Gitiles
Code Review Sign In
192.168.1.100 / T103 / 1f884588077ad3476b9c91cbb0ee9ee0332bbb68 / . / src / kernel / linux / v4.14 / fs / xattr.c
blob: e6006e22e1711b0dd12fbda91d999eacc312823e [file] [log] [blame]
rjw1f884582022-01-06 17:20:42 +0800[diff] [blame^]1/*
2 File: fs/xattr.c
3
4 Extended attribute handling.
5
6 Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
7 Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
8 Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
9 */
10#include <linux/fs.h>
11#include <linux/slab.h>
12#include <linux/file.h>
13#include <linux/xattr.h>
14#include <linux/mount.h>
15#include <linux/namei.h>
16#include <linux/security.h>
17#include <linux/evm.h>
18#include <linux/syscalls.h>
19#include <linux/export.h>
20#include <linux/fsnotify.h>
21#include <linux/audit.h>
22#include <linux/vmalloc.h>
23#include <linux/posix_acl_xattr.h>
24
25#include <linux/uaccess.h>
26#include "internal.h"
27
28static const char *
29strcmp_prefix(const char *a, const char *a_prefix)
30{
31 while (*a_prefix && *a == *a_prefix) {
32 a++;
33 a_prefix++;
34 }
35 return *a_prefix ? NULL : a;
36}
37
38/*
39 * In order to implement different sets of xattr operations for each xattr
40 * prefix, a filesystem should create a null-terminated array of struct
41 * xattr_handler (one for each prefix) and hang a pointer to it off of the
42 * s_xattr field of the superblock.
43 */
44#define for_each_xattr_handler(handlers, handler) \
45 if (handlers) \
46 for ((handler) = *(handlers)++; \
47 (handler) != NULL; \
48 (handler) = *(handlers)++)
49
50/*
51 * Find the xattr_handler with the matching prefix.
52 */
53static const struct xattr_handler *
54xattr_resolve_name(struct inode *inode, const char **name)
55{
56 const struct xattr_handler **handlers = inode->i_sb->s_xattr;
57 const struct xattr_handler *handler;
58
59 if (!(inode->i_opflags & IOP_XATTR)) {
60 if (unlikely(is_bad_inode(inode)))
61 return ERR_PTR(-EIO);
62 return ERR_PTR(-EOPNOTSUPP);
63 }
64 for_each_xattr_handler(handlers, handler) {
65 const char *n;
66
67 n = strcmp_prefix(*name, xattr_prefix(handler));
68 if (n) {
69 if (!handler->prefix ^ !*n) {
70 if (*n)
71 continue;
72 return ERR_PTR(-EINVAL);
73 }
74 *name = n;
75 return handler;
76 }
77 }
78 return ERR_PTR(-EOPNOTSUPP);
79}
80
81/*
82 * Check permissions for extended attribute access. This is a bit complicated
83 * because different namespaces have very different rules.
84 */
85static int
86xattr_permission(struct inode *inode, const char *name, int mask)
87{
88 /*
89 * We can never set or remove an extended attribute on a read-only
90 * filesystem or on an immutable / append-only inode.
91 */
92 if (mask & MAY_WRITE) {
93 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
94 return -EPERM;
95 /*
96 * Updating an xattr will likely cause i_uid and i_gid
97 * to be writen back improperly if their true value is
98 * unknown to the vfs.
99 */
100 if (HAS_UNMAPPED_ID(inode))
101 return -EPERM;
102 }
103
104 /*
105 * No restriction for security.* and system.* from the VFS. Decision
106 * on these is left to the underlying filesystem / security module.
107 */
108 if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
109 !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
110 return 0;
111
112 /*
113 * The trusted.* namespace can only be accessed by privileged users.
114 */
115 if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
116 if (!capable(CAP_SYS_ADMIN))
117 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
118 return 0;
119 }
120
121 /*
122 * In the user.* namespace, only regular files and directories can have
123 * extended attributes. For sticky directories, only the owner and
124 * privileged users can write attributes.
125 */
126 if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
127 if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
128 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
129 if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
130 (mask & MAY_WRITE) && !inode_owner_or_capable(inode))
131 return -EPERM;
132 }
133
134 return inode_permission2(ERR_PTR(-EOPNOTSUPP), inode, mask);
135}
136
137int
138__vfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name,
139 const void *value, size_t size, int flags)
140{
141 const struct xattr_handler *handler;
142
143 handler = xattr_resolve_name(inode, &name);
144 if (IS_ERR(handler))
145 return PTR_ERR(handler);
146 if (!handler->set)
147 return -EOPNOTSUPP;
148 if (size == 0)
149 value = ""; /* empty EA, do not remove */
150 return handler->set(handler, dentry, inode, name, value, size, flags);
151}
152EXPORT_SYMBOL(__vfs_setxattr);
153
154/**
155 * __vfs_setxattr_noperm - perform setxattr operation without performing
156 * permission checks.
157 *
158 * @dentry - object to perform setxattr on
159 * @name - xattr name to set
160 * @value - value to set @name to
161 * @size - size of @value
162 * @flags - flags to pass into filesystem operations
163 *
164 * returns the result of the internal setxattr or setsecurity operations.
165 *
166 * This function requires the caller to lock the inode's i_mutex before it
167 * is executed. It also assumes that the caller will make the appropriate
168 * permission checks.
169 */
170int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
171 const void *value, size_t size, int flags)
172{
173 struct inode *inode = dentry->d_inode;
174 int error = -EAGAIN;
175 int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
176 XATTR_SECURITY_PREFIX_LEN);
177
178 if (issec)
179 inode->i_flags &= ~S_NOSEC;
180 if (inode->i_opflags & IOP_XATTR) {
181 error = __vfs_setxattr(dentry, inode, name, value, size, flags);
182 if (!error) {
183 fsnotify_xattr(dentry);
184 security_inode_post_setxattr(dentry, name, value,
185 size, flags);
186 }
187 } else {
188 if (unlikely(is_bad_inode(inode)))
189 return -EIO;
190 }
191 if (error == -EAGAIN) {
192 error = -EOPNOTSUPP;
193
194 if (issec) {
195 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
196
197 error = security_inode_setsecurity(inode, suffix, value,
198 size, flags);
199 if (!error)
200 fsnotify_xattr(dentry);
201 }
202 }
203
204 return error;
205}
206
207/**
208 * __vfs_setxattr_locked: set an extended attribute while holding the inode
209 * lock
210 *
211 * @dentry - object to perform setxattr on
212 * @name - xattr name to set
213 * @value - value to set @name to
214 * @size - size of @value
215 * @flags - flags to pass into filesystem operations
216 * @delegated_inode - on return, will contain an inode pointer that
217 * a delegation was broken on, NULL if none.
218 */
219int
220__vfs_setxattr_locked(struct dentry *dentry, const char *name,
221 const void *value, size_t size, int flags,
222 struct inode **delegated_inode)
223{
224 struct inode *inode = dentry->d_inode;
225 int error;
226
227 error = xattr_permission(inode, name, MAY_WRITE);
228 if (error)
229 return error;
230
231 error = security_inode_setxattr(dentry, name, value, size, flags);
232 if (error)
233 goto out;
234
235 error = try_break_deleg(inode, delegated_inode);
236 if (error)
237 goto out;
238
239 error = __vfs_setxattr_noperm(dentry, name, value, size, flags);
240
241out:
242 return error;
243}
244EXPORT_SYMBOL_GPL(__vfs_setxattr_locked);
245
246int
247vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
248 size_t size, int flags)
249{
250 struct inode *inode = dentry->d_inode;
251 struct inode *delegated_inode = NULL;
252 int error;
253
254retry_deleg:
255 inode_lock(inode);
256 error = __vfs_setxattr_locked(dentry, name, value, size, flags,
257 &delegated_inode);
258 inode_unlock(inode);
259
260 if (delegated_inode) {
261 error = break_deleg_wait(&delegated_inode);
262 if (!error)
263 goto retry_deleg;
264 }
265 return error;
266}
267EXPORT_SYMBOL_GPL(vfs_setxattr);
268
269ssize_t
270xattr_getsecurity(struct inode *inode, const char *name, void *value,
271 size_t size)
272{
273 void *buffer = NULL;
274 ssize_t len;
275
276 if (!value || !size) {
277 len = security_inode_getsecurity(inode, name, &buffer, false);
278 goto out_noalloc;
279 }
280
281 len = security_inode_getsecurity(inode, name, &buffer, true);
282 if (len < 0)
283 return len;
284 if (size < len) {
285 len = -ERANGE;
286 goto out;
287 }
288 memcpy(value, buffer, len);
289out:
290 kfree(buffer);
291out_noalloc:
292 return len;
293}
294EXPORT_SYMBOL_GPL(xattr_getsecurity);
295
296/*
297 * vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr
298 *
299 * Allocate memory, if not already allocated, or re-allocate correct size,
300 * before retrieving the extended attribute.
301 *
302 * Returns the result of alloc, if failed, or the getxattr operation.
303 */
304ssize_t
305vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
306 size_t xattr_size, gfp_t flags)
307{
308 const struct xattr_handler *handler;
309 struct inode *inode = dentry->d_inode;
310 char *value = *xattr_value;
311 int error;
312
313 error = xattr_permission(inode, name, MAY_READ);
314 if (error)
315 return error;
316
317 handler = xattr_resolve_name(inode, &name);
318 if (IS_ERR(handler))
319 return PTR_ERR(handler);
320 if (!handler->get)
321 return -EOPNOTSUPP;
322 error = handler->get(handler, dentry, inode, name, NULL, 0);
323 if (error < 0)
324 return error;
325
326 if (!value || (error > xattr_size)) {
327 value = krealloc(*xattr_value, error + 1, flags);
328 if (!value)
329 return -ENOMEM;
330 memset(value, 0, error + 1);
331 }
332
333 error = handler->get(handler, dentry, inode, name, value, error);
334 *xattr_value = value;
335 return error;
336}
337
338ssize_t
339__vfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name,
340 void *value, size_t size)
341{
342 const struct xattr_handler *handler;
343
344 handler = xattr_resolve_name(inode, &name);
345 if (IS_ERR(handler))
346 return PTR_ERR(handler);
347 if (!handler->get)
348 return -EOPNOTSUPP;
349 return handler->get(handler, dentry, inode, name, value, size);
350}
351EXPORT_SYMBOL(__vfs_getxattr);
352
353ssize_t
354vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size)
355{
356 struct inode *inode = dentry->d_inode;
357 int error;
358
359 error = xattr_permission(inode, name, MAY_READ);
360 if (error)
361 return error;
362
363 error = security_inode_getxattr(dentry, name);
364 if (error)
365 return error;
366
367 if (!strncmp(name, XATTR_SECURITY_PREFIX,
368 XATTR_SECURITY_PREFIX_LEN)) {
369 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
370 int ret = xattr_getsecurity(inode, suffix, value, size);
371 /*
372 * Only overwrite the return value if a security module
373 * is actually active.
374 */
375 if (ret == -EOPNOTSUPP)
376 goto nolsm;
377 return ret;
378 }
379nolsm:
380 return __vfs_getxattr(dentry, inode, name, value, size);
381}
382EXPORT_SYMBOL_GPL(vfs_getxattr);
383
384ssize_t
385vfs_listxattr(struct dentry *dentry, char *list, size_t size)
386{
387 struct inode *inode = d_inode(dentry);
388 ssize_t error;
389
390 error = security_inode_listxattr(dentry);
391 if (error)
392 return error;
393 if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) {
394 error = -EOPNOTSUPP;
395 error = inode->i_op->listxattr(dentry, list, size);
396 } else {
397 error = security_inode_listsecurity(inode, list, size);
398 if (size && error > size)
399 error = -ERANGE;
400 }
401 return error;
402}
403EXPORT_SYMBOL_GPL(vfs_listxattr);
404
405int
406__vfs_removexattr(struct dentry *dentry, const char *name)
407{
408 struct inode *inode = d_inode(dentry);
409 const struct xattr_handler *handler;
410
411 handler = xattr_resolve_name(inode, &name);
412 if (IS_ERR(handler))
413 return PTR_ERR(handler);
414 if (!handler->set)
415 return -EOPNOTSUPP;
416 return handler->set(handler, dentry, inode, name, NULL, 0, XATTR_REPLACE);
417}
418EXPORT_SYMBOL(__vfs_removexattr);
419
420/**
421 * __vfs_removexattr_locked: set an extended attribute while holding the inode
422 * lock
423 *
424 * @dentry - object to perform setxattr on
425 * @name - name of xattr to remove
426 * @delegated_inode - on return, will contain an inode pointer that
427 * a delegation was broken on, NULL if none.
428 */
429int
430__vfs_removexattr_locked(struct dentry *dentry, const char *name,
431 struct inode **delegated_inode)
432{
433 struct inode *inode = dentry->d_inode;
434 int error;
435
436 error = xattr_permission(inode, name, MAY_WRITE);
437 if (error)
438 return error;
439
440 error = security_inode_removexattr(dentry, name);
441 if (error)
442 goto out;
443
444 error = try_break_deleg(inode, delegated_inode);
445 if (error)
446 goto out;
447
448 error = __vfs_removexattr(dentry, name);
449
450 if (!error) {
451 fsnotify_xattr(dentry);
452 evm_inode_post_removexattr(dentry, name);
453 }
454
455out:
456 return error;
457}
458EXPORT_SYMBOL_GPL(__vfs_removexattr_locked);
459
460int
461vfs_removexattr(struct dentry *dentry, const char *name)
462{
463 struct inode *inode = dentry->d_inode;
464 struct inode *delegated_inode = NULL;
465 int error;
466
467retry_deleg:
468 inode_lock(inode);
469 error = __vfs_removexattr_locked(dentry, name, &delegated_inode);
470 inode_unlock(inode);
471
472 if (delegated_inode) {
473 error = break_deleg_wait(&delegated_inode);
474 if (!error)
475 goto retry_deleg;
476 }
477
478 return error;
479}
480EXPORT_SYMBOL_GPL(vfs_removexattr);
481
482/*
483 * Extended attribute SET operations
484 */
485static long
486setxattr(struct dentry *d, const char __user *name, const void __user *value,
487 size_t size, int flags)
488{
489 int error;
490 void *kvalue = NULL;
491 char kname[XATTR_NAME_MAX + 1];
492
493 if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
494 return -EINVAL;
495
496 error = strncpy_from_user(kname, name, sizeof(kname));
497 if (error == 0 || error == sizeof(kname))
498 error = -ERANGE;
499 if (error < 0)
500 return error;
501
502 if (size) {
503 if (size > XATTR_SIZE_MAX)
504 return -E2BIG;
505 kvalue = kvmalloc(size, GFP_KERNEL);
506 if (!kvalue)
507 return -ENOMEM;
508 if (copy_from_user(kvalue, value, size)) {
509 error = -EFAULT;
510 goto out;
511 }
512 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
513 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
514 posix_acl_fix_xattr_from_user(kvalue, size);
515 else if (strcmp(kname, XATTR_NAME_CAPS) == 0) {
516 error = cap_convert_nscap(d, &kvalue, size);
517 if (error < 0)
518 goto out;
519 size = error;
520 }
521 }
522
523 error = vfs_setxattr(d, kname, kvalue, size, flags);
524out:
525 kvfree(kvalue);
526
527 return error;
528}
529
530static int path_setxattr(const char __user *pathname,
531 const char __user *name, const void __user *value,
532 size_t size, int flags, unsigned int lookup_flags)
533{
534 struct path path;
535 int error;
536retry:
537 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
538 if (error)
539 return error;
540 error = mnt_want_write(path.mnt);
541 if (!error) {
542 error = setxattr(path.dentry, name, value, size, flags);
543 mnt_drop_write(path.mnt);
544 }
545 path_put(&path);
546 if (retry_estale(error, lookup_flags)) {
547 lookup_flags |= LOOKUP_REVAL;
548 goto retry;
549 }
550 return error;
551}
552
553SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
554 const char __user *, name, const void __user *, value,
555 size_t, size, int, flags)
556{
557 return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW);
558}
559
560SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
561 const char __user *, name, const void __user *, value,
562 size_t, size, int, flags)
563{
564 return path_setxattr(pathname, name, value, size, flags, 0);
565}
566
567SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
568 const void __user *,value, size_t, size, int, flags)
569{
570 struct fd f = fdget(fd);
571 int error = -EBADF;
572
573 if (!f.file)
574 return error;
575 audit_file(f.file);
576 error = mnt_want_write_file_path(f.file);
577 if (!error) {
578 error = setxattr(f.file->f_path.dentry, name, value, size, flags);
579 mnt_drop_write_file_path(f.file);
580 }
581 fdput(f);
582 return error;
583}
584
585/*
586 * Extended attribute GET operations
587 */
588static ssize_t
589getxattr(struct dentry *d, const char __user *name, void __user *value,
590 size_t size)
591{
592 ssize_t error;
593 void *kvalue = NULL;
594 char kname[XATTR_NAME_MAX + 1];
595
596 error = strncpy_from_user(kname, name, sizeof(kname));
597 if (error == 0 || error == sizeof(kname))
598 error = -ERANGE;
599 if (error < 0)
600 return error;
601
602 if (size) {
603 if (size > XATTR_SIZE_MAX)
604 size = XATTR_SIZE_MAX;
605 kvalue = kvzalloc(size, GFP_KERNEL);
606 if (!kvalue)
607 return -ENOMEM;
608 }
609
610 error = vfs_getxattr(d, kname, kvalue, size);
611 if (error > 0) {
612 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
613 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
614 posix_acl_fix_xattr_to_user(kvalue, error);
615 if (size && copy_to_user(value, kvalue, error))
616 error = -EFAULT;
617 } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
618 /* The file system tried to returned a value bigger
619 than XATTR_SIZE_MAX bytes. Not possible. */
620 error = -E2BIG;
621 }
622
623 kvfree(kvalue);
624
625 return error;
626}
627
628static ssize_t path_getxattr(const char __user *pathname,
629 const char __user *name, void __user *value,
630 size_t size, unsigned int lookup_flags)
631{
632 struct path path;
633 ssize_t error;
634retry:
635 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
636 if (error)
637 return error;
638 error = getxattr(path.dentry, name, value, size);
639 path_put(&path);
640 if (retry_estale(error, lookup_flags)) {
641 lookup_flags |= LOOKUP_REVAL;
642 goto retry;
643 }
644 return error;
645}
646
647SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
648 const char __user *, name, void __user *, value, size_t, size)
649{
650 return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW);
651}
652
653SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
654 const char __user *, name, void __user *, value, size_t, size)
655{
656 return path_getxattr(pathname, name, value, size, 0);
657}
658
659SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
660 void __user *, value, size_t, size)
661{
662 struct fd f = fdget(fd);
663 ssize_t error = -EBADF;
664
665 if (!f.file)
666 return error;
667 audit_file(f.file);
668 error = getxattr(f.file->f_path.dentry, name, value, size);
669 fdput(f);
670 return error;
671}
672
673/*
674 * Extended attribute LIST operations
675 */
676static ssize_t
677listxattr(struct dentry *d, char __user *list, size_t size)
678{
679 ssize_t error;
680 char *klist = NULL;
681
682 if (size) {
683 if (size > XATTR_LIST_MAX)
684 size = XATTR_LIST_MAX;
685 klist = kvmalloc(size, GFP_KERNEL);
686 if (!klist)
687 return -ENOMEM;
688 }
689
690 error = vfs_listxattr(d, klist, size);
691 if (error > 0) {
692 if (size && copy_to_user(list, klist, error))
693 error = -EFAULT;
694 } else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
695 /* The file system tried to returned a list bigger
696 than XATTR_LIST_MAX bytes. Not possible. */
697 error = -E2BIG;
698 }
699
700 kvfree(klist);
701
702 return error;
703}
704
705static ssize_t path_listxattr(const char __user *pathname, char __user *list,
706 size_t size, unsigned int lookup_flags)
707{
708 struct path path;
709 ssize_t error;
710retry:
711 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
712 if (error)
713 return error;
714 error = listxattr(path.dentry, list, size);
715 path_put(&path);
716 if (retry_estale(error, lookup_flags)) {
717 lookup_flags |= LOOKUP_REVAL;
718 goto retry;
719 }
720 return error;
721}
722
723SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
724 size_t, size)
725{
726 return path_listxattr(pathname, list, size, LOOKUP_FOLLOW);
727}
728
729SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
730 size_t, size)
731{
732 return path_listxattr(pathname, list, size, 0);
733}
734
735SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
736{
737 struct fd f = fdget(fd);
738 ssize_t error = -EBADF;
739
740 if (!f.file)
741 return error;
742 audit_file(f.file);
743 error = listxattr(f.file->f_path.dentry, list, size);
744 fdput(f);
745 return error;
746}
747
748/*
749 * Extended attribute REMOVE operations
750 */
751static long
752removexattr(struct dentry *d, const char __user *name)
753{
754 int error;
755 char kname[XATTR_NAME_MAX + 1];
756
757 error = strncpy_from_user(kname, name, sizeof(kname));
758 if (error == 0 || error == sizeof(kname))
759 error = -ERANGE;
760 if (error < 0)
761 return error;
762
763 return vfs_removexattr(d, kname);
764}
765
766static int path_removexattr(const char __user *pathname,
767 const char __user *name, unsigned int lookup_flags)
768{
769 struct path path;
770 int error;
771retry:
772 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
773 if (error)
774 return error;
775 error = mnt_want_write(path.mnt);
776 if (!error) {
777 error = removexattr(path.dentry, name);
778 mnt_drop_write(path.mnt);
779 }
780 path_put(&path);
781 if (retry_estale(error, lookup_flags)) {
782 lookup_flags |= LOOKUP_REVAL;
783 goto retry;
784 }
785 return error;
786}
787
788SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
789 const char __user *, name)
790{
791 return path_removexattr(pathname, name, LOOKUP_FOLLOW);
792}
793
794SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
795 const char __user *, name)
796{
797 return path_removexattr(pathname, name, 0);
798}
799
800SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
801{
802 struct fd f = fdget(fd);
803 int error = -EBADF;
804
805 if (!f.file)
806 return error;
807 audit_file(f.file);
808 error = mnt_want_write_file_path(f.file);
809 if (!error) {
810 error = removexattr(f.file->f_path.dentry, name);
811 mnt_drop_write_file_path(f.file);
812 }
813 fdput(f);
814 return error;
815}
816
817/*
818 * Combine the results of the list() operation from every xattr_handler in the
819 * list.
820 */
821ssize_t
822generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
823{
824 const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
825 unsigned int size = 0;
826
827 if (!buffer) {
828 for_each_xattr_handler(handlers, handler) {
829 if (!handler->name ||
830 (handler->list && !handler->list(dentry)))
831 continue;
832 size += strlen(handler->name) + 1;
833 }
834 } else {
835 char *buf = buffer;
836 size_t len;
837
838 for_each_xattr_handler(handlers, handler) {
839 if (!handler->name ||
840 (handler->list && !handler->list(dentry)))
841 continue;
842 len = strlen(handler->name);
843 if (len + 1 > buffer_size)
844 return -ERANGE;
845 memcpy(buf, handler->name, len + 1);
846 buf += len + 1;
847 buffer_size -= len + 1;
848 }
849 size = buf - buffer;
850 }
851 return size;
852}
853EXPORT_SYMBOL(generic_listxattr);
854
855/**
856 * xattr_full_name - Compute full attribute name from suffix
857 *
858 * @handler: handler of the xattr_handler operation
859 * @name: name passed to the xattr_handler operation
860 *
861 * The get and set xattr handler operations are called with the remainder of
862 * the attribute name after skipping the handler's prefix: for example, "foo"
863 * is passed to the get operation of a handler with prefix "user." to get
864 * attribute "user.foo". The full name is still "there" in the name though.
865 *
866 * Note: the list xattr handler operation when called from the vfs is passed a
867 * NULL name; some file systems use this operation internally, with varying
868 * semantics.
869 */
870const char *xattr_full_name(const struct xattr_handler *handler,
871 const char *name)
872{
873 size_t prefix_len = strlen(xattr_prefix(handler));
874
875 return name - prefix_len;
876}
877EXPORT_SYMBOL(xattr_full_name);
878
879/*
880 * Allocate new xattr and copy in the value; but leave the name to callers.
881 */
882struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
883{
884 struct simple_xattr *new_xattr;
885 size_t len;
886
887 /* wrap around? */
888 len = sizeof(*new_xattr) + size;
889 if (len < sizeof(*new_xattr))
890 return NULL;
891
892 new_xattr = kmalloc(len, GFP_KERNEL);
893 if (!new_xattr)
894 return NULL;
895
896 new_xattr->size = size;
897 memcpy(new_xattr->value, value, size);
898 return new_xattr;
899}
900
901/*
902 * xattr GET operation for in-memory/pseudo filesystems
903 */
904int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
905 void *buffer, size_t size)
906{
907 struct simple_xattr *xattr;
908 int ret = -ENODATA;
909
910 spin_lock(&xattrs->lock);
911 list_for_each_entry(xattr, &xattrs->head, list) {
912 if (strcmp(name, xattr->name))
913 continue;
914
915 ret = xattr->size;
916 if (buffer) {
917 if (size < xattr->size)
918 ret = -ERANGE;
919 else
920 memcpy(buffer, xattr->value, xattr->size);
921 }
922 break;
923 }
924 spin_unlock(&xattrs->lock);
925 return ret;
926}
927
928/**
929 * simple_xattr_set - xattr SET operation for in-memory/pseudo filesystems
930 * @xattrs: target simple_xattr list
931 * @name: name of the extended attribute
932 * @value: value of the xattr. If %NULL, will remove the attribute.
933 * @size: size of the new xattr
934 * @flags: %XATTR_{CREATE|REPLACE}
935 *
936 * %XATTR_CREATE is set, the xattr shouldn't exist already; otherwise fails
937 * with -EEXIST. If %XATTR_REPLACE is set, the xattr should exist;
938 * otherwise, fails with -ENODATA.
939 *
940 * Returns 0 on success, -errno on failure.
941 */
942int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
943 const void *value, size_t size, int flags)
944{
945 struct simple_xattr *xattr;
946 struct simple_xattr *new_xattr = NULL;
947 int err = 0;
948
949 /* value == NULL means remove */
950 if (value) {
951 new_xattr = simple_xattr_alloc(value, size);
952 if (!new_xattr)
953 return -ENOMEM;
954
955 new_xattr->name = kstrdup(name, GFP_KERNEL);
956 if (!new_xattr->name) {
957 kfree(new_xattr);
958 return -ENOMEM;
959 }
960 }
961
962 spin_lock(&xattrs->lock);
963 list_for_each_entry(xattr, &xattrs->head, list) {
964 if (!strcmp(name, xattr->name)) {
965 if (flags & XATTR_CREATE) {
966 xattr = new_xattr;
967 err = -EEXIST;
968 } else if (new_xattr) {
969 list_replace(&xattr->list, &new_xattr->list);
970 } else {
971 list_del(&xattr->list);
972 }
973 goto out;
974 }
975 }
976 if (flags & XATTR_REPLACE) {
977 xattr = new_xattr;
978 err = -ENODATA;
979 } else {
980 list_add(&new_xattr->list, &xattrs->head);
981 xattr = NULL;
982 }
983out:
984 spin_unlock(&xattrs->lock);
985 if (xattr) {
986 kfree(xattr->name);
987 kfree(xattr);
988 }
989 return err;
990
991}
992
993static bool xattr_is_trusted(const char *name)
994{
995 return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
996}
997
998static int xattr_list_one(char **buffer, ssize_t *remaining_size,
999 const char *name)
1000{
1001 size_t len = strlen(name) + 1;
1002 if (*buffer) {
1003 if (*remaining_size < len)
1004 return -ERANGE;
1005 memcpy(*buffer, name, len);
1006 *buffer += len;
1007 }
1008 *remaining_size -= len;
1009 return 0;
1010}
1011
1012/*
1013 * xattr LIST operation for in-memory/pseudo filesystems
1014 */
1015ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
1016 char *buffer, size_t size)
1017{
1018 bool trusted = capable(CAP_SYS_ADMIN);
1019 struct simple_xattr *xattr;
1020 ssize_t remaining_size = size;
1021 int err = 0;
1022
1023#ifdef CONFIG_FS_POSIX_ACL
1024 if (IS_POSIXACL(inode)) {
1025 if (inode->i_acl) {
1026 err = xattr_list_one(&buffer, &remaining_size,
1027 XATTR_NAME_POSIX_ACL_ACCESS);
1028 if (err)
1029 return err;
1030 }
1031 if (inode->i_default_acl) {
1032 err = xattr_list_one(&buffer, &remaining_size,
1033 XATTR_NAME_POSIX_ACL_DEFAULT);
1034 if (err)
1035 return err;
1036 }
1037 }
1038#endif
1039
1040 spin_lock(&xattrs->lock);
1041 list_for_each_entry(xattr, &xattrs->head, list) {
1042 /* skip "trusted." attributes for unprivileged callers */
1043 if (!trusted && xattr_is_trusted(xattr->name))
1044 continue;
1045
1046 err = xattr_list_one(&buffer, &remaining_size, xattr->name);
1047 if (err)
1048 break;
1049 }
1050 spin_unlock(&xattrs->lock);
1051
1052 return err ? err : size - remaining_size;
1053}
1054
1055/*
1056 * Adds an extended attribute to the list
1057 */
1058void simple_xattr_list_add(struct simple_xattrs *xattrs,
1059 struct simple_xattr *new_xattr)
1060{
1061 spin_lock(&xattrs->lock);
1062 list_add(&new_xattr->list, &xattrs->head);
1063 spin_unlock(&xattrs->lock);
1064}