mirror of
https://github.com/torvalds/linux.git
synced 2024-11-28 23:21:31 +00:00
6140be90ec
Add the four syscalls setxattrat(), getxattrat(), listxattrat() and
removexattrat(). Those can be used to operate on extended attributes,
especially security related ones, either relative to a pinned directory
or on a file descriptor without read access, avoiding a
/proc/<pid>/fd/<fd> detour, requiring a mounted procfs.
One use case will be setfiles(8) setting SELinux file contexts
("security.selinux") without race conditions and without a file
descriptor opened with read access requiring SELinux read permission.
Use the do_{name}at() pattern from fs/open.c.
Pass the value of the extended attribute, its length, and for
setxattrat(2) the command (XATTR_CREATE or XATTR_REPLACE) via an added
struct xattr_args to not exceed six syscall arguments and not
merging the AT_* and XATTR_* flags.
[AV: fixes by Christian Brauner folded in, the entire thing rebased on
top of {filename,file}_...xattr() primitives, treatment of empty
pathnames regularized. As the result, AT_EMPTY_PATH+NULL handling
is cheap, so f...(2) can use it]
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Link: https://lore.kernel.org/r/20240426162042.191916-1-cgoettsche@seltendoof.de
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Christian Brauner <brauner@kernel.org>
CC: x86@kernel.org
CC: linux-alpha@vger.kernel.org
CC: linux-kernel@vger.kernel.org
CC: linux-arm-kernel@lists.infradead.org
CC: linux-ia64@vger.kernel.org
CC: linux-m68k@lists.linux-m68k.org
CC: linux-mips@vger.kernel.org
CC: linux-parisc@vger.kernel.org
CC: linuxppc-dev@lists.ozlabs.org
CC: linux-s390@vger.kernel.org
CC: linux-sh@vger.kernel.org
CC: sparclinux@vger.kernel.org
CC: linux-fsdevel@vger.kernel.org
CC: audit@vger.kernel.org
CC: linux-arch@vger.kernel.org
CC: linux-api@vger.kernel.org
CC: linux-security-module@vger.kernel.org
CC: selinux@vger.kernel.org
[brauner: slight tweaks]
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
||
|---|---|---|
| .. | ||
| syscalls | ||
| .gitignore | ||
| asm-offsets.c | ||
| bootinfo_proc.c | ||
| dma.c | ||
| early_printk.c | ||
| entry.S | ||
| head.S | ||
| ints.c | ||
| ints.h | ||
| irq.c | ||
| machine_kexec.c | ||
| Makefile | ||
| module.c | ||
| pcibios.c | ||
| process.c | ||
| process.h | ||
| ptrace.c | ||
| ptrace.h | ||
| relocate_kernel.S | ||
| setup_mm.c | ||
| setup_no.c | ||
| setup.c | ||
| signal.c | ||
| signal.h | ||
| sun3-head.S | ||
| sys_m68k.c | ||
| syscalltable.S | ||
| time.c | ||
| traps.c | ||
| traps.h | ||
| uboot.c | ||
| vectors.c | ||
| vectors.h | ||
| vmlinux-nommu.lds | ||
| vmlinux-std.lds | ||
| vmlinux-sun3.lds | ||
| vmlinux.lds.S | ||