linux/fs/xattr.c
<<
>>
Prefs
   1/*
   2  File: fs/xattr.c
   3
   4  Extended attribute handling.
   5
   6  Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
   7  Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
   8  Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
   9 */
  10#include <linux/fs.h>
  11#include <linux/slab.h>
  12#include <linux/file.h>
  13#include <linux/xattr.h>
  14#include <linux/mount.h>
  15#include <linux/namei.h>
  16#include <linux/security.h>
  17#include <linux/evm.h>
  18#include <linux/syscalls.h>
  19#include <linux/export.h>
  20#include <linux/fsnotify.h>
  21#include <linux/audit.h>
  22#include <linux/vmalloc.h>
  23#include <linux/posix_acl_xattr.h>
  24
  25#include <asm/uaccess.h>
  26
  27/*
  28 * Check permissions for extended attribute access.  This is a bit complicated
  29 * because different namespaces have very different rules.
  30 */
  31static int
  32xattr_permission(struct inode *inode, const char *name, int mask)
  33{
  34        /*
  35         * We can never set or remove an extended attribute on a read-only
  36         * filesystem  or on an immutable / append-only inode.
  37         */
  38        if (mask & MAY_WRITE) {
  39                if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
  40                        return -EPERM;
  41        }
  42
  43        /*
  44         * No restriction for security.* and system.* from the VFS.  Decision
  45         * on these is left to the underlying filesystem / security module.
  46         */
  47        if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
  48            !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
  49                return 0;
  50
  51        /*
  52         * The trusted.* namespace can only be accessed by privileged users.
  53         */
  54        if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
  55                if (!capable(CAP_SYS_ADMIN))
  56                        return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
  57                return 0;
  58        }
  59
  60        /*
  61         * In the user.* namespace, only regular files and directories can have
  62         * extended attributes. For sticky directories, only the owner and
  63         * privileged users can write attributes.
  64         */
  65        if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
  66                if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
  67                        return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
  68                if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
  69                    (mask & MAY_WRITE) && !inode_owner_or_capable(inode))
  70                        return -EPERM;
  71        }
  72
  73        return inode_permission(inode, mask);
  74}
  75
  76/**
  77 *  __vfs_setxattr_noperm - perform setxattr operation without performing
  78 *  permission checks.
  79 *
  80 *  @dentry - object to perform setxattr on
  81 *  @name - xattr name to set
  82 *  @value - value to set @name to
  83 *  @size - size of @value
  84 *  @flags - flags to pass into filesystem operations
  85 *
  86 *  returns the result of the internal setxattr or setsecurity operations.
  87 *
  88 *  This function requires the caller to lock the inode's i_mutex before it
  89 *  is executed. It also assumes that the caller will make the appropriate
  90 *  permission checks.
  91 */
  92int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
  93                const void *value, size_t size, int flags)
  94{
  95        struct inode *inode = dentry->d_inode;
  96        int error = -EOPNOTSUPP;
  97        int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
  98                                   XATTR_SECURITY_PREFIX_LEN);
  99
 100        if (issec)
 101                inode->i_flags &= ~S_NOSEC;
 102        if (inode->i_op->setxattr) {
 103                error = inode->i_op->setxattr(dentry, name, value, size, flags);
 104                if (!error) {
 105                        fsnotify_xattr(dentry);
 106                        security_inode_post_setxattr(dentry, name, value,
 107                                                     size, flags);
 108                }
 109        } else if (issec) {
 110                const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
 111                error = security_inode_setsecurity(inode, suffix, value,
 112                                                   size, flags);
 113                if (!error)
 114                        fsnotify_xattr(dentry);
 115        }
 116
 117        return error;
 118}
 119
 120
 121int
 122vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
 123                size_t size, int flags)
 124{
 125        struct inode *inode = dentry->d_inode;
 126        int error;
 127
 128        error = xattr_permission(inode, name, MAY_WRITE);
 129        if (error)
 130                return error;
 131
 132        mutex_lock(&inode->i_mutex);
 133        error = security_inode_setxattr(dentry, name, value, size, flags);
 134        if (error)
 135                goto out;
 136
 137        error = __vfs_setxattr_noperm(dentry, name, value, size, flags);
 138
 139out:
 140        mutex_unlock(&inode->i_mutex);
 141        return error;
 142}
 143EXPORT_SYMBOL_GPL(vfs_setxattr);
 144
 145ssize_t
 146xattr_getsecurity(struct inode *inode, const char *name, void *value,
 147                        size_t size)
 148{
 149        void *buffer = NULL;
 150        ssize_t len;
 151
 152        if (!value || !size) {
 153                len = security_inode_getsecurity(inode, name, &buffer, false);
 154                goto out_noalloc;
 155        }
 156
 157        len = security_inode_getsecurity(inode, name, &buffer, true);
 158        if (len < 0)
 159                return len;
 160        if (size < len) {
 161                len = -ERANGE;
 162                goto out;
 163        }
 164        memcpy(value, buffer, len);
 165out:
 166        security_release_secctx(buffer, len);
 167out_noalloc:
 168        return len;
 169}
 170EXPORT_SYMBOL_GPL(xattr_getsecurity);
 171
 172/*
 173 * vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr
 174 *
 175 * Allocate memory, if not already allocated, or re-allocate correct size,
 176 * before retrieving the extended attribute.
 177 *
 178 * Returns the result of alloc, if failed, or the getxattr operation.
 179 */
 180ssize_t
 181vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
 182                   size_t xattr_size, gfp_t flags)
 183{
 184        struct inode *inode = dentry->d_inode;
 185        char *value = *xattr_value;
 186        int error;
 187
 188        error = xattr_permission(inode, name, MAY_READ);
 189        if (error)
 190                return error;
 191
 192        if (!inode->i_op->getxattr)
 193                return -EOPNOTSUPP;
 194
 195        error = inode->i_op->getxattr(dentry, name, NULL, 0);
 196        if (error < 0)
 197                return error;
 198
 199        if (!value || (error > xattr_size)) {
 200                value = krealloc(*xattr_value, error + 1, flags);
 201                if (!value)
 202                        return -ENOMEM;
 203                memset(value, 0, error + 1);
 204        }
 205
 206        error = inode->i_op->getxattr(dentry, name, value, error);
 207        *xattr_value = value;
 208        return error;
 209}
 210
 211/* Compare an extended attribute value with the given value */
 212int vfs_xattr_cmp(struct dentry *dentry, const char *xattr_name,
 213                  const char *value, size_t size, gfp_t flags)
 214{
 215        char *xattr_value = NULL;
 216        int rc;
 217
 218        rc = vfs_getxattr_alloc(dentry, xattr_name, &xattr_value, 0, flags);
 219        if (rc < 0)
 220                return rc;
 221
 222        if ((rc != size) || (memcmp(xattr_value, value, rc) != 0))
 223                rc = -EINVAL;
 224        else
 225                rc = 0;
 226        kfree(xattr_value);
 227        return rc;
 228}
 229
 230ssize_t
 231vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size)
 232{
 233        struct inode *inode = dentry->d_inode;
 234        int error;
 235
 236        error = xattr_permission(inode, name, MAY_READ);
 237        if (error)
 238                return error;
 239
 240        error = security_inode_getxattr(dentry, name);
 241        if (error)
 242                return error;
 243
 244        if (!strncmp(name, XATTR_SECURITY_PREFIX,
 245                                XATTR_SECURITY_PREFIX_LEN)) {
 246                const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
 247                int ret = xattr_getsecurity(inode, suffix, value, size);
 248                /*
 249                 * Only overwrite the return value if a security module
 250                 * is actually active.
 251                 */
 252                if (ret == -EOPNOTSUPP)
 253                        goto nolsm;
 254                return ret;
 255        }
 256nolsm:
 257        if (inode->i_op->getxattr)
 258                error = inode->i_op->getxattr(dentry, name, value, size);
 259        else
 260                error = -EOPNOTSUPP;
 261
 262        return error;
 263}
 264EXPORT_SYMBOL_GPL(vfs_getxattr);
 265
 266ssize_t
 267vfs_listxattr(struct dentry *d, char *list, size_t size)
 268{
 269        ssize_t error;
 270
 271        error = security_inode_listxattr(d);
 272        if (error)
 273                return error;
 274        error = -EOPNOTSUPP;
 275        if (d->d_inode->i_op->listxattr) {
 276                error = d->d_inode->i_op->listxattr(d, list, size);
 277        } else {
 278                error = security_inode_listsecurity(d->d_inode, list, size);
 279                if (size && error > size)
 280                        error = -ERANGE;
 281        }
 282        return error;
 283}
 284EXPORT_SYMBOL_GPL(vfs_listxattr);
 285
 286int
 287vfs_removexattr(struct dentry *dentry, const char *name)
 288{
 289        struct inode *inode = dentry->d_inode;
 290        int error;
 291
 292        if (!inode->i_op->removexattr)
 293                return -EOPNOTSUPP;
 294
 295        error = xattr_permission(inode, name, MAY_WRITE);
 296        if (error)
 297                return error;
 298
 299        mutex_lock(&inode->i_mutex);
 300        error = security_inode_removexattr(dentry, name);
 301        if (error) {
 302                mutex_unlock(&inode->i_mutex);
 303                return error;
 304        }
 305
 306        error = inode->i_op->removexattr(dentry, name);
 307        mutex_unlock(&inode->i_mutex);
 308
 309        if (!error) {
 310                fsnotify_xattr(dentry);
 311                evm_inode_post_removexattr(dentry, name);
 312        }
 313        return error;
 314}
 315EXPORT_SYMBOL_GPL(vfs_removexattr);
 316
 317
 318/*
 319 * Extended attribute SET operations
 320 */
 321static long
 322setxattr(struct dentry *d, const char __user *name, const void __user *value,
 323         size_t size, int flags)
 324{
 325        int error;
 326        void *kvalue = NULL;
 327        void *vvalue = NULL;    /* If non-NULL, we used vmalloc() */
 328        char kname[XATTR_NAME_MAX + 1];
 329
 330        if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
 331                return -EINVAL;
 332
 333        error = strncpy_from_user(kname, name, sizeof(kname));
 334        if (error == 0 || error == sizeof(kname))
 335                error = -ERANGE;
 336        if (error < 0)
 337                return error;
 338
 339        if (size) {
 340                if (size > XATTR_SIZE_MAX)
 341                        return -E2BIG;
 342                kvalue = kmalloc(size, GFP_KERNEL | __GFP_NOWARN);
 343                if (!kvalue) {
 344                        vvalue = vmalloc(size);
 345                        if (!vvalue)
 346                                return -ENOMEM;
 347                        kvalue = vvalue;
 348                }
 349                if (copy_from_user(kvalue, value, size)) {
 350                        error = -EFAULT;
 351                        goto out;
 352                }
 353                if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
 354                    (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
 355                        posix_acl_fix_xattr_from_user(kvalue, size);
 356        }
 357
 358        error = vfs_setxattr(d, kname, kvalue, size, flags);
 359out:
 360        if (vvalue)
 361                vfree(vvalue);
 362        else
 363                kfree(kvalue);
 364        return error;
 365}
 366
 367static int path_setxattr(const char __user *pathname,
 368                         const char __user *name, const void __user *value,
 369                         size_t size, int flags, unsigned int lookup_flags)
 370{
 371        struct path path;
 372        int error;
 373retry:
 374        error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
 375        if (error)
 376                return error;
 377        error = mnt_want_write(path.mnt);
 378        if (!error) {
 379                error = setxattr(path.dentry, name, value, size, flags);
 380                mnt_drop_write(path.mnt);
 381        }
 382        path_put(&path);
 383        if (retry_estale(error, lookup_flags)) {
 384                lookup_flags |= LOOKUP_REVAL;
 385                goto retry;
 386        }
 387        return error;
 388}
 389
 390SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
 391                const char __user *, name, const void __user *, value,
 392                size_t, size, int, flags)
 393{
 394        return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW);
 395}
 396
 397SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
 398                const char __user *, name, const void __user *, value,
 399                size_t, size, int, flags)
 400{
 401        return path_setxattr(pathname, name, value, size, flags, 0);
 402}
 403
 404SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
 405                const void __user *,value, size_t, size, int, flags)
 406{
 407        struct fd f = fdget(fd);
 408        struct dentry *dentry;
 409        int error = -EBADF;
 410
 411        if (!f.file)
 412                return error;
 413        dentry = f.file->f_path.dentry;
 414        audit_inode(NULL, dentry, 0);
 415        error = mnt_want_write_file(f.file);
 416        if (!error) {
 417                error = setxattr(dentry, name, value, size, flags);
 418                mnt_drop_write_file(f.file);
 419        }
 420        fdput(f);
 421        return error;
 422}
 423
 424/*
 425 * Extended attribute GET operations
 426 */
 427static ssize_t
 428getxattr(struct dentry *d, const char __user *name, void __user *value,
 429         size_t size)
 430{
 431        ssize_t error;
 432        void *kvalue = NULL;
 433        void *vvalue = NULL;
 434        char kname[XATTR_NAME_MAX + 1];
 435
 436        error = strncpy_from_user(kname, name, sizeof(kname));
 437        if (error == 0 || error == sizeof(kname))
 438                error = -ERANGE;
 439        if (error < 0)
 440                return error;
 441
 442        if (size) {
 443                if (size > XATTR_SIZE_MAX)
 444                        size = XATTR_SIZE_MAX;
 445                kvalue = kzalloc(size, GFP_KERNEL | __GFP_NOWARN);
 446                if (!kvalue) {
 447                        vvalue = vmalloc(size);
 448                        if (!vvalue)
 449                                return -ENOMEM;
 450                        kvalue = vvalue;
 451                }
 452        }
 453
 454        error = vfs_getxattr(d, kname, kvalue, size);
 455        if (error > 0) {
 456                if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
 457                    (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
 458                        posix_acl_fix_xattr_to_user(kvalue, size);
 459                if (size && copy_to_user(value, kvalue, error))
 460                        error = -EFAULT;
 461        } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
 462                /* The file system tried to returned a value bigger
 463                   than XATTR_SIZE_MAX bytes. Not possible. */
 464                error = -E2BIG;
 465        }
 466        if (vvalue)
 467                vfree(vvalue);
 468        else
 469                kfree(kvalue);
 470        return error;
 471}
 472
 473static ssize_t path_getxattr(const char __user *pathname,
 474                             const char __user *name, void __user *value,
 475                             size_t size, unsigned int lookup_flags)
 476{
 477        struct path path;
 478        ssize_t error;
 479retry:
 480        error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
 481        if (error)
 482                return error;
 483        error = getxattr(path.dentry, name, value, size);
 484        path_put(&path);
 485        if (retry_estale(error, lookup_flags)) {
 486                lookup_flags |= LOOKUP_REVAL;
 487                goto retry;
 488        }
 489        return error;
 490}
 491
 492SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
 493                const char __user *, name, void __user *, value, size_t, size)
 494{
 495        return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW);
 496}
 497
 498SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
 499                const char __user *, name, void __user *, value, size_t, size)
 500{
 501        return path_getxattr(pathname, name, value, size, 0);
 502}
 503
 504SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
 505                void __user *, value, size_t, size)
 506{
 507        struct fd f = fdget(fd);
 508        ssize_t error = -EBADF;
 509
 510        if (!f.file)
 511                return error;
 512        audit_inode(NULL, f.file->f_path.dentry, 0);
 513        error = getxattr(f.file->f_path.dentry, name, value, size);
 514        fdput(f);
 515        return error;
 516}
 517
 518/*
 519 * Extended attribute LIST operations
 520 */
 521static ssize_t
 522listxattr(struct dentry *d, char __user *list, size_t size)
 523{
 524        ssize_t error;
 525        char *klist = NULL;
 526        char *vlist = NULL;     /* If non-NULL, we used vmalloc() */
 527
 528        if (size) {
 529                if (size > XATTR_LIST_MAX)
 530                        size = XATTR_LIST_MAX;
 531                klist = kmalloc(size, __GFP_NOWARN | GFP_KERNEL);
 532                if (!klist) {
 533                        vlist = vmalloc(size);
 534                        if (!vlist)
 535                                return -ENOMEM;
 536                        klist = vlist;
 537                }
 538        }
 539
 540        error = vfs_listxattr(d, klist, size);
 541        if (error > 0) {
 542                if (size && copy_to_user(list, klist, error))
 543                        error = -EFAULT;
 544        } else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
 545                /* The file system tried to returned a list bigger
 546                   than XATTR_LIST_MAX bytes. Not possible. */
 547                error = -E2BIG;
 548        }
 549        if (vlist)
 550                vfree(vlist);
 551        else
 552                kfree(klist);
 553        return error;
 554}
 555
 556static ssize_t path_listxattr(const char __user *pathname, char __user *list,
 557                              size_t size, unsigned int lookup_flags)
 558{
 559        struct path path;
 560        ssize_t error;
 561retry:
 562        error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
 563        if (error)
 564                return error;
 565        error = listxattr(path.dentry, list, size);
 566        path_put(&path);
 567        if (retry_estale(error, lookup_flags)) {
 568                lookup_flags |= LOOKUP_REVAL;
 569                goto retry;
 570        }
 571        return error;
 572}
 573
 574SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
 575                size_t, size)
 576{
 577        return path_listxattr(pathname, list, size, LOOKUP_FOLLOW);
 578}
 579
 580SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
 581                size_t, size)
 582{
 583        return path_listxattr(pathname, list, size, 0);
 584}
 585
 586SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
 587{
 588        struct fd f = fdget(fd);
 589        ssize_t error = -EBADF;
 590
 591        if (!f.file)
 592                return error;
 593        audit_inode(NULL, f.file->f_path.dentry, 0);
 594        error = listxattr(f.file->f_path.dentry, list, size);
 595        fdput(f);
 596        return error;
 597}
 598
 599/*
 600 * Extended attribute REMOVE operations
 601 */
 602static long
 603removexattr(struct dentry *d, const char __user *name)
 604{
 605        int error;
 606        char kname[XATTR_NAME_MAX + 1];
 607
 608        error = strncpy_from_user(kname, name, sizeof(kname));
 609        if (error == 0 || error == sizeof(kname))
 610                error = -ERANGE;
 611        if (error < 0)
 612                return error;
 613
 614        return vfs_removexattr(d, kname);
 615}
 616
 617static int path_removexattr(const char __user *pathname,
 618                            const char __user *name, unsigned int lookup_flags)
 619{
 620        struct path path;
 621        int error;
 622retry:
 623        error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
 624        if (error)
 625                return error;
 626        error = mnt_want_write(path.mnt);
 627        if (!error) {
 628                error = removexattr(path.dentry, name);
 629                mnt_drop_write(path.mnt);
 630        }
 631        path_put(&path);
 632        if (retry_estale(error, lookup_flags)) {
 633                lookup_flags |= LOOKUP_REVAL;
 634                goto retry;
 635        }
 636        return error;
 637}
 638
 639SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
 640                const char __user *, name)
 641{
 642        return path_removexattr(pathname, name, LOOKUP_FOLLOW);
 643}
 644
 645SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
 646                const char __user *, name)
 647{
 648        return path_removexattr(pathname, name, 0);
 649}
 650
 651SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
 652{
 653        struct fd f = fdget(fd);
 654        struct dentry *dentry;
 655        int error = -EBADF;
 656
 657        if (!f.file)
 658                return error;
 659        dentry = f.file->f_path.dentry;
 660        audit_inode(NULL, dentry, 0);
 661        error = mnt_want_write_file(f.file);
 662        if (!error) {
 663                error = removexattr(dentry, name);
 664                mnt_drop_write_file(f.file);
 665        }
 666        fdput(f);
 667        return error;
 668}
 669
 670
 671static const char *
 672strcmp_prefix(const char *a, const char *a_prefix)
 673{
 674        while (*a_prefix && *a == *a_prefix) {
 675                a++;
 676                a_prefix++;
 677        }
 678        return *a_prefix ? NULL : a;
 679}
 680
 681/*
 682 * In order to implement different sets of xattr operations for each xattr
 683 * prefix with the generic xattr API, a filesystem should create a
 684 * null-terminated array of struct xattr_handler (one for each prefix) and
 685 * hang a pointer to it off of the s_xattr field of the superblock.
 686 *
 687 * The generic_fooxattr() functions will use this list to dispatch xattr
 688 * operations to the correct xattr_handler.
 689 */
 690#define for_each_xattr_handler(handlers, handler)               \
 691                for ((handler) = *(handlers)++;                 \
 692                        (handler) != NULL;                      \
 693                        (handler) = *(handlers)++)
 694
 695/*
 696 * Find the xattr_handler with the matching prefix.
 697 */
 698static const struct xattr_handler *
 699xattr_resolve_name(const struct xattr_handler **handlers, const char **name)
 700{
 701        const struct xattr_handler *handler;
 702
 703        if (!*name)
 704                return NULL;
 705
 706        for_each_xattr_handler(handlers, handler) {
 707                const char *n = strcmp_prefix(*name, handler->prefix);
 708                if (n) {
 709                        *name = n;
 710                        break;
 711                }
 712        }
 713        return handler;
 714}
 715
 716/*
 717 * Find the handler for the prefix and dispatch its get() operation.
 718 */
 719ssize_t
 720generic_getxattr(struct dentry *dentry, const char *name, void *buffer, size_t size)
 721{
 722        const struct xattr_handler *handler;
 723
 724        handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name);
 725        if (!handler)
 726                return -EOPNOTSUPP;
 727        return handler->get(dentry, name, buffer, size, handler->flags);
 728}
 729
 730/*
 731 * Combine the results of the list() operation from every xattr_handler in the
 732 * list.
 733 */
 734ssize_t
 735generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
 736{
 737        const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
 738        unsigned int size = 0;
 739
 740        if (!buffer) {
 741                for_each_xattr_handler(handlers, handler) {
 742                        size += handler->list(dentry, NULL, 0, NULL, 0,
 743                                              handler->flags);
 744                }
 745        } else {
 746                char *buf = buffer;
 747
 748                for_each_xattr_handler(handlers, handler) {
 749                        size = handler->list(dentry, buf, buffer_size,
 750                                             NULL, 0, handler->flags);
 751                        if (size > buffer_size)
 752                                return -ERANGE;
 753                        buf += size;
 754                        buffer_size -= size;
 755                }
 756                size = buf - buffer;
 757        }
 758        return size;
 759}
 760
 761/*
 762 * Find the handler for the prefix and dispatch its set() operation.
 763 */
 764int
 765generic_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags)
 766{
 767        const struct xattr_handler *handler;
 768
 769        if (size == 0)
 770                value = "";  /* empty EA, do not remove */
 771        handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name);
 772        if (!handler)
 773                return -EOPNOTSUPP;
 774        return handler->set(dentry, name, value, size, flags, handler->flags);
 775}
 776
 777/*
 778 * Find the handler for the prefix and dispatch its set() operation to remove
 779 * any associated extended attribute.
 780 */
 781int
 782generic_removexattr(struct dentry *dentry, const char *name)
 783{
 784        const struct xattr_handler *handler;
 785
 786        handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name);
 787        if (!handler)
 788                return -EOPNOTSUPP;
 789        return handler->set(dentry, name, NULL, 0,
 790                            XATTR_REPLACE, handler->flags);
 791}
 792
 793EXPORT_SYMBOL(generic_getxattr);
 794EXPORT_SYMBOL(generic_listxattr);
 795EXPORT_SYMBOL(generic_setxattr);
 796EXPORT_SYMBOL(generic_removexattr);
 797
 798/*
 799 * Allocate new xattr and copy in the value; but leave the name to callers.
 800 */
 801struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
 802{
 803        struct simple_xattr *new_xattr;
 804        size_t len;
 805
 806        /* wrap around? */
 807        len = sizeof(*new_xattr) + size;
 808        if (len < sizeof(*new_xattr))
 809                return NULL;
 810
 811        new_xattr = kmalloc(len, GFP_KERNEL);
 812        if (!new_xattr)
 813                return NULL;
 814
 815        new_xattr->size = size;
 816        memcpy(new_xattr->value, value, size);
 817        return new_xattr;
 818}
 819
 820/*
 821 * xattr GET operation for in-memory/pseudo filesystems
 822 */
 823int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
 824                     void *buffer, size_t size)
 825{
 826        struct simple_xattr *xattr;
 827        int ret = -ENODATA;
 828
 829        spin_lock(&xattrs->lock);
 830        list_for_each_entry(xattr, &xattrs->head, list) {
 831                if (strcmp(name, xattr->name))
 832                        continue;
 833
 834                ret = xattr->size;
 835                if (buffer) {
 836                        if (size < xattr->size)
 837                                ret = -ERANGE;
 838                        else
 839                                memcpy(buffer, xattr->value, xattr->size);
 840                }
 841                break;
 842        }
 843        spin_unlock(&xattrs->lock);
 844        return ret;
 845}
 846
 847static int __simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
 848                              const void *value, size_t size, int flags)
 849{
 850        struct simple_xattr *xattr;
 851        struct simple_xattr *new_xattr = NULL;
 852        int err = 0;
 853
 854        /* value == NULL means remove */
 855        if (value) {
 856                new_xattr = simple_xattr_alloc(value, size);
 857                if (!new_xattr)
 858                        return -ENOMEM;
 859
 860                new_xattr->name = kstrdup(name, GFP_KERNEL);
 861                if (!new_xattr->name) {
 862                        kfree(new_xattr);
 863                        return -ENOMEM;
 864                }
 865        }
 866
 867        spin_lock(&xattrs->lock);
 868        list_for_each_entry(xattr, &xattrs->head, list) {
 869                if (!strcmp(name, xattr->name)) {
 870                        if (flags & XATTR_CREATE) {
 871                                xattr = new_xattr;
 872                                err = -EEXIST;
 873                        } else if (new_xattr) {
 874                                list_replace(&xattr->list, &new_xattr->list);
 875                        } else {
 876                                list_del(&xattr->list);
 877                        }
 878                        goto out;
 879                }
 880        }
 881        if (flags & XATTR_REPLACE) {
 882                xattr = new_xattr;
 883                err = -ENODATA;
 884        } else {
 885                list_add(&new_xattr->list, &xattrs->head);
 886                xattr = NULL;
 887        }
 888out:
 889        spin_unlock(&xattrs->lock);
 890        if (xattr) {
 891                kfree(xattr->name);
 892                kfree(xattr);
 893        }
 894        return err;
 895
 896}
 897
 898/**
 899 * simple_xattr_set - xattr SET operation for in-memory/pseudo filesystems
 900 * @xattrs: target simple_xattr list
 901 * @name: name of the new extended attribute
 902 * @value: value of the new xattr. If %NULL, will remove the attribute
 903 * @size: size of the new xattr
 904 * @flags: %XATTR_{CREATE|REPLACE}
 905 *
 906 * %XATTR_CREATE is set, the xattr shouldn't exist already; otherwise fails
 907 * with -EEXIST.  If %XATTR_REPLACE is set, the xattr should exist;
 908 * otherwise, fails with -ENODATA.
 909 *
 910 * Returns 0 on success, -errno on failure.
 911 */
 912int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
 913                     const void *value, size_t size, int flags)
 914{
 915        if (size == 0)
 916                value = ""; /* empty EA, do not remove */
 917        return __simple_xattr_set(xattrs, name, value, size, flags);
 918}
 919
 920/*
 921 * xattr REMOVE operation for in-memory/pseudo filesystems
 922 */
 923int simple_xattr_remove(struct simple_xattrs *xattrs, const char *name)
 924{
 925        return __simple_xattr_set(xattrs, name, NULL, 0, XATTR_REPLACE);
 926}
 927
 928static bool xattr_is_trusted(const char *name)
 929{
 930        return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
 931}
 932
 933/*
 934 * xattr LIST operation for in-memory/pseudo filesystems
 935 */
 936ssize_t simple_xattr_list(struct simple_xattrs *xattrs, char *buffer,
 937                          size_t size)
 938{
 939        bool trusted = capable(CAP_SYS_ADMIN);
 940        struct simple_xattr *xattr;
 941        size_t used = 0;
 942
 943        spin_lock(&xattrs->lock);
 944        list_for_each_entry(xattr, &xattrs->head, list) {
 945                size_t len;
 946
 947                /* skip "trusted." attributes for unprivileged callers */
 948                if (!trusted && xattr_is_trusted(xattr->name))
 949                        continue;
 950
 951                len = strlen(xattr->name) + 1;
 952                used += len;
 953                if (buffer) {
 954                        if (size < used) {
 955                                used = -ERANGE;
 956                                break;
 957                        }
 958                        memcpy(buffer, xattr->name, len);
 959                        buffer += len;
 960                }
 961        }
 962        spin_unlock(&xattrs->lock);
 963
 964        return used;
 965}
 966
 967/*
 968 * Adds an extended attribute to the list
 969 */
 970void simple_xattr_list_add(struct simple_xattrs *xattrs,
 971                           struct simple_xattr *new_xattr)
 972{
 973        spin_lock(&xattrs->lock);
 974        list_add(&new_xattr->list, &xattrs->head);
 975        spin_unlock(&xattrs->lock);
 976}
 977