1/* 2 File: fs/xattr.c 3 4 Extended attribute handling. 5 6 Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org> 7 Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com> 8 Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> 9 */ 10#include <linux/fs.h> 11#include <linux/slab.h> 12#include <linux/file.h> 13#include <linux/xattr.h> 14#include <linux/mount.h> 15#include <linux/namei.h> 16#include <linux/security.h> 17#include <linux/evm.h> 18#include <linux/syscalls.h> 19#include <linux/export.h> 20#include <linux/fsnotify.h> 21#include <linux/audit.h> 22#include <linux/vmalloc.h> 23#include <linux/posix_acl_xattr.h> 24 25#include <asm/uaccess.h> 26 27/* 28 * Check permissions for extended attribute access. This is a bit complicated 29 * because different namespaces have very different rules. 30 */ 31static int 32xattr_permission(struct inode *inode, const char *name, int mask) 33{ 34 /* 35 * We can never set or remove an extended attribute on a read-only 36 * filesystem or on an immutable / append-only inode. 37 */ 38 if (mask & MAY_WRITE) { 39 if (IS_IMMUTABLE(inode) || IS_APPEND(inode)) 40 return -EPERM; 41 } 42 43 /* 44 * No restriction for security.* and system.* from the VFS. Decision 45 * on these is left to the underlying filesystem / security module. 46 */ 47 if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) || 48 !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) 49 return 0; 50 51 /* 52 * The trusted.* namespace can only be accessed by privileged users. 53 */ 54 if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) { 55 if (!capable(CAP_SYS_ADMIN)) 56 return (mask & MAY_WRITE) ? -EPERM : -ENODATA; 57 return 0; 58 } 59 60 /* 61 * In the user.* namespace, only regular files and directories can have 62 * extended attributes. For sticky directories, only the owner and 63 * privileged users can write attributes. 64 */ 65 if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) { 66 if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode)) 67 return (mask & MAY_WRITE) ? -EPERM : -ENODATA; 68 if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) && 69 (mask & MAY_WRITE) && !inode_owner_or_capable(inode)) 70 return -EPERM; 71 } 72 73 return inode_permission(inode, mask); 74} 75 76/** 77 * __vfs_setxattr_noperm - perform setxattr operation without performing 78 * permission checks. 79 * 80 * @dentry - object to perform setxattr on 81 * @name - xattr name to set 82 * @value - value to set @name to 83 * @size - size of @value 84 * @flags - flags to pass into filesystem operations 85 * 86 * returns the result of the internal setxattr or setsecurity operations. 87 * 88 * This function requires the caller to lock the inode's i_mutex before it 89 * is executed. It also assumes that the caller will make the appropriate 90 * permission checks. 91 */ 92int __vfs_setxattr_noperm(struct dentry *dentry, const char *name, 93 const void *value, size_t size, int flags) 94{ 95 struct inode *inode = dentry->d_inode; 96 int error = -EOPNOTSUPP; 97 int issec = !strncmp(name, XATTR_SECURITY_PREFIX, 98 XATTR_SECURITY_PREFIX_LEN); 99 100 if (issec) 101 inode->i_flags &= ~S_NOSEC; 102 if (inode->i_op->setxattr) { 103 error = inode->i_op->setxattr(dentry, name, value, size, flags); 104 if (!error) { 105 fsnotify_xattr(dentry); 106 security_inode_post_setxattr(dentry, name, value, 107 size, flags); 108 } 109 } else if (issec) { 110 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN; 111 error = security_inode_setsecurity(inode, suffix, value, 112 size, flags); 113 if (!error) 114 fsnotify_xattr(dentry); 115 } 116 117 return error; 118} 119 120 121int 122vfs_setxattr(struct dentry *dentry, const char *name, const void *value, 123 size_t size, int flags) 124{ 125 struct inode *inode = dentry->d_inode; 126 int error; 127 128 error = xattr_permission(inode, name, MAY_WRITE); 129 if (error) 130 return error; 131 132 mutex_lock(&inode->i_mutex); 133 error = security_inode_setxattr(dentry, name, value, size, flags); 134 if (error) 135 goto out; 136 137 error = __vfs_setxattr_noperm(dentry, name, value, size, flags); 138 139out: 140 mutex_unlock(&inode->i_mutex); 141 return error; 142} 143EXPORT_SYMBOL_GPL(vfs_setxattr); 144 145ssize_t 146xattr_getsecurity(struct inode *inode, const char *name, void *value, 147 size_t size) 148{ 149 void *buffer = NULL; 150 ssize_t len; 151 152 if (!value || !size) { 153 len = security_inode_getsecurity(inode, name, &buffer, false); 154 goto out_noalloc; 155 } 156 157 len = security_inode_getsecurity(inode, name, &buffer, true); 158 if (len < 0) 159 return len; 160 if (size < len) { 161 len = -ERANGE; 162 goto out; 163 } 164 memcpy(value, buffer, len); 165out: 166 security_release_secctx(buffer, len); 167out_noalloc: 168 return len; 169} 170EXPORT_SYMBOL_GPL(xattr_getsecurity); 171 172/* 173 * vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr 174 * 175 * Allocate memory, if not already allocated, or re-allocate correct size, 176 * before retrieving the extended attribute. 177 * 178 * Returns the result of alloc, if failed, or the getxattr operation. 179 */ 180ssize_t 181vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value, 182 size_t xattr_size, gfp_t flags) 183{ 184 struct inode *inode = dentry->d_inode; 185 char *value = *xattr_value; 186 int error; 187 188 error = xattr_permission(inode, name, MAY_READ); 189 if (error) 190 return error; 191 192 if (!inode->i_op->getxattr) 193 return -EOPNOTSUPP; 194 195 error = inode->i_op->getxattr(dentry, name, NULL, 0); 196 if (error < 0) 197 return error; 198 199 if (!value || (error > xattr_size)) { 200 value = krealloc(*xattr_value, error + 1, flags); 201 if (!value) 202 return -ENOMEM; 203 memset(value, 0, error + 1); 204 } 205 206 error = inode->i_op->getxattr(dentry, name, value, error); 207 *xattr_value = value; 208 return error; 209} 210 211/* Compare an extended attribute value with the given value */ 212int vfs_xattr_cmp(struct dentry *dentry, const char *xattr_name, 213 const char *value, size_t size, gfp_t flags) 214{ 215 char *xattr_value = NULL; 216 int rc; 217 218 rc = vfs_getxattr_alloc(dentry, xattr_name, &xattr_value, 0, flags); 219 if (rc < 0) 220 return rc; 221 222 if ((rc != size) || (memcmp(xattr_value, value, rc) != 0)) 223 rc = -EINVAL; 224 else 225 rc = 0; 226 kfree(xattr_value); 227 return rc; 228} 229 230ssize_t 231vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size) 232{ 233 struct inode *inode = dentry->d_inode; 234 int error; 235 236 error = xattr_permission(inode, name, MAY_READ); 237 if (error) 238 return error; 239 240 error = security_inode_getxattr(dentry, name); 241 if (error) 242 return error; 243 244 if (!strncmp(name, XATTR_SECURITY_PREFIX, 245 XATTR_SECURITY_PREFIX_LEN)) { 246 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN; 247 int ret = xattr_getsecurity(inode, suffix, value, size); 248 /* 249 * Only overwrite the return value if a security module 250 * is actually active. 251 */ 252 if (ret == -EOPNOTSUPP) 253 goto nolsm; 254 return ret; 255 } 256nolsm: 257 if (inode->i_op->getxattr) 258 error = inode->i_op->getxattr(dentry, name, value, size); 259 else 260 error = -EOPNOTSUPP; 261 262 return error; 263} 264EXPORT_SYMBOL_GPL(vfs_getxattr); 265 266ssize_t 267vfs_listxattr(struct dentry *d, char *list, size_t size) 268{ 269 ssize_t error; 270 271 error = security_inode_listxattr(d); 272 if (error) 273 return error; 274 error = -EOPNOTSUPP; 275 if (d->d_inode->i_op->listxattr) { 276 error = d->d_inode->i_op->listxattr(d, list, size); 277 } else { 278 error = security_inode_listsecurity(d->d_inode, list, size); 279 if (size && error > size) 280 error = -ERANGE; 281 } 282 return error; 283} 284EXPORT_SYMBOL_GPL(vfs_listxattr); 285 286int 287vfs_removexattr(struct dentry *dentry, const char *name) 288{ 289 struct inode *inode = dentry->d_inode; 290 int error; 291 292 if (!inode->i_op->removexattr) 293 return -EOPNOTSUPP; 294 295 error = xattr_permission(inode, name, MAY_WRITE); 296 if (error) 297 return error; 298 299 mutex_lock(&inode->i_mutex); 300 error = security_inode_removexattr(dentry, name); 301 if (error) 302 goto out; 303 304 error = inode->i_op->removexattr(dentry, name); 305 306 if (!error) { 307 fsnotify_xattr(dentry); 308 evm_inode_post_removexattr(dentry, name); 309 } 310 311out: 312 mutex_unlock(&inode->i_mutex); 313 return error; 314} 315EXPORT_SYMBOL_GPL(vfs_removexattr); 316 317 318/* 319 * Extended attribute SET operations 320 */ 321static long 322setxattr(struct dentry *d, const char __user *name, const void __user *value, 323 size_t size, int flags) 324{ 325 int error; 326 void *kvalue = NULL; 327 void *vvalue = NULL; /* If non-NULL, we used vmalloc() */ 328 char kname[XATTR_NAME_MAX + 1]; 329 330 if (flags & ~(XATTR_CREATE|XATTR_REPLACE)) 331 return -EINVAL; 332 333 error = strncpy_from_user(kname, name, sizeof(kname)); 334 if (error == 0 || error == sizeof(kname)) 335 error = -ERANGE; 336 if (error < 0) 337 return error; 338 339 if (size) { 340 if (size > XATTR_SIZE_MAX) 341 return -E2BIG; 342 kvalue = kmalloc(size, GFP_KERNEL | __GFP_NOWARN); 343 if (!kvalue) { 344 vvalue = vmalloc(size); 345 if (!vvalue) 346 return -ENOMEM; 347 kvalue = vvalue; 348 } 349 if (copy_from_user(kvalue, value, size)) { 350 error = -EFAULT; 351 goto out; 352 } 353 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) || 354 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0)) 355 posix_acl_fix_xattr_from_user(kvalue, size); 356 } 357 358 error = vfs_setxattr(d, kname, kvalue, size, flags); 359out: 360 if (vvalue) 361 vfree(vvalue); 362 else 363 kfree(kvalue); 364 return error; 365} 366 367static int path_setxattr(const char __user *pathname, 368 const char __user *name, const void __user *value, 369 size_t size, int flags, unsigned int lookup_flags) 370{ 371 struct path path; 372 int error; 373retry: 374 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path); 375 if (error) 376 return error; 377 error = mnt_want_write(path.mnt); 378 if (!error) { 379 error = setxattr(path.dentry, name, value, size, flags); 380 mnt_drop_write(path.mnt); 381 } 382 path_put(&path); 383 if (retry_estale(error, lookup_flags)) { 384 lookup_flags |= LOOKUP_REVAL; 385 goto retry; 386 } 387 return error; 388} 389 390SYSCALL_DEFINE5(setxattr, const char __user *, pathname, 391 const char __user *, name, const void __user *, value, 392 size_t, size, int, flags) 393{ 394 return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW); 395} 396 397SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname, 398 const char __user *, name, const void __user *, value, 399 size_t, size, int, flags) 400{ 401 return path_setxattr(pathname, name, value, size, flags, 0); 402} 403 404SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name, 405 const void __user *,value, size_t, size, int, flags) 406{ 407 struct fd f = fdget(fd); 408 int error = -EBADF; 409 410 if (!f.file) 411 return error; 412 audit_file(f.file); 413 error = mnt_want_write_file(f.file); 414 if (!error) { 415 error = setxattr(f.file->f_path.dentry, name, value, size, flags); 416 mnt_drop_write_file(f.file); 417 } 418 fdput(f); 419 return error; 420} 421 422/* 423 * Extended attribute GET operations 424 */ 425static ssize_t 426getxattr(struct dentry *d, const char __user *name, void __user *value, 427 size_t size) 428{ 429 ssize_t error; 430 void *kvalue = NULL; 431 void *vvalue = NULL; 432 char kname[XATTR_NAME_MAX + 1]; 433 434 error = strncpy_from_user(kname, name, sizeof(kname)); 435 if (error == 0 || error == sizeof(kname)) 436 error = -ERANGE; 437 if (error < 0) 438 return error; 439 440 if (size) { 441 if (size > XATTR_SIZE_MAX) 442 size = XATTR_SIZE_MAX; 443 kvalue = kzalloc(size, GFP_KERNEL | __GFP_NOWARN); 444 if (!kvalue) { 445 vvalue = vmalloc(size); 446 if (!vvalue) 447 return -ENOMEM; 448 kvalue = vvalue; 449 } 450 } 451 452 error = vfs_getxattr(d, kname, kvalue, size); 453 if (error > 0) { 454 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) || 455 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0)) 456 posix_acl_fix_xattr_to_user(kvalue, size); 457 if (size && copy_to_user(value, kvalue, error)) 458 error = -EFAULT; 459 } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) { 460 /* The file system tried to returned a value bigger 461 than XATTR_SIZE_MAX bytes. Not possible. */ 462 error = -E2BIG; 463 } 464 if (vvalue) 465 vfree(vvalue); 466 else 467 kfree(kvalue); 468 return error; 469} 470 471static ssize_t path_getxattr(const char __user *pathname, 472 const char __user *name, void __user *value, 473 size_t size, unsigned int lookup_flags) 474{ 475 struct path path; 476 ssize_t error; 477retry: 478 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path); 479 if (error) 480 return error; 481 error = getxattr(path.dentry, name, value, size); 482 path_put(&path); 483 if (retry_estale(error, lookup_flags)) { 484 lookup_flags |= LOOKUP_REVAL; 485 goto retry; 486 } 487 return error; 488} 489 490SYSCALL_DEFINE4(getxattr, const char __user *, pathname, 491 const char __user *, name, void __user *, value, size_t, size) 492{ 493 return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW); 494} 495 496SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname, 497 const char __user *, name, void __user *, value, size_t, size) 498{ 499 return path_getxattr(pathname, name, value, size, 0); 500} 501 502SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name, 503 void __user *, value, size_t, size) 504{ 505 struct fd f = fdget(fd); 506 ssize_t error = -EBADF; 507 508 if (!f.file) 509 return error; 510 audit_file(f.file); 511 error = getxattr(f.file->f_path.dentry, name, value, size); 512 fdput(f); 513 return error; 514} 515 516/* 517 * Extended attribute LIST operations 518 */ 519static ssize_t 520listxattr(struct dentry *d, char __user *list, size_t size) 521{ 522 ssize_t error; 523 char *klist = NULL; 524 char *vlist = NULL; /* If non-NULL, we used vmalloc() */ 525 526 if (size) { 527 if (size > XATTR_LIST_MAX) 528 size = XATTR_LIST_MAX; 529 klist = kmalloc(size, __GFP_NOWARN | GFP_KERNEL); 530 if (!klist) { 531 vlist = vmalloc(size); 532 if (!vlist) 533 return -ENOMEM; 534 klist = vlist; 535 } 536 } 537 538 error = vfs_listxattr(d, klist, size); 539 if (error > 0) { 540 if (size && copy_to_user(list, klist, error)) 541 error = -EFAULT; 542 } else if (error == -ERANGE && size >= XATTR_LIST_MAX) { 543 /* The file system tried to returned a list bigger 544 than XATTR_LIST_MAX bytes. Not possible. */ 545 error = -E2BIG; 546 } 547 if (vlist) 548 vfree(vlist); 549 else 550 kfree(klist); 551 return error; 552} 553 554static ssize_t path_listxattr(const char __user *pathname, char __user *list, 555 size_t size, unsigned int lookup_flags) 556{ 557 struct path path; 558 ssize_t error; 559retry: 560 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path); 561 if (error) 562 return error; 563 error = listxattr(path.dentry, list, size); 564 path_put(&path); 565 if (retry_estale(error, lookup_flags)) { 566 lookup_flags |= LOOKUP_REVAL; 567 goto retry; 568 } 569 return error; 570} 571 572SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list, 573 size_t, size) 574{ 575 return path_listxattr(pathname, list, size, LOOKUP_FOLLOW); 576} 577 578SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list, 579 size_t, size) 580{ 581 return path_listxattr(pathname, list, size, 0); 582} 583 584SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size) 585{ 586 struct fd f = fdget(fd); 587 ssize_t error = -EBADF; 588 589 if (!f.file) 590 return error; 591 audit_file(f.file); 592 error = listxattr(f.file->f_path.dentry, list, size); 593 fdput(f); 594 return error; 595} 596 597/* 598 * Extended attribute REMOVE operations 599 */ 600static long 601removexattr(struct dentry *d, const char __user *name) 602{ 603 int error; 604 char kname[XATTR_NAME_MAX + 1]; 605 606 error = strncpy_from_user(kname, name, sizeof(kname)); 607 if (error == 0 || error == sizeof(kname)) 608 error = -ERANGE; 609 if (error < 0) 610 return error; 611 612 return vfs_removexattr(d, kname); 613} 614 615static int path_removexattr(const char __user *pathname, 616 const char __user *name, unsigned int lookup_flags) 617{ 618 struct path path; 619 int error; 620retry: 621 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path); 622 if (error) 623 return error; 624 error = mnt_want_write(path.mnt); 625 if (!error) { 626 error = removexattr(path.dentry, name); 627 mnt_drop_write(path.mnt); 628 } 629 path_put(&path); 630 if (retry_estale(error, lookup_flags)) { 631 lookup_flags |= LOOKUP_REVAL; 632 goto retry; 633 } 634 return error; 635} 636 637SYSCALL_DEFINE2(removexattr, const char __user *, pathname, 638 const char __user *, name) 639{ 640 return path_removexattr(pathname, name, LOOKUP_FOLLOW); 641} 642 643SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname, 644 const char __user *, name) 645{ 646 return path_removexattr(pathname, name, 0); 647} 648 649SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name) 650{ 651 struct fd f = fdget(fd); 652 int error = -EBADF; 653 654 if (!f.file) 655 return error; 656 audit_file(f.file); 657 error = mnt_want_write_file(f.file); 658 if (!error) { 659 error = removexattr(f.file->f_path.dentry, name); 660 mnt_drop_write_file(f.file); 661 } 662 fdput(f); 663 return error; 664} 665 666 667static const char * 668strcmp_prefix(const char *a, const char *a_prefix) 669{ 670 while (*a_prefix && *a == *a_prefix) { 671 a++; 672 a_prefix++; 673 } 674 return *a_prefix ? NULL : a; 675} 676 677/* 678 * In order to implement different sets of xattr operations for each xattr 679 * prefix with the generic xattr API, a filesystem should create a 680 * null-terminated array of struct xattr_handler (one for each prefix) and 681 * hang a pointer to it off of the s_xattr field of the superblock. 682 * 683 * The generic_fooxattr() functions will use this list to dispatch xattr 684 * operations to the correct xattr_handler. 685 */ 686#define for_each_xattr_handler(handlers, handler) \ 687 for ((handler) = *(handlers)++; \ 688 (handler) != NULL; \ 689 (handler) = *(handlers)++) 690 691/* 692 * Find the xattr_handler with the matching prefix. 693 */ 694static const struct xattr_handler * 695xattr_resolve_name(const struct xattr_handler **handlers, const char **name) 696{ 697 const struct xattr_handler *handler; 698 699 if (!*name) 700 return NULL; 701 702 for_each_xattr_handler(handlers, handler) { 703 const char *n = strcmp_prefix(*name, handler->prefix); 704 if (n) { 705 *name = n; 706 break; 707 } 708 } 709 return handler; 710} 711 712/* 713 * Find the handler for the prefix and dispatch its get() operation. 714 */ 715ssize_t 716generic_getxattr(struct dentry *dentry, const char *name, void *buffer, size_t size) 717{ 718 const struct xattr_handler *handler; 719 720 handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name); 721 if (!handler) 722 return -EOPNOTSUPP; 723 return handler->get(handler, dentry, name, buffer, size); 724} 725 726/* 727 * Combine the results of the list() operation from every xattr_handler in the 728 * list. 729 */ 730ssize_t 731generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size) 732{ 733 const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr; 734 unsigned int size = 0; 735 736 if (!buffer) { 737 for_each_xattr_handler(handlers, handler) { 738 size += handler->list(handler, dentry, NULL, 0, 739 NULL, 0); 740 } 741 } else { 742 char *buf = buffer; 743 744 for_each_xattr_handler(handlers, handler) { 745 size = handler->list(handler, dentry, buf, buffer_size, 746 NULL, 0); 747 if (size > buffer_size) 748 return -ERANGE; 749 buf += size; 750 buffer_size -= size; 751 } 752 size = buf - buffer; 753 } 754 return size; 755} 756 757/* 758 * Find the handler for the prefix and dispatch its set() operation. 759 */ 760int 761generic_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) 762{ 763 const struct xattr_handler *handler; 764 765 if (size == 0) 766 value = ""; /* empty EA, do not remove */ 767 handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name); 768 if (!handler) 769 return -EOPNOTSUPP; 770 return handler->set(handler, dentry, name, value, size, flags); 771} 772 773/* 774 * Find the handler for the prefix and dispatch its set() operation to remove 775 * any associated extended attribute. 776 */ 777int 778generic_removexattr(struct dentry *dentry, const char *name) 779{ 780 const struct xattr_handler *handler; 781 782 handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name); 783 if (!handler) 784 return -EOPNOTSUPP; 785 return handler->set(handler, dentry, name, NULL, 0, XATTR_REPLACE); 786} 787 788EXPORT_SYMBOL(generic_getxattr); 789EXPORT_SYMBOL(generic_listxattr); 790EXPORT_SYMBOL(generic_setxattr); 791EXPORT_SYMBOL(generic_removexattr); 792 793/** 794 * xattr_full_name - Compute full attribute name from suffix 795 * 796 * @handler: handler of the xattr_handler operation 797 * @name: name passed to the xattr_handler operation 798 * 799 * The get and set xattr handler operations are called with the remainder of 800 * the attribute name after skipping the handler's prefix: for example, "foo" 801 * is passed to the get operation of a handler with prefix "user." to get 802 * attribute "user.foo". The full name is still "there" in the name though. 803 * 804 * Note: the list xattr handler operation when called from the vfs is passed a 805 * NULL name; some file systems use this operation internally, with varying 806 * semantics. 807 */ 808const char *xattr_full_name(const struct xattr_handler *handler, 809 const char *name) 810{ 811 size_t prefix_len = strlen(handler->prefix); 812 813 return name - prefix_len; 814} 815EXPORT_SYMBOL(xattr_full_name); 816 817/* 818 * Allocate new xattr and copy in the value; but leave the name to callers. 819 */ 820struct simple_xattr *simple_xattr_alloc(const void *value, size_t size) 821{ 822 struct simple_xattr *new_xattr; 823 size_t len; 824 825 /* wrap around? */ 826 len = sizeof(*new_xattr) + size; 827 if (len < sizeof(*new_xattr)) 828 return NULL; 829 830 new_xattr = kmalloc(len, GFP_KERNEL); 831 if (!new_xattr) 832 return NULL; 833 834 new_xattr->size = size; 835 memcpy(new_xattr->value, value, size); 836 return new_xattr; 837} 838 839/* 840 * xattr GET operation for in-memory/pseudo filesystems 841 */ 842int simple_xattr_get(struct simple_xattrs *xattrs, const char *name, 843 void *buffer, size_t size) 844{ 845 struct simple_xattr *xattr; 846 int ret = -ENODATA; 847 848 spin_lock(&xattrs->lock); 849 list_for_each_entry(xattr, &xattrs->head, list) { 850 if (strcmp(name, xattr->name)) 851 continue; 852 853 ret = xattr->size; 854 if (buffer) { 855 if (size < xattr->size) 856 ret = -ERANGE; 857 else 858 memcpy(buffer, xattr->value, xattr->size); 859 } 860 break; 861 } 862 spin_unlock(&xattrs->lock); 863 return ret; 864} 865 866static int __simple_xattr_set(struct simple_xattrs *xattrs, const char *name, 867 const void *value, size_t size, int flags) 868{ 869 struct simple_xattr *xattr; 870 struct simple_xattr *new_xattr = NULL; 871 int err = 0; 872 873 /* value == NULL means remove */ 874 if (value) { 875 new_xattr = simple_xattr_alloc(value, size); 876 if (!new_xattr) 877 return -ENOMEM; 878 879 new_xattr->name = kstrdup(name, GFP_KERNEL); 880 if (!new_xattr->name) { 881 kfree(new_xattr); 882 return -ENOMEM; 883 } 884 } 885 886 spin_lock(&xattrs->lock); 887 list_for_each_entry(xattr, &xattrs->head, list) { 888 if (!strcmp(name, xattr->name)) { 889 if (flags & XATTR_CREATE) { 890 xattr = new_xattr; 891 err = -EEXIST; 892 } else if (new_xattr) { 893 list_replace(&xattr->list, &new_xattr->list); 894 } else { 895 list_del(&xattr->list); 896 } 897 goto out; 898 } 899 } 900 if (flags & XATTR_REPLACE) { 901 xattr = new_xattr; 902 err = -ENODATA; 903 } else { 904 list_add(&new_xattr->list, &xattrs->head); 905 xattr = NULL; 906 } 907out: 908 spin_unlock(&xattrs->lock); 909 if (xattr) { 910 kfree(xattr->name); 911 kfree(xattr); 912 } 913 return err; 914 915} 916 917/** 918 * simple_xattr_set - xattr SET operation for in-memory/pseudo filesystems 919 * @xattrs: target simple_xattr list 920 * @name: name of the new extended attribute 921 * @value: value of the new xattr. If %NULL, will remove the attribute 922 * @size: size of the new xattr 923 * @flags: %XATTR_{CREATE|REPLACE} 924 * 925 * %XATTR_CREATE is set, the xattr shouldn't exist already; otherwise fails 926 * with -EEXIST. If %XATTR_REPLACE is set, the xattr should exist; 927 * otherwise, fails with -ENODATA. 928 * 929 * Returns 0 on success, -errno on failure. 930 */ 931int simple_xattr_set(struct simple_xattrs *xattrs, const char *name, 932 const void *value, size_t size, int flags) 933{ 934 if (size == 0) 935 value = ""; /* empty EA, do not remove */ 936 return __simple_xattr_set(xattrs, name, value, size, flags); 937} 938 939/* 940 * xattr REMOVE operation for in-memory/pseudo filesystems 941 */ 942int simple_xattr_remove(struct simple_xattrs *xattrs, const char *name) 943{ 944 return __simple_xattr_set(xattrs, name, NULL, 0, XATTR_REPLACE); 945} 946 947static bool xattr_is_trusted(const char *name) 948{ 949 return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN); 950} 951 952/* 953 * xattr LIST operation for in-memory/pseudo filesystems 954 */ 955ssize_t simple_xattr_list(struct simple_xattrs *xattrs, char *buffer, 956 size_t size) 957{ 958 bool trusted = capable(CAP_SYS_ADMIN); 959 struct simple_xattr *xattr; 960 size_t used = 0; 961 962 spin_lock(&xattrs->lock); 963 list_for_each_entry(xattr, &xattrs->head, list) { 964 size_t len; 965 966 /* skip "trusted." attributes for unprivileged callers */ 967 if (!trusted && xattr_is_trusted(xattr->name)) 968 continue; 969 970 len = strlen(xattr->name) + 1; 971 used += len; 972 if (buffer) { 973 if (size < used) { 974 used = -ERANGE; 975 break; 976 } 977 memcpy(buffer, xattr->name, len); 978 buffer += len; 979 } 980 } 981 spin_unlock(&xattrs->lock); 982 983 return used; 984} 985 986/* 987 * Adds an extended attribute to the list 988 */ 989void simple_xattr_list_add(struct simple_xattrs *xattrs, 990 struct simple_xattr *new_xattr) 991{ 992 spin_lock(&xattrs->lock); 993 list_add(&new_xattr->list, &xattrs->head); 994 spin_unlock(&xattrs->lock); 995} 996