Line data Source code
1 : // SPDX-License-Identifier: GPL-2.0-only
2 : /*
3 : File: fs/xattr.c
4 :
5 : Extended attribute handling.
6 :
7 : Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
8 : Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
9 : Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
10 : */
11 : #include <linux/fs.h>
12 : #include <linux/filelock.h>
13 : #include <linux/slab.h>
14 : #include <linux/file.h>
15 : #include <linux/xattr.h>
16 : #include <linux/mount.h>
17 : #include <linux/namei.h>
18 : #include <linux/security.h>
19 : #include <linux/evm.h>
20 : #include <linux/syscalls.h>
21 : #include <linux/export.h>
22 : #include <linux/fsnotify.h>
23 : #include <linux/audit.h>
24 : #include <linux/vmalloc.h>
25 : #include <linux/posix_acl_xattr.h>
26 :
27 : #include <linux/uaccess.h>
28 :
29 : #include "internal.h"
30 :
31 : static const char *
32 : strcmp_prefix(const char *a, const char *a_prefix)
33 : {
34 1738512856 : while (*a_prefix && *a == *a_prefix) {
35 1121122323 : a++;
36 1121122323 : a_prefix++;
37 : }
38 617390533 : return *a_prefix ? NULL : a;
39 : }
40 :
41 : /*
42 : * In order to implement different sets of xattr operations for each xattr
43 : * prefix, a filesystem should create a null-terminated array of struct
44 : * xattr_handler (one for each prefix) and hang a pointer to it off of the
45 : * s_xattr field of the superblock.
46 : */
47 : #define for_each_xattr_handler(handlers, handler) \
48 : if (handlers) \
49 : for ((handler) = *(handlers)++; \
50 : (handler) != NULL; \
51 : (handler) = *(handlers)++)
52 :
53 : /*
54 : * Find the xattr_handler with the matching prefix.
55 : */
56 : static const struct xattr_handler *
57 325649131 : xattr_resolve_name(struct inode *inode, const char **name)
58 : {
59 325649131 : const struct xattr_handler **handlers = inode->i_sb->s_xattr;
60 325649131 : const struct xattr_handler *handler;
61 :
62 325649131 : if (!(inode->i_opflags & IOP_XATTR)) {
63 8016 : if (unlikely(is_bad_inode(inode)))
64 : return ERR_PTR(-EIO);
65 8016 : return ERR_PTR(-EOPNOTSUPP);
66 : }
67 741284693 : for_each_xattr_handler(handlers, handler) {
68 617390533 : const char *n;
69 :
70 617390533 : n = strcmp_prefix(*name, xattr_prefix(handler));
71 201746955 : if (n) {
72 201746955 : if (!handler->prefix ^ !*n) {
73 0 : if (*n)
74 0 : continue;
75 : return ERR_PTR(-EINVAL);
76 : }
77 201811565 : *name = n;
78 201811565 : return handler;
79 : }
80 : }
81 : return ERR_PTR(-EOPNOTSUPP);
82 : }
83 :
84 : /**
85 : * may_write_xattr - check whether inode allows writing xattr
86 : * @idmap: idmap of the mount the inode was found from
87 : * @inode: the inode on which to set an xattr
88 : *
89 : * Check whether the inode allows writing xattrs. Specifically, we can never
90 : * set or remove an extended attribute on a read-only filesystem or on an
91 : * immutable / append-only inode.
92 : *
93 : * We also need to ensure that the inode has a mapping in the mount to
94 : * not risk writing back invalid i_{g,u}id values.
95 : *
96 : * Return: On success zero is returned. On error a negative errno is returned.
97 : */
98 275356057 : int may_write_xattr(struct mnt_idmap *idmap, struct inode *inode)
99 : {
100 275356057 : if (IS_IMMUTABLE(inode))
101 : return -EPERM;
102 275356013 : if (IS_APPEND(inode))
103 : return -EPERM;
104 275355969 : if (HAS_UNMAPPED_ID(idmap, inode))
105 0 : return -EPERM;
106 : return 0;
107 : }
108 :
109 : /*
110 : * Check permissions for extended attribute access. This is a bit complicated
111 : * because different namespaces have very different rules.
112 : */
113 : static int
114 294675128 : xattr_permission(struct mnt_idmap *idmap, struct inode *inode,
115 : const char *name, int mask)
116 : {
117 294675128 : if (mask & MAY_WRITE) {
118 273615569 : int ret;
119 :
120 273615569 : ret = may_write_xattr(idmap, inode);
121 273547315 : if (ret)
122 : return ret;
123 : }
124 :
125 : /*
126 : * No restriction for security.* and system.* from the VFS. Decision
127 : * on these is left to the underlying filesystem / security module.
128 : */
129 294606802 : if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
130 294587216 : !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
131 : return 0;
132 :
133 : /*
134 : * The trusted.* namespace can only be accessed by privileged users.
135 : */
136 294587210 : if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
137 199608 : if (!capable(CAP_SYS_ADMIN))
138 0 : return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
139 : return 0;
140 : }
141 :
142 : /*
143 : * In the user.* namespace, only regular files and directories can have
144 : * extended attributes. For sticky directories, only the owner and
145 : * privileged users can write attributes.
146 : */
147 294387602 : if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
148 183329445 : if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
149 96 : return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
150 183329349 : if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
151 0 : (mask & MAY_WRITE) &&
152 0 : !inode_owner_or_capable(idmap, inode))
153 : return -EPERM;
154 : }
155 :
156 294387506 : return inode_permission(idmap, inode, mask);
157 : }
158 :
159 : /*
160 : * Look for any handler that deals with the specified namespace.
161 : */
162 : int
163 0 : xattr_supports_user_prefix(struct inode *inode)
164 : {
165 0 : const struct xattr_handler **handlers = inode->i_sb->s_xattr;
166 0 : const struct xattr_handler *handler;
167 :
168 0 : if (!(inode->i_opflags & IOP_XATTR)) {
169 0 : if (unlikely(is_bad_inode(inode)))
170 : return -EIO;
171 0 : return -EOPNOTSUPP;
172 : }
173 :
174 0 : for_each_xattr_handler(handlers, handler) {
175 0 : if (!strncmp(xattr_prefix(handler), XATTR_USER_PREFIX,
176 : XATTR_USER_PREFIX_LEN))
177 : return 0;
178 : }
179 :
180 : return -EOPNOTSUPP;
181 : }
182 : EXPORT_SYMBOL(xattr_supports_user_prefix);
183 :
184 : int
185 223516613 : __vfs_setxattr(struct mnt_idmap *idmap, struct dentry *dentry,
186 : struct inode *inode, const char *name, const void *value,
187 : size_t size, int flags)
188 : {
189 223516613 : const struct xattr_handler *handler;
190 :
191 223516613 : if (is_posix_acl_xattr(name))
192 : return -EOPNOTSUPP;
193 :
194 223516613 : handler = xattr_resolve_name(inode, &name);
195 223556712 : if (IS_ERR(handler))
196 111068698 : return PTR_ERR(handler);
197 112488014 : if (!handler->set)
198 : return -EOPNOTSUPP;
199 112488014 : if (size == 0)
200 1125618 : value = ""; /* empty EA, do not remove */
201 112488014 : return handler->set(handler, idmap, dentry, inode, name, value,
202 : size, flags);
203 : }
204 : EXPORT_SYMBOL(__vfs_setxattr);
205 :
206 : /**
207 : * __vfs_setxattr_noperm - perform setxattr operation without performing
208 : * permission checks.
209 : *
210 : * @idmap: idmap of the mount the inode was found from
211 : * @dentry: object to perform setxattr on
212 : * @name: xattr name to set
213 : * @value: value to set @name to
214 : * @size: size of @value
215 : * @flags: flags to pass into filesystem operations
216 : *
217 : * returns the result of the internal setxattr or setsecurity operations.
218 : *
219 : * This function requires the caller to lock the inode's i_mutex before it
220 : * is executed. It also assumes that the caller will make the appropriate
221 : * permission checks.
222 : */
223 223532138 : int __vfs_setxattr_noperm(struct mnt_idmap *idmap,
224 : struct dentry *dentry, const char *name,
225 : const void *value, size_t size, int flags)
226 : {
227 223532138 : struct inode *inode = dentry->d_inode;
228 223532138 : int error = -EAGAIN;
229 223532138 : int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
230 : XATTR_SECURITY_PREFIX_LEN);
231 :
232 223532138 : if (issec)
233 50 : inode->i_flags &= ~S_NOSEC;
234 223532138 : if (inode->i_opflags & IOP_XATTR) {
235 223532138 : error = __vfs_setxattr(idmap, dentry, inode, name, value,
236 : size, flags);
237 223459938 : if (!error) {
238 97171437 : fsnotify_xattr(dentry);
239 : security_inode_post_setxattr(dentry, name, value,
240 : size, flags);
241 : }
242 : } else {
243 0 : if (unlikely(is_bad_inode(inode)))
244 : return -EIO;
245 : }
246 223462354 : if (error == -EAGAIN) {
247 0 : error = -EOPNOTSUPP;
248 :
249 0 : if (issec) {
250 : const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
251 :
252 : error = security_inode_setsecurity(inode, suffix, value,
253 : size, flags);
254 : if (!error)
255 : fsnotify_xattr(dentry);
256 : }
257 : }
258 :
259 : return error;
260 : }
261 :
262 : /**
263 : * __vfs_setxattr_locked - set an extended attribute while holding the inode
264 : * lock
265 : *
266 : * @idmap: idmap of the mount of the target inode
267 : * @dentry: object to perform setxattr on
268 : * @name: xattr name to set
269 : * @value: value to set @name to
270 : * @size: size of @value
271 : * @flags: flags to pass into filesystem operations
272 : * @delegated_inode: on return, will contain an inode pointer that
273 : * a delegation was broken on, NULL if none.
274 : */
275 : int
276 223530590 : __vfs_setxattr_locked(struct mnt_idmap *idmap, struct dentry *dentry,
277 : const char *name, const void *value, size_t size,
278 : int flags, struct inode **delegated_inode)
279 : {
280 223530590 : struct inode *inode = dentry->d_inode;
281 223530590 : int error;
282 :
283 223530590 : error = xattr_permission(idmap, inode, name, MAY_WRITE);
284 223518574 : if (error)
285 : return error;
286 :
287 223517912 : error = security_inode_setxattr(idmap, dentry, name, value, size,
288 : flags);
289 223489640 : if (error)
290 0 : goto out;
291 :
292 223489640 : error = try_break_deleg(inode, delegated_inode);
293 223525223 : if (error)
294 0 : goto out;
295 :
296 223525223 : error = __vfs_setxattr_noperm(idmap, dentry, name, value,
297 : size, flags);
298 :
299 : out:
300 : return error;
301 : }
302 : EXPORT_SYMBOL_GPL(__vfs_setxattr_locked);
303 :
304 : int
305 223497193 : vfs_setxattr(struct mnt_idmap *idmap, struct dentry *dentry,
306 : const char *name, const void *value, size_t size, int flags)
307 : {
308 223497193 : struct inode *inode = dentry->d_inode;
309 223497193 : struct inode *delegated_inode = NULL;
310 223497193 : const void *orig_value = value;
311 223497193 : int error;
312 :
313 223497193 : if (size && strcmp(name, XATTR_NAME_CAPS) == 0) {
314 50 : error = cap_convert_nscap(idmap, dentry, &value, size);
315 50 : if (error < 0)
316 : return error;
317 48 : size = error;
318 : }
319 :
320 223497191 : retry_deleg:
321 223497191 : inode_lock(inode);
322 223526095 : error = __vfs_setxattr_locked(idmap, dentry, name, value, size,
323 : flags, &delegated_inode);
324 223427812 : inode_unlock(inode);
325 :
326 223315093 : if (delegated_inode) {
327 0 : error = break_deleg_wait(&delegated_inode);
328 0 : if (!error)
329 0 : goto retry_deleg;
330 : }
331 223315093 : if (value != orig_value)
332 24 : kfree(value);
333 :
334 : return error;
335 : }
336 : EXPORT_SYMBOL_GPL(vfs_setxattr);
337 :
338 : static ssize_t
339 19069 : xattr_getsecurity(struct mnt_idmap *idmap, struct inode *inode,
340 : const char *name, void *value, size_t size)
341 : {
342 19069 : void *buffer = NULL;
343 19069 : ssize_t len;
344 :
345 19069 : if (!value || !size) {
346 355 : len = security_inode_getsecurity(idmap, inode, name,
347 : &buffer, false);
348 355 : goto out_noalloc;
349 : }
350 :
351 18714 : len = security_inode_getsecurity(idmap, inode, name, &buffer,
352 : true);
353 18714 : if (len < 0)
354 : return len;
355 58 : if (size < len) {
356 0 : len = -ERANGE;
357 0 : goto out;
358 : }
359 116 : memcpy(value, buffer, len);
360 58 : out:
361 58 : kfree(buffer);
362 : out_noalloc:
363 : return len;
364 : }
365 :
366 : /*
367 : * vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr
368 : *
369 : * Allocate memory, if not already allocated, or re-allocate correct size,
370 : * before retrieving the extended attribute. The xattr value buffer should
371 : * always be freed by the caller, even on error.
372 : *
373 : * Returns the result of alloc, if failed, or the getxattr operation.
374 : */
375 : int
376 451 : vfs_getxattr_alloc(struct mnt_idmap *idmap, struct dentry *dentry,
377 : const char *name, char **xattr_value, size_t xattr_size,
378 : gfp_t flags)
379 : {
380 451 : const struct xattr_handler *handler;
381 451 : struct inode *inode = dentry->d_inode;
382 451 : char *value = *xattr_value;
383 451 : int error;
384 :
385 451 : error = xattr_permission(idmap, inode, name, MAY_READ);
386 451 : if (error)
387 : return error;
388 :
389 451 : handler = xattr_resolve_name(inode, &name);
390 451 : if (IS_ERR(handler))
391 0 : return PTR_ERR(handler);
392 451 : if (!handler->get)
393 : return -EOPNOTSUPP;
394 451 : error = handler->get(handler, dentry, inode, name, NULL, 0);
395 451 : if (error < 0)
396 : return error;
397 :
398 66 : if (!value || (error > xattr_size)) {
399 66 : value = krealloc(*xattr_value, error + 1, flags);
400 66 : if (!value)
401 : return -ENOMEM;
402 132 : memset(value, 0, error + 1);
403 : }
404 :
405 66 : error = handler->get(handler, dentry, inode, name, value, error);
406 66 : *xattr_value = value;
407 66 : return error;
408 : }
409 :
410 : ssize_t
411 52056925 : __vfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name,
412 : void *value, size_t size)
413 : {
414 52056925 : const struct xattr_handler *handler;
415 :
416 52056925 : if (is_posix_acl_xattr(name))
417 : return -EOPNOTSUPP;
418 :
419 52056925 : handler = xattr_resolve_name(inode, &name);
420 52064662 : if (IS_ERR(handler))
421 12831427 : return PTR_ERR(handler);
422 39233235 : if (!handler->get)
423 : return -EOPNOTSUPP;
424 39233235 : return handler->get(handler, dentry, inode, name, value, size);
425 : }
426 : EXPORT_SYMBOL(__vfs_getxattr);
427 :
428 : ssize_t
429 20999027 : vfs_getxattr(struct mnt_idmap *idmap, struct dentry *dentry,
430 : const char *name, void *value, size_t size)
431 : {
432 20999027 : struct inode *inode = dentry->d_inode;
433 20999027 : int error;
434 :
435 20999027 : error = xattr_permission(idmap, inode, name, MAY_READ);
436 20999033 : if (error)
437 24 : return error;
438 :
439 20999009 : error = security_inode_getxattr(dentry, name);
440 20999009 : if (error)
441 : return error;
442 :
443 20999009 : if (!strncmp(name, XATTR_SECURITY_PREFIX,
444 : XATTR_SECURITY_PREFIX_LEN)) {
445 19069 : const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
446 19069 : int ret = xattr_getsecurity(idmap, inode, suffix, value,
447 : size);
448 : /*
449 : * Only overwrite the return value if a security module
450 : * is actually active.
451 : */
452 19069 : if (ret == -EOPNOTSUPP)
453 18618 : goto nolsm;
454 451 : return ret;
455 : }
456 20979940 : nolsm:
457 20998558 : return __vfs_getxattr(dentry, inode, name, value, size);
458 : }
459 : EXPORT_SYMBOL_GPL(vfs_getxattr);
460 :
461 : /**
462 : * vfs_listxattr - retrieve \0 separated list of xattr names
463 : * @dentry: the dentry from whose inode the xattr names are retrieved
464 : * @list: buffer to store xattr names into
465 : * @size: size of the buffer
466 : *
467 : * This function returns the names of all xattrs associated with the
468 : * inode of @dentry.
469 : *
470 : * Note, for legacy reasons the vfs_listxattr() function lists POSIX
471 : * ACLs as well. Since POSIX ACLs are decoupled from IOP_XATTR the
472 : * vfs_listxattr() function doesn't check for this flag since a
473 : * filesystem could implement POSIX ACLs without implementing any other
474 : * xattrs.
475 : *
476 : * However, since all codepaths that remove IOP_XATTR also assign of
477 : * inode operations that either don't implement or implement a stub
478 : * ->listxattr() operation.
479 : *
480 : * Return: On success, the size of the buffer that was used. On error a
481 : * negative error code.
482 : */
483 : ssize_t
484 59559286 : vfs_listxattr(struct dentry *dentry, char *list, size_t size)
485 : {
486 59559286 : struct inode *inode = d_inode(dentry);
487 59559286 : ssize_t error;
488 :
489 59559286 : error = security_inode_listxattr(dentry);
490 59559286 : if (error)
491 : return error;
492 :
493 59559286 : if (inode->i_op->listxattr) {
494 59559286 : error = inode->i_op->listxattr(dentry, list, size);
495 : } else {
496 : error = security_inode_listsecurity(inode, list, size);
497 : if (size && error > size)
498 : error = -ERANGE;
499 : }
500 59569889 : return error;
501 : }
502 : EXPORT_SYMBOL_GPL(vfs_listxattr);
503 :
504 : int
505 50122109 : __vfs_removexattr(struct mnt_idmap *idmap, struct dentry *dentry,
506 : const char *name)
507 : {
508 50122109 : struct inode *inode = d_inode(dentry);
509 50122109 : const struct xattr_handler *handler;
510 :
511 50122109 : if (is_posix_acl_xattr(name))
512 : return -EOPNOTSUPP;
513 :
514 50122109 : handler = xattr_resolve_name(inode, &name);
515 50122813 : if (IS_ERR(handler))
516 0 : return PTR_ERR(handler);
517 50122813 : if (!handler->set)
518 : return -EOPNOTSUPP;
519 50122813 : return handler->set(handler, idmap, dentry, inode, name, NULL, 0,
520 : XATTR_REPLACE);
521 : }
522 : EXPORT_SYMBOL(__vfs_removexattr);
523 :
524 : /**
525 : * __vfs_removexattr_locked - set an extended attribute while holding the inode
526 : * lock
527 : *
528 : * @idmap: idmap of the mount of the target inode
529 : * @dentry: object to perform setxattr on
530 : * @name: name of xattr to remove
531 : * @delegated_inode: on return, will contain an inode pointer that
532 : * a delegation was broken on, NULL if none.
533 : */
534 : int
535 50122384 : __vfs_removexattr_locked(struct mnt_idmap *idmap,
536 : struct dentry *dentry, const char *name,
537 : struct inode **delegated_inode)
538 : {
539 50122384 : struct inode *inode = dentry->d_inode;
540 50122384 : int error;
541 :
542 50122384 : error = xattr_permission(idmap, inode, name, MAY_WRITE);
543 50122496 : if (error)
544 : return error;
545 :
546 50122122 : error = security_inode_removexattr(idmap, dentry, name);
547 50120176 : if (error)
548 0 : goto out;
549 :
550 50120176 : error = try_break_deleg(inode, delegated_inode);
551 50122359 : if (error)
552 0 : goto out;
553 :
554 50122359 : error = __vfs_removexattr(idmap, dentry, name);
555 :
556 50123125 : if (!error) {
557 33545789 : fsnotify_xattr(dentry);
558 : evm_inode_post_removexattr(dentry, name);
559 : }
560 :
561 16577336 : out:
562 : return error;
563 : }
564 : EXPORT_SYMBOL_GPL(__vfs_removexattr_locked);
565 :
566 : int
567 50122215 : vfs_removexattr(struct mnt_idmap *idmap, struct dentry *dentry,
568 : const char *name)
569 : {
570 50122215 : struct inode *inode = dentry->d_inode;
571 50122215 : struct inode *delegated_inode = NULL;
572 50122215 : int error;
573 :
574 50122215 : retry_deleg:
575 50122215 : inode_lock(inode);
576 50122321 : error = __vfs_removexattr_locked(idmap, dentry,
577 : name, &delegated_inode);
578 50122012 : inode_unlock(inode);
579 :
580 50120396 : if (delegated_inode) {
581 0 : error = break_deleg_wait(&delegated_inode);
582 0 : if (!error)
583 0 : goto retry_deleg;
584 : }
585 :
586 50120396 : return error;
587 : }
588 : EXPORT_SYMBOL_GPL(vfs_removexattr);
589 :
590 : /*
591 : * Extended attribute SET operations
592 : */
593 :
594 225334266 : int setxattr_copy(const char __user *name, struct xattr_ctx *ctx)
595 : {
596 225334266 : int error;
597 :
598 225334266 : if (ctx->flags & ~(XATTR_CREATE|XATTR_REPLACE))
599 : return -EINVAL;
600 :
601 225334266 : error = strncpy_from_user(ctx->kname->name, name,
602 : sizeof(ctx->kname->name));
603 225336889 : if (error == 0 || error == sizeof(ctx->kname->name))
604 : return -ERANGE;
605 225336889 : if (error < 0)
606 : return error;
607 :
608 225336889 : error = 0;
609 225336889 : if (ctx->size) {
610 224239060 : if (ctx->size > XATTR_SIZE_MAX)
611 : return -E2BIG;
612 :
613 224239060 : ctx->kvalue = vmemdup_user(ctx->cvalue, ctx->size);
614 224176710 : if (IS_ERR(ctx->kvalue)) {
615 0 : error = PTR_ERR(ctx->kvalue);
616 0 : ctx->kvalue = NULL;
617 : }
618 : }
619 :
620 : return error;
621 : }
622 :
623 225296458 : int do_setxattr(struct mnt_idmap *idmap, struct dentry *dentry,
624 : struct xattr_ctx *ctx)
625 : {
626 225296458 : if (is_posix_acl_xattr(ctx->kname->name))
627 1854874 : return do_set_acl(idmap, dentry, ctx->kname->name,
628 1854874 : ctx->kvalue, ctx->size);
629 :
630 223441584 : return vfs_setxattr(idmap, dentry, ctx->kname->name,
631 223441584 : ctx->kvalue, ctx->size, ctx->flags);
632 : }
633 :
634 : static long
635 225332645 : setxattr(struct mnt_idmap *idmap, struct dentry *d,
636 : const char __user *name, const void __user *value, size_t size,
637 : int flags)
638 : {
639 225332645 : struct xattr_name kname;
640 225332645 : struct xattr_ctx ctx = {
641 : .cvalue = value,
642 : .kvalue = NULL,
643 : .size = size,
644 : .kname = &kname,
645 : .flags = flags,
646 : };
647 225332645 : int error;
648 :
649 225332645 : error = setxattr_copy(name, &ctx);
650 225291241 : if (error)
651 0 : return error;
652 :
653 225291241 : error = do_setxattr(idmap, d, &ctx);
654 :
655 225233655 : kvfree(ctx.kvalue);
656 225282554 : return error;
657 : }
658 :
659 223316380 : static int path_setxattr(const char __user *pathname,
660 : const char __user *name, const void __user *value,
661 : size_t size, int flags, unsigned int lookup_flags)
662 : {
663 223316272 : struct path path;
664 223316272 : int error;
665 :
666 223316272 : retry:
667 223316272 : error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
668 223423528 : if (error)
669 0 : return error;
670 223423528 : error = mnt_want_write(path.mnt);
671 223439777 : if (!error) {
672 223435745 : error = setxattr(mnt_idmap(path.mnt), path.dentry, name,
673 : value, size, flags);
674 223346082 : mnt_drop_write(path.mnt);
675 : }
676 223376308 : path_put(&path);
677 446833162 : if (retry_estale(error, lookup_flags)) {
678 1958 : lookup_flags |= LOOKUP_REVAL;
679 1958 : goto retry;
680 : }
681 : return error;
682 : }
683 :
684 224699121 : SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
685 : const char __user *, name, const void __user *, value,
686 : size_t, size, int, flags)
687 : {
688 112341792 : return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW);
689 : }
690 :
691 222123199 : SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
692 : const char __user *, name, const void __user *, value,
693 : size_t, size, int, flags)
694 : {
695 111048130 : return path_setxattr(pathname, name, value, size, flags, 0);
696 : }
697 :
698 3839008 : SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
699 : const void __user *,value, size_t, size, int, flags)
700 : {
701 1919506 : struct fd f = fdget(fd);
702 1919002 : int error = -EBADF;
703 :
704 1919002 : if (!f.file)
705 : return error;
706 1919002 : audit_file(f.file);
707 1919002 : error = mnt_want_write_file(f.file);
708 1918923 : if (!error) {
709 1919045 : error = setxattr(file_mnt_idmap(f.file),
710 : f.file->f_path.dentry, name,
711 : value, size, flags);
712 1919910 : mnt_drop_write_file(f.file);
713 : }
714 1919774 : fdput(f);
715 1919774 : return error;
716 : }
717 :
718 : /*
719 : * Extended attribute GET operations
720 : */
721 : ssize_t
722 22814445 : do_getxattr(struct mnt_idmap *idmap, struct dentry *d,
723 : struct xattr_ctx *ctx)
724 : {
725 22814445 : ssize_t error;
726 22814445 : char *kname = ctx->kname->name;
727 :
728 22814445 : if (ctx->size) {
729 8013338 : if (ctx->size > XATTR_SIZE_MAX)
730 0 : ctx->size = XATTR_SIZE_MAX;
731 8013338 : ctx->kvalue = kvzalloc(ctx->size, GFP_KERNEL);
732 8013350 : if (!ctx->kvalue)
733 : return -ENOMEM;
734 : }
735 :
736 22814457 : if (is_posix_acl_xattr(ctx->kname->name))
737 1892790 : error = do_get_acl(idmap, d, kname, ctx->kvalue, ctx->size);
738 : else
739 20921667 : error = vfs_getxattr(idmap, d, kname, ctx->kvalue, ctx->size);
740 22815164 : if (error > 0) {
741 18197326 : if (ctx->size && copy_to_user(ctx->value, ctx->kvalue, error))
742 0 : error = -EFAULT;
743 10683697 : } else if (error == -ERANGE && ctx->size >= XATTR_SIZE_MAX) {
744 : /* The file system tried to returned a value bigger
745 : than XATTR_SIZE_MAX bytes. Not possible. */
746 0 : error = -E2BIG;
747 : }
748 :
749 : return error;
750 : }
751 :
752 : static ssize_t
753 22814428 : getxattr(struct mnt_idmap *idmap, struct dentry *d,
754 : const char __user *name, void __user *value, size_t size)
755 : {
756 22814428 : ssize_t error;
757 22814428 : struct xattr_name kname;
758 22814428 : struct xattr_ctx ctx = {
759 : .value = value,
760 : .kvalue = NULL,
761 : .size = size,
762 : .kname = &kname,
763 : .flags = 0,
764 : };
765 :
766 22814428 : error = strncpy_from_user(kname.name, name, sizeof(kname.name));
767 22814301 : if (error == 0 || error == sizeof(kname.name))
768 : error = -ERANGE;
769 22814301 : if (error < 0)
770 0 : return error;
771 :
772 22814301 : error = do_getxattr(idmap, d, &ctx);
773 :
774 22814662 : kvfree(ctx.kvalue);
775 22814662 : return error;
776 : }
777 :
778 20976715 : static ssize_t path_getxattr(const char __user *pathname,
779 : const char __user *name, void __user *value,
780 : size_t size, unsigned int lookup_flags)
781 : {
782 20976704 : struct path path;
783 20976704 : ssize_t error;
784 20976704 : retry:
785 20976704 : error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
786 20977410 : if (error)
787 0 : return error;
788 20977410 : error = getxattr(mnt_idmap(path.mnt), path.dentry, name, value, size);
789 20977343 : path_put(&path);
790 41955130 : if (retry_estale(error, lookup_flags)) {
791 0 : lookup_flags |= LOOKUP_REVAL;
792 0 : goto retry;
793 : }
794 : return error;
795 : }
796 :
797 41913686 : SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
798 : const char __user *, name, void __user *, value, size_t, size)
799 : {
800 20956464 : return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW);
801 : }
802 :
803 40660 : SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
804 : const char __user *, name, void __user *, value, size_t, size)
805 : {
806 20330 : return path_getxattr(pathname, name, value, size, 0);
807 : }
808 :
809 3675737 : SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
810 : void __user *, value, size_t, size)
811 : {
812 1837877 : struct fd f = fdget(fd);
813 1837893 : ssize_t error = -EBADF;
814 :
815 1837893 : if (!f.file)
816 : return error;
817 1837893 : audit_file(f.file);
818 1837893 : error = getxattr(file_mnt_idmap(f.file), f.file->f_path.dentry,
819 : name, value, size);
820 1837399 : fdput(f);
821 1837399 : return error;
822 : }
823 :
824 : /*
825 : * Extended attribute LIST operations
826 : */
827 : static ssize_t
828 59553779 : listxattr(struct dentry *d, char __user *list, size_t size)
829 : {
830 59553779 : ssize_t error;
831 59553779 : char *klist = NULL;
832 :
833 59553779 : if (size) {
834 41118032 : if (size > XATTR_LIST_MAX)
835 : size = XATTR_LIST_MAX;
836 41118032 : klist = kvmalloc(size, GFP_KERNEL);
837 41113008 : if (!klist)
838 : return -ENOMEM;
839 : }
840 :
841 59548755 : error = vfs_listxattr(d, klist, size);
842 59555580 : if (error > 0) {
843 93853196 : if (size && copy_to_user(list, klist, error))
844 0 : error = -EFAULT;
845 5841205 : } else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
846 : /* The file system tried to returned a list bigger
847 : than XATTR_LIST_MAX bytes. Not possible. */
848 0 : error = -E2BIG;
849 : }
850 :
851 59555283 : kvfree(klist);
852 :
853 59555283 : return error;
854 : }
855 :
856 55927261 : static ssize_t path_listxattr(const char __user *pathname, char __user *list,
857 : size_t size, unsigned int lookup_flags)
858 : {
859 55926977 : struct path path;
860 55926977 : ssize_t error;
861 55926977 : retry:
862 55926977 : error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
863 55933736 : if (error)
864 2 : return error;
865 55933734 : error = listxattr(path.dentry, list, size);
866 55931557 : path_put(&path);
867 111867698 : if (retry_estale(error, lookup_flags)) {
868 0 : lookup_flags |= LOOKUP_REVAL;
869 0 : goto retry;
870 : }
871 : return error;
872 : }
873 :
874 56703861 : SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
875 : size_t, size)
876 : {
877 28351349 : return path_listxattr(pathname, list, size, LOOKUP_FOLLOW);
878 : }
879 :
880 55163547 : SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
881 : size_t, size)
882 : {
883 27581653 : return path_listxattr(pathname, list, size, 0);
884 : }
885 :
886 7242588 : SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
887 : {
888 3621315 : struct fd f = fdget(fd);
889 3621488 : ssize_t error = -EBADF;
890 :
891 3621488 : if (!f.file)
892 : return error;
893 3621488 : audit_file(f.file);
894 3621488 : error = listxattr(f.file->f_path.dentry, list, size);
895 3621799 : fdput(f);
896 3621799 : return error;
897 : }
898 :
899 : /*
900 : * Extended attribute REMOVE operations
901 : */
902 : static long
903 50131744 : removexattr(struct mnt_idmap *idmap, struct dentry *d,
904 : const char __user *name)
905 : {
906 50131744 : int error;
907 50131744 : char kname[XATTR_NAME_MAX + 1];
908 :
909 50131744 : error = strncpy_from_user(kname, name, sizeof(kname));
910 50132331 : if (error == 0 || error == sizeof(kname))
911 : error = -ERANGE;
912 50132331 : if (error < 0)
913 0 : return error;
914 :
915 50132331 : if (is_posix_acl_xattr(kname))
916 17476 : return vfs_remove_acl(idmap, d, kname);
917 :
918 50114855 : return vfs_removexattr(idmap, d, kname);
919 : }
920 :
921 50129274 : static int path_removexattr(const char __user *pathname,
922 : const char __user *name, unsigned int lookup_flags)
923 : {
924 50128828 : struct path path;
925 50128828 : int error;
926 50128828 : retry:
927 50128828 : error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
928 50131632 : if (error)
929 0 : return error;
930 50131632 : error = mnt_want_write(path.mnt);
931 50131883 : if (!error) {
932 50131814 : error = removexattr(mnt_idmap(path.mnt), path.dentry, name);
933 50130998 : mnt_drop_write(path.mnt);
934 : }
935 50131882 : path_put(&path);
936 100264046 : if (retry_estale(error, lookup_flags)) {
937 0 : lookup_flags |= LOOKUP_REVAL;
938 0 : goto retry;
939 : }
940 : return error;
941 : }
942 :
943 57212653 : SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
944 : const char __user *, name)
945 : {
946 28606262 : return path_removexattr(pathname, name, LOOKUP_FOLLOW);
947 : }
948 :
949 43050315 : SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
950 : const char __user *, name)
951 : {
952 21524786 : return path_removexattr(pathname, name, 0);
953 : }
954 :
955 32 : SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
956 : {
957 16 : struct fd f = fdget(fd);
958 16 : int error = -EBADF;
959 :
960 16 : if (!f.file)
961 : return error;
962 16 : audit_file(f.file);
963 16 : error = mnt_want_write_file(f.file);
964 16 : if (!error) {
965 16 : error = removexattr(file_mnt_idmap(f.file),
966 : f.file->f_path.dentry, name);
967 16 : mnt_drop_write_file(f.file);
968 : }
969 16 : fdput(f);
970 16 : return error;
971 : }
972 :
973 4 : int xattr_list_one(char **buffer, ssize_t *remaining_size, const char *name)
974 : {
975 4 : size_t len;
976 :
977 4 : len = strlen(name) + 1;
978 4 : if (*buffer) {
979 2 : if (*remaining_size < len)
980 : return -ERANGE;
981 4 : memcpy(*buffer, name, len);
982 2 : *buffer += len;
983 : }
984 4 : *remaining_size -= len;
985 4 : return 0;
986 : }
987 :
988 : /**
989 : * generic_listxattr - run through a dentry's xattr list() operations
990 : * @dentry: dentry to list the xattrs
991 : * @buffer: result buffer
992 : * @buffer_size: size of @buffer
993 : *
994 : * Combine the results of the list() operation from every xattr_handler in the
995 : * xattr_handler stack.
996 : *
997 : * Note that this will not include the entries for POSIX ACLs.
998 : */
999 : ssize_t
1000 4 : generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
1001 : {
1002 4 : const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
1003 4 : ssize_t remaining_size = buffer_size;
1004 4 : int err = 0;
1005 :
1006 20 : for_each_xattr_handler(handlers, handler) {
1007 16 : if (!handler->name || (handler->list && !handler->list(dentry)))
1008 12 : continue;
1009 4 : err = xattr_list_one(&buffer, &remaining_size, handler->name);
1010 4 : if (err)
1011 0 : return err;
1012 : }
1013 :
1014 4 : return err ? err : buffer_size - remaining_size;
1015 : }
1016 : EXPORT_SYMBOL(generic_listxattr);
1017 :
1018 : /**
1019 : * xattr_full_name - Compute full attribute name from suffix
1020 : *
1021 : * @handler: handler of the xattr_handler operation
1022 : * @name: name passed to the xattr_handler operation
1023 : *
1024 : * The get and set xattr handler operations are called with the remainder of
1025 : * the attribute name after skipping the handler's prefix: for example, "foo"
1026 : * is passed to the get operation of a handler with prefix "user." to get
1027 : * attribute "user.foo". The full name is still "there" in the name though.
1028 : *
1029 : * Note: the list xattr handler operation when called from the vfs is passed a
1030 : * NULL name; some file systems use this operation internally, with varying
1031 : * semantics.
1032 : */
1033 3006391 : const char *xattr_full_name(const struct xattr_handler *handler,
1034 : const char *name)
1035 : {
1036 3006391 : size_t prefix_len = strlen(xattr_prefix(handler));
1037 :
1038 3006391 : return name - prefix_len;
1039 : }
1040 : EXPORT_SYMBOL(xattr_full_name);
1041 :
1042 : /**
1043 : * free_simple_xattr - free an xattr object
1044 : * @xattr: the xattr object
1045 : *
1046 : * Free the xattr object. Can handle @xattr being NULL.
1047 : */
1048 75934 : static inline void free_simple_xattr(struct simple_xattr *xattr)
1049 : {
1050 75934 : if (xattr)
1051 14651 : kfree(xattr->name);
1052 75935 : kvfree(xattr);
1053 75935 : }
1054 :
1055 : /**
1056 : * simple_xattr_alloc - allocate new xattr object
1057 : * @value: value of the xattr object
1058 : * @size: size of @value
1059 : *
1060 : * Allocate a new xattr object and initialize respective members. The caller is
1061 : * responsible for handling the name of the xattr.
1062 : *
1063 : * Return: On success a new xattr object is returned. On failure NULL is
1064 : * returned.
1065 : */
1066 16826 : struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
1067 : {
1068 16826 : struct simple_xattr *new_xattr;
1069 16826 : size_t len;
1070 :
1071 : /* wrap around? */
1072 16826 : len = sizeof(*new_xattr) + size;
1073 16826 : if (len < sizeof(*new_xattr))
1074 : return NULL;
1075 :
1076 16826 : new_xattr = kvmalloc(len, GFP_KERNEL);
1077 16826 : if (!new_xattr)
1078 : return NULL;
1079 :
1080 16826 : new_xattr->size = size;
1081 33652 : memcpy(new_xattr->value, value, size);
1082 16826 : return new_xattr;
1083 : }
1084 :
1085 : /**
1086 : * rbtree_simple_xattr_cmp - compare xattr name with current rbtree xattr entry
1087 : * @key: xattr name
1088 : * @node: current node
1089 : *
1090 : * Compare the xattr name with the xattr name attached to @node in the rbtree.
1091 : *
1092 : * Return: Negative value if continuing left, positive if continuing right, 0
1093 : * if the xattr attached to @node matches @key.
1094 : */
1095 : static int rbtree_simple_xattr_cmp(const void *key, const struct rb_node *node)
1096 : {
1097 119192 : const char *xattr_name = key;
1098 119192 : const struct simple_xattr *xattr;
1099 :
1100 119192 : xattr = rb_entry(node, struct simple_xattr, rb_node);
1101 63602 : return strcmp(xattr->name, xattr_name);
1102 : }
1103 :
1104 : /**
1105 : * rbtree_simple_xattr_node_cmp - compare two xattr rbtree nodes
1106 : * @new_node: new node
1107 : * @node: current node
1108 : *
1109 : * Compare the xattr attached to @new_node with the xattr attached to @node.
1110 : *
1111 : * Return: Negative value if continuing left, positive if continuing right, 0
1112 : * if the xattr attached to @new_node matches the xattr attached to @node.
1113 : */
1114 : static int rbtree_simple_xattr_node_cmp(struct rb_node *new_node,
1115 : const struct rb_node *node)
1116 : {
1117 0 : struct simple_xattr *xattr;
1118 0 : xattr = rb_entry(new_node, struct simple_xattr, rb_node);
1119 0 : return rbtree_simple_xattr_cmp(xattr->name, node);
1120 : }
1121 :
1122 : /**
1123 : * simple_xattr_get - get an xattr object
1124 : * @xattrs: the header of the xattr object
1125 : * @name: the name of the xattr to retrieve
1126 : * @buffer: the buffer to store the value into
1127 : * @size: the size of @buffer
1128 : *
1129 : * Try to find and retrieve the xattr object associated with @name.
1130 : * If @buffer is provided store the value of @xattr in @buffer
1131 : * otherwise just return the length. The size of @buffer is limited
1132 : * to XATTR_SIZE_MAX which currently is 65536.
1133 : *
1134 : * Return: On success the length of the xattr value is returned. On error a
1135 : * negative error code is returned.
1136 : */
1137 2936906 : int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
1138 : void *buffer, size_t size)
1139 : {
1140 2936906 : struct simple_xattr *xattr = NULL;
1141 2936906 : struct rb_node *rbp;
1142 2936906 : int ret = -ENODATA;
1143 :
1144 2936906 : read_lock(&xattrs->lock);
1145 2923532 : rbp = rb_find(name, &xattrs->rb_root, rbtree_simple_xattr_cmp);
1146 2923532 : if (rbp) {
1147 2787 : xattr = rb_entry(rbp, struct simple_xattr, rb_node);
1148 2787 : ret = xattr->size;
1149 2787 : if (buffer) {
1150 1512 : if (size < xattr->size)
1151 : ret = -ERANGE;
1152 : else
1153 3024 : memcpy(buffer, xattr->value, xattr->size);
1154 : }
1155 : }
1156 2923532 : read_unlock(&xattrs->lock);
1157 2940508 : return ret;
1158 : }
1159 :
1160 : /**
1161 : * simple_xattr_set - set an xattr object
1162 : * @xattrs: the header of the xattr object
1163 : * @name: the name of the xattr to retrieve
1164 : * @value: the value to store along the xattr
1165 : * @size: the size of @value
1166 : * @flags: the flags determining how to set the xattr
1167 : * @removed_size: the size of the removed xattr
1168 : *
1169 : * Set a new xattr object.
1170 : * If @value is passed a new xattr object will be allocated. If XATTR_REPLACE
1171 : * is specified in @flags a matching xattr object for @name must already exist.
1172 : * If it does it will be replaced with the new xattr object. If it doesn't we
1173 : * fail. If XATTR_CREATE is specified and a matching xattr does already exist
1174 : * we fail. If it doesn't we create a new xattr. If @flags is zero we simply
1175 : * insert the new xattr replacing any existing one.
1176 : *
1177 : * If @value is empty and a matching xattr object is found we delete it if
1178 : * XATTR_REPLACE is specified in @flags or @flags is zero.
1179 : *
1180 : * If @value is empty and no matching xattr object for @name is found we do
1181 : * nothing if XATTR_CREATE is specified in @flags or @flags is zero. For
1182 : * XATTR_REPLACE we fail as mentioned above.
1183 : *
1184 : * Return: On success zero and on error a negative error code is returned.
1185 : */
1186 67007 : int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
1187 : const void *value, size_t size, int flags,
1188 : ssize_t *removed_size)
1189 : {
1190 67007 : struct simple_xattr *xattr = NULL, *new_xattr = NULL;
1191 67007 : struct rb_node *parent = NULL, **rbp;
1192 67007 : int err = 0, ret;
1193 :
1194 67007 : if (removed_size)
1195 33554 : *removed_size = -1;
1196 :
1197 : /* value == NULL means remove */
1198 67007 : if (value) {
1199 16826 : new_xattr = simple_xattr_alloc(value, size);
1200 16826 : if (!new_xattr)
1201 : return -ENOMEM;
1202 :
1203 16826 : new_xattr->name = kstrdup(name, GFP_KERNEL);
1204 16826 : if (!new_xattr->name) {
1205 0 : free_simple_xattr(new_xattr);
1206 0 : return -ENOMEM;
1207 : }
1208 : }
1209 :
1210 67007 : write_lock(&xattrs->lock);
1211 67007 : rbp = &xattrs->rb_root.rb_node;
1212 116873 : while (*rbp) {
1213 55590 : parent = *rbp;
1214 55590 : ret = rbtree_simple_xattr_cmp(name, *rbp);
1215 55590 : if (ret < 0)
1216 33244 : rbp = &(*rbp)->rb_left;
1217 22346 : else if (ret > 0)
1218 16622 : rbp = &(*rbp)->rb_right;
1219 : else
1220 : xattr = rb_entry(*rbp, struct simple_xattr, rb_node);
1221 55590 : if (xattr)
1222 : break;
1223 : }
1224 :
1225 67007 : if (xattr) {
1226 : /* Fail if XATTR_CREATE is requested and the xattr exists. */
1227 5724 : if (flags & XATTR_CREATE) {
1228 0 : err = -EEXIST;
1229 0 : goto out_unlock;
1230 : }
1231 :
1232 5724 : if (new_xattr)
1233 5724 : rb_replace_node(&xattr->rb_node, &new_xattr->rb_node,
1234 : &xattrs->rb_root);
1235 : else
1236 0 : rb_erase(&xattr->rb_node, &xattrs->rb_root);
1237 5724 : if (!err && removed_size)
1238 0 : *removed_size = xattr->size;
1239 : } else {
1240 : /* Fail if XATTR_REPLACE is requested but no xattr is found. */
1241 61283 : if (flags & XATTR_REPLACE) {
1242 50181 : err = -ENODATA;
1243 50181 : goto out_unlock;
1244 : }
1245 :
1246 : /*
1247 : * If XATTR_CREATE or no flags are specified together with a
1248 : * new value simply insert it.
1249 : */
1250 11102 : if (new_xattr) {
1251 11102 : rb_link_node(&new_xattr->rb_node, parent, rbp);
1252 11102 : rb_insert_color(&new_xattr->rb_node, &xattrs->rb_root);
1253 : }
1254 :
1255 : /*
1256 : * If XATTR_CREATE or no flags are specified and neither an
1257 : * old or new xattr exist then we don't need to do anything.
1258 : */
1259 : }
1260 :
1261 0 : out_unlock:
1262 67007 : write_unlock(&xattrs->lock);
1263 67007 : if (err)
1264 50181 : free_simple_xattr(new_xattr);
1265 : else
1266 16826 : free_simple_xattr(xattr);
1267 : return err;
1268 :
1269 : }
1270 :
1271 : static bool xattr_is_trusted(const char *name)
1272 : {
1273 0 : return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
1274 : }
1275 :
1276 : /**
1277 : * simple_xattr_list - list all xattr objects
1278 : * @inode: inode from which to get the xattrs
1279 : * @xattrs: the header of the xattr object
1280 : * @buffer: the buffer to store all xattrs into
1281 : * @size: the size of @buffer
1282 : *
1283 : * List all xattrs associated with @inode. If @buffer is NULL we returned
1284 : * the required size of the buffer. If @buffer is provided we store the
1285 : * xattrs value into it provided it is big enough.
1286 : *
1287 : * Note, the number of xattr names that can be listed with listxattr(2) is
1288 : * limited to XATTR_LIST_MAX aka 65536 bytes. If a larger buffer is passed
1289 : * then vfs_listxattr() caps it to XATTR_LIST_MAX and if more xattr names
1290 : * are found it will return -E2BIG.
1291 : *
1292 : * Return: On success the required size or the size of the copied xattrs is
1293 : * returned. On error a negative error code is returned.
1294 : */
1295 3654252 : ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
1296 : char *buffer, size_t size)
1297 : {
1298 3654252 : bool trusted = ns_capable_noaudit(&init_user_ns, CAP_SYS_ADMIN);
1299 3654861 : struct simple_xattr *xattr;
1300 3654861 : struct rb_node *rbp;
1301 3654861 : ssize_t remaining_size = size;
1302 3654861 : int err = 0;
1303 :
1304 3654861 : err = posix_acl_listxattr(inode, &buffer, &remaining_size);
1305 3654754 : if (err)
1306 0 : return err;
1307 :
1308 3654754 : read_lock(&xattrs->lock);
1309 3655152 : for (rbp = rb_first(&xattrs->rb_root); rbp; rbp = rb_next(rbp)) {
1310 0 : xattr = rb_entry(rbp, struct simple_xattr, rb_node);
1311 :
1312 : /* skip "trusted." attributes for unprivileged callers */
1313 0 : if (!trusted && xattr_is_trusted(xattr->name))
1314 0 : continue;
1315 :
1316 0 : err = xattr_list_one(&buffer, &remaining_size, xattr->name);
1317 0 : if (err)
1318 : break;
1319 : }
1320 3654510 : read_unlock(&xattrs->lock);
1321 :
1322 3654740 : return err ? err : size - remaining_size;
1323 : }
1324 :
1325 : /**
1326 : * rbtree_simple_xattr_less - compare two xattr rbtree nodes
1327 : * @new_node: new node
1328 : * @node: current node
1329 : *
1330 : * Compare the xattr attached to @new_node with the xattr attached to @node.
1331 : * Note that this function technically tolerates duplicate entries.
1332 : *
1333 : * Return: True if insertion point in the rbtree is found.
1334 : */
1335 : static bool rbtree_simple_xattr_less(struct rb_node *new_node,
1336 : const struct rb_node *node)
1337 : {
1338 0 : return rbtree_simple_xattr_node_cmp(new_node, node) < 0;
1339 : }
1340 :
1341 : /**
1342 : * simple_xattr_add - add xattr objects
1343 : * @xattrs: the header of the xattr object
1344 : * @new_xattr: the xattr object to add
1345 : *
1346 : * Add an xattr object to @xattrs. This assumes no replacement or removal
1347 : * of matching xattrs is wanted. Should only be called during inode
1348 : * initialization when a few distinct initial xattrs are supposed to be set.
1349 : */
1350 0 : void simple_xattr_add(struct simple_xattrs *xattrs,
1351 : struct simple_xattr *new_xattr)
1352 : {
1353 0 : write_lock(&xattrs->lock);
1354 0 : rb_add(&new_xattr->rb_node, &xattrs->rb_root, rbtree_simple_xattr_less);
1355 0 : write_unlock(&xattrs->lock);
1356 0 : }
1357 :
1358 : /**
1359 : * simple_xattrs_init - initialize new xattr header
1360 : * @xattrs: header to initialize
1361 : *
1362 : * Initialize relevant fields of a an xattr header.
1363 : */
1364 257642296 : void simple_xattrs_init(struct simple_xattrs *xattrs)
1365 : {
1366 257642296 : xattrs->rb_root = RB_ROOT;
1367 257642296 : rwlock_init(&xattrs->lock);
1368 257637609 : }
1369 :
1370 : /**
1371 : * simple_xattrs_free - free xattrs
1372 : * @xattrs: xattr header whose xattrs to destroy
1373 : *
1374 : * Destroy all xattrs in @xattr. When this is called no one can hold a
1375 : * reference to any of the xattrs anymore.
1376 : */
1377 257715590 : void simple_xattrs_free(struct simple_xattrs *xattrs)
1378 : {
1379 257715590 : struct rb_node *rbp;
1380 :
1381 257715590 : rbp = rb_first(&xattrs->rb_root);
1382 257716574 : while (rbp) {
1383 8927 : struct simple_xattr *xattr;
1384 8927 : struct rb_node *rbp_next;
1385 :
1386 8927 : rbp_next = rb_next(rbp);
1387 8927 : xattr = rb_entry(rbp, struct simple_xattr, rb_node);
1388 8927 : rb_erase(&xattr->rb_node, &xattrs->rb_root);
1389 8927 : free_simple_xattr(xattr);
1390 8927 : rbp = rbp_next;
1391 : }
1392 257708914 : }
|