mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-01-03 19:53:32 +00:00
6140be90ec
Add the four syscalls setxattrat(), getxattrat(), listxattrat() and
removexattrat(). Those can be used to operate on extended attributes,
especially security related ones, either relative to a pinned directory
or on a file descriptor without read access, avoiding a
/proc/<pid>/fd/<fd> detour, requiring a mounted procfs.
One use case will be setfiles(8) setting SELinux file contexts
("security.selinux") without race conditions and without a file
descriptor opened with read access requiring SELinux read permission.
Use the do_{name}at() pattern from fs/open.c.
Pass the value of the extended attribute, its length, and for
setxattrat(2) the command (XATTR_CREATE or XATTR_REPLACE) via an added
struct xattr_args to not exceed six syscall arguments and not
merging the AT_* and XATTR_* flags.
[AV: fixes by Christian Brauner folded in, the entire thing rebased on
top of {filename,file}_...xattr() primitives, treatment of empty
pathnames regularized. As the result, AT_EMPTY_PATH+NULL handling
is cheap, so f...(2) can use it]
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Link: https://lore.kernel.org/r/20240426162042.191916-1-cgoettsche@seltendoof.de
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Christian Brauner <brauner@kernel.org>
CC: x86@kernel.org
CC: linux-alpha@vger.kernel.org
CC: linux-kernel@vger.kernel.org
CC: linux-arm-kernel@lists.infradead.org
CC: linux-ia64@vger.kernel.org
CC: linux-m68k@lists.linux-m68k.org
CC: linux-mips@vger.kernel.org
CC: linux-parisc@vger.kernel.org
CC: linuxppc-dev@lists.ozlabs.org
CC: linux-s390@vger.kernel.org
CC: linux-sh@vger.kernel.org
CC: sparclinux@vger.kernel.org
CC: linux-fsdevel@vger.kernel.org
CC: audit@vger.kernel.org
CC: linux-arch@vger.kernel.org
CC: linux-api@vger.kernel.org
CC: linux-security-module@vger.kernel.org
CC: selinux@vger.kernel.org
[brauner: slight tweaks]
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
||
|---|---|---|
| .. | ||
| alchemy | ||
| ath25 | ||
| ath79 | ||
| bcm47xx | ||
| bcm63xx | ||
| bmips | ||
| boot | ||
| cavium-octeon | ||
| cobalt | ||
| configs | ||
| crypto | ||
| dec | ||
| fw | ||
| generic | ||
| include | ||
| ingenic | ||
| jazz | ||
| kernel | ||
| kvm | ||
| lantiq | ||
| lib | ||
| loongson2ef | ||
| loongson32 | ||
| loongson64 | ||
| math-emu | ||
| mm | ||
| mobileye | ||
| mti-malta | ||
| n64 | ||
| net | ||
| pci | ||
| pic32 | ||
| power | ||
| ralink | ||
| rb532 | ||
| sgi-ip22 | ||
| sgi-ip27 | ||
| sgi-ip30 | ||
| sgi-ip32 | ||
| sibyte | ||
| sni | ||
| tools | ||
| txx9 | ||
| vdso | ||
| Kbuild | ||
| Kbuild.platforms | ||
| Kconfig | ||
| Kconfig.debug | ||
| Makefile | ||
| Makefile.postlink | ||