LXR linux/fs/xattr.c

   1/*
   2  File: fs/xattr.c
   3
   4  Extended attribute handling.
   5
   6  Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
   7  Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
   8  Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
   9 */
  10#include <linux/fs.h>
  11#include <linux/slab.h>
  12#include <linux/file.h>
  13#include <linux/xattr.h>
  14#include <linux/mount.h>
  15#include <linux/namei.h>
  16#include <linux/security.h>
  17#include <linux/evm.h>
  18#include <linux/syscalls.h>
  19#include <linux/export.h>
  20#include <linux/fsnotify.h>
  21#include <linux/audit.h>
  22#include <linux/vmalloc.h>
  23#include <linux/posix_acl_xattr.h>
  24
  25#include <linux/uaccess.h>
  26#include "internal.h"
  27
  28static const char *
  29strcmp_prefix(const char *a, const char *a_prefix)
  30{
  31        while (*a_prefix && *a == *a_prefix) {
  32                a++;
  33                a_prefix++;
  34        }
  35        return *a_prefix ? NULL : a;
  36}
  37
  38/*
  39 * In order to implement different sets of xattr operations for each xattr
  40 * prefix, a filesystem should create a null-terminated array of struct
  41 * xattr_handler (one for each prefix) and hang a pointer to it off of the
  42 * s_xattr field of the superblock.
  43 */
  44#define for_each_xattr_handler(handlers, handler)               \
  45        if (handlers)                                           \
  46                for ((handler) = *(handlers)++;                 \
  47                        (handler) != NULL;                      \
  48                        (handler) = *(handlers)++)
  49
  50/*
  51 * Find the xattr_handler with the matching prefix.
  52 */
  53static const struct xattr_handler *
  54xattr_resolve_name(struct inode *inode, const char **name)
  55{
  56        const struct xattr_handler **handlers = inode->i_sb->s_xattr;
  57        const struct xattr_handler *handler;
  58
  59        if (!(inode->i_opflags & IOP_XATTR)) {
  60                if (unlikely(is_bad_inode(inode)))
  61                        return ERR_PTR(-EIO);
  62                return ERR_PTR(-EOPNOTSUPP);
  63        }
  64        for_each_xattr_handler(handlers, handler) {
  65                const char *n;
  66
  67                n = strcmp_prefix(*name, xattr_prefix(handler));
  68                if (n) {
  69                        if (!handler->prefix ^ !*n) {
  70                                if (*n)
  71                                        continue;
  72                                return ERR_PTR(-EINVAL);
  73                        }
  74                        *name = n;
  75                        return handler;
  76                }
  77        }
  78        return ERR_PTR(-EOPNOTSUPP);
  79}
  80
  81/*
  82 * Check permissions for extended attribute access.  This is a bit complicated
  83 * because different namespaces have very different rules.
  84 */
  85static int
  86xattr_permission(struct inode *inode, const char *name, int mask)
  87{
  88        /*
  89         * We can never set or remove an extended attribute on a read-only
  90         * filesystem  or on an immutable / append-only inode.
  91         */
  92        if (mask & MAY_WRITE) {
  93                if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
  94                        return -EPERM;
  95                /*
  96                 * Updating an xattr will likely cause i_uid and i_gid
  97                 * to be writen back improperly if their true value is
  98                 * unknown to the vfs.
  99                 */
 100                if (HAS_UNMAPPED_ID(inode))
 101                        return -EPERM;
 102        }
 103
 104        /*
 105         * No restriction for security.* and system.* from the VFS.  Decision
 106         * on these is left to the underlying filesystem / security module.
 107         */
 108        if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
 109            !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
 110                return 0;
 111
 112        /*
 113         * The trusted.* namespace can only be accessed by privileged users.
 114         */
 115        if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
 116                if (!capable(CAP_SYS_ADMIN))
 117                        return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
 118                return 0;
 119        }
 120
 121        /*
 122         * In the user.* namespace, only regular files and directories can have
 123         * extended attributes. For sticky directories, only the owner and
 124         * privileged users can write attributes.
 125         */
 126        if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
 127                if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
 128                        return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
 129                if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
 130                    (mask & MAY_WRITE) && !inode_owner_or_capable(inode))
 131                        return -EPERM;
 132        }
 133
 134        return inode_permission(inode, mask);
 135}
 136
 137int
 138__vfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name,
 139               const void *value, size_t size, int flags)
 140{
 141        const struct xattr_handler *handler;
 142
 143        handler = xattr_resolve_name(inode, &name);
 144        if (IS_ERR(handler))
 145                return PTR_ERR(handler);
 146        if (!handler->set)
 147                return -EOPNOTSUPP;
 148        if (size == 0)
 149                value = "";  /* empty EA, do not remove */
 150        return handler->set(handler, dentry, inode, name, value, size, flags);
 151}
 152EXPORT_SYMBOL(__vfs_setxattr);
 153
 154/**
 155 *  __vfs_setxattr_noperm - perform setxattr operation without performing
 156 *  permission checks.
 157 *
 158 *  @dentry - object to perform setxattr on
 159 *  @name - xattr name to set
 160 *  @value - value to set @name to
 161 *  @size - size of @value
 162 *  @flags - flags to pass into filesystem operations
 163 *
 164 *  returns the result of the internal setxattr or setsecurity operations.
 165 *
 166 *  This function requires the caller to lock the inode's i_mutex before it
 167 *  is executed. It also assumes that the caller will make the appropriate
 168 *  permission checks.
 169 */
 170int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
 171                const void *value, size_t size, int flags)
 172{
 173        struct inode *inode = dentry->d_inode;
 174        int error = -EAGAIN;
 175        int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
 176                                   XATTR_SECURITY_PREFIX_LEN);
 177
 178        if (issec)
 179                inode->i_flags &= ~S_NOSEC;
 180        if (inode->i_opflags & IOP_XATTR) {
 181                error = __vfs_setxattr(dentry, inode, name, value, size, flags);
 182                if (!error) {
 183                        fsnotify_xattr(dentry);
 184                        security_inode_post_setxattr(dentry, name, value,
 185                                                     size, flags);
 186                }
 187        } else {
 188                if (unlikely(is_bad_inode(inode)))
 189                        return -EIO;
 190        }
 191        if (error == -EAGAIN) {
 192                error = -EOPNOTSUPP;
 193
 194                if (issec) {
 195                        const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
 196
 197                        error = security_inode_setsecurity(inode, suffix, value,
 198                                                           size, flags);
 199                        if (!error)
 200                                fsnotify_xattr(dentry);
 201                }
 202        }
 203
 204        return error;
 205}
 206
 207
 208int
 209vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
 210                size_t size, int flags)
 211{
 212        struct inode *inode = dentry->d_inode;
 213        int error;
 214
 215        error = xattr_permission(inode, name, MAY_WRITE);
 216        if (error)
 217                return error;
 218
 219        inode_lock(inode);
 220        error = security_inode_setxattr(dentry, name, value, size, flags);
 221        if (error)
 222                goto out;
 223
 224        error = __vfs_setxattr_noperm(dentry, name, value, size, flags);
 225
 226out:
 227        inode_unlock(inode);
 228        return error;
 229}
 230EXPORT_SYMBOL_GPL(vfs_setxattr);
 231
 232ssize_t
 233xattr_getsecurity(struct inode *inode, const char *name, void *value,
 234                        size_t size)
 235{
 236        void *buffer = NULL;
 237        ssize_t len;
 238
 239        if (!value || !size) {
 240                len = security_inode_getsecurity(inode, name, &buffer, false);
 241                goto out_noalloc;
 242        }
 243
 244        len = security_inode_getsecurity(inode, name, &buffer, true);
 245        if (len < 0)
 246                return len;
 247        if (size < len) {
 248                len = -ERANGE;
 249                goto out;
 250        }
 251        memcpy(value, buffer, len);
 252out:
 253        kfree(buffer);
 254out_noalloc:
 255        return len;
 256}
 257EXPORT_SYMBOL_GPL(xattr_getsecurity);
 258
 259/*
 260 * vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr
 261 *
 262 * Allocate memory, if not already allocated, or re-allocate correct size,
 263 * before retrieving the extended attribute.
 264 *
 265 * Returns the result of alloc, if failed, or the getxattr operation.
 266 */
 267ssize_t
 268vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
 269                   size_t xattr_size, gfp_t flags)
 270{
 271        const struct xattr_handler *handler;
 272        struct inode *inode = dentry->d_inode;
 273        char *value = *xattr_value;
 274        int error;
 275
 276        error = xattr_permission(inode, name, MAY_READ);
 277        if (error)
 278                return error;
 279
 280        handler = xattr_resolve_name(inode, &name);
 281        if (IS_ERR(handler))
 282                return PTR_ERR(handler);
 283        if (!handler->get)
 284                return -EOPNOTSUPP;
 285        error = handler->get(handler, dentry, inode, name, NULL, 0);
 286        if (error < 0)
 287                return error;
 288
 289        if (!value || (error > xattr_size)) {
 290                value = krealloc(*xattr_value, error + 1, flags);
 291                if (!value)
 292                        return -ENOMEM;
 293                memset(value, 0, error + 1);
 294        }
 295
 296        error = handler->get(handler, dentry, inode, name, value, error);
 297        *xattr_value = value;
 298        return error;
 299}
 300
 301ssize_t
 302__vfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name,
 303               void *value, size_t size)
 304{
 305        const struct xattr_handler *handler;
 306
 307        handler = xattr_resolve_name(inode, &name);
 308        if (IS_ERR(handler))
 309                return PTR_ERR(handler);
 310        if (!handler->get)
 311                return -EOPNOTSUPP;
 312        return handler->get(handler, dentry, inode, name, value, size);
 313}
 314EXPORT_SYMBOL(__vfs_getxattr);
 315
 316ssize_t
 317vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size)
 318{
 319        struct inode *inode = dentry->d_inode;
 320        int error;
 321
 322        error = xattr_permission(inode, name, MAY_READ);
 323        if (error)
 324                return error;
 325
 326        error = security_inode_getxattr(dentry, name);
 327        if (error)
 328                return error;
 329
 330        if (!strncmp(name, XATTR_SECURITY_PREFIX,
 331                                XATTR_SECURITY_PREFIX_LEN)) {
 332                const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
 333                int ret = xattr_getsecurity(inode, suffix, value, size);
 334                /*
 335                 * Only overwrite the return value if a security module
 336                 * is actually active.
 337                 */
 338                if (ret == -EOPNOTSUPP)
 339                        goto nolsm;
 340                return ret;
 341        }
 342nolsm:
 343        return __vfs_getxattr(dentry, inode, name, value, size);
 344}
 345EXPORT_SYMBOL_GPL(vfs_getxattr);
 346
 347ssize_t
 348vfs_listxattr(struct dentry *dentry, char *list, size_t size)
 349{
 350        struct inode *inode = d_inode(dentry);
 351        ssize_t error;
 352
 353        error = security_inode_listxattr(dentry);
 354        if (error)
 355                return error;
 356        if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) {
 357                error = -EOPNOTSUPP;
 358                error = inode->i_op->listxattr(dentry, list, size);
 359        } else {
 360                error = security_inode_listsecurity(inode, list, size);
 361                if (size && error > size)
 362                        error = -ERANGE;
 363        }
 364        return error;
 365}
 366EXPORT_SYMBOL_GPL(vfs_listxattr);
 367
 368int
 369__vfs_removexattr(struct dentry *dentry, const char *name)
 370{
 371        struct inode *inode = d_inode(dentry);
 372        const struct xattr_handler *handler;
 373
 374        handler = xattr_resolve_name(inode, &name);
 375        if (IS_ERR(handler))
 376                return PTR_ERR(handler);
 377        if (!handler->set)
 378                return -EOPNOTSUPP;
 379        return handler->set(handler, dentry, inode, name, NULL, 0, XATTR_REPLACE);
 380}
 381EXPORT_SYMBOL(__vfs_removexattr);
 382
 383int
 384vfs_removexattr(struct dentry *dentry, const char *name)
 385{
 386        struct inode *inode = dentry->d_inode;
 387        int error;
 388
 389        error = xattr_permission(inode, name, MAY_WRITE);
 390        if (error)
 391                return error;
 392
 393        inode_lock(inode);
 394        error = security_inode_removexattr(dentry, name);
 395        if (error)
 396                goto out;
 397
 398        error = __vfs_removexattr(dentry, name);
 399
 400        if (!error) {
 401                fsnotify_xattr(dentry);
 402                evm_inode_post_removexattr(dentry, name);
 403        }
 404
 405out:
 406        inode_unlock(inode);
 407        return error;
 408}
 409EXPORT_SYMBOL_GPL(vfs_removexattr);
 410
 411
 412/*
 413 * Extended attribute SET operations
 414 */
 415static long
 416setxattr(struct dentry *d, const char __user *name, const void __user *value,
 417         size_t size, int flags)
 418{
 419        int error;
 420        void *kvalue = NULL;
 421        char kname[XATTR_NAME_MAX + 1];
 422
 423        if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
 424                return -EINVAL;
 425
 426        error = strncpy_from_user(kname, name, sizeof(kname));
 427        if (error == 0 || error == sizeof(kname))
 428                error = -ERANGE;
 429        if (error < 0)
 430                return error;
 431
 432        if (size) {
 433                if (size > XATTR_SIZE_MAX)
 434                        return -E2BIG;
 435                kvalue = kvmalloc(size, GFP_KERNEL);
 436                if (!kvalue)
 437                        return -ENOMEM;
 438                if (copy_from_user(kvalue, value, size)) {
 439                        error = -EFAULT;
 440                        goto out;
 441                }
 442                if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
 443                    (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
 444                        posix_acl_fix_xattr_from_user(kvalue, size);
 445                else if (strcmp(kname, XATTR_NAME_CAPS) == 0) {
 446                        error = cap_convert_nscap(d, &kvalue, size);
 447                        if (error < 0)
 448                                goto out;
 449                        size = error;
 450                }
 451        }
 452
 453        error = vfs_setxattr(d, kname, kvalue, size, flags);
 454out:
 455        kvfree(kvalue);
 456
 457        return error;
 458}
 459
 460static int path_setxattr(const char __user *pathname,
 461                         const char __user *name, const void __user *value,
 462                         size_t size, int flags, unsigned int lookup_flags)
 463{
 464        struct path path;
 465        int error;
 466retry:
 467        error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
 468        if (error)
 469                return error;
 470        error = mnt_want_write(path.mnt);
 471        if (!error) {
 472                error = setxattr(path.dentry, name, value, size, flags);
 473                mnt_drop_write(path.mnt);
 474        }
 475        path_put(&path);
 476        if (retry_estale(error, lookup_flags)) {
 477                lookup_flags |= LOOKUP_REVAL;
 478                goto retry;
 479        }
 480        return error;
 481}
 482
 483SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
 484                const char __user *, name, const void __user *, value,
 485                size_t, size, int, flags)
 486{
 487        return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW);
 488}
 489
 490SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
 491                const char __user *, name, const void __user *, value,
 492                size_t, size, int, flags)
 493{
 494        return path_setxattr(pathname, name, value, size, flags, 0);
 495}
 496
 497SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
 498                const void __user *,value, size_t, size, int, flags)
 499{
 500        struct fd f = fdget(fd);
 501        int error = -EBADF;
 502
 503        if (!f.file)
 504                return error;
 505        audit_file(f.file);
 506        error = mnt_want_write_file_path(f.file);
 507        if (!error) {
 508                error = setxattr(f.file->f_path.dentry, name, value, size, flags);
 509                mnt_drop_write_file_path(f.file);
 510        }
 511        fdput(f);
 512        return error;
 513}
 514
 515/*
 516 * Extended attribute GET operations
 517 */
 518static ssize_t
 519getxattr(struct dentry *d, const char __user *name, void __user *value,
 520         size_t size)
 521{
 522        ssize_t error;
 523        void *kvalue = NULL;
 524        char kname[XATTR_NAME_MAX + 1];
 525
 526        error = strncpy_from_user(kname, name, sizeof(kname));
 527        if (error == 0 || error == sizeof(kname))
 528                error = -ERANGE;
 529        if (error < 0)
 530                return error;
 531
 532        if (size) {
 533                if (size > XATTR_SIZE_MAX)
 534                        size = XATTR_SIZE_MAX;
 535                kvalue = kvzalloc(size, GFP_KERNEL);
 536                if (!kvalue)
 537                        return -ENOMEM;
 538        }
 539
 540        error = vfs_getxattr(d, kname, kvalue, size);
 541        if (error > 0) {
 542                if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
 543                    (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
 544                        posix_acl_fix_xattr_to_user(kvalue, size);
 545                if (size && copy_to_user(value, kvalue, error))
 546                        error = -EFAULT;
 547        } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
 548                /* The file system tried to returned a value bigger
 549                   than XATTR_SIZE_MAX bytes. Not possible. */
 550                error = -E2BIG;
 551        }
 552
 553        kvfree(kvalue);
 554
 555        return error;
 556}
 557
 558static ssize_t path_getxattr(const char __user *pathname,
 559                             const char __user *name, void __user *value,
 560                             size_t size, unsigned int lookup_flags)
 561{
 562        struct path path;
 563        ssize_t error;
 564retry:
 565        error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
 566        if (error)
 567                return error;
 568        error = getxattr(path.dentry, name, value, size);
 569        path_put(&path);
 570        if (retry_estale(error, lookup_flags)) {
 571                lookup_flags |= LOOKUP_REVAL;
 572                goto retry;
 573        }
 574        return error;
 575}
 576
 577SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
 578                const char __user *, name, void __user *, value, size_t, size)
 579{
 580        return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW);
 581}
 582
 583SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
 584                const char __user *, name, void __user *, value, size_t, size)
 585{
 586        return path_getxattr(pathname, name, value, size, 0);
 587}
 588
 589SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
 590                void __user *, value, size_t, size)
 591{
 592        struct fd f = fdget(fd);
 593        ssize_t error = -EBADF;
 594
 595        if (!f.file)
 596                return error;
 597        audit_file(f.file);
 598        error = getxattr(f.file->f_path.dentry, name, value, size);
 599        fdput(f);
 600        return error;
 601}
 602
 603/*
 604 * Extended attribute LIST operations
 605 */
 606static ssize_t
 607listxattr(struct dentry *d, char __user *list, size_t size)
 608{
 609        ssize_t error;
 610        char *klist = NULL;
 611
 612        if (size) {
 613                if (size > XATTR_LIST_MAX)
 614                        size = XATTR_LIST_MAX;
 615                klist = kvmalloc(size, GFP_KERNEL);
 616                if (!klist)
 617                        return -ENOMEM;
 618        }
 619
 620        error = vfs_listxattr(d, klist, size);
 621        if (error > 0) {
 622                if (size && copy_to_user(list, klist, error))
 623                        error = -EFAULT;
 624        } else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
 625                /* The file system tried to returned a list bigger
 626                   than XATTR_LIST_MAX bytes. Not possible. */
 627                error = -E2BIG;
 628        }
 629
 630        kvfree(klist);
 631
 632        return error;
 633}
 634
 635static ssize_t path_listxattr(const char __user *pathname, char __user *list,
 636                              size_t size, unsigned int lookup_flags)
 637{
 638        struct path path;
 639        ssize_t error;
 640retry:
 641        error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
 642        if (error)
 643                return error;
 644        error = listxattr(path.dentry, list, size);
 645        path_put(&path);
 646        if (retry_estale(error, lookup_flags)) {
 647                lookup_flags |= LOOKUP_REVAL;
 648                goto retry;
 649        }
 650        return error;
 651}
 652
 653SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
 654                size_t, size)
 655{
 656        return path_listxattr(pathname, list, size, LOOKUP_FOLLOW);
 657}
 658
 659SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
 660                size_t, size)
 661{
 662        return path_listxattr(pathname, list, size, 0);
 663}
 664
 665SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
 666{
 667        struct fd f = fdget(fd);
 668        ssize_t error = -EBADF;
 669
 670        if (!f.file)
 671                return error;
 672        audit_file(f.file);
 673        error = listxattr(f.file->f_path.dentry, list, size);
 674        fdput(f);
 675        return error;
 676}
 677
 678/*
 679 * Extended attribute REMOVE operations
 680 */
 681static long
 682removexattr(struct dentry *d, const char __user *name)
 683{
 684        int error;
 685        char kname[XATTR_NAME_MAX + 1];
 686
 687        error = strncpy_from_user(kname, name, sizeof(kname));
 688        if (error == 0 || error == sizeof(kname))
 689                error = -ERANGE;
 690        if (error < 0)
 691                return error;
 692
 693        return vfs_removexattr(d, kname);
 694}
 695
 696static int path_removexattr(const char __user *pathname,
 697                            const char __user *name, unsigned int lookup_flags)
 698{
 699        struct path path;
 700        int error;
 701retry:
 702        error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
 703        if (error)
 704                return error;
 705        error = mnt_want_write(path.mnt);
 706        if (!error) {
 707                error = removexattr(path.dentry, name);
 708                mnt_drop_write(path.mnt);
 709        }
 710        path_put(&path);
 711        if (retry_estale(error, lookup_flags)) {
 712                lookup_flags |= LOOKUP_REVAL;
 713                goto retry;
 714        }
 715        return error;
 716}
 717
 718SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
 719                const char __user *, name)
 720{
 721        return path_removexattr(pathname, name, LOOKUP_FOLLOW);
 722}
 723
 724SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
 725                const char __user *, name)
 726{
 727        return path_removexattr(pathname, name, 0);
 728}
 729
 730SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
 731{
 732        struct fd f = fdget(fd);
 733        int error = -EBADF;
 734
 735        if (!f.file)
 736                return error;
 737        audit_file(f.file);
 738        error = mnt_want_write_file_path(f.file);
 739        if (!error) {
 740                error = removexattr(f.file->f_path.dentry, name);
 741                mnt_drop_write_file_path(f.file);
 742        }
 743        fdput(f);
 744        return error;
 745}
 746
 747/*
 748 * Combine the results of the list() operation from every xattr_handler in the
 749 * list.
 750 */
 751ssize_t
 752generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
 753{
 754        const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
 755        unsigned int size = 0;
 756
 757        if (!buffer) {
 758                for_each_xattr_handler(handlers, handler) {
 759                        if (!handler->name ||
 760                            (handler->list && !handler->list(dentry)))
 761                                continue;
 762                        size += strlen(handler->name) + 1;
 763                }
 764        } else {
 765                char *buf = buffer;
 766                size_t len;
 767
 768                for_each_xattr_handler(handlers, handler) {
 769                        if (!handler->name ||
 770                            (handler->list && !handler->list(dentry)))
 771                                continue;
 772                        len = strlen(handler->name);
 773                        if (len + 1 > buffer_size)
 774                                return -ERANGE;
 775                        memcpy(buf, handler->name, len + 1);
 776                        buf += len + 1;
 777                        buffer_size -= len + 1;
 778                }
 779                size = buf - buffer;
 780        }
 781        return size;
 782}
 783EXPORT_SYMBOL(generic_listxattr);
 784
 785/**
 786 * xattr_full_name  -  Compute full attribute name from suffix
 787 *
 788 * @handler:    handler of the xattr_handler operation
 789 * @name:       name passed to the xattr_handler operation
 790 *
 791 * The get and set xattr handler operations are called with the remainder of
 792 * the attribute name after skipping the handler's prefix: for example, "foo"
 793 * is passed to the get operation of a handler with prefix "user." to get
 794 * attribute "user.foo".  The full name is still "there" in the name though.
 795 *
 796 * Note: the list xattr handler operation when called from the vfs is passed a
 797 * NULL name; some file systems use this operation internally, with varying
 798 * semantics.
 799 */
 800const char *xattr_full_name(const struct xattr_handler *handler,
 801                            const char *name)
 802{
 803        size_t prefix_len = strlen(xattr_prefix(handler));
 804
 805        return name - prefix_len;
 806}
 807EXPORT_SYMBOL(xattr_full_name);
 808
 809/*
 810 * Allocate new xattr and copy in the value; but leave the name to callers.
 811 */
 812struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
 813{
 814        struct simple_xattr *new_xattr;
 815        size_t len;
 816
 817        /* wrap around? */
 818        len = sizeof(*new_xattr) + size;
 819        if (len < sizeof(*new_xattr))
 820                return NULL;
 821
 822        new_xattr = kmalloc(len, GFP_KERNEL);
 823        if (!new_xattr)
 824                return NULL;
 825
 826        new_xattr->size = size;
 827        memcpy(new_xattr->value, value, size);
 828        return new_xattr;
 829}
 830
 831/*
 832 * xattr GET operation for in-memory/pseudo filesystems
 833 */
 834int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
 835                     void *buffer, size_t size)
 836{
 837        struct simple_xattr *xattr;
 838        int ret = -ENODATA;
 839
 840        spin_lock(&xattrs->lock);
 841        list_for_each_entry(xattr, &xattrs->head, list) {
 842                if (strcmp(name, xattr->name))
 843                        continue;
 844
 845                ret = xattr->size;
 846                if (buffer) {
 847                        if (size < xattr->size)
 848                                ret = -ERANGE;
 849                        else
 850                                memcpy(buffer, xattr->value, xattr->size);
 851                }
 852                break;
 853        }
 854        spin_unlock(&xattrs->lock);
 855        return ret;
 856}
 857
 858/**
 859 * simple_xattr_set - xattr SET operation for in-memory/pseudo filesystems
 860 * @xattrs: target simple_xattr list
 861 * @name: name of the extended attribute
 862 * @value: value of the xattr. If %NULL, will remove the attribute.
 863 * @size: size of the new xattr
 864 * @flags: %XATTR_{CREATE|REPLACE}
 865 *
 866 * %XATTR_CREATE is set, the xattr shouldn't exist already; otherwise fails
 867 * with -EEXIST.  If %XATTR_REPLACE is set, the xattr should exist;
 868 * otherwise, fails with -ENODATA.
 869 *
 870 * Returns 0 on success, -errno on failure.
 871 */
 872int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
 873                     const void *value, size_t size, int flags)
 874{
 875        struct simple_xattr *xattr;
 876        struct simple_xattr *new_xattr = NULL;
 877        int err = 0;
 878
 879        /* value == NULL means remove */
 880        if (value) {
 881                new_xattr = simple_xattr_alloc(value, size);
 882                if (!new_xattr)
 883                        return -ENOMEM;
 884
 885                new_xattr->name = kstrdup(name, GFP_KERNEL);
 886                if (!new_xattr->name) {
 887                        kfree(new_xattr);
 888                        return -ENOMEM;
 889                }
 890        }
 891
 892        spin_lock(&xattrs->lock);
 893        list_for_each_entry(xattr, &xattrs->head, list) {
 894                if (!strcmp(name, xattr->name)) {
 895                        if (flags & XATTR_CREATE) {
 896                                xattr = new_xattr;
 897                                err = -EEXIST;
 898                        } else if (new_xattr) {
 899                                list_replace(&xattr->list, &new_xattr->list);
 900                        } else {
 901                                list_del(&xattr->list);
 902                        }
 903                        goto out;
 904                }
 905        }
 906        if (flags & XATTR_REPLACE) {
 907                xattr = new_xattr;
 908                err = -ENODATA;
 909        } else {
 910                list_add(&new_xattr->list, &xattrs->head);
 911                xattr = NULL;
 912        }
 913out:
 914        spin_unlock(&xattrs->lock);
 915        if (xattr) {
 916                kfree(xattr->name);
 917                kfree(xattr);
 918        }
 919        return err;
 920
 921}
 922
 923static bool xattr_is_trusted(const char *name)
 924{
 925        return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
 926}
 927
 928static int xattr_list_one(char **buffer, ssize_t *remaining_size,
 929                          const char *name)
 930{
 931        size_t len = strlen(name) + 1;
 932        if (*buffer) {
 933                if (*remaining_size < len)
 934                        return -ERANGE;
 935                memcpy(*buffer, name, len);
 936                *buffer += len;
 937        }
 938        *remaining_size -= len;
 939        return 0;
 940}
 941
 942/*
 943 * xattr LIST operation for in-memory/pseudo filesystems
 944 */
 945ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
 946                          char *buffer, size_t size)
 947{
 948        bool trusted = capable(CAP_SYS_ADMIN);
 949        struct simple_xattr *xattr;
 950        ssize_t remaining_size = size;
 951        int err = 0;
 952
 953#ifdef CONFIG_FS_POSIX_ACL
 954        if (inode->i_acl) {
 955                err = xattr_list_one(&buffer, &remaining_size,
 956                                     XATTR_NAME_POSIX_ACL_ACCESS);
 957                if (err)
 958                        return err;
 959        }
 960        if (inode->i_default_acl) {
 961                err = xattr_list_one(&buffer, &remaining_size,
 962                                     XATTR_NAME_POSIX_ACL_DEFAULT);
 963                if (err)
 964                        return err;
 965        }
 966#endif
 967
 968        spin_lock(&xattrs->lock);
 969        list_for_each_entry(xattr, &xattrs->head, list) {
 970                /* skip "trusted." attributes for unprivileged callers */
 971                if (!trusted && xattr_is_trusted(xattr->name))
 972                        continue;
 973
 974                err = xattr_list_one(&buffer, &remaining_size, xattr->name);
 975                if (err)
 976                        break;
 977        }
 978        spin_unlock(&xattrs->lock);
 979
 980        return err ? err : size - remaining_size;
 981}
 982
 983/*
 984 * Adds an extended attribute to the list
 985 */
 986void simple_xattr_list_add(struct simple_xattrs *xattrs,
 987                           struct simple_xattr *new_xattr)
 988{
 989        spin_lock(&xattrs->lock);
 990        list_add(&new_xattr->list, &xattrs->head);
 991        spin_unlock(&xattrs->lock);
 992}
 993