1
2
3
4
5
6
7
8
9
10#include <linux/fs.h>
11#include <linux/slab.h>
12#include <linux/file.h>
13#include <linux/xattr.h>
14#include <linux/mount.h>
15#include <linux/namei.h>
16#include <linux/security.h>
17#include <linux/evm.h>
18#include <linux/syscalls.h>
19#include <linux/export.h>
20#include <linux/fsnotify.h>
21#include <linux/audit.h>
22#include <linux/vmalloc.h>
23#include <linux/posix_acl_xattr.h>
24
25#include <asm/uaccess.h>
26
27
28
29
30
31static int
32xattr_permission(struct inode *inode, const char *name, int mask)
33{
34
35
36
37
38 if (mask & MAY_WRITE) {
39 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
40 return -EPERM;
41 }
42
43
44
45
46
47 if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
48 !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
49 return 0;
50
51
52
53
54 if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
55 if (!capable(CAP_SYS_ADMIN))
56 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
57 return 0;
58 }
59
60
61
62
63
64
65 if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
66 if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
67 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
68 if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
69 (mask & MAY_WRITE) && !inode_owner_or_capable(inode))
70 return -EPERM;
71 }
72
73 return inode_permission(inode, mask);
74}
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
93 const void *value, size_t size, int flags)
94{
95 struct inode *inode = dentry->d_inode;
96 int error = -EOPNOTSUPP;
97 int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
98 XATTR_SECURITY_PREFIX_LEN);
99
100 if (issec)
101 inode->i_flags &= ~S_NOSEC;
102 if (inode->i_op->setxattr) {
103 error = inode->i_op->setxattr(dentry, name, value, size, flags);
104 if (!error) {
105 fsnotify_xattr(dentry);
106 security_inode_post_setxattr(dentry, name, value,
107 size, flags);
108 }
109 } else if (issec) {
110 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
111 error = security_inode_setsecurity(inode, suffix, value,
112 size, flags);
113 if (!error)
114 fsnotify_xattr(dentry);
115 }
116
117 return error;
118}
119
120
121int
122vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
123 size_t size, int flags)
124{
125 struct inode *inode = dentry->d_inode;
126 int error;
127
128 error = xattr_permission(inode, name, MAY_WRITE);
129 if (error)
130 return error;
131
132 mutex_lock(&inode->i_mutex);
133 error = security_inode_setxattr(dentry, name, value, size, flags);
134 if (error)
135 goto out;
136
137 error = __vfs_setxattr_noperm(dentry, name, value, size, flags);
138
139out:
140 mutex_unlock(&inode->i_mutex);
141 return error;
142}
143EXPORT_SYMBOL_GPL(vfs_setxattr);
144
145ssize_t
146xattr_getsecurity(struct inode *inode, const char *name, void *value,
147 size_t size)
148{
149 void *buffer = NULL;
150 ssize_t len;
151
152 if (!value || !size) {
153 len = security_inode_getsecurity(inode, name, &buffer, false);
154 goto out_noalloc;
155 }
156
157 len = security_inode_getsecurity(inode, name, &buffer, true);
158 if (len < 0)
159 return len;
160 if (size < len) {
161 len = -ERANGE;
162 goto out;
163 }
164 memcpy(value, buffer, len);
165out:
166 security_release_secctx(buffer, len);
167out_noalloc:
168 return len;
169}
170EXPORT_SYMBOL_GPL(xattr_getsecurity);
171
172
173
174
175
176
177
178
179
180ssize_t
181vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
182 size_t xattr_size, gfp_t flags)
183{
184 struct inode *inode = dentry->d_inode;
185 char *value = *xattr_value;
186 int error;
187
188 error = xattr_permission(inode, name, MAY_READ);
189 if (error)
190 return error;
191
192 if (!inode->i_op->getxattr)
193 return -EOPNOTSUPP;
194
195 error = inode->i_op->getxattr(dentry, name, NULL, 0);
196 if (error < 0)
197 return error;
198
199 if (!value || (error > xattr_size)) {
200 value = krealloc(*xattr_value, error + 1, flags);
201 if (!value)
202 return -ENOMEM;
203 memset(value, 0, error + 1);
204 }
205
206 error = inode->i_op->getxattr(dentry, name, value, error);
207 *xattr_value = value;
208 return error;
209}
210
211
212int vfs_xattr_cmp(struct dentry *dentry, const char *xattr_name,
213 const char *value, size_t size, gfp_t flags)
214{
215 char *xattr_value = NULL;
216 int rc;
217
218 rc = vfs_getxattr_alloc(dentry, xattr_name, &xattr_value, 0, flags);
219 if (rc < 0)
220 return rc;
221
222 if ((rc != size) || (memcmp(xattr_value, value, rc) != 0))
223 rc = -EINVAL;
224 else
225 rc = 0;
226 kfree(xattr_value);
227 return rc;
228}
229
230ssize_t
231vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size)
232{
233 struct inode *inode = dentry->d_inode;
234 int error;
235
236 error = xattr_permission(inode, name, MAY_READ);
237 if (error)
238 return error;
239
240 error = security_inode_getxattr(dentry, name);
241 if (error)
242 return error;
243
244 if (!strncmp(name, XATTR_SECURITY_PREFIX,
245 XATTR_SECURITY_PREFIX_LEN)) {
246 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
247 int ret = xattr_getsecurity(inode, suffix, value, size);
248
249
250
251
252 if (ret == -EOPNOTSUPP)
253 goto nolsm;
254 return ret;
255 }
256nolsm:
257 if (inode->i_op->getxattr)
258 error = inode->i_op->getxattr(dentry, name, value, size);
259 else
260 error = -EOPNOTSUPP;
261
262 return error;
263}
264EXPORT_SYMBOL_GPL(vfs_getxattr);
265
266ssize_t
267vfs_listxattr(struct dentry *d, char *list, size_t size)
268{
269 ssize_t error;
270
271 error = security_inode_listxattr(d);
272 if (error)
273 return error;
274 error = -EOPNOTSUPP;
275 if (d->d_inode->i_op->listxattr) {
276 error = d->d_inode->i_op->listxattr(d, list, size);
277 } else {
278 error = security_inode_listsecurity(d->d_inode, list, size);
279 if (size && error > size)
280 error = -ERANGE;
281 }
282 return error;
283}
284EXPORT_SYMBOL_GPL(vfs_listxattr);
285
286int
287vfs_removexattr(struct dentry *dentry, const char *name)
288{
289 struct inode *inode = dentry->d_inode;
290 int error;
291
292 if (!inode->i_op->removexattr)
293 return -EOPNOTSUPP;
294
295 error = xattr_permission(inode, name, MAY_WRITE);
296 if (error)
297 return error;
298
299 mutex_lock(&inode->i_mutex);
300 error = security_inode_removexattr(dentry, name);
301 if (error) {
302 mutex_unlock(&inode->i_mutex);
303 return error;
304 }
305
306 error = inode->i_op->removexattr(dentry, name);
307 mutex_unlock(&inode->i_mutex);
308
309 if (!error) {
310 fsnotify_xattr(dentry);
311 evm_inode_post_removexattr(dentry, name);
312 }
313 return error;
314}
315EXPORT_SYMBOL_GPL(vfs_removexattr);
316
317
318
319
320
321static long
322setxattr(struct dentry *d, const char __user *name, const void __user *value,
323 size_t size, int flags)
324{
325 int error;
326 void *kvalue = NULL;
327 void *vvalue = NULL;
328 char kname[XATTR_NAME_MAX + 1];
329
330 if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
331 return -EINVAL;
332
333 error = strncpy_from_user(kname, name, sizeof(kname));
334 if (error == 0 || error == sizeof(kname))
335 error = -ERANGE;
336 if (error < 0)
337 return error;
338
339 if (size) {
340 if (size > XATTR_SIZE_MAX)
341 return -E2BIG;
342 kvalue = kmalloc(size, GFP_KERNEL | __GFP_NOWARN);
343 if (!kvalue) {
344 vvalue = vmalloc(size);
345 if (!vvalue)
346 return -ENOMEM;
347 kvalue = vvalue;
348 }
349 if (copy_from_user(kvalue, value, size)) {
350 error = -EFAULT;
351 goto out;
352 }
353 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
354 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
355 posix_acl_fix_xattr_from_user(kvalue, size);
356 }
357
358 error = vfs_setxattr(d, kname, kvalue, size, flags);
359out:
360 if (vvalue)
361 vfree(vvalue);
362 else
363 kfree(kvalue);
364 return error;
365}
366
367static int path_setxattr(const char __user *pathname,
368 const char __user *name, const void __user *value,
369 size_t size, int flags, unsigned int lookup_flags)
370{
371 struct path path;
372 int error;
373retry:
374 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
375 if (error)
376 return error;
377 error = mnt_want_write(path.mnt);
378 if (!error) {
379 error = setxattr(path.dentry, name, value, size, flags);
380 mnt_drop_write(path.mnt);
381 }
382 path_put(&path);
383 if (retry_estale(error, lookup_flags)) {
384 lookup_flags |= LOOKUP_REVAL;
385 goto retry;
386 }
387 return error;
388}
389
390SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
391 const char __user *, name, const void __user *, value,
392 size_t, size, int, flags)
393{
394 return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW);
395}
396
397SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
398 const char __user *, name, const void __user *, value,
399 size_t, size, int, flags)
400{
401 return path_setxattr(pathname, name, value, size, flags, 0);
402}
403
404SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
405 const void __user *,value, size_t, size, int, flags)
406{
407 struct fd f = fdget(fd);
408 struct dentry *dentry;
409 int error = -EBADF;
410
411 if (!f.file)
412 return error;
413 dentry = f.file->f_path.dentry;
414 audit_inode(NULL, dentry, 0);
415 error = mnt_want_write_file(f.file);
416 if (!error) {
417 error = setxattr(dentry, name, value, size, flags);
418 mnt_drop_write_file(f.file);
419 }
420 fdput(f);
421 return error;
422}
423
424
425
426
427static ssize_t
428getxattr(struct dentry *d, const char __user *name, void __user *value,
429 size_t size)
430{
431 ssize_t error;
432 void *kvalue = NULL;
433 void *vvalue = NULL;
434 char kname[XATTR_NAME_MAX + 1];
435
436 error = strncpy_from_user(kname, name, sizeof(kname));
437 if (error == 0 || error == sizeof(kname))
438 error = -ERANGE;
439 if (error < 0)
440 return error;
441
442 if (size) {
443 if (size > XATTR_SIZE_MAX)
444 size = XATTR_SIZE_MAX;
445 kvalue = kzalloc(size, GFP_KERNEL | __GFP_NOWARN);
446 if (!kvalue) {
447 vvalue = vmalloc(size);
448 if (!vvalue)
449 return -ENOMEM;
450 kvalue = vvalue;
451 }
452 }
453
454 error = vfs_getxattr(d, kname, kvalue, size);
455 if (error > 0) {
456 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
457 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
458 posix_acl_fix_xattr_to_user(kvalue, size);
459 if (size && copy_to_user(value, kvalue, error))
460 error = -EFAULT;
461 } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
462
463
464 error = -E2BIG;
465 }
466 if (vvalue)
467 vfree(vvalue);
468 else
469 kfree(kvalue);
470 return error;
471}
472
473static ssize_t path_getxattr(const char __user *pathname,
474 const char __user *name, void __user *value,
475 size_t size, unsigned int lookup_flags)
476{
477 struct path path;
478 ssize_t error;
479retry:
480 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
481 if (error)
482 return error;
483 error = getxattr(path.dentry, name, value, size);
484 path_put(&path);
485 if (retry_estale(error, lookup_flags)) {
486 lookup_flags |= LOOKUP_REVAL;
487 goto retry;
488 }
489 return error;
490}
491
492SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
493 const char __user *, name, void __user *, value, size_t, size)
494{
495 return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW);
496}
497
498SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
499 const char __user *, name, void __user *, value, size_t, size)
500{
501 return path_getxattr(pathname, name, value, size, 0);
502}
503
504SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
505 void __user *, value, size_t, size)
506{
507 struct fd f = fdget(fd);
508 ssize_t error = -EBADF;
509
510 if (!f.file)
511 return error;
512 audit_inode(NULL, f.file->f_path.dentry, 0);
513 error = getxattr(f.file->f_path.dentry, name, value, size);
514 fdput(f);
515 return error;
516}
517
518
519
520
521static ssize_t
522listxattr(struct dentry *d, char __user *list, size_t size)
523{
524 ssize_t error;
525 char *klist = NULL;
526 char *vlist = NULL;
527
528 if (size) {
529 if (size > XATTR_LIST_MAX)
530 size = XATTR_LIST_MAX;
531 klist = kmalloc(size, __GFP_NOWARN | GFP_KERNEL);
532 if (!klist) {
533 vlist = vmalloc(size);
534 if (!vlist)
535 return -ENOMEM;
536 klist = vlist;
537 }
538 }
539
540 error = vfs_listxattr(d, klist, size);
541 if (error > 0) {
542 if (size && copy_to_user(list, klist, error))
543 error = -EFAULT;
544 } else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
545
546
547 error = -E2BIG;
548 }
549 if (vlist)
550 vfree(vlist);
551 else
552 kfree(klist);
553 return error;
554}
555
556static ssize_t path_listxattr(const char __user *pathname, char __user *list,
557 size_t size, unsigned int lookup_flags)
558{
559 struct path path;
560 ssize_t error;
561retry:
562 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
563 if (error)
564 return error;
565 error = listxattr(path.dentry, list, size);
566 path_put(&path);
567 if (retry_estale(error, lookup_flags)) {
568 lookup_flags |= LOOKUP_REVAL;
569 goto retry;
570 }
571 return error;
572}
573
574SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
575 size_t, size)
576{
577 return path_listxattr(pathname, list, size, LOOKUP_FOLLOW);
578}
579
580SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
581 size_t, size)
582{
583 return path_listxattr(pathname, list, size, 0);
584}
585
586SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
587{
588 struct fd f = fdget(fd);
589 ssize_t error = -EBADF;
590
591 if (!f.file)
592 return error;
593 audit_inode(NULL, f.file->f_path.dentry, 0);
594 error = listxattr(f.file->f_path.dentry, list, size);
595 fdput(f);
596 return error;
597}
598
599
600
601
602static long
603removexattr(struct dentry *d, const char __user *name)
604{
605 int error;
606 char kname[XATTR_NAME_MAX + 1];
607
608 error = strncpy_from_user(kname, name, sizeof(kname));
609 if (error == 0 || error == sizeof(kname))
610 error = -ERANGE;
611 if (error < 0)
612 return error;
613
614 return vfs_removexattr(d, kname);
615}
616
617static int path_removexattr(const char __user *pathname,
618 const char __user *name, unsigned int lookup_flags)
619{
620 struct path path;
621 int error;
622retry:
623 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
624 if (error)
625 return error;
626 error = mnt_want_write(path.mnt);
627 if (!error) {
628 error = removexattr(path.dentry, name);
629 mnt_drop_write(path.mnt);
630 }
631 path_put(&path);
632 if (retry_estale(error, lookup_flags)) {
633 lookup_flags |= LOOKUP_REVAL;
634 goto retry;
635 }
636 return error;
637}
638
639SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
640 const char __user *, name)
641{
642 return path_removexattr(pathname, name, LOOKUP_FOLLOW);
643}
644
645SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
646 const char __user *, name)
647{
648 return path_removexattr(pathname, name, 0);
649}
650
651SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
652{
653 struct fd f = fdget(fd);
654 struct dentry *dentry;
655 int error = -EBADF;
656
657 if (!f.file)
658 return error;
659 dentry = f.file->f_path.dentry;
660 audit_inode(NULL, dentry, 0);
661 error = mnt_want_write_file(f.file);
662 if (!error) {
663 error = removexattr(dentry, name);
664 mnt_drop_write_file(f.file);
665 }
666 fdput(f);
667 return error;
668}
669
670
671static const char *
672strcmp_prefix(const char *a, const char *a_prefix)
673{
674 while (*a_prefix && *a == *a_prefix) {
675 a++;
676 a_prefix++;
677 }
678 return *a_prefix ? NULL : a;
679}
680
681
682
683
684
685
686
687
688
689
690#define for_each_xattr_handler(handlers, handler) \
691 for ((handler) = *(handlers)++; \
692 (handler) != NULL; \
693 (handler) = *(handlers)++)
694
695
696
697
698static const struct xattr_handler *
699xattr_resolve_name(const struct xattr_handler **handlers, const char **name)
700{
701 const struct xattr_handler *handler;
702
703 if (!*name)
704 return NULL;
705
706 for_each_xattr_handler(handlers, handler) {
707 const char *n = strcmp_prefix(*name, handler->prefix);
708 if (n) {
709 *name = n;
710 break;
711 }
712 }
713 return handler;
714}
715
716
717
718
719ssize_t
720generic_getxattr(struct dentry *dentry, const char *name, void *buffer, size_t size)
721{
722 const struct xattr_handler *handler;
723
724 handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name);
725 if (!handler)
726 return -EOPNOTSUPP;
727 return handler->get(dentry, name, buffer, size, handler->flags);
728}
729
730
731
732
733
734ssize_t
735generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
736{
737 const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
738 unsigned int size = 0;
739
740 if (!buffer) {
741 for_each_xattr_handler(handlers, handler) {
742 size += handler->list(dentry, NULL, 0, NULL, 0,
743 handler->flags);
744 }
745 } else {
746 char *buf = buffer;
747
748 for_each_xattr_handler(handlers, handler) {
749 size = handler->list(dentry, buf, buffer_size,
750 NULL, 0, handler->flags);
751 if (size > buffer_size)
752 return -ERANGE;
753 buf += size;
754 buffer_size -= size;
755 }
756 size = buf - buffer;
757 }
758 return size;
759}
760
761
762
763
764int
765generic_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags)
766{
767 const struct xattr_handler *handler;
768
769 if (size == 0)
770 value = "";
771 handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name);
772 if (!handler)
773 return -EOPNOTSUPP;
774 return handler->set(dentry, name, value, size, flags, handler->flags);
775}
776
777
778
779
780
781int
782generic_removexattr(struct dentry *dentry, const char *name)
783{
784 const struct xattr_handler *handler;
785
786 handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name);
787 if (!handler)
788 return -EOPNOTSUPP;
789 return handler->set(dentry, name, NULL, 0,
790 XATTR_REPLACE, handler->flags);
791}
792
793EXPORT_SYMBOL(generic_getxattr);
794EXPORT_SYMBOL(generic_listxattr);
795EXPORT_SYMBOL(generic_setxattr);
796EXPORT_SYMBOL(generic_removexattr);
797
798
799
800
801struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
802{
803 struct simple_xattr *new_xattr;
804 size_t len;
805
806
807 len = sizeof(*new_xattr) + size;
808 if (len < sizeof(*new_xattr))
809 return NULL;
810
811 new_xattr = kmalloc(len, GFP_KERNEL);
812 if (!new_xattr)
813 return NULL;
814
815 new_xattr->size = size;
816 memcpy(new_xattr->value, value, size);
817 return new_xattr;
818}
819
820
821
822
823int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
824 void *buffer, size_t size)
825{
826 struct simple_xattr *xattr;
827 int ret = -ENODATA;
828
829 spin_lock(&xattrs->lock);
830 list_for_each_entry(xattr, &xattrs->head, list) {
831 if (strcmp(name, xattr->name))
832 continue;
833
834 ret = xattr->size;
835 if (buffer) {
836 if (size < xattr->size)
837 ret = -ERANGE;
838 else
839 memcpy(buffer, xattr->value, xattr->size);
840 }
841 break;
842 }
843 spin_unlock(&xattrs->lock);
844 return ret;
845}
846
847static int __simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
848 const void *value, size_t size, int flags)
849{
850 struct simple_xattr *xattr;
851 struct simple_xattr *new_xattr = NULL;
852 int err = 0;
853
854
855 if (value) {
856 new_xattr = simple_xattr_alloc(value, size);
857 if (!new_xattr)
858 return -ENOMEM;
859
860 new_xattr->name = kstrdup(name, GFP_KERNEL);
861 if (!new_xattr->name) {
862 kfree(new_xattr);
863 return -ENOMEM;
864 }
865 }
866
867 spin_lock(&xattrs->lock);
868 list_for_each_entry(xattr, &xattrs->head, list) {
869 if (!strcmp(name, xattr->name)) {
870 if (flags & XATTR_CREATE) {
871 xattr = new_xattr;
872 err = -EEXIST;
873 } else if (new_xattr) {
874 list_replace(&xattr->list, &new_xattr->list);
875 } else {
876 list_del(&xattr->list);
877 }
878 goto out;
879 }
880 }
881 if (flags & XATTR_REPLACE) {
882 xattr = new_xattr;
883 err = -ENODATA;
884 } else {
885 list_add(&new_xattr->list, &xattrs->head);
886 xattr = NULL;
887 }
888out:
889 spin_unlock(&xattrs->lock);
890 if (xattr) {
891 kfree(xattr->name);
892 kfree(xattr);
893 }
894 return err;
895
896}
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
913 const void *value, size_t size, int flags)
914{
915 if (size == 0)
916 value = "";
917 return __simple_xattr_set(xattrs, name, value, size, flags);
918}
919
920
921
922
923int simple_xattr_remove(struct simple_xattrs *xattrs, const char *name)
924{
925 return __simple_xattr_set(xattrs, name, NULL, 0, XATTR_REPLACE);
926}
927
928static bool xattr_is_trusted(const char *name)
929{
930 return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
931}
932
933
934
935
936ssize_t simple_xattr_list(struct simple_xattrs *xattrs, char *buffer,
937 size_t size)
938{
939 bool trusted = capable(CAP_SYS_ADMIN);
940 struct simple_xattr *xattr;
941 size_t used = 0;
942
943 spin_lock(&xattrs->lock);
944 list_for_each_entry(xattr, &xattrs->head, list) {
945 size_t len;
946
947
948 if (!trusted && xattr_is_trusted(xattr->name))
949 continue;
950
951 len = strlen(xattr->name) + 1;
952 used += len;
953 if (buffer) {
954 if (size < used) {
955 used = -ERANGE;
956 break;
957 }
958 memcpy(buffer, xattr->name, len);
959 buffer += len;
960 }
961 }
962 spin_unlock(&xattrs->lock);
963
964 return used;
965}
966
967
968
969
970void simple_xattr_list_add(struct simple_xattrs *xattrs,
971 struct simple_xattr *new_xattr)
972{
973 spin_lock(&xattrs->lock);
974 list_add(&new_xattr->list, &xattrs->head);
975 spin_unlock(&xattrs->lock);
976}
977