *, name, void __user *, value, size_t, size)
579 {
580 return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW);
581 }
582
583 SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
584 const char __user *, name, void __user *, value, size_t, size)
585 {
586 return path_getxattr(pathname, name, value, size, 0);
587 }
588
589 SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
590 void __user *, value, size_t, size)
591 {
592 struct fd f = fdget(fd);
593 ssize_t error = -EBADF;
594
595 if (!f.file)
596 return error;
597 audit_file(f.file);
598 error = getxattr(f.file->f_path.dentry, name, value, size);
599 fdput(f);
600 return error;
601 }
602
603 /*
604 * Extended attribute LIST operations
605 */
606 static ssize_t
607 listxattr(struct dentry *d, char __user *list, size_t size)
608 {
609 ssize_t error;
610 char *klist = NULL;
611
612 if (size) {
613 if (size > XATTR_LIST_MAX)
614 size = XATTR_LIST_MAX;
615 klist = kmalloc(size, __GFP_NOWARN | GFP_KERNEL);
616 if (!klist) {
617 klist = vmalloc(size);
618 if (!klist)
619 return -ENOMEM;
620 }
621 }
622
623 error = vfs_listxattr(d, klist, size);
624 if (error > 0) {
625 if (size && copy_to_user(list, klist, error))
626 error = -EFAULT;
627 } else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
628 /* The file system tried to returned a list bigger
629 than XATTR_LIST_MAX bytes. Not possible. */
630 error = -E2BIG;
631 }
632
633 kvfree(klist);
634
635 return error;
636 }
637
638 static ssize_t path_listxattr(const char __user *pathname, char __user *list,
639 size_t size, unsigned int lookup_flags)
640 {
641 struct path path;
642 ssize_t error;
643 retry:
644 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
645 if (error)
646 return error;
647 error = listxattr(path.dentry, list, size);
648 path_put(&path);
649 if (retry_estale(error, lookup_flags)) {
650 lookup_flags |= LOOKUP_REVAL;
651 goto retry;
652 }
653 return error;
654 }
655
656 SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
657 size_t, size)
658 {
659 return path_listxattr(pathname, list, size, LOOKUP_FOLLOW);
660 }
661
662 SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
663 size_t, size)
664 {
665 return path_listxattr(pathname, list, size, 0);
666 }
667
668 SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
669 {
670 struct fd f = fdget(fd);
671 ssize_t error = -EBADF;
672
673 if (!f.file)
674 return error;
675 audit_file(f.file);
676 error = listxattr(f.file->f_path.dentry, list, size);
677 fdput(f);
678 return error;
679 }
680
681 /*
682 * Extended attribute REMOVE operations
683 */
684 static long
685 removexattr(struct dentry *d, const char __user *name)
686 {
687 int error;
688 char kname[XATTR_NAME_MAX + 1];
689
690 error = strncpy_from_user(kname, name, sizeof(kname));
691 if (error == 0 || error == sizeof(kname))
692 error = -ERANGE;
693 if (error < 0)
694 return error;
695
696 return vfs_removexattr(d, kname);
697 }
698
699 static int path_removexattr(const char __user *pathname,
700 const char __user *name, unsigned int lookup_flags)
701 {
702 struct path path;
703 int error;
704 retry:
705 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
706 if (error)
707 return error;
708 error = mnt_want_write(path.mnt);
709 if (!error) {
710 error = removexattr(path.dentry, name);
711 mnt_drop_write(path.mnt);
712 }
713 path_put(&path);
714 if (retry_estale(error, lookup_flags)) {
715 lookup_flags |= LOOKUP_REVAL;
716 goto retry;
717 }
718 return error;
719 }
720
721 SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
722 const char __user *, name)
723 {
724 return path_removexattr(pathname, name, LOOKUP_FOLLOW);
725 }
726
727 SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
728 const char __user *, name)
729 {
730 return path_removexattr(pathname, name, 0);
731 }
732
733 SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
734 {
735 struct fd f = fdget(fd);
736 int error = -EBADF;
737
738 if (!f.file)
739 return error;
740 audit_file(f.file);
741 error = mnt_want_write_file(f.file);
742 if (!error) {
743 error = removexattr(f.file->f_path.dentry, name);
744 mnt_drop_write_file(f.file);
745 }
746 fdput(f);
747 return error;
748 }
749
750 /*
751 * Combine the results of the list() operation from every xattr_handler in the
752 * list.
753 */
754 ssize_t
755 generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
756 {
757 const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
758 unsigned int size = 0;
759
760 if (!buffer) {
761 for_each_xattr_handler(handlers, handler) {
762 if (!handler->name ||
763 (handler->list && !handler->list(dentry)))
764 continue;
765 size += strlen(handler->name) + 1;
766 }
767 } else {
768 char *buf = buffer;
769 size_t len;
770
771 for_each_xattr_handler(handlers, handler) {
772 if (!handler->name ||
773 (handler->list && !handler->list(dentry)))
774 continue;
775 len = strlen(handler->name);
776 if (len + 1 > buffer_size)
777 return -ERANGE;
778 memcpy(buf, handler->name, len + 1);
779 buf += len + 1;
780 buffer_size -= len + 1;
781 }
782 size = buf - buffer;
783 }
784 return size;
785 }
786 EXPORT_SYMBOL(generic_listxattr);
787
788 /**
789 * xattr_full_name - Compute full attribute name from suffix
790 *
791 * @handler: handler of the xattr_handler operation
792 * @name: name passed to the xattr_handler operation
793 *
794 * The get and set xattr handler operations are called with the remainder of
795 * the attribute name after skipping the handler's prefix: for example, "foo"
796 * is passed to the get operation of a handler with prefix "user." to get
797 * attribute "user.foo". The full name is still "there" in the name though.
798 *
799 * Note: the list xattr handler operation when called from the vfs is passed a
800 * NULL name; some file systems use this operation internally, with varying
801 * semantics.
802 */
803 const char *xattr_full_name(const struct xattr_handler *handler,
804 const char *name)
805 {
806 size_t prefix_len = strlen(xattr_prefix(handler));
807
808 return name - prefix_len;
809 }
810 EXPORT_SYMBOL(xattr_full_name);
811
812 /*
813 * Allocate new xattr and copy in the value; but leave the name to callers.
814 */
815 struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
816 {
817 struct simple_xattr *new_xattr;
818 size_t len;
819
820 /* wrap around? */
821 len = sizeof(*new_xattr) + size;
822 if (len < sizeof(*new_xattr))
823 return NULL;
824
825 new_xattr = kmalloc(len, GFP_KERNEL);
826 if (!new_xattr)
827 return NULL;
828
829 new_xattr->size = size;
830 memcpy(new_xattr->value, value, size);
831 return new_xattr;
832 }
833
834 /*
835 * xattr GET operation for in-memory/pseudo filesystems
836 */
837 int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
838 void *buffer, size_t size)
839 {
840 struct simple_xattr *xattr;
841 int ret = -ENODATA;
842
843 spin_lock(&xattrs->lock);
844 list_for_each_entry(xattr, &xattrs->head, list) {
845 if (strcmp(name, xattr->name))
846 continue;
847
848 ret = xattr->size;
849 if (buffer) {
850 if (size < xattr->size)
851 ret = -ERANGE;
852 else
853 memcpy(buffer, xattr->value, xattr->size);
854 }
855 break;
856 }
857 spin_unlock(&xattrs->lock);
858 return ret;
859 }
860
861 /**
862 * simple_xattr_set - xattr SET operation for in-memory/pseudo filesystems
863 * @xattrs: target simple_xattr list
864 * @name: name of the extended attribute
865 * @value: value of the xattr. If %NULL, will remove the attribute.
866 * @size: size of the new xattr
867 * @flags: %XATTR_{CREATE|REPLACE}
868 *
869 * %XATTR_CREATE is set, the xattr shouldn't exist already; otherwise fails
870 * with -EEXIST. If %XATTR_REPLACE is set, the xattr should exist;
871 * otherwise, fails with -ENODATA.
872 *
873 * Returns 0 on success, -errno on failure.
874 */
875 int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
876 const void *value, size_t size, int flags)
877 {
878 struct simple_xattr *xattr;
879 struct simple_xattr *new_xattr = NULL;
880 int err = 0;
881
882 /* value == NULL means remove */
883 if (value) {
884 new_xattr = simple_xattr_alloc(value, size);
885 if (!new_xattr)
886 return -ENOMEM;
887
888 new_xattr->name = kstrdup(name, GFP_KERNEL);
889 if (!new_xattr->name) {
890 kfree(new_xattr);
891 return -ENOMEM;
892 }
893 }
894
895 spin_lock(&xattrs->lock);
896 list_for_each_entry(xattr, &xattrs->head, list) {
897 if (!strcmp(name, xattr->name)) {
898 if (flags & XATTR_CREATE) {
899 xattr = new_xattr;
900 err = -EEXIST;
901 } else if (new_xattr) {
902 list_replace(&xattr->list, &new_xattr->list);
903 } else {
904 list_del(&xattr->list);
905 }
906 goto out;
907 }
908 }
909 if (flags & XATTR_REPLACE) {
910 xattr = new_xattr;
911 err = -ENODATA;
912 } else {
913 list_add(&new_xattr->list, &xattrs->head);
914 xattr = NULL;
915 }
916 out:
917 spin_unlock(&xattrs->lock);
918 if (xattr) {
919 kfree(xattr->name);
920 kfree(xattr);
921 }
922 return err;
923
924 }
925
926 static bool xattr_is_trusted(const char *name)
927 {
928 return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
929 }
930
931 static int xattr_list_one(char **buffer, ssize_t *remaining_size,
932 const char *name)
933 {
934 size_t len = strlen(name) + 1;
935 if (*buffer) {
936 if (*remaining_size < len)
937 return -ERANGE;
938 memcpy(*buffer, name, len);
939 *buffer += len;
940 }
941 *remaining_size -= len;
942 return 0;
943 }
944
945 /*
946 * xattr LIST operation for in-memory/pseudo filesystems
947 */
948 ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
949 char *buffer, size_t size)
950 {
951 bool trusted = capable(CAP_SYS_ADMIN);
952 struct simple_xattr *xattr;
953 ssize_t remaining_size = size;
954 int err = 0;
955
956 #ifdef CONFIG_FS_POSIX_ACL
957 if (inode->i_acl) {
958 err = xattr_list_one(&buffer, &remaining_size,
959 XATTR_NAME_POSIX_ACL_ACCESS);
960 if (err)
961 return err;
962 }
963 if (inode->i_default_acl) {
964 err = xattr_list_one(&buffer, &remaining_size,
965 XATTR_NAME_POSIX_ACL_DEFAULT);
966 if (err)
967 return err;
968 }
969 #endif
970
971 spin_lock(&xattrs->lock);
972 list_for_each_entry(xattr, &xattrs->head, list) {
973 /* skip "trusted." attributes for unprivileged callers */
974 if (!trusted && xattr_is_trusted(xattr->name))
975 continue;
976
977 err = xattr_list_one(&buffer, &remaining_size, xattr->name);
978 if (err)
979 break;
980 }
981 spin_unlock(&xattrs->lock);
982
983 return err ? err : size - remaining_size;
984 }
985
986 /*
987 * Adds an extended attribute to the list
988 */
989 void simple_xattr_list_add(struct simple_xattrs *xattrs,
990 struct simple_xattr *new_xattr)
991 {
992 spin_lock(&xattrs->lock);
993 list_add(&new_xattr->list, &xattrs->head);
994 spin_unlock(&xattrs->lock);
995 }
ubuntu-zesty-kernel mirror