cregit-Linux how code gets into the kernel

Release 4.7 fs/xattr.c

Directory: fs
/*
  File: fs/xattr.c

  Extended attribute handling.

  Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
  Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
  Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
 */
#include <linux/fs.h>
#include <linux/slab.h>
#include <linux/file.h>
#include <linux/xattr.h>
#include <linux/mount.h>
#include <linux/namei.h>
#include <linux/security.h>
#include <linux/evm.h>
#include <linux/syscalls.h>
#include <linux/export.h>
#include <linux/fsnotify.h>
#include <linux/audit.h>
#include <linux/vmalloc.h>
#include <linux/posix_acl_xattr.h>

#include <asm/uaccess.h>

/*
 * Check permissions for extended attribute access.  This is a bit complicated
 * because different namespaces have very different rules.
 */

static int xattr_permission(struct inode *inode, const char *name, int mask) { /* * We can never set or remove an extended attribute on a read-only * filesystem or on an immutable / append-only inode. */ if (mask & MAY_WRITE) { if (IS_IMMUTABLE(inode) || IS_APPEND(inode)) return -EPERM; } /* * No restriction for security.* and system.* from the VFS. Decision * on these is left to the underlying filesystem / security module. */ if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) || !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) return 0; /* * The trusted.* namespace can only be accessed by privileged users. */ if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) { if (!capable(CAP_SYS_ADMIN)) return (mask & MAY_WRITE) ? -EPERM : -ENODATA; return 0; } /* * In the user.* namespace, only regular files and directories can have * extended attributes. For sticky directories, only the owner and * privileged users can write attributes. */ if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) { if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode)) return (mask & MAY_WRITE) ? -EPERM : -ENODATA; if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) && (mask & MAY_WRITE) && !inode_owner_or_capable(inode)) return -EPERM; } return inode_permission(inode, mask); }

Contributors

PersonTokensPropCommitsCommitProp
andrew mortonandrew morton13970.92%116.67%
andreas gruenbacherandreas gruenbacher5427.55%233.33%
serge hallynserge hallyn10.51%116.67%
al viroal viro10.51%116.67%
satyam sharmasatyam sharma10.51%116.67%
Total196100.00%6100.00%

/** * __vfs_setxattr_noperm - perform setxattr operation without performing * permission checks. * * @dentry - object to perform setxattr on * @name - xattr name to set * @value - value to set @name to * @size - size of @value * @flags - flags to pass into filesystem operations * * returns the result of the internal setxattr or setsecurity operations. * * This function requires the caller to lock the inode's i_mutex before it * is executed. It also assumes that the caller will make the appropriate * permission checks. */
int __vfs_setxattr_noperm(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) { struct inode *inode = dentry->d_inode; int error = -EOPNOTSUPP; int issec = !strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN); if (issec) inode->i_flags &= ~S_NOSEC; if (inode->i_op->setxattr) { error = inode->i_op->setxattr(dentry, inode, name, value, size, flags); if (!error) { fsnotify_xattr(dentry); security_inode_post_setxattr(dentry, name, value, size, flags); } } else if (issec) { const char *suffix = name + XATTR_SECURITY_PREFIX_LEN; error = security_inode_setsecurity(inode, suffix, value, size, flags); if (!error) fsnotify_xattr(dentry); } return error; }

Contributors

PersonTokensPropCommitsCommitProp
christoph hellwigchristoph hellwig12877.58%116.67%
andi kleenandi kleen2515.15%116.67%
david p. quigleydavid p. quigley74.24%116.67%
al viroal viro21.21%116.67%
david howellsdavid howells21.21%116.67%
andrew mortonandrew morton10.61%116.67%
Total165100.00%6100.00%


int vfs_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) { struct inode *inode = dentry->d_inode; int error; error = xattr_permission(inode, name, MAY_WRITE); if (error) return error; inode_lock(inode); error = security_inode_setxattr(dentry, name, value, size, flags); if (error) goto out; error = __vfs_setxattr_noperm(dentry, name, value, size, flags); out: inode_unlock(inode); return error; }

Contributors

PersonTokensPropCommitsCommitProp
david p. quigleydavid p. quigley9688.89%133.33%
christoph hellwigchristoph hellwig109.26%133.33%
al viroal viro21.85%133.33%
Total108100.00%3100.00%

EXPORT_SYMBOL_GPL(vfs_setxattr);
ssize_t xattr_getsecurity(struct inode *inode, const char *name, void *value, size_t size) { void *buffer = NULL; ssize_t len; if (!value || !size) { len = security_inode_getsecurity(inode, name, &buffer, false); goto out_noalloc; } len = security_inode_getsecurity(inode, name, &buffer, true); if (len < 0) return len; if (size < len) { len = -ERANGE; goto out; } memcpy(value, buffer, len); out: security_release_secctx(buffer, len); out_noalloc: return len; }

Contributors

PersonTokensPropCommitsCommitProp
david p. quigleydavid p. quigley11999.17%150.00%
christoph hellwigchristoph hellwig10.83%150.00%
Total120100.00%2100.00%

EXPORT_SYMBOL_GPL(xattr_getsecurity); /* * vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr * * Allocate memory, if not already allocated, or re-allocate correct size, * before retrieving the extended attribute. * * Returns the result of alloc, if failed, or the getxattr operation. */
ssize_t vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value, size_t xattr_size, gfp_t flags) { struct inode *inode = dentry->d_inode; char *value = *xattr_value; int error; error = xattr_permission(inode, name, MAY_READ); if (error) return error; if (!inode->i_op->getxattr) return -EOPNOTSUPP; error = inode->i_op->getxattr(dentry, inode, name, NULL, 0); if (error < 0) return error; if (!value || (error > xattr_size)) { value = krealloc(*xattr_value, error + 1, flags); if (!value) return -ENOMEM; memset(value, 0, error + 1); } error = inode->i_op->getxattr(dentry, inode, name, value, error); *xattr_value = value; return error; }

Contributors

PersonTokensPropCommitsCommitProp
mimi zoharmimi zohar17497.75%150.00%
al viroal viro42.25%150.00%
Total178100.00%2100.00%


ssize_t vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size) { struct inode *inode = dentry->d_inode; int error; error = xattr_permission(inode, name, MAY_READ); if (error) return error; error = security_inode_getxattr(dentry, name); if (error) return error; if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN)) { const char *suffix = name + XATTR_SECURITY_PREFIX_LEN; int ret = xattr_getsecurity(inode, suffix, value, size); /* * Only overwrite the return value if a security module * is actually active. */ if (ret == -EOPNOTSUPP) goto nolsm; return ret; } nolsm: if (inode->i_op->getxattr) error = inode->i_op->getxattr(dentry, inode, name, value, size); else error = -EOPNOTSUPP; return error; }

Contributors

PersonTokensPropCommitsCommitProp
christoph hellwigchristoph hellwig9459.87%116.67%
david p. quigleydavid p. quigley4025.48%233.33%
andrew mortonandrew morton2012.74%116.67%
al viroal viro21.27%116.67%
david howellsdavid howells10.64%116.67%
Total157100.00%6100.00%

EXPORT_SYMBOL_GPL(vfs_getxattr);
ssize_t vfs_listxattr(struct dentry *d, char *list, size_t size) { ssize_t error; error = security_inode_listxattr(d); if (error) return error; error = -EOPNOTSUPP; if (d->d_inode->i_op->listxattr) { error = d->d_inode->i_op->listxattr(d, list, size); } else { error = security_inode_listsecurity(d->d_inode, list, size); if (size && error > size) error = -ERANGE; } return error; }

Contributors

PersonTokensPropCommitsCommitProp
bill nottinghambill nottingham100100.00%1100.00%
Total100100.00%1100.00%

EXPORT_SYMBOL_GPL(vfs_listxattr);
int vfs_removexattr(struct dentry *dentry, const char *name) { struct inode *inode = dentry->d_inode; int error; if (!inode->i_op->removexattr) return -EOPNOTSUPP; error = xattr_permission(inode, name, MAY_WRITE); if (error) return error; inode_lock(inode); error = security_inode_removexattr(dentry, name); if (error) goto out; error = inode->i_op->removexattr(dentry, name); if (!error) { fsnotify_xattr(dentry); evm_inode_post_removexattr(dentry, name); } out: inode_unlock(inode); return error; }

Contributors

PersonTokensPropCommitsCommitProp
christoph hellwigchristoph hellwig7864.46%114.29%
andrew mortonandrew morton1814.88%114.29%
mimi zoharmimi zohar1310.74%228.57%
dmitry kasatkindmitry kasatkin97.44%114.29%
al viroal viro21.65%114.29%
david howellsdavid howells10.83%114.29%
Total121100.00%7100.00%

EXPORT_SYMBOL_GPL(vfs_removexattr); /* * Extended attribute SET operations */
static long setxattr(struct dentry *d, const char __user *name, const void __user *value, size_t size, int flags) { int error; void *kvalue = NULL; char kname[XATTR_NAME_MAX + 1]; if (flags & ~(XATTR_CREATE|XATTR_REPLACE)) return -EINVAL; error = strncpy_from_user(kname, name, sizeof(kname)); if (error == 0 || error == sizeof(kname)) error = -ERANGE; if (error < 0) return error; if (size) { if (size > XATTR_SIZE_MAX) return -E2BIG; kvalue = kmalloc(size, GFP_KERNEL | __GFP_NOWARN); if (!kvalue) { kvalue = vmalloc(size); if (!kvalue) return -ENOMEM; } if (copy_from_user(kvalue, value, size)) { error = -EFAULT; goto out; } if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) || (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0)) posix_acl_fix_xattr_from_user(kvalue, size); } error = vfs_setxattr(d, kname, kvalue, size, flags); out: kvfree(kvalue); return error; }

Contributors

PersonTokensPropCommitsCommitProp
linus torvaldslinus torvalds7834.06%19.09%
andrew mortonandrew morton5724.89%218.18%
nathan scottnathan scott3213.97%19.09%
eric w. biedermaneric w. biederman3113.54%19.09%
stephen d. smalleystephen d. smalley156.55%19.09%
christoph hellwigchristoph hellwig73.06%19.09%
richard weinbergerrichard weinberger31.31%19.09%
andries brouwerandries brouwer20.87%19.09%
li zefanli zefan20.87%19.09%
david howellsdavid howells20.87%19.09%
Total229100.00%11100.00%


static int path_setxattr(const char __user *pathname, const char __user *name, const void __user *value, size_t size, int flags, unsigned int lookup_flags) { struct path path; int error; retry: error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path); if (error) return error; error = mnt_want_write(path.mnt); if (!error) { error = setxattr(path.dentry, name, value, size, flags); mnt_drop_write(path.mnt); } path_put(&path); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } return error; }

Contributors

PersonTokensPropCommitsCommitProp
linus torvaldslinus torvalds4332.82%114.29%
eric biggerseric biggers3224.43%114.29%
jeff laytonjeff layton2519.08%114.29%
dave hansendave hansen2317.56%114.29%
jan blunckjan blunck43.05%228.57%
al viroal viro43.05%114.29%
Total131100.00%7100.00%

SYSCALL_DEFINE5(setxattr, const char __user *, pathname, const char __user *, name, const void __user *, value, size_t, size, int, flags) { return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW); } SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname, const char __user *, name, const void __user *, value, size_t, size, int, flags) { return path_setxattr(pathname, name, value, size, flags, 0); } SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name, const void __user *,value, size_t, size, int, flags) { struct fd f = fdget(fd); int error = -EBADF; if (!f.file) return error; audit_file(f.file); error = mnt_want_write_file(f.file); if (!error) { error = setxattr(f.file->f_path.dentry, name, value, size, flags); mnt_drop_write_file(f.file); } fdput(f); return error; } /* * Extended attribute GET operations */
static ssize_t getxattr(struct dentry *d, const char __user *name, void __user *value, size_t size) { ssize_t error; void *kvalue = NULL; char kname[XATTR_NAME_MAX + 1]; error = strncpy_from_user(kname, name, sizeof(kname)); if (error == 0 || error == sizeof(kname)) error = -ERANGE; if (error < 0) return error; if (size) { if (size > XATTR_SIZE_MAX) size = XATTR_SIZE_MAX; kvalue = kzalloc(size, GFP_KERNEL | __GFP_NOWARN); if (!kvalue) { kvalue = vmalloc(size); if (!kvalue) return -ENOMEM; } } error = vfs_getxattr(d, kname, kvalue, size); if (error > 0) { if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) || (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0)) posix_acl_fix_xattr_to_user(kvalue, size); if (size && copy_to_user(value, kvalue, error)) error = -EFAULT; } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) { /* The file system tried to returned a value bigger than XATTR_SIZE_MAX bytes. Not possible. */ error = -E2BIG; } kvfree(kvalue); return error; }

Contributors

PersonTokensPropCommitsCommitProp
linus torvaldslinus torvalds8536.80%16.25%
andrew mortonandrew morton4519.48%212.50%
nathan scottnathan scott3515.15%318.75%
eric w. biedermaneric w. biederman3113.42%16.25%
sasha levinsasha levin146.06%16.25%
stephen d. smalleystephen d. smalley104.33%212.50%
richard weinbergerrichard weinberger31.30%16.25%
greg kroah-hartmangreg kroah-hartman31.30%16.25%
andries brouwerandries brouwer20.87%16.25%
james morrisjames morris10.43%16.25%
christoph hellwigchristoph hellwig10.43%16.25%
david howellsdavid howells10.43%16.25%
Total231100.00%16100.00%


static ssize_t path_getxattr(const char __user *pathname, const char __user *name, void __user *value, size_t size, unsigned int lookup_flags) { struct path path; ssize_t error; retry: error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path); if (error) return error; error = getxattr(path.dentry, name, value, size); path_put(&path); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } return error; }

Contributors

PersonTokensPropCommitsCommitProp
linus torvaldslinus torvalds4039.22%114.29%
eric biggerseric biggers2827.45%114.29%
jeff laytonjeff layton2524.51%114.29%
jan blunckjan blunck43.92%228.57%
al viroal viro43.92%114.29%
nathan scottnathan scott10.98%114.29%
Total102100.00%7100.00%

SYSCALL_DEFINE4(getxattr, const char __user *, pathname, const char __user *, name, void __user *, value, size_t, size) { return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW); } SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname, const char __user *, name, void __user *, value, size_t, size) { return path_getxattr(pathname, name, value, size, 0); } SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name, void __user *, value, size_t, size) { struct fd f = fdget(fd); ssize_t error = -EBADF; if (!f.file) return error; audit_file(f.file); error = getxattr(f.file->f_path.dentry, name, value, size); fdput(f); return error; } /* * Extended attribute LIST operations */
static ssize_t listxattr(struct dentry *d, char __user *list, size_t size) { ssize_t error; char *klist = NULL; if (size) { if (size > XATTR_LIST_MAX) size = XATTR_LIST_MAX; klist = kmalloc(size, __GFP_NOWARN | GFP_KERNEL); if (!klist) { klist = vmalloc(size); if (!klist) return -ENOMEM; } } error = vfs_listxattr(d, klist, size); if (error > 0) { if (size && copy_to_user(list, klist, error)) error = -EFAULT; } else if (error == -ERANGE && size >= XATTR_LIST_MAX) { /* The file system tried to returned a list bigger than XATTR_LIST_MAX bytes. Not possible. */ error = -E2BIG; } kvfree(klist); return error; }

Contributors

PersonTokensPropCommitsCommitProp
linus torvaldslinus torvalds6444.76%19.09%
andrew mortonandrew morton5840.56%327.27%
stephen d. smalleystephen d. smalley117.69%19.09%
nathan scottnathan scott32.10%218.18%
richard weinbergerrichard weinberger32.10%19.09%
dave jonesdave jones21.40%19.09%
bill nottinghambill nottingham10.70%19.09%
andries brouwerandries brouwer10.70%19.09%
Total143100.00%11100.00%


static ssize_t path_listxattr(const char __user *pathname, char __user *list, size_t size, unsigned int lookup_flags) { struct path path; ssize_t error; retry: error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path); if (error) return error; error = listxattr(path.dentry, list, size); path_put(&path); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } return error; }

Contributors

PersonTokensPropCommitsCommitProp
linus torvaldslinus torvalds3840.43%114.29%
jeff laytonjeff layton2526.60%114.29%
eric biggerseric biggers2223.40%114.29%
al viroal viro44.26%114.29%
jan blunckjan blunck44.26%228.57%
nathan scottnathan scott11.06%114.29%
Total94100.00%7100.00%

SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list, size_t, size) { return path_listxattr(pathname, list, size, LOOKUP_FOLLOW); } SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list, size_t, size) { return path_listxattr(pathname, list, size, 0); } SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size) { struct fd f = fdget(fd); ssize_t error = -EBADF; if (!f.file) return error; audit_file(f.file); error = listxattr(f.file->f_path.dentry, list, size); fdput(f); return error; } /* * Extended attribute REMOVE operations */
static long removexattr(struct dentry *d, const char __user *name) { int error; char kname[XATTR_NAME_MAX + 1]; error = strncpy_from_user(kname, name, sizeof(kname)); if (error == 0 || error == sizeof(kname)) error = -ERANGE; if (error < 0) return error; return vfs_removexattr(d, kname); }

Contributors

PersonTokensPropCommitsCommitProp
linus torvaldslinus torvalds4153.25%120.00%
nathan scottnathan scott3241.56%120.00%
christoph hellwigchristoph hellwig22.60%120.00%
andries brouwerandries brouwer11.30%120.00%
david howellsdavid howells11.30%120.00%
Total77100.00%5100.00%


static int path_removexattr(const char __user *pathname, const char __user *name, unsigned int lookup_flags) { struct path path; int error; retry: error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path); if (error) return error; error = mnt_want_write(path.mnt); if (!error) { error = removexattr(path.dentry, name); mnt_drop_write(path.mnt); } path_put(&path); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } return error; }

Contributors

PersonTokensPropCommitsCommitProp
linus torvaldslinus torvalds3732.74%114.29%
jeff laytonjeff layton2522.12%114.29%
dave hansendave hansen2320.35%114.29%
eric biggerseric biggers2017.70%114.29%
jan blunckjan blunck43.54%228.57%
al viroal viro43.54%114.29%
Total113100.00%7100.00%

SYSCALL_DEFINE2(removexattr, const char __user *, pathname, const char __user *, name) { return path_removexattr(pathname, name, LOOKUP_FOLLOW); } SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname, const char __user *, name) { return path_removexattr(pathname, name, 0); } SYSCALL_DEFINE2(fremovexattr,