2020-05-27 09:54:50

by Gao Xiang

[permalink] [raw]
Subject: [PATCH] xattr: fix EOPNOTSUPP if fs and security xattrs disabled

commit f549d6c18c0e ("[PATCH] Generic VFS fallback for security xattrs")
introduces a behavior change of listxattr path therefore listxattr(2)
won't report EOPNOTSUPP correctly if fs and security xattrs disabled.
However it was clearly recorded in manpage all the time.

Cc: Alexander Viro <[email protected]>
Cc: Stephen Smalley <[email protected]>
Cc: Chengguang Xu <[email protected]>
Cc: Chao Yu <[email protected]>
Signed-off-by: Gao Xiang <[email protected]>
---

Noticed when reviewing Chengguang's patch for erofs [1] (together
with ext2, f2fs). I'm not sure if it's the best approach but it
seems that security_inode_listsecurity() has other users and it
mainly focus on reporting these security xattrs...

[1] https://lore.kernel.org/r/[email protected]

Thanks,
Gao Xiang

fs/xattr.c | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/fs/xattr.c b/fs/xattr.c
index 91608d9bfc6a..f339a67db521 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -352,13 +352,15 @@ vfs_listxattr(struct dentry *dentry, char *list, size_t size)
error = security_inode_listxattr(dentry);
if (error)
return error;
- if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) {
- error = inode->i_op->listxattr(dentry, list, size);
- } else {
- error = security_inode_listsecurity(inode, list, size);
- if (size && error > size)
- error = -ERANGE;
- }
+
+ if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR))
+ return inode->i_op->listxattr(dentry, list, size);
+
+ if (!IS_ENABLED(CONFIG_SECURITY))
+ return -EOPNOTSUPP;
+ error = security_inode_listsecurity(inode, list, size);
+ if (size && error > size)
+ error = -ERANGE;
return error;
}
EXPORT_SYMBOL_GPL(vfs_listxattr);
--
2.24.0


2020-06-23 10:16:22

by Gao Xiang

[permalink] [raw]
Subject: Re: [PATCH] xattr: fix EOPNOTSUPP if fs and security xattrs disabled

Friendly ping...

On Wed, May 27, 2020 at 12:40:37PM +0800, Gao Xiang wrote:
> commit f549d6c18c0e ("[PATCH] Generic VFS fallback for security xattrs")
> introduces a behavior change of listxattr path therefore listxattr(2)
> won't report EOPNOTSUPP correctly if fs and security xattrs disabled.
> However it was clearly recorded in manpage all the time.
>
> Cc: Alexander Viro <[email protected]>
> Cc: Stephen Smalley <[email protected]>
> Cc: Chengguang Xu <[email protected]>
> Cc: Chao Yu <[email protected]>
> Signed-off-by: Gao Xiang <[email protected]>
> ---
>
> Noticed when reviewing Chengguang's patch for erofs [1] (together
> with ext2, f2fs). I'm not sure if it's the best approach but it
> seems that security_inode_listsecurity() has other users and it
> mainly focus on reporting these security xattrs...
>
> [1] https://lore.kernel.org/r/[email protected]
>
> Thanks,
> Gao Xiang
>
> fs/xattr.c | 16 +++++++++-------
> 1 file changed, 9 insertions(+), 7 deletions(-)
>
> diff --git a/fs/xattr.c b/fs/xattr.c
> index 91608d9bfc6a..f339a67db521 100644
> --- a/fs/xattr.c
> +++ b/fs/xattr.c
> @@ -352,13 +352,15 @@ vfs_listxattr(struct dentry *dentry, char *list, size_t size)
> error = security_inode_listxattr(dentry);
> if (error)
> return error;
> - if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) {
> - error = inode->i_op->listxattr(dentry, list, size);
> - } else {
> - error = security_inode_listsecurity(inode, list, size);
> - if (size && error > size)
> - error = -ERANGE;
> - }
> +
> + if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR))
> + return inode->i_op->listxattr(dentry, list, size);
> +
> + if (!IS_ENABLED(CONFIG_SECURITY))
> + return -EOPNOTSUPP;
> + error = security_inode_listsecurity(inode, list, size);
> + if (size && error > size)
> + error = -ERANGE;
> return error;
> }
> EXPORT_SYMBOL_GPL(vfs_listxattr);
> --
> 2.24.0
>