xattr.c 23.4 KB
Newer Older
L
Linus Torvalds 已提交
1 2 3 4 5 6 7 8 9 10 11 12 13
/*
  File: fs/xattr.c

  Extended attribute handling.

  Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
  Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
  Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
 */
#include <linux/fs.h>
#include <linux/slab.h>
#include <linux/file.h>
#include <linux/xattr.h>
14
#include <linux/mount.h>
L
Linus Torvalds 已提交
15 16
#include <linux/namei.h>
#include <linux/security.h>
M
Mimi Zohar 已提交
17
#include <linux/evm.h>
L
Linus Torvalds 已提交
18
#include <linux/syscalls.h>
19
#include <linux/export.h>
R
Robert Love 已提交
20
#include <linux/fsnotify.h>
21
#include <linux/audit.h>
22
#include <linux/vmalloc.h>
23
#include <linux/posix_acl_xattr.h>
L
Linus Torvalds 已提交
24

25
#include <linux/uaccess.h>
26
#include "internal.h"
27

28 29 30 31 32 33 34 35 36 37 38 39
static const char *
strcmp_prefix(const char *a, const char *a_prefix)
{
	while (*a_prefix && *a == *a_prefix) {
		a++;
		a_prefix++;
	}
	return *a_prefix ? NULL : a;
}

/*
 * In order to implement different sets of xattr operations for each xattr
40 41 42
 * prefix, a filesystem should create a null-terminated array of struct
 * xattr_handler (one for each prefix) and hang a pointer to it off of the
 * s_xattr field of the superblock.
43 44 45 46 47 48 49 50 51 52 53
 */
#define for_each_xattr_handler(handlers, handler)		\
	if (handlers)						\
		for ((handler) = *(handlers)++;			\
			(handler) != NULL;			\
			(handler) = *(handlers)++)

/*
 * Find the xattr_handler with the matching prefix.
 */
static const struct xattr_handler *
54
xattr_resolve_name(struct inode *inode, const char **name)
55
{
56
	const struct xattr_handler **handlers = inode->i_sb->s_xattr;
57 58
	const struct xattr_handler *handler;

59 60 61
	if (!(inode->i_opflags & IOP_XATTR)) {
		if (unlikely(is_bad_inode(inode)))
			return ERR_PTR(-EIO);
62
		return ERR_PTR(-EOPNOTSUPP);
63
	}
64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80
	for_each_xattr_handler(handlers, handler) {
		const char *n;

		n = strcmp_prefix(*name, xattr_prefix(handler));
		if (n) {
			if (!handler->prefix ^ !*n) {
				if (*n)
					continue;
				return ERR_PTR(-EINVAL);
			}
			*name = n;
			return handler;
		}
	}
	return ERR_PTR(-EOPNOTSUPP);
}

81 82 83 84 85 86 87 88 89 90 91 92 93 94
/*
 * Check permissions for extended attribute access.  This is a bit complicated
 * because different namespaces have very different rules.
 */
static int
xattr_permission(struct inode *inode, const char *name, int mask)
{
	/*
	 * We can never set or remove an extended attribute on a read-only
	 * filesystem  or on an immutable / append-only inode.
	 */
	if (mask & MAY_WRITE) {
		if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
			return -EPERM;
95 96 97 98 99 100 101
		/*
		 * Updating an xattr will likely cause i_uid and i_gid
		 * to be writen back improperly if their true value is
		 * unknown to the vfs.
		 */
		if (HAS_UNMAPPED_ID(inode))
			return -EPERM;
102 103 104 105 106 107 108 109 110 111 112
	}

	/*
	 * No restriction for security.* and system.* from the VFS.  Decision
	 * on these is left to the underlying filesystem / security module.
	 */
	if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
	    !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
		return 0;

	/*
113
	 * The trusted.* namespace can only be accessed by privileged users.
114
	 */
115 116 117 118 119
	if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
		if (!capable(CAP_SYS_ADMIN))
			return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
		return 0;
	}
120

121 122
	/*
	 * In the user.* namespace, only regular files and directories can have
123
	 * extended attributes. For sticky directories, only the owner and
124
	 * privileged users can write attributes.
125
	 */
126
	if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
127
		if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
128
			return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
129
		if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
130
		    (mask & MAY_WRITE) && !inode_owner_or_capable(inode))
131 132 133
			return -EPERM;
	}

134
	return inode_permission(inode, mask);
135 136
}

137 138 139 140
int
__vfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name,
	       const void *value, size_t size, int flags)
{
141 142 143 144 145 146
	const struct xattr_handler *handler;

	handler = xattr_resolve_name(inode, &name);
	if (IS_ERR(handler))
		return PTR_ERR(handler);
	if (!handler->set)
147
		return -EOPNOTSUPP;
148 149 150
	if (size == 0)
		value = "";  /* empty EA, do not remove */
	return handler->set(handler, dentry, inode, name, value, size, flags);
151 152 153
}
EXPORT_SYMBOL(__vfs_setxattr);

154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171
/**
 *  __vfs_setxattr_noperm - perform setxattr operation without performing
 *  permission checks.
 *
 *  @dentry - object to perform setxattr on
 *  @name - xattr name to set
 *  @value - value to set @name to
 *  @size - size of @value
 *  @flags - flags to pass into filesystem operations
 *
 *  returns the result of the internal setxattr or setsecurity operations.
 *
 *  This function requires the caller to lock the inode's i_mutex before it
 *  is executed. It also assumes that the caller will make the appropriate
 *  permission checks.
 */
int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
		const void *value, size_t size, int flags)
172 173
{
	struct inode *inode = dentry->d_inode;
174
	int error = -EAGAIN;
175 176
	int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
				   XATTR_SECURITY_PREFIX_LEN);
177

178 179
	if (issec)
		inode->i_flags &= ~S_NOSEC;
180
	if (inode->i_opflags & IOP_XATTR) {
181
		error = __vfs_setxattr(dentry, inode, name, value, size, flags);
182 183 184 185 186
		if (!error) {
			fsnotify_xattr(dentry);
			security_inode_post_setxattr(dentry, name, value,
						     size, flags);
		}
187
	} else {
188 189
		if (unlikely(is_bad_inode(inode)))
			return -EIO;
190 191 192 193 194 195 196 197 198 199 200 201
	}
	if (error == -EAGAIN) {
		error = -EOPNOTSUPP;

		if (issec) {
			const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;

			error = security_inode_setsecurity(inode, suffix, value,
							   size, flags);
			if (!error)
				fsnotify_xattr(dentry);
		}
202
	}
203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218

	return error;
}


int
vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
		size_t size, int flags)
{
	struct inode *inode = dentry->d_inode;
	int error;

	error = xattr_permission(inode, name, MAY_WRITE);
	if (error)
		return error;

A
Al Viro 已提交
219
	inode_lock(inode);
220 221 222 223 224 225
	error = security_inode_setxattr(dentry, name, value, size, flags);
	if (error)
		goto out;

	error = __vfs_setxattr_noperm(dentry, name, value, size, flags);

226
out:
A
Al Viro 已提交
227
	inode_unlock(inode);
228 229 230 231
	return error;
}
EXPORT_SYMBOL_GPL(vfs_setxattr);

A
Al Viro 已提交
232
static ssize_t
233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252
xattr_getsecurity(struct inode *inode, const char *name, void *value,
			size_t size)
{
	void *buffer = NULL;
	ssize_t len;

	if (!value || !size) {
		len = security_inode_getsecurity(inode, name, &buffer, false);
		goto out_noalloc;
	}

	len = security_inode_getsecurity(inode, name, &buffer, true);
	if (len < 0)
		return len;
	if (size < len) {
		len = -ERANGE;
		goto out;
	}
	memcpy(value, buffer, len);
out:
253
	kfree(buffer);
254 255 256 257
out_noalloc:
	return len;
}

258 259 260 261 262 263 264 265 266 267 268 269
/*
 * vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr
 *
 * Allocate memory, if not already allocated, or re-allocate correct size,
 * before retrieving the extended attribute.
 *
 * Returns the result of alloc, if failed, or the getxattr operation.
 */
ssize_t
vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
		   size_t xattr_size, gfp_t flags)
{
270
	const struct xattr_handler *handler;
271 272 273 274 275 276 277 278
	struct inode *inode = dentry->d_inode;
	char *value = *xattr_value;
	int error;

	error = xattr_permission(inode, name, MAY_READ);
	if (error)
		return error;

279 280 281 282
	handler = xattr_resolve_name(inode, &name);
	if (IS_ERR(handler))
		return PTR_ERR(handler);
	if (!handler->get)
283
		return -EOPNOTSUPP;
284
	error = handler->get(handler, dentry, inode, name, NULL, 0);
285 286 287 288 289 290 291 292 293 294
	if (error < 0)
		return error;

	if (!value || (error > xattr_size)) {
		value = krealloc(*xattr_value, error + 1, flags);
		if (!value)
			return -ENOMEM;
		memset(value, 0, error + 1);
	}

295
	error = handler->get(handler, dentry, inode, name, value, error);
296 297 298 299
	*xattr_value = value;
	return error;
}

300 301 302 303
ssize_t
__vfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name,
	       void *value, size_t size)
{
304 305 306 307 308 309
	const struct xattr_handler *handler;

	handler = xattr_resolve_name(inode, &name);
	if (IS_ERR(handler))
		return PTR_ERR(handler);
	if (!handler->get)
310
		return -EOPNOTSUPP;
311
	return handler->get(handler, dentry, inode, name, value, size);
312 313 314
}
EXPORT_SYMBOL(__vfs_getxattr);

315
ssize_t
316
vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size)
317 318 319 320
{
	struct inode *inode = dentry->d_inode;
	int error;

321 322 323 324
	error = xattr_permission(inode, name, MAY_READ);
	if (error)
		return error;

325 326 327 328 329
	error = security_inode_getxattr(dentry, name);
	if (error)
		return error;

	if (!strncmp(name, XATTR_SECURITY_PREFIX,
330 331
				XATTR_SECURITY_PREFIX_LEN)) {
		const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
332
		int ret = xattr_getsecurity(inode, suffix, value, size);
333 334 335 336
		/*
		 * Only overwrite the return value if a security module
		 * is actually active.
		 */
337 338 339
		if (ret == -EOPNOTSUPP)
			goto nolsm;
		return ret;
340
	}
341
nolsm:
342
	return __vfs_getxattr(dentry, inode, name, value, size);
343 344 345
}
EXPORT_SYMBOL_GPL(vfs_getxattr);

B
Bill Nottingham 已提交
346
ssize_t
347
vfs_listxattr(struct dentry *dentry, char *list, size_t size)
B
Bill Nottingham 已提交
348
{
349
	struct inode *inode = d_inode(dentry);
B
Bill Nottingham 已提交
350 351
	ssize_t error;

352
	error = security_inode_listxattr(dentry);
B
Bill Nottingham 已提交
353 354
	if (error)
		return error;
355 356
	if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) {
		error = inode->i_op->listxattr(dentry, list, size);
B
Bill Nottingham 已提交
357
	} else {
358
		error = security_inode_listsecurity(inode, list, size);
B
Bill Nottingham 已提交
359 360 361 362 363 364 365
		if (size && error > size)
			error = -ERANGE;
	}
	return error;
}
EXPORT_SYMBOL_GPL(vfs_listxattr);

366
int
367
__vfs_removexattr(struct dentry *dentry, const char *name)
368
{
369 370
	struct inode *inode = d_inode(dentry);
	const struct xattr_handler *handler;
371

372 373 374 375
	handler = xattr_resolve_name(inode, &name);
	if (IS_ERR(handler))
		return PTR_ERR(handler);
	if (!handler->set)
376
		return -EOPNOTSUPP;
377
	return handler->set(handler, dentry, inode, name, NULL, 0, XATTR_REPLACE);
378 379 380 381 382 383 384 385
}
EXPORT_SYMBOL(__vfs_removexattr);

int
vfs_removexattr(struct dentry *dentry, const char *name)
{
	struct inode *inode = dentry->d_inode;
	int error;
386

387 388 389 390
	error = xattr_permission(inode, name, MAY_WRITE);
	if (error)
		return error;

A
Al Viro 已提交
391
	inode_lock(inode);
392
	error = security_inode_removexattr(dentry, name);
393 394
	if (error)
		goto out;
395

396
	error = __vfs_removexattr(dentry, name);
397

M
Mimi Zohar 已提交
398
	if (!error) {
399
		fsnotify_xattr(dentry);
M
Mimi Zohar 已提交
400 401
		evm_inode_post_removexattr(dentry, name);
	}
402 403

out:
A
Al Viro 已提交
404
	inode_unlock(inode);
405 406 407 408 409
	return error;
}
EXPORT_SYMBOL_GPL(vfs_removexattr);


L
Linus Torvalds 已提交
410 411 412 413
/*
 * Extended attribute SET operations
 */
static long
414
setxattr(struct dentry *d, const char __user *name, const void __user *value,
L
Linus Torvalds 已提交
415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432
	 size_t size, int flags)
{
	int error;
	void *kvalue = NULL;
	char kname[XATTR_NAME_MAX + 1];

	if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
		return -EINVAL;

	error = strncpy_from_user(kname, name, sizeof(kname));
	if (error == 0 || error == sizeof(kname))
		error = -ERANGE;
	if (error < 0)
		return error;

	if (size) {
		if (size > XATTR_SIZE_MAX)
			return -E2BIG;
433 434 435
		kvalue = kvmalloc(size, GFP_KERNEL);
		if (!kvalue)
			return -ENOMEM;
436 437 438 439
		if (copy_from_user(kvalue, value, size)) {
			error = -EFAULT;
			goto out;
		}
440 441 442
		if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
		    (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
			posix_acl_fix_xattr_from_user(kvalue, size);
443 444 445 446 447 448
		else if (strcmp(kname, XATTR_NAME_CAPS) == 0) {
			error = cap_convert_nscap(d, &kvalue, size);
			if (error < 0)
				goto out;
			size = error;
		}
L
Linus Torvalds 已提交
449 450
	}

451
	error = vfs_setxattr(d, kname, kvalue, size, flags);
452
out:
R
Richard Weinberger 已提交
453 454
	kvfree(kvalue);

L
Linus Torvalds 已提交
455 456 457
	return error;
}

458 459 460
static int path_setxattr(const char __user *pathname,
			 const char __user *name, const void __user *value,
			 size_t size, int flags, unsigned int lookup_flags)
L
Linus Torvalds 已提交
461
{
462
	struct path path;
L
Linus Torvalds 已提交
463
	int error;
464 465
retry:
	error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
L
Linus Torvalds 已提交
466 467
	if (error)
		return error;
468
	error = mnt_want_write(path.mnt);
469
	if (!error) {
470 471
		error = setxattr(path.dentry, name, value, size, flags);
		mnt_drop_write(path.mnt);
472
	}
473
	path_put(&path);
474 475 476 477
	if (retry_estale(error, lookup_flags)) {
		lookup_flags |= LOOKUP_REVAL;
		goto retry;
	}
L
Linus Torvalds 已提交
478 479 480
	return error;
}

481 482 483 484 485 486 487
SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
		const char __user *, name, const void __user *, value,
		size_t, size, int, flags)
{
	return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW);
}

488 489 490
SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
		const char __user *, name, const void __user *, value,
		size_t, size, int, flags)
L
Linus Torvalds 已提交
491
{
492
	return path_setxattr(pathname, name, value, size, flags, 0);
L
Linus Torvalds 已提交
493 494
}

495 496
SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
		const void __user *,value, size_t, size, int, flags)
L
Linus Torvalds 已提交
497
{
498
	struct fd f = fdget(fd);
L
Linus Torvalds 已提交
499 500
	int error = -EBADF;

501
	if (!f.file)
L
Linus Torvalds 已提交
502
		return error;
A
Al Viro 已提交
503
	audit_file(f.file);
504
	error = mnt_want_write_file_path(f.file);
505
	if (!error) {
A
Al Viro 已提交
506
		error = setxattr(f.file->f_path.dentry, name, value, size, flags);
507
		mnt_drop_write_file_path(f.file);
508
	}
509
	fdput(f);
L
Linus Torvalds 已提交
510 511 512 513 514 515 516
	return error;
}

/*
 * Extended attribute GET operations
 */
static ssize_t
517 518
getxattr(struct dentry *d, const char __user *name, void __user *value,
	 size_t size)
L
Linus Torvalds 已提交
519 520 521 522 523 524 525 526 527 528 529 530 531 532
{
	ssize_t error;
	void *kvalue = NULL;
	char kname[XATTR_NAME_MAX + 1];

	error = strncpy_from_user(kname, name, sizeof(kname));
	if (error == 0 || error == sizeof(kname))
		error = -ERANGE;
	if (error < 0)
		return error;

	if (size) {
		if (size > XATTR_SIZE_MAX)
			size = XATTR_SIZE_MAX;
533 534 535
		kvalue = kvzalloc(size, GFP_KERNEL);
		if (!kvalue)
			return -ENOMEM;
L
Linus Torvalds 已提交
536 537
	}

538
	error = vfs_getxattr(d, kname, kvalue, size);
539
	if (error > 0) {
540 541 542
		if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
		    (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
			posix_acl_fix_xattr_to_user(kvalue, size);
543 544 545 546 547 548
		if (size && copy_to_user(value, kvalue, error))
			error = -EFAULT;
	} else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
		/* The file system tried to returned a value bigger
		   than XATTR_SIZE_MAX bytes. Not possible. */
		error = -E2BIG;
L
Linus Torvalds 已提交
549
	}
R
Richard Weinberger 已提交
550 551 552

	kvfree(kvalue);

L
Linus Torvalds 已提交
553 554 555
	return error;
}

556 557 558
static ssize_t path_getxattr(const char __user *pathname,
			     const char __user *name, void __user *value,
			     size_t size, unsigned int lookup_flags)
L
Linus Torvalds 已提交
559
{
560
	struct path path;
L
Linus Torvalds 已提交
561
	ssize_t error;
562 563
retry:
	error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
L
Linus Torvalds 已提交
564 565
	if (error)
		return error;
566 567
	error = getxattr(path.dentry, name, value, size);
	path_put(&path);
568 569 570 571
	if (retry_estale(error, lookup_flags)) {
		lookup_flags |= LOOKUP_REVAL;
		goto retry;
	}
L
Linus Torvalds 已提交
572 573 574
	return error;
}

575 576 577 578 579 580
SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
		const char __user *, name, void __user *, value, size_t, size)
{
	return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW);
}

581 582
SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
		const char __user *, name, void __user *, value, size_t, size)
L
Linus Torvalds 已提交
583
{
584
	return path_getxattr(pathname, name, value, size, 0);
L
Linus Torvalds 已提交
585 586
}

587 588
SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
		void __user *, value, size_t, size)
L
Linus Torvalds 已提交
589
{
590
	struct fd f = fdget(fd);
L
Linus Torvalds 已提交
591 592
	ssize_t error = -EBADF;

593
	if (!f.file)
L
Linus Torvalds 已提交
594
		return error;
A
Al Viro 已提交
595
	audit_file(f.file);
596 597
	error = getxattr(f.file->f_path.dentry, name, value, size);
	fdput(f);
L
Linus Torvalds 已提交
598 599 600 601 602 603 604 605 606 607 608 609 610 611 612
	return error;
}

/*
 * Extended attribute LIST operations
 */
static ssize_t
listxattr(struct dentry *d, char __user *list, size_t size)
{
	ssize_t error;
	char *klist = NULL;

	if (size) {
		if (size > XATTR_LIST_MAX)
			size = XATTR_LIST_MAX;
613 614 615
		klist = kvmalloc(size, GFP_KERNEL);
		if (!klist)
			return -ENOMEM;
L
Linus Torvalds 已提交
616 617
	}

B
Bill Nottingham 已提交
618
	error = vfs_listxattr(d, klist, size);
619 620 621 622 623 624 625
	if (error > 0) {
		if (size && copy_to_user(list, klist, error))
			error = -EFAULT;
	} else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
		/* The file system tried to returned a list bigger
		   than XATTR_LIST_MAX bytes. Not possible. */
		error = -E2BIG;
L
Linus Torvalds 已提交
626
	}
R
Richard Weinberger 已提交
627 628 629

	kvfree(klist);

L
Linus Torvalds 已提交
630 631 632
	return error;
}

633 634
static ssize_t path_listxattr(const char __user *pathname, char __user *list,
			      size_t size, unsigned int lookup_flags)
L
Linus Torvalds 已提交
635
{
636
	struct path path;
L
Linus Torvalds 已提交
637
	ssize_t error;
638 639
retry:
	error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
L
Linus Torvalds 已提交
640 641
	if (error)
		return error;
642 643
	error = listxattr(path.dentry, list, size);
	path_put(&path);
644 645 646 647
	if (retry_estale(error, lookup_flags)) {
		lookup_flags |= LOOKUP_REVAL;
		goto retry;
	}
L
Linus Torvalds 已提交
648 649 650
	return error;
}

651 652 653 654 655 656
SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
		size_t, size)
{
	return path_listxattr(pathname, list, size, LOOKUP_FOLLOW);
}

657 658
SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
		size_t, size)
L
Linus Torvalds 已提交
659
{
660
	return path_listxattr(pathname, list, size, 0);
L
Linus Torvalds 已提交
661 662
}

663
SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
L
Linus Torvalds 已提交
664
{
665
	struct fd f = fdget(fd);
L
Linus Torvalds 已提交
666 667
	ssize_t error = -EBADF;

668
	if (!f.file)
L
Linus Torvalds 已提交
669
		return error;
A
Al Viro 已提交
670
	audit_file(f.file);
671 672
	error = listxattr(f.file->f_path.dentry, list, size);
	fdput(f);
L
Linus Torvalds 已提交
673 674 675 676 677 678 679
	return error;
}

/*
 * Extended attribute REMOVE operations
 */
static long
680
removexattr(struct dentry *d, const char __user *name)
L
Linus Torvalds 已提交
681 682 683 684 685 686 687 688 689 690
{
	int error;
	char kname[XATTR_NAME_MAX + 1];

	error = strncpy_from_user(kname, name, sizeof(kname));
	if (error == 0 || error == sizeof(kname))
		error = -ERANGE;
	if (error < 0)
		return error;

691
	return vfs_removexattr(d, kname);
L
Linus Torvalds 已提交
692 693
}

694 695
static int path_removexattr(const char __user *pathname,
			    const char __user *name, unsigned int lookup_flags)
L
Linus Torvalds 已提交
696
{
697
	struct path path;
L
Linus Torvalds 已提交
698
	int error;
699 700
retry:
	error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
L
Linus Torvalds 已提交
701 702
	if (error)
		return error;
703
	error = mnt_want_write(path.mnt);
704
	if (!error) {
705 706
		error = removexattr(path.dentry, name);
		mnt_drop_write(path.mnt);
707
	}
708
	path_put(&path);
709 710 711 712
	if (retry_estale(error, lookup_flags)) {
		lookup_flags |= LOOKUP_REVAL;
		goto retry;
	}
L
Linus Torvalds 已提交
713 714 715
	return error;
}

716 717 718 719 720 721
SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
		const char __user *, name)
{
	return path_removexattr(pathname, name, LOOKUP_FOLLOW);
}

722 723
SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
		const char __user *, name)
L
Linus Torvalds 已提交
724
{
725
	return path_removexattr(pathname, name, 0);
L
Linus Torvalds 已提交
726 727
}

728
SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
L
Linus Torvalds 已提交
729
{
730
	struct fd f = fdget(fd);
L
Linus Torvalds 已提交
731 732
	int error = -EBADF;

733
	if (!f.file)
L
Linus Torvalds 已提交
734
		return error;
A
Al Viro 已提交
735
	audit_file(f.file);
736
	error = mnt_want_write_file_path(f.file);
737
	if (!error) {
A
Al Viro 已提交
738
		error = removexattr(f.file->f_path.dentry, name);
739
		mnt_drop_write_file_path(f.file);
740
	}
741
	fdput(f);
L
Linus Torvalds 已提交
742 743 744 745 746 747 748 749 750 751
	return error;
}

/*
 * Combine the results of the list() operation from every xattr_handler in the
 * list.
 */
ssize_t
generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
{
752
	const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
L
Linus Torvalds 已提交
753 754 755
	unsigned int size = 0;

	if (!buffer) {
756
		for_each_xattr_handler(handlers, handler) {
757 758
			if (!handler->name ||
			    (handler->list && !handler->list(dentry)))
759
				continue;
760
			size += strlen(handler->name) + 1;
761
		}
L
Linus Torvalds 已提交
762 763
	} else {
		char *buf = buffer;
764
		size_t len;
L
Linus Torvalds 已提交
765 766

		for_each_xattr_handler(handlers, handler) {
767 768
			if (!handler->name ||
			    (handler->list && !handler->list(dentry)))
769
				continue;
770 771
			len = strlen(handler->name);
			if (len + 1 > buffer_size)
L
Linus Torvalds 已提交
772
				return -ERANGE;
773 774 775
			memcpy(buf, handler->name, len + 1);
			buf += len + 1;
			buffer_size -= len + 1;
L
Linus Torvalds 已提交
776 777 778 779 780 781
		}
		size = buf - buffer;
	}
	return size;
}
EXPORT_SYMBOL(generic_listxattr);
782

A
Andreas Gruenbacher 已提交
783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800
/**
 * xattr_full_name  -  Compute full attribute name from suffix
 *
 * @handler:	handler of the xattr_handler operation
 * @name:	name passed to the xattr_handler operation
 *
 * The get and set xattr handler operations are called with the remainder of
 * the attribute name after skipping the handler's prefix: for example, "foo"
 * is passed to the get operation of a handler with prefix "user." to get
 * attribute "user.foo".  The full name is still "there" in the name though.
 *
 * Note: the list xattr handler operation when called from the vfs is passed a
 * NULL name; some file systems use this operation internally, with varying
 * semantics.
 */
const char *xattr_full_name(const struct xattr_handler *handler,
			    const char *name)
{
801
	size_t prefix_len = strlen(xattr_prefix(handler));
A
Andreas Gruenbacher 已提交
802 803 804 805 806

	return name - prefix_len;
}
EXPORT_SYMBOL(xattr_full_name);

807 808 809 810 811 812 813 814 815 816
/*
 * Allocate new xattr and copy in the value; but leave the name to callers.
 */
struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
{
	struct simple_xattr *new_xattr;
	size_t len;

	/* wrap around? */
	len = sizeof(*new_xattr) + size;
817
	if (len < sizeof(*new_xattr))
818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855
		return NULL;

	new_xattr = kmalloc(len, GFP_KERNEL);
	if (!new_xattr)
		return NULL;

	new_xattr->size = size;
	memcpy(new_xattr->value, value, size);
	return new_xattr;
}

/*
 * xattr GET operation for in-memory/pseudo filesystems
 */
int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
		     void *buffer, size_t size)
{
	struct simple_xattr *xattr;
	int ret = -ENODATA;

	spin_lock(&xattrs->lock);
	list_for_each_entry(xattr, &xattrs->head, list) {
		if (strcmp(name, xattr->name))
			continue;

		ret = xattr->size;
		if (buffer) {
			if (size < xattr->size)
				ret = -ERANGE;
			else
				memcpy(buffer, xattr->value, xattr->size);
		}
		break;
	}
	spin_unlock(&xattrs->lock);
	return ret;
}

856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871
/**
 * simple_xattr_set - xattr SET operation for in-memory/pseudo filesystems
 * @xattrs: target simple_xattr list
 * @name: name of the extended attribute
 * @value: value of the xattr. If %NULL, will remove the attribute.
 * @size: size of the new xattr
 * @flags: %XATTR_{CREATE|REPLACE}
 *
 * %XATTR_CREATE is set, the xattr shouldn't exist already; otherwise fails
 * with -EEXIST.  If %XATTR_REPLACE is set, the xattr should exist;
 * otherwise, fails with -ENODATA.
 *
 * Returns 0 on success, -errno on failure.
 */
int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
		     const void *value, size_t size, int flags)
872 873
{
	struct simple_xattr *xattr;
874
	struct simple_xattr *new_xattr = NULL;
875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925
	int err = 0;

	/* value == NULL means remove */
	if (value) {
		new_xattr = simple_xattr_alloc(value, size);
		if (!new_xattr)
			return -ENOMEM;

		new_xattr->name = kstrdup(name, GFP_KERNEL);
		if (!new_xattr->name) {
			kfree(new_xattr);
			return -ENOMEM;
		}
	}

	spin_lock(&xattrs->lock);
	list_for_each_entry(xattr, &xattrs->head, list) {
		if (!strcmp(name, xattr->name)) {
			if (flags & XATTR_CREATE) {
				xattr = new_xattr;
				err = -EEXIST;
			} else if (new_xattr) {
				list_replace(&xattr->list, &new_xattr->list);
			} else {
				list_del(&xattr->list);
			}
			goto out;
		}
	}
	if (flags & XATTR_REPLACE) {
		xattr = new_xattr;
		err = -ENODATA;
	} else {
		list_add(&new_xattr->list, &xattrs->head);
		xattr = NULL;
	}
out:
	spin_unlock(&xattrs->lock);
	if (xattr) {
		kfree(xattr->name);
		kfree(xattr);
	}
	return err;

}

static bool xattr_is_trusted(const char *name)
{
	return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
}

926 927 928 929 930 931 932 933 934 935 936 937 938 939
static int xattr_list_one(char **buffer, ssize_t *remaining_size,
			  const char *name)
{
	size_t len = strlen(name) + 1;
	if (*buffer) {
		if (*remaining_size < len)
			return -ERANGE;
		memcpy(*buffer, name, len);
		*buffer += len;
	}
	*remaining_size -= len;
	return 0;
}

940 941 942
/*
 * xattr LIST operation for in-memory/pseudo filesystems
 */
943 944
ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
			  char *buffer, size_t size)
945 946 947
{
	bool trusted = capable(CAP_SYS_ADMIN);
	struct simple_xattr *xattr;
948
	ssize_t remaining_size = size;
949
	int err = 0;
950 951 952 953 954 955 956 957 958 959 960 961 962 963 964

#ifdef CONFIG_FS_POSIX_ACL
	if (inode->i_acl) {
		err = xattr_list_one(&buffer, &remaining_size,
				     XATTR_NAME_POSIX_ACL_ACCESS);
		if (err)
			return err;
	}
	if (inode->i_default_acl) {
		err = xattr_list_one(&buffer, &remaining_size,
				     XATTR_NAME_POSIX_ACL_DEFAULT);
		if (err)
			return err;
	}
#endif
965 966 967 968 969 970 971

	spin_lock(&xattrs->lock);
	list_for_each_entry(xattr, &xattrs->head, list) {
		/* skip "trusted." attributes for unprivileged callers */
		if (!trusted && xattr_is_trusted(xattr->name))
			continue;

972 973
		err = xattr_list_one(&buffer, &remaining_size, xattr->name);
		if (err)
974
			break;
975 976 977
	}
	spin_unlock(&xattrs->lock);

978
	return err ? err : size - remaining_size;
979 980
}

981 982 983
/*
 * Adds an extended attribute to the list
 */
984 985 986 987 988 989 990
void simple_xattr_list_add(struct simple_xattrs *xattrs,
			   struct simple_xattr *new_xattr)
{
	spin_lock(&xattrs->lock);
	list_add(&new_xattr->list, &xattrs->head);
	spin_unlock(&xattrs->lock);
}