[PATCH] xattr: allow kernel code to override EA permissions

Patch from Andreas Gruenbacher <agruen@suse.de> This adds the XATTR_KERNEL_CONTEXT extended attributes flag. Kernel code may use this flag to override extended attribute permission restrictions that would otherwise be imposed on the calling process.

[PATCH] xattr: allow kernel code to override EA permissions
Patch from Andreas Gruenbacher <agruen@suse.de> This adds the XATTR_KERNEL_CONTEXT extended attributes flag. Kernel code may use this flag to override extended attribute permission restrictions that would otherwise be imposed on the calling process.
f83b53c5 · Andrew Morton · Jens Axboe · 36bc191b · f83b53c5 · f83b53c5
Commit f83b53c5 authored Feb 14, 2003 by Andrew Morton Committed by Jens Axboe Feb 14, 2003
Hide whitespace changes
Inline Side-by-side

Showing with 47 additions and 41 deletions

fs/ext2/xattr_user.c fs/ext2/xattr_user.c +22 -19

fs/ext3/xattr_user.c fs/ext3/xattr_user.c +22 -20

include/linux/xattr.h include/linux/xattr.h +3 -2

No files found.
--- a/fs/ext2/xattr_user.c
+++ b/fs/ext2/xattr_user.c
@@ -23,7 +23,8 @@ ext2_xattr_user_list(char *list, struct inode *inode,
 {
 	const int prefix_len = sizeof(XATTR_USER_PREFIX)-1;
-	if (!test_opt(inode->i_sb, XATTR_USER))
+	if (!(flags & XATTR_KERNEL_CONTEXT) &&
+	    !test_opt(inode->i_sb, XATTR_USER))
 		return 0;
 	if (list) {
@@ -38,20 +39,21 @@ static int
 ext2_xattr_user_get(struct inode *inode, const char *name,
 		    void *buffer, size_t size, int flags)
 {
-	int error;
 	if (strcmp(name, "") == 0)
 		return -EINVAL;
-	if (!test_opt(inode->i_sb, XATTR_USER))
+	if (!(flags & XATTR_KERNEL_CONTEXT)) {
-		return -EOPNOTSUPP;
+		int error;
+		if (!test_opt(inode->i_sb, XATTR_USER))
+			return -EOPNOTSUPP;
 #ifdef CONFIG_EXT2_FS_POSIX_ACL
-	error = ext2_permission_locked(inode, MAY_READ);
+		error = ext2_permission_locked(inode, MAY_READ);
 #else
-	error = permission(inode, MAY_READ);
+		error = permission(inode, MAY_READ);
 #endif
-	if (error)
+		if (error)
-		return error;
+			return error;
+	}
 	return ext2_xattr_get(inode, EXT2_XATTR_INDEX_USER, name,
 			      buffer, size);
 }
@@ -60,23 +62,24 @@ static int
 ext2_xattr_user_set(struct inode *inode, const char *name,
 		    const void *value, size_t size, int flags)
 {
-	int error;
 	if (strcmp(name, "") == 0)
 		return -EINVAL;
-	if (!test_opt(inode->i_sb, XATTR_USER))
-		return -EOPNOTSUPP;
 	if ( !S_ISREG(inode->i_mode) &&
 	    (!S_ISDIR(inode->i_mode) || inode->i_mode & S_ISVTX))
 		return -EPERM;
+	if (!(flags & XATTR_KERNEL_CONTEXT)) {
+		int error;
+		if (!test_opt(inode->i_sb, XATTR_USER))
+			return -EOPNOTSUPP;
 #ifdef CONFIG_EXT2_FS_POSIX_ACL
-	error = ext2_permission_locked(inode, MAY_WRITE);
+		error = ext2_permission_locked(inode, MAY_WRITE);
 #else
-	error = permission(inode, MAY_WRITE);
+		error = permission(inode, MAY_WRITE);
 #endif
-	if (error)
+		if (error)
-		return error;
+			return error;
+	}
 	return ext2_xattr_set(inode, EXT2_XATTR_INDEX_USER, name,
 			      value, size, flags);
 }

--- a/fs/ext3/xattr_user.c
+++ b/fs/ext3/xattr_user.c
@@ -25,7 +25,8 @@ ext3_xattr_user_list(char *list, struct inode *inode,
 {
 	const int prefix_len = sizeof(XATTR_USER_PREFIX)-1;
-	if (!test_opt(inode->i_sb, XATTR_USER))
+	if (!(flags & XATTR_KERNEL_CONTEXT) &&
+	    !test_opt(inode->i_sb, XATTR_USER))
 		return 0;
 	if (list) {
@@ -40,20 +41,21 @@ static int
 ext3_xattr_user_get(struct inode *inode, const char *name,
 		    void *buffer, size_t size, int flags)
 {
-	int error;
 	if (strcmp(name, "") == 0)
 		return -EINVAL;
-	if (!test_opt(inode->i_sb, XATTR_USER))
+	if (!(flags & XATTR_KERNEL_CONTEXT)) {
-		return -EOPNOTSUPP;
+		int error;
+		if (!test_opt(inode->i_sb, XATTR_USER))
+			return -EOPNOTSUPP;
 #ifdef CONFIG_EXT3_FS_POSIX_ACL
-	error = ext3_permission_locked(inode, MAY_READ);
+		error = ext3_permission_locked(inode, MAY_READ);
 #else
-	error = permission(inode, MAY_READ);
+		error = permission(inode, MAY_READ);
 #endif
-	if (error)
+		if (error)
-		return error;
+			return error;
+	}
 	return ext3_xattr_get(inode, EXT3_XATTR_INDEX_USER, name,
 			      buffer, size);
 }
@@ -62,26 +64,26 @@ static int
 ext3_xattr_user_set(struct inode *inode, const char *name,
 		    const void *value, size_t size, int flags)
 {
-	int error;
 	if (strcmp(name, "") == 0)
 		return -EINVAL;
-	if (!test_opt(inode->i_sb, XATTR_USER))
-		return -EOPNOTSUPP;
 	if ( !S_ISREG(inode->i_mode) &&
 	    (!S_ISDIR(inode->i_mode) || inode->i_mode & S_ISVTX))
 		return -EPERM;
+	if (!(flags & XATTR_KERNEL_CONTEXT)) {
+		int error;
+		if (!test_opt(inode->i_sb, XATTR_USER))
+			return -EOPNOTSUPP;
 #ifdef CONFIG_EXT3_FS_POSIX_ACL
-	error = ext3_permission_locked(inode, MAY_WRITE);
+		error = ext3_permission_locked(inode, MAY_WRITE);
 #else
-	error = permission(inode, MAY_WRITE);
+		error = permission(inode, MAY_WRITE);
 #endif
-	if (error)
+		if (error)
-		return error;
+			return error;
+	}
 	return ext3_xattr_set(inode, EXT3_XATTR_INDEX_USER, name,
 			      value, size, flags);
 }
 struct ext3_xattr_handler ext3_xattr_user_handler = {

--- a/include/linux/xattr.h
+++ b/include/linux/xattr.h
@@ -9,7 +9,8 @@
 #ifndef _LINUX_XATTR_H
 #define _LINUX_XATTR_H
-#define XATTR_CREATE	0x1	/* set value, fail if attr already exists */
+#define XATTR_CREATE		0x1	/* fail if attr already exists */
-#define XATTR_REPLACE	0x2	/* set value, fail if attr does not exist */
+#define XATTR_REPLACE		0x2	/* fail if attr does not exist */
+#define XATTR_KERNEL_CONTEXT	0x4	/* called from kernel context */
 #endif	/* _LINUX_XATTR_H */