mirror of
https://github.com/torvalds/linux.git
synced 2025-11-03 01:59:51 +02:00
6140be90ec
Add the four syscalls setxattrat(), getxattrat(), listxattrat() and
removexattrat(). Those can be used to operate on extended attributes,
especially security related ones, either relative to a pinned directory
or on a file descriptor without read access, avoiding a
/proc/<pid>/fd/<fd> detour, requiring a mounted procfs.
One use case will be setfiles(8) setting SELinux file contexts
("security.selinux") without race conditions and without a file
descriptor opened with read access requiring SELinux read permission.
Use the do_{name}at() pattern from fs/open.c.
Pass the value of the extended attribute, its length, and for
setxattrat(2) the command (XATTR_CREATE or XATTR_REPLACE) via an added
struct xattr_args to not exceed six syscall arguments and not
merging the AT_* and XATTR_* flags.
[AV: fixes by Christian Brauner folded in, the entire thing rebased on
top of {filename,file}_...xattr() primitives, treatment of empty
pathnames regularized. As the result, AT_EMPTY_PATH+NULL handling
is cheap, so f...(2) can use it]
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Link: https://lore.kernel.org/r/20240426162042.191916-1-cgoettsche@seltendoof.de
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Christian Brauner <brauner@kernel.org>
CC: x86@kernel.org
CC: linux-alpha@vger.kernel.org
CC: linux-kernel@vger.kernel.org
CC: linux-arm-kernel@lists.infradead.org
CC: linux-ia64@vger.kernel.org
CC: linux-m68k@lists.linux-m68k.org
CC: linux-mips@vger.kernel.org
CC: linux-parisc@vger.kernel.org
CC: linuxppc-dev@lists.ozlabs.org
CC: linux-s390@vger.kernel.org
CC: linux-sh@vger.kernel.org
CC: sparclinux@vger.kernel.org
CC: linux-fsdevel@vger.kernel.org
CC: audit@vger.kernel.org
CC: linux-arch@vger.kernel.org
CC: linux-api@vger.kernel.org
CC: linux-security-module@vger.kernel.org
CC: selinux@vger.kernel.org
[brauner: slight tweaks]
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
39 lines
584 B
C
39 lines
584 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifdef __NR_chmod
|
|
__NR_chmod,
|
|
#endif
|
|
__NR_fchmod,
|
|
#ifdef __NR_chown
|
|
__NR_chown,
|
|
__NR_lchown,
|
|
#endif
|
|
#ifdef __NR_fchown
|
|
__NR_fchown,
|
|
#endif
|
|
__NR_setxattr,
|
|
#ifdef __NR_setxattrat
|
|
__NR_setxattrat,
|
|
#endif
|
|
__NR_lsetxattr,
|
|
__NR_fsetxattr,
|
|
__NR_removexattr,
|
|
#ifdef __NR_removexattrat
|
|
__NR_removexattrat,
|
|
#endif
|
|
__NR_lremovexattr,
|
|
__NR_fremovexattr,
|
|
#ifdef __NR_fchownat
|
|
__NR_fchownat,
|
|
__NR_fchmodat,
|
|
#endif
|
|
#ifdef __NR_chown32
|
|
__NR_chown32,
|
|
__NR_fchown32,
|
|
__NR_lchown32,
|
|
#endif
|
|
#ifdef __NR_link
|
|
__NR_link,
|
|
#endif
|
|
#ifdef __NR_linkat
|
|
__NR_linkat,
|
|
#endif
|