linux/scripts
Christian Göttsche 6140be90ec fs/xattr: add *at family syscalls
Add the four syscalls setxattrat(), getxattrat(), listxattrat() and
removexattrat().  Those can be used to operate on extended attributes,
especially security related ones, either relative to a pinned directory
or on a file descriptor without read access, avoiding a
/proc/<pid>/fd/<fd> detour, requiring a mounted procfs.

One use case will be setfiles(8) setting SELinux file contexts
("security.selinux") without race conditions and without a file
descriptor opened with read access requiring SELinux read permission.

Use the do_{name}at() pattern from fs/open.c.

Pass the value of the extended attribute, its length, and for
setxattrat(2) the command (XATTR_CREATE or XATTR_REPLACE) via an added
struct xattr_args to not exceed six syscall arguments and not
merging the AT_* and XATTR_* flags.

[AV: fixes by Christian Brauner folded in, the entire thing rebased on
top of {filename,file}_...xattr() primitives, treatment of empty
pathnames regularized.  As the result, AT_EMPTY_PATH+NULL handling
is cheap, so f...(2) can use it]

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Link: https://lore.kernel.org/r/20240426162042.191916-1-cgoettsche@seltendoof.de
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Christian Brauner <brauner@kernel.org>
CC: x86@kernel.org
CC: linux-alpha@vger.kernel.org
CC: linux-kernel@vger.kernel.org
CC: linux-arm-kernel@lists.infradead.org
CC: linux-ia64@vger.kernel.org
CC: linux-m68k@lists.linux-m68k.org
CC: linux-mips@vger.kernel.org
CC: linux-parisc@vger.kernel.org
CC: linuxppc-dev@lists.ozlabs.org
CC: linux-s390@vger.kernel.org
CC: linux-sh@vger.kernel.org
CC: sparclinux@vger.kernel.org
CC: linux-fsdevel@vger.kernel.org
CC: audit@vger.kernel.org
CC: linux-arch@vger.kernel.org
CC: linux-api@vger.kernel.org
CC: linux-security-module@vger.kernel.org
CC: selinux@vger.kernel.org
[brauner: slight tweaks]
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2024-11-06 12:59:44 -05:00
..
atomic locking/atomic: scripts: fix ${atomic}_sub_and_test() kerneldoc 2024-06-05 15:52:34 +02:00
basic fixdep: use xmalloc() 2024-09-01 20:34:49 +09:00
clang-tools gen_compile_commands: fix invalid escape sequence warning 2024-02-15 06:57:19 +09:00
coccinelle Reduce Coccinelle choices in string_choices.cocci 2024-09-28 21:33:11 +02:00
dtc dt: dt-extract-compatibles: Extract compatibles from function parameters 2024-09-05 10:17:03 -05:00
dummy-tools kbuild: dummy-tools: pretend we understand -fpatchable-function-entry 2023-11-01 23:24:56 +09:00
gcc-plugins gcc-plugins: randstruct: Remove GCC 4.7 or newer requirement 2024-08-05 14:34:23 -07:00
gdb scripts/gdb: add 'lx-kasan_mem_to_shadow' command 2024-09-01 20:43:29 -07:00
genksyms kbuild: use $(src) instead of $(srctree)/$(src) for source directory 2024-05-10 04:34:52 +09:00
include kconfig: use hash table to reuse expressions 2024-09-20 09:21:52 +09:00
ipe scripts: add boot policy generation program 2024-08-20 14:03:39 -04:00
kconfig kconfig: cache expression values 2024-09-20 09:21:53 +09:00
ksymoops
mod Char/Misc and other driver changes for 6.12-rc1 2024-09-26 10:13:08 -07:00
package kbuild: add debug package to pacman PKGBUILD 2024-09-07 17:24:08 +09:00
selinux
tracing tracing: Always use canonical ftrace path 2023-02-18 14:34:09 -05:00
.gitignore rust: support running Rust documentation tests as KUnit ones 2023-07-19 09:32:53 -06:00
as-version.sh kbuild: Update assembler calls to use proper flags and language target 2023-01-26 12:41:38 +09:00
asn1_compiler.c ASN.1: Fix check for strdup() success 2023-04-21 08:58:00 -07:00
bloat-o-meter scripts/bloat-o-meter: count weak symbol sizes 2023-08-21 13:46:25 -07:00
bootgraph.pl
bpf_doc.py scripts/bpf_doc: Use silent mode when exec make cmd 2024-03-15 14:46:31 +01:00
build-version kbuild: move init/build-version to scripts/ 2024-07-16 01:08:37 +09:00
cc-can-link.sh
cc-version.sh scripts: Remove ICC-related dead code 2023-04-24 10:18:32 -07:00
check_extable.sh
check-git kbuild: use git-archive for source package creation 2023-03-16 22:46:12 +09:00
check-sysctl-docs scripts: check-sysctl-docs: handle per-namespace sysctls 2024-02-23 12:13:09 +01:00
check-uapi.sh check-uapi: Introduce check-uapi.sh 2023-12-29 22:25:20 +09:00
check-variable-fonts.sh docs: scripts/check-variable-fonts.sh: Improve commands for detection 2024-05-02 10:14:52 -06:00
checkdeclares.pl
checkincludes.pl
checkkconfigsymbols.py scripts: handle BrokenPipeError for python scripts 2023-01-26 12:43:33 +09:00
checkpatch.pl net: drop special comment style 2024-08-23 10:21:02 +01:00
checkstack.pl scripts/checkstack.pl: fix no space expression between sp and offset 2023-12-29 12:22:28 -08:00
checksyscalls.sh checksyscalls: ignore fstat to silence build warning on LoongArch 2023-03-23 17:18:32 -07:00
checktransupdate.py scripts: fix all issues reported by pylint 2024-07-29 15:34:22 -06:00
checkversion.pl
cleanfile
cleanpatch
coccicheck scripts: coccicheck: Use /usr/bin/env 2023-02-25 20:11:06 +01:00
config
const_structs.checkpatch sound updates for 6.11-rc1 2024-07-19 12:39:34 -07:00
decode_stacktrace.sh scripts/decode_stacktrace.sh: add '-h' flag 2024-09-01 20:43:41 -07:00
decodecode scripts/decodecode: add support for LoongArch 2023-12-29 12:22:25 -08:00
depmod.sh kbuild: move depmod rule to scripts/Makefile.modinst 2023-08-29 22:38:23 +09:00
dev-needs.sh
diffconfig scripts: handle BrokenPipeError for python scripts 2023-01-26 12:43:33 +09:00
documentation-file-ref-check
export_report.pl
extract_xc3028.pl
extract-ikconfig
extract-module-sig.pl
extract-sys-certs.pl
extract-vmlinux
faddr2line scripts/faddr2line: Check only two symbols when calculating symbol size 2024-07-02 23:38:37 -07:00
file-size.sh
find-unused-docs.sh
gcc-x86_32-has-stack-protector.sh kbuild: Fix '-S -c' in x86 stack protector scripts 2024-07-29 03:47:00 +09:00
gcc-x86_64-has-stack-protector.sh kbuild: Fix '-S -c' in x86 stack protector scripts 2024-07-29 03:47:00 +09:00
gen-randstruct-seed.sh
generate_builtin_ranges.awk kbuild: generate offset range data for builtin modules 2024-09-20 09:21:43 +09:00
generate_initcall_order.pl
generate_rust_analyzer.py rust: Support latest version of rust-analyzer 2024-08-07 01:16:52 +02:00
generate_rust_target.rs kbuild: rust: Enable KASAN support 2024-09-16 18:04:37 +02:00
get_abi.pl scripts/get_abi.pl: ignore some temp files 2024-01-03 14:02:17 -07:00
get_dvb_firmware
get_feat.pl
get_maintainer.pl get_maintainer: add --bug option to print bug reporting info 2024-08-26 16:10:12 -06:00
gfp-translate scripts: fix gfp-translate after ___GFP_*_BITS conversion to an enum 2024-09-01 17:59:01 -07:00
git.orderFile scripts: Introduce a default git.orderFile 2023-12-29 22:25:20 +09:00
head-object-list.txt powerpc: Remove core support for 40x 2024-06-28 22:28:47 +10:00
headerdep.pl
headers_install.sh m68k: Avoid CONFIG_COLDFIRE switch in uapi header 2024-05-07 08:55:23 +10:00
insert-sys-cert.c
install.sh kbuild: Create INSTALL_PATH directory if it does not exist 2024-07-20 13:34:54 +09:00
jobserver-exec scripts: support GNU make 4.4 in jobserver-exec 2023-01-16 20:15:20 +09:00
kallsyms.c kallsyms: change overflow variable to bool type 2024-09-20 09:21:52 +09:00
Kbuild.include kbuild: raise the minimum GNU Make requirement to 4.0 2024-07-16 16:07:14 +09:00
Kconfig.include kbuild: rust: Define probing macros for rustc 2024-09-16 18:04:37 +02:00
kernel-doc mm/slab: Plumb kmem_buckets into __do_kmalloc_node() 2024-07-03 12:24:19 +02:00
ld-version.sh kbuild: Make ld-version.sh more robust against version string changes 2024-07-15 03:13:32 +09:00
leaking_addresses.pl leaking_addresses: Provide mechanism to scan binary files 2024-02-29 13:38:03 -08:00
Lindent
link-vmlinux.sh Kbuild updates for v6.12 2024-09-24 13:02:06 -07:00
macro_checker.py scripts: add macro_checker script to check unused parameters in macros 2024-09-01 20:43:28 -07:00
make_fit.py scripts/make_fit: Support decomposing DTBs 2024-07-16 01:08:37 +09:00
Makefile scripts: add boot policy generation program 2024-08-20 14:03:39 -04:00
Makefile.asm-headers kbuild: fix rebuild of generic syscall headers 2024-07-18 10:01:55 -07:00
Makefile.btf kbuild,bpf: Add module-specific pahole flags for distilled base BTF 2024-06-21 14:45:07 -07:00
Makefile.build Rust changes for v6.12 2024-09-25 10:25:40 -07:00
Makefile.clang Kbuild updates for v6.5 2023-07-01 09:24:31 -07:00
Makefile.clean kbuild: use $(src) instead of $(srctree)/$(src) for source directory 2024-05-10 04:34:52 +09:00
Makefile.compiler kbuild: rust: Define probing macros for rustc 2024-09-16 18:04:37 +02:00
Makefile.debug kbuild: rust: use -Zdebuginfo-compression 2024-04-02 17:41:22 +02:00
Makefile.defconf kbuild: defconf: use SRCARCH to find merged configs 2024-01-28 01:13:37 +09:00
Makefile.dtbinst kbuild: Install dtb files as 0644 in Makefile.dtbinst 2024-06-26 00:18:57 +09:00
Makefile.dtbs kbuild: split device tree build rules into scripts/Makefile.dtbs 2024-09-09 23:42:13 +09:00
Makefile.extrawarn kbuild: enable -Wcast-function-type-strict unconditionally 2024-05-19 14:36:16 -07:00
Makefile.gcc-plugins
Makefile.headersinst
Makefile.host kbuild: add intermediate targets for Flex/Bison in scripts/Makefile.host 2024-09-08 12:15:46 +09:00
Makefile.kasan kbuild: rust: Enable KASAN support 2024-09-16 18:04:37 +02:00
Makefile.kcov
Makefile.kcsan
Makefile.kmsan
Makefile.lib Rust changes for v6.12 2024-09-25 10:25:40 -07:00
Makefile.modfinal kbuild: remove append operation on cmd_ld_ko_o 2024-09-20 09:21:53 +09:00
Makefile.modinst Modules changes for v6.12-rc1 2024-09-28 09:06:15 -07:00
Makefile.modpost Kbuild updates for v6.10 2024-05-18 12:39:20 -07:00
Makefile.package kbuild: pacman-pkg: do not override objtree 2024-09-01 20:34:49 +09:00
Makefile.randstruct
Makefile.ubsan ubsan: Reintroduce signed overflow sanitizer 2024-02-20 20:44:49 -08:00
Makefile.userprogs kbuild: support 'userldlibs' syntax 2023-11-01 23:26:01 +09:00
Makefile.vdsoinst more s390 updates for 6.10 merge window 2024-05-21 12:09:36 -07:00
Makefile.vmlinux kbuild: generate offset range data for builtin modules 2024-09-20 09:21:43 +09:00
Makefile.vmlinux_o kbuild: generate offset range data for builtin modules 2024-09-20 09:21:43 +09:00
makelst
markup_oops.pl
min-tool-version.sh rust: upgrade to Rust 1.78.0 2024-05-05 20:17:25 +02:00
misc-check kbuild: make W=1 warn files that are tracked but ignored by git 2023-01-22 23:43:33 +09:00
mkcompile_h
mksysmap kbuild: change scripts/mksysmap into sed script 2024-05-29 16:40:03 +09:00
mkuboot.sh
module-common.c kbuild: compile constant module information only once 2024-09-07 17:24:08 +09:00
module.lds.S The usual shower of singleton fixes and minor series all over MM, 2024-05-19 09:21:03 -07:00
modules-check.sh kbuild: change module.order to list *.o instead of *.ko 2022-12-14 15:42:40 +09:00
nsdeps
objdiff
objdump-func scripts/objdump-func: Support multiple functions 2023-04-14 16:08:28 +02:00
orc_hash.sh x86/unwind/orc: Add ELF section with ORC version identifier 2023-06-16 17:17:42 +02:00
pahole-version.sh
parse-maintainers.pl
patch-kernel
profile2linkerlist.pl
prune-kernel
recordmcount.c scripts: clean up IA-64 code 2023-12-03 18:51:48 +09:00
recordmcount.h
recordmcount.pl riscv: remove MCOUNT_NAME workaround 2024-02-22 15:38:54 -08:00
relocs_check.sh powerpc: Move script to check relocations at compile time in scripts/ 2023-04-19 07:46:31 -07:00
remove-stale-files fortify: refactor test_fortify Makefile to fix some build problems 2024-08-15 09:26:02 -07:00
rust_is_available_bindgen_0_66.h rust: warn about bindgen versions 0.66.0 and 0.66.1 2024-07-10 10:28:52 +02:00
rust_is_available_bindgen_libclang.h
rust_is_available_test.py rust: warn about bindgen versions 0.66.0 and 0.66.1 2024-07-10 10:28:52 +02:00
rust_is_available.sh rust: warn about bindgen versions 0.66.0 and 0.66.1 2024-07-10 10:28:52 +02:00
rustc-version.sh kbuild: rust: add CONFIG_RUSTC_VERSION 2024-09-05 22:44:18 +02:00
rustdoc_test_builder.rs rust: support running Rust documentation tests as KUnit ones 2023-07-19 09:32:53 -06:00
rustdoc_test_gen.rs rust: support running Rust documentation tests as KUnit ones 2023-07-19 09:32:53 -06:00
setlocalversion scripts/setlocalversion: also consider annotated tags of the form vx.y.z-${file_localversion} 2023-08-08 01:08:54 +09:00
show_delta scripts/show_delta: add __main__ judgement before main code 2023-10-18 14:43:23 -07:00
sign-file.c sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3 2024-09-20 19:52:48 +03:00
sorttable.c LoongArch: extable: Add type and data fields 2022-12-14 08:36:11 +08:00
sorttable.h x86,objtool: Split UNWIND_HINT_EMPTY in two 2023-03-23 23:18:58 +01:00
spdxcheck-test.sh
spdxcheck.py scripts/spdxcheck: Add count of missing files to stats output 2024-05-04 19:00:54 +02:00
spdxexclude
spelling.txt kernel-wide: fix spelling mistakes like "assocative" -> "associative" 2024-06-28 19:36:28 -07:00
sphinx-pre-install scripts: sphinx-pre-install: remove unnecessary double check for $cur_version 2024-09-05 14:32:36 -06:00
split-man.pl
ssl-common.h sign-file,extract-cert: avoid using deprecated ERR_get_error_line() 2024-09-20 19:49:52 +03:00
stackdelta
stackusage
subarch.include scripts: subarch.include: fix SUBARCH on macOS hosts 2024-09-10 13:56:37 +09:00
syscall.tbl fs/xattr: add *at family syscalls 2024-11-06 12:59:44 -05:00
syscallhdr.sh
syscallnr.sh
syscalltbl.sh x86/syscall: Mark exit[_group] syscall handlers __noreturn 2024-06-28 15:23:38 +02:00
tags.sh scripts/tags.sh: remove find_sources 2024-01-04 17:01:15 +01:00
tools-support-relr.sh Makefile: use -z pack-relative-relocs 2023-04-17 11:23:06 +09:00
unifdef.c scripts/unifdef: avoid constexpr keyword 2024-04-23 00:09:41 +09:00
ver_linux
verify_builtin_ranges.awk scripts: add verifier script for builtin module range data 2024-09-20 09:21:52 +09:00
xen-hypercalls.sh
xz_wrap.sh xz: adjust arch-specific options for better kernel compression 2024-09-01 20:43:27 -07:00