path: root/fs/xattr.c (plain)
blob: 1c91835ac431678ade125fbbe0451a7de0383358

1	/*
2	File: fs/xattr.c
3
4	Extended attribute handling.
5
6	Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
7	Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
8	Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
9	*/
10	#include <linux/fs.h>
11	#include <linux/slab.h>
12	#include <linux/file.h>
13	#include <linux/xattr.h>
14	#include <linux/mount.h>
15	#include <linux/namei.h>
16	#include <linux/security.h>
17	#include <linux/evm.h>
18	#include <linux/syscalls.h>
19	#include <linux/export.h>
20	#include <linux/fsnotify.h>
21	#include <linux/audit.h>
22	#include <linux/vmalloc.h>
23	#include <linux/posix_acl_xattr.h>
24
25	#include <asm/uaccess.h>
26
27	static const char *
28	strcmp_prefix(const char *a, const char *a_prefix)
29	{
30	while (*a_prefix && *a == *a_prefix) {
31	a++;
32	a_prefix++;
33	}
34	return *a_prefix ? NULL : a;
35	}
36
37	/*
38	* In order to implement different sets of xattr operations for each xattr
39	* prefix, a filesystem should create a null-terminated array of struct
40	* xattr_handler (one for each prefix) and hang a pointer to it off of the
41	* s_xattr field of the superblock.
42	*/
43	#define for_each_xattr_handler(handlers, handler) \
44	if (handlers) \
45	for ((handler) = *(handlers)++; \
46	(handler) != NULL; \
47	(handler) = *(handlers)++)
48
49	/*
50	* Find the xattr_handler with the matching prefix.
51	*/
52	static const struct xattr_handler *
53	xattr_resolve_name(struct inode *inode, const char **name)
54	{
55	const struct xattr_handler **handlers = inode->i_sb->s_xattr;
56	const struct xattr_handler *handler;
57
58	if (!(inode->i_opflags & IOP_XATTR)) {
59	if (unlikely(is_bad_inode(inode)))
60	return ERR_PTR(-EIO);
61	return ERR_PTR(-EOPNOTSUPP);
62	}
63	for_each_xattr_handler(handlers, handler) {
64	const char *n;
65
66	n = strcmp_prefix(*name, xattr_prefix(handler));
67	if (n) {
68	if (!handler->prefix ^ !*n) {
69	if (*n)
70	continue;
71	return ERR_PTR(-EINVAL);
72	}
73	*name = n;
74	return handler;
75	}
76	}
77	return ERR_PTR(-EOPNOTSUPP);
78	}
79
80	/*
81	* Check permissions for extended attribute access. This is a bit complicated
82	* because different namespaces have very different rules.
83	*/
84	static int
85	xattr_permission(struct inode *inode, const char *name, int mask)
86	{
87	/*
88	* We can never set or remove an extended attribute on a read-only
89	* filesystem or on an immutable / append-only inode.
90	*/
91	if (mask & MAY_WRITE) {
92	if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
93	return -EPERM;
94	/*
95	* Updating an xattr will likely cause i_uid and i_gid
96	* to be writen back improperly if their true value is
97	* unknown to the vfs.
98	*/
99	if (HAS_UNMAPPED_ID(inode))
100	return -EPERM;
101	}
102
103	/*
104	* No restriction for security.* and system.* from the VFS. Decision
105	* on these is left to the underlying filesystem / security module.
106	*/
107	if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
108	!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
109	return 0;
110
111	/*
112	* The trusted.* namespace can only be accessed by privileged users.
113	*/
114	if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
115	if (!capable(CAP_SYS_ADMIN))
116	return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
117	return 0;
118	}
119
120	/*
121	* In the user.* namespace, only regular files and directories can have
122	* extended attributes. For sticky directories, only the owner and
123	* privileged users can write attributes.
124	*/
125	if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
126	if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
127	return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
128	if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
129	(mask & MAY_WRITE) && !inode_owner_or_capable(inode))
130	return -EPERM;
131	}
132
133	return inode_permission2(ERR_PTR(-EOPNOTSUPP), inode, mask);
134	}
135
136	int
137	__vfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name,
138	const void *value, size_t size, int flags)
139	{
140	const struct xattr_handler *handler;
141
142	handler = xattr_resolve_name(inode, &name);
143	if (IS_ERR(handler))
144	return PTR_ERR(handler);
145	if (!handler->set)
146	return -EOPNOTSUPP;
147	if (size == 0)
148	value = ""; /* empty EA, do not remove */
149	return handler->set(handler, dentry, inode, name, value, size, flags);
150	}
151	EXPORT_SYMBOL(__vfs_setxattr);
152
153	/**
154	* __vfs_setxattr_noperm - perform setxattr operation without performing
155	* permission checks.
156	*
157	* @dentry - object to perform setxattr on
158	* @name - xattr name to set
159	* @value - value to set @name to
160	* @size - size of @value
161	* @flags - flags to pass into filesystem operations
162	*
163	* returns the result of the internal setxattr or setsecurity operations.
164	*
165	* This function requires the caller to lock the inode's i_mutex before it
166	* is executed. It also assumes that the caller will make the appropriate
167	* permission checks.
168	*/
169	int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
170	const void *value, size_t size, int flags)
171	{
172	struct inode *inode = dentry->d_inode;
173	int error = -EAGAIN;
174	int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
175	XATTR_SECURITY_PREFIX_LEN);
176
177	if (issec)
178	inode->i_flags &= ~S_NOSEC;
179	if (inode->i_opflags & IOP_XATTR) {
180	error = __vfs_setxattr(dentry, inode, name, value, size, flags);
181	if (!error) {
182	fsnotify_xattr(dentry);
183	security_inode_post_setxattr(dentry, name, value,
184	size, flags);
185	}
186	} else {
187	if (unlikely(is_bad_inode(inode)))
188	return -EIO;
189	}
190	if (error == -EAGAIN) {
191	error = -EOPNOTSUPP;
192
193	if (issec) {
194	const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
195
196	error = security_inode_setsecurity(inode, suffix, value,
197	size, flags);
198	if (!error)
199	fsnotify_xattr(dentry);
200	}
201	}
202
203	return error;
204	}
205
206
207	int
208	vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
209	size_t size, int flags)
210	{
211	struct inode *inode = dentry->d_inode;
212	int error;
213
214	error = xattr_permission(inode, name, MAY_WRITE);
215	if (error)
216	return error;
217
218	inode_lock(inode);
219	error = security_inode_setxattr(dentry, name, value, size, flags);
220	if (error)
221	goto out;
222
223	error = __vfs_setxattr_noperm(dentry, name, value, size, flags);
224
225	out:
226	inode_unlock(inode);
227	return error;
228	}
229	EXPORT_SYMBOL_GPL(vfs_setxattr);
230
231	ssize_t
232	xattr_getsecurity(struct inode *inode, const char *name, void *value,
233	size_t size)
234	{
235	void *buffer = NULL;
236	ssize_t len;
237
238	if (!value || !size) {
239	len = security_inode_getsecurity(inode, name, &buffer, false);
240	goto out_noalloc;
241	}
242
243	len = security_inode_getsecurity(inode, name, &buffer, true);
244	if (len < 0)
245	return len;
246	if (size < len) {
247	len = -ERANGE;
248	goto out;
249	}
250	memcpy(value, buffer, len);
251	out:
252	kfree(buffer);
253	out_noalloc:
254	return len;
255	}
256	EXPORT_SYMBOL_GPL(xattr_getsecurity);
257
258	/*
259	* vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr
260	*
261	* Allocate memory, if not already allocated, or re-allocate correct size,
262	* before retrieving the extended attribute.
263	*
264	* Returns the result of alloc, if failed, or the getxattr operation.
265	*/
266	ssize_t
267	vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
268	size_t xattr_size, gfp_t flags)
269	{
270	const struct xattr_handler *handler;
271	struct inode *inode = dentry->d_inode;
272	char *value = *xattr_value;
273	int error;
274
275	error = xattr_permission(inode, name, MAY_READ);
276	if (error)
277	return error;
278
279	handler = xattr_resolve_name(inode, &name);
280	if (IS_ERR(handler))
281	return PTR_ERR(handler);
282	if (!handler->get)
283	return -EOPNOTSUPP;
284	error = handler->get(handler, dentry, inode, name, NULL, 0);
285	if (error < 0)
286	return error;
287
288	if (!value || (error > xattr_size)) {
289	value = krealloc(*xattr_value, error + 1, flags);
290	if (!value)
291	return -ENOMEM;
292	memset(value, 0, error + 1);
293	}
294
295	error = handler->get(handler, dentry, inode, name, value, error);
296	*xattr_value = value;
297	return error;
298	}
299
300	ssize_t
301	__vfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name,
302	void *value, size_t size)
303	{
304	const struct xattr_handler *handler;
305
306	handler = xattr_resolve_name(inode, &name);
307	if (IS_ERR(handler))
308	return PTR_ERR(handler);
309	if (!handler->get)
310	return -EOPNOTSUPP;
311	return handler->get(handler, dentry, inode, name, value, size);
312	}
313	EXPORT_SYMBOL(__vfs_getxattr);
314
315	ssize_t
316	vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size)
317	{
318	struct inode *inode = dentry->d_inode;
319	int error;
320
321	error = xattr_permission(inode, name, MAY_READ);
322	if (error)
323	return error;
324
325	error = security_inode_getxattr(dentry, name);
326	if (error)
327	return error;
328
329	if (!strncmp(name, XATTR_SECURITY_PREFIX,
330	XATTR_SECURITY_PREFIX_LEN)) {
331	const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
332	int ret = xattr_getsecurity(inode, suffix, value, size);
333	/*
334	* Only overwrite the return value if a security module
335	* is actually active.
336	*/
337	if (ret == -EOPNOTSUPP)
338	goto nolsm;
339	return ret;
340	}
341	nolsm:
342	return __vfs_getxattr(dentry, inode, name, value, size);
343	}
344	EXPORT_SYMBOL_GPL(vfs_getxattr);
345
346	ssize_t
347	vfs_listxattr(struct dentry *dentry, char *list, size_t size)
348	{
349	struct inode *inode = d_inode(dentry);
350	ssize_t error;
351
352	error = security_inode_listxattr(dentry);
353	if (error)
354	return error;
355	if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) {
356	error = -EOPNOTSUPP;
357	error = inode->i_op->listxattr(dentry, list, size);
358	} else {
359	error = security_inode_listsecurity(inode, list, size);
360	if (size && error > size)
361	error = -ERANGE;
362	}
363	return error;
364	}
365	EXPORT_SYMBOL_GPL(vfs_listxattr);
366
367	int
368	__vfs_removexattr(struct dentry *dentry, const char *name)
369	{
370	struct inode *inode = d_inode(dentry);
371	const struct xattr_handler *handler;
372
373	handler = xattr_resolve_name(inode, &name);
374	if (IS_ERR(handler))
375	return PTR_ERR(handler);
376	if (!handler->set)
377	return -EOPNOTSUPP;
378	return handler->set(handler, dentry, inode, name, NULL, 0, XATTR_REPLACE);
379	}
380	EXPORT_SYMBOL(__vfs_removexattr);
381
382	int
383	vfs_removexattr(struct dentry *dentry, const char *name)
384	{
385	struct inode *inode = dentry->d_inode;
386	int error;
387
388	error = xattr_permission(inode, name, MAY_WRITE);
389	if (error)
390	return error;
391
392	inode_lock(inode);
393	error = security_inode_removexattr(dentry, name);
394	if (error)
395	goto out;
396
397	error = __vfs_removexattr(dentry, name);
398
399	if (!error) {
400	fsnotify_xattr(dentry);
401	evm_inode_post_removexattr(dentry, name);
402	}
403
404	out:
405	inode_unlock(inode);
406	return error;
407	}
408	EXPORT_SYMBOL_GPL(vfs_removexattr);
409
410
411	/*
412	* Extended attribute SET operations
413	*/
414	static long
415	setxattr(struct dentry *d, const char __user *name, const void __user *value,
416	size_t size, int flags)
417	{
418	int error;
419	void *kvalue = NULL;
420	char kname[XATTR_NAME_MAX + 1];
421
422	if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
423	return -EINVAL;
424
425	error = strncpy_from_user(kname, name, sizeof(kname));
426	if (error == 0 || error == sizeof(kname))
427	error = -ERANGE;
428	if (error < 0)
429	return error;
430
431	if (size) {
432	if (size > XATTR_SIZE_MAX)
433	return -E2BIG;
434	kvalue = kmalloc(size, GFP_KERNEL | __GFP_NOWARN);
435	if (!kvalue) {
436	kvalue = vmalloc(size);
437	if (!kvalue)
438	return -ENOMEM;
439	}
440	if (copy_from_user(kvalue, value, size)) {
441	error = -EFAULT;
442	goto out;
443	}
444	if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
445	(strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
446	posix_acl_fix_xattr_from_user(kvalue, size);
447	}
448
449	error = vfs_setxattr(d, kname, kvalue, size, flags);
450	out:
451	kvfree(kvalue);
452
453	return error;
454	}
455
456	static int path_setxattr(const char __user *pathname,
457	const char __user *name, const void __user *value,
458	size_t size, int flags, unsigned int lookup_flags)
459	{
460	struct path path;
461	int error;
462	retry:
463	error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
464	if (error)
465	return error;
466	error = mnt_want_write(path.mnt);
467	if (!error) {
468	error = setxattr(path.dentry, name, value, size, flags);
469	mnt_drop_write(path.mnt);
470	}
471	path_put(&path);
472	if (retry_estale(error, lookup_flags)) {
473	lookup_flags |= LOOKUP_REVAL;
474	goto retry;
475	}
476	return error;
477	}
478
479	SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
480	const char __user *, name, const void __user *, value,
481	size_t, size, int, flags)
482	{
483	return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW);
484	}
485
486	SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
487	const char __user *, name, const void __user *, value,
488	size_t, size, int, flags)
489	{
490	return path_setxattr(pathname, name, value, size, flags, 0);
491	}
492
493	SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
494	const void __user *,value, size_t, size, int, flags)
495	{
496	struct fd f = fdget(fd);
497	int error = -EBADF;
498
499	if (!f.file)
500	return error;
501	audit_file(f.file);
502	error = mnt_want_write_file(f.file);
503	if (!error) {
504	error = setxattr(f.file->f_path.dentry, name, value, size, flags);
505	mnt_drop_write_file(f.file);
506	}
507	fdput(f);
508	return error;
509	}
510
511	/*
512	* Extended attribute GET operations
513	*/
514	static ssize_t
515	getxattr(struct dentry *d, const char __user *name, void __user *value,
516	size_t size)
517	{
518	ssize_t error;
519	void *kvalue = NULL;
520	char kname[XATTR_NAME_MAX + 1];
521
522	error = strncpy_from_user(kname, name, sizeof(kname));
523	if (error == 0 || error == sizeof(kname))
524	error = -ERANGE;
525	if (error < 0)
526	return error;
527
528	if (size) {
529	if (size > XATTR_SIZE_MAX)
530	size = XATTR_SIZE_MAX;
531	kvalue = kzalloc(size, GFP_KERNEL | __GFP_NOWARN);
532	if (!kvalue) {
533	kvalue = vzalloc(size);
534	if (!kvalue)
535	return -ENOMEM;
536	}
537	}
538
539	error = vfs_getxattr(d, kname, kvalue, size);
540	if (error > 0) {
541	if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
542	(strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
543	posix_acl_fix_xattr_to_user(kvalue, error);
544	if (size && copy_to_user(value, kvalue, error))
545	error = -EFAULT;
546	} else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
547	/* The file system tried to returned a value bigger
548	than XATTR_SIZE_MAX bytes. Not possible. */
549	error = -E2BIG;
550	}
551
552	kvfree(kvalue);
553
554	return error;
555	}
556
557	static ssize_t path_getxattr(const char __user *pathname,
558	const char __user *name, void __user *value,
559	size_t size, unsigned int lookup_flags)
560	{
561	struct path path;
562	ssize_t error;
563	retry:
564	error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
565	if (error)
566	return error;
567	error = getxattr(path.dentry, name, value, size);
568	path_put(&path);
569	if (retry_estale(error, lookup_flags)) {
570	lookup_flags |= LOOKUP_REVAL;
571	goto retry;
572	}
573	return error;
574	}
575
576	SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
577	const char __user *, name, void __user *, value, size_t, size)
578	{
579	return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW);
580	}
581
582	SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
583	const char __user *, name, void __user *, value, size_t, size)
584	{
585	return path_getxattr(pathname, name, value, size, 0);
586	}
587
588	SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
589	void __user *, value, size_t, size)
590	{
591	struct fd f = fdget(fd);
592	ssize_t error = -EBADF;
593
594	if (!f.file)
595	return error;
596	audit_file(f.file);
597	error = getxattr(f.file->f_path.dentry, name, value, size);
598	fdput(f);
599	return error;
600	}
601
602	/*
603	* Extended attribute LIST operations
604	*/
605	static ssize_t
606	listxattr(struct dentry *d, char __user *list, size_t size)
607	{
608	ssize_t error;
609	char *klist = NULL;
610
611	if (size) {
612	if (size > XATTR_LIST_MAX)
613	size = XATTR_LIST_MAX;
614	klist = kmalloc(size, __GFP_NOWARN | GFP_KERNEL);
615	if (!klist) {
616	klist = vmalloc(size);
617	if (!klist)
618	return -ENOMEM;
619	}
620	}
621
622	error = vfs_listxattr(d, klist, size);
623	if (error > 0) {
624	if (size && copy_to_user(list, klist, error))
625	error = -EFAULT;
626	} else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
627	/* The file system tried to returned a list bigger
628	than XATTR_LIST_MAX bytes. Not possible. */
629	error = -E2BIG;
630	}
631
632	kvfree(klist);
633
634	return error;
635	}
636
637	static ssize_t path_listxattr(const char __user *pathname, char __user *list,
638	size_t size, unsigned int lookup_flags)
639	{
640	struct path path;
641	ssize_t error;
642	retry:
643	error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
644	if (error)
645	return error;
646	error = listxattr(path.dentry, list, size);
647	path_put(&path);
648	if (retry_estale(error, lookup_flags)) {
649	lookup_flags |= LOOKUP_REVAL;
650	goto retry;
651	}
652	return error;
653	}
654
655	SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
656	size_t, size)
657	{
658	return path_listxattr(pathname, list, size, LOOKUP_FOLLOW);
659	}
660
661	SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
662	size_t, size)
663	{
664	return path_listxattr(pathname, list, size, 0);
665	}
666
667	SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
668	{
669	struct fd f = fdget(fd);
670	ssize_t error = -EBADF;
671
672	if (!f.file)
673	return error;
674	audit_file(f.file);
675	error = listxattr(f.file->f_path.dentry, list, size);
676	fdput(f);
677	return error;
678	}
679
680	/*
681	* Extended attribute REMOVE operations
682	*/
683	static long
684	removexattr(struct dentry *d, const char __user *name)
685	{
686	int error;
687	char kname[XATTR_NAME_MAX + 1];
688
689	error = strncpy_from_user(kname, name, sizeof(kname));
690	if (error == 0 || error == sizeof(kname))
691	error = -ERANGE;
692	if (error < 0)
693	return error;
694
695	return vfs_removexattr(d, kname);
696	}
697
698	static int path_removexattr(const char __user *pathname,
699	const char __user *name, unsigned int lookup_flags)
700	{
701	struct path path;
702	int error;
703	retry:
704	error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
705	if (error)
706	return error;
707	error = mnt_want_write(path.mnt);
708	if (!error) {
709	error = removexattr(path.dentry, name);
710	mnt_drop_write(path.mnt);
711	}
712	path_put(&path);
713	if (retry_estale(error, lookup_flags)) {
714	lookup_flags |= LOOKUP_REVAL;
715	goto retry;
716	}
717	return error;
718	}
719
720	SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
721	const char __user *, name)
722	{
723	return path_removexattr(pathname, name, LOOKUP_FOLLOW);
724	}
725
726	SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
727	const char __user *, name)
728	{
729	return path_removexattr(pathname, name, 0);
730	}
731
732	SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
733	{
734	struct fd f = fdget(fd);
735	int error = -EBADF;
736
737	if (!f.file)
738	return error;
739	audit_file(f.file);
740	error = mnt_want_write_file(f.file);
741	if (!error) {
742	error = removexattr(f.file->f_path.dentry, name);
743	mnt_drop_write_file(f.file);
744	}
745	fdput(f);
746	return error;
747	}
748
749	/*
750	* Combine the results of the list() operation from every xattr_handler in the
751	* list.
752	*/
753	ssize_t
754	generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
755	{
756	const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
757	unsigned int size = 0;
758
759	if (!buffer) {
760	for_each_xattr_handler(handlers, handler) {
761	if (!handler->name ||
762	(handler->list && !handler->list(dentry)))
763	continue;
764	size += strlen(handler->name) + 1;
765	}
766	} else {
767	char *buf = buffer;
768	size_t len;
769
770	for_each_xattr_handler(handlers, handler) {
771	if (!handler->name ||
772	(handler->list && !handler->list(dentry)))
773	continue;
774	len = strlen(handler->name);
775	if (len + 1 > buffer_size)
776	return -ERANGE;
777	memcpy(buf, handler->name, len + 1);
778	buf += len + 1;
779	buffer_size -= len + 1;
780	}
781	size = buf - buffer;
782	}
783	return size;
784	}
785	EXPORT_SYMBOL(generic_listxattr);
786
787	/**
788	* xattr_full_name - Compute full attribute name from suffix
789	*
790	* @handler: handler of the xattr_handler operation
791	* @name: name passed to the xattr_handler operation
792	*
793	* The get and set xattr handler operations are called with the remainder of
794	* the attribute name after skipping the handler's prefix: for example, "foo"
795	* is passed to the get operation of a handler with prefix "user." to get
796	* attribute "user.foo". The full name is still "there" in the name though.
797	*
798	* Note: the list xattr handler operation when called from the vfs is passed a
799	* NULL name; some file systems use this operation internally, with varying
800	* semantics.
801	*/
802	const char *xattr_full_name(const struct xattr_handler *handler,
803	const char *name)
804	{
805	size_t prefix_len = strlen(xattr_prefix(handler));
806
807	return name - prefix_len;
808	}
809	EXPORT_SYMBOL(xattr_full_name);
810
811	/*
812	* Allocate new xattr and copy in the value; but leave the name to callers.
813	*/
814	struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
815	{
816	struct simple_xattr *new_xattr;
817	size_t len;
818
819	/* wrap around? */
820	len = sizeof(*new_xattr) + size;
821	if (len < sizeof(*new_xattr))
822	return NULL;
823
824	new_xattr = kmalloc(len, GFP_KERNEL);
825	if (!new_xattr)
826	return NULL;
827
828	new_xattr->size = size;
829	memcpy(new_xattr->value, value, size);
830	return new_xattr;
831	}
832
833	/*
834	* xattr GET operation for in-memory/pseudo filesystems
835	*/
836	int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
837	void *buffer, size_t size)
838	{
839	struct simple_xattr *xattr;
840	int ret = -ENODATA;
841
842	spin_lock(&xattrs->lock);
843	list_for_each_entry(xattr, &xattrs->head, list) {
844	if (strcmp(name, xattr->name))
845	continue;
846
847	ret = xattr->size;
848	if (buffer) {
849	if (size < xattr->size)
850	ret = -ERANGE;
851	else
852	memcpy(buffer, xattr->value, xattr->size);
853	}
854	break;
855	}
856	spin_unlock(&xattrs->lock);
857	return ret;
858	}
859
860	/**
861	* simple_xattr_set - xattr SET operation for in-memory/pseudo filesystems
862	* @xattrs: target simple_xattr list
863	* @name: name of the extended attribute
864	* @value: value of the xattr. If %NULL, will remove the attribute.
865	* @size: size of the new xattr
866	* @flags: %XATTR_{CREATE|REPLACE}
867	*
868	* %XATTR_CREATE is set, the xattr shouldn't exist already; otherwise fails
869	* with -EEXIST. If %XATTR_REPLACE is set, the xattr should exist;
870	* otherwise, fails with -ENODATA.
871	*
872	* Returns 0 on success, -errno on failure.
873	*/
874	int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
875	const void *value, size_t size, int flags)
876	{
877	struct simple_xattr *xattr;
878	struct simple_xattr *new_xattr = NULL;
879	int err = 0;
880
881	/* value == NULL means remove */
882	if (value) {
883	new_xattr = simple_xattr_alloc(value, size);
884	if (!new_xattr)
885	return -ENOMEM;
886
887	new_xattr->name = kstrdup(name, GFP_KERNEL);
888	if (!new_xattr->name) {
889	kfree(new_xattr);
890	return -ENOMEM;
891	}
892	}
893
894	spin_lock(&xattrs->lock);
895	list_for_each_entry(xattr, &xattrs->head, list) {
896	if (!strcmp(name, xattr->name)) {
897	if (flags & XATTR_CREATE) {
898	xattr = new_xattr;
899	err = -EEXIST;
900	} else if (new_xattr) {
901	list_replace(&xattr->list, &new_xattr->list);
902	} else {
903	list_del(&xattr->list);
904	}
905	goto out;
906	}
907	}
908	if (flags & XATTR_REPLACE) {
909	xattr = new_xattr;
910	err = -ENODATA;
911	} else {
912	list_add(&new_xattr->list, &xattrs->head);
913	xattr = NULL;
914	}
915	out:
916	spin_unlock(&xattrs->lock);
917	if (xattr) {
918	kfree(xattr->name);
919	kfree(xattr);
920	}
921	return err;
922
923	}
924
925	static bool xattr_is_trusted(const char *name)
926	{
927	return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
928	}
929
930	static int xattr_list_one(char **buffer, ssize_t *remaining_size,
931	const char *name)
932	{
933	size_t len = strlen(name) + 1;
934	if (*buffer) {
935	if (*remaining_size < len)
936	return -ERANGE;
937	memcpy(*buffer, name, len);
938	*buffer += len;
939	}
940	*remaining_size -= len;
941	return 0;
942	}
943
944	/*
945	* xattr LIST operation for in-memory/pseudo filesystems
946	*/
947	ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
948	char *buffer, size_t size)
949	{
950	bool trusted = capable(CAP_SYS_ADMIN);
951	struct simple_xattr *xattr;
952	ssize_t remaining_size = size;
953	int err = 0;
954
955	#ifdef CONFIG_FS_POSIX_ACL
956	if (IS_POSIXACL(inode)) {
957	if (inode->i_acl) {
958	err = xattr_list_one(&buffer, &remaining_size,
959	XATTR_NAME_POSIX_ACL_ACCESS);
960	if (err)
961	return err;
962	}
963	if (inode->i_default_acl) {
964	err = xattr_list_one(&buffer, &remaining_size,
965	XATTR_NAME_POSIX_ACL_DEFAULT);
966	if (err)
967	return err;
968	}
969	}
970	#endif
971
972	spin_lock(&xattrs->lock);
973	list_for_each_entry(xattr, &xattrs->head, list) {
974	/* skip "trusted." attributes for unprivileged callers */
975	if (!trusted && xattr_is_trusted(xattr->name))
976	continue;
977
978	err = xattr_list_one(&buffer, &remaining_size, xattr->name);
979	if (err)
980	break;
981	}
982	spin_unlock(&xattrs->lock);
983
984	return err ? err : size - remaining_size;
985	}
986
987	/*
988	* Adds an extended attribute to the list
989	*/
990	void simple_xattr_list_add(struct simple_xattrs *xattrs,
991	struct simple_xattr *new_xattr)
992	{
993	spin_lock(&xattrs->lock);
994	list_add(&new_xattr->list, &xattrs->head);
995	spin_unlock(&xattrs->lock);
996	}
997