1
2
3
4
5
6
7
8
9
10#include <linux/fs.h>
11#include <linux/slab.h>
12#include <linux/file.h>
13#include <linux/xattr.h>
14#include <linux/mount.h>
15#include <linux/namei.h>
16#include <linux/security.h>
17#include <linux/evm.h>
18#include <linux/syscalls.h>
19#include <linux/export.h>
20#include <linux/fsnotify.h>
21#include <linux/audit.h>
22#include <linux/vmalloc.h>
23#include <linux/posix_acl_xattr.h>
24
25#include <asm/uaccess.h>
26
27
28
29
30
31static int
32xattr_permission(struct inode *inode, const char *name, int mask)
33{
34
35
36
37
38 if (mask & MAY_WRITE) {
39 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
40 return -EPERM;
41 }
42
43
44
45
46
47 if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
48 !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
49 return 0;
50
51
52
53
54 if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
55 if (!capable(CAP_SYS_ADMIN))
56 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
57 return 0;
58 }
59
60
61
62
63
64
65 if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
66 if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
67 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
68 if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
69 (mask & MAY_WRITE) && !inode_owner_or_capable(inode))
70 return -EPERM;
71 }
72
73 return inode_permission(inode, mask);
74}
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
93 const void *value, size_t size, int flags)
94{
95 struct inode *inode = dentry->d_inode;
96 int error = -EOPNOTSUPP;
97 int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
98 XATTR_SECURITY_PREFIX_LEN);
99
100 if (issec)
101 inode->i_flags &= ~S_NOSEC;
102 if (inode->i_op->setxattr) {
103 error = inode->i_op->setxattr(dentry, name, value, size, flags);
104 if (!error) {
105 fsnotify_xattr(dentry);
106 security_inode_post_setxattr(dentry, name, value,
107 size, flags);
108 }
109 } else if (issec) {
110 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
111 error = security_inode_setsecurity(inode, suffix, value,
112 size, flags);
113 if (!error)
114 fsnotify_xattr(dentry);
115 }
116
117 return error;
118}
119
120
121int
122vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
123 size_t size, int flags)
124{
125 struct inode *inode = dentry->d_inode;
126 int error;
127
128 error = xattr_permission(inode, name, MAY_WRITE);
129 if (error)
130 return error;
131
132 mutex_lock(&inode->i_mutex);
133 error = security_inode_setxattr(dentry, name, value, size, flags);
134 if (error)
135 goto out;
136
137 error = __vfs_setxattr_noperm(dentry, name, value, size, flags);
138
139out:
140 mutex_unlock(&inode->i_mutex);
141 return error;
142}
143EXPORT_SYMBOL_GPL(vfs_setxattr);
144
145ssize_t
146xattr_getsecurity(struct inode *inode, const char *name, void *value,
147 size_t size)
148{
149 void *buffer = NULL;
150 ssize_t len;
151
152 if (!value || !size) {
153 len = security_inode_getsecurity(inode, name, &buffer, false);
154 goto out_noalloc;
155 }
156
157 len = security_inode_getsecurity(inode, name, &buffer, true);
158 if (len < 0)
159 return len;
160 if (size < len) {
161 len = -ERANGE;
162 goto out;
163 }
164 memcpy(value, buffer, len);
165out:
166 security_release_secctx(buffer, len);
167out_noalloc:
168 return len;
169}
170EXPORT_SYMBOL_GPL(xattr_getsecurity);
171
172
173
174
175
176
177
178
179
180ssize_t
181vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
182 size_t xattr_size, gfp_t flags)
183{
184 struct inode *inode = dentry->d_inode;
185 char *value = *xattr_value;
186 int error;
187
188 error = xattr_permission(inode, name, MAY_READ);
189 if (error)
190 return error;
191
192 if (!inode->i_op->getxattr)
193 return -EOPNOTSUPP;
194
195 error = inode->i_op->getxattr(dentry, name, NULL, 0);
196 if (error < 0)
197 return error;
198
199 if (!value || (error > xattr_size)) {
200 value = krealloc(*xattr_value, error + 1, flags);
201 if (!value)
202 return -ENOMEM;
203 memset(value, 0, error + 1);
204 }
205
206 error = inode->i_op->getxattr(dentry, name, value, error);
207 *xattr_value = value;
208 return error;
209}
210
211
212int vfs_xattr_cmp(struct dentry *dentry, const char *xattr_name,
213 const char *value, size_t size, gfp_t flags)
214{
215 char *xattr_value = NULL;
216 int rc;
217
218 rc = vfs_getxattr_alloc(dentry, xattr_name, &xattr_value, 0, flags);
219 if (rc < 0)
220 return rc;
221
222 if ((rc != size) || (memcmp(xattr_value, value, rc) != 0))
223 rc = -EINVAL;
224 else
225 rc = 0;
226 kfree(xattr_value);
227 return rc;
228}
229
230ssize_t
231vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size)
232{
233 struct inode *inode = dentry->d_inode;
234 int error;
235
236 error = xattr_permission(inode, name, MAY_READ);
237 if (error)
238 return error;
239
240 error = security_inode_getxattr(dentry, name);
241 if (error)
242 return error;
243
244 if (!strncmp(name, XATTR_SECURITY_PREFIX,
245 XATTR_SECURITY_PREFIX_LEN)) {
246 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
247 int ret = xattr_getsecurity(inode, suffix, value, size);
248
249
250
251
252 if (ret == -EOPNOTSUPP)
253 goto nolsm;
254 return ret;
255 }
256nolsm:
257 if (inode->i_op->getxattr)
258 error = inode->i_op->getxattr(dentry, name, value, size);
259 else
260 error = -EOPNOTSUPP;
261
262 return error;
263}
264EXPORT_SYMBOL_GPL(vfs_getxattr);
265
266ssize_t
267vfs_listxattr(struct dentry *d, char *list, size_t size)
268{
269 ssize_t error;
270
271 error = security_inode_listxattr(d);
272 if (error)
273 return error;
274 error = -EOPNOTSUPP;
275 if (d->d_inode->i_op->listxattr) {
276 error = d->d_inode->i_op->listxattr(d, list, size);
277 } else {
278 error = security_inode_listsecurity(d->d_inode, list, size);
279 if (size && error > size)
280 error = -ERANGE;
281 }
282 return error;
283}
284EXPORT_SYMBOL_GPL(vfs_listxattr);
285
286int
287vfs_removexattr(struct dentry *dentry, const char *name)
288{
289 struct inode *inode = dentry->d_inode;
290 int error;
291
292 if (!inode->i_op->removexattr)
293 return -EOPNOTSUPP;
294
295 error = xattr_permission(inode, name, MAY_WRITE);
296 if (error)
297 return error;
298
299 mutex_lock(&inode->i_mutex);
300 error = security_inode_removexattr(dentry, name);
301 if (error) {
302 mutex_unlock(&inode->i_mutex);
303 return error;
304 }
305
306 error = inode->i_op->removexattr(dentry, name);
307 mutex_unlock(&inode->i_mutex);
308
309 if (!error) {
310 fsnotify_xattr(dentry);
311 evm_inode_post_removexattr(dentry, name);
312 }
313 return error;
314}
315EXPORT_SYMBOL_GPL(vfs_removexattr);
316
317
318
319
320
321static long
322setxattr(struct dentry *d, const char __user *name, const void __user *value,
323 size_t size, int flags)
324{
325 int error;
326 void *kvalue = NULL;
327 void *vvalue = NULL;
328 char kname[XATTR_NAME_MAX + 1];
329
330 if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
331 return -EINVAL;
332
333 error = strncpy_from_user(kname, name, sizeof(kname));
334 if (error == 0 || error == sizeof(kname))
335 error = -ERANGE;
336 if (error < 0)
337 return error;
338
339 if (size) {
340 if (size > XATTR_SIZE_MAX)
341 return -E2BIG;
342 kvalue = kmalloc(size, GFP_KERNEL | __GFP_NOWARN);
343 if (!kvalue) {
344 vvalue = vmalloc(size);
345 if (!vvalue)
346 return -ENOMEM;
347 kvalue = vvalue;
348 }
349 if (copy_from_user(kvalue, value, size)) {
350 error = -EFAULT;
351 goto out;
352 }
353 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
354 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
355 posix_acl_fix_xattr_from_user(kvalue, size);
356 }
357
358 error = vfs_setxattr(d, kname, kvalue, size, flags);
359out:
360 if (vvalue)
361 vfree(vvalue);
362 else
363 kfree(kvalue);
364 return error;
365}
366
367SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
368 const char __user *, name, const void __user *, value,
369 size_t, size, int, flags)
370{
371 struct path path;
372 int error;
373 unsigned int lookup_flags = LOOKUP_FOLLOW;
374retry:
375 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
376 if (error)
377 return error;
378 error = mnt_want_write(path.mnt);
379 if (!error) {
380 error = setxattr(path.dentry, name, value, size, flags);
381 mnt_drop_write(path.mnt);
382 }
383 path_put(&path);
384 if (retry_estale(error, lookup_flags)) {
385 lookup_flags |= LOOKUP_REVAL;
386 goto retry;
387 }
388 return error;
389}
390
391SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
392 const char __user *, name, const void __user *, value,
393 size_t, size, int, flags)
394{
395 struct path path;
396 int error;
397 unsigned int lookup_flags = 0;
398retry:
399 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
400 if (error)
401 return error;
402 error = mnt_want_write(path.mnt);
403 if (!error) {
404 error = setxattr(path.dentry, name, value, size, flags);
405 mnt_drop_write(path.mnt);
406 }
407 path_put(&path);
408 if (retry_estale(error, lookup_flags)) {
409 lookup_flags |= LOOKUP_REVAL;
410 goto retry;
411 }
412 return error;
413}
414
415SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
416 const void __user *,value, size_t, size, int, flags)
417{
418 struct fd f = fdget(fd);
419 struct dentry *dentry;
420 int error = -EBADF;
421
422 if (!f.file)
423 return error;
424 dentry = f.file->f_path.dentry;
425 audit_inode(NULL, dentry, 0);
426 error = mnt_want_write_file(f.file);
427 if (!error) {
428 error = setxattr(dentry, name, value, size, flags);
429 mnt_drop_write_file(f.file);
430 }
431 fdput(f);
432 return error;
433}
434
435
436
437
438static ssize_t
439getxattr(struct dentry *d, const char __user *name, void __user *value,
440 size_t size)
441{
442 ssize_t error;
443 void *kvalue = NULL;
444 void *vvalue = NULL;
445 char kname[XATTR_NAME_MAX + 1];
446
447 error = strncpy_from_user(kname, name, sizeof(kname));
448 if (error == 0 || error == sizeof(kname))
449 error = -ERANGE;
450 if (error < 0)
451 return error;
452
453 if (size) {
454 if (size > XATTR_SIZE_MAX)
455 size = XATTR_SIZE_MAX;
456 kvalue = kzalloc(size, GFP_KERNEL | __GFP_NOWARN);
457 if (!kvalue) {
458 vvalue = vmalloc(size);
459 if (!vvalue)
460 return -ENOMEM;
461 kvalue = vvalue;
462 }
463 }
464
465 error = vfs_getxattr(d, kname, kvalue, size);
466 if (error > 0) {
467 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
468 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
469 posix_acl_fix_xattr_to_user(kvalue, size);
470 if (size && copy_to_user(value, kvalue, error))
471 error = -EFAULT;
472 } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
473
474
475 error = -E2BIG;
476 }
477 if (vvalue)
478 vfree(vvalue);
479 else
480 kfree(kvalue);
481 return error;
482}
483
484SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
485 const char __user *, name, void __user *, value, size_t, size)
486{
487 struct path path;
488 ssize_t error;
489 unsigned int lookup_flags = LOOKUP_FOLLOW;
490retry:
491 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
492 if (error)
493 return error;
494 error = getxattr(path.dentry, name, value, size);
495 path_put(&path);
496 if (retry_estale(error, lookup_flags)) {
497 lookup_flags |= LOOKUP_REVAL;
498 goto retry;
499 }
500 return error;
501}
502
503SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
504 const char __user *, name, void __user *, value, size_t, size)
505{
506 struct path path;
507 ssize_t error;
508 unsigned int lookup_flags = 0;
509retry:
510 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
511 if (error)
512 return error;
513 error = getxattr(path.dentry, name, value, size);
514 path_put(&path);
515 if (retry_estale(error, lookup_flags)) {
516 lookup_flags |= LOOKUP_REVAL;
517 goto retry;
518 }
519 return error;
520}
521
522SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
523 void __user *, value, size_t, size)
524{
525 struct fd f = fdget(fd);
526 ssize_t error = -EBADF;
527
528 if (!f.file)
529 return error;
530 audit_inode(NULL, f.file->f_path.dentry, 0);
531 error = getxattr(f.file->f_path.dentry, name, value, size);
532 fdput(f);
533 return error;
534}
535
536
537
538
539static ssize_t
540listxattr(struct dentry *d, char __user *list, size_t size)
541{
542 ssize_t error;
543 char *klist = NULL;
544 char *vlist = NULL;
545
546 if (size) {
547 if (size > XATTR_LIST_MAX)
548 size = XATTR_LIST_MAX;
549 klist = kmalloc(size, __GFP_NOWARN | GFP_KERNEL);
550 if (!klist) {
551 vlist = vmalloc(size);
552 if (!vlist)
553 return -ENOMEM;
554 klist = vlist;
555 }
556 }
557
558 error = vfs_listxattr(d, klist, size);
559 if (error > 0) {
560 if (size && copy_to_user(list, klist, error))
561 error = -EFAULT;
562 } else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
563
564
565 error = -E2BIG;
566 }
567 if (vlist)
568 vfree(vlist);
569 else
570 kfree(klist);
571 return error;
572}
573
574SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
575 size_t, size)
576{
577 struct path path;
578 ssize_t error;
579 unsigned int lookup_flags = LOOKUP_FOLLOW;
580retry:
581 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
582 if (error)
583 return error;
584 error = listxattr(path.dentry, list, size);
585 path_put(&path);
586 if (retry_estale(error, lookup_flags)) {
587 lookup_flags |= LOOKUP_REVAL;
588 goto retry;
589 }
590 return error;
591}
592
593SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
594 size_t, size)
595{
596 struct path path;
597 ssize_t error;
598 unsigned int lookup_flags = 0;
599retry:
600 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
601 if (error)
602 return error;
603 error = listxattr(path.dentry, list, size);
604 path_put(&path);
605 if (retry_estale(error, lookup_flags)) {
606 lookup_flags |= LOOKUP_REVAL;
607 goto retry;
608 }
609 return error;
610}
611
612SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
613{
614 struct fd f = fdget(fd);
615 ssize_t error = -EBADF;
616
617 if (!f.file)
618 return error;
619 audit_inode(NULL, f.file->f_path.dentry, 0);
620 error = listxattr(f.file->f_path.dentry, list, size);
621 fdput(f);
622 return error;
623}
624
625
626
627
628static long
629removexattr(struct dentry *d, const char __user *name)
630{
631 int error;
632 char kname[XATTR_NAME_MAX + 1];
633
634 error = strncpy_from_user(kname, name, sizeof(kname));
635 if (error == 0 || error == sizeof(kname))
636 error = -ERANGE;
637 if (error < 0)
638 return error;
639
640 return vfs_removexattr(d, kname);
641}
642
643SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
644 const char __user *, name)
645{
646 struct path path;
647 int error;
648 unsigned int lookup_flags = LOOKUP_FOLLOW;
649retry:
650 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
651 if (error)
652 return error;
653 error = mnt_want_write(path.mnt);
654 if (!error) {
655 error = removexattr(path.dentry, name);
656 mnt_drop_write(path.mnt);
657 }
658 path_put(&path);
659 if (retry_estale(error, lookup_flags)) {
660 lookup_flags |= LOOKUP_REVAL;
661 goto retry;
662 }
663 return error;
664}
665
666SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
667 const char __user *, name)
668{
669 struct path path;
670 int error;
671 unsigned int lookup_flags = 0;
672retry:
673 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
674 if (error)
675 return error;
676 error = mnt_want_write(path.mnt);
677 if (!error) {
678 error = removexattr(path.dentry, name);
679 mnt_drop_write(path.mnt);
680 }
681 path_put(&path);
682 if (retry_estale(error, lookup_flags)) {
683 lookup_flags |= LOOKUP_REVAL;
684 goto retry;
685 }
686 return error;
687}
688
689SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
690{
691 struct fd f = fdget(fd);
692 struct dentry *dentry;
693 int error = -EBADF;
694
695 if (!f.file)
696 return error;
697 dentry = f.file->f_path.dentry;
698 audit_inode(NULL, dentry, 0);
699 error = mnt_want_write_file(f.file);
700 if (!error) {
701 error = removexattr(dentry, name);
702 mnt_drop_write_file(f.file);
703 }
704 fdput(f);
705 return error;
706}
707
708
709static const char *
710strcmp_prefix(const char *a, const char *a_prefix)
711{
712 while (*a_prefix && *a == *a_prefix) {
713 a++;
714 a_prefix++;
715 }
716 return *a_prefix ? NULL : a;
717}
718
719
720
721
722
723
724
725
726
727
728#define for_each_xattr_handler(handlers, handler) \
729 for ((handler) = *(handlers)++; \
730 (handler) != NULL; \
731 (handler) = *(handlers)++)
732
733
734
735
736static const struct xattr_handler *
737xattr_resolve_name(const struct xattr_handler **handlers, const char **name)
738{
739 const struct xattr_handler *handler;
740
741 if (!*name)
742 return NULL;
743
744 for_each_xattr_handler(handlers, handler) {
745 const char *n = strcmp_prefix(*name, handler->prefix);
746 if (n) {
747 *name = n;
748 break;
749 }
750 }
751 return handler;
752}
753
754
755
756
757ssize_t
758generic_getxattr(struct dentry *dentry, const char *name, void *buffer, size_t size)
759{
760 const struct xattr_handler *handler;
761
762 handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name);
763 if (!handler)
764 return -EOPNOTSUPP;
765 return handler->get(dentry, name, buffer, size, handler->flags);
766}
767
768
769
770
771
772ssize_t
773generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
774{
775 const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
776 unsigned int size = 0;
777
778 if (!buffer) {
779 for_each_xattr_handler(handlers, handler) {
780 size += handler->list(dentry, NULL, 0, NULL, 0,
781 handler->flags);
782 }
783 } else {
784 char *buf = buffer;
785
786 for_each_xattr_handler(handlers, handler) {
787 size = handler->list(dentry, buf, buffer_size,
788 NULL, 0, handler->flags);
789 if (size > buffer_size)
790 return -ERANGE;
791 buf += size;
792 buffer_size -= size;
793 }
794 size = buf - buffer;
795 }
796 return size;
797}
798
799
800
801
802int
803generic_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags)
804{
805 const struct xattr_handler *handler;
806
807 if (size == 0)
808 value = "";
809 handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name);
810 if (!handler)
811 return -EOPNOTSUPP;
812 return handler->set(dentry, name, value, size, flags, handler->flags);
813}
814
815
816
817
818
819int
820generic_removexattr(struct dentry *dentry, const char *name)
821{
822 const struct xattr_handler *handler;
823
824 handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name);
825 if (!handler)
826 return -EOPNOTSUPP;
827 return handler->set(dentry, name, NULL, 0,
828 XATTR_REPLACE, handler->flags);
829}
830
831EXPORT_SYMBOL(generic_getxattr);
832EXPORT_SYMBOL(generic_listxattr);
833EXPORT_SYMBOL(generic_setxattr);
834EXPORT_SYMBOL(generic_removexattr);
835
836
837
838
839struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
840{
841 struct simple_xattr *new_xattr;
842 size_t len;
843
844
845 len = sizeof(*new_xattr) + size;
846 if (len <= sizeof(*new_xattr))
847 return NULL;
848
849 new_xattr = kmalloc(len, GFP_KERNEL);
850 if (!new_xattr)
851 return NULL;
852
853 new_xattr->size = size;
854 memcpy(new_xattr->value, value, size);
855 return new_xattr;
856}
857
858
859
860
861int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
862 void *buffer, size_t size)
863{
864 struct simple_xattr *xattr;
865 int ret = -ENODATA;
866
867 spin_lock(&xattrs->lock);
868 list_for_each_entry(xattr, &xattrs->head, list) {
869 if (strcmp(name, xattr->name))
870 continue;
871
872 ret = xattr->size;
873 if (buffer) {
874 if (size < xattr->size)
875 ret = -ERANGE;
876 else
877 memcpy(buffer, xattr->value, xattr->size);
878 }
879 break;
880 }
881 spin_unlock(&xattrs->lock);
882 return ret;
883}
884
885static int __simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
886 const void *value, size_t size, int flags)
887{
888 struct simple_xattr *xattr;
889 struct simple_xattr *new_xattr = NULL;
890 int err = 0;
891
892
893 if (value) {
894 new_xattr = simple_xattr_alloc(value, size);
895 if (!new_xattr)
896 return -ENOMEM;
897
898 new_xattr->name = kstrdup(name, GFP_KERNEL);
899 if (!new_xattr->name) {
900 kfree(new_xattr);
901 return -ENOMEM;
902 }
903 }
904
905 spin_lock(&xattrs->lock);
906 list_for_each_entry(xattr, &xattrs->head, list) {
907 if (!strcmp(name, xattr->name)) {
908 if (flags & XATTR_CREATE) {
909 xattr = new_xattr;
910 err = -EEXIST;
911 } else if (new_xattr) {
912 list_replace(&xattr->list, &new_xattr->list);
913 } else {
914 list_del(&xattr->list);
915 }
916 goto out;
917 }
918 }
919 if (flags & XATTR_REPLACE) {
920 xattr = new_xattr;
921 err = -ENODATA;
922 } else {
923 list_add(&new_xattr->list, &xattrs->head);
924 xattr = NULL;
925 }
926out:
927 spin_unlock(&xattrs->lock);
928 if (xattr) {
929 kfree(xattr->name);
930 kfree(xattr);
931 }
932 return err;
933
934}
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
951 const void *value, size_t size, int flags)
952{
953 if (size == 0)
954 value = "";
955 return __simple_xattr_set(xattrs, name, value, size, flags);
956}
957
958
959
960
961int simple_xattr_remove(struct simple_xattrs *xattrs, const char *name)
962{
963 return __simple_xattr_set(xattrs, name, NULL, 0, XATTR_REPLACE);
964}
965
966static bool xattr_is_trusted(const char *name)
967{
968 return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
969}
970
971
972
973
974ssize_t simple_xattr_list(struct simple_xattrs *xattrs, char *buffer,
975 size_t size)
976{
977 bool trusted = capable(CAP_SYS_ADMIN);
978 struct simple_xattr *xattr;
979 size_t used = 0;
980
981 spin_lock(&xattrs->lock);
982 list_for_each_entry(xattr, &xattrs->head, list) {
983 size_t len;
984
985
986 if (!trusted && xattr_is_trusted(xattr->name))
987 continue;
988
989 len = strlen(xattr->name) + 1;
990 used += len;
991 if (buffer) {
992 if (size < used) {
993 used = -ERANGE;
994 break;
995 }
996 memcpy(buffer, xattr->name, len);
997 buffer += len;
998 }
999 }
1000 spin_unlock(&xattrs->lock);
1001
1002 return used;
1003}
1004
1005
1006
1007
1008void simple_xattr_list_add(struct simple_xattrs *xattrs,
1009 struct simple_xattr *new_xattr)
1010{
1011 spin_lock(&xattrs->lock);
1012 list_add(&new_xattr->list, &xattrs->head);
1013 spin_unlock(&xattrs->lock);
1014}
1015